From 24936213eb993119fa7beac1ad43774c3c8422ea Mon Sep 17 00:00:00 2001 From: Luca Boccassi Date: Sun, 22 Dec 2024 13:57:12 +0000 Subject: [PATCH 1/1] Import systemd_257.1-4.debian.tar.xz [dgit import tarball systemd 257.1-4 systemd_257.1-4.debian.tar.xz] --- NEWS | 223 + README.Debian | 112 + README.source | 103 + changelog | 9411 +++++++++++++++++ clean | 5 + control | 680 ++ copyright | 286 + extra/checkout-upstream | 154 + .../system.d/systemd-localed-read-only.conf | 23 + extra/dhclient-exit-hooks.d/timesyncd | 52 + extra/fbdev-blacklist.conf | 20 + extra/gen-signing-template | 45 + extra/init-functions.d/40-systemd | 101 + extra/initramfs-tools/hooks/udev | 81 + .../initramfs-tools/scripts/init-bottom/udev | 31 + extra/initramfs-tools/scripts/init-top/udev | 31 + extra/initramfs/post-update.d/systemd-boot | 11 + extra/journald.conf.d/syslog.conf | 5 + extra/kernel-install.d/55-initrd.install | 26 + extra/kernel/postinst.d/zz-systemd-boot | 11 + extra/kernel/postrm.d/zz-systemd-boot | 11 + extra/limits.d/10-coredump-debian.conf | 4 + extra/limits.d/20-coredump-debian.conf | 2 + extra/make-fbdev-blacklist | 52 + extra/make-sysusers-basic | 18 + extra/modprobe.d-udeb/scsi-mod-scan-sync.conf | 4 + extra/network/73-usb-net-by-mac.link | 6 + extra/pam-configs/systemd | 7 + extra/pam-configs/systemd-homed | 15 + extra/pam.d/systemd-user | 13 + extra/resolved.conf.d/cache-no-negative.conf | 4 + extra/rules-ubuntu/40-vm-hotadd.rules | 14 + .../61-persistent-storage-android.rules | 6 + .../71-power-switch-proliant.rules | 2 + extra/rules-ubuntu/78-graphics-card.rules | 30 + extra/rules/50-firmware.rules | 3 + extra/rules/73-special-net-names.rules | 14 + extra/rules/80-debian-compat.rules | 16 + extra/start-udev | 23 + extra/sysctl.d/10-coredump-debian.conf | 1 + extra/system.conf.d/10-coredump-debian.conf | 2 + extra/system.conf.d/20-coredump-debian.conf | 2 + .../10-oomd-root-slice-defaults.conf | 2 + .../oomd.conf.d/10-oomd-defaults.conf | 2 + .../10-oomd-user-service-defaults.conf | 3 + extra/systemd-sysv-install | 56 + extra/systemd.py | 28 + extra/tmpfiles.d/debian.conf | 17 + extra/udev.py | 19 + .../systemd-journald.service.d/nice.conf | 4 + .../units-ubuntu/user@.service.d/timeout.conf | 4 + extra/units/getty-static.service | 10 + extra/units/rc-local.service.d/debian.conf | 10 + extra/units/run-lock.mount | 14 + .../10-skip-fsck-initramfs.conf | 2 + .../x11-keyboard.conf | 4 + .../units/systemd-logind.service.d/dbus.conf | 9 + .../syscall-architecture.conf | 7 + extra/user.conf.d/10-coredump-debian.conf | 2 + extra/user.conf.d/20-coredump-debian.conf | 2 + gbp.conf | 14 + git-cherry-pick | 53 + libnss-myhostname.install | 1 + libnss-myhostname.lintian-overrides | 2 + libnss-myhostname.manpages | 2 + libnss-myhostname.nss | 1 + libnss-mymachines.install | 1 + libnss-mymachines.lintian-overrides | 2 + libnss-mymachines.manpages | 2 + libnss-mymachines.nss | 1 + libnss-resolve.install | 1 + libnss-resolve.lintian-overrides | 2 + libnss-resolve.manpages | 2 + libnss-resolve.nss | 1 + libnss-systemd.install | 1 + libnss-systemd.lintian-overrides | 2 + libnss-systemd.manpages | 2 + libnss-systemd.nss | 4 + libpam-systemd.install | 3 + libpam-systemd.lintian-overrides | 2 + libpam-systemd.manpages | 1 + libpam-systemd.postinst | 7 + libpam-systemd.prerm | 20 + libsystemd-dev.install | 4 + libsystemd-dev.manpages | 3 + libsystemd-shared.install | 2 + libsystemd-shared.lintian-overrides | 2 + libsystemd0.install | 1 + libsystemd0.symbols | 894 ++ libudev-dev.install | 3 + libudev-dev.manpages | 2 + libudev1-udeb.install | 1 + libudev1.install | 1 + libudev1.symbols | 100 + not-installed | 14 + patches/series | 1 + ...-create-question-for-compat-with-new.patch | 55 + rules | 328 + salsa-ci.yml | 14 + shlibs.local.in | 4 + signing-template/README.source | 4 + signing-template/control | 25 + signing-template/install | 1 + signing-template/rules | 18 + signing-template/source/format | 1 + signing-template/triggers | 1 + source/format | 1 + source/lintian-overrides | 7 + ...fi-amd64-signed-template.lintian-overrides | 1 + ...fi-arm64-signed-template.lintian-overrides | 1 + systemd-boot-efi.install | 1 + systemd-boot.install | 13 + systemd-boot.lintian-overrides | 2 + systemd-boot.maintscript | 2 + systemd-boot.manpages | 11 + systemd-boot.postinst | 252 + systemd-boot.prerm | 111 + systemd-boot.triggers | 2 + systemd-container.install | 68 + systemd-container.lintian-overrides | 6 + systemd-container.manpages | 32 + systemd-coredump.install | 12 + systemd-coredump.lintian-overrides | 3 + systemd-coredump.manpages | 3 + systemd-coredump.postinst | 13 + systemd-coredump.prerm | 15 + systemd-cryptsetup.install | 25 + systemd-cryptsetup.lintian-overrides | 2 + systemd-cryptsetup.manpages | 12 + systemd-dev.install | 4 + systemd-homed.install | 14 + systemd-homed.lintian-overrides | 6 + systemd-homed.manpages | 1 + systemd-homed.postinst | 26 + systemd-homed.prerm | 20 + systemd-homed.triggers | 1 + systemd-journal-remote.install | 17 + systemd-journal-remote.lintian-overrides | 4 + systemd-journal-remote.manpages | 12 + systemd-oomd.install | 13 + systemd-oomd.lintian-overrides | 3 + systemd-oomd.manpages | 1 + systemd-oomd.postinst | 12 + systemd-repart.install | 8 + systemd-repart.manpages | 6 + systemd-resolved.install | 13 + systemd-resolved.lintian-overrides | 2 + systemd-resolved.manpages | 4 + systemd-resolved.postinst | 38 + systemd-resolved.postrm | 24 + systemd-standalone-shutdown.install | 2 + systemd-standalone-shutdown.lintian-overrides | 2 + systemd-standalone-shutdown.manpages | 1 + systemd-standalone-sysusers.install | 2 + systemd-standalone-sysusers.manpages | 2 + systemd-standalone-tmpfiles.install | 2 + systemd-standalone-tmpfiles.manpages | 2 + systemd-sysv.install | 7 + systemd-sysv.manpages | 7 + systemd-sysv.postinst | 27 + systemd-tests.install | 1 + systemd-tests.lintian-overrides | 13 + systemd-timesyncd.install | 10 + systemd-timesyncd.lintian-overrides | 2 + systemd-timesyncd.manpages | 8 + systemd-timesyncd.postinst | 26 + systemd-timesyncd.postrm | 11 + systemd-ukify.install | 4 + systemd-ukify.manpages | 1 + systemd-userdbd.install | 8 + systemd-userdbd.lintian-overrides | 2 + systemd-userdbd.manpages | 1 + systemd.bug-control | 1 + systemd.bug-presubj | 8 + systemd.bug-script | 45 + systemd.dirs | 1 + systemd.install | 528 + systemd.links | 22 + systemd.lintian-overrides | 10 + systemd.maintscript | 1 + systemd.manpages | 260 + systemd.postinst | 119 + systemd.postrm | 40 + systemd.preinst | 57 + systemd.prerm | 15 + systemd.triggers | 4 + tests/assert.sh | 34 + tests/boot-and-services | 523 + tests/boot-smoke | 95 + tests/build-login | 38 + tests/build-with-static-libsystemd | 38 + tests/control | 299 + tests/hostnamed | 22 + tests/lidswitch.evemu | 34 + tests/localed-locale | 77 + tests/localed-x11-keymap | 81 + tests/logind | 216 + tests/process-killer | 9 + tests/storage | 281 + tests/tests-in-lxd | 90 + tests/timedated | 186 + tests/unit-config | 370 + tests/unit-tests | 6 + tests/upstream | 161 + udev-udeb.dirs | 1 + udev-udeb.install | 22 + udev.README.Debian | 150 + udev.bug-control | 1 + udev.bug-script | 27 + udev.debian-udev.sysusers | 9 + udev.install | 68 + udev.links | 2 + udev.lintian-overrides | 4 + udev.maintscript | 1 + udev.manpages | 11 + udev.postinst | 25 + udev.postrm | 14 + udev.preinst | 57 + udev.triggers | 4 + upstream/metadata | 4 + watch | 3 + 221 files changed, 18500 insertions(+) create mode 100644 NEWS create mode 100644 README.Debian create mode 100644 README.source create mode 100644 changelog create mode 100644 clean create mode 100644 control create mode 100644 copyright create mode 100755 extra/checkout-upstream create mode 100644 extra/dbus-1/system.d/systemd-localed-read-only.conf create mode 100644 extra/dhclient-exit-hooks.d/timesyncd create mode 100644 extra/fbdev-blacklist.conf create mode 100755 extra/gen-signing-template create mode 100644 extra/init-functions.d/40-systemd create mode 100755 extra/initramfs-tools/hooks/udev create mode 100755 extra/initramfs-tools/scripts/init-bottom/udev create mode 100755 extra/initramfs-tools/scripts/init-top/udev create mode 100755 extra/initramfs/post-update.d/systemd-boot create mode 100644 extra/journald.conf.d/syslog.conf create mode 100755 extra/kernel-install.d/55-initrd.install create mode 100755 extra/kernel/postinst.d/zz-systemd-boot create mode 100755 extra/kernel/postrm.d/zz-systemd-boot create mode 100644 extra/limits.d/10-coredump-debian.conf create mode 100644 extra/limits.d/20-coredump-debian.conf create mode 100755 extra/make-fbdev-blacklist create mode 100755 extra/make-sysusers-basic create mode 100644 extra/modprobe.d-udeb/scsi-mod-scan-sync.conf create mode 100644 extra/network/73-usb-net-by-mac.link create mode 100644 extra/pam-configs/systemd create mode 100644 extra/pam-configs/systemd-homed create mode 100644 extra/pam.d/systemd-user create mode 100644 extra/resolved.conf.d/cache-no-negative.conf create mode 100644 extra/rules-ubuntu/40-vm-hotadd.rules create mode 100644 extra/rules-ubuntu/61-persistent-storage-android.rules create mode 100644 extra/rules-ubuntu/71-power-switch-proliant.rules create mode 100644 extra/rules-ubuntu/78-graphics-card.rules create mode 100644 extra/rules/50-firmware.rules create mode 100644 extra/rules/73-special-net-names.rules create mode 100644 extra/rules/80-debian-compat.rules create mode 100755 extra/start-udev create mode 100644 extra/sysctl.d/10-coredump-debian.conf create mode 100644 extra/system.conf.d/10-coredump-debian.conf create mode 100644 extra/system.conf.d/20-coredump-debian.conf create mode 100644 extra/systemd-oomd-defaults/-.slice.d/10-oomd-root-slice-defaults.conf create mode 100644 extra/systemd-oomd-defaults/oomd.conf.d/10-oomd-defaults.conf create mode 100644 extra/systemd-oomd-defaults/user@.service.d/10-oomd-user-service-defaults.conf create mode 100755 extra/systemd-sysv-install create mode 100644 extra/systemd.py create mode 100644 extra/tmpfiles.d/debian.conf create mode 100644 extra/udev.py create mode 100644 extra/units-ubuntu/systemd-journald.service.d/nice.conf create mode 100644 extra/units-ubuntu/user@.service.d/timeout.conf create mode 100644 extra/units/getty-static.service create mode 100644 extra/units/rc-local.service.d/debian.conf create mode 100644 extra/units/run-lock.mount create mode 100644 extra/units/systemd-fsck-root.service.d/10-skip-fsck-initramfs.conf create mode 100644 extra/units/systemd-localed.service.d/x11-keyboard.conf create mode 100644 extra/units/systemd-logind.service.d/dbus.conf create mode 100644 extra/units/systemd-udevd.service.d/syscall-architecture.conf create mode 100644 extra/user.conf.d/10-coredump-debian.conf create mode 100644 extra/user.conf.d/20-coredump-debian.conf create mode 100644 gbp.conf create mode 100755 git-cherry-pick create mode 100644 libnss-myhostname.install create mode 100644 libnss-myhostname.lintian-overrides create mode 100644 libnss-myhostname.manpages create mode 100644 libnss-myhostname.nss create mode 100644 libnss-mymachines.install create mode 100644 libnss-mymachines.lintian-overrides create mode 100644 libnss-mymachines.manpages create mode 100644 libnss-mymachines.nss create mode 100644 libnss-resolve.install create mode 100644 libnss-resolve.lintian-overrides create mode 100644 libnss-resolve.manpages create mode 100644 libnss-resolve.nss create mode 100644 libnss-systemd.install create mode 100644 libnss-systemd.lintian-overrides create mode 100644 libnss-systemd.manpages create mode 100644 libnss-systemd.nss create mode 100644 libpam-systemd.install create mode 100644 libpam-systemd.lintian-overrides create mode 100644 libpam-systemd.manpages create mode 100644 libpam-systemd.postinst create mode 100644 libpam-systemd.prerm create mode 100644 libsystemd-dev.install create mode 100644 libsystemd-dev.manpages create mode 100644 libsystemd-shared.install create mode 100644 libsystemd-shared.lintian-overrides create mode 100644 libsystemd0.install create mode 100644 libsystemd0.symbols create mode 100644 libudev-dev.install create mode 100644 libudev-dev.manpages create mode 100644 libudev1-udeb.install create mode 100644 libudev1.install create mode 100644 libudev1.symbols create mode 100644 not-installed create mode 100644 patches/series create mode 100644 patches/test-answer-2nd-mdadm-create-question-for-compat-with-new.patch create mode 100755 rules create mode 100644 salsa-ci.yml create mode 100644 shlibs.local.in create mode 100644 signing-template/README.source create mode 100644 signing-template/control create mode 100644 signing-template/install create mode 100755 signing-template/rules create mode 100644 signing-template/source/format create mode 100644 signing-template/triggers create mode 100644 source/format create mode 100644 source/lintian-overrides create mode 100644 systemd-boot-efi-amd64-signed-template.lintian-overrides create mode 100644 systemd-boot-efi-arm64-signed-template.lintian-overrides create mode 100644 systemd-boot-efi.install create mode 100644 systemd-boot.install create mode 100644 systemd-boot.lintian-overrides create mode 100644 systemd-boot.maintscript create mode 100644 systemd-boot.manpages create mode 100644 systemd-boot.postinst create mode 100644 systemd-boot.prerm create mode 100644 systemd-boot.triggers create mode 100755 systemd-container.install create mode 100644 systemd-container.lintian-overrides create mode 100755 systemd-container.manpages create mode 100644 systemd-coredump.install create mode 100644 systemd-coredump.lintian-overrides create mode 100644 systemd-coredump.manpages create mode 100644 systemd-coredump.postinst create mode 100644 systemd-coredump.prerm create mode 100644 systemd-cryptsetup.install create mode 100644 systemd-cryptsetup.lintian-overrides create mode 100644 systemd-cryptsetup.manpages create mode 100755 systemd-dev.install create mode 100644 systemd-homed.install create mode 100644 systemd-homed.lintian-overrides create mode 100644 systemd-homed.manpages create mode 100644 systemd-homed.postinst create mode 100644 systemd-homed.prerm create mode 100644 systemd-homed.triggers create mode 100644 systemd-journal-remote.install create mode 100644 systemd-journal-remote.lintian-overrides create mode 100644 systemd-journal-remote.manpages create mode 100644 systemd-oomd.install create mode 100644 systemd-oomd.lintian-overrides create mode 100644 systemd-oomd.manpages create mode 100644 systemd-oomd.postinst create mode 100755 systemd-repart.install create mode 100755 systemd-repart.manpages create mode 100644 systemd-resolved.install create mode 100644 systemd-resolved.lintian-overrides create mode 100644 systemd-resolved.manpages create mode 100644 systemd-resolved.postinst create mode 100644 systemd-resolved.postrm create mode 100755 systemd-standalone-shutdown.install create mode 100644 systemd-standalone-shutdown.lintian-overrides create mode 100644 systemd-standalone-shutdown.manpages create mode 100755 systemd-standalone-sysusers.install create mode 100644 systemd-standalone-sysusers.manpages create mode 100755 systemd-standalone-tmpfiles.install create mode 100644 systemd-standalone-tmpfiles.manpages create mode 100644 systemd-sysv.install create mode 100644 systemd-sysv.manpages create mode 100644 systemd-sysv.postinst create mode 100644 systemd-tests.install create mode 100644 systemd-tests.lintian-overrides create mode 100644 systemd-timesyncd.install create mode 100644 systemd-timesyncd.lintian-overrides create mode 100755 systemd-timesyncd.manpages create mode 100644 systemd-timesyncd.postinst create mode 100644 systemd-timesyncd.postrm create mode 100644 systemd-ukify.install create mode 100644 systemd-ukify.manpages create mode 100644 systemd-userdbd.install create mode 100644 systemd-userdbd.lintian-overrides create mode 100644 systemd-userdbd.manpages create mode 100644 systemd.bug-control create mode 100644 systemd.bug-presubj create mode 100644 systemd.bug-script create mode 100644 systemd.dirs create mode 100755 systemd.install create mode 100644 systemd.links create mode 100644 systemd.lintian-overrides create mode 100644 systemd.maintscript create mode 100755 systemd.manpages create mode 100644 systemd.postinst create mode 100644 systemd.postrm create mode 100644 systemd.preinst create mode 100644 systemd.prerm create mode 100644 systemd.triggers create mode 100644 tests/assert.sh create mode 100755 tests/boot-and-services create mode 100755 tests/boot-smoke create mode 100755 tests/build-login create mode 100755 tests/build-with-static-libsystemd create mode 100644 tests/control create mode 100755 tests/hostnamed create mode 100644 tests/lidswitch.evemu create mode 100755 tests/localed-locale create mode 100755 tests/localed-x11-keymap create mode 100755 tests/logind create mode 100755 tests/process-killer create mode 100755 tests/storage create mode 100644 tests/tests-in-lxd create mode 100755 tests/timedated create mode 100755 tests/unit-config create mode 100755 tests/unit-tests create mode 100755 tests/upstream create mode 100644 udev-udeb.dirs create mode 100644 udev-udeb.install create mode 100644 udev.README.Debian create mode 100644 udev.bug-control create mode 100644 udev.bug-script create mode 100644 udev.debian-udev.sysusers create mode 100755 udev.install create mode 100644 udev.links create mode 100644 udev.lintian-overrides create mode 100644 udev.maintscript create mode 100644 udev.manpages create mode 100644 udev.postinst create mode 100644 udev.postrm create mode 100644 udev.preinst create mode 100644 udev.triggers create mode 100644 upstream/metadata create mode 100644 watch diff --git a/NEWS b/NEWS new file mode 100644 index 00000000..6d491b7a --- /dev/null +++ b/NEWS @@ -0,0 +1,223 @@ +systemd (256-2) unstable; urgency=medium + + cryptsetup tools such as systemd-cryptsetup, systemd-cryptenroll, + systemd-veritysetup, and more, have been split into a new systemd-cryptsetup + package to reduce dependencies pulled in by the main systemd package. This + new package is only listed as a Recommends, so if this functionality is used + ensure that either Recommends are installed (default) or that it is + manually installed. + + -- Luca Boccassi Tue, 10 Sep 2024 18:19:16 +0200 + +systemd (256~rc3-3) unstable; urgency=medium + + - /tmp/ is now by default a tmpfs, via the tmp.mount unit provided upstream. + The old default setup can be retained simply by masking the unit locally + with (do not do this if you are defining /tmp/ manually in /etc/fstab): + + systemctl mask tmp.mount + + or: + + touch /etc/systemd/system/tmp.mount + + It is recommended to check /tmp/ for any leftover files before rebooting + after installing this update and manually cleaning up, as the directory + will longer be cleaned up automatically on boot, as it is overmounted. It + is always possible to remount the root filesystem in a local directory + and remove leftovers manually after rebooting, but this will not be done + automatically to avoid unintential removals. This situation can be easily + detected by checking the journal after a reboot, as there will be a log + message that says: + + tmp.mount: Directory /tmp to mount over is not empty, mounting anyway + + - /run/lock/ is no longer created with a patch before units start, but by + a standard early-boot run-lock.mount unit that is ordered before + local-fs.target. Any service needing to use /run/lock/ and running before + sysinit.target (ie, they likely define DefaultDependencies=no) will need + to be explicitly ordered with After=run-lock.mount. The two known cases + where this happens in the archive have a bug+MR filed already. + + - On new installations, tmpfiles.d will now cleanup by default files + that have not been changed or accessed on /tmp/ for 10 days, and /var/tmp/ + for 30 days. The legacy behaviour can be configured with a local override + if needed: + + echo 'D /tmp 1777' > /etc/tmpfiles.d/tmp.conf + + This override will be automatically provided for upgrades of existing + systems from previous releases to Trixie. As a reminder, individual + files and directories can be marked for exclusion from cleanups with + the 'x' type configuration line as described in the tmpfiles.d manpage, + for example: + + echo 'x /tmp/my-precious' > /etc/tmpfiles.d/precious.conf + + - coredumps are now disabled by default via configuration files rather than + an out-of-tree patch (installing the optional systemd-coredump package + will enable them as before). As always, overriding via local drop-ins is + possible if desired. The configuration files that respectively affect + the system systemd instance, the user systemd instances and PAM sessions + are: + + /usr/lib/systemd/system.conf.d/10-coredump-debian.conf + /usr/lib/systemd/user.conf.d/10-coredump-debian.conf + /usr/lib/sysctl.d/10-coredump-debian.conf + /etc/security/limits.d/10-coredump-debian.conf + + -- Luca Boccassi Tue, 28 May 2024 00:07:57 +0100 + +systemd (256~rc2-1) unstable; urgency=medium + + In the rare case a scheduled shutdown fails to be enqueued (most + likely, D-Bus daemon/broker is not installed), the system will now + immediately reboot, restoring the default behaviour intended upstream. + + -- Luca Boccassi Wed, 15 May 2024 00:40:56 +0100 + +systemd (253~rc2-1) experimental; urgency=medium + + TuxOnIce is no longer supported directly (via an out-of-tree patch) + for hibernation. TuxOnIce users should instead use the environment + variable $SYSTEMD_BYPASS_HIBERNATION_MEMORY_CHECK=1 (i.e.: set it on + the kernel command line). + + The Debian-specific /etc/default/locale will now be made into a + symlink to the distribution-agnostic /etc/locale.conf. The content + format is compatible, so at upgrade time if /etc/default/locale + exists it will be copied to /etc/locale.conf, if the latter does not + exist. + The Debian-specific /etc/timezone will no longer be supported by + systemd-timedated, as it is no longer useful and its functionality + has been subsumed into /etc/localtime, and tzdata will no longer + create it. + + The journal 'audit' feature is no longer patched to be disabled by + default, and instead we rely on the fact that the unit + 'systemd-journald-audit.socket' is disabled by default. If you enabled + this in the past by setting 'Audit=yes' in a configuration file, you + will also need to enable the socket unit. + + -- Luca Boccassi Wed, 08 Feb 2023 20:36:58 +0000 + +systemd (251.3-2) unstable; urgency=medium + + systemd-resolved has been split into a separate package. + This new systemd-resolved package will not be installed automatically on + upgrades. If you are using systemd-resolved, please install this new + package manually. + + -- Luca Boccassi Thu, 05 Aug 2022 20:26:12 +0100 + +systemd (251.2-3) unstable; urgency=medium + + systemd-boot has been split into a separate package. + This new systemd-boot package will not be installed automatically on + upgrades. If you are using systemd-boot, please install this new + package manually. + + The default boot loader in Debian is grub2. If you have not set up + systemd-boot manually, no action is required on your side. + + -- Michael Biebl Wed, 08 Jun 2022 21:49:47 +0200 + +systemd (251.1-1) unstable; urgency=medium + + systemd-journal-gatewayd and systemd-journal-remote are now built + without the --trust option, in order to be able to switch away from + gnutls to openssl. + + -- Luca Boccassi Thu, 26 May 2022 00:55:39 +0100 + +systemd (247.2-2) unstable; urgency=medium + + systemd now defaults to the "unified" cgroup hierarchy (i.e. cgroupv2). + This change reflects the fact that cgroupsv2 support has matured + substantially in both systemd and in the kernel. + All major container tools nowadays should support cgroupv2. + If you run into problems with cgroupv2, you can switch back to the previous, + hybrid setup by adding "systemd.unified_cgroup_hierarchy=false" to the + kernel command line. + You can read more about the benefits of cgroupv2 at + https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v2.html + + -- Michael Biebl Mon, 21 Dec 2020 18:40:10 +0100 + +systemd (247.2-1) unstable; urgency=medium + + KERNEL API INCOMPATIBILITY: Linux 4.14 introduced two new uevents + "bind" and "unbind" to the Linux device model. When this kernel + change was made, systemd-udevd was only minimally updated to handle + and propagate these new event types. The introduction of these new + uevents (which are typically generated for USB devices and devices + needing a firmware upload before being functional) resulted in a + number of issues which we so far didn't address. We hoped the kernel + maintainers would themselves address these issues in some form, but + that did not happen. To handle them properly, many (if not most) udev + rules files shipped in various packages need updating, and so do many + programs that monitor or enumerate devices with libudev or sd-device, + or otherwise process uevents. Please note that this incompatibility + is not fault of systemd or udev, but caused by an incompatible kernel + change that happened back in Linux 4.14, but is becoming more and + more visible as the new uevents are generated by more kernel drivers. + + To learn more about the required udev rules changes please check the + "CHANGES WITH 247" section of /usr/share/doc/systemd/NEWS.gz. + + -- Balint Reczey Fri, 11 Dec 2020 18:22:42 +0100 + +systemd (241-4) unstable; urgency=medium + + DRM render nodes (/dev/dri/renderD*) are now owned by group "render" + (previously group "video"). Dynamic ACLs via the "uaccess" udev tag are still + applied, so in the common case things should just continue to work. + If you rely on static permissions to access those devices, you need to update + group memberships accordingly to use group "render" now. + + -- Michael Biebl Fri, 17 May 2019 19:15:32 +0200 + +systemd (236-1) unstable; urgency=medium + + DynamicUser=yes has been enabled for systemd-journal-upload.service and + systemd-journal-gatewayd.service. + This means we no longer need to statically allocate a systemd-journal-upload + and systemd-journal-gateway user and you can now safely remove those system + users along with their associated groups. + + -- Michael Biebl Sun, 17 Dec 2017 21:17:32 +0100 + +systemd (231-1) unstable; urgency=low + + This version drops support for running /etc/rcS.d SysV init scripts. + These are prone to cause dependency loops, and almost all Debian packages + with rcS scripts now ship a native systemd service. If you have custom or + third-party rcS scripts you need to convert them or change them to run + in rc2.d/ - rc5.d/; see this page for details: + . + + -- Martin Pitt Thu, 14 Jul 2016 12:54:34 +0200 + +systemd (224-2) unstable; urgency=medium + + This version splits out systemd-nspawn, systemd-machined, and machinectl + into the new "systemd-container" package. That now also enables + systemd-importd. + + -- Martin Pitt Sat, 22 Aug 2015 15:58:43 +0200 + +systemd (220-7) unstable; urgency=medium + + The mechanism for providing stable network interface names changed. + Previously they were kept in /etc/udev/rules.d/70-persistent-net.rules + which mapped device MAC addresses to the (arbitrary) name they got when + they first appeared (i. e. mostly at the time of installation). As this + had several problems and is not supported any more, this is deprecated in + favor of the "net.ifnames" mechanism. With this most of your network + interfaces will get location-based names. If you have ifupdown, firewall, + or other configuration that relies on the old names, you need to update + these by Debian 10/Ubuntu 18.04 LTS, and then remove + /etc/udev/rules.d/70-persistent-net.rules. Please see + /usr/share/doc/udev/README.Debian.gz for details about this. + + -- Martin Pitt Mon, 15 Jun 2015 15:30:29 +0200 diff --git a/README.Debian b/README.Debian new file mode 100644 index 00000000..11f5e32c --- /dev/null +++ b/README.Debian @@ -0,0 +1,112 @@ +Enabling persistent logging in journald +======================================= + +To enable persistent logging, create /var/log/journal: + + mkdir -p /var/log/journal + systemd-tmpfiles --create --prefix /var/log/journal + +systemd will make the journal files owned by the "systemd-journal" group and +add an ACL for read permissions for users in the "adm" group. +To grant a user read access to the system journal, add them to one of the two +groups. + +This will allow you to look at previous boot logs with e. g. +"journalctl -b -1". + +If you enable persistent logging, consider uninstalling rsyslog or any other +system-log-daemon, to avoid logging everything twice. + +Debugging boot/shutdown problems +================================ + +The "debug-shell" service starts a root shell on VT 9 which is available very +early during boot and very late during shutdown. You can temporarily enable +this when booting the system does not get sufficiently far to get a desktop or +even the text console logins (getty), or when shutdown hangs eternally. + +For boot problems the recommended way is to append "systemd.debug-shell" to the +kernel command line in the bootloader. +For shutdown problems, run "systemctl start debug-shell" as root, then shut +down. + +WARNING: Please avoid "systemctl enable debug-shell" as this will start the +debug shell permanently which is a SECURITY HOLE as it allows unauthenticated +and unrestricted root access to your computer if you forget to disable it! +Please only enable it if you cannot pass "systemd.debug-shell" to the boot +loader for some reason, and then immediately run "systemctl disable debug-shell" +after booting. + +Once the boot/shutdown problem happened, switch to VT9 (Ctrl+Alt+F9). There you +can use the usual systemctl or journalctl commands, or any other Linux shell +command to list or kill processes. For example, run "systemctl list-jobs" to +see what's currently being run, or "systemctl" to find units which are not in +the expected state (e. g. "failed" for boot or still "active" during shutdown), +and then get more detailed information with "systemctl status -l foo.service" +to get a service "foo"'s status and recent logging. + +In situations where the debug shell is not available, you can generate a +/shutdown-log.txt file instead: +1. Boot with these kernel command line options: + systemd.log_level=debug systemd.log_target=kmsg log_buf_len=1M +2. Save the following script as /lib/systemd/system-shutdown/debug.sh and make it executable: + #!/bin/sh + mount -o remount,rw / + dmesg > /shutdown-log.txt + mount -o remount,ro / +3. Reboot + +Enable and use networkd +======================= +networkd is a small and lean service to configure network interfaces, designed +mostly for server use cases in a world with hotplugged and virtualized +networking. Its configuration is similar in spirit and abstraction level to +ifupdown, but you don't need any extra packages to configure bridges, bonds, +vlan etc. It is not very suitable for managing WLANs yet; NetworkManager is +still much more appropriate for such Desktop use cases. + +networkd is not enabled by default; run + + systemctl enable systemd-networkd + +if you want to use it. After that you need to create some *.network +configuration files. In the simplest case you just want to run DHCP on all +available Ethernet interfaces: + +--- /etc/systemd/network/all-eth.network --- +[Match] +Name=e* +[Network] +DHCP=yes + +This will match on both the kernel "ethN" as well as the predictable interface +names "en*". Please see man systemd.network(5) for all available configuration +options and examples. + +You need to make sure that interfaces handled by networkd are not handled by +ifupdown (/etc/network/interfaces) and NetworkManager. + +Note that interfaces brought up/down will *not* run hooks in +/etc/network/if-*.d/. + +It is recommended to use networkd together with systemd-resolved(8) to +dynamically manage /etc/resolv.conf: + + systemctl enable systemd-resolved + ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf + +Debian's networkd has been modified to also work with the resolvconf package. + +KillUserProcesses behavior in Debian +==================================== + +If KillUserProcesses=yes is configured in logind.conf(5), the session scope +will be terminated when the user logs out of that session. + +See logind.conf(5): + +| Note that setting KillUserProcesses=yes will break tools like screen(1) and +| tmux(1), unless they are moved out of the session scope. + +The default for KillUserProcesses in /etc/systemd/logind.conf is set +to "yes" in upstream systemd, though Debian defaults to "no" (see #825394). diff --git a/README.source b/README.source new file mode 100644 index 00000000..e3ba8cf4 --- /dev/null +++ b/README.source @@ -0,0 +1,103 @@ +Building from source +-------------------- +Install “git-buildpackage” and run the following steps: + + gbp clone git+ssh://git.debian.org/git/pkg-systemd/systemd.git + cd systemd + gbp buildpackage + +We recommend you use pbuilder to make sure you build in a clean environment: + + gbp buildpackage --git-pbuilder + +Changelog +--------- +The systemd package uses gbp dch for automatically generating +debian/changelog entries from the corresponding git commits. This makes +cherry-picking, merging, and rebasing much simpler. + +Thus, for any packaging change *don't* modify debian/changelog, just write a +meaningful git commit log with proper bug references (such as "Closes: #12345" +on the last line). For doing a release, run + + gbp dch --auto + +then beautify the generated debian/changelog, then run the usual "dch -r" and +"debcommit -ar --sign-tags". + +Patch handling +-------------- +The systemd package uses gbp pq for maintaining patches with a git-like +workflow in a "patch-queue/" local branch and then exporting them as +quilt series. For working on patches you run + + gbp pq import --force + +Then you are in the patch-queue branch and can git log, commit, cherry-pick +upstream commits, rebase, etc. there. After you are done, run + + gbp pq export + +which will put you back into master and update debian/patches/ (including +series). You need to git add etc. new patches, possibly other +packaging changes, and then git commit as usual. + +systemd uses gbp pq's "topic" branches for organizing patches; for simplicity +(as this is the most common operation), upstream cherry-picks go into the +"empty" topic (i. e. directly into debian/patches/), while Debian specific +patches go into "Gbp-Pq: Topic debian" (i. e. debian/patches/debian/). + +Rebasing patches to a new upstream version +------------------------------------------ +gbp pq's "rebase" command does not work very conveniently as it fails on merge +conflicts. First, ensure you are in the master branch: + + git checkout master # in case you aren't already + +Now, do one of + + (1) To import a new upstream release into the existing master branch for unstable, +do: + + gbp pq import --force + gbp pq switch # switch back to master from patch-queue/master + gbp import-orig [...] + gbp pq switch # switch to patch-queue/master + git rebase master + + (2) To import a new upstream release into a new branch for Debian experimental, do: + + git branch experimental + git checkout experimental + editor debian/gbp.conf # set "debian-branch=experimental" + gbp import-orig [...] + git branch patch-queue/experimental patch-queue/master + git checkout patch-queue/experimental + git rebase experimental + +Now resolve all the conflicts, skip obsolete patches, etc. When you are done, run + + gbp pq export + +Note that our debian/gbp.conf disables patch numbers. + +Cherry-picking upstream patches +------------------------------- +You can add the systemd upstream branch as an additional remote to the Debian +packaging branch. Call it "github" or similar to avoid confusing it with the +already existing "upstream" branch from git-buildpackage: + + git remote add github https://github.com/systemd/systemd.git + git fetch github -n + +Now you can look at the upstream log and cherry-pick patches into the +patch-queue branch: + + gbp pq import --force + git log github/master + git cherry-pick 123DEADBEEF + +debian/git-cherry-pick is a nice tool to automate all that: + + debian/git-cherry-pick 123DEADBEEF 987654 AFFE99 + git checkout master # switch back from patch-queue branch diff --git a/changelog b/changelog new file mode 100644 index 00000000..0a34ec68 --- /dev/null +++ b/changelog @@ -0,0 +1,9411 @@ +systemd (257.1-4) unstable; urgency=medium + + * d/t/upstream: decrease parallelism to nproc - 1 + * d/t/upstream: do not use nspawn for tests + * d/t/upstream: disable homed/userdbd in the test runner + * d/t/upstream: mask systemd-machined + * Backport patch to workaround issue in new mdadm + + -- Luca Boccassi Sun, 22 Dec 2024 13:57:12 +0000 + +systemd (257.1-3) unstable; urgency=medium + + * autopkgtest: mark tests-in-lxd as flaky + + -- Luca Boccassi Sat, 21 Dec 2024 01:19:14 +0000 + +systemd (257.1-2) unstable; urgency=medium + + * Various fixes for d/t/tests-in-lxd + + -- Luca Boccassi Fri, 20 Dec 2024 15:27:15 +0000 + +systemd (257.1-1) unstable; urgency=medium + + [ Luca Boccassi ] + * test: fix flaky boot-and-services test. + * d/t/upstream: fix mkosi syntax warnings + * systemd-ukify: recommend python3-cryptography. One of the verbs uses + it, so add a recommend to pull it in by default (Closes: #1090759) + * d/watch: restrict to v257.x series + * Update upstream source from tag 'upstream/257.1' (Closes: #1087616) + * Drop patches, merged upstream + * Install systemd-creds bash completion + + [ Nick Rosbrook ] + * d/t/tests-in-lxd: run some tests under LXD + * debian/tests/boot-and-services: drop test_no_failed + * debian/control: add Breaks: systemd (<< ${binary:Version}) for udev. + This ensures that systemd is also upgraded whenever udev is upgraded. + * d/control: make systemd-sysv Depends: on matching version of systemd + * d/systemd-resolved.postinst: copy existing /etc/resolv.conf on new + installs + + [ Balint Reczey ] + * debian/systemd.postinst: Skip daemon-reexec and try-restarts during + shutdown. LP #1803391 + + -- Luca Boccassi Thu, 19 Dec 2024 21:41:25 +0000 + +systemd (257-2) unstable; urgency=medium + + [ Aurelien Jarno ] + * udev: install dmi_memory_id and its rules on riscv64. + + [ Luca Boccassi ] + * Backport patches to fix test failures + + -- Luca Boccassi Wed, 11 Dec 2024 18:31:08 +0000 + +systemd (257-1) unstable; urgency=medium + + * Update to new upstream version v257. For a full list of changes: + https://github.com/systemd/systemd/releases/tag/v257-rc1 + * Update symbols file for v257 + + -- Luca Boccassi Tue, 10 Dec 2024 19:57:21 +0000 + +systemd (257~rc3-1) unstable; urgency=medium + + [ Luca Boccassi ] + * systemd-ukify: recommend systemd-boot-efi for the stub (Closes: + #1087808) + * Increase minimum sections in stub PE header on arm64/armhf/riscv64 to + 500. Allows riscv64 to include all current DTBs with some room to grow + (Closes: #1087817) + * Bump version in tzdata dependency due to p-u upload + * Update to new upstream version v257~rc3. For a full list of changes: + https://github.com/systemd/systemd/releases/tag/v257-rc3 + * Drop patches, merged upstream + * Update symbols for 257~rc3 + + [ Ben Hutchings ] + * sysctl: Add file trigger on /usr/lib/sysctl.d to restart systemd- + sysctl. (Closes: #1085160) + + -- Luca Boccassi Wed, 27 Nov 2024 21:21:02 +0000 + +systemd (257~rc2-3) unstable; urgency=low + + * Backport patch to remove faulty unit test assertion + + -- Luca Boccassi Sat, 16 Nov 2024 10:13:56 +0000 + +systemd (257~rc2-2) unstable; urgency=low + + * Backport patch to fix FTBFS due to failing unit test + + -- Luca Boccassi Sat, 16 Nov 2024 00:36:08 +0000 + +systemd (257~rc2-1) unstable; urgency=low + + * d/t/control: add more packages to dummy hint-testsuite-triggers. A + regression was introduced by nvme-cli in testing because the testsuite + doesn't depend on it anymore directly, as mkosi builds it in the + image. Add back all the tools/libraries that are only part of the + mkosi guest image, so that autopkgtest triggers when they get updated, + and regressions can be flagged before they migrate to testing. + * Update upstream source from tag 'upstream/257_rc2' + * Drop all patches, merged upstream + * Install new systemd-keyutil binary in the systemd-repart package + * systemd-ukify: downgrade dependency on systemd, not mandatory. It is + necessary for the systemd-measure binary, but its usage is optional + behind a specific argument, so the dependency can be downgraded + (Closes: #1087322) + * systemd-ukify: recommend systemd-repart. Needed for the systemd-sbsign + and systemd-keyutil binaries + * d/rules: adjust blhc override to account for source files being moved + * Update lintian override to ignore false positive typos + + -- Luca Boccassi Fri, 15 Nov 2024 19:49:02 +0000 + +systemd (257~rc1-4) unstable; urgency=medium + + * Backport patch to fix TEST-07-PID1 integration test + + -- Luca Boccassi Fri, 08 Nov 2024 01:09:19 +0000 + +systemd (257~rc1-3) unstable; urgency=low + + * Backport another patch to fix test failure on buildd + + -- Luca Boccassi Thu, 07 Nov 2024 11:13:25 +0000 + +systemd (257~rc1-2) unstable; urgency=low + + * Backport patch to fix unit test failure on buildd + + -- Luca Boccassi Thu, 07 Nov 2024 09:35:17 +0000 + +systemd (257~rc1-1) unstable; urgency=low + + * gbp.conf: switch upstream branch to full upstream history + * Update to new upstream version v257~rc1. For a full list of changes: + https://github.com/systemd/systemd/releases/tag/v257-rc1 + * Drop all patches, merged upstream + * Install new files + * List new libsystemd0 symbols + * Ignore Lintian warning dh-exec-script-without-dh-exec-features + * d/copyright: remove pattern for directory that is no longer present + + -- Luca Boccassi Wed, 06 Nov 2024 23:58:55 +0000 + +systemd (256.7-3) unstable; urgency=medium + + [ Luca Boccassi ] + * Backport patch to fix test failures with tzdata 2024b-1 + * systemd-boot: provide provisional integration with shim. Not yet + used, will be active once the signed packages are available. + https://wiki.debian.org/SecureBoot#Secure_Boot_setup_with_systemd-boot + + [ Kirill Rekhov ] + * d/systemd.postrm: delete more internal state directories on purge + + -- Luca Boccassi Fri, 01 Nov 2024 18:13:09 +0000 + +systemd (256.7-2) unstable; urgency=medium + + [ Nick Rosbrook ] + * d/systemd.postinst: do not restart systemd-binfmt.service if masked + (LP: #2077869) + + [ Luca Boccassi ] + * systemd-boot: depend on systemd for kernel-install (Closes: #1085012) + * Disable utmp support, not y2038 safe. utmp support in tmux has been + disabled, so autopkgtest should no longer break + * Backport fixes for upstream autopkgtest suite + + [ Benjamin Drung ] + * initramfs-tools: support missing /etc/udev/udev.conf. Installing + initramfs-tools fails in case `/etc/udev/udev.conf` is removed + (LP: #2084592) + + -- Luca Boccassi Fri, 18 Oct 2024 15:47:12 +0100 + +systemd (256.7-1) unstable; urgency=medium + + * autopkgtest: skip gdm3 on armel for smoke tests. Gnome is no longer + built for armel. (Closes: #1082516) + * New upstream version 256.7 + * Mark dependencies on clang and bpftool as :native (Closes: #1083064) + * Revert "autopkgtest: skip TEST-64-UDEV-STORAGE due to qemu crash". The + qemu crash is now detected in the upstream integration test script. + + -- Luca Boccassi Tue, 08 Oct 2024 18:37:53 +0100 + +systemd (256.6-1) unstable; urgency=medium + + [ Helmut Grohne ] + * salsa-ci: test the stage1 build profile + + [ Simon Chopin ] + * Filter out zdev rules in the initramfs hook (LP: #2044104). s390-tools + has its own initramfs customization logic that deals with those files. + + [ Luca Boccassi ] + * Re-enable utmp support, tmux's autopkgtests require it. This will + break as logind writing into utmp will wrap around, so Trixie won't be + y2038 ready after all + * New upstream version 256.6 + * Note systemd-cryptsetup package split in NEWS (Closes: #1079644) + + -- Luca Boccassi Tue, 10 Sep 2024 18:28:21 +0200 + +systemd (256.5-2) unstable; urgency=medium + + [ Helmut Grohne ] + * Fix stage1 build (Closes: #1078821) + + [ Luca Boccassi ] + * Disable utmp support, replaced by wtmpdb. utmp is not y2038-safe, util- + linux has now turned it off and relies on logind, so disable utmp + support in logind too, as it is no longer necessary. wtmpdb replaces + the functionality. + + -- Luca Boccassi Sun, 01 Sep 2024 22:03:06 +0100 + +systemd (256.5-1) unstable; urgency=medium + + * New upstream version 256.5 + * Drop patch merged upstream + * autopkgtest: skip TEST-64-UDEV-STORAGE due to qemu crash. This tests + randomly causes qemu to crash, making it very flaky, skip it + downstream + + -- Luca Boccassi Thu, 15 Aug 2024 22:00:36 +0100 + +systemd (256.4-3) unstable; urgency=medium + + * Drop redundant pot build. This was added many years ago, when + apparently the upstream pot generation wasn't run or wasn't working. + This is not the case anymore, pot files are regenerated upstream and + checked in on every release, so this manual step just updates the + timestamp in the existing template and nothing else. Drop it. + * Use debian/clean instead of override in d/rules + * Stop shipping empty /etc/init.d directory. We do not have any need for + it, and will soon stop supporting legacy init files, so stop shipping + it + * Use d/not-installed instead of manual removals. We no longer install + in the main package with a wildcard so we do not need to manually + delete files, listing them in d/not-installed is sufficient. The only + exceptions are files picked up by directory/wildcard entries in + dh_install that have to be deleted. + * autopkgtest: run upstream test last. It is the most complex and thus + the most likely to show temporary failures, so move it last so that + it's easier to read the logs + * autopkgtest: use hint-testsuite-triggers to ensure other packages + changes trigger our testsuite + * Depend on new linux-bpf-dev package where available + + -- Luca Boccassi Sun, 11 Aug 2024 11:53:32 +0100 + +systemd (256.4-2) unstable; urgency=medium + + * autopkgtest: allow localectl in localed tests. + + -- Luca Boccassi Thu, 25 Jul 2024 13:18:09 +0100 + +systemd (256.4-1) unstable; urgency=medium + + [ Nick Rosbrook ] + * Move systemd-time-wait-sync to systemd-timesyncd package + (LP: #1938058) + * d/t/boot-and-services: skip test_tmp_cleanup if tmp.mount is + overridden + * d/t/upstream: ensure correct ubuntu codename is used + * d/t/control: add Depends: lib{systemd,udev}-dev for upstream + + [ Luca Boccassi ] + * Drop /etc/sysctl.d/99-sysctl.conf symlink procps no longer ships + /etc/sysctl.conf (Closes: #1076190) + * autopkgtest: add allow-stderr to timedated test + * autopkgtest: set Release= in mkosi.local.conf to distinguish testing + vs unstable + * Drop out-of-tree localed patch and use D-Bus policy instead. We can + forbid changing locale/keymap/keyboard via a D-Bus policy instead of + an out-of-tree patch. + * New upstream version 256.4 (Closes: #1074789) + * Install varlinkctl zsh completion file + * Drop last patch, all merged upstream + + -- Luca Boccassi Wed, 24 Jul 2024 14:23:56 +0100 + +systemd (256.2-1) unstable; urgency=medium + + * d/not-installed: fix shutdown.standalone path + * autopkgtest: skip qemu tests on arm64 + * Add recommends on linux-sysctl-defaults. This package contains the + default sysctl settings, and is maintained by the kernel team. This is + not available in Ubuntu so keep it as a recommends for now, to avoid + breaking the upstream CI. + (Closes: #1027773) + * initramfs-tools: copy network drop-ins too (Closes: #1074564) + * d/e/checkout-upstream: fix shellcheck warnings + * d/e/checkout-upstream: do not fail if rebase fails + * d/e/checkout-upstream: switch packaging branch on upstream stable PRs. + * New upstream version 256.2 (Closes: #1074789) + * Install run0 zsh completion file + + -- Luca Boccassi Fri, 05 Jul 2024 19:15:59 +0100 + +systemd (256.1-2) unstable; urgency=medium + + * Bump breaks/replaces to conflicts for DEP17. Breaks/replaces are not + enough when moving files between packages and between locations as per + DEP17, so bump to Conflicts. (Closes: #1073922) + * autopkgtest: add dependency on libcryptsetup-dev in unit-tests suite + + -- Luca Boccassi Sun, 23 Jun 2024 13:33:33 +0100 + +systemd (256.1-1) unstable; urgency=medium + + * Bump versioned breaks against dracut to 102-2 (Closes: #1073290) + * autopkgtest: switch upstream suite to mkosi-based builds + * Add conflict against sysv-rc, insserv and startpar in systemd-sysv. + They are not needed, and having them installed causes problems. + (Closes: #1072562) + * New upstream version 256.1 + * Drop section from binary packages where it matches the source package + * Override Lintian false positives about spare manpages + * Deduplicate template packages descriptions + * Add Lintian override for template package false positives + * Rename EFI architecture variable to avoid dpkg clash. Fixes Lintian + warning: debian-rules-sets-dpkg-architecture-variable + * Upload to unstable. + + -- Luca Boccassi Tue, 18 Jun 2024 23:19:16 +0100 + +systemd (256-2) experimental; urgency=medium + + * Add templated packages for UEFI Secure Boot signing of systemd-boot. + * Add systemd-standalone-shutdown package for exitrds. Allows building + minimal exitrd images, used to gracefully cleanup complex root + filesystems storage. Not intended for normal systems. + * Add systemd-repart package to reduce dependencies sd-repart pulls in + several libraries that binaries in the main systemd package do not + need, so split it out to reduce the dependencies of the main package + * Add systemd-cryptsetup package to reduce dependencies sd- + cryptsetup/integritysetup/veritysetup pull in several libraries that + other files in the main systemd package do not need, so split them out + to reduce the dependencies of the main package + * Move sd-sysupdate to systemd-container + * Move importd manpages to systemd-container, where the binaries are. + Left behind when importd was moved + * Move systemd-boot/stub manpages to systemd-boot. The EFI packages + should just have the EFI binaries, no point in duplicating the docs. + And the stub manpage should also be in the boot package, not the main + package. + + -- Luca Boccassi Wed, 12 Jun 2024 01:30:51 +0100 + +systemd (256-1) unstable; urgency=medium + + [ Kevin Fleming ] + * Additional workaround for links to legacy /usr/share/systemd/tmp.mount + placeholder + + [ Yu Watanabe ] + * debian/extra/network: use NamePolicy=mac only when ID_NET_NAME_MAC is + set. + + [ Luca Boccassi ] + * New upstream version 256. For a full list of changes, see: + https://github.com/systemd/systemd/releases/tag/v256 + + -- Luca Boccassi Tue, 11 Jun 2024 22:59:12 +0100 + +systemd (256~rc4-1) unstable; urgency=high + + [ Luca Boccassi ] + * Restart managers on libc-upgrade dpkg trigger (Closes: #1072373) + * LimitCORE: restore default hard limit to infinity. The intention was + to change the soft limit, but by default it applies to both unless + specified, so fix it. + * New upstream version 256~rc4 + * Drop patches merged upstream + + [ Nick Rosbrook ] + * debian/extra: set ManagedOOMSwap=auto on -.slice. This has the effect + of disabling swap kill by default, so cgroups will only be monitored + for memory pressure, and not swap usage. + * debian/extra: use a drop-in resolved.conf to configure Cache=no- + negative. Only ship this on Ubuntu. + * debian/extra: use a dropin to configure Nice=-1 on systemd- + journald.service. Only ship this on Ubuntu. + + [ Dan Streetman ] + * debian/tests/storage: without scsi_debug, skip test + + -- Luca Boccassi Thu, 06 Jun 2024 20:49:17 +0100 + +systemd (256~rc3-7) unstable; urgency=medium + + * NEWS: note that any leftover file in /tmp/ will be invisible due to + the tmpfs and other clarifications (Closes: #1072249) + * Add pkg.systemd.noukify profile. Will be useful for i386 reduced + builds + * d/rules: be more robust against non-existing dirs when deleting files + * Allow setting GENSYMBOLS_LEVEL from the environment. Needed when + building with llvm to work around #986746 + + -- Luca Boccassi Sat, 01 Jun 2024 12:30:39 +0100 + +systemd (256~rc3-6) unstable; urgency=medium + + * NEWS: clarify tmpfiles.d entry (Closes: #1072155) + * Override false positive Lintian warning + * Add workaround for links to legacy /usr/share/systemd/tmp.mount + placeholder. Some users apparently link to the placeholder in + /usr/share/ so delete any such links, given we don't ship it anymore + (Closes: #1072187) + + -- Luca Boccassi Thu, 30 May 2024 18:11:19 +0100 + +systemd (256~rc3-5) unstable; urgency=medium + + * homed: fixup pam-auth-update file via trigger pam-auth-update assumes + nothing comes after a password module, but this is not true for + pam_systemd_home, which is a no-op for users not managed by homed. + Fixup common-password accordingly, using a trigger watching for pam- + auth-update files being installed. + + -- Luca Boccassi Wed, 29 May 2024 01:04:53 +0100 + +systemd (256~rc3-4) unstable; urgency=medium + + * autopkgtest: take into account compat tmp.conf in tmpfiles.d test. + * Backport patch to fix TEST-64-UDEV-STORAGE autopkgtest. + + -- Luca Boccassi Tue, 28 May 2024 12:11:36 +0100 + +systemd (256~rc3-3) unstable; urgency=medium + + [ Zbigniew Jędrzejewski-Szmek ] + * tests/boot-and-services: don't wait for systemd-tmpfiles-clean.service + to finish. It's a oneshot service, so the 'start' call above is + effectively synchronous. + * test/boot-and-services: use pidof instead of ps -C + + [ Chris Hofstaedtler ] + * autopkgtest: install open-iscsi and tgt for upstream suite + + [ Gioele Barabucci ] + * d/libnss-mymachines.nss: Install before `resolve` and `dns`. Installing + `mymachines` before `dns` and `resolve` (whatever comes first) is + suggested in the manpage. It also avoids leaking information about + local machines to the DNS resolver. (Closes: #825438, #851314) + * d/libnss-myhostname.nss: Install after `files` + + [ Luca Boccassi ] + * Drop /bin/systemd legacy symlink. The systemd binary should not be in + the default PATH. This symlink was created due to some old + documentation (long since corrected) suggesting to use + init=/bin/systemd to test switching to systemd. (Closes: #913061) + * initramfs: call udevadm settle before control --exit to ensure workers + have stopped. Otherwise there might be lock files left under /run/ + which will break 'nuke' and cause the boot to fail. (Closes: #1056564) + * Restore open files limit bump on boot. Broken packages ought to have + been fixed by now. (Closes: #1029152) + * Set default core limit to 0 via PAM for users. Otherwise it only + applies to services. + * Cleanup /var/tmp/ and /tmp/ on a timer by default. Remove the + downstream patch and restore the upstream behaviour set by the + tmpfiles.d which is to cleanup /var/tmp/ once a month and /tmp/ once + every 10 days. Can be overridden via: touch /etc/tmpfiles.d/tmp.conf + (Closes: #966621) + * Make /tmp/ a tmpfs by default. Restore the upstream default and make + /tmp/ a tmpfs. Can be overridden with: touch + /etc/systemd/system/tmp.mount or: systemctl mask tmp.mount + * Drop out-of-tree /run/lock patch and use a mount unit and tmpfiles.d + instead. Only lvm2 and open-iscsi have mentions of /run/lock and an + early-boot unit, so it's trivial to add ordering in those units + instead of maintaining an out-of-tree patch. + * homed: use standalone pam config file instead of pam-auth-config + pam_unix.so assumes that if anything comes before it then the password + has already been queried for sure. This doesn't work for homed, so + passwd breaks. pam-auth-config has this hard-coded assumption and it + cannot be disabled. Use an upstream standard pam config file instead. + (Closes: #1056166) + * NEWS: note recent changes + + -- Luca Boccassi Tue, 28 May 2024 00:07:57 +0100 + +systemd (256~rc3-2) unstable; urgency=medium + + * autopkgtest: do not install gdm3 on riscv64 tests. gnome-shell hasn't + built since last year for riscv64 due to #1058687 so the test fails as + it cannot be installed, skip it like on s390x. + + -- Luca Boccassi Thu, 23 May 2024 16:31:42 +0100 + +systemd (256~rc3-1) unstable; urgency=medium + + * Bump Breaks on dracut, on request of the maintainer (Closes: #1071278) + * autopkgtest: reboot before logind test + * Disable D-Bus introspection XML generation with nodoc profile + * autopkgtest: install systemd-dev for upstream suite too + * New upstream version 256~rc3 + * Drop patches merged upstream + + -- Luca Boccassi Wed, 22 May 2024 23:24:02 +0100 + +systemd (256~rc2-3) unstable; urgency=medium + + * Explicitly enable systemd-boot only on supported architectures + + -- Luca Boccassi Thu, 16 May 2024 22:51:08 +0100 + +systemd (256~rc2-2) unstable; urgency=medium + + * Build depend on dh-dlopenlibdeps and dynamically generate dlopen + dependencies + * Backport patches to fix journald asserts Compress=yes (Closes: + #1071201) + + -- Luca Boccassi Thu, 16 May 2024 17:40:43 +0100 + +systemd (256~rc2-1) unstable; urgency=medium + + [ Luca Boccassi ] + * report-bug: add presubj template to recommend opening functionality + bugs upstream first + * report-bug: include runtime taints + * Recommend libzstd1 and suggest liblz4-1, liblzma5, libgcrypt20 + * autopkgtest: install polkitd in upstream suite + * Build depend on rsync or meson >= 1.3.0 for follow-symlink workaround. + * Change links from freedesktop.org to systemd.io (Closes: #1070499) + * Add dependency on python3-psutil to systemd-tests, needed by networkd + test suite + * d/t/boot-and-services: drop tmp check. LXC now sets up a tmpfs on /tmp + as per upstream recommendation, so we cannot detect it via fstab + anymore. Just drop this test, as we are about to make /tmp a tmpfs + ourselves anyway. + * Set SBAT distro URL to tracker.d.o as suggested by EFI team + * Drop out-of-tree coredump patch and use config drop-ins instead. As + per: https://github.com/systemd/systemd/pull/27066 instead of carrying + an out-of-tree patch, use drop-ins to set the default pattern to + 'core' and the default core limit to '0' in the systemd package, and a + higher priority drop-in to set the default core limit to 'infinity' in + the systemd-coredump package (it already ships a sysctl to set the + pattern). The end result is the same, but with config drop-ins instead + of patches. + * Drop out-of-tree fsckd daemon patch. This was dropped upstream long + ago, and Plymouth on Debian doesn't actually use this. A different + upstream change provides the required functionality. + * Drop out-of-tree systemctl scheduled shutdown fallback. This patch was + rejected upstream and there's no path to have it merged, so drop it + and restore the default behaviour in case of error. + * Drop out-of-tree fsck skip patch and use drop-in instead. Non-root + filesystems are only checked when mounted, so the other change is not + needed. The root one can be fixed with a drop-in instead of a patch. + * d/t/control: explicitly depend on systemd-dev for tests that run pkg- + config + * systemd.postinst: use DPKG_ROOT in one more place. + * NEWS: note scheduled shutdown failure case changes + * New upstream version 256~rc2 + * Drop patches merged upstream + * Refresh patches for v256~rc2 + * Install new files from v256~rc2 + * Drop Lintian overrides for false positives that have been fixed + * Upload to unstable + + [ Michael Marley ] + * Use absolute path when including libkmod in initramfs. The relative + path works fine when the hook is executed during a normal APT + install/update, but if the user runs "update-initramfs -u" from any + directory other than /, the relative path doesn't match anything, + libkmod is not included, and the system fails to boot due to not + loading the storage driver(s). + + [ Michael Biebl ] + * Stop setting the build system explicitly. No longer necessary since + https://github.com/systemd/systemd/pull/31530 + * Remove systemd-dev dependency from systemd and udev. This was a + temporary measure to ease the migration. + + -- Luca Boccassi Wed, 15 May 2024 00:40:56 +0100 + +systemd (256~rc1-1~exp2) experimental; urgency=medium + + * Backport patch to fix test-build-path on RISC-V/MIPS + * Backport patch to fix build reproducibility + * Backport patch to fix BPF build on s390x + + -- Luca Boccassi Sat, 27 Apr 2024 18:14:25 +0100 + +systemd (256~rc1-1~exp) experimental; urgency=medium + + * d/watch: switch to main repository + * New upstream version 256~rc1 + * Drop Downgrade-a-couple-of-warnings-to-debug.patch. It is time to + start noticeably warning about these legacy setups + * Refresh patches for v256 + * Build depend on libarchive-dev + * Install new tools, units and manpages + * Enable bpf and new nsresourced/mountfsd services. Requires vmlinux.h + from linux-headers-$ARCH, disable if not found + * Backport patch to fix unit test failure in build environment + * Update libsystemd symbols file + * Update Lintian overrides + + -- Luca Boccassi Fri, 26 Apr 2024 12:22:04 +0100 + +systemd (255.5-1) sid; urgency=medium + + [ Michael Biebl ] + * autopkgtest: depend on pkgconf rather than pkg-config + * Stop setting default-hierarchy to unified explicitly. It is already + the default and the meson option has been deprecated and is expected + to be removed in a future release. See https://github.com/systemd/syst + emd/commit/31323f21bb0ae7c712f43500c42997c91a6d20bf + * Replace Skip-flaky-test_resolved_domain_restricted_dns-in- + network.patch with a proper upstream fix. + * Remove myself from Uploaders + + [ Luca Boccassi ] + * autopkgtest: add dhcpcd5 as alternative dependency to dhcpcd-base + dhcpcd-base is not available in Jammy + * d/e/checkout-upstream: stop overriding sshconfdir. It actually works + after some upstream test fixes, and it is necessary for TEST-46-HOMED + to work + * autopkgtest: install systemd-resolved for all suites. Necessary to + avoid breaking the network on Ubuntu, in the upstream jammy-based CI + jobs. Can be dropped once jammy is no longer tested. + * autopkgtest: add breaks-testbed to more tests. Given resolved is + installed, the testbed needs to be reset to switch back to the default + network stack, otherwise installing packages in the salsa-ci + autopkgtest job fails + * autopkgtest: restrict systemd-boot-efi to architectures where it's + built + * Enable libpwquality support. Suggest it from systemd (used by + firstboot and cryptenroll) and depend on it from homed (user creation + is a core part of it). It's a dlopen() dependency. (Closes: #1063391) + * d/e/checkout-upstream: do not initialize submodules. They are used by + mkosi, not needed for CI builds + * Autopkgtest: add dependency on libkmod-dev to upstream suite. + * Switch build-depend form liblz4-tool to lz4. The former is deprecated + and now dropped, the latter is available since buster. (Closes: #1068730) + * initramfs hooks: pull in libkmod manually udev now opens it with + dlopen, so the ldd-based resolver will not see it, pull it in the + initramfs manually + * New upstream version 255.5 + * Drop resolve-skip-IP_UNICAST_IF-for-local-sockets.patch, merged + upstream + * Refresh patches for v255.5 + * Bump Standards-Version to 4.7.0, no changes + + [ Daan De Meyer ] + * Build in developer mode when building for upstream. Developer mode + enables some helpful debugging options and enables various + experimental components such as systemd-vmspawn which we want to be + enabled when testing upstream. + + -- Luca Boccassi Wed, 24 Apr 2024 16:34:40 +0100 + +systemd (255.4-1) sid; urgency=medium + + [ Luca Boccassi ] + * Drop override for deprecated package-supports-alternative-init-but-no- + init.d-script warning + * Build-depend on pkgconf pkg-config is deprecated + * Move kernel-install initrd script to slightly later prefix + afea8e1a35e15382977d459241e8c56c180c862d moved it from 85 to 50, but + this conflicts with the upstream mkosi job, which also runs at 50 and + needs to run first. Move it back up slightly to 55 to fix the mkosi + builds, eg: https://github.com/systemd/systemd- + stable/actions/runs/7863691120/job/21454589626?pr=366 + * Mark python3-pefile build dependency as native. As suggested in + #1063393 + * Skip python3-pefile build dependency only if both nocheck and + noinsttests are set (Closes: #1063393) + * Build with -Dtests=false if nocheck and noinsttest profiles are set. + The required build dependencies will not be installed, so the tests + won't build. + * systemd-binfmt: use restart instead of try-restart on upgrade. It's + not a long-running service so it doesn't matter, and it fixes + installing a new binfmt provider (Closes: #1061960) + * d/e/checkout-upstream: do not rebase when building on systemd-stable + repo. We do rebase only pulls in the stable repo, and it's too much + hassle to figure out the right parent branch, given the webhook is + configured per repository rather than per branch, so just skip it + * d/e/checkout-upstream: build with default-timeout-sec=180. Helps with + slow daemon-reload on some CI runs. As requested by: + https://github.com/systemd/systemd/pull/27182 + * d/e/checkout-upstream: enable log-trace by default. Its abscence + appears to cause TEST-10-ISSUE-2467 to reliably fail. Enable it while + we figure it out. Also probably it is helpful to have it always turned + on for the CI, to get more info out of test runs. See: + https://github.com/systemd/systemd/issues/19154 + * d/e/checkout-upstream: do not install userdbd sshd config drop-in. + Breaks booting testbed in Jammy. Can be dropped after rebasing to + Noble. + * d/t/upstream: add dependencies on openssh, gnutls-bin, opensc and + softhsm2. Required for https://github.com/systemd/systemd/pull/28658 + and https://github.com/systemd/systemd/pull/30777 + * d/t/upstream: fix shellcheck warning. SC2086 (info): Double quote to + prevent globbing and word splitting. + * Add dependency on libkmod2 on udev, and suggestion on systemd dlopen() + dependency since https://github.com/systemd/systemd/pull/31131 but the + system can't boot without it, so add it as a dependency on udev which + is also needed outside of containers + * Update tzdata build dependency constraint to 2024a-1 + * Drop libarchive-dev build dependency. Not useful for now, we'll re-add + it after the next release + * New upstream version 255.4 + * Drop patches merged upstream + + [ Daan De Meyer ] + * Fix libtss2-mu dependency. This package recently changed name so let's + update the Suggests to account for that. + * Add Suggests for libtss2-tcti-device systemd wants to use this library + when tpm2 support is enabled so let's make sure we list it in + Suggests. (https://github.com/systemd/systemd/blob/db11bab38ccf1ed257f + 310d29070843d4c58ea01/meson.build#L1341) + * Make sure awk only matches PROJECT|PACKAGE_VERSION + * Use DEB_BUILD_MAINT_OPTIONS instead of meson options. + * Don't put debian revision in version tag when building for upstream. + * Allow users to configure DH_MISSING. + + [ Frantisek Sumsal ] + * d/t/storage: ignore credential mounts when checking /proc/mounts. + + [ Daniel P. Berrangé ] + * debian/rules: don't override default telinit-path. The 'telinit-path' + meson option is to be used to point to a non-systemd telinit binary + path. When systemctl is invoked as 'telinit', it will exec this binary + when it detects the current environment is not running under systemd. + If 'telinit-path' points back to 'systemctl', that would result in an + infinite re-execve() loop. (Closes: #1063147) + + -- Luca Boccassi Tue, 27 Feb 2024 17:43:55 +0000 + +systemd (255.3-2) sid; urgency=medium + + * Backport patches to fix reproducibility issues + * Salsa: re-enable reprotest + + -- Luca Boccassi Mon, 29 Jan 2024 10:46:19 +0000 + +systemd (255.3-1) sid; urgency=medium + + * New upstream version 255.3 + * Drop patches merged upstream + * Refresh patches + + -- Luca Boccassi Wed, 24 Jan 2024 20:03:15 +0000 + +systemd (255.2-4) sid; urgency=medium + + * autopkgtest: add btrfs-progs Depends to upstream suite. + Required by TEST-83-BTRFS and testcase_btrfs_basic from + TEST-64-UDEV-STORAGE. + * Revert "test: deny-list TEST-13-NSPAWN" + This reverts commit df8e5367aca20e0c75c9c91f826d22d8a0f7e36d. + * autopkgtest: add multipath-tools and kpartx Depends to upstream suite. + Required by testcase_multipath_basic_failover from TEST-64-UDEV-STORAGE. + * test: install correct kpartx udev rules on Debian + + -- Michael Biebl Sat, 06 Jan 2024 16:21:03 +0100 + +systemd (255.2-3) sid; urgency=medium + + * Cherry-pick fixes for upstream integration tests. + Fixes TEST-07-PID1, TEST-08-INITRD (skip), TEST-26-SYSTEMCTL and + TEST-75-RESOLVED. + * Add explicit Build-Depends on debhelper (>= 13.11.6) + This ensures we have a recent enough version of dh_installsystemd that + supports service files in /usr/lib/. + * test: deny-list TEST-13-NSPAWN. + The default ram size of 1024M for qemu virt is not sufficient + to make the test pass reliably on Debian sid/trixie. + Disable the test for now until this has been addressed in debci: + https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059840 + + -- Michael Biebl Tue, 02 Jan 2024 11:44:49 +0100 + +systemd (255.2-2) unstable; urgency=medium + + * udev: mips does not install dmi_memory_id and its rules + + -- Luca Boccassi Sun, 24 Dec 2023 14:25:27 +0100 + +systemd (255.2-1) unstable; urgency=medium + + * New upstream version 255.2 + * Drop resolved-actually-check-authenticated-flag-of-SOA-transac.patch, + merged upstream + + -- Luca Boccassi Sun, 24 Dec 2023 11:26:42 +0100 + +systemd (255.1-3) unstable; urgency=medium + + * Upload to unstable + * Fix installation of dmi_memory_id on i386 and x32 + * Explicitly disable bootloader for stage1 build. + This ensures that the stage1 build is not broken in a tainted build + environment. + * Mark missing man pages from stage1 build + + -- Michael Biebl Sun, 24 Dec 2023 11:08:06 +0100 + +systemd (255.1-2) experimental; urgency=medium + + [ Michael Biebl ] + * Upgrade the Breaks to Conflicts for the systemd-ukify package split. + This avoids potential loss of the /usr/lib/systemd/ukify compat symlink + for upgrades from bookworm-backports. + * Update package description of libnss-myhostname to use the correct IPv4 + address (Closes: #1057953) + * resolved: actually check authenticated flag of SOA transaction. + Patch cherry-picked from upstream Git. + (CVE-2023-7008, Closes: #1059278) + * Explicitly disable ukify for stage1 builds + * Enable dh-exec for systemd.manpages and udev.install. + This enables files to be installed specific to certain architectures or + build profiles. Unfortunately for systemd.manpages this requires to add a + debian/tmp/ prefix to all files. + See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053834#46 + * Restrict pcr/tpm2 related files to UEFI architectures. + Mirrors the python3-pyelftools [amd64 i386 arm64 armhf riscv64] + Build-Depends. + * Install dmi_memory_id and its udev rules file only on dmi architectures. + * Fix stage1 profile build + + [ Helmut Grohne ] + * Restore diverted symlinks in systemd-sysv.postinst that may have been lost + due to /usr-merge (Closes: #1057220) + + -- Michael Biebl Sun, 24 Dec 2023 00:52:15 +0100 + +systemd (255.1-1) experimental; urgency=medium + + [ Luca Boccassi ] + * Drop pkgconfig-keep-unmerged-paths-for-udevdir.patch, no longer needed + * New upstream version 255.1 + * Refresh patches + + [ Michael Biebl ] + * autopkgtest: install systemd-boot-efi for upstream suite. + TEST-70-TPM2 (specifically test/units/testsuite-70.pcrlock.sh) requires + the EFI stub files from /usr/lib/systemd/boot/efi/. + * test: skip tests for unsupported localectl features. + Update the upstream test suite to skip tests for unsupported localectl + features in Debian. Fixes TEST-73-LOCALE. + Thanks to Nick Rosbrook + * Update symbol versions for the final 255 release + * Install systemd and udev files explicitly without duplicates. + Stop making systemd and udev "catch-all" packages and removing duplicate + files in debian/rules by compiling a list of files that are installed by + other systemd binary packages. This approach no longer works reliably + if we have arch "all" binary packages and we do a partial type "any" build. + Instead, list all files that are installed in systemd and udev + explicitly in .install and .manpages. + * Mark usr/lib/sysctl.d/50-pid-max.conf as arch specific. + It's only installed by Meson if cc.sizeof('long') > 4. + See https://wiki.debian.org/ArchitectureSpecificsMemo + * Fix arch "all" builds. + Files handled by debian/rules and dh-exec are not understood by + dh_missing. So mark those as not-installed. + See man dh_missing and + https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831786 + * Install standalone binaries using dh-exec + * Print empty directories + dh_missing will not fail on uninstalled (empty) directories. + So show them during build as it makes it easier to spot if all of them + are handled. + * Split ukify into a separate package named systemd-ukify. + The main motivation for splitting the tool (and its kernel-install + integration) into a separate package is the dependency on python3 and + python3-pefile, which are not suitable dependencies for the main systemd + package. (Closes: #1051981) + * Make the Conflicts against bfh-container and progress-linux-container + versioned + + [ Nick Rosbrook ] + * debian/tests/control: add Depends: mdadm lvm2 for TEST-64-UDEV-STORAGE. + This ensures that testcase_mdadm_lvm in TEST-64-UDEV-STORAGE will run. + * debian/tests/upstream: drop blacklist support. + Upstream has been using deny-list-ubuntu-ci, rather than + blacklist-ubuntu-ci, for a while now. In Ubuntu, we use the + deny-list-upstream-ci convention too. Hence, it seems we can drop + support for the blacklist version. + + -- Michael Biebl Wed, 20 Dec 2023 17:54:00 +0100 + +systemd (255-1) unstable; urgency=medium + + * New upstream version 255. For a full list of changes, see: + https://github.com/systemd/systemd/releases/tag/v255 + * Drop seccomp patches, merged upstream + + -- Luca Boccassi Wed, 06 Dec 2023 21:24:09 +0000 + +systemd (255~rc4-2) unstable; urgency=medium + + * Backport patches to fix seccomp issues on armhf/armel/ppc64el + + -- Luca Boccassi Mon, 04 Dec 2023 16:56:42 +0000 + +systemd (255~rc4-1) unstable; urgency=medium + + * New upstream version 255~rc4 + + -- Luca Boccassi Sat, 02 Dec 2023 02:16:07 +0000 + +systemd (255~rc3-3) unstable; urgency=medium + + [ Oxan van Leeuwen ] + * Move kernel-install initrd script to earlier prefix. From systemd v255 + onwards, the 60-ukify.install script automatically uses initrd files + that are present in the staging area. Move the initrd script to run + earlier, so that ukify can use the initrd. The only third-party + kernel-install script present in the Debian archive is + 40-dkms.install, so it is not impacted by this change. Both dracut and + mkinitcpio upstream also ship their script with priority 50. + + [ Luca Boccassi ] + * systemd.pc: point unit install directory to /usr/lib/systemd/system/ + + -- Luca Boccassi Thu, 30 Nov 2023 21:09:08 +0000 + +systemd (255~rc3-2) unstable; urgency=medium + + * systemd: ignore '_systemctl kill' failures in postinst + + -- Luca Boccassi Wed, 22 Nov 2023 22:23:49 +0000 + +systemd (255~rc3-1) unstable; urgency=medium + + * d/systemd.install: mark pcrlock.d as !stage1. pcrlock configs are only + installed when libtss and libssl are available which is not the case + for stage1 builds, so mark accordingly + * New upstream version 255~rc3 + * Drop patches merged upstream + * Refresh patches + * systemd: reexec user manager sessions on upgrade. So far we only + reexec'ed PID1, and ignored user managers, which means bug or security + fixes were not applied for running sessions till the next reboot. Fix + this using 'systemctl kill', which is asynchronous but works even if + the D-Bus user session is not active. + * autopkgtest: install dhcpcd-base for boot-and-services + + -- Luca Boccassi Wed, 22 Nov 2023 21:33:09 +0000 + +systemd (255~rc2-3) unstable; urgency=medium + + [ Michael Biebl ] + * Use canonical paths for scripts in debian/extra. Update scripts for + udev-udeb, initramfs-tools integration scripts and dhclient hook + script to use the new canonical paths in /usr. + + [ Luca Boccassi ] + * Bump conflict with molly-guard to 0.8.2. The previous workarounds are + not enough, so a new upload will be needed. (Closes: #1056292) + * Backport patches to fix FTBFS on hppa and x32 + + -- Luca Boccassi Mon, 20 Nov 2023 20:58:27 +0000 + +systemd (255~rc2-2) unstable; urgency=medium + + * Add versioned Breaks against dracut. + The introduction of systemd-executor in v255 breaks the initrd that is + generated by dracut. Without systemd-executor, a systemd based initrd + will fail to boot. The dracut package needs to be updated to include + this new binary. (Closes: #1056108) + + -- Michael Biebl Sat, 18 Nov 2023 22:02:39 +0100 + +systemd (255~rc2-1) unstable; urgency=medium + + [ Matthias Geiger ] + * Bump version number for udev.postinst and udev.maintscript + * Fix udev.postinst to preserve the enablement of the init script. When + transferring ownership of the udev init script to sysvinit, the + service was disabled as it didn't check for enablement before calling + update-rc.d. Thanks to Mark Hindley for the original fix. (Closes: + #1053301) + + [ Luca Boccassi ] + * New upstream version 255~rc2 + * Drop fix-build-without-SBAT_DISTRO.patch, merged upstream + * Refresh patches + * Upload to unstable + + -- Luca Boccassi Wed, 15 Nov 2023 17:10:26 +0000 + +systemd (255~rc1-4) experimental; urgency=medium + + * Add version to Conflict with molly-guard + * Move systemd-hwdb-update.service to udev package. Commit a12cf5d187cb + in 249-1 removed systemd-hwdb-update.service from udev, and 254.4-1 + re-added it in systemd, so move it back to udev. (Closes: #1055863) + + -- Luca Boccassi Mon, 13 Nov 2023 13:51:12 +0000 + +systemd (255~rc1-3) experimental; urgency=medium + + * Do not ship repart.standalone and shutdown.standalone + * /usr/lib/sysvinit/telinit was dropped long ago, use /usr/sbin/telinit + * Add Suggests: libip4tc2 as it is now dlopen'ed + * Drop rc/rcS masking, no longer necessary + * Add Conflicts to avoid issues due to DEP17P3. libpam-elogind-compat, + opensysusers, bfh-container, molly-guard, and progress-linux-container + divert files from our packages, so DEP17P3 is triggered. Add + unversioned conflicts until those diversions are updated according to + DEP17M18, and then we can make the conflicts versioned. (Closes: + #1055485) + + -- Luca Boccassi Tue, 07 Nov 2023 15:17:12 +0000 + +systemd (255~rc1-2) experimental; urgency=medium + + * Build-depend on python3-pefile on all architectures ukify + * meson: use enabled/disabled instead of true/false for 'feature' + options + * meson: use canonical paths for configured tools too + + -- Luca Boccassi Mon, 06 Nov 2023 22:36:23 +0000 + +systemd (255~rc1-1) experimental; urgency=medium + + [ Michael Biebl ] + * Update symbol versions for the final 254 release + * Remove mangling of man pages post build trying to fix up paths. With + merged-/usr being mandatory, this is no longer necessary as the paths + will now always point to the correct location. + * Use a drop-in to avoid startup failures of systemd-logind when dbus is + missing. Instead of patching the systemd-logind.service file, use a + drop-in. This way the Debian specific change becomes more visible and + easier to override. + + [ Luca Boccassi ] + * New upstream version 255~rc1 + * Drop test-skip-test-path-on-Salsa-CI.patch, merged upstream + * Drop Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-back-to-.patch, + no longer necessary + * Refresh patches + * Temporarily keep systemd.pc and udev.pc pointing to legacy unmerged paths. + This will be dropped in the short term, but there are still a lot of + FTBFS when changing, so keep it for now + * systemd/udev: assert that the system is merged-usr. Support for + unmerged system was dropped project-wide. Things will break subtly if + ran on such unsupported setups, so add an explicit assert at preinst. + * Drop deprecated split-usr and install files from /usr + * Install new pam_systemd_loadkey module. If configured, and systemd- + cryptsetup and logind are used, the crypsetup passphrase is passed to + the PAM stack for later authentication steps such as the GNOME + keyring. + * Install the default pcrlock config files + * Update libsystemd0.symbols + * autopkgtest: add dependencies on python3-pefile and nvme-cli for + upstream suite + * Backport patch to fix arm64 cross-build + * Update Lintian overrides + + -- Luca Boccassi Mon, 06 Nov 2023 20:25:25 +0000 + +systemd (254.5-1) unstable; urgency=medium + + * New upstream version 254.5 + * Refresh patches for 254.5 + + -- Luca Boccassi Sat, 30 Sep 2023 11:34:39 +0100 + +systemd (254.4-1) unstable; urgency=medium + + [ Michael Biebl ] + * Fix installation of tzdata-legacy. Apply a version constraint to the + tzdata alternative. Specifically (<< 2023c-8), which is the version + tzdata was split. Otherwise tzdata-legacy is not considered, as tzdata + is installed by default. (Closes: #1051760) + * Drop obsolete Breaks/Replaces and migration code for versions older + than oldstable + * Drop -f from update-rc.d udev remove + + [ Luca Boccassi ] + * upstream-ci: run unit tests from installed location. (Closes: #1051756) + * New upstream version 254.4. Fixes minor security issue in arm64 + and riscv64 systemd-boot (EFI) with device tree blobs loading: + https://github.com/systemd/systemd/security/advisories/GHSA-6m6p-rjcq-334c + * Refresh patches + * Install factory-reset related units + + [ Gioele Barabucci ] + * debian/udev.debian-udev.sysusers: Add Debian-specific sysusers for + udev + * d/udev.postinst: Do not use addgroup to add udev-related groups + * d/control: Remove adduser, it is no longer needed now that all + udev-related groups are generated via `sd-sysusers`. + + -- Luca Boccassi Thu, 21 Sep 2023 11:13:06 +0100 + +systemd (254.3-1) unstable; urgency=medium + + [ Daniel Andersson ] + * Add systemd-sysupdate. + + [ Luca Boccassi ] + * New upstream version 254.2 + * Refresh patches for 254.2 + * New upstream version 254.3 + + [ Michael Biebl ] + * Remove obsolete SysV init script. Keep the udev alias for one more + release cycle. + * Use dh_installsystemd to handle systemd-udevd.service. This allows us + to drop a lot of custom maintscript code. Fix the formatting of the + udev maintscript code while at it. + * Add Conflicts against initscripts and orphan-sysvinit-scripts. Those + packages have undesirable side effects if systemd is the active init + system so ensure they can't be installed. + + -- Luca Boccassi Mon, 11 Sep 2023 09:11:51 +0100 + +systemd (254.1-3) unstable; urgency=medium + + [ Nick Rosbrook ] + * debian: ship libsystemd.a in libsystemd-dev. + Thanks to Serge Hallyn + * autopkgtest: add build test for static libsystemd + * debian/rules: build with -ffat-lto-objects. + Building with -flto=auto, but without -ffat-lto-objects, causes static + archives to end up without any code sections. This is needed to ship a + usable libsystemd.a in libsystemd-dev. + See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977596. + + [ Luca Boccassi ] + * Backport patch to fix test-path failure on Salsa CI + + [ Michael Biebl ] + * Ask before attaching the udev db information to the bug report + (Closes: #1041652) + * Install D-Bus interface files in systemd-dev. + Now that we have a dedicated -dev package, use that to install + /usr/share/dbus-1/interfaces. + * Clean up a couple more __pycache__ directories + * Remove workarounds for dh_installman. + No longer needed as stable ships a fixed debhelper. + * Remove all empty directories from (/usr)/lib. + This mitigates the accidental empty directory removal by dpkg on + merged-/usr systems. (Closes: #1036920) + * Remove no longer needed maintainer scripts migration code for versions + older then oldstable + * Revert "Add workaround for Meson regression to fix FTBFS on mips64el" + This reverts commit 97ebdcea6d0ce52973dd5a9cfeede1573a628bd0. + No longer needed as a fixed meson package is available now. + + -- Michael Biebl Fri, 25 Aug 2023 12:04:10 +0200 + +systemd (254.1-2) unstable; urgency=medium + + * Build-depend on tzdata-legacy | tzdata. Some timezones were split out, + but some unit tests need them, so pull in the new tzdata-legacy + package if it exists. + + -- Luca Boccassi Thu, 10 Aug 2023 23:31:48 +0100 + +systemd (254.1-1) unstable; urgency=medium + + [ Luca Boccassi ] + * systemd-userdbd: depend on libnss-systemd. This library provides nss + integration for userdbd/homed and is needed for homed logins + * New upstream version 254.1 + * Refresh patches for v254.1 + * systemd: do not ship empty .wants/ directories. These will conflict + with finalizing usrmerge as they are in /lib, so remove them for now. + systemctl enable creates them anyway when needed. + + [ Helmut Grohne ] + * duplicate udev trigger interest for /usr-merge. As packages move their + files from / to /usr, dpkg will cease activating udev's trigger + interest for hwdb.d files. In DEP17, this is documented as P2. Since + there are only two packages in Debian affected by this issue, we opt + for an individual mitigation and explicitly duplicate the trigger + interest to both locations (M12). This is safe regardless of the other + chosen mitigations as trigger activations are accumulated. + + -- Luca Boccassi Thu, 10 Aug 2023 21:41:13 +0100 + +systemd (254-1) unstable; urgency=medium + + * New upstream version 254 + * Drop patches merged upstream + * d/watch: switch back to stable repository + * Refresh patches + + -- Luca Boccassi Fri, 28 Jul 2023 10:01:15 +0100 + +systemd (254~rc3-3) unstable; urgency=low + + * Backport patch to fix FTBFS on armhf + * Add workaround for Meson regression to fix FTBFS on mips64el + + -- Luca Boccassi Mon, 24 Jul 2023 20:50:48 +0100 + +systemd (254~rc3-2) unstable; urgency=medium + + * ukify: enable only on UEFI architectures. + + -- Luca Boccassi Mon, 24 Jul 2023 16:55:57 +0100 + +systemd (254~rc3-1) unstable; urgency=low + + * Drop Suggests on transitional policykit-1 package + * Drop autopkgtest dependency on transitional policykit-1 package + * Ship ukify in systemd package (Closes: #1041399) + * New upstream version 254~rc3 (Closes: #1041648, #1041540) + * Drop patches merged upstream + * Refresh patches + + -- Luca Boccassi Mon, 24 Jul 2023 12:59:37 +0100 + +systemd (254~rc2-3) unstable; urgency=low + + * Upload to unstable + + -- Luca Boccassi Sun, 16 Jul 2023 11:37:22 +0100 + +systemd (254~rc2-2) experimental; urgency=medium + + * Backport two more mips64 fixes from upstream + + -- Luca Boccassi Sat, 15 Jul 2023 15:07:20 +0100 + +systemd (254~rc2-1) experimental; urgency=medium + + [ Luca Boccassi ] + * Bump dependency on Meson to 0.60 + * upstream-ci: install libdw and libelf for boot-and-services too. + * upstream-ci: add libssl-dev to autopkgtest upstream suite. + * upstream-ci: add nftables. + * upstream-ci: add 'stress' to the upstream testsuite dependency list. + * tests/upstream: install curl. + * tests/upstream: bump timeout by 10 minutes. + * New upstream version 254~rc2 + * Drop patches merged upstream + * Refresh patches for v254-rc2 + + [ Yu Watanabe ] + * autopkgtest: create directory to make accounts-daemon.service not + fail. The service requires /usr/share/accountsservice/interfaces, but + the directory is not packaged (at least in 22.08.8-6). This adds a + workaround for the failure. + + -- Luca Boccassi Sat, 15 Jul 2023 01:29:39 +0100 + +systemd (254~rc1-4) experimental; urgency=medium + + * Backport patches to fix FTBFS on mipsel, ia64, x32 + * d/rules: explicitly disable EFI on x32. On x32 the cpu architecture is + just x86_64 so EFI will be enabled, and it will fail to build as + userland doesn't support building the EFI ABI. Disable it explicitly, + and leave it on 'auto' elsewhere. + + -- Luca Boccassi Sun, 09 Jul 2023 15:13:53 +0100 + +systemd (254~rc1-3) experimental; urgency=medium + + * Restrict pyelftools to UEFI-enabled architectures and drop explicit + meson settings. + + -- Luca Boccassi Sat, 08 Jul 2023 00:40:33 +0100 + +systemd (254~rc1-2) experimental; urgency=medium + + * Backport patch to fix fuzz test without cgroup access. Fix build on + buildds https://github.com/systemd/systemd/pull/28303 + + -- Luca Boccassi Fri, 07 Jul 2023 22:55:16 +0100 + +systemd (254~rc1-1) experimental; urgency=medium + + [ Luca Boccassi ] + * d/watch: watch main repository + * New upstream version 254~rc1 + * Refresh patches for v254-rc1 + * Drop build dependency on gnu-efi and add python3-pyelftools. Move to + !stage1 given it's external python modules + * Install new libsystemd.3 manpage + * Install new mount.ddi alias for sd-dissect + * Update symbols file for 254 + * Update Lintian overrides for systemd-tests + * autopkgtest: find test-udev in new location. + + [ Zbigniew Jędrzejewski-Szmek ] + * autopkgtest: drop 'udev' test + https://github.com/systemd/systemd/pull/27534 makes it into a normal + unit test, so it will be invoked as part of 'upstream'. + + -- Luca Boccassi Fri, 07 Jul 2023 11:05:37 +0100 + +systemd (253.5-1) unstable; urgency=medium + + * New upstream version 253.5 (Closes: #1040035) + * Refresh patches for 253.5 + + -- Luca Boccassi Sat, 01 Jul 2023 11:57:46 +0100 + +systemd (253-4) unstable; urgency=medium + + * Stop localed from writing to /etc/default/keyboard and symlink it to + /etc/vconsole.conf. Integration is not set up for now, but GDM needs + to query the configured values. Allow reading, but disallow setting + keymaps. (Closes: #1038762) + + -- Luca Boccassi Sat, 24 Jun 2023 20:21:24 +0100 + +systemd (253-3) unstable; urgency=medium + + * systemd-dev: add missing breaks/replaces with udev. (Closes: #1037924) + * Run the systemd-binfmt trigger unconditionally. + * Upload to unstable. + + -- Luca Boccassi Tue, 20 Jun 2023 11:45:22 +0100 + +systemd (253-2) experimental; urgency=medium + + * Add systemd-dev package for pkg-config files. Move systemd.pc and + udev.pc to systemd-dev, so that packages can build-depend on a small + package instead of the whole set of binaries. (Closes: #945922, + #917549) + + -- Luca Boccassi Mon, 12 Jun 2023 00:22:52 +0100 + +systemd (253-1) experimental; urgency=medium + + * New upstream version 253. For a full list of changes, see: + https://github.com/systemd/systemd/releases/tag/v253 + * d/watch: switch back to stable repository. + * Update symbols file + + -- Luca Boccassi Wed, 15 Feb 2023 20:36:32 +0000 + +systemd (253~rc3-1) experimental; urgency=medium + + * New upstream version 253~rc3 + * Refresh patches + + -- Luca Boccassi Fri, 10 Feb 2023 18:23:21 +0000 + +systemd (253~rc2-1) experimental; urgency=medium + + * New upstream version 253~rc2 + * systemd: make /etc/default/locale a symlink to /etc/locale.conf. Let's + match upstream's filename and keep a backward-compatibility symlink + for older tools. The content of the files match anyway. + * Update timedated autopkgtest. We no longer support /etc/timezone, as + /etc/localtime is always available + * Drop patches merged upstream + * Drop Don-t-enable-audit-by-default.patch. We can disable the socket + now + * Drop Use-Debian-specific-config-files.patch, no longer needed + * systemd-boot-system-token was renamed to systemd-boot-random-seed + * Add new libsystemd symbols + * Update Lintian override for new so bump + * Remove systemd-localed drop-in, no longer needed. The change was + merged upstream + * Drop udev-drop-SystemCallArchitectures-native-from-systemd-ude.patch + and use a drop-in + * Drop Re-enable-journal-forwarding-to-syslog.patch and use a drop-in + * Drop TuxOnIce out-of-tree patch. The + SYSTEMD_BYPASS_HIBERNATION_MEMORY_CHECK environment variable can be + used to skip the check, so it is no longer necessary to maintain a + patch. + * Drop autopkgtest denylist patches. No longer needed, the tests are + working now + * Drop Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch, we now + use the unified hierarchy + * Drop Let-graphical-session-pre.target-be-manually-started.patch, not + used anymore + * Refresh patches + * Do not install repart/shutdown standalone binaries + * Build with libxen-dev. Buildtime-only dependency, enables support for + kexec on Xen (via ioctl, so no new runtime dependency). + * Do not install ukify script for now + * Update NEWS file + * locale: disable keymap support + * d/watch: use main repository + * Refresh patches + + -- Luca Boccassi Wed, 08 Feb 2023 20:36:58 +0000 + +systemd (252.11-1) unstable; urgency=medium + + * New upstream version 252.11 + * Refresh patches + + -- Luca Boccassi Sun, 11 Jun 2023 23:05:40 +0100 + +systemd (252.6-1) unstable; urgency=medium + + * Update timedated autopkgtest. We no longer support /etc/timezone, as + /etc/localtime is always available (cherry picked from commit + 6ef7bb0ce0f89e732a8b95624af059e52c3712b5) + * Stop supporting /etc/timezone and just rely on /etc/localtime + * systemd-boot: update on package upgrade, if installed + * Override Lintian warning in systemd-coredump + * d/watch: restrict to v252.x for bookworm + * New upstream version 252.6 + * Refresh patches + * systemd-boot: enable on install (Closes: #1031118) + + -- Luca Boccassi Tue, 28 Feb 2023 11:15:45 +0000 + +systemd (252.5-2) unstable; urgency=medium + + * Fix boot-and-services autopkgtest. + + -- Luca Boccassi Mon, 30 Jan 2023 01:03:48 +0000 + +systemd (252.5-1) unstable; urgency=medium + + [ Nick Rosbrook ] + * debian/tests: remove systemd-fsckd autopkgtest. This test never runs + in Debian autopkgtest because of missing machine isolation + requirements, and it nevers runs in Ubuntu because: SKIP: root file + system is being checked by initramfs already Since the test is not + providing any good feedback, and generally has not been maintained, + let's just remove it. + + [ Luca Boccassi ] + * New upstream version 252.5 + * Drop patches merged in v252.5 + * Refresh patches + * Set default status format to 'combined': show both unit name and + description in logs/boot messages + + -- Luca Boccassi Sun, 29 Jan 2023 19:39:28 +0000 + +systemd (252.4-2) unstable; urgency=medium + + [ Michael Biebl ] + * Refresh patches + * Tweak description of systemd and systemd-sysv package. + Remove redundancy and de-emphasize sysvinit. + * autopkgtest: add psmsic to upstream suite. + Needed for the killall binary. + See https://github.com/systemd/systemd/pull/24569 + * autopkgtest: add xkb-data, locales and locales-all to upstream suite. + Use locales-all so all necessary locales can be installed into the test + image without having to generate them on-the-fly. + See https://github.com/systemd/systemd/pull/23709 + * autopkgtest: prefer knot-dnssecutils over knot-dnsutils for upstream + suite. + The kzonecheck utility required by TEST-75-RESOLVED was split out from + knot-dnsutils into knot-dnssecutils so update the test dependencies + accordingly. Keep knot-dnsutils as alternative dependency to make + backports easier. + * Cherry-pick upstream fixes for TEST-74-AUX-UTILS + * Cherry-pick upstream fix for TEST-73-LOCALE + * Skip firstboot --prompt-keymap check in TEST-74-AUX-UTILS. + This test requires compatible