diff options
Diffstat (limited to 'debian')
64 files changed, 693 insertions, 1575 deletions
diff --git a/debian/NEWS b/debian/NEWS index ebd5237..930fe71 100644 --- a/debian/NEWS +++ b/debian/NEWS @@ -1,3 +1,70 @@ +systemd (256~rc3-3) unstable; urgency=medium + + - /tmp/ is now by default a tmpfs, via the tmp.mount unit provided upstream. + The old default setup can be retained simply by masking the unit locally + with (do not do this if you are defining /tmp/ manually in /etc/fstab): + + systemctl mask tmp.mount + + or: + + touch /etc/systemd/system/tmp.mount + + It is recommended to check /tmp/ for any leftover files before rebooting + after installing this update and manually cleaning up, as the directory + will longer be cleaned up automatically on boot, as it is overmounted. It + is always possible to remount the root filesystem in a local directory + and remove leftovers manually after rebooting, but this will not be done + automatically to avoid unintential removals. This situation can be easily + detected by checking the journal after a reboot, as there will be a log + message that says: + + tmp.mount: Directory /tmp to mount over is not empty, mounting anyway + + - /run/lock/ is no longer created with a patch before units start, but by + a standard early-boot run-lock.mount unit that is ordered before + local-fs.target. Any service needing to use /run/lock/ and running before + sysinit.target (ie, they likely define DefaultDependencies=no) will need + to be explicitly ordered with After=run-lock.mount. The two known cases + where this happens in the archive have a bug+MR filed already. + + - On new installations, tmpfiles.d will now cleanup by default files + that have not been changed or accessed on /tmp/ for 10 days, and /var/tmp/ + for 30 days. The legacy behaviour can be configured with a local override + if needed: + + echo 'D /tmp 1777' > /etc/tmpfiles.d/tmp.conf + + This override will be automatically provided for upgrades of existing + systems from previous releases to Trixie. As a reminder, individual + files and directories can be marked for exclusion from cleanups with + the 'x' type configuration line as described in the tmpfiles.d manpage, + for example: + + echo 'x /tmp/my-precious' > /etc/tmpfiles.d/precious.conf + + - coredumps are now disabled by default via configuration files rather than + an out-of-tree patch (installing the optional systemd-coredump package + will enable them as before). As always, overriding via local drop-ins is + possible if desired. The configuration files that respectively affect + the system systemd instance, the user systemd instances and PAM sessions + are: + + /usr/lib/systemd/system.conf.d/10-coredump-debian.conf + /usr/lib/systemd/user.conf.d/10-coredump-debian.conf + /usr/lib/sysctl.d/10-coredump-debian.conf + /etc/security/limits.d/10-coredump-debian.conf + + -- Luca Boccassi <bluca@debian.org> Tue, 28 May 2024 00:07:57 +0100 + +systemd (256~rc2-1) unstable; urgency=medium + + In the rare case a scheduled shutdown fails to be enqueued (most + likely, D-Bus daemon/broker is not installed), the system will now + immediately reboot, restoring the default behaviour intended upstream. + + -- Luca Boccassi <bluca@debian.org> Wed, 15 May 2024 00:40:56 +0100 + systemd (253~rc2-1) experimental; urgency=medium TuxOnIce is no longer supported directly (via an out-of-tree patch) diff --git a/debian/changelog b/debian/changelog index a6b3043..a8102eb 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,255 @@ +systemd (256-1) unstable; urgency=medium + + [ Kevin Fleming ] + * Additional workaround for links to legacy /usr/share/systemd/tmp.mount + placeholder + + [ Yu Watanabe ] + * debian/extra/network: use NamePolicy=mac only when ID_NET_NAME_MAC is + set. + + [ Luca Boccassi ] + * New upstream version 256. For a full list of changes, see: + https://github.com/systemd/systemd/releases/tag/v256 + + -- Luca Boccassi <bluca@debian.org> Tue, 11 Jun 2024 22:59:12 +0100 + +systemd (256~rc4-1) unstable; urgency=high + + [ Luca Boccassi ] + * Restart managers on libc-upgrade dpkg trigger (Closes: #1072373) + * LimitCORE: restore default hard limit to infinity. The intention was + to change the soft limit, but by default it applies to both unless + specified, so fix it. + * New upstream version 256~rc4 + * Drop patches merged upstream + + [ Nick Rosbrook ] + * debian/extra: set ManagedOOMSwap=auto on -.slice. This has the effect + of disabling swap kill by default, so cgroups will only be monitored + for memory pressure, and not swap usage. + * debian/extra: use a drop-in resolved.conf to configure Cache=no- + negative. Only ship this on Ubuntu. + * debian/extra: use a dropin to configure Nice=-1 on systemd- + journald.service. Only ship this on Ubuntu. + + [ Dan Streetman ] + * debian/tests/storage: without scsi_debug, skip test + + -- Luca Boccassi <bluca@debian.org> Thu, 06 Jun 2024 20:49:17 +0100 + +systemd (256~rc3-7) unstable; urgency=medium + + * NEWS: note that any leftover file in /tmp/ will be invisible due to + the tmpfs and other clarifications (Closes: #1072249) + * Add pkg.systemd.noukify profile. Will be useful for i386 reduced + builds + * d/rules: be more robust against non-existing dirs when deleting files + * Allow setting GENSYMBOLS_LEVEL from the environment. Needed when + building with llvm to work around #986746 + + -- Luca Boccassi <bluca@debian.org> Sat, 01 Jun 2024 12:30:39 +0100 + +systemd (256~rc3-6) unstable; urgency=medium + + * NEWS: clarify tmpfiles.d entry (Closes: #1072155) + * Override false positive Lintian warning + * Add workaround for links to legacy /usr/share/systemd/tmp.mount + placeholder. Some users apparently link to the placeholder in + /usr/share/ so delete any such links, given we don't ship it anymore + (Closes: #1072187) + + -- Luca Boccassi <bluca@debian.org> Thu, 30 May 2024 18:11:19 +0100 + +systemd (256~rc3-5) unstable; urgency=medium + + * homed: fixup pam-auth-update file via trigger pam-auth-update assumes + nothing comes after a password module, but this is not true for + pam_systemd_home, which is a no-op for users not managed by homed. + Fixup common-password accordingly, using a trigger watching for pam- + auth-update files being installed. + + -- Luca Boccassi <bluca@debian.org> Wed, 29 May 2024 01:04:53 +0100 + +systemd (256~rc3-4) unstable; urgency=medium + + * autopkgtest: take into account compat tmp.conf in tmpfiles.d test. + * Backport patch to fix TEST-64-UDEV-STORAGE autopkgtest. + + -- Luca Boccassi <bluca@debian.org> Tue, 28 May 2024 12:11:36 +0100 + +systemd (256~rc3-3) unstable; urgency=medium + + [ Zbigniew Jędrzejewski-Szmek ] + * tests/boot-and-services: don't wait for systemd-tmpfiles-clean.service + to finish. It's a oneshot service, so the 'start' call above is + effectively synchronous. + * test/boot-and-services: use pidof instead of ps -C + + [ Chris Hofstaedtler ] + * autopkgtest: install open-iscsi and tgt for upstream suite + + [ Gioele Barabucci ] + * d/libnss-mymachines.nss: Install before `resolve` and `dns`. Installing + `mymachines` before `dns` and `resolve` (whatever comes first) is + suggested in the manpage. It also avoids leaking information about + local machines to the DNS resolver. (Closes: #825438, #851314) + * d/libnss-myhostname.nss: Install after `files` + + [ Luca Boccassi ] + * Drop /bin/systemd legacy symlink. The systemd binary should not be in + the default PATH. This symlink was created due to some old + documentation (long since corrected) suggesting to use + init=/bin/systemd to test switching to systemd. (Closes: #913061) + * initramfs: call udevadm settle before control --exit to ensure workers + have stopped. Otherwise there might be lock files left under /run/ + which will break 'nuke' and cause the boot to fail. (Closes: #1056564) + * Restore open files limit bump on boot. Broken packages ought to have + been fixed by now. (Closes: #1029152) + * Set default core limit to 0 via PAM for users. Otherwise it only + applies to services. + * Cleanup /var/tmp/ and /tmp/ on a timer by default. Remove the + downstream patch and restore the upstream behaviour set by the + tmpfiles.d which is to cleanup /var/tmp/ once a month and /tmp/ once + every 10 days. Can be overridden via: touch /etc/tmpfiles.d/tmp.conf + (Closes: #966621) + * Make /tmp/ a tmpfs by default. Restore the upstream default and make + /tmp/ a tmpfs. Can be overridden with: touch + /etc/systemd/system/tmp.mount or: systemctl mask tmp.mount + * Drop out-of-tree /run/lock patch and use a mount unit and tmpfiles.d + instead. Only lvm2 and open-iscsi have mentions of /run/lock and an + early-boot unit, so it's trivial to add ordering in those units + instead of maintaining an out-of-tree patch. + * homed: use standalone pam config file instead of pam-auth-config + pam_unix.so assumes that if anything comes before it then the password + has already been queried for sure. This doesn't work for homed, so + passwd breaks. pam-auth-config has this hard-coded assumption and it + cannot be disabled. Use an upstream standard pam config file instead. + (Closes: #1056166) + * NEWS: note recent changes + + -- Luca Boccassi <bluca@debian.org> Tue, 28 May 2024 00:07:57 +0100 + +systemd (256~rc3-2) unstable; urgency=medium + + * autopkgtest: do not install gdm3 on riscv64 tests. gnome-shell hasn't + built since last year for riscv64 due to #1058687 so the test fails as + it cannot be installed, skip it like on s390x. + + -- Luca Boccassi <bluca@debian.org> Thu, 23 May 2024 16:31:42 +0100 + +systemd (256~rc3-1) unstable; urgency=medium + + * Bump Breaks on dracut, on request of the maintainer (Closes: #1071278) + * autopkgtest: reboot before logind test + * Disable D-Bus introspection XML generation with nodoc profile + * autopkgtest: install systemd-dev for upstream suite too + * New upstream version 256~rc3 + * Drop patches merged upstream + + -- Luca Boccassi <bluca@debian.org> Wed, 22 May 2024 23:24:02 +0100 + +systemd (256~rc2-3) unstable; urgency=medium + + * Explicitly enable systemd-boot only on supported architectures + + -- Luca Boccassi <bluca@debian.org> Thu, 16 May 2024 22:51:08 +0100 + +systemd (256~rc2-2) unstable; urgency=medium + + * Build depend on dh-dlopenlibdeps and dynamically generate dlopen + dependencies + * Backport patches to fix journald asserts Compress=yes (Closes: + #1071201) + + -- Luca Boccassi <bluca@debian.org> Thu, 16 May 2024 17:40:43 +0100 + +systemd (256~rc2-1) unstable; urgency=medium + + [ Luca Boccassi ] + * report-bug: add presubj template to recommend opening functionality + bugs upstream first + * report-bug: include runtime taints + * Recommend libzstd1 and suggest liblz4-1, liblzma5, libgcrypt20 + * autopkgtest: install polkitd in upstream suite + * Build depend on rsync or meson >= 1.3.0 for follow-symlink workaround. + * Change links from freedesktop.org to systemd.io (Closes: #1070499) + * Add dependency on python3-psutil to systemd-tests, needed by networkd + test suite + * d/t/boot-and-services: drop tmp check. LXC now sets up a tmpfs on /tmp + as per upstream recommendation, so we cannot detect it via fstab + anymore. Just drop this test, as we are about to make /tmp a tmpfs + ourselves anyway. + * Set SBAT distro URL to tracker.d.o as suggested by EFI team + * Drop out-of-tree coredump patch and use config drop-ins instead. As + per: https://github.com/systemd/systemd/pull/27066 instead of carrying + an out-of-tree patch, use drop-ins to set the default pattern to + 'core' and the default core limit to '0' in the systemd package, and a + higher priority drop-in to set the default core limit to 'infinity' in + the systemd-coredump package (it already ships a sysctl to set the + pattern). The end result is the same, but with config drop-ins instead + of patches. + * Drop out-of-tree fsckd daemon patch. This was dropped upstream long + ago, and Plymouth on Debian doesn't actually use this. A different + upstream change provides the required functionality. + * Drop out-of-tree systemctl scheduled shutdown fallback. This patch was + rejected upstream and there's no path to have it merged, so drop it + and restore the default behaviour in case of error. + * Drop out-of-tree fsck skip patch and use drop-in instead. Non-root + filesystems are only checked when mounted, so the other change is not + needed. The root one can be fixed with a drop-in instead of a patch. + * d/t/control: explicitly depend on systemd-dev for tests that run pkg- + config + * systemd.postinst: use DPKG_ROOT in one more place. + * NEWS: note scheduled shutdown failure case changes + * New upstream version 256~rc2 + * Drop patches merged upstream + * Refresh patches for v256~rc2 + * Install new files from v256~rc2 + * Drop Lintian overrides for false positives that have been fixed + * Upload to unstable + + [ Michael Marley ] + * Use absolute path when including libkmod in initramfs. The relative + path works fine when the hook is executed during a normal APT + install/update, but if the user runs "update-initramfs -u" from any + directory other than /, the relative path doesn't match anything, + libkmod is not included, and the system fails to boot due to not + loading the storage driver(s). + + [ Michael Biebl ] + * Stop setting the build system explicitly. No longer necessary since + https://github.com/systemd/systemd/pull/31530 + * Remove systemd-dev dependency from systemd and udev. This was a + temporary measure to ease the migration. + + -- Luca Boccassi <bluca@debian.org> Wed, 15 May 2024 00:40:56 +0100 + +systemd (256~rc1-1~exp2) experimental; urgency=medium + + * Backport patch to fix test-build-path on RISC-V/MIPS + * Backport patch to fix build reproducibility + * Backport patch to fix BPF build on s390x + + -- Luca Boccassi <bluca@debian.org> Sat, 27 Apr 2024 18:14:25 +0100 + +systemd (256~rc1-1~exp) experimental; urgency=medium + + * d/watch: switch to main repository + * New upstream version 256~rc1 + * Drop Downgrade-a-couple-of-warnings-to-debug.patch. It is time to + start noticeably warning about these legacy setups + * Refresh patches for v256 + * Build depend on libarchive-dev + * Install new tools, units and manpages + * Enable bpf and new nsresourced/mountfsd services. Requires vmlinux.h + from linux-headers-$ARCH, disable if not found + * Backport patch to fix unit test failure in build environment + * Update libsystemd symbols file + * Update Lintian overrides + + -- Luca Boccassi <bluca@debian.org> Fri, 26 Apr 2024 12:22:04 +0100 + systemd (255.5-1) sid; urgency=medium [ Michael Biebl ] diff --git a/debian/control b/debian/control index 51d73fd..6a65da5 100644 --- a/debian/control +++ b/debian/control @@ -11,11 +11,12 @@ Standards-Version: 4.7.0 Rules-Requires-Root: no Vcs-Git: https://salsa.debian.org/systemd-team/systemd.git Vcs-Browser: https://salsa.debian.org/systemd-team/systemd -Homepage: https://www.freedesktop.org/wiki/Software/systemd +Homepage: https://systemd.io Build-Depends: debhelper-compat (= 13), debhelper (>= 13.11.6), dh-exec, dh-package-notes, + dh-sequence-dlopenlibdeps <!stage1>, dh-sequence-installnss, dh-sequence-installsysusers, pkgconf, @@ -23,9 +24,11 @@ Build-Depends: debhelper-compat (= 13), docbook-xsl <!nodoc>, docbook-xml <!nodoc>, meson (>= 0.60.0), - clang <pkg.systemd.upstream !stage1>, - linux-headers-generic <pkg.systemd.upstream !stage1>, - libbpf-dev <pkg.systemd.upstream !stage1>, + rsync | meson (>= 1.3.0~), + clang [amd64 arm64 ppc64el riscv64 s390x] <!pkg.systemd.nobpf !stage1>, + linux-headers-generic [amd64 arm64 ppc64el riscv64 s390x] <!pkg.systemd.nobpf !stage1>, + libbpf-dev [amd64 arm64 ppc64el riscv64 s390x] <!pkg.systemd.nobpf !stage1>, + bpftool [amd64 arm64 ppc64el riscv64 s390x] <!pkg.systemd.nobpf !stage1 !pkg.systemd.upstream>, linux-tools-generic <pkg.systemd.upstream> | bpftool <pkg.systemd.upstream>, gettext, gperf, @@ -64,7 +67,7 @@ Build-Depends: debhelper-compat (= 13), libqrencode-dev <!stage1>, libxen-dev [amd64 arm64 armhf] <!stage1>, libpwquality-dev <!stage1>, - libarchive-dev <pkg.systemd.upstream !stage1>, + libarchive-dev <!stage1>, linux-base <!nocheck>, acl <!nocheck>, python3:native, @@ -87,29 +90,20 @@ Multi-Arch: foreign Priority: important Recommends: default-dbus-system-bus | dbus-system-bus, systemd-timesyncd | time-daemon, + ${dlopen:Recommends}, Suggests: systemd-container, systemd-homed, systemd-userdbd, systemd-boot, systemd-resolved, - libbpf1, - libfido2-1, - libip4tc2, - libkmod2, - libp11-kit0, - libpwquality1, - libqrencode4, - libtss2-esys-3.0.2-0, - libtss2-mu-4.0.1-0, - libtss2-rc0, libtss2-tcti-device0, polkitd, + ${dlopen:Suggests}, Pre-Depends: ${shlibs:Pre-Depends}, ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends}, libsystemd0 (= ${binary:Version}), - systemd-dev (>= ${source:Version}), mount, Conflicts: consolekit, libpam-ck-connector, @@ -117,7 +111,7 @@ Conflicts: consolekit, opensysusers, Breaks: less (<< 563), sicherboot (<< 0.1.6), - dracut (<< 059-5), + dracut (<= 060+5-7), Provides: systemd-sysusers (= ${binary:Version}), systemd-tmpfiles (= ${binary:Version}), Description: system and service manager @@ -162,6 +156,8 @@ Depends: ${shlibs:Depends}, systemd, default-dbus-system-bus | dbus-system-bus Recommends: libnss-mymachines, + ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: systemd container/nspawn tools This package provides systemd's tools for nspawn and container/VM management: * systemd-nspawn @@ -176,6 +172,8 @@ Multi-Arch: foreign Depends: ${shlibs:Depends}, ${misc:Depends}, systemd, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: tools for sending and receiving remote journal logs This package provides tools for sending and receiving remote journal logs: * systemd-journal-remote @@ -189,7 +187,8 @@ Multi-Arch: foreign Depends: ${shlibs:Depends}, ${misc:Depends}, systemd -Recommends: libdw1 +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Conflicts: core-dump-handler Replaces: core-dump-handler Provides: core-dump-handler @@ -205,6 +204,8 @@ Priority: standard Depends: ${shlibs:Depends}, ${misc:Depends}, systemd +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Conflicts: time-daemon Replaces: time-daemon Provides: time-daemon @@ -218,6 +219,9 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, systemd (= ${binary:Version}), python3, + python3-psutil, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Build-Profiles: <!noinsttest> Description: tests for systemd This package contains the test binaries. Those binaries are primarily used @@ -235,6 +239,8 @@ Depends: ${shlibs:Depends}, default-dbus-system-bus | dbus-system-bus, systemd-sysv Recommends: dbus-user-session, + ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Provides: logind (= ${binary:Version}), default-logind (= ${binary:Version}) Conflicts: libpam-elogind-compat, Description: system and service manager - PAM module @@ -251,6 +257,8 @@ Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends}, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: nss module providing fallback resolution for the current hostname This package contains a plugin for the Name Service Switch, providing host name resolution for the locally configured system hostname as returned by @@ -271,6 +279,8 @@ Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends}, systemd-container (= ${binary:Version}), +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: nss module to resolve hostnames for local container instances nss-mymachines is a plugin for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc) providing hostname resolution for local containers @@ -286,6 +296,8 @@ Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends}, systemd-resolved (= ${binary:Version}), +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: nss module to resolve names via