diff options
-rw-r--r-- | debian/changelog | 25 | ||||
-rw-r--r-- | debian/control | 3 | ||||
-rw-r--r-- | debian/extra/dbus-1/system.d/systemd-localed-read-only.conf | 23 | ||||
-rw-r--r-- | debian/patches/debian/localectl-disable-keymap-support.patch | 76 | ||||
-rw-r--r-- | debian/patches/series | 1 | ||||
-rwxr-xr-x | debian/rules | 5 | ||||
-rw-r--r-- | debian/systemd-timesyncd.install | 2 | ||||
-rw-r--r-- | debian/systemd-timesyncd.manpages | 2 | ||||
-rwxr-xr-x | debian/systemd.install | 4 | ||||
-rw-r--r-- | debian/systemd.links | 3 | ||||
-rwxr-xr-x | debian/systemd.manpages | 2 | ||||
-rwxr-xr-x | debian/tests/boot-and-services | 12 | ||||
-rw-r--r-- | debian/tests/control | 4 | ||||
-rwxr-xr-x | debian/tests/upstream | 21 |
14 files changed, 94 insertions, 89 deletions
diff --git a/debian/changelog b/debian/changelog index 92a4013..b8d504e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,28 @@ +systemd (256.4-1) unstable; urgency=medium + + [ Nick Rosbrook ] + * Move systemd-time-wait-sync to systemd-timesyncd package + (LP: #1938058) + * d/t/boot-and-services: skip test_tmp_cleanup if tmp.mount is + overridden + * d/t/upstream: ensure correct ubuntu codename is used + * d/t/control: add Depends: lib{systemd,udev}-dev for upstream + + [ Luca Boccassi ] + * Drop /etc/sysctl.d/99-sysctl.conf symlink procps no longer ships + /etc/sysctl.conf (Closes: #1076190) + * autopkgtest: add allow-stderr to timedated test + * autopkgtest: set Release= in mkosi.local.conf to distinguish testing + vs unstable + * Drop out-of-tree localed patch and use D-Bus policy instead. We can + forbid changing locale/keymap/keyboard via a D-Bus policy instead of + an out-of-tree patch. + * New upstream version 256.4 (Closes: #1074789) + * Install varlinkctl zsh completion file + * Drop last patch, all merged upstream + + -- Luca Boccassi <bluca@debian.org> Wed, 24 Jul 2024 14:23:56 +0100 + systemd (256.2-1~progress7.99u1) graograman-backports; urgency=medium * Uploading to graograman-backports, remaining changes: diff --git a/debian/control b/debian/control index 767ea46..4036b17 100644 --- a/debian/control +++ b/debian/control @@ -218,7 +218,8 @@ Depends: ${shlibs:Depends}, systemd Recommends: ${dlopen:Recommends}, Suggests: ${dlopen:Suggests}, -Conflicts: time-daemon +Conflicts: time-daemon, + systemd (<< 256.2-2~), Replaces: time-daemon Provides: time-daemon Description: minimalistic service to synchronize local time with NTP servers diff --git a/debian/extra/dbus-1/system.d/systemd-localed-read-only.conf b/debian/extra/dbus-1/system.d/systemd-localed-read-only.conf new file mode 100644 index 0000000..10eea7b --- /dev/null +++ b/debian/extra/dbus-1/system.d/systemd-localed-read-only.conf @@ -0,0 +1,23 @@ +<?xml version="1.0"?> <!--*-nxml-*--> +<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" + "https://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> + +<!-- +On Debian and derivatives keymap/locales/etc are not set via localed, +but from legacy and incompatible components. But we still need to +enable localed so that GNOME can query it. Ensure not even root can +use it to modify the settings. +--> + +<busconfig> + <policy user="root"> + <deny send_destination="org.freedesktop.locale1" send_interface="org.freedesktop.locale1" send_member="SetLocale"/> + <deny send_destination="org.freedesktop.locale1" send_interface="org.freedesktop.locale1" send_member="SetVConsoleKeyboard"/> + <deny send_destination="org.freedesktop.locale1" send_interface="org.freedesktop.locale1" send_member="SetX11Keyboard"/> + </policy> + <policy context="default"> + <deny send_destination="org.freedesktop.locale1" send_interface="org.freedesktop.locale1" send_member="SetLocale"/> + <deny