keymaps from kbd which are not available + in Debian. + + [ Luca Boccassi ] + * autopkgtest: add netlabel-tools to networkd-test.py suite. + The netlabelctl tool is needed to test the NetLabel integration. + See https://github.com/systemd/systemd/pull/23888 + * autopkgtest: add bsdutils to upstream suite. + The logger utility is now used in TEST-04-JOURNAL. + See https://github.com/systemd/systemd/pull/23086 + * autopkgtest: add knot, knot-dnsutils, bind9-dnsutils, bind9-host to + upstream suite. + Needed by TEST-75-RESOLVED. + See https://github.com/systemd/systemd/pull/23104 + * autopkgtest: add jq to upstream suite. + Needed by TEST-58-REPART. + See https://github.com/systemd/systemd/pull/24572 + * autopkgtest: add mtools to upstream suite. + Needed by TEST-58-REPART. + See https://github.com/systemd/systemd/pull/24944 + * autopkgtest: add erofs-utils to upstream suite. + Needed by TEST-58-REPART. + See https://github.com/systemd/systemd/pull/25686 + + -- Michael Biebl Wed, 25 Jan 2023 09:17:24 +0100 + +systemd (252.4-1) unstable; urgency=medium + + * Enable p11kit. Backport patch to dlopen-ify p11kit support and enable + it. (Closes: #1023635) + * New upstream version 252.4. (Closes: #1026831 and fixes CVE-2022-4415) + * Refresh patches + * Bump Standards-Version to 4.6.2, no changes + + -- Luca Boccassi Thu, 22 Dec 2022 12:26:41 +0100 + +systemd (252.3-2) unstable; urgency=medium + + * Skip flaky test_resolved_domain_restricted_dns in networkd-test.py. + This test is part of DnsmasqClientTest and does not work reliably under + LXC/debci, so skip it for the time being. (Closes: #1025908) + + -- Michael Biebl Tue, 13 Dec 2022 01:03:58 +0100 + +systemd (252.3-1) unstable; urgency=medium + + * New upstream version 252.3 + * Rebase patches + + -- Michael Biebl Sat, 10 Dec 2022 20:14:11 +0100 + +systemd (252.2-2) unstable; urgency=medium + + * Keep policykit-1 as alternative dependency to polkitd for systemd. + This will make backports easier. + * Update remaining policykit-1 (test) dependencies and prefer polkitd. + Keep the policykit-1 dependency as alternative for easier backports. + (Closes: #1025591) + + -- Michael Biebl Tue, 06 Dec 2022 20:30:29 +0100 + +systemd (252.2-1) unstable; urgency=medium + + [ Helmut Grohne ] + * Explicitly B-D on libcrypt-dev (Closes: #1024646) + + [ Nick Rosbrook ] + * Add handling for /etc/default/locale to firstboot. The TEST-74-AUX- + UTILS upstream test revealed that firstboot does not currently handle + Debian's /etc/default/locale. + + [ Luca Boccassi ] + * Build depend on dh-package-notes, sequence was removed. Only the + makefile is in use now, no files are generated at build time as + --package-metadata from the linkers is used now + * New upstream version 252.2 + * Refresh patches + + -- Luca Boccassi Mon, 28 Nov 2022 22:35:56 +0000 + +systemd (252.1-1) unstable; urgency=medium + + * d/watch: switch back to stable repository + * New upstream version 252.1 (Closes: #1023607 #1023515) + * Drop patches merged upstream + * Refresh patches + * Suggest polkitd instead of policykit-1 (deprecated) + + -- Luca Boccassi Tue, 08 Nov 2022 14:23:22 +0000 + +systemd (252-3) unstable; urgency=medium + + * Backport patches to fix tmpfiles error and missing /dev/serial/by- + id/usb-* (Closes: #1023311) + * Drop :native suffix from python3-pyparsing build dependency (Closes: + #1023442) + * Enable support for libqrencode. dlopen() feature so no additional cost. + Allows printing out recovery keys in QR format. + + -- Luca Boccassi Sun, 06 Nov 2022 14:16:52 +0000 + +systemd (252-2) unstable; urgency=medium + + [ Jochen Sprickerhof ] + * Let dh_installsysusers fix the /var/log/journal permissions. + dh_installsysusers adds a systemd-sysusers in #DEBHELPER#. Otherwise + it fails with: /usr/lib/tmpfiles.d/systemd.conf:28: Failed to resolve + group 'systemd-journal'. Regression of fa0aade329. (Closes: #1023248) + * Move restarting units after #DEBHELPER#. This makes sure that systemd- + sysusers was executed as well as systemd-tmpfiles to setup proper + permissions for /var/log/journal before systemd-journald is being + restarted. + + -- Luca Boccassi Tue, 01 Nov 2022 12:06:18 +0000 + +systemd (252-1) unstable; urgency=medium + + * Use systemd-sysusers to setup systemd users and groups + * New upstream version 252 + * Drop patches merged upstream + * libsystemd0: set symbols version to 252 + * Drop unused lintian override + + -- Luca Boccassi Mon, 31 Oct 2022 22:02:43 +0000 + +systemd (252~rc3-2) unstable; urgency=medium + + * Upload to unstable. + + -- Luca Boccassi Thu, 27 Oct 2022 15:24:32 +0100 + +systemd (252~rc3-1) experimental; urgency=medium + + * New upstream version 252~rc3 + * Refresh patches + * Backport patches to fix tests without machine-id. Drop out-of-tree + patch and backport upstream fixes. + + -- Luca Boccassi Tue, 25 Oct 2022 01:30:02 +0100 + +systemd (252~rc2-1) experimental; urgency=medium + + [ Jan Kiszka ] + * Enable systemd-boot for riscv64. Tested against U-Boot 2022.10 as UEFI + provider on the RZ/Five. Signed-off-by: Jan Kiszka + + + [ Helmut Grohne ] + * Conditionalize installation of cryptsetup plugins in stage1 using dh- + exec (Closes: #1021821) + + [ Michael Biebl ] + * Install sysusers.d and tmpfiles.d man pages in standalone packages + (Closes: #1021933) + + [ Luca Boccassi ] + * d/watch: switch to non-stable repo + * New upstream version 252~rc2 + * Drop patches merged upstream + * Refresh patches + * Update symbols file + * Update Lintian overrides + * autopkgtest: update expected output of localectl + + -- Luca Boccassi Sat, 22 Oct 2022 01:10:00 +0100 + +systemd (251.6-1) unstable; urgency=medium + + * New upstream version 251.6 + * Rebase patches + * Use dh_installsystemd to enable machines.target in systemd-container + + -- Michael Biebl Fri, 14 Oct 2022 16:34:00 +0200 + +systemd (251.5-3) unstable; urgency=medium + + * Update symbol versions for the v251 release + * ata_id: fix getting Response Code from SCSI Sense Data (Closes: #1021579) + * logind: do not emit beep in wall messages (Closes: #1019510) + * logind: remember our idle state and use it to detect idle level + transitions (Closes: #963135) + * logind: fix getting property OnExternalPower via D-Bus (Closes: #1021644) + + -- Michael Biebl Wed, 12 Oct 2022 17:01:05 +0200 + +systemd (251.5-2) unstable; urgency=medium + + [ Luca Boccassi ] + * Build and install libcryptsetup token plugins. + The interfaces are now mature and enabled in Debian/Ubuntu in + libcryptsetup, so enable and ship the plugins + + [ Michael Biebl ] + * salsa-ci: drop no longer needed workaround for lintian false positives + * udev: fix regression in udev-builtin path_id when processing NVME devices + (Closes: #1021547) + + [ наб ] + * systemd-sysv.postinst: which -> command -v + + -- Michael Biebl Tue, 11 Oct 2022 00:51:55 +0200 + +systemd (251.5-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 251.5 + * Install NEWS.Debian file into all binary packages. + While it increases the disk footprint a little, it ensures that NEWS + entries are reliably shown by apt-listchanges. + * Handle removal of /var/log/README. + Remove /var/log/README symlink when the systemd package is purged. + This symlink is created via tmpfiles and documents that /var/log no + longer contains the traditional syslog text files. (Closes: #877414) + * Rebase patches + + [ наб ] + * debian/extra/kernel/postinst.d/systemd-boot: prefix with zz- + Since we explicitly (though this is hidden by indirection through + 85-initrd.install) depend on /boot/initrd.img-$1 existing or not existing, + hard-order ourselves at the end. The zz- prefix matches grub. + * debian/extra/kernel-install.d/85-initrd.install: install default initrd + with versioned basename. + This fixes #1020396 in a superior way by using + $KERNEL_INSTALL_STAGING_AREA, available since systemd v251. + By just copying the file we both simplify our code, but defer to + 90-loaderentry to correctly permission it, and simply never generate an + unversioned initrd in the first place! (Closes: #1020396) + * debian/extra/kernel-install.d/85-initrd.install: explicitly ignore unknown + verbs + * debian/extra/kernel/postrm.d/systemd-boot: prefix with zz- + Doesn't actually matter, but the kernel handbook says we must and we + already renamed postinst. (Closes: #1014581) + + [ Luca Boccassi ] + * Enable firstboot, disabled by default on Debian. + Currently the first-boot conditions are not met by any Debian + image (/etc/machine-id with content uninitialized, so we can + just enable the build and ship it in the main package. + This lets image builders (eg: cloud images) tinker with it. + https://www.freedesktop.org/software/systemd/man/machine-id.html#First%20Boot%20Semantics + (Closes: #844528) + + -- Michael Biebl Sun, 02 Oct 2022 21:23:49 +0200 + +systemd (251.4-3) unstable; urgency=medium + + * resolv.conf: take backup as a fallback in case resolved/resolv.conf + is not available, and restore on uninstall, which is necessary for + piuparts checks. + + -- Luca Boccassi Sat, 27 Aug 2022 22:39:04 +0100 + +systemd (251.4-2) unstable; urgency=medium + + [ Johannes Schauer Marin Rodrigues ] + * use systemd-sysusers instead of adduser. This allows dropping the + dependency on adduser (reducing the dependency set) and in turn allows + for DPKG_ROOT support of systemd. + * debian/systemd.postinst: add --root argument to systemctl and + systemd-* calls for DPKG_ROOT support + + [ Luca Boccassi ] + * resolved: use DPKG_ROOT and make postinst shellcheck-happy + * resolved: switch from .links to postinst/rm + * Update Lintian overrides for new incompatible syntax + + -- Luca Boccassi Fri, 26 Aug 2022 23:16:23 +0100 + +systemd (251.4-1) unstable; urgency=medium + + * New upstream version 251.4 + * Rebase patches + * Rebuild against fixed dh-nss to avoid duplicates in /etc/nsswitch.conf + (Closes: #1017096) + + -- Michael Biebl Sun, 14 Aug 2022 20:06:18 +0200 + +systemd (251.3-2) unstable; urgency=medium + + [ Luca Boccassi ] + * libnss-systemd: also let userdbd manage passwords. + As of upstream commit: + https://github.com/systemd/systemd/commit/f43a19ecd6e3415e + in v249 userdbd can also synthesize shadow/gshadow records, + so add the shadow config to nsswitch.conf on installation. + (Closes: #1004326) + * homed: make PAM rules higher priority than unix users. + Make sure homed is tried first when logging in. This is required + after adding nss-systemd support for 'shadow' in /etc/nsswitch.conf. + See Arch bug: https://bugs.archlinux.org/task/72967 + + [ Gioele Barabucci ] + * d/control: Use dh_installnss + * d/libnss-myhostname.nss: Install NSS service `myhostname` via dh_installnss + * d/libnss-mymaschines.nss: Install NSS service `mymaschines` via dh_installnss + * d/libnss-resolve.nss: Install NSS service `resolve` via dh_installnss + * d/libnss-systemd.nss: Install NSS service `systemd` via dh_installnss + + -- Michael Biebl Fri, 12 Aug 2022 19:06:38 +0200 + +systemd (251.3-2~exp2) experimental; urgency=medium + + * Note in systemd.NEWS that resolved has moved to a new package + * systemd-resolved: move conffile from systemd. Copied from systemd- + timesyncd + + -- Luca Boccassi Sun, 07 Aug 2022 00:06:03 +0100 + +systemd (251.3-2~exp1) experimental; urgency=medium + + * Split systemd-resolved into its own package which takes over + /etc/resolv.conf (Closes: #939904) + + -- Luca Boccassi Thu, 04 Aug 2022 14:55:48 +0100 + +systemd (251.3-1) unstable; urgency=medium + + * New upstream version 251.3 + * Rebase patches + + -- Michael Biebl Wed, 13 Jul 2022 23:05:40 +0200 + +systemd (251.2-8) unstable; urgency=medium + + * autopkgtest: install openssl for upstream test. + Install openssl explicitly and do not rely on other packages, like + swtpm-libs, to pull this dependency for us. + Used by TEST-50-DISSECT, which otherwise just silently skips the test. + * Add versioned dependency on init-system-helpers to systemd-homed. + Ensure that we have a version of deb-systemd-helper which properly + handles loops in Also= dependencies. (Closes: #1014115) + * Demote shlibs dependencies of libsystemd0 from Pre-Depends to Depends. + As systemctl, which is quasi-essential, no longer links against + libsystemd0, we do not need those strict requirements anymore. + * Work around some more dh_installman issues + + -- Michael Biebl Wed, 06 Jul 2022 21:23:38 +0200 + +systemd (251.2-7) unstable; urgency=medium + + [ Luca Boccassi ] + * sd-boot: add kernel hooks scripts + + [ Andrea Pappacoda ] + * sd-boot: add initramfs hook (Closes: #826045) + + [ Michael Biebl ] + * sd-boot: exit early in initramfs and kernel hook scripts if package is + removed but not purged + * Do not fail with older binutils. + Test if the linker supports --no-warn-execstack and --no-warn-rwx-segments + before using those flags. (Closes: #1013967) + + -- Michael Biebl Tue, 28 Jun 2022 14:33:37 +0200 + +systemd (251.2-6) unstable; urgency=medium + + [ Helmut Grohne ] + * Mark systemd-userdbd and systemd-homed as !stage1 (Closes: #1012738) + + [ Luca Boccassi ] + * Remove unused Lintian overrides + * Stop overriding the build directory name. + We don't do a separate udeb build anymore, so there's no need + to specify a separate build directory. + * Use execute_before_/after_ instead of override_ + * Add nodoc profile support. + Co-authored-by: Michael Biebl + + [ Michael Biebl ] + * Do not fail EFI build with newer binutils (Closes: #1013482) + * shared/microhttp-util: silence gcc warning + * Clarify NEWS message about systemd-boot split (Closes: #1013340) + + -- Michael Biebl Fri, 24 Jun 2022 10:12:34 +0200 + +systemd (251.2-5) unstable; urgency=medium + + * Tweak description of systemd-homed package + * Move shlibs dependencies of libsystemd-shared from Pre-Depends to Depends + (Closes: #1012637) + * Add versioned Breaks against sicherboot for the systemd-boot split + (Closes: #1012625) + * Drop old Conflicts against hal from udev. + The hal package has been gone for several release cycles, so this + Conflicts should not be necessary anymore. + + -- Michael Biebl Fri, 10 Jun 2022 23:51:50 +0200 + +systemd (251.2-4) unstable; urgency=medium + + * Use try-restart in systemd-binfmt dpkg trigger + * Fix bashism in kernel-install + * Upload to unstable + + -- Michael Biebl Fri, 10 Jun 2022 09:16:48 +0200 + +systemd (251.2-3) experimental; urgency=medium + + [ Luca Boccassi ] + * Add systemd-userdbd package. This can be used to synthetize dynamic + user/groups, and can be useful by itself. It will also be used by + homed. + * Add systemd-homed package (Closes: #976960) + * Add systemd-boot-efi multiarch package. Allows EFI binaries for + different architectures to be co-installed. Useful when the EFI has a + different architecture, or to manipulate images. The userspace tooling + doesn't need to match the EFI binaries. Also allows one to reduce the + number of packages and dependencies needed when i386 is not a full + architecture, but a subset for libraries and for EFI support. + + [ Michael Biebl ] + * Move homectl and userdbctl to /usr/bin + * Install libsystemd-shared into rootpkglibdir + * Split out libsystemd-shared into its own package. Since libsystem- + shared is an internal implementation detail, do not generate a shlibs + file for it. This means dh_shlibdeps needs to be told explicitly where + it can find libsystemd-shared. Mark this new package as Multi-Arch: + same. (Closes: #990547) + * Split out systemd-boot into its own package + * Add NEWS entry for the systemd-boot package split + + -- Luca Boccassi Wed, 08 Jun 2022 23:56:04 +0100 + +systemd (251.2-2) unstable; urgency=medium + + * sha256: fix compilation on efi-ia32 + + -- Michael Biebl Sat, 04 Jun 2022 00:14:28 +0200 + +systemd (251.2-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 251.2 + - logind: do not print wall messages to local pseudoterminals + (Closes: #1012155) + * Rebase patches + * Fix parsing of command line options in fsckd (Closes: #1009032) + * Do not require a valid version when parsing sd-boot loader entries + (Closes: #993292) + * Add dpkg file trigger for systemd-binfmt to update binfmt registrations + * Use a single NEWS file shipped in the main systemd package + + [ Luca Boccassi ] + * autopkgtest: add cryptsetup-initramfs for upstream suite. + Needed for https://github.com/systemd/systemd/pull/23517 + + -- Michael Biebl Fri, 03 Jun 2022 19:37:06 +0200 + +systemd (251.1-1) unstable; urgency=medium + + [ Luca Boccassi ] + * Switch from gnutls to openssl. Upstream is slowly phasing out gnutls. + Start switching to openssl. Drops support for '--trust' in the + journal-gatewayd and journal-remote programs. + * New upstream version 251.1 + * Add systemd-journal-remote.NEWS to inform about dropping --trust + + [ Michael Biebl ] + * Enable pager Hyperlink ANSI sequence support. This requires less ≥ + 563. Add a versioned Breaks accordingly. + * Drop unnecessary version constraints / dependencies + * Update liblz4-dev Build-Depends as per meson.build + + -- Luca Boccassi Thu, 26 May 2022 00:58:46 +0100 + +systemd (251-2) unstable; urgency=medium + + * Salsa CI: suppress lintian false positive on dbgsym. + * Upload to unstable. + + -- Luca Boccassi Mon, 23 May 2022 12:30:28 +0100 + +systemd (251-1) experimental; urgency=medium + + * New upstream version 251. For a full list of changes, see: + https://github.com/systemd/systemd/releases/tag/v251 + * Refresh patches + * Revert manual removal of ndisc test case, merged upstream + * Bump Standards-Version to 4.6.1, no changes + + -- Luca Boccassi Sat, 21 May 2022 15:04:13 +0100 + +systemd (251~rc3-2) experimental; urgency=medium + + * Backport removal of ndisc test case, breaks build on armhf/armel. + + -- Luca Boccassi Mon, 16 May 2022 00:37:36 +0100 + +systemd (251~rc3-1) experimental; urgency=medium + + * autopkgtest: add allow-stderr to boot-and-services. Sometimes we see + some ignored logs, don't fail the test run if that happens + * autopkgtest: disable networkd in rebooting tests. It seems that on + Semaphore CI, running in Bullseye images, having both Network-Manager + and systemd-networkd enabled causes 'systemctl start network- + online.target' to get stuck, and fail the run. Disable networkd in + those tests. See: https://github.com/systemd/systemd/issues/22991 + * autopkgtest: mark networkd-test.py as breaks-testbed. It will modify + the network configuration, which will often make the network stop + working. Mark it as breaks-testbed so that a new runner is started. + * autopkgtest: ignore rng-tools-debian failure in boot-and-services. It + seems sometimes it fails, which has happened on jammy-amd64: + https://bugs.debian.org/969568 + * New upstream version 251~rc3 + * Drop sd-device-always-translate-sysname-to-sysfs-filename.patch, + merged upstream + * Rebase patches + * Update lintian-overrides for false positives + + -- Luca Boccassi Sun, 15 May 2022 14:11:49 +0100 + +systemd (251~rc2-2) experimental; urgency=medium + + * sd-device: always translate sysname to sysfs filename + + -- Michael Biebl Wed, 11 May 2022 15:26:49 +0200 + +systemd (251~rc2-1) experimental; urgency=medium + + * New upstream version 251~rc2 + * Rebase patches + * Update symbols file for libsystemd0 + + -- Michael Biebl Thu, 05 May 2022 22:50:15 +0200 + +systemd (251~rc1-3) experimental; urgency=medium + + [ Luca Boccassi ] + * autopkgtest: install swtpm and tpm2-tools for upstream suite. + Required by https://github.com/systemd/systemd/pull/22563 + + [ Michael Biebl ] + * Do not ship /usr/lib/tmpfiles.d/systemd-resolve.conf in systemd. + It potentially creates a broken symlink if systemd-resolved is not + enabled. For now the symlink to stub-resolv.conf needs to be created + manually. (Closes: #1007018) + * hwdb: fix parsing options (Closes: #1008989) + + -- Michael Biebl Tue, 05 Apr 2022 22:13:09 +0200 + +systemd (251~rc1-2) experimental; urgency=medium + + [ Michael Biebl ] + * Revert "Ignore libsystemd-core in dh_shlibdeps" + This reverts commit c1d5ad5ac989376aa8100dea9ad9d7af0f0408d9. + We need the shlibs dependencies of libsystemd-shared and + libsystemd-core. + * Adjust library search path for dh_shlibdeps. + libsystemd-core uses libsystemd-shared but doesn't have RUNPATH or + RPATH set. So tell dh_shlibdeps where it can find the library. + + [ Luca Boccassi ] + * autopkgtest: update unit-config test for new relative symlinking. + Required by https://github.com/systemd/systemd/pull/22649 + * autopkgtest: install libnss packages for unit-tests suite. + Required to enable nss tests: + https://github.com/systemd/systemd/issues/21975 + * autopkgtest: install libnss packages for upstream suite. + Required to enable nss tests: + https://github.com/systemd/systemd/issues/21975 + * autopkgtest: install python3-pexpect and screen for upstream suite. + Required for new test: + https://github.com/systemd/systemd/pull/21838 + + -- Michael Biebl Sat, 02 Apr 2022 13:44:14 +0200 + +systemd (251~rc1-1) experimental; urgency=medium + + [ Michael Biebl ] + * New upstream version 251~rc1 + * Rebase patches + * Update symbols file for libsystemd0 + * Install shell completions for oomctl in systemd-oomd + + [ Luca Boccassi ] + * Ignore libsystemd-core in dh_makeshlibs + * Ignore libsystemd-core in dh_shlibdeps + * Add libsystemd-core to shlibs.local.in + + -- Michael Biebl Sat, 02 Apr 2022 09:57:22 +0200 + +systemd (250.4-1) unstable; urgency=medium + + [ Dimitri John Ledkov ] + * udev-udeb: ship modprobe.d snippet to force scsi_mod.scan=sync in d-i. + + [ Luca Boccassi ] + * Build with dh_package_notes + * New upstream version 250.4 + * Drop patches merged upstream + * Remove unneeded ${shlibs:Depends} + * autopkgtest: add libdw-dev to unit-tests job. + * Rebase patches on top of v250.4 + + -- Luca Boccassi Tue, 15 Mar 2022 11:03:08 +0000 + +systemd (250.3-2) unstable; urgency=medium + + [ Yu Watanabe ] + * upstream-ci: logind test: use drop-in config + * upstream-ci: logind test: also show logs of systemd-suspend.service + * upstream-ci: logind test: make sure the fake lid switch processed by + udevd. Also, wait for other uevents, which possibly triggered by the + lid switch, being processed. + * upstream-ci: logind test: fix drop-in config. + + [ Luca Boccassi ] + * Add myself to Uploaders + * systemd-tests: ignore hardening-no-relro too. Test binaries, we don't + care about hardening flags + * Backport patches to fix build reproducibility. EFI binaries have the + path embedded which breaks reproducibility, backport patches from + upstream to fix it. + + [ Michael Biebl ] + * Add Recommends: dbus-user-session to libpam-systemd. For a fully + functioning systemd --user instance we want dbus-user-session + installed. + * Report status of dbus-user-session in systemd reportbug template. Most + users will likely file bugs for systemd --user related issues against + the main systemd package and not libpam-systemd. + + -- Luca Boccassi Wed, 26 Jan 2022 23:35:36 +0000 + +systemd (250.3-1) unstable; urgency=medium + + [ Luca Boccassi ] + * Update d/copyright listing for debian/* + Fixes Lintian warning: update-debian-copyright + * d/copyright: remove unused GPL-2 stanza + * d/watch: bump to version 4 + * d/control: drop redundant Section/Priority fields. + Fixes Lintian warning: installable-field-mirrors-source + * d/control: extend descriptions of libudev and libsystemd + * systemd-oomd: add dependency on adduser. + Needed by postinst script. + * systemd-oomd: fix description-synopsis-starts-with-article Lintian warning + * systemd-standalone-*: copy manpages too + * Lintian: ignore very-long-line-length-in-source-file. + It's not a useful check, and it flags test data and such. + * Lintian: ignore source-contains-data-from-ieee-data-oui-db. + Data formats are not compatible, this is for hwdb. + * Lintian: ignore systemd-service-file-missing-install-key. + If we don't add [Install], it's because we don't want it and the units are + events-driven or enabled statically. + * Lintian: ignore spare-manual-page. + Lintian is not really good at associating manpages to package contents, + so just ignore this, as we have and will keep adding docs related + to unit types and so on. + * Lintian: ignore package-supports-alternative-init-but-no-init.d-script. + Well, duh! + * Lintian: ignore package-contains-documentation-outside-usr-share-doc. + False positives on test data and a web page. + * Lintian: ignore current set of package-contains-empty-directory. + These are shipped to provide a skeleton installation. + * Update Lintian override for + systemd-service-file-refers-to-unusual-wantedby-target + * Lintian: ignore systemd: shared-library-lacks-prerequisites false positive + on EFI binary + * Lintian: ignore maintainer-script-calls-systemctl in more packages + * Lintian: ignore executable-not-elf-or-script false positives for EFI + binaries + * Lintian: ignore spellcheck false positives + * Lintian: ignore hardening-no-fortify-functions for test binaries + * Ignore blhc false positives. + blhc hits false positives due to EFI PE-COFF binaries, + c++ fuzzing binaries and meson flags listings, ignore them. + * Add d/gitlab-ci.yml. + Disable unit tests, as some are failing due to the build environment. + + [ Michael Biebl ] + * New upstream version 250.3 + - network: wireguard: do not add routes to AllowedIPs= by default. + (Closes: #1003955) + * Add Recommends: libdw1 to systemd-coredump. + Starting with v250, systemd-coredump will use libdw/libelf via dlopen() + rather than directly linking against it. It is not a hard dependency but + we want to have it installed by default. + While hard-coding the library name is not ideal, we currently don't have + better means to derive this information automatically. (Closes: #1003879) + + -- Michael Biebl Tue, 18 Jan 2022 18:52:45 +0100 + +systemd (250.2-3) unstable; urgency=medium + + [ Luca Boccassi ] + * Build with and suggest fido2 and tpm libraries. + These are used via dlopen only if available by some tools like + systemd-cryptsetup, systemd-cryptenroll and systemd-repart, + with graceful fallbacks if they are not found. + Build-depend on them so that the features get compiled in + (apart from stage1 builds), and add appropriate Suggests. + (Closes: #991129, #1003383) + * Disable libcryptsetup-plugins. + They are new, and might not even be supported by libcryptsetup yet + * Build-depend on libssl-dev. + Required to use libfido2-dev until #1003699 is fixed + + [ Michael Biebl ] + * Don't stop systemd-oomd.socket during upgrades. + This works around an issue in systemd which doesn't process multiple + units that are passed to systemctl as a single transaction with the + correct ordering. (Closes: #1003641) + + -- Michael Biebl Fri, 14 Jan 2022 13:54:34 +0100 + +systemd (250.2-2) unstable; urgency=medium + + * Ship systemd-oomd.socket in correct systemd-oomd package + * Don't install dbus-org.freedesktop.oom1.service symlink (Closes: #1003580) + + -- Michael Biebl Wed, 12 Jan 2022 20:52:26 +0100 + +systemd (250.2-1) unstable; urgency=medium + + * New upstream version 250.2 + - shared/rm-rf: loop over nested directories instead of recursing. + Fixes uncontrolled recursion in systemd-tmpfiles. + (CVE-2021-3997, Closes: #1003467) + * test: explicitly configure oomd stuff via dropins + * autopkgtest: add systemd-oomd dependency to upstream test. + We want systemd-oomd to be tested via the upstream provided + TEST-55-OOMD. + * Rebase patches + * Upload to unstable + + -- Michael Biebl Tue, 11 Jan 2022 12:58:15 +0100 + +systemd (250.1-2) experimental; urgency=medium + + [ Lukas Märdian ] + * d/rules: Enable build of systemd-oomd + * d/control: Ship oomd in a systemd-oomd package. + Deploying the default configuration as used in Fedora. + * Start systemd-oomd.service after package installation + + [ Michael Biebl ] + * oomd: move oomctl to bindir + * Enable systemd-repart and ship it in the main systemd package. + Add fdisk as test dependency, needed by test-repart which calls sfdisk. + * test-repart: append /sbin and /usr/sbin to $PATH= so sfdisk can be found + + -- Michael Biebl Sat, 08 Jan 2022 23:45:06 +0100 + +systemd (250.1-1) experimental; urgency=medium + + * New upstream version 250.1 + * Rebase patches + + -- Michael Biebl Wed, 05 Jan 2022 21:42:54 +0100 + +systemd (250-2) experimental; urgency=medium + + * Drop separate udeb build. + The only real benefit from a separate build apparently is that udev does + not get a dependency on libacl and libselinux. But we have udebs for + those dependencies anyway. + Dropping the separate build basically cuts the build times in half and + simplifies debian/rules quite a bit. + It also brings udev as used in d-i closer to what is actually used in + the installed system, which is a good thing. + * Cherry-pick various fixes targeted for v250-stable + + -- Michael Biebl Sun, 02 Jan 2022 21:41:56 +0100 + +systemd (250-1) experimental; urgency=medium + + * New upstream version 250 + * Rebase patches + * Update symbol versions for the v250 release + + -- Michael Biebl Fri, 24 Dec 2021 13:02:05 +0100 + +systemd (250~rc3-1) experimental; urgency=medium + + [ Michael Biebl ] + * New upstream version 250~rc3 + * Switch debian-branch to experimental + * Bump meson Build-Depends to (>= 0.53.2) + * Rebase patches + * Update symbols file for libsystemd0 + * Update removal of upstream provided license files + * Use -Durlify=false instead of shipping an upstream revert patch + * Explicitly disable OpenSSL support. + We don't want to pick up an OpenSSL dependency in a tainted build + environment and pull a second crypto stack into systemd's dependencies. + * autopkgtest: install dbus-user-session for upstream test. + Required by TEST-43-PRIVATEUSER-UNPRIV and TEST-20-MAINPIDGAMES. + * Revert "Temporarily disable LTO" + * Small updates to debian/copyright + * Remove dbus introspection files + + [ Luca Boccassi ] + * autopkgtest: install libdw and libelf for upstream test. + Pulled in via dlopen since https://github.com/systemd/systemd/pull/21454 + + -- Michael Biebl Tue, 21 Dec 2021 01:10:16 +0100 + +systemd (249.7-1) unstable; urgency=medium + + * New upstream version 249.7 + * Rebase patches + + -- Michael Biebl Fri, 19 Nov 2021 21:11:45 +0100 + +systemd (249.6-3) unstable; urgency=medium + + * scope: count successful cgroup additions when delegating via D-Bus + (Closes: #999745) + + -- Michael Biebl Thu, 18 Nov 2021 21:13:02 +0100 + +systemd (249.6-2) unstable; urgency=medium + + * Consider dbus-broker in systemd-logind.service Condition check + (Closes: #999569) + * Temporarily disable LTO. + This is a test to see if it fixes the failure to build reproducibly on + arm*. + * sysusers: split up systemd.conf (Closes: #990349) + + -- Michael Biebl Sat, 13 Nov 2021 18:29:11 +0100 + +systemd (249.6-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 249.6 + * Rebase patches + * test: use kbd-mode-map we ship in one more test case + * Bump Standards-Version to 4.6.0 + * Drop obsolete C/R upstart from systemd-sysv + * Drop obsolete dpkg (>= 1.19.3) | systemd-sysv dependency from udev. + It was added to ensure we have a dpkg with --notify-await which is now + satisfied by a dpkg from oldstable. + * Make the C/R against systemd versioned in + systemd-standalone-{sysusers,tmpfiles} + Those were added to facilitate an upgrade from bullseye. The version + makes it more explicit. + * Drop obsolete migration code for RAMTMP, TPMTIME and UTC + + [ Luca Boccassi ] + * Depend on default-dbus-system-bus | dbus-system-bus. + Allows users to install only a single system bus implementation. + Prefer the default (dbus-daemon). + + -- Michael Biebl Thu, 11 Nov 2021 22:04:31 +0100 + +systemd (249.5-2) unstable; urgency=medium + + [ Helmut Grohne ] + * Fix FTCBFS: Annotate python3-jinja2 dependency with :native + (Closes: #996501) + + [ Michael Biebl ] + * hwdb: Allow console users access to media* nodes (Closes: #996749) + + -- Michael Biebl Tue, 02 Nov 2021 17:29:45 +0100 + +systemd (249.5-1) unstable; urgency=medium + + * New upstream version 249.5 + * Rebase patches + * Update debian/copyright + * Clean up lintian overrides + + -- Michael Biebl Tue, 12 Oct 2021 22:39:59 +0200 + +systemd (249.4-2) unstable; urgency=medium + + * Upload to unstable + * Remove unused initialize_coredump() function + * Fix #993738 by pulling the patches from upstream PR#20603 + + -- Michael Biebl Tue, 12 Oct 2021 14:03:31 +0200 + +systemd (249.4-1) experimental; urgency=medium + + * New upstream version 249.4 + * Rebase patches + + -- Michael Biebl Mon, 30 Aug 2021 11:20:16 +0200 + +systemd (249.3-4) experimental; urgency=medium + + * Add Conflicts/Replaces: systemd to systemd-standalone-{sysusers,tmpfiles} + This allows upgrades from older systemd versions which do not have + Provides: systemd-{sysusers,tmpfiles}. (Closes: #992376) + + -- Michael Biebl Wed, 25 Aug 2021 09:35:03 +0200 + +systemd (249.3-3) experimental; urgency=medium + + * Use C/R/P for systemd-sysusers and systemd-tmpfiles. + It's an interface/facility that can only be provided by a single package + at a time. + + -- Michael Biebl Thu, 12 Aug 2021 22:45:02 +0200 + +systemd (249.3-2) experimental; urgency=medium + + * Provide standalone binaries for sysusers and tmpfiles (Closes: #946456) + * Fix test dependencies of upstream test. + After splitting out the standalone binaries for sysusers and tmpfiles + into separate packages (which conflict with the main systemd package), + we can no longer use the '@' notation in the upstream test. + This reverts commit 5eeeb1b562a1a9802df105091bda4741c263336d and also + adds systemd-tests and systemd-timesyncd to the upstream test + dependencies. + + -- Michael Biebl Sun, 08 Aug 2021 22:51:18 +0200 + +systemd (249.3-1) experimental; urgency=medium + + * New upstream version 249.3 + * Rebase patches + * Remove obsolete systemd-resolve compat symlink + + -- Michael Biebl Sun, 08 Aug 2021 22:39:25 +0200 + +systemd (249.2-2) experimental; urgency=medium + + * Remove obsolete upgrade code from maintainer scripts + * Clean up old versions from maintscript files + * Drop obsolete systemd Breaks/Replaces + * Drop obsolete python-dbusmock Breaks + * Turn versioned systemd-shim Breaks into unversioned Conflicts. + There never was a fixed systemd-shim version before it was removed from + the archive. + * Drop patches which are no longer needed after bullseye + * Stop setting up device symlinks for CD-RW/DVD drives. + Those udev rules were a Debian specific workaround that were mainly + added for compat with older software which wasn't able to automatically + discover those types of devices. Those rules didn't provide + stable/predictable names though, so remove them. (Closes: #991639) + * autopkgtest: add systemd-timesyncd dependency to timedated test. + We need systemd-timesyncd in the timedated test, not just an arbitrary + provider of time-daemon. + * autopkgtest: clean up dependencies of boot-smoke test. + A lot of the dependencies are not needed but were originally added to + avoid a testbed reset and make it possible to reuse the testbed of the + upstream test. This turned out to be a maintenance problem and the + dependencies were not updated accordingly. Instead of trying to keep the + two tests in sync, trim down the boot-smoke dependencies to its bare + minimum. + + -- Michael Biebl Sat, 31 Jul 2021 21:49:05 +0200 + +systemd (249.2-1) experimental; urgency=medium + + * New upstream version 249.2 + * Rebase patches + + -- Michael Biebl Fri, 23 Jul 2021 21:44:35 +0200 + +systemd (249.1-1) experimental; urgency=medium + + * New upstream version 249.1 + - basic/unit-name: do not use strdupa() on a path (CVE-2021-33910) + + -- Michael Biebl Tue, 20 Jul 2021 21:20:12 +0200 + +systemd (249-1) experimental; urgency=medium + + * New upstream version 249 + * Rebase patches + * Update symbol versions for the v249 release + * Fix removal of systemd-hwdb-update.service. + As we don't support factory-reset, we don't need this service. + In Debian, the hwdb binary database is updated via a dpkg file trigger. + + -- Michael Biebl Wed, 07 Jul 2021 22:33:31 +0200 + +systemd (249~rc3-1) experimental; urgency=medium + + * New upstream version 249~rc3 + * Rebase patches + + -- Michael Biebl Thu, 01 Jul 2021 23:55:11 +0200 + +systemd (249~rc2-1) experimental; urgency=medium + + * New upstream version 249~rc2 + * Rebase patches + + -- Michael Biebl Sun, 27 Jun 2021 17:10:18 +0200 + +systemd (249~rc1-1) experimental; urgency=medium + + [ Michael Biebl ] + * New upstream version 249~rc1 + * Rebase patches + * Replace m4 Build-Depends with python3-jinja2 + * Update symbols file for libsystemd0 + * test: do not run 'meson configure' if NO_BUILD is set + * test: drop the mawk-incompatible expression + * Add gawk to Build-Depends. + It is used in tools/check-directives.sh which is run during "meson test". + * autopkgtest: add udev dependency to unit-tests. + Without a properly set up hwdb the test-sd-hwdb test is skipped. + + [ Luca Boccassi ] + * autopkgtest: add dependency on dosfstools for upstream test. + Needed to create EFI partition (vfat) + + -- Michael Biebl Thu, 17 Jun 2021 18:09:43 +0200 + +systemd (248.3-1) experimental; urgency=medium + + [ Michael Biebl ] + * New upstream version 248.3 + * Rebase patches + + [ Dan Streetman ] + * d/t: replace 'root-unittests' shell script with simple call to upstream script. + The upstream test runner script is much better, as it only prints failing test + output, and gives a summary of the test results at the end. + + -- Michael Biebl Wed, 19 May 2021 13:09:57 +0200 + +systemd (248.2-1) experimental; urgency=medium + + * New upstream version 248.2 + + -- Michael Biebl Sun, 09 May 2021 21:17:10 +0200 + +systemd (248.1-1) experimental; urgency=medium + + [ Michael Biebl ] + * New upstream version 248.1 + * Rebase patches + * d/e/checkout-upstream: switch to main branch + * Update make-fbdev-blacklist to not blacklist hyperv_fb + + [ Luca Boccassi ] + * systemd.install: catch all files installed in usr/bin and bin. + At the moment, individual binaries are mentioned specifically in the + install file. When new binaries are added, manual work is needed to get + them packaged, which affects the upstream autopkgtest-based CI. + Change systemd.install to instead pick up everything from usr/bin and bin. + * upstream suite: add build-dep on vim-tiny. + Required by some of the images in the upstream test suite + + [ Zbigniew Jędrzejewski-Szmek ] + * Let "upstream" test use upstream test runner + + [ Dan Streetman ] + * Slight adjustments to previous patch for deny/black-list naming. + Also add in two vars used by the integration runner script + * d/t/upstream: use NO_BUILD=1. + Also don't bother sed-modifying test-functions file, as the NO_BUILD + changes remove the need for that. + * d/t/control: install all binary packages for upstream test. + With the change to just call the upstream script to run the integration + tests, the packages to test need to be installed so the test-function + script can list out the files each package contains, and copy those files + into each nspawn and/or qemu testbed. Without all packages installed, + some tests fail; specifically TEST-30 currently requires systemd-timesyncd + which was not previously installed for the 'upstream' test suite. + This changes the control file to just install all binary packages, using + the '@' notation. + * d/t/boot-smoke: update test to avoid false negatives + + [ Frantisek Sumsal ] + * upstream-ci: fix test_no_failed() check. + Without `--plain` `systemctl` prints a circle (●) in the first column + for each failed service, which with the current code interferes with + attempted journal listing for each such service. + + -- Michael Biebl Fri, 07 May 2021 12:25:15 +0200 + +systemd (248-1) experimental; urgency=medium + + [ Balint Reczey ] + * New upstream version 248 + - add support for answering DNSSEC questions on the stub resolver + (Closes: #988132) + - turn off DNSSEC validation when timesyncd resolves hostnames + (Closes: #898530) + - add networkd/nspawn nftables backend + (Closes: #934584) + - support ipv6 for masquerade and dnat in nspawn and networkd + (Closes: #934676) + * Refresh patches + * debian/rules: Enable new systemd-sysext tool + * debian/rules: Build support for flushing of the nscd caches + * debian/rules: Build translations for debs but not for udebs + * debian/rules: Build without TPM2 support. + This is a new feature and needs further review. + * Ship systemd-cryptenroll in systemd package + * Update symbols file for libsystemd0 + * debian/tests/control: Upstream test depends on attr + * debian/udev.postinst: Create the sgx system group. + Intel SGX enclave device nodes are now owned by this group. + * debian/rules: Don't ship README files in (/usr)/lib/*.d. + README files are typically shipped in /usr/share/doc. + * Revert "pager: stop disabling urlification under a pager" + Debian and Ubuntu do not yet have a less version that supports + urlification. This requires less 563 or later. + + -- Michael Biebl Thu, 06 May 2021 23:00:08 +0200 + +systemd (247.9-4) unstable; urgency=medium + + * Revert "tests/udev-test.pl: add multiple device test" + Follow-up to make sure the udev autopkgtest passes successfully again + after reverting the multipath symlink race fix. + * test: Fix flakiness in TEST-10-ISSUE-2467 + * autopktest: Fix timedated test dependencies. + Add an explicit systemd-timesyncd dependency as it is required by the + timedated test. + * autopkgtest: Merge configuration of logind test with timedated and related + tests. + They share the same restrictions and merging them avoids a bit of + duplication. + * Revert "test: disable DnsmasqClientTest.test_resolved_etc_hosts in + networkd-test.py" + Let's see if this test is still flaky on debci. + * networkd-test: fix resolved_domain_restricted_dns. + Cherry-pick upstream commit which hopefully fixes the flakiness in + DnsmasqClientTest.test_resolved_domain_restricted_dns. + + -- Michael Biebl Fri, 01 Oct 2021 10:12:14 +0200 + +systemd (247.9-3) unstable; urgency=medium + + * Revert multipath symlink race fix. + Revert upstream commits which caused a regression in udev resulting in + long delays when processing partitions with the same label. + (Closes: #993738) + + -- Michael Biebl Sat, 25 Sep 2021 22:01:17 +0200 + +systemd (247.9-2) unstable; urgency=medium + + * Demote systemd-timesyncd from Depends to Recommends. + This avoids a dependency cycle between systemd and systemd-timesyncd and + thus makes dist upgrades more predictable and robust. + It also allows minimal, systemd based containers where no NTP client is + strictly necessary. + To ensure that systemd-timesyncd is installed in a default installation + created by d-i, bump its priority to standard. (Closes: #986651, #993947) + + -- Michael Biebl Wed, 22 Sep 2021 21:10:53 +0200 + +systemd (247.9-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 247.9 + * Rebase patches + * Fix removal of systemd-hwdb-update.service. + As we don't support factory-reset, we don't need this service. + In Debian, the hwdb binary database is updated via a dpkg file trigger. + + [ Balint Reczey ] + * debian/rules: Don't ship README files in (/usr)/lib/*.d. + README files are typically shipped in /usr/share/doc. + + -- Michael Biebl Sun, 15 Aug 2021 21:10:56 +0200 + +systemd (247.3-6) unstable; urgency=high + + * Non-maintainer upload (acked by maintainers) + * unit-name: generate a clear error code when converting an overly long fs + path to a unit name + * basic/unit-name: do not use strdupa() on a path (CVE-2021-33910) + * basic/unit-name: adjust comments + + -- Salvatore Bonaccorso Tue, 13 Jul 2021 19:29:24 +0200 + +systemd (247.3-5) unstable; urgency=medium + + * udev-udeb: setup /dev/fd, /dev/std{in,out,err} symlinks. + As systemd-udevd no longer sets them up itself, we create them manually + after mounting devtmpfs. This avoids breaking applications which expect + those symlinks. (Closes: #975018) + + -- Michael Biebl Mon, 12 Apr 2021 20:21:24 +0200 + +systemd (247.3-4) unstable; urgency=medium + + [ Luca Boccassi ] + * Backport patch to fix assert with invalid LoadCredentials= + Regression introduced in v247, fixed in v249, see: + https://github.com/systemd/systemd/issues/19178 + (Closes: #986302) + + [ Michael Biebl ] + * network: Delay addition of IPv6 Proxy NDP addresses. + Fixes "IPv6 Proxy NDP addresses are being lost from interfaces after + networkd adds them". (Closes: #985510) + + -- Michael Biebl Sun, 11 Apr 2021 16:06:46 +0200 + +systemd (247.3-3) unstable; urgency=medium + + * pkg-config: make prefix overridable again (Closes: #984763) + * Revert "units: turn off DNSSEC validation when timesyncd resolves + hostnames" + Support for SYSTEMD_NSS_RESOLVE_VALIDATE=0 requires the changes from + https://github.com/systemd/systemd/pull/17823 for the dnssec bypass + logic. Those are rather invasive changes and not suitable for a stable + backport. + + -- Michael Biebl Thu, 11 Mar 2021 18:09:35 +0100 + +systemd (247.3-2) unstable; urgency=medium + + * Downgrade a couple of warnings to debug. + If a package still ships only a SysV init script or if a service file or + tmpfile uses /var/run, downgrade those messages to debug. We can use + lintian to detect those issues. + For service files and tmpfiles in /etc, keep the warning, as those files + are typically added locally and aren't checked by lintian. + (Closes: #981407) + * core: fix mtime calculation of dropin files + (Closes: #975289) + * analyze: slightly reword PrivateTmp= message + (Closes: #931753) + * rules: move ID_SMARTCARD_READER definition to a <70 configuration + (Closes: #978011) + * units: turn off DNSSEC validation when timesyncd resolves hostnames + (Closes: #898530) + * table: drop trailing white spaces of the last cell in row + (Closes: #980820) + + -- Michael Biebl Sat, 06 Mar 2021 22:32:14 +0100 + +systemd (247.3-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 247.3 + * Rebase patches + + [ Ioanna Alifieraki ] + * systemctl: return error code when scheduled shutdown fails + + -- Michael Biebl Wed, 03 Feb 2021 17:11:39 +0100 + +systemd (247.2-5) unstable; urgency=medium + + [ Matthias Klumpp ] + * Configure localed to run locale-gen to generate missing locale. + This applies an (upstreamed) patch to permit systemd-localed to run + locale-gen to generate missing locale when requested to switch the + system locale. + This makes localectl usable on Debian for changing locale without + breaking system localization or even prevent certain applications from + running at all after switching to a non-generated locale. + + [ Michael Biebl ] + * systemctl: do not shutdown immediately on scheduled shutdown. + When, for whatever reason, a scheduled shutdown fails to be set, systemd + will proceed with immediate shutdown without allowing the user to react. + This is counterintuitive because when a scheduled shutdown is issued, + it means the user wants to shutdown at a specified time in the future, + not immediately. (Closes: #931235) + * test: disable DnsmasqClientTest.test_resolved_etc_hosts in + networkd-test.py. + This test appears to be flaky. + See: #979716 + * Bump Standards-Version to 4.5.1 + * Set upstream metadata fields: Bug-Submit, Bug-Database, Repository, + Repository-Browse + + -- Michael Biebl Mon, 18 Jan 2021 13:45:15 +0100 + +systemd (247.2-4) unstable; urgency=medium + + * Move libraries and NSS modules from /lib to /usr/lib. + Keep libpam_systemd.so installed in /lib, as PAM doesn't support + loading PAM modules from /usr/lib on a split-usr system. + + -- Michael Biebl Sat, 02 Jan 2021 17:06:01 +0100 + +systemd (247.2-3) unstable; urgency=medium + + * test: use modern qemu numa arguments + This fixes TEST-36-NUMAPOLICY from the upstream autopkgtest when using + qemu >= 5.2. + * Increase timeout when running unit tests. + The default timeout for individual unit tests is 30s. On slower + architectures and environments like reproducible-builds, this sometimes + is not enough. + Instead of fine-tuning the timeout for each individual test, we instead + increase the timeouts by a factor of 10. + * init-functions, getty-static.service: Don't hard-code path to systemctl + binary. + This should simplify an eventual move of systemctl from /bin to + /usr/bin. + * getty-static.service: Skip if dbus-broker is installed. + Check for the binary in /usr/bin as this makes it easier to move the + service files from /lib/systemd to /usr/lib/systemd. + + -- Michael Biebl Sat, 26 Dec 2020 13:33:41 +0100 + +systemd (247.2-2) unstable; urgency=medium + + * Switch to "unified" cgroup hierarchy (i.e. cgroupv2) (Closes: #943981) + + -- Michael Biebl Mon, 21 Dec 2020 20:06:49 +0100 + +systemd (247.2-1) unstable; urgency=medium + + [ Balint Reczey ] + * debian/systemd.NEWS: Mention udev rules changes in 247 + + [ Michael Biebl ] + * New upstream version 247.2 + * Rebase patches + * test: fix fd_is_mount_point() check + + -- Michael Biebl Sun, 20 Dec 2020 20:44:31 +0100 + +systemd (247.1-4) unstable; urgency=medium + + [ наб ] + * debian/extra/kernel-install.d/85-initrd.install: Don't install initrd when + an explicit path was passed (Closes: #970213) + * debian/extra/kernel-install.d/85-initrd.install: Match initrd installation + messages and uninstallation to 90-loaderentry.install + + [ Michael Biebl ] + * sd-device: keep escaped strings in DEVLINK= property (Closes: #976699) + + -- Michael Biebl Fri, 11 Dec 2020 20:25:31 +0100 + +systemd (247.1-3) unstable; urgency=medium + + * d/t/timedated: Ignore return code of dbus-monitor in wait_mon() + We are not really interested in the return code and error messages from + dbus-monitor after killing it, so ignore them to avoid undesired + autopkgtest failures. + + -- Michael Biebl Thu, 03 Dec 2020 23:53:29 +0100 + +systemd (247.1-2) unstable; urgency=medium + + [ Michael Biebl ] + * Upload to unstable + * Revert "d/t/timedated: use /bin/bash to work around job handling issue in + dash" + + [ Balint Reczey ] + * debian/tests/timedated: Wait for the killed child only. + There may be other children of the script due to autopkgtest machinery + and they exit after the script exited. (LP: #1904406) + + -- Michael Biebl Wed, 02 Dec 2020 23:25:32 +0100 + +systemd (247.1-1) experimental; urgency=medium + + * New upstream version 247.1 + + -- Michael Biebl Tue, 01 Dec 2020 17:17:28 +0100 + +systemd (247-1) experimental; urgency=medium + + * New upstream version 247 + * Rebase patches + * Update symbol versions for the v247 release + + -- Michael Biebl Thu, 26 Nov 2020 19:46:41 +0100 + +systemd (247~rc2-3) experimental; urgency=medium + + * Merge changes from unstable + * sd-device: make sd_device_has_current_tag() compatible with udev database + generated by older udevd + (Closes: #974730) + * Add Breaks: udev (<< 247~) to systemd. + This ensures that udev is upgraded alongside systemd and both support + the new udev tags concept introduced in v247. (Closes: #975554) + + -- Michael Biebl Thu, 26 Nov 2020 18:18:53 +0100 + +systemd (247~rc2-2) experimental; urgency=medium + + * missing: define several syscall numbers for MIPS arch (Closes: #974619) + + -- Michael Biebl Fri, 13 Nov 2020 19:22:04 +0100 + +systemd (247~rc2-1) experimental; urgency=medium + + [ Michael Biebl ] + * New upstream version 247~rc2 + - tmpfiles: Handle filesystems without ACL support in more cases + (Closes: #972135) + * Rebase patches + * Explicitly disable oomd + * Use -Dmode=release as we want a release, not developer, build + * Update symbols file for libudev1 and libsystemd0 + + [ Luca Boccassi ] + * systemd-container: install systemd-dissect binary. + Required for TEST-50-DISSECT since: + https://github.com/systemd/systemd/pull/16046 + * d/t/control: install squashfs-tools for upstream test. + Required by TEST-50-DISSECT since upstream PR: + https://github.com/systemd/systemd/pull/16046 + + [ Dan Streetman ] + * d/control: update meson minimum version + https://github.com/systemd/systemd/pull/13842#issuecomment-601105975 + * d/t/upstream: convert 'blacklist' term to 'deny-list' + Support transition for upstream-ci from + https://github.com/systemd/systemd/pull/16262 + + -- Michael Biebl Thu, 12 Nov 2020 21:23:22 +0100 + +systemd (246.6-5) unstable; urgency=medium + + * Drop non-functional DefaultTasksMax patch. + This patch was supposed to remove the DefaultTasksMax limit, but lost + its actual logic over 4 years ago, when the patches were rebased for the + v231 release. Since nobody has complained so far, we can assume it is + safe to drop this patch. (Closes: #975335) + * test-seccomp: accept ENOSYS from sysctl(2) too. + It seems that kernel 5.9 started returning that. + * test/test-functions: copy /usr/lib/pam.d into $initdir. + The systemd-user file has been moved from /etc/pam.d into /usr/lib/pam.d, + so test-functions needs to copy it from /usr/lib/pam.d instead. + + -- Michael Biebl Tue, 24 Nov 2020 21:53:25 +0100 + +systemd (246.6-4) unstable; urgency=medium + + * Revert "Trigger a systemctl daemon-reload when init scripts are installed + or removed" + Remove the dpkg file trigger which called systemctl daemon-reload whenever + a SysV init script was installed. We have proper support in debhelper + nowadays which makes this superfluous and we want to avoid unnecessary + systemctl daemon-reload calls. + + -- Michael Biebl Thu, 19 Nov 2020 22:35:48 +0100 + +systemd (246.6-3) unstable; urgency=medium + + * pam: include pam_keyinit session module in systemd-user. + We want that systemd --user gets its own keyring, not the basic keyring + set up by systemd --system. + * pam: move systemd-user PAM config from /etc/pam.d to /usr/lib/pam.d. + This is supported since PAM 1.2 and we want as little files in /etc as + possible. + * init-functions: update LSB hook to not use ignore-dependencies + job-mode=ignore-dependencies, as currently used in the LSB hook during + bootup and shutdown, can have undesired side-effects, like changing the + ordering of services and ultimately causing them to fail, due to unmet + dependencies. + So simplify that, and only apply --no-block on reload requests during + bootup and shutdown. (Closes: #960594) + * d/t/timedated: use /bin/bash to work around job handling issue in dash. + See: #975010 + + -- Michael Biebl Tue, 17 Nov 2020 23:34:07 +0100 + +systemd (246.6-2) unstable; urgency=medium + + * XDG autostart improvements + - Add support for Path= in XDG Desktop File + - Ignore more common XDG Desktop Entry fields + - Lower most info messages to debug level (Closes: #968116) + * Re-enable seccomp support on riscv64. + This should be safe now, as the code has fallbacks for systems with + older libseccomp versions. + * Move sysusers.d/sysctl.d/binfmt.d/modules-load.d back to /usr. + In Debian, late mounting of /usr is no longer supported, so it is safe + to install those files in /usr. + We want those facilities in /usr, not /, as this will make an eventual + switch to a merged-usr setup easier. (Closes: #971282) + * units: update serial-getty@.service to support 57600 baud rate + (Closes: #969144) + * bootspec: don't fail with EIO if searching for ESP and finding one without + an enveloping partition table + (Closes: #970534) + + -- Michael Biebl Thu, 15 Oct 2020 23:48:34 +0200 + +systemd (246.6-1) unstable; urgency=medium + + * New upstream version 246.6 + * Rebase patches + + -- Michael Biebl Mon, 21 Sep 2020 20:28:36 +0200 + +systemd (246.5-1) unstable; urgency=medium + + * New upstream version 246.5 + - network: fix NDisc handling for the case when multiple routers exist + (Closes: #969599) + - core/socket: we may get ENOTCONN from socket_instantiate_service() + (Closes: #970156) + * Rebase patches + + -- Michael Biebl Mon, 14 Sep 2020 08:04:39 +0200 + +systemd (246.4-1) unstable; urgency=medium + + * New upstream version 246.4 + * Rebase patches + + -- Michael Biebl Wed, 02 Sep 2020 13:30:52 +0200 + +systemd (246.3-1) unstable; urgency=medium + + * New upstream version 246.3 + * Rebase patches + + -- Michael Biebl Sat, 29 Aug 2020 18:39:32 +0200 + +systemd (246.2-2) unstable; urgency=medium + + [ Balint Reczey ] + * debian/systemd.postinst: Restart systemd-networkd.socket on incompatible + change. + PassCredentials=yes is replaced with PassPacketInfo=yes and extra padding is + dropped, too. + (Closes: #968589, LP: #1891716) + + [ Michael Biebl ] + * Fix restart of systemd-networkd.socket. + We can't restart the socket while systemd-networkd.service is still + active. Instead we stop the socket and ensure, that a try-restart of + systemd-networkd.service also starts the socket. + * seccomp: Add support for riscv64 (Closes: #954312) + * Support missing conditions/asserts everywhere (Closes: #968612) + * path: Skip directories when finalising $PATH search (Closes: #969006) + + -- Michael Biebl Sat, 29 Aug 2020 16:24:49 +0200 + +systemd (246.2-1) unstable; urgency=medium + + * New upstream version 246.2 + * Remove resolvconf.conf drop-in, resolved integration moved to resolvconf + package + * Rebase patches + * Add versioned Breaks against resolvconf (<< 1.83~) to systemd. + The PathExists= directive was changed in v246 to match the documented + behaviour but now causes resolvconf-pull-resolved.service to be + continuously triggered by resolvconf-pull-resolved.path. + This requires a fix in the resolvconf package, see #968015. + (Closes: #967906) + * Keep journal files compatible with older versions. + Disable the KEYED-HASH journal feature by default and keep LZ4 (instead + of ZSTD) as default compression for new journal files. Otherwise journal + files are incompatible and can't be read by older journalctl + implementations. + This patch can be dropped in bullseye+1, as journalctl from bullseye + will then be able to read journal files with those features. + (Closes: #968055) + + -- Michael Biebl Mon, 17 Aug 2020 22:28:09 +0200 + +systemd (246.1-1) unstable; urgency=medium + + * New upstream version 246.1 + * Rebase patches + + -- Michael Biebl Sun, 16 Aug 2020 13:14:46 +0200 + +systemd (246-2) unstable; urgency=medium + + * Upload to unstable + + -- Michael Biebl Mon, 03 Aug 2020 09:46:27 +0200 + +systemd (246-1) experimental; urgency=medium + + * New upstream version 246 + * Rebase patches + * Update symbols file for libsystemd0 + * Bump libapparmor-dev Build-Depends to (>= 2.13) + * Disable libfido2 support. + This is only used by homed which we don't enable. + + -- Michael Biebl Thu, 30 Jul 2020 22:22:24 +0200 + +systemd (245.7-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 245.7 + - resolve: enable RES_TRUSTAD towards the 127.0.0.53 stub resolver + (Closes: #965371) + - basic/cap-list: parse/print numerical capabilities + (Closes: #964926) + * Rebase patches + + [ Dan Streetman ] + * Add libzstd-dev and zstd as build and test deps. + https://github.com/systemd/systemd/pull/15422 + + -- Michael Biebl Mon, 27 Jul 2020 23:24:47 +0200 + +systemd (245.6-3) unstable; urgency=medium + + [ Dan Streetman ] + * d/t/upstream: capture new merged 'system.journal' from tests. + https://github.com/systemd/systemd/pull/15281 + * d/t/upstream: use --directory or --file param for journalctl. + Properly tell journalctl if the journal to parse is a dir or file. + * d/t/storage: check for ext2 or ext4 fs when using crypttab 'tmp' option. + https://github.com/systemd/systemd/pull/15853 + + [ Martin Pitt ] + * debian/tests/localed-locale: Fix for environments without en_US.UTF-8. + Unconditionally back up/restore locale configuration files and generate + en_US.UTF-8. Previously the test failed in environments which have some + locale other than en_US.UTF-8 in /etc/default/locale. + Also fix the assertion of /etc/locale.conf not being present after + localectl. This only applies to Debian/Ubuntu tests, not upstream ones. + + [ Dimitri John Ledkov ] + * Enable EFI/bootctl on armhf. + + -- Michael Biebl Tue, 14 Jul 2020 18:16:57 +0200 + +systemd (245.6-2) unstable; urgency=medium + + [ Dan Streetman ] + * 40-vm-hotadd.rules: check offline before onlining memory/cpus. + The kernel will return EINVAL if the memory or cpu is already online, + which is harmless, but adds a confusing error to the log. Avoid the error + message by only onlining if the memory or cpu is currently offline. + (LP: #1876018) + + [ Michael Biebl ] + * d/t/boot-and-services: use canonical name for NetworkManager service + * Fix build with libmicrohttpd 0.9.71. + The return type of callbacks was changed from int to an enum. + + [ Youfu Zhang ] + * fsckd: avoid useless CR displayed on console (LP: #1692353) + + [ Balint Reczey ] + * dhclient-exit-hooks.d/timesyncd: Act only when systemd-timesyncd is available. + Otherwise the hook script might trigger an error if the + systemd-timesyncd package is uninstalled but not purged. (LP: #1873031) + + -- Michael Biebl Sun, 05 Jul 2020 11:44:39 +0200 + +systemd (245.6-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 245.6 + * Rebase patches + + [ Balint Reczey ] + * debian/tests/boot-and-services: Handle missing fstab (LP: #1877078) + + -- Michael Biebl Mon, 08 Jun 2020 00:56:37 +0200 + +systemd (245.5-3) unstable; urgency=medium + + [ Michael Biebl ] + * Bump priority of libnss-systemd to standard + * logind: avoid shadow lookups when doing userdb client side + * Disable DNSSEC support by default in resolved. + The upstream default, DNSSEC=allow-downgrade can lead to compatibility + issues with certain network access points. Previously, DNSSEC support + was only turned off when built for a stable Debian release, but it is + safer and more consistent to just generally change the default to + DNSSEC=no. (Closes: #959996) + * Bump debhelper compatibility level to 13. + Use the debhelper-compat package to declare the compatibility level and + drop debian/compat. + * Convert to dh_installsystemd and disable dh_installsystemduser + * Drop custom initramfs update code. + Now handled by dh_installinitramfs which is enabled by default in compat + level 12 and above. + + [ Dan Streetman ] + * Cherry-pick fix from upstream master to adjust UseGateway= default + - network: change UseGateway= default to UseRoutes= setting + - network: honor SetDNSRoutes= even if UseGateway=False + (LP: #1867375) + + [ Topi Miettinen ] + * Delete empty lines at end of file. + Upstream commit hooks don't allow empty lines and of course they serve no + purpose. + + -- Michael Biebl Sun, 17 May 2020 19:28:49 +0200 + +systemd (245.5-2) unstable; urgency=medium + + * Cherry-pick various fixes from upstream master + - network: add a flag to ignore gateway provided by DHCP server + - userdb: when doing client-side NSS look-ups optionally avoid shadow + look-ups + - nss-systemd: don't synthesize root/nobody when iterating + - core: make sure we don't get confused when setting TERM for a tty fd + - core: make sure to restore the control command id, too + * Install 60-block.rules in udev-udeb and initramfs-tools. + The block device rules were split out from 60-persistent-storage.rules + into its own rules file in v220. Those rules ensure that change events + are emitted and the udev db is updated after metadata changes. + Thanks to Pascal Hambourg (Closes: #958397) + + -- Michael Biebl Mon, 27 Apr 2020 17:38:44 +0200 + +systemd (245.5-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 245.5 + * Rebase patches + + [ Dan Streetman ] + * Follow symlinks when finding link files to copy into initramfs. + If the /{etc,lib}/systemd/network directory itself is a symlink, the find + command will not actually find any of the files in the dir it links to. + Use the find -L param to follow symlinks. + (LP: #1868892) + * Remove Ubuntu-specific ondemand.service. + New processors handle scaling/throttling in internal firmware + (e.g. intel_pstate), and do not require OS config. + Additionally, nobody else does this, not even Debian. + + -- Michael Biebl Sat, 18 Apr 2020 20:41:18 +0200 + +systemd (245.4-4) unstable; urgency=medium + + * Drop Conflicts: virtualbox-guest-utils from systemd-timesyncd. + Otherwise this could lead to virtualbox-guest-utils being uninstalled on + upgrades which is not intended. (Closes: #956436) + * pid1: automatically generate systemd-remount-fs.service deps, plus enable + systemd-pstore from sysinit.target + * Fix systemd-pstore.service enablement symlink on upgrades. + It is now started via sysinit.target. Also clean up the symlink on + purge. + + -- Michael Biebl Mon, 13 Apr 2020 11:34:31 +0200 + +systemd (245.4-3) unstable; urgency=medium + + [ Dan Streetman ] + * d/rules: in dh_auto_test, include meson param --print-errorlogs. + Also, don't cat testlog.txt; it's noisy and not very helpful. + Upstream request: + https://github.com/systemd/systemd/pull/14338#issuecomment-603432989 + + [ Michael Biebl ] + * pid1: by default make user units inherit their umask from the user manager + (Closes: #945000) + * user-util: rework how we validate user names. + This reworks the user validation infrastructure. There are now two + modes. In regular mode we are strict and test against a strict set of + valid chars. And in "relaxed" mode we just filter out some really + obvious, dangerous stuff. i.e. strict is whitelisting what is OK, but + "relaxed" is blacklisting what is really not OK. + The idea is that we use strict mode whenever we allocate a new user, + while "relaxed" mode is used when we process users registered elsewhere. + (Closes: #955541) + + -- Michael Biebl Fri, 10 Apr 2020 11:55:15 +0200 + +systemd (245.4-2) unstable; urgency=medium + + [ Balint Reczey ] + * Ship systemd-timesyncd in a separate package. + The new systemd-timesyncd package conflicting with other NTP-related + packages resolves the problems arising when running systemd-timesyncd + and other NTP servers on the same system. + (LP: #1849156, Closes: #805927, #947936) + + -- Michael Biebl Sat, 04 Apr 2020 08:59:50 +0200 + +systemd (245.4-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 245.4 + - Allow names starting with a digit (Closes: #954174) + - Recognize davfs as network file system (Closes: #954755) + * Enable systemd-pstore.service by default on new installs and upgrades + (Closes: #952767) + * Revert "Enable seccomp support on riscv64" + This requires further changes to the source code and a newer, not yet + officially released, libseccomp. Since this complicates backports revert + this change for the time being. + + [ Dan Streetman ] + * d/t/logind: use grep -s when checking /sys/power/state. + Some kernels in Ubuntu (e.g. linux-kvm) do not enable CONFIG_PM, which + results in stderr output when the logind test tries to grep the power + state file, causing the test to fail. The test already handles skipping + the test if suspend isn't supported, so just use -s to suppress grep + from printing to stderr if the file doesn't exist. + + -- Michael Biebl Thu, 02 Apr 2020 11:58:18 +0200 + +systemd (245.2-1) unstable; urgency=medium + + * New upstream version 245.2 + * Rebase patches + * Enable seccomp support on riscv64 (Closes: #954077) + * Drop migration code for the switch from DynamicUser=yes to no. + This code is no longer needed as it only affected systems between 239-1 + and 239-5, i.e. it never affected a stable release. + + -- Michael Biebl Wed, 18 Mar 2020 23:32:08 +0100 + +systemd (245-2) unstable; urgency=medium + + * Revert "job: Don't mark as redundant if deps are relevant" + This change negatively affects plymouth which was no longer properly + stopped after the system has completed booting. The running plymouth + daemon can trigger a VT switch (to tty1). (Closes: #953670) + + -- Michael Biebl Thu, 12 Mar 2020 13:55:26 +0100 + +systemd (245-1) unstable; urgency=medium + + [ Balint Reczey ] + * New upstream version 245 + * Refresh patches + * Update symbols + + [ Michael Biebl ] + * Disable repart, userdb, homed, fdisk, pwquality, p11kit feature. + Those are new features which drag in new dependencies and need further + review first. + * analyze: Fix table time output + * execute: Fix migration from DynamicUser=yes to no + * Drop manual clean up of /var/lib/private/systemd/timesync. + This is now done properly by systemd itself when a service switches from + DynamicUser=yes to no. + + -- Michael Biebl Wed, 11 Mar 2020 13:33:37 +0100 + +systemd (244.3-1) unstable; urgency=medium + + * New upstream version 244.3 + - Revert "Support Plugable UD-PRO8 dock" + Unfortunately the same usb hub is used in other places, and causes + numerous regressions. (Closes: #951330) + + -- Michael Biebl Sat, 15 Feb 2020 15:44:45 +0100 + +systemd (244.2-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 244.2 + - polkit: when authorizing via PolicyKit re-resolve callback/userdata + instead of caching it (CVE-2020-1712, Closes: #950732) + * Rebase patches + * Bump Standards-Version to 4.5.0 + + [ Balint Reczey ] + * Remove empty /var/log/journal/ on purge + + -- Michael Biebl Fri, 07 Feb 2020 19:24:20 +0100 + +systemd (244.1-3) unstable; urgency=medium + + * Update documentation regarding network interface naming. + Document that 73-usb-net-by-mac.link needs to be masked together with + 99-default.link if one wants to disable the systemd naming scheme and keep + the kernel-provided names. (Closes: #946196) + * Update debian/rules clean target to remove all Python bytecode + * Update systemd package description. + Recommend init=/lib/systemd/systemd instead of init=/bin/systemd. + The latter is just a compat symlink which might go away eventually. + * shared/dropin: fix assert for invalid drop-in. + Fixes an assertion when running systemctl cat on inexistent + unit templates. (Closes: #950489) + * core: call dynamic_user_acquire() only when 'group' is non-null. + Fixes an assertion in systemd which could happen if a unit is reloaded + and the unit is in bad-setting state. (Closes: #950409) + * Don't fail upgrade if /proc is not mounted. + Applying ACLs on /var/log/journal via systemd-tmpfiles requires a + mounted /proc. Skip this step if /proc is not available, e.g. in a + chroot. (Closes: #950533) + + -- Michael Biebl Tue, 04 Feb 2020 00:11:55 +0100 + +systemd (244.1-2) unstable; urgency=medium + + * Report status of libpam-systemd and libnss-systemd in systemd reportbug + template. + Since the libpam-systemd Recommends was moved from systemd to + systemd-sysv we no longer get this information automatically, so request + it explicitly. + * Drop btrfs-progs Recommends from systemd-container. + Upstream has dropped the logic of setting up /var/lib/machines as btrfs + loopback mount so this Recommends is no longer necessary. + * Fix processing of dpkg triggers in systemd. + We need to use $@ instead of "$@" so we can iterate through the + individual trigger names which are passed as a space separated list in + the second argument. + * Fix cleanup of timesyncd state directory + * Enable persistent journal. + Create /var/log/journal on upgrades and new installs. This enables + persistent journal in auto mode. (Closes: #717388) + + -- Michael Biebl Sat, 01 Feb 2020 02:59:12 +0100 + +systemd (244.1-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 244.1 + - network: fix segfault in parsing SendOption= (Closes: #946475) + * core: don't allow perpetual units to be masked (Closes: #948710) + + [ Balint Reczey ] + * debian/watch: Switch to watch tags at github.com/systemd/systemd-stable. + Upstream point releases appear there. + + [ Helmut Grohne ] + * Add basic support for the noinsttest build profile + * Annotate dbus build dependency with + The dbus library is needed for building tests. As such it must be + present unless we disable both build time and installed tests. + Previously, building with the nocheck profile worked, but it didn't + reproduce a regular build. + + -- Michael Biebl Sat, 25 Jan 2020 18:53:23 +0100 + +systemd (244-3) unstable; urgency=medium + + * Update udev-udeb to use 73-usb-net-by-mac.link + + -- Michael Biebl Mon, 02 Dec 2019 23:44:52 +0100 + +systemd (244-2) unstable; urgency=medium + + * Add lintian override for udev. + 60-autosuspend-chromiumos.rules triggers a udev-rule-missing-subsystem + warning. This is a false positive, as SUBSYSTEM is tested at the + beginning of the rules file. + * Add lintian override for systemd-container + systemd-nspawn@.service triggers a + systemd-service-file-refers-to-unusual-wantedby-target warning but + nspawn containers are supposed to be started via machines.target. + * Make it easier to override MAC based name policy for USB network adapters. + Replace 73-usb-net-by-mac.rules with 73-usb-net-by-mac.link. The .link + file provides the same functionality but makes it easier to set a custom + name for USB network adapters via the systemd.link mechanism. + Thanks to Benjamin Poirier (Closes: #941636) + * Move libpam-systemd Recommends from systemd to systemd-sysv. + libpam-systemd is only really useful if systemd is PID 1 and the systemd + package should be installable without affecting another installed init + system. (Closes: #926316) + * Upload to unstable + + -- Michael Biebl Mon, 02 Dec 2019 17:57:55 +0100 + +systemd (244-1) experimental; urgency=medium + + * New upstream version 244 + - udev: do not propagate error when executing PROGRAM and IMPORT{program} + (Closes: #944675) + - sd-event: don't invalidate source type on disconnect + (Closes: #945332) + * Rebase patches + + -- Michael Biebl Sat, 30 Nov 2019 16:39:57 +0100 + +systemd (243-9) unstable; urgency=medium + + [ Daniel Kahn Gillmor ] + * resolved: fix connection failures with TLS 1.3 and GnuTLS (Closes: #945507) + + -- Michael Biebl Fri, 29 Nov 2019 21:33:19 +0100 + +systemd (243-8) unstable; urgency=medium + + * udevadm: ignore EROFS and return earlier. + Fixes failures of "udevadm trigger" in containers with a readonly /sys. + (Closes: #944860) + * udev: silence warning about PROGRAM+= or IMPORT+= rules (Closes: #944917) + * man: add entry about SpeedMeter= (Closes: #944597) + * udev: drop SystemCallArchitectures=native from systemd-udevd.service. + We can't really control what helper programs are run from other udev + rules. E.g. running i386 binaries under amd64 is a valid use case and + should not trigger a SIGSYS failure. (Closes: #869719) + + -- Michael Biebl Tue, 19 Nov 2019 09:17:12 +0100 + +systemd (243-7) unstable; urgency=medium + + * Fix build failure on arm64 with libseccomp >= 2.4.2 + + -- Michael Biebl Fri, 15 Nov 2019 22:01:17 +0100 + +systemd (243-6) unstable; urgency=medium + + * Revert "sysusers: properly mark generated accounts as locked" + We shouldn't lock the accounts because people actually need to use them, and + if they are locked, various tools will refuse. + * udev: ignore error caused by device disconnection. + During an add or change event, the device may be disconnected. + (Closes: #944586) + * udev: do not append newline when writing attributes + + -- Michael Biebl Thu, 14 Nov 2019 14:09:49 +0100 + +systemd (243-5) unstable; urgency=medium + + * Switch default hierarchy (back) to hybrid. + Since v243, the new upstream default is unified, but this still causes + regressions in important packages, like LXC or Docker, so switch the + default back to hybrid for now. + * Drop masks for SysV init scripts that have been dropped + * Drop masks for SysV init scripts provided by initscripts and bootlogd + * logind: fix emission of PropertiesChanged signal for users and seats + * Bump Standards Version to 4.4.1 + * Upload to unstable + + -- Michael Biebl Mon, 11 Nov 2019 00:58:41 +0100 + +systemd (243-4) experimental; urgency=medium + + * Merge changes from unstable branch + + -- Michael Biebl Sat, 09 Nov 2019 01:15:08 +0100 + +systemd (243-3) experimental; urgency=medium + + * Import patches from v243-stable branch (up to ef677436aa) + + -- Michael Biebl Mon, 14 Oct 2019 15:26:01 +0200 + +systemd (243-2) experimental; urgency=medium + + * Import patches from v243-stable branch (up to fab6f010ac) + + -- Michael Biebl Sun, 22 Sep 2019 12:46:02 +0200 + +systemd (243-1) experimental; urgency=medium + + * New upstream version 243 + * Merge changes from unstable branch + + -- Michael Biebl Thu, 05 Sep 2019 01:21:49 +0200 + +systemd (243~rc2-1) experimental; urgency=medium + + * New upstream version 243~rc2 + - man: document that "systemd-analyze blame/critical-chain" is not useful + to track down job latency. (Closes: #920234) + - systemctl: process all units matched by a glob in the cat verb by + default. (Closes: #904913) + - units: automatically revert to /run logging on shutdown if necessary. + Prevents /var staying busy on shutdown due to journald. + (Closes: #851402) + - bash-completion: don't sort syslog priorities. (Closes: #913222) + - man: add example for setting multiple properties at once. + (Closes: #807464) + * Rebase patches + * Update symbols file for libsystemd0 + * core: stop removing non-existent and duplicate lookup paths + * Install static-nodes-permissions.conf tmpfile in udev + + -- Michael Biebl Sat, 31 Aug 2019 00:20:41 +0200 + +systemd (242-8) unstable; urgency=medium + + [ Dan Streetman ] + * d/extra/rules/73-special-net-names.rules: use $$ instead of $ in PROGRAM= + value. + Fixes incorrect variable substitution. + * Rework and improve blacklist handling in debian/tests/upstream + + [ Balint Reczey ] + * Various improvements to debian/extra/checkout-upstream making it more + straightforward to override the default behaviour + * Use package version as systemd's reported version (LP: #1849158) + + [ Michael Biebl] + * debiant/tests/udev: replace deprecated ADTTMP with AUTOPKGTEST_TMP + + -- Michael Biebl Fri, 08 Nov 2019 23:18:00 +0100 + +systemd (242-7) unstable; urgency=medium + + * sleep: properly pass verb to sleep script + * core: factor root_directory application out of apply_working_directory. + Fixes RootDirectory not working when used in combination with User. + (Closes: #939408) + * shared/bus-util: drop trusted annotation from + bus_open_system_watch_bind_with_description(). + This ensures that access controls on systemd-resolved's D-Bus interface + are enforced properly. + (CVE-2019-15718, Closes: #939353) + + -- Michael Biebl Wed, 04 Sep 2019 19:34:17 +0200 + +systemd (242-6) unstable; urgency=medium + + [ Dan Streetman ] + * d/t/control: upstream test requires qemu-system-ppc on ppc64el + * d/t/control: install seabios for upstream test. + Some archs (at least arm64) qemu implementation require the vga bios. + + [ Michael Biebl ] + * Drop unused lintian override + * network: fix ListenPort= in [WireGuard] section (Closes: #936198) + * d/e/r/73-usb-net-by-mac.rules: import net.ifnames only for network devices + (Closes: #934589) + * d/e/r/73-usb-net-by-mac.rules: skip if iface name was provided by + user-space + * Drop dbus activation stub service. + Since dbus 1.11.0, a dbus-daemon that is run with --systemd-activation + automatically assumes that o.fd.systemd1 is an activatable service. + As a result, with a new enough dbus version, + /usr/share/dbus-1/services/org.freedesktop.systemd1.service and + /usr/share/dbus-1/system-services/org.freedesktop.systemd1.service + become unnecessary and can be removed. (Closes: #914015) + * Revert "core: check start limit on condition checks too" + If a unit was referenced too often, it hit the restart limit and the + unit was marked as failed. Fixes a regression introduced in v242. + (Closes: #935829) + + [ Michael Prokop ] + * README.Debian: document KillUserProcesses behavior in Debian + + -- Michael Biebl Tue, 03 Sep 2019 11:09:07 +0200 + +systemd (242-5) unstable; urgency=medium + + [ Dan Streetman ] + * d/rules: add CONFFGLAGS_UPSTREAM to dh_auto_configure -- params + + [ Michael Biebl ] + * core: never propagate reload failure to service result. + Fixes a regression introduced in v239 where the main process of a + service unit gets killed on reload if ExecReload fails. (Closes: #936032) + * shared/seccomp: add sync_file_range2. + Some architectures need the arguments to be reordered because of alignment + issues. Otherwise, it's the same as sync_file_range. + Fixes sync_file_range failures in nspawn containers on arm, ppc. + (Closes: #935091) + * bash-completion: don't sort syslog priorities. + By default, the available completions are sorted alphabetically, which + is counterproductive in case of syslog priorities. Override the default + behavior using the `nosort` option. (Closes: #913222) + * test-bpf: skip test when run inside containers + + -- Michael Biebl Thu, 29 Aug 2019 16:18:18 +0200 + +systemd (242-4) unstable; urgency=medium + + * Upload to unstable + + -- Michael Biebl Wed, 21 Aug 2019 22:09:13 +0200 + +systemd (242-3) experimental; urgency=medium + + [ Dan Streetman ] + * d/t/boot-and-services: fix test_failing() + * d/t/boot-and-services: check for any kernel message, not just first kernel + message (Closes: #929730) + * d/t/upstream: add TEST-30, TEST-34 to blacklist + * d/t/timedated: replace systemctl is-active with systemctl show + * d/t/control: root-unittests can break networking, add breaks-testbed + * d/t/control: mark udev test skippable + * d/t/upstream: always cleanup after (and before) each test + * d/t/control: upstream test requires dmeventd + * d/e/checkout-upstream: don't remove .git + * d/e/checkout-upstream: move change to debian/ files above other changes + * d/e/checkout-upstream: add UPSTREAM_KEEP_CHANGELOG param + * d/e/checkout-upstream: create git commits for each change + * d/e/checkout-upstream: switch from 'quilt' to 'native' format + * d/e/checkout-upstream: set user.name, user.email if unset + * d/t/storage: change plaintext_name to include testname + * d/t/storage: increase wait for plaintext_dev from 5 to 30 seconds + * d/t/storage: wait for service to start, only stop if active + * d/t/storage: don't search for 'scsi_debug' in ask_password + * d/t/storage: manage scsi_debug using add_hosts (Closes: #929728) + * d/t/storage: use short timeout waiting for scsi_debug block dev to appear + * d/t/storage: convert password agent into normal Thread + * d/t/storage: fail if socket info not in ask_password contents + * d/t/boot-smoke: pass failure reason to fail() to print instead of separate + echo + * d/t/boot-smoke: in fail() set +e so errors are ignored while gathering + data + * d/t/boot-smoke: gather still running jobs in fail() + * d/t/boot-smoke: wait for is-system-running + * d/t/boot-smoke: call fail if pidof polkitd fails + * d/t/boot-smoke: remove check for running jobs + + [ Michael Biebl ] + * d/t/boot-smoke: check for NetworkManager instead of D-Bus activated + polkitd (Closes: #934992) + + -- Michael Biebl Wed, 21 Aug 2019 00:12:22 +0200 + +systemd (242-2) experimental; urgency=medium + + [ Michael Biebl ] + * Drop dependency on lsb-base. + It is only needed when booting with sysvinit and initscripts, but + initscripts already Depends on lsb-base (see #864999). + * Stop removing enablement symlinks in /etc/systemd/system. + With v242 this is no longer necessary as `ninja install` will no longer + create those symlinks. + * Replace manual removal of halt-local.service with upstream patch + + [ Dimitri John Ledkov ] + * Build manpages in .deb variant. + Upstream snapshots are switching to building manpages off by default. + + [ Luca Boccassi ] + * Enable portabled and install related files in systemd-container. + Keep disabled for the udeb profile. (Closes: #918606) + + -- Michael Biebl Fri, 07 Jun 2019 22:41:50 +0200 + +systemd (242-1) experimental; urgency=medium + + * New upstream version 242 + - Change ownership/mode of the execution directories also for static users + (Closes: #919231) + - A new boolean sandboxing option RestrictSUIDSGID= has been added that is + built on seccomp. When turned on, creation of SUID/SGID files is + prohibited. The NoNewPrivileges= and the new RestrictSUIDSGID= options + are now implied if DynamicUser= is turned on for a service. + (Closes: #928102, CVE-2019-3843, CVE-2019-3844) + * Drop Revert-udev-network-device-renaming-immediately-give.patch. + This patch needs ongoing maintenance work to be adapted to new releases + and fails to apply with v242. Instead of investing more time into it we + are going to drop the patch as it was a hack anyway. + * Rebase patches + * Drop pre-stretch migration code + * Drop /sbin/udevadm compat symlink (Closes: #852580) + * socket-util: Make sure flush_accept() doesn't hang on unexpected + EOPNOTSUPP + * Enable regexp matching support in journalctl using pcre2 (Closes: #898892) + * Switch from libidn to libidn2 (Closes: #928615) + + -- Michael Biebl Wed, 08 May 2019 01:33:56 +0200 + +systemd (241-7) unstable; urgency=medium + + [ Michael Biebl ] + * network: Fix failure to bring up interface with Linux kernel 5.2. + Backport two patches from systemd master in order to fix a bug with 5.2 + kernels where the network interface fails to come up with the following + error: "enp3s0: Could not bring up interface: Invalid argument" + (Closes: #931636) + * Use /usr/sbin/nologin as nologin shell. + In Debian the nologin shell is installed in /usr/sbin, not /sbin. + (Closes: #931850) + + [ Mert Dirik ] + * 40-systemd: Don't fail if SysV init script uses set -u and $1 is unset + (Closes: #931719) + + -- Michael Biebl Thu, 18 Jul 2019 19:38:23 +0200 + +systemd (241-6) unstable; urgency=medium + + * ask-password: Prevent buffer overflow when reading from keyring. + Fixes a possible memory corruption that causes systemd-cryptsetup to + crash either when a single large password is used or when multiple + passwords have already been pushed to the keyring. (Closes: #929726) + * Clarify documentation regarding %h/%u/%U specifiers. + Make it clear, that setting "User=" has no effect on those specifiers. + Also ensure that "%h" is actually resolved to "/root" for the system + manager instance as documented in the systemd.unit man page. + (Closes: #927911) + * network: Behave more gracefully when IPv6 has been disabled. + Ignore any configured IPv6 settings when IPv6 has been disabled in the + kernel via sysctl. Instead of failing completely, continue and log a + warning instead. (Closes: #929469) + + -- Michael Biebl Mon, 08 Jul 2019 11:27:51 +0200 + +systemd (241-5) unstable; urgency=medium + + * Revert "Add check to switch VTs only between K_XLATE or K_UNICODE" + This change left the keyboard in an unusable state when exiting an X + session. (Closes: #929229) + + -- Michael Biebl Fri, 24 May 2019 22:58:59 +0200 + +systemd (241-4) unstable; urgency=medium + + * journal-remote: Do not request Content-Length if Transfer-Encoding is + chunked (Closes: #927008) + * systemctl: Restore "systemctl reboot ARG" functionality. + Fixes a regression introduced in v240. (Closes: #928659) + * random-util: Eat up bad RDRAND values seen on AMD CPUs. + Some AMD CPUs return bogus data via RDRAND after a suspend/resume cycle + while still reporting success via the carry flag. + Filter out invalid data like -1 (and also 0, just to be sure). + (Closes: #921267) + * Add check to switch VTs only between K_XLATE or K_UNICODE. + Switching to K_UNICODE from other than L_XLATE can make the keyboard + unusable and possibly leak keypresses from X. + (CVE-2018-20839, Closes: #929116) + * Document that DRM render nodes are now owned by group "render" + (Closes: #926886) + + -- Michael Biebl Fri, 17 May 2019 21:16:33 +0200 + +systemd (241-3) unstable; urgency=high + + [ Michael Biebl ] + * Drop systemd-shim alternative from libpam-systemd. + A fixed systemd-shim package which works with newer versions of systemd + is unlikely to happen given that the systemd-shim package has been + removed from the archive. Drop the alternative dependency from + libpam-systemd accordingly. + * Properly remove duplicate directories from systemd package. + When removing duplicate directories from the systemd package, sort the + list of directories in reverse order so we properly delete nested + directories. + * udev: Run programs in the specified order (Closes: #925190) + * bash-completion: Use default completion for redirect operators + (Closes: #924541) + * networkd: Clarify that IPv6 RA uses our own stack, no the kernel's + (Closes: #815582) + * Revert "Drop systemd-timesyncd.service.d/disable-with-time-daemon.conf" + Apparently Conflicts= are not a reliable mechanism to ensure alternative + NTP implementations take precedence over systemd-timesyncd. + (Closes: #902026) + * network: Fix routing policy rule issue. + When multiple links request a routing policy, make sure they are all + applied correctly. (Closes: #924406) + * pam-systemd: Use secure_getenv() rather than getenv() + Fixes a vulnerability in the systemd PAM module which insecurely uses + the environment and lacks seat verification permitting spoofing an + active session to PolicyKit. (CVE-2019-3842) + + [ Martin Pitt ] + * Enable udev autopkgtest in containers. + This test doesn't actually need udev.service (which is disabled in + containers) and works fine in LXC. + * Enable boot-and-service autopkgtest in containers + - Skip tests which can't work in containers. + - Add missing rsyslog test dependency. + - e2scrub_reap.service fails in containers, ignore (filed as #926138) + - Relax pgrep pattern for gdm, as there's no wayland session in + containers. + + -- Michael Biebl Mon, 08 Apr 2019 12:59:32 +0200 + +systemd (241-2) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/boot-smoke: Create journal and udevdb artifacts on all + failures + * autopkgtests: Replace obsolete $ADT_* variables + * networkd-test: Ignore failures of test_route_only_dns* in containers. + This test exposes a race condition when running in LXC, see issue #11848 + for details. Until that is understood and fixed, skip the test as it's + not a recent regression. (Closes: #924539) + * Bump Standards-Version to 4.3.0. + No changes necessary. + * debian/tests/boot-smoke: Only check current boot for connection timeouts. + Otherwise we'll catch some + Failed to resolve group 'render': Connection timed out + messages that happen in earlier boots during VM setup, before the + "render" group is created. + Fixes https://github.com/systemd/systemd/issues/11875 + * timedated: Fix emitted value when ntp client is enabled/disabled. + Fixes a regression introduced in 241. + * debian/tests/timedated: Check enabling/disabling NTP. + Assert that `timedatectl set-ntp` correctly controls the service, sets + the `org.freedesktop.timedate1 NTP` property, and sends the right + `PropertiesChanged` signal. + This reproduces and + also the earlier . + + [ Michael Biebl ] + * Disable fallback DNS servers in resolved (Closes: #923081) + * cgtop: Fix processing of controllers other than CPU (Closes: #921280) + * udev: Restore debug level when logging a failure in the external prog + called by IMPORT{program} (Closes: #924199) + * core: Remove "." path components from required mount paths. + Fixes mount related failures when a user's home directory contains "/./" + (Closes: #923881) + * udev.init: Use new s-s-d --notify-await to start udev daemon. + Fixes a race condition during startup under SysV init. + Add versioned dependency on dpkg (>= 1.19.3) to ensure that a version + of start-stop-daemon which supports --notify-await is installed. + (Closes: #908796) + * Make /dev/dri/renderD* accessible to group "render" + Follow upstream and make render nodes available to a dedicated system + group "render" instead of "video". Keep the uaccess tag for local, + active users. + + -- Michael Biebl Fri, 15 Mar 2019 18:33:54 +0100 + +systemd (241-1) unstable; urgency=medium + + [ Adam Borowski ] + * Make libpam-systemd Provide: logind, default-logind. + This allows alternate logind implementations such as elogind, without + having to recompile every dependent package -- as long as the client API + remains compatible. + These new virtual packages got policy-approved in #917431. (Closes: #915407) + + [ Felipe Sateler ] + * New upstream version 241 + - Refresh patches + - Backport upstream fix for Driver= matches in .network files + + [ Martin Pitt ] + * debian/libsystemd0.symbols: Add new symbol from release 241 + * Fix various bugs and races in networkd tests. + This should get the autopkgtest back to green, which regressed with + dnsmasq 2.80. + + -- Felipe Sateler Thu, 21 Feb 2019 20:10:15 -0300 + +systemd (240-6) unstable; urgency=high + + * High urgency as this fixes a vulnerability. + + [ Felipe Sateler ] + * Reenable pristine-tar in gbp.conf. + The pristine-tar bug has been fixed, so we can use it again. + This reverts commit 9fcfbbf6fea15eacfa3fad74240431c5f2c3300e. + * d/watch: add version mangle to transform -rc to ~rc. + Upstream has started releasing rcs, so let's account for that + * Fix comment about why we disable hwclock.service. + Systemd nowadays doesn't do it itself because the kernel does it on its + own when necessary, and when not, it is not safe to save the hwclock (eg, + there is no certainty the system clock + is correct) + * udev: Backport upstream preventing mass killings when not running under + systemd (Closes: #918764) + + [ Dimitri John Ledkov ] + * debian/tests/storage: improve cleanups. + On fast ppc64el machines, cryptsetup start job may not complete by the + time tearDown is executed. In that case stop, causes to simply cancel the + start job without actually cleaning up the dmsetup node. This leads to + failing subsequent test as it no longer starts with a clean device. Thus + ensure the systemd-cryptsetup unit is started, before stopping it. + Also rmmod scsi_debug module at the end, to allow re-running the test in a + loop. + * debian/tests/upstream: Mark TEST-13-NSPAWN-SMOKE as flakey. + * debian/tests/control: add socat to upstream tests for pull #11591 + * Blacklist TEST-10-ISSUE-2467 #11706 + * debian/tests/storage: fix for LUKS2 and avoid interactive password + prompts. + + [ Martin Pitt ] + * udevadm: Fix segfault with subsystem-match containing '/' + (Closes: #919206) + * sd-bus: if we receive an invalid dbus message, ignore and proceed + * sd-bus: enforce a size limit on D-Bus object paths. + This avoids accessing/modifying memory outside of the allocated stack + region by sending specially crafted D-Bus messages with very large object + paths. + Vulnerability discovered by Chris Coulson , + patch provided by Riccardo Schirone . + (CVE-2019-6454) + + -- Martin Pitt Mon, 18 Feb 2019 13:54:04 +0000 + +systemd (240-5) unstable; urgency=medium + + [ Felipe Sateler ] + * Revert interface renaming changes. (Closes: #919390) + + [ Martin Pitt ] + * process-util: Fix memory leak (Closes: #920018) + + -- Martin Pitt Sun, 27 Jan 2019 21:33:07 +0000 + +systemd (240-4) unstable; urgency=medium + + [ Benjamin Drung ] + * Fix shellcheck issues in initramfs-tools scripts + + [ Michael Biebl ] + * Import patches from v240-stable branch (up to f02b5472c6) + - Fixes a problem in logind closing the controlling terminal when using + startx. (Closes: #918927) + - Fixes various journald vulnerabilities via attacker controlled alloca. + (CVE-2018-16864, CVE-2018-16865, Closes: #918841, Closes: #918848) + * sd-device-monitor: Fix ordering of setting buffer size. + Fixes an issue with uevents not being processed properly during coldplug + stage and some kernel modules not being loaded via "udevadm trigger". + (Closes: #917607) + * meson: Stop setting -fPIE globally. + Setting -fPIE globally can lead to miscompilations on certain + architectures. Instead use the b_pie=true build option, which was + introduced in meson 0.49. Bump the Build-Depends accordingly. + (Closes: #909396) + + -- Michael Biebl Sat, 12 Jan 2019 21:49:44 +0100 + +systemd (240-3) unstable; urgency=medium + + * udev.init: Trigger add events for subsystems. + Update the SysV init script and mimic the behaviour of the initramfs and + systemd-udev-trigger.service which first trigger subsystems and then + devices during the coldplug stage. + * udevadm: Refuse to run trigger, control, settle and monitor commands in + chroot (Closes: #917633) + * network: Set link state configuring before setting addresses. + Fixes a crash in systemd-networkd caused by an assertion failure. + (Closes: #918658) + * libudev-util: Make util_replace_whitespace() read only len characters. + Fixes a regression where /dev/disk/by-id/ names had additional + underscores. + * man: Update color of journal logs in DEBUG level (Closes: #917948) + * Remove old state directory of systemd-timesyncd on upgrades. + Otherwise timesyncd will fail to update the clock file if it was created + as /var/lib/private/systemd/timesync/clock. + This was the case when the service was using DynamicUser=yes which it no + longer does in v240. (Closes: #918190) + + -- Michael Biebl Wed, 09 Jan 2019 18:40:57 +0100 + +systemd (240-2) unstable; urgency=medium + + * Pass separate dev_t var to device_path_parse_major_minor. + Fixes FTBFS on mips/mipsel (MIPS/O32). (Closes: #917195) + * test-json: Check absolute and relative difference in floating point test. + Fixes FTBFS due to test-suite failures on armel, armhf and hppa. + (Closes: #917215) + * sd-device: Fix segfault when error occurs in device_new_from_{nulstr,strv}() + Fixes a segfault in systemd-udevd when debug logging is enabled. + * udev-event: Do not read stdout or stderr if the pipefd is not created. + This fixes problems with device-mapper symlinks no longer being created + or certain devices not being marked as ready. (Closes: #917124) + * Don't bump fs.nr_open in PID 1. + In v240, systemd bumped fs.nr_open in PID 1 to the highest possible + value. Processes that are spawned directly by systemd, will have + RLIMIT_NOFILE be set to 512K (hard). + pam_limits in Debian defaults to "set_all", i.e. for limits which are + not explicitly configured in /etc/security/limits.conf, the value from + PID 1 is taken, which means for login sessions, RLIMIT_NOFILE is set to + the highest possible value instead of 512K. Not every software is able + to deal with such an RLIMIT_NOFILE properly. + While this is arguably a questionable default in Debian's pam_limit, + work around this problem by not bumping fs.nr_open in PID 1. + (Closes: #917167) + + -- Michael Biebl Thu, 27 Dec 2018 14:03:57 +0100 + +systemd (240-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 240 + - core: Skip cgroup_subtree_mask_valid update if UNIT_STUB + (Closes: #903011) + - machined: Rework referencing of machine scopes from machined + (Closes: #903288) + - timesync: Fix serialization of IP address + (Closes: #916516) + - core: Don't track jobs-finishing-during-reload explicitly + (Closes: #916678) + * Rebase patches + * Install new systemd-id128 binary + * Update symbols file for libsystemd0 + * Update nss build options + + [ Martin Pitt ] + * tests: Disable some flaky upstream tests. + See https://github.com/systemd/systemd/issues/11195 + * tests: Disable flaky TEST-17-UDEV-WANTS upstream test. + See https://github.com/systemd/systemd/issues/11195 + + -- Michael Biebl Sat, 22 Dec 2018 16:01:43 +0100 + +systemd (239-15) unstable; urgency=medium + + [ Felipe Sateler ] + * Fix container check in udev init script. + Udev needs writable /sys, so the init script tried to check before + starting. Unfortunately, the check was inverted. Let's add the missing + '!' to negate the check. + (Closes: #915261) + * Add myself to uploaders + + [ Michael Biebl ] + * Remove obsolete systemd-shim conffile on upgrades. + The D-Bus policy file was dropped from the systemd-shim package in + version 8-4, but apparently there are cases where users removed the + package before that cleanup happened. The D-Bus policy file that was + shipped by systemd-shim was much more restrictive and now prevents + calling GetDynamicUsers() and other recent APIs on systemd Manager. + (Closes: #914285) + + -- Felipe Sateler Wed, 05 Dec 2018 21:03:34 -0300 + +systemd (239-14) unstable; urgency=medium + + [ Michael Biebl ] + * autopkgtest: Drop test_custom_cgroup_cleanup from boot-and-services + * resolved: Increase size of TCP stub replies (Closes: #915049) + * meson: Unify linux/stat.h check with other checks and use _GNU_SOURCE. + Fixes a build failure with glibc 2.28. + * Drop procps dependency from systemd. + The systemd-exit.service user service no longer uses the "kill" binary. + * Simplify container check in udev SysV init script. + Instead of using "ps" to detect a container environment, simply test if + /sys is writable. This matches what's used in systemd-udevd.service via + ConditionPathIsReadWrite=/sys and follows + https://www.freedesktop.org/wiki/Software/systemd/ContainerInterface/ + This means we no longer need procps, so drop that dependency from the + udev package. (Closes: #915095) + + [ Mert Dirik ] + * 40-systemd: Honour __init_d_script_name. + Make /lib/lsb/init-functions.d/40-systemd use __init_d_script_name + (if available) to figure out real script name. (Closes: #826214) + * 40-systemd: Improve heuristics for init-d-script. + Improve heuristics for scripts run via init-d-script so that the + redirection works even for older init-d-script versions without the + __init_d_script_name variable. + + -- Michael Biebl Sun, 02 Dec 2018 01:00:01 +0100 + +systemd (239-13) unstable; urgency=medium + + * autopktest: Add e2fsprogs dependency to upstream test. + Some of the upstream tests require mkfs.ext4. (Closes: #887250) + * systemctl: Tell update-rc.d to skip creating any systemd symlinks. + When calling update-rc.d via systemd-sysv-install, tell it to skip + creating any systemd symlinks as we want to handle those directly in + systemctl. Older update-rc.d versions will ignore that request, but + that's ok. This means we don't need a versioned dependency against + init-system-helpers. (Closes: #743217) + * pam_systemd: Suppress LOG_DEBUG log messages if debugging is off + (Closes: #825949) + * Drop cgroup-don-t-trim-cgroup-trees-created-by-someone-el.patch. + The patch is no longer necessary as lxc.service now uses Delegate=yes. + * Remove obsolete Replaces from pre-jessie + + -- Michael Biebl Tue, 20 Nov 2018 19:44:39 +0100 + +systemd (239-12) unstable; urgency=high + + [ Martin Pitt ] + * Enable QEMU on more architectures in "upstream" autopkgtest. + Taken from the Ubuntu package, so apparently QEMU works well enough on + these architectures now. + * autopkgtest: Avoid test bed reset for boot-smoke. + Make "boot-smoke"'s dependencies a strict superset of "upstream"'s, so + that autopkgtest doesn't have to provide a new testbed. + * Fix wrong "nobody" group from sysusers.d. + Fix our make-sysusers-basic sysusers.d generator to special-case the + nobody group. "nobody" user and "nogroup" group both have the same ID + 65534, which is the only special case for Debian's static users/groups. + So specify the gid explicitly, to avoid systemd-sysusers creating a + dynamic system group for "nobody". + Also clean up the group on upgrades. + Thanks to Keh-Ming Luoh for the original patch! (Closes: #912525) + + [ Michael Biebl ] + * autopkgtest: Use shutil.which() which is provided by Python 3 + * Drop non-existing gnuefi=false build option. + This was mistakenly added when converting from autotools to meson. + * core: When deserializing state always use read_line(…, LONG_LINE_MAX, …) + Fixes a vulnerability in unit_deserialize which allows an attacker to + supply arbitrary state across systemd re-execution via NotifyAccess. + (CVE-2018-15686, Closes: #912005) + * meson: Use the host architecture compiler/linker for src/boot/efi. + Fixes cross build failure for arm64. (Closes: #905381) + * systemd: Do not pass .wants fragment path to manager_load_unit. + Fixes an issue with overridden units in /etc not being used due to a + .wants/ symlink pointing to /lib. (Closes: #907054) + * machined: When reading os-release file, join PID namespace too. + This ensures that we properly acquire the os-release file from containers. + (Closes: #911231) + + -- Michael Biebl Sat, 17 Nov 2018 18:39:21 +0100 + +systemd (239-11) unstable; urgency=high + + [ Michael Biebl ] + * debian/tests/upstream: Clean up after each test run. + Otherwise the loopback images used by qemu are not properly released and + we might run out of disk space. + * dhcp6: Make sure we have enough space for the DHCP6 option header. + Fixes out-of-bounds heap write in systemd-networkd dhcpv6 option + handling. + (CVE-2018-15688, LP: #1795921, Closes: #912008) + * chown-recursive: Rework the recursive logic to use O_PATH. + Fixes a race condition in chown_one() which allows an attacker to cause + systemd to set arbitrary permissions on arbitrary files. + (CVE-2018-15687, LP: #1796692, Closes: #912007) + + [ Martin Pitt ] + * debian/tests/boot-and-services: Use gdm instead of lightdm. + This seems to work more reliably, on Ubuntu CI's i386 instances lightdm + fails. + + [ Manuel A. Fernandez Montecelo ] + * Run "meson test" instead of "ninja test" + Upstream developers of meson recommend to run it in this way, because + "ninja test" just calls "meson test", and by using meson directly and + using extra command line arguments it is possible to control aspects of + how the tests are run. + * Increase timeout for test in riscv64. + The buildds for the riscv64 arch used at the moment are slow, so increase + the timeouts for this arch by a factor of 10, for good measure. + (Closes: #906429) + + -- Michael Biebl Sun, 28 Oct 2018 13:02:18 +0100 + +systemd (239-10) unstable; urgency=medium + + [ Michael Biebl ] + * meson: Rename -Ddebug to -Ddebug-extra. + Meson added -Doptimization and -Ddebug options, which obviously causes + a conflict with our -Ddebug options. Let's rename it. + (Closes: #909455) + * Add conflicts against consolekit. + Letting both ConsoleKit and logind manage dynamic device permissions + will only lead to inconsistent and unexpected results. + + [ Felipe Sateler ] + * Link systemctl binary statically against libshared. + This reduces the Pre-Depends list considerably, and is more resilient + against borked installs. + + -- Michael Biebl Tue, 25 Sep 2018 16:11:12 +0200 + +systemd (239-9) unstable; urgency=medium + + * autopkgtest: Remove needs-recommends runtime restriction. + This restriction has been deprecated and there are plans to remove it + altogether. The tests pass withouth needs-recommends, so it seems safe + to remove. + * test: Use installed catalogs when test-catalog is not located at build + dir. + This makes it possible to run test-catalog as installed test, so we no + longer need to mark it as EXFAIL in our root-unittests autopkgtest. + * test: Use "systemd-runtest.env" to set $SYSTEMD_TEST_DATA and + $SYSTEMD_CATALOG_DIR. + This avoids embedding ABS_{SRC,BUILD}_DIR into libsystemd-shared.so and + the test binaries and should make the build reproducible. + (Closes: #908365) + + -- Michael Biebl Wed, 12 Sep 2018 19:07:38 +0200 + +systemd (239-8) unstable; urgency=medium + + [ Michael Biebl ] + * Clean up dbus-org.freedesktop.timesync1.service Alias on purge + (Closes: #904290) + * user-runtime-dir: Fix wrong SELinux context (Closes: #908026) + * core: Fix gid when DynamicUser=yes with static user (Closes: #904335) + * Remove udev control socket on shutdown under sysvinit. + The udev control socket is no longer removed automatically when the + daemon is stopped. As this can confuse other software, update the SysV + init script to remove the control socket manually and make sure the init + script is executed on shutdown (runlevel 0) and reboot (runlevel 6). + (Closes: #791944) + * Bump Standards-Version to 4.2.1 + + [ Martin Pitt ] + * timedated: Fix wrong PropertyChanged values and refcounting + + -- Michael Biebl Fri, 07 Sep 2018 08:41:12 +0200 + +systemd (239-7) unstable; urgency=medium + + * autopkgtest: Add iputils-ping dependency to root-unittests. + The ping binary is required by test-bpf. + * autopkgtest: Add dbus-user-session and libpam-systemd dependency to + root-unittests. + Without a working D-Bus user session, a lot of the test-bus-* tests are + skipped. + * network/link: Fix logic error in matching devices by MAC (Closes: #904198) + + -- Michael Biebl Sun, 22 Jul 2018 13:40:15 +0200 + +systemd (239-6) unstable; urgency=medium + + [ Martin Pitt ] + * autopkgtest: Install libnss-systemd. + Make sure that dynamic users can be resolved. This e. g. prevents a + startup failure for systemd-resolved. + * autopkgtest: Add missing python3 test dependency for udev test + + [ Michael Biebl ] + * autopkgtest: Make AppArmor violator test work with merged-usr + * Make /dev/kvm accessible to local users and group kvm. + Re-add the uaccess tag to /dev/kvm to make it accessible to local + users. Access is also granted via group kvm, so create that in + udev.postinst. (Closes: #887852) + * Move a few man pages from systemd to systemd-journal-remote. + The systemd package shipped a few systemd-journal-remote and + systemd-journal-upload related man pages which really belong into the + systemd-journal-remote package. Move those man pages into the correct + package and add a Breaks/Replaces against systemd accordingly. + (Closes: #903557) + * autopkgtest: Drop no-longer needed workaround from upstream test + * Go back to statically allocate system users for timesyncd, networkd and + resolved. + There are currently too many open issues related to D-Bus and the usage + of DynamicUser. (Closes: #902971) + * Change python3-minimal dependency to python3. + While we strictly only need python3-minimal, the usage of + python3-minimal triggers a lintian error: depends-on-python-minimal + * test: Drop SKIP_INITRD for QEMU-based tests. + The Debian Linux kernel ships ext4 support as a module, so we require an + initrd to successfully start the QEMU images. + * debian/tests/localed-x11-keymap: Deal with absence of + /etc/default/keyboard more gracefully + * autopkgtest: Add various dependencies to make upstream test pass on Debian + - netcat-openbsd: Required by TEST-12-ISSUE-3171. + - busybox-static: Required by TEST-13-NSPAWN-SMOKE. + - plymouth: Required by TEST-15-DROPIN and TEST-22-TMPFILES. + * Drop seccomp system call filter for udev. + The seccomp based system call whitelist requires at least systemd 239 to + be the active init and during a dist-upgrade we can't guarantee that + systemd has been fully configured before udev is restarted. + The versioned systemd Breaks that was added to udev for #902185 didn't + really fix this issue, so revert that change again. (Closes: #903224) + + -- Michael Biebl Thu, 19 Jul 2018 00:04:54 +0200 + +systemd (239-5) unstable; urgency=medium + + * Add inverse version restriction of the Breaks to the systemd-shim + alternative in libpam-systemd. + Otherwise apt will fail to find an installation path for libpam-systemd + in cases where libpam-systemd is an indirect dependency. (Closes: #902998) + + -- Michael Biebl Thu, 05 Jul 2018 11:50:10 +0200 + +systemd (239-4) unstable; urgency=medium + + [ Michael Biebl ] + * Drop outdated section from README.Debian about switching back to SysV init + * sleep: Fix one more printf format of a fiemap field + * basic: Add missing comma in raw_clone assembly for sparc + * bus-util: Make log level lower in request_name_destroy_callback() + * tmpfiles: Specify access mode for /run/systemd/netif + * Add Breaks against python-dbusmock (<< 0.18) to systemd. + The logind and timedated tests in python-dbusmock were broken by the + latest systemd release and had to be adjusted to work with systemd 239. + See #902602 + * Drop patches which try to support running systemd services without systemd + as pid 1. + No one is currently actively maintaining systemd-shim, which means that + e.g. running systemd-logind no longer works when systemd is not pid 1. + Thus drop our no longer working patches. Bump the Breaks against + systemd-shim accordingly. + See #895292, #901404, #901405 + + [ Martin Pitt ] + * test: fix networkd-test.py rate limiting and dynamic user + + -- Michael Biebl Tue, 03 Jul 2018 23:36:28 +0200 + +systemd (239-3) unstable; urgency=medium + + * Revert "systemctl: when removing enablement or mask symlinks, cover both + /run and /etc" + We currently have packages in the archive which use + "systemctl --runtime unmask" and are broken by this change. + This is a intermediate step until it is clear whether upstream will + revert this commit or whether we will have to update affected packages + to deal with this changed behaviour. + See #902287 and https://github.com/systemd/systemd/issues/9393 + + -- Michael Biebl Wed, 27 Jun 2018 14:46:06 +0200 + +systemd (239-2) unstable; urgency=medium + + * sleep: Fix printf format of fiemap fields. + This should fix a FTBFS on ia64. + * timesync: Change type of drift_freq to int64_t. + This should fix a FTBFS on x32. + * Bump systemd Breaks to ensure it is upgraded in lockstep with udev. + The hardening features used by systemd-udevd.service require systemd 239 + and udev will fail to start with older versions. (Closes: #902185) + + -- Michael Biebl Wed, 27 Jun 2018 13:59:24 +0200 + +systemd (239-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 239 + * Drop alternative iptables-dev Build-Depends. + It is no longer needed as both Ubuntu and Debian now ship libiptc-dev in + their latest stable (LTS) release. + * Drop alternative btrfs-tools Recommends. + It is no longer needed as btrfs-progs is now available in both Debian + and Ubuntu and keeping the alternative around prevents the transitional + package from being autoremoved. + * Disable installation of RPM macros. + This avoids having to remove them manually later on. + * Drop cleanup rules for libtool .la files. + With the switch to Meson, libtool is no longer used. + * Drop fallback for older kernels when running the test suite. + We now assume that we have a kernel newer then 3.13. + * Stop cleaning up .busname units. + Those are gone upstream, so we no longer need to remove them manually. + * Update symbols file for libsystemd0 + * Rebase patches + * Install new resolvectl tool. + Don't ship the /sbin/resolvconf compat symlink in the systemd package, + as this would cause a file conflict with the resolvconf and openresolv + package. + * Disable support for "Portable Services" + This is still an experimental feature. + * Disable pristine-tar in gbp.conf. + It is currently not possible to import the systemd v239 tarball using + pristine-tar due to #902115. + * Bump Build-Depends on meson to (>= 0.44) + * Stop setting the path for the kill binary, no longer necessary + * Stop creating systemd-network and systemd-resolve system user + systemd-networkd.service and systemd-resolved.service now use + DynamicUser=yes. + + [ Dimitri John Ledkov ] + * Run all upstream tests, and then report all that failed. + + -- Michael Biebl Sat, 23 Jun 2018 00:18:08 +0200 + +systemd (238-5) unstable; urgency=medium + + [ Evgeny Vereshchagin ] + * upstream autopkgtest: Copy journal subdirectories. + Otherwise logs are missing on failures. + + [ Martin Pitt ] + * debian/tests/boot-and-services: Ignore cpi.service failure. + This is apparently a regression in Ubuntu 18.04, not in systemd, so + ignore it. + + [ Michael Biebl ] + * sd-bus: Do not try to close already closed fd (Closes: #896781) + * Use dh_missing to act on uninstalled files. + The usage of dh_install --fail-missing has been deprecated. + * meson: Avoid warning about comparison of bool and string. + The result of this is undefined and will become a hard error in a future + Meson release. + * login: Respect --no-wall when cancelling a shutdown request + (Closes: #897938) + * Add dependencies of libsystemd-shared to Pre-Depends. + This is necessary so systemctl is functional at all times during a + dist-upgrade. (Closes: #897986) + * Drop dh_strip override, the dbgsym migration is done + + [ Felipe Sateler ] + * Don't include libmount.h in a header file. + Kernel and glibc headers both use MS_* constants, but are not in sync, so + only one of them can be used at a time. Thus, only import them where + needed. Works around #898743. + + -- Michael Biebl Sat, 26 May 2018 10:31:29 +0200 + +systemd (238-4) unstable; urgency=medium + + [ Michael Biebl ] + * udev/net-id: Fix check for address to keep interface names stable + * debian/copyright: Move global wildcard section to the top + + [ Martin Pitt ] + * Fix daemon reload failures + + [ Laurent Bigonville ] + * Fix /sys/fs/cgroup mount when using SELinux. + Since v236, all cgroups except /sys/fs/cgroup/systemd and + /sys/fs/cgroup/unified are not mounted when SELinux is enabled (even in + permissive mode). Disabling SELinux completely restores these cgroups. + This patch fixes that issue by no longer making the assumption that those + cgroups are mounted by initrd/dracut before systemd is started. + + -- Michael Biebl Sun, 01 Apr 2018 13:02:57 +0200 + +systemd (238-3) unstable; urgency=medium + + [ Martin Pitt ] + * Enable systemd-sysusers unit and provide correct Debian static u/gids. + Add a helper script debian/extra/make-sysusers-basic which generates a + sysusers.d(5) file from Debian's static master passwd/group files. + systemd 238 now supports specifying different uid and gid and a + non-default login shell, so this is possible now. (Closes: #888126) + * udev README.Debian: Include initrd rebuild and some clarifications in + migration. + While initrd update is already being mentioned in the introductory + section, it is easy to miss when going through the migration steps, so + explicitly mention it again. Also add a warning about keeping a fallback + on misconfigurations, and the possibility to migrate one interface at a + time. + Thanks to Karl O. Pinc for the suggestions! (Closes: #881769) + + [ Michael Biebl ] + * basic/macros: Rename noreturn into _noreturn_. + "noreturn" is reserved and can be used in other header files we include. + (Closes: #893426) + * units: Fix SuccessAction that belongs to [Unit] section not [Service] + section (Closes: #893282) + + -- Michael Biebl Tue, 20 Mar 2018 23:22:57 +0100 + +systemd (238-2) unstable; urgency=medium + + [ Alf Gaida ] + * core: do not free stack-allocated strings. + Fixes a crash in systemd when the cpuacct cgroup controller is not + available. (Closes: #892360) + + -- Michael Biebl Sat, 10 Mar 2018 01:12:47 +0100 + +systemd (238-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 238 + - Fixes systemd-tmpfiles to correctly handle symlinks present in + non-terminal path components. (CVE-2018-6954, Closes: #890779) + * Rebase patches + * Use compat symlinks as provided by upstream. + As the upstream build system now creates those symlinks for us, we no + longer have to create them manually. + * Update symbols file for libsystemd0 + * test-cgroup-util: bail out when running under a buildd environment + + [ Dimitri John Ledkov ] + * systemd-sysv-install: Fix name initialisation. + Only initialise NAME after --root optional argument has been parsed, + otherwise NAME is initialized to e.g. `enable`, instead of to the + `unit-name`, resulting in failures. (LP: #1752882) + + -- Michael Biebl Wed, 07 Mar 2018 23:21:53 +0100 + +systemd (237-4) unstable; urgency=medium + + [ Gunnar Hjalmarsson ] + * Fix PO template creation. + Cherry-pick upstream patches to build a correct systemd.pot including + the polkit policy files even without policykit-1 being installed. + (LP: #1707898) + + [ Michael Biebl ] + * Drop mask for fuse SysV init script. + The fuse package has removed its SysV init script a long time ago, so + the mask is no longer needed. + * Replace two Debian specific patches which cherry-picks from upstream + master + + -- Michael Biebl Wed, 28 Feb 2018 19:18:34 +0100 + +systemd (237-3) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/boot-smoke: More robust journal checking. + Also fail the test if calling journalctl fails, and avoid calling it + twice. See https://github.com/systemd/systemd/pull/8032 + * Simplify PO template creation. + Use the existing upstream build system instead of a manual call to + `intltool-update` and `xgettext` to build systemd.pot. Remove the now + obsolete intltool build dependency, but still explicitly keep gettext. + (LP: #1707898) + * Make systemd-sysv-install robust against existing $ROOT. + Always initialize `$ROOT`, to avoid the script getting confused by an + existing outside env variable. Also fix the `--root` option to actually + work, the previous approach was conceptually broken due to how shell + quoting works. Make the work with `set -u`. (Closes: #890436) + + [ Felipe Sateler ] + * Backport upstream patch fixing a wrong assert() call (Closes: #890423) + + -- Michael Biebl Wed, 14 Feb 2018 23:07:17 +0100 + +systemd (237-2) unstable; urgency=medium + + * Drop debian/extra/rules/70-debian-uaccess.rules. + Up-to-date udev rules for U2F devices are shipped in libu2f-udev nowadays. + (Closes: #889665) + * service: relax PID file symlink chain checks a bit. + Let's read the PID file after all if there's a potentially unsafe symlink + chain in place. But if we do, then refuse taking the PID if its outside of + the cgroup. (Closes: #889144) + + -- Michael Biebl Fri, 09 Feb 2018 23:35:31 +0100 + +systemd (237-1) unstable; urgency=medium + + * New upstream version 237 + * Rebase patches + * Update symbols file for libsystemd0 + * Update Vcs-* to point to https://salsa.debian.org + * Bump Standards-Version to 4.1.3 + * Set Rules-Requires-Root to no + + -- Michael Biebl Tue, 30 Jan 2018 01:55:24 +0100 + +systemd (236-4) unstable; urgency=medium + + [ Felipe Sateler ] + * Allow systemd-timesyncd to start when libnss-systemd is not installed. + Pick upstream patch requiring the existence of the systemd-timesync user + only when running as root, which is not the case for the system unit. + (Closes: #887343) + + [ Nicolas Braud-Santoni ] + * debian/copyright: Refer to the CC0 license file (Closes: #882629) + + [ Michael Biebl ] + * Add Build-Depends on python3-evdev + This is used by hwdb/parse_hwdb.py to perform additional validation on + hwdb files. + + -- Michael Biebl Sun, 28 Jan 2018 22:29:32 +0100 + +systemd (236-3) unstable; urgency=medium + + * Revert "core/execute: RuntimeDirectory= or friends requires mount + namespace" + This was making mounts from SSH sessions invisible to the system. + (Closes: #885325) + + -- Michael Biebl Thu, 11 Jan 2018 16:46:04 +0100 + +systemd (236-2) unstable; urgency=medium + + * Downgrade priority of libudev1 to optional. + This makes it compliant with recent versions of debian-policy which + recommends to use priority optional for library packages. + * Clarify NEWS entry about removal of system users. + Mention in the recent NEWS entry that the associated system groups + should be removed as well. (Closes: #885061) + * cryptsetup-generator: Don't mistake NULL input as OOM. + Fixes systemd-cryptsetup-generator failing to run during boot. + (Closes: #885201) + * analyze: Use normal bus connection for "plot" verb. + Fixes "systemd-analyze plot" failing to run as root. (Closes: #884506) + * Stop re-enabling systemd services on every upgrade. + This was done so changes to the [Install] section would be applied on + upgrades. Forcefully re-enabling a service might overwrite local + modifications though and thus far, none of the affected services did + actually change its [Install] section. So remove this code from the + maintainer scripts as it was apparently doing more harm then good. + (Closes: #869354) + + -- Michael Biebl Tue, 02 Jan 2018 00:35:14 +0100 + +systemd (236-1) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/upstream: Only show ≥ warning in journal dumps. + Showing the entire debug log is too hard to scan visually, and most of + the time the warnings and errors are sufficient to explain a failure. + Put the journal files into the artifacts though, in case the debug + information is necessary. + + [ Michael Biebl ] + * New upstream version 236 + - nspawn: Adjust path to static resolv.conf to support split usr. + (Closes: #881310) + - networkd: Don't stop networkd if CONFIG_FIB_RULES=n in kernel. + (Closes: #881823) + - core: Fix segfault in compile_bind_mounts() when BindPaths= or + BindReadOnlyPaths= is set. (Closes: #883380) + - meson: Link NSS modules with -z nodelete to fix memory leak in + nss-systemd. (Closes: #883407) + - logind: Make sure we don't acces m->action_what if it's not initialized. + (Closes: #882270) + - systemctl: Ignore shutdown's "-t" argument. (Closes: #882245) + - core: Be more defensive if we can't determine per-connection socket + peer. (Closes: #879603) + - bpf-firewall: Actually invoke BPF_PROG_ATTACH to check whether + cgroup/bpf is available. (Closes: #878965) + * Rebase patches + * Update symbols file for libsystemd0 + * Bump Standards-Version to 4.1.2 + * Clean up old /var/lib/systemd/clock on upgrade. + The clock file used by systemd-timesyncd is now stored in + StateDirectory=systemd/timesync. (Closes: #883605) + * Stop creating systemd-timesync system user. + DynamicUser=yes has been enabled for systemd-timesyncd.service so + allocating a system user statically is no longer necessary. + * Document removal of systemd-{timesync,journal-gateway,journal-upload} user. + We no longer create those system users as the corresponding services now + use DynamicUser=yes. Removing those system users automatically is tricky, + as the relevant services might be running during upgrade. Add a NEWS + entry instead which documents this change. + * Revert "udev-rules: Permission changes for /dev/dri/renderD*" + This would introduce a new system group "render". As the name is rather + generic, this needs further discussion first, so revert this change for + now. + + -- Michael Biebl Sun, 17 Dec 2017 21:45:51 +0100 + +systemd (235-3) unstable; urgency=medium + + [ Michael Biebl ] + * Switch from XC-Package-Type to Package-Type. As of dpkg-dev 1.15.7 + Package-Type is recognized as an official field name. + * Install modprobe configuration file to /lib/modprobe.d. + Otherwise it is not read by kmod. (Closes: #879191) + + [ Felipe Sateler ] + * Backport upstream (partial) fix for combined DynamicUser= + User= + UID was not allowed to be different to GID, which is normally the case in + debian, due to the group users being allocated the GID 100 without an + equivalent UID 100 being allocated. + * Backport upstream patches to fully make DynamicUser=yes + static, + pre-existing User= work. + + [ Martin Pitt ] + * Add missing python3-minimal dependency to systemd-tests + * Drop long-obsolete systemd-bus-proxy system user + systemd-bus-proxy hasn't been shipped since before stretch and never + created any files. Thus clean up the obsolete system user on upgrades. + (Closes: #878182) + * Drop static systemd-journal-gateway system user + systemd-journal-gatewayd.service now uses DynamicUser=, so we don't need + to create this statically any more. Don't remove the user on upgrades + though, as there is likely still be a running process. (Closes: #878183) + * Use DynamicUser= for systemd-journal-upload.service. + * Add Recommends: libnss-systemd to systemd-sysv. + This is useful to actually be able to resolve dynamically created system + users with DynamicUser=true. This concept is going to be used much more + in future versions and (hopefully) third-party .services, so pulling it + into the default installation seems prudent now. + * resolved: Fix loop on packets with pseudo dns types. + (CVE-2017-15908, Closes: #880026, LP: #1725351) + * bpf-firewall: Properly handle kernels without BPF cgroup but with TRIE maps. + Fixes "Detaching egress BPF: Invalid argument" log spam. (Closes: #878965) + * Fix MemoryDenyWriteExecution= bypass with pkey_mprotect() (LP: #1725348) + + -- Martin Pitt Wed, 15 Nov 2017 09:34:00 +0100 + +systemd (235-2) unstable; urgency=medium + + * Revert "tests: when running a manager object in a test, migrate to private + cgroup subroot first" + This was causing test suite failures when running inside a chroot. + + -- Michael Biebl Wed, 11 Oct 2017 00:46:07 +0200 + +systemd (235-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 235 + - cryptsetup-generator: use remote-cryptsetup.target when _netdev is + present (Closes: #852534) + - tmpfiles: change btmp mode 0600 → 0660 (Closes: #870638) + - networkd: For IPv6 addresses do not treat IFA_F_DEPRECATED as not ready + (Closes: #869995) + - exec-util,conf-files: skip non-executable files in execute_directories() + (Closes: #867902) + - man: update udevadm -y/--sysname-match documentation (Closes: #865081) + - tmpfiles: silently ignore any path that passes through autofs + (Closes: #805553) + - shared: end string with % if one was found at the end of a expandible + string (Closes: #865450) + * Refresh patches + * Bump Build-Depends on libmount-dev to (>= 2.30) + * Install new modprobe.d config file + * Bump Standards-Version to 4.1.1 + + [ Martin Pitt ] + * Merge logind-kill-off autopkgtest into logind test. + This was horribly inefficient as a separate test (from commit + 6bd0dab41e), as that cost two VM resets plus accompanying boots; and + this does not change any state thus does not require this kind of + isolation. + + -- Michael Biebl Tue, 10 Oct 2017 18:29:28 +0200 + +systemd (234-3) unstable; urgency=medium + + [ Martin Pitt ] + * Various fixes for the upstream autopkgtest. + + [ Felipe Sateler ] + * Add fdisk to the dependencies of the upstream autopkgtest. + The upstream autopkgtest uses sfdisk, which is now in the non-essential + fdisk package. (Closes: #872119) + * Disable nss-systemd on udeb builds + * Correctly disable resolved on udeb builds + * Help fix collisions in libsystemd-shared symbols by versioning them. + Backport upstream patch to version the symbols provided in the private + library, so that they cannot confuse unversioned pam modules or libraries + linked into them. (Closes: #873708) + + [ Dimitri John Ledkov ] + * Cherrypick upstream networkd-test.py assertion/check fixes. + This resolves ADT test suite failures, when running tests under lxc/lxd + providers. + * Cherrypick arm* seccomp fixes. + This should resolve ADT test failures, on arm64, when running as root. + * Disable KillUserProcesses, yet again, with meson this time. + * initramfs-tools: trigger udevadm add actions with subsystems first. + This updates the initramfs-tools init-top udev script to trigger udevadm + actions with type specified. This mimics the systemd-udev-trigger.service. + Without type specified only devices are triggered, but triggering + subsystems may also be required and should happen before triggering the + devices. This is the case for example on s390x with zdev generated udev + rules. (LP: #1713536) + + [ Michael Biebl ] + * (Re)add --quiet flag to addgroup calls. + This is now safe with adduser having been fixed to no longer suppress + fatal error messages if --quiet is used. (Closes: #837871) + * Switch back to default GCC (Closes: #873661) + * Drop systemd-timesyncd.service.d/disable-with-time-daemon.conf. + All major NTP implementations ship a native service file nowadays with a + Conflicts=systemd-timesyncd.service so this drop-in is no longer + necessary. (Closes: #873185) + + -- Michael Biebl Mon, 04 Sep 2017 00:17:00 +0200 + +systemd (234-2.3) unstable; urgency=high + + * Non-maintainer upload. + * Also switch to g++-6 temporarily (needed for some tests): + - Add g++-6 to Build-Depends + - Export CXX = g++-6 + + -- Cyril Brulebois Thu, 24 Aug 2017 02:40:53 +0200 + +systemd (234-2.2) unstable; urgency=high + + * Non-maintainer upload. + * Switch to gcc-6 on all architectures, working around an FTBFS on mips64el, + apparently due to a gcc-7 bug (See: #871514): + - Add gcc-6 to Build-Depends in debian/control + - Export CC = gcc-6 in debian/rules + + -- Cyril Brulebois Wed, 23 Aug 2017 22:53:09 +0000 + +systemd (234-2.1) unstable; urgency=high + + * Non-maintainer upload. + * Fix missing 60-input-id.rules in udev-udeb, which breaks the graphical + version of the Debian Installer, as no key presses or mouse events get + processed (Closes: #872598). + + -- Cyril Brulebois Wed, 23 Aug 2017 20:41:33 +0200 + +systemd (234-2) unstable; urgency=medium + + [ Martin Pitt ] + * udev README.Debian: Fix name of example *.link file + + [ Felipe Sateler ] + * test-condition: Don't assume that all non-root users are normal users. + Automated builders may run under a dedicated system user, and this test + would fail that. + + [ Michael Biebl ] + * Revert "units: Tell login to preserve environment" + Environment=LANG= LANGUAGE= LC_CTYPE= ... as used in the getty units is + not unsetting the variables but instead sets it to an empty var. Passing + that environment to login messes up the system locale settings and + breaks programs like gpg-agent. + (Closes: #868695) + + -- Michael Biebl Thu, 20 Jul 2017 15:13:42 +0200 + +systemd (234-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 234 + - tmpfiles: Create /var/log/lastlog if it does not exist. + (Closes: #866313) + - network: Bridge vlan without PVID. (Closes: #859941) + * Rebase patches + * Switch build system from autotools to meson. + Update the Build-Depends accordingly. + * Update fsckd patch for meson + * udev autopkgtest: no longer install test-udev binary manually. + This is now done by the upstream build system. + * Update symbols file for libsystemd0 + * Update lintian override for systemd-tests. + Upstream now installs manual and unsafe tests in subdirectories of + /usr/lib/systemd/tests/, so ignore those as well. + * Bump Standards-Version to 4.0.0 + * Change priority of libnss-* packages from extra to optional. + * Use UTF-8 locale when building the package. + Otherwise meson will be pretty unhappy when trying to process files with + unicode characters. Use C.UTF-8 as this locale is pretty much guaranteed + to be available everywhere. + * Mark test-timesync as manual. + The test tries to setup inotify watches for /run/systemd/netif/links + which fails in a buildd environment where systemd is not active. + * Do not link udev against libsystemd-shared. + We ship udev in a separate binary package, so can't use + libsystemd-shared, which is part of the systemd binary package. + * Avoid requiring a "kvm" system group. + This group is not universally available and as a result generates a + warning during boot. As kvm is only really useful if the qemu package is + installed and this package already takes care of setting up the proper + permissions for /dev/kvm, drop this rule from 50-udev-default.rules. + + [ Martin Pitt ] + * udev README.Debian: Update transitional rules and mention *.link files. + - 01-mac-for-usb.link got replaced with 73-usb-net-by-mac.rules + - /etc/systemd/network/50-virtio-kernel-names.link is an upgrade + transition for VMs with virtio + - Describe *.link files as a simpler/less error prone (but also less + flexible) way of customizing interface names. (Closes: #868002) + + -- Michael Biebl Thu, 13 Jul 2017 17:38:28 +0200 + +systemd (233-10) unstable; urgency=medium + + [ Martin Pitt ] + * Adjust var-lib-machines.mount target. + Upstream PR #6095 changed the location to + {remote-fs,machines}.target.wants, so just install all available ones. + + [ Dimitri John Ledkov ] + * Fix out-of-bounds write in systemd-resolved. + CVE-2017-9445 (Closes: #866147, LP: #1695546) + + [ Michael Biebl ] + * Be truly quiet in systemctl -q is-enabled (Closes: #866579) + * Improve RLIMIT_NOFILE handling. + Use /proc/sys/fs/nr_open to find the current limit of open files + compiled into the kernel instead of using a hard-coded value of 65536 + for RLIMIT_NOFILE. (Closes: #865449) + + [ Nicolas Braud-Santoni ] + * debian/extra/rules: Use updated U2F ruleset. + This ruleset comes from Yubico's libu2f-host. (Closes: #824532) + + -- Michael Biebl Mon, 03 Jul 2017 18:51:58 +0200 + +systemd (233-9) unstable; urgency=medium + + * hwdb: Use path_join() to generate the hwdb_bin path. + This ensures /lib/udev/hwdb.bin gets the correct SELinux context. Having + double slashes in the path makes selabel_lookup_raw() return the wrong + context. (Closes: #851933) + * Drop no longer needed Breaks against usb-modeswitch + * Drop Breaks for packages shipping rcS init scripts. + This transition was completed in stretch. + + -- Michael Biebl Mon, 19 Jun 2017 15:10:14 +0200 + +systemd (233-8) experimental; urgency=medium + + * Bump debhelper compatibility level to 10 + * Drop versioned Build-Depends on dpkg-dev. + It's no longer necessary as even Jessie ships a new enough version. + * timesyncd: don't use compiled-in list if FallbackNTP has been configured + explicitly (Closes: #861769) + * resolved: fix null pointer p->question dereferencing. + This fixes a bug which allowed a remote DoS (daemon crash) via a crafted + DNS response with an empty question section. + Fixes: CVE-2017-9217 (Closes: #863277) + + -- Michael Biebl Mon, 29 May 2017 14:12:08 +0200 + +systemd (233-7) experimental; urgency=medium + + [ Michael Biebl ] + * basic/journal-importer: Fix unaligned access in get_data_size() + (Closes: #862062) + * ima: Ensure policy exists before asking the kernel to load it + (Closes: #863111) + * Add Depends: procps to systemd. + It's required by /usr/lib/systemd/user/systemd-exit.service which calls + /bin/kill to stop the systemd --user instance. (Closes: #862292) + * service: Serialize information about currently executing command + (Closes: #861157) + * seccomp: Add clone syscall definitions for mips (Closes: #861171) + + [ Dimitri John Ledkov ] + * ubuntu: disable dnssec on any ubuntu releases (LP: #1690605) + + [ Felipe Sateler ] + * Specify nobody user and group. + Otherwise nss-systemd will translate to group 'nobody', which doesn't + exist on debian systems. + + -- Michael Biebl Wed, 24 May 2017 12:26:18 +0200 + +systemd (233-6) experimental; urgency=medium + + [ Felipe Sateler ] + * Backport upstream PR #5531. + This delays opening the mdns and llmnr sockets until a network has enabled + them. This silences annoying messages when networkd receives such packets + without expecting them: Got mDNS UDP packet on unknown scope. + + [ Martin Pitt ] + * resolved: Disable DNSSEC by default on stretch and zesty. + Both Debian stretch and Ubuntu zesty are close to releasing, switch to + DNSSEC=off by default for those. Users can still turn it back on with + DNSSEC=allow-downgrade (or even "yes"). + + [ Michael Biebl ] + * Add Conflicts against hal. + Since v183, udev no longer supports RUN+="socket:". This feature is + still used by hal, but now generates vast amounts of errors in the + journal. Thus force the removal of hal by adding a Conflicts to the udev + package. This is safe, as hal is long dead and no longer useful. + * Drop systemd-ui Suggests + systemd-ui is unmaintained upstream and not particularly useful anymore. + * journal: fix up syslog facility when forwarding native messages. + Native journal messages (_TRANSPORT=journal) typically don't have a + syslog facility attached to it. As a result when forwarding the + messages to syslog they ended up with facility 0 (LOG_KERN). + Apply syslog_fixup_facility() so we use LOG_USER instead. + (Closes: #837893) + * Split upstream tests into systemd-tests binary package (Closes: #859152) + * Get PACKAGE_VERSION from config.h. + This also works with meson and is not autotools specific. + + [ Sjoerd Simons ] + * init-functions Only call daemon-reload when planning to redirect + systemctl daemon-reload is a quite a heavy operation, it will re-parse + all configuration and re-run all generators. This should only be done + when strictly needed. (Closes: #861158) + + -- Michael Biebl Fri, 28 Apr 2017 21:47:14 +0200 + +systemd (233-5) experimental; urgency=medium + + * Do not throw a warning in emergency and rescue mode if plymouth is not + installed. + Ideally, plymouth should only be referenced via dependencies, not + ExecStartPre. This at least avoids the confusing error message on + minimal installations that do not carry plymouth. + * rules: Allow SPARC vdisk devices when identifying CD drives + (Closes: #858014) + + -- Michael Biebl Tue, 21 Mar 2017 21:00:08 +0100 + +systemd (233-4) experimental; urgency=medium + + [ Martin Pitt ] + * udev autopkgtest: Drop obsolete sys.tar.xz fallback. + This was only necessary for supporting 232 as well. + * root-unittest: Drop obsolete FIXME comment. + * Add libpolkit-gobject-1-dev build dep for polkit version detection. + * Move systemd.link(5) to udev package. + .link files are being handled by udev, so it should ship the + corresponding manpage. Bump Breaks/Replaces accordingly. (Closes: #857270) + + [ Michael Biebl ] + * Restart journald on upgrades (Closes: #851438) + * Avoid strict DM API versioning. + Compiling against the dm-ioctl.h header as provided by the Linux kernel + will embed the DM interface version number. Running an older kernel can + lead to errors on shutdown when trying to detach DM devices. + As a workaround, build against a local copy of dm-ioctl.h based on 3.13, + which is the minimum required version to support DM_DEFERRED_REMOVE. + (Closes: #856337) + + -- Michael Biebl Thu, 16 Mar 2017 18:40:16 +0100 + +systemd (233-3) experimental; urgency=medium + + [ Michael Biebl ] + * Install D-Bus policy files in /usr + * Drop no longer needed maintainer scripts migration code and simplify + various version checks + * Fix location of installed tests + * Override package-name-doesnt-match-sonames lintian warning for libnss-* + * Don't ship any symlinks in /etc/systemd/system. + Those should be created dynamically via "systemctl enable". + + [ Martin Pitt ] + * root-unittests autopkgtest: Skip test-udev. + It has its own autopkgtest and needs some special preparation. At some + point that should be merged into root-unittests, but let's quickfix this + to unbreak upstream CI. + + -- Michael Biebl Fri, 03 Mar 2017 19:49:44 +0100 + +systemd (233-2) experimental; urgency=medium + + * test: skip instead of fail if crypto kmods are not available. + The Debian buildds have module loading disabled, thus AF_ALG sockets are + not available during build. Skip the tests that cover those (khash and + id128) instead of failing them in this case. + https://github.com/systemd/systemd/issues/5524 + + -- Martin Pitt Fri, 03 Mar 2017 11:51:25 +0100 + +systemd (233-1) experimental; urgency=medium + + [ Martin Pitt ] + * New upstream release 233: + - udev: Remove /run/udev/control on stop to avoid sendsigs to kill + udevd. (Closes: #791944) + - nspawn: Handle container directory symlinks. (Closes: #805785) + - Fix mount units to not become "active" when NFS mounts time out. + (Closes: #835810) + - hwdb: Rework path/priority comparison when loading files from /etc/ + vs. /lib. (Closes: #845442) + - machinectl: Fix "list" command when failing to determine OS version. + (Closes: #849316) + - Support tilegx architecture. (Closes: #856306) + - systemd-sleep(8): Point out inhibitor interface as better alternative + for suspend integration. (Closes: #758279) + - journalctl: Improve error message wording when specifying boot + offset with ephemeral journal. (Closes: #839291) + * Install new systemd-umount and /usr/lib/environment.d/ + * Use "make install-tests" for shipped unit tests + * Switch back to gold linker on mips* + Bug #851736 got fixed now. + * debian/rules: Drop obsolete SETCAP path + + [ Michael Biebl ] + * Drop upstart jobs for udev + * Drop /sbin/udevadm compat symlink from udev-udeb and initramfs + * Drop Breaks and Replaces from pre-jessie + + -- Martin Pitt Thu, 02 Mar 2017 17:10:09 +0100 + +systemd (232-19) unstable; urgency=medium + + [ Martin Pitt ] + * debian/README.source: Update patch and changelog handling to current + reality. + * root-unittests autopkgtest: Blacklist test-journal-importer. + This got added in a recent PR, but running this requires using "make + install-tests" which hasn't landed yet. + * fsckd: Fix format specifiers on 32 bit architectures. + * resolved: Fix NSEC proofs for missing TLDs (Closes: #855479) + * boot-and-services autopkgtest: Skip CgroupsTest on unified hierarchy. + * boot-smoke autopkgtest: Run in containers, too. + * logind autopkgtest: Adjust to work in containers. + + [ Dimitri John Ledkov ] + * Fix resolved failing to follow CNAMES for DNS stub replies (LP: #1647031) + * Fix emitting change signals with a sessions property in logind + (LP: #1661568) + + [ Michael Biebl ] + * If an automount unit is masked, don't react to activation anymore. + Otherwise we'll hit an assert sooner or later. (Closes: #856035) + + [ Felipe Sateler ] + * resolved: add the new KSK to the built-in resolved trust anchor. + The old root key will be discarded in early 2018, so get this into + stretch. + * Backport some zsh completion fixes from upstream (Closes: #847203) + + -- Martin Pitt Thu, 02 Mar 2017 09:21:12 +0100 + +systemd (232-18) unstable; urgency=medium + + * udev autopkgtest: Adjust to script-based test /sys creation. + PR #5250 changes from the static sys.tar.xz to creating the test /sys + directory with a script. Get along with both cases until 233 gets + released and packaged. + * systemd-resolved.service.d/resolvconf.conf: Don't fail if resolvconf is + not installed. ReadWritePaths= fails by default if the referenced + directory does not exist. This happens if resolvconf is not installed, so + use '-' to ignore the absence. (Closes: #854814) + * Fix two more seccomp issues. + * Permit seeing process list of units whose unit files are missing. + * Fix systemctl --user enable/disable without $XDG_RUNTIME_DIR being set. + (Closes: #855050) + + -- Martin Pitt Mon, 13 Feb 2017 17:36:12 +0100 + +systemd (232-17) unstable; urgency=medium + + * Add libcap2-bin build dependency for tests. This will make + test_exec_capabilityboundingset() actually run. (Closes: #854394) + * Add iproute2 build dependency for tests. This will make + test_exec_privatenetwork() actually run; it skips if "ip" is not present. + (Closes: #854396) + * autopkgtest: Run all upstream unit tests as root. + Ship all upstream unit tests in libsystemd-dev, and run them all as root + in autopkgtest. (Closes: #854392) This also fixes the FTBFS on non-seccomp + architectures. + * systemd-resolved.service.d/resolvconf.conf: Allow writing to + /run/resolvconf. Upstream PR #5283 will introduce permission restrictions + for systemd-resolved.service, including the lockdown to writing + /run/systemd/. This will then cause the resolvconf call in our drop-in to + fail as that needs to write to /run/resolvconf/. Add this to + ReadWritePaths=. (This is a no-op with the current unrestricted unit). + + -- Martin Pitt Fri, 10 Feb 2017 11:52:46 +0100 + +systemd (232-16) unstable; urgency=medium + + [ Martin Pitt ] + * Add autopkgtest for test-seccomp + * udev: Fix by-id symlinks for devices whose IDs contain whitespace + (Closes: #851164, LP: #1647485) + * Add lintian overrides for binary-or-shlib-defines-rpath on shipped test + programs. This is apparently a new lintian warning on which uploads get + rejected. These are only test programs, not in $PATH, and they need to + link against systemd's internal library. + + [ Michael Biebl ] + * Fix seccomp filtering. (Closes: #852811) + * Do not crash on daemon-reexec when /run is full (Closes: #850074) + + -- Martin Pitt Thu, 09 Feb 2017 16:22:43 +0100 + +systemd (232-15) unstable; urgency=medium + + * Add missing Build-Depends on tzdata. + It is required to successfully run the test suite. (Closes: #852883) + * Bump systemd Breaks to ensure it is upgraded in lockstep with udev. + The sandboxing features used by systemd-udevd.service require systemd + (>= 232-11). (Closes: #853078) + * Bump priority of libpam-systemd to standard. + This reflects the changes that have been made in the archive a while + ago. See #803184 + + -- Michael Biebl Wed, 01 Feb 2017 22:45:35 +0100 + +systemd (232-14) unstable; urgency=medium + + * Deal with NULL pointers more gracefully in unit_free() (Closes: #852202) + * Fix issues in journald during startup + + -- Michael Biebl Mon, 23 Jan 2017 14:52:46 +0100 + +systemd (232-13) unstable; urgency=medium + + * Re-add versioned Conflicts/Replaces against upstart. + In Debian the upstart package was never split into upstart and + upstart-sysv, so we need to keep that for switching from upstart to + systemd-sysv. (Closes: #852156) + * Update Vcs-* according to the latest recommendation + * Update Homepage and the URLs in debian/copyright to use https + + -- Michael Biebl Sun, 22 Jan 2017 08:19:28 +0100 + +systemd (232-12) unstable; urgency=medium + + * Fix build if seccomp support is disabled + * Enable seccomp support on ppc64 + + -- Michael Biebl Wed, 18 Jan 2017 19:43:51 +0100 + +systemd (232-11) unstable; urgency=medium + + [ Martin Pitt ] + * Fix RestrictAddressFamilies= + Backport upstream fix for setting up seccomp filters to fix + RestrictAddressFamilies= on non-amd64 architectures. Drop the hack from + debian/rules to remove this property from unit files. + See #843160 + * Use local machine-id for running tests during package build. + Since "init" and thus "systemd" are not part of debootstrap any more, + some buildd chroots don't have an /etc/machine-id any more. Port the old + Add-env-variable-for-machine-ID-path.patch to the current code, use a + local machine-id again, and always make test suite failures fatal. + (Closes: #851445) + + [ Michael Biebl ] + * gpt-auto-generator: support LUKS encrypted root partitions + (Closes: #851475) + * Switch to bfd linker on mips* + The gold linker is currently producing broken libraries on mips* + resulting in segfaults for users of libsystemd. Switch to bfd until + binutils has been fixed. (Closes: #851412) + * Revert "core: turn on specifier expansion for more unit file settings" + The expansion of the % character broke the fstab-generator and + specifying the tmpfs size as percentage of physical RAM resulted in the + size being set to 4k. (Closes: #851492) + * Drop obsolete Conflicts, Breaks and Replaces + * Require systemd-shim version which supports v232. + See #844785 + + [ Ondřej Nový ] + * Redirect try-restart in init-functions hook (Closes: #851688) + + -- Michael Biebl Wed, 18 Jan 2017 12:38:54 +0100 + +systemd (232-10) unstable; urgency=medium + + * Add NULL sentinel to strjoin. + We haven't cherry-picked upstream commit 605405c6c which introduced a + strjoin macro that adds the NULL sentinel automatically so we need to do + it manually. (Closes: #851210) + + -- Michael Biebl Fri, 13 Jan 2017 05:08:55 +0100 + +systemd (232-9) unstable; urgency=medium + + * Use --disable-wheel-group configure switch. + Instead of mangling the tmpfiles via sed to remove the wheel group, use + the configure switch which was added upstream in v230. + See https://github.com/systemd/systemd/issues/2492 + * Update debian/copyright. + Bob Jenkins released the lookup3.[ch] files as public domain which means + there is no copyright holder. + * Drop fallback for older reportbug versions when attaching files + * debian/extra/init-functions.d/40-systemd: Stop checking for init env var. + This env variable is no longer set when systemd executes a service so + it's pointless to check for it. + * debian/extra/init-functions.d/40-systemd: Stop setting + _SYSTEMCTL_SKIP_REDIRECT=true. + It seems we don't actually need it to detect recursive loops (PPID is + sufficient) and by exporting it we leak _SYSTEMCTL_SKIP_REDIRECT into + the runtime environment of the service. (Closes: #802018) + * debian/extra/init-functions.d/40-systemd: Rename _SYSTEMCTL_SKIP_REDIRECT. + Rename _SYSTEMCTL_SKIP_REDIRECT to SYSTEMCTL_SKIP_REDIRECT to be more + consistent with other environment variables which are used internally by + systemd, like SYSTEMCTL_SKIP_SYSV. + * Various specifier resolution fixes. + Turn on specifier expansion for more unit file settings. + See https://github.com/systemd/systemd/pull/4835 (Closes: #781730) + + -- Michael Biebl Thu, 12 Jan 2017 16:59:22 +0100 + +systemd (232-8) unstable; urgency=medium + + [ Martin Pitt ] + * Drop systemd dependency from libnss-myhostname again. + This NSS module is completely independent from systemd, unlike the other + three. + * Install 71-seat.rules into the initrd. + This helps plymouth to detect applicable devices. (Closes: #756109) + * networkd: Fix crash when setting routes. + * resolved: Drop removal of resolvconf entry on stop. + This leads to timeouts on shutdown via the resolvconf hooks and does not + actually help much -- /etc/resolv.conf would then just be empty instead of + having a nonexisting 127.0.0.53 nameserver, so manually stopping resolved + in a running system is broken either way. (LP: #1648068) + * Keep RestrictAddressFamilies on amd64. + This option and libseccomp currently work on amd64 at least, so let's make + sure it does not break there as well, and benefit from the additional + protection at least on this architecture. + * Explicitly set D-Bus policy dir. + This is about to change upstream in + https://github.com/systemd/systemd/pull/4892, but as explained in commit + 2edb1e16fb12f4 we need to keep the policies in /etc/ until stretch+1. + + [ Michael Biebl ] + * doc: Clarify NoNewPrivileges in systemd.exec(5). (Closes: #756604) + * core: Rework logic to determine when we decide to add automatic deps for + mounts. This adds a concept of "extrinsic" mounts. If mounts are + extrinsic we consider them managed by something else and do not add + automatic ordering against umount.target, local-fs.target, + remote-fs.target. (Closes: #818978) + * rules: Add persistent links for nbd devices. (Closes: #837999) + + -- Michael Biebl Sat, 17 Dec 2016 01:54:18 +0100 + +systemd (232-7) unstable; urgency=medium + + [ Michael Biebl ] + * Mark liblz4-tool build dependency as + * udev: Try mount -n -o move first + initramfs-tools is not actually using util-linux mount (yet), so making + mount -n --move the first alternative would trigger an error message if + users have built their initramfs without busybox support. + + [ Alexander Kurtz ] + * debian/extra/kernel-install.d/85-initrd.install: Remove an unnecessary + variable. (Closes: #845977) + + [ Martin Pitt ] + * Drop systemd-networkd's "After=dbus.service" ordering, so that it can + start during early boot (for cloud-init.service). It will auto-connect to + D-Bus once it becomes available later, and transient (from DHCP) hostname + and timezone setting do not currently work anyway. (LP: #1636912) + * Run hwdb/parse_hwdb.py during package build. + * Package libnss-systemd + * Make libnss-* depend on the same systemd package version. + + -- Martin Pitt Wed, 30 Nov 2016 14:38:36 +0100 + +systemd (232-6) unstable; urgency=medium + + * Add policykit-1 test dependency for networkd-test.py. + * debian/rules: Don't destroy unit symlinks with sed -i. + Commit 21711e74 introduced a "sed -i" to remove RestrictAddressFamilies= + from units. This also caused unit symlinks to get turned into real files, + causing D-Bus activated services like timedated to fail ("two units with + the same D-Bus name"). + * Fall back to "mount -o move" in udev initramfs script + klibc's mount does not understand --move, so for the time being we need to + support both variants. (Closes: #845161) + * debian/README.Debian: Document how to generate a shutdown log. + Thanks 積丹尼 Dan Jacobson. (Closes: #826297) + + -- Martin Pitt Mon, 21 Nov 2016 10:39:57 +0100 + +systemd (232-5) unstable; urgency=medium + + * Add missing liblz4-tool build dependency. + Fixes test-compress failure during package build. + * systemd: Ship /var/lib. + This will soon contain a polkit pkla file. + + -- Martin Pitt Sun, 20 Nov 2016 12:22:52 +0100 + +systemd (232-4) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/unit-config: Query pkg-config for system unit dir. + This fixes confusion on merged-/usr systems where both /usr/lib/systemd and + /lib/systemd exist. It's actually useful to verify that systemd.pc says the + truth. + * debian/tests/upstream: Fix clobbering of merged-/usr symlinks + * debian/tests/systemd-fsckd: Create /etc/default/grub.d if necessary + * debian/rules: Drop check for linking to libs in /usr. + This was just an approximation, as booting without an initrd could still be + broken by library updates (e. g. #828991). With merged /usr now being the + default this is now completely moot. + * Move kernel-install initrd script to a later prefix. + 60- does not leave much room for scripts that want to run before initrd + building (which is usually one of the latest things to do), so bump to 85. + Thanks to Sjoerd Simons for the suggestion. + * Disable 99-default.link instead of the udev rule for disabling persistent + interface names. + Disabling 80-net-setup-link.rules will also cause ID_NET_DRIVER to not be + set any more, which breaks 80-container-ve.network and matching on driver + name in general. So disable the actual default link policy instead. Still + keep testing for 80-net-setup-link.rules in the upgrade fix and + 73-usb-net-by-mac.rules to keep the desired behaviour on systems which + already disabled ifnames via that udev rule. + See https://lists.freedesktop.org/archives/systemd-devel/2016-November/037805.html + * debian/tests/boot-and-services: Always run seccomp test + seccomp is now available on all architectures on which Debian and Ubuntu + run tests, so stop making this test silently skip if seccomp is disabled. + * Bump libseccomp build dependency as per configure.ac. + * Replace "Drop RestrictAddressFamilies=" patch with sed call. + With that it will also apply to upstream builds/CI, and it is structurally + simpler. + * Rebuild against libseccomp with fixed shlibs. (Closes: #844497) + + [ Michael Biebl ] + * fstab-generator: add x-systemd.mount-timeout option. (Closes: #843989) + * build-sys: do not install ctrl-alt-del.target symlink twice. + (Closes: #844039) + * Enable lz4 support. + While the compression rate is not as good as XZ, it is much faster, so a + better default for the journal and especially systemd-coredump. + (Closes: #832010) + + [ Felipe Sateler ] + * Enable machines.target by default. (Closes: #806787) + + [ Evgeny Vereshchagin ] + * debian/tests/upstream: Print all journal files. + We don't print all journal files. This is misleading a bit: + https://github.com/systemd/systemd/pull/4331#issuecomment-252830790 + https://github.com/systemd/systemd/pull/4395#discussion_r87948836 + + [ Luca Boccassi ] + * Use mount --move in initramfs-tools udev script. + Due to recent changes in busybox and initramfs-tools the mount + utility is no longer the one from busybox but from util-linux. + The latter does not support mount -o move. + The former supports both -o move and --move, so use it instead to be + compatible with both. + See this discussion for more details: + https://bugs.debian.org/823856 (Closes: #844775) + + -- Michael Biebl Sun, 20 Nov 2016 03:34:58 +0100 + +systemd (232-3) unstable; urgency=medium + + [ Felipe Sateler ] + * Make systemd-delta less confused on merged-usr systems. (Closes: #843070) + * Fix wrong paths for /bin/mount when compiled on merged-usr system. + Then the build system finds /usr/bin/mount which won't exist on a + split-/usr system. Set the paths explicitly in debian/rules and drop + Use-different-default-paths-for-various-binaries.patch. (Closes: #843433) + + [ Martin Pitt ] + * debian/tests/logind: Split out "pid in logind session" test + * debian/tests/logind: Adjust "in logind session" test for unified cgroup + hierarchy + * debian/tests/boot-and-services: Check common properties of CLI programs. + Verify that CLI programs have a sane behaviour and exit code when being + called with --help, --version, or an invalid option. + * nspawn: Fix exit code for --help and --version (Closes: #843544) + * core: Revert using the unified hierarchy for the systemd cgroup. + Too many things don't get along with it yet, like docker, LXC, or runc. + (Closes: #843509) + + -- Martin Pitt Wed, 09 Nov 2016 09:34:45 +0100 + +systemd (232-2) unstable; urgency=medium + + * Drop RestrictAddressFamilies from service files. + RestrictAddressFamilies= is broken on 32bit architectures and causes + various services to fail with a timeout, including + systemd-udevd.service. + While this might actually be a libseccomp issue, remove this option for + now until a proper solution is found. (Closes: #843160) + + -- Michael Biebl Sat, 05 Nov 2016 22:43:27 +0100 + +systemd (232-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release 232: + - Fix "systemctl start" when ReadWriteDirectories is a symlink + (Closes: ##792187) + - Fix "journalctl --setup-keys" output (Closes: #839097) + - Run run sysctl service if /proc/sys/net is writable, for containers + (Closes: #840529) + - resolved: Add d.f.ip6.arpa to the DNSSEC default negative trust anchors + (Closes: #834453) + * debian/tests/logind: Copy the current on-disk unit instead of the + on-memory one. + * Build sd-boot on arm64. gnu-efi is available on arm64 now. + (Closes: #842617) + * Link test-seccomp against seccomp libs to fix FTBFS + * debian/rules: Remove nss-systemd (until we package it) + * Install new systemd-mount + + [ Michael Biebl ] + * Install new journal-upload.conf man pages in systemd-journal-remote + + -- Martin Pitt Fri, 04 Nov 2016 07:18:10 +0200 + +systemd (231-10) unstable; urgency=medium + + [ Martin Pitt ] + * systemctl: Add --wait option to wait until started units terminate again. + * nss-resolve: return NOTFOUND instead of UNAVAIL on resolution errors. + This makes it possible to configure a fallback to "dns" without breaking + DNSSEC, with "resolve [!UNAVAIL=return] dns". + * libnss-resolve.postinst: Skip dns fallback if resolve is present. + Only fall back to "dns" if nss-resolve is not installed (for the + architecture of the calling program). Once it is, we never want to fall + back to "dns" as that breaks enforcing DNSSEC verification and also + pointlessly retries NXDOMAIN failures. (LP: #1624071) + * unit: sent change signal before removing the unit if necessary + (LP: #1632964) + * networkd: Fix assertion crash on adding VTI with IPv6 addresses + (LP: #1633274) + * debian/tests/upstream: Stop specifying initrd, it is autodetected now. + * debian/tests/upstream: Add gcc/libc-dev/make test dependencies, + so that the tests can build helper binaries. + + [ Felipe Sateler ] + * Explicitly disable installing the upstream-provided PAM configuration. + * Register interest in the status of dracut and initramfs-tools in reportbug + template + + [ Michael Biebl ] + * Stop creating systemd-update-utmp-runlevel.service symlinks manually + + -- Martin Pitt Wed, 26 Oct 2016 13:24:37 +0200 + +systemd (231-9) unstable; urgency=medium + + * pid1: process zero-length notification messages again. + Just remove the assertion, the "n" value was not used anyway. This fixes + a local DoS due to unprocessed/unclosed fds which got introduced by the + previous fix. (Closes: #839171) (LP: #1628687) + * pid1: Robustify manager_dispatch_notify_fd() + * test/networkd-test.py: Add missing writeConfig() helper function. + + -- Martin Pitt Thu, 29 Sep 2016 23:39:24 +0200 + +systemd (231-8) unstable; urgency=medium + + [ Martin Pitt ] + * Replace remaining systemctl --failed with --state=failed + "--failed" is deprecated in favor of --state. + * debian/shlibs.local.in: More precisely define version of internal shared + lib. + * debian/tests/upstream: Drop blacklisting + These tests now work fine without qemu. + * debian/tests/storage: Avoid rmmod scsi_debug (LP: #1626737) + * upstream build system: Install libudev, libsystemd, and nss modules to + ${rootlibdir}. Drop downstream workaround from debian/rules. + * Ubuntu: Disable resolved's DNSSEC for the final 16.10 release. + Resolved's DNSSEC support is still not mature enough, and upstream + recommends to disable it in stable distro releases still. + * Fix abort/DoS on zero-length notify message triggers (LP: #1628687) + * resolved: don't query domain-limited DNS servers for other domains + (LP: #1588230) + + [ Antonio Ospite ] + * Update systemd-user pam config to require pam_limits.so. + (Closes: #838191) + + -- Martin Pitt Thu, 29 Sep 2016 13:40:21 +0200 + +systemd (231-7) unstable; urgency=medium + + [ Michael Biebl ] + * fsckd: Do not exit on idle timeout if there are still clients connected + (Closes: #788050, LP: #1547844) + + [ Martin Pitt ] + * 73-usb-net-by-mac.rules: Split kernel command line import line. + Reportedly this makes the rule actually work on some platforms. Thanks Alp + Toker! (LP: #1593379) + * debian/tests/boot-smoke: Only run 5 iterations + * systemd.postinst: Drop obsolete setcap call for systemd-detect-virt. + Drop corresponding libcap2-bin dependency. + * debian/tests/systemd-fsckd: Robustify check for "unit was running" + (LP: #1624406) + * debian/extra/set-cpufreq: Use powersave with intel_pstate. + This is what we did on xenial, and apparently powersave is still actually + better than performance. Thanks to Doug Smythies for the measurements! + (LP: #1579278) + * Ubuntu: Move ondemand.service from static to runtime enablement. + This makes it easier to keep performance, by disabling ondemand.service. + Side issue in LP: #1579278 + * Revert "networkd: remove route if carrier is lost" + This causes networkd to drop addresses from unmanaged interfaces in some + cases. (Closes: #837759) + * debian/tests/storage: Avoid stderr output of stopping systemd-cryptsetup@.service + * libnss-*.prerm: Remove possible [key=value] options from NSS modules as well. + (LP: #1625584) + + -- Martin Pitt Tue, 20 Sep 2016 15:03:06 +0200 + +systemd (231-6) unstable; urgency=medium + + [ Martin Pitt ] + * Add alternative iptables-dev build dependencies + libiptc-dev is very new and not yet present in stable Debian/Ubuntu releases. + Add it as a fallback build dependency for backports and upstream tests. + * Detect if seccomp is enabled but seccomp filtering is disabled + (Closes: #832713) + * resolved: recognize DNS names with more than one trailing dot as invalid + (LP: #1600000) + * debian/tests/smoke: Store udev db dump artifact on failure + * networkd: limit the number of routes to the kernel limit + * systemctl: consider service running only when it is in active or reloading state + * networkd: remove route if carrier is lost + * Add Ref()/Unref() bus calls for units + + [ Felipe Sateler ] + * git-cherry-pick: always recreate the patch-queue branch. + + [ Dimitri John Ledkov ] + * Use idiomatic variables from dpkg include. + + -- Martin Pitt Sun, 11 Sep 2016 15:00:55 +0200 + +systemd (231-5) unstable; urgency=medium + + [ Iain Lane ] + * Let graphical-session-pre.target be manually started (LP: #1615341) + + [ Felipe Sateler ] + * Add basic version of git-cherry-pick + * Replace Revert-units-add-a-basic-SystemCallFilter-3471.patch with upstream + patch + * sysv-generator: better error reporting. (Closes: #830257) + + [ Martin Pitt ] + * 73-usb-net-by-mac.rules: Test for disabling 80-net-setup-link.rules more + efficiently. Stop calling readlink at all and just test if + /etc/udev/rules.d/80-net-setup-link.rules exists -- a common way to + disable an udev rule is to just "touch" it in /etc/udev/rule.d/ (i. e. + empty file), and if the rule is customized we cannot really predict anyway + if the user wants MAC-based USB net names or not. (LP: #1615021) + * Ship kernel-install (Closes: #744301) + * Add debian/extra/kernel-install.d/60-initrd.install. + This kernel-install drop-in copies the initrd of the selected kernel to + the EFI partition. + * bootctl: Automatically detect ESP partition. + This makes bootctl work with Debian's /boot/efi/ mountpoint without having + to explicitly specify --path. + Patches cherry-picked from upstream master. + * systemd.NEWS: Point out that alternatively rcS scripts can be moved to + rc[2-5]. Thanks to Petter Reinholdtsen for the suggestion! + + [ Michael Biebl ] + * Enable iptables support (Closes: #787480) + * Revert "logind: really handle *KeyIgnoreInhibited options in logind.conf" + The special 'key handling' inhibitors should always work regardless of + any *IgnoreInhibited settings – otherwise they're nearly useless. + Update man pages to clarify that *KeyIgnoreInhibited only apply to a + subset of locks (Closes: #834148) + + -- Martin Pitt Fri, 26 Aug 2016 10:58:07 +0200 + +systemd (231-4) unstable; urgency=medium + + * Revert "pid1: reconnect to the console before being re-executed" + This unbreaks consoles after "daemon-reexec". (Closes: #834367) + + -- Martin Pitt Thu, 18 Aug 2016 07:03:13 +0200 + +systemd (231-3) unstable; urgency=medium + + * resolved resolvconf integration: Run resolvconf without privilege + restrictions. On some architectures (at least ppc64el), running resolvconf + does not work with MemoryDenyWriteExecute=yes. (LP: #1609740) + * Revert unit usage of MemoryDenyWriteExecute=yes. This is implemented + through seccomp as well. (Closes: #832713) + + -- Martin Pitt Mon, 15 Aug 2016 09:58:09 +0200 + +systemd (231-2) unstable; urgency=medium + + [ Martin Pitt ] + * debian/rules: Fix UPSTREAM_VERSION for upstream master builds + * Limit "link against /usr" check to some critical binaries only and add + generators + * debian/rules: Put back cleanup of *.busname (Closes: #833487) + * debian/tests/localed-x11-keymap: Robustify cleanup + * debian/tests/localed-x11-keymap: Check that localed works without + /etc/default/keyboard. This reproduces #833849. + * Revert "units: add a basic SystemCallFilter (#3471)" + This causes fatal failures on kernels that don't have seccomp enabled. + This can be reactivated once + https://github.com/systemd/systemd/issues/3882 is fixed. + (Closes: #832713, #832893) + + [ Simon McVittie ] + * localed: tolerate absence of /etc/default/keyboard. + The debian-specific patch to read Debian config files was not tolerating + the absence of /etc/default/keyboard. This causes systemd-localed to + fail to start on systems where that file isn't populated (like embedded + systems without keyboards). (Closes: #833849) + + -- Martin Pitt Sun, 14 Aug 2016 10:54:57 +0200 + +systemd (231-1) unstable; urgency=low + + [ Martin Pitt ] + * New upstream release 231: + - Fix "Failed to create directory /str/sys/fs/selinux: Read-only file + system" warning. (Closes: #830693) + * systemd.postinst: Remove systemd-networkd-resolvconf-update.path removal + leftover. (Closes: #830778) + * Drop support for rcS.d SysV init scripts. + These are prone to cause dependency loops, and almost all packages with + rcS scripts now ship a native systemd service. + * networkd: Handle router advertisements in userspace again. + Drop Revert-Revert-networkd-ndisc-revert-to-letting-the-k.patch. + Bug #814566/#815586 got fixed in 230, and #815884 and #815884 and #815793 + are unreproducible and need more reporter feedback. + * debian/gbp.conf: Enable dch options "full" and "multimaint-merge" + * systemd-sysv: Add Conflicts: systemd-shim. + To avoid shim trying to claim the D-Bus interfaces. + * Add graphical-session.target user unit. + * Add graphical-session-pre.target user unit + * Add debian/extra/units-ubuntu/user@.service.d/timeout.conf. + This avoids long hangs during shutdown if user services fail/hang due to + X.org going away too early. This is mostly a workaround, so only install + for Ubuntu for now. + * Dynamically add upstream version to debian/shlibs.local + * Set Debian/Ubuntu downstream support URL in journal catalogs + (Closes: #769187) + + [ Michael Biebl ] + * Restrict Conflicts: openrc to << 0.20.4-2.1. + Newer versions of openrc no longer ship conflicting implementations of + update-rc.d/invoke-rc.d. + * Add Depends: dbus to systemd-container. + This is required for systemd-machined and systemd-nspawn to work + properly. (Closes: #830575) + * Drop insserv.conf generator. + We no longer parse /etc/insserv.conf and /etc/insserv.conf.d/* and + augment services with that dependency information via runtime drop-in + files. Services which want to provide certain system facilities need to + pull in the corresponding targets themselves. Either directly in the + native service unit or by shipping a drop-in snippet for SysV init + scripts. (Closes: #825858) + * getty-static.service: Only start if we have a working VC subsystem. + Use ConditionPathExists=/dev/tty0, the same check as in getty@.service, + to determine whether we have a functional VC subsystem and we should + start any gettys. (Closes: #824779) + * Stop mentioning snapshot and restore in the package description. + Support for the .snapshot unit type has been removed upstream. + * Drop sigpwr-container-shutdown.service. + This is no longer necessary as lxc-stop has been fixed to use SIGRTMIN+3 + to shut down systemd based LXC containers. + https://github.com/lxc/lxc/pull/1086 + https://www.freedesktop.org/wiki/Software/systemd/ContainerInterface/ + + [ Felipe Sateler ] + * Add versioned breaks for packages shipping rcS init scripts + + -- Martin Pitt Tue, 26 Jul 2016 12:17:14 +0200 + +systemd (230-7) unstable; urgency=medium + + * Tell dh_shlibdeps to look in the systemd package for libraries. Otherwise + dpkg-shlibdeps fails to find libsystemd-shared as we no longer create a + shlibs file for it. + * Add Build-Depends-Package to libudev1.symbols and libsystemd0.symbols. + This ensures proper dependencies when a package has a Build-Depends on a + higher version of libudev-dev or libsystemd-dev then what it gets from the + used symbols. + + -- Michael Biebl Fri, 08 Jul 2016 13:04:33 +0200 + +systemd (230-6) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/boot-smoke: Stop running in containers again, too unreliable + on Ubuntu s390x right now. + + [ Michael Biebl ] + * Bump Build-Depends on debhelper to (>= 9.20160114), required for + --dbgsym-migration support. + * Install test-udev binary into $libdir/udev/ not $libdir. Only libraries + should be installed directly into $libdir. + * Exclude libsystemd-shared from dh_makeshlibs. + + [ Felipe Sateler ] + * Do not install libsystemd-shared.so symlink + * {machine,system}ctl: always pass &changes and &n_changes (Closes: #830144) + + [ Michael Prokop ] + * debian/tests/logind: Ensure correct version of logind is running. + + -- Michael Biebl Thu, 07 Jul 2016 15:22:16 +0200 + +systemd (230-5) unstable; urgency=medium + + [ Martin Pitt ] + * Sync test/networkd-test.py with current upstream master, and remove our + debian/tests/networkd copy. Directly run test/networkd-test.py in + autopkgtest. + * debian/extra/rules/73-usb-net-by-mac.rules: Disable when + /etc/udev/rules.d/80-net-setup-link.rules is a symlink to /dev/null, to be + consistent with the documented way to disable ifnames. (Closes: #824491, + LP: #1593379) + * debian/rules: Ignore libcap-ng.so in the "does anything link against /usr" + check, to work around libaudit1 recently gaining a new dependency against + that library (#828991). We have no influence on that ourselves. This fixes + the FTBFS in the meantime. + + [ Felipe Sateler ] + * Convert common code into a private shared library. This saves about 9 MB + of installed size in the systemd package, and some more in systemd-*. + + -- Martin Pitt Fri, 01 Jul 2016 09:15:12 +0200 + +systemd (230-4) unstable; urgency=medium + + [ Martin Pitt ] + * tmp.mount: Add nosuid and nodev mount options. This restores compatibility + with the original SysV int RAMTMP defaults. (Closes: #826377) + * debian/tests/upstream: Some tests fail on platforms without QEMU at the + moment due to upstream PR#3587; blacklist these for now if QEMU is not + available. + * debian/rules: Don't run the "anything links against /usr" check for + upstream tests, as those run on Ubuntu 16.04 LTS which does not yet have + libidn moved to /lib. + * debian/tests/upstream: Clean up old journals before running a test, to + avoid printing a wrong one on failure. + * debian/tests/upstream: Do not run the QEMU tests on i386. Nested QEMU on + i386 causes testbed hangs on Ubuntu's cloud infrastructure, which is the + only place where these actually run. + * resolved: Fix SERVFAIL handling and introduce a new "Cache=" option to + disable local caching. + * resolved: Support IPv6 zone indices in resolv.conf. (LP: #1587489) + * resolved: Update resolv.conf when calling SetLinkDNS(). + * debian/tests/storage: Sync and settle udev after luksFormat, to reduce the + chance of seeing some half-written signatures. + * debian/tests/networkd: Stop skipping the two DHCP6 tests, this regression + seems to have been fixed now. + * resolved: respond to local resolver requests on 127.0.0.53:53. This + provides compatibility with clients that don't use NSS but do DNS queries + directly, such as Chrome. + * resolved: Don't add route-only domains to /etc/resolv.conf. + * systemd-resolve: Add --flush-caches and --status commands. + * Add debian/extra/units/systemd-resolved.service.d/resolvconf.conf to tell + resolvconf about resolved's builtin DNS server on 127.0.0.53. With that, + DNS servers picked up via networkd are respected when using resolvconf, + and software like Chrome that does not do NSS (libnss-resolve) still gets + proper DNS resolution. Drop the brittle and ugly + systemd-networkd-resolvconf-update.