systemd-resolved nss-resolve is a plugin for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc) providing DNS and LLMNR resolution to programs via @@ -301,6 +313,8 @@ Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends}, systemd (= ${binary:Version}), +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: nss module providing dynamic user and group name resolution nss-systemd is a plug-in module for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc), providing UNIX user and group name @@ -316,7 +330,8 @@ Multi-Arch: same Section: libs Depends: ${shlibs:Depends}, ${misc:Depends} -Recommends: libgcrypt20, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: systemd utility library This library provides APIs to interface with various system components such as the system journal, the system service manager, D-Bus and more. @@ -341,6 +356,8 @@ Section: libs Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends} +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: systemd shared private library This internal shared library provides common code used by various systemd components. It is supposed to decrease memory and disk footprint. @@ -355,8 +372,9 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, libkmod2, libudev1 (= ${binary:Version}), - systemd-dev (>= ${source:Version}), s390-tools [s390], +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, # DEP17 M7: moving files between / and /usr, and between packages, so use Conflicts: Conflicts: systemd (<< 255~rc1-4~), Replaces: systemd (<< 255~rc1-4~), @@ -371,6 +389,8 @@ Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends} +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: libudev shared library This library provides APIs to introspect and enumerate devices on the local system. @@ -424,6 +444,8 @@ Replaces: systemd-sysusers, Provides: systemd-sysusers (= ${binary:Version}) Depends: ${shlibs:Depends}, ${misc:Depends}, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: standalone sysusers binary for use in non-systemd systems Standalone sysusers binary with minimal dependencies. This package conflicts with the main systemd package and is meant for use in @@ -438,6 +460,8 @@ Replaces: systemd-tmpfiles, Provides: systemd-tmpfiles (= ${binary:Version}) Depends: ${shlibs:Depends}, ${misc:Depends}, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: standalone tmpfiles binary for use in non-systemd systems Standalone tmpfiles binary with minimal dependencies. This package conflicts with the main systemd package and is meant for use in @@ -447,6 +471,8 @@ Package: systemd-oomd Architecture: linux-any Depends: ${shlibs:Depends}, ${misc:Depends}, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Breaks: systemd (<< 250.2-2~) Replaces: systemd (<< 250.2-2~) Description: userspace out-of-memory (OOM) killer @@ -461,6 +487,8 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, libnss-systemd (= ${binary:Version}), systemd (= ${binary:Version}), +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: dynamic user/group manager systemd-userdbd is a system service that multiplexes user/group lookups to all local services that provide JSON user/group record definitions to the system. @@ -478,7 +506,8 @@ Depends: ${shlibs:Depends}, systemd-userdbd (= ${binary:Version}), systemd (= ${binary:Version}), libpam-runtime, - libpwquality1, +Recommends: ${dlopen:Recommends}, +Suggests: ${dlopen:Suggests}, Description: home area manager systemd-homed is a system service designed to manage home directories. This package includes the homed service, a PAM module to automatically mount home @@ -491,7 +520,9 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, systemd-boot-efi (= ${binary:Version}), Recommends: efibootmgr, + ${dlopen:Recommends}, Suggests: systemd-ukify, + ${dlopen:Suggests}, Breaks: systemd (<< 251.2-3~) Replaces: systemd (<< 251.2-3~) Description: simple UEFI boot manager - tools and services @@ -520,7 +551,7 @@ Description: simple UEFI boot manager - EFI binaries This package contains the EFI binaries. Package: systemd-ukify -Build-Profiles: <!stage1> +Build-Profiles: <!stage1 !pkg.systemd.noukify> Architecture: all Multi-Arch: foreign Depends: ${misc:Depends}, @@ -544,7 +575,9 @@ Depends: ${shlibs:Depends}, default-dbus-system-bus | dbus-system-bus Recommends: libnss-myhostname, libnss-resolve, + ${dlopen:Recommends}, Suggests: polkitd, + ${dlopen:Suggests}, Provides: resolvconf Conflicts: resolvconf Replaces: resolvconf, diff --git a/debian/copyright b/debian/copyright index 62cf732..f26631c 100644 --- a/debian/copyright +++ b/debian/copyright @@ -1,7 +1,7 @@ Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: systemd Upstream-Contact: systemd-devel@lists.freedesktop.org -Source: https://www.freedesktop.org/wiki/Software/systemd/ +Source: https://github.com/systemd/systemd Files: * Copyright: 2008-2015 Kay Sievers <kay@vrfy.org> diff --git a/debian/extra/initramfs-tools/hooks/udev b/debian/extra/initramfs-tools/hooks/udev index d45a287..2ad482a 100755 --- a/debian/extra/initramfs-tools/hooks/udev +++ b/debian/extra/initramfs-tools/hooks/udev @@ -17,7 +17,7 @@ mkdir -p "$DESTDIR/usr/lib/systemd" copy_exec /usr/lib/systemd/systemd-udevd /usr/lib/systemd copy_exec /usr/bin/udevadm /usr/bin # libkmod is loaded via dlopen() since v256 so pull it in manually -for library in usr/lib/*/libkmod.so.*; do +for library in /usr/lib/*/libkmod.so.*; do if [ -f "${library}" ]; then copy_exec "${library}" fi diff --git a/debian/extra/initramfs-tools/scripts/init-bottom/udev b/debian/extra/initramfs-tools/scripts/init-bottom/udev index 73887ea..cb114b7 100755 --- a/debian/extra/initramfs-tools/scripts/init-bottom/udev +++ b/debian/extra/initramfs-tools/scripts/init-bottom/udev @@ -12,6 +12,9 @@ case "$1" in esac # Stop udevd, we'll miss a few events while we run init, but we catch up +# Wait for current workers to stop (at most for a minute to avoid deadlocks) +# otherwise there will be lock files left under /run/ (see: #1056564) +udevadm settle --timeout=60 udevadm control --exit # move the /dev tmpfs to the rootfs; fall back to util-linux mount that does diff --git a/debian/extra/limits.d/10-coredump-debian.conf b/debian/extra/limits.d/10-coredump-debian.conf new file mode 100644 index 0000000..b7f9ee5 --- /dev/null +++ b/debian/extra/limits.d/10-coredump-debian.conf @@ -0,0 +1,4 @@ +* soft core 0 +root soft core 0 +* hard core infinity +root hard core infinity diff --git a/debian/extra/limits.d/20-coredump-debian.conf b/debian/extra/limits.d/20-coredump-debian.conf new file mode 100644 index 0000000..199a297 --- /dev/null +++ b/debian/extra/limits.d/20-coredump-debian.conf @@ -0,0 +1,2 @@ +* soft core infinity +root soft core infinity diff --git a/debian/extra/network/73-usb-net-by-mac.link b/debian/extra/network/73-usb-net-by-mac.link index 98800cd..84be343 100644 --- a/debian/extra/network/73-usb-net-by-mac.link +++ b/debian/extra/network/73-usb-net-by-mac.link @@ -1,5 +1,6 @@ [Match] Path=*-usb-* +Property=ID_NET_NAME_MAC=* [Link] NamePolicy=mac diff --git a/debian/extra/resolved.conf.d/cache-no-negative.conf b/debian/extra/resolved.conf.d/cache-no-negative.conf new file mode 100644 index 0000000..92b28fa --- /dev/null +++ b/debian/extra/resolved.conf.d/cache-no-negative.conf @@ -0,0 +1,4 @@ +# Ubuntu defaults to Cache=no-negative. See LP: #1668771. + +[Resolve] +Cache=no-negative diff --git a/debian/extra/sysctl.d/10-coredump-debian.conf b/debian/extra/sysctl.d/10-coredump-debian.conf new file mode 100644 index 0000000..e58fb85 --- /dev/null +++ b/debian/extra/sysctl.d/10-coredump-debian.conf @@ -0,0 +1 @@ +kernel.core_pattern=core diff --git a/debian/extra/system.conf.d/10-coredump-debian.conf b/debian/extra/system.conf.d/10-coredump-debian.conf new file mode 100644 index 0000000..395b155 --- /dev/null +++ b/debian/extra/system.conf.d/10-coredump-debian.conf @@ -0,0 +1,2 @@ +[Manager] +DefaultLimitCORE=0:infinity diff --git a/debian/extra/system.conf.d/20-coredump-debian.conf b/debian/extra/system.conf.d/20-coredump-debian.conf new file mode 100644 index 0000000..c06081d --- /dev/null +++ b/debian/extra/system.conf.d/20-coredump-debian.conf @@ -0,0 +1,2 @@ +[Manager] +DefaultLimitCORE=infinity diff --git a/debian/extra/systemd-oomd-defaults/-.slice.d/10-oomd-root-slice-defaults.conf b/debian/extra/systemd-oomd-defaults/-.slice.d/10-oomd-root-slice-defaults.conf index 49958e8..9862d0f 100644 --- a/debian/extra/systemd-oomd-defaults/-.slice.d/10-oomd-root-slice-defaults.conf +++ b/debian/extra/systemd-oomd-defaults/-.slice.d/10-oomd-root-slice-defaults.conf @@ -1,2 +1,2 @@ [Slice] -ManagedOOMSwap=kill +ManagedOOMSwap=auto diff --git a/debian/extra/tmpfiles.d/debian.conf b/debian/extra/tmpfiles.d/debian.conf index 0f55da0..1877e02 100644 --- a/debian/extra/tmpfiles.d/debian.conf +++ b/debian/extra/tmpfiles.d/debian.conf @@ -10,6 +10,7 @@ # Type Path Mode UID GID Age Argument L /run/shm - - - - /dev/shm d /run/sendsigs.omit.d 0755 root root - +d /run/lock 1777 root root - - L+ /etc/mtab - - - - ../proc/self/mounts L+ /etc/default/locale - - - - ../locale.conf diff --git a/debian/extra/units-ubuntu/systemd-journald.service.d/nice.conf b/debian/extra/units-ubuntu/systemd-journald.service.d/nice.conf new file mode 100644 index 0000000..774e847 --- /dev/null +++ b/debian/extra/units-ubuntu/systemd-journald.service.d/nice.conf @@ -0,0 +1,4 @@ +# Set Nice=-1 to dodge watchdog on soft lockups (LP: #1696970). + +[Service] +Nice=-1 diff --git a/debian/extra/units/run-lock.mount b/debian/extra/units/run-lock.mount new file mode 100644 index 0000000..8d22dd9 --- /dev/null +++ b/debian/extra/units/run-lock.mount @@ -0,0 +1,14 @@ +[Unit] +Description=Legacy Locks Directory /run/lock +DefaultDependencies=no +Conflicts=umount.target +Before=local-fs.target umount.target + +[Mount] +Type=tmpfs +What=tmpfs +Where=/run/lock +Options=mode=1777,nosuid,nodev,noexec,size=5242880 + +[Install] +WantedBy=local-fs.target diff --git a/debian/extra/units/systemd-fsck-root.service.d/10-skip-fsck-initramfs.conf b/debian/extra/units/systemd-fsck-root.service.d/10-skip-fsck-initramfs.conf new file mode 100644 index 0000000..4d26175 --- /dev/null +++ b/debian/extra/units/systemd-fsck-root.service.d/10-skip-fsck-initramfs.conf @@ -0,0 +1,2 @@ +[Unit] +ConditionPathExists=!