send_destination="org.freedesktop.locale1" send_interface="org.freedesktop.locale1" send_member="SetVConsoleKeyboard"/> + <deny send_destination="org.freedesktop.locale1" send_interface="org.freedesktop.locale1" send_member="SetX11Keyboard"/> + </policy> +</busconfig> diff --git a/debian/patches/debian/localectl-disable-keymap-support.patch b/debian/patches/debian/localectl-disable-keymap-support.patch deleted file mode 100644 index 70f0257..0000000 --- a/debian/patches/debian/localectl-disable-keymap-support.patch +++ /dev/null @@ -1,76 +0,0 @@ -From: Luca Boccassi <bluca@debian.org> -Date: Wed, 8 Feb 2023 20:34:38 +0000 -Subject: localectl-disable-keymap-support - -We no longer support old debianisms such as /etc/default/keyboard, -so disable the keymap interface in localectl until a definitive -solution is found. - -Update the test suite to skip tests for unsupported localectl features. ---- - src/locale/localectl.c | 11 ++++++----- - test/units/TEST-73-LOCALE.sh | 6 ++++++ - 2 files changed, 12 insertions(+), 5 deletions(-) - -diff --git a/src/locale/localectl.c b/src/locale/localectl.c -index 3235402..c4fb1f2 100644 ---- a/src/locale/localectl.c -+++ b/src/locale/localectl.c -@@ -383,6 +383,10 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { - return 0; - } - -+static int not_supported(int argc, char **argv, void *userdata) { -+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Setting X11 and console keymaps is not supported in Debian."); -+} -+ - static int help(void) { - _cleanup_free_ char *link = NULL; - int r; -@@ -397,10 +401,7 @@ static int help(void) { - " status Show current locale settings\n" - " set-locale LOCALE... Set system locale\n" - " list-locales Show known locales\n" -- " set-keymap MAP [MAP] Set console and X11 keyboard mappings\n" - " list-keymaps Show known virtual console keyboard mappings\n" -- " set-x11-keymap LAYOUT [MODEL [VARIANT [OPTIONS]]]\n" -- " Set X11 and console keyboard mappings\n" - " list-x11-keymap-models Show known X11 keyboard mapping models\n" - " list-x11-keymap-layouts Show known X11 keyboard mapping layouts\n" - " list-x11-keymap-variants [LAYOUT]\n" -@@ -500,9 +501,9 @@ static int localectl_main(sd_bus *bus, int argc, char *argv[]) { - { "status", VERB_ANY, 1, VERB_DEFAULT, show_status }, - { "set-locale", 2, VERB_ANY, 0, set_locale }, - { "list-locales", VERB_ANY, 1, 0, list_locales }, -- { "set-keymap", 2, 3, 0, set_vconsole_keymap }, -+ { "set-keymap", 2, 3, 0, not_supported }, - { "list-keymaps", VERB_ANY, 1, 0, list_vconsole_keymaps }, -- { "set-x11-keymap", 2, 5, 0, set_x11_keymap }, -+ { "set-x11-keymap", 2, 5, 0, not_supported }, - { "list-x11-keymap-models", VERB_ANY, 1, 0, list_x11_keymaps }, - { "list-x11-keymap-layouts", VERB_ANY, 1, 0, list_x11_keymaps }, - { "list-x11-keymap-variants", VERB_ANY, 2, 0, list_x11_keymaps }, -diff --git a/test/units/TEST-73-LOCALE.sh b/test/units/TEST-73-LOCALE.sh -index 18539b8..1af6c70 100755 ---- a/test/units/TEST-73-LOCALE.sh -+++ b/test/units/TEST-73-LOCALE.sh -@@ -197,6 +197,9 @@ wait_vconsole_setup() { - testcase_vc_keymap() { - local i output vc - -+ echo "Setting X11 and console keymaps is not supported in Debian, skipping test." -+ return -+ - if [[ -z "$(localectl list-keymaps)" ]]; then - echo "No vconsole keymap installed, skipping test." - return -@@ -267,6 +270,9 @@ testcase_vc_keymap() { - testcase_x11_keymap() { - local output - -+ echo "Setting X11 and console keymaps is not supported in Debian, skipping test." -+ return -+ - if [[ -z "$(localectl list-x11-keymap-layouts)" ]]; then - echo "No x11 keymap installed, skipping test." - return diff --git a/debian/patches/series b/debian/patches/series index 76d2756..a00f68b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,4 +1,3 @@ -debian/localectl-disable-keymap-support.patch progress-linux/0001-agetty-nohostname.patch progress-linux/0002-proc-hidepid.patch progress-linux/0003-logind-noautovts.patch diff --git a/debian/rules b/debian/rules index e326444..0e77aa5 100755 --- a/debian/rules +++ b/debian/rules @@ -89,7 +89,6 @@ CONFFLAGS = \ -Dlink-udev-shared=false \ -Dlink-systemctl-shared=false \ -Dntp-servers="$(DEFAULT_NTP_SERVERS)" \ - -Ddns-servers='' \ -Dsystem-uid-max=999 \ -Dsystem-gid-max=999 \ -Dnobody-user=nobody \ @@ -226,6 +225,10 @@ endif endif endif +ifeq (, $(filter pkg.systemd.upstream, $(DEB_BUILD_PROFILES))) +CONFFLAGS += -Ddns-servers='' +endif + override_dh_auto_configure: dh_auto_configure \ -- $(CONFFLAGS) $(CONFFLAGS_DISTRO) $(CONFFLAGS_UPSTREAM) diff --git a/debian/systemd-timesyncd.install b/debian/systemd-timesyncd.install index a1f72a3..fd21ff0 100644 --- a/debian/systemd-timesyncd.install +++ b/debian/systemd-timesyncd.install @@ -6,3 +6,5 @@ usr/lib/sysusers.d/systemd-timesync.conf usr/share/dbus-1/system.d/org.freedesktop.timesync1.conf usr/share/dbus-1/system-services/org.freedesktop.timesync1.service ../extra/dhclient-exit-hooks.d/ etc/dhcp/ +usr/lib/systemd/systemd-time-wait-sync +usr/lib/systemd/system/systemd-time-wait-sync.service diff --git a/debian/systemd-timesyncd.manpages b/debian/systemd-timesyncd.manpages index b77577f..a61344b 100644 --- a/debian/systemd-timesyncd.manpages +++ b/debian/systemd-timesyncd.manpages @@ -1 +1,3 @@ usr/share/man/man*/*timesyncd* +debian/tmp/usr/share/man/man8/systemd-time-wait-sync.8 +debian/tmp/usr/share/man/man8/systemd-time-wait-sync.service.8 diff --git a/debian/systemd.install b/debian/systemd.install index df5f857..e3cd8c1 100755 --- a/debian/systemd.install +++ b/debian/systemd.install @@ -139,7 +139,6 @@ usr/lib/systemd/systemd-sulogin-shell usr/lib/systemd/systemd-sysctl usr/lib/systemd/systemd-sysroot-fstab-check usr/lib/systemd/systemd-timedated -usr/lib/systemd/systemd-time-wait-sync [amd64 i386 arm64 armhf riscv64] <!stage1> usr/lib/systemd/systemd-tpm2-setup usr/lib/systemd/systemd-update-done usr/lib/systemd/systemd-update-utmp @@ -365,7 +364,6 @@ usr/lib/systemd/system/systemd-sysext@.service usr/lib/systemd/system/systemd-sysext.socket usr/lib/systemd/system/systemd-sysusers.service usr/lib/systemd/system/systemd-timedated.service -usr/lib/systemd/system/systemd-time-wait-sync.service usr/lib/systemd/system/systemd-tmpfiles-clean.service usr/lib/systemd/system/systemd-tmpfiles-clean.timer usr/lib/systemd/system/systemd-tmpfiles-setup-dev-early.service @@ -512,6 +510,7 @@ usr/share/zsh/vendor-completions/_systemd-path usr/share/zsh/vendor-completions/_systemd-run usr/share/zsh/vendor-completions/_systemd-tmpfiles usr/share/zsh/vendor-completions/_timedatectl +usr/share/zsh/vendor-completions/_varlinkctl var/lib/systemd/ ../extra/init-functions.d usr/lib/lsb/ ../extra/tmpfiles.d/*.conf usr/lib/tmpfiles.d/ @@ -529,3 +528,4 @@ var/lib/systemd/ ../extra/user.conf.d/10-coredump-debian.conf usr/lib/systemd/user.conf.d/ ../extra/sysctl.d/10-coredump-debian.conf usr/lib/sysctl.d/ ../extra/limits.d/10-coredump-debian.conf etc/security/limits.d/ +../extra/dbus-1/system.d/systemd-localed-read-only.conf usr/share/dbus-1/system.d/ diff --git a/debian/systemd.links b/debian/systemd.links index f19ac90..6512380 100644 --- a/debian/systemd.links +++ b/debian/systemd.links @@ -20,6 +20,3 @@ # Enable Debian specific units /usr/lib/systemd/system/getty-static.service /usr/lib/systemd/system/getty.target.wants/getty-static.service /usr/lib/systemd/system/run-lock.mount /usr/lib/systemd/system/local-fs.target.wants/run-lock.mount - -# Create a compat symlink as systemd-sysctl no longer reads /etc/sysctl.conf -/etc/sysctl.conf /etc/sysctl.d/99-sysctl.conf diff --git