{path,service} hack instead. + * debian/tests/boot-smoke: Run in containers as well. + + [ Laurent Bigonville ] + * Build with IDN support. (Closes: #814528) + + -- Martin Pitt Wed, 29 Jun 2016 15:23:32 +0200 + +systemd (230-3) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/boot-and-services: Adjust test_tmp_mount() for fixed + systemctl exit code for "unit not found" in upstream commit ca473d57. + * debian/tests/boot-and-services, test_no_failed(): Show journal of failed + units. + * debian/extra/init-functions.d/40-systemd: Adjust to changed systemctl + show behaviour in 231: now this fails for nonexisting units instead of + succeeding with "not-found". Make the code compatible to both for now. + * Fix networkd integration with resolvconf for domain-limited DNS servers, + so that these don't appear as global nameservers in resolv.conf. Thanks + Andy Whitcroft for the initial fix! Add corresponding test case to + debian/tests/networkd. (LP: #1587762) + * resolved: Fix comments in resolve.conf for search domain overflows. + (LP: #1588229) + * On Ubuntu, provide an "ondemand.service" that replaces + /etc/init.d/ondemand. The latter does not exist any more when + "initscripts" falls out of the default installation. (LP: #1584124) This + now does not do a fixed one-minute wait but uses "Type=idle" instead. This + also becomes a no-op when the CPU supports "intel_pstate" (≤ 5 years old), + as on these the ondemand/powersave schedulers are actually detrimental. + (LP: #1579278) + * debian/systemd-container.install: Drop *.busname installation, they are + going away upstream. + * debian/extra/init-functions.d/40-systemd: Do not call systemctl + daemon-reload if the script is called as user (like reportbug does). Also + make sure that daemon-reload will not invoke polkit. + * Install test-udeb from .libs, to avoid installing the automake shell + wrapper. + * Fix transaction restarting in resolved to avoid async processing of + free'd transactions. + (Closes: #817210, LP: #1587727, #1587740, #1587762, #1587740) + * Add "upstream" autopkgtest that runs the test/TEST* upstream integration + tests in QEMU and nspawn. + * Build systemd-sysusers binary, for using in rkt. Do not ship the + corresponding unit and sysusers.d/ files yet, as these need some + Debianization and an autopkgtest. (Closes: #823322) + * debian/tests/systemd-fsckd: Adjust was_running() to also work for version + 230. + + [ Michael Biebl ] + * Add "systemctl daemon-reload" to lsb init-functions hook if the LoadState + of a service is "not-found". This will run systemd-sysv-generator, so SysV + init scripts that aren't installed by the package manager should be picked + up automatically. (Closes: #825913) + * automount: handle expire_tokens when the mount unit changes its state. + (Closes: #826512) + * debian/systemd.preinst: Correctly determine whether a service is enabled. + Testing for the return code alone is not sufficient as we need to + differentiate between "generated" and "enabled" services. + (Closes: #825981) + + [ Felipe Sateler ] + * Drop configure option --disable-compat-libs. It no longer exists. + * Add policykit-1 to Suggests. It is used to allow unprivileged users to + execute certain commands. (Closes: #827756) + + -- Martin Pitt Tue, 21 Jun 2016 23:51:07 +0200 + +systemd (230-2) unstable; urgency=medium + + [ Martin Pitt ] + * Don't add a Breaks: against usb-modeswitch when building on Ubuntu; there + it does not use hotplug.functions and is a lower version. + * boot-and-services autopkgtest: Add missing xserver-xorg and + lightdm-greeter test dependencies, so that lightdm can start. + (See LP #1581106) + * Re-disable logind's KillUserProcesses option by default. (Closes: #825394) + + [ Michael Biebl ] + * Drop --disable-silent-rules from debian/rules. This is now handled by dh + directly depending on whether the DH_QUIET environment variable is set. + + -- Martin Pitt Tue, 31 May 2016 12:02:14 +0200 + +systemd (230-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release 230. + - Fix rare assertion failure in hashmaps. (Closes: #816612) + - Fix leaking scope units. (Closes: #805477) + - Fix wrong socket ownership after daemon-reload. (LP: #1577001) + - udev: Fix touch screen detection. (LP: #1530384) + * Drop cmdline-upstart-boot autopkgtest. It was still needed up to Ubuntu + 16.04 LTS, but upstart-sysv is not supported any more in Debian and Ubuntu + now. + * udev: Drop hotplug.functions, now that the last remaining user of this got + fixed. Add appropriate versioned Breaks:. + * debian/extra/rules/70-debian-uaccess.rules: Add some more FIDO u2f devices + from different vendors. Thanks Atoyama Tokanawa. + * Remove "bootchart" autopkgtest, this upstream version does not ship + bootchart any more. It will be packaged separately. + + [ Michael Biebl ] + * Drop obsolete --disable-bootchart configure switch from udeb build. + * Remove obsolete /etc/systemd/bootchart.conf conffile on upgrades. + + -- Martin Pitt Mon, 23 May 2016 09:42:51 +0200 + +systemd (229-6) unstable; urgency=medium + + * systemd-container: Prefer renamed "btrfs-progs" package name over + "btrfs-tools". (Closes: #822629) + * systemd-container: Recommend libnss-mymachines. (Closes: #822615) + * Drop systemd-dbg, in favor of debhelpers' automatic -dbgsym packages. + * Drop Add-targets-for-compatibility-with-Debian-insserv-sy.patch; we don't + need $x-display-manager any more as most/all DMs ship native services, and + $mail-transport-agent is not widely used (not even by our default MTA + exim4). + * Unify our two patches for Debian specific configuration files. + * Drop udev-re-enable-mount-propagation-for-udevd.patch, i. e. run udevd in + its own slave mount name space again. laptop-mode-tools 1.68 fixed the + original bug (#762018), thus add a Breaks: to earlier versions. + * Ship fbdev-blacklist.conf in /lib/modprobe.d/ instead of /etc/modprobe.d/; + remove the conffile on upgrades. + * Replace util-Add-hidden-suffixes-for-ucf.patch with patch that got + committed upstream. + * Replace Stop-syslog.socket-when-entering-emergency-mode.patch with patch + that got committed upstream. + * debian/udev.README.Debian: Adjust documentation of MAC based naming for + USB network cards to the udev rule, where this was moved to in 229-5. + * debian/extra/init-functions.d/40-systemd: Invoke status command with + --no-pager, to avoid blocking scripts that call an init.d script with + "status" with an unexpected pager process. (Closes: #765175, LP: #1576409) + * Add debian/extra/rules/70-debian-uaccess.rules: Make FIDO U2F dongles + accessible to the user session. This avoids having to install libu2f-host0 + (which isn't discoverable at all) to make those devices work. + (LP: #1387908) + * libnss-resolve: Enable systemd-resolved.service on package installation, + as this package makes little sense without resolved. + * Add a DHCP exit hook for pushing received NTP servers into timesyncd. + (LP: #1578663) + * debian/udev.postinst: Fix migration check from the old persistent-net + generator to not apply to chroots. (Closes: #813141) + * Revert "enable TasksMax= for all services by default, and set it to 512". + Introducing a default limit on number of threads broke a lot of software + which regularly needs more, such as MySQL and RabbitMQ, or services that + spawn off an indefinite number of subtasks that are not in a scope, like + LXC or cron. 512 is way too much for most "simple" services, and it's way + too little for the ones mentioned above. Effective (and much stricter) + limits should instead be put into units individually. + (Closes: #823530, LP: #1578080) + * Split out udev rule to name USB network interfaces by MAC address into + 73-usb-net-by-mac.rules, so that it's easier to disable. (Closes: #824025) + * 73-usb-net-by-mac.rules: Disable when net.ifnames=0 is specified on the + kernel command line, to be consistent with disabling the *.link files. + * 73-special-net-names.rule: Name the IBM integrated management module + virtual USB network card "ibmimm". Thanks Marco d'Itri! + + -- Martin Pitt Thu, 12 May 2016 09:40:19 +0200 + +systemd (229-5) unstable; urgency=medium + + * debian/tests/unit-config: Call "daemon-reload" to clean up generated units + in between tests. + * debian/tests/unit-config: Check that enable/disable commands are + idempotent. + * debian/tests/unit-config: Detect if system units are in /usr/, so that the + test works on systems with merged /usr. + * debian/tests/unit-config: Use systemd-sysv-install instead of update-rc.d + directly, so that the test works under Fedora too. + * debian/tests/unit-config: Check disabling of a "systemctl link"ed unit, + and check "systemctl enable" on a unit with full path which is not in the + standard directories. + * Rename debian/extra/rules/73-idrac.rules to 73-special-net-names.rules, as + it is going to get rules for other devices. Also install it into the + initramfs. + * debian/extra/rules/73-special-net-names.rules: Add DEVPATH number based + naming schema for ibmveth devices. (LP: #1561096) + * Don't set SYSTEMD_READY=0 on DM_UDEV_DISABLE_OTHER_RULES_FLAG=1 devmapper + devices with "change" events, as this causes spurious unmounting with + multipath devices. (LP: #1565969) + * Fix bogus "No [Install] section" warning when enabling a unit with full + path. (LP: #1563590) + * debian/tests/cmdline-upstart-boot: In test_rsyslog(), check for messages + from dbus instead of NetworkManager. NM 1.2 does not seem to log to syslog + by default any more. + * Bump Standards-Version to 3.9.8 (no changes necessary). + * debian/tests/boot-smoke: Add some extra debugging if there are pending + jobs after 10s, to figure out why lightdm is sometimes "restarting". + (for LP #1571673) + * debian/tests/boot-smoke: Configure dummy X.org driver (like in the + boot-and-services test), to avoid lightdm randomly fail. (LP: #1571673) + * Move Debian specific patches into debian/patches/debian (which translates + to "Gbp-Pq: Topic debian" with pq). This keeps upstream vs. Debian + patches separated without the comments in debian/patches/series (which + always get removed by "pq export"). + * Don't ship an empty /etc/X11/xinit/xinitrc.d/ directory, this isn't + supported in Debian. (Closes: #822198) + * udev: Mark nbd as inactive until connected. (Closes: #812485) + * On shutdown, unmount /tmp before disabling swap. (Closes: #788303) + * debian/systemd-coredump.postinst: Do daemon-reload before starting + systemd-coredump, as the unit file may have changed on upgrades. + (Closes: #820325) + * Set MAC based name for USB network interfaces only for universally + administered (i. e. stable) MACs, not for locally administered (i. e. + randomly generated) ones. Drop /lib/systemd/network/90-mac-for-usb.link + (as link files don't currently support globs for MACAddress=) and replace + with an udev rule in /lib/udev/rules.d/73-special-net-names.rules. + (Closes: #812575, LP: #1574483) + + -- Martin Pitt Mon, 25 Apr 2016 11:08:11 +0200 + +systemd (229-4) unstable; urgency=medium + + * Fix assertion crash when processing a (broken) device without a sysfs + path. (Closes: #819290, LP: #1560695) + * Fix crash when shutdown is issued from a non-tty. (LP: #1553040) + * networkd: Stay running while any non-loopback interface is up. + (Closes: #819414) + * Fix reading uint32 D-Bus properties on big-endian. + * Fix crash if an udev device has many tags or devlinks. (LP: #1564976) + * systemctl, loginctl, etc.: Don't start polkit agent when running as root. + (LP: #1565617) + * keymap: Add Add HP ZBook (LP: #1535219) and HP ProBook 440 G3. + * systemd.resource-control.5: Fix links to cgroup documentation on + kernel.org. (Closes: #819970) + * Install test-udev into libudev-dev, so that we have it available for + autopkgtests. + * Add "udev" autopkgtest for running the upstream test/udev-test.pl. + + -- Martin Pitt Thu, 07 Apr 2016 08:11:10 +0200 + +systemd (229-3) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/timedated: Add tests for "timedatectl set-local-rtc". + * Be more tolerant in parsing /etc/adjtime. + * debian/systemd.postinst: Don't fail package installation if systemctl + daemon-reload trigger fails. This does not fix the root cause of the + reload failures, but at least causes fewer packages to be in a broken + state after upgrade, so that a reboot or apt-get -f install have a much + higher chance in succeeding. (For bugs like LP #1502097 or LP #1447654) + * debian/tests/networkd: Skip test_hogplug_dhcp_ip6 when running against + upstream as well. + * debian/tests/boot-and-services: Wait for units to stop with a "systemctl + is-active" loop instead of static sleeps. + * debian/tests/networkd: Skip DHCPv6 tests for downstream packages too. This + is an actual regression in networkd-229, to be investigated. But this + shouldn't hold up reverse dependencies. + * Fix assertion in add_random(). (LP: #1554861) + * debian/tests/boot-and-services: Don't assert on "Stopped Container c1" + message in NspawnTests.test_service(), this is sometimes not present. Just + check that the unit did not fail. + * Add "adduser" dependency to systemd-coredump, to quiesce lintian. + * Bump Standards-Version to 3.9.7 (no changes necessary). + * Fix timespec parsing by correctly initializing microseconds. + (Closes: #818698, LP: #1559038) + * networkd: Add fallback if FIONREAD is not supported. (Closes: #818488) + * Cherry-pick various fixes from upstream master. + - Fixes logout when changing the current target. (Closes: #805442) + + [ Evgeny Vereshchagin ] + * debian/tests/boot-and-services: Search systemd-coredump's output by + SYSLOG_IDENTIFIER. + * Add missing "Recommends: btrfs-tools" to systemd-container. + * Add systemd-coredump postinst/prerm to start/stop systemd-coredump.socket + without a reboot. (Closes: #816767) + + [ Felipe Sateler ] + * Set the paths of loadkeys and setfont via configure arguments, not a patch + + -- Martin Pitt Mon, 21 Mar 2016 14:11:44 +0100 + +systemd (229-2) unstable; urgency=medium + + * time-util: map ALARM clockids to non-ALARM clockids in now(), to work on + architectures which don't support CLOCK_BOOTTIME_ALARM. Fixes FTBFS on + many architectures. + * debian/systemd.postinst: Add missing newline to /etc/adjtime migration. + (See #699554) + * debian/systemd.postinst: Only try to enable tmp.mount if we actually + copied it to /etc. Don't try to enable a generated unit. (LP: #1545707) + * debian/tests/boot-and-services: Increase timeouts of test_bash_crash from + 5 to 10 seconds, and sync the journal after every iteration. + * debian/extra/checkout-upstream: Try again after one minute if git checkout + fails, to avoid failures from transient network errors. + * debian/tests/systemd-fsckd: Use grub.d/50-cloudimg-settings.cfg as a + template for generating our custom one instead of 90-autopkgtest.cfg. The + latter does not exist on non-x86 architectures and is not relevant for + this test. + * debian/tests/boot-and-services: Skip journal test for test_bash_crash when + running against upstream, as this currently fails most of the time. To be + investigated. + * debian/tests/networkd: Skip test_coldplug_dhcp_ip6 when running against + upstream, as this is brittle there. To be investigated. + * debian/tests/bootchart: Skip test if bootchart is not available or + testing in upstream mode. bootchart got removed from master and will be + moved to a separate repository. + * debian/tests/boot-and-services: Show verbose journal output on failure in + nspawn test, and sync journal before. + * Move systemd-coredump socket and service into systemd-coredump binary + package. + * Revert changing the default core dump ulimit and core_pattern. This + completely breaks core dumps without systemd-coredump. It's also + contradicting core(8). (Closes: #815020) + * Fix addresses for type "sit" tunnels. (Closes: #816132) + * networkd: Go back to letting the kernel handle IPv6 router advertisements, + as networkd's own currently has too many regressions. Thanks to Stefan + Lippers-Hollmann for investigating this! (Closes: #814566, + #814667, #815586, #815884, #815793) + + -- Martin Pitt Sun, 28 Feb 2016 22:16:12 +0100 + +systemd (229-1) unstable; urgency=medium + + * New upstream release 229. + - Fix systemctl behaviour in chroots. (Closes: #802780) + - Fix SELinux context of /run/user/$UID. (Closes: #775651) + - Add option to optionally turn of color output. (Closes: #783692) + - Don't git-ignore src/journal-remote/browse.html. (Closes: #805514) + - Do not warn about Wants depencencies on masked units. (LP: #1543282) + * debian/systemd.install: Ship the new systemd-resolve. + * libsystemd0.symbols: Add new symbols from this release. + * systemd-coredump.postinst: Create systemd-coredump system user. + * debian/tests/systemd-fsckd: Tame overly strict test for failed plymouth + unit, which is a race condition with plymouthd auto-stopping. + (LP: #1543144) + * Drop timedated-don-t-rely-on-usr-being-mounted-in-the-ini.patch. + initramfs-tools has mounted /usr since Jessie, and tzdata now creates + /etc/localtime as a symlink too (see #803144). + * Use-different-default-paths-for-various-binaries.patch: Drop path changes + for setcap (which is already a build dep and not used at all) and sulogin + (which is now in util-linux). + * Remove obsolete udev maintainer script checks: + - Drop check for kernel >= 2.6.32, which released in 2009. + - Drop restarting of some daemons due to the devtmpfs migration, which + happened before the above kernel even. + - Drop support for forcing upgrades on kernels known not to work via + /etc/udev/kernel-upgrade. Don't pretend that this would help, as users + could end up with a non-bootable system. Always fail early in preinst + when it's still possible to install a working kernel. + - Drop postinst test for "running in containers" -- it's actually possible + to run udev in containers if you mount /sys r/w and you know what you + are doing. Also, the init.d script and systemd service do that check + again. + - Keep the kernel feature and chroot checks, as these are still useful. + Simplify check_kernel_features() by eliminating some variables. + - Drop debconf templates. Two of them are obsolete, and having + CONFIG_SYSFS_DEPRECATED is now so implausible that this doesn't warrant + the overhead and translator efforts. + * Drop debian/tests/ifupdown-hotplug. The units moved into ifupdown, so the + test should go there too (see #814312). + * debian/tests/control: Reorder tests and add a comment which ones should + not be run for an upstream build. + * debian/tests/control: Rearrange tests and avoid removing test dependencies + to minimize testbed resets. + * Add debian/extra/checkout-upstream: Script to replace the current + source with a checkout of an upstream pull request, branch, or commit, + and remove debian/patches/. Call from debian/rules if $TEST_UPSTREAM is + set. This will be used for upstream CI. + * Enable seccomp support on powerpc, ppc64el, and s390x. + + -- Martin Pitt Thu, 11 Feb 2016 21:02:39 +0100 + +systemd (228-6) unstable; urgency=medium + + * Make-run-lock-tmpfs-an-API-fs.patch: Drop /run/lock from + tmpfiles.d/legacy.conf to avoid the latter clobbering the permissions of + /run/lock. Fixes fallout from cleanup in -5 that resulted /run/lock to + have 0755 permissions instead of 1777. (LP: #1541775) + + -- Martin Pitt Thu, 04 Feb 2016 11:46:54 +0100 + +systemd (228-5) unstable; urgency=medium + + [ Martin Pitt ] + * Drop systemd-vconsole-setup.service: It has never been installed/used in + Debian and is not necessary for Ubuntu any more. + * Drop halt-local.service. This has never been documented/used in Debian. + (LP: #1532553) + * debian/extra/initramfs-tools/scripts/init-bottom/udev: Prefer "nuke" + again, it comes from klibc-utils. But fall back to "rm" if it does not + exist. + * systemd-timesyncd.service.d/disable-with-time-daemon.conf: Also don't run + if /usr/sbin/VBoxService exists, as virtualbox-guest-utils already + provides time synchronization with the host. (Closes: #812522) + * Drop Michael Stapelberg from Uploaders:, he stopped maintenance long ago. + Thanks Michael for your great work in the past! + * Replace "sysv-rc" dependency with Conflicts: openrc, file-rc. The + rationale from #739679 still applies, but with the moving of + {invoke,update}-rc.d to init-system-helpers we don't actually need + anything from sysv-rc any more other than the assumption that SysV init + scripts are enabled in /etc/rc?.d/ for the SysV generator to work (and + file-rc and openrc don't do that). + * debian/tests/timedated: Verify /etc/localtime symlink. Skip verifying the + /etc/timezone file (which is Debian specific) if $TEST_UPSTREAM is set. + * debian/tests/localed-locale: Check /etc/locale.conf if $TEST_UPSTREAM is + set. + * debian/tests/localed-x11-keymap: Test /etc/X11/xorg.conf.d/00-keyboard.conf + if $TEST_UPSTREAM is set. + * debian/tests/boot-and-services: Check for reaching graphical.target + instead of default.target, as the latter is a session systemd state only. + * debian/tests/boot-and-services: Skip tests which are known to fail/not + applicable with testing upstream builds. + * Drop Fix-up-tmpfiles.d-permissions-properly.patch: + - /run/lock is already created differently by + Make-run-lock-tmpfs-an-API-fs.patch, and contradicts to that. + - /run/lock/lockdev/ isn't being used anywhere and got dropped + upstream; backport the patch (tmpfiles-drop-run-lock-lockdev.patch). + - Move dropping of "group:wheel" (which has never existed in Debian) into + debian/rules, to also catch occurrences in other parts of the file which + the static patch would overlook. + * Shorten persistent identifier for CCW network interfaces (on s390x only). + (LP: #1526808) + * debian/rules: If $TEST_UPSTREAM is set (when building/testing upstream + master instead of distro packages), don't fail on non-installed new files + or new library symbols. + * Add systemd-sysv conflict to upstart-sysv, and version the upstart + conflict. This works with both Debian's and Ubuntu's upstart packages. + + [ Michael Biebl ] + * Drop support for the /etc/udev/disabled flag file. This was a workaround + for udev failing to install with debootstrap because it didn't use + invoke-rc.d and therefor was not compliant with policy-rc.d. See #520742 + for further details. This is no longer the case, so supporting that file + only leads to confusion about its purpose. + * Retrigger cleanup of org.freedesktop.machine1.conf and + hwclock-save.service now that dpkg has been fixed to correctly pass the + old version to postinst on upgrade. (Closes: #802545) + * Only ship *.link files as part of the udev package. The *.network files + are solely used by systemd-networkd and should therefor be shipped by the + systemd package. (Closes: #808237) + * Cherry-pick a few fixes from upstream: + - Fix unaligned access in initialize_srand(). (Closes: #812928) + - Don't run kmod-static-nodes.service if module list is empty. This + requires kmod v23. (Closes: #810367) + - Fix typo in systemctl(1). (Closes: #807462) + - Fix systemd-nspawn --link-journal=host to not fail if the directory + already exists. (Closes: #808222) + - Fix a typo in logind-dbus.c. The polkit action is named + org.freedesktop.login1.power-off, not org.freedesktop.login1.poweroff. + - Don't log an EIO error in gpt-auto-generator if blkid finds something + which is not a partition table. (Closes: #765586) + - Apply ACLs to /var/log/journal and also set them explicitly for + system.journal. + * Only skip the filesystem check for /usr if the /run/initramfs/fsck-usr + flag file exists. Otherwise we break booting with dracut which uses + systemd inside the initramfs. (Closes: #810748) + * Update the instructions in README.Debian for creating /var/log/journal. + They are now in line with the documentation in the systemd-journald(8) man + page and ensure that ACLs and group permissions are properly set. + (Closes: #800947, #805617) + * Drop "systemctl daemon-reload" from lsb init-functions hook. This is no + longer necessary as invoke-rc.d and init-system-helpers take care of this + nowadays. + + -- Martin Pitt Wed, 03 Feb 2016 10:09:46 +0100 + +systemd (228-4) unstable; urgency=medium + + * debian/udev.README.Debian: Add alternative way of disabling ifnames. + (Closes: #809339) + * Put back /lib/udev/hotplug.functions, until the three remaining packages + that use it stop doing so. (Closes: #810114) + * debian/udev.README.Debian: Point out that any change to interface naming + rules requires an initrd update. + + -- Martin Pitt Mon, 11 Jan 2016 07:12:40 +0100 + +systemd (228-3) unstable; urgency=medium + + [ Martin Pitt ] + * debian/rules: Remove temporary debug output from test failures again. All + Debian buildd kernels are recent enough now, but add a check for kernels + older than 3.13 and ignore test failures for those. + * debian/tests/networkd: Factor out dnsmasq specific test "router" setup, so + that we can test against other implementations. + * debian/tests/networkd: Add router setup using an (isolated) networkd + process for configuring the veths and DHCP server. + * debian/tests/networkd: On failure, only show journal for current test. + * systemd-networkd-resolvconf-update.service: Wait for getting a name + server, not just for getting online. + * debian/tests/boot-and-services: Wait until bash crash stack trace is in + the journal before asserting on it. Also relax RE to work on non-x86 + architectures. + * debian/tests/networkd: If /etc/resolv.conf already has three nameservers, + accept that too (as then the additional test one can't be added any more). + * Fix FTBFS on x32. Thanks Helmut Grohne! (Closes: #805910) + * debian/tests/networkd: For IPv6 tests, also wait for IPv4 address to + arrive; s-n-wait-online already exits after getting an IPv6 address, but + we verify both. + * debian/tests/boot-and-services: Don't check for "Requesting system + poweroff" log message in nspawn test, current upstream master does not + write that any more. Instead check for "Stopped Container c1". + * Add "storage" autopkgtest. Initially this covers some basic use cases with + LUKS cryptsetup devices. + * Add acl build dependency (for ). Current upstream master now + needs it for some test cases. + * debian/extra/initramfs-tools/scripts/init-bottom/udev: Use "rm -rf" + instead of "nuke". The latter does not exist any more in current + initramfs-tools. + * Ignore test failures during "make check" if /etc/machine-id is missing + (like in ancient local schroots). (Closes: #807884) + * debian/extra/rules/80-debian-compat.rules: Remember which device got the + "cdrw", "dvd", or "dvdrw" symlink to avoid changing links on device + events. (Closes: #774080). Drop the rule for the "cdrom" symlink as that + is already created in 60-cdrom_id.rules. + * Eliminate "hotplug.functions" udev helper and put the logging functions + directly into net.agent. This simplifies the migration of the latter to + ifupdown. + * Adjust manpages to keep /usr/lib/systemd/{user*,boot,ntp-units.d,modules*} + paths, only keep /lib/systemd/{system*,network}. (Closes: #808997) + * debian/udev.README.Debian: Fix typo and slight wording improvement. + (Closes: #809513) + * Drop net.agent, 80-networking.rules, and ifup@.service. These moved to + ifupdown 0.8.5 now. Add Breaks: to earlier versions. + + [ Michael Biebl ] + * Bump Build-Depends on libdw-dev to (>= 0.158) as per configure.ac. + (Closes: #805631) + * Make sure all swap units are ordered before the swap target. This avoids + that swap devices are being stopped prematurely during shutdown. + (Closes: #805133) + * Drop unneeded /etc/X11/xinit/xinitrc.d/50-systemd-user.sh from the package + and clean up the conffile on upgrades. We have the dbus-user-session + package in Debian to properly enable the D-Bus user-session mode which + also takes care of updating the systemd --user environment. + (Closes: #795761) + * Stop testing for unknown arguments in udev maintainer scripts. + * Drop networking.service.d/systemd.conf. The ifupdown package now ships a + proper service file so this drop-in file is no longer necessary. + + [ Andreas Henriksson ] + * Fix LSB init hook to not reload masked services. (Closes: #804882) + + -- Martin Pitt Sat, 02 Jan 2016 17:42:56 +0100 + +systemd (228-2) unstable; urgency=medium + + * Remove wrong endianness conversion in test-siphash24 to fix FTBFS on + big-endian machines. + * Bump libseccomp-dev build dependency to indicate required versions for + backporting to jessie. (Closes: #805497) + + -- Martin Pitt Thu, 19 Nov 2015 11:37:45 +0100 + +systemd (228-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release: + - Fix journald killing by watchdog. (Closes: #805042) + - Drop check for /etc/mtab. (Closes: #802025) + - Follow unit file symlinks in /usr, but not /etc when looking for + [Install] data, to avoid getting confused by Aliases. (Closes: #719695) + - journalctl: introduce short options for --since and --until. + (Closes: #801390) + - journald: Never accept fds from file systems with mandatory locking. + (LP: #1514141) + - Put nspawn containers in correct slice. (LP: #1455828) + * Cherry-pick some networkd fixes from trunk to fix regressions from 228. + * debian/rules: Configure with --as-needed to avoid unnecessary binary + dependencies. + * systemd-networkd-resolvconf-update.service: Increase StartLimitBurst, as + this might be legitimately called several times in quick succession. If + that part of the "networkd" autopkgtest fails, show the journal log for + that service for easier debugging. + * debian/tests/boot-and-services: Add test case for systemd-coredump. + * Add systemd-coredump postinst/prerm to enable/disable this without a + reboot. + * debian/tests/networkd: Check for systemd-networkd-wait-online in /usr as + well, for usage in other distros. + * debian/tests/logind: Skip suspend test if the kernel does not support + suspend. + * debian/tests/logind: Split tests into functions. + * debian/tests/boot-and-services: Ignore failures of console-setup.service, + to work around LP: #1516591. + * debian/tests/control: Restrict boot-smoke test to isolation-machine, it + does not currently work well in LXC. + * debian/tests/networkd: Add new test cases for "DHCP=all, IPv4 only, + disabling RA" (which should always be fast), "DHCP=all, IPv4 only" (which + will require a longer timeout due to waiting 12s for a potential IPv6 RA + reply), and "DHCP=ipv4" (with and without RA). + * debian/tests/networkd: Fix UnicodeDecodeError under 'C' locale. + * debian/tests/networkd: Show networkctl and journal output on failure. + * debian/tests/networkd: Fix bytes vs. string TypeError in the IPv6 polling. + (LP: #1516009) + * debian/tests/networkd: Show contents of test .network file on failure. + * debian/tests/networkd: Skip if networkd is already running (safer when + running on real systems), and add copyright header. + * Bump util-linux dependencies to >= 2.27.1 to ensure that the mount monitor + ignores /etc/mtab. + + [ Felipe Sateler ] + * Enable elfutils support for getting stack traces for systemd-coredump. + * libnss-my{machines,hostname}.postrm: do not remove entries from + nsswitch.conf if there are packages from other architectures remaining. + + [ Michael Biebl ] + * Drop systemd-setup-dgram-qlen.service. This has been made obsolete by + upstream commit 1985486 which bumps net.unix.max_dgram_qlen to 512 early + during boot. + * Various cleanups to the udev maintainer scripts: + - Remove unused tempdir() function. + - Properly stop udev daemon on remove. + - Stop killing udev daemon on failed upgrades and drop the corresponding + starts from preinst. + - Stop masking systemd-udevd.service and udev.service during upgrades. We + restart the udev daemon in postinst, so those masks seem unnecessary. + + -- Martin Pitt Wed, 18 Nov 2015 16:11:59 +0100 + +systemd (227-3) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/logind: Add tests for scheduled shutdown with and without + wall message. + * Import upstream fix for not unmounting system mounts (#801361) and drop + our revert patch. + * debian/tests/boot-smoke: Apply check for failed unmounts only to user + systemd processes, i. e. not to pid 1. + * Drop Fix-usr-remount-failure-for-split-usr.patch. Jessie has a new enough + initramfs-tools already, and this was just an error message, not breaking + the boot. + * Drop debian-fixup.service in favor of using a tmpfiles.d clause, which is + faster. + * Drop Order-remote-fs.target-after-local-fs.target.patch. It's mostly + academic and only applies to the already known-broken situation that rcS + init.d scripts depend on $remote_fs. + * Replace reversion of sd_pid_notify_with_fds() msg_controllen fix with + proper upstream fix to never block on sending messages on NOTIFY_SOCKET + socket. + * Drop check for missing /etc/machine-id on "make check" failure; this isn't + happening on current buildds any more. + * Drop Disable-tests-which-fail-on-buildds.patch, to re-evaluate what still + fails and needs fixing. On failure, show kernel version and /etc/hosts + to be able to debug them better. The next upload will make the necessary + adjustments to fix package builds again. + + [ Michael Biebl ] + * Drop dependency on udev from the systemd package. We don't need udev + within a container, so this allows us to trim down the footprint by not + installing the udev package. As the udev package has Priority: important, + it is still installed by default though. + * Include the status of the udev package when filing a bug report against + systemd, and vice versa. + * Use filter instead of findstring, since findstring also matches + substrings and we only want direct matches. + * systemd.bug-script: Fix typo. (Closes: #804512) + * Re-add bits which call SELinux in systemd-user pam service. + (Closes: #804565) + + [ Felipe Sateler ] + * Add libnss-resolve package. (Closes: #798905) + * Add systemd-coredump package. This Conflicts/Replaces/Provides a new + "core-dump-handler" virtual package. (Closes: #744964) + + -- Martin Pitt Wed, 11 Nov 2015 15:04:26 +0100 + +systemd (227-2) unstable; urgency=medium + + * Revert "sd_pid_notify_with_fds: fix computing msg_controllen", it causes + connection errors from various services on boot. (Closes: #801354) + * debian/tests/boot-smoke: Check for failed unmounts. This reproduces + #801361 (but not in a minimal VM, just in a desktop one). + * Revert "core: add a "Requires=" dependency between units and the + slices they are located in". This causes user systemd instances to try and + unmount system mounts (and succeed if you login as root). + (Closes: #801361) + + -- Martin Pitt Fri, 09 Oct 2015 12:34:27 +0200 + +systemd (227-1) unstable; urgency=medium + + * New upstream release. + - Bump watchdog timeout for shipped units to 3 min. (Closes: #776460) + - gpt-auto-generator: Check fstab for /boot entries. (Closes: #797326) + - Fix group of RuntimeDirectory dirs. (Closes: #798391) + - Support %i (and other macros) in RuntimeDirectory. (Closes: #799324) + - Bump util-linux/libmount-dev dependencies to >= 2.27. + * debian/libsystemd0.symbols: Add new symbols for this release. + * debian/extra/initramfs-tools/hooks/udev: Copy all + /etc/udev/rules.d/*.rules rules which are not merely overriding the one in + /lib/, not just 70-persistent-net.rules. They might contain network names + or other bits which are relevant for the initramfs. (Closes: #795494) + * ifup@.service: Drop PartOf=network.target; we don't want to stop these + units during shutdown. Stopping networking.service already shuts down the + interfaces, but contains the safeguard for NFS or other network file + systems. Isolating emergency.target still keeps working as before as well, + as this also stops networking.service. (Closes: #761909, LP: #1492546) + + -- Martin Pitt Thu, 08 Oct 2015 11:34:35 +0200 + +systemd (226-4) unstable; urgency=medium + + * debian/tests/logind: Be more verbose on failures. + * Revert networkd calling if-{up,post-down}.d/ scripts. About half of the + existing hooks are not relevant or even actively detrimental when running + with networkd. For the relevant ones, a lot of them should be fixed in the + projects themselves (using IP_FREEBIND etc.). (Closes: #798625) + * Add systemd-networkd-resolvconf-update.{path,service} units to send DNS + server updates from networkd to resolvconf, if installed and enabled. + * Don't restart logind on upgrades any more. This kills X.org (#798097) + while logind doesn't save/restore its open fds (issue #1163), and also + gets confused about being idle in between (LP: #1473800) + + -- Martin Pitt Fri, 02 Oct 2015 13:44:28 +0200 + +systemd (226-3) unstable; urgency=medium + + [ Martin Pitt ] + * README.Debian: Fix "other" typo. Thanks Salvatore Bonaccorso. + (Closes: #798737) + + [ Michael Biebl ] + * Stop building the compat library packages and drop them for good. + * Update debian/copyright. + + -- Michael Biebl Sat, 19 Sep 2015 19:06:51 +0200 + +systemd (226-2) unstable; urgency=medium + + * debian/udev.init: Mount /dev file system with nosuid. (LP: #1450960) + * udev.postinst: udev 226 introduced predictable interface names for virtio. + Create /etc/systemd/network/50-virtio-kernel-names.link on upgrade to + disable this, to avoid changing e. g. "eth0" to "ens3" in QEMU instances + and similar environments. (Closes: #799034) + + -- Martin Pitt Tue, 15 Sep 2015 15:21:09 +0200 + +systemd (226-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release: + - Fix scheduled shutdown to not shut down immediately. (Closes: #797763) + - Fix description of CPE_NAME in os-release(5). (Closes: #797768) + * debian/libsystemd0.symbols: Add new symbols from this release. + * Enable libseccomp support for mips64, mips64el, and x32. (Closes: #797403) + * debian/tests/networkd: Add hotplug tests. + * Make networkd call if-up.d/ scripts when it brings up interfaces, to + become compatible with ifupdown and NetworkManager for packages shipping + hooks. (LP: #1492129) + - Add debian/extra/systemd-networkd-dispatcher.c: suid root wrapper for + calling if-up.d/ or if-post-down.d/ hook scripts. Install it as + root:systemd-networkd 4754 so that only networkd can run it. + - Add networkd-call-systemd-networkd-dispatcher-when-links.patch: Call the + above wrapper when links go up/down. + - debian/tests/networkd: Verify that if-up.d/ and if-post-down.d/ scripts + get run for a networkd managed interface. + - Note that if-pre-up.d/ and if-down.d/ scripts are *not* being called, as + they are often not applicable for networkd (if-pre-up.d) and unreliable + (if-down.d). + * Drop udev-finish. We needed this for the autogenerated CD and network + interface names, but both are gone now. + * Drop debian/udev.udev-fallback-graphics.upstart. The vesafb module has + been compiled into the kernel in both Debian and Ubuntu for a fair while, + this never had a systemd equivalent, and Debian never shipped the + accompanying rules for determining $PRIMARY_DEVICE_FOR_DISPLAY. + * debian/control: Remove some boilerplate from the long descriptions, to + more easily get to the point what a specific package actually does. + * debian/README.Debian: As systemd is the default init now, replace the + documentation how to switch to systemd with how to switch back + (temporarily or permanently) to SysV init. Also move that paragraph to the + bottom as it's now less important. + * debian/README.Debian: Add a hint why you may want to enable persistent + journal, and suggest to uninstall system-log-daemon to avoid duplicate + logging. + * debian/README.Debian: Add documentation about networkd integration. + * Rename 01-mac-for-usb.link to 90-mac-for-usb.link so that it becomes + easier to override. + * debian-fixup.service just has one purpose now (make /etc/mtab a symlink), + so drop the debian/extra/debian-fixup shell script and put the ln command + directly into debian-fixup.service. Update the description. + * debian/tests/networkd: Check that /etc/resolv.conf gets the DHCP's + nameserver in case it is a symlink (i. e. dynamically managed by + systemd-resolved or resolvconf). + * systemd-networkd-dispatcher: Also pass on the DNS server list to if-up.d/ + as $IF_DNS_NAMESERVERS, so that resolvconf or similar programs work as + expected. + * Drop debian/systemd-journal-remote.postrm: Removing system users is + potentially dangerous (there might be a leftover process after purging). + + [ Michael Biebl ] + * Drop libsystemd-login-dev. All reverse dependencies have been updated to + use libsystemd-dev directly. + * Update build instructions to use "gbp clone" instead of "gbp-clone" as all + gbp-* commands have been removed from git-buildpackage. + + -- Martin Pitt Thu, 10 Sep 2015 16:53:53 +0200 + +systemd (225-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release. + - Fixes FTBFS on alpha. (Closes: #792551) + - Fixes machined state tracking logic. (Closes: #788269) + * Add better fix for "systemctl link/enable" breakage with full paths. + (LP: #1480310) + * debian/rules: Add missing $(dh_options) in overridden debhelper targets. + + [ Felipe Sateler ] + * Move conffile from systemd to systemd-container package (Closes: #797048) + + [ Michael Biebl ] + * Drop unnecessary Conflicts/Replaces from systemd-journal-remote. + None of the files in this package were previously shipped by systemd. + * Create system users for systemd-journal-{gateway,remote,upload} when + installing the systemd-journal-remote package. + * Explicitly turn off the features we don't want in a stage1 build. + Otherwise ./configure might enable them automatically if the build + dependencies are installed and "dh_install --fail-missing" will then fail + due to uninstalled files. + * Enable GnuTLS support as systemd-journal-remote makes sense mostly with + encryption enabled. + * Rely on build profiles to determine which packages should be skipped + during build and no longer specify that manually. + * Drop our patch which removes rc-local-generator. + rc-local.service acts as an ordering barrier even if its condition is + false, because conditions are evaluated when the service is about to be + started, not when it is enqueued. We don't want this ordering barrier on + systems that don't need/use /etc/rc.local. + + -- Michael Biebl Sun, 30 Aug 2015 21:18:59 +0200 + +systemd (224-2) unstable; urgency=medium + + [ Martin Pitt ] + * Skip systemd-fsckd autopkgtest if /run/initramfs/fsck-root exists, i. e. + the initramfs already ran fsck. + * Fix broken ACL in tmpfiles.d/systemd.conf. (Closes: #794645, LP: #1480552) + * Add debian/tests/unit-config: Test "systemctl link"; reproduces LP#1480310. + * Add a hack to unbreak "systemctl link". (LP: #1480310) + * debian/extra/rules-ubuntu/40-hyperv-hotadd.rules: Also apply to Xen, and + rename to 40-vm-hotadd.rules. + * Fix networkd crash. (Closes: #796358) + * debian/rules: Remove all files/empty dirs in systemd which are already + shipped by systemd-* or udev, instead of an explicit list. + * Bump "mount" dependency to >= 2.26, to ensure "swapon -o" availability. + (Closes: #796389) + * Install /lib/systemd/network/* into udev instead of systemd, as it's + really udev which is evaluating these. + * Split out "systemd-container" package with machined and nspawn and enable + importd. Add new libbz2-dev, zlib1g-dev, and libcurl-dev build deps. + (LP: #1448900) + * Move transitional libgcrypt11-dev build dep to libgcrypt20-dev. + * debian/rules: Limit check for libraries in /usr to systemd and udev + packages, as other packages like systemd-containers can (and do) link to + /usr. + * Build-depend on dpkg-dev (>= 1.17.14) and bump debhelper version for build + profiles support. + * Drop "display-managers" autopkgtest, obsolete with dropped + default-display-manager-generator. + * boot-and-services autopkgtest: Add systemd-container test dependency for + the nspawn tests. + * Don't enable audit support when building with "stage1" profile, to avoid + circular build dep. + + [ Helmut Grohne ] + * Improve support for cross-building and bootstrapping. + + [ Michael Biebl ] + * Drop default-display-manager-generator. All major desktops now use a + display manager which support the new scheme and setup the + /etc/systemd/system/display-manager.service symlink correctly. + * Add new binary package "systemd-journal-remote" with tools for + sending/receiving remote journal logs: + systemd-journal-{remote,upload,gatewayd}. (Closes: #742802, LP: #1480952) + + -- Martin Pitt Tue, 25 Aug 2015 12:40:35 +0200 + +systemd (224-1) unstable; urgency=medium + + * New upstream release. + * boot-and-services autopkgtest: Ignore thermald. Since 1.4.3-2 it starts by + default, but fails in most virtual envs. + + -- Martin Pitt Sat, 01 Aug 2015 13:38:57 +0200 + +systemd (223-2) unstable; urgency=medium + + * Don't enable gnu-efi on ARM. It FTBFSes and cannot really be tested now as + there is no available hardware. + * debian/extra/initramfs-tools/hooks/udev: Don't fail if + /etc/systemd/network/ does not exist. (Closes: #794050) + + -- Martin Pitt Thu, 30 Jul 2015 08:25:51 +0200 + +systemd (223-1) unstable; urgency=medium + + * New upstream release: + - Fix systemd-bootchart crash. (Closes: #792403) + - Trim list of files in /usr/share/doc/systemd/. (Closes: #791839) + - Fix "Invalid argument" failure with some journal files. + (Closes: #792090) + - tmpfiles: Don't recursively descend into journal directories in /var. + (Closes: #791897) + - Don't frequently wake up on disabled TimeoutIdleSec=, in particular in + automount timers. (LP: #1470845) + - tmpfiles: Don't delete lost+found/. (Closes: #788193) + + [ Michael Biebl ] + * udev: Remove obsolete rm_conffile/mv_conffile functions from udev.preinst. + The udev package is using dpkg-maintscripts-helper now to remove obsolete + conffiles. + * systemd: Remove obsolete conffile clean up from pre-wheezy. + * udev-udeb: Remove scsi_wait_scan hack from the start-udev script as well. + + [ Martin Pitt ] + * Enable GNU EFI support and add gnu-efi build dep. This enables/ships the + systemd EFI boot loader. (Closes: #787720, LP: #1472283) + * networkd autopkgtest: More robust/forceful killing of dnsmasq. + * ifup@.service: Drop "oneshot" to run ifup in the background during boot. + This avoids blocking network.target on boot with unavailable hotplug + interfaces in /etc/network/interfaces. (Closes: #790669, LP: #1425376) + * systemd.postinst: Avoid confusing error message about + /run/systemd/was-enabled not existing on reconfiguring. + * debian/extra/initramfs-tools/hooks/udev: Drop some redundant code. + * Fix networkd-wait-online -i to properly wait for the given interfaces + only. + * Drop debian/extra/base-installer.d/05udev: We use net.ifnames by default + now, thus we don't need to copy 70-persistent-*.rules any more. + * debian/extra/start-udev: Run d-i's udevd with "notice" log level, just + like we did in the initramfs in 219-10. + * Fix size explosion of networkd (post-223 patch from trunk). + + [ Julian Wollrath ] + * Copy all .link interface naming definitions to initramfs. (Closes: #793374) + + [ Felipe Sateler ] + * nss-my*.postinst: configure at the end of the hosts line, not before + files. (Closes: #789006) + + -- Martin Pitt Thu, 30 Jul 2015 00:02:26 +0200 + +systemd (222-2) unstable; urgency=medium + + [ Adam Conrad ] + * debian/udev-udeb.install: Install new bits for net.ifnames (LP: #1473542) + * debian/extra/initramfs-tools/hooks/udev: Do the same for initramfs-tools. + + [ Martin Pitt ] + * emergency.service: Wait for plymouth to shut down. Fixes invisible + emergency shell with plymouth running endlessly. (LP: #1471258) + * Add "networkd" autopkgtest. Covers basic DHCP on IPv4 and IPv4+6 on a veth + device. + + [ Michael Biebl ] + * Bump package priorities of systemd and systemd-sysv to important to match + what has been used in the Debian archive since Jessie. + * Drop scsi_wait_scan hack from the udev initramfs-tools script. This Linux + kernel module has been broken since 2.6.30 and as a result was removed in + 3.5. The Debian Jessie kernel no longer ships this module. + (Closes: #752775) + * Drop libsystemd-journald-dev and libsystemd-id128-dev. There are no + reverse dependencies left and we want to avoid new packages picking up + a build dependency on those obsolete transitional packages. + + -- Michael Biebl Wed, 15 Jul 2015 23:51:15 +0200 + +systemd (222-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release: + - Fix reload killing BusName= units. (Closes: #746151) + - sysv-generator: detect invalid names and escape them. (Closes: #677075) + - Document removal of PIDFile on daemon shutdown. (Closes: #734006) + - Drop Revert-rules-fix-tests-for-removable-state.patch, the auto-suspend + rules now got dropped entirely. + * Add Revert-VT-reuse-patches.patch: Revert a couple of logind VT reuse + patches which alternately broke lightdm and gdm. + * debian/libsystemd0.symbols: Add new symbols from this release. + * Disable test-netlink during package build, fails on some buildds. + * udev.postinst: Don't call addgroup with --quiet, so that if the "input" + group already exists as a non-system group you get a sensible error + message. Some broken tutorials forget the --system option. + (Closes: #769948, LP: #1455956) + * systemd.postinst: Drop the --quiet from the addgroup calls as well, same + reason as above. (Closes: #762275) + * udev: Drop doc dir symlinking. It has caused too much trouble and only + marginally helps to avoid duplication. Such duplication should be dealt + with at the distro, not package level. + * debian/rules: Entirely ignore $LD_PRELOAD instead of just libfakeroot in + the link check, to also avoid libeatmydata. (Closes: #790546) + * boot-and-services, display-managers autopkgtests: Install and configure + dummy X.org driver, so that these work in headless machines/VMs. + * systemd-fsckd autopkgtest: Stop using/asserting on lightdm, just check + that default.target is active. lightdm is prone to fail in test + environments, and fiddling with it in two other autopkgtests is + sufficient. + * debian/watch: Adjust to new upstream release model of only providing the + github tag tarballs. + * Drop dsl-modem.agent. It hasn't been maintained/tested for many years, few + if any people actually use this, and this doesn't belong into udev. + + [ Michael Biebl ] + * Stop building the Python 3 bindings. They were split into a separate + source package upstream and are now built from src:python-systemd. See + http://lists.freedesktop.org/archives/systemd-devel/2015-July/033443.html + * Remove obsolete --disable-chkconfig configure option. + * Move the man pages for libnss-myhostname, libnss-mymachines and udev.conf + from systemd into the correct package. Move the zsh completion file for + udevadm into the udev package as well. Add Breaks/Replaces accordingly. + (Closes: #790879) + * Drop rules which remove pre-generated files before build. The upstream + tarball no longer ships any pre-generated files so this is no longer + necessary. + * Fix cleanup rule for Python byte code files. + + -- Michael Biebl Wed, 08 Jul 2015 18:56:07 +0200 + +systemd (221-1) unstable; urgency=medium + + * New upstream release 221: + - Fix persistent storage links for Xen devices. (LP: #1467151) + - Drop all backported patches and port the others to new upstream release. + - debian/rules: Drop workarounds for broken 220 tarball, 221 is fine. + + [ Michael Biebl ] + * initramfs hook: Stop installing 55-dm.rules, 64-md-raid.rules, + 60-persistent-storage-lvm.rules and 60-persistent-storage-dm.rules. + The mdadm, lvm2 and dmsetup package provide their own udev hooks nowadays + to make sure their udev rules files are installed into the initramfs. + Having the copy rules at two places is confusing and makes debugging + harder. + * Make it possible to skip building udeb packages via + DEB_BUILD_OPTIONS="noudeb". This allows quicker builds for local testing + and is benefical for derivatives that don't use d-i. + * Install API documentation for libudev and libsystemd in their respective + packages. Both libraries use man pages now, so we need to be explicit + about what is installed where. + + [ Martin Pitt ] + * ifupdown-hotplug autopkgtest: Different cloud/desktop environments have + different ways of including /etc/network/interfaces.d/, try to get along + wit either and skip the test if interfaces.d/ does not get included at + all. + * Drop obsolete gtk-doc-tools build dependency, gtkdocize autoreconfig, and + ./configure options. + * libudev-dev.install: Drop gtk-doc files, not built by upstream any more + and replaced with manpages. + * libsystemd0.symbols: Add new symbols for this release. + * debian/rules: Fix paths in manpages as we don't currently have a merged + /usr in Debian but have most systemd things in /lib. This replaces the + previous huge and maintenance-intense patch. + * Drop Accept-mountall-specific-fstab-options.patch. Replaced with + systemd.postinst migration code in Ubuntu. + * Revert overly aggressive USB autosuspend udev rules change which broke + various USB keyboards. (Closes: #789723) + * Have rc-local.service output also go to the console. /etc/rc.local often + contains status messages which users expect to see during boot. + (LP: #1468102) + * debian/rules: Install udev.NEWS into libudev1, to get along with Debian's + udev -> libudev1 doc dir symlinking. (Closes: #790042) + + -- Martin Pitt Sun, 28 Jun 2015 12:05:36 +0200 + +systemd (220-7) unstable; urgency=medium + + [ Michael Biebl ] + * Enable seccomp support on arm64 as well. + * Replace the remainder of Fix-paths-in-man-pages.patch with an upstream + provided patch. + + [ Martin Pitt ] + * Switch to net.ifnames persistent network interfaces (on new + installations/for new hardware), and deprecate the old + 75-persistent-net-generator.rules. See the ML discussion for details: + https://lists.debian.org/debian-devel/2015/05/msg00170.html + https://lists.debian.org/debian-devel/2015/06/msg00018.html + - Drop Make-net.ifnames-opt-in-instead-of-opt-out.patch, to use + net.ifnames by default. + - Revert-udev-network-device-renaming-immediately-give.patch: Adjust + patch comment. + - Drop 75-persistent-net-generator.rules, write_net_rules helper and + rule_generator.functions. + - Adjust udev's README.Debian accordingly, and describe the migration. + This needs to happen manually as there is no robust way of doing this + automatically. + - Add udev NEWS file for announcing this change and pointing to udev's + README. + - udev.postinst: Drop write_interfaces_rules(). + - udev.postinst: Disable net.ifnames on systems which did not support + 75-persistent-net-generator.rules (most importantly, virtualized guests) + to avoid changing network interface names on upgrade. + - LP: #1454254 + * fsckd-daemon-for-inter-fsckd-communication.patch: Add fsckd.c to + POTFILES.in. + * ifupdown-hotplug autopkgtest: Fix config name in interfaces.d/, it must + not have a suffix in Debian. Also clean up the file after the test. + * net.agent: When running under systemd, run everything in the foreground. + This avoids killing the forked child in the middle of its operation under + systemd when the parent exits. + * Check during build that systemd and systemd-journald don't link against + anything in /usr, to prevent bugs like #771652 and #788913 in the future. + * Drop Skip-99-systemd.rules-when-not-running-systemd-as-in.patch. The rules + mostly just attach tags systemd specific properties which are harmless + under other init systems, and systemd-sysctl also works there. + * 80-networking.rules: Only call agents for add|remove, as they don't handle + other events. + * Restore udev watches on block device changes. (Closes: #789060, + LP: #1466081) + + -- Martin Pitt Wed, 17 Jun 2015 22:48:53 +0200 + +systemd (220-6) unstable; urgency=medium + + * Enable seccomp support on the architectures that provide libseccomp. + (Closes: #760299) + * boot-and-services autopkgtest: Add SeccompTest for the above. + * boot-and-services autopkgtest: Check that we don't get an unwanted + tmp.mount unless /etc/fstab explicitly specifies it. + * Bump libcap-dev build dep to the version that provides libcap2-udeb. + (Closes: #787542) + * Stop installing tmp.mount by default; there are still situations where it + becomes active through dependencies from other units, which is surprising, + hides existing data in /tmp during runtime, and it isn't safe to have a + tmpfs /tmp on every install scenario. (Closes: #783509) + - d/rules: Ship tmp.mount in /usr/share/systemd/ instead of + /lib/systemd/systemd. + - systemd.postinst: When tmp.mount already was enabled, install tmp.mount + into /etc and keep it enabled. + - systemd.postinst: When enabling tmp.mount because of RAMTMP=yes, copy it + from /usr/share. + - Drop Don-t-mount-tmp-as-tmpfs-by-default.patch and + PrivateTmp-shouldn-t-require-tmpfs.patch, not necessary any more. + + -- Martin Pitt Thu, 11 Jun 2015 09:25:49 +0200 + +systemd (220-5) unstable; urgency=medium + + * debian/README.source: Upstream repository moved to github, adjust + cherry-picking instructions accordingly. + * debian/control: Replace obsolete Python2 version header with + X-Python3-Version. + * dracut: Fix path to systemd-fsck. (Closes: #787553) + * Ignore test failures during build if /etc/machine-id is missing (which is + the case in a few buildd chroots still). (Closes: #787258) + * debian/udev.README.Debian: Move network interface hotplug documentation + into separate section. Point out that "lo" does not need to be configured + in ifupdown under systemd. + * debian/udev.README.Debian: Document net.ifnames, and how to write udev + rules for custom network names. + * Add debian/extra/01-mac-for-usb.link: Use MAC based names for network + interfaces which are (directly or indirectly) on USB. Path based names + are inadequate for dynamic buses like USB. + * Fix another escape parsing regression in Exec*= lines. (Closes: #787256) + * Disable EFI support for udeb build. + * Refine detection of touch screen devices. + + -- Martin Pitt Sun, 07 Jun 2015 16:52:33 +0200 + +systemd (220-4) unstable; urgency=medium + + [ Martin Pitt ] + * debian/extra/initramfs-tools/scripts/init-top/udev: Drop $ROOTDELAY wait. + This does not concern udev in particular, but is handled by + initramfs-tools itself (scripts/local). The intention of this parameter is + not to statically wait for the given time, but wait *up to* that time for + the root device to appear. + * Add debian/extra/units/rc-local.service.d/wait-online.conf: Make + rc-local.service wait for network-online.target (if it gets started). This + not specified by LSB, but has been behaving that way in Debian under SysV + init and upstart. (LP: #1451797) + * Fix parsing of escape characters in Exec*= lines. (Closes: #787256) + * Drop path_is_mount_point-handle-false-positive-on-some-fs.patch (it was + already not applied in 220-1). This needs to be re-thought and re-done + against the current code, and overlayfs in general. On overlayfs this + still reports false positives for files that changed in the upperdir, but + this does not break systemd-machine-id-commit any more. + * Add debian/extra/rules/80-debian-compat.rules, replacing three of our + patches. These are independent udev rules to change device permissions and + add CD/DVD symlinks for compatibility with earlier Debian releases. + + [ Michael Biebl ] + * Bump Depends on util-linux to make sure we have a sulogin implementation + which properly cleans up its children when emergency.service is restarted. + (Closes: #784238) + * Stop using /sbin/udevd and drop the compat symlink. + * Remove any vestiges of /dev/.udev/. This directory has been replaced by + /run/udev/ since wheezy. + * Drop udev migration code from pre-wheezy. + + -- Martin Pitt Tue, 02 Jun 2015 08:16:36 +0200 + +systemd (220-3) unstable; urgency=medium + + * Fix ProtectSystem=yes to actually protect /usr, not /home. + (Closes: #787343) + * sd-device: fix device_get_properties_strv(). Fixes environment for + processes spawned by udev, in particular "allow-hoplug" ifupdown + interfaces via ifup@.service. (Closes: #787263) + * Ignore test failures on mipsel; the three failures are not reproducible on + the porter box (different kernel?). (See #787258) + * Add ifupdown-hotplug autopkgtest. Reproduces #787263. + * udev: Bring back persistent storage symlinks for bcache. Thanks David + Mohr! (Closes: #787367) + * sd-device: Fix invalid property strv pointers. This unbreaks the + environment of udev callouts. + + -- Martin Pitt Mon, 01 Jun 2015 12:58:20 +0200 + +systemd (220-2) unstable; urgency=low + + * 220-1 was meant to go to experimental, but was accidentally uploaded to + unstable. This was planned for next week anyway, just not on a Friday; + we don't revert, but keep an RC bug open for a few days to get broader + testing. Reupload 220-1 with its changelog actually pointing to unstable + and with all versions in the .changes. + + -- Martin Pitt Fri, 29 May 2015 18:54:09 +0200 + +systemd (220-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release: + - Ship sdio.ids and ids-update.pl in upstream tarball. (Closes: #780650) + - Drop non-working "journalctl /dev/sda" example from manpage + (Closes: #781604) + - man systemd.network: Explain UseDomains a bit more (not used by + default). (Closes: #766413) + - Ignore comments in /etc/hostname (LP: #1053048) + - Drop all backported patches and port the others to new upstream release. + * Cherry-pick patch to fix udevd --daemon assertion regression. + * Cherry-pick patch to fix udevd worker hang. + * systemd.install: systemd.pc moved back into /usr/share/pkgconfig/. + * libsystemd0.symbols: Add new symbols from this release. + * Drop debian/extra/60-keyboard.hwdb for now. Upstream has a newer version, + and it's not nearly as often updated any more as it used to be. + * debian/rules: Remove shipped audit_type-to-name.h and + keyboard-keys-from-name.gperf and regenerate them during build (bug in + upstream 220 tarball). + * autopkgtest: Ship/use mock fsck from debian/tests, as it's missing in the + 220 tarball. + * Add libnss-mymachines binary package. (Closes: #784858) + * Add libnss-myhostname binary package, taking over from the very old and + unmaintained standalone source package as per its maintainer's request. + (Closes: #760514) + * Drop buildsys-Don-t-default-to-gold-as-the-linker.patch and set LD in + debian/rules on sparc only. This can be dropped entirely once we build + GUdev from a separate source. + * bootchart autopkgtest: Skip test if /proc/schedstat does not exist, i. e. + the kernel is missing CONFIG_SCHEDSTAT. Bootchart requires this. + * systemd-fsckd autopkgtest: On Debian plymouth-start stays running, adjust + was_running() for that. + * systemd-fsckd autopkgtest: In test_systemd_fsck_with_plymouth_failure(), + fix plymouthd status check to work under both Debian and Ubuntu. + * Replace almost all of Fix-paths-in-man-pages.patch with upstreamed + patches. (The remainder is planned to get fixed upstream as well.) + * Remove our update-rc.d patches, replace them with upstream patches for + /lib/systemd/systemd-sysv-install abstraction, and provide one for + update-rc.d. Also implement "is-enabled" command by directly checking for + the presence of rcS or rc5 symlinks. (Closes: #760616) + * Fix path_is_mount_point for files (regression in 220). + * debian/control: Drop obsolete XS-Testsuite:, dpkg adds it automatically. + * Use Ubuntu's default NTP server for timesyncd when building on Ubuntu. + + [ Michael Biebl ] + * Remove /var/run and /var/lock migration code from debian-fixup. The /run + migration was completed in wheezy so this is no longer necessary. + * Drop our versioned Depends on initscripts. This was initially added for + the /run migration and later to ensure we have a mountnfs hook which + doesn't cause a deadlock under systemd. The /run migration was completed + in wheezy and jessie ships a fixed mountnfs hook. In addition we now use + the ignore-dependencies job mode in our lsb init-functions hook, so it's + safe to drop this dependency. + * Stop building gudev packages. Upstream has moved the gudev code into a + separate repository which is now managed on gnome.org. The gudev packages + will be built from src:libgudev from now on. See also + http://lists.freedesktop.org/archives/systemd-devel/2015-May/032070.html + + -- Martin Pitt Fri, 29 May 2015 10:37:40 +0200 + +systemd (219-10) experimental; urgency=medium + + * Fix assertion crash with empty Exec*= paths. (LP: #1454173) + * Drop Avoid-reload-and-re-start-requests-during-early-boot.patch + and Avoid-reloading-services-when-shutting-down.patch: This was fixed more + robustly in invoke-rc.d and service now, see #777113. + * debian/tests/boot-smoke: Allow 10 seconds for systemd jobs to settle down. + * Fix "tentative" state of devices which are not in /dev (mostly in + containers), and avoid overzealous cleanup unmounting of mounts from them. + (LP: #1444402) + * debian/extra/udev-helpers/net.agent: Eliminate cat and most grep calls. + * Drop Set-default-polling-interval-on-removable-devices-as.patch; it's long + obsolete, CD ejection with the hardware button works properly without it. + * Re-enable-journal-forwarding-to-syslog.patch: Update patch description, + journal.conf.d/ exists now. + * journal: Gracefully handle failure to bind to audit socket, which is known + to fail in namespaces (containers) with current kernels. Also + conditionalize systemd-journald-audit.socket on CAP_AUDIT_READ. + (LP: #1457054) + * Put back *.agent scripts and use net.agent in Ubuntu. This fixes escaping + of unit names, reduces the delta, and will make it easier to get a common + solution for integrating ifup.d/ scripts with networkd. + * When booting with "quiet", run the initramfs' udevd with "notice" log + level. (LP: #1432171) + * Add sigpwr-container-shutdown.service: Power off when receiving SIGPWR in + a container. This makes lxc-stop work for systemd containers. + (LP: #1457321) + * write_net_rules: Escape '{' and '}' characters as well, to make this work + with busybox grep. Thanks Faidon Liambotis! (Closes: #765577) + + -- Martin Pitt Thu, 21 May 2015 09:43:52 +0200 + +systemd (219-9) experimental; urgency=medium + + * 75-persistent-net-generator.rules: Fix rules for ibmveth (it's a driver, + not a subsystem). (LP: #1437375) + * debian/tests/unit-config: Add tests for systemctl enable/disable on a + SysV-only unit. Reproduces LP #1447807. + * Fix systemctl enable for SysV scripts without a native unit. We must not + try and enable the nonexisting unit then. (LP: #1447807) + * Drop Add-env-variable-for-machine-ID-path.patch. systemd should always + be installed via the essential "init" in buildd schroots now. + * debian/README.source: Update git-buildpackage commands for the renames in + 0.6.24. + * Make apparmor run before networking, to ensure that profiles apply to + e. g. dhclient (LP: #1438249): + - Rename networking.service.d/network-pre.conf to systemd.conf, and add + After=apparmor.service. + - ifup@.service: Add After=apparmor.service. + - Add Breaks: on apparmor << 2.9.2-1, which dropped its dependency to + $remote_fs. + * Drop login-don-t-overmount-run-user-UID-on-upgrades.patch and + login-don-t-overmount-run-user-UID-on-upgrades.patch, these were only + needed for upgrades from wheezy to jessie. + * systemd.{pre,post}inst: Clean up obsolete (pre-wheezy/jessie) upgrade + fixes. + * systemd-fsckd autopkgtest: Stop assuming that + /etc/default/grub.d/90-autopkgtest.cfg exists. + * systemd-fsckd autopkgtest: Add missing plymouth test dependency. + * Drop core-mount-ensure-that-we-parse-proc-self-mountinfo.patch, and bump + util-linux dependency to the version which enables + --enable-libmount-force-mountinfo. + + -- Martin Pitt Wed, 13 May 2015 12:27:21 +0200 + +systemd (219-8) experimental; urgency=medium + + [ Michael Biebl ] + * Skip filesystem check if already done by the initramfs. (Closes: #782522) + * Drop hard-coded versioned dependency on libapparmor1. Bump the + Build-Depends on libapparmor-dev instead. This ensures a proper versioned + dependency via Build-Depends-Package. + * Revert "Make apparmor run before networking". This causes dependency + cycles while apparmor still depends on $remote_fs. + * Cleanup hwclock-save.service symlinks when upgrading from the jessie + version. + + [ Martin Pitt ] + * cryptsetup: Implement offset and skip options. (Closes: #751707, + LP: #953875) + * logind autopkgtest: Add test for suspending on lid switch close. + This reproduces LP #1444166 (lid switch not working in the first few + minutes after boot). + * Reduce the initial suspend supression time from 3 minutes to 30 seconds, + and make it configurable. (LP: #1444166) + * Fix double free crash in "systemctl enable" when calling update-rc.d and + the latter fails. (Closes: #764613, LP: #1426588) + * hwdb: Fix wireless switch on Dell Latitude (LP: #1441849) + * Fix assertion crash when reading a service file with missing ' and + trailing space. (LP: #1447243) + * ifup@.service: Set IgnoreOnIsolate, so that "systemctl default" does not + shut down network interfaces. (Closes: #762953, LP: #1449380). + Add PartOf=network.target, so that stopping network.target also stops + network interfaces (so that isolating emergency.target and similar work as + before). + * Revert upstream commit 743970d which immediately SIGKILLs units during + shutdown. This leads to problems like bash not being able to write its + history, mosh not saving its state, and similar failed cleanup actions. + (Closes: #784720, LP: #1448259) + * Drop the reversion of "journald: allow restarting journald without losing + stream connections", and replace with proper upstream fix for + sd_pid_notify_with_fds(). (See Debian #778970, LP #1423811; LP: #1437896) + + -- Martin Pitt Wed, 29 Apr 2015 17:13:41 +0200 + +systemd (219-7) experimental; urgency=medium + + [ Martin Pitt ] + * Make systemd-sysv's dependency to systemd unversioned. The package just + contains 6 symlinks and thus isn't sensitive at all against version + mismatches. This avoids running into circular dependencies when testing + local debs. + * Revert "udev: Drop hwdb-update dependency" and replace with upstream patch + which moves it to systemd-udev-trigger.service. + * display-managers autopkgtest: Properly wait until all jobs are finished. + * display-managers autopkgtest: Reset failed units between tests, to avoid + running into restart limits and for better test isolation. + * Enable timesyncd in virtual machines. (Closes: #762343) + + [ Adam Conrad ] + * debian/systemd.{triggers,postinst}: Trigger a systemctl daemon-reload + when init scripts are installed or removed (Closes: #766429) + + [ Didier Roche ] + * Squash all fsckd patches in one (as fsckd and such will be removed + soon upstream), containing various fixes from upstream git and refactor + the connection flow to upstream's suggestion. Modify the man pages to match + those modifications as well. Amongst others, this suppresses "Couldn't + connect to plymouth" errors if plymouth is not running. + (Closes: #782265, LP: #1429171) + * Keep plymouth localized messages in a separate patch for easier updates in + the future and refresh to latest upstream. + * display-managers autopkgtest: Use ExecStart=sleep instead of the actual + lightdm binary, to avoid errors from lightdm startup. Drop the now + unnecessary "needs-recommends" to speed up the test. + + -- Martin Pitt Fri, 10 Apr 2015 11:08:33 +0200 + +systemd (219-6) experimental; urgency=medium + + [ Martin Pitt ] + * Import patches from v219-stable branch (up to 85a6fab). + * boot-and-services autopkgtest: Add missing python3 test dependency. + * Make apparmor run before networking, to ensure that profiles apply to + e. g. dhclient (LP: #1438249): + - Rename networking.service.d/network-pre.conf to systemd.conf, and add + After=apparmor.service. + - ifup@.service: Add After=apparmor.service. + * udev: Drop hwdb-update dependency, which got introduced by the above + v219-stable branch. This causes udev and plymouth to start too late and + isn't really needed in Debian yet as we don't support stateless systems + yet and handle hwdb.bin updates through dpkg triggers. (LP: #1439301) + + [ Didier Roche ] + * Fix mount point detection on overlayfs and similar file systems without + name_to_handle_at() and st_dev support. (LP: #1411140) + + [ Christian Seiler ] + * Make the journald to syslog forwarding more robust by increasing the + maximum datagram queue length from 10 to 512. (Closes: #762700) + + [ Marco d'Itri ] + * Avoid writing duplicate entries in 70-persistent-net.rules by double + checking if the new udev rule has already been written for the given + interface. This happens if multiple add events are generated before the + write_net_rules script returns and udevd renames the interface. + (Closes: #765577) + + -- Martin Pitt Thu, 02 Apr 2015 09:14:48 +0200 + +systemd (219-5) experimental; urgency=medium + + [ Didier Roche ] + * Add "systemd-fsckd" autopkgtest. (LP: #1427312) + * cmdline-upstart-boot autopkgtest: Update to Ubuntu's upstart-sysv split + (test gets skipped on Debian while upstart-sysv does not yet exist there). + * Cherry-pick a couple of upstream commits for adding transient state, + fixing a race where mounts become available before the device being + available. + * Ensure PrivateTmp doesn't require tmpfs through tmp.mount, but rather adds + an After relationship. (Closes: #779902) + + [ Martin Pitt ] + * journald: Suppress expected cases of "Failed to set file attributes" + errors. (LP: #1427899) + * Add systemd-sysv.postinst: Update grub on first installation, so that the + alternative init system boot entries get updated. + * debian/tests: Call /tmp/autopkgtest-reboot, to work with autopkgtest >= + 3.11.1. + * Check for correct architecture identifiers for SuperH. (Closes: #779710) + * Fix tmpfiles.d to only apply the first match again (regression in 219). + (LP: #1428540) + * /lib/lsb/init-functions.d/40-systemd: Don't ignore systemd unit + dependencies in "degraded" mode. (LP: #1429734) + + [ Michael Biebl ] + * debian/udev.init: Recognize '!' flag with static device lists, to work + with kmod 20. (Closes: #780263) + + [ Craig Magina ] + * rules-ubuntu/71-power-switch-proliant.rules: Add support for HP ProLiant + m400 Server Cartridge soft powerdown on Linux 3.16. (LP: #1428811) + + [ Scott Wakeling ] + * Rework package description to be more accurate. (Closes: #740372) + + -- Martin Pitt Thu, 26 Mar 2015 16:31:04 +0100 + +systemd (219-4) experimental; urgency=medium + + * tmpfiles: Avoid creating duplicate ACL entries. Add postinst code to clean + them up on upgrade. (Closes: #778656) + * bootchart: Fix path to default init. (LP: #1423867) + * Add "bootchart" autopkgtest, to spot regressions like the above. + * autopkgtests: Factorize out "assert.sh" utility functions, and use them in + the tests for useful failure messages. + * Downgrade requirement for timedated, hostnamed, localed-locale, and + logind autopkgtests from machine to container isolation. + * boot-and-services and display-manager autopkgtest: Add systemd-sysv as + proper test dependency instead of apt-get installing it. This works now + also under Ubuntu 15.04. + * boot-and-services autopkgtest: Check cleanup of temporary files during + boot. Reproduces #779169. + * Clean up /tmp/ directory again. (Closes: #779169, LP: #1424992) + + -- Martin Pitt Fri, 27 Feb 2015 07:02:09 +0100 + +systemd (219-3) experimental; urgency=medium + + * sysv-generator: fix wrong "Overwriting existing symlink" warnings. + (Closes: #778700) + * Add systemd-fsckd multiplexer and feed its output to plymouth. This + provides an aggregate progress report of running file system checks and + also allows cancelling them with ^C, in both text mode and Plymouth. + (Closes: #775093, #758902; LP: #1316796) + * Revert "journald: allow restarting journald without losing stream + connections". This was a new feature in 219, but currently causes boot + failures due to logind and other services not starting up properly. + (Closes: #778970; LP: #1423811) + * Add "boot-smoke" autopkgtest: Test 20 successful reboots in a row, and + that there are no connection timeouts or stalled jobs. This reproduces the + above regression. + * debian/tests/localed-locale: Set up locale and keyboard default files on a + minimal unconfigured testbed. + * Add missing python3 test dependency to cmdline-upstart-boot and + display-managers autopkgtests. + * debian/tests/boot-and-services: Skip AppArmor test if AppArmor is not + enabled. + * debian/tests/boot-and-services: Reboot also if lightdm was just installed + but isn't running yet. + + -- Martin Pitt Mon, 23 Feb 2015 09:52:12 +0100 + +systemd (219-2) experimental; urgency=medium + + * Fix UTF-16 to UTF-8 conversion on big-endian machines. (Closes: #778654) + * Disable new new test-sigbus, it fails on some buildds due to too old + kernels. (part of #778654) + * debian/README.Debian, debian/systemd.postinst: Drop setfacl call for + /var/log/journal, this is now done automatically by tmpfiles.d/systemd.conf. + * Drop "acl" dependency, not necessary any more with the above. + * debian/tests/boot-and-services: Move to using /var/lib/machines/, + /var/lib/containers is deprecated. + + -- Martin Pitt Wed, 18 Feb 2015 15:29:42 +0100 + +systemd (219-1) experimental; urgency=medium + + [ Martin Pitt ] + * New upstream release: + - Fix spelling mistake in systemd.unit(5). (Closes: #773302) + - Fix timeouts with D-Bus, leading to SIGFPE. (Closes: #774012) + - Fix load/save of multiple rfkill states. (Closes: #759489) + - Non-persistent journal (/run/log/journal) is now readable by group adm. + (Closes: #771980) + - Read netdev user mount option to correctly order network mounts after + network.target. (Closes: #769186) + - Fix 60-keyboard.hwdb documentation and whitespace handling. + (Closes: #757367) + - Fix ThinkPad X1 Carbon 20BT trackpad buttons (LP: #1414930) + - Drop all backported patches and port the others to new upstream release. + * Bump libblkid-dev build dependency as per upstream configure.ac. + * debian/systemd.install: Add new language-fallback-map file. + * debian/udev.install: Add new systemd-hwdb tool. + * debian/libsystemd0.symbols: Add new symbols from this release. + * tmpfiles.d/systemd.conf: Drop "wheel" ACL (that group does not exist in + Debian) to make the ACL for "adm" actually work. + * debian/rules: Explicitly disable importd for now; it should still mature a + bit. Explicitly enable hwdb support. + * /lib/lsb/init-functions.d/40-systemd: Call systemctl is-system-running + with --quiet. (LP: #1421058) + * debian/systemd.postrm: Clean getty@tty1.service and remote-fs.target + enablement symlinks on purge. (Closes: #778499) + * Move all Debian specific units in the systemd package into + debian/extra/units/ and simplify debian/systemd.install. + * Enable timesyncd by default. Add a config drop-in to not start if ntp, + openntpd, or chrony is installed. (Closes: #755722) + * debian/systemd.links: Drop obsolete hwclockfirst.service mask link, this + was dropped in wheezy's util-linux already. + * debian/udev.postinst: Call systemd-hwdb instead of udevadm hwdb. + + [ Michael Biebl ] + * Stop removing firstboot man pages. They are now installed conditionally. + + -- Martin Pitt Tue, 17 Feb 2015 15:51:38 +0100 + +systemd (218-10) experimental; urgency=medium + + * Pull latest keymaps from upstream git. (LP: #1334968, #1409721) + * rules: Fix by-path of mmc RPMB partitions and don't blkid them. Avoids + kernel buffer I/O errors and timeouts. (LP: #1333140) + * Clean up stale mounts when ejecting CD drives with the hardware eject + button. (LP: #1168742) + * Document systemctl --failed option. (Closes: #767267) + * Quiesce confusing and irrelevant "failed to reset devices.list" warning. + (LP: #1413193) + * When booting with systemd-bootchart, default to run systemd rather than + /sbin/init (which might not be systemd). (LP: #1417059) + * boot-and-services autopkgtest: Add CgroupsTest to check cgroup + creation/cleanup behaviour. This reproduces #777601 and verifies the fix + for it. + + -- Martin Pitt Fri, 13 Feb 2015 12:25:06 +0100 + +systemd (218-9) experimental; urgency=medium + + [ Martin Pitt ] + * debian/tests/logind: With dropped systemd-logind-launch we don't have a + visible /sys/fs/cgroup/systemd/ any more under cgmanager. So adjust the + test to check /proc/self/cgroup instead. + * Add unit-config autopkgtest to check systemd unit/sysv init enabling and + disabling via systemctl. This also reproduces #777613. + * systemctl: Always install/enable/disable native units, even if there is a + corresponding SysV script and we call update-rc.d; while the latter + handles WantedBy=, it does not handle Alias=. (Closes: #777613) + * cgroup: Don't trim cgroup trees created by someone else, just the ones + that systemd itself created. This avoids cleaning up empty cgroups from + e.g. LXC. (Closes: #777601) + * Don't parse /etc/mtab for current mounts, but /proc/self/mountinfo. If the + former is a file, it's most likely outdated on boot, leading to race + conditions and unmounts during boot. (LP: #1419623) + + [ Michael Biebl ] + * Explicitly disable the features we don't want to build for those with + autodetection. This ensures reliable build results in dirty build + environments. + * Disable AppArmor support in the udeb build. + * core: Don't fail to run services in --user instances if $HOME is missing. + (Closes: #759320) + + [ Didier Roche ] + * default-display-manager-generator: Avoid unnecessary /dev/null symlink and + warning if there is no display-manager.service unit. + + -- Michael Biebl Thu, 12 Feb 2015 18:45:12 +0100 + +systemd (218-8) experimental; urgency=medium + + [ Martin Pitt ] + * boot-and-services autopkgtest: Ensure that there are no failed units, + except possibly systemd-modules-load.service (as that notoriously fails + with cruft in /etc/modules). + * Revert "input" system group creation in systemd.postinst from 218-7. It's + already done in udev.postinst. + * ifup@.service: Revert checking for existance of ifupdown config for that + interface, net.agent already does that. + * Drop Also-redirect-to-update-rc.d-when-not-using-.service.patch; not + necessary any more with the current version (mangle_names() already takes + care of this). + * Merge into Add-support-for-rcS.d-init-scripts-to-the-sysv-gener.patch: + - Do-not-order-rcS.d-services-after-local-fs.target-if.patch, as it + partially reverts the above, and is just fixing it. + - Map-rcS.d-init-script-dependencies-to-their-systemd-.patch as it's just + adding some missing functionality for the same purpose. + * Merge Run-update-rc.d-defaults-before-update-rc.d-enable-d.patch into + Make-systemctl-enable-disable-call-update-rc.d-for-s.patch as the former + is fixing the latter and is not an independent change. + * Drop Launch-logind-via-a-shell-wrapper.patch and systemd-logind-launch + wrapper. The only remaining thing that we need from it is to create + /run/systemd/, move that into the D-BUS service file directly. + * /lib/lsb/init-functions.d/40-systemd: Avoid deadlocks during bootup and + shutdown. DHCP/ifupdown and similar hooks which call "/etc/init.d/foo + reload" can easily cause deadlocks, since the synchronous wait plus + systemd's normal behaviour of transactionally processing all dependencies + first easily causes dependency loops. Thus during boot/shutdown operate + only on the unit and not on its dependencies, just like SysV behaves. + (Closes: #777115, LP: #1417010) + * Only start logind if dbus is installed. This fixes the noisy startup + failure in environments without dbus, such as LXC containers or servers. + (part of #772700) + * Add getty-static.service unit which starts getty@.service on tty 2 to 6 if + dbus is not installed, and hence logind cannot auto-start them on demand. + (Closes: #772700) + + [ Michael Biebl ] + * Update insserv-generator and map $x-display-manager to + display-manager.service, following the recent change in sysv-generator. + This avoids creating references to a no longer existing + x-display-manager.target unit. + + -- Martin Pitt Mon, 09 Feb 2015 18:07:22 +0100 + +systemd (218-7) experimental; urgency=medium + + [ Martin Pitt ] + * Don't attempt to mount the same swap partition twice through different + device node aliases. (Closes: #772182, LP: #1399595) + * logind: handle closing sessions over daemon restarts. (Closes: #759515, + LP: #1415104) + * logind: Fix sd_eviocrevoke ioctl call, to make forced input device release + after log out actually work. + * debian/rules: Drop obsolete --disable-multi-seat-x and + --with-firmware-path configure options. + * debian/udev.README.Debian: Trim the parts which are obsolete, wrong, or + described in manpages. Only keep the Debian specific bits. + (Part of #776546) + * Actually install udev's README.Debian when building for Debian. + (Closes: #776546) + * Create system group "input" which was introduced in 215. (LP: #1414409) + * ifup@.service: Don't fail if the interface is not configured in + /etc/network/interfaces at all. (LP: #1414426) + + [ Michael Biebl ] + * Update Vcs-Browser URL to use cgit and https. + * Map $x-display-manager LSB facility to display-manager.service instead of + making it a target. Using a target had the downside that multiple display + managers could hook into it at the same time which could lead to several + failed start attempts for the non-default display manager. + + -- Martin Pitt Sun, 01 Feb 2015 20:48:49 +0100 + +systemd (218-6) experimental; urgency=medium + + [ Martin Pitt ] + * initramfs hook: Install 61-persistent-storage-android.rules if it exists. + * Generate POT file during package build, for translators. + * Pull latest keymaps from upstream git. + * Order ifup@.service and networking.service after network-pre.target. + (Closes: #766938) + * Tone down "Network interface NamePolicy= disabled on kernel commandline, + ignoring" info message to debug, as we expect this while we disable + net.ifnames by default. (Closes: #762101, LP: #1411992) + + [ Michael Biebl ] + * Ship bash-completion for udevadm. (Closes: #776166) + * Drop rc-local generator in favor of statically enabling rc-local.service, + and drop halt-local.service which is unnecessary on Debian. + (Closes: #776170) + * Drop the obsolete libsystemd-* libraries, there are no reverse + dependencies left. + + -- Martin Pitt Mon, 26 Jan 2015 15:45:45 +0100 + +systemd (218-5) experimental; urgency=medium + + * Drop logger.agent. It hasn't been called from any udev rule for a long + time, and looks obsolete. + * debian/rules: Configure with --disable-firstboot to replace some manual + file removals. + * debian/rules: Remove manual file installation, move them to + debian/*.install. Move all Debian specific installed files to + debian/extra/. + * Merge some changes from the Ubuntu package to reduce the delta; these only + apply when building on/for Ubuntu: + - Add 40-hyperv-hotadd.rules: Workaround for LP: #1233466. + - Add 61-persistent-storage-android.rules to create persistent symlinks + for partitions with PARTNAME. By Ricardo Salveti. + - Add 71-power-switch-proliant.rules for supporting the power switches of + ProLiant Server Cartridges. By Dann Frazier. + - Add 78-graphics-card.rules: Mark KMS capable graphics devices as + PRIMARY_DEVICE_FOR_DISPLAY so that we can wait for those in plymouth. + By Scott James Remnant. + - Don't install the Debian *.agent scripts. Instead, have Ubuntu's + 80-networking.rules directly pull in ifup@.service, which is much easier + and more efficient. + * Make EPERM/EACCESS when applying OOM adjustment for forked processes + non-fatal. This happens in user namespaces like unprivileged LXC + containers. + * Fix assertion failure due to /dev/urandom being unmounted when shutting + down unprivileged containers. Thanks Stéphane Graber. + * Enable EFI support. This mostly auto-mounts /sys/firmware/efi/efivars, but + also provides a generator for auto-detecting the root and the /boot/efi + partition if they aren't in /etc/fstab. (Closes: #773533) + + -- Martin Pitt Thu, 22 Jan 2015 16:13:46 +0100 + +systemd (218-4) experimental; urgency=medium + + [ Michael Biebl ] + * sysv-generator: handle Provides: for non-virtual facility names. + (Closes: #774335) + * Fix systemd-remount-fs.service to not fail on remounting /usr if /usr + isn't mounted yet. This happens with initramfs-tools < 0.118 which we + might not get into Jessie any more. (Closes: #742048) + + [ Martin Pitt ] + * fstab-generator: Handle mountall's non-standard "nobootwait" and + "optional" options. ("bootwait" is already the systemd default behaviour, + and "showthrough" is irrelevant here, so both can be ignored). + * Add autopkgtest for one-time boot with upstart when systemd-sysv is + installed. This test only works under Ubuntu which has a split out + upstart-bin package, and will be skipped under Debian. + * debian/ifup@.service: Check if ifup succeeds by calling ifquery, to + work around ifup not failing on invalid interfaces (see #773539) + * debian/ifup@.service: Set proper service type (oneshot). + * sysv-generator: Handle .sh suffixes when translating Provides:. + (Closes: #775889) + * sysv-generator: Make real units overwrite symlinks generated by Provides: + from other units. Fixes failures due to presence of backup or old init.d + scripts. (Closes: #775404) + * Fix journal forwarding to syslog in containers without CAP_SYS_ADMIN. + (Closes: #775067) + * Re-enable AppArmor support, now that libapparmor1 moved to /lib. Add + versioned dependency as long as this is still only in experimental. + (Closes: #775331) + * Add some missing dpkg and ucf temp files to the "hidden file" filter, to + e. g. avoid creating units for them through the sysv-generator. + (Closes: #775903) + * Silence useless warning about /etc/localtime not being a symlink. This is + deliberate in Debian with /usr (possibly) being on a separate partition. + (LP: #1409594) + + [ Christian Kastner ] + * Use common-session-noninteractive in systemd-user's PAM config, instead of + common-session. The latter can include PAM modules like libpam-mount which + expect to be called just once and/or interactively, which already happens + for login, ssh, or the display-manager. Add pam_systemd.so explicitly, as + it's not included in -noninteractive, but is always required (and + idempotent). There is no net change on systemd which don't use manually + installed PAM modules. (Closes: #739676) + + [ Michael Biebl ] + * Make sure we run debian-fixup.service after /var has been mounted if /var + is on a separate partition. Otherwise we might end up creating the + /var/lock and /var/run symlink in the underlying root filesystem. + (Closes: #768644) + + -- Martin Pitt Wed, 21 Jan 2015 15:57:50 +0100 + +systemd (218-3) experimental; urgency=medium + + * build-logind autopkgtest: Re-enforce that sd_login_monitor_new() succeeds, + and restrict this test to isolation-container. (Reproduces LP #1400203) + * Bring back patch to make sd_login_monitor_new() work under other init + systems where /sys/fs/cgroup/systemd/machine does not exist. + (LP: #1400203) + * build-login autopkgtest: Build against libsystemd, not libsystemd-login + any more. + * Add debian/extra/systemd-vconsole-setup.service dependency shim for + the console-setup init script, to avoid breaking dependencies of + third-party packages. Install it for Ubuntu only for now, as in Debian + plymouth's unit got adjusted. (LP: #1392970, Debian #755194) + * Mark systemd{,-sysv} as M-A: foreign (thanks lintian). + * Quiesce maintainer-script-calls-systemctl lintian warning. + * Quiesce possibly-insecure-handling-of-tmp-files lintian warning, it's + wrong there (we are handling tmpfiles.d/ files which are not in a temp + dir). + * Use dh_installinit's --noscript instead of --no-start for the upstart + jobs without sysvinit scripts (thanks lintian). + * Put systemd.pc into arch specific pkgconfig dir, as it contains the arch + specific libdir value. + * Don't enable audit by default. It causes flooding of dmesg and syslog, + suppressing actually important messages. (Closes: #773528) + * Cherrypick various bug fixes in loopback device setup and netlink socket + communication. Fixes massive CPU usage due to tight retry loops in user + LXC containers. + + -- Martin Pitt Mon, 29 Dec 2014 14:55:35 +0100 + +systemd (218-2) experimental; urgency=medium + + * boot-and-services AppArmor autopkgtest: Stop checking the dmesg log; it is + racy as sometimes message bursts are suppressed. + * Fix crash in timedatectl with Etc/UTC. + * Prefer-etc-X11-default-display-manager-if-present.patch: Drop wrong + copy&paste'd comment, fix log strings. Thanks Adam D. Barratt. + * boot-and-services: Robustify Nspawn tests, and show systemd-nspawn output + on failure. + * Disable tests which fail on buildds, presumably due to too old kernels, + misconfigured /etc/hosts, and similar problems. Make failures of the test + suite fatal now. + + -- Martin Pitt Tue, 16 Dec 2014 08:24:38 +0100 + +systemd (218-1) experimental; urgency=medium + + * New upstream release. Drop all cherry-picked patches and port the Debian + specific ones. + - Create /etc/machine-id on boot if missing. (LP: #1387090) + * Add new libmount-dev build dependency. + * Configure with --enable-split-usr. + * Merge some permanent Ubuntu changes, using dpkg-vendor: + - Don't symlink udev doc directories. + - Add epoch to gudev packages; Ubuntu packaged the standalone gudev before + it got merged into udev. + - Add Apport hooks for udev and systemd. + * udev-fallback-graphics upstart job: Guard the modprobe with || true to + avoid a failure when vesafb is compiled in. (LP: #1367241) + + -- Martin Pitt Sun, 14 Dec 2014 13:58:39 +0100 + +systemd (217-4) experimental; urgency=medium + + [ Martin Pitt ] + * Reinstate a debian/extra/rules/50-firmware.rules which immediately tells + the kernel that userspace firmware loading failed. Otherwise it tries for a + minute to call the userspace helper (if CONFIG_FW_LOADER_USER_HELPER is + enabled) in vain, which causes long delays with devices which have a range + of possible firmware versions. (LP: #1398458) + * debian/systemd.postinst: Don't always restart journald, as this currently + can't be done without losing the current journal and breaking attached + processes. So only restart it from upgrades < 215-3 (where the socket + location got moved) as an one-time upgrade path from wheezy. + (Closes: #771122) + * Revert "Modify insserv generator to mask sysvinit-only display managers". + This is still under dispute, a bit risky, and might get a different + implementation. Also, nodm really needs to be fixed properly, working + around it is both too risky and also too hard to get right. + + [ Didier Roche ] + * Add display managers autopkgtests. + * Reset display-manager symlink to match /e/X/d-d-m even if + display-manager.service was removed. Adapt the autopkgtests for it. + (LP: #1400680) + + -- Martin Pitt Thu, 11 Dec 2014 18:06:54 +0200 + +systemd (217-3) experimental; urgency=medium + + [ Martin Pitt ] + * systemd.bug-script: Really capture stderr of systemd-delta. + (Closes: #771498) + * boot-and-services autopkgtest: Give test apparmor job some time to + actually finish. + + [ Didier Roche ] + * updated debian/patches/insserv.conf-generator.patch: + - if /etc/X11/default-display-manager doesn't match a systemd unit + (or doesn't exist), be less agressive about what to mask: we let + all sysvinit-only display-manager units enabled to fallback to previous + behavior and let them starting. (Closes: #771739) + + -- Martin Pitt Tue, 02 Dec 2014 16:53:36 +0100 + +systemd (217-2) experimental; urgency=medium + + * Re-enable journal forwarding to syslog, until Debian's sysloggers + can/do all read from the journal directly. + * Fix hostnamectl exit code on success. + * Fix "diff failed with error code 1" spew with systemd-delta. + (Closes: #771397) + * Re-enable systemd-resolved. This wasn't meant to break the entire + networkd, just disable the new NSS module. Remove that one manually + instead. (Closes: #771423, LP: #1397361) + * Import v217-stable patches (up to commit bfb4c47 from 2014-11-07). + * Disable AppArmor again. This first requires moving libapparmor to /lib + (see #771667). (Closes: #771652) + * systemd.bug-script: Capture stderr of systemd-{delta,analyze}. + (Closes: #771498) + + -- Martin Pitt Mon, 01 Dec 2014 15:09:09 +0100 + +systemd (217-1) experimental; urgency=medium + + [ Martin Pitt ] + * New upstream release. Drop all cherry-picked patches and port the Debian + specific ones. + * Disable systemd-resolved for now. It still needs to mature, and + integration into Debian should be discussed first. + * Bump util-linux dependency to >= 2.25 as per NEWS. + * Drop installation of 50-firmware.rules, not shipped upstream any more. + Firmware loading is now exclusively done by the kernel. + * Drop installation of readahead related services and code, readahead got + dropped in this version. + * Ship new networkctl CLI tool. + * debian/libsystemd0.symbols: Add new symbols from this release. + * debian/rules: Call dpkg-gensymbols with -c4 to immediately spot + changed/missing symbols during build. + * boot-and-services autopkgtest: Test AppArmor confined units (LP #1396270) + * Create new "systemd-journal-remote" system group, for + systemd-tmpfiles-setup.service. + + [ Marc Deslauriers ] + * Build-depend on libapparmor-dev to enable AppArmor support. (LP: #1396270) + + [ Didier Roche ] + * Handle display-manager transitions: (Closes: #748668) + - Add a generator to ensure /etc/X11/default-display-manager is controlling + which display-manager is started. + - Modify insserv generator to mask of sysvinit-only dms with insserv + $x-display-manager tag if they don't match + /etc/X11/default-display-manager. This avoids starting multiple dms at + boot. + * Cherry-pick Shared-add-readlink_value.patch as using that function in the + generator. + + -- Martin Pitt Fri, 28 Nov 2014 10:53:58 +0100 + +systemd (215-18) unstable; urgency=medium + + [ Michael Biebl ] + * manager: Pass correct errno to strerror(), have_ask_password contains + negative error values which have to be negated when being passed to + strerror(). + + [ Martin Pitt ] + * Revert upstream commit 743970d which immediately SIGKILLs units during + shutdown. This leads to problems like bash not being able to write its + history, mosh not saving its state, and similar failed cleanup actions. + (Closes: #784720, LP: #1448259) + * write_net_rules: Escape '{' and '}' characters as well, to make this work + with busybox grep. Thanks Faidon Liambotis! (Closes: #765577) + + -- Martin Pitt Thu, 21 May 2015 15:49:30 +0200 + +systemd (215-17) unstable; urgency=high + + * cryptsetup: Implement offset and skip options. (Closes: #751707, + LP: #953875) + + -- Martin Pitt Thu, 16 Apr 2015 10:26:46 -0500 + +systemd (215-16) unstable; urgency=medium + + [ Christian Seiler ] + * Don't run hwclock-save.service in containers. (Closes: #782377) + + [ Michael Biebl ] + * Do not print anything while passwords are being queried. This should make + password prompts without plymouth more usable. (Closes: #765013) + * Skip filesystem check if already done by the initramfs. (Closes: #782522) + + -- Michael Biebl Mon, 13 Apr 2015 19:42:32 +0200 + +systemd (215-15) unstable; urgency=medium + + [ Adam Conrad ] + * debian/systemd.{triggers,postinst}: Trigger a systemctl daemon-reload + when init scripts are installed or removed (Closes: #766429) + + [ Martin Pitt ] + * Fix getty restart loop when PTS device is gone. (Closes: #780711) + * Run timesyncd in virtual machines. (Closes: #762343) + * Make logind work in environments without CAP_SYS_ADMIN (mostly + containers). Thanks Christian Seiler for the backporting! + (Closes: #778608) + * Check for correct signatures when setting properties. Fixes systemd + getting stuck on trying to set invalid property types. (Closes: #781602) + + -- Martin Pitt Thu, 09 Apr 2015 10:12:37 +0200 + +systemd (215-14) unstable; urgency=medium + + [ Michael Biebl ] + * Map $x-display-manager LSB facility to display-manager.service instead of + making it a target. Using a target had the downside that multiple display + managers could hook into it at the same time which could lead to several + failed start attempts for the non-default display manager. + * Update insserv-generator and map $x-display-manager to + display-manager.service, following the recent change in sysv-generator. + This avoids creating references to a no longer existing + x-display-manager.target unit. + * Cherry-pick upstream fix to increase the SendBuffer of /dev/log to 8M. + + [ Martin Pitt ] + * scope: Make attachment of initial PIDs more robust. Fixes crash with + processes that get started by an init.d script with a different (aliased) + name when the cgroup becomes empty. (Closes: #781210) + * boot-and-services, display-managers autopkgtests: Add missing python3 test + dependency. + * Don't attempt to mount the same swap partition twice through different + device node aliases. (Closes: #772182, LP: #1399595) + + [ Christian Seiler ] + * Make the journald to syslog forwarding more robust by increasing the + maximum datagram queue length from 10 to 512. (Closes: #762700) + + [ Marco d'Itri ] + * Avoid writing duplicate entries in 70-persistent-net.rules by double + checking if the new udev rule has already been written for the given + interface. This happens if multiple add events are generated before the + write_net_rules script returns and udevd renames the interface. + (Closes: #765577) + + -- Michael Biebl Mon, 30 Mar 2015 13:26:52 +0200 + +systemd (215-13) unstable; urgency=medium + + [ Martin Pitt ] + * Add hwclock-save.service to sync the system clock to the hardware clock on + shutdown, to provide monotonic time for reboots. (Note: this is a hack for + jessie; the next Debian release will enable timesyncd by default). + (Closes: #755722) + * Check for correct architecture identifiers for SuperH. (Closes: #779710) + * networkd: Fix stopping v4 dhcpclient when the carrier is lost. Thanks + Christos Trochalakis! (Closes: #779571) + * Fix segfault with units that depend on themselves. (Closes: #780675) + * tmpfiles-setup-dev: Call tmpfiles with --boot to allow unsafe device + creation. Fixes creation of static device nodes with kmod 20. + (Closes: #780263) + + [ Christian Seiler ] + * core: Don't migrate PIDs for units that may contain subcgroups. + This stops messing up lxc/libvirt/other custom cgroup layouts after + daemon-reload. (Closes: #777164) + * sysv-generator: add support for /etc/insserv/overrides. (Closes: #759001) + + [ Michael Biebl ] + * debian/udev.init: Recognize '!' flag with static device lists, to work + with kmod 20. (Closes: #780263) + + [ Didier Roche ] + * Ensure PrivateTmp doesn't require tmpfs through tmp.mount, but rather adds + an After relationship. (Closes: #779902) + + -- Martin Pitt Thu, 26 Mar 2015 14:23:35 +0100 + +systemd (215-12) unstable; urgency=medium + + [ Martin Pitt ] + * debian/udev.README.Debian: Trim the parts which are obsolete, wrong, or + described in manpages. Only keep the Debian specific bits. + (Part of #776546) + * Actually install udev's README.Debian when building for Debian. + (Closes: #776546) + * Only start logind if dbus is installed. This fixes the noisy startup + failure in environments without dbus such as LXC containers or servers. + (part of #772700) + * Add getty-static.service unit which starts getty@.service on tty 2 to 6 if + dbus is not installed, and hence logind cannot auto-start them on demand. + (Closes: #772700) + * Add unit-config autopkgtest to check systemd unit/sysv init enabling and + disabling via systemctl. This avoids bugs like #777613 (did not affect + unstable). + * cgroup: Don't trim cgroup trees created by someone else, just the ones + that systemd itself created. This avoids cleaning up empty cgroups from + e.g. LXC. (Closes: #777601) + * boot-and-services autopkgtest: Add CgroupsTest to check cgroup + creation/cleanup behaviour. This reproduces #777601 and verifies the fix + for it. + * rules: Fix by-path of mmc RPMB partitions and don't blkid them. Avoids + kernel buffer I/O errors and timeouts. (LP: #1333140) + * Document systemctl --failed option. (Closes: #767267) + + [ Michael Biebl ] + * core: Don't fail to run services in --user instances if $HOME is missing. + (Closes: #759320) + + [ Didier Roche ] + * default-display-manager-generator: Avoid unnecessary /dev/null symlink and + warning if there is no display-manager.service unit. + + -- Martin Pitt Fri, 13 Feb 2015 12:08:31 +0100 + +systemd (215-11) unstable; urgency=medium + + [ Martin Pitt ] + * escape-beef-up-new-systemd-escape-tool.patch: Avoid creating a dangling + symlink, to work around regression in recent patch (see #776257). + * Order ifup@.service and networking.service after network-pre.target. + (Closes: #766938) + * Tone down "Network interface NamePolicy= disabled on kernel commandline, + ignoring" info message to debug, as we expect this while we disable + net.ifnames by default. (Closes: #762101, LP: #1411992) + * logind: handle closing sessions over daemon restarts. (Closes: #759515, + LP: #1415104) + * logind: Fix sd_eviocrevoke ioctl call, to make forced input device release + after log out actually work. + * debian/patches/series: Move upstreamed patches into the appropriate + section. + + [ Michael Biebl ] + * Make sure we run debian-fixup.service after /var has been mounted if /var + is on a separate partition. Otherwise we might end up creating the + /var/lock and /var/run symlink in the underlying root filesystem. + (Closes: #768644) + + -- Martin Pitt Thu, 29 Jan 2015 09:01:54 +0100 + +systemd (215-10) unstable; urgency=medium + + [ Martin Pitt ] + * sysv-generator: Handle .sh suffixes when translating Provides:. + (Closes: #775889) + * sysv-generator: Make real units overwrite symlinks generated by Provides: + from other units. Fixes failures due to presence of backup or old init.d + scripts. (Closes: #775404) + * Fix journal forwarding to syslog in containers without CAP_SYS_ADMIN. + (Closes: #775067) + + [ Christian Kastner ] + * Use common-session-noninteractive in systemd-user's PAM config, instead of + common-session. The latter can include PAM modules like libpam-mount which + expect to be called just once and/or interactively, which already happens + for login, ssh, or the display-manager. Add pam_systemd.so explicitly, as + it's not included in -noninteractive, but is always required (and + idempotent). There is no net change on systemd which don't use manually + installed PAM modules. (Closes: #739676) + + -- Martin Pitt Wed, 21 Jan 2015 13:18:05 +0100 + +systemd (215-9) unstable; urgency=medium + + [ Didier Roche ] + * Add display managers autopkgtests. + * Reset display-manager symlink to match /e/X/d-d-m even if + display-manager.service was removed. Adapt the autopkgtests for it. + + [ Martin Pitt ] + * Prefer-etc-X11-default-display-manager-if-present.patch: Drop wrong + copy&paste'd comment, fix log strings. Thanks Adam D. Barratt. + * Log all members of cyclic dependencies (loops) even with quiet on the + kernel cmdline. (Closes: #770504) + * Don't auto-clean PrivateTmp dir in /var/tmp; in Debian we don't want to + clean /var/tmp/ automatically. (Closes: #773313) + + [ Michael Biebl ] + * sysv-generator: handle Provides: for non-virtual facility names. + (Closes: #774335) + * Fix systemd-remount-fs.service to not fail on remounting /usr if /usr + isn't mounted yet. This happens with initramfs-tools < 0.118 which we + might not get into Jessie any more. (Closes: #742048) + + -- Martin Pitt Tue, 13 Jan 2015 11:24:43 +0100 + +systemd (215-8) unstable; urgency=medium + + [ Didier Roche ] + * Cherry-pick shared-add-readlink_value.patch, we will use that function in + the generator. + * Cherry-pick util-allow-strappenda-to-take-any-number-of-args.patch, we + will use that function in the generator. + * Handle multiple display managers which don't ship a systemd unit or the + corresponding postinst logic for updating display-manager.service: Add a + generator to ensure /etc/X11/default-display-manager is controlling which + display-manager is started. (Closes: #771287) + + [ Sjoerd Simons ] + * d/p/core-Fix-bind-error-message.patch: + + Added. Fix error message on bind failure to print the full path + * d/p/core-Make-binding-notify-private-dbus-socket-more-ro.patch: + + Added. Be more robust when binding private unix sockets (Based on current + upstream logic) (Closes: #761306) + + [ Martin Pitt ] + * Clean up ...journal~ files from unclean shutdowns. (Closes: #771707) + * debian/systemd.postinst: Don't always restart journald, as this currently + can't be done without losing the current journal and breaking attached + processes. So only restart it from upgrades < 215-3 (where the socket + location got moved) as an one-time upgrade path from wheezy. + (Closes: #771122) + * journalctl: Fix help text for --until. (Closes: #766598) + * Bump systemd's udev dependency to >= 208-8, so that on partial upgrades we + make sure that the udev package has appropriate Breaks:. In particular, + this avoids installing current udev with kmod << 14. (Closes: #771726) + + [ Michael Biebl ] + * systemd.postinst: Move unit enablement after restarting systemd, so that + we don't fail to enable units with keywords that wheezy's systemd does not + understand yet. Fixes enabling getty units on wheezy upgrades with + systemd. (Closes: #771204) + + -- Martin Pitt Fri, 05 Dec 2014 10:01:24 +0100 + +systemd (215-7) unstable; urgency=medium + + [ Martin Pitt ] + * Add myself to Uploaders. + * Add boot-and-services autopkgtest: Check booting with systemd-sysv and + that the most crucial services behave as expected. + * logind autopkgtest: Fix stderr output in waiting loop for scsi_debug. + * Add nspawn test to boot-and-services autopkgtest. + * Make systemd-nspawn@.service work out of the box: (Closes: #770275) + - Pre-create /var/lib/container with a secure mode (0700) via tmpfiles.d. + - Add new try-{guest,host} modes for --link-journal to silently skip + setting up the guest journal if the host has no persistent journal. + - Extend boot-and-services autopkgtest to cover systemd-nspawn@.service. + * Cherry-pick upstream patch to fix SELinux unit access check (regression + in 215). + * sysv-generator: Avoid wrong dependencies for failing units. Thanks to + Michael Biebl for the patch! (Closes: #771118) + * Cherry-pick patches to recognize and respect the "discard" mount option + for swap devices. Thanks to Aurelien Jarno for finding and testing! + (Closes: #769734) + + [ Jon Severinsson] + * Add /run/shm -> /dev/shm symlink in debian/tmpfiles.d/debian.conf. This + avoids breakage in Jessie for packages which still refer to /run/shm, and + while https://wiki.debian.org/ReleaseGoals/RunDirectory is still official. + (LP: #1320534, Closes: #674755). + + -- Martin Pitt Fri, 28 Nov 2014 06:43:15 +0100 + +systemd (215-6) unstable; urgency=medium + + [ Martin Pitt ] + * Cherry-pick upstream patch to fix udev crash in link_config_get(). + * Cherry-pick upstream patch to fix tests in limited schroot environments. + * Add d/p/Add-env-variable-for-machine-ID-path.patch: Allow specifying an + alternate /etc/machine-id location. This is necessary for running tests + as long as it isn't in our base images (see Debian #745876) + * Run tests during package build. For the first round don't make them fatal + for now (that will happen once we see results from all the architectures). + * Drop our Check-for-kmod-binary.patch as the upstream patch + units-conditionalize-static-device-node-logic-on-CAP.patch supersedes it. + * Drop Use-comment-systemd.