/run/initramfs/fsck-root diff --git a/debian/extra/user.conf.d/10-coredump-debian.conf b/debian/extra/user.conf.d/10-coredump-debian.conf new file mode 100644 index 0000000..395b155 --- /dev/null +++ b/debian/extra/user.conf.d/10-coredump-debian.conf @@ -0,0 +1,2 @@ +[Manager] +DefaultLimitCORE=0:infinity diff --git a/debian/extra/user.conf.d/20-coredump-debian.conf b/debian/extra/user.conf.d/20-coredump-debian.conf new file mode 100644 index 0000000..c06081d --- /dev/null +++ b/debian/extra/user.conf.d/20-coredump-debian.conf @@ -0,0 +1,2 @@ +[Manager] +DefaultLimitCORE=infinity diff --git a/debian/libnss-myhostname.nss b/debian/libnss-myhostname.nss index 0ef4054..9ed4b62 100644 --- a/debian/libnss-myhostname.nss +++ b/debian/libnss-myhostname.nss @@ -1 +1 @@ -hosts last myhostname +hosts after=files myhostname diff --git a/debian/libnss-mymachines.nss b/debian/libnss-mymachines.nss index dd7e3a1..ff7213d 100644 --- a/debian/libnss-mymachines.nss +++ b/debian/libnss-mymachines.nss @@ -1 +1 @@ -hosts last mymachines +hosts before=resolve,dns mymachines diff --git a/debian/libsystemd0.symbols b/debian/libsystemd0.symbols index 2551a96..5ebbc6e 100644 --- a/debian/libsystemd0.symbols +++ b/debian/libsystemd0.symbols @@ -36,6 +36,7 @@ libsystemd.so.0 libsystemd0 #MINVER# LIBSYSTEMD_253@LIBSYSTEMD_253 253 LIBSYSTEMD_254@LIBSYSTEMD_254 254 LIBSYSTEMD_255@LIBSYSTEMD_255 255 + LIBSYSTEMD_256@LIBSYSTEMD_256 256~rc1 sd_booted@LIBSYSTEMD_209 0 sd_bus_add_fallback@LIBSYSTEMD_221 221 sd_bus_add_fallback_vtable@LIBSYSTEMD_221 221 @@ -72,6 +73,7 @@ libsystemd.so.0 libsystemd0 #MINVER# sd_bus_creds_get_mask@LIBSYSTEMD_221 221 sd_bus_creds_get_owner_uid@LIBSYSTEMD_221 221 sd_bus_creds_get_pid@LIBSYSTEMD_221 221 + sd_bus_creds_get_pidfd_dup@LIBSYSTEMD_256 256~rc1 sd_bus_creds_get_ppid@LIBSYSTEMD_221 221 sd_bus_creds_get_selinux_context@LIBSYSTEMD_221 221 sd_bus_creds_get_session@LIBSYSTEMD_221 221 @@ -93,6 +95,7 @@ libsystemd.so.0 libsystemd0 #MINVER# sd_bus_creds_has_inheritable_cap@LIBSYSTEMD_221 221 sd_bus_creds_has_permitted_cap@LIBSYSTEMD_221 221 sd_bus_creds_new_from_pid@LIBSYSTEMD_221 221 + sd_bus_creds_new_from_pidfd@LIBSYSTEMD_256 256~rc1 sd_bus_creds_ref@LIBSYSTEMD_221 221 sd_bus_creds_unref@LIBSYSTEMD_221 221 sd_bus_default@LIBSYSTEMD_221 221 @@ -468,6 +471,7 @@ libsystemd.so.0 libsystemd0 #MINVER# sd_event_source_get_exit_on_failure@LIBSYSTEMD_247 247 sd_event_source_get_floating@LIBSYSTEMD_240 240 sd_event_source_get_inotify_mask@LIBSYSTEMD_239 239 + sd_event_source_get_inotify_path@LIBSYSTEMD_256 256~rc1 sd_event_source_get_io_events@LIBSYSTEMD_221 221 sd_event_source_get_io_fd@LIBSYSTEMD_221 221 sd_event_source_get_io_fd_own@LIBSYSTEMD_237 237 @@ -524,6 +528,7 @@ libsystemd.so.0 libsystemd0 #MINVER# sd_id128_get_boot@LIBSYSTEMD_209 0 sd_id128_get_boot_app_specific@LIBSYSTEMD_240 240 sd_id128_get_invocation@LIBSYSTEMD_232 232 + sd_id128_get_invocation_app_specific@LIBSYSTEMD_256 256~rc1 sd_id128_get_machine@LIBSYSTEMD_209 0 sd_id128_get_machine_app_specific@LIBSYSTEMD_233 233 sd_id128_randomize@LIBSYSTEMD_209 0 @@ -598,6 +603,7 @@ libsystemd.so.0 libsystemd0 #MINVER# sd_journal_set_data_threshold@LIBSYSTEMD_209 0 sd_journal_step_one@LIBSYSTEMD_254 254 sd_journal_stream_fd@LIBSYSTEMD_209 0 + sd_journal_stream_fd_with_namespace@LIBSYSTEMD_256 256~rc1 sd_journal_test_cursor@LIBSYSTEMD_209 0 sd_journal_wait@LIBSYSTEMD_209 0 sd_listen_fds@LIBSYSTEMD_209 0 diff --git a/debian/not-installed b/debian/not-installed index 3c2486d..a42a3ef 100644 --- a/debian/not-installed +++ b/debian/not-installed @@ -1,5 +1,3 @@ # make dh_missing happy for -A builds usr/bin/systemd-sysusers.standalone usr/bin/systemd-tmpfiles.standalone -usr/lib/systemd/system/tmp.mount -usr/lib/systemd/system/local-fs.target.wants/tmp.mount diff --git a/debian/patches/debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch b/debian/patches/debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch deleted file mode 100644 index d99ea42..0000000 --- a/debian/patches/debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch +++ /dev/null @@ -1,21 +0,0 @@ -From: Tollef Fog Heen <tfheen@err.no> -Date: Tue, 5 Jun 2012 20:59:36 +0200 -Subject: Bring tmpfiles.d/tmp.conf in line with Debian defaults - -Closes: #675422 ---- - tmpfiles.d/tmp.conf | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/tmpfiles.d/tmp.conf b/tmpfiles.d/tmp.conf -index fe5225d..39cb5cc 100644 ---- a/tmpfiles.d/tmp.conf -+++ b/tmpfiles.d/tmp.conf -@@ -8,5 +8,5 @@ - # See tmpfiles.d(5) for details - - # Clear tmp directories separately, to make them easier to override --q /tmp 1777 root root 10d --q /var/tmp 1777 root root 30d -+D /tmp 1777 root root - -+#q /var/tmp 1777 root root 30d diff --git a/debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch b/debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch deleted file mode 100644 index 39166cb..0000000 --- a/debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch +++ /dev/null @@ -1,74 +0,0 @@ -From: Michael Biebl <biebl@debian.org> -Date: Tue, 16 Feb 2021 00:18:50 +0100 -Subject: Downgrade a couple of warnings to debug - -If a package still ships only a SysV init script or if a service file or -tmpfile uses /var/run, downgrade those messages to debug. We can use -lintian to detect those issues. -For service files and tmpfiles in /etc, keep the warning, as those files -are typically added locally and aren't checked by lintian. - -Closes: #981407 ---- - src/core/load-fragment.c | 4 +++- - src/sysv-generator/sysv-generator.c | 2 +- - src/tmpfiles/tmpfiles.c | 4 +++- - 3 files changed, 7 insertions(+), 3 deletions(-) - -diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c -index 0baf08e..8eec584 100644 ---- a/src/core/load-fragment.c -+++ b/src/core/load-fragment.c -@@ -544,6 +544,7 @@ static int patch_var_run( - - const char *e; - char *z; -+ int log_level; - - e = path_startswith(*path, "/var/run/"); - if (!e) -@@ -553,7 +554,8 @@ static int patch_var_run( - if (!z) - return log_oom(); - -- log_syntax(unit, LOG_NOTICE, filename, line, 0, -+ log_level = path_startswith(filename, "/etc") ? LOG_NOTICE : LOG_DEBUG; -+ log_syntax(unit, log_level, filename, line, 0, - "%s= references a path below legacy directory /var/run/, updating %s → %s; " - "please update the unit file accordingly.", lvalue, *path, z); - -diff --git a/src/sysv-generator/sysv-generator.c b/src/sysv-generator/sysv-generator.c -index 4485e2e..d0e8ed8 100644 ---- a/src/sysv-generator/sysv-generator.c -+++ b/src/sysv-generator/sysv-generator.c -@@ -762,7 +762,7 @@ static int enumerate_sysv(const LookupPaths *lp, Hashmap *all_services) { - if (!fpath) - return log_oom(); - -- log_struct(LOG_WARNING, -+ log_struct(LOG_DEBUG, - LOG_MESSAGE("SysV service '%s' lacks a native systemd unit file. " - "%s Automatically generating a unit file for compatibility. Please update package to include a native systemd unit file, in order to make it safe, robust and future-proof. " - "%s This compatibility logic is deprecated, expect removal soon. %s", -diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c -index 4919cb7..be24b04 100644 ---- a/src/tmpfiles/tmpfiles.c -+++ b/src/tmpfiles/tmpfiles.c -@@ -3257,6 +3257,7 @@ static int specifier_expansion_from_arg(const Specifier *specifier_table, Item * - static int patch_var_run(const char *fname, unsigned line, char **path) { - const char *k; - char *n; -+ int log_level; - - assert(path); - assert(*path); -@@ -3282,7 +3283,8 @@ static int patch_var_run(const char *fname, unsigned line, char **path) { - /* Also log about this briefly. We do so at LOG_NOTICE level, as we fixed up the situation automatically, hence - * there's no immediate need for action by the user. However, in the interest of making things less confusing - * to the user, let's still inform the user that these snippets should really be updated. */ -- log_syntax(NULL, LOG_NOTICE, fname, line, 0, -+ log_level = path_startswith(fname, "/etc") ? LOG_NOTICE : LOG_DEBUG; -+ log_syntax(NULL, log_level, fname, line, 0, - "Line references path below legacy directory /var/run/, updating %s → %s; please update the tmpfiles.d/ drop-in file accordingly.", - *path, n); - diff --git a/debian/patches/debian/Make-run-lock-tmpfs-an-API-fs.patch b/debian/patches/debian/Make-run-lock-tmpfs-an-API-fs.patch deleted file mode 100644 index a93e7a3..0000000 --- a/debian/patches/debian/Make-run-lock-tmpfs-an-API-fs.patch +++ /dev/null @@ -1,42 +0,0 @@ -From: Michael Biebl <biebl@debian.org> -Date: Fri, 5 Sep 2014 01:15:16 +0200 -Subject: Make /run/lock tmpfs an API fs - -The /run/lock directory is world-writable in Debian due to historic -reasons. To avoid user processes filling up /run, we mount a separate -tmpfs for /run/lock. As this directory needs to be available during -early boot, we make it an API fs. - -Drop it from tmpfiles.d/legacy.conf to not clobber the permissions. - -Closes: #751392 ---- - src/shared/mount-setup.c | 2 ++ - tmpfiles.d/legacy.conf.in | 1 - - 2 files changed, 2 insertions(+), 1 deletion(-) - -diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c -index 1226ca1..2d59955 100644 ---- a/src/shared/mount-setup.c -+++ b/src/shared/mount-setup.c -@@ -101,6 +101,8 @@ static const MountPoint mount_table[] = { - #endif - { "tmpfs", "/run", "tmpfs", "mode=0755" TMPFS_LIMITS_RUN, MS_NOSUID|MS_NODEV|MS_STRICTATIME, - NULL, MNT_FATAL|MNT_IN_CONTAINER }, -+ { "tmpfs", "/run/lock", "tmpfs", "mode=1777,size=5242880", MS_NOSUID|MS_NOEXEC|MS_NODEV, -+ NULL, MNT_FATAL|MNT_IN_CONTAINER }, - { "cgroup2", "/sys/fs/cgroup", "cgroup2", "nsdelegate,memory_recursiveprot", MS_NOSUID|MS_NOEXEC|MS_NODEV, - check_recursiveprot_supported, MNT_IN_CONTAINER|MNT_CHECK_WRITABLE }, - { "cgroup2", "/sys/fs/cgroup", "cgroup2", "nsdelegate", MS_NOSUID|MS_NOEXEC|MS_NODEV, -diff --git a/tmpfiles.d/legacy.conf.in b/tmpfiles.d/legacy.conf.in -index 4f2c0d7..fb1d6bf 100644 ---- a/tmpfiles.d/legacy.conf.in -+++ b/tmpfiles.d/legacy.conf.in -@@ -10,7 +10,6 @@ - # These files are considered legacy and are unnecessary on legacy-free - # systems. - --d /run/lock 0755 root root - - L /var/lock - - - - ../run/lock - {% if CREATE_LOG_DIRS %} - L /var/log/README - - - - ../..