a/debian/systemd.manpages b/debian/systemd.manpages index 2d20132..e6bb5a9 100755 --- a/debian/systemd.manpages +++ b/debian/systemd.manpages @@ -241,8 +241,6 @@ debian/tmp/usr/share/man/man8/systemd-sysusers.service.8 debian/tmp/usr/share/man/man8/systemd-sysv-generator.8 debian/tmp/usr/share/man/man8/systemd-timedated.8 debian/tmp/usr/share/man/man8/systemd-timedated.service.8 -debian/tmp/usr/share/man/man8/systemd-time-wait-sync.8 -debian/tmp/usr/share/man/man8/systemd-time-wait-sync.service.8 debian/tmp/usr/share/man/man8/systemd-tmpfiles.8 debian/tmp/usr/share/man/man8/systemd-tmpfiles-clean.service.8 debian/tmp/usr/share/man/man8/systemd-tmpfiles-clean.timer.8 diff --git a/debian/tests/boot-and-services b/debian/tests/boot-and-services index e4ed862..45c02c9 100755 --- a/debian/tests/boot-and-services +++ b/debian/tests/boot-and-services @@ -129,6 +129,14 @@ class ServicesTest(unittest.TestCase): @unittest.skipIf('pkg.systemd.upstream' in os.environ.get('DEB_BUILD_PROFILES', ''), 'Debian specific configuration, N/A for upstream') def test_tmp_cleanup(self): + # autopkgtest overrides tmp.mount with empty /etc/systemd/system/tmp.mount + # as a workaround for issues where /tmp is filled up too easily. LP: #2069834 + try: + if os.stat('/etc/systemd/system/tmp.mount').st_size == 0: + self.skipTest('autopkgtest environment has overridden tmp.mount') + except FileNotFoundError: + pass + # systemd-tmpfiles-clean.timer only runs 15 mins after boot, shortcut # it self.assertEqual(subprocess.call( @@ -218,8 +226,8 @@ poweroff\n''') out = nspawn.communicate(timeout=60)[0] self.assertIn(b'Spawning container c1', out) self.assertIn(b'fake container started', out) - self.assertRegex(out, b'\n\s+1\s+0\s+init[\r\n]') - self.assertRegex(out, b'\n\s+2+\s+0\s.*rcS[\r\n]') + self.assertRegex(out, rb'\n\s+1\s+0\s+init[\r\n]') + self.assertRegex(out, rb'\n\s+2+\s+0\s.*rcS[\r\n]') self.assertRegex(out, b'Container c1.*shut down') self.assertEqual(nspawn.returncode, 0) diff --git a/debian/tests/control b/debian/tests/control index 6c8f773..141c0dc 100644 --- a/debian/tests/control +++ b/debian/tests/control @@ -7,7 +7,7 @@ Depends: systemd, acl, locales, evemu-tools, -Restrictions: needs-root, isolation-container, skippable, breaks-testbed +Restrictions: needs-root, allow-stderr, isolation-container, skippable, breaks-testbed Tests: unit-config Depends: systemd, @@ -152,6 +152,8 @@ Depends: systemd (>= 254~), libnss-mymachines, libnss-resolve, libnss-systemd, + libsystemd-dev, + libudev-dev, qemu-system-x86 [amd64 i386], qemu-system-arm [arm64 armhf], qemu-system-ppc [ppc64el], diff --git a/debian/tests/upstream b/debian/tests/upstream index 3736f39..7d81f29 100755 --- a/debian/tests/upstream +++ b/debian/tests/upstream @@ -3,6 +3,26 @@ set -e set -x +RELEASE=$( + . /etc/os-release; + if [ "$ID" = "ubuntu" ]; then + echo "$VERSION_CODENAME" + elif [ "$ID" = "debian" ]; then + if [ -n "$VERSION_ID" ] && [ -n "$VERSION_CODENAME" ]; then + echo "$VERSION_CODENAME" + else + debian_version="$(cat /etc/debian_version)" + if [ "${debian_version#*/}" = sid ]; then + if [ "$VERSION_CODENAME" = sid ] || grep -q -r sid /etc/apt/sources.list* || grep -q -r unstable /etc/apt/sources.list*; then + echo "unstable" + else + echo "$VERSION_CODENAME" + fi + fi + fi + fi +) + cleanup () { if [ -f "${workdir}/btrfs/build/meson-logs/testlog.txt" ]; then cp "${workdir}/btrfs/build/meson-logs/testlog.txt" "$AUTOPKGTEST_ARTIFACTS" @@ -61,6 +81,7 @@ PackageCacheDirectory=$workdir/cache [Distribution] PackageManagerTrees=/etc/apt/preferences.d/:/etc/apt/preferences.d/ +${RELEASE:+"Release=${RELEASE}"} [Content] Environment=NO_BUILD=1 NO_SYNC=1 ARTIFACT_DIRECTORY="$AUTOPKGTEST_ARTIFACTS" TEST_SAVE_JOURNAL=fail TEST_SHOW_JOURNAL=warning |