-syntax-in-systemd.mount-man-pag.patch, as + our util-linux is now recent enough. Bump dependency to >= 2.21. + * Adjust timedated and hostnamed autopkgtests to current upstream version. + * Replace our Debian hwdb.bin location patch with what got committed + upstream. Run hwdb update with the new --usr option to keep current + behaviour. + * debian/README.Debian: Document how to debug boot or shutdown problems with + the debug shell. (Closes: #766039) + * Skip-99-systemd.rules-when-not-running-systemd-as-in.patch: Call path_id + under all init systems, to get consistent ID_PATH attributes. This is + required so that tools like systemd-rfkill can be used with SysVinit or + upstart scripts, too. (LP: #1387282) + * Switch libpam-systemd dependencies to prefer systemd-shim over + systemd-sysv, to implement the CTTE decision #746578. This is a no-op on + systems which already have systemd-sysv installed, but will prevent + installing that on upgrades. (Closes: #769747) + * Remove Tollef from Uploaders: as per his request. Thanks Tollef for all + you work! + * net.agent: Properly close stdout/err FDs, to avoid long hangs during udev + settle. Thanks to Ben Hutchings! (Closes: #754987) + * Bump Standards-Version to 3.9.6 (no changes necessary). + + [ Didier Roche ] + * debian/ifup@.service: add a ConditionPath on /run/network, to avoid + failing the unit if /etc/init.d/networking is disabled. (Closes: #769528) + + -- Martin Pitt Tue, 18 Nov 2014 12:37:22 +0100 + +systemd (215-5) unstable; urgency=medium + + [ Martin Pitt ] + * Unblacklist hyperv_fb again, it is needed for graphical support on Hyper-V + platforms. Thanks Andy Whitcroft! (LP: #1359933) + * Bump systemd-shim Depends/Breaks to 8-2 to ensure a lockstep upgrade. + (Closes: #761947) + + [ Sjoerd Simons ] + * d/p/sd-bus-Accept-no-sender-as-the-destination-field.patch + + Fix compatibility between systemctl v215 and v208. Resolves issue when + reloads of services is requested before systemd is re-execed + (Closes: #762146) + + [ Michael Biebl ] + * Don't overmount existing /run/user/ directories with a per-user tmpfs + on upgrades. (Closes: #762041) + * Re-enable mount propagation for udevd. This avoids that broken software + like laptop-mode-tools, which runs mount from within udev rules, causes + the root file system to end up read-only. (Closes: #762018) + + -- Michael Biebl Sat, 27 Sep 2014 17:49:47 +0200 + +systemd (215-4) unstable; urgency=medium + + * Upload to unstable. + + -- Michael Biebl Mon, 15 Sep 2014 17:38:30 +0200 + +systemd (215-3) experimental; urgency=medium + + [ Ben Howard ] + * 75-persistent-net-generator.rules: Fix matches of HyperV. (LP: #1361272) + + [ Martin Pitt ] + * 75-persistent-net-generator.rules: Add new MS Azure MAC prefix 00:25:ae. + (LP: #1367883) + + [ Michael Biebl ] + * Update upstream v215-stable patch series. + * The /dev/log socket and /dev/initctl FIFO have been moved to /run and + replaced by symlinks. Create the symlinks manually on upgrades as well. + (Closes: #761340) + * Fix incorrect paths in man pages. (LP: #1357782, Closes: #717491) + * Make systemd recommend dbus so it is installed on upgrades. The dbus + system bus is required to run systemd-logind and the autovt feature relies + on logind. (Closes: #758111) + * Bump dependency on systemd-shim to (>= 7-2) to ensure we have a version + which supports systemd >= 209. + * Rework bug-script to be more upfront about what kind of data is gathered + and ask the user for permission before attaching the information to the + bug report. (Closes: #756248) + + [ Sjoerd Simons ] + * d/p/buildsys-Don-t-default-to-gold-as-the-linker.patch + + Don't explicitly pick gold as the default linker. Fixes FTBFS on sparc + (Closes: #760879) + + -- Sjoerd Simons Sun, 14 Sep 2014 20:14:49 +0200 + +systemd (215-2) experimental; urgency=medium + + * debian/patches/always-check-for-__BYTE_ORDER-__BIG_ENDIAN-when-chec.patch + + Added. Fix checking of system endianness. Fixes FTBFS on powerpc + * debian/patches/timesyncd-when-we-don-t-know-anything-about-the-netw.patch: + + Let timesyncd go online even if networkd isn't running (from upstream + git) (Closes: #760087) + * debian/rules: add systemd-update-utmp-runlevel.service to + {poweroff, rescue, multi-user, graphical, reboot}.target.wants to trigger + the runlevel target to be loaded + + -- Sjoerd Simons Sun, 07 Sep 2014 23:46:02 +0200 + +systemd (215-1) experimental; urgency=medium + + * New upstream release. + * Import upstream v215-stable patch series. + * Rebase remaining Debian patches on top of v215-stable. + * Drop our Debian-specific run-user.mount unit as upstream now creates a + per-user tmpfs via logind. + * Don't rely on new mount from experimental for now and re-add the patch + which updates the documentation accordingly. + * Cherry-pick upstream fix to use correct versions for the new symbols that + were introduced in libudev. + * Update symbols files + - Add two new symbols for libudev1. + - Remove private symbol from libgudev-1.0-0. This symbol was never part of + the public API and not used anywhere so we don't need a soname bump. + * Cherry-pick upstream commit to not install busname units if kdbus support + is disabled. + * Make /run/lock tmpfs an API fs so it is available during early boot. + (Closes: #751392) + * Install new systemd-path and systemd-escape binaries. + * Cherry-pick upstream commit which fixes the references to the systemctl + man page. (Closes: #760613) + * Use the new systemd-escape utility to properly escape the network + interface name when starting an ifup@.service instance for hotplugged + network interfaces. Make sure a recent enough systemd version is installed + by bumping the versioned Breaks accordingly. (Closes: #747044) + * Order ifup@.service after networking.service so we don't need to setup the + runtime directory ourselves and we have a defined point during boot when + hotplugged network interfaces are started. + * Disable factory-reset feature and remove files associated with it. This + feature needs more integration work first before it can be enabled in + Debian. + * Cherry-pick upstream commit to fix ProtectSystem=full and make the + ProtectSystem= option consider /bin, /sbin, /lib and /lib64 (if it exists) + on Debian systems. (Closes: #759689) + * Use adduser in quiet mode when creating the system users/groups to avoid + warning messages about the missing home directories. Those are created + dynamically during runtime. (Closes: #759175) + * Set the gecos field when creating the system users. + * Add systemd-bus-proxy system user so systemd-bus-proxyd can properly drop + its privileges. + * Re-exec systemd and restart services at the end of postinst. + * Cherry-pick upstream commit for sd-journal to properly convert + object->size on big endian which fixes a crash in journalctl --list-boots. + (Closes: #758392) + + -- Michael Biebl Sun, 07 Sep 2014 09:58:48 +0200 + +systemd (214-1) experimental; urgency=medium + + * New upstream release v214. + (Closes: #750793, #749268, #747939) + + [ Jon Severinsson ] + * Import upstream v214-stable patch series. + - Rebase remaining Debian patches on top of v214-stable. + - Drop modifications to the now-removed built-in sysvinit support. + * Install the new combined libsystemd0 library, this library combines all + functionality of the various libsystemd-* libraries. + - Deprecate the old libsystemd-* libraries as they've been bundled into + libsystemd0. The old -dev files now just carry a transitional .pc file. + - Add new symbols file for libsystemd0. + * Update symbols file for libgudev-1.0-0. + * Remove pre-generated rules and unit files in debian/rules clean target. + * Add new systemd service users in systemd postinst (systemd-timesync, + systemd-network, systemd-resolve) + * Add new system group "input" used by udev rules in udev postinst. + * Try-restart networkd, resolved, and timesyncd after an upgrade. + * Do not force-enable default-on services on every upgrade. + * Add support for rcS.d init scripts to the sysv-generator. + - Do not order rcS.d services after local-fs.target if they do not + explicitly depend on $local_fs. + - Map rcS.d init script dependencies to their systemd equivalent. + - Special-case some dependencies for sysv init scripts for better + backwards compatibility. (Closes: #726027, #738965). + * Add systemd depends on new mount. (Closes: #754411) + * Update /run/initctl symlink target in debian/tmpfiles.d/debian.conf. + * Remove stored backlog state, rfkill state, random-seed and clock + information from /var/lib/systemd on systemd purge. + + [ Sjoerd Simons ] + * debian/patches/shared-include-stdbool.h-in-mkdir.h.patch + + Added. Include stdbool before using bool in function prototypes. Fixes + build of the insserv generator + * Add python-lxml to build-depends for python-systemd + * Turn on parallel build support + * Install the new busctl binary and translations + * Explicitly disable microhttp so the package build doesn't fail if the + required dependencies for it happen to be installed. + * debian/control: Make udev break plymouth (<< 0.9.0-7) as older plymouths + assume udev implementation details that have changed slightly since v213 + * debian/control: Remove b-d on librwap0-dev + * debian/control: Bump libkmod-dev b-d to >= 15 + * debian/rules: Drop outdated --enable-tcpwrap + * debian/rules: Explicitly turn off rfkill, networkd, timesyncd and resolved + for the udeb build + * debian/rules: Use the debian ntp pool as default ntp servers + * debian/rules: explicitely configure the maximum system uid/gids instead of + relying on autodetection + + -- Sjoerd Simons Sun, 24 Aug 2014 14:54:27 +0200 + +systemd (208-8) unstable; urgency=medium + + [ Martin Pitt ] + * Fix duplicate line in copyright. (Closes: #756899) + * Drop --disable-xattr configure option for udeb, does not exist any more. + * Add Turkish debconf translations. Thanks Mert Dirik! (Closes: #757498) + * Backport fix for lazy session-activation on non-seat0 seats. + (LP: #1355331) + + [ Michael Biebl ] + * Use "kmod static-nodes --output=/proc/self/fd/1" in make_static_nodes() as + we can't rely on /dev/stdout to exist at this point during boot. + (Closes: #757830) + * Fix udev SysV init script and d-i start script to not write to + /sys/kernel/uevent_helper unconditionally to not fail on a kernel with + CONFIG_UEVENT_HELPER unset. (Closes: #756312) + * Add Breaks: kmod (<< 14) to udev to make sure we have a kmod version + supporting the static-nodes command. + * Add Breaks: systemd (<< 208) to udev to avoid partial upgrades. Newer udev + versions rely on kmod-static-nodes.service being provided by systemd. + (Closes: #757777) + * Updated upstream v208-stable patch series to 53b1b6c. + * Cherry-pick upstream fix to ignore temporary dpkg files. (Closes: #757302) + * Make emergency.service conflict with rescue.service. + Otherwise if rescue mode is selected during boot and the emergency mode + is triggered (e.g. via a broken fstab entry), we have two sulogin + processes fighting over the tty. (Closes: #757072) + * Stop syslog.socket when entering emergency mode as otherwise every log + message triggers the start of the syslog service and its dependencies + which conflicts with emergency.target. (Closes: #755581) + + -- Michael Biebl Thu, 21 Aug 2014 00:14:21 +0200 + +systemd (208-7) unstable; urgency=medium + + [ Michael Biebl ] + * Mask remaining services provided by the initscripts package and document + in more detail why certain services have been masked. (Closes: #659264) + * Install zsh completions to the correct place. (Closes: #717540) + + [ Jon Severinsson ] + * Cherry-pick upstream fix for journal file permissions. (Closes: #755062) + * Map some rcS.d init script dependencies to their systemd equivalent. + * Update Depends on initscripts to the version with a systemd-compatible + mountnfs ifup hook. (Closes: #746358) + * Add Breaks on lvm2 versions without native systemd support. + (Closes: #678438, #692120) + * Do not fail udev upgrades if the udev service is already runtime-masked + when the preinst script is run. (Closes: #755746) + * Add Pre-Depends on systemd to systemd-sysv, to avoid risking that the + sysv-compatible symlinks become dangling on a partial install. + * Ensure that systemctl is usable right after being unpacked, by adding the + required Pre-Depends to systemd and libsystemd-daemon0. (Closes: #753589) + * Add support for TuxOnIce hibernation. (Closes: #746463) + + [ Martin Pitt ] + * Rename "api" autopkgtest to "build-login", and stop requiring that + sd_login_monitor_new() succeeds. It doesn't in many environments like + schroot or after upgrades from < 204, and the main point of the test is + to check that libsystemd-login-dev has correct contents and dependencies. + Drop "isolation-machine" requirement. + * Use glibc's xattr support instead of requiring libattr. Fixes FTBFS with + latest glibc and libattr. Cherrypicked from trunk. Drop libattr1-dev build + dependency. (Closes: #756097) + * Build python3-systemd for Python 3 bindings. Drop python-systemd; it does + not have any reverse dependencies, and we want to encourage moving to + Python 3. (LP: #1258089) + * Add simple autopkgtest for python3-systemd. + * Add dbus dependency to libpam-systemd. (Closes: #755968) + * Fix /dev/cdrom symlink to appear for all types of drives, not just for + pure CD-ROM ones. Also, fix the symlinks to stay after change events. + (LP: #1323777) + * 75-persistent-net-generator.rules: Adjust Ravello interfaces; they don't + violate the assignment schema, they should just not be persistent. + Thanks to Boris Figovsky. (Closes: #747475, LP: #1317776) + * Reinstate patches to make logind D-BUS activatable. + * Re-add systemd-shim alternative dependency to libpam-systemd. Version it + to ensure cgmanager support. (Closes: #754984, LP: #1343802) + * Convert udev-finish.upstart from a task to a job, to avoid hangs with + startpar. (Closes: #756631) + * Add debian/extra/60-keyboard.hwdb: Latest keymaps from upstream git. + This makes it trivial to backport keymap fixes to stable releases. + (Closes: #657809; LP: #1322770, #1339998) + * udev.init: Create static device nodes, as this moved out of udevd. + Thanks to Michael Biebl for the script! (Closes: #749021) + + -- Martin Pitt Wed, 06 Aug 2014 13:33:22 +0200 + +systemd (208-6) unstable; urgency=medium + + [ Jon Severinsson ] + * Add v208-stable patch series. + - Update Debian patches to apply on top of v208-stable. + - Move new manpages to libsystemd-*-dev as appropriate. + + [ Michael Biebl ] + * Upload to unstable. + + -- Michael Biebl Wed, 16 Jul 2014 00:44:15 +0200 + +systemd (208-5) experimental; urgency=medium + + * Merge changes from unstable branch. + + -- Michael Biebl Sat, 28 Jun 2014 13:41:32 +0200 + +systemd (208-4) experimental; urgency=medium + + * Merge changes from unstable branch. + * Drop alternative dependency on systemd-shim in libpam-systemd. The + systemd-shim package no longer provides an environment to run + systemd-logind standalone. See #752939 for further details. + + -- Michael Biebl Sat, 28 Jun 2014 01:22:11 +0200 + +systemd (208-3) experimental; urgency=medium + + * Merge changes from unstable branch. + + -- Michael Biebl Wed, 25 Jun 2014 11:29:07 +0200 + +systemd (208-2) experimental; urgency=medium + + [ Sjoerd Simons ] + * Don't stop a running user manager from garbage collecting the users. Fixes + long shutdown times when using a systemd user session + + [ Michael Stapelberg ] + * Fix bug-script: “systemctl dump” is now “systemd-analyze dump” + (Closes: #748311) + + [ Michael Biebl ] + * Merge changes from unstable branch. + * Cherry-pick upstream fixes to make sd_session_get_vt() actually work. + + -- Michael Biebl Tue, 24 Jun 2014 17:45:26 +0200 + +systemd (208-1) experimental; urgency=medium + + [ Michael Biebl ] + * New upstream release. (Closes: #729566) + * Update patches. + * Update symbols files for libsystemd-journal and libsystemd-login. + * Install new files and remove the ones we don't use. + * Install zsh completion files. (Closes: #717540) + * Create a compat symlink /etc/sysctl.d/99-sysctl.conf as systemd-sysctl no + longer reads /etc/sysctl.conf. + * Bump Build-Depends on kmod to (>= 14). + * Bump Build-Depends on libcryptsetup-dev to (>= 2:1.6.0) for tcrypt + support. + * Make kmod-static-nodes.service check for the kmod binary since we don't + want a hard dependency on kmod e.g. for container installations. + * Disable various features which aren't required for the udeb build. + * Move new sd_pid_get_slice and sd_session_get_vt man pages into + libsystemd-login-dev. + * Make no-patch-numbers the default for gbp-pq. + * Adjust systemd-user pam config file for Debian. + This pam config file is used by libpam-systemd/systemd-logind when + launching systemd user instances. + * Drop patches to make logind D-Bus activatable. The cgroup handling has + been reworked in v205 and logind no longer creates cgroup hierarchies on + its own. That means that the standalone logind is no longer functional + without support from systemd (or an equivalent cgroup manager). + + [ Martin Pitt ] + * Explain patch management in debian/README.source. + + -- Michael Biebl Mon, 28 Apr 2014 00:22:57 +0200 + +systemd (204-14) unstable; urgency=medium + + * Fix SIGABRT in insserv generator caused by incorrect usage of strcat(). + (Closes: #752992) + * Mark -dev packages as Multi-Arch: same. (Closes: #720017) + + -- Michael Biebl Sat, 28 Jun 2014 13:22:43 +0200 + +systemd (204-13) unstable; urgency=medium + + * Switch back to load the sg module via the kmod builtin. The problem was + not that the kmod builtin is faster then modprobe but rather the incorrect + usage of the "=" assignment operator. We need to use "+=" here, so the sg + module is loaded in addition to other scsi modules, which are loaded via + the modalias rule. Thanks to Tommaso Colombo for the analysis. + * Cherry-pick upstream fix which prevents systemd from entering an infinite + loop when trying to break an ordering cycle. (Closes: #752259) + * Update insserv generator to not create any drop-in files for services + where the corresponding SysV init script does not exist. + * Drop the check for /sys/kernel/uevent_helper from postinst and the SysV + init script and do not unconditionally overwrite it in the initramfs hook. + Since a long time now udev has been using the netlink interface to + communicate with the kernel and with Linux 3.16 it is possible to disable + CONFIG_UEVENT_HELPER completely. (Closes: #752742) + + -- Michael Biebl Sat, 28 Jun 2014 00:01:16 +0200 + +systemd (204-12) unstable; urgency=medium + + [ Martin Pitt ] + * Change the sg loading rule (for Debian #657948) back to using modprobe. + kmod is too fast and then sg races with sd, causing the latter to not see + SCSI disks. (Closes: #752591, #752605) + + [ Michael Biebl ] + * Update udev bug-script to attach instead of paste extra info if a new + enough reportbug version is available. + + -- Michael Biebl Wed, 25 Jun 2014 10:55:12 +0200 + +systemd (204-11) unstable; urgency=medium + + [ Martin Pitt ] + * Explain patch management in debian/README.source. (Closes: #739113) + * Replace "Always probe cpu support drivers" patch with cherry-picked + upstream fix which is more general. + * Advertise hibernation only if there's enough free swap. Patches backported + from current upstream. (LP: #1313522) + * Fix typo in sg loading rule to make it actually work. + + [ Michael Biebl ] + * Make no-patch-numbers the default for gbp-pq. + * Cherry-pick upstream fix to properly handle multiline syslog messages. + (Closes: #746351) + * Cherry-pick upstream fix for libudev which fixes a memleak in + parent_add_child(). + * Drop "-b debian" from Vcs-Git since we use the master branch for + packaging now. + * Drop Conflicts: sysvinit (<< 2.88dsf-44~) from systemd-sysv since this + breaks dist-upgrades from wheezy when switching from sysvinit to + systemd-sysv as default init. While downgrading the Pre-Depends in + sysvinit would have been an alternative, dropping the Conflicts and only + keeping the Replaces was deemed the lesser evil. (Closes: #748355) + * Use Conflicts instead of Breaks against sysvinit-core. This avoids + /sbin/init going missing when switching from systemd-sysv to sysvinit. + While at it, add a Replaces: upstart. (Closes: #751589) + * Make the SysV compat tools try both /run/initctl and /dev/initctl. This + makes them usable under sysvinit as PID 1 without requiring any symlinks. + * Various ifupdown integration fixes + - Use DefaultDependencies=no in ifup@.service so the service can be + started as early as possible. + - Create the ifupdown runtime directory in ifup@.service as we can no + longer rely on the networking service to do that for us. + - Don't stop ifup@.service on shutdown but let the networking service take + care of stopping all hotplugged interfaces. + - Only start ifup@.service for interfaces configured as allow-hotplug. + + [ Michael Stapelberg ] + * Clarify that “systemd” does not influence init whereas “systemd-sysv” does + (Closes: #747741) + + [ Ansgar Burchardt ] + * Don't use "set +e; set +u" unconditionally in the lsb init-functions hook + as this might change the behaviour of existing SysV init scripts. + (Closes: #751472) + + -- Michael Biebl Tue, 24 Jun 2014 17:03:43 +0200 + +systemd (204-10) unstable; urgency=medium + + * In the udeb's udev.startup, make sure that /dev/pts exists. + * systemd-logind-launch: Set the #files ulimit, for unprivileged LXC + containers. + * Drop udev.NEWS, it only applies to pre-squeeze. + * Remove /var/log/udev on purge. + * Always probe cpu support drivers. (LP #1207705) + * On Dell PowerEdge systems, the iDRAC7 and later support a USB Virtual NIC + for management. Name this interface "idrac" to avoid confusion with "real" + network interfaces. + * Drop numerical prefixes from patches, to avoid future diff noise when + removing, cherry-picking, and merging patches. From now on, always use + "gbp-pq export --no-patch-numbers" to update them. + + -- Martin Pitt Sun, 27 Apr 2014 11:53:52 +0200 + +systemd (204-9) unstable; urgency=medium + + * The "Flemish Beef and Beer Stew" release. + + [ Steve Langasek ] + * Do proper refcounting of the PAM module package on prerm, so that we + don't drop the module from the PAM config when uninstalling a + foreign-arch package. Related to Ubuntu bug #1295521. + + [ Martin Pitt ] + * debian/udev.udev-finish.upstart: Fix path to tmp-rules, + debian/extra/rule_generator.functions creates them in /run/udev/. + * rules: Remove the kernel-install bits; we don't want that in Debian and + thus it shouldn't appear in dh_install --list-missing output. + * Ship sd-shutdown.h in libsystemd-daemon-dev. + * Run dh_install with --fail-missing, to avoid forgetting files when we move + to new versions. + * Mount /dev/pts with the correct permissions in the udev, to avoid needing + pt_chown (not available on all architectures). Thanks Adam Conrad. + * Add new block of Windows Azure ethernet hardware address to + 75-persistent-net-generator.rules. (LP: #1274348, Closes: #739018) + * Drop our Debian specific 60-persistent-storage{,-tape}.rules and use the + upstream rules. They are compatible and do a superset of the + functionality. (Closes: #645466) + * Drop our Debian specific 80-drivers.rules and use the upstream rules with + a patch for the sg module (see #657948). These now stop calling modprobe + and use the kmod builtin, giving some nice boot speed improvement. + (Closes: #717404) + * Drop our Debian specific 50-udev-default.rules and 91-permissions.rules + and use the upstream rules with a patch for the remaining Debian specific + default device permissions. Many thanks to Marco d'Itri for researching + which Debian-specific rules are obsolete! Amongst other things, this now + also reads the hwdb info for USB devices (Closes: #717405) and gets rid of + some syntax errors (Closes: #706221) + * Set default polling interval on removable devices as well, for kernels + which have "block" built in instead of being a module. (Closes: #713877) + * Make sd_login_monitor_new() work for logind without systemd. + * Cherry-pick upstream fix for polkit permissions for rebooting with + multiple sessions. + * Kill /etc/udev/links.conf, create_static_nodes, and associated code. It's + obsolete with devtmpfs (which is required now), and doesn't run with + systemd or upstart anyway. + * Drop unnecessary udev.dirs. + * Add autopkgtests for smoke-testing logind, hostnamed, timedated, localed, + and a compile/link/run test against libsystemd-login-dev. + + [ Marco d'Itri ] + * preinst: check for all the system calls required by modern releases + of udev. (Closes: #648325) + * Updated fbdev-blacklist.conf for recent kernels. + * Do not blacklist viafb because it is required on the OLPC XO-1.5. + (Closes: #705792) + * Remove write_cd_rules and the associated rules which create "persistent" + symlinks for CD/DVD devices and replace them with more rules in + 60-cdrom_id, which will create symlinks for one at random among the + devices installed. Since the common case is having a single device + then everything will work out just fine most of the times... + (Closes: #655924) + * Fix write_net_rules for systemd and sysvinit users by copying the + temporary rules from /run/udev/ to /etc/udev/. (Closes: #735563) + * Do not install sysctl.d/50-default.conf because the systemd package + should not change kernel policies, at least until it will become + the only supported init system. + + [ Michael Stapelberg ] + * Add systemd-dbg package, thanks Daniel Schaal (Closes: #742724). + * Switch from gitpkg to git-buildpackage. Update README.source accordingly. + * Make libpam-systemd depend on systemd-sysv | systemd-shim. Packages that + need logind functionality should depend on libpam-systemd. + + [ Michael Biebl ] + * Do not send potentially private fstab information without prior user + confirmation. (Closes: #743158) + * Add support for LSB facilities defined by insserv. + Parse /etc/insserv.conf.d content and /etc/insserv.conf and generate + systemd unit drop-in files to add corresponding dependencies. Also ship + targets for the Debian specific $x-display-manager and + $mail-transport-agent system facilities. (Closes: #690892) + * Do not accidentally re-enable /var/tmp cleaning when migrating the TMPTIME + setting from /etc/default/rcS. Fix up existing broken configurations. + (Closes: #738862) + + -- Michael Biebl Sat, 26 Apr 2014 21:37:29 +0200 + +systemd (204-8) unstable; urgency=low + + [ Michael Stapelberg ] + * move manpages from systemd to libsystemd-*-dev as appropriate + (Closes: #738723) + * fix systemctl enable/disable/… error message “Failed to issue method call: + No such file or directory” (the previous upload did actually not contain + this fix due to a merge conflict) (Closes: #738843) + * add explicit “Depends: sysv-rc” so that initscript’s “Depends: sysv-rc | + file-rc” will not be satisfied with file-rc. We need the invoke-rc.d and + update-rc.d from sysv-rc, file-rc’s doesn’t have support for systemd. + (Closes: #739679) + * set capabilities cap_dac_override,cap_sys_ptrace=ep for + systemd-detect-virt, so that it works for unprivileged users. + (Closes: #739699) + * pam: Check $XDG_RUNTIME_DIR owner (Closes: #731300) + * Ignore chkconfig headers entirely, they are often broken in Debian + (Closes: #634472) + + [ Michael Biebl ] + * do a one-time migration of RAMTMP= from /etc/default/rcS and + /etc/default/tmpfs, i.e. enable tmp.mount (Closes: #738687) + * Bump Standards-Version to 3.9.5. + + -- Michael Biebl Wed, 19 Mar 2014 18:57:35 +0100 + +systemd (204-7) unstable; urgency=low + + * fix systemctl enable/disable/… error message “Failed to issue method call: + No such file or directory” (Closes: #734809) + * bug-script: attach instead of paste extra info with reportbug ≥ 6.5.0 + (Closes: #722530) + * add stage1 bootstrap support to avoid Build-Depends cycles (Thanks Daniel + Schepler) + * cherry-pick: + order remote mounts from mountinfo before remote-fs.target (77009452cfd) + (Closes: #719945) + Fix CPUShares configuration option (ccd90a976dba) (Closes: #737156) + fix reference in systemd-inhibit(1) (07b4b9b) (Closes: #738316) + + -- Michael Stapelberg Tue, 11 Feb 2014 23:34:42 +0100 + +systemd (204-6) unstable; urgency=low + + [ Michael Stapelberg ] + * Run update-rc.d defaults before update-rc.d + (Closes: #722523) + * preinst: preserve var-{lock,run}.mount when upgrading from 44 to 204 + (Closes: #723936) + * fstab-generator: don’t rely on /usr being mounted in the initrd + (Closes: #724797) + * systemctl: mangle names when avoiding dbus (Closes: #723855) + * allow group adm read access on /var/log/journal (Closes: #717386) + * add systemd-journal group (Thanks Guido Günther) (Closes: #724668) + * copy /etc/localtime instead of symlinking (Closes: #726256) + * don’t try to start autovt units when not running with systemd as pid 1 + (Closes: #726466) + * Add breaks/replaces for the new sysvinit-core package (Thanks Alf Gaida) + (Closes: #733240) + * Add myself to uploaders + + [ Tollef Fog Heen ] + * Make 99-systemd.rules check for /run/systemd/systemd instead of the + ill-named cgroups directory. + + [ Martin Pitt ] + * debian/udev.upstart: Fix path to udevd, the /sbin/udevd compat symlink + should go away at some point. + * debian/udev-udeb.install: Add 64-btrfs.rules and 75-probe_mtd.rules, they + are potentially useful in a d-i environment. + * debian/shlibs.local: Drop libudev; this unnecessarily generates overly + strict dependencies, the libudev ABI is stable. + * debian/extra/rules/75-persistent-net-generator.rules: Add Ravello systems + (LP: #1099278) + + -- Michael Stapelberg Tue, 31 Dec 2013 14:39:44 +0100 + +systemd (204-5) unstable; urgency=high + + * Cherry-pick 72fd713 from upstream which fixes insecure calling of polkit + by avoiding a race condition in scraping /proc (CVE-2013-4327). + Closes: #723713 + + -- Michael Biebl Mon, 23 Sep 2013 11:59:53 +0200 + +systemd (204-4) unstable; urgency=low + + * Add preinst check to abort udev upgrade if the currently running kernel + lacks devtmpfs support. Since udev 176, devtmpfs is mandatory as udev no + longer creates any device nodes itself. This only affects self-compiled + kernels which now need CONFIG_DEVTMPFS=y. Closes: #722580 + * Fix SysV init script to correctly mount a devtmpfs instead of tmpfs. This + only affects users without an initramfs, which usually is responsible for + mounting the devtmpfs. Closes: #722604 + * Drop pre-squeeze upgrade code from maintainer scripts and simplify the + various upgrade checks. + * Suppress errors about unknown hwdb builtin. udev 196 introduced a new + "hwdb" builtin which is not understood by the old udev daemon. + * Add missing udeb line to shlibs.local. This ensures that udev-udeb gets a + proper dependency on libudev1-udeb and not libudev1. Closes: #722939 + * Remove udev-udeb dependency from libudev1-udeb to avoid a circular + dependency between the two packages. This dependency was copied over from + the old udev-gtk-udeb package and no longer makes any sense since + libudev1-udeb only contains a library nowadays. + + -- Michael Biebl Wed, 18 Sep 2013 00:05:21 +0200 + +systemd (204-3) unstable; urgency=low + + [ Michael Biebl ] + * Upload to unstable. + * Use /bin/bash in debug-shell.service as Debian doesn't have /sbin/sushell. + * Only import net.ifaces cmdline property for network devices. + * Generate strict dependencies between the binary packages using a + shlibs.local file and add an explicit versioned dependency on + libsystemd-login0 to systemd to ensure packages are upgraded in sync. + Closes: #719444 + * Drop obsolete Replaces: libudev0 from udev package. + * Use correct paths for various binaries, like /sbin/quotaon, which are + installed in / and not /usr in Debian. Closes: #721347 + * Don't install kernel-install(8) man page since we don't install the + corresponding binary either. Closes: #722180 + * Cherry-pick upstream fixes to make switching runlevels and starting + reboot via ctrl-alt-del more robust. + * Cherry-pick upstream fix to properly apply ACLs to Journal files. + Closes: #717863 + + [ Michael Stapelberg ] + * Make systemctl enable|disable call update-rc.d for SysV init scripts. + Closes: #709780 + * Don't mount /tmp as tmpfs by default and make it possible to enable this + feature via "systemctl enable tmp.mount". Closes: #718906 + + [ Daniel Schaal ] + * Add bug-script to systemd and udev. Closes: #711245 + + [ Ondrej Balaz ] + * Recognize discard option in /etc/crypttab. Closes: #719167 + + -- Michael Biebl Thu, 12 Sep 2013 00:13:11 +0200 + +systemd (204-2) experimental; urgency=low + + [ Daniel Schaal ] + * Enable verbose build logs. Closes: #717465 + * Add handling of Message Catalog files to provide additional information + for log entries. Closes: #717427 + * Remove leftover symlink to debian-enable-units.service. Closes: #717349 + + [ Michael Stapelberg ] + * Install 50-firmware.rules in the initramfs and udeb. Closes: #717635 + + [ Michael Biebl ] + * Don't pass static start priorities to dh_installinit anymore. + * Switch the hwdb trigger to interest-noawait. + * Remove obsolete support for configurable udev root from initramfs. + * Bind ifup@.service to the network device. This ensures that ifdown is run + when the device is removed and the service is stopped. + Closes: #660861, #703033 + * Bump Standards-Version to 3.9.4. No further changes. + * Add Breaks against consolekit (<< 0.4.6-1) for udev-acl. Closes: #717385 + * Make all packages Priority: optional, with the exception of udev and + libudev1, which remain Priority: important, and systemd-sysv, which + remains Priority: extra due to the conflict with sysvinit. + Closes: #717365 + * Restart systemd-logind.service on upgrades due to changes in the + CreateSession D-Bus API between v44 and v204. Closes: #717403 + + -- Michael Biebl Wed, 24 Jul 2013 23:47:59 +0200 + +systemd (204-1) experimental; urgency=low + + * New upstream release. Closes: #675175, #675177 + - In v183 the udev sources have been merged into the systemd source tree. + As a result, the udev binary packages will now be built from the systemd + source package. To align the version numbers 139 releases were skipped. + - For a complete list of changes, please refer to the NEWS file. + * Add Marco to Uploaders. + * Drop Suggests on the various python packages from systemd. The + systemd-analyze tool has been reimplemented in C. + * Add binary packages as found in the udev 175-7.2 source package. + * Wrap dependencies for better readability. + * Drop hard-coded Depends on libglib2.0-0 from gir1.2-gudev-1.0. + * Drop old Conflicts, Replaces and Breaks, which are no longer necessary. + * Make libgudev-1.0-dev depend on gir1.2-gudev-1.0 as per GObject + introspection mini-policy. Closes: #691313 + * The hwdb builtin has replaced pci-db and usb-db in udev. Drop the + Recommends on pciutils and usbutils accordingly. + * Drop our faketime hack. Upstream uses a custom xsl style sheet now to + generate the man pages which no longer embeds the build date. + * Add Depends on libpam-runtime (>= 1.0.1-6) to libpam-systemd as we are + using pam-auth-update. + * Explicitly set Section and Priority for the udev binary package. + * Update Build-Depends: + - Drop libudev-dev, no longer required. + - Add gtk-doc-tools and libglib2.0-doc for the API documentation in + libudev and libgudev. + - Add libgirepository1.0-dev and gobject-introspection for GObject + introspection support in libgudev. + - Add libgcrypt11-dev for encryption support in the journal. + - Add libblkid-dev for the blkid udev builtin. + * Use gir dh addon to ensure ${gir:Depends} is properly set. + * Rename libudev0 → libudev1 for the SONAME bump. + * Update symbols files. libudev now uses symbols versioning as the other + libsystemd libraries. The libgudev-1.0-0 symbols file has been copied from + the old udev package. + * Run gtkdocize on autoreconf. + * Enable python bindings for the systemd libraries and ship them in a new + package named python-systemd. + * Tighten Depends on libsystemd-id128-dev for libsystemd-journal-dev as per + libsystemd-journal.pc. + * Remove obsolete bash-completion scripts on upgrades. Nowadays they are + installed in /usr/share/bash-completion/completions. + * Rename conffiles for logind and journald. + * Rename udev-gtk-udeb → libudev1-udeb to better reflect its actual contents. + * Build two flavours: a regular build and one for the udev udebs with + reduced features/dependencies. + * Create a few compat symlinks for the udev package, most notably + /sbin/udevadm and /sbin/udevd. + * Remove the dpkg-triggered debian-enable-units script. This was a temporary + workaround for wheezy. Packages should use dh-systemd now to properly + integrate service files with systemd. + * Update debian/copyright using the machine-readable copyright format 1.0. + * Integrate changes from udev 175-7 and acknowledge the 175-7.1 and 175-7.2 + non-maintainer uploads. + * Keep the old persistent network interface naming scheme for now and make + the new one opt-in via net.ifnames=1 on the kernel command line. + * Drop the obsolete udev-mtab SysV init script and properly clean up on + upgrades. + * Simplify the udev SysV init script and remove experimental and obsolete + features. + * Revert upstream commits which dropped support for distro specific + features and config files. + * Make logind, hostnamed, localed and timedated D-Bus activatable and + usable when systemd is not running. + * Store hwdb binary database in /lib/udev, not /etc/udev. Create the file on + install and upgrades. + * Provide a dpkg file trigger for hwdb, so the database is automatically + updated when packages install files into /lib/udev/hwdb.d. + + -- Michael Biebl Fri, 19 Jul 2013 00:32:36 +0200 + +systemd (44-12) unstable; urgency=low + + * Cherry-pick e17187 from upstream to fix build failures with newer glibc + where the clock_* symbols have been moved from librt to libc. + Closes: #701364 + * If the new init-system-helpers package is installed, make the + debian-enable-units script a no-op. The auto-enabler was meant as a + temporary workaround and will be removed once all packages use the new + helper. + * Update the checks which test if systemd is the active init. The + recommended check is [ -d /run/systemd/system ] as this will also work + with a standalone systemd-logind. + * Set Maintainer to pkg-systemd-maintainers@lists.alioth.debian.org. Add + Tollef and myself as Uploaders. + * Stop building the GUI bits. They have been split into a separate source + package called systemd-ui. + + -- Michael Biebl Thu, 20 Jun 2013 01:32:16 +0200 + +systemd (44-11) unstable; urgency=low + + * Team upload. + * Run debian-enable-units.service after sysinit.target to ensure our tmp + files aren't nuked by systemd-tmpfiles. + * The mountoverflowtmp SysV init script no longer exists so remove that + from remount-rootfs.service to avoid an unnecessary diff to upstream. + * Do not fail on purge if /var/lib/systemd is empty and has been removed + by dpkg. + + -- Michael Biebl Wed, 13 Mar 2013 08:03:06 +0100 + +systemd (44-10) unstable; urgency=low + + * Team upload. + * Using the return code of "systemctl is-enabled" to determine whether we + enable a service or not is unreliable since it also returns a non-zero + exit code for masked services. As we don't want to enable masked services, + grep for the string "disabled" instead. + + -- Michael Biebl Fri, 15 Feb 2013 17:01:24 +0100 + +systemd (44-9) unstable; urgency=low + + * Team upload. + * Fix typo in systemd.socket man page. Closes: #700038 + * Use color specification in "systemctl dot" which is actually + understood by dot. Closes: #643689 + * Fix mounting of remote filesystems like NFS. Closes: #673309 + * Use a file trigger to automatically enable service and socket units. A lot + of packages simply install systemd units but do not enable them. As a + result they will be inactive after the next boot. This is a workaround for + wheezy which will be removed again in jessie. Closes: #692150 + + -- Michael Biebl Fri, 15 Feb 2013 13:35:39 +0100 + +systemd (44-8) unstable; urgency=low + + * Team upload. + * Use comment=systemd.* syntax in systemd.mount man page. The + mount/util-linux version in wheezy is not recent enough to support the new + x-systemd* syntax. Closes: #697141 + * Don't enable persistent storage of journal log files. The journal in v44 + is not yet mature enough. + + -- Michael Biebl Sat, 19 Jan 2013 20:05:05 +0100 + +systemd (44-7) unstable; urgency=low + + * Fix a regression in the init-functions hook wrt reload handling that was + introduced when dropping the X-Interactive hack. Closes: #696355 + + -- Michael Biebl Fri, 21 Dec 2012 00:00:12 +0100 + +systemd (44-6) unstable; urgency=low + + [ Michael Biebl ] + * No longer ship the /sys directory in the systemd package since it is + provided by base-files nowadays. + * Don't run udev rules if systemd is not active. + * Converting /var/run, /var/lock and /etc/mtab to symlinks is a one-time + migration so don't run the debian-fixup script on every boot. + + [ Tollef Fog Heen ] + * Prevent the systemd package from being removed if it's the active init + system, since that doesn't work. + + [ Michael Biebl ] + * Use a separate tmpfs for /run/lock (size 5M) and /run/user (size 100M). + Those directories are user-writable which could lead to DoS by filling up + /run. Closes: #635131 + + -- Michael Biebl Sun, 16 Dec 2012 21:58:37 +0100 + +systemd (44-5) unstable; urgency=low + + * Team upload. + + [ Tollef Fog Heen ] + * disable killing on entering START_PRE, START, thanks to Michael + Stapelberg for patch. This avoids killing VMs run through libvirt + when restarting libvirtd. Closes: #688635. + * Avoid reloading services when shutting down, since that won't work and + makes no sense. Thanks to Michael Stapelberg for the patch. + Closes: #635777. + * Try to determine which init scripts support the reload action + heuristically. Closes: #686115, #650382. + + [ Michael Biebl ] + * Update Vcs-* fields, the Git repository is hosted on alioth now. Set the + default branch to "debian". + * Avoid reload and (re)start requests during early boot which can lead to + deadlocks. Closes: #624599 + * Make systemd-cgroup work even if not all cgroup mounts are available on + startup. Closes: #690916 + * Fix typos in the systemd.path and systemd.unit man page. Closes: #668344 + * Add watch file to track new upstream releases. + + -- Michael Biebl Thu, 25 Oct 2012 21:41:23 +0200 + +systemd (44-4) unstable; urgency=low + + [ Michael Biebl ] + * Override timestamp for man page building, thereby avoiding skew + between architectures which caused problems for multi-arch. + Closes: #680011 + + [ Tollef Fog Heen ] + * Move diversion removal from postinst to preinst. Closes: #679728 + * Prevent the journal from crashing when running out of disk space. + This is 499fb21 from upstream. Closes: #668047. + * Stop mounting a tmpfs on /media. Closes: #665943 + + -- Tollef Fog Heen Sun, 01 Jul 2012 08:17:50 +0200 + +systemd (44-3) unstable; urgency=low + + [ Michael Biebl ] + * Bump to debhelper 9. + * Convert to Multi-Arch: same where possible. Closes: #676615 + + [ Tollef Fog Heen ] + * Cherry-pick d384c7 from upstream to stop journald from leaking + memory. Thanks to Andreas Henriksson for testing. Closes: #677701 + * Ship lsb init script override/integration in /lib/lsb/init-functions.d + rather than diverting /lib/lsb/init-functions itself. Add appropriate + Breaks to ensure upgrades happen. + + -- Tollef Fog Heen Fri, 29 Jun 2012 22:34:16 +0200 + +systemd (44-2) unstable; urgency=low + + [ Michael Biebl ] + * Tighten the versions in the maintscript file + * Ship the /sys directory in the package + * Re-add workaround for non-interactive PAM sessions + * Mask checkroot-bootclean (Closes: #670591) + * Don't ignore errores in systemd-sysv postinst + + [ Tollef Fog Heen ] + * Bring tmpfiles.d/tmp.conf in line with Debian defaults. Closes: #675422 + * Make sure /run/sensigs.omit.d exists. + * Add python-dbus and python-cairo to Suggests, for systemd-analyze. + Closes: #672965 + + -- Tollef Fog Heen Tue, 08 May 2012 18:04:22 +0200 + +systemd (44-1) unstable; urgency=low + + [ Tollef Fog Heen ] + * New upstream version. + - Backport 3492207: journal: PAGE_SIZE is not known on ppc and other + archs + - Backport 5a2a2a1: journal: react with immediate rotation to a couple + of more errors + - Backport 693ce21: util: never follow symlinks in rm_rf_children() + Fixes CVE-2012-1174, closes: #664364 + * Drop output message from init-functions hook, it's pointless. + * Only rmdir /lib/init/rw if it exists. + * Explicitly order debian-fixup before sysinit.target to prevent a + possible race condition with the creation of sockets. Thanks to + Michael Biebl for debugging this. + * Always restart the initctl socket on upgrades, to mask sysvinit + removing it. + + [ Michael Biebl ] + * Remove workaround for non-interactive sessions from pam config again. + * Create compat /dev/initctl symlink in case we are upgrading from a system + running a newer version of sysvinit (using /run/initctl) and sysvinit is + replaced with systemd-sysv during the upgrade. Closes: #663219 + * Install new man pages. + * Build-Depend on valac (>= 0.12) instead of valac-0.12. Closes: #663323 + + -- Tollef Fog Heen Tue, 03 Apr 2012 19:59:17 +0200 + +systemd (43-1) experimental; urgency=low + + [ Tollef Fog Heen ] + * Target upload at experimental due to libkmod dependency + * New upstream release + - Update bash-completion for new verbs and arguments. Closes: #650739 + - Fixes local DoS (CVE-2012-1101). Closes: #662029 + - No longer complains if the kernel lacks audit support. Closes: #642503 + * Fix up git-to-source package conversion script which makes gitpkg + happier. + * Add libkmod-dev to build-depends + * Add symlink from /bin/systemd to /lib/systemd/systemd. + * Add --with-distro=debian to configure flags, due to no /etc/os-release + yet. + * Add new symbols for libsystemd-login0 to symbols file. + * Install a tmpfiles.d file for the /dev/initctl → /run/initctl + migration. Closes: #657979 + * Disable coredump handling, it's not ready yet. + * If /run is a symlink, don't try to do the /var/run → /run migration. + Ditto for /var/lock → /run/lock. Closes: #647495 + + [ Michael Biebl ] + * Add Build-Depends on liblzma-dev for journal log compression. + * Add Build-Depends on libgee-dev, required to build systemadm. + * Bump Standards-Version to 3.9.2. No further changes. + * Add versioned Build-Depends on automake and autoconf to ensure we have + recent enough versions. Closes: #657284 + * Add packages for libsystemd-journal and libsystemd-id128. + * Update symbols file for libsystemd-login. + * Update configure flags, use rootprefix instead of rootdir. + * Copy intltool files instead of symlinking them. + * Re-indent init-functions script. + * Remove workarounds for services using X-Interactive. The LSB X-Interactive + support turned out to be broken and has been removed upstream so we no + longer need any special handling for those type of services. + * Install new systemd-journalctl, systemd-cat and systemd-cgtop binaries. + * Install /var/lib/systemd directory. + * Install /var/log/journal directory where the journal files are stored + persistently. + * Setup systemd-journald to not read from /proc/kmsg (ImportKernel=no). + * Avoid error messages from systemctl in postinst if systemd is not running + by checking for /sys/fs/cgroup/systemd before executing systemctl. + Closes: #642749 + * Stop installing lib-init-rw (auto)mount units and try to cleanup + /lib/init/rw in postinst. Bump dependency on initscripts accordingly. + Closes: #643699 + * Disable pam_systemd for non-interactive sessions to work around an issue + with sudo. + * Use new dh_installdeb maintscript facility to handle obsolete conffiles. + Bump Build-Depends on debhelper accordingly. + * Rename bash completion file systemctl-bash-completion.sh → + systemd-bash-completion.sh. + * Update /sbin/init symlink. The systemd binary was moved to $pkglibdir. + + -- Tollef Fog Heen Tue, 07 Feb 2012 21:36:34 +0100 + +systemd (37-1.1) unstable; urgency=low + + * Non-maintainer upload with Tollef's consent. + * Remove --parallel to workaround a bug in automake 1.11.3 which doesn't + generate parallel-safe build rules. Closes: #661842 + * Create a compat symlink /run/initctl → /dev/initctl to work with newer + versions of sysvinit. Closes: #657979 + + -- Michael Biebl Sat, 03 Mar 2012 17:42:10 +0100 + +systemd (37-1) unstable; urgency=low + + [ Tollef Fog Heen ] + * New upstream version + * Change the type of the debian-fixup service to oneshot. + Closes: #642961 + * Add ConditionPathIsDirectory to lib-init-rw.automount and + lib-init-rw.mount so we only activate the unit if the directory + exists. Closes: #633059 + * If a sysv service exists in both rcS and rcN.d runlevels, drop the + rcN.d ones to avoid loops. Closes: #637037 + * Blacklist fuse init script, we do the same work already internally. + Closes: #643700 + * Update README.Debian slightly for /run rather than /lib/init/rw + + [ Josh Triplett ] + * Do a one-time migration of the $TMPTIME setting from /etc/default/rcS to + /etc/tmpfiles.d/tmp.conf. If /etc/default/rcS has a TMPTIME setting of + "infinite" or equivalent, migrate it to an /etc/tmpfiles.d/tmp.conf that + overrides the default /usr/lib/tmpfiles.d/tmp.conf and avoids clearing + /tmp. Closes: #643698 + + -- Tollef Fog Heen Wed, 28 Sep 2011 20:04:13 +0200 + +systemd (36-1) unstable; urgency=low + + [ Tollef Fog Heen ] + * New upstream release. Closes: #634618 + - Various man page fixes. Closes: #623521 + * Add debian-fixup service that symlinks mtab to /proc/mounts and + migrates /var/run and /var/lock to symlinks to /run + + [ Michael Biebl ] + * Build for libnotify 0.7. + * Bump Build-Depends on libudev to (>= 172). + * Add Build-Depends on libacl1-dev. Required for building systemd-logind + with ACL support. + * Split libsystemd-login and libsystemd-daemon into separate binary + packages. + * As autoreconf doesn't like intltool, override dh_autoreconf and call + intltoolize and autoreconf ourselves. + * Add Build-Depends on intltool. + * Do a one-time migration of the hwclock configuration. If UTC is set to + "no" in /etc/default/rcS, create /etc/adjtime and add the "LOCAL" setting. + * Remove /cgroup cleanup code from postinst. + * Add Build-Depends on gperf. + + -- Tollef Fog Heen Wed, 14 Sep 2011 08:25:17 +0200 + +systemd (29-1) unstable; urgency=low + + [ Tollef Fog Heen ] + * New upstream version, Closes: #630510 + - Includes typo fixes in documentation. Closes: #623520 + * Fall back to the init script reload function if a native .service file + doesn't know how to reload. Closes: #628186 + * Add hard dependency on udev. Closes: #627921 + + [ Michael Biebl ] + * hwclock-load.service is no longer installed, so we don't need to remove it + anymore in debian/rules. + * Install /usr/lib directory for binfmt.d, modules-load.d, tmpfiles.d and + sysctl.d. + * Remove obsolete conffiles from /etc/tmpfiles.d on upgrades. Those files + are installed in /usr/lib/tmpfiles.d now. + * Depend on util-linux (>= 2.19.1-2) which provides whole-disk locking + support in fsck and remove our revert patch. + * Don't choke when systemd was compiled with a different CAP_LAST_CAP then + what it is run with. Patch cherry-picked from upstream Git. + Closes: #628081 + * Enable dev-hugepages.automount and dev-mqueue.automount only when enabled + in kernel. Patch cherry-picked from upstream Git. Closes: #624522 + + -- Tollef Fog Heen Wed, 08 Jun 2011 16:14:31 +0200 + +systemd (25-2) experimental; urgency=low + + * Handle downgrades more gracefully by removing diversion of + /lib/lsb/init-functions on downgrades to << 25-1. + * Cherry-pick a133bf10d09f788079b82f63faa7058a27ba310b from upstream, + avoids assert when dumping properties. Closes: #624094 + * Remove "local" in non-function context in init-functions wrapper. + + -- Tollef Fog Heen Wed, 27 Apr 2011 22:20:04 +0200 + +systemd (25-1) experimental; urgency=low + + * New upstream release, target experimental due to initscripts + dependency. + - Fixes where to look for locale config. Closes: #619166 + * Depend on initscripts >= 2.88dsf-13.4 for /run transition. + * Add Conflicts on klogd, since it doesn't work correctly with the + kmg→/dev/log bridge. Closes: #622555 + * Add suggests on Python for systemd-analyze. + * Divert /lib/lsb/init-functions instead of (ab)using + /etc/lsb-base-logging.sh for diverting calls to /etc/init.d/* + * Remove obsolete conffile /etc/lsb-base-logging.sh. Closes: #619093 + * Backport 3a90ae048233021833ae828c1fc6bf0eeab46197 from master: + mkdir /run/systemd/system when starting up + + -- Tollef Fog Heen Sun, 24 Apr 2011 09:02:04 +0200 + +systemd (20-1) unstable; urgency=low + + * New upstream version + * Install systemd-machine-id-setup + * Call systemd-machine-id-setup in postinst + * Cherry-pick b8a021c9e276adc9bed5ebfa39c3cab0077113c6 from upstream to + prevent dbus assert error. + * Enable TCP wrapper support. Closes: #618409 + * Enable SELinux support. Closes: #618412 + * Make getty start after Apache2 and OpenVPN (which are the only two + known users of X-Interactive: yes). Closes: #618419 + + -- Tollef Fog Heen Fri, 11 Mar 2011 19:14:21 +0100 + +systemd (19-1) experimental; urgency=low + + * New upstream release + * Add systemd-tmpfiles to systemd package. + * Add ifup@.service for handling hotplugged interfaces from + udev. Closes: #610871 + * Mask mtab.service and udev-mtab.service as they are pointless when + /etc/mtab is a symlink to /proc/mounts + * Add breaks on lvm2 (<< 2.02.84-1) since older versions have udev rules + that don't work well with systemd causing delays on bootup. + + -- Tollef Fog Heen Thu, 17 Feb 2011 07:36:22 +0100 + +systemd (17-1) experimental; urgency=low + + [ Tollef Fog Heen ] + * New upstream release + * Clarify ifupdown instructions in README.Debian somewhat. + Closes: #613320 + * Silently skip masked services in lsb-base-logging.sh instead of + failing. Initial implementation by Michael Biebl. Closes: #612551 + * Disable systemd-vconsole-setup.service for now. + + [ Michael Biebl ] + * Bump build dependency on valac-0.10 to (>= 0.10.3). + * Improve regex in lsb-base-logging.sh for X-Interactive scripts. + Closes: #613325 + + -- Tollef Fog Heen Wed, 16 Feb 2011 21:06:16 +0100 + +systemd (16-1) experimental; urgency=low + + [ Tollef Fog Heen ] + * New upstream release. Closes: #609611 + * Get rid of now obsolete patches that are upstream. + * Use the built-in cryptsetup support in systemd, build-depend on + libcryptsetup-dev (>= 2:1.2.0-1) to get a libcryptsetup in /lib. + * Don't use systemctl redirect for init scripts with X-Interactive: true + + [ Michael Biebl ] + * Update package description + * Use v8 debhelper syntax + * Make single-user mode work + * Run hwclock-save.service on shutdown + * Remove dependencies on legacy sysv mount scripts, as we use native + mounting. + + -- Tollef Fog Heen Sun, 16 Jan 2011 11:04:13 +0100 + +systemd (15-1) UNRELEASED; urgency=low + + [ Tollef Fog Heen ] + * New upstream version, thanks a lot to Michael Biebl for help with + preparing this version. + - This version handles cycle breaking better. Closes: #609225 + * Add libaudit-dev to build-depends + * /usr/share/systemd/session has been renamed to /usr/share/systemd/user + upstream, adjust build system accordingly. + * Remove -s from getty serial console invocation. + * Add dependency on new util-linux to make sure /sbin/agetty exists + * Don't mount /var/lock with gid=lock (Debian has no such group). + * Document problem with ifupdown's /etc/network/run being a normal + directory. + + [ Michael Biebl ] + * Revert upstream change which requires libnotify 0.7 (not yet available in + Debian). + * Use dh-autoreconf for updating the build system. + * Revert upstream commit which uses fsck -l (needs a newer version of + util-linux). + * Explicitly disable cryptsetup support to not accidentally pick up a + libcryptsetup dependency in a tainted build environment, as the library + is currently installed in /usr/lib. + * Remove autogenerated man pages and vala C sources, so they are rebuilt. + * Use native systemd mount support: + - Use MountAuto=yes and SwapAuto=yes (default) in system.conf + - Mask SysV init mount, check and cleanup scripts. + - Create an alias (symlink) for checkroot (→ remount-rootfs.service) as + synchronization point for SysV init scripts. + * Mask x11-common, rmnologin, hostname, bootmisc and bootlogd. + * Create an alias for procps (→ systemd-sysctl.service) and + urandom (→ systemd-random-seed-load.service). + * Create an alias for module-init-tools (→ systemd-modules-load.service) and + a symlink from /etc/modules-load.d/modules.conf → /etc/modules. + * Install lsb-base hook which redirects calls to SysV init scripts to + systemctl: /etc/init.d/ → systemctl + * Install a (auto)mount unit to mount /lib/init/rw early during boot. + + -- Tollef Fog Heen Sat, 20 Nov 2010 09:28:01 +0100 + +systemd (11-2) UNRELEASED; urgency=low + + * Tighten depends from systemd-* on systemd to ensure they're upgraded + in lockstep. Thanks to Michael Biebl for the patch. + * Add missing #DEBHELPER# token to libpam-systemd + * Stop messing with runlevel5/multi-user.target symlink, this is handled + correctly upstream. + * Stop shipping /cgroup in the package. + * Remove tmpwatch services, Debian doesn't have or use tmpwatch. + * Make sure to enable GTK bits. + * Ship password agent + * Clean up cgroups properly on upgrades, thanks to Michael Biebl for the + patch. Closes: #599577 + + -- Tollef Fog Heen Tue, 02 Nov 2010 21:47:10 +0100 + +systemd (11-1) experimental; urgency=low + + * New upstream version. Closes: #597284 + * Add pam-auth-update calls to libpam-systemd's postinst and prerm + * Make systemd-sysv depend on systemd + * Now mounts the cgroup fs in /sys/fs/cgroup. Closes: #595966 + * Add libnotify-dev to build-depends (needed for systemadm) + + -- Tollef Fog Heen Thu, 07 Oct 2010 22:01:19 +0200 + +systemd (8-2) experimental; urgency=low + + * Hardcode udev rules dir in configure call. + * Remove README.source as it's no longer accurate. + + -- Tollef Fog Heen Mon, 30 Aug 2010 21:10:26 +0200 + +systemd (8-1) experimental; urgency=low + + * New upstream release + * Only ship the top /cgroup + * Pass --with-rootdir= to configure, to make it think / is / rather + than // + * Add PAM module package + * Fix up dependencies in local-fs.target. Closes: #594420 + * Move systemadm to its own package. Closes: #588451 + * Update standards-version (no changes needed) + * Update README.Debian to explain how to use systemd. + * Add systemd-sysv package that provides /sbin/init and friends. + + -- Tollef Fog Heen Sat, 07 Aug 2010 07:31:38 +0200 + +systemd (0~git+20100605+dfd8ee-1) experimental; urgency=low + + * Initial release, upload to experimental. Closes: #580814 + + -- Tollef Fog Heen Fri, 30 Apr 2010 21:02:25 +0200 diff --git a/clean b/clean new file mode 100644 index 00000000..d176c7ad --- /dev/null +++ b/clean @@ -0,0 +1,5 @@ +debian/shlibs.local +src/ukify/test/__pycache__/ +src/ukify/__pycache__/ +tools/__pycache__/ +tools/chromiumos/__pycache__/ diff --git a/control b/control new file mode 100644 index 00000000..d746228f --- /dev/null +++ b/control @@ -0,0 +1,680 @@ +Source: systemd +Section: admin +Priority: optional +Maintainer: Debian systemd Maintainers +Uploaders: Marco d'Itri , + Sjoerd Simons , + Martin Pitt , + Felipe Sateler , + Luca Boccassi , +Standards-Version: 4.7.0 +Rules-Requires-Root: no +Vcs-Git: https://salsa.debian.org/systemd-team/systemd.git +Vcs-Browser: https://salsa.debian.org/systemd-team/systemd +Homepage: https://systemd.io +Build-Depends: debhelper-compat (= 13), + debhelper (>= 13.11.6), + dh-exec, + dh-package-notes, + dh-sequence-dlopenlibdeps , + dh-sequence-installnss, + dh-sequence-installsysusers, + pkgconf, + xsltproc , + docbook-xsl , + docbook-xml , + meson (>= 0.60.0), + rsync | meson (>= 1.3.0~), + clang:native [amd64 arm64 ppc64el riscv64 s390x] , + linux-bpf-dev [amd64 arm64 ppc64el riscv64 s390x] | linux-headers-generic [amd64 arm64 ppc64el riscv64 s390x] , + libbpf-dev [amd64 arm64 ppc64el riscv64 s390x] , + bpftool:native [amd64 arm64 ppc64el riscv64 s390x] , + linux-tools-generic | bpftool , + gettext, + gperf, + libcap-dev, + libcrypt-dev, + libpam0g-dev, + libapparmor-dev (>= 2.13) , + libidn2-dev , + libiptc-dev , + libaudit-dev , + libdbus-1-dev (>= 1.3.2) , + libcryptsetup-dev (>= 2:2.4) , + libselinux1-dev (>= 2.1.9), + libacl1-dev, + liblzma-dev, + liblz4-dev (>= 1.3.0), + lz4 , + libbz2-dev , + zlib1g-dev | libz-dev , + libcurl4-openssl-dev , + libmicrohttpd-dev , + libpcre2-dev , + libgcrypt20-dev, + libkmod-dev (>= 15), + libblkid-dev (>= 2.24), + libmount-dev (>= 2.30), + libfdisk-dev (>= 2.33), + libseccomp-dev (>= 2.3.1) [amd64 arm64 armel armhf i386 mips mipsel mips64 mips64el x32 powerpc ppc64 ppc64el riscv64 s390x], + libdw-dev (>= 0.158) , + libpolkit-gobject-1-dev , + libzstd-dev (>= 1.4.0), + libtss2-dev , + libfido2-dev , + libp11-kit-dev , + libssl-dev , + libqrencode-dev , + libxen-dev [amd64 arm64 armhf] , + libpwquality-dev , + libarchive-dev , + linux-base , + acl , + python3:native, + python3-jinja2:native, + python3-lxml:native, + python3-pefile:native , + python3-pyelftools [amd64 i386 arm64 armhf riscv64] , + jq [amd64 arm64] , + python3-pyparsing , + python3-evdev:native , + tzdata-legacy | tzdata (<< 2024b-3) , + libcap2-bin , + iproute2 , + zstd , + gawk , + fdisk , + +Package: systemd +Architecture: linux-any +Multi-Arch: foreign +Priority: important +Recommends: default-dbus-system-bus | dbus-system-bus, + linux-sysctl-defaults, + systemd-timesyncd | time-daemon, + systemd-cryptsetup, + ${dlopen:Recommends}, +Suggests: systemd-container, + systemd-homed, + systemd-userdbd, + systemd-boot, + systemd-resolved, + systemd-repart, + libtss2-tcti-device0, + polkitd, + ${dlopen:Suggests}, +Pre-Depends: ${shlibs:Pre-Depends}, + ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + libsystemd0 (= ${binary:Version}), + mount, +Conflicts: consolekit, + libpam-ck-connector, + systemd-shim, + opensysusers, +Breaks: less (<< 563), + sicherboot (<< 0.1.6), + dracut-core (<< 102-2~), +Provides: systemd-sysusers (= ${binary:Version}), + systemd-tmpfiles (= ${binary:Version}), +Description: system and service manager + systemd is a system and service manager for Linux. It provides aggressive + parallelization capabilities, uses socket and D-Bus activation for starting + services, offers on-demand starting of daemons, keeps track of processes using + Linux control groups, maintains mount and automount points and implements an + elaborate transactional dependency-based service control logic. + . + Installing the systemd package will not switch your init system unless you + boot with init=/lib/systemd/systemd or install systemd-sysv in addition. + +Package: systemd-sysv +Architecture: linux-any +Multi-Arch: foreign +Priority: important +Conflicts: sysvinit-core, + file-rc, + systemd-shim, + initscripts, + orphan-sysvinit-scripts, + sysv-rc, + insserv, + startpar, + bfh-container (<< 20211009-22~), + molly-guard (<< 0.8.2~), + progress-linux-container (<< 20221002-11~), +Replaces: sysvinit-core, +Pre-Depends: systemd +Depends: ${misc:Depends}, + systemd (= ${binary:Version}), +Recommends: libpam-systemd, + libnss-systemd +Description: system and service manager - SysV compatibility symlinks + This package provides manual pages and compatibility symlinks needed for + systemd to replace sysvinit. + . + Installing systemd-sysv will overwrite /sbin/init with a symlink to systemd. + +Package: systemd-container +Build-Profiles: +Architecture: linux-any +Multi-Arch: foreign +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd, + default-dbus-system-bus | dbus-system-bus +Recommends: libnss-mymachines, + ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Conflicts: systemd (<< 256-2~), +Description: systemd container/nspawn tools + This package provides systemd's tools for nspawn and container/VM management: + * systemd-nspawn + * systemd-machined and machinectl + * systemd-importd + * systemd-portabled and portablectl + +Package: systemd-journal-remote +Build-Profiles: +Architecture: linux-any +Multi-Arch: foreign +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: tools for sending and receiving remote journal logs + This package provides tools for sending and receiving remote journal logs: + * systemd-journal-remote + * systemd-journal-upload + * systemd-journal-gatewayd + +Package: systemd-coredump +Build-Profiles: +Architecture: linux-any +Multi-Arch: foreign +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Conflicts: core-dump-handler +Replaces: core-dump-handler +Provides: core-dump-handler +Description: tools for storing and retrieving coredumps + This package provides systemd tools for storing and retrieving coredumps: + * systemd-coredump + * coredumpctl + +Package: systemd-timesyncd +Architecture: linux-any +Multi-Arch: foreign +Priority: standard +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Conflicts: time-daemon, + systemd (<< 256.2-2~), +Replaces: time-daemon +Provides: time-daemon +Description: minimalistic service to synchronize local time with NTP servers + The package contains the systemd-timesyncd system service that may be used to + synchronize the local system clock with a remote Network Time Protocol server. + +Package: systemd-tests +Architecture: linux-any +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd (= ${binary:Version}), + python3, + python3-psutil, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Build-Profiles: +Description: tests for systemd + This package contains the test binaries. Those binaries are primarily used + for autopkgtest and not meant to be installed on regular user systems. + +Package: libpam-systemd +Architecture: linux-any +Multi-Arch: same +Priority: standard +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd (= ${binary:Version}), + libpam-runtime, + default-dbus-system-bus | dbus-system-bus, + systemd-sysv +Recommends: dbus-user-session, + ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Provides: logind (= ${binary:Version}), default-logind (= ${binary:Version}) +Conflicts: libpam-elogind-compat, +Description: system and service manager - PAM module + This package contains the PAM module which registers user sessions in + the systemd control group hierarchy for logind. + . + If in doubt, do install this package. + . + Packages that depend on logind functionality need to depend on libpam-systemd. + +Package: libnss-myhostname +Architecture: linux-any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: nss module providing fallback resolution for the current hostname + This package contains a plugin for the Name Service Switch, providing host + name resolution for the locally configured system hostname as returned by + gethostname(2). It returns all locally configured public IP addresses or -- if + none are configured, the IPv4 address 127.0.0.2 (which is on the local + loopback) and the IPv6 address ::1 (which is the local host). + . + A lot of software relies on that the local host name is resolvable. This + package provides an alternative to the fragile and error-prone manual editing + of /etc/hosts. + . + Installing this package automatically adds myhostname to /etc/nsswitch.conf. + +Package: libnss-mymachines +Architecture: linux-any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd-container (= ${binary:Version}), +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: nss module to resolve hostnames for local container instances + nss-mymachines is a plugin for the GNU Name Service Switch (NSS) functionality + of the GNU C Library (glibc) providing hostname resolution for local containers + that are registered with systemd-machined.service(8). The container names are + resolved to IP addresses of the specific container, ordered by their scope. + . + Installing this package automatically adds mymachines to /etc/nsswitch.conf. + +Package: libnss-resolve +Architecture: linux-any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd-resolved (= ${binary:Version}), +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: nss module to resolve names via systemd-resolved + nss-resolve is a plugin for the GNU Name Service Switch (NSS) functionality + of the GNU C Library (glibc) providing DNS and LLMNR resolution to programs via + the systemd-resolved daemon (provided in the systemd-resolved package). + . + Installing this package automatically adds resolve to /etc/nsswitch.conf. + +Package: libnss-systemd +Architecture: linux-any +Multi-Arch: same +Priority: standard +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd (= ${binary:Version}), +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: nss module providing dynamic user and group name resolution + nss-systemd is a plug-in module for the GNU Name Service Switch (NSS) + functionality of the GNU C Library (glibc), providing UNIX user and group name + resolution for dynamic users and groups allocated through the DynamicUser= + option in systemd unit files. See systemd.exec(5) for details on this + option. + . + Installing this package automatically adds the module to /etc/nsswitch.conf. + +Package: libsystemd0 +Architecture: linux-any +Multi-Arch: same +Section: libs +Depends: ${shlibs:Depends}, + ${misc:Depends} +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: systemd utility library + This library provides APIs to interface with various system components such as + the system journal, the system service manager, D-Bus and more. + +Package: libsystemd-dev +Architecture: linux-any +Multi-Arch: same +Section: libdevel +Depends: ${misc:Depends}, + libsystemd0 (= ${binary:Version}) +Description: systemd utility library - development files + This library provides APIs to interface with various system components such as + the system journal, the system service manager, D-Bus and more. + . + This package contains the files needed for developing applications that + use libsystemd. + +Package: libsystemd-shared +Architecture: linux-any +Multi-Arch: same +Section: libs +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends} +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: systemd shared private library + This internal shared library provides common code used by various systemd + components. It is supposed to decrease memory and disk footprint. + The shared library is not meant for public use and is not API or ABI stable. + +Package: udev +Priority: important +Architecture: linux-any +Multi-Arch: foreign +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + libkmod2, + libudev1 (= ${binary:Version}), + s390-tools [s390], +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +# DEP17 M7: moving files between / and /usr, and between packages, so use Conflicts: +Conflicts: systemd (<< 255~rc1-4~), +Replaces: systemd (<< 255~rc1-4~), +Breaks: systemd (<< ${binary:Version}), +Description: /dev/ and hotplug management daemon + udev is a daemon which dynamically creates and removes device nodes from + /dev/, handles hotplug events and loads drivers at boot time. + +Package: libudev1 +Section: libs +Architecture: linux-any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends} +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: libudev shared library + This library provides APIs to introspect and enumerate devices on the local + system. + +Package: libudev-dev +Section: libdevel +Architecture: linux-any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: ${misc:Depends}, + libudev1 (= ${binary:Version}) +Description: libudev development files + This library provides APIs to introspect and enumerate devices on the local + system. + . + This package contains the files needed for developing applications that + use libudev. + +Package: udev-udeb +Build-Profiles: +Package-Type: udeb +Section: debian-installer +Architecture: linux-any +Depends: ${shlibs:Depends}, + ${misc:Depends}, + util-linux-udeb +Description: /dev/ and hotplug management daemon + udev is a daemon which dynamically creates and removes device nodes from + /dev/, handles hotplug events and loads drivers at boot time. + . + This is a minimal version, only for use in the installation system. + +Package: libudev1-udeb +Build-Profiles: +Package-Type: udeb +Section: debian-installer +Architecture: linux-any +Depends: ${shlibs:Depends}, + ${misc:Depends} +Description: libudev shared library + This library provides access to udev device information. + . + This is a minimal version, only for use in the installation system. + +Package: systemd-standalone-sysusers +Architecture: linux-any +Conflicts: systemd-sysusers, + systemd (<< 249.3-3) +Replaces: systemd-sysusers, + systemd (<< 249.3-3) +Provides: systemd-sysusers (= ${binary:Version}) +Depends: ${shlibs:Depends}, + ${misc:Depends}, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: standalone sysusers binary for use in non-systemd systems + Standalone sysusers binary with minimal dependencies. + This package conflicts with the main systemd package and is meant for use in + non-systemd systems. + +Package: systemd-standalone-tmpfiles +Architecture: linux-any +Conflicts: systemd-tmpfiles, + systemd (<< 249.3-3) +Replaces: systemd-tmpfiles, + systemd (<< 249.3-3) +Provides: systemd-tmpfiles (= ${binary:Version}) +Depends: ${shlibs:Depends}, + ${misc:Depends}, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: standalone tmpfiles binary for use in non-systemd systems + Standalone tmpfiles binary with minimal dependencies. + This package conflicts with the main systemd package and is meant for use in + non-systemd systems. + +Package: systemd-standalone-shutdown +Architecture: linux-any +Conflicts: systemd, +Depends: ${shlibs:Depends}, + ${misc:Depends}, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: standalone shutdown binary for use in exitrds + Standalone shutdown binary with minimal dependencies. + This package conflicts with the main systemd package and is meant for use in + minimal exitrd images. Not intended for normal systems. + +Package: systemd-oomd +Architecture: linux-any +Depends: ${shlibs:Depends}, + ${misc:Depends}, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Breaks: systemd (<< 250.2-2~) +Replaces: systemd (<< 250.2-2~) +Description: userspace out-of-memory (OOM) killer + systemd-oomd is a system service that uses cgroups-v2 and + pressure stall information (PSI) to monitor and take action on + processes before an OOM occurs in kernel space. + +Package: systemd-userdbd +Build-Profiles: +Architecture: linux-any +Depends: ${shlibs:Depends}, + ${misc:Depends}, + libnss-systemd (= ${binary:Version}), + systemd (= ${binary:Version}), +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: dynamic user/group manager + systemd-userdbd is a system service that multiplexes user/group lookups to all + local services that provide JSON user/group record definitions to the system. + In addition it synthesizes JSON user/group records from classic UNIX/glibc NSS + user/group records in order to provide full backwards compatibility. It may + also pick up statically defined JSON user/group records from drop-in files. + +Package: systemd-homed +Build-Profiles: +Architecture: linux-any +Pre-Depends: ${misc:Pre-Depends}, + init-system-helpers (>= 1.64~), +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd-userdbd (= ${binary:Version}), + systemd (= ${binary:Version}), + libpam-runtime, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Description: home area manager + systemd-homed is a system service designed to manage home directories. This + package includes the homed service, a PAM module to automatically mount home + directories on user login, tools and documentation. + +Package: systemd-boot +Build-Profiles: +Architecture: amd64 i386 arm64 armhf riscv64 +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd (= ${binary:Version}), + systemd-boot-efi (= ${binary:Version}) [!amd64 !arm64], + systemd-boot-efi-signed (>= ${source:Version}) [amd64 arm64] | systemd-boot-efi (= ${binary:Version}) [amd64 arm64], +Recommends: efibootmgr, + shim-signed [amd64 arm64], + ${dlopen:Recommends}, +Suggests: systemd-ukify, + ${dlopen:Suggests}, +Conflicts: systemd (<< 256-2~), systemd-boot-efi (<< 256-2~), +Description: simple UEFI boot manager - tools and services + systemd-boot (short: sd-boot) is a simple UEFI boot manager. It provides a + textual menu to select the entry to boot and an editor for the kernel command + line. It supports systems with UEFI firmware only. + . + Installing systemd-boot will configure and install it in the ESP. + . + This package contains various tools and services to manage systems using + systemd-boot. + +Package: systemd-boot-efi +Build-Profiles: +Architecture: amd64 i386 arm64 armhf riscv64 +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends}, +Depends: ${misc:Depends}, +Breaks: systemd (<< 251.2-3~) +Replaces: systemd (<< 251.2-3~) +Description: simple UEFI boot manager - EFI binaries + systemd-boot (short: sd-boot) is a simple UEFI boot manager. It provides a + textual menu to select the entry to boot and an editor for the kernel command + line. It supports systems with UEFI firmware only. + . + This package contains the EFI binaries. + +Package: systemd-boot-efi-amd64-signed-template +Architecture: amd64 +Depends: ${shlibs:Depends}, ${misc:Depends}, +Build-Profiles: +Description: Template for signed systemd-boot-efi package (amd64) + This package is used to control code signing by the Debian signing + service (amd64 variant). + +Package: systemd-boot-efi-arm64-signed-template +Architecture: arm64 +Depends: ${shlibs:Depends}, ${misc:Depends}, +Build-Profiles: +Description: Template for signed systemd-boot-efi package (arm64) + This package is used to control code signing by the Debian signing + service (arm64 variant). + +Package: systemd-ukify +Build-Profiles: +Architecture: all +Multi-Arch: foreign +Depends: ${misc:Depends}, + python3:any, + python3-pefile, +Recommends: systemd, + systemd-boot-efi, + systemd-repart, + python3-cryptography, +Conflicts: systemd (<< 255.1-1~) +Replaces: systemd (<< 255.1-1~) +Description: tool to build Unified Kernel Images + This package provides ukify, a script that combines a kernel image, an initrd, + with a command line, and possibly PCR measurements and other metadata, into a + Unified Kernel Image (UKI). + +Package: systemd-resolved +Multi-Arch: foreign +Architecture: linux-any +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd (= ${binary:Version}), + default-dbus-system-bus | dbus-system-bus +Recommends: libnss-myhostname, + libnss-resolve, + ${dlopen:Recommends}, +Suggests: polkitd, + ${dlopen:Suggests}, +Provides: resolvconf +Conflicts: resolvconf +Replaces: resolvconf, + systemd (<< 251.3-2~) +Breaks: systemd (<< 251.3-2~) +Description: systemd DNS resolver + This package provides systemd's DNS resolver and the command line tool to + manage it. + . + Installing this package automatically overwrites /etc/resolv.conf and switches + it to be managed by systemd-resolved. + +Package: systemd-dev +Architecture: all +Multi-Arch: foreign +Section: devel +Depends: ${misc:Depends}, +Breaks: systemd (<< 253-2~), + udev (<< 253-2~), + systemd-homed (<< 254.1-3~), +Replaces: systemd (<< 253-2~), + udev (<< 253-2~), + systemd-homed (<< 254.1-3~), +Description: systemd development files + This package contains the systemd and udev pkg-config files. Note that these + are different from the libsystemd's and libudev's pkg-config files, which can + still be found in the respective dev packages, but instead provide data such as + the installation directories for units, and more. + +Package: systemd-repart +Architecture: linux-any +Depends: ${shlibs:Depends}, + ${misc:Depends}, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Conflicts: systemd (<< 256-2~), +Description: Provides the systemd-repart and systemd-sbsign utilities + systemd-repart is a configuration-driven system partitioning tool. It follows + the Discoverable Partitions Specification and provides support for encryption + and dm-verity among other things. + . + systemd-sbsign is an EFI binary signing tool. + . + systemd-keyutil is a tool to manipulate X.509 certificates. + +Package: systemd-cryptsetup +Build-Profiles: +Architecture: linux-any +Depends: ${shlibs:Depends}, + ${misc:Depends}, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, +Conflicts: systemd (<< 256-2~), +Description: Provides cryptsetup, integritysetup and veritysetup utilities + Utilities and units that integrated cryptsetup/integritysetup/veritysetup + support in systemd. diff --git a/copyright b/copyright new file mode 100644 index 00000000..3916cd41 --- /dev/null +++ b/copyright @@ -0,0 +1,286 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: systemd +Upstream-Contact: systemd-devel@lists.freedesktop.org +Source: https://github.com/systemd/systemd + +Files: * +Copyright: 2008-2015 Kay Sievers + 2010-2015 Lennart Poettering + 2012-2015 Zbigniew Jędrzejewski-Szmek + 2013-2015 Tom Gundersen + 2013-2015 Daniel Mack + 2010-2015 Harald Hoyer + 2013-2015 David Herrmann + 2013, 2014 Thomas H.P. Andersen + 2013, 2014 Daniel Buch + 2014 Susant Sahani + 2009-2015 Intel Corporation + 2000, 2005 Red Hat, Inc. + 2009 Alan Jenkins + 2010 ProFUSION embedded systems + 2010 Maarten Lankhorst + 1995-2004 Miquel van Smoorenburg + 1999 Tom Tromey + 2011 Michal Schmidt + 2012 B. Poettering + 2012 Holger Hans Peter Freyther + 2012 Dan Walsh + 2012 Roberto Sassu + 2013 David Strauss + 2013 Marius Vollmer + 2013 Jan Janssen + 2013 Simon Peeters +License: LGPL-2.1+ + +Files: src/basic/siphash24.h + src/basic/siphash24.c +Copyright: 2012 Jean-Philippe Aumasson + 2012 Daniel J. Bernstein +License: CC0-1.0 + +Files: src/basic/linux/* +Copyright: 2004-2009 Red Hat, Inc. + 2011-2014 PLUMgrid + 2001-2003 Sistina Software (UK) Limited. + 2008 Ian Kent + 1998 David S. Miller >davem@redhat.com> + 2001 Jeff Garzik + 2006-2010 Johannes Berg + 2008 Luis Carlos Cobo + 2008 Michael Buesch + 2008, 2009 Luis R. Rodriguez + 2008 Jouni Malinen + 2008 Colin McCabe + 2018-2019 Intel Corporation + 2007 Oracle. + 2009 Wolfgang Grandegger + 1999 Thomas Davis + 2015 Sabrina Dubroca + 1999-2000 Maxim Krasnyansky + 2015-2019 Jason A. Donenfeld +License: GPL-2 with Linux-syscall-note exception + +Files: src/basic/sparse-endian.h +Copyright: 2012 Josh Triplett +License: Expat + +Files: src/basic/MurmurHash2.c + src/basic/MurmurHash2.h + src/libsystemd/sd-journal/lookup3.c + src/libsystemd/sd-journal/lookup3.h +Copyright: none +License: public-domain + You can use this free for any purpose. It's in the public domain. It has no + warranty. + +Files: src/udev/ata_id/ata_id.c + src/udev/cdrom_id/cdrom_id.c + src/udev/dmi_memory_id/dmi_memory_id.c + src/udev/mtd_probe/mtd_probe.c + src/udev/mtd_probe/mtd_probe.h + src/udev/mtd_probe/probe_smartmedia.c + src/udev/scsi_id/scsi.h + src/udev/scsi_id/scsi_id.c + src/udev/scsi_id/scsi_id.h + src/udev/scsi_id/scsi_serial.c + src/udev/udevadm.c + src/udev/udevadm-control.c + src/udev/udevadm.h + src/udev/udevadm-info.c + src/udev/udevadm-monitor.c + src/udev/udevadm-settle.c + src/udev/udevadm-test-builtin.c + src/udev/udevadm-test.c + src/udev/udevadm-trigger.c + src/udev/udevadm-util.c + src/udev/udevadm-util.h + src/udev/udev-builtin-blkid.c + src/udev/udev-builtin.h + src/udev/udev-builtin-input_id.c + src/udev/udev-builtin-kmod.c + src/udev/udev-builtin-path_id.c + src/udev/udev-builtin-uaccess.c + src/udev/udev-builtin-usb_id.c + src/udev/udev-ctrl.h + src/udev/udevd.c + src/udev/udevd.h + src/udev/udev-event.c + src/udev/udev-event.h + src/udev/udev-node.c + src/udev/udev-node.h + src/udev/udev-rules.c + src/udev/udev-rules.h + src/udev/udev-watch.c + src/udev/udev-watch.h + src/udev/v4l_id/v4l_id.c +Copyright: 2003-2012 Kay Sievers + 2003-2004 Greg Kroah-Hartman + 2004 Chris Friesen + 2004, 2009, 2010 David Zeuthen + 2005, 2006 SUSE Linux Products GmbH + 2003 IBM Corp. + 2007 Hannes Reinecke + 2009 Canonical Ltd. + 2009 Scott James Remnant + 2009 Martin Pitt + 2009 Piter Punk + 2009, 2010 Lennart Poettering + 2009 Filippo Argiolas + 2010 Maxim Levitsky + 2011 ProFUSION embedded systems + 2011 Karel Zak + 2014 Zbigniew Jędrzejewski-Szmek + 2014 David Herrmann + 2014 Carlos Garnacho +License: GPL-2+ + +Files: debian/* +Copyright: 2010-2013 Tollef Fog Heen + 2011 Josh Triplett + 2013-2014 Michael Stapelberg + 2013-2020 Martin Pitt + 2013-2022 Michael Biebl + 2013 Daniel Schaal + 2013 Guido Günther + 2014-2015 Didier Roche + 2014-2015 Marco d'Itri + 2014-2017 Sjoerd Simons + 2014 Ansgar Burchardt + 2014 Jon Severinsson + 2015-2019 Felipe Sateler + 2015 Adam Conrad + 2015 Andreas Henriksson + 2015 Christian Seiler + 2015 Julian Wollrath + 2016-2018 Evgeny Vereshchagin + 2016,2018 Laurent Bigonville + 2016-2019 Dimitri John Ledkov + 2016,2019 Michael Prokop + 2016 Alexander Kurtz + 2016 Antonio Ospite + 2016 Iain Lane + 2016 Simon McVittie + 2017-2018 Nicolas Braud-Santoni + 2017-2019 Martin Pitt + 2017 Cyril Brulebois + 2017 Ondřej Nový + 2018-2019 Mert Dirik + 2018 Adam Borowski + 2018 Alf Gaida + 2018 Benjamin Drung + 2018 Gunnar Hjalmarsson + 2018 Manuel A. Fernandez Montecelo + 2019-2021 Balint Reczey + 2019-2021 Dan Streetman + 2019 Daniel Kahn Gillmor + 2020-2021 Helmut Grohne + 2020 Topi Miettinen + 2020 Youfu Zhang + 2020 Zbigniew Jędrzejewski-Szmek + 2020 наб + 2021-2022 Luca Boccassi + 2021-2022 Lukas Märdian + 2021 Frantisek Sumsal + 2021 Ioanna Alifieraki + 2021 Jan Kiszka + 2021 Matthias Klumpp + 2021 Salvatore Bonaccorso +License: LGPL-2.1+ + +License: Expat + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to + deal in the Software without restriction, including without limitation the + rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + sell copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + . + The above copyright notice and this permission notice shall be included in + all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + IN THE SOFTWARE. + +License: GPL-2 with Linux-syscall-note exception + NOTE! This copyright does *not* cover user programs that use kernel services + by normal system calls - this is merely considered normal use of the kernel, + and does *not* fall under the heading of "derived work". Also note that the + GPL below is copyrighted by the Free Software Foundation, but the instance of + code that it refers to (the Linux kernel) is copyrighted by me and others who + actually wrote it. + . + Also note that the only valid version of the GPL as far as the kernel is + concerned is _this_ particular version of the license (ie v2, not v2.2 or v3.x + or whatever), unless explicitly otherwise stated. + . + Linus Torvalds + . + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. + . + On Debian and systems the full text of the GNU General Public + License version 2 can be found in the file + `/usr/share/common-licenses/GPL-2` + +License: GPL-2+ + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2, or (at your option) + any later version. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, + Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + . + On Debian systems, the complete text of the GNU General Public License + version 2 can be found in ‘/usr/share/common-licenses/GPL-2’. + +License: LGPL-2.1+ + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1, or (at your option) + any later version. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Lesser General Public License for more details. + . + You should have received a copy of the GNU Lesser General Public License along + with this program; if not, write to the Free Software Foundation, + Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + . + On Debian systems, the complete text of the GNU Lesser General Public + License version 2.1 can be found in ‘/usr/share/common-licenses/LGPL-2.1’. + +License: CC0-1.0 + To the extent possible under law, the author(s) have dedicated all copyright + and related and neighboring rights to this software to the public domain + worldwide. This software is distributed without any warranty. + . + You should have received a copy of the CC0 Public Domain Dedication along with + this software. If not, see . + . + On Debian systems, the complete text of the CC0 1.0 Universal license can be + found in ‘/usr/share/common-licenses/CC0-1.0’. diff --git a/extra/checkout-upstream b/extra/checkout-upstream new file mode 100755 index 00000000..7981d7b6 --- /dev/null +++ b/extra/checkout-upstream @@ -0,0 +1,154 @@ +#!/bin/bash +# Prepare systemd source package in current directory for testing an upstream +# commit, branch, or PR, without Debian patches. This replaces everything +# except the debian/ directory with an upstream checkout. +# NEVER run this in your actual packaging work directory! This is only meant +# for upstream CI. +# +# Author: Martin Pitt + +set -eu +test -x debian/rules +case "${DEB_BUILD_PROFILES:-}" in + *pkg.systemd.upstream*) ;; + *) + echo "Not in upstream testing mode. Do *not* run this script unless you know what you are doing." >&2 + exit 1 +esac +if [ -n "${UPSTREAM_PULL_REQUEST:-}" ]; then + FETCH="git fetch -fu origin refs/pull/$UPSTREAM_PULL_REQUEST/head:pr" + CO='git checkout pr' + DESC="PR #$UPSTREAM_PULL_REQUEST" +elif [ -n "${UPSTREAM_HEAD:-}" ]; then + FETCH='' + CO="git checkout $UPSTREAM_HEAD" + DESC="$UPSTREAM_HEAD" +else + echo "WARNING: $0: Neither UPSTREAM_PULL_REQUEST nor UPSTREAM_HEAD set, ignoring" >&2 + exit 0 +fi + +DUMMY_USER_NAME="Merge dummy user" +DUMMY_USER_EMAIL="invalid@example.com" + +UPSTREAM_REPO="${UPSTREAM_REPO:-https://github.com/systemd/systemd.git}" +BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD) + +# Use git, if in a git repo +if [ -d .git ]; then + # make sure user.name/user.email are set, git commit wants them + git config --get user.name || git config user.name "$DUMMY_USER_NAME" + git config --get user.email || git config user.email "$DUMMY_USER_EMAIL" +fi + +mkdir -p debian/tmp +(cd debian/tmp + git clone "${UPSTREAM_REPO}" upstream || (rm -rf upstream; sleep 60; git clone "${UPSTREAM_REPO}" upstream) + cd upstream + $FETCH + $CO + git config user.email "$DUMMY_USER_EMAIL" + git config user.name "$DUMMY_USER_NAME" + if [ -f meson.version ]; then + UPSTREAM_VER=$(cat meson.version) + else + UPSTREAM_VER=$(git describe | sed 's/^v//;s/-/./g') + fi + if [ -n "${UPSTREAM_PULL_REQUEST:-}" ] && [ "${UPSTREAM_REPO}" != "https://github.com/systemd/systemd-stable.git" ] && ! echo "$UPSTREAM_VER" | grep -q '\.'; then + git rebase main || git rebase --abort + fi +) +if [ -f debian/tmp/upstream/meson.version ]; then + UPSTREAM_VER=$(cat debian/tmp/upstream/meson.version) +else + UPSTREAM_VER=$(cd debian/tmp/upstream; git describe | sed 's/^v//;s/-/./g') +fi + +# If we are on a stable branch, check out the corresponding packaging branch. For some settings like +# build dependencies it is already too late, but this is mostly relevant for the dh_install files and +# the tests. +if [ -d .git ] && echo "$UPSTREAM_VER" | grep -q '\.'; then + rm -rf .pc + git reset --hard "origin/ci/v${UPSTREAM_VER%%.