{{DOC_DIR}}/README.logs diff --git a/debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch b/debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch deleted file mode 100644 index 3378f82..0000000 --- a/debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch +++ /dev/null @@ -1,69 +0,0 @@ -From: Martin Pitt <martin.pitt@ubuntu.com> -Date: Sat, 27 Feb 2016 12:27:06 +0100 -Subject: Revert "core: set RLIMIT_CORE to unlimited by default" - -Partially revert commit 15a900327ab as this completely breaks core dumps -without systemd-coredump. It's also contradicting core(8), and it's not -systemd's place to redefine the kernel definitions of core files. - -Commit bdfd7b2c now honours the process' RLIMIT_CORE for systemd-coredump. This -isn't what RLIMIT_CORE is supposed to do (it limits the size of the core -*file*, but the kernel deliberately ignores it for piping), so set a static -2^63 core size limit for systemd-coredump to go back to the previous behaviour -(otherwise the change above would break systemd-coredump). - -Bug-Debian: https://bugs.debian.org/815020 ---- - src/core/main.c | 18 ------------------ - sysctl.d/50-coredump.conf.in | 2 +- - 2 files changed, 1 insertion(+), 19 deletions(-) - -diff --git a/src/core/main.c b/src/core/main.c -index 1ed968d..758325d 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -1653,22 +1653,6 @@ static void cmdline_take_random_seed(void) { - "This functionality should not be used outside of testing environments."); - } - --static void initialize_coredump(bool skip_setup) { -- if (getpid_cached() != 1) -- return; -- -- /* Don't limit the core dump size, so that coredump handlers such as systemd-coredump (which honour -- * the limit) will process core dumps for system services by default. */ -- if (setrlimit(RLIMIT_CORE, &RLIMIT_MAKE_CONST(RLIM_INFINITY)) < 0) -- log_warning_errno(errno, "Failed to set RLIMIT_CORE: %m"); -- -- /* But at the same time, turn off the core_pattern logic by default, so that no coredumps are stored -- * until the systemd-coredump tool is enabled via sysctl. However it can be changed via the kernel -- * command line later so core dumps can still be generated during early startup and in initrd. */ -- if (!skip_setup) -- disable_coredumps(); --} -- - static void initialize_core_pattern(bool skip_setup) { - int r; - -@@ -2922,8 +2906,6 @@ int main(int argc, char *argv[]) { - kernel_timestamp = DUAL_TIMESTAMP_NULL; - } - -- initialize_coredump(skip_setup); -- - r = fixup_environment(); - if (r < 0) { - log_struct_errno(LOG_EMERG, r, -diff --git a/sysctl.d/50-coredump.conf.in b/sysctl.d/50-coredump.conf.in -index 90c080b..1730841 100644 ---- a/sysctl.d/50-coredump.conf.in -+++ b/sysctl.d/50-coredump.conf.in -@@ -13,7 +13,7 @@ - # the core dump. - # - # See systemd-coredump(8) and core(5). --kernel.core_pattern=|{{LIBEXECDIR}}/systemd-coredump %P %u %g %s %t %c %h -+kernel.core_pattern=|{{LIBEXECDIR}}/systemd-coredump %P %u %g %s %t 9223372036854775808 %h - - # Allow 16 coredumps to be dispatched in parallel by the kernel. - # We collect metadata from /proc/%P/, and thus need to make sure the crashed diff --git a/debian/patches/debian/Skip-filesystem-check-if-already-done-by-the-initram.patch b/debian/patches/debian/Skip-filesystem-check-if-already-done-by-the-initram.patch deleted file mode 100644 index 6353b8b..0000000 --- a/debian/patches/debian/Skip-filesystem-check-if-already-done-by-the-initram.patch +++ /dev/null @@ -1,57 +0,0 @@ -From: Nis Martensen <nis.martensen@web.de> -Date: Tue, 19 Jan 2016 22:01:43 +0100 -Subject: Skip filesystem check if already done by the initramfs - -Newer versions of initramfs-tools already fsck and mount / and /usr in -the initramfs. Skip the filesystem check in this case. - -Based on a previous patch by Michael Biebl <biebl@debian.org>. - -Closes: #782522 -Closes: #810748 ---- - src/fstab-generator/fstab-generator.c | 11 ++++++++--- - units/systemd-fsck-root.service.in | 1 + - 2 files changed, 9 insertions(+), 3 deletions(-) - -diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c -index 016f3ba..f63a1d1 100644 ---- a/src/fstab-generator/fstab-generator.c -+++ b/src/fstab-generator/fstab-generator.c -@@ -519,6 +519,7 @@ static int add_mount( - _cleanup_strv_free_ char **wanted_by = NULL, **required_by = NULL; - _cleanup_fclose_ FILE *f = NULL; - int r; -+ struct stat sb; - - assert(what); - assert(where); -@@ -604,9 +605,13 @@ static int add_mount( - fprintf(f, "Before=%s\n", target_unit); - - if (passno != 0) { -- r = generator_write_fsck_deps(f, dest, what, where, fstype); -- if (r < 0) -- return r; -+ if (streq(where, "/usr") && stat("/run/initramfs/fsck-usr", &sb) == 0) -+ ; /* skip /usr fsck if it has already been checked in the initramfs */ -+ else { -+ r = generator_write_fsck_deps(f, dest, what, where, fstype); -+ if (r < 0) -+ return r; -+ } - } - - r = generator_write_blockdev_dependency(f, what); -diff --git a/units/systemd-fsck-root.service.in b/units/systemd-fsck-root.service.in -index ca9c7ce..27783a9 100644 ---- a/units/systemd-fsck-root.service.in -+++ b/units/systemd-fsck-root.service.in -@@ -16,6 +16,7 @@ Before=local-fs.target shutdown.target - Wants=systemd-fsckd.socket - After=systemd-fsckd.socket - ConditionPathIsReadWrite=!/ -+ConditionPathExists=!/run/initramfs/fsck-root - OnFailure=emergency.target - OnFailureJobMode=replace-irreversibly - diff --git a/debian/patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch b/debian/patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch deleted file mode 100644 index 655dd27..0000000 --- a/debian/patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch +++ /dev/null @@ -1,1072 +0,0 @@ -From: Didier Roche <didrocks@ubuntu.com> -Date: Fri, 22 May 2015 13:04:38 +0200 -Subject: fsckd daemon for inter-fsckd communication - -Global logic: -Add systemd-fsckd multiplexer which accepts multiple (via systemd-fsck's -/run/systemd/fsck.progress socket) fsck instances to connect to it and sends -progress report. systemd-fsckd then computes and writes to /dev/console the -number of devices currently being checked and the minimum fsck progress. - -Plymouth and user interaction: -Forward the progress to plymouth and support canellation of in progress fsck. -Try to connect and send to plymouth (if running) some checked report progress, -using direct plymouth protocole. - -Update message is the following: -fsckd:<num_devices>:<progress>:<string> -* num_devices corresponds to the current number of devices being checked (int) -* progress corresponds to the current minimum percentage of all devices being - checked (float, from 0 to 100) -* string is a translated message ready to be displayed by the plymouth theme - displaying the information above. It can be overridden by plymouth themes - supporting i18n. - -Grab in fsckd plymouth watch key Control+C, and propagate this cancel request -to systemd-fsck which will terminate fsck. - -Send a message to signal to user what key we are grabbing for fsck cancel. - -Message is: fsckd-cancel-msg:<string> -Where string is a translated string ready to be displayed by the plymouth theme -indicating that Control+C can be used to cancel current checks. It can be -overridden (matching only fsckd-cancel-msg prefix) for themes supporting i18n. - -Misc: -systemd-fsckd stops on idle when no fsck is connected. -Add man page explaining the plymouth theme protocol, usage of the daemon -as well as the socket activation part. Adapt existing fsck man page. - -Note that fsckd had lived in the upstream tree for a while, but was removed. -More information at -http://lists.freedesktop.org/archives/systemd-devel/2015-April/030175.html -- ---- - man/rules/meson.build | 1 + - man/systemd-fsckd.service.xml | 162 +++++++++ - meson.build | 1 + - po/POTFILES.in | 1 + - src/fsckd/fsckd.c | 705 +++++++++++++++++++++++++++++++++++++ - src/fsckd/meson.build | 8 + - units/meson.build | 2 + - units/systemd-fsck-root.service.in | 2 + - units/systemd-fsck@.service.in | 3 +- - units/systemd-fsckd.service.in | 17 + - units/systemd-fsckd.socket | 15 + - 11 files changed, 916 insertions(+), 1 deletion(-) - create mode 100644 man/systemd-fsckd.service.xml - create mode 100644 src/fsckd/fsckd.c - create mode 100644 src/fsckd/meson.build - create mode 100644 units/systemd-fsckd.service.in - create mode 100644 units/systemd-fsckd.socket - -diff --git a/man/rules/meson.build b/man/rules/meson.build -index 5dc3e08..5feb43d 100644 ---- a/man/rules/meson.build -+++ b/man/rules/meson.build -@@ -933,6 +933,7 @@ manpages = [ - '8', - ['systemd-fsck', 'systemd-fsck-root.service', 'systemd-fsck-usr.service'], - ''], -+ ['systemd-fsckd.service', '8', ['systemd-fsckd.socket', 'systemd-fsckd'], ''], - ['systemd-fstab-generator', '8', [], ''], - ['systemd-getty-generator', '8', [], ''], - ['systemd-gpt-auto-generator', '8', [], 'HAVE_BLKID'], -diff --git a/man/systemd-fsckd.service.xml b/man/systemd-fsckd.service.xml -new file mode 100644 -index 0000000..b7ad58d ---- /dev/null -+++ b/man/systemd-fsckd.service.xml -@@ -0,0 +1,162 @@ -+<?xml version="1.0"?> -+<!--*-nxml-*--> -+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> -+<!-- -+ This file is part of systemd. -+ -+ Copyright 2015 Canonical -+ -+ systemd is free software; you can redistribute it and/or modify it -+ under the terms of the GNU Lesser General Public License as published by -+ the Free Software Foundation; either version 2.1 of the License, or -+ (at your option) any later version. -+ -+ systemd is distributed in the hope that it will be useful, but -+ WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public License -+ along with systemd; If not, see <http://www.gnu.org/licenses/>. -+--> -+<refentry id="systemd-fsckd.service" xmlns:xi="http://www.w3.org/2001/XInclude"> -+ -+ <refentryinfo> -+ <title>systemd-fsckd.service</title> -+ <productname>systemd</productname> -+ -+ <authorgroup> -+ <author> -+ <contrib>Developer</contrib> -+ <firstname>Didier</firstname> -+ <surname>Roche</surname> -+ <email>didrocks@ubuntu.com</email> -+ </author> -+ </authorgroup> -+ </refentryinfo> -+ -+ <refmeta> -+ <refentrytitle>systemd-fsckd.service</refentrytitle> -+ <manvolnum>8</manvolnum> -+ </refmeta> -+ -+ <refnamediv> -+ <refname>systemd-fsckd.service</refname> -+ <refname>systemd-fsckd.socket</refname> -+ <refname>systemd-fsckd</refname> -+ <refpurpose>File system check progress reporting</refpurpose> -+ </refnamediv> -+ -+ <refsynopsisdiv> -+ <para><filename>systemd-fsckd.service</filename></para> -+ <para><filename>systemd-fsckd.socket</filename></para> -+ <para><filename>/usr/lib/systemd/systemd-fsckd</filename></para> -+ </refsynopsisdiv> -+ -+ <refsect1> -+ <title>Description</title> -+ -+ <para><filename>systemd-fsckd.service</filename> is a service responsible -+ for receiving file system check progress, and communicating some -+ consolidated data to console and plymouth (if running). It also handles -+ possible check cancellations.</para> -+ -+ <para><command>systemd-fsckd</command> receives messages about file -+ system check progress from <command>fsck</command> through an -+ UNIX domain socket. It can display the progress of the least advanced -+ fsck as well as the total number of devices being checked in parallel -+ to the console. It will also send progress messages to plymouth. -+ Both the raw data and translated messages are sent, so compiled -+ plymouth themes can use the raw data to display custom messages, and -+ scripted themes, not supporting i18n, can display the translated -+ versions.</para> -+ -+ <para><command>systemd-fsckd</command> will instruct plymouth to grab -+ Control+C keypresses. When the key is pressed, running checks will be -+ terminated. It will also cancel any newly connected fsck instances for -+ the lifetime of <filename>systemd-fsckd</filename>.</para> -+ </refsect1> -+ -+ <refsect1> -+ <title>Protocol for communication with plymouth</title> -+ -+ <para><filename>systemd-fsckd</filename> passes the -+ following messages to the theme:</para> -+ -+ <para>Progress update, sent as a plymouth update message: -+ <literal>fsckd:<num_devices>:<progress>:<string></literal> -+ <variablelist> -+ <varlistentry> -+ <term><literal><num_devices></literal></term> -+ <listitem><para>the current number of devices -+ being checked (int)</para></listitem> -+ </varlistentry> -+ <varlistentry> -+ <term><literal><progress></literal></term> -+ <listitem><para>the current minimum percentage of -+ all devices being checking (float, from 0 to 100)</para></listitem> -+ </varlistentry> -+ <varlistentry> -+ <term><literal><string></literal></term> -+ <listitem><para>a translated message ready to be displayed -+ by the plymouth theme displaying the data above. It can be overridden -+ by themes supporting i18n.</para></listitem> -+ </varlistentry> -+ </variablelist> -+ </para> -+ -+ <para>Cancel message, sent as a traditional plymouth message: -+ <literal>fsckd-cancel-msg:<string></literal> -+ <variablelist> -+ <varlistentry> -+ <term><literal><strings></literal></term> -+ <listitem><para>a translated string ready to be displayed -+ by the plymouth theme indicating that Control+C can be used to cancel -+ current checks. It can be overridden (matching only -+ <literal>fsckd-cancel-msg</literal> prefix) -+ by themes supporting i18n.</para></listitem> -+ </varlistentry> -+ </variablelist> -+ </para> -+ </refsect1> -+ -+ <refsect1> -+ <title>Options</title> -+ -+ <para>The following options are understood:</para> -+ -+ <variablelist> -+ <xi:include href="standard-options.xml" xpointer="help" /> -+ <xi:include href="standard-options.xml" xpointer="version" /> -+ </variablelist> -+ -+ </refsect1> -+ -+ <refsect1> -+ <title>Exit status</title> -+ -+ <para>On success, 0 is returned, a non-zero failure -+ code otherwise. Note that the daemon stays idle for -+ a while to accept new <filename>fsck</filename> -+ connections before exiting.</para> -+ </refsect1> -+ -+ <refsect1> -+ <title>See Also</title> -+ <para> -+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, -+ <citerefentry><refentrytitle>systemd-fsck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, -+ <citerefentry project='man-pages'><refentrytitle>fsck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, -+ <citerefentry><refentrytitle>systemd-quotacheck.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, -+ <citerefentry project='man-pages'><refentrytitle>fsck.btrfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>, -+ <citerefentry project='man-pages'><refentrytitle>fsck.cramfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>, -+ <citerefentry project='man-pages'><refentrytitle>fsck.ext4</refentrytitle><manvolnum>8</manvolnum></citerefentry>, -+ <citerefentry project='man-pages'><refentrytitle>fsck.fat</refentrytitle><manvolnum>8</manvolnum></citerefentry>, -+ <citerefentry project='man-pages'><refentrytitle>fsck.hfsplus</refentrytitle><manvolnum>8</manvolnum></citerefentry>, -+ <citerefentry project='man-pages'><refentrytitle>fsck.minix</refentrytitle><manvolnum>8</manvolnum></citerefentry>, -+ <citerefentry project='man-pages'><refentrytitle>fsck.ntfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>, -+ <citerefentry project='man-pages'><refentrytitle>fsck.xfs</refentrytitle><manvolnum>8</manvolnum></citerefentry> -+ </para> -+ </refsect1> -+ -+</refentry> -diff --git a/meson.build b/meson.build -index 554765b..0fce0fd 100644 ---- a/meson.build -+++ b/meson.build -@@ -2154,6 +2154,7 @@ subdir('src/environment-d-generator') - subdir('src/escape') - subdir('src/firstboot') - subdir('src/fsck') -+subdir('src/fsckd') - subdir('src/fstab-generator') - subdir('src/getty-generator') - subdir('src/gpt-auto-generator') -diff --git a/po/POTFILES.in b/po/POTFILES.in -index 16899fd..6bba341 100644 ---- a/po/POTFILES.in -+++ b/po/POTFILES.in -@@ -13,3 +13,4 @@ src/portable/org.freedesktop.portable1.policy - src/resolve/org.freedesktop.resolve1.policy - src/timedate/org.freedesktop.timedate1.policy - src/core/dbus-unit.c -+src/fsckd/fsckd.c -diff --git a/src/fsckd/fsckd.c b/src/fsckd/fsckd.c -new file mode 100644 -index 0000000..e9a8019 ---- /dev/null -+++ b/src/fsckd/fsckd.c -@@ -0,0 +1,705 @@ -+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ -+ -+/*** -+ This file is part of systemd. -+ -+ Copyright 2015 Canonical -+ -+ Author: -+ Didier Roche <didrocks@ubuntu.com> -+ -+ systemd is free software; you can redistribute it and/or modify it -+ under the terms of the GNU Lesser General Public License as published by -+ the Free Software Foundation; either version 2.1 of the License, or -+ (at your option) any later version. -+ -+ systemd is distributed in the hope that it will be useful, but -+ WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public License -+ along with systemd; If not, see <http://www.gnu.org/licenses/>. -+***/ -+ -+#include <getopt.h> -+#include <errno.h> -+#include <libintl.h> -+#include <math.h> -+#include <stdbool.h> -+#include <stdlib.h> -+#include <stdio.h> -+#include <sys/socket.h> -+#include <sys/types.h> -+#include <sys/un.h> -+#include <unistd.h> -+ -+#include "sd-daemon.h" -+#include "build.h" -+#include "constants.h" -+#include "sd-event.h" -+#include "log.h" -+#include "list.h" -+#include "macro.h" -+#include "socket-netlink.h" -+#include "socket-util.h" -+#include "fd-util.h" -+#include "string-util.h" -+#include "io-util.h" -+#include "alloc-util.h" -+#include "locale-util.h" -+#include "logarithm.h" -+ -+#define FSCKD_SOCKET_PATH "/run/systemd/fsck.progress" -+#define IDLE_TIME_SECONDS 30 -+#define PLYMOUTH_REQUEST_KEY "K\2\2\3" -+#define CLIENTS_MAX 128 -+ -+struct Manager; -+ -+typedef struct Client { -+ struct Manager *manager; -+ char *device_name; -+ /* device id refers to "fd <fd>" until it gets a name as "device_name" */ -+ char *device_id; -+ -+ pid_t fsck_pid; -+ FILE *fsck_f; -+ -+ size_t cur; -+ size_t max; -+ int pass; -+ -+ double percent; -+ -+ bool cancelled; -+ bool bad_input; -+ -+ sd_event_source *event_source; -+ -+ LIST_FIELDS(struct Client, clients); -+} Client; -+ -+typedef struct Manager { -+ sd_event *event; -+ -+ LIST_HEAD(Client, clients); -+ unsigned n_clients; -+ -+ size_t clear; -+ -+ int connection_fd; -+ sd_event_source *connection_event_source; -+ -+ bool show_status_console; -+ -+ double percent; -+ int numdevices; -+ -+ int plymouth_fd; -+ sd_event_source *plymouth_event_source; -+ bool plymouth_cancel_sent; -+ -+ bool cancel_requested; -+} Manager; -+ -+static Client* client_free(Client *c); -+static Manager* manager_free(Manager *m); -+ -+DEFINE_TRIVIAL_CLEANUP_FUNC(Client*, client_free); -+DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free); -+ -+static void init_gettext(void) { -+ setlocale(LC_ALL, ""); -+ textdomain(GETTEXT_PACKAGE); -+} -+ -+static bool plymouth_running(void) { -+ return access("/run/plymouth/pid", F_OK) >= 0; -+} -+ -+static int manager_write_console(Manager *m, const char *message) { -+ _cleanup_fclose_ FILE *console = NULL; -+ int l; -+ size_t j; -+ -+ assert(m); -+ -+ if (!m->show_status_console) -+ return 0; -+ -+ /* Nothing to display, and nothing to clear: return now. */ -+ if (message == NULL && m->clear == 0) { -+ return 0; -+ } -+ -+ /* Reduce the SAK window by