*}-stable" +fi + +if [ -n "${KEEP_DEBIAN_PATCHES:-}" ]; then + # set up pq branch if it does not exist + if [ "$BRANCH_NAME" = HEAD ]; then + echo "ERROR: $0 must be started from a branch when using KEEP_DEBIAN_PATCHES" >&2 + exit 1 + fi + ( gbp pq import 2> /dev/null && gbp pq switch ) || true + if ! git branch --contains "$BRANCH_NAME" | grep -q patch-queue/"$BRANCH_NAME"; then + echo "ERROR: patch-queue/$BRANCH_NAME exists but it is not rebased, please rebase it." >&2 + exit 1 + fi +fi + +# switch to native instead of quilt +echo '3.0 (native)' > debian/source/format + +# drop our patches +rm -rf debian/patches + +# disable tests which are not for upstream +[ -n "${KEEP_DEBIAN_TESTS:-}" ] || sed -i '/# NOUPSTREAM/ q' debian/tests/control + +# create new git commit with debian/ changes +if [ -d .git ] && [ -n "$(git status --short debian)" ]; then + git add debian + git commit -n -m "checkout-upstream: edit debian/ files for upstream testing" +fi + +# clean out original upstream sources +find . -mindepth 1 -maxdepth 1 -name debian -o -name .git -prune -o -print0 | xargs -0n1 rm -rf + +# These options changes are only needed for the upstream CI, and we don't want to pollute d/rules with them. +# Also we want to ensure running on an older branch (e.g.: for the systemd-stable repository) doesn't break. +if grep -q default-timeout-sec debian/tmp/upstream/meson_options.txt; then + sed -i "s/option('default-timeout-sec', type : 'integer', value : 90/option('default-timeout-sec', type : 'integer', value : 180/" debian/tmp/upstream/meson_options.txt +fi +if grep -q log-trace debian/tmp/upstream/meson_options.txt; then + sed -i "s/option('log-trace', type : 'boolean', value : false/option('log-trace', type : 'boolean', value : true/" debian/tmp/upstream/meson_options.txt +fi + +# replace with checkout +mv debian/tmp/upstream/* . +rm -rf debian/tmp + +# create new git commit with upstream code +if [ -d .git ] && [ -n "$(git status --short)" ] ; then + git add . + git commit -n -m "checkout-upstream: replace with upstream code at version ${UPSTREAM_VER}" +fi + +# import Debian patches which apply cleanly +if [ -n "${KEEP_DEBIAN_PATCHES:-}" ]; then + for c in $(git log "$BRANCH_NAME"..patch-queue/"$BRANCH_NAME" --format='%H' --reverse); do + if ! git cherry-pick "$c"; then + git cherry-pick --abort + git reset --hard + git clean -dxf + fi + done +fi + +if [ -z "${UPSTREAM_KEEP_CHANGELOG:-}" ] ; then + # craft changelog + cat << EOF > debian/changelog.new +systemd (${UPSTREAM_VER}.0) UNRELEASED; urgency=low + + * Automatic build from upstream $DESC + + -- systemd test $(date -R) + +EOF + cat debian/changelog >> debian/changelog.new + mv debian/changelog.new debian/changelog + + # create new git commit with changelog entry + if [ -d .git ] ; then + git add debian + git commit -n -m "checkout-upstream: update changelog to version ${UPSTREAM_VER}.0" + fi +fi diff --git a/extra/dbus-1/system.d/systemd-localed-read-only.conf b/extra/dbus-1/system.d/systemd-localed-read-only.conf new file mode 100644 index 00000000..10eea7b0 --- /dev/null +++ b/extra/dbus-1/system.d/systemd-localed-read-only.conf @@ -0,0 +1,23 @@ + + + + + + + + + + + + + + + + + diff --git a/extra/dhclient-exit-hooks.d/timesyncd b/extra/dhclient-exit-hooks.d/timesyncd new file mode 100644 index 00000000..456deb2f --- /dev/null +++ b/extra/dhclient-exit-hooks.d/timesyncd @@ -0,0 +1,52 @@ +TIMESYNCD_CONF=/run/systemd/timesyncd.conf.d/01-dhclient.conf + +timesyncd_servers_setup_remove() { + if [ ! -d /run/systemd/system ]; then + return + fi + if [ ! -x /usr/lib/systemd/systemd-timesyncd ]; then + return + fi + + if [ -e $TIMESYNCD_CONF ]; then + rm -f $TIMESYNCD_CONF + systemctl try-restart systemd-timesyncd.service || true + fi +} + +timesyncd_servers_setup_add() { + if [ ! -d /run/systemd/system ]; then + return + fi + if [ ! -x /usr/lib/systemd/systemd-timesyncd ]; then + return + fi + + if [ -e $TIMESYNCD_CONF ] && [ "$new_ntp_servers" = "$old_ntp_servers" ]; then + return + fi + + if [ -z "$new_ntp_servers" ]; then + timesyncd_servers_setup_remove + return + fi + + mkdir -p $(dirname $TIMESYNCD_CONF) + cat < ${TIMESYNCD_CONF}.new +# NTP server entries received from DHCP server +[Time] +NTP=$new_ntp_servers +EOF + mv ${TIMESYNCD_CONF}.new ${TIMESYNCD_CONF} + systemctl try-restart systemd-timesyncd.service || true +} + + +case $reason in + BOUND|RENEW|REBIND|REBOOT) + timesyncd_servers_setup_add + ;; + EXPIRE|FAIL|RELEASE|STOP) + timesyncd_servers_setup_remove + ;; +esac diff --git a/extra/fbdev-blacklist.conf b/extra/fbdev-blacklist.conf new file mode 100644 index 00000000..00a91706 --- /dev/null +++ b/extra/fbdev-blacklist.conf @@ -0,0 +1,20 @@ +# This file blacklists most old-style PCI framebuffer drivers. + +blacklist arkfb +blacklist aty128fb +blacklist atyfb +blacklist radeonfb +blacklist cirrusfb +blacklist cyber2000fb +blacklist kyrofb +blacklist matroxfb_base +blacklist mb862xxfb +blacklist neofb +blacklist pm2fb +blacklist pm3fb +blacklist s3fb +blacklist savagefb +blacklist sisfb +blacklist tdfxfb +blacklist tridentfb +blacklist vt8623fb diff --git a/extra/gen-signing-template b/extra/gen-signing-template new file mode 100755 index 00000000..3a25c7e7 --- /dev/null +++ b/extra/gen-signing-template @@ -0,0 +1,45 @@ +#!/bin/bash + +set -euE + +export DEB_VERSION="$1" +export DEB_HOST_ARCH="$2" +export TEMPLATE_EFI_ARCH="$3" + +DISTRIBUTION="$(dpkg-parsechangelog -SDistribution)" +URGENCY="$(dpkg-parsechangelog -SUrgency)" +MAINT="$(dpkg-parsechangelog -SMaintainer)" +DATE="$(dpkg-parsechangelog -SDate)" + +DEB_VERSION_MANGLED="$(echo "$DEB_VERSION" | sed -re 's/-/\+/;s/\+(b[[:digit:]]+)$/.\1/')" +DEB_VERSION_SOURCE="$(echo "$DEB_VERSION" | sed -re 's/\+b[[:digit:]]+$//')" +export DEB_VERSION_SOURCE +SIGN_TEMPLATE_DIR="debian/systemd-boot-efi-${DEB_HOST_ARCH}-signed-template/usr/share/code-signing/systemd-boot-efi-${DEB_HOST_ARCH}-signed-template" +SIGN_SOURCE_DIR="${SIGN_TEMPLATE_DIR}/source-template/debian" +FILE=usr/lib/systemd/boot/efi/systemd-boot${TEMPLATE_EFI_ARCH}.efi + +for i in $(find debian/signing-template -type f -printf '%P\n'); do + mkdir -p "$SIGN_SOURCE_DIR/$(dirname "$i")" + envsubst < "debian/signing-template/$i" > "$SIGN_SOURCE_DIR/$i" +done + +( + echo "systemd-boot-efi-${DEB_HOST_ARCH}-signed (${DEB_VERSION_MANGLED}) ${DISTRIBUTION}; urgency=${URGENCY}" + echo + echo " * Sign EFI binaries from systemd-boot-efi ${DEB_VERSION}" + dpkg-parsechangelog -SChanges | sed -rne 's/^.$//p' -e '/^ /p' + echo + echo " -- ${MAINT} ${DATE}" +) > "$SIGN_SOURCE_DIR/changelog" + +jq -n --arg file "${FILE}" ' +{ + "packages": { + "systemd-boot-efi": { + "trusted_certs": [], + "files": [ + {"sig_type": "efi", "file": $file} + ] + } + } +}' > "$SIGN_TEMPLATE_DIR/files.json" diff --git a/extra/init-functions.d/40-systemd b/extra/init-functions.d/40-systemd new file mode 100644 index 00000000..d1dc03e0 --- /dev/null +++ b/extra/init-functions.d/40-systemd @@ -0,0 +1,101 @@ +# -*-Shell-script-*- +# /lib/lsb/init-functions + +_use_systemctl=0 +if [ -d /run/systemd/system ]; then + + if [ -n "${__init_d_script_name:-}" ]; then # scripts run with new init-d-script + executable="$__init_d_script_name" + argument="$1" + elif [ "${0##*/}" = "init-d-script" ] || + [ "${0##*/}" = "${1:-}" ]; then # scripts run with old init-d-script + executable="$1" + argument="$2" + else # plain old scripts + executable="$0" + argument="${1:-}" + fi + + prog=${executable##*/} + service="${prog%.sh}.service" + + # Don't try to run masked services. systemctl <= 230 always succeeds here, + # but later systemctls fail on nonexisting units; be compatible with both + state=$(systemctl -p LoadState --value show $service 2>/dev/null) || state="not-found" + [ "$state" = "masked" ] && exit 0 + + # Redirect SysV init scripts when executed by the user + if [ $PPID -ne 1 ] && [ -z "${SYSTEMCTL_SKIP_REDIRECT:-}" ]; then + case $(readlink -f "$executable") in + /etc/init.d/*) + # If the state is not-found, this might be a newly installed SysV init + # script where systemd-sysv-generator has not been run yet. + [ "$state" != "not-found" ] || [ "$(id -u)" != 0 ] || systemctl --no-ask-password daemon-reload + + _use_systemctl=1 + # Some services can't reload through the .service file, + # but can through the init script. + if [ "$(systemctl -p CanReload --value show $service 2>/dev/null)" = "no" ] && [ "${argument:-}" = "reload" ]; then + _use_systemctl=0 + fi + ;; + esac + fi +fi + +systemctl_redirect () { + local s + local rc + local prog=${1##*/} + local command=$2 + + case "$command" in + start) + s="Starting $prog (via systemctl)" + ;; + stop) + s="Stopping $prog (via systemctl)" + ;; + reload|force-reload) + s="Reloading $prog configuration (via systemctl)" + ;; + try-restart) + s="Restarting $prog if running (via systemctl)" + ;; + restart) + s="Restarting $prog (via systemctl)" + ;; + esac + + service="${prog%.sh}.service" + + # avoid deadlocks during bootup and shutdown from units/hooks + # which call "invoke-rc.d service reload" and similar, since + # the synchronous wait plus systemd's normal behaviour of + # transactionally processing all dependencies first easily + # causes dependency loops + if ! systemctl --quiet is-system-running && [ "$command" = "reload" ]; then + sctl_args="--no-block" + fi + + [ "$command" = status ] || log_daemon_msg "$s" "$service" + systemctl --no-pager $sctl_args $command "$service" + rc=$? + [ "$command" = status ] || log_end_msg $rc + + return $rc +} + +if [ "$_use_systemctl" = "1" ]; then + # Some init scripts use "set -e" and "set -u", we don't want that + # here + set +e + set +u + + case "$argument" in + start|stop|restart|reload|force-reload|try-restart|status) + systemctl_redirect $executable $argument + exit $? + ;; + esac +fi diff --git a/extra/initramfs-tools/hooks/udev b/extra/initramfs-tools/hooks/udev new file mode 100755 index 00000000..8a1dedc2 --- /dev/null +++ b/extra/initramfs-tools/hooks/udev @@ -0,0 +1,81 @@ +#!/bin/sh -e + +PREREQS="" + +prereqs() { echo "$PREREQS"; } + +case "$1" in + prereqs) + prereqs + exit 0 + ;; +esac + +. /usr/share/initramfs-tools/hook-functions + +mkdir -p "$DESTDIR/usr/lib/systemd" +copy_exec /usr/lib/systemd/systemd-udevd /usr/lib/systemd +copy_exec /usr/bin/udevadm /usr/bin +# libkmod is loaded via dlopen() since v256 so pull it in manually +for library in /usr/lib/*/libkmod.so.*; do + if [ -f "${library}" ]; then + copy_exec "${library}" + fi +done + +if [ -e /etc/udev/udev.conf ]; then + mkdir -p "$DESTDIR/etc/udev" + cp -p /etc/udev/udev.conf "$DESTDIR/etc/udev/" +fi + +# copy .link files containing interface naming definitions +mkdir -p "$DESTDIR/usr/lib/systemd/network/" +find -L /usr/lib/systemd/network -name '*.link*' -execdir cp -r -pt "$DESTDIR/usr/lib/systemd/network/" '{}' + +if [ -d /etc/systemd/network ]; then + find -L /etc/systemd/network -name '*.link*' -execdir cp -r -pt "$DESTDIR/usr/lib/systemd/network/" '{}' + +fi + +mkdir -p "$DESTDIR/usr/lib/udev/rules.d/" +for rules in 50-firmware.rules 50-udev-default.rules \ + 60-block.rules 60-persistent-storage.rules \ + 61-persistent-storage-android.rules 71-seat.rules \ + 73-special-net-names.rules 75-net-description.rules \ + 80-net-setup-link.rules 80-drivers.rules; do + if [ -e /etc/udev/rules.d/$rules ]; then + cp -p /etc/udev/rules.d/$rules "$DESTDIR/usr/lib/udev/rules.d/" + elif [ -e /usr/lib/udev/rules.d/$rules ]; then + cp -p /usr/lib/udev/rules.d/$rules "$DESTDIR/usr/lib/udev/rules.d/" + fi +done + +# See if chzdev can filter out generated rules, per LP: #2044104 +ZDEV_FILTERING=0 +if [ -e /usr/sbin/chzdev ] && \ + dpkg --compare-versions "$(dpkg-query -f '${Version}' -W s390-tools 2> /dev/null)" '>=' '2.33.0'; +then + ZDEV_FILTERING=1 +fi + +# now copy all custom udev rules which don't have an equivalent in /usr/lib (e. g. +# 70-persistent-net.rules or similar); They might contain network names or +# other bits which are relevant for the initramfs. +for rules in /etc/udev/rules.d/*.rules; do + if [ ! -e "$rules" ]; then + continue + fi + + # Skip rules generated by chzdev as they are handled by its own hook. + # See LP: #2044104 + if [ $ZDEV_FILTERING -eq 1 ] && /usr/sbin/chzdev --is-owner "$rules"; then + continue; + fi + + if [ ! -e "/usr/lib/${rules#/etc/}" ]; then + cp -p "$rules" "$DESTDIR/usr/lib/udev/rules.d/" + fi +done + +for program in ata_id scsi_id; do + copy_exec /usr/lib/udev/$program /usr/lib/udev +done +copy_exec /sbin/blkid /sbin diff --git a/extra/initramfs-tools/scripts/init-bottom/udev b/extra/initramfs-tools/scripts/init-bottom/udev new file mode 100755 index 00000000..cb114b7e --- /dev/null +++ b/extra/initramfs-tools/scripts/init-bottom/udev @@ -0,0 +1,31 @@ +#!/bin/sh -e + +PREREQS="" + +prereqs() { echo "$PREREQS"; } + +case "$1" in + prereqs) + prereqs + exit 0 + ;; +esac + +# Stop udevd, we'll miss a few events while we run init, but we catch up +# Wait for current workers to stop (at most for a minute to avoid deadlocks) +# otherwise there will be lock files left under /run/ (see: #1056564) +udevadm settle --timeout=60 +udevadm control --exit + +# move the /dev tmpfs to the rootfs; fall back to util-linux mount that does +# not understand -o move +mount -n -o move /dev "${rootmnt:?}/dev" || mount -n --move /dev "${rootmnt}/dev" + +# create a temporary symlink to the final /dev for other initramfs scripts +if command -v nuke >/dev/null; then + nuke /dev +else + # shellcheck disable=SC2114 + rm -rf /dev +fi +ln -s "${rootmnt}/dev" /dev diff --git a/extra/initramfs-tools/scripts/init-top/udev b/extra/initramfs-tools/scripts/init-top/udev new file mode 100755 index 00000000..11ae72af --- /dev/null +++ b/extra/initramfs-tools/scripts/init-top/udev @@ -0,0 +1,31 @@ +#!/bin/sh -e + +PREREQS="" + +prereqs() { echo "$PREREQS"; } + +case "$1" in + prereqs) + prereqs + exit 0 + ;; +esac + +if [ -w /sys/kernel/uevent_helper ]; then + echo > /sys/kernel/uevent_helper +fi + +if [ "${quiet:-n}" = "y" ]; then + log_level=notice +else + log_level=info +fi + +SYSTEMD_LOG_LEVEL=$log_level /usr/lib/systemd/systemd-udevd --daemon --resolve-names=never + +udevadm trigger --type=subsystems --action=add +udevadm trigger --type=devices --action=add +udevadm settle || true + +# Leave udev running to process events that come in out-of-band (like USB +# connections) diff --git a/extra/initramfs/post-update.d/systemd-boot b/extra/initramfs/post-update.d/systemd-boot new file mode 100755 index 00000000..1cee51c5 --- /dev/null +++ b/extra/initramfs/post-update.d/systemd-boot @@ -0,0 +1,11 @@ +#!/bin/sh + +set -eu + +test -x /usr/bin/bootctl || exit 0 + +bootctl is-installed --quiet || exit 0 + +echo "Updating kernel version $1 in systemd-boot..." + +kernel-install add "$1" "/boot/vmlinuz-$1" "$2" diff --git a/extra/journald.conf.d/syslog.conf b/extra/journald.conf.d/syslog.conf new file mode 100644 index 00000000..0f07c015 --- /dev/null +++ b/extra/journald.conf.d/syslog.conf @@ -0,0 +1,5 @@ +# Undo upstream commit 46b131574fdd7d77 for now. For details see +# http://lists.freedesktop.org/archives/systemd-devel/2014-November/025550.html + +[Journal] +ForwardToSyslog=yes diff --git a/extra/kernel-install.d/55-initrd.install b/extra/kernel-install.d/55-initrd.install new file mode 100755 index 00000000..ecbed87a --- /dev/null +++ b/extra/kernel-install.d/55-initrd.install @@ -0,0 +1,26 @@ +#!/bin/sh +set -eu +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +COMMAND="$1" +KERNEL_VERSION="$2" + +INITRD_SRC="/boot/initrd.img-$KERNEL_VERSION" + +[ "$COMMAND" = add ] || exit 0 + +if [ "$#" -ge 5 ]; then + # Explicit initrd paths were passed, fall through to default 90-loaderentry.install handling; + # we'd be either injecting an unwanted image or, worse, overriding a user-provided one + exit 0 +fi + +if [ -e "$INITRD_SRC" ]; then + [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing '$INITRD_SRC'" + ln -fs "$INITRD_SRC" "$KERNEL_INSTALL_STAGING_AREA" +else + echo "$INITRD_SRC does not exist, not installing an initrd" +fi + +exit 0 diff --git a/extra/kernel/postinst.d/zz-systemd-boot b/extra/kernel/postinst.d/zz-systemd-boot new file mode 100755 index 00000000..89011406 --- /dev/null +++ b/extra/kernel/postinst.d/zz-systemd-boot @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +test -x /usr/bin/bootctl || exit 0 + +bootctl is-installed --quiet || exit 0 + +echo "Installing kernel version $1 in systemd-boot..." + +kernel-install add "$1" "$2" diff --git a/extra/kernel/postrm.d/zz-systemd-boot b/extra/kernel/postrm.d/zz-systemd-boot new file mode 100755 index 00000000..4db5e51d --- /dev/null +++ b/extra/kernel/postrm.d/zz-systemd-boot @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +test -x /usr/bin/bootctl || exit 0 + +bootctl is-installed --quiet || exit 0 + +echo "Removing kernel version $1 from systemd-boot..." + +kernel-install remove "$1" diff --git a/extra/limits.d/10-coredump-debian.conf b/extra/limits.d/10-coredump-debian.conf new file mode 100644 index 00000000..b7f9ee58 --- /dev/null +++ b/extra/limits.d/10-coredump-debian.conf @@ -0,0 +1,4 @@ +* soft core 0 +root soft core 0 +* hard core infinity +root hard core infinity diff --git a/extra/limits.d/20-coredump-debian.conf b/extra/limits.d/20-coredump-debian.conf new file mode 100644 index 00000000..199a297c --- /dev/null +++ b/extra/limits.d/20-coredump-debian.conf @@ -0,0 +1,2 @@ +* soft core infinity +root soft core infinity diff --git a/extra/make-fbdev-blacklist b/extra/make-fbdev-blacklist new file mode 100755 index 00000000..071a9fd5 --- /dev/null +++ b/extra/make-fbdev-blacklist @@ -0,0 +1,52 @@ +#!/bin/sh +# This script should be run before building the package every time a new +# kernel is released. +# +# You should pass the name of the modules directory for a 486 flavour +# kernel, as that has the most framebuffer modules. +# +# Also, obsolete modules should not be removed from the list until after +# at least one stable release. + +set -e + +if [ $# = 0 ]; then + MODULES_DIR=/lib/modules/$(uname -r) +else + MODULES_DIR="$1" +fi + +BL='fbdev-blacklist.conf' + +if [ -e extra/$BL ]; then cd extra; fi + +{ +printf "# This file blacklists most old-style PCI framebuffer drivers.\n\n" + +find "$MODULES_DIR"/kernel/drivers/video -type f | sort | \ +while read file; do + name="$(basename $file .ko)" + case $name in + lxfb) + # This is needed for text consoles on OLPC XO-1, and it used to be + # built-in anyway. + ;; + viafb) + # Needed by OLPC XO-1.5. + ;; + hyperv_fb) + # Needed for graphical support on Hyper-V platforms, see LP: #1359933. + ;; + *) + /sbin/modinfo $file | grep -q '^alias: *pci:' \ + && echo blacklist $name || true + ;; + esac +done +} > $BL.tmp + +if diff --unified=0 $BL $BL.tmp; then + rm $BL.tmp +else + printf "\n\n\n$BL.tmp has changes!\n\n\n\n" +fi diff --git a/extra/make-sysusers-basic b/extra/make-sysusers-basic new file mode 100755 index 00000000..8ff1b159 --- /dev/null +++ b/extra/make-sysusers-basic @@ -0,0 +1,18 @@ +#!/bin/sh +# generate a sysusers.d(5) file from Debian's static master passwd/group files +set -eu + +echo '# generated from /usr/share/base-passwd/{passwd,group}.master' + +# only take groups whose name+gid != the corresponding user in passwd.master +export IFS=: +while read name _ id _; do + if ! grep -q "^$name:\*:$id:$id:" /usr/share/base-passwd/passwd.master; then + printf "g %-10s %-5s -\n" $name $id + fi +done < /usr/share/base-passwd/group.master + +echo + +# treat "nobody:nogroup" specially: same ID, but different name, so prevent creating a "nobody" group +awk -F: '{ i = ($3 == $4 && $4 != 65534) ? $3 : $3":"$4; printf("u %-10s %-7s - %-20s %s\n", $1,i,$6,$7) }' < /usr/share/base-passwd/passwd.master diff --git a/extra/modprobe.d-udeb/scsi-mod-scan-sync.conf b/extra/modprobe.d-udeb/scsi-mod-scan-sync.conf new file mode 100644 index 00000000..b5781d71 --- /dev/null +++ b/extra/modprobe.d-udeb/scsi-mod-scan-sync.conf @@ -0,0 +1,4 @@ +# Use synchronous scanning, to block update-dev in d-i/hw-detect until after the scan is done +# This ensures that partitioning stage has all the drives detected + +options scsi_mod scan=sync diff --git a/extra/network/73-usb-net-by-mac.link b/extra/network/73-usb-net-by-mac.link new file mode 100644 index 00000000..84be3433 --- /dev/null +++ b/extra/network/73-usb-net-by-mac.link @@ -0,0 +1,6 @@ +[Match] +Path=*-usb-* +Property=ID_NET_NAME_MAC=* + +[Link] +NamePolicy=mac diff --git a/extra/pam-configs/systemd b/extra/pam-configs/systemd new file mode 100644 index 00000000..5b56996a --- /dev/null +++ b/extra/pam-configs/systemd @@ -0,0 +1,7 @@ +Name: Register user sessions in the systemd control group hierarchy +Default: yes +Priority: 0 +Session-Interactive-Only: yes +Session-Type: Additional +Session: + optional pam_systemd.so diff --git a/extra/pam-configs/systemd-homed b/extra/pam-configs/systemd-homed new file mode 100644 index 00000000..0613efce --- /dev/null +++ b/extra/pam-configs/systemd-homed @@ -0,0 +1,15 @@ +Name: Enable user management by systemd-homed +Default: yes +Priority: 257 +Auth-Type: Primary +Auth: + [success=end default=ignore] pam_systemd_home.so +Account-Type: Primary +Account: + [success=end default=ignore] pam_systemd_home.so +Session-Type: Additional +Session: + optional pam_systemd_home.so +Password-Type: Primary +Password: + [success=end default=ignore] pam_systemd_home.so diff --git a/extra/pam.d/systemd-user b/extra/pam.d/systemd-user new file mode 100644 index 00000000..65279f94 --- /dev/null +++ b/extra/pam.d/systemd-user @@ -0,0 +1,13 @@ +# This file is part of systemd. +# +# Used by systemd --user instances. + +@include common-account + +session required pam_selinux.so close +session required pam_selinux.so nottys open +session required pam_loginuid.so +session required pam_limits.so +@include common-session-noninteractive +session optional pam_keyinit.so force revoke +session optional pam_systemd.so diff --git a/extra/resolved.conf.d/cache-no-negative.conf b/extra/resolved.conf.d/cache-no-negative.conf new file mode 100644 index 00000000..92b28faf --- /dev/null +++ b/extra/resolved.conf.d/cache-no-negative.conf @@ -0,0 +1,4 @@ +# Ubuntu defaults to Cache=no-negative. See LP: #1668771. + +[Resolve] +Cache=no-negative diff --git a/extra/rules-ubuntu/40-vm-hotadd.rules b/extra/rules-ubuntu/40-vm-hotadd.rules new file mode 100644 index 00000000..7f2640b0 --- /dev/null +++ b/extra/rules-ubuntu/40-vm-hotadd.rules @@ -0,0 +1,14 @@ +# On Hyper-V and Xen Virtual Machines we want to add memory and cpus as soon as they appear +ATTR{[dmi/id]sys_vendor}=="Microsoft Corporation", ATTR{[dmi/id]product_name}=="Virtual Machine", GOTO="vm_hotadd_apply" +ATTR{[dmi/id]sys_vendor}=="Xen", GOTO="vm_hotadd_apply" +GOTO="vm_hotadd_end" + +LABEL="vm_hotadd_apply" + +# Memory hotadd request +SUBSYSTEM=="memory", ACTION=="add", DEVPATH=="/devices/system/memory/memory[0-9]*", TEST=="state", ATTR{state}!="online", ATTR{state}="online" + +# CPU hotadd request +SUBSYSTEM=="cpu", ACTION=="add", DEVPATH=="/devices/system/cpu/cpu[0-9]*", TEST=="online", ATTR{online}!="1", ATTR{online}="1" + +LABEL="vm_hotadd_end" diff --git a/extra/rules-ubuntu/61-persistent-storage-android.rules b/extra/rules-ubuntu/61-persistent-storage-android.rules new file mode 100644 index 00000000..369d5a6a --- /dev/null +++ b/extra/rules-ubuntu/61-persistent-storage-android.rules @@ -0,0 +1,6 @@ +# Android based kernel exports the uevent property PARTNAME, which can be +# used to find out at run time the named partitions (e.g. boot) for the +# device. This is specially useful for the Touch based images and flash-kernel, +# to automatically update the kernel by writing at the correct partition +# (independently of the hardware revision). +ACTION!="remove", KERNEL=="mmcblk[0-9]p[0-9]", ENV{PARTNAME}=="?*", SYMLINK+="disk/by-partlabel/$env{PARTNAME}" diff --git a/extra/rules-ubuntu/71-power-switch-proliant.rules b/extra/rules-ubuntu/71-power-switch-proliant.rules new file mode 100644 index 00000000..022baebf --- /dev/null +++ b/extra/rules-ubuntu/71-power-switch-proliant.rules @@ -0,0 +1,2 @@ +ACTION!="remove", SUBSYSTEM=="input", KERNEL=="event*", SUBSYSTEMS=="platform", KERNELS=="gpio_keys.6|soc:gpio_keys", PROGRAM="/bin/cat /proc/device-tree/model", RESULT=="HP ProLiant m400 Server Cartridge", TAG+="power-switch" +ACTION!="remove", SUBSYSTEM=="input", KERNEL=="event*", SUBSYSTEMS=="platform", KERNELS=="gpio_keys.12", ATTRS{keys}=="116", PROGRAM="/bin/cat /proc/device-tree/model", RESULT=="HP ProLiant m800 Server Cartridge", TAG+="power-switch" diff --git a/extra/rules-ubuntu/78-graphics-card.rules b/extra/rules-ubuntu/78-graphics-card.rules new file mode 100644 index 00000000..b3b906cd --- /dev/null +++ b/extra/rules-ubuntu/78-graphics-card.rules @@ -0,0 +1,30 @@ +# do not edit this file, it will be overwritten on update + +ACTION!="add", GOTO="graphics_end" + +# Tag the drm device for KMS-supporting drivers as the primary device for +# the display; for non-KMS drivers tag the framebuffer device instead. + +SUBSYSTEM!="drm", GOTO="drm_end" +KERNEL!="card[0-9]*", GOTO="drm_end" +ENV{DEVTYPE}!="drm_minor", GOTO="drm_end" + +DRIVERS=="i915", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" +DRIVERS=="radeon", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" +DRIVERS=="nouveau", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" +DRIVERS=="vmwgfx", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" + +LABEL="drm_end" + +SUBSYSTEM!="graphics", GOTO="graphics_end" + +DRIVERS=="i915", GOTO="graphics_end" +DRIVERS=="radeon", GOTO="graphics_end" +DRIVERS=="nouveau", GOTO="graphics_end" +DRIVERS=="efifb", GOTO="graphics_end" +DRIVERS=="efi-framebuffer", GOTO="graphics_end" +DRIVERS=="vesa-framebuffer", GOTO="graphics_end" + +KERNEL=="fb[0-9]*", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" + +LABEL="graphics_end" diff --git a/extra/rules/50-firmware.rules b/extra/rules/50-firmware.rules new file mode 100644 index 00000000..f7a08ce9 --- /dev/null +++ b/extra/rules/50-firmware.rules @@ -0,0 +1,3 @@ +# stub for immediately telling the kernel that userspace firmware loading +# failed; necessary to avoid long timeouts with CONFIG_FW_LOADER_USER_HELPER=y +SUBSYSTEM=="firmware", ACTION=="add", ATTR{loading}="-1" diff --git a/extra/rules/73-special-net-names.rules b/extra/rules/73-special-net-names.rules new file mode 100644 index 00000000..3b145edf --- /dev/null +++ b/extra/rules/73-special-net-names.rules @@ -0,0 +1,14 @@ +# On Dell PowerEdge systems, the iDRAC7 and later support a USB Virtual NIC +# which terminates in the iDRAC. Help identify this with 'idrac' +ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", ATTRS{idVendor}=="413c", ATTRS{idProduct}=="a102", NAME="idrac" + +# On IBM systems the Integrated Management Module is reachable using a +# # USB Virtual NIC. +ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", \ + ATTRS{idVendor}=="04b3", ATTRS{idProduct}=="0325", NAME="ibmimm" + +# ibmveth devices' $DEVPATH number is tied to (virtual) hardware (slot id +# selected in the HMC), thus this provides a reliable naming (e. g. +# "/devices/vio/30000002/net/eth1"); we ignore the bus number, as +# there should only ever be one bus, and then remove leading zeros +ACTION=="add", SUBSYSTEM=="net", NAME=="", DRIVERS=="ibmveth", PROGRAM="/bin/sh -ec 'D=$${DEVPATH#*/vio/}; D=$${D%%%%/*}; D=$${D#????}; D=$${D#0}; D=$${D#0}; D=$${D#0}; D=$${D#0}; echo $${D:-0}'", NAME="ibmveth$result" diff --git a/extra/rules/80-debian-compat.rules b/extra/rules/80-debian-compat.rules new file mode 100644 index 00000000..1c4dbc55 --- /dev/null +++ b/extra/rules/80-debian-compat.rules @@ -0,0 +1,16 @@ +# Debian specific udev rules for backwards compatibility + +# needed for old tape drivers, http://bugs.debian.org/657948 +SUBSYSTEM=="scsi", ENV{DEVTYPE}=="scsi_device", TEST!="[module/sg]", RUN{builtin}+="kmod load sg" + +# device permissions +KERNEL=="mISDNtimer", GROUP="dialout" +KERNEL=="mwave", GROUP="dialout" +KERNEL=="nvram", GROUP="kmem", MODE="0640" +KERNEL=="pktcdvd", GROUP="cdrom", MODE="0644" +KERNEL=="lirc[0-9]*", GROUP="video" +KERNEL=="legousbtower*", MODE="0666" +KERNEL=="sonypi", MODE="0666" +KERNEL=="mmtimer", MODE="0644" +KERNEL=="sgi_*", MODE="0666" +KERNEL=="z90crypt", MODE="0666" diff --git a/extra/start-udev b/extra/start-udev new file mode 100755 index 00000000..1adfc527 --- /dev/null +++ b/extra/start-udev @@ -0,0 +1,23 @@ +#!/bin/sh -e + +if [ -w /sys/kernel/uevent_helper ]; then + echo > /sys/kernel/uevent_helper +fi + +if ! grep -E -q "^[^[:space:]]+ /dev devtmpfs" /proc/mounts; then + mount -n -o mode=0755 -t devtmpfs devtmpfs /dev + # Setup a few /dev symlinks, see #975018 + [ ! -h /dev/fd ] && ln -s /proc/self/fd /dev/fd + [ ! -h /dev/stdin ] && ln -s /proc/self/fd/0 /dev/stdin + [ ! -h /dev/stdout ] && ln -s /proc/self/fd/1 /dev/stdout + [ ! -h /dev/stderr ] && ln -s /proc/self/fd/2 /dev/stderr +fi + +SYSTEMD_LOG_LEVEL=notice /usr/lib/systemd/systemd-udevd --daemon --resolve-names=never + +udevadm trigger --action=add + +mkdir -p /dev/pts +mount -t devpts -o noexec,nosuid,gid=5,mode=0620 devpts /dev/pts + +udevadm settle || true diff --git a/extra/sysctl.d/10-coredump-debian.conf b/extra/sysctl.d/10-coredump-debian.conf new file mode 100644 index 00000000..e58fb85f --- /dev/null +++ b/extra/sysctl.d/10-coredump-debian.conf @@ -0,0 +1 @@ +kernel.core_pattern=core diff --git a/extra/system.conf.d/10-coredump-debian.conf b/extra/system.conf.d/10-coredump-debian.conf new file mode 100644 index 00000000..395b1557 --- /dev/null +++ b/extra/system.conf.d/10-coredump-debian.conf @@ -0,0 +1,2 @@ +[Manager] +DefaultLimitCORE=0:infinity diff --git a/extra/system.conf.d/20-coredump-debian.conf b/extra/system.conf.d/20-coredump-debian.conf new file mode 100644 index 00000000..c06081d3 --- /dev/null +++ b/extra/system.conf.d/20-coredump-debian.conf @@ -0,0 +1,2 @@ +[Manager] +DefaultLimitCORE=infinity diff --git a/extra/systemd-oomd-defaults/-.slice.d/10-oomd-root-slice-defaults.conf b/extra/systemd-oomd-defaults/-.slice.d/10-oomd-root-slice-defaults.conf new file mode 100644 index 00000000..9862d0f3 --- /dev/null +++ b/extra/systemd-oomd-defaults/-.slice.d/10-oomd-root-slice-defaults.conf @@ -0,0 +1,2 @@ +[Slice] +ManagedOOMSwap=auto diff --git a/extra/systemd-oomd-defaults/oomd.conf.d/10-oomd-defaults.conf b/extra/systemd-oomd-defaults/oomd.conf.d/10-oomd-defaults.conf new file mode 100644 index 00000000..02546571 --- /dev/null +++ b/extra/systemd-oomd-defaults/oomd.conf.d/10-oomd-defaults.conf @@ -0,0 +1,2 @@ +[OOM] +DefaultMemoryPressureDurationSec=20s diff --git a/extra/systemd-oomd-defaults/user@.service.d/10-oomd-user-service-defaults.conf b/extra/systemd-oomd-defaults/user@.service.d/10-oomd-user-service-defaults.conf new file mode 100644 index 00000000..94d5c87f --- /dev/null +++ b/extra/systemd-oomd-defaults/user@.service.d/10-oomd-user-service-defaults.conf @@ -0,0 +1,3 @@ +[Service] +ManagedOOMMemoryPressure=kill +ManagedOOMMemoryPressureLimit=50% diff --git a/extra/systemd-sysv-install b/extra/systemd-sysv-install new file mode 100755 index 00000000..7e90dc2b --- /dev/null +++ b/extra/systemd-sysv-install @@ -0,0 +1,56 @@ +#!/bin/sh +# This script is called by "systemctl enable/disable" when the given unit is a +# SysV init.d script. It needs to call the distribution's mechanism for +# enabling/disabling those, such as chkconfig, update-rc.d, or similar. This +# can optionally take a --root argument for enabling a SysV init script +# in a chroot or similar. +set -eu + +usage() { + echo "Usage: $0 [--root=path] enable|disable|is-enabled " >&2 + exit 1 +} + +ROOT= + +# parse options +eval set -- "$(getopt -o r: --long root: -- "$@")" +while true; do + case "$1" in + -r|--root) + ROOT="$2" + shift 2 ;; + --) shift ; break ;; + *) usage ;; + esac +done + +NAME="${2:-}" + +run() { + if [ -n "$ROOT" ] && [ "$ROOT" != "/" ]; then + _SKIP_SYSTEMD_NATIVE=1 chroot "$ROOT" /usr/sbin/update-rc.d "$@" + else + _SKIP_SYSTEMD_NATIVE=1 /usr/sbin/update-rc.d "$@" + fi +} + +[ -n "$NAME" ] || usage + +case "$1" in + enable) + # call the command to enable SysV init script $NAME here.. + run "$NAME" defaults + run "$NAME" enable + ;; + disable) + run "$NAME" defaults + run "$NAME" disable + ;; + is-enabled) + # exit with 0 if $NAME is enabled, non-zero if it is disabled + ls "$ROOT"/etc/rc[S5].d/S??"$NAME" >/dev/null 2>&1 + ;; + *) + usage ;; +esac diff --git a/extra/systemd.py b/extra/systemd.py new file mode 100644 index 00000000..d79e0eb8 --- /dev/null +++ b/extra/systemd.py @@ -0,0 +1,28 @@ +'''apport package hook for systemd + +(c) 2014 Canonical Ltd. +Author: Martin Pitt +''' + +import os.path +import apport.hookutils + +def add_info(report): + apport.hookutils.attach_hardware(report) + + report['SystemdDelta'] = apport.hookutils.command_output(['systemd-delta']) + + if not os.path.exists('/run/systemd/system'): + return + + # Add details about all failed units, if any + out = apport.hookutils.command_output(['systemctl', '--state=failed', '--full', + '--no-legend']).strip() + if out: + failed = '' + for line in out.splitlines(): + unit = line.split()[0] + if failed: + failed += '------\n' + failed += apport.hookutils.command_output(['systemctl', 'status', '--full', unit]) + report['SystemdFailedUnits'] = failed diff --git a/extra/tmpfiles.d/debian.conf b/extra/tmpfiles.d/debian.conf new file mode 100644 index 00000000..1877e020 --- /dev/null +++ b/extra/tmpfiles.d/debian.conf @@ -0,0 +1,17 @@ +# This file is part of the debianisation of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. + +# See tmpfiles.d(5) for details + +# Type Path Mode UID GID Age Argument +L /run/shm - - - - /dev/shm +d /run/sendsigs.omit.d 0755 root root - +d /run/lock 1777 root root - - + +L+ /etc/mtab - - - - ../proc/self/mounts +L+ /etc/default/locale - - - - ../locale.conf +L+ /etc/vconsole.conf - - - - default/keyboard diff --git a/extra/udev.py b/extra/udev.py new file mode 100644 index 00000000..d8bc76f7 --- /dev/null +++ b/extra/udev.py @@ -0,0 +1,19 @@ +'''apport package hook for udev + +(c) 2009 Canonical Ltd. +Author: Martin Pitt +''' + +import os +import apport.hookutils + +def add_info(report): + apport.hookutils.attach_hardware(report) + + user_rules = [] + for f in os.listdir('/etc/udev/rules.d'): + if not f.startswith('70-persistent-') and f != 'README': + user_rules.append(f) + + if user_rules: + report['CustomUdevRuleFiles'] = ' '.join(user_rules) diff --git a/extra/units-ubuntu/systemd-journald.service.d/nice.conf b/extra/units-ubuntu/systemd-journald.service.d/nice.conf new file mode 100644 index 00000000..774e8470 --- /dev/null +++ b/extra/units-ubuntu/systemd-journald.service.d/nice.conf @@ -0,0 +1,4 @@ +# Set Nice=-1 to dodge watchdog on soft lockups (LP: #1696970). + +[Service] +Nice=-1 diff --git a/extra/units-ubuntu/user@.service.d/timeout.conf b/extra/units-ubuntu/user@.service.d/timeout.conf new file mode 100644 index 00000000..213eb651 --- /dev/null +++ b/extra/units-ubuntu/user@.service.d/timeout.conf @@ -0,0 +1,4 @@ +# Avoid long hangs during shutdown if user services fail/hang due to X.org +# going away too early +[Service] +TimeoutStopSec=5 diff --git a/extra/units/getty-static.service b/extra/units/getty-static.service new file mode 100644 index 00000000..25c5c720 --- /dev/null +++ b/extra/units/getty-static.service @@ -0,0 +1,10 @@ +[Unit] +Description=getty on tty2-tty6 if dbus and logind are not available +ConditionPathExists=/dev/tty0 +ConditionPathExists=!/usr/bin/dbus-daemon +ConditionPathExists=!/usr/bin/dbus-broker + +[Service] +Type=oneshot +ExecStart=systemctl --no-block start getty@tty2.service getty@tty3.service getty@tty4.service getty@tty5.service getty@tty6.service +RemainAfterExit=true diff --git a/extra/units/rc-local.service.d/debian.conf b/extra/units/rc-local.service.d/debian.conf new file mode 100644 index 00000000..ec77220a --- /dev/null +++ b/extra/units/rc-local.service.d/debian.conf @@ -0,0 +1,10 @@ +[Unit] +# not specified by LSB, but has been behaving that way in Debian under SysV +# init and upstart +After=network-online.target + +# Often contains status messages which users expect to see on the console +# during boot +[Service] +StandardOutput=journal+console +StandardError=journal+console diff --git a/extra/units/run-lock.mount b/extra/units/run-lock.mount new file mode 100644 index 00000000..8d22dd97 --- /dev/null +++ b/extra/units/run-lock.mount @@ -0,0 +1,14 @@ +[Unit] +Description=Legacy Locks Directory /run/lock +DefaultDependencies=no +Conflicts=umount.target +Before=local-fs.target umount.target + +[Mount] +Type=tmpfs +What=tmpfs +Where=/run/lock +Options=mode=1777,nosuid,nodev,noexec,size=5242880 + +[Install] +WantedBy=local-fs.target diff --git a/extra/units/systemd-fsck-root.service.d/10-skip-fsck-initramfs.conf b/extra/units/systemd-fsck-root.service.d/10-skip-fsck-initramfs.conf new file mode 100644 index 00000000..4d261755 --- /dev/null +++ b/extra/units/systemd-fsck-root.service.d/10-skip-fsck-initramfs.conf @@ -0,0 +1,2 @@ +[Unit] +ConditionPathExists=!/run/initramfs/fsck-root diff --git a/extra/units/systemd-localed.service.d/x11-keyboard.conf b/extra/units/systemd-localed.service.d/x11-keyboard.conf new file mode 100644 index 00000000..7c7f91ff --- /dev/null +++ b/extra/units/systemd-localed.service.d/x11-keyboard.conf @@ -0,0 +1,4 @@ +[Service] +# systemd-localed will try to write to /etc/X11/xorg.conf.d/00-keyboard.conf +# if it can, but we don't use it. Make the path read-only so that it skips it. +ReadOnlyPaths=-/etc/X11/xorg.conf.d/ diff --git a/extra/units/systemd-logind.service.d/dbus.conf b/extra/units/systemd-logind.service.d/dbus.conf new file mode 100644 index 00000000..bd782632 --- /dev/null +++ b/extra/units/systemd-logind.service.d/dbus.conf @@ -0,0 +1,9 @@ +# logind fails to start in minimal environments without dbus, such as LXC +# containers or servers. Add a startup condition to avoid the very noisy +# startup failure. +# Consider both dbus-daemon (the reference implementation) and dbus-broker. +# See https://bugs.debian.org/772700 + +[Unit] +ConditionPathExists=|/usr/bin/dbus-daemon +ConditionPathExists=|/usr/bin/dbus-broker diff --git a/extra/units/systemd-udevd.service.d/syscall-architecture.conf b/extra/units/systemd-udevd.service.d/syscall-architecture.conf new file mode 100644 index 00000000..0395c2d0 --- /dev/null +++ b/extra/units/systemd-udevd.service.d/syscall-architecture.conf @@ -0,0 +1,7 @@ +# We can't really control what helper programs are run from other udev +# rules. E.g. running i386 binaries under amd64 is a valid use case and +# should not trigger a SIGSYS failure. +# https://bugs.debian.org/869719 + +[Service] +SystemCallArchitectures= diff --git a/extra/user.conf.d/10-coredump-debian.conf b/extra/user.conf.d/10-coredump-debian.conf new file mode 100644 index 00000000..395b1557 --- /dev/null +++ b/extra/user.conf.d/10-coredump-debian.conf @@ -0,0 +1,2 @@ +[Manager] +DefaultLimitCORE=0:infinity diff --git a/extra/user.conf.d/20-coredump-debian.conf b/extra/user.conf.d/20-coredump-debian.conf new file mode 100644 index 00000000..c06081d3 --- /dev/null +++ b/extra/user.conf.d/20-coredump-debian.conf @@ -0,0 +1,2 @@ +[Manager] +DefaultLimitCORE=infinity diff --git a/gbp.conf b/gbp.conf new file mode 100644 index 00000000..fa05dbd5 --- /dev/null +++ b/gbp.conf @@ -0,0 +1,14 @@ +[DEFAULT] +pristine-tar = True +patch-numbers = False +sign-tags = True +debian-branch = debian/master +upstream-branch = upstream/latest + +[import-orig] +upstream-vcs-tag = v%(version%~%-)s + +[dch] +full = True +multimaint-merge = True +git-log = --first-parent diff --git a/git-cherry-pick b/git-cherry-pick new file mode 100755 index 00000000..1fabd321 --- /dev/null +++ b/git-cherry-pick @@ -0,0 +1,53 @@ +#!/bin/bash + +set -e + +if [ -z "$*" ] ; then + echo "Usage: $0 [commit [commit ..]]" + exit 1 +fi + + +curbranch=$(git rev-parse --abbrev-ref HEAD) + +# assert we got a branch +[ -n "$curbranch" ] + +if [ $curbranch = HEAD ] ; then + echo "You are not currently on a branch, cannot cherry-pick" + exit 1 +fi + +case $curbranch in + patch-queue/*) + debbranch=${curbranch/patch-queue\/} + pqbranch=$curbranch + ;; + *) + debbranch=$curbranch + pqbranch=patch-queue/$curbranch + ;; +esac + +commits=$(git rev-parse "$@") + +if git rev-parse $pqbranch &>/dev/null ; then + echo + echo "Will recreate patch-queue branch $pqbranch" + echo "It was pointing to" $(git rev-parse $pqbranch) + echo +fi + +gbp pq import --force + +echo "Cherry-picking the following commits:" +echo "$commits" + +picks=$(echo "$commits" | xargs echo exec git cherry-pick -x --no-edit --commit) + +# find the first debian commit +firstdebian=$(git log -i --grep "topic.*debian" --pretty=%h --reverse $debbranch..$pqbranch | head -1) + +sedexpr="/$firstdebian/i$picks" + +GIT_EDITOR="sed -i -e '$sedexpr'" git rebase --interactive --no-autosquash $debbranch diff --git a/libnss-myhostname.install b/libnss-myhostname.install new file mode 100644 index 00000000..fa88dd66 --- /dev/null +++ b/libnss-myhostname.install @@ -0,0 +1 @@ +usr/lib/*/libnss_myhostname*.so.* diff --git a/libnss-myhostname.lintian-overrides b/libnss-myhostname.lintian-overrides new file mode 100644 index 00000000..d01f5296 --- /dev/null +++ b/libnss-myhostname.lintian-overrides @@ -0,0 +1,2 @@ +# Lintian is really bad at associating manpages +libnss-myhostname: spare-manual-page diff --git a/libnss-myhostname.manpages b/libnss-myhostname.manpages new file mode 100644 index 00000000..d3ba44d6 --- /dev/null +++ b/libnss-myhostname.manpages @@ -0,0 +1,2 @@ +usr/share/man/man8/libnss_myhostname.so.2.8 +usr/share/man/man8/nss-myhostname.8 diff --git a/libnss-myhostname.nss b/libnss-myhostname.nss new file mode 100644 index 00000000..9ed4b628 --- /dev/null +++ b/libnss-myhostname.nss @@ -0,0 +1 @@ +hosts after=files myhostname diff --git a/libnss-mymachines.install b/libnss-mymachines.install new file mode 100644 index 00000000..50e7d2ec --- /dev/null +++ b/libnss-mymachines.install @@ -0,0 +1 @@ +usr/lib/*/libnss_mymachines*.so.* diff --git a/libnss-mymachines.lintian-overrides b/libnss-mymachines.lintian-overrides new file mode 100644 index 00000000..c6c7dd5a --- /dev/null +++ b/libnss-mymachines.lintian-overrides @@ -0,0 +1,2 @@ +# Lintian is really bad at associating manpages +libnss-mymachines: spare-manual-page diff --git a/libnss-mymachines.manpages b/libnss-mymachines.manpages new file mode 100644 index 00000000..7afe71d5 --- /dev/null +++ b/libnss-mymachines.manpages @@ -0,0 +1,2 @@ +usr/share/man/man8/libnss_mymachines.so.2.8 +usr/share/man/man8/nss-mymachines.8 diff --git a/libnss-mymachines.nss b/libnss-mymachines.nss new file mode 100644 index 00000000..ff7213d0 --- /dev/null +++ b/libnss-mymachines.nss @@ -0,0 +1 @@ +hosts before=resolve,dns mymachines diff --git a/libnss-resolve.install b/libnss-resolve.install new file mode 100644 index 00000000..3554b53c --- /dev/null +++ b/libnss-resolve.install @@ -0,0 +1 @@ +usr/lib/*/libnss_resolve*.so.* diff --git a/libnss-resolve.lintian-overrides b/libnss-resolve.lintian-overrides new file mode 100644 index 00000000..06097e89 --- /dev/null +++ b/libnss-resolve.lintian-overrides @@ -0,0 +1,2 @@ +# Lintian is really bad at associating manpages +libnss-resolve: spare-manual-page diff --git a/libnss-resolve.manpages b/libnss-resolve.manpages new file mode 100644 index 00000000..b3c5a78d --- /dev/null +++ b/libnss-resolve.manpages @@ -0,0 +1,2 @@ +usr/share/man/man8/libnss_resolve.so.2.8 +usr/share/man/man8/nss-resolve.8 diff --git a/libnss-resolve.nss b/libnss-resolve.nss new file mode 100644 index 00000000..a7142b3f --- /dev/null +++ b/libnss-resolve.nss @@ -0,0 +1 @@ +hosts before=dns resolve [!UNAVAIL=return] diff --git a/libnss-systemd.install b/libnss-systemd.install new file mode 100644 index 00000000..df23cb88 --- /dev/null +++ b/libnss-systemd.install @@ -0,0 +1 @@ +usr/lib/*/libnss_systemd*.so.* diff --git a/libnss-systemd.lintian-overrides b/libnss-systemd.lintian-overrides new file mode 100644 index 00000000..98ae3f51 --- /dev/null +++ b/libnss-systemd.lintian-overrides @@ -0,0 +1,2 @@ +# Lintian is really bad at associating manpages +libnss-systemd: spare-manual-page diff --git a/libnss-systemd.manpages b/libnss-systemd.manpages new file mode 100644 index 00000000..bf1e840c --- /dev/null +++ b/libnss-systemd.manpages @@ -0,0 +1,2 @@ +usr/share/man/man8/libnss_systemd* +usr/share/man/man8/nss-systemd* diff --git a/libnss-systemd.nss b/libnss-systemd.nss new file mode 100644 index 00000000..9c3f443e --- /dev/null +++ b/libnss-systemd.nss @@ -0,0 +1,4 @@ +passwd last systemd +group last systemd +shadow last systemd +gshadow last systemd diff --git a/libpam-systemd.install b/libpam-systemd.install new file mode 100644 index 00000000..6b55212c --- /dev/null +++ b/libpam-systemd.install @@ -0,0 +1,3 @@ +usr/lib/*/security/pam_systemd.so +usr/lib/*/security/pam_systemd_loadkey.so +../extra/pam-configs/systemd usr/share/pam-configs/ diff --git a/libpam-systemd.lintian-overrides b/libpam-systemd.lintian-overrides new file mode 100644 index 00000000..906c521d --- /dev/null +++ b/libpam-systemd.lintian-overrides @@ -0,0 +1,2 @@ +# Lintian is really bad at associating manpages +libpam-systemd: spare-manual-page diff --git a/libpam-systemd.manpages b/libpam-systemd.manpages new file mode 100644 index 00000000..d30ee0f6 --- /dev/null +++ b/libpam-systemd.manpages @@ -0,0 +1 @@ +usr/share/man/man8/pam_systemd.8 diff --git a/libpam-systemd.postinst b/libpam-systemd.postinst new file mode 100644 index 00000000..7e37590c --- /dev/null +++ b/libpam-systemd.postinst @@ -0,0 +1,7 @@ +#!/bin/sh + +set -e + +pam-auth-update --package + +#DEBHELPER# diff --git a/libpam-systemd.prerm b/libpam-systemd.prerm new file mode 100644 index 00000000..15284c5a --- /dev/null +++ b/libpam-systemd.prerm @@ -0,0 +1,20 @@ +#!/bin/sh + +set -e + +# pam-auth-update --remove removes the named profile from the active config. +# It arguably should be called during deconfigure as well, but deconfigure +# can happen in some cases during a dist-upgrade and we don't want to +# deconfigure all PAM modules in the middle of a dist-upgrade by accident. +# +# More importantly, with the current implementation, --remove also removes +# all local preferences for the named config (such as whether it's enabled +# or disabled), which we don't want to do on deconfigure. +# +# This may need to change later as pam-auth-update evolves. + +if [ "$1" = remove ] && [ "${DPKG_MAINTSCRIPT_PACKAGE_REFCOUNT:-1}" = 1 ]; then + pam-auth-update --package --remove systemd +fi + +#DEBHELPER# diff --git a/libsystemd-dev.install b/libsystemd-dev.install new file mode 100644 index 00000000..9c256f7c --- /dev/null +++ b/libsystemd-dev.install @@ -0,0 +1,4 @@ +usr/include/systemd/ +usr/lib/*/libsystemd.so +usr/lib/*/libsystemd.a +usr/lib/*/pkgconfig/libsystemd.pc diff --git a/libsystemd-dev.manpages b/libsystemd-dev.manpages new file mode 100644 index 00000000..f5b15194 --- /dev/null +++ b/libsystemd-dev.manpages @@ -0,0 +1,3 @@ +usr/share/man/man3/libsystemd* +usr/share/man/man3/sd* +usr/share/man/man3/SD* diff --git a/libsystemd-shared.install b/libsystemd-shared.install new file mode 100644 index 00000000..085a7cde --- /dev/null +++ b/libsystemd-shared.install @@ -0,0 +1,2 @@ +usr/lib/*/systemd/libsystemd-core-*.so +usr/lib/*/systemd/libsystemd-shared-*.so diff --git a/libsystemd-shared.lintian-overrides b/libsystemd-shared.lintian-overrides new file mode 100644 index 00000000..a21679d4 --- /dev/null +++ b/libsystemd-shared.lintian-overrides @@ -0,0 +1,2 @@ +# Intentional: value of config got in a release by mistake, needs to be kept +libsystemd-shared: spelling-error-in-binary anually annually [usr/lib/*/systemd/libsystemd-shared-*.so] diff --git a/libsystemd0.install b/libsystemd0.install new file mode 100644 index 00000000..13c96e6e --- /dev/null +++ b/libsystemd0.install @@ -0,0 +1 @@ +usr/lib/*/libsystemd.so.* diff --git a/libsystemd0.symbols b/libsystemd0.symbols new file mode 100644 index 00000000..4b13487b --- /dev/null +++ b/libsystemd0.symbols @@ -0,0 +1,894 @@ +libsystemd.so.0 libsystemd0 #MINVER# +* Build-Depends-Package: libsystemd-dev + LIBSYSTEMD_209@LIBSYSTEMD_209 0 + LIBSYSTEMD_211@LIBSYSTEMD_211 211 + LIBSYSTEMD_213@LIBSYSTEMD_213 213 + LIBSYSTEMD_214@LIBSYSTEMD_214 214 + LIBSYSTEMD_216@LIBSYSTEMD_216 217 + LIBSYSTEMD_217@LIBSYSTEMD_217 217 + LIBSYSTEMD_219@LIBSYSTEMD_219 219 + LIBSYSTEMD_220@LIBSYSTEMD_220 220 + LIBSYSTEMD_221@LIBSYSTEMD_221 221 + LIBSYSTEMD_222@LIBSYSTEMD_222 222 + LIBSYSTEMD_226@LIBSYSTEMD_226 226 + LIBSYSTEMD_227@LIBSYSTEMD_227 227 + LIBSYSTEMD_229@LIBSYSTEMD_229 229 + LIBSYSTEMD_230@LIBSYSTEMD_230 230 + LIBSYSTEMD_231@LIBSYSTEMD_231 231 + LIBSYSTEMD_232@LIBSYSTEMD_232 232 + LIBSYSTEMD_233@LIBSYSTEMD_233 233 + LIBSYSTEMD_234@LIBSYSTEMD_234 234 + LIBSYSTEMD_236@LIBSYSTEMD_236 236 + LIBSYSTEMD_237@LIBSYSTEMD_237 237 + LIBSYSTEMD_238@LIBSYSTEMD_238 238 + LIBSYSTEMD_239@LIBSYSTEMD_239 239 + LIBSYSTEMD_240@LIBSYSTEMD_240 240 + LIBSYSTEMD_241@LIBSYSTEMD_241 241 + LIBSYSTEMD_243@LIBSYSTEMD_243 243 + LIBSYSTEMD_245@LIBSYSTEMD_245 245 + LIBSYSTEMD_246@LIBSYSTEMD_246 246 + LIBSYSTEMD_247@LIBSYSTEMD_247 247 + LIBSYSTEMD_248@LIBSYSTEMD_248 248 + LIBSYSTEMD_249@LIBSYSTEMD_249 249 + LIBSYSTEMD_250@LIBSYSTEMD_250 250 + LIBSYSTEMD_251@LIBSYSTEMD_251 251 + LIBSYSTEMD_252@LIBSYSTEMD_252 252 + LIBSYSTEMD_253@LIBSYSTEMD_253 253 + LIBSYSTEMD_254@LIBSYSTEMD_254 254 + LIBSYSTEMD_255@LIBSYSTEMD_255 255 + LIBSYSTEMD_256@LIBSYSTEMD_256 256~rc1 + LIBSYSTEMD_257@LIBSYSTEMD_257 257~rc1 + sd_booted@LIBSYSTEMD_209 0 + sd_bus_add_fallback@LIBSYSTEMD_221 221 + sd_bus_add_fallback_vtable@LIBSYSTEMD_221 221 + sd_bus_add_filter@LIBSYSTEMD_221 221 + sd_bus_add_match@LIBSYSTEMD_221 221 + sd_bus_add_match_async@LIBSYSTEMD_237 237 + sd_bus_add_node_enumerator@LIBSYSTEMD_221 221 + sd_bus_add_object@LIBSYSTEMD_221 221 + sd_bus_add_object_manager@LIBSYSTEMD_221 221 + sd_bus_add_object_vtable@LIBSYSTEMD_221 221 + sd_bus_attach_event@LIBSYSTEMD_221 221 + sd_bus_call@LIBSYSTEMD_221 221 + sd_bus_call_async@LIBSYSTEMD_221 221 + sd_bus_call_method@LIBSYSTEMD_221 221 + sd_bus_call_method_async@LIBSYSTEMD_221 221 + sd_bus_call_method_asyncv@LIBSYSTEMD_246 246 + sd_bus_call_methodv@LIBSYSTEMD_246 246 + sd_bus_can_send@LIBSYSTEMD_221 221 + sd_bus_close@LIBSYSTEMD_221 221 + sd_bus_close_unref@LIBSYSTEMD_241 241 + sd_bus_creds_get_audit_login_uid@LIBSYSTEMD_221 221 + sd_bus_creds_get_audit_session_id@LIBSYSTEMD_221 221 + sd_bus_creds_get_augmented_mask@LIBSYSTEMD_221 221 + sd_bus_creds_get_cgroup@LIBSYSTEMD_221 221 + sd_bus_creds_get_cmdline@LIBSYSTEMD_221 221 + sd_bus_creds_get_comm@LIBSYSTEMD_221 221 + sd_bus_creds_get_description@LIBSYSTEMD_221 221 + sd_bus_creds_get_egid@LIBSYSTEMD_221 221 + sd_bus_creds_get_euid@LIBSYSTEMD_221 221 + sd_bus_creds_get_exe@LIBSYSTEMD_221 221 + sd_bus_creds_get_fsgid@LIBSYSTEMD_221 221 + sd_bus_creds_get_fsuid@LIBSYSTEMD_221 221 + sd_bus_creds_get_gid@LIBSYSTEMD_221 221 + sd_bus_creds_get_mask@LIBSYSTEMD_221 221 + sd_bus_creds_get_owner_uid@LIBSYSTEMD_221 221 + sd_bus_creds_get_pid@LIBSYSTEMD_221 221 + sd_bus_creds_get_pidfd_dup@LIBSYSTEMD_256 256~rc1 + sd_bus_creds_get_ppid@LIBSYSTEMD_221 221 + sd_bus_creds_get_selinux_context@LIBSYSTEMD_221 221 + sd_bus_creds_get_session@LIBSYSTEMD_221 221 + sd_bus_creds_get_sgid@LIBSYSTEMD_221 221 + sd_bus_creds_get_slice@LIBSYSTEMD_221 221 + sd_bus_creds_get_suid@LIBSYSTEMD_221 221 + sd_bus_creds_get_supplementary_gids@LIBSYSTEMD_221 221 + sd_bus_creds_get_tid@LIBSYSTEMD_221 221 + sd_bus_creds_get_tid_comm@LIBSYSTEMD_221 221 + sd_bus_creds_get_tty@LIBSYSTEMD_221 221 + sd_bus_creds_get_uid@LIBSYSTEMD_221 221 + sd_bus_creds_get_unique_name@LIBSYSTEMD_221 221 + sd_bus_creds_get_unit@LIBSYSTEMD_221 221 + sd_bus_creds_get_user_slice@LIBSYSTEMD_221 221 + sd_bus_creds_get_user_unit@LIBSYSTEMD_221 221 + sd_bus_creds_get_well_known_names@LIBSYSTEMD_221 221 + sd_bus_creds_has_bounding_cap@LIBSYSTEMD_221 221 + sd_bus_creds_has_effective_cap@LIBSYSTEMD_221 221 + sd_bus_creds_has_inheritable_cap@LIBSYSTEMD_221 221 + sd_bus_creds_has_permitted_cap@LIBSYSTEMD_221 221 + sd_bus_creds_new_from_pid@LIBSYSTEMD_221 221 + sd_bus_creds_new_from_pidfd@LIBSYSTEMD_256 256~rc1 + sd_bus_creds_ref@LIBSYSTEMD_221 221 + sd_bus_creds_unref@LIBSYSTEMD_221 221 + sd_bus_default@LIBSYSTEMD_221 221 + sd_bus_default_flush_close@LIBSYSTEMD_227 227 + sd_bus_default_system@LIBSYSTEMD_221 221 + sd_bus_default_user@LIBSYSTEMD_221 221 + sd_bus_detach_event@LIBSYSTEMD_221 221 + sd_bus_emit_interfaces_added@LIBSYSTEMD_221 221 + sd_bus_emit_interfaces_added_strv@LIBSYSTEMD_221 221 + sd_bus_emit_interfaces_removed@LIBSYSTEMD_221 221 + sd_bus_emit_interfaces_removed_strv@LIBSYSTEMD_221 221 + sd_bus_emit_object_added@LIBSYSTEMD_222 222 + sd_bus_emit_object_removed@LIBSYSTEMD_222 222 + sd_bus_emit_properties_changed@LIBSYSTEMD_221 221 + sd_bus_emit_properties_changed_strv@LIBSYSTEMD_221 221 + sd_bus_emit_signal@LIBSYSTEMD_221 221 + sd_bus_emit_signal_to@LIBSYSTEMD_253 253 + sd_bus_emit_signal_tov@LIBSYSTEMD_253 253 + sd_bus_emit_signalv@LIBSYSTEMD_246 246 + sd_bus_enqueue_for_read@LIBSYSTEMD_245 245 + sd_bus_error_add_map@LIBSYSTEMD_221 221 + sd_bus_error_copy@LIBSYSTEMD_221 221 + sd_bus_error_free@LIBSYSTEMD_221 221 + sd_bus_error_get_errno@LIBSYSTEMD_221 221 + sd_bus_error_has_name@LIBSYSTEMD_221 221 + sd_bus_error_has_names_sentinel@LIBSYSTEMD_247 247 + sd_bus_error_is_set@LIBSYSTEMD_221 221 + sd_bus_error_move@LIBSYSTEMD_240 240 + sd_bus_error_set@LIBSYSTEMD_221 221 + sd_bus_error_set_const@LIBSYSTEMD_221 221 + sd_bus_error_set_errno@LIBSYSTEMD_221 221 + sd_bus_error_set_errnof@LIBSYSTEMD_221 221 + sd_bus_error_set_errnofv@LIBSYSTEMD_221 221 + sd_bus_error_setf@LIBSYSTEMD_221 221 + sd_bus_error_setfv@LIBSYSTEMD_252 252 + sd_bus_flush@LIBSYSTEMD_221 221 + sd_bus_flush_close_unref@LIBSYSTEMD_222 222 + sd_bus_get_address@LIBSYSTEMD_221 221 + sd_bus_get_allow_interactive_authorization@LIBSYSTEMD_221 221 + sd_bus_get_bus_id@LIBSYSTEMD_221 221 + sd_bus_get_close_on_exit@LIBSYSTEMD_240 240 + sd_bus_get_connected_signal@LIBSYSTEMD_237 237 + sd_bus_get_creds_mask@LIBSYSTEMD_221 221 + sd_bus_get_current_handler@LIBSYSTEMD_221 221 + sd_bus_get_current_message@LIBSYSTEMD_221 221 + sd_bus_get_current_slot@LIBSYSTEMD_221 221 + sd_bus_get_current_userdata@LIBSYSTEMD_221 221 + sd_bus_get_description@LIBSYSTEMD_221 221 + sd_bus_get_event@LIBSYSTEMD_221 221 + sd_bus_get_events@LIBSYSTEMD_221 221 + sd_bus_get_exit_on_disconnect@LIBSYSTEMD_232 232 + sd_bus_get_fd@LIBSYSTEMD_221 221 + sd_bus_get_method_call_timeout@LIBSYSTEMD_240 240 + sd_bus_get_n_queued_read@LIBSYSTEMD_238 238 + sd_bus_get_n_queued_write@LIBSYSTEMD_238 238 + sd_bus_get_name_creds@LIBSYSTEMD_221 221 + sd_bus_get_name_machine_id@LIBSYSTEMD_221 221 + sd_bus_get_owner_creds@LIBSYSTEMD_221 221 + sd_bus_get_property@LIBSYSTEMD_221 221 + sd_bus_get_property_string@LIBSYSTEMD_221 221 + sd_bus_get_property_strv@LIBSYSTEMD_221 221 + sd_bus_get_property_trivial@LIBSYSTEMD_221 221 + sd_bus_get_scope@LIBSYSTEMD_221 221 + sd_bus_get_sender@LIBSYSTEMD_237 237 + sd_bus_get_tid@LIBSYSTEMD_221 221 + sd_bus_get_timeout@LIBSYSTEMD_221 221 + sd_bus_get_unique_name@LIBSYSTEMD_221 221 + sd_bus_get_watch_bind@LIBSYSTEMD_237 237 + sd_bus_interface_name_is_valid@LIBSYSTEMD_246 246 + sd_bus_is_anonymous@LIBSYSTEMD_221 221 + sd_bus_is_bus_client@LIBSYSTEMD_221 221 + sd_bus_is_monitor@LIBSYSTEMD_221 221 + sd_bus_is_open@LIBSYSTEMD_221 221 + sd_bus_is_ready@LIBSYSTEMD_237 237 + sd_bus_is_server@LIBSYSTEMD_221 221 + sd_bus_is_trusted@LIBSYSTEMD_221 221 + sd_bus_list_names@LIBSYSTEMD_221 221 + sd_bus_match_signal@LIBSYSTEMD_237 237 + sd_bus_match_signal_async@LIBSYSTEMD_237 237 + sd_bus_member_name_is_valid@LIBSYSTEMD_246 246 + sd_bus_message_append@LIBSYSTEMD_221 221 + sd_bus_message_append_array@LIBSYSTEMD_221 221 + sd_bus_message_append_array_iovec@LIBSYSTEMD_221 221 + sd_bus_message_append_array_memfd@LIBSYSTEMD_221 221 + sd_bus_message_append_array_space@LIBSYSTEMD_221 221 + sd_bus_message_append_basic@LIBSYSTEMD_221 221 + sd_bus_message_append_string_iovec@LIBSYSTEMD_221 221 + sd_bus_message_append_string_memfd@LIBSYSTEMD_221 221 + sd_bus_message_append_string_space@LIBSYSTEMD_221 221 + sd_bus_message_append_strv@LIBSYSTEMD_221 221 + sd_bus_message_appendv@LIBSYSTEMD_234 234 + sd_bus_message_at_end@LIBSYSTEMD_221 221 + sd_bus_message_close_container@LIBSYSTEMD_221 221 + sd_bus_message_copy@LIBSYSTEMD_221 221 + sd_bus_message_dump@LIBSYSTEMD_245 245 + sd_bus_message_enter_container@LIBSYSTEMD_221 221 + sd_bus_message_exit_container@LIBSYSTEMD_221 221 + sd_bus_message_get_allow_interactive_authorization@LIBSYSTEMD_221 221 + sd_bus_message_get_auto_start@LIBSYSTEMD_221 221 + sd_bus_message_get_bus@LIBSYSTEMD_221 221 + sd_bus_message_get_cookie@LIBSYSTEMD_221 221 + sd_bus_message_get_creds@LIBSYSTEMD_221 221 + sd_bus_message_get_destination@LIBSYSTEMD_221 221 + sd_bus_message_get_errno@LIBSYSTEMD_221 221 + sd_bus_message_get_error@LIBSYSTEMD_221 221 + sd_bus_message_get_expect_reply@LIBSYSTEMD_221 221 + sd_bus_message_get_interface@LIBSYSTEMD_221 221 + sd_bus_message_get_member@LIBSYSTEMD_221 221 + sd_bus_message_get_monotonic_usec@LIBSYSTEMD_221 221 + sd_bus_message_get_path@LIBSYSTEMD_221 221 + sd_bus_message_get_priority@LIBSYSTEMD_221 221 + sd_bus_message_get_realtime_usec@LIBSYSTEMD_221 221 + sd_bus_message_get_reply_cookie@LIBSYSTEMD_221 221 + sd_bus_message_get_sender@LIBSYSTEMD_221 221 + sd_bus_message_get_seqnum@LIBSYSTEMD_221 221 + sd_bus_message_get_signature@LIBSYSTEMD_221 221 + sd_bus_message_get_type@LIBSYSTEMD_221 221 + sd_bus_message_has_signature@LIBSYSTEMD_221 221 + sd_bus_message_is_empty@LIBSYSTEMD_221 221 + sd_bus_message_is_method_call@LIBSYSTEMD_221 221 + sd_bus_message_is_method_error@LIBSYSTEMD_221 221 + sd_bus_message_is_signal@LIBSYSTEMD_221 221 + sd_bus_message_new@LIBSYSTEMD_236 236 + sd_bus_message_new_method_call@LIBSYSTEMD_221 221 + sd_bus_message_new_method_errno@LIBSYSTEMD_221 221 + sd_bus_message_new_method_errnof@LIBSYSTEMD_221 221 + sd_bus_message_new_method_error@LIBSYSTEMD_221 221 + sd_bus_message_new_method_errorf@LIBSYSTEMD_221 221 + sd_bus_message_new_method_return@LIBSYSTEMD_221 221 + sd_bus_message_new_signal@LIBSYSTEMD_221 221 + sd_bus_message_new_signal_to@LIBSYSTEMD_253 253 + sd_bus_message_open_container@LIBSYSTEMD_221 221 + sd_bus_message_peek_type@LIBSYSTEMD_221 221 + sd_bus_message_read@LIBSYSTEMD_221 221 + sd_bus_message_read_array@LIBSYSTEMD_221 221 + sd_bus_message_read_basic@LIBSYSTEMD_221 221 + sd_bus_message_read_strv@LIBSYSTEMD_221 221 + sd_bus_message_read_strv_extend@LIBSYSTEMD_252 252 + sd_bus_message_readv@LIBSYSTEMD_240 240 + sd_bus_message_ref@LIBSYSTEMD_221 221 + sd_bus_message_rewind@LIBSYSTEMD_221 221 + sd_bus_message_seal@LIBSYSTEMD_236 236 + sd_bus_message_send@LIBSYSTEMD_248 248 + sd_bus_message_sensitive@LIBSYSTEMD_245 245 + sd_bus_message_set_allow_interactive_authorization@LIBSYSTEMD_221 221 + sd_bus_message_set_auto_start@LIBSYSTEMD_221 221 + sd_bus_message_set_destination@LIBSYSTEMD_221 221 + sd_bus_message_set_expect_reply@LIBSYSTEMD_221 221 + sd_bus_message_set_priority@LIBSYSTEMD_221 221 + sd_bus_message_set_sender@LIBSYSTEMD_237 237 + sd_bus_message_skip@LIBSYSTEMD_221 221 + sd_bus_message_unref@LIBSYSTEMD_221 221 + sd_bus_message_verify_type@LIBSYSTEMD_221 221 + sd_bus_negotiate_creds@LIBSYSTEMD_221 221 + sd_bus_negotiate_fds@LIBSYSTEMD_221 221 + sd_bus_negotiate_timestamp@LIBSYSTEMD_221 221 + sd_bus_new@LIBSYSTEMD_221 221 + sd_bus_object_path_is_valid@LIBSYSTEMD_246 246 + sd_bus_object_vtable_format@LIBSYSTEMD_243 243 + sd_bus_open@LIBSYSTEMD_221 221 + sd_bus_open_system@LIBSYSTEMD_221 221 + sd_bus_open_system_machine@LIBSYSTEMD_221 221 + sd_bus_open_system_remote@LIBSYSTEMD_221 221 + sd_bus_open_system_with_description@LIBSYSTEMD_239 239 + sd_bus_open_user@LIBSYSTEMD_221 221 + sd_bus_open_user_machine@LIBSYSTEMD_248 248 + sd_bus_open_user_with_description@LIBSYSTEMD_239 239 + sd_bus_open_with_description@LIBSYSTEMD_239 239 + sd_bus_path_decode@LIBSYSTEMD_221 221 + sd_bus_path_decode_many@LIBSYSTEMD_227 227 + sd_bus_path_encode@LIBSYSTEMD_221 221 + sd_bus_path_encode_many@LIBSYSTEMD_227 227 + sd_bus_pending_method_calls@LIBSYSTEMD_257 257~rc1 + sd_bus_process@LIBSYSTEMD_221 221 + sd_bus_process_priority@LIBSYSTEMD_221 221 + sd_bus_query_sender_creds@LIBSYSTEMD_221 221 + sd_bus_query_sender_privilege@LIBSYSTEMD_221 221 + sd_bus_ref@LIBSYSTEMD_221 221 + sd_bus_release_name@LIBSYSTEMD_221 221 + sd_bus_release_name_async@LIBSYSTEMD_237 237 + sd_bus_reply_method_errno@LIBSYSTEMD_221 221 + sd_bus_reply_method_errnof@LIBSYSTEMD_221 221 + sd_bus_reply_method_errnofv@LIBSYSTEMD_246 246 + sd_bus_reply_method_error@LIBSYSTEMD_221 221 + sd_bus_reply_method_errorf@LIBSYSTEMD_221 221 + sd_bus_reply_method_errorfv@LIBSYSTEMD_246 246 + sd_bus_reply_method_return@LIBSYSTEMD_221 221 + sd_bus_reply_method_returnv@LIBSYSTEMD_246 246 + sd_bus_request_name@LIBSYSTEMD_221 221 + sd_bus_request_name_async@LIBSYSTEMD_237 237 + sd_bus_send@LIBSYSTEMD_221 221 + sd_bus_send_to@LIBSYSTEMD_221 221 + sd_bus_service_name_is_valid@LIBSYSTEMD_246 246 + sd_bus_set_address@LIBSYSTEMD_221 221 + sd_bus_set_allow_interactive_authorization@LIBSYSTEMD_221 221 + sd_bus_set_anonymous@LIBSYSTEMD_221 221 + sd_bus_set_bus_client@LIBSYSTEMD_221 221 + sd_bus_set_close_on_exit@LIBSYSTEMD_240 240 + sd_bus_set_connected_signal@LIBSYSTEMD_237 237 + sd_bus_set_description@LIBSYSTEMD_221 221 + sd_bus_set_exec@LIBSYSTEMD_221 221 + sd_bus_set_exit_on_disconnect@LIBSYSTEMD_232 232 + sd_bus_set_fd@LIBSYSTEMD_221 221 + sd_bus_set_method_call_timeout@LIBSYSTEMD_240 240 + sd_bus_set_monitor@LIBSYSTEMD_221 221 + sd_bus_set_property@LIBSYSTEMD_221 221 + sd_bus_set_propertyv@LIBSYSTEMD_246 246 + sd_bus_set_sender@LIBSYSTEMD_237 237 + sd_bus_set_server@LIBSYSTEMD_221 221 + sd_bus_set_trusted@LIBSYSTEMD_221 221 + sd_bus_set_watch_bind@LIBSYSTEMD_237 237 + sd_bus_slot_get_bus@LIBSYSTEMD_221 221 + sd_bus_slot_get_current_handler@LIBSYSTEMD_221 221 + sd_bus_slot_get_current_message@LIBSYSTEMD_221 221 + sd_bus_slot_get_current_userdata@LIBSYSTEMD_221 221 + sd_bus_slot_get_description@LIBSYSTEMD_221 221 + sd_bus_slot_get_destroy_callback@LIBSYSTEMD_239 239 + sd_bus_slot_get_floating@LIBSYSTEMD_239 239 + sd_bus_slot_get_userdata@LIBSYSTEMD_221 221 + sd_bus_slot_ref@LIBSYSTEMD_221 221 + sd_bus_slot_set_description@LIBSYSTEMD_221 221 + sd_bus_slot_set_destroy_callback@LIBSYSTEMD_239 239 + sd_bus_slot_set_floating@LIBSYSTEMD_239 239 + sd_bus_slot_set_userdata@LIBSYSTEMD_221 221 + sd_bus_slot_unref@LIBSYSTEMD_221 221 + sd_bus_start@LIBSYSTEMD_221 221 + sd_bus_track_add_name@LIBSYSTEMD_221 221 + sd_bus_track_add_sender@LIBSYSTEMD_221 221 + sd_bus_track_contains@LIBSYSTEMD_221 221 + sd_bus_track_count@LIBSYSTEMD_221 221 + sd_bus_track_count_name@LIBSYSTEMD_232 232 + sd_bus_track_count_sender@LIBSYSTEMD_232 232 + sd_bus_track_first@LIBSYSTEMD_221 221 + sd_bus_track_get_bus@LIBSYSTEMD_221 221 + sd_bus_track_get_destroy_callback@LIBSYSTEMD_239 239 + sd_bus_track_get_recursive@LIBSYSTEMD_232 232 + sd_bus_track_get_userdata@LIBSYSTEMD_221 221 + sd_bus_track_new@LIBSYSTEMD_221 221 + sd_bus_track_next@LIBSYSTEMD_221 221 + sd_bus_track_ref@LIBSYSTEMD_221 221 + sd_bus_track_remove_name@LIBSYSTEMD_221 221 + sd_bus_track_remove_sender@LIBSYSTEMD_221 221 + sd_bus_track_set_destroy_callback@LIBSYSTEMD_239 239 + sd_bus_track_set_recursive@LIBSYSTEMD_232 232 + sd_bus_track_set_userdata@LIBSYSTEMD_221 221 + sd_bus_track_unref@LIBSYSTEMD_221 221 + sd_bus_try_close@LIBSYSTEMD_221 221 + sd_bus_unref@LIBSYSTEMD_221 221 + sd_bus_wait@LIBSYSTEMD_221 221 + sd_device_enumerator_add_match_parent@LIBSYSTEMD_240 240 + sd_device_enumerator_add_match_property@LIBSYSTEMD_240 240 + sd_device_enumerator_add_match_property_required@LIBSYSTEMD_255 255 + sd_device_enumerator_add_match_subsystem@LIBSYSTEMD_240 240 + sd_device_enumerator_add_match_sysattr@LIBSYSTEMD_240 240 + sd_device_enumerator_add_match_sysname@LIBSYSTEMD_240 240 + sd_device_enumerator_add_match_tag@LIBSYSTEMD_240 240 + sd_device_enumerator_add_nomatch_sysname@LIBSYSTEMD_251 251 + sd_device_enumerator_allow_uninitialized@LIBSYSTEMD_240 240 + sd_device_enumerator_get_device_first@LIBSYSTEMD_240 240 + sd_device_enumerator_get_device_next@LIBSYSTEMD_240 240 + sd_device_enumerator_get_subsystem_first@LIBSYSTEMD_240 240 + sd_device_enumerator_get_subsystem_next@LIBSYSTEMD_240 240 + sd_device_enumerator_new@LIBSYSTEMD_240 240 + sd_device_enumerator_ref@LIBSYSTEMD_240 240 + sd_device_enumerator_unref@LIBSYSTEMD_240 240 + sd_device_get_action@LIBSYSTEMD_248 248 + sd_device_get_child_first@LIBSYSTEMD_252 252 + sd_device_get_child_next@LIBSYSTEMD_252 252 + sd_device_get_current_tag_first@LIBSYSTEMD_247 247 + sd_device_get_current_tag_next@LIBSYSTEMD_247 247 + sd_device_get_device_id@LIBSYSTEMD_257 257~rc1 + sd_device_get_devlink_first@LIBSYSTEMD_240 240 + sd_device_get_devlink_next@LIBSYSTEMD_240 240 + sd_device_get_devname@LIBSYSTEMD_240 240 + sd_device_get_devnum@LIBSYSTEMD_240 240 + sd_device_get_devpath@LIBSYSTEMD_240 240 + sd_device_get_devtype@LIBSYSTEMD_240 240 + sd_device_get_diskseq@LIBSYSTEMD_250 250 + sd_device_get_driver@LIBSYSTEMD_240 240 + sd_device_get_driver_subsystem@LIBSYSTEMD_257 257~rc1 + sd_device_get_ifindex@LIBSYSTEMD_240 240 + sd_device_get_is_initialized@LIBSYSTEMD_240 240 + sd_device_get_parent@LIBSYSTEMD_240 240 + sd_device_get_parent_with_subsystem_devtype@LIBSYSTEMD_240 240 + sd_device_get_property_first@LIBSYSTEMD_240 240 + sd_device_get_property_next@LIBSYSTEMD_240 240 + sd_device_get_property_value@LIBSYSTEMD_240 240 + sd_device_get_seqnum@LIBSYSTEMD_248 248 + sd_device_get_subsystem@LIBSYSTEMD_240 240 + sd_device_get_sysattr_first@LIBSYSTEMD_240 240 + sd_device_get_sysattr_next@LIBSYSTEMD_240 240 + sd_device_get_sysattr_value@LIBSYSTEMD_240 240 + sd_device_get_sysname@LIBSYSTEMD_240 240 + sd_device_get_sysnum@LIBSYSTEMD_240 240 + sd_device_get_syspath@LIBSYSTEMD_240 240 + sd_device_get_tag_first@LIBSYSTEMD_240 240 + sd_device_get_tag_next@LIBSYSTEMD_240 240 + sd_device_get_trigger_uuid@LIBSYSTEMD_249 249 + sd_device_get_usec_initialized@LIBSYSTEMD_249 249 + sd_device_get_usec_since_initialized@LIBSYSTEMD_240 240 + sd_device_has_current_tag@LIBSYSTEMD_247 247 + sd_device_has_tag@LIBSYSTEMD_240 240 + sd_device_monitor_attach_event@LIBSYSTEMD_240 240 + sd_device_monitor_detach_event@LIBSYSTEMD_240 240 + sd_device_monitor_filter_add_match_parent@LIBSYSTEMD_249 249 + sd_device_monitor_filter_add_match_subsystem_devtype@LIBSYSTEMD_240 240 + sd_device_monitor_filter_add_match_sysattr@LIBSYSTEMD_249 249 + sd_device_monitor_filter_add_match_tag@LIBSYSTEMD_240 240 + sd_device_monitor_filter_remove@LIBSYSTEMD_240 240 + sd_device_monitor_filter_update@LIBSYSTEMD_240 240 + sd_device_monitor_get_description@LIBSYSTEMD_252 252 + sd_device_monitor_get_event@LIBSYSTEMD_240 240 + sd_device_monitor_get_event_source@LIBSYSTEMD_240 240 + sd_device_monitor_get_events@LIBSYSTEMD_257 257~rc1 + sd_device_monitor_get_fd@LIBSYSTEMD_257 257~rc1 + sd_device_monitor_get_timeout@LIBSYSTEMD_257 257~rc1 + sd_device_monitor_is_running@LIBSYSTEMD_257 257~rc1 + sd_device_monitor_new@LIBSYSTEMD_240 240 + sd_device_monitor_receive@LIBSYSTEMD_257 257~rc1 + sd_device_monitor_ref@LIBSYSTEMD_240 240 + sd_device_monitor_set_description@LIBSYSTEMD_252 252 + sd_device_monitor_set_receive_buffer_size@LIBSYSTEMD_240 240 + sd_device_monitor_start@LIBSYSTEMD_240 240 + sd_device_monitor_stop@LIBSYSTEMD_240 240 + sd_device_monitor_unref@LIBSYSTEMD_240 240 + sd_device_new_child@LIBSYSTEMD_252 252 + sd_device_new_from_device_id@LIBSYSTEMD_240 240 + sd_device_new_from_devname@LIBSYSTEMD_251 251 + sd_device_new_from_devnum@LIBSYSTEMD_240 240 + sd_device_new_from_ifindex@LIBSYSTEMD_249 249 + sd_device_new_from_ifname@LIBSYSTEMD_249 249 + sd_device_new_from_path@LIBSYSTEMD_251 251 + sd_device_new_from_stat_rdev@LIBSYSTEMD_248 248 + sd_device_new_from_subsystem_sysname@LIBSYSTEMD_240 240 + sd_device_new_from_syspath@LIBSYSTEMD_240 240 + sd_device_open@LIBSYSTEMD_251 251 + sd_device_ref@LIBSYSTEMD_240 240 + sd_device_set_sysattr_value@LIBSYSTEMD_240 240 + sd_device_set_sysattr_valuef@LIBSYSTEMD_247 247 + sd_device_trigger@LIBSYSTEMD_248 248 + sd_device_trigger_with_uuid@LIBSYSTEMD_249 249 + sd_device_unref@LIBSYSTEMD_240 240 + sd_event_add_child@LIBSYSTEMD_221 221 + sd_event_add_child_pidfd@LIBSYSTEMD_245 245 + sd_event_add_defer@LIBSYSTEMD_221 221 + sd_event_add_exit@LIBSYSTEMD_221 221 + sd_event_add_inotify@LIBSYSTEMD_239 239 + sd_event_add_inotify_fd@LIBSYSTEMD_250 250 + sd_event_add_io@LIBSYSTEMD_221 221 + sd_event_add_memory_pressure@LIBSYSTEMD_254 254 + sd_event_add_post@LIBSYSTEMD_221 221 + sd_event_add_signal@LIBSYSTEMD_221 221 + sd_event_add_time@LIBSYSTEMD_221 221 + sd_event_add_time_relative@LIBSYSTEMD_247 247 + sd_event_default@LIBSYSTEMD_221 221 + sd_event_dispatch@LIBSYSTEMD_221 221 + sd_event_exit@LIBSYSTEMD_221 221 + sd_event_get_exit_code@LIBSYSTEMD_221 221 + sd_event_get_fd@LIBSYSTEMD_221 221 + sd_event_get_iteration@LIBSYSTEMD_231 231 + sd_event_get_state@LIBSYSTEMD_221 221 + sd_event_get_tid@LIBSYSTEMD_221 221 + sd_event_get_watchdog@LIBSYSTEMD_221 221 + sd_event_loop@LIBSYSTEMD_221 221 + sd_event_new@LIBSYSTEMD_221 221 + sd_event_now@LIBSYSTEMD_221 221 + sd_event_prepare@LIBSYSTEMD_221 221 + sd_event_ref@LIBSYSTEMD_221 221 + sd_event_run@LIBSYSTEMD_221 221 + sd_event_set_signal_exit@LIBSYSTEMD_252 252 + sd_event_set_watchdog@LIBSYSTEMD_221 221 + sd_event_source_disable_unref@LIBSYSTEMD_243 243 + sd_event_source_get_child_pid@LIBSYSTEMD_221 221 + sd_event_source_get_child_pidfd@LIBSYSTEMD_245 245 + sd_event_source_get_child_pidfd_own@LIBSYSTEMD_245 245 + sd_event_source_get_child_process_own@LIBSYSTEMD_245 245 + sd_event_source_get_description@LIBSYSTEMD_221 221 + sd_event_source_get_destroy_callback@LIBSYSTEMD_239 239 + sd_event_source_get_enabled@LIBSYSTEMD_221 221 + sd_event_source_get_event@LIBSYSTEMD_221 221 + sd_event_source_get_exit_on_failure@LIBSYSTEMD_247 247 + sd_event_source_get_floating@LIBSYSTEMD_240 240 + sd_event_source_get_inotify_mask@LIBSYSTEMD_239 239 + sd_event_source_get_inotify_path@LIBSYSTEMD_256 256~rc1 + sd_event_source_get_io_events@LIBSYSTEMD_221 221 + sd_event_source_get_io_fd@LIBSYSTEMD_221 221 + sd_event_source_get_io_fd_own@LIBSYSTEMD_237 237 + sd_event_source_get_io_revents@LIBSYSTEMD_221 221 + sd_event_source_get_pending@LIBSYSTEMD_221 221 + sd_event_source_get_priority@LIBSYSTEMD_221 221 + sd_event_source_get_ratelimit@LIBSYSTEMD_248 248 + sd_event_source_get_signal@LIBSYSTEMD_221 221 + sd_event_source_get_time@LIBSYSTEMD_221 221 + sd_event_source_get_time_accuracy@LIBSYSTEMD_221 221 + sd_event_source_get_time_clock@LIBSYSTEMD_221 221 + sd_event_source_get_userdata@LIBSYSTEMD_221 221 + sd_event_source_is_ratelimited@LIBSYSTEMD_248 248 + sd_event_source_leave_ratelimit@LIBSYSTEMD_254 254 + sd_event_source_ref@LIBSYSTEMD_221 221 + sd_event_source_send_child_signal@LIBSYSTEMD_245 245 + sd_event_source_set_child_pidfd_own@LIBSYSTEMD_245 245 + sd_event_source_set_child_process_own@LIBSYSTEMD_245 245 + sd_event_source_set_description@LIBSYSTEMD_221 221 + sd_event_source_set_destroy_callback@LIBSYSTEMD_239 239 + sd_event_source_set_enabled@LIBSYSTEMD_221 221 + sd_event_source_set_exit_on_failure@LIBSYSTEMD_247 247 + sd_event_source_set_floating@LIBSYSTEMD_240 240 + sd_event_source_set_io_events@LIBSYSTEMD_221 221 + sd_event_source_set_io_fd@LIBSYSTEMD_221 221 + sd_event_source_set_io_fd_own@LIBSYSTEMD_237 237 + sd_event_source_set_memory_pressure_period@LIBSYSTEMD_254 254 + sd_event_source_set_memory_pressure_type@LIBSYSTEMD_254 254 + sd_event_source_set_prepare@LIBSYSTEMD_221 221 + sd_event_source_set_priority@LIBSYSTEMD_221 221 + sd_event_source_set_ratelimit@LIBSYSTEMD_248 248 + sd_event_source_set_ratelimit_expire_callback@LIBSYSTEMD_250 250 + sd_event_source_set_time@LIBSYSTEMD_221 221 + sd_event_source_set_time_accuracy@LIBSYSTEMD_221 221 + sd_event_source_set_time_relative@LIBSYSTEMD_247 247 + sd_event_source_set_userdata@LIBSYSTEMD_221 221 + sd_event_source_unref@LIBSYSTEMD_221 221 + sd_event_trim_memory@LIBSYSTEMD_254 254 + sd_event_unref@LIBSYSTEMD_221 221 + sd_event_wait@LIBSYSTEMD_221 221 + sd_get_machine_names@LIBSYSTEMD_209 0 + sd_get_seats@LIBSYSTEMD_209 0 + sd_get_sessions@LIBSYSTEMD_209 0 + sd_get_uids@LIBSYSTEMD_209 0 + sd_hwdb_enumerate@LIBSYSTEMD_240 240 + sd_hwdb_get@LIBSYSTEMD_240 240 + sd_hwdb_new@LIBSYSTEMD_240 240 + sd_hwdb_new_from_path@LIBSYSTEMD_252 252 + sd_hwdb_ref@LIBSYSTEMD_240 240 + sd_hwdb_seek@LIBSYSTEMD_240 240 + sd_hwdb_unref@LIBSYSTEMD_240 240 + sd_id128_from_string@LIBSYSTEMD_209 0 + sd_id128_get_app_specific@LIBSYSTEMD_255 255 + sd_id128_get_boot@LIBSYSTEMD_209 0 + sd_id128_get_boot_app_specific@LIBSYSTEMD_240 240 + sd_id128_get_invocation@LIBSYSTEMD_232 232 + sd_id128_get_invocation_app_specific@LIBSYSTEMD_256 256~rc1 + sd_id128_get_machine@LIBSYSTEMD_209 0 + sd_id128_get_machine_app_specific@LIBSYSTEMD_233 233 + sd_id128_randomize@LIBSYSTEMD_209 0 + sd_id128_string_equal@LIBSYSTEMD_252 252 + sd_id128_to_string@LIBSYSTEMD_209 0 + sd_id128_to_uuid_string@LIBSYSTEMD_251 251 + sd_is_fifo@LIBSYSTEMD_209 0 + sd_is_mq@LIBSYSTEMD_209 0 + sd_is_socket@LIBSYSTEMD_209 0 + sd_is_socket_inet@LIBSYSTEMD_209 0 + sd_is_socket_sockaddr@LIBSYSTEMD_233 233 + sd_is_socket_unix@LIBSYSTEMD_209 0 + sd_is_special@LIBSYSTEMD_209 0 + sd_journal_add_conjunction@LIBSYSTEMD_209 0 + sd_journal_add_disjunction@LIBSYSTEMD_209 0 + sd_journal_add_match@LIBSYSTEMD_209 0 + sd_journal_close@LIBSYSTEMD_209 0 + sd_journal_enumerate_available_data@LIBSYSTEMD_246 246 + sd_journal_enumerate_available_unique@LIBSYSTEMD_246 246 + sd_journal_enumerate_data@LIBSYSTEMD_209 0 + sd_journal_enumerate_fields@LIBSYSTEMD_229 229 + sd_journal_enumerate_unique@LIBSYSTEMD_209 0 + sd_journal_flush_matches@LIBSYSTEMD_209 0 + sd_journal_get_catalog@LIBSYSTEMD_209 0 + sd_journal_get_catalog_for_message_id@LIBSYSTEMD_209 0 + sd_journal_get_cursor@LIBSYSTEMD_209 0 + sd_journal_get_cutoff_monotonic_usec@LIBSYSTEMD_209 0 + sd_journal_get_cutoff_realtime_usec@LIBSYSTEMD_209 0 + sd_journal_get_data@LIBSYSTEMD_209 0 + sd_journal_get_data_threshold@LIBSYSTEMD_209 0 + sd_journal_get_events@LIBSYSTEMD_209 0 + sd_journal_get_fd@LIBSYSTEMD_209 0 + sd_journal_get_monotonic_usec@LIBSYSTEMD_209 0 + sd_journal_get_realtime_usec@LIBSYSTEMD_209 0 + sd_journal_get_seqnum@LIBSYSTEMD_254 254 + sd_journal_get_timeout@LIBSYSTEMD_209 0 + sd_journal_get_usage@LIBSYSTEMD_209 0 + sd_journal_has_persistent_files@LIBSYSTEMD_229 229 + sd_journal_has_runtime_files@LIBSYSTEMD_229 229 + sd_journal_next@LIBSYSTEMD_209 0 + sd_journal_next_skip@LIBSYSTEMD_209 0 + sd_journal_open@LIBSYSTEMD_209 0 + sd_journal_open_container@LIBSYSTEMD_209 0 + sd_journal_open_directory@LIBSYSTEMD_209 0 + sd_journal_open_directory_fd@LIBSYSTEMD_230 230 + sd_journal_open_files@LIBSYSTEMD_209 0 + sd_journal_open_files_fd@LIBSYSTEMD_230 230 + sd_journal_open_namespace@LIBSYSTEMD_245 245 + sd_journal_perror@LIBSYSTEMD_209 0 + sd_journal_perror_with_location@LIBSYSTEMD_209 0 + sd_journal_previous@LIBSYSTEMD_209 0 + sd_journal_previous_skip@LIBSYSTEMD_209 0 + sd_journal_print@LIBSYSTEMD_209 0 + sd_journal_print_with_location@LIBSYSTEMD_209 0 + sd_journal_printv@LIBSYSTEMD_209 0 + sd_journal_printv_with_location@LIBSYSTEMD_209 0 + sd_journal_process@LIBSYSTEMD_209 0 + sd_journal_query_unique@LIBSYSTEMD_209 0 + sd_journal_reliable_fd@LIBSYSTEMD_209 0 + sd_journal_restart_data@LIBSYSTEMD_209 0 + sd_journal_restart_fields@LIBSYSTEMD_229 229 + sd_journal_restart_unique@LIBSYSTEMD_209 0 + sd_journal_seek_cursor@LIBSYSTEMD_209 0 + sd_journal_seek_head@LIBSYSTEMD_209 0 + sd_journal_seek_monotonic_usec@LIBSYSTEMD_209 0 + sd_journal_seek_realtime_usec@LIBSYSTEMD_209 0 + sd_journal_seek_tail@LIBSYSTEMD_209 0 + sd_journal_send@LIBSYSTEMD_209 0 + sd_journal_send_with_location@LIBSYSTEMD_209 0 + sd_journal_sendv@LIBSYSTEMD_209 0 + sd_journal_sendv_with_location@LIBSYSTEMD_209 0 + sd_journal_set_data_threshold@LIBSYSTEMD_209 0 + sd_journal_step_one@LIBSYSTEMD_254 254 + sd_journal_stream_fd@LIBSYSTEMD_209 0 + sd_journal_stream_fd_with_namespace@LIBSYSTEMD_256 256~rc1 + sd_journal_test_cursor@LIBSYSTEMD_209 0 + sd_journal_wait@LIBSYSTEMD_209 0 + sd_json_build@LIBSYSTEMD_257 257~rc1 + sd_json_buildv@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_const_string@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_double@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_full@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_id128@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_int16@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_int32@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_int64@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_int8@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_intbool@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_signal@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_stdbool@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_string@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_strv@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_tristate@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_uid_gid@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_uint16@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_uint32@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_uint64@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_uint8@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_unsupported@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_variant@LIBSYSTEMD_257 257~rc1 + sd_json_dispatch_variant_noref@LIBSYSTEMD_257 257~rc1 + sd_json_parse@LIBSYSTEMD_257 257~rc1 + sd_json_parse_continue@LIBSYSTEMD_257 257~rc1 + sd_json_parse_file@LIBSYSTEMD_257 257~rc1 + sd_json_parse_file_at@LIBSYSTEMD_257 257~rc1 + sd_json_parse_with_source@LIBSYSTEMD_257 257~rc1 + sd_json_parse_with_source_continue@LIBSYSTEMD_257 257~rc1 + sd_json_variant_append_array@LIBSYSTEMD_257 257~rc1 + sd_json_variant_append_array_nodup@LIBSYSTEMD_257 257~rc1 + sd_json_variant_append_arrayb@LIBSYSTEMD_257 257~rc1 + sd_json_variant_boolean@LIBSYSTEMD_257 257~rc1 + sd_json_variant_by_index@LIBSYSTEMD_257 257~rc1 + sd_json_variant_by_key@LIBSYSTEMD_257 257~rc1 + sd_json_variant_by_key_full@LIBSYSTEMD_257 257~rc1 + sd_json_variant_dump@LIBSYSTEMD_257 257~rc1 + sd_json_variant_elements@LIBSYSTEMD_257 257~rc1 + sd_json_variant_equal@LIBSYSTEMD_257 257~rc1 + sd_json_variant_filter@LIBSYSTEMD_257 257~rc1 + sd_json_variant_find@LIBSYSTEMD_257 257~rc1 + sd_json_variant_format@LIBSYSTEMD_257 257~rc1 + sd_json_variant_get_source@LIBSYSTEMD_257 257~rc1 + sd_json_variant_has_type@LIBSYSTEMD_257 257~rc1 + sd_json_variant_integer@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_array@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_blank_array@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_blank_object@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_boolean@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_integer@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_negative@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_normalized@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_null@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_number@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_object@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_real@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_sensitive@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_sensitive_recursive@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_sorted@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_string@LIBSYSTEMD_257 257~rc1 + sd_json_variant_is_unsigned@LIBSYSTEMD_257 257~rc1 + sd_json_variant_merge_object@LIBSYSTEMD_257 257~rc1 + sd_json_variant_merge_objectb@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_array@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_array_bytes@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_array_strv@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_base32hex@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_base64@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_boolean@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_hex@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_id128@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_integer@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_null@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_object@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_octescape@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_real@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_string@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_stringn@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_unsigned@LIBSYSTEMD_257 257~rc1 + sd_json_variant_new_uuid@LIBSYSTEMD_257 257~rc1 + sd_json_variant_normalize@LIBSYSTEMD_257 257~rc1 + sd_json_variant_real@LIBSYSTEMD_257 257~rc1 + sd_json_variant_ref@LIBSYSTEMD_257 257~rc1 + sd_json_variant_sensitive@LIBSYSTEMD_257 257~rc1 + sd_json_variant_set_field@LIBSYSTEMD_257 257~rc1 + sd_json_variant_set_field_boolean@LIBSYSTEMD_257 257~rc1 + sd_json_variant_set_field_id128@LIBSYSTEMD_257 257~rc1 + sd_json_variant_set_field_integer@LIBSYSTEMD_257 257~rc1 + sd_json_variant_set_field_string@LIBSYSTEMD_257 257~rc1 + sd_json_variant_set_field_strv@LIBSYSTEMD_257 257~rc1 + sd_json_variant_set_field_unsigned@LIBSYSTEMD_257 257~rc1 + sd_json_variant_set_field_uuid@LIBSYSTEMD_257 257~rc1 + sd_json_variant_set_fieldb@LIBSYSTEMD_257 257~rc1 + sd_json_variant_sort@LIBSYSTEMD_257 257~rc1 + sd_json_variant_string@LIBSYSTEMD_257 257~rc1 + sd_json_variant_strv@LIBSYSTEMD_257 257~rc1 + sd_json_variant_type@LIBSYSTEMD_257 257~rc1 + sd_json_variant_unbase64@LIBSYSTEMD_257 257~rc1 + sd_json_variant_unhex@LIBSYSTEMD_257 257~rc1 + sd_json_variant_unref@LIBSYSTEMD_257 257~rc1 + sd_json_variant_unref_many@LIBSYSTEMD_257 257~rc1 + sd_json_variant_unsigned@LIBSYSTEMD_257 257~rc1 + sd_listen_fds@LIBSYSTEMD_209 0 + sd_listen_fds_with_names@LIBSYSTEMD_227 227 + sd_login_monitor_flush@LIBSYSTEMD_209 0 + sd_login_monitor_get_events@LIBSYSTEMD_209 0 + sd_login_monitor_get_fd@LIBSYSTEMD_209 0 + sd_login_monitor_get_timeout@LIBSYSTEMD_209 0 + sd_login_monitor_new@LIBSYSTEMD_209 0 + sd_login_monitor_unref@LIBSYSTEMD_209 0 + sd_machine_get_class@LIBSYSTEMD_211 211 + sd_machine_get_ifindices@LIBSYSTEMD_216 217 + sd_notify@LIBSYSTEMD_209 0 + sd_notify_barrier@LIBSYSTEMD_246 246 + sd_notifyf@LIBSYSTEMD_209 0 + sd_path_lookup@LIBSYSTEMD_246 246 + sd_path_lookup_strv@LIBSYSTEMD_246 246 + sd_peer_get_cgroup@LIBSYSTEMD_226 226 + sd_peer_get_machine_name@LIBSYSTEMD_211 211 + sd_peer_get_owner_uid@LIBSYSTEMD_211 211 + sd_peer_get_session@LIBSYSTEMD_211 211 + sd_peer_get_slice@LIBSYSTEMD_211 211 + sd_peer_get_unit@LIBSYSTEMD_211 211 + sd_peer_get_user_slice@LIBSYSTEMD_220 220 + sd_peer_get_user_unit@LIBSYSTEMD_211 211 + sd_pid_get_cgroup@LIBSYSTEMD_226 226 + sd_pid_get_machine_name@LIBSYSTEMD_209 0 + sd_pid_get_owner_uid@LIBSYSTEMD_209 0 + sd_pid_get_session@LIBSYSTEMD_209 0 + sd_pid_get_slice@LIBSYSTEMD_209 0 + sd_pid_get_unit@LIBSYSTEMD_209 0 + sd_pid_get_user_slice@LIBSYSTEMD_220 220 + sd_pid_get_user_unit@LIBSYSTEMD_209 0 + sd_pid_notify@LIBSYSTEMD_214 214 + sd_pid_notify_barrier@LIBSYSTEMD_254 254 + sd_pid_notify_with_fds@LIBSYSTEMD_219 219 + sd_pid_notifyf@LIBSYSTEMD_214 214 + sd_pid_notifyf_with_fds@LIBSYSTEMD_254 254 + sd_pidfd_get_cgroup@LIBSYSTEMD_253 253 + sd_pidfd_get_machine_name@LIBSYSTEMD_253 253 + sd_pidfd_get_owner_uid@LIBSYSTEMD_253 253 + sd_pidfd_get_session@LIBSYSTEMD_253 253 + sd_pidfd_get_slice@LIBSYSTEMD_253 253 + sd_pidfd_get_unit@LIBSYSTEMD_253 253 + sd_pidfd_get_user_slice@LIBSYSTEMD_253 253 + sd_pidfd_get_user_unit@LIBSYSTEMD_253 253 + sd_seat_can_graphical@LIBSYSTEMD_209 0 + sd_seat_can_multi_session@LIBSYSTEMD_209 0 + sd_seat_can_tty@LIBSYSTEMD_209 0 + sd_seat_get_active@LIBSYSTEMD_209 0 + sd_seat_get_sessions@LIBSYSTEMD_209 0 + sd_session_get_class@LIBSYSTEMD_209 0 + sd_session_get_desktop@LIBSYSTEMD_217 217 + sd_session_get_display@LIBSYSTEMD_209 0 + sd_session_get_leader@LIBSYSTEMD_254 254 + sd_session_get_remote_host@LIBSYSTEMD_209 0 + sd_session_get_remote_user@LIBSYSTEMD_209 0 + sd_session_get_seat@LIBSYSTEMD_209 0 + sd_session_get_service@LIBSYSTEMD_209 0 + sd_session_get_start_time@LIBSYSTEMD_254 254 + sd_session_get_state@LIBSYSTEMD_209 0 + sd_session_get_tty@LIBSYSTEMD_209 0 + sd_session_get_type@LIBSYSTEMD_209 0 + sd_session_get_uid@LIBSYSTEMD_209 0 + sd_session_get_username@LIBSYSTEMD_254 254 + sd_session_get_vt@LIBSYSTEMD_209 0 + sd_session_is_active@LIBSYSTEMD_209 0 + sd_session_is_remote@LIBSYSTEMD_209 0 + sd_uid_get_display@LIBSYSTEMD_213 213 + sd_uid_get_login_time@LIBSYSTEMD_254 254 + sd_uid_get_seats@LIBSYSTEMD_209 0 + sd_uid_get_sessions@LIBSYSTEMD_209 0 + sd_uid_get_state@LIBSYSTEMD_209 0 + sd_uid_is_on_seat@LIBSYSTEMD_209 0 + sd_varlink_attach_event@LIBSYSTEMD_257 257~rc1 + sd_varlink_bind_reply@LIBSYSTEMD_257 257~rc1 + sd_varlink_call@LIBSYSTEMD_257 257~rc1 + sd_varlink_call_full@LIBSYSTEMD_257 257~rc1 + sd_varlink_callb@LIBSYSTEMD_257 257~rc1 + sd_varlink_callb_ap@LIBSYSTEMD_257 257~rc1 + sd_varlink_callb_full@LIBSYSTEMD_257 257~rc1 + sd_varlink_close@LIBSYSTEMD_257 257~rc1 + sd_varlink_close_unref@LIBSYSTEMD_257 257~rc1 + sd_varlink_collect@LIBSYSTEMD_257 257~rc1 + sd_varlink_collect_full@LIBSYSTEMD_257 257~rc1 + sd_varlink_collectb@LIBSYSTEMD_257 257~rc1 + sd_varlink_connect_address@LIBSYSTEMD_257 257~rc1 + sd_varlink_connect_exec@LIBSYSTEMD_257 257~rc1 + sd_varlink_connect_fd@LIBSYSTEMD_257 257~rc1 + sd_varlink_connect_fd_pair@LIBSYSTEMD_257 257~rc1 + sd_varlink_connect_url@LIBSYSTEMD_257 257~rc1 + sd_varlink_detach_event@LIBSYSTEMD_257 257~rc1 + sd_varlink_dispatch@LIBSYSTEMD_257 257~rc1 + sd_varlink_dispatch_again@LIBSYSTEMD_257 257~rc1 + sd_varlink_error@LIBSYSTEMD_257 257~rc1 + sd_varlink_error_errno@LIBSYSTEMD_257 257~rc1 + sd_varlink_error_invalid_parameter@LIBSYSTEMD_257 257~rc1 + sd_varlink_error_invalid_parameter_name@LIBSYSTEMD_257 257~rc1 + sd_varlink_error_is_invalid_parameter@LIBSYSTEMD_257 257~rc1 + sd_varlink_error_to_errno@LIBSYSTEMD_257 257~rc1 + sd_varlink_errorb@LIBSYSTEMD_257 257~rc1 + sd_varlink_flush@LIBSYSTEMD_257 257~rc1 + sd_varlink_flush_close_unref@LIBSYSTEMD_257 257~rc1 + sd_varlink_get_current_parameters@LIBSYSTEMD_257 257~rc1 + sd_varlink_get_event@LIBSYSTEMD_257 257~rc1 + sd_varlink_get_events@LIBSYSTEMD_257 257~rc1 + sd_varlink_get_fd@LIBSYSTEMD_257 257~rc1 + sd_varlink_get_peer_gid@LIBSYSTEMD_257 257~rc1 + sd_varlink_get_peer_pid@LIBSYSTEMD_257 257~rc1 + sd_varlink_get_peer_pidfd@LIBSYSTEMD_257 257~rc1 + sd_varlink_get_peer_uid@LIBSYSTEMD_257 257~rc1 + sd_varlink_get_server@LIBSYSTEMD_257 257~rc1 + sd_varlink_get_timeout@LIBSYSTEMD_257 257~rc1 + sd_varlink_get_userdata@LIBSYSTEMD_257 257~rc1 + sd_varlink_idl_dump@LIBSYSTEMD_257 257~rc1 + sd_varlink_idl_format@LIBSYSTEMD_257 257~rc1 + sd_varlink_idl_format_full@LIBSYSTEMD_257 257~rc1 + sd_varlink_invocation@LIBSYSTEMD_257 257~rc1 + sd_varlink_invoke@LIBSYSTEMD_257 257~rc1 + sd_varlink_invokeb@LIBSYSTEMD_257 257~rc1 + sd_varlink_is_idle@LIBSYSTEMD_257 257~rc1 + sd_varlink_notify@LIBSYSTEMD_257 257~rc1 + sd_varlink_notifyb@LIBSYSTEMD_257 257~rc1 + sd_varlink_observe@LIBSYSTEMD_257 257~rc1 + sd_varlink_observeb@LIBSYSTEMD_257 257~rc1 + sd_varlink_peek_dup_fd@LIBSYSTEMD_257 257~rc1 + sd_varlink_peek_fd@LIBSYSTEMD_257 257~rc1 + sd_varlink_process@LIBSYSTEMD_257 257~rc1 + sd_varlink_push_dup_fd@LIBSYSTEMD_257 257~rc1 + sd_varlink_push_fd@LIBSYSTEMD_257 257~rc1 + sd_varlink_ref@LIBSYSTEMD_257 257~rc1 + sd_varlink_reply@LIBSYSTEMD_257 257~rc1 + sd_varlink_replyb@LIBSYSTEMD_257 257~rc1 + sd_varlink_send@LIBSYSTEMD_257 257~rc1 + sd_varlink_sendb@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_add_connection@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_add_connection_pair@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_add_connection_stdio@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_add_interface@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_add_interface_many_internal@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_attach_event@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_bind_connect@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_bind_disconnect@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_bind_method@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_bind_method_many_internal@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_connections_max@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_connections_per_uid_max@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_current_connections@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_detach_event@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_get_event@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_get_userdata@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_listen_address@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_listen_auto@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_listen_fd@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_loop_auto@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_new@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_ref@LIBSYSTEMD_257 257~rc3 + sd_varlink_server_set_connections_max@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_set_connections_per_uid_max@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_set_description@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_set_exit_on_idle@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_set_info@LIBSYSTEMD_257 257 + sd_varlink_server_set_userdata@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_shutdown@LIBSYSTEMD_257 257~rc1 + sd_varlink_server_unref@LIBSYSTEMD_257 257~rc3 + sd_varlink_set_allow_fd_passing_input@LIBSYSTEMD_257 257~rc1 + sd_varlink_set_allow_fd_passing_output@LIBSYSTEMD_257 257~rc1 + sd_varlink_set_description@LIBSYSTEMD_257 257~rc1 + sd_varlink_set_input_sensitive@LIBSYSTEMD_257 257~rc1 + sd_varlink_set_relative_timeout@LIBSYSTEMD_257 257~rc1 + sd_varlink_set_userdata@LIBSYSTEMD_257 257~rc1 + sd_varlink_take_fd@LIBSYSTEMD_257 257~rc1 + sd_varlink_unref@LIBSYSTEMD_257 257~rc1 + sd_varlink_wait@LIBSYSTEMD_257 257~rc1 + sd_watchdog_enabled@LIBSYSTEMD_209 0 diff --git a/libudev-dev.install b/libudev-dev.install new file mode 100644 index 00000000..ac9a6b44 --- /dev/null +++ b/libudev-dev.install @@ -0,0 +1,3 @@ +usr/include/libudev.h +usr/lib/*/libudev.so +usr/lib/*/pkgconfig/libudev.pc diff --git a/libudev-dev.manpages b/libudev-dev.manpages new file mode 100644 index 00000000..009109ce --- /dev/null +++ b/libudev-dev.manpages @@ -0,0 +1,2 @@ +usr/share/man/man3/udev* +usr/share/man/man3/libudev* diff --git a/libudev1-udeb.install b/libudev1-udeb.install new file mode 100644 index 00000000..1b214e50 --- /dev/null +++ b/libudev1-udeb.install @@ -0,0 +1 @@ +usr/lib/*/libudev.so.* diff --git a/libudev1.install b/libudev1.install new file mode 100644 index 00000000..1b214e50 --- /dev/null +++ b/libudev1.install @@ -0,0 +1 @@ +usr/lib/*/libudev.so.* diff --git a/libudev1.symbols b/libudev1.symbols new file mode 100644 index 00000000..cd976ede --- /dev/null +++ b/libudev1.symbols @@ -0,0 +1,100 @@ +libudev.so.1 libudev1 #MINVER# +* Build-Depends-Package: libudev-dev + LIBUDEV_183@LIBUDEV_183 183 + LIBUDEV_189@LIBUDEV_189 189 + LIBUDEV_196@LIBUDEV_196 196 + LIBUDEV_199@LIBUDEV_199 199 + LIBUDEV_215@LIBUDEV_215 215 + LIBUDEV_247@LIBUDEV_247 247 + udev_device_get_action@LIBUDEV_183 183 + udev_device_get_current_tags_list_entry@LIBUDEV_247 247 + udev_device_get_devlinks_list_entry@LIBUDEV_183 183 + udev_device_get_devnode@LIBUDEV_183 183 + udev_device_get_devnum@LIBUDEV_183 183 + udev_device_get_devpath@LIBUDEV_183 183 + udev_device_get_devtype@LIBUDEV_183 183 + udev_device_get_driver@LIBUDEV_183 183 + udev_device_get_is_initialized@LIBUDEV_183 183 + udev_device_get_parent@LIBUDEV_183 183 + udev_device_get_parent_with_subsystem_devtype@LIBUDEV_183 183 + udev_device_get_properties_list_entry@LIBUDEV_183 183 + udev_device_get_property_value@LIBUDEV_183 183 + udev_device_get_seqnum@LIBUDEV_183 183 + udev_device_get_subsystem@LIBUDEV_183 183 + udev_device_get_sysattr_list_entry@LIBUDEV_183 183 + udev_device_get_sysattr_value@LIBUDEV_183 183 + udev_device_get_sysname@LIBUDEV_183 183 + udev_device_get_sysnum@LIBUDEV_183 183 + udev_device_get_syspath@LIBUDEV_183 183 + udev_device_get_tags_list_entry@LIBUDEV_183 183 + udev_device_get_udev@LIBUDEV_183 183 + udev_device_get_usec_since_initialized@LIBUDEV_183 183 + udev_device_has_current_tag@LIBUDEV_247 247 + udev_device_has_tag@LIBUDEV_183 183 + udev_device_new_from_device_id@LIBUDEV_189 189 + udev_device_new_from_devnum@LIBUDEV_183 183 + udev_device_new_from_environment@LIBUDEV_183 183 + udev_device_new_from_subsystem_sysname@LIBUDEV_183 183 + udev_device_new_from_syspath@LIBUDEV_183 183 + udev_device_ref@LIBUDEV_183 183 + udev_device_set_sysattr_value@LIBUDEV_199 199 + udev_device_unref@LIBUDEV_183 183 + udev_enumerate_add_match_is_initialized@LIBUDEV_183 183 + udev_enumerate_add_match_parent@LIBUDEV_183 183 + udev_enumerate_add_match_property@LIBUDEV_183 183 + udev_enumerate_add_match_subsystem@LIBUDEV_183 183 + udev_enumerate_add_match_sysattr@LIBUDEV_183 183 + udev_enumerate_add_match_sysname@LIBUDEV_183 183 + udev_enumerate_add_match_tag@LIBUDEV_183 183 + udev_enumerate_add_nomatch_subsystem@LIBUDEV_183 183 + udev_enumerate_add_nomatch_sysattr@LIBUDEV_183 183 + udev_enumerate_add_syspath@LIBUDEV_183 183 + udev_enumerate_get_list_entry@LIBUDEV_183 183 + udev_enumerate_get_udev@LIBUDEV_183 183 + udev_enumerate_new@LIBUDEV_183 183 + udev_enumerate_ref@LIBUDEV_183 183 + udev_enumerate_scan_devices@LIBUDEV_183 183 + udev_enumerate_scan_subsystems@LIBUDEV_183 183 + udev_enumerate_unref@LIBUDEV_183 183 + udev_get_log_priority@LIBUDEV_183 183 + udev_get_userdata@LIBUDEV_183 183 + udev_hwdb_get_properties_list_entry@LIBUDEV_196 196 + udev_hwdb_new@LIBUDEV_196 196 + udev_hwdb_ref@LIBUDEV_196 196 + udev_hwdb_unref@LIBUDEV_196 196 + udev_list_entry_get_by_name@LIBUDEV_183 183 + udev_list_entry_get_name@LIBUDEV_183 183 + udev_list_entry_get_next@LIBUDEV_183 183 + udev_list_entry_get_value@LIBUDEV_183 183 + udev_monitor_enable_receiving@LIBUDEV_183 183 + udev_monitor_filter_add_match_subsystem_devtype@LIBUDEV_183 183 + udev_monitor_filter_add_match_tag@LIBUDEV_183 183 + udev_monitor_filter_remove@LIBUDEV_183 183 + udev_monitor_filter_update@LIBUDEV_183 183 + udev_monitor_get_fd@LIBUDEV_183 183 + udev_monitor_get_udev@LIBUDEV_183 183 + udev_monitor_new_from_netlink@LIBUDEV_183 183 + udev_monitor_receive_device@LIBUDEV_183 183 + udev_monitor_ref@LIBUDEV_183 183 + udev_monitor_set_receive_buffer_size@LIBUDEV_183 183 + udev_monitor_unref@LIBUDEV_183 183 + udev_new@LIBUDEV_183 183 + udev_queue_flush@LIBUDEV_215 215 + udev_queue_get_fd@LIBUDEV_215 215 + udev_queue_get_kernel_seqnum@LIBUDEV_183 183 + udev_queue_get_queue_is_empty@LIBUDEV_183 183 + udev_queue_get_queued_list_entry@LIBUDEV_183 183 + udev_queue_get_seqnum_is_finished@LIBUDEV_183 183 + udev_queue_get_seqnum_sequence_is_finished@LIBUDEV_183 183 + udev_queue_get_udev@LIBUDEV_183 183 + udev_queue_get_udev_is_active@LIBUDEV_183 183 + udev_queue_get_udev_seqnum@LIBUDEV_183 183 + udev_queue_new@LIBUDEV_183 183 + udev_queue_ref@LIBUDEV_183 183 + udev_queue_unref@LIBUDEV_183 183 + udev_ref@LIBUDEV_183 183 + udev_set_log_fn@LIBUDEV_183 183 + udev_set_log_priority@LIBUDEV_183 183 + udev_set_userdata@LIBUDEV_183 183 + udev_unref@LIBUDEV_183 183 + udev_util_encode_string@LIBUDEV_183 183 diff --git a/not-installed b/not-installed new file mode 100644 index 00000000..b522bde7 --- /dev/null +++ b/not-installed @@ -0,0 +1,14 @@ +# make dh_missing happy for -A builds +usr/bin/systemd-sysusers.standalone +usr/bin/systemd-tmpfiles.standalone +usr/lib/systemd/systemd-shutdown.standalone +usr/bin/systemd-repart.standalone +usr/lib/*.d/README +usr/lib/udev/*.d/README +usr/lib/sysctl.d/50-default.conf +usr/lib/tmpfiles.d/etc.conf +usr/share/factory/ +usr/bin/systemd-resolve +usr/share/man/man5/crypttab.5 +etc/init.d/ +etc/X11/xinit/xinitrc.d/ diff --git a/patches/series b/patches/series new file mode 100644 index 00000000..8ad1c2a9 --- /dev/null +++ b/patches/series @@ -0,0 +1 @@ +test-answer-2nd-mdadm-create-question-for-compat-with-new.patch diff --git a/patches/test-answer-2nd-mdadm-create-question-for-compat-with-new.patch b/patches/test-answer-2nd-mdadm-create-question-for-compat-with-new.patch new file mode 100644 index 00000000..b82340aa --- /dev/null +++ b/patches/test-answer-2nd-mdadm-create-question-for-compat-with-new.patch @@ -0,0 +1,55 @@ +Author: Luca Boccassi +Description: test: answer 2nd mdadm --create question for compat with new version +Origin: upstream, commit:16406420ea449b75e70a7dced05d7b98bc0f5376 +--- a/test/units/TEST-64-UDEV-STORAGE.sh ++++ b/test/units/TEST-64-UDEV-STORAGE.sh +@@ -1080,7 +1080,7 @@ + "/dev/disk/by-label/$part_name" # ext4 partition + ) + # Create a simple RAID 1 with an ext4 filesystem +- echo y | mdadm --create "$raid_dev" --name "$raid_name" --uuid "$uuid" /dev/disk/by-id/scsi-0systemd_foobar_deadbeefmdadm{0..1} -v -f --level=1 --raid-devices=2 ++ printf 'y\ny\n' | mdadm --create "$raid_dev" --name "$raid_name" --uuid "$uuid" /dev/disk/by-id/scsi-0systemd_foobar_deadbeefmdadm{0..1} -v -f --level=1 --raid-devices=2 + udevadm wait --settle --timeout=30 "$raid_dev" + # udevd does not lock md devices, hence we need to trigger uevent after creating filesystem. + mkfs.ext4 -L "$part_name" "$raid_dev" +@@ -1111,7 +1111,7 @@ + "/dev/disk/by-label/$part_name" # ext4 partition + ) + # Create a simple RAID 5 with an ext4 filesystem +- echo y | mdadm --create "$raid_dev" --name "$raid_name" --uuid "$uuid" /dev/disk/by-id/scsi-0systemd_foobar_deadbeefmdadm{0..2} -v -f --level=5 --raid-devices=3 ++ printf 'y\ny\n' | mdadm --create "$raid_dev" --name "$raid_name" --uuid "$uuid" /dev/disk/by-id/scsi-0systemd_foobar_deadbeefmdadm{0..2} -v -f --level=5 --raid-devices=3 + udevadm wait --settle --timeout=30 "$raid_dev" + mkfs.ext4 -L "$part_name" "$raid_dev" + udevadm trigger --settle "$raid_dev" +@@ -1152,7 +1152,7 @@ + "/dev/disk/by-id/md-uuid-$uuid-part3" + ) + # Create a simple RAID 10 with an ext4 filesystem +- echo y | mdadm --create "$raid_dev" --name "$raid_name" --uuid "$uuid" /dev/disk/by-id/scsi-0systemd_foobar_deadbeefmdadm{0..3} -v -f --level=10 --raid-devices=4 ++ printf 'y\ny\n' | mdadm --create "$raid_dev" --name "$raid_name" --uuid "$uuid" /dev/disk/by-id/scsi-0systemd_foobar_deadbeefmdadm{0..3} -v -f --level=10 --raid-devices=4 + udevadm wait --settle --timeout=30 "$raid_dev" + # Partition the raid device + # Here, 'udevadm lock' is meaningless, as udevd does not lock MD devices. +@@ -1208,7 +1208,7 @@ + "/dev/disk/by-label/$part_name" # ext4 partition + ) + # Create a RAID 10 with LVM + ext4 +- echo y | mdadm --create "$raid_dev" --name "$raid_name" --uuid "$uuid" /dev/disk/by-id/scsi-0systemd_foobar_deadbeefmdadmlvm{0..3} -v -f --level=10 --raid-devices=4 ++ printf 'y\ny\n' | mdadm --create "$raid_dev" --name "$raid_name" --uuid "$uuid" /dev/disk/by-id/scsi-0systemd_foobar_deadbeefmdadmlvm{0..3} -v -f --level=10 --raid-devices=4 + udevadm wait --settle --timeout=30 "$raid_dev" + # Create an LVM on the MD + lvm pvcreate -y "$raid_dev" +--- a/test/units/TEST-74-AUX-UTILS.bootctl.sh ++++ b/test/units/TEST-74-AUX-UTILS.bootctl.sh +@@ -215,9 +215,9 @@ + + udevadm settle + +- echo y | mdadm --create /dev/md/raid-esp --name "raid-esp" "${LOOPDEV1}p1" "${LOOPDEV2}p1" -v -f --level=1 --raid-devices=2 ++ printf 'y\ny\n' | mdadm --create /dev/md/raid-esp --name "raid-esp" "${LOOPDEV1}p1" "${LOOPDEV2}p1" -v -f --level=1 --raid-devices=2 + mkfs.vfat /dev/md/raid-esp +- echo y | mdadm --create /dev/md/raid-root --name "raid-root" "${LOOPDEV1}p2" "${LOOPDEV2}p2" -v -f --level=1 --raid-devices=2 ++ printf 'y\ny\n' | mdadm --create /dev/md/raid-root --name "raid-root" "${LOOPDEV1}p2" "${LOOPDEV2}p2" -v -f --level=1 --raid-devices=2 + mkfs.ext4 /dev/md/raid-root + mkfs.btrfs -f -M -d raid1 -m raid1 -L "raid-boot" "${LOOPDEV1}p3" "${LOOPDEV2}p3" + diff --git a/rules b/rules new file mode 100755 index 00000000..38402f91 --- /dev/null +++ b/rules @@ -0,0 +1,328 @@ +#! /usr/bin/make -f + +#export DH_VERBOSE = 1 +#export DEB_BUILD_OPTIONS = nostrip + +export LC_ALL = C.UTF-8 + +include /usr/share/dpkg/default.mk +include /usr/share/debhelper/dh_package_notes/package-notes.mk + +ifeq (amd64,$(DEB_HOST_ARCH)) +export TEMPLATE_EFI_ARCH=x64 +else ifeq (arm64,$(DEB_HOST_ARCH)) +export TEMPLATE_EFI_ARCH=aa64 +endif + + +ifeq ($(DEB_VENDOR),Ubuntu) + DEFAULT_NTP_SERVERS = ntp.ubuntu.com + SUPPORT_URL = http://www.ubuntu.com/support + CONFFLAGS_DISTRO = \ + -Duser-path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ + -Ddefault-llmnr=no \ + -Ddefault-mdns=no + +else + DEFAULT_NTP_SERVERS = 0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org + SUPPORT_URL = https://www.debian.org/support + CONFFLAGS_DISTRO = +endif + +TEST_TIMEOUT_MULTIPLIER = "-t 10" + +# Fail on missing files and symbol changes on distro builds, but not if we +# build/test upstream master. Also, don't put the debian revision in the version +# tag when we build/test upstream as it doesn't have any meaning in that case +# and it allows using the current date as the debian revision without causing +# unnecessary rebuilds all the time. +ifeq (, $(filter pkg.systemd.upstream, $(DEB_BUILD_PROFILES))) + DH_MISSING ?