opening and closing console on every request */ -+ console = fopen("/dev/console", "we"); -+ if (!console) -+ return -errno; -+ -+ if (message) { -+ fprintf(console, "\r%s\r%n", message, &l); -+ if (m->clear < (size_t)l) -+ m->clear = (size_t)l; -+ } else { -+ fputc('\r', console); -+ for (j = 0; j < m->clear; j++) -+ fputc(' ', console); -+ fputc('\r', console); -+ } -+ fflush(console); -+ -+ return 0; -+} -+ -+static double compute_percent(int pass, size_t cur, size_t max) { -+ /* Values stolen from e2fsck */ -+ -+ static const double pass_table[] = { -+ 0, 70, 90, 92, 95, 100 -+ }; -+ -+ if (pass <= 0) -+ return 0.0; -+ -+ if ((unsigned) pass >= ELEMENTSOF(pass_table) || max == 0) -+ return 100.0; -+ -+ return pass_table[pass-1] + -+ (pass_table[pass] - pass_table[pass-1]) * -+ (double) cur / max; -+} -+ -+static int client_request_cancel(Client *c) { -+ assert(c); -+ -+ if (c->cancelled) -+ return 0; -+ -+ log_info("Request to cancel fsck for %s from fsckd", c->device_id); -+ if (kill(c->fsck_pid, SIGTERM) < 0) { -+ /* ignore the error and consider that cancel was sent if fsck just exited */ -+ if (errno != ESRCH) -+ return log_error_errno(errno, "Cannot send cancel to fsck for %s: %m", c->device_id); -+ } -+ -+ c->cancelled = true; -+ return 1; -+} -+ -+static Client* client_free(Client *c) { -+ assert(c); -+ -+ if (c->manager) { -+ LIST_REMOVE(clients, c->manager->clients, c); -+ c->manager->n_clients--; -+ } -+ -+ sd_event_source_unref(c->event_source); -+ fclose(c->fsck_f); -+ if (c->device_name) -+ free(c->device_name); -+ if (c->device_id) -+ free(c->device_id); -+ return mfree(c); -+} -+ -+static void manager_disconnect_plymouth(Manager *m) { -+ assert(m); -+ -+ m->plymouth_event_source = sd_event_source_unref(m->plymouth_event_source); -+ m->plymouth_fd = safe_close(m->plymouth_fd); -+ m->plymouth_cancel_sent = false; -+} -+ -+static int manager_plymouth_feedback_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) { -+ Manager *m = userdata; -+ char buffer[6]; -+ ssize_t l; -+ -+ assert(m); -+ -+ l = read(m->plymouth_fd, buffer, sizeof(buffer)); -+ if (l < 0) { -+ log_warning_errno(errno, "Got error while reading from plymouth: %m"); -+ manager_disconnect_plymouth(m); -+ return -errno; -+ } -+ if (l == 0) { -+ manager_disconnect_plymouth(m); -+ return 0; -+ } -+ -+ if (l > 1 && buffer[0] == '\15') -+ log_error("Message update to plymouth wasn't delivered successfully"); -+ -+ /* the only answer support type we requested is a key interruption */ -+ if (l > 2 && buffer[0] == '\2' && buffer[5] == '\3') { -+ m->cancel_requested = true; -+ -+ /* cancel all connected clients */ -+ LIST_FOREACH(clients, current, m->clients) -+ client_request_cancel(current); -+ } -+ -+ return 0; -+} -+ -+static int manager_connect_plymouth(Manager *m) { -+ union sockaddr_union sa = { -+ .un.sun_family = AF_UNIX, -+ .un.sun_path = "\0/org/freedesktop/plymouthd", -+ }; -+ int r; -+ -+ if (!plymouth_running()) -+ return 0; -+ -+ /* try to connect or reconnect if sending a message */ -+ if (m->plymouth_fd >= 0) -+ return 1; -+ -+ m->plymouth_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0); -+ if (m->plymouth_fd < 0) -+ return log_warning_errno(errno, "Connection to plymouth socket failed: %m"); -+ -+ if (connect(m->plymouth_fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + 1 + strlen(sa.un.sun_path+1)) < 0) { -+ r = log_warning_errno(errno, "Couldn't connect to plymouth: %m"); -+ goto fail; -+ } -+ -+ r = sd_event_add_io(m->event, &m->plymouth_event_source, m->plymouth_fd, EPOLLIN, manager_plymouth_feedback_handler, m); -+ if (r < 0) { -+ log_warning_errno(r, "Can't listen to plymouth socket: %m"); -+ goto fail; -+ } -+ -+ return 1; -+ -+fail: -+ manager_disconnect_plymouth(m); -+ return r; -+} -+ -+static int plymouth_send_message(int plymouth_fd, const char *message, bool update) { -+ _cleanup_free_ char *packet = NULL; -+ int n; -+ char mode = 'M'; -+ -+ if (update) -+ mode = 'U'; -+ -+ if (asprintf(&packet, "%c\002%c%s%n", mode, (int) (strlen(message) + 1), message, &n) < 0) -+ return log_oom(); -+ -+ return loop_write_full(plymouth_fd, packet, n + 1, USEC_INFINITY); -+} -+ -+static int manager_send_plymouth_message(Manager *m, const char *message) { -+ const char *plymouth_cancel_message = NULL, *l10n_cancel_message = NULL; -+ int r; -+ -+ r = manager_connect_plymouth(m); -+ if (r < 0) -+ return r; -+ /* 0 means that plymouth isn't running, do not send any message yet */ -+ else if (r == 0) -+ return 0; -+ -+ if (!m->plymouth_cancel_sent) { -+ -+ /* Indicate to plymouth that we listen to Ctrl+C */ -+ r = loop_write_full(m->plymouth_fd, PLYMOUTH_REQUEST_KEY, sizeof(PLYMOUTH_REQUEST_KEY), USEC_INFINITY); -+ if (r < 0) -+ return log_warning_errno(r, "Can't send to plymouth cancel key: %m"); -+ -+ m->plymouth_cancel_sent = true; -+ -+ l10n_cancel_message = _("Press Ctrl+C to cancel all filesystem checks in progress"); -+ plymouth_cancel_message = strjoina("fsckd-cancel-msg:", l10n_cancel_message); -+ -+ r = plymouth_send_message(m->plymouth_fd, plymouth_cancel_message, false); -+ if (r < 0) -+ log_warning_errno(r, "Can't send filesystem cancel message to plymouth: %m"); -+ -+ } else if (m->numdevices == 0) { -+ -+ m->plymouth_cancel_sent = false; -+ -+ r = plymouth_send_message(m->plymouth_fd, "", false); -+ if (r < 0) -+ log_warning_errno(r, "Can't clear plymouth filesystem cancel message: %m"); -+ } -+ -+ r = plymouth_send_message(m->plymouth_fd, message, true); -+ if (r < 0) -+ return log_warning_errno(r, "Couldn't send \"%s\" to plymouth: %m", message); -+ -+ return 0; -+} -+ -+static int manager_update_global_progress(Manager *m) { -+ _cleanup_free_ char *console_message = NULL; -+ _cleanup_free_ char *fsck_message = NULL; -+ int current_numdevices = 0, r; -+ double current_percent = 100; -+ -+ /* get the overall percentage */ -+ LIST_FOREACH(clients, current, m->clients) { -+ current_numdevices++; -+ -+ /* right now, we only keep the minimum % of all fsckd processes. We could in the future trying to be -+ linear, but max changes and corresponds to the pass. We have all the informations into fsckd -+ already if we can treat that in a smarter way. */ -+ current_percent = MIN(current_percent, current->percent); -+ } -+ -+ /* update if there is anything user-visible to update */ -+ if (fabs(current_percent - m->percent) > 0.001 || current_numdevices != m->numdevices) { -+ m->numdevices = current_numdevices; -+ m->percent = current_percent; -+ -+ if (asprintf(&console_message, -+ ngettext("Checking in progress on %d disk (%3.1f%% complete)", -+ "Checking in progress on %d disks (%3.1f%% complete)", m->numdevices), -+ m->numdevices, m->percent) < 0) -+ return -ENOMEM; -+ -+ if (asprintf(&fsck_message, "fsckd:%d:%3.1f:%s", m->numdevices, m->percent, console_message) < 0) -+ return -ENOMEM; -+ -+ r = manager_write_console(m, console_message); -+ if (r < 0) -+ return r; -+ -+ /* try to connect to plymouth and send message */ -+ r = manager_send_plymouth_message(m, fsck_message); -+ if (r < 0) -+ return r; -+ } -+ return 0; -+} -+ -+static int client_progress_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) { -+ Client *client = userdata; -+ char line[LINE_MAX]; -+ Manager *m; -+ -+ assert(client); -+ m = client->manager; -+ -+ /* check first if we need to cancel this client */ -+ if (m->cancel_requested) -+ client_request_cancel(client); -+ -+ while (fgets(line, sizeof(line), client->fsck_f) != NULL) { -+ int pass; -+ size_t cur, max; -+ _cleanup_free_ char *device = NULL, *old_device_id = NULL; -+ -+ if (sscanf(line, "%i %zu %zu %ms", &pass, &cur, &max, &device) == 4) { -+ if (!client->device_name) { -+ client->device_name = strdup(device); -+ if (!client->device_name) { -+ log_oom(); -+ continue; -+ } -+ old_device_id = client->device_id; -+ client->device_id = strdup(device); -+ if (!client->device_id) { -+ log_oom(); -+ client->device_id = old_device_id; -+ old_device_id = NULL; -+ continue; -+ } -+ } -+ client->pass = pass; -+ client->cur = cur; -+ client->max = max; -+ client->bad_input = false; -+ client->percent = compute_percent(client->pass, client->cur, client->max); -+ log_debug("Getting progress for %s (%zu, %zu, %d) : %3.1f%%", client->device_id, -+ client->cur, client->max, client->pass, client->percent); -+ } else { -+ if (errno == ENOMEM) { -+ log_oom(); -+ continue; -+ } -+ -+ /* if previous input was already garbage, kick it off from progress report */ -+ if (client->bad_input) { -+ log_warning("Closing connection on incorrect input of fsck connection for %s", client->device_id); -+ client_free(client); -+ manager_update_global_progress(m); -+ return 0; -+ } -+ client->bad_input = true; -+ } -+ -+ } -+ -+ if (feof(client->fsck_f)) { -+ log_debug("Fsck client %s disconnected", client->device_id); -+ client_free(client); -+ } -+ -+ manager_update_global_progress(m); -+ return 0; -+} -+ -+static int manager_new_connection_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) { -+ _cleanup_(client_freep) Client *c = NULL; -+ _cleanup_close_ int new_fsck_fd = -1; -+ _cleanup_fclose_ FILE *new_fsck_f = NULL; -+ struct ucred ucred = {}; -+ Manager *m = userdata; -+ int r; -+ -+ assert(m); -+ -+ /* Initialize and list new clients */ -+ new_fsck_fd = accept4(m->connection_fd, NULL, NULL, SOCK_CLOEXEC|SOCK_NONBLOCK); -+ if (new_fsck_fd < 0) { -+ log_error_errno(errno, "Couldn't accept a new connection: %m"); -+ return 0; -+ } -+ -+ if (m->n_clients >= CLIENTS_MAX) { -+ log_error("Too many clients, refusing connection."); -+ return 0; -+ } -+ -+ -+ new_fsck_f = fdopen(new_fsck_fd, "r"); -+ if (!new_fsck_f) { -+ log_error_errno(errno, "Couldn't fdopen new connection for fd %d: %m", new_fsck_fd); -+ return 0; -+ } -+ new_fsck_fd = -1; -+ -+ r = getpeercred(fileno(new_fsck_f), &ucred); -+ if (r < 0) { -+ log_error_errno(r, "Couldn't get credentials for fsck: %m"); -+ return 0; -+ } -+ -+ c = new0(Client, 1); -+ if (!c) { -+ log_oom(); -+ return 0; -+ } -+ -+ c->fsck_pid = ucred.pid; -+ c->fsck_f = new_fsck_f; -+ new_fsck_f = NULL; -+ -+ if (asprintf(&(c->device_id), "fd %d", fileno(c->fsck_f)) < 0) { -+ log_oom(); -+ return 0; -+ } -+ -+ r = sd_event_add_io(m->event, &c->event_source, fileno(c->fsck_f), EPOLLIN, client_progress_handler, c); -+ if (r < 0) { -+ log_oom(); -+ return 0; -+ } -+ -+ LIST_PREPEND(clients, m->clients, c); -+ m->n_clients++; -+ c->manager = m; -+ -+ log_debug("New fsck client connected: %s", c->device_id); -+ -+ /* only request the client to cancel now in case the request is dropped by the client (chance to recancel) */ -+ if (m->cancel_requested) -+ client_request_cancel(c); -+ -+ c = NULL; -+ return 0; -+} -+ -+static Manager* manager_free(Manager *m) { -+ if (!m) -+ return NULL; -+ -+ /* clear last line */ -+ manager_write_console(m, NULL); -+ -+ sd_event_source_unref(m->connection_event_source); -+ safe_close(m->connection_fd); -+ -+ while (m->clients) -+ client_free(m->clients); -+ -+ manager_disconnect_plymouth(m); -+ -+ sd_event_unref(m->event); -+ -+ return mfree(m); -+} -+ -+static int manager_new(Manager **ret, int fd) { -+ _cleanup_(manager_freep) Manager *m = NULL; -+ int r; -+ -+ assert(ret); -+ -+ m = new0(Manager, 1); -+ if (!m) -+ return -ENOMEM; -+ -+ m->plymouth_fd = -1; -+ m->connection_fd = fd; -+ m->percent = 100; -+ -+ r = sd_event_default(&m->event); -+ if (r < 0) -+ return r; -+ -+ if (access("/run/systemd/show-status", F_OK) >= 0) -+ m->show_status_console = true; -+ -+ r = sd_event_add_io(m->event, &m->connection_event_source, fd, EPOLLIN, manager_new_connection_handler, m); -+ if (r < 0) -+ return r; -+ -+ *ret = m; -+ m = NULL; -+ -+ return 0; -+} -+ -+static int run_event_loop_with_timeout(Manager *m, usec_t timeout) { -+ int r, code; -+ sd_event *e = m->event; -+ -+ assert(e); -+ -+ for (;;) { -+ r = sd_event_get_state(e); -+ if (r < 0) -+ return r; -+ if (r == SD_EVENT_FINISHED) -+ break; -+ -+ r = sd_event_run(e, timeout); -+ if (r < 0) -+ return r; -+ -+ /* Exit if we reached the idle timeout and no more clients are -+ connected. If there is still an fsck process running but -+ simply slow to send us progress updates, exiting would mean -+ that this fsck process receives SIGPIPE resulting in an -+ aborted file system check. */ -+ if (r == 0 && m->n_clients == 0) { -+ sd_event_exit(e, 0); -+ break; -+ } -+ } -+ -+ r = sd_event_get_exit_code(e, &code); -+ if (r < 0) -+ return r; -+ -+ return code; -+} -+ -+static void help(void) { -+ printf("%s [OPTIONS...]\n\n" -+ "Capture fsck progress and forward one stream to plymouth\n\n" -+ " -h --help Show this help\n" -+ " --version Show package version\n", -+ program_invocation_short_name); -+} -+ -+static int parse_argv(int argc, char *argv[]) { -+ -+ enum { -+ ARG_VERSION = 0x100, -+ ARG_ROOT, -+ }; -+ -+ static const struct option options[] = { -+ { "help", no_argument, NULL, 'h' }, -+ { "version", no_argument, NULL, ARG_VERSION }, -+ {} -+ }; -+ -+ int c; -+ -+ assert(argc >= 0); -+ assert(argv); -+ -+ while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0) -+ switch (c) { -+ -+ case 'h': -+ help(); -+ return 0; -+ -+ case ARG_VERSION: -+ version(); -+ return 0; -+ -+ case '?': -+ return -EINVAL; -+ -+ default: -+ assert_not_reached(); -+ } -+ -+ if (optind < argc) { -+ log_error("Extraneous arguments"); -+ return -EINVAL; -+ } -+ -+ return 1; -+} -+ -+int main(int argc, char *argv[]) { -+ _cleanup_(manager_freep) Manager *m = NULL; -+ int fd = -1; -+ int r, n; -+ -+ log_set_target(LOG_TARGET_AUTO); -+ log_parse_environment(); -+ log_open(); -+ init_gettext(); -+ -+ r = parse_argv(argc, argv); -+ if (r <= 0) -+ goto finish; -+ -+ n = sd_listen_fds(0); -+ if (n > 1) { -+ log_error("Too many file descriptors received."); -+ r = -EINVAL; -+ goto finish; -+ } else if (n == 1) -+ fd = SD_LISTEN_FDS_START + 0; -+ else { -+ fd = make_socket_fd(LOG_DEBUG, FSCKD_SOCKET_PATH, SOCK_STREAM, SOCK_CLOEXEC); -+ if (fd < 0) { -+ r = log_error_errno(fd, "Couldn't create listening socket fd on %s: %m", FSCKD_SOCKET_PATH); -+ goto finish; -+ } -+ } -+ -+ r = manager_new(&m, fd); -+ if (r < 0) { -+ log_error_errno(r, "Failed to allocate manager: %m"); -+ goto finish; -+ } -+ -+ r = run_event_loop_with_timeout(m, IDLE_TIME_SECONDS * USEC_PER_SEC); -+ if (r < 0) { -+ log_error_errno(r, "Failed to run event loop: %m"); -+ goto finish; -+ } -+ -+ sd_event_get_exit_code(m->event, &r); -+ -+finish: -+ return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; -+} -diff --git a/src/fsckd/meson.build b/src/fsckd/meson.build -new file mode 100644 -index 0000000..6d3c125 ---- /dev/null -+++ b/src/fsckd/meson.build -@@ -0,0 +1,8 @@ -+# SPDX-License-Identifier: LGPL-2.1-or-later -+ -+executables += [ -+ libexec_template + { -+ 'name' : 'systemd-fsckd', -+ 'sources' : files('fsckd.c'), -+ }, -+] -diff --git a/units/meson.build b/units/meson.build -index e7bfb7f..0aee573 100644 ---- a/units/meson.build -+++ b/units/meson.build -@@ -288,6 +288,8 @@ units = [ - }, - { 'file' : 'systemd-fsck-root.service.in' }, - { 'file' : 'systemd-fsck@.service.in' }, -+ { 'file' : 'systemd-fsckd.socket' }, -+ { 'file' : 'systemd-fsckd.service.in' }, - { 'file' : 'systemd-growfs-root.service.in' }, - { 'file' : 'systemd-growfs@.service.in' }, - { 'file' : 'systemd-halt.service' }, -diff --git a/units/systemd-fsck-root.service.in b/units/systemd-fsck-root.service.in -index ebe8262..ca9c7ce 100644 ---- a/units/systemd-fsck-root.service.in -+++ b/units/systemd-fsck-root.service.in -@@ -13,6 +13,8 @@ Documentation=man:systemd-fsck-root.service(8) - DefaultDependencies=no - Conflicts=shutdown.target - Before=local-fs.target shutdown.target -+Wants=systemd-fsckd.socket -+After=systemd-fsckd.socket - ConditionPathIsReadWrite=!/ - OnFailure=emergency.target - OnFailureJobMode=replace-irreversibly -diff --git a/units/systemd-fsck@.service.in b/units/systemd-fsck@.service.in -index 65521b1..cd8bac1 100644 ---- a/units/systemd-fsck@.service.in -+++ b/units/systemd-fsck@.service.in -@@ -13,7 +13,8 @@ Documentation=man:systemd-fsck@.service(8) - DefaultDependencies=no - BindsTo=%i.device - Conflicts=shutdown.target --After=%i.device systemd-fsck-root.service local-fs-pre.target -+Wants=systemd-fsckd.socket -+After=%i.device systemd-fsck-root.service local-fs-pre.target systemd-fsckd.socket - Before=systemd-quotacheck.service shutdown.target - - [Service] -diff --git a/units/systemd-fsckd.service.in b/units/systemd-fsckd.service.in -new file mode 100644 -index 0000000..845788c ---- /dev/null -+++ b/units/systemd-fsckd.service.in -@@ -0,0 +1,17 @@ -+# This file is part of systemd. -+# -+# systemd is free software; you can redistribute it and/or modify it -+# under the terms of the GNU Lesser General Public License as published by -+# the Free Software Foundation; either version 2.1 of the License, or -+# (at your option) any later version. -+ -+[Unit] -+Description=File System Check Daemon to report status -+Documentation=man:systemd-fsckd.service(8) -+DefaultDependencies=no -+Requires=systemd-fsckd.socket -+Before=shutdown.target -+ -+[Service] -+ExecStart={{LIBEXECDIR}}/systemd-fsckd -+StandardOutput=journal+console -diff --git a/units/systemd-fsckd.socket b/units/systemd-fsckd.socket -new file mode 100644 -index 0000000..61fec97 ---- /dev/null -+++ b/units/systemd-fsckd.socket -@@ -0,0 +1,15 @@ -+# This file is part of systemd. -+# -+# systemd is free software; you can redistribute it and/or modify it -+# under the terms of the GNU Lesser General Public License as published by -+# the Free Software Foundation; either version 2.1 of the License, or -+# (at your option) any later version. -+ -+[Unit] -+Description=fsck to fsckd communication Socket -+Documentation=man:systemd-fsckd.service(8) man:systemd-fsck@.service(8) man:systemd-fsck-root.service(8) -+DefaultDependencies=no -+ -+[Socket] -+ListenStream=/run/systemd/fsck.progress -+SocketMode=0600 diff --git a/debian/patches/debian/localectl-disable-keymap-support.patch b/debian/patches/debian/localectl-disable-keymap-support.patch index 50fad4c..70f0257 100644 --- a/debian/patches/debian/localectl-disable-keymap-support.patch +++ b/debian/patches/debian/localectl-disable-keymap-support.patch @@ -8,8 +8,8 @@ solution is found. Update the test suite to skip tests for unsupported localectl features. --- - src/locale/localectl.c | 11 ++++++----- - test/units/testsuite-73.sh | 6 ++++++ + src/locale/localectl.c | 11 ++++++----- + test/units/TEST-73-LOCALE.sh | 6 ++++++ 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/src/locale/localectl.c b/src/locale/localectl.c @@ -50,11 +50,11 @@ index 3235402..c4fb1f2 100644 { "list-x11-keymap-models", VERB_ANY, 1, 0, list_x11_keymaps }, { "list-x11-keymap-layouts", VERB_ANY, 1, 0, list_x11_keymaps }, { "list-x11-keymap-variants", VERB_ANY, 2, 0, list_x11_keymaps }, -diff --git a/test/units/testsuite-73.sh b/test/units/testsuite-73.sh -index df5af4b..ec3fa6c 100755 ---- a/test/units/testsuite-73.sh -+++ b/test/units/testsuite-73.sh -@@ -227,6 +227,9 @@ wait_vconsole_setup() { +diff --git a/test/units/TEST-73-LOCALE.sh b/test/units/TEST-73-LOCALE.sh +index 18539b8..1af6c70 100755 +--- a/test/units/TEST-73-LOCALE.sh ++++ b/test/units/TEST-73-LOCALE.sh +@@ -197,6 +197,9 @@ wait_vconsole_setup() { testcase_vc_keymap() { local i output vc @@ -64,7 +64,7 @@ index df5af4b..ec3fa6c 100755 if [[ -z "$(localectl list-keymaps)" ]]; then echo "No vconsole keymap installed, skipping test." return -@@ -297,6 +300,9 @@ testcase_vc_keymap() { +@@ -267,6 +270,9 @@ testcase_vc_keymap() { testcase_x11_keymap() { local output diff --git a/debian/patches/debian/systemctl-do-not-shutdown-immediately-on-scheduled-shutdo.patch b/debian/patches/debian/systemctl-do-not-shutdown-immediately-on-scheduled-shutdo.patch deleted file mode 100644 index 902612d..0000000 --- a/debian/patches/debian/systemctl-do-not-shutdown-immediately-on-scheduled-shutdo.patch +++