= --fail-missing + GENSYMBOLS_LEVEL ?= 4 + VERSION_TAG = $(DEB_VERSION) +else + DH_MISSING ?= --list-missing + GENSYMBOLS_LEVEL ?= 1 + VERSION_TAG = $(DEB_VERSION_UPSTREAM) +endif + +# Make sure that DEB_BUILD_OPTIONS can be used by users to override any options +# we set here (By default DEB_BUILD_MAINT_OPTIONS overrides DEB_BUILD_OPTIONS). +export DEB_BUILD_MAINT_OPTIONS = optimize=+lto hardening=+pie $(DEB_BUILD_OPTIONS) + +CONFFLAGS = \ + -Dstatic-libsystemd=true \ + -Dmode=release \ + -Dversion-tag="$(VERSION_TAG)" \ + -Dquotaon-path=/usr/sbin/quotaon \ + -Dquotacheck-path=/usr/sbin/quotacheck \ + -Dkmod-path=/usr/bin/kmod \ + -Dkexec-path=/usr/sbin/kexec \ + -Dsulogin-path=/usr/sbin/sulogin \ + -Dmount-path=/usr/bin/mount \ + -Dumount-path=/usr/bin/umount \ + -Dloadkeys-path=/usr/bin/loadkeys \ + -Dsetfont-path=/usr/bin/setfont \ + -Dnologin-path=/usr/sbin/nologin \ + -Dsysvinit-path=/etc/init.d \ + -Dsysvrcnd-path=/etc \ + -Dlocalegen-path=/usr/sbin/locale-gen \ + -Ddebug-shell=/usr/bin/bash \ + -Dzshcompletiondir=/usr/share/zsh/vendor-completions \ + -Ddbuspolicydir=/usr/share/dbus-1/system.d/ \ + -Dsupport-url=$(SUPPORT_URL) \ + -Ddefault-kill-user-processes=false \ + -Ddefault-dnssec=no \ + -Dpamconfdir=no \ + -Dpamlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/security \ + -Drpmmacrosdir=no \ + -Dvconsole=false \ + -Dfirstboot=true \ + -Dxkbcommon=disabled \ + -Dwheel-group=false \ + -Doomd=true \ + -Durlify=true \ + -Dgnutls=disabled \ + -Dlink-udev-shared=false \ + -Dlink-systemctl-shared=false \ + -Dntp-servers="$(DEFAULT_NTP_SERVERS)" \ + -Dsystem-uid-max=999 \ + -Dsystem-gid-max=999 \ + -Dnobody-user=nobody \ + -Dnobody-group=nogroup \ + -Ddev-kvm-mode=0660 \ + -Dgroup-render-mode=0660 \ + -Dsbat-distro-url=https://tracker.debian.org/pkg/systemd \ + -Drepart=enabled \ + -Dfdisk=enabled \ + -Dsysext=true \ + -Dnscd=true \ + -Dselinux=enabled \ + -Dhwdb=true \ + -Dsysusers=true \ + -Dinstall-tests=$(if $(filter noinsttest,$(DEB_BUILD_PROFILES)),false,true) \ + -Dman=$(if $(filter nodoc,$(DEB_BUILD_PROFILES)),disabled,enabled) \ + -Ddbus-interfaces-dir=$(if $(filter nodoc,$(DEB_BUILD_PROFILES)),no,yes) \ + -Dtranslations=true \ + -Dnss-myhostname=true \ + -Dnss-mymachines=enabled \ + -Dnss-resolve=enabled \ + -Dnss-systemd=true \ + -Dresolve=true \ + -Dstatus-unit-format-default=combined \ + -Dstandalone-binaries=true \ + -Dutmp=false \ + -Dmode=$(if $(filter pkg.systemd.upstream,$(DEB_BUILD_PROFILES)),developer,release) + +ifeq ($(filter nocheck,$(DEB_BUILD_PROFILES))$(filter noinsttest,$(DEB_BUILD_PROFILES)),nochecknoinsttest) +CONFFLAGS += -Dtests=false +else +CONFFLAGS += -Dtests=true +endif + +ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES))) +CONFFLAGS += \ + -Daudit=enabled \ + -Dlibcryptsetup=enabled \ + -Dlibcryptsetup-plugins=enabled \ + -Dcoredump=true \ + -Delfutils=enabled \ + -Dapparmor=enabled \ + -Dlibidn2=enabled \ + -Dlibiptc=enabled \ + -Dlibcurl=enabled \ + -Dimportd=enabled \ + -Dmicrohttpd=enabled \ + -Dopenssl=enabled \ + -Dcryptolib=openssl \ + -Ddns-over-tls=openssl \ + -Dlibfido2=enabled \ + -Dtpm2=enabled \ + -Dp11kit=enabled \ + -Dqrencode=enabled \ + -Dpwquality=enabled \ + -Dhomed=enabled \ + -Duserdb=true \ + -Dpcre2=enabled \ + -Dukify=enabled \ + -Dbootloader=$(if $(filter amd64 i386 arm64 armhf riscv64,$(DEB_HOST_ARCH)),enabled,disabled) \ + -Dsysupdate=enabled +else +CONFFLAGS += \ + -Daudit=disabled \ + -Dlibcryptsetup=disabled \ + -Dlibcryptsetup-plugins=disabled \ + -Dcoredump=false \ + -Delfutils=disabled \ + -Dapparmor=disabled \ + -Dlibidn2=disabled \ + -Dlibiptc=disabled \ + -Dlibcurl=disabled \ + -Dimportd=disabled \ + -Dmicrohttpd=disabled \ + -Dopenssl=disabled \ + -Dlibfido2=disabled \ + -Dtpm2=disabled \ + -Dp11kit=disabled \ + -Dqrencode=disabled \ + -Dpwquality=disabled \ + -Dhomed=disabled \ + -Duserdb=false \ + -Dpcre2=disabled \ + -Dukify=disabled \ + -Dbootloader=disabled \ + -Dsysupdate=disabled +endif + +# BPF/BTF are only enabled and usable on a few architectures +ifeq (, $(filter $(DEB_BUILD_PROFILES), stage1 pkg.systemd.nobpf)) +ifneq (,$(filter $(DEB_TARGET_ARCH), amd64 arm64 ppc64el riscv64 s390x)) +CONFFLAGS += \ + -Dbpf-framework=enabled \ + -Dbpf-compiler=clang + +ifeq ($(DEB_VENDOR),Ubuntu) +# Source: https://git.launchpad.net/ubuntu/+source/xdp-tools/tree/debian/rules +# On Ubuntu, the `bpftool` in path is a shell wrapper pointing at +# the binary corresponding to runtime kernel version. +# +# We do not know the kernel version being used on the system building +# this package, and in sbuild/container environments uname might not +# even match anything available to the build. +# Gladly for the build we only need the tool to generate skeleton code. +# +# If any /usr/lib/linux-tools/*/bpftool exists, locate the most recent +# version and point to that, otherwise `bpftool` from PATH will be +# used. +bpftool_binary := $(shell find /usr/lib/linux-tools/ -name 'bpftool' -perm /u=x 2>/dev/null | sort | head -n1) +ifneq ($(bpftool_binary),) +export PATH := $(shell dirname $(bpftool_binary)):$(PATH) +endif +endif + +# TODO: once linux-bpf-dev is available in all releases that we build for, drop the +# conditional on the wildcard and the alternative dependency on linux-headers-generic +ifneq ("$(wildcard /usr/include/$(DEB_HOST_MULTIARCH)/linux/bpf/vmlinux.h)","") +CONFFLAGS += -Dvmlinux-h=provided -Dvmlinux-h-path=/usr/include/$(DEB_HOST_MULTIARCH)/linux/bpf/vmlinux.h +else +ifneq (, $(filter pkg.systemd.upstream, $(DEB_BUILD_PROFILES))) +CONFFLAGS += -Dvmlinux-h=auto +else +CONFFLAGS += -Dvmlinux-h=disabled +endif +endif +endif +endif + +ifeq (, $(filter pkg.systemd.upstream, $(DEB_BUILD_PROFILES))) +CONFFLAGS += -Ddns-servers='' +endif + +# Increase the minimum number of sections to keep free in stub PE header in +# order to be able to create an UKI file with many DTBs (each of them is stored +# in a different .dtbauto section) +ifneq (,$(filter $(DEB_TARGET_ARCH), arm64 armhf riscv64)) +CONFFLAGS += -Defi-stub-extra-sections=500 +endif + +override_dh_auto_configure: + dh_auto_configure \ + -- $(CONFFLAGS) $(CONFFLAGS_DISTRO) $(CONFFLAGS_UPSTREAM) + +execute_before_dh_auto_build: + # blhc false positives: C++ fuzz test program, cc -E flags listing, PE-COFF EFI binaries + @echo 'blhc: ignore-line-regexp: .* -o test-bus-vtable-cc.*' + @echo 'blhc: ignore-line-regexp: .*cc -E.*' + @echo 'blhc: ignore-line-regexp: .* -o src/boot/.*' + +execute_before_dh_auto_clean: +ifneq (, $(filter pkg.systemd.upstream, $(DEB_BUILD_PROFILES))) + debian/extra/checkout-upstream +endif + +execute_before_dh_install: + # remove unnecessary / unused files that are picked up by wildcards/directory listings in dh_install + rm -rf debian/tmp/usr/share/doc/systemd/LICENSES/ + rm -f debian/tmp/usr/share/doc/systemd/LICENSE.* + rm -f debian/tmp/usr/lib/udev/*.d/README + # replace upstream sysusers.d/basic.conf with proper users for Debian + if [ -d debian/tmp/usr/lib/sysusers.d/ ]; then \ + debian/extra/make-sysusers-basic > debian/tmp/usr/lib/sysusers.d/basic.conf; \ + fi + +execute_after_dh_install-arch: + # Ubuntu specific files +ifeq ($(DEB_VENDOR),Ubuntu) + install -D --mode=644 debian/extra/udev.py debian/udev/usr/share/apport/package-hooks/udev.py + install -D --mode=644 debian/extra/systemd.py debian/systemd/usr/share/apport/package-hooks/systemd.py + install --mode=644 debian/extra/rules-ubuntu/*.rules debian/udev/usr/lib/udev/rules.d/ + install -D --mode=644 debian/extra/resolved.conf.d/cache-no-negative.conf debian/systemd-resolved/usr/lib/systemd/resolved.conf.d/cache-no-negative.conf + cp -a debian/extra/units-ubuntu/* debian/systemd/usr/lib/systemd/system/ +endif + +ifeq (,$(filter stage1 pkg.systemd.upstream, $(DEB_BUILD_PROFILES))) +ifeq ($(DEB_VENDOR),Debian) +ifneq ($(TEMPLATE_EFI_ARCH),) + debian/extra/gen-signing-template $(DEB_VERSION) $(DEB_HOST_ARCH) $(TEMPLATE_EFI_ARCH) +endif +endif +endif + +override_dh_missing: + dh_missing $(DH_MISSING) + +override_dh_installsystemd: + dh_installsystemd -psystemd-timesyncd + dh_installsystemd -psystemd-oomd systemd-oomd.service + dh_installsystemd -psystemd-oomd --no-stop-on-upgrade systemd-oomd.socket + dh_installsystemd -psystemd-container --no-stop-on-upgrade machines.target + dh_installsystemd -psystemd-userdbd --no-stop-on-upgrade systemd-userdbd.socket + dh_installsystemd -psystemd-homed --no-also systemd-homed.service systemd-homed-activate.service + dh_installsystemd -psystemd-resolved + dh_installsystemd -pudev systemd-udevd.service + +override_dh_installsystemduser: + +execute_after_dh_installsysusers: + dh_installsysusers -pudev --name=debian-udev + +PROJECT_VERSION ?= $(shell awk '/(PROJECT|PACKAGE)_VERSION / {print $$3}' obj-$(DEB_HOST_GNU_TYPE)/config.h | tr -d \") + +# The SysV compat tools (which are symlinks to systemctl) are +# quasi-essential, so add their dependencies to Pre-Depends +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753589 +override_dh_shlibdeps: + dh_shlibdeps -psystemd -Llibsystemd-shared -- \ + -dPre-Depends -edebian/systemd/usr/bin/systemctl \ + -dDepends + dh_shlibdeps -plibsystemd-shared -lusr/lib/$(DEB_HOST_MULTIARCH)/systemd + dh_shlibdeps --remaining-packages -Llibsystemd-shared + +override_dh_makeshlibs: + sed 's/SHARED_LIB_VERSION/$(PROJECT_VERSION)/' debian/shlibs.local.in > debian/shlibs.local + dh_makeshlibs -plibudev1 --add-udeb=libudev1-udeb -- -c$(GENSYMBOLS_LEVEL) + dh_makeshlibs -plibsystemd-shared -Xlibsystemd-shared -Xlibsystemd-core -- -c$(GENSYMBOLS_LEVEL) + dh_makeshlibs --remaining-packages -- -c$(GENSYMBOLS_LEVEL) + +override_dh_auto_test: +ifeq (, $(filter nocheck, $(DEB_BUILD_OPTIONS))) + # some tests hang under fakeroot, so disable fakeroot + env -u LD_PRELOAD meson test -C obj-$(DEB_HOST_GNU_TYPE) --print-errorlogs $(TEST_TIMEOUT_MULTIPLIER) +endif + +ifeq ($(DEB_VENDOR),Ubuntu) +ifeq (, $(filter pkg.systemd.upstream, $(DEB_BUILD_PROFILES))) +execute_after_dh_link: + # Mask systemd-gpt-auto-generator by default on Ubuntu + dh_link -psystemd /dev/null /etc/systemd/system-generators/systemd-gpt-auto-generator +endif +endif + +%: + dh $@ + +# TODO: ideally it should be possible to disable this via an env var or DEB_BUILD_OPTIONS +override_dh_strip_nondeterminism: +ifeq (, $(filter pkg.systemd.upstream, $(DEB_BUILD_PROFILES))) + dh_strip_nondeterminism +endif diff --git a/salsa-ci.yml b/salsa-ci.yml new file mode 100644 index 00000000..3c6cd7cb --- /dev/null +++ b/salsa-ci.yml @@ -0,0 +1,14 @@ +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml + +variables: + # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011649 + SALSA_CI_DISABLE_PIUPARTS: 1 + SALSA_CI_ENABLE_BUILD_PACKAGE_PROFILES: 1 + +test-build-profiles: + extends: .test-build-package-profiles + parallel: + matrix: + - BUILD_PROFILES: nocheck,stage1 diff --git a/shlibs.local.in b/shlibs.local.in new file mode 100644 index 00000000..085835db --- /dev/null +++ b/shlibs.local.in @@ -0,0 +1,4 @@ +udeb: libudev 1 libudev1-udeb +libsystemd 0 libsystemd0 (= ${binary:Version}) +libsystemd-shared SHARED_LIB_VERSION libsystemd-shared (= ${binary:Version}) +libsystemd-core SHARED_LIB_VERSION libsystemd-shared (= ${binary:Version}) diff --git a/signing-template/README.source b/signing-template/README.source new file mode 100644 index 00000000..36fb03e8 --- /dev/null +++ b/signing-template/README.source @@ -0,0 +1,4 @@ +This source package is generated by the Debian signing service from a +template built by the fwupd package. It should never be updated directly. + + -- Steve McIntyre <93sam@debian.org> Sat, 07 Apr 2018 12:44:55 +0100 diff --git a/signing-template/control b/signing-template/control new file mode 100644 index 00000000..cfe456f9 --- /dev/null +++ b/signing-template/control @@ -0,0 +1,25 @@ +Source: systemd-boot-efi-${DEB_HOST_ARCH}-signed +Section: admin +Priority: optional +Maintainer: Debian systemd Maintainers +Build-Depends: debhelper-compat (= 13), + sbsigntool, + systemd-boot-efi (= ${DEB_VERSION}), +Standards-Version: 4.7.0 +Rules-Requires-Root: no +Vcs-Git: https://salsa.debian.org/systemd-team/systemd.git +Vcs-Browser: https://salsa.debian.org/systemd-team/systemd + +Package: systemd-boot-efi-${DEB_HOST_ARCH}-signed +Architecture: ${DEB_HOST_ARCH} +Provides: systemd-boot-efi-signed +Built-Using: systemd (= ${DEB_VERSION_SOURCE}) +Description: Tools to manage UEFI firmware updates (signed) + systemd is a system and service manager for Linux. It provides aggressive + parallelization capabilities, uses socket and D-Bus activation for starting + services, offers on-demand starting of daemons, keeps track of processes using + Linux control groups, maintains mount and automount points and implements an + elaborate transactional dependency-based service control logic. + . + This package provides systemd's tools for EFI boot: + * signed efi binaries diff --git a/signing-template/install b/signing-template/install new file mode 100644 index 00000000..65ed8478 --- /dev/null +++ b/signing-template/install @@ -0,0 +1 @@ +*.efi.signed /usr/lib/systemd/boot/efi diff --git a/signing-template/rules b/signing-template/rules new file mode 100755 index 00000000..b2483427 --- /dev/null +++ b/signing-template/rules @@ -0,0 +1,18 @@ +#!/usr/bin/make -f + +include /usr/share/dpkg/default.mk + +BINARY = systemd-boot${TEMPLATE_EFI_ARCH}.efi +INSTALLED = usr/lib/systemd/boot/efi/$(BINARY) +SIGNATURE = debian/signatures/systemd-boot-efi/$(INSTALLED).sig + +%: + dh $@ + +override_dh_auto_build: + cp /$(INSTALLED) $(BINARY) + sbattach --attach $(SIGNATURE) $(BINARY) + mv $(BINARY) $(BINARY).signed + +override_dh_gencontrol: + dh_gencontrol -- -v${DEB_VERSION} diff --git a/signing-template/source/format b/signing-template/source/format new file mode 100644 index 00000000..89ae9db8 --- /dev/null +++ b/signing-template/source/format @@ -0,0 +1 @@ +3.0 (native) diff --git a/signing-template/triggers b/signing-template/triggers new file mode 100644 index 00000000..dffd1ccd --- /dev/null +++ b/signing-template/triggers @@ -0,0 +1 @@ +activate-noawait systemd-boot-signed diff --git a/source/format b/source/format new file mode 100644 index 00000000..163aaf8d --- /dev/null +++ b/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/source/lintian-overrides b/source/lintian-overrides new file mode 100644 index 00000000..eade8b06 --- /dev/null +++ b/source/lintian-overrides @@ -0,0 +1,7 @@ +systemd source: very-long-line-length-in-source-file +# Data formats are not compatible +systemd source: source-contains-data-from-ieee-data-oui-db +# Generated from template from same sources +systemd source: version-substvar-for-external-package +# We add and remove constantly, no need to go back and forth on dh-exec +systemd source: dh-exec-script-without-dh-exec-features diff --git a/systemd-boot-efi-amd64-signed-template.lintian-overrides b/systemd-boot-efi-amd64-signed-template.lintian-overrides new file mode 100644 index 00000000..170a3f65 --- /dev/null +++ b/systemd-boot-efi-amd64-signed-template.lintian-overrides @@ -0,0 +1 @@ +systemd-boot-efi-amd64-signed-template: script-not-executable [usr/share/code-signing/systemd-boot-efi-amd64-signed-template/source-template/debian/rules] diff --git a/systemd-boot-efi-arm64-signed-template.lintian-overrides b/systemd-boot-efi-arm64-signed-template.lintian-overrides new file mode 100644 index 00000000..ccdf68c5 --- /dev/null +++ b/systemd-boot-efi-arm64-signed-template.lintian-overrides @@ -0,0 +1 @@ +systemd-boot-efi-arm64-signed-template: script-not-executable [usr/share/code-signing/systemd-boot-efi-arm64-signed-template/source-template/debian/rules] diff --git a/systemd-boot-efi.install b/systemd-boot-efi.install new file mode 100644 index 00000000..1cb75d0b --- /dev/null +++ b/systemd-boot-efi.install @@ -0,0 +1 @@ +usr/lib/systemd/boot/ diff --git a/systemd-boot.install b/systemd-boot.install new file mode 100644 index 00000000..14eff2ab --- /dev/null +++ b/systemd-boot.install @@ -0,0 +1,13 @@ +usr/bin/bootctl +usr/lib/systemd/systemd-bless-boot +usr/lib/systemd/system-generators/systemd-bless-boot-generator +usr/lib/systemd/system/sockets.target.wants/systemd-bootctl.socket +usr/lib/systemd/system/sysinit.target.wants/systemd-boot-random-seed.service +usr/lib/systemd/system/systemd-bless-boot.service +usr/lib/systemd/system/systemd-bootctl.socket +usr/lib/systemd/system/systemd-bootctl@.service +usr/lib/systemd/system/systemd-boot-random-seed.service +usr/lib/systemd/system/systemd-boot-update.service +usr/share/bash-completion/completions/bootctl +../extra/initramfs etc/ +../extra/kernel etc/ diff --git a/systemd-boot.lintian-overrides b/systemd-boot.lintian-overrides new file mode 100644 index 00000000..2370c0d4 --- /dev/null +++ b/systemd-boot.lintian-overrides @@ -0,0 +1,2 @@ +# Lintian is really bad at associating manpages +systemd-boot: spare-manual-page diff --git a/systemd-boot.maintscript b/systemd-boot.maintscript new file mode 100644 index 00000000..cac18230 --- /dev/null +++ b/systemd-boot.maintscript @@ -0,0 +1,2 @@ +mv_conffile /etc/kernel/postinst.d/systemd-boot /etc/kernel/postinst.d/zz-systemd-boot 251.4-4~ +mv_conffile /etc/kernel/postrm.d/systemd-boot /etc/kernel/postrm.d/zz-systemd-boot 251.4-4~ diff --git a/systemd-boot.manpages b/systemd-boot.manpages new file mode 100644 index 00000000..91aecb56 --- /dev/null +++ b/systemd-boot.manpages @@ -0,0 +1,11 @@ +usr/share/man/man1/bootctl.1 +usr/share/man/man5/loader.conf.5 +usr/share/man/man7/sd-boot.7 +usr/share/man/man7/sd-stub.7 +usr/share/man/man7/*.efi.stub.7 +usr/share/man/man7/systemd-boot.7 +usr/share/man/man7/systemd-stub.7 +usr/share/man/man8/systemd-bless-boot.8 +usr/share/man/man8/systemd-bless-boot-generator.8 +usr/share/man/man8/systemd-bless-boot.service.8 +usr/share/man/man8/systemd-boot-random-seed.service.8 diff --git a/systemd-boot.postinst b/systemd-boot.postinst new file mode 100644 index 00000000..d2139784 --- /dev/null +++ b/systemd-boot.postinst @@ -0,0 +1,252 @@ +#!/bin/sh + +# When installing/updating systemd-boot, if _both_ signed shim and signed systemd-boot are available, and +# signed grub is not available, then take over the ESP and the EFI boot entry, install systemd-boot as the +# second stage loader, and install signed shim as the first stage loader and add a boot entry named after +# the OS vendor pointing to it, and mark it as the default. +# +# When triggered, given dpkg does not tell us whether the trigger added or removed a file, if signed +# grub is available then do nothing and assume it will take over the ESP. If it is not, and either +# signed shim or signed systemd-boot or both are not available, then remove all of them from the ESP +# and the EFI boot entry. If both signed shim and signed systemd-boot are available, then update them +# in the ESP. + +set -e + +remove_shim() { + case "$(dpkg --print-architecture)" in + amd64) + efi_arch_upper=X64 + efi_arch=x64 + grub_arch=x86_64 + ;; + arm64) + efi_arch_upper=AA64 + efi_arch=aa64 + grub_arch=arm64 + ;; + *) + return + esac + + # shellcheck disable=SC1091 + . /etc/os-release || . /usr/lib/os-release + vendor="${ID:-debian}" + vendor_upper="$(echo "$vendor" | cut -c1 | tr '[:lower:]' '[:upper:]')$(echo "$vendor" | cut -c2-)" + + esp_path="$(bootctl --quiet --print-esp-path 2>/dev/null)" + if [ -z "$esp_path" ]; then + return + fi + + if [ -f "/usr/lib/grub/${grub_arch}-efi-signed/grub${efi_arch}.efi.signed" ]; then + return + fi + + if [ ! -f "${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" ]; then + return + fi + + if [ ! -f "${esp_path}/EFI/systemd/systemd-boot${efi_arch}.efi" ]; then + return + fi + + if [ "$(<"${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" sha256sum)" != "$(<"${esp_path}/EFI/systemd/systemd-boot${efi_arch}.efi" sha256sum)" ]; then + return + fi + + if [ -f "${esp_path}/EFI/BOOT/BOOT${efi_arch_upper}.efi" ] && [ "$(<"${esp_path}/EFI/BOOT/BOOT${efi_arch_upper}.efi" sha256sum)" = "$(<"${esp_path}/EFI/${vendor}/shim${efi_arch}.efi" sha256sum)" ]; then + rm -f "${esp_path}/EFI/BOOT/BOOT${efi_arch_upper}.efi" + fi + + for f in shim fb mm; do + rm -f "${esp_path}/EFI/${vendor}/${f}${efi_arch}.efi" + done + + rm -f "${esp_path}/EFI/${vendor}/BOOT${efi_arch_upper}.CSV" + rmdir --ignore-fail-on-non-empty "${esp_path}/EFI/${vendor}" || true + + if command -v efibootmgr >/dev/null 2>&1 && efibootmgr | grep -q "Boot.*${vendor_upper}.*EFI\\\\${vendor}\\\\shim${efi_arch}.efi"; then + bootentry="$(efibootmgr | grep "Boot.*${vendor_upper}.*EFI\\\\${vendor}\\\\shim${efi_arch}.efi" | cut -d' ' -f1 | sed -e 's/Boot//' -e 's/*//')" + efibootmgr -q --delete-bootnum --bootnum "$bootentry" + fi +} + +remove_signed() { + case "$(dpkg --print-architecture)" in + amd64) + efi_arch=x64 + grub_arch=x86_64 + ;; + arm64) + efi_arch=aa64 + grub_arch=arm64 + ;; + *) + return + esac + + # shellcheck disable=SC1091 + . /etc/os-release || . /usr/lib/os-release + vendor="${ID:-debian}" + + esp_path="$(bootctl --quiet --print-esp-path 2>/dev/null)" + if [ -z "$esp_path" ]; then + return + fi + + if [ ! -f "${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" ]; then + return + fi + + if [ "$(<"${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" sha256sum)" != "$(<"${esp_path}/EFI/systemd/systemd-boot${efi_arch}.efi" sha256sum)" ]; then + return + fi + + rm -f "${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" +} + +install_shim() { + case "$(dpkg --print-architecture)" in + amd64) + efi_arch_upper=X64 + efi_arch=x64 + grub_arch=x86_64 + ;; + arm64) + efi_arch_upper=AA64 + efi_arch=aa64 + grub_arch=arm64 + ;; + *) + return + esac + + if [ ! -f "/usr/lib/shim/shim${efi_arch}.efi.signed" ] || [ ! -f "/usr/lib/systemd/boot/efi/systemd-boot${efi_arch}.efi.signed" ]; then + if [ "$1" = trigger ]; then + remove_shim + fi + return + fi + + if [ -f "/usr/lib/grub/${grub_arch}-efi-signed/grub${efi_arch}.efi.signed" ]; then + return + fi + + esp_path="$(bootctl --quiet --print-esp-path 2>/dev/null)" + if [ -z "$esp_path" ]; then + return + fi + + # shellcheck disable=SC1091 + . /etc/os-release || . /usr/lib/os-release + vendor="${ID:-debian}" + vendor_upper="$(echo "$vendor" | cut -c1 | tr '[:lower:]' '[:upper:]')$(echo "$vendor" | cut -c2-)" + + for f in shim fb mm; do + if [ ! -f "/usr/lib/shim/${f}${efi_arch}.efi.signed" ]; then + continue + fi + if [ -f "${esp_path}/EFI/${vendor}/${f}${efi_arch}.efi" ] && [ "$(<"${esp_path}/EFI/${vendor}/${f}${efi_arch}.efi" sha256sum)" = "$(<"/usr/lib/shim/${f}${efi_arch}.efi.signed" sha256sum)" ]; then + continue + fi + install -p -D "/usr/lib/shim/${f}${efi_arch}.efi.signed" "${esp_path}/EFI/${vendor}/${f}${efi_arch}.efi" + done + + if [ -f "${esp_path}/EFI/BOOT/BOOT${efi_arch_upper}.efi" ] && [ "$(<"${esp_path}/EFI/BOOT/BOOT${efi_arch_upper}.efi" sha256sum)" = "$(<"/usr/lib/shim/shim${efi_arch}.efi.signed" sha256sum)" ]; then + return + fi + + install -p -D "/usr/lib/shim/shim${efi_arch}.efi.signed" "${esp_path}/EFI/BOOT/BOOT${efi_arch_upper}.efi" + + if [ ! -f "${esp_path}/EFI/${vendor}/BOOT${efi_arch_upper}.CSV" ]; then + echo "shim${efi_arch}.efi,${vendor},,This is the boot entry for ${vendor}" > "${esp_path}/EFI/${vendor}/BOOT${efi_arch_upper}.CSV" + fi + + if command -v efibootmgr >/dev/null 2>&1 && ! efibootmgr | grep -q "Boot.*${vendor_upper}.*EFI\\\\${vendor}\\\\shim${efi_arch}.efi"; then + blkpart="$(findmnt -nvo SOURCE "$esp_path")" + if [ ! -L "/sys/class/block/${blkpart##*/}" ]; then + return + fi + drive="$(readlink -f "/sys/class/block/${blkpart##*/}")" + drive="${drive%/*}" + drive="/dev/${drive##*/}" + partno="$(cat "/sys/class/block/${blkpart##*/}/partition")" + efibootmgr -q --create --disk "$drive" --part "$partno" --loader "EFI/${vendor}/shim${efi_arch}.efi" --label "${vendor_upper}" + fi +} + +install_signed() { + case "$(dpkg --print-architecture)" in + amd64) + efi_arch=x64 + grub_arch=x86_64 + ;; + arm64) + efi_arch=aa64 + grub_arch=arm64 + ;; + *) + return + esac + + if [ ! -f "/usr/lib/shim/shim${efi_arch}.efi.signed" ] || [ ! -f "/usr/lib/systemd/boot/efi/systemd-boot${efi_arch}.efi.signed" ]; then + if [ "$1" = trigger ]; then + remove_signed + fi + return + fi + + if [ -f "/usr/lib/grub/${grub_arch}-efi-signed/grub${efi_arch}.efi.signed" ]; then + return + fi + + esp_path="$(bootctl --quiet --print-esp-path 2>/dev/null)" + if [ -z "$esp_path" ]; then + return + fi + + # shellcheck disable=SC1091 + . /etc/os-release || . /usr/lib/os-release + vendor="${ID:-debian}" + + if [ -f "${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" ] && [ "$(<"${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" sha256sum)" = "$(<"/usr/lib/systemd/boot/efi/systemd-boot${efi_arch}.efi.signed" sha256sum)" ]; then + return + fi + + install -p -D "/usr/lib/systemd/boot/efi/systemd-boot${efi_arch}.efi.signed" "${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" +} + +if [ "$1" = configure ] && bootctl --print-esp-path > /dev/null 2>&1; then + if bootctl is-installed > /dev/null 2>&1; then + bootctl update --graceful + else + bootctl install --make-machine-id-directory=auto + fi + install_signed install + install_shim install + + if [ -z "$2" ]; then + # register existing kernel(s) + for k in /boot/vmlinuz-* ; do + [ -f "$k" ] || continue + ver=$(basename "$k" | sed s/^vmlinuz-//) + kernel-install add "$ver" "$k" + done + fi +fi + +if [ "$1" = triggered ]; then + shift + for trigger in "$@"; do + case $trigger in + /usr/lib/shim|/usr/lib/grub|systemd-boot-signed) + install_shim trigger + install_signed trigger + ;; + esac + done + exit 0 +fi + +#DEBHELPER# diff --git a/systemd-boot.prerm b/systemd-boot.prerm new file mode 100644 index 00000000..47bda4ce --- /dev/null +++ b/systemd-boot.prerm @@ -0,0 +1,111 @@ +#!/bin/sh + +set -e + +remove_signed() { + case "$(dpkg --print-architecture)" in + amd64) + efi_arch=x64 + grub_arch=x86_64 + ;; + arm64) + efi_arch=aa64 + grub_arch=arm64 + ;; + *) + return + esac + + # shellcheck disable=SC1091 + . /etc/os-release || . /usr/lib/os-release + vendor="${ID:-debian}" + + esp_path="$(bootctl --quiet --print-esp-path 2>/dev/null)" + if [ -z "$esp_path" ]; then + return + fi + + if [ ! -f "${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" ]; then + return + fi + + if [ "$(<"${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" sha256sum)" != "$(<"${esp_path}/EFI/systemd/systemd-boot${efi_arch}.efi" sha256sum)" ]; then + return + fi + + rm -f "${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" +} + +remove_shim() { + case "$(dpkg --print-architecture)" in + amd64) + efi_arch_upper=X64 + efi_arch=x64 + grub_arch=x86_64 + ;; + arm64) + efi_arch_upper=AA64 + efi_arch=aa64 + grub_arch=arm64 + ;; + *) + return + esac + + # shellcheck disable=SC1091 + . /etc/os-release || . /usr/lib/os-release + vendor="${ID:-debian}" + vendor_upper="$(echo "$vendor" | cut -c1 | tr '[:lower:]' '[:upper:]')$(echo "$vendor" | cut -c2-)" + + esp_path="$(bootctl --quiet --print-esp-path 2>/dev/null)" + if [ -z "$esp_path" ]; then + return + fi + + if [ -f "/usr/lib/grub/${grub_arch}-efi-signed/grub${efi_arch}.efi.signed" ]; then + return + fi + + if [ ! -f "${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" ]; then + return + fi + + if [ ! -f "${esp_path}/EFI/systemd/systemd-boot${efi_arch}.efi" ]; then + return + fi + + if [ "$(<"${esp_path}/EFI/${vendor}/grub${efi_arch}.efi" sha256sum)" != "$(<"${esp_path}/EFI/systemd/systemd-boot${efi_arch}.efi" sha256sum)" ]; then + return + fi + + if [ -f "${esp_path}/EFI/BOOT/BOOT${efi_arch_upper}.efi" ] && [ "$(<"${esp_path}/EFI/BOOT/BOOT${efi_arch_upper}.efi" sha256sum)" = "$(<"${esp_path}/EFI/${vendor}/shim${efi_arch}.efi" sha256sum)" ]; then + rm -f "${esp_path}/EFI/BOOT/BOOT${efi_arch_upper}.efi" + fi + + for f in shim fb mm; do + rm -f "${esp_path}/EFI/${vendor}/${f}${efi_arch}.efi" + done + + rm -f "${esp_path}/EFI/${vendor}/BOOT${efi_arch_upper}.CSV" + rmdir --ignore-fail-on-non-empty "${esp_path}/EFI/${vendor}" || true + + if command -v efibootmgr >/dev/null 2>&1 && efibootmgr | grep -q "Boot.*${vendor_upper}.*EFI\\\\${vendor}\\\\shim${efi_arch}.efi"; then + bootentry="$(efibootmgr | grep "Boot.*${vendor_upper}.*EFI\\\\${vendor}\\\\shim${efi_arch}.efi" | cut -d' ' -f1 | sed -e 's/Boot//' -e 's/*//')" + efibootmgr -q --delete-bootnum --bootnum "$bootentry" + fi +} + +# shellcheck disable=SC2166 +if [ "$1" = remove -o "$1" = purge ] && bootctl --print-esp-path > /dev/null 2>&1; then + for k in /boot/vmlinuz-* ; do + [ -f "$k" ] || continue + ver=$(basename "$k" | sed s/^vmlinuz-//) + kernel-install remove "$ver" + done + + remove_shim + remove_signed + bootctl remove --graceful +fi + +#DEBHELPER# diff --git a/systemd-boot.triggers b/systemd-boot.triggers new file mode 100644 index 00000000..21c25015 --- /dev/null +++ b/systemd-boot.triggers @@ -0,0 +1,2 @@ +interest-noawait /usr/lib/shim +interest-noawait /usr/lib/grub diff --git a/systemd-container.install b/systemd-container.install new file mode 100755 index 00000000..2fb6aba7 --- /dev/null +++ b/systemd-container.install @@ -0,0 +1,68 @@ +#!/usr/bin/dh-exec +usr/bin/importctl + usr/bin/updatectl + usr/bin/systemd-vmspawn + usr/lib/systemd/system/systemd-vmspawn@.service +usr/bin/machinectl +usr/bin/portablectl +usr/lib/systemd/import-pubring.gpg +usr/lib/systemd/network/80-namespace-ns.* +usr/lib/systemd/portable +usr/lib/systemd/systemd-machined +usr/lib/systemd/systemd-export +usr/lib/systemd/systemd-import* +usr/lib/systemd/systemd-mountfsd +usr/lib/systemd/systemd-mountwork +usr/lib/systemd/systemd-nsresourced +usr/lib/systemd/systemd-nsresourcework +usr/lib/systemd/systemd-portabled +usr/lib/systemd/systemd-pull +usr/lib/systemd/systemd-sysupdate + usr/lib/systemd/systemd-sysupdated +usr/lib/systemd/system-generators/systemd-import-generator +usr/lib/systemd/system/sockets.target.wants/systemd-importd.socket +usr/lib/systemd/system/systemd-nspawn@.service +usr/lib/systemd/system/systemd-importd.service +usr/lib/systemd/system/systemd-importd.socket +usr/lib/systemd/system/systemd-machined.service +usr/lib/systemd/system/systemd-mountfsd* +usr/lib/systemd/system/systemd-nsresourced* +usr/lib/systemd/system/systemd-portabled.service +usr/lib/systemd/system/systemd-sysupdate-reboot.service +usr/lib/systemd/system/systemd-sysupdate-reboot.timer +usr/lib/systemd/system/systemd-sysupdate.service +usr/lib/systemd/system/systemd-sysupdate.timer + usr/lib/systemd/system/systemd-sysupdated.service +usr/lib/systemd/system/var-lib-machines.mount +usr/lib/systemd/system/machines.target +usr/lib/systemd/system/*.target.wants/var-lib-machines.mount +usr/lib/systemd/system/dbus-org.freedesktop.import1.service +usr/lib/systemd/system/dbus-org.freedesktop.machine1.service +usr/lib/systemd/system/dbus-org.freedesktop.portable1.service + usr/lib/systemd/system/dbus-org.freedesktop.sysupdate1.service +usr/bin/systemd-dissect +usr/bin/systemd-nspawn +usr/lib/tmpfiles.d/portables.conf +usr/lib/tmpfiles.d/systemd-nspawn.conf +usr/sbin/mount.ddi +usr/share/dbus-1/system.d/org.freedesktop.import1.conf +usr/share/dbus-1/system.d/org.freedesktop.machine1.conf +usr/share/dbus-1/system.d/org.freedesktop.portable1.conf + usr/share/dbus-1/system.d/org.freedesktop.sysupdate1.conf +usr/share/dbus-1/system-services/org.freedesktop.import1.service +usr/share/dbus-1/system-services/org.freedesktop.machine1.service +usr/share/dbus-1/system-services/org.freedesktop.portable1.service + usr/share/dbus-1/system-services/org.freedesktop.sysupdate1.service +usr/share/polkit-1/actions/io.systemd.mount-file-system.policy +usr/share/polkit-1/actions/org.freedesktop.import1.policy +usr/share/polkit-1/actions/org.freedesktop.machine1.policy +usr/share/polkit-1/actions/org.freedesktop.portable1.policy + usr/share/polkit-1/actions/org.freedesktop.sysupdate1.policy +usr/share/zsh/vendor-completions/_systemd-nspawn +usr/share/zsh/vendor-completions/_sd_machines +usr/share/zsh/vendor-completions/_machinectl +usr/share/bash-completion/completions/machinectl +usr/share/bash-completion/completions/portablectl +usr/share/bash-completion/completions/systemd-nspawn + usr/share/bash-completion/completions/systemd-vmspawn +usr/share/bash-completion/completions/importctl diff --git a/systemd-container.lintian-overrides b/systemd-container.lintian-overrides new file mode 100644 index 00000000..c9701da5 --- /dev/null +++ b/systemd-container.lintian-overrides @@ -0,0 +1,6 @@ +# False positive: nspawn containers are supposed to be started via machines.target +systemd-container: systemd-service-file-refers-to-unusual-wantedby-target machines.target [usr/lib/systemd/system/systemd-nspawn@.service] +# Our units without [Install] are either event driven or statically enabled +systemd-container: systemd-service-file-missing-install-key +# Lintian is really bad at associating manpages +systemd-container: spare-manual-page diff --git a/systemd-container.manpages b/systemd-container.manpages new file mode 100755 index 00000000..bafc94c3 --- /dev/null +++ b/systemd-container.manpages @@ -0,0 +1,32 @@ +#!/usr/bin/dh-exec +debian/tmp/usr/share/man/man1/importctl.1 + debian/tmp/usr/share/man/man1/updatectl.1 + debian/tmp/usr/share/man/man1/systemd-vmspawn.1 +debian/tmp/usr/share/man/man1/mount.ddi.1 +debian/tmp/usr/share/man/man1/systemd-nspawn.1 +debian/tmp/usr/share/man/man5/org.freedesktop.import1.5 + debian/tmp/usr/share/man/man5/org.freedesktop.sysupdate1.5 +debian/tmp/usr/share/man/man5/systemd.nspawn.5 +debian/tmp/usr/share/man/man5/sysupdate.d.5 +debian/tmp/usr/share/man/man5/sysupdate.features.5 +debian/tmp/usr/share/man/man1/machinectl.1 +debian/tmp/usr/share/man/man1/portablectl.1 +debian/tmp/usr/share/man/man1/systemd-dissect.1 +debian/tmp/usr/share/man/man8/systemd-import-generator.8 +debian/tmp/usr/share/man/man8/systemd-importd.8 +debian/tmp/usr/share/man/man8/systemd-importd.service.8 +debian/tmp/usr/share/man/man8/systemd-machined.8 +debian/tmp/usr/share/man/man8/systemd-machined.service.8 +debian/tmp/usr/share/man/man8/systemd-mountfsd.8 +debian/tmp/usr/share/man/man8/systemd-mountfsd.service.8 +debian/tmp/usr/share/man/man8/systemd-nsresourced.8 +debian/tmp/usr/share/man/man8/systemd-nsresourced.service.8 +debian/tmp/usr/share/man/man8/systemd-portabled.8 +debian/tmp/usr/share/man/man8/systemd-portabled.service.8 +debian/tmp/usr/share/man/man8/systemd-sysupdate.8 +debian/tmp/usr/share/man/man8/systemd-sysupdate-reboot.service.8 +debian/tmp/usr/share/man/man8/systemd-sysupdate-reboot.timer.8 +debian/tmp/usr/share/man/man8/systemd-sysupdate.service.8 +debian/tmp/usr/share/man/man8/systemd-sysupdate.timer.8 + debian/tmp/usr/share/man/man8/systemd-sysupdated.8 + debian/tmp/usr/share/man/man8/systemd-sysupdated.service.8 diff --git a/systemd-coredump.install b/systemd-coredump.install new file mode 100644 index 00000000..e6edc704 --- /dev/null +++ b/systemd-coredump.install @@ -0,0 +1,12 @@ +etc/systemd/coredump.conf +usr/lib/systemd/systemd-coredump +usr/lib/systemd/system/systemd-coredump* +usr/lib/systemd/system/*/systemd-coredump* +usr/bin/coredumpctl +usr/lib/sysctl.d/50-coredump.conf +usr/lib/sysusers.d/systemd-coredump.conf +usr/share/bash-completion/completions/coredumpctl +usr/share/zsh/vendor-completions/_coredumpctl +../extra/system.conf.d/20-coredump-debian.conf usr/lib/systemd/system.conf.d/ +../extra/user.conf.d/20-coredump-debian.conf usr/lib/systemd/user.conf.d/ +../extra/limits.d/20-coredump-debian.conf etc/security/limits.d/ diff --git a/systemd-coredump.lintian-overrides b/systemd-coredump.lintian-overrides new file mode 100644 index 00000000..a16dfa7e --- /dev/null +++ b/systemd-coredump.lintian-overrides @@ -0,0 +1,3 @@ +# Lintian is really bad at associating manpages +systemd-coredump: spare-manual-page +systemd-coredump: maintainer-script-calls-systemctl diff --git a/systemd-coredump.manpages b/systemd-coredump.manpages new file mode 100644 index 00000000..5e7573ec --- /dev/null +++ b/systemd-coredump.manpages @@ -0,0 +1,3 @@ +usr/share/man/man1/coredumpctl* +usr/share/man/man5/coredump.conf* +usr/share/man/man8/systemd-coredump* diff --git a/systemd-coredump.postinst b/systemd-coredump.postinst new file mode 100644 index 00000000..eb9ebf0d --- /dev/null +++ b/systemd-coredump.postinst @@ -0,0 +1,13 @@ +#!/bin/sh + +set -e + +if [ "$1" = configure ]; then + # enable systemd-coredump right after package installation + if [ -d /run/systemd/system ]; then + systemctl daemon-reload && systemctl start systemd-coredump.socket || true + fi + /usr/lib/systemd/systemd-sysctl /usr/lib/sysctl.d/50-coredump.conf || true +fi + +#DEBHELPER# diff --git a/systemd-coredump.prerm b/systemd-coredump.prerm new file mode 100644 index 00000000..16fbf695 --- /dev/null +++ b/systemd-coredump.prerm @@ -0,0 +1,15 @@ +#!/bin/sh + +set -e + +if [ "$1" = remove ]; then + # disable systemd-coredump on removal + if [ -w /proc/sys/kernel/core_pattern ] && grep -q '^|.*systemd-coredump' /proc/sys/kernel/core_pattern; then + echo core > /proc/sys/kernel/core_pattern + fi + if [ -d /run/systemd/system ]; then + systemctl stop systemd-coredump.socket || true + fi +fi + +#DEBHELPER# diff --git a/systemd-cryptsetup.install b/systemd-cryptsetup.install new file mode 100644 index 00000000..dc38c372 --- /dev/null +++ b/systemd-cryptsetup.install @@ -0,0 +1,25 @@ +usr/bin/systemd-cryptenroll +usr/bin/systemd-cryptsetup +usr/lib/systemd/system/cryptsetup-pre.target +usr/lib/systemd/system/cryptsetup.target +usr/lib/systemd/system/integritysetup-pre.target +usr/lib/systemd/system/integritysetup.target +usr/lib/systemd/system/veritysetup-pre.target +usr/lib/systemd/system/veritysetup.target +usr/lib/systemd/systemd-cryptsetup +usr/lib/systemd/systemd-integritysetup +usr/lib/systemd/systemd-veritysetup +usr/lib/systemd/system-generators/systemd-cryptsetup-generator +usr/lib/systemd/system-generators/systemd-integritysetup-generator +usr/lib/systemd/system-generators/systemd-veritysetup-generator +usr/lib/systemd/system/initrd-root-device.target.wants/remote-cryptsetup.target +usr/lib/systemd/system/initrd-root-device.target.wants/remote-veritysetup.target +usr/lib/systemd/system/remote-cryptsetup.target +usr/lib/systemd/system/remote-veritysetup.target +usr/lib/systemd/system/sysinit.target.wants/cryptsetup.target +usr/lib/systemd/system/sysinit.target.wants/integritysetup.target +usr/lib/systemd/system/sysinit.target.wants/veritysetup.target +usr/lib/systemd/system/system-systemd\x2dcryptsetup.slice +usr/lib/systemd/system/system-systemd\x2dveritysetup.slice +usr/lib/*/cryptsetup/ +usr/share/bash-completion/completions/systemd-cryptenroll diff --git a/systemd-cryptsetup.lintian-overrides b/systemd-cryptsetup.lintian-overrides new file mode 100644 index 00000000..590612b2 --- /dev/null +++ b/systemd-cryptsetup.lintian-overrides @@ -0,0 +1,2 @@ +# Lintian is really bad at associating manpages +systemd-cryptsetup: spare-manual-page diff --git a/systemd-cryptsetup.manpages b/systemd-cryptsetup.manpages new file mode 100644 index 00000000..1fe92477 --- /dev/null +++ b/systemd-cryptsetup.manpages @@ -0,0 +1,12 @@ +usr/share/man/man1/systemd-cryptenroll.1 +usr/share/man/man5/integritytab.5 +usr/share/man/man5/veritytab.5 +usr/share/man/man8/systemd-cryptsetup.8 +usr/share/man/man8/systemd-cryptsetup-generator.8 +usr/share/man/man8/systemd-cryptsetup@.service.8 +usr/share/man/man8/systemd-integritysetup.8 +usr/share/man/man8/systemd-integritysetup-generator.8 +usr/share/man/man8/systemd-integritysetup@.service.8 +usr/share/man/man8/systemd-veritysetup.8 +usr/share/man/man8/systemd-veritysetup-generator.8 +usr/share/man/man8/systemd-veritysetup@.service.8 diff --git a/systemd-dev.install b/systemd-dev.install new file mode 100755 index 00000000..b739806f --- /dev/null +++ b/systemd-dev.install @@ -0,0 +1,4 @@ +#!/usr/bin/dh-exec + usr/share/dbus-1/interfaces/ +usr/share/pkgconfig/systemd.pc +usr/share/pkgconfig/udev.pc diff --git a/systemd-homed.install b/systemd-homed.install new file mode 100644 index 00000000..e9944491 --- /dev/null +++ b/systemd-homed.install @@ -0,0 +1,14 @@ +etc/systemd/homed.conf +usr/bin/homectl +usr/bin/systemd-home-fallback-shell +usr/lib/*/security/pam_systemd_home.so +usr/lib/systemd/systemd-homed +usr/lib/systemd/systemd-homework +usr/lib/systemd/system/systemd-homed.service +usr/lib/systemd/system/systemd-homed-activate.service +usr/lib/systemd/system/systemd-homed-firstboot.service +usr/share/dbus-1/system.d/org.freedesktop.home1.conf +usr/share/dbus-1/system-services/org.freedesktop.home1.service +usr/share/polkit-1/actions/org.freedesktop.home1.policy +usr/share/bash-completion/completions/homectl +../extra/pam-configs/systemd-homed usr/share/pam-configs/ diff --git a/systemd-homed.lintian-overrides b/systemd-homed.lintian-overrides new file mode 100644 index 00000000..0735f961 --- /dev/null +++ b/systemd-homed.lintian-overrides @@ -0,0 +1,6 @@ +# Lintian is really bad at associating manpages +systemd-homed: spare-manual-page +# False positive: Lintian doesn't recognize Also= +systemd-homed: systemd-service-file-refers-to-unusual-wantedby-target +# Not to be called manually +systemd-homed: no-manual-page [usr/bin/systemd-home-fallback-shell] diff --git a/systemd-homed.manpages b/systemd-homed.manpages new file mode 100644 index 00000000..4696f755 --- /dev/null +++ b/systemd-homed.manpages @@ -0,0 +1 @@ +usr/share/man/man*/*home* diff --git a/systemd-homed.postinst b/systemd-homed.postinst new file mode 100644 index 00000000..0be578fb --- /dev/null +++ b/systemd-homed.postinst @@ -0,0 +1,26 @@ +#!/bin/sh + +set -e + +# pam-auth-update makes wrong assumptions and doesn't allow no-op modules, so +# we need to remove 'use_authtok try_first_pass' after it runs +_fixup_common_password() { + sed -i "s/pam_unix.so obscure use_authtok try_first_pass/pam_unix.so obscure/g" /etc/pam.d/common-password || true +} + +if [ "$1" = "triggered" ]; then + shift + for trigger in $@; do + case $trigger in + /usr/share/pam-configs) + _fixup_common_password + ;; + esac + done + exit 0 +fi + +pam-auth-update --package --enable systemd-homed +_fixup_common_password + +#DEBHELPER# diff --git a/systemd-homed.prerm b/systemd-homed.prerm new file mode 100644 index 00000000..0dd38b05 --- /dev/null +++ b/systemd-homed.prerm @@ -0,0 +1,20 @@ +#!/bin/sh + +set -e + +# pam-auth-update --remove removes the named profile from the active config. +# It arguably should be called during deconfigure as well, but deconfigure +# can happen in some cases during a dist-upgrade and we don't want to +# deconfigure all PAM modules in the middle of a dist-upgrade by accident. +# +# More importantly, with the current implementation, --remove also removes +# all local preferences for the named config (such as whether it's enabled +# or disabled), which we don't want to do on deconfigure. +# +# This may need to change later as pam-auth-update evolves. + +if [ "$1" = remove ] && [ "${DPKG_MAINTSCRIPT_PACKAGE_REFCOUNT:-1}" = 1 ]; then + pam-auth-update --package --remove systemd-homed +fi + +#DEBHELPER# diff --git a/systemd-homed.triggers b/systemd-homed.triggers new file mode 100644 index 00000000..29edf017 --- /dev/null +++ b/systemd-homed.triggers @@ -0,0 +1 @@ +interest-noawait /usr/share/pam-configs diff --git a/systemd-journal-remote.install b/systemd-journal-remote.install new file mode 100644 index 00000000..26791ef3 --- /dev/null +++ b/systemd-journal-remote.install @@ -0,0 +1,17 @@ +# systemd-journal-upload +etc/systemd/journal-upload.conf +usr/lib/systemd/systemd-journal-upload +usr/lib/systemd/system/systemd-journal-upload.service + +# systemd-journal-remote +etc/systemd/journal-remote.conf +usr/lib/systemd/systemd-journal-remote +usr/lib/systemd/system/systemd-journal-remote.service +usr/lib/systemd/system/systemd-journal-remote.socket +usr/lib/sysusers.d/systemd-remote.conf + +# systemd-journal-gatewayd +usr/lib/systemd/systemd-journal-gatewayd +usr/lib/systemd/system/systemd-journal-gatewayd.service +usr/lib/systemd/system/systemd-journal-gatewayd.socket +usr/share/systemd/gatewayd/ diff --git a/systemd-journal-remote.lintian-overrides b/systemd-journal-remote.lintian-overrides new file mode 100644 index 00000000..2f6b336e --- /dev/null +++ b/systemd-journal-remote.lintian-overrides @@ -0,0 +1,4 @@ +# Lintian is really bad at associating manpages +systemd-journal-remote: spare-manual-page +# It's not documentation, it's data for the web server +systemd-journal-remote: package-contains-documentation-outside-usr-share-doc [usr/share/systemd/gatewayd/browse.html] diff --git a/systemd-journal-remote.manpages b/systemd-journal-remote.manpages new file mode 100644 index 00000000..55ede14b --- /dev/null +++ b/systemd-journal-remote.manpages @@ -0,0 +1,12 @@ +usr/share/man/man5/journal-upload.conf.d.5 +usr/share/man/man5/journal-upload.conf.5 +usr/share/man/man8/systemd-journal-upload.8 +usr/share/man/man8/systemd-journal-upload.service.8 +usr/share/man/man5/journal-remote.conf.d.5 +usr/share/man/man5/journal-remote.conf.5 +usr/share/man/man8/systemd-journal-remote.service.8 +usr/share/man/man8/systemd-journal-remote.socket.8 +usr/share/man/man8/systemd-journal-remote.8 +usr/share/man/man8/systemd-journal-gatewayd.service.8 +usr/share/man/man8/systemd-journal-gatewayd.socket.8 +usr/share/man/man8/systemd-journal-gatewayd.8 diff --git a/systemd-oomd.install b/systemd-oomd.install new file mode 100644 index 00000000..6073519c --- /dev/null +++ b/systemd-oomd.install @@ -0,0 +1,13 @@ +etc/systemd/oomd.conf +usr/lib/systemd/systemd-oomd +usr/lib/systemd/system/systemd-oomd.service +usr/lib/systemd/system/systemd-oomd.socket +usr/bin/oomctl +usr/lib/sysusers.d/systemd-oom.conf +usr/share/dbus-1/system.d/org.freedesktop.oom1.conf +usr/share/dbus-1/system-services/org.freedesktop.oom1.service +usr/share/bash-completion/completions/oomctl +usr/share/zsh/vendor-completions/_oomctl +../extra/systemd-oomd-defaults/oomd.conf.d/* usr/lib/systemd/oomd.conf.d/ +../extra/systemd-oomd-defaults/-.slice.d/* usr/lib/systemd/system/-.slice.d/ +../extra/systemd-oomd-defaults/user@.service.d/* usr/lib/systemd/system/user@.service.d/ diff --git a/systemd-oomd.lintian-overrides b/systemd-oomd.lintian-overrides new file mode 100644 index 00000000..dbd84ab4 --- /dev/null +++ b/systemd-oomd.lintian-overrides @@ -0,0 +1,3 @@ +# Lintian is really bad at associating manpages +systemd-oomd: spare-manual-page +systemd-oomd: maintainer-script-calls-systemctl diff --git a/systemd-oomd.manpages b/systemd-oomd.manpages new file mode 100644 index 00000000..b1f49704 --- /dev/null +++ b/systemd-oomd.manpages @@ -0,0 +1 @@ +usr/share/man/man*/*oom* diff --git a/systemd-oomd.postinst b/systemd-oomd.postinst new file mode 100644 index 00000000..65629b77 --- /dev/null +++ b/systemd-oomd.postinst @@ -0,0 +1,12 @@ +#!/bin/sh + +set -e + +#DEBHELPER# + +# reload dbus configuration to make the new org.freedesktop.oom1 API available +# The org.freedesktop.oom1.conf policy references the 'systemd-oom' user, thus +# an explicit reload of dbus is needed after the system user was created. +if [ -d /run/systemd/system ]; then + systemctl reload dbus || true +fi diff --git a/systemd-repart.install b/systemd-repart.install new file mode 100755 index 00000000..d8d7402e --- /dev/null +++ b/systemd-repart.install @@ -0,0 +1,8 @@ +#!/usr/bin/dh-exec +usr/bin/systemd-repart +usr/lib/systemd/repart/ + usr/lib/systemd/systemd-keyutil + usr/lib/systemd/systemd-sbsign +usr/lib/systemd/system/initrd-root-fs.target.wants/systemd-repart.service +usr/lib/systemd/system/sysinit.target.wants/systemd-repart.service +usr/lib/systemd/system/systemd-repart.service diff --git a/systemd-repart.manpages b/systemd-repart.manpages new file mode 100755 index 00000000..cdcfe11a --- /dev/null +++ b/systemd-repart.manpages @@ -0,0 +1,6 @@ +#!/usr/bin/dh-exec +debian/tmp/usr/share/man/man1/systemd-keyutil.1 +debian/tmp/usr/share/man/man1/systemd-sbsign.1 +debian/tmp/usr/share/man/man5/repart.d.5 +debian/tmp/usr/share/man/man8/systemd-repart.8 +debian/tmp/usr/share/man/man8/systemd-repart.service.8 diff --git a/systemd-resolved.install b/systemd-resolved.install new file mode 100644 index 00000000..b5ba2e91 --- /dev/null +++ b/systemd-resolved.install @@ -0,0 +1,13 @@ +etc/systemd/resolved.conf +usr/bin/resolvectl +usr/lib/systemd/systemd-resolved +usr/lib/systemd/system/systemd-resolved.service +usr/lib/sysusers.d/systemd-resolve.conf +usr/lib/tmpfiles.d/systemd-resolve.conf +usr/sbin/resolvconf +usr/share/bash-completion/completions/resolvectl +usr/share/bash-completion/completions/systemd-resolve +usr/share/dbus-1/system.d/org.freedesktop.resolve1.conf +usr/share/dbus-1/system-services/org.freedesktop.resolve1.service +usr/share/polkit-1/actions/org.freedesktop.resolve1.policy +usr/share/zsh/vendor-completions/_resolvectl diff --git a/systemd-resolved.lintian-overrides b/systemd-resolved.lintian-overrides new file mode 100644 index 00000000..34a7c78d --- /dev/null +++ b/systemd-resolved.lintian-overrides @@ -0,0 +1,2 @@ +# Lintian is really bad at associating manpages +systemd-resolved: spare-manual-page diff --git a/systemd-resolved.manpages b/systemd-resolved.manpages new file mode 100644 index 00000000..29336658 --- /dev/null +++ b/systemd-resolved.manpages @@ -0,0 +1,4 @@ +usr/share/man/man1/resolv* +usr/share/man/man5/org.freedesktop.resolve1* +usr/share/man/man5/resolved.conf.* +usr/share/man/man8/systemd-resolved.* diff --git a/systemd-resolved.postinst b/systemd-resolved.postinst new file mode 100644 index 00000000..fc4e38b8 --- /dev/null +++ b/systemd-resolved.postinst @@ -0,0 +1,38 @@ +#!/bin/sh + +set -e + +_adopt_conffile() { + conffile=$1 + pkg=$2 + + [ -f "${conffile}.dpkg-bak" ] || return 0 + + md5sum="$(md5sum "${conffile}" | sed -e 's/ .*//')" + old_md5sum="$(dpkg-query -W -f='${Conffiles}' "$pkg" | \ + sed -n -e "\' ${conffile} ' { s/ obsolete$//; s/.* //; p }")" + # On new installs, if the policy file was preserved on systemd upgrade + # by dpkg-maintscript helper, copy it back if the new file has not been modified yet + if [ "$md5sum" = "$old_md5sum" ]; then + mv "${conffile}.dpkg-bak" "${conffile}" + fi +} + + +if [ "$1" = configure ] && [ -z "$2" ]; then + _adopt_conffile "${DPKG_ROOT}/etc/systemd/resolved.conf" systemd-resolved +fi + +if [ "$1" = configure ] && dpkg --compare-versions "$2" lt 251.4-2; then + if [ "$(readlink "${DPKG_ROOT}/etc/resolv.conf")" != "../run/systemd/resolve/stub-resolv.conf" ] && [ "$(readlink "${DPKG_ROOT}/etc/resolv.conf")" != "/run/systemd/resolve/stub-resolv.conf" ]; then + echo "Converting /etc/resolv.conf to a symlink to /run/systemd/resolve/stub-resolv.conf..." + mkdir -p "${DPKG_ROOT}/run/systemd/resolve" + if [ -f "${DPKG_ROOT}/etc/resolv.conf" ]; then + cp "${DPKG_ROOT}/etc/resolv.conf" "${DPKG_ROOT}/run/systemd/resolve/stub-resolv.conf" || echo "Cannot copy /etc/resolv.conf to /run/systemd/resolve/stub-resolv.conf" + mv "${DPKG_ROOT}/etc/resolv.conf" "${DPKG_ROOT}/etc/.resolv.conf.systemd-resolved.bak" || echo "Cannot take a backup of /etc/resolv.conf." + fi + ln -sf ../run/systemd/resolve/stub-resolv.conf "${DPKG_ROOT}/etc/resolv.conf" || echo "Cannot install symlink from /etc/resolv.conf to ../run/systemd/resolve/stub-resolv.conf" + fi +fi + +#DEBHELPER# diff --git a/systemd-resolved.postrm b/systemd-resolved.postrm new file mode 100644 index 00000000..e56e04d9 --- /dev/null +++ b/systemd-resolved.postrm @@ -0,0 +1,24 @@ +#!/bin/sh + +set -e + +if [ "$1" = remove ]; then + if [ "$(readlink "${DPKG_ROOT}/etc/resolv.conf")" = "../run/systemd/resolve/stub-resolv.conf" ] || [ "$(readlink "${DPKG_ROOT}/etc/resolv.conf")" = "/run/systemd/resolve/stub-resolv.conf" ]; then + echo "Removing /etc/resolv.conf symlink to /run/systemd/resolve/stub-resolv.conf..." + rm -f "${DPKG_ROOT}/etc/resolv.conf" || echo "Cannot remove /etc/resolv.conf." + if [ -f "${DPKG_ROOT}/run/systemd/resolve/resolv.conf" ]; then + echo "Copying /run/systemd/resolve/resolv.conf to /etc/resolv.conf..." + cp "${DPKG_ROOT}/run/systemd/resolve/resolv.conf" "${DPKG_ROOT}/etc/resolv.conf" || echo "Cannot copy /run/systemd/resolve/resolv.conf to /etc/resolv.conf." + # We prefer a current resolv.conf rather than an older backup, if available + rm -f "${DPKG_ROOT}/etc/.resolv.conf.systemd-resolved.bak" + elif [ -f "${DPKG_ROOT}/etc/.resolv.conf.systemd-resolved.bak" ]; then + echo "Restoring previous resolv.conf..." + mv "${DPKG_ROOT}/etc/.resolv.conf.systemd-resolved.bak" "${DPKG_ROOT}/etc/resolv.conf" || echo "Cannot restore /etc/resolv.conf backup." + else + echo "Creating an empty /etc/resolv.conf..." + touch "${DPKG_ROOT}/etc/resolv.conf" || echo "Cannot create an empty /etc/resolv.conf." + fi + fi +fi + +#DEBHELPER# diff --git a/systemd-standalone-shutdown.install b/systemd-standalone-shutdown.install new file mode 100755 index 00000000..bde793e3 --- /dev/null +++ b/systemd-standalone-shutdown.install @@ -0,0 +1,2 @@ +#!/usr/bin/dh-exec +usr/lib/systemd/systemd-shutdown.standalone => usr/lib/systemd/systemd-shutdown diff --git a/systemd-standalone-shutdown.lintian-overrides b/systemd-standalone-shutdown.lintian-overrides new file mode 100644 index 00000000..88e99c10 --- /dev/null +++ b/systemd-standalone-shutdown.lintian-overrides @@ -0,0 +1,2 @@ +# Lintian is really bad at associating manpages +systemd-standalone-shutdown: spare-manual-page diff --git a/systemd-standalone-shutdown.manpages b/systemd-standalone-shutdown.manpages new file mode 100644 index 00000000..94095adb --- /dev/null +++ b/systemd-standalone-shutdown.manpages @@ -0,0 +1 @@ +usr/share/man/man8/systemd-shutdown.8 diff --git a/systemd-standalone-sysusers.install b/systemd-standalone-sysusers.install new file mode 100755 index 00000000..03505c54 --- /dev/null +++ b/systemd-standalone-sysusers.install @@ -0,0 +1,2 @@ +#!/usr/bin/dh-exec +usr/bin/systemd-sysusers.standalone => usr/bin/systemd-sysusers diff --git a/systemd-standalone-sysusers.manpages b/systemd-standalone-sysusers.manpages new file mode 100644 index 00000000..c1d5be2a --- /dev/null +++ b/systemd-standalone-sysusers.manpages @@ -0,0 +1,2 @@ +usr/share/man/man5/sysusers.d.5 +usr/share/man/man8/systemd-sysusers.8 diff --git a/systemd-standalone-tmpfiles.install b/systemd-standalone-tmpfiles.install new file mode 100755 index 00000000..228ae351 --- /dev/null +++ b/systemd-standalone-tmpfiles.install @@ -0,0 +1,2 @@ +#!/usr/bin/dh-exec +usr/bin/systemd-tmpfiles.standalone => usr/bin/systemd-tmpfiles diff --git a/systemd-standalone-tmpfiles.manpages b/systemd-standalone-tmpfiles.manpages new file mode 100644 index 00000000..749c86db --- /dev/null +++ b/systemd-standalone-tmpfiles.manpages @@ -0,0 +1,2 @@ +usr/share/man/man5/tmpfiles.d.5 +usr/share/man/man8/systemd-tmpfiles.8 diff --git a/systemd-sysv.install b/systemd-sysv.install new file mode 100644 index 00000000..2bdd5d3c --- /dev/null +++ b/systemd-sysv.install @@ -0,0 +1,7 @@ +usr/sbin/init +usr/sbin/telinit +usr/sbin/runlevel +usr/sbin/shutdown +usr/sbin/poweroff +usr/sbin/reboot +usr/sbin/halt diff --git a/systemd-sysv.manpages b/systemd-sysv.manpages new file mode 100644 index 00000000..0a949c9d --- /dev/null +++ b/systemd-sysv.manpages @@ -0,0 +1,7 @@ +usr/share/man/man1/init.1 +usr/share/man/man8/telinit.8 +usr/share/man/man8/runlevel.8 +usr/share/man/man8/shutdown.8 +usr/share/man/man8/poweroff.8 +usr/share/man/man8/reboot.8 +usr/share/man/man8/halt.8 diff --git a/systemd-sysv.postinst b/systemd-sysv.postinst new file mode 100644 index 00000000..aad1c49d --- /dev/null +++ b/systemd-sysv.postinst @@ -0,0 +1,27 @@ +#!/bin/sh + +set -e + +# begin-remove-after: released:trixie +if [ "$1" = "configure" ]; then + for n in halt poweroff shutdown; do + fn=$(dpkg-divert --truename "/usr/sbin/$n") + if ! test -h "$fn"; then + if test "$fn" = "/usr/sbin/$n"; then + echo "/usr/sbin/$n vanished in /usr-merge upgrade. Restoring." + else + echo "/usr/sbin/$n (diverted to $fn) vanished in /usr-merge upgrade. Restoring." + fi + ln -sf ../bin/systemctl "$fn" + fi + done +fi +# end-remove-after + +# update grub on first install, so that the alternative init system boot +# entries get updated +if [ "$1" = configure ] && [ -z "$2" ] && [ -e /boot/grub/grub.cfg ] && command -v update-grub >/dev/null; then + update-grub || true +fi + +#DEBHELPER# diff --git a/systemd-tests.install b/systemd-tests.install new file mode 100644 index 00000000..28b745c2 --- /dev/null +++ b/systemd-tests.install @@ -0,0 +1 @@ +usr/lib/systemd/tests diff --git a/systemd-tests.lintian-overrides b/systemd-tests.lintian-overrides new file mode 100644 index 00000000..6fd072a7 --- /dev/null +++ b/systemd-tests.lintian-overrides @@ -0,0 +1,13 @@ +# It's not documentation, it's test data +systemd-tests: package-contains-documentation-outside-usr-share-doc +# netlink keyword +systemd-tests: spelling-error-in-binary iif if [usr/lib/systemd/tests/unit-tests/test-network*] +# test binaries, we don't care about these flags +systemd-tests: hardening-no-fortify-functions +systemd-tests: hardening-no-bindnow +systemd-tests: hardening-no-relro +# test payload, intentional +systemd-tests: national-encoding [usr/lib/systemd/tests/testdata/test-fstab-generator/test-19-mounts-from-cmdline.expected/hoge-withx20space.mount] +systemd-tests: national-encoding [usr/lib/systemd/tests/testdata/test-fstab-generator/test-19-mounts-from-cmdline.expected/remote-fs.target.requires/hoge-withx20space.mount] +# Intentional: value of config got in a release by mistake, needs to be kept +systemd-tests: spelling-error-in-binary anually annually [usr/lib/systemd/tests/unit-tests/*] diff --git a/systemd-timesyncd.install b/systemd-timesyncd.install new file mode 100644 index 00000000..fd21ff0f --- /dev/null +++ b/systemd-timesyncd.install @@ -0,0 +1,10 @@ +etc/systemd/timesyncd.conf +usr/lib/systemd/ntp-units.d/80-systemd-timesync.list +usr/lib/systemd/systemd-timesyncd +usr/lib/systemd/system/systemd-timesyncd.service +usr/lib/sysusers.d/systemd-timesync.conf +usr/share/dbus-1/system.d/org.freedesktop.timesync1.conf +usr/share/dbus-1/system-services/org.freedesktop.timesync1.service +../extra/dhclient-exit-hooks.d/ etc/dhcp/ +usr/lib/systemd/systemd-time-wait-sync +usr/lib/systemd/system/systemd-time-wait-sync.service diff --git a/systemd-timesyncd.lintian-overrides b/systemd-timesyncd.lintian-overrides new file mode 100644 index 00000000..2950ce11 --- /dev/null +++ b/systemd-timesyncd.lintian-overrides @@ -0,0 +1,2 @@ +# Lintian is really bad at associating manpages +systemd-timesyncd: spare-manual-page diff --git a/systemd-timesyncd.manpages b/systemd-timesyncd.manpages new file mode 100755 index 00000000..ac2e6b49 --- /dev/null +++ b/systemd-timesyncd.manpages @@ -0,0 +1,8 @@ +#!/usr/bin/dh-exec +debian/tmp/usr/share/man/man5/timesyncd.conf.5 +debian/tmp/usr/share/man/man5/timesyncd.conf.d.5 +debian/tmp/usr/share/man/man5/org.freedesktop.timesync1.5 +debian/tmp/usr/share/man/man8/systemd-time-wait-sync.8 +debian/tmp/usr/share/man/man8/systemd-time-wait-sync.service.8 +debian/tmp/usr/share/man/man8/systemd-timesyncd.8 +debian/tmp/usr/share/man/man8/systemd-timesyncd.service.8 diff --git a/systemd-timesyncd.postinst b/systemd-timesyncd.postinst new file mode 100644 index 00000000..608f54bd --- /dev/null +++ b/systemd-timesyncd.postinst @@ -0,0 +1,26 @@ +#!/bin/sh + +set -e + +_adopt_conffile() { + conffile=$1 + pkg=$2 + + [ -f ${conffile}.dpkg-bak ] || return 0 + + md5sum="$(md5sum ${conffile} | sed -e 's/ .*//')" + old_md5sum="$(dpkg-query -W -f='${Conffiles}' $pkg | \ + sed -n -e "\' ${conffile} ' { s/ obsolete$//; s/.* //; p }")" + # On new installs, if the policy file was preserved on systemd upgrade + # by dpkg-maintscript helper, copy it back if the new file has not been modified yet + if [ "$md5sum" = "$old_md5sum" ]; then + mv ${conffile}.dpkg-bak ${conffile} + fi +} + +if [ "$1" = configure ] && [ -z "$2" ]; then + _adopt_conffile /etc/dhcp/dhclient-exit-hooks.d/timesyncd systemd-timesyncd + _adopt_conffile /etc/systemd/timesyncd.conf systemd-timesyncd +fi + +#DEBHELPER# diff --git a/systemd-timesyncd.postrm b/systemd-timesyncd.postrm new file mode 100644 index 00000000..b333c6c3 --- /dev/null +++ b/systemd-timesyncd.postrm @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +case "$1" in + purge) + rm -rf /var/lib/systemd/timesync/ + ;; +esac + +#DEBHELPER# diff --git a/systemd-ukify.install b/systemd-ukify.install new file mode 100644 index 00000000..0b4cb205 --- /dev/null +++ b/systemd-ukify.install @@ -0,0 +1,4 @@ +usr/bin/ukify +usr/lib/kernel/install.d/60-ukify.install +usr/lib/kernel/uki.conf +usr/lib/systemd/ukify diff --git a/systemd-ukify.manpages b/systemd-ukify.manpages new file mode 100644 index 00000000..5d6a2af7 --- /dev/null +++ b/systemd-ukify.manpages @@ -0,0 +1 @@ +usr/share/man/man1/ukify.1 diff --git a/systemd-userdbd.install b/systemd-userdbd.install new file mode 100644 index 00000000..bf942964 --- /dev/null +++ b/systemd-userdbd.install @@ -0,0 +1,8 @@ +etc/ssh/sshd_config.d/20-systemd-userdb.conf +usr/bin/userdbctl +usr/lib/systemd/systemd-userdbd +usr/lib/systemd/systemd-userwork +usr/lib/systemd/system/systemd-userdbd.service +usr/lib/systemd/system/systemd-userdbd.socket +usr/lib/systemd/sshd_config.d/20-systemd-userdb.conf +usr/lib/tmpfiles.d/20-systemd-userdb.conf diff --git a/systemd-userdbd.lintian-overrides b/systemd-userdbd.lintian-overrides new file mode 100644 index 00000000..71e47bd8 --- /dev/null +++ b/systemd-userdbd.lintian-overrides @@ -0,0 +1,2 @@ +# Lintian is really bad at associating manpages +systemd-userdbd: spare-manual-page diff --git a/systemd-userdbd.manpages b/systemd-userdbd.manpages new file mode 100644 index 00000000..95d4d260 --- /dev/null +++ b/systemd-userdbd.manpages @@ -0,0 +1 @@ +usr/share/man/man*/*userdb* diff --git a/systemd.bug-control b/systemd.bug-control new file mode 100644 index 00000000..46c7f404 --- /dev/null +++ b/systemd.bug-control @@ -0,0 +1 @@ +package-status: udev dracut initramfs-tools libpam-systemd libnss-systemd dbus-user-session diff --git a/systemd.bug-presubj b/systemd.bug-presubj new file mode 100644 index 00000000..c47bf707 --- /dev/null +++ b/systemd.bug-presubj @@ -0,0 +1,8 @@ +The systemd package contains very few and superficial patches, so bugs +about runtime functionality and feature requests should be opened directly +upstream at: https://github.com/systemd/systemd/issues/new/choose + +Issues about packaging and integration, maintainer scripts, enabling or +disabling existing features or dependencies, unit test or autopkgtest, +compilation, default configurations are all appropriate to be reported to +the distribution. diff --git a/systemd.bug-script b/systemd.bug-script new file mode 100644 index 00000000..9c05835a --- /dev/null +++ b/systemd.bug-script @@ -0,0 +1,45 @@ +#!/bin/bash + +cat <&3 + +# remove highlighting escape codes from systemd-delta output +systemd-delta --no-pager 2>&1 |sed "s%\x1b[^m]*m%%g" >$DIR/systemd-delta.txt +echo "$DIR/systemd-delta.txt" >&3 + +if [ -d /run/systemd/system ]; then + systemd-analyze --no-pager dump >$DIR/systemd-analyze-dump.txt 2>&1 + echo "$DIR/systemd-analyze-dump.txt" >&3 + busctl --no-pager get-property org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager Tainted >$DIR/taints.txt 2>&1 + echo "$DIR/taints.txt" >&3 +fi + +if [ -d /var/lib/systemd/deb-systemd-helper-enabled ]; then + head -n100 $(find /var/lib/systemd/deb-systemd-helper-enabled -type f | tr '\n' ' ') >$DIR/dsh-enabled.txt + echo "$DIR/dsh-enabled.txt" >&3 +fi + +echo "/etc/fstab" >&3 + +echo "-- END ATTACHMENTS --" >&3 diff --git a/systemd.dirs b/systemd.dirs new file mode 100644 index 00000000..fac35d6c --- /dev/null +++ b/systemd.dirs @@ -0,0 +1 @@ +var/lib/systemd diff --git a/systemd.install b/systemd.install new file mode 100755 index 00000000..cbb2e8fc --- /dev/null +++ b/systemd.install @@ -0,0 +1,528 @@ +#!/usr/bin/dh-exec +etc/binfmt.d/ +etc/credstore/ +etc/credstore.encrypted/ +etc/kernel/install.d/ +etc/profile.d/70-systemd-shell-extra.sh +etc/ssh/ssh_config.d/20-systemd-ssh-proxy.conf +etc/systemd/journald.conf +etc/systemd/logind.conf +etc/systemd/network/ +etc/systemd/networkd.conf +etc/systemd/pstore.conf +etc/systemd/sleep.conf +etc/systemd/system/ +etc/systemd/system.conf +etc/systemd/user/ +etc/systemd/user.conf +etc/tmpfiles.d/ +etc/xdg/systemd/user +usr/bin/busctl +usr/bin/hostnamectl +usr/bin/journalctl +usr/bin/kernel-install +usr/bin/localectl +usr/bin/loginctl +usr/bin/networkctl +usr/bin/systemctl +usr/bin/systemd-ac-power +usr/bin/systemd-analyze +usr/bin/systemd-ask-password +usr/bin/systemd-cat +usr/bin/systemd-cgls +usr/bin/systemd-cgtop +usr/bin/systemd-confext +usr/bin/systemd-creds +usr/bin/systemd-delta +usr/bin/systemd-detect-virt +usr/bin/systemd-escape +usr/bin/systemd-firstboot +usr/bin/systemd-id128 +usr/bin/systemd-inhibit +usr/bin/systemd-machine-id-setup +usr/bin/systemd-mount +usr/bin/systemd-notify +usr/bin/systemd-path +usr/bin/systemd-run +usr/bin/systemd-socket-activate +usr/bin/systemd-stdio-bridge +usr/bin/systemd-sysext +usr/bin/systemd-sysusers +usr/bin/systemd-tmpfiles +usr/bin/systemd-tty-ask-password-agent +usr/bin/systemd-umount +usr/bin/run0 +usr/bin/systemd-vpick +usr/bin/timedatectl +usr/bin/varlinkctl +usr/lib/environment.d/99-environment.conf +usr/lib/kernel/install.conf +usr/lib/kernel/install.d/50-depmod.install +usr/lib/kernel/install.d/90-loaderentry.install +usr/lib/kernel/install.d/90-uki-copy.install +usr/lib/modprobe.d/systemd.conf + usr/lib/pcrlock.d/ +[alpha amd64 arm64 ia64 loong64 mips64el ppc64 ppc64el riscv64 s390x sparc64] usr/lib/sysctl.d/50-pid-max.conf +usr/lib/systemd/catalog/ +usr/lib/systemd/network/80-6rd-tunnel.link +usr/lib/systemd/network/80-6rd-tunnel.network +usr/lib/systemd/network/80-auto-link-local.network.example +usr/lib/systemd/network/80-container-host0*.network +usr/lib/systemd/network/80-container-vb.link +usr/lib/systemd/network/80-container-vb.network +usr/lib/systemd/network/80-container-ve.link +usr/lib/systemd/network/80-container-ve.network +usr/lib/systemd/network/80-container-vz.link +usr/lib/systemd/network/80-container-vz.network +usr/lib/systemd/network/80-vm-vt.link +usr/lib/systemd/network/80-vm-vt.network +usr/lib/systemd/network/80-wifi-adhoc.network +usr/lib/systemd/network/80-wifi-ap.network.example +usr/lib/systemd/network/80-wifi-station.network.example +usr/lib/systemd/network/89-ethernet.network.example +usr/lib/systemd/profile.d/70-systemd-shell-extra.sh +usr/lib/systemd/resolv.conf +usr/lib/systemd/ssh_config.d/20-systemd-ssh-proxy.conf +usr/lib/systemd/system/autovt@.service +usr/lib/systemd/system/basic.target +usr/lib/systemd/system/blockdev@.target +usr/lib/systemd/system/bluetooth.target +usr/lib/systemd/system/boot-complete.target +usr/lib/systemd/system/capsule.slice +usr/lib/systemd/system/capsule@.service +usr/lib/systemd/system/console-getty.service +usr/lib/systemd/system/container-getty@.service +usr/lib/systemd/system/ctrl-alt-del.target +usr/lib/systemd/systemd +usr/lib/systemd/systemd-backlight +usr/lib/systemd/systemd-battery-check +usr/lib/systemd/systemd-binfmt +usr/lib/systemd/systemd-boot-check-no-failures + usr/lib/systemd/systemd-bsod +usr/lib/systemd/system/dbus-org.freedesktop.hostname1.service +usr/lib/systemd/system/dbus-org.freedesktop.locale1.service +usr/lib/systemd/system/dbus-org.freedesktop.login1.service +usr/lib/systemd/system/dbus-org.freedesktop.timedate1.service +usr/lib/systemd/systemd-cgroups-agent +usr/lib/systemd/system/debug-shell.service +usr/lib/systemd/system/default.target +usr/lib/systemd/system/dev-hugepages.mount +usr/lib/systemd/system/dev-mqueue.mount +usr/lib/systemd/systemd-executor +usr/lib/systemd/systemd-fsck +usr/lib/systemd/systemd-growfs +usr/lib/systemd/systemd-hibernate-resume +usr/lib/systemd/systemd-hostnamed +usr/lib/systemd/systemd-initctl +usr/lib/systemd/systemd-journald +usr/lib/systemd/systemd-localed +usr/lib/systemd/systemd-logind +usr/lib/systemd/systemd-makefs + usr/lib/systemd/systemd-measure +usr/lib/systemd/systemd-modules-load +usr/lib/systemd/systemd-networkd +usr/lib/systemd/systemd-networkd-wait-online +usr/lib/systemd/systemd-network-generator +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/systemd-pcrextend + usr/lib/systemd/systemd-pcrlock +usr/lib/systemd/systemd-pstore +usr/lib/systemd/systemd-quotacheck +usr/lib/systemd/systemd-random-seed +usr/lib/systemd/systemd-remount-fs +usr/lib/systemd/systemd-reply-password +usr/lib/systemd/systemd-rfkill +usr/lib/systemd/systemd-shutdown +usr/lib/systemd/systemd-sleep +usr/lib/systemd/systemd-socket-proxyd +usr/lib/systemd/systemd-ssh-proxy +usr/lib/systemd/systemd-storagetm +usr/lib/systemd/systemd-sulogin-shell +usr/lib/systemd/systemd-sysctl +usr/lib/systemd/systemd-sysroot-fstab-check +usr/lib/systemd/systemd-timedated +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/systemd-tpm2-setup +usr/lib/systemd/systemd-update-done +usr/lib/systemd/systemd-user-runtime-dir +usr/lib/systemd/systemd-user-sessions +usr/lib/systemd/systemd-volatile-root +usr/lib/systemd/systemd-xdg-autostart-condition +usr/lib/systemd/system/emergency.service +usr/lib/systemd/system/emergency.target +usr/lib/systemd/system/exit.target +usr/lib/systemd/system/factory-reset.target +usr/lib/systemd/system/final.target +usr/lib/systemd/system/first-boot-complete.target +usr/lib/systemd/system-generators/systemd-debug-generator +usr/lib/systemd/system-generators/systemd-fstab-generator +usr/lib/systemd/system-generators/systemd-getty-generator +usr/lib/systemd/system-generators/systemd-gpt-auto-generator +usr/lib/systemd/system-generators/systemd-hibernate-resume-generator +usr/lib/systemd/system-generators/systemd-rc-local-generator +usr/lib/systemd/system-generators/systemd-run-generator +usr/lib/systemd/system-generators/systemd-ssh-generator +usr/lib/systemd/system-generators/systemd-system-update-generator +usr/lib/systemd/system-generators/systemd-sysv-generator +usr/lib/systemd/system-generators/systemd-tpm2-generator +usr/lib/systemd/system/getty-pre.target +usr/lib/systemd/system/getty@.service +usr/lib/systemd/system/getty.target +usr/lib/systemd/system/graphical.target +usr/lib/systemd/system/halt.target +usr/lib/systemd/system/hibernate.target +usr/lib/systemd/system/hybrid-sleep.target +usr/lib/systemd/system/initrd-cleanup.service +usr/lib/systemd/system/initrd-fs.target +usr/lib/systemd/system/initrd-parse-etc.service +usr/lib/systemd/system/initrd-root-device.target +usr/lib/systemd/system/initrd-root-fs.target +usr/lib/systemd/system/initrd-switch-root.service +usr/lib/systemd/system/initrd-switch-root.target +usr/lib/systemd/system/initrd.target +usr/lib/systemd/system/initrd.target.wants/systemd-battery-check.service + usr/lib/systemd/system/initrd.target.wants/systemd-bsod.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/initrd.target.wants/systemd-pcrphase-initrd.service +usr/lib/systemd/system/initrd-udevadm-cleanup-db.service +usr/lib/systemd/system/initrd-usr-fs.target +usr/lib/systemd/system/kexec.target +usr/lib/systemd/system/kmod-static-nodes.service +usr/lib/systemd/system/ldconfig.service +usr/lib/systemd/system/local-fs-pre.target +usr/lib/systemd/system/local-fs.target +usr/lib/systemd/system/local-fs.target.wants/tmp.mount +usr/lib/systemd/system/machine.slice +usr/lib/systemd/system/modprobe@.service +usr/lib/systemd/system/multi-user.target +usr/lib/systemd/system/multi-user.target.wants/getty.target +usr/lib/systemd/system/multi-user.target.wants/systemd-ask-password-wall.path +usr/lib/systemd/system/multi-user.target.wants/systemd-logind.service +usr/lib/systemd/system/multi-user.target.wants/systemd-user-sessions.service +usr/lib/systemd/system/network-online.target +usr/lib/systemd/system/network-pre.target +usr/lib/systemd/system/network.target +usr/lib/systemd/system/nss-lookup.target +usr/lib/systemd/system/nss-user-lookup.target +usr/lib/systemd/system/paths.target +usr/lib/systemd/system/poweroff.target +usr/lib/systemd/system-preset/90-systemd.preset +usr/lib/systemd/system/printer.target +usr/lib/systemd/system/proc-sys-fs-binfmt_misc.automount +usr/lib/systemd/system/proc-sys-fs-binfmt_misc.mount +usr/lib/systemd/system/quotaon*.service +usr/lib/systemd/system/rc-local.service +usr/lib/systemd/system/reboot.target +usr/lib/systemd/system/remote-fs-pre.target +usr/lib/systemd/system/remote-fs.target +usr/lib/systemd/system/rescue.service +usr/lib/systemd/system/rescue.target +usr/lib/systemd/system/rpcbind.target +usr/lib/systemd/system/runlevel0.target +usr/lib/systemd/system/runlevel1.target +usr/lib/systemd/system/runlevel2.target +usr/lib/systemd/system/runlevel3.target +usr/lib/systemd/system/runlevel4.target +usr/lib/systemd/system/runlevel5.target +usr/lib/systemd/system/runlevel6.target +usr/lib/systemd/system/serial-getty@.service +usr/lib/systemd/system/shutdown.target +usr/lib/systemd/system/sigpwr.target +usr/lib/systemd/system/sleep.target +usr/lib/systemd/system/slices.target +usr/lib/systemd/system/smartcard.target +usr/lib/systemd/system/sockets.target +usr/lib/systemd/system/sockets.target.wants/systemd-creds.socket +usr/lib/systemd/system/sockets.target.wants/systemd-initctl.socket +usr/lib/systemd/system/sockets.target.wants/systemd-hostnamed.socket +usr/lib/systemd/system/sockets.target.wants/systemd-journald-dev-log.socket +usr/lib/systemd/system/sockets.target.wants/systemd-journald.socket +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/sockets.target.wants/systemd-pcrextend.socket +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/sockets.target.wants/systemd-pcrlock.socket +usr/lib/systemd/system/sockets.target.wants/systemd-sysext.socket +usr/lib/systemd/system/soft-reboot.target +usr/lib/systemd/system/sound.target +usr/lib/systemd/system/ssh-access.target +usr/lib/systemd/system/storage-target-mode.target +usr/lib/systemd/system/suspend.target +usr/lib/systemd/system/suspend-then-hibernate.target +usr/lib/systemd/system/swap.target +usr/lib/systemd/system/sys-fs-fuse-connections.mount +usr/lib/systemd/system/sysinit.target +usr/lib/systemd/system/sysinit.target.wants/systemd-hibernate-clear.service +usr/lib/systemd/system/sysinit.target.wants/dev-hugepages.mount +usr/lib/systemd/system/sysinit.target.wants/dev-mqueue.mount +usr/lib/systemd/system/sysinit.target.wants/kmod-static-nodes.service +usr/lib/systemd/system/sysinit.target.wants/ldconfig.service +usr/lib/systemd/system/sysinit.target.wants/proc-sys-fs-binfmt_misc.automount +usr/lib/systemd/system/sysinit.target.wants/sys-fs-fuse-connections.mount +usr/lib/systemd/system/sysinit.target.wants/sys-kernel-config.mount +usr/lib/systemd/system/sysinit.target.wants/sys-kernel-debug.mount +usr/lib/systemd/system/sysinit.target.wants/sys-kernel-tracing.mount +usr/lib/systemd/system/sysinit.target.wants/systemd-ask-password-console.path +usr/lib/systemd/system/sysinit.target.wants/systemd-binfmt.service +usr/lib/systemd/system/sysinit.target.wants/systemd-firstboot.service +usr/lib/systemd/system/sysinit.target.wants/systemd-journal-catalog-update.service +usr/lib/systemd/system/sysinit.target.wants/systemd-journald.service +usr/lib/systemd/system/sysinit.target.wants/systemd-journal-flush.service +usr/lib/systemd/system/sysinit.target.wants/systemd-machine-id-commit.service +usr/lib/systemd/system/sysinit.target.wants/systemd-modules-load.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/sysinit.target.wants/systemd-pcrmachine.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/sysinit.target.wants/systemd-pcrphase.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/sysinit.target.wants/systemd-pcrphase-sysinit.service +usr/lib/systemd/system/sysinit.target.wants/systemd-random-seed.service +usr/lib/systemd/system/sysinit.target.wants/systemd-sysctl.service +usr/lib/systemd/system/sysinit.target.wants/systemd-sysusers.service +usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev-early.service +usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev.service +usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/sysinit.target.wants/systemd-tpm2-setup-early.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/sysinit.target.wants/systemd-tpm2-setup.service +usr/lib/systemd/system/sysinit.target.wants/systemd-update-done.service +usr/lib/systemd/system/sys-kernel-config.mount +usr/lib/systemd/system/sys-kernel-debug.mount +usr/lib/systemd/system/sys-kernel-tracing.mount +usr/lib/systemd/system/syslog.socket +usr/lib/systemd/system/systemd-ask-password-console.path +usr/lib/systemd/system/systemd-ask-password-console.service +usr/lib/systemd/system/systemd-ask-password-wall.path +usr/lib/systemd/system/systemd-ask-password-wall.service +usr/lib/systemd/system/systemd-backlight@.service +usr/lib/systemd/system/systemd-battery-check.service +usr/lib/systemd/system/systemd-binfmt.service +usr/lib/systemd/system/systemd-boot-check-no-failures.service + usr/lib/systemd/system/systemd-bsod.service +usr/lib/systemd/system/systemd-confext.service +usr/lib/systemd/system/systemd-creds.socket +usr/lib/systemd/system/systemd-creds@.service +usr/lib/systemd/system/systemd-exit.service +usr/lib/systemd/system/systemd-firstboot.service +usr/lib/systemd/system/systemd-fsck-root.service +usr/lib/systemd/system/systemd-fsck@.service +usr/lib/systemd/system/systemd-growfs-root.service +usr/lib/systemd/system/systemd-growfs@.service +usr/lib/systemd/system/systemd-halt.service +usr/lib/systemd/system/systemd-hibernate-clear.service +usr/lib/systemd/system/systemd-hibernate-resume.service +usr/lib/systemd/system/systemd-hibernate.service +usr/lib/systemd/system/systemd-hostnamed.service +usr/lib/systemd/system/systemd-hostnamed.socket +usr/lib/systemd/system/systemd-hybrid-sleep.service +usr/lib/systemd/system/systemd-initctl.service +usr/lib/systemd/system/systemd-initctl.socket +usr/lib/systemd/system/systemd-journal-catalog-update.service +usr/lib/systemd/system/systemd-journald-audit.socket +usr/lib/systemd/system/systemd-journald-dev-log.socket +usr/lib/systemd/system/systemd-journald.service +usr/lib/systemd/system/systemd-journald@.service +usr/lib/systemd/system/systemd-journald.socket +usr/lib/systemd/system/systemd-journald@.socket +usr/lib/systemd/system/systemd-journald-sync@.service +usr/lib/systemd/system/systemd-journald-varlink@.socket +usr/lib/systemd/system/systemd-journal-flush.service +usr/lib/systemd/system/systemd-kexec.service +usr/lib/systemd/system/systemd-localed.service +usr/lib/systemd/system/systemd-logind.service +usr/lib/systemd/system/systemd-machine-id-commit.service +usr/lib/systemd/system/systemd-modules-load.service +usr/lib/systemd/system/systemd-networkd*.service +usr/lib/systemd/system/systemd-networkd.socket +usr/lib/systemd/system/systemd-network-generator.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrextend@.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrextend.socket +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrfs-root.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrfs@.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrlock.socket +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrlock@.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrlock-file-system.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrlock-firmware-code.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrlock-firmware-config.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrlock-machine-id.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrlock-make-policy.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrlock-secureboot-authority.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrlock-secureboot-policy.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrmachine.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrphase-initrd.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrphase.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrphase-sysinit.service +usr/lib/systemd/system/systemd-poweroff.service +usr/lib/systemd/system/systemd-pstore.service +usr/lib/systemd/system/systemd-quotacheck*.service +usr/lib/systemd/system/systemd-random-seed.service +usr/lib/systemd/system/systemd-reboot.service +usr/lib/systemd/system/systemd-remount-fs.service +usr/lib/systemd/system/systemd-rfkill.service +usr/lib/systemd/system/systemd-rfkill.socket +usr/lib/systemd/system/systemd-soft-reboot.service +usr/lib/systemd/system/systemd-storagetm.service +usr/lib/systemd/system/systemd-suspend.service +usr/lib/systemd/system/systemd-suspend-then-hibernate.service +usr/lib/systemd/system/systemd-sysctl.service +usr/lib/systemd/system/systemd-sysext.service +usr/lib/systemd/system/systemd-sysext@.service +usr/lib/systemd/system/systemd-sysext.socket +usr/lib/systemd/system/systemd-sysusers.service +usr/lib/systemd/system/systemd-timedated.service +usr/lib/systemd/system/systemd-tmpfiles-clean.service +usr/lib/systemd/system/systemd-tmpfiles-clean.timer +usr/lib/systemd/system/systemd-tmpfiles-setup-dev-early.service +usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service +usr/lib/systemd/system/systemd-tmpfiles-setup.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-tpm2-setup-early.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-tpm2-setup.service +usr/lib/systemd/system/systemd-update-done.service +usr/lib/systemd/system/systemd-user-sessions.service +usr/lib/systemd/system/systemd-volatile-root.service +usr/lib/systemd/system/system-update-cleanup.service +usr/lib/systemd/system/system-update-pre.target +usr/lib/systemd/system/system-update.target +usr/lib/systemd/system/timers.target +usr/lib/systemd/system/timers.target.wants/systemd-tmpfiles-clean.timer +usr/lib/systemd/system/time-set.target +usr/lib/systemd/system/time-sync.target +usr/lib/systemd/system/tmp.mount +usr/lib/systemd/system/tpm2.target +usr/lib/systemd/system/umount.target +usr/lib/systemd/system/usb-gadget.target +usr/lib/systemd/system/user@0.service.d/10-login-barrier.conf +usr/lib/systemd/system/user-runtime-dir@.service +usr/lib/systemd/system/user@.service +usr/lib/systemd/system/user@.service.d/10-login-barrier.conf +usr/lib/systemd/system/user.slice +usr/lib/systemd/system/user-.slice.d/10-defaults.conf +usr/lib/systemd/user/app.slice +usr/lib/systemd/user/background.slice +usr/lib/systemd/user/basic.target +usr/lib/systemd/user/bluetooth.target +usr/lib/systemd/user/capsule@.target +usr/lib/systemd/user/default.target +usr/lib/systemd/user-environment-generators/30-systemd-environment-d-generator +usr/lib/systemd/user/exit.target +usr/lib/systemd/user-generators/systemd-xdg-autostart-generator +usr/lib/systemd/user/graphical-session-pre.target +usr/lib/systemd/user/graphical-session.target +usr/lib/systemd/user/paths.target +usr/lib/systemd/user-preset/90-systemd.preset +usr/lib/systemd/user/printer.target +usr/lib/systemd/user/session.slice +usr/lib/systemd/user/shutdown.target +usr/lib/systemd/user/smartcard.target +usr/lib/systemd/user/sockets.target +usr/lib/systemd/user/sound.target +usr/lib/systemd/user/systemd-exit.service +usr/lib/systemd/user/systemd-tmpfiles-clean.service +usr/lib/systemd/user/systemd-tmpfiles-clean.timer +usr/lib/systemd/user/systemd-tmpfiles-setup.service +usr/lib/systemd/user/timers.target +usr/lib/systemd/user/xdg-desktop-autostart.target +usr/lib/sysusers.d/basic.conf +usr/lib/sysusers.d/systemd-journal.conf +usr/lib/sysusers.d/systemd-network.conf +usr/lib/tmpfiles.d/20-systemd-shell-extra.conf +usr/lib/tmpfiles.d/20-systemd-ssh-generator.conf +usr/lib/tmpfiles.d/20-systemd-stub.conf +usr/lib/tmpfiles.d/credstore.conf +usr/lib/tmpfiles.d/home.conf +usr/lib/tmpfiles.d/journal-nocow.conf +usr/lib/tmpfiles.d/legacy.conf +usr/lib/tmpfiles.d/provision.conf +usr/lib/tmpfiles.d/systemd.conf +usr/lib/tmpfiles.d/systemd-network.conf +usr/lib/tmpfiles.d/systemd-nologin.conf +usr/lib/tmpfiles.d/systemd-pstore.conf +usr/lib/tmpfiles.d/systemd-tmp.conf +usr/lib/tmpfiles.d/tmp.conf +usr/lib/tmpfiles.d/var.conf +usr/lib/tmpfiles.d/x11.conf +usr/lib/udev/rules.d/70-uaccess.rules +usr/lib/udev/rules.d/71-seat.rules +usr/lib/udev/rules.d/73-seat-late.rules +usr/lib/udev/rules.d/99-systemd.rules +usr/share/bash-completion/completions/busctl +usr/share/bash-completion/completions/hostnamectl +usr/share/bash-completion/completions/journalctl +usr/share/bash-completion/completions/kernel-install +usr/share/bash-completion/completions/localectl +usr/share/bash-completion/completions/loginctl +usr/share/bash-completion/completions/networkctl +usr/share/bash-completion/completions/run0 +usr/share/bash-completion/completions/systemctl +usr/share/bash-completion/completions/systemd-analyze +usr/share/bash-completion/completions/systemd-cat +usr/share/bash-completion/completions/systemd-cgls +usr/share/bash-completion/completions/systemd-cgtop +usr/share/bash-completion/completions/systemd-confext +usr/share/bash-completion/completions/systemd-creds +usr/share/bash-completion/completions/systemd-delta +usr/share/bash-completion/completions/systemd-detect-virt +usr/share/bash-completion/completions/systemd-dissect +usr/share/bash-completion/completions/systemd-id128 +usr/share/bash-completion/completions/systemd-path +usr/share/bash-completion/completions/systemd-run +usr/share/bash-completion/completions/systemd-sysext +usr/share/bash-completion/completions/systemd-vpick +usr/share/bash-completion/completions/timedatectl +usr/share/dbus-1/services/org.freedesktop.systemd1.service +usr/share/dbus-1/system.d/org.freedesktop.hostname1.conf +usr/share/dbus-1/system.d/org.freedesktop.locale1.conf +usr/share/dbus-1/system.d/org.freedesktop.login1.conf +usr/share/dbus-1/system.d/org.freedesktop.network1.conf +usr/share/dbus-1/system.d/org.freedesktop.systemd1.conf +usr/share/dbus-1/system.d/org.freedesktop.timedate1.conf +usr/share/dbus-1/system-services/org.freedesktop.hostname1.service +usr/share/dbus-1/system-services/org.freedesktop.locale1.service +usr/share/dbus-1/system-services/org.freedesktop.login1.service +usr/share/dbus-1/system-services/org.freedesktop.network1.service +usr/share/dbus-1/system-services/org.freedesktop.systemd1.service +usr/share/dbus-1/system-services/org.freedesktop.timedate1.service +usr/share/doc/systemd/ +usr/share/locale/ +usr/share/mime/packages/io.systemd.xml +usr/share/polkit-1/actions/io.systemd.credentials.policy +usr/share/polkit-1/actions/org.freedesktop.hostname1.policy +usr/share/polkit-1/actions/org.freedesktop.locale1.policy +usr/share/polkit-1/actions/org.freedesktop.login1.policy +usr/share/polkit-1/actions/org.freedesktop.network1.policy +usr/share/polkit-1/actions/org.freedesktop.systemd1.policy +usr/share/polkit-1/actions/org.freedesktop.timedate1.policy +usr/share/polkit-1/actions/org.freedesktop.timesync1.policy +usr/share/polkit-1/rules.d/systemd-networkd.rules +usr/share/systemd/kbd-model-map +usr/share/systemd/language-fallback-map +usr/share/zsh/vendor-completions/_bootctl +usr/share/zsh/vendor-completions/_busctl +usr/share/zsh/vendor-completions/_hostnamectl +usr/share/zsh/vendor-completions/_journalctl +usr/share/zsh/vendor-completions/_kernel-install +usr/share/zsh/vendor-completions/_localectl +usr/share/zsh/vendor-completions/_loginctl +usr/share/zsh/vendor-completions/_networkctl +usr/share/zsh/vendor-completions/_run0 +usr/share/zsh/vendor-completions/_sd_hosts_or_user_at_host +usr/share/zsh/vendor-completions/_sd_outputmodes +usr/share/zsh/vendor-completions/_sd_unit_files +usr/share/zsh/vendor-completions/_systemctl +usr/share/zsh/vendor-completions/_systemd +usr/share/zsh/vendor-completions/_systemd-analyze +usr/share/zsh/vendor-completions/_systemd-delta +usr/share/zsh/vendor-completions/_systemd-inhibit +usr/share/zsh/vendor-completions/_systemd-path +usr/share/zsh/vendor-completions/_systemd-run +usr/share/zsh/vendor-completions/_systemd-tmpfiles +usr/share/zsh/vendor-completions/_timedatectl +usr/share/zsh/vendor-completions/_varlinkctl +var/lib/systemd/ +../extra/init-functions.d usr/lib/lsb/ +../extra/tmpfiles.d/*.conf usr/lib/tmpfiles.d/ +../extra/systemd-sysv-install usr/lib/systemd/ +../extra/kernel-install.d/* usr/lib/kernel/install.d/ +../extra/pam.d/* usr/lib/pam.d/ +../extra/journald.conf.d usr/lib/systemd/ +../extra/units/getty-static.service usr/lib/systemd/system/ +../extra/units/rc-local.service.d usr/lib/systemd/system/ +../extra/units/run-lock.mount usr/lib/systemd/system/ +../extra/units/systemd-fsck-root.service.d/ usr/lib/systemd/system/ +../extra/units/systemd-localed.service.d usr/lib/systemd/system/ +../extra/units/systemd-logind.service.d usr/lib/systemd/system/ +../extra/system.conf.d/10-coredump-debian.conf usr/lib/systemd/system.conf.d/ +../extra/user.conf.d/10-coredump-debian.conf usr/lib/systemd/user.conf.d/ +../extra/sysctl.d/10-coredump-debian.conf usr/lib/sysctl.d/ +../extra/limits.d/10-coredump-debian.conf etc/security/limits.d/ +../extra/dbus-1/system.d/systemd-localed-read-only.conf usr/share/dbus-1/system.d/ diff --git a/systemd.links b/systemd.links new file mode 100644 index 00000000..65123801 --- /dev/null +++ b/systemd.links @@ -0,0 +1,22 @@ +# These are all services which have native implementations +# So we mask them by linking against /dev/null or create an alias +/usr/lib/systemd/system/systemd-sysctl.service /usr/lib/systemd/system/procps.service + +/usr/lib/systemd/system/systemd-modules-load.service /usr/lib/systemd/system/kmod.service +/etc/modules /etc/modules-load.d/modules.conf + +# X server and ICE socket directories are created by /usr/lib/tmpfiles.d/x11.conf +/dev/null /usr/lib/systemd/system/x11-common.service + +# Don't set the hwclock, as the kernel does that on its own when using NTP +# Without NTP, we shouldn't store the time either +# https://github.com/systemd/systemd/commit/da2617378523e007ec0c6efe99d0cebb2be994e1 +/dev/null /usr/lib/systemd/system/hwclock.service + +# We use the built-in cryptsetup support +/dev/null /usr/lib/systemd/system/cryptdisks.service +/dev/null /usr/lib/systemd/system/cryptdisks-early.service + +# Enable Debian specific units +/usr/lib/systemd/system/getty-static.service /usr/lib/systemd/system/getty.target.wants/getty-static.service +/usr/lib/systemd/system/run-lock.mount /usr/lib/systemd/system/local-fs.target.wants/run-lock.mount diff --git a/systemd.lintian-overrides b/systemd.lintian-overrides new file mode 100644 index 00000000..a6988a82 --- /dev/null +++ b/systemd.lintian-overrides @@ -0,0 +1,10 @@ +systemd: maintainer-script-calls-systemctl +# Our units without [Install] are either event driven or statically enabled +systemd: systemd-service-file-missing-install-key +# Lintian is really bad at associating manpages +systemd: spare-manual-page +# netlink keyword +systemd: spelling-error-in-binary iif if [usr/lib/systemd/systemd-networkd] +# False positives due to the '/tmp' string mentioned for tmpfiles.d/tmp.conf +systemd: possibly-insecure-handling-of-tmp-files-in-maintainer-script /tmp [postinst:*] +systemd: possibly-insecure-handling-of-tmp-files-in-maintainer-script /tmp [postrm:*] diff --git a/systemd.maintscript b/systemd.maintscript new file mode 100644 index 00000000..0531fbae --- /dev/null +++ b/systemd.maintscript @@ -0,0 +1 @@ +rm_conffile /etc/systemd/resolved.conf 251.3-2~ diff --git a/systemd.manpages b/systemd.manpages new file mode 100755 index 00000000..f2f2a277 --- /dev/null +++ b/systemd.manpages @@ -0,0 +1,260 @@ +#!/usr/bin/dh-exec +debian/tmp/usr/share/man/man1/busctl.1 +debian/tmp/usr/share/man/man1/hostnamectl.1 +debian/tmp/usr/share/man/man1/journalctl.1 +debian/tmp/usr/share/man/man1/localectl.1 +debian/tmp/usr/share/man/man1/loginctl.1 +debian/tmp/usr/share/man/man1/networkctl.1 +debian/tmp/usr/share/man/man1/run0.1 +debian/tmp/usr/share/man/man1/systemctl.1 +debian/tmp/usr/share/man/man1/systemd.1 +debian/tmp/usr/share/man/man1/systemd-ac-power.1 +debian/tmp/usr/share/man/man1/systemd-analyze.1 +debian/tmp/usr/share/man/man1/systemd-ask-password.1 +debian/tmp/usr/share/man/man1/systemd-cat.1 +debian/tmp/usr/share/man/man1/systemd-cgls.1 +debian/tmp/usr/share/man/man1/systemd-cgtop.1 +debian/tmp/usr/share/man/man1/systemd-creds.1 +debian/tmp/usr/share/man/man1/systemd-delta.1 +debian/tmp/usr/share/man/man1/systemd-detect-virt.1 +debian/tmp/usr/share/man/man1/systemd-escape.1 +debian/tmp/usr/share/man/man1/systemd-firstboot.1 +debian/tmp/usr/share/man/man1/systemd-firstboot.service.1 +debian/tmp/usr/share/man/man1/systemd-id128.1 +debian/tmp/usr/share/man/man1/systemd-inhibit.1 +debian/tmp/usr/share/man/man1/systemd-machine-id-setup.1 + debian/tmp/usr/share/man/man1/systemd-measure.1 +debian/tmp/usr/share/man/man1/systemd-mount.1 +debian/tmp/usr/share/man/man1/systemd-notify.1 +debian/tmp/usr/share/man/man1/systemd-path.1 +debian/tmp/usr/share/man/man1/systemd-run.1 +debian/tmp/usr/share/man/man1/systemd-socket-activate.1 +debian/tmp/usr/share/man/man1/systemd-ssh-proxy.1 +debian/tmp/usr/share/man/man1/systemd-stdio-bridge.1 +debian/tmp/usr/share/man/man1/systemd-tty-ask-password-agent.1 +debian/tmp/usr/share/man/man1/systemd-umount.1 +debian/tmp/usr/share/man/man1/systemd-vpick.1 +debian/tmp/usr/share/man/man1/timedatectl.1 +debian/tmp/usr/share/man/man1/varlinkctl.1 +debian/tmp/usr/share/man/man5/binfmt.d.5 +debian/tmp/usr/share/man/man5/capsule@.service.5 +debian/tmp/usr/share/man/man5/dnssec-trust-anchors.d.5 +debian/tmp/usr/share/man/man5/environment.d.5 +debian/tmp/usr/share/man/man5/extension-release.5 +debian/tmp/usr/share/man/man5/hostname.5 +debian/tmp/usr/share/man/man5/initrd-release.5 +debian/tmp/usr/share/man/man5/iocost.conf.5 +debian/tmp/usr/share/man/man5/journald.conf.5 +debian/tmp/usr/share/man/man5/journald@.conf.5 +debian/tmp/usr/share/man/man5/journald.conf.d.5 +debian/tmp/usr/share/man/man5/locale.conf.5 +debian/tmp/usr/share/man/man5/localtime.5 +debian/tmp/usr/share/man/man5/logind.conf.5 +debian/tmp/usr/share/man/man5/logind.conf.d.5 +debian/tmp/usr/share/man/man5/machine-id.5 +debian/tmp/usr/share/man/man5/machine-info.5 +debian/tmp/usr/share/man/man5/modules-load.d.5 +debian/tmp/usr/share/man/man5/networkd.conf.5 +debian/tmp/usr/share/man/man5/networkd.conf.d.5 +debian/tmp/usr/share/man/man5/org.freedesktop.hostname1.5 +debian/tmp/usr/share/man/man5/org.freedesktop.locale1.5 +debian/tmp/usr/share/man/man5/org.freedesktop.LogControl1.5 +debian/tmp/usr/share/man/man5/org.freedesktop.login1.5 +debian/tmp/usr/share/man/man5/org.freedesktop.machine1.5 +debian/tmp/usr/share/man/man5/org.freedesktop.network1.5 +debian/tmp/usr/share/man/man5/org.freedesktop.portable1.5 +debian/tmp/usr/share/man/man5/org.freedesktop.systemd1.5 +debian/tmp/usr/share/man/man5/org.freedesktop.timedate1.5 +debian/tmp/usr/share/man/man5/os-release.5 +debian/tmp/usr/share/man/man5/pstore.conf.5 +debian/tmp/usr/share/man/man5/pstore.conf.d.5 +debian/tmp/usr/share/man/man5/sleep.conf.d.5 +debian/tmp/usr/share/man/man5/sysctl.d.5 +debian/tmp/usr/share/man/man5/system.conf.d.5 +debian/tmp/usr/share/man/man5/systemd.automount.5 +debian/tmp/usr/share/man/man5/systemd.device.5 +debian/tmp/usr/share/man/man5/systemd.dnssd.5 +debian/tmp/usr/share/man/man5/systemd.exec.5 +debian/tmp/usr/share/man/man5/systemd.kill.5 +debian/tmp/usr/share/man/man5/systemd.mount.5 +debian/tmp/usr/share/man/man5/systemd.negative.5 +debian/tmp/usr/share/man/man5/systemd.netdev.5 +debian/tmp/usr/share/man/man5/systemd.network.5 +debian/tmp/usr/share/man/man5/systemd.path.5 +debian/tmp/usr/share/man/man5/systemd.pcrlock.5 +debian/tmp/usr/share/man/man5/systemd.pcrlock.d.5 +debian/tmp/usr/share/man/man5/systemd.positive.5 +debian/tmp/usr/share/man/man5/systemd.preset.5 +debian/tmp/usr/share/man/man5/systemd.resource-control.5 +debian/tmp/usr/share/man/man5/systemd.scope.5 +debian/tmp/usr/share/man/man5/systemd.service.5 +debian/tmp/usr/share/man/man5/systemd-sleep.conf.5 +debian/tmp/usr/share/man/man5/systemd.slice.5 +debian/tmp/usr/share/man/man5/systemd.socket.5 +debian/tmp/usr/share/man/man5/systemd.swap.5 +debian/tmp/usr/share/man/man5/systemd-system.conf.5 +debian/tmp/usr/share/man/man5/systemd.target.5 +debian/tmp/usr/share/man/man5/systemd.timer.5 +debian/tmp/usr/share/man/man5/systemd.unit.5 +debian/tmp/usr/share/man/man5/systemd-user.conf.5 +debian/tmp/usr/share/man/man5/systemd-user-runtime-dir.5 +debian/tmp/usr/share/man/man5/sysusers.d.5 +debian/tmp/usr/share/man/man5/tmpfiles.d.5 +debian/tmp/usr/share/man/man5/user.conf.d.5 +debian/tmp/usr/share/man/man5/user-runtime-dir@.service.5 +debian/tmp/usr/share/man/man5/user@.service.5 +debian/tmp/usr/share/man/man7/bootup.7 +debian/tmp/usr/share/man/man7/daemon.7 +debian/tmp/usr/share/man/man7/file-hierarchy.7 +debian/tmp/usr/share/man/man7/kernel-command-line.7 +debian/tmp/usr/share/man/man7/smbios-type-11.7 +debian/tmp/usr/share/man/man7/systemd.directives.7 +debian/tmp/usr/share/man/man7/systemd.environment-generator.7 +debian/tmp/usr/share/man/man7/systemd.generator.7 +debian/tmp/usr/share/man/man7/systemd.image-policy.7 +debian/tmp/usr/share/man/man7/systemd.index.7 +debian/tmp/usr/share/man/man7/systemd.journal-fields.7 +debian/tmp/usr/share/man/man7/systemd.net-naming-scheme.7 +debian/tmp/usr/share/man/man7/systemd.offline-updates.7 +debian/tmp/usr/share/man/man7/systemd.special.7 +debian/tmp/usr/share/man/man7/systemd.syntax.7 +debian/tmp/usr/share/man/man7/systemd.system-credentials.7 +debian/tmp/usr/share/man/man7/systemd.time.7 +debian/tmp/usr/share/man/man7/systemd.v.7 +debian/tmp/usr/share/man/man8/30-systemd-environment-d-generator.8 +debian/tmp/usr/share/man/man8/kernel-install.8 +debian/tmp/usr/share/man/man8/pam_systemd_loadkey.8 +debian/tmp/usr/share/man/man8/rc-local.service.8 +debian/tmp/usr/share/man/man8/systemd-ask-password-console.path.8 +debian/tmp/usr/share/man/man8/systemd-ask-password-console.service.8 +debian/tmp/usr/share/man/man8/systemd-ask-password-wall.path.8 +debian/tmp/usr/share/man/man8/systemd-ask-password-wall.service.8 +debian/tmp/usr/share/man/man8/systemd-backlight.8 +debian/tmp/usr/share/man/man8/systemd-backlight@.service.8 +debian/tmp/usr/share/man/man8/systemd-battery-check.8 +debian/tmp/usr/share/man/man8/systemd-battery-check.service.8 +debian/tmp/usr/share/man/man8/systemd-binfmt.8 +debian/tmp/usr/share/man/man8/systemd-binfmt.service.8 +debian/tmp/usr/share/man/man8/systemd-boot-check-no-failures.8 +debian/tmp/usr/share/man/man8/systemd-boot-check-no-failures.service.8 + debian/tmp/usr/share/man/man8/systemd-bsod.8 + debian/tmp/usr/share/man/man8/systemd-bsod.service.8 +debian/tmp/usr/share/man/man8/systemd-confext.8 +debian/tmp/usr/share/man/man8/systemd-confext.service.8 +debian/tmp/usr/share/man/man8/systemd-debug-generator.8 +debian/tmp/usr/share/man/man8/systemd-environment-d-generator.8 +debian/tmp/usr/share/man/man8/systemd-fsck.8 +debian/tmp/usr/share/man/man8/systemd-fsck-root.service.8 +debian/tmp/usr/share/man/man8/systemd-fsck@.service.8 +debian/tmp/usr/share/man/man8/systemd-fsck-usr.service.8 +debian/tmp/usr/share/man/man8/systemd-fstab-generator.8 +debian/tmp/usr/share/man/man8/systemd-getty-generator.8 +debian/tmp/usr/share/man/man8/systemd-gpt-auto-generator.8 +debian/tmp/usr/share/man/man8/systemd-growfs.8 +debian/tmp/usr/share/man/man8/systemd-growfs-root.service.8 +debian/tmp/usr/share/man/man8/systemd-growfs@.service.8 +debian/tmp/usr/share/man/man8/systemd-halt.service.8 +debian/tmp/usr/share/man/man8/systemd-hibernate-clear.service.8 +debian/tmp/usr/share/man/man8/systemd-hibernate-resume.8 +debian/tmp/usr/share/man/man8/systemd-hibernate-resume-generator.8 +debian/tmp/usr/share/man/man8/systemd-hibernate-resume.service.8 +debian/tmp/usr/share/man/man8/systemd-hibernate.service.8 +debian/tmp/usr/share/man/man8/systemd-hostnamed.8 +debian/tmp/usr/share/man/man8/systemd-hostnamed.service.8 +debian/tmp/usr/share/man/man8/systemd-hybrid-sleep.service.8 +debian/tmp/usr/share/man/man8/systemd-initctl.8 +debian/tmp/usr/share/man/man8/systemd-initctl.service.8 +debian/tmp/usr/share/man/man8/systemd-initctl.socket.8 +debian/tmp/usr/share/man/man8/systemd-journald.8 +debian/tmp/usr/share/man/man8/systemd-journald-audit.socket.8 +debian/tmp/usr/share/man/man8/systemd-journald-dev-log.socket.8 +debian/tmp/usr/share/man/man8/systemd-journald.service.8 +debian/tmp/usr/share/man/man8/systemd-journald@.service.8 +debian/tmp/usr/share/man/man8/systemd-journald.socket.8 +debian/tmp/usr/share/man/man8/systemd-journald@.socket.8 +debian/tmp/usr/share/man/man8/systemd-journald-varlink@.socket.8 +debian/tmp/usr/share/man/man8/systemd-kexec.service.8 +debian/tmp/usr/share/man/man8/systemd-localed.8 +debian/tmp/usr/share/man/man8/systemd-localed.service.8 +debian/tmp/usr/share/man/man8/systemd-logind.8 +debian/tmp/usr/share/man/man8/systemd-logind.service.8 +debian/tmp/usr/share/man/man8/systemd-machine-id-commit.service.8 +debian/tmp/usr/share/man/man8/systemd-makefs.8 +debian/tmp/usr/share/man/man8/systemd-makefs@.service.8 +debian/tmp/usr/share/man/man8/systemd-mkswap@.service.8 +debian/tmp/usr/share/man/man8/systemd-modules-load.8 +debian/tmp/usr/share/man/man8/systemd-modules-load.service.8 +debian/tmp/usr/share/man/man8/systemd-networkd.8 +debian/tmp/usr/share/man/man8/systemd-networkd.service.8 +debian/tmp/usr/share/man/man8/systemd-networkd-wait-online.8 +debian/tmp/usr/share/man/man8/systemd-networkd-wait-online.service.8 +debian/tmp/usr/share/man/man8/systemd-networkd-wait-online@.service.8 +debian/tmp/usr/share/man/man8/systemd-network-generator.8 +debian/tmp/usr/share/man/man8/systemd-network-generator.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrextend.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrfs-root.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrfs@.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrlock.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrlock-file-system.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrlock-firmware-code.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrlock-firmware-config.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrlock-machine-id.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrlock-make-policy.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrlock-secureboot-authority.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrlock-secureboot-policy.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrmachine.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrphase-initrd.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrphase.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-pcrphase-sysinit.service.8 +debian/tmp/usr/share/man/man8/systemd-poweroff.service.8 +debian/tmp/usr/share/man/man8/systemd-pstore.8 +debian/tmp/usr/share/man/man8/systemd-pstore.service.8 +debian/tmp/usr/share/man/man8/systemd-quotacheck.8 +debian/tmp/usr/share/man/man8/systemd-quotacheck.service.8 +debian/tmp/usr/share/man/man8/systemd-random-seed.8 +debian/tmp/usr/share/man/man8/systemd-random-seed.service.8 +debian/tmp/usr/share/man/man8/systemd-rc-local-generator.8 +debian/tmp/usr/share/man/man8/systemd-reboot.service.8 +debian/tmp/usr/share/man/man8/systemd-remount-fs.8 +debian/tmp/usr/share/man/man8/systemd-remount-fs.service.8 +debian/tmp/usr/share/man/man8/systemd-rfkill.8 +debian/tmp/usr/share/man/man8/systemd-rfkill.service.8 +debian/tmp/usr/share/man/man8/systemd-rfkill.socket.8 +debian/tmp/usr/share/man/man8/systemd-run-generator.8 +debian/tmp/usr/share/man/man8/systemd-shutdown.8 +debian/tmp/usr/share/man/man8/systemd-sleep.8 +debian/tmp/usr/share/man/man8/systemd-socket-proxyd.8 +debian/tmp/usr/share/man/man8/systemd-soft-reboot.service.8 +debian/tmp/usr/share/man/man8/systemd-ssh-generator.8 +debian/tmp/usr/share/man/man8/systemd-storagetm.8 +debian/tmp/usr/share/man/man8/systemd-storagetm.service.8 +debian/tmp/usr/share/man/man8/systemd-suspend.service.8 +debian/tmp/usr/share/man/man8/systemd-suspend-then-hibernate.service.8 +debian/tmp/usr/share/man/man8/systemd-sysctl.8 +debian/tmp/usr/share/man/man8/systemd-sysctl.service.8 +debian/tmp/usr/share/man/man8/systemd-sysext.8 +debian/tmp/usr/share/man/man8/systemd-sysext.service.8 +debian/tmp/usr/share/man/man8/systemd-system-update-generator.8 +debian/tmp/usr/share/man/man8/systemd-sysusers.8 +debian/tmp/usr/share/man/man8/systemd-sysusers.service.8 +debian/tmp/usr/share/man/man8/systemd-sysv-generator.8 +debian/tmp/usr/share/man/man8/systemd-timedated.8 +debian/tmp/usr/share/man/man8/systemd-timedated.service.8 +debian/tmp/usr/share/man/man8/systemd-tmpfiles.8 +debian/tmp/usr/share/man/man8/systemd-tmpfiles-clean.service.8 +debian/tmp/usr/share/man/man8/systemd-tmpfiles-clean.timer.8 +debian/tmp/usr/share/man/man8/systemd-tmpfiles-setup-dev-early.service.8 +debian/tmp/usr/share/man/man8/systemd-tmpfiles-setup-dev.service.8 +debian/tmp/usr/share/man/man8/systemd-tmpfiles-setup.service.8 +debian/tmp/usr/share/man/man8/systemd-tpm2-generator.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-tpm2-setup.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-tpm2-setup-early.service.8 +[amd64 i386 arm64 armhf riscv64] debian/tmp/usr/share/man/man8/systemd-tpm2-setup.service.8 +debian/tmp/usr/share/man/man8/systemd-udev-settle.service.8 +debian/tmp/usr/share/man/man8/systemd-update-done.8 +debian/tmp/usr/share/man/man8/systemd-update-done.service.8 +debian/tmp/usr/share/man/man8/systemd-user-sessions.8 +debian/tmp/usr/share/man/man8/systemd-user-sessions.service.8 +debian/tmp/usr/share/man/man8/systemd-volatile-root.8 +debian/tmp/usr/share/man/man8/systemd-volatile-root.service.8 +debian/tmp/usr/share/man/man8/systemd-xdg-autostart-generator.8 diff --git a/systemd.postinst b/systemd.postinst new file mode 100644 index 00000000..79b7f477 --- /dev/null +++ b/systemd.postinst @@ -0,0 +1,119 @@ +#!/bin/sh + +set -e + +_systemctl() { + if [ -z "$DPKG_ROOT" ] && [ -d /run/systemd/system ]; then + systemctl "$@" + fi +} + +_update_catalog() { + journalctl ${DPKG_ROOT:+--root="$DPKG_ROOT"} --update-catalog || true +} + +_update_binfmt() { + if [ "$(_systemctl show -P LoadState systemd-binfmt.service)" != "masked" ]; then + _systemctl restart systemd-binfmt.service || true + fi +} + +_update_sysctl() { + if [ "$(_systemctl show -P LoadState systemd-sysctl.service)" != "masked" ]; then + _systemctl restart systemd-sysctl.service || true + fi +} + +_restart_managers() { + _systemctl daemon-reexec || true + # Re-exec user instances so that running user managers are updated too. + # SIGRTMIN+25 -> reexec. Note that this is asynchronous, but we can't use + # D-Bus as dbus-user-session is not guaranteed to be available. + _systemctl kill --kill-whom='main' --signal='SIGRTMIN+25' 'user@*.service' || true + # do not restart logind + # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919509 + _systemctl try-restart systemd-networkd.service || true + _systemctl try-restart systemd-journald.service || true +} + +# Update Message Catalogs database and binfmt registrations in response to dpkg triggers +if [ "$1" = "triggered" ]; then + shift + for trigger in $@; do + case $trigger in + /usr/lib/systemd/catalog) + _update_catalog + ;; + /usr/lib/binfmt.d) + _update_binfmt + ;; + /usr/lib/sysctl.d) + _update_sysctl + ;; + libc-upgrade) + _restart_managers + ;; + esac + done + exit 0 +fi + +# Enable getty, remote-fs.target and systemd-pstore by default on new installs +if [ -z "$2" ]; then + systemctl ${DPKG_ROOT:+--root="$DPKG_ROOT"} enable getty@tty1.service || true + systemctl ${DPKG_ROOT:+--root="$DPKG_ROOT"} enable remote-fs.target || true + systemctl ${DPKG_ROOT:+--root="$DPKG_ROOT"} enable systemd-pstore.service || true +fi + +# Create /etc/machine-id +systemd-machine-id-setup ${DPKG_ROOT:+--root="$DPKG_ROOT"} + +# Enable persistent journal, in auto-mode, by default on new installs +if [ -z "$2" ]; then + mkdir -p "$DPKG_ROOT/var/log/journal" +fi + +# Initial update of the Message Catalogs database +_update_catalog + +# Move the old locale file into /etc. Symlinks will be created by tmpfiles.d later +if [ -f "$DPKG_ROOT/etc/default/locale" ] && [ ! -L "$DPKG_ROOT/etc/default/locale" ] && [ ! -f "$DPKG_ROOT/etc/locale.conf" ]; then + mv "$DPKG_ROOT/etc/default/locale" "$DPKG_ROOT/etc/locale.conf" +fi + +# On upgrade for now keep the current tmpfiles.d (as it used to be after patches), +# drop in Forky +if [ -n "$2" ] && dpkg --compare-versions "$2" lt 256~rc3-3 && [ ! -f "$DPKG_ROOT/etc/tmpfiles.d/tmp.conf" ]; then + mkdir -p "$DPKG_ROOT/etc/tmpfiles.d/" + echo 'D /tmp 1777 root root -' > "$DPKG_ROOT/etc/tmpfiles.d/tmp.conf" +fi + +# We used to ship tmp.mount in /usr/share as an example, and some users link it in /etc/, +# remove the link as a workaround until Trixie ships. This method would also have created +# a link in local-fs.target.wants, so remove that too. +if [ -n "$2" ] && [ -L "$DPKG_ROOT/etc/systemd/system/tmp.mount" ] && [ "$(readlink "$DPKG_ROOT/etc/systemd/system/tmp.mount")" = "/usr/share/systemd/tmp.mount" ]; then + rm -f "$DPKG_ROOT/etc/systemd/system/tmp.mount" + rm -f "$DPKG_ROOT/etc/systemd/system/local-fs.target.wants/tmp.mount" +fi + +# The user may have used 'systemctl enable /usr/share/systemd/tmp.mount', which +# would have created a symlink in the local-fs.target.wants directory (as the +# pre-Trixie tmp.mount included an [install] section for that purpose). If it +# exists, remove it. +if [ -n "$2" ] && [ -L "$DPKG_ROOT/etc/systemd/system/local-fs.target.wants/tmp.mount" ] && [ "$(readlink "$DPKG_ROOT/etc/systemd/system/local-fs.target.wants/tmp.mount")" = "/usr/share/systemd/tmp.mount" ]; then + rm -f "$DPKG_ROOT/etc/systemd/system/local-fs.target.wants/tmp.mount" +fi + +# Unless it's already running, ensure /tmp/ does not get overwritten by +# the tmpfs from tmp.mount in case a unit is later activated that implicitly +# depends on it (for example with PrivateTmp=yes) by runtime masking it +if ! _systemctl is-active --quiet tmp.mount; then + _systemctl mask --runtime tmp.mount +fi + +#DEBHELPER# + +# skip daemon-reexec and try-restarts during shutdown to avoid hitting LP: #1803391 +if [ -n "$2" ] && [ "$(systemctl is-system-running)" != "stopping" ]; then + _restart_managers +fi diff --git a/systemd.postrm b/systemd.postrm new file mode 100644 index 00000000..50188760 --- /dev/null +++ b/systemd.postrm @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +case "$1" in + purge) + # clean up after manually enabled units in postinst + rm -f /etc/systemd/system/getty.target.wants/getty@tty1.service + rm -f /etc/systemd/system/multi-user.target.wants/remote-fs.target + rm -f /etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service + rm -f /etc/systemd/system/dbus-org.freedesktop.timesync1.service + rm -f /etc/systemd/system/sysinit.target.wants/systemd-pstore.service + rmdir --ignore-fail-on-non-empty /etc/systemd/system/getty.target.wants 2> /dev/null || true + rmdir --ignore-fail-on-non-empty /etc/systemd/system/multi-user.target.wants 2> /dev/null || true + rmdir --ignore-fail-on-non-empty /etc/systemd/system/sysinit.target.wants 2> /dev/null || true + + # If we created tmp.conf for compatibility with pre-Trixie, remove it (it is intentionally orphaned) + if [ -f /etc/tmpfiles.d/tmp.conf ] && [ "$(cat /etc/tmpfiles.d/tmp.conf)" = "D /tmp 1777 root root -" ]; then + rm -f /etc/tmpfiles.d/tmp.conf + fi + + rm -f /var/lib/systemd/catalog/database + rmdir --ignore-fail-on-non-empty /var/lib/systemd/catalog 2> /dev/null || true + + rm -rf /var/lib/systemd/network/ + rm -rf /var/lib/systemd/backlight/ + rm -rf /var/lib/systemd/rfkill/ + rm -rf /var/lib/systemd/timesync/ + rm -rf /var/lib/systemd/ephemeral-trees/ + + rm -f /var/lib/systemd/random-seed + + rm -f /var/log/README + rmdir --ignore-fail-on-non-empty /var/lib/systemd/pstore/ 2> /dev/null || true + rmdir --ignore-fail-on-non-empty /var/lib/systemd/coredump/ 2> /dev/null || true + rmdir --ignore-fail-on-non-empty /var/log/journal 2> /dev/null || true + ;; +esac + +#DEBHELPER# diff --git a/systemd.preinst b/systemd.preinst new file mode 100644 index 00000000..67c1304b --- /dev/null +++ b/systemd.preinst @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +is_merged() { + local directories="/bin /sbin /lib" + for dir in $directories; do + [ -e "$DPKG_ROOT$dir" ] || continue + [ "$(readlink -f "$DPKG_ROOT$dir")" = "$DPKG_ROOT/usr$dir" ] || return 1 + done + + # Avoid an exact match, as the target might vary depending on the tool + # building the image. For example, systemd-nspawn links /lib64 to + # /usr/lib/aarch64-linux-gnu on arm64, while on amd64 debootstrap links it to + # /usr/lib64 and doesn't create it at all on arm64. + # See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019575 + local arch_directories="/lib64 /lib32 /libo32 /libx32" + for dir in $arch_directories; do + [ -e "$DPKG_ROOT$dir" ] || continue + case "$(readlink -f "$DPKG_ROOT$dir")" in + "$DPKG_ROOT/usr/lib"*) ;; + *) return 1;; + esac + done + + return 0 +} + +fail_if_unmerged() { + if is_merged; then return; fi + + cat << END + + +****************************************************************************** +* +* The systemd package cannot be installed because this system does +* not have a merged /usr. +* +* Please install the usrmerge package to convert this system to merged-/usr. +* +* For more information please read https://wiki.debian.org/UsrMerge. +* +****************************************************************************** + + +END + exit 1 +} + +case "$1" in + install|upgrade) + fail_if_unmerged + ;; +esac + +#DEBHELPER# diff --git a/systemd.prerm b/systemd.prerm new file mode 100644 index 00000000..b08c895f --- /dev/null +++ b/systemd.prerm @@ -0,0 +1,15 @@ +#!/bin/sh + +set -e + +# +# Prevent systemd from being removed if it's the active init. That +# will not work. +# + +if [ "$1" = "remove" ] && [ -d /run/systemd/system ]; then + echo "systemd is the active init system, please switch to another before removing systemd." + exit 1 +fi + +#DEBHELPER# diff --git a/systemd.triggers b/systemd.triggers new file mode 100644 index 00000000..aa46006a --- /dev/null +++ b/systemd.triggers @@ -0,0 +1,4 @@ +interest-noawait /usr/lib/systemd/catalog +interest-noawait /usr/lib/binfmt.d +interest-noawait /usr/lib/sysctl.d +interest-noawait libc-upgrade diff --git a/tests/assert.sh b/tests/assert.sh new file mode 100644 index 00000000..1d47bf48 --- /dev/null +++ b/tests/assert.sh @@ -0,0 +1,34 @@ +# utility functions for shell tests + +assert_true() { + if ! $1; then + echo "FAIL: command '$1' failed with exit code $?" >&2 + exit 1 + fi +} + + +assert_eq() { + if [ "$1" != "$2" ]; then + echo "FAIL: expected: '$2' actual: '$1'" >&2 + exit 1 + fi +} + +assert_in() { + if ! echo "$2" | grep -q "$1"; then + echo "FAIL: '$1' not found in:" >&2 + echo "$2" >&2 + exit 1 + fi +} + +assert_rc() { + local exp=$1 + shift + set +e + $@ + RC=$? + set -e + assert_eq $RC $exp +} diff --git a/tests/boot-and-services b/tests/boot-and-services new file mode 100755 index 00000000..c72f4a1e --- /dev/null +++ b/tests/boot-and-services @@ -0,0 +1,523 @@ +#!/usr/bin/python3 +# autopkgtest check: Boot with systemd and check critical desktop services +# (C) 2014 Canonical Ltd. +# Author: Martin Pitt + +import sys +import os +import unittest +import subprocess +import tempfile +import shutil +import time +import re +from glob import glob + +is_container = subprocess.call(['systemd-detect-virt', '--container']) == 0 + + +def wait_unit_stop(unit, timeout=10): + '''Wait until given unit is not running any more + + Raise RuntimeError on timeout. + ''' + for i in range(timeout): + if subprocess.call(['systemctl', 'is-active', '--quiet', unit]) != 0: + return + time.sleep(1) + + raise RuntimeError('Timed out waiting for %s to stop' % unit) + + +class ServicesTest(unittest.TestCase): + '''Check that expected services are running''' + + def test_0_init(self): + '''Verify that init is systemd''' + + self.assertIn('systemd', os.readlink('/proc/1/exe')) + + @unittest.skipUnless(shutil.which('gdm3') is not None, 'gdm3 not found') + def test_gdm3(self): + subprocess.check_call(['pgrep', '-af', '/gdm[-3]']) + self.active_unit('gdm') + + def test_dbus(self): + out = subprocess.check_output( + ['dbus-send', '--print-reply', '--system', + '--dest=org.freedesktop.DBus', '/', 'org.freedesktop.DBus.GetId']) + self.assertIn(b'string "', out) + self.active_unit('dbus') + + def test_network_manager(self): + # 0.9.10 changed the command name + _help = subprocess.check_output(['nmcli', '--help'], + stderr=subprocess.STDOUT) + if b' g[eneral]' in _help: + out = subprocess.check_output(['nmcli', 'general']) + else: + out = subprocess.check_output(['nmcli', 'nm']) + self.assertIn(b'enabled', out) + self.active_unit('NetworkManager') + + def test_cron(self): + pid = subprocess.check_output(['pidof', 'cron'], universal_newlines=True).strip() + out = subprocess.check_output(['ps', 'u', pid], universal_newlines=True) + self.assertIn('root', out) + self.active_unit('cron') + + def test_logind(self): + out = subprocess.check_output(['loginctl']) + self.assertNotEqual(b'', out) + self.active_unit('systemd-logind') + + @unittest.skipIf('pkg.systemd.upstream' in os.environ.get('DEB_BUILD_PROFILES', ''), + 'Forwarding to rsyslog is a Debian patch') + def test_rsyslog(self): + pid = subprocess.check_output(['pidof', 'rsyslogd'], universal_newlines=True).strip() + out = subprocess.check_output(['ps', 'u', pid], universal_newlines=True) + self.assertIn('bin/rsyslogd', out) + self.active_unit('rsyslog') + with open('/var/log/syslog') as f: + log = f.read() + if not is_container: + # has kernel messages + self.assertRegex(log, 'kernel:.*') + # has init messages + self.assertRegex(log, 'systemd.*Reached target(?: graphical.target -)? Graphical Interface') + # has other services + self.assertRegex(log, 'NetworkManager.*:') + + @unittest.skipIf(is_container, 'udev does not work in containers') + def test_udev(self): + out = subprocess.check_output(['udevadm', 'info', '--export-db']) + self.assertIn(b'\nP: /devices/', out) + self.active_unit('systemd-udevd') + + @unittest.skipIf('pkg.systemd.upstream' in os.environ.get('DEB_BUILD_PROFILES', ''), + 'Debian specific configuration, N/A for upstream') + def test_tmp_cleanup(self): + # autopkgtest overrides tmp.mount with empty /etc/systemd/system/tmp.mount + # as a workaround for issues where /tmp is filled up too easily. LP: #2069834 + try: + if os.stat('/etc/systemd/system/tmp.mount').st_size == 0: + self.skipTest('autopkgtest environment has overridden tmp.mount') + except FileNotFoundError: + pass + + # systemd-tmpfiles-clean.timer only runs 15 mins after boot, shortcut + # it + self.assertEqual(subprocess.call( + ['systemctl', 'status', 'systemd-tmpfiles-clean.timer'], + stdout=subprocess.PIPE), 0) + subprocess.check_call(['systemctl', 'start', 'systemd-tmpfiles-clean']) + if not is_container: + # all files in /tmp/ should get cleaned up on boot + self.assertFalse(os.path.exists('/tmp/oldfile.test')) + self.assertFalse(os.path.exists('/tmp/newfile.test')) + # files in /var/tmp/ older than 30d should get cleaned up, unless legacy + # compat tmpfiles.d is installed + if not is_container and not os.path.exists('/etc/tmpfiles.d/tmp.conf'): + self.assertFalse(os.path.exists('/var/tmp/oldfile.test')) + self.assertTrue(os.path.exists('/var/tmp/newfile.test')) + + # next run should leave the recent ones + os.close(os.open('/tmp/newfile.test', + os.O_CREAT | os.O_EXCL | os.O_WRONLY)) + subprocess.check_call(['systemctl', 'start', 'systemd-tmpfiles-clean']) + self.assertTrue(os.path.exists('/tmp/newfile.test')) + + # Helper methods + + def active_unit(self, unit): + '''Check that given unit is active''' + + out = subprocess.check_output(['systemctl', 'status', unit]) + self.assertIn(b'active (running)', out) + + +class JournalTest(unittest.TestCase): + '''Check journal functionality''' + + def test_no_options(self): + out = subprocess.check_output(['journalctl']) + if not is_container: + # has kernel messages + self.assertRegex(out, b'kernel:.*') + # has init messages + self.assertRegex(out, b'systemd.*Reached target(?: graphical.target -)? Graphical Interface') + # has other services + self.assertRegex(out, b'NetworkManager.*:.*starting') + + def test_log_for_service(self): + out = subprocess.check_output( + ['journalctl', '_SYSTEMD_UNIT=NetworkManager.service']) + self.assertRegex(out, b'NetworkManager.*:.*starting') + self.assertNotIn(b'kernel:', out) + self.assertNotIn(b'systemd:', out) + + +@unittest.skipIf(is_container, 'nspawn does not work in most containers') +class NspawnTest(unittest.TestCase): + '''Check nspawn''' + + @classmethod + def setUpClass(kls): + '''Build a bootable busybox mini-container''' + + kls.td_c_busybox = tempfile.TemporaryDirectory(prefix='c_busybox.') + kls.c_busybox = kls.td_c_busybox.name + for d in ['etc/init.d', 'bin', 'sbin']: + os.makedirs(os.path.join(kls.c_busybox, d)) + shutil.copy('/bin/busybox', os.path.join(kls.c_busybox, 'bin')) + shutil.copy('/etc/os-release', os.path.join(kls.c_busybox, 'etc')) + os.symlink('busybox', os.path.join(kls.c_busybox, 'bin', 'sh')) + os.symlink('../bin/busybox', os.path.join(kls.c_busybox, 'sbin/init')) + with open(os.path.join(kls.c_busybox, 'etc/init.d/rcS'), 'w') as f: + f.write('''#!/bin/sh +echo fake container started +ps aux +poweroff\n''') + os.fchmod(f.fileno(), 0o755) + subprocess.check_call(['systemd-machine-id-setup', '--root', + kls.c_busybox], stderr=subprocess.PIPE) + + def setUp(self): + self.workdir = tempfile.TemporaryDirectory() + + def test_boot(self): + cont = os.path.join(self.workdir.name, 'c1') + shutil.copytree(self.c_busybox, cont, symlinks=True) + os.sync() + nspawn = subprocess.Popen(['systemd-nspawn', '-D', cont, '-b'], + stdout=subprocess.PIPE, stderr=subprocess.STDOUT) + out = nspawn.communicate(timeout=60)[0] + self.assertIn(b'Spawning container c1', out) + self.assertIn(b'fake container started', out) + self.assertRegex(out, rb'\n\s+1\s+0\s+init[\r\n]') + self.assertRegex(out, rb'\n\s+2+\s+0\s.*rcS[\r\n]') + self.assertRegex(out, b'Container c1.*shut down') + self.assertEqual(nspawn.returncode, 0) + + def test_service(self): + self.assertTrue(os.path.isdir('/var/lib/machines')) + cont = '/var/lib/machines/c1' + shutil.copytree(self.c_busybox, cont, symlinks=True) + self.addCleanup(shutil.rmtree, cont) + os.sync() + subprocess.check_call(['systemctl', 'start', 'systemd-nspawn@c1']) + wait_unit_stop('systemd-nspawn@c1') + + subprocess.call(['journalctl', '--sync']) + systemctl = subprocess.Popen( + ['systemctl', 'status', '-overbose', '-l', 'systemd-nspawn@c1'], + stdout=subprocess.PIPE) + out = systemctl.communicate()[0].decode('UTF-8', 'replace') + self.assertEqual(systemctl.returncode, 3, out) + self.assertNotIn('failed', out) + + +@unittest.skipUnless(os.path.exists('/sys/kernel/security/apparmor'), + 'AppArmor not enabled') +class AppArmorTest(unittest.TestCase): + def test_profile(self): + '''AppArmor confined unit''' + + # create AppArmor profile + aa_profile = tempfile.NamedTemporaryFile(prefix='aa_violator.') + aa_profile.write(b'''#include + +profile "violator-test" { + #include + + /{usr/,}bin/** rix, + /etc/machine-id r, +} +''') + aa_profile.flush() + subprocess.check_call(['apparmor_parser', '-r', '-v', aa_profile.name]) + + # create confined unit + with open('/run/systemd/system/violator.service', 'w') as f: + f.write('''[Unit] +Description=AppArmor test + +[Service] +ExecStart=/bin/sh -euc 'echo CP1; cat /etc/machine-id; echo CP2; if cat /etc/passwd; then exit 1; fi; echo CP3' +AppArmorProfile=violator-test +''') + self.addCleanup(os.unlink, '/run/systemd/system/violator.service') + + # launch + subprocess.check_call(['systemctl', 'daemon-reload']) + subprocess.check_call(['systemctl', 'start', 'violator.service']) + wait_unit_stop('violator.service') + + # check status + st = subprocess.Popen(['systemctl', 'status', '-l', + 'violator.service'], stdout=subprocess.PIPE, + universal_newlines=True) + out = st.communicate()[0] + # unit should be stopped + self.assertEqual(st.returncode, 3) + + self.assertIn('inactive', out) + self.assertIn('CP1', out) + self.assertIn('CP2', out) + self.assertIn('CP3', out) + with open('/etc/machine-id') as f: + self.assertIn(f.read().strip(), out) + self.assertNotIn('root:x', out, 'unit can read /etc/passwd') + + +@unittest.skipIf(os.path.exists('/sys/fs/cgroup/cgroup.controllers'), + 'test needs to be reworked on unified cgroup hierarchy') +class CgroupsTest(unittest.TestCase): + '''Check cgroup setup''' + + @classmethod + def setUpClass(kls): + kls.controllers = [] + for controller in glob('/sys/fs/cgroup/*'): + if not os.path.islink(controller): + kls.controllers.append(controller) + + def setUp(self): + self.service = 'testsrv.service' + self.service_file = '/run/systemd/system/' + self.service + + def tearDown(self): + subprocess.call(['systemctl', 'stop', self.service], + stderr=subprocess.PIPE) + try: + os.unlink(self.service_file) + except OSError: + pass + subprocess.check_call(['systemctl', 'daemon-reload']) + + def create_service(self, extra_service=''): + '''Create test service unit''' + + with open(self.service_file, 'w') as f: + f.write('''[Unit] +Description=test service +[Service] +ExecStart=/bin/sleep 500 +%s +''' % extra_service) + subprocess.check_call(['systemctl', 'daemon-reload']) + + def assertNoControllers(self): + '''Assert that no cgroup controllers exist for test service''' + + cs = glob('/sys/fs/cgroup/*/system.slice/%s' % self.service) + self.assertEqual(cs, []) + + def assertController(self, name): + '''Assert that cgroup controller exists for test service''' + + c = '/sys/fs/cgroup/%s/system.slice/%s' % (name, self.service) + self.assertTrue(os.path.isdir(c)) + + def assertNoController(self, name): + '''Assert that cgroup controller does not exist for test service''' + + c = '/sys/fs/cgroup/%s/system.slice/%s' % (name, self.service) + self.assertFalse(os.path.isdir(c)) + + def test_simple(self): + '''simple service''' + + self.create_service() + self.assertNoControllers() + subprocess.check_call(['systemctl', 'start', self.service]) + self.assertController('systemd') + subprocess.check_call(['systemctl', 'stop', self.service]) + self.assertNoControllers() + + def test_cpushares(self): + '''service with CPUShares''' + + self.create_service('CPUShares=1000') + self.assertNoControllers() + subprocess.check_call(['systemctl', 'start', self.service]) + self.assertController('systemd') + self.assertController('cpu,cpuacct') + subprocess.check_call(['systemctl', 'stop', self.service]) + self.assertNoControllers() + + +class SeccompTest(unittest.TestCase): + '''Check seccomp syscall filtering''' + + def test_failing(self): + with open('/run/systemd/system/scfail.service', 'w') as f: + f.write('''[Unit] +Description=seccomp test +[Service] +ExecStart=/bin/cat /etc/machine-id +SystemCallFilter=access +''') + self.addCleanup(os.unlink, '/run/systemd/system/scfail.service') + + # launch + subprocess.check_call(['systemctl', 'daemon-reload']) + subprocess.check_call(['systemctl', 'start', 'scfail.service']) + wait_unit_stop('scfail.service') + + # check status + st = subprocess.Popen(['systemctl', 'status', '-l', + 'scfail.service'], stdout=subprocess.PIPE) + out = st.communicate()[0] + # unit should be stopped + self.assertEqual(st.returncode, 3) + + subprocess.check_call(['systemctl', 'reset-failed', 'scfail.service']) + + self.assertIn(b'failed', out) + self.assertRegex(out, b'code=(killed|dumped), signal=SYS') + with open('/etc/machine-id') as f: + self.assertNotIn(f.read().strip().encode('ASCII'), out) + + +@unittest.skipIf(is_container, 'systemd-coredump does not work in containers') +class CoredumpTest(unittest.TestCase): + '''Check systemd-coredump''' + + def test_bash_crash(self): + subprocess.call("ulimit -c unlimited; bash -c 'kill -SEGV $$'", shell=True, + cwd='/tmp', stderr=subprocess.DEVNULL) + + # with systemd-coredump installed we should get the core dumps in + # systemd's dir + for timeout in range(50): + cores = glob('/var/lib/systemd/coredump/core.bash.*') + if cores: + break + time.sleep(1) + self.assertNotEqual(cores, []) + self.assertEqual(glob('/tmp/core*'), []) + + # we should also get a message and stack trace in journal + for timeout in range(10): + subprocess.call(['journalctl', '--sync']) + journal = subprocess.check_output(['journalctl', '-t', 'systemd-coredump']) + if re.search(b'Process.*bash.*dumped core', journal): + break + time.sleep(1) + self.assertRegex(journal, b'Process.*bash.*dumped core') + self.assertIn(b'Stack trace', journal) + + +class CLITest(unittest.TestCase): + def setUp(self): + self.programs = [] + for line in subprocess.check_output(['dpkg', '-L', 'systemd', 'systemd-container', 'systemd-coredump', 'udev'], + universal_newlines=True).splitlines(): + if '/bin/' in line: + self.programs.append(line.strip()) + + def test_help(self): + '--help works and succeeds''' + + for program in self.programs: + p = subprocess.Popen([program, '--help'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True) + (out, err) = p.communicate() + try: + self.assertEqual(err, '') + self.assertEqual(p.returncode, 0) + self.assertIn(os.path.basename(program), out) + self.assertTrue('--help' in out or 'Usage' in out, out) + except AssertionError: + print('Failed program: %s' % program) + raise + + def test_version(self): + '--version works and succeeds''' + + version = subprocess.check_output(['pkg-config', '--modversion', 'systemd'], + universal_newlines=True).strip() + + for program in self.programs: + # known to not respond to --version + if os.path.basename(program) in ['kernel-install', 'systemd-ask-password', 'systemd-stdio-bridge']: + continue + p = subprocess.Popen([program, '--version'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True) + (out, err) = p.communicate() + try: + self.assertEqual(err, '') + self.assertEqual(p.returncode, 0) + self.assertIn(version, out) + except AssertionError: + print('Failed program: %s' % program) + raise + + def test_invalid_option(self): + '''Calling with invalid option fails''' + + for program in self.programs: + p = subprocess.Popen([program, '--invalid-option'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True) + (out, err) = p.communicate() + try: + # kernel-install is an unique snowflake + if not program.endswith('/kernel-install'): + self.assertIn('--invalid-option', err) + self.assertNotEqual(p.returncode, 0) + except AssertionError: + print('Failed program: %s' % program) + raise + + +def pre_boot_setup(): + '''Test setup before rebooting testbed''' + + subprocess.check_call(['systemctl', 'set-default', 'graphical.target'], + stderr=subprocess.STDOUT) + + # This test installs network-manager, which seems to cause + # systemd-networkd-wait-online to be stuck as they conflict, + # so systemctl start network-online.target ran by autopkgtest + # gets stuck, at least in Debian Bullseye images. + # https://salsa.debian.org/ci-team/autopkgtest/-/blob/debian/5.21/virt/autopkgtest-virt-lxc#L131 + subprocess.check_call(['systemctl', 'disable', 'systemd-networkd.service'], + stderr=subprocess.STDOUT) + + # create a few temporary files to ensure that they get cleaned up on boot + os.close(os.open('/tmp/newfile.test', + os.O_CREAT | os.O_EXCL | os.O_WRONLY)) + os.close(os.open('/var/tmp/newfile.test', + os.O_CREAT | os.O_EXCL | os.O_WRONLY)) + # we can't use utime() here, as systemd looks for ctime + if not is_container: + cur_time = time.clock_gettime(time.CLOCK_REALTIME) + time.clock_settime(time.CLOCK_REALTIME, cur_time - 2 * 30 * 86400) + try: + os.close(os.open('/tmp/oldfile.test', + os.O_CREAT | os.O_EXCL | os.O_WRONLY)) + os.close(os.open('/var/tmp/oldfile.test', + os.O_CREAT | os.O_EXCL | os.O_WRONLY)) + finally: + time.clock_settime(time.CLOCK_REALTIME, cur_time) + + # allow X to start even on headless machines + os.makedirs('/etc/X11/xorg.conf.d/', exist_ok=True) + with open('/etc/X11/xorg.conf.d/dummy.conf', 'w') as f: + f.write('''Section "Device" + Identifier "test" + Driver "dummy" +EndSection''') + + # accounts-daemon.service fails if /usr/share/accountsservice/interfaces does not exist. + # FIXME: remove this workaround again when + # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038137 is fixed + os.makedirs('/usr/share/accountsservice/interfaces', exist_ok=True) + + +if __name__ == '__main__': + if not os.getenv('AUTOPKGTEST_REBOOT_MARK'): + pre_boot_setup() + print('Rebooting...') + subprocess.check_call(['/tmp/autopkgtest-reboot', 'boot1']) + + unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout, + verbosity=2)) diff --git a/tests/boot-smoke b/tests/boot-smoke new file mode 100755 index 00000000..d4105fce --- /dev/null +++ b/tests/boot-smoke @@ -0,0 +1,95 @@ +#!/bin/sh +# test $TEST_REBOOTS successful reboots in a row +# Author: Martin Pitt +# For bisecting/testing you can replace individual binaries in /lib/systemd +# with --copy /host/path/systemd-foo:/tmp/systemd-replace/systemd-foo +set -e + +IS_SYSTEM_RUNNING_TIMEOUT=300 +TEST_REBOOTS=5 + +. `dirname $0`/assert.sh + +fail() { + [ -n "$1" ] && echo "$1" + set +e + journalctl --sync + journalctl -a > "$AUTOPKGTEST_ARTIFACTS/boot-smoke-journal.txt" + systemctl --no-pager --no-legend list-jobs > "$AUTOPKGTEST_ARTIFACTS/boot-smoke-running-jobs.txt" + udevadm info --export-db > "$AUTOPKGTEST_ARTIFACTS/boot-smoke-udevdb.txt" + exit 1 +} + +if [ -z "$AUTOPKGTEST_REBOOT_MARK" ]; then + # enable persistent journal + mkdir -p /var/log/journal + # allow X to start even on headless machines + mkdir -p /etc/X11/xorg.conf.d/ + cat << EOF > /etc/X11/xorg.conf.d/dummy.conf +Section "Device" + Identifier "test" + Driver "dummy" +EndSection +EOF + + # This test installs network-manager, which seems to cause + # systemd-networkd-wait-online to be stuck as they conflict, + # so systemctl start network-online.target ran by autopkgtest + # gets stuck, at least in Debian Bullseye images. + # https://salsa.debian.org/ci-team/autopkgtest/-/blob/debian/5.21/virt/autopkgtest-virt-lxc#L131 + systemctl disable systemd-networkd.service + + AUTOPKGTEST_REBOOT_MARK=0 + if [ -d /tmp/systemd-replace/ ]; then + for f in /tmp/systemd-replace/*; do + echo "Installing $f..." + rm -f /lib/systemd/$(basename $f) + cp $f /lib/systemd/ + done + fi +else + echo "waiting to boot..." + TIMEOUT=${IS_SYSTEM_RUNNING_TIMEOUT} + while [ $TIMEOUT -ge 0 ]; do + state="$(systemctl is-system-running || true)" + case $state in + running|degraded) + break + ;; + *) + sleep 1 + TIMEOUT=$((TIMEOUT - 1)) + ;; + esac + done + + echo "checking for running system" + if [ "$state" = "degraded" ]; then + systemctl --no-pager --no-legend --failed list-units > "$AUTOPKGTEST_ARTIFACTS/boot-smoke-failed-units.txt" || true + echo "systemctl is-system-running: degraded (non-fatal)" + elif [ "$state" != "running" ]; then + fail "system not running after timeout $IS_SYSTEM_RUNNING_TIMEOUT, state: $state" + fi + + echo "checking for failed unmounts for user systemd" + # grep complete journal to catch shutdown messages + if journalctl | grep -E "systemd\[([2-9]|[1-9][0-9]+)\].*Failed unmounting"; then + fail "found failed unmount in journal" + fi + + # grep only this boot's journal, earlier ones complain about missing "render" group + echo "checking for connection timeouts" + if journalctl -b | grep "Connection timed out"; then + fail "found connection timeout in journal for this boot" + fi + + echo "checking that NetworkManager runs" + pidof NetworkManager || fail "NetworkManager was not running" +fi + +if [ "$AUTOPKGTEST_REBOOT_MARK" -ge "$TEST_REBOOTS" ]; then + exit 0 +fi + +echo "reboot #$AUTOPKGTEST_REBOOT_MARK" +/tmp/autopkgtest-reboot $(($AUTOPKGTEST_REBOOT_MARK + 1)) diff --git a/tests/build-login b/tests/build-login new file mode 100755 index 00000000..def83b18 --- /dev/null +++ b/tests/build-login @@ -0,0 +1,38 @@ +#!/bin/sh +# autopkgtest check: Test build against libsystemd-login-dev +# (C) 2014 Canonical Ltd. +# Author: Martin Pitt + +set -e + +WORKDIR=$(mktemp -d) +trap "rm -rf $WORKDIR" 0 INT QUIT ABRT PIPE TERM +cd $WORKDIR +cat < loginmonitor.c +#include +#include +#include + +int main(int argc, char **argv) +{ + sd_login_monitor* mon = NULL; + int res; + + res = sd_login_monitor_new(NULL, &mon); + if (res < 0) { + fprintf(stderr, "sd_login_monitor_new failed with value %i\n", res); + return 1; + } + + assert(sd_login_monitor_get_fd(mon) > 0); + sd_login_monitor_unref(mon); + + return 0; +} +EOF + +gcc -Wall -Werror -o loginmonitor loginmonitor.c `pkg-config --cflags --libs libsystemd` +echo "build: OK" +[ -x loginmonitor ] +./loginmonitor +echo "run: OK" diff --git a/tests/build-with-static-libsystemd b/tests/build-with-static-libsystemd new file mode 100755 index 00000000..6b91009a --- /dev/null +++ b/tests/build-with-static-libsystemd @@ -0,0 +1,38 @@ +#!/bin/sh +# autopkgtest check: Test build against static libsystemd + +set -e + +WORKDIR=$(mktemp -d) +trap "rm -rf $WORKDIR" 0 INT QUIT ABRT PIPE TERM +cd $WORKDIR +cat < uuid-gen.c +#include +#include + +#include + +int main(void) +{ + sd_id128_t id; + char id_str[SD_ID128_STRING_MAX]; + int r; + + r = sd_id128_randomize(&id); + if (r < 0) { + fprintf(stderr, "Failed to generate id: %s\n", strerror(-r)); + return 1; + } + + assert(sd_id128_to_string(id, id_str) > 0); + printf("uuid: %s\n", id_str); + + return 0; +} +EOF + +gcc -Wall -Werror -o uuid-gen uuid-gen.c -l:libsystemd.a -lcap +echo "build: OK" +[ -x uuid-gen ] +./uuid-gen +echo "run: OK" diff --git a/tests/control b/tests/control new file mode 100644 index 00000000..05489769 --- /dev/null +++ b/tests/control @@ -0,0 +1,299 @@ +Tests: timedated, hostnamed, localed-locale, localed-x11-keymap, logind +Depends: systemd, + systemd-resolved, + systemd-timesyncd, + libpam-systemd, + libnss-systemd, + acl, + locales, + evemu-tools, +Restrictions: needs-root, allow-stderr, isolation-container, skippable, breaks-testbed + +Tests: unit-config +Depends: systemd, + systemd-resolved, + systemd-dev, + libpam-systemd, + libnss-systemd, + acl, + locales, + evemu-tools, + python3, + pkgconf, +Restrictions: needs-root, allow-stderr, breaks-testbed + +Tests: storage +Depends: systemd, + systemd-resolved, + systemd-cryptsetup, + libpam-systemd, + libnss-systemd, + acl, + locales, + evemu-tools, + python3, + pkgconf, + cryptsetup-bin, +Restrictions: needs-root, isolation-machine, breaks-testbed + +Tests: networkd-test.py +Tests-Directory: test +Depends: systemd, + systemd-resolved, + systemd-cryptsetup, + libpam-systemd, + libnss-systemd, + acl, + locales, + evemu-tools, + python3, + pkgconf, + cryptsetup-bin, + systemd-sysv, + polkitd, + netlabel-tools, + dnsmasq-base +Restrictions: needs-root, isolation-container, breaks-testbed + +Tests: build-login +Depends: systemd, + systemd-resolved, + systemd-cryptsetup, + libpam-systemd, + libnss-systemd, + acl, + locales, + evemu-tools, + python3, + pkgconf, + cryptsetup-bin, + systemd-sysv, + polkitd, + dnsmasq-base, + build-essential, + libsystemd-dev, +Restrictions: isolation-container + +Tests: boot-and-services +Depends: systemd-sysv, + systemd-container, + systemd-coredump, + systemd-resolved, + systemd-dev, + libpam-systemd, + libdw-dev, + libelf-dev, + xserver-xorg-video-dummy, + xserver-xorg, + gdm3 [!s390x !riscv64 !armel], + cron, + network-manager, + busybox-static, + sysvinit-utils, + rsyslog, + apparmor, + pkgconf, + python3, + python3-pefile, + dhcpcd-base | dhcpcd5, +Restrictions: needs-root, isolation-container, breaks-testbed, allow-stderr + +Tests: unit-tests +Depends: systemd-tests, + systemd-resolved, + libpam-systemd, + libnss-myhostname, + libnss-mymachines, + libnss-resolve, + libnss-systemd, + udev, + tree, + perl, + python3, + python3-colorama, + python3-pefile, + xz-utils, + libcap2-bin, + iproute2, + lz4, + acl, + iputils-ping, + dbus-user-session, + zstd, + libtss2-dev, + libfido2-dev, + libdw-dev, + libqrencode-dev, + libpwquality-dev, + libarchive-dev, + libgcrypt20-dev, + libcryptsetup-dev, + tzdata-legacy | tzdata (<< 2024b-3), +Restrictions: needs-root, isolation-container, breaks-testbed + +Tests: boot-smoke +Depends: systemd-sysv, + systemd-resolved, + network-manager, + gdm3 [!s390x !riscv64 !armel], + xserver-xorg-video-dummy, +Restrictions: needs-root, isolation-container, allow-stderr, breaks-testbed + +Tests: build-with-static-libsystemd +Depends: systemd, + systemd-resolved, + pkgconf, + build-essential, + libsystemd-dev, + libcap-dev, + +Tests: tests-in-lxd +Depends: systemd-tests, + udev, + libpam-systemd, + autopkgtest, + lsb-release, + snapd, + dnsmasq-base, +Restrictions: needs-root, allow-stderr, isolation-machine, breaks-testbed, skip-not-installable, skippable, flaky + +# Dummy test so that changes to key packages trigger our autopkgtests on ci.debian.net +Features: test-name=hint-testsuite-triggers +Test-Command: /bin/true +Depends: + linux-image-generic, + linux-image-amd64 [amd64], + linux-image-arm64 [arm64], + attr, + tree, + perl, + libcap2-bin, + iproute2, + lz4, + acl, + dmeventd, + kbd, + cryptsetup-bin, + net-tools, + iputils-ping, + strace, + less, + quota, + fdisk, + netcat-openbsd, + socat, + busybox-static, + plymouth, + e2fsprogs, + libdw-dev, + libelf-dev, + dbus-user-session, + libtss2-dev, + libfido2-dev, + libqrencode-dev, + libpwquality-dev, + libarchive-dev, + libp11-kit-dev, + libssl-dev, + libgcrypt20-dev, + libkmod-dev, + python3-pexpect, + screen, + openssl, + bsdutils, + knot, + knot-dnssecutils | knot-dnsutils, + bind9-dnsutils, + bind9-host, + nftables, + psmisc, + xkb-data, + locales, + locales-all, + stress, + curl, + tzdata-legacy | tzdata (<< 2024b-3), + nvme-cli, + mdadm, + lvm2, + multipath-tools, + kpartx, + gnutls-bin, + opensc, + softhsm2, + openssh-server, + polkitd, + open-iscsi, + tgt, +Restrictions: hint-testsuite-triggers + +Tests: upstream +Depends: systemd (>= 254~), + systemd-container (>= 254~), + systemd-journal-remote, + systemd-container, + systemd-ukify, + systemd-dev, + systemd-tests, + systemd-coredump, + systemd-timesyncd, + systemd-oomd, + systemd-homed, + systemd-resolved, + systemd-boot [amd64 arm64 armhf i386 riscv64], + systemd-repart, + systemd-cryptsetup, + systemd-boot-efi [amd64 arm64 armhf i386 riscv64], + libnss-myhostname, + libnss-mymachines, + libnss-resolve, + libnss-systemd, + libsystemd-dev, + libudev-dev, + qemu-system-x86 [amd64 i386], + qemu-system-arm [arm64 armhf], + qemu-system-ppc [ppc64el], + qemu-system-s390x [s390x], + qemu-system-misc [!amd64 !arm64 !armhf !i386 !ppc64el !s390x], + ovmf [amd64], + ovmf-ia32 [i386], + qemu-efi-aarch64 [arm64], + qemu-efi-arm [armhf], + qemu-efi-riscv64 [riscv64], + seabios [ppc64el s390x], + swtpm, + swtpm-tools, + tpm2-tools, + git, + ca-certificates, + build-essential, + pkgconf, + libcap-dev, + mount, + libmount-dev, + python3-jinja2, + meson, + gperf, + libblkid-dev, + libcap-dev, + python3-pefile, + sbsigntool [amd64 arm64 armhf i386 riscv64], + mtools, + bash, + bubblewrap (>= 0.4~), + reprepro, + fdisk, + cryptsetup-bin, + gnupg, + openssh-client, + python3-cryptography, + e2fsprogs, + dosfstools, + erofs-utils, + squashfs-tools, + btrfs-progs, + xz-utils, + zstd, + uidmap, + jq, +Restrictions: needs-root, allow-stderr, isolation-machine, needs-internet, breaks-testbed diff --git a/tests/hostnamed b/tests/hostnamed new file mode 100755 index 00000000..1b228691 --- /dev/null +++ b/tests/hostnamed @@ -0,0 +1,22 @@ +#!/bin/sh +set -e + +. `dirname $0`/assert.sh + +ORIG_HOST=`cat /etc/hostname` +echo "original hostname: $ORIG_HOST" + +# should activate daemon and work +STATUS="`hostnamectl`" +assert_in "Static hostname: $ORIG_HOST" "$STATUS" +assert_in "Kernel:.* `uname -r`" "$STATUS" + +# change hostname +assert_eq "`hostnamectl set-hostname testhost 2>&1`" "" +assert_eq "`cat /etc/hostname`" "testhost" +assert_in "Static hostname: testhost" "`hostnamectl`" + +# reset to original +assert_eq "`hostnamectl set-hostname $ORIG_HOST 2>&1`" "" +assert_eq "`cat /etc/hostname`" "$ORIG_HOST" +assert_in "Static hostname: $ORIG_HOST" "`hostnamectl`" diff --git a/tests/lidswitch.evemu b/tests/lidswitch.evemu new file mode 100644 index 00000000..de1d5904 --- /dev/null +++ b/tests/lidswitch.evemu @@ -0,0 +1,34 @@ +# EVEMU 1.2 +# Input device name: "Lid Switch" +# Input device ID: bus 0x19 vendor 0000 product 0x05 version 0000 +# Supported events: +# Event type 0 (EV_SYN) +# Event code 0 (SYN_REPORT) +# Event code 5 (FF_STATUS_MAX) +# Event type 5 (EV_SW) +# Event code 0 (SW_LID) +# Properties: +N: Fake Lid Switch +I: 0019 0000 0005 0000 +P: 00 00 00 00 00 00 00 00 +B: 00 21 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 02 00 00 00 00 00 00 00 00 +B: 03 00 00 00 00 00 00 00 00 +B: 04 00 00 00 00 00 00 00 00 +B: 05 01 00 00 00 00 00 00 00 +B: 11 00 00 00 00 00 00 00 00 +B: 12 00 00 00 00 00 00 00 00 +B: 15 00 00 00 00 00 00 00 00 +B: 15 00 00 00 00 00 00 00 00 diff --git a/tests/localed-locale b/tests/localed-locale new file mode 100755 index 00000000..85477b05 --- /dev/null +++ b/tests/localed-locale @@ -0,0 +1,77 @@ +#!/bin/sh +set -e + +. `dirname $0`/assert.sh + +# Calls to localed are blocked as other tools are used to change settings, +# override that policy +mkdir -p /etc/dbus-1/system.d/ +cat >/etc/dbus-1/system.d/systemd-localed-read-only.conf < + + + + + + + + +EOF +trap 'rm -f /etc/dbus-1/system.d/systemd-localed-read-only.conf' EXIT +systemctl reload dbus.service || true + +if [ -f /etc/locale.conf ]; then + cp /etc/locale.conf /etc/locale.conf.orig +fi +if [ -f /etc/vconsole.conf ]; then + mv /etc/vconsole.conf /etc/vconsole.conf.orig +fi + +# ensure tested locale exist +mv /etc/locale.gen /etc/locale.gen.orig +echo "en_US.UTF-8 UTF-8" > /etc/locale.gen +locale-gen en_US.UTF-8 + +/bin/echo -e 'XKBMODEL=us\nXKBLAYOUT=pc105' > /etc/vconsole.conf + +# should activate daemon and work +assert_in "System Locale:" "`localectl --no-pager`" + +# change locale +assert_eq "`localectl --no-pager set-locale LANG=C LC_CTYPE=en_US.UTF-8 2>&1`" "" +sync +assert_eq "`cat /etc/locale.conf`" "LANG=C +LC_CTYPE=en_US.UTF-8" + +STATUS=`localectl` +assert_in "System Locale: LANG=C" "$STATUS" +assert_in "LC_CTYPE=en_US.UTF-8" "$STATUS" + +# test if localed auto-runs locale-gen + +# ensure tested locale does not exist +assert_rc 1 validlocale de_DE.UTF-8 2>&1 + +# change locale +assert_eq "`localectl --no-pager set-locale de_DE.UTF-8 2>&1`" "" +sync +assert_eq "`cat /etc/locale.conf`" "LANG=de_DE.UTF-8 +LC_CTYPE=en_US.UTF-8" + +# ensure tested locale exists and works now +assert_rc 0 validlocale de_DE.UTF-8 2>&1 + +# reset locale to original +if [ -f /etc/locale.conf.orig ]; then + mv /etc/locale.conf.orig /etc/locale.conf +else + rm -f /etc/locale.conf +fi +if [ -f /etc/vconsole.conf.orig ]; then + mv /etc/vconsole.conf.orig /etc/vconsole.conf +else + rm /etc/vconsole.conf +fi +mv /etc/locale.gen.orig /etc/locale.gen +locale-gen diff --git a/tests/localed-x11-keymap b/tests/localed-x11-keymap new file mode 100755 index 00000000..b4f8af8d --- /dev/null +++ b/tests/localed-x11-keymap @@ -0,0 +1,81 @@ +#!/bin/sh +set -e + +case "${DEB_BUILD_PROFILES:-}" in + *pkg.systemd.upstream*) ;; + *) + echo "keymapping not supported for now, SKIP test" + exit 77 +esac + +. `dirname $0`/assert.sh + +if [ -f /etc/default/keyboard ]; then + ORIG_KBD=`cat /etc/default/keyboard` +else + ORIG_KBD="" +fi + +cleanup() { + # reset locale to original + if [ -n "ORIG_KBD" ]; then + echo "$ORIG_KBD" > /etc/default/keyboard + else + rm -f /etc/default/keyboard + fi + rm -f /etc/X11/xorg.conf.d/00-keyboard.conf + rm -f /etc/dbus-1/system.d/systemd-localed-read-only.conf +} +trap cleanup EXIT INT QUIT PIPE + +# Calls to localed are blocked as other tools are used to change settings, +# override that policy +mkdir -p /etc/dbus-1/system.d/ +cat >/etc/dbus-1/system.d/systemd-localed-read-only.conf < + + + + + + + + +EOF +systemctl reload dbus.service || true + +# should activate daemon and work +STATUS=`localectl` +assert_in "X11 Layout:" "`localectl --no-pager`" + +# change layout +assert_eq "`localectl --no-pager set-x11-keymap et pc101 2>&1`" "" +sync + +case "${DEB_BUILD_PROFILES:-}" in + *pkg.systemd.upstream*) + # Upstream writes xorg.conf.d file + assert_in 'Option "XkbLayout" "et' "`cat /etc/X11/xorg.conf.d/00-keyboard.conf`" + assert_in 'Option "XkbModel" "pc101"' "`cat /etc/X11/xorg.conf.d/00-keyboard.conf`" + ;; + *) + # Debian console-setup config file + assert_in 'XKBLAYOUT="\?et"\?' "`cat /etc/default/keyboard`" + assert_in 'XKBMODEL="\?pc101"\?' "`cat /etc/default/keyboard`" + ! [ -f /etc/X11/xorg.conf.d/00-keyboard.conf ] + ;; +esac + +STATUS=`localectl --no-pager` +assert_in "X11 Layout: et" "$STATUS" +assert_in "X11 Model: pc101" "$STATUS" + +case "${DEB_BUILD_PROFILES:-}" in + *pkg.systemd.upstream*) ;; + *) + rm /etc/default/keyboard + systemctl stop systemd-localed + assert_in "X11 Layout: (unset)" "`localectl --no-pager`" + ;; +esac diff --git a/tests/logind b/tests/logind new file mode 100755 index 00000000..a53910c9 --- /dev/null +++ b/tests/logind @@ -0,0 +1,216 @@ +#!/bin/sh +set -e + +test_started() { + # ensure the *old* logind from before the upgrade isn't running + echo " * try-restarting systemd-logind" + systemctl try-restart systemd-logind + + echo " * daemon is started" + # should start at boot, not with D-BUS activation + LOGINDPID=$(pidof systemd-logind) + + # loginctl should succeed + echo " * loginctl succeeds" + LOGINCTL_OUT=`loginctl` +} + +test_properties() { + # Default KillUserProcesses should be off for debian/ubuntu builds + r=$(busctl get-property org.freedesktop.login1 /org/freedesktop/login1 org.freedesktop.login1.Manager KillUserProcesses) + [ "$r" = "b false" ] +} + +# args: +wait_suspend() { + timeout=$1 + while [ $timeout -gt 0 ] && [ ! -e /run/suspend.flag ]; do + sleep 1 + timeout=$((timeout - 1)) + [ $(($timeout % 5)) -ne 0 ] || echo " waiting for suspend, ${timeout}s remaining..." + done + if [ ! -e /run/suspend.flag ]; then + echo "closing lid did not cause suspend" >&2 + exit 1 + fi + rm /run/suspend.flag + echo " * closing lid caused suspend" +} + +test_suspend_on_lid() { + if systemd-detect-virt --quiet --container; then + echo " * Skipping suspend test in container" + return + fi + if ! grep -s -q mem /sys/power/state; then + echo " * suspend not supported on this testbed, skipping" + return + fi + + # cleanup handler + trap 'rm -f /run/udev/rules.d/70-logindtest-*.rules; udevadm control --reload; + kill $KILL_PID; + rm /run/systemd/system/systemd-suspend.service.d/override.conf; + if [ -d /sys/module/scsi_debug ]; then rmmod scsi_debug 2>/dev/null || (sleep 2; rmmod scsi_debug ) || true; fi' \ + EXIT INT QUIT TERM PIPE + + # watch what's going on + journalctl -f -u systemd-logind.service -u systemd-suspend.service & + KILL_PID="$KILL_PID $!" + + # create fake suspend + mkdir -p /run/systemd/system/systemd-suspend.service.d + cat >/run/systemd/system/systemd-suspend.service.d/override.conf < /run/udev/rules.d/70-logindtest-lid.rules + sync + udevadm control --reload + evemu-device $(dirname $0)/lidswitch.evemu & + KILL_PID="$KILL_PID $!" + while [ -z "$O" ]; do + sleep 0.1 + O=$(grep -l '^Fake Lid Switch' /sys/class/input/*/device/name) + done + O=${O%/device/name} + LID_DEV=/dev/${O#/sys/class/} + udevadm info --wait-for-initialization=10s $LID_DEV + udevadm settle + + # close lid + evemu-event $LID_DEV --sync --type 5 --code 0 --value 1 + # need to wait for 30s suspend inhibition after boot + wait_suspend 31 + # open lid again + evemu-event $LID_DEV --sync --type 5 --code 0 --value 0 + + echo " * waiting for 30s inhibition time between suspends" + sleep 30 + + # now closing lid should cause instant suspend + evemu-event $LID_DEV --sync --type 5 --code 0 --value 1 + wait_suspend 2 + evemu-event $LID_DEV --sync --type 5 --code 0 --value 0 + + P=$(pidof systemd-logind) + [ "$P" = "$LOGINDPID" ] || { echo "logind crashed" >&2; exit 1; } +} + +test_shutdown() { + echo " * scheduled shutdown with wall message" + shutdown 2>&1 + sleep 5 + shutdown -c || true + # logind should still be running + P=$(pidof systemd-logind) + [ "$P" = "$LOGINDPID" ] || { echo "logind crashed" >&2; exit 1; } + + echo " * scheduled shutdown without wall message" + shutdown --no-wall 2>&1 + sleep 5 + shutdown -c --no-wall || true + P=$(pidof systemd-logind) + [ "$P" = "$LOGINDPID" ] || { echo "logind crashed" >&2; exit 1; } +} + +test_in_logind_session() { + echo " * XDG_SESSION_ID=$XDG_SESSION_ID" + # cgroup v1: "1:name=systemd:/user.slice/..."; unified hierarchy: "0::/user.slice" + if grep -E '(name=systemd|^0:):.*session.*scope' /proc/self/cgroup; then + echo " * process is in session cgroup" + else + echo "FAIL: process is not in session cgroup" + echo "/proc/self/cgroup:" + cat /proc/self/cgroup + loginctl + loginctl show-session "$XDG_SESSION_ID" + exit 1 + fi +} + +test_acl() { + # ACL tests + if ! echo "$LOGINCTL_OUT" | grep -q "seat0"; then + echo " * Skipping ACL tests, as there is no seat" + return + fi + if systemd-detect-virt --quiet --container; then + echo " * Skipping ACL tests in container" + return + fi + + # determine user + USER=`echo "$OUT" | grep seat0 | awk '{print $3}'` + echo "seat user: $USER" + + # scsi_debug should not be loaded yet + ! test -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block + + # we use scsi_debug to create new devices which we can put ACLs on + # tell udev about the tagging, so that logind can pick it up + cat < /run/udev/rules.d/70-logindtest-scsi_debug-user.rules +SUBSYSTEM=="block", ATTRS{model}=="scsi_debug*", TAG+="uaccess" +EOF + sync + udevadm control --reload + + echo " * coldplug: logind started with existing device" + killall systemd-logind + modprobe scsi_debug + while ! dev=/dev/`ls /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block 2>/dev/null`; do sleep 0.1; done + test -b $dev + echo "got block device $dev" + udevadm settle + # trigger logind + loginctl > /dev/null + sleep 1 + if getfacl -p $dev | grep -q "user:$USER:rw-"; then + echo "$dev has ACL for user $USER" + else + echo "$dev has no ACL for user $USER:" >&2 + getfacl -p $dev >&2 + exit 1 + fi + + rmmod scsi_debug + + echo " * hotplug: new device appears while logind is running" + modprobe scsi_debug + while ! dev=/dev/`ls /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block`; do sleep 0.1; done + test -b $dev + echo "got block device $dev" + udevadm settle + sleep 1 + if getfacl -p $dev | grep -q "user:$USER:rw-"; then + echo "$dev has ACL for user $USER" + else + echo "$dev has no ACL for user $USER:" >&2 + getfacl -p $dev >&2 + exit 1 + fi +} + +# +# main +# + +# Make sure we are running with the logind package under test instead of the one +# from the base distro +if [ -z "$AUTOPKGTEST_REBOOT_MARK" ]; then + /tmp/autopkgtest-reboot 1 +fi + +test_started +test_properties +test_in_logind_session +test_suspend_on_lid +test_shutdown +test_acl diff --git a/tests/process-killer b/tests/process-killer new file mode 100755 index 00000000..6ca10b8d --- /dev/null +++ b/tests/process-killer @@ -0,0 +1,9 @@ +#!/bin/sh +# loop until we can kill the process given in arg + +while : +do + /usr/bin/pkill -x $* + [ $? -eq 0 ] && break + sleep 1 +done diff --git a/tests/storage b/tests/storage new file mode 100755 index 00000000..d2baf8f6 --- /dev/null +++ b/tests/storage @@ -0,0 +1,281 @@ +#!/usr/bin/env python3 +# systemd integration test: Handling of storage devices +# (C) 2015 Canonical Ltd. +# Author: Martin Pitt + +import os +import random +import subprocess +import sys +import time +import unittest + +from glob import glob +from threading import Thread + + +TIMEOUT_SERVICE_START = 10 +TIMEOUT_PASSWORD_AGENT_STOP = 10 +TIMEOUT_PLAINTEXT_DEV = 30 +TIMEOUT_SCSI_DEBUG_ADD_HOST = 5 + +SCSI_DEBUG_DIR = '/sys/bus/pseudo/drivers/scsi_debug' + + +def have_scsi_debug(): + return os.path.isdir(SCSI_DEBUG_DIR) + + +def load_scsi_debug(): + return subprocess.call(['modprobe', 'scsi_debug', 'dev_size_mb=32'], + stderr=subprocess.STDOUT) == 0 + + +# Some custom Ubuntu kernels do not build the scsi_debug module at all, +# so skip the test if we can't load the module (LP: #1847816) +# This doesn't (currently) apply to Debian, as scsi_debug should always +# be available in Debian kernels +@unittest.skipIf(not have_scsi_debug() and not load_scsi_debug(), 'Failed to load scsi_debug module') +class FakeDriveTestBase(unittest.TestCase): + @classmethod + def setUpClass(cls): + assert have_scsi_debug() + + def setUp(self): + existing_adapters = set(glob(os.path.join(SCSI_DEBUG_DIR, 'adapter*'))) + with open(os.path.join(SCSI_DEBUG_DIR, 'add_host'), 'w') as f: + f.write('1') + new_adapters = set(glob(os.path.join(SCSI_DEBUG_DIR, 'adapter*'))) - existing_adapters + self.assertEqual(len(new_adapters), 1) + self.adapter = new_adapters.pop() + for timeout in range(TIMEOUT_SCSI_DEBUG_ADD_HOST): + devices = set(glob(os.path.join(self.adapter, 'host*/target*/*:*/block/*'))) + if len(devices) > 0: + break + time.sleep(1) + else: + self.fail('Timed out waiting for scsi_debug block device name') + self.assertEqual(len(devices), 1) + self.device = os.path.join('/dev/', os.path.basename(devices.pop())) + + def tearDown(self): + existing_adapters = set(glob(os.path.join(SCSI_DEBUG_DIR, 'adapter*'))) + with open(os.path.join(SCSI_DEBUG_DIR, 'add_host'), 'w') as f: + f.write('-1') + removed_adapters = existing_adapters - set(glob(os.path.join(SCSI_DEBUG_DIR, 'adapter*'))) + self.assertEqual(len(removed_adapters), 1) + adapter = removed_adapters.pop() + self.assertEqual(self.adapter, adapter) + self.adapter = None + self.device = None + + +class CryptsetupTest(FakeDriveTestBase): + def setUp(self): + testname = self.id().split('.')[-1] + self.plaintext_name = 'testcrypt_%s' % testname + self.plaintext_dev = '/dev/mapper/' + self.plaintext_name + self.service_name = 'systemd-cryptsetup@%s.service' % self.plaintext_name + if os.path.exists(self.plaintext_dev): + self.fail('%s exists already' % self.plaintext_dev) + + super().setUp() + + if os.path.exists('/etc/crypttab'): + os.rename('/etc/crypttab', '/etc/crypttab.systemdtest') + self.password = 'pwd%i' % random.randint(1000, 10000) + self.password_agent = None + self.password_agent_stop = False + + def tearDown(self): + if self.password_agent: + self.password_agent_stop = True + self.password_agent.join(timeout=TIMEOUT_PASSWORD_AGENT_STOP) + self.assertFalse(self.password_agent.is_alive()) + self.password_agent = None + for timeout in range(TIMEOUT_SERVICE_START): + state = subprocess.run(['systemctl', 'show', '--no-pager', self.service_name, '--property', 'ActiveState'], + stdout=subprocess.PIPE, universal_newlines=True).stdout + state = state.strip().replace('ActiveState=', '', 1) + if state in ['active', 'failed']: + break + time.sleep(1) + else: + self.fail('Timed out waiting for %s to start (or fail)' % self.service_name) + subprocess.call(['umount', self.plaintext_dev], stderr=subprocess.DEVNULL) + if state == 'active': + subprocess.call(['systemctl', 'stop', self.service_name], stderr=subprocess.STDOUT) + if os.path.exists('/etc/crypttab'): + os.unlink('/etc/crypttab') + if os.path.exists('/etc/crypttab.systemdtest'): + os.rename('/etc/crypttab.systemdtest', '/etc/crypttab') + if os.path.exists(self.plaintext_dev): + subprocess.call(['dmsetup', 'remove', self.plaintext_dev], + stderr=subprocess.STDOUT) + subprocess.check_call(['systemctl', 'daemon-reload']) + + super().tearDown() + + def format_luks(self): + '''Format test device with LUKS''' + + p = subprocess.Popen(['cryptsetup', '--batch-mode', 'luksFormat', self.device, '-'], + stdin=subprocess.PIPE) + p.communicate(self.password.encode()) + self.assertEqual(p.returncode, 0) + os.sync() + subprocess.check_call(['udevadm', 'settle']) + + def start_password_agent(self): + '''Run password agent to answer passphrase request for crypt device''' + + # wait for incoming request + found = False + while not found: + for ask in glob('/run/systemd/ask-password/ask.*'): + with open(ask) as f: + contents = f.read() + if self.plaintext_name in contents: + found = True + break + if not found: + if self.password_agent_stop: + return + time.sleep(0.5) + + # parse Socket= + for line in contents.splitlines(): + if line.startswith('Socket='): + socket = line.split('=', 1)[1] + break + else: + self.fail('Could not find socket') + + # send reply + p = subprocess.Popen(['/lib/systemd/systemd-reply-password', '1', socket], + stdin=subprocess.PIPE) + p.communicate(self.password.encode()) + self.assertEqual(p.returncode, 0) + + def apply(self, target): + '''Tell systemd to generate and run the cryptsetup units''' + + subprocess.check_call(['systemctl', 'daemon-reload']) + + self.password_agent = Thread(target=self.start_password_agent); + self.password_agent.start() + subprocess.check_call(['systemctl', '--no-ask-password', 'restart', target]) + for timeout in range(TIMEOUT_PLAINTEXT_DEV): + if os.path.exists(self.plaintext_dev): + break + time.sleep(1) + else: + self.fail('Timed out waiting for %s to appear' % self.plaintext_dev) + + def test_luks_by_devname(self): + '''LUKS device by plain device name, empty''' + + self.format_luks() + with open('/etc/crypttab', 'w') as f: + f.write('%s %s none luks\n' % (self.plaintext_name, self.device)) + self.apply('cryptsetup.target') + + # should not be mounted + with open('/proc/mounts') as f: + self.assertNotRegex(f.read(), "(?&1`" "" +assert_eq "`readlink /etc/localtime | sed 's#^.*zoneinfo/##'`" "Europe/Moscow" +assert_in "Time.*zone: Europe/Moscow (MSK, +" "`timedatectl --no-pager`" + +echo 'reset timezone to original' +assert_eq "`timedatectl --no-pager set-timezone $ORIG_TZ 2>&1`" "" +assert_eq "`readlink /etc/localtime | sed 's#^.*zoneinfo/##'`" "$ORIG_TZ" + +# test setting UTC vs. LOCAL in /etc/adjtime +if [ -e /etc/adjtime ]; then + ORIG_ADJTIME=`cat /etc/adjtime` + trap "echo '$ORIG_ADJTIME' > /etc/adjtime" EXIT INT QUIT PIPE +else + trap "rm -f /etc/adjtime" EXIT INT QUIT PIPE +fi + +echo 'no adjtime file' +rm -f /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' + +echo 'UTC set in adjtime file' +printf '0.0 0 0\n0\nUTC\n' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +UTC" +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + +echo 'non-zero values in adjtime file' +printf '0.1 123 0\n0\nLOCAL\n' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_eq "`cat /etc/adjtime`" "0.1 123 0 +0 +UTC" +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.1 123 0 +0 +LOCAL" + +echo 'fourth line adjtime file' +printf '0.0 0 0\n0\nLOCAL\nsomethingelse\n' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +UTC +somethingelse" +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL +somethingelse" + +echo 'no final newline in adjtime file' +printf '0.0 0 0\n0\nUTC' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +printf '0.0 0 0\n0\nUTC' > /etc/adjtime +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + +echo 'only one line in adjtime file' +printf '0.0 0 0\n' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +printf '0.0 0 0\n' > /etc/adjtime +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + +echo 'only one line in adjtime file, no final newline' +printf '0.0 0 0' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +printf '0.0 0 0' > /etc/adjtime +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + +echo 'only two lines in adjtime file' +printf '0.0 0 0\n0\n' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +printf '0.0 0 0\n0\n' > /etc/adjtime +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + + +echo 'only two lines in adjtime file, no final newline' +printf '0.0 0 0\n0' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +printf '0.0 0 0\n0' > /etc/adjtime +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + +echo 'unknown value in 3rd line of adjtime file' +printf '0.0 0 0\n0\nFOO\n' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +printf '0.0 0 0\n0\nFOO\n' > /etc/adjtime +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + +# timesyncd has ConditionVirtualization=!container by default; drop/mock that for testing +if systemd-detect-virt --container --quiet; then + systemctl disable --quiet --now systemd-timesyncd + mkdir -p /run/systemd/system/systemd-timesyncd.service.d + printf '[Unit]\nConditionVirtualization=\n[Service]\nType=simple\nAmbientCapabilities=\nExecStart=\nExecStart=/bin/sleep infinity' > /run/systemd/system/systemd-timesyncd.service.d/container.conf + systemctl daemon-reload +fi + +mon=$(mktemp -t dbusmon.XXXXXX) +trap "rm -f $mon" EXIT INT QUIT PIPE + +assert_ntp() { + V=$(busctl get-property org.freedesktop.timedate1 /org/freedesktop/timedate1 org.freedesktop.timedate1 NTP) + assert_eq "$V" "b $1" +} + +start_mon() { + dbus-monitor --system "type='signal', member='PropertiesChanged', path='/org/freedesktop/timedate1'" > $mon & + MONPID=$! +} + +wait_mon() { + for retry in $(seq 10); do + grep -q "$1" $mon && break + sleep 1 + done + assert_in "$2" "$(cat $mon)" + kill $MONPID + wait $MONPID 2>/dev/null || true +} + +echo 'disable NTP' +timedatectl set-ntp false +while [ "$(systemctl --no-pager show systemd-timesyncd --property ActiveState)" != "ActiveState=inactive" ]; do sleep 1; done +assert_ntp false +assert_rc 3 systemctl is-active --quiet systemd-timesyncd + +echo 'enable NTP' +start_mon +timedatectl set-ntp true +wait_mon "NTP" "boolean true" +assert_ntp true +while [ "$(systemctl --no-pager show systemd-timesyncd --property ActiveState)" != "ActiveState=active" ]; do sleep 1; done +assert_rc 0 systemctl is-active --quiet systemd-timesyncd + +echo 're-disable NTP' +start_mon +timedatectl set-ntp false +wait_mon "NTP" "boolean false" +assert_ntp false +assert_rc 3 systemctl is-active --quiet systemd-timesyncd diff --git a/tests/unit-config b/tests/unit-config new file mode 100755 index 00000000..aef3652d --- /dev/null +++ b/tests/unit-config @@ -0,0 +1,370 @@ +#!/usr/bin/python3 +# autopkgtest check: enable/disable/configure units +# (C) 2015 Canonical Ltd. +# Author: Martin Pitt + +import unittest +import subprocess +import os +import sys +import tempfile +from glob import glob + +system_unit_dir = subprocess.check_output( + ['pkg-config', '--variable=systemdsystemunitdir', 'systemd'], + universal_newlines=True).strip() +systemd_sysv_install = os.path.join(os.path.dirname(system_unit_dir), + 'systemd-sysv-install') + + +class EnableTests(unittest.TestCase): + def tearDown(self): + # remove all traces from our test unit + f = glob(system_unit_dir + '/test_enable*.service') + f += glob(system_unit_dir + '/*/test_enable*.service') + f += glob('/etc/systemd/system/test_enable*.service') + f += glob('/etc/systemd/system/*/test_enable*.service') + f += glob('/etc/init.d/test_enable*') + f += glob('/etc/rc?.d/???test_enable*') + [os.unlink(i) for i in f] + subprocess.check_call(['systemctl', 'daemon-reload']) + + def create_unit(self, suffix='', enable=False): + '''Create a test unit''' + + unit = os.path.join(system_unit_dir, + 'test_enable%s.service' % suffix) + with open(unit, 'w') as f: + f.write('''[Unit] +Description=Testsuite unit %s +[Service] +ExecStart=/bin/echo hello +[Install] +WantedBy=multi-user.target +''' % suffix) + + if enable: + os.symlink(unit, '/etc/systemd/system/multi-user.target.wants/' + + os.path.basename(unit)) + + return unit + + def create_sysv(self, suffix='', enable=False): + '''Create a test SysV script''' + + script = '/etc/init.d/test_enable%s' % suffix + with open(script, 'w') as f: + f.write('''/bin/sh +### BEGIN INIT INFO +# Provides: test_enable%s +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Testsuite script%s +### END INIT INFO + +echo hello +''' % (suffix, suffix)) + os.chmod(script, 0o755) + + if enable: + subprocess.check_call( + [systemd_sysv_install, 'enable', os.path.basename(script)]) + + def assertEnabled(self, enabled, unit='test_enable.service'): + '''assert that given unit has expected state''' + + systemctl = subprocess.Popen(['systemctl', 'is-enabled', unit], + stdout=subprocess.PIPE, + universal_newlines=True) + out = systemctl.communicate()[0].strip() + if enabled: + self.assertEqual(systemctl.returncode, 0) + self.assertEqual(out, 'enabled') + else: + self.assertEqual(systemctl.returncode, 1) + self.assertEqual(out, 'disabled') + + def test_unit_enable(self): + '''no sysv: enable unit''' + + self.create_unit() + self.assertEnabled(False) + # also works without .service suffix + self.assertEnabled(False, unit='test_enable') + + subprocess.check_call(['systemctl', 'enable', 'test_enable']) + + self.assertEnabled(True) + # also works without .service suffix + self.assertEnabled(True, unit='test_enable') + + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertTrue(os.path.islink(l)) + self.assertTrue(os.readlink(l) == system_unit_dir + '/test_enable.service' or + os.readlink(l) == '../test_enable.service') + + # enable should be idempotent + subprocess.check_call(['systemctl', 'enable', 'test_enable.service']) + self.assertEnabled(True) + + def test_unit_disable(self): + '''no sysv: disable unit''' + + self.create_unit(enable=True) + self.assertEnabled(True) + # also works without .service suffix + self.assertEnabled(True, unit='test_enable') + + subprocess.check_call(['systemctl', 'disable', 'test_enable']) + + self.assertEnabled(False) + # also works without .service suffix + self.assertEnabled(False, unit='test_enable') + + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertFalse(os.path.islink(l)) + + # disable should be idempotent + subprocess.check_call(['systemctl', 'disable', 'test_enable.service']) + self.assertEnabled(False) + + def test_unit_sysv_enable(self): + '''with sysv: enable unit''' + + self.create_unit() + self.create_sysv() + self.assertEnabled(False) + # also works without .service suffix + self.assertEnabled(False, unit='test_enable') + + subprocess.check_call(['systemctl', 'enable', 'test_enable']) + + self.assertEnabled(True) + # also works without .service suffix + self.assertEnabled(True, unit='test_enable') + + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertTrue(os.path.islink(l)) + self.assertTrue(os.readlink(l) == system_unit_dir + '/test_enable.service' or + os.readlink(l) == '../test_enable.service') + + # enabled the sysv script + l = glob('/etc/rc2.d/S??test_enable') + self.assertEqual(len(l), 1, 'expect one symlink in %s' % repr(l)) + self.assertEqual(os.readlink(l[0]), '../init.d/test_enable') + + # enable should be idempotent + subprocess.check_call(['systemctl', 'enable', 'test_enable.service']) + self.assertEnabled(True) + + def test_unit_sysv_disable(self): + '''with sysv: disable unit''' + + self.create_unit(enable=True) + self.create_sysv(enable=True) + self.assertEnabled(True) + # also works without .service suffix + self.assertEnabled(True, unit='test_enable') + + subprocess.check_call(['systemctl', 'disable', 'test_enable']) + + self.assertEnabled(False) + # also works without .service suffix + self.assertEnabled(False, unit='test_enable') + + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertFalse(os.path.islink(l)) + + # disabled the sysv script + l = glob('/etc/rc2.d/S??test_enable') + self.assertEqual(l, []) + + # disable should be idempotent + subprocess.check_call(['systemctl', 'enable', 'test_enable.service']) + self.assertEnabled(True) + + def test_unit_alias_enable(self): + '''no sysv: enable unit with an alias''' + + u = self.create_unit() + with open(u, 'a') as f: + f.write('Alias=test_enablea.service\n') + + self.assertEnabled(False) + + subprocess.check_call(['systemctl', 'enable', 'test_enable']) + + self.assertEnabled(True) + + # enablement symlink + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertTrue(os.path.islink(l)) + self.assertTrue(os.readlink(l) == system_unit_dir + '/test_enable.service' or + os.readlink(l) == '../test_enable.service') + + # alias symlink + l = '/etc/systemd/system/test_enablea.service' + self.assertTrue(os.path.islink(l)) + self.assertTrue(os.readlink(l) == system_unit_dir + '/test_enable.service' or + os.readlink(l) == 'test_enable.service') + + def test_unit_alias_disable(self): + '''no sysv: disable unit with an alias''' + + u = self.create_unit() + with open(u, 'a') as f: + f.write('Alias=test_enablea.service\n') + os.symlink(system_unit_dir + '/test_enable.service', + '/etc/systemd/system/test_enablea.service') + + subprocess.check_call(['systemctl', 'disable', 'test_enable']) + + self.assertEnabled(False) + + # enablement symlink + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertFalse(os.path.islink(l)) + + # alias symlink + l = '/etc/systemd/system/test_enablea.service' + self.assertFalse(os.path.islink(l)) + + def test_unit_sysv_alias_enable(self): + '''with sysv: enable unit with an alias''' + + u = self.create_unit() + with open(u, 'a') as f: + f.write('Alias=test_enablea.service\n') + self.create_sysv() + + self.assertEnabled(False) + + subprocess.check_call(['systemctl', 'enable', 'test_enable']) + + # enablement symlink + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertTrue(os.path.islink(l)) + self.assertTrue(os.readlink(l) == system_unit_dir + '/test_enable.service' or + os.readlink(l) == '../test_enable.service') + + # alias symlink + l = '/etc/systemd/system/test_enablea.service' + self.assertTrue(os.path.islink(l)) + self.assertTrue(os.readlink(l) == system_unit_dir + '/test_enable.service' or + os.readlink(l) == 'test_enable.service') + + # enabled the sysv script + l = glob('/etc/rc2.d/S??test_enable') + self.assertEqual(len(l), 1, 'expect one symlink in %s' % repr(l)) + self.assertEqual(os.readlink(l[0]), '../init.d/test_enable') + + self.assertEnabled(True) + + def test_unit_sysv_alias_disable(self): + '''with sysv: disable unit with an alias''' + + u = self.create_unit(enable=True) + with open(u, 'a') as f: + f.write('Alias=test_enablea.service\n') + os.symlink(system_unit_dir + '/test_enable.service', + '/etc/systemd/system/test_enablea.service') + self.create_sysv(enable=True) + + subprocess.check_call(['systemctl', 'disable', 'test_enable']) + + # enablement symlink + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertFalse(os.path.islink(l)) + + # alias symlink + l = '/etc/systemd/system/test_enablea.service' + self.assertFalse(os.path.islink(l)) + + # disabled the sysv script + l = glob('/etc/rc2.d/S??test_enable') + self.assertEqual(l, []) + + self.assertEnabled(False) + + def test_sysv_enable(self): + '''only sysv: enable''' + + self.create_sysv() + subprocess.check_call(['systemctl', 'enable', 'test_enable']) + + # enabled the sysv script + l = glob('/etc/rc2.d/S??test_enable') + self.assertEqual(len(l), 1, 'expect one symlink in %s' % repr(l)) + self.assertEqual(os.readlink(l[0]), '../init.d/test_enable') + + # enable should be idempotent + subprocess.check_call(['systemctl', 'enable', 'test_enable']) + self.assertEnabled(True) + + def test_sysv_disable(self): + '''only sysv: disable''' + + self.create_sysv(enable=True) + subprocess.check_call(['systemctl', 'disable', 'test_enable']) + + # disabled the sysv script + l = glob('/etc/rc2.d/S??test_enable') + self.assertEqual(l, []) + + # disable should be idempotent + subprocess.check_call(['systemctl', 'disable', 'test_enable']) + self.assertEnabled(False) + + def test_unit_link(self): + '''systemctl link''' + + with tempfile.NamedTemporaryFile(suffix='.service') as f: + f.write(b'[Unit]\n') + f.flush() + subprocess.check_call(['systemctl', 'link', f.name]) + + unit = os.path.basename(f.name) + l = os.path.join('/etc/systemd/system', unit) + self.assertEqual(os.readlink(l), f.name) + + # disable it again + subprocess.check_call(['systemctl', 'disable', unit]) + # this should also remove the unit symlink + self.assertFalse(os.path.islink(l)) + + def test_unit_enable_full_path(self): + '''systemctl enable a unit in a non-default path''' + + with tempfile.NamedTemporaryFile(suffix='.service') as f: + f.write(b'''[Unit] +Description=test +[Service] +ExecStart=/bin/true +[Install] +WantedBy=multi-user.target''') + f.flush() + unit = os.path.basename(f.name) + + # now enable it + subprocess.check_call(['systemctl', 'enable', f.name]) + self.assertEnabled(True, unit=unit) + l = os.path.join('/etc/systemd/system', unit) + self.assertEqual(os.readlink(l), f.name) + enable_l = '/etc/systemd/system/multi-user.target.wants/' + unit + self.assertTrue(os.readlink(enable_l) == f.name or + os.readlink(enable_l) == '../' + unit) + + # disable it again + subprocess.check_call(['systemctl', 'disable', unit]) + # self.assertEnabled(False) does not work as now systemd does not + # know about the unit at all any more + self.assertFalse(os.path.islink(enable_l)) + # this should also remove the unit symlink + self.assertFalse(os.path.islink(l)) + + +if __name__ == '__main__': + unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout, + verbosity=2)) diff --git a/tests/unit-tests b/tests/unit-tests new file mode 100755 index 00000000..95ccb9b9 --- /dev/null +++ b/tests/unit-tests @@ -0,0 +1,6 @@ +#!/bin/sh +# run upstream unit tests +set -e + +export ARTIFACT_DIRECTORY=$AUTOPKGTEST_ARTIFACTS +/usr/lib/systemd/tests/run-unit-tests.py diff --git a/tests/upstream b/tests/upstream new file mode 100755 index 00000000..ea695527 --- /dev/null +++ b/tests/upstream @@ -0,0 +1,161 @@ +#!/bin/sh +# run upstream system integration tests via mkosi +set -e +set -x + +RELEASE=$( + . /etc/os-release; + if [ "$ID" = "ubuntu" ]; then + echo "$VERSION_CODENAME" + elif [ "$ID" = "debian" ]; then + if [ -n "$VERSION_ID" ] && [ -n "$VERSION_CODENAME" ]; then + echo "$VERSION_CODENAME" + else + debian_version="$(cat /etc/debian_version)" + if [ "${debian_version#*/}" = sid ]; then + if [ "$VERSION_CODENAME" = sid ] || grep -q -r sid /etc/apt/sources.list* || grep -q -r unstable /etc/apt/sources.list*; then + echo "unstable" + else + echo "$VERSION_CODENAME" + fi + fi + fi + fi +) + +cleanup () { + if [ -f "${workdir}/btrfs/build/meson-logs/testlog.txt" ]; then + cp "${workdir}/btrfs/build/meson-logs/testlog.txt" "$AUTOPKGTEST_ARTIFACTS" + fi + if [ -d "${workdir}/btrfs/build/test/journal" ]; then + cp -r "${workdir}/btrfs/build/test/journal" "$AUTOPKGTEST_ARTIFACTS" + fi + if [ -n "$workdir" ]; then + umount "$workdir/btrfs" || true + losetup --detach "$loop" || true + rm -rf "$workdir" + fi +} + +# apparmor is not compatible with swtpm +aa-teardown >/dev/null 2>&1 || true +# we need user namespaces for some tests running in nspawn +sysctl -we kernel.apparmor_restrict_unprivileged_unconfined=0 +sysctl -we kernel.apparmor_restrict_unprivileged_userns=0 + +mkdir -p /run/systemd/resolved.conf.d/ +tee /run/systemd/resolved.conf.d/dns.conf <&3 + +udevadm info --export-db >$DIR/udev-database.txt +echo "$DIR/udev-database.txt" >&3 + +echo "-- END ATTACHMENTS --" >&3 diff --git a/udev.debian-udev.sysusers b/udev.debian-udev.sysusers new file mode 100644 index 00000000..e8861ff2 --- /dev/null +++ b/udev.debian-udev.sysusers @@ -0,0 +1,9 @@ +# System groups used by udev rules +g input - +g sgx - + +# Group for /dev/kvm +g kvm - + +# Group for /dev/dri/renderD* +g render - diff --git a/udev.install b/udev.install new file mode 100755 index 00000000..e96c2715 --- /dev/null +++ b/udev.install @@ -0,0 +1,68 @@ +#!/usr/bin/dh-exec +etc/udev/ +usr/bin/systemd-hwdb +usr/bin/udevadm +usr/lib/systemd/network/99-default.link +usr/lib/systemd/systemd-udevd +usr/lib/systemd/system/sockets.target.wants/systemd-udevd-control.socket +usr/lib/systemd/system/sockets.target.wants/systemd-udevd-kernel.socket +usr/lib/systemd/system/sysinit.target.wants/systemd-hwdb-update.service +usr/lib/systemd/system/sysinit.target.wants/systemd-udevd.service +usr/lib/systemd/system/sysinit.target.wants/systemd-udev-trigger.service +usr/lib/systemd/system/systemd-hwdb-update.service +usr/lib/systemd/system/systemd-udevd-control.socket +usr/lib/systemd/system/systemd-udevd-kernel.socket +usr/lib/systemd/system/systemd-udev-load-credentials.service +usr/lib/systemd/system/systemd-udevd.service +usr/lib/systemd/system/systemd-udev-settle.service +usr/lib/systemd/system/systemd-udev-trigger.service +usr/lib/tmpfiles.d/static-nodes-permissions.conf +usr/lib/udev/ata_id +usr/lib/udev/cdrom_id +[amd64 arm64 armel armhf ia64 i386 loong64 riscv64 x32] usr/lib/udev/dmi_memory_id +usr/lib/udev/fido_id +usr/lib/udev/iocost +usr/lib/udev/mtd_probe +usr/lib/udev/scsi_id +usr/lib/udev/v4l_id +usr/lib/udev/hwdb.d/ +usr/lib/udev/rules.d/50-udev-default.rules +usr/lib/udev/rules.d/60-autosuspend.rules +usr/lib/udev/rules.d/60-block.rules +usr/lib/udev/rules.d/60-cdrom_id.rules +usr/lib/udev/rules.d/60-dmi-id.rules +usr/lib/udev/rules.d/60-drm.rules +usr/lib/udev/rules.d/60-evdev.rules +usr/lib/udev/rules.d/60-fido-id.rules +usr/lib/udev/rules.d/60-infiniband.rules +usr/lib/udev/rules.d/60-input-id.rules +usr/lib/udev/rules.d/60-persistent-alsa.rules +usr/lib/udev/rules.d/60-persistent-input.rules +usr/lib/udev/rules.d/60-persistent-storage-mtd.rules +usr/lib/udev/rules.d/60-persistent-storage.rules +usr/lib/udev/rules.d/60-persistent-storage-tape.rules +usr/lib/udev/rules.d/60-persistent-v4l.rules +usr/lib/udev/rules.d/60-sensor.rules +usr/lib/udev/rules.d/60-serial.rules +usr/lib/udev/rules.d/64-btrfs.rules +usr/lib/udev/rules.d/70-camera.rules +usr/lib/udev/rules.d/70-joystick.rules +[amd64 arm64 armel armhf ia64 i386 loong64 riscv64 x32] usr/lib/udev/rules.d/70-memory.rules +usr/lib/udev/rules.d/70-mouse.rules +usr/lib/udev/rules.d/70-power-switch.rules +usr/lib/udev/rules.d/70-touchpad.rules +usr/lib/udev/rules.d/75-net-description.rules +usr/lib/udev/rules.d/75-probe_mtd.rules +usr/lib/udev/rules.d/78-sound-card.rules +usr/lib/udev/rules.d/80-drivers.rules +usr/lib/udev/rules.d/80-net-setup-link.rules + usr/lib/udev/rules.d/81-net-bridge.rules +usr/lib/udev/rules.d/81-net-dhcp.rules +usr/lib/udev/rules.d/90-iocost.rules +usr/share/bash-completion/completions/udevadm +usr/share/zsh/vendor-completions/_udevadm +../extra/initramfs-tools usr/share/ +../extra/rules/*.rules usr/lib/udev/rules.d/ +../extra/network/*.link usr/lib/systemd/network/ +../extra/fbdev-blacklist.conf usr/lib/modprobe.d/ +../extra/units/systemd-udevd.service.d usr/lib/systemd/system/ diff --git a/udev.links b/udev.links new file mode 100644 index 00000000..db17449b --- /dev/null +++ b/udev.links @@ -0,0 +1,2 @@ +# drop the compat symlink in forky +/usr/lib/systemd/system/systemd-udevd.service /usr/lib/systemd/system/udev.service diff --git a/udev.lintian-overrides b/udev.lintian-overrides new file mode 100644 index 00000000..a8202058 --- /dev/null +++ b/udev.lintian-overrides @@ -0,0 +1,4 @@ +# Our units without [Install] are either event driven or statically enabled +udev: systemd-service-file-missing-install-key +# Lintian is really bad at associating manpages +udev: spare-manual-page diff --git a/udev.maintscript b/udev.maintscript new file mode 100644 index 00000000..7a1a0832 --- /dev/null +++ b/udev.maintscript @@ -0,0 +1 @@ +rm_conffile /etc/init.d/udev 254.3-1~ diff --git a/udev.manpages b/udev.manpages new file mode 100644 index 00000000..508365dc --- /dev/null +++ b/udev.manpages @@ -0,0 +1,11 @@ +debian/tmp/usr/share/man/man5/udev.conf.5 +debian/tmp/usr/share/man/man5/udev.conf.d.5 +debian/tmp/usr/share/man/man5/systemd.link.5 +debian/tmp/usr/share/man/man7/hwdb.7 +debian/tmp/usr/share/man/man7/udev.7 +debian/tmp/usr/share/man/man8/systemd-hwdb.8 +debian/tmp/usr/share/man/man8/systemd-udevd-control.socket.8 +debian/tmp/usr/share/man/man8/systemd-udevd-kernel.socket.8 +debian/tmp/usr/share/man/man8/systemd-udevd.8 +debian/tmp/usr/share/man/man8/systemd-udevd.service.8 +debian/tmp/usr/share/man/man8/udevadm.8 diff --git a/udev.postinst b/udev.postinst new file mode 100644 index 00000000..9215d3f5 --- /dev/null +++ b/udev.postinst @@ -0,0 +1,25 @@ +#!/bin/sh + +set -e + +update_hwdb() { + systemd-hwdb --usr update || true +} + +case "$1" in + configure) + # update/create hwdb before we (re)start udev + update_hwdb + + if dpkg --compare-versions "$2" lt-nl "254.3-1~" && [ ! -f /etc/init.d/udev ]; then + update-rc.d udev remove || true + fi + ;; + + triggered) + update_hwdb + exit 0 + ;; +esac + +#DEBHELPER# diff --git a/udev.postrm b/udev.postrm new file mode 100644 index 00000000..a4e64553 --- /dev/null +++ b/udev.postrm @@ -0,0 +1,14 @@ +#!/bin/sh + +set -e + +case "$1" in + purge) + rm -f /etc/udev/rules.d/70-persistent-*.rules + rmdir --ignore-fail-on-non-empty /etc/udev/rules.d/ 2> /dev/null || true + rm -f /usr/lib/udev/hwdb.bin + rm -f /var/log/udev + ;; +esac + +#DEBHELPER# diff --git a/udev.preinst b/udev.preinst new file mode 100644 index 00000000..96a4c5e1 --- /dev/null +++ b/udev.preinst @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +is_merged() { + local directories="/bin /sbin /lib" + for dir in $directories; do + [ -e "$DPKG_ROOT$dir" ] || continue + [ "$(readlink -f "$DPKG_ROOT$dir")" = "$DPKG_ROOT/usr$dir" ] || return 1 + done + + # Avoid an exact match, as the target might vary depending on the tool + # building the image. For example, systemd-nspawn links /lib64 to + # /usr/lib/aarch64-linux-gnu on arm64, while on amd64 debootstrap links it to + # /usr/lib64 and doesn't create it at all on arm64. + # See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019575 + local arch_directories="/lib64 /lib32 /libo32 /libx32" + for dir in $arch_directories; do + [ -e "$DPKG_ROOT$dir" ] || continue + case "$(readlink -f "$DPKG_ROOT$dir")" in + "$DPKG_ROOT/usr/lib"*) ;; + *) return 1;; + esac + done + + return 0 +} + +fail_if_unmerged() { + if is_merged; then return; fi + + cat << END + + +****************************************************************************** +* +* The udev package cannot be installed because this system does +* not have a merged /usr. +* +* Please install the usrmerge package to convert this system to merged-/usr. +* +* For more information please read https://wiki.debian.org/UsrMerge. +* +****************************************************************************** + + +END + exit 1 +} + +case "$1" in + install|upgrade) + fail_if_unmerged + ;; +esac + +#DEBHELPER# diff --git a/udev.triggers b/udev.triggers new file mode 100644 index 00000000..5ee81a8c --- /dev/null +++ b/udev.triggers @@ -0,0 +1,4 @@ +interest-noawait /usr/lib/udev/hwdb.d +# Trigger duplicated according to DEP17-M12. Remove the non-/usr interest after +# forky has been released. +interest-noawait /lib/udev/hwdb.d diff --git a/upstream/metadata b/upstream/metadata new file mode 100644 index 00000000..a400b840 --- /dev/null +++ b/upstream/metadata @@ -0,0 +1,4 @@ +Bug-Database: https://github.com/systemd/systemd/issues +Bug-Submit: https://github.com/systemd/systemd/issues/new +Repository: https://github.com/systemd/systemd.git +Repository-Browse: https://github.com/systemd/systemd diff --git a/watch b/watch new file mode 100644 index 00000000..e04409c5 --- /dev/null +++ b/watch @@ -0,0 +1,3 @@ +version=4 +opts=uversionmangle=s/-rc/~rc/,filenamemangle=s/.+\/v?(\d\S*)\.tar\.gz/systemd-$1\.tar\.gz/ \ + https://github.com/systemd/systemd/tags .*/v?(257.\d\S*)\.tar\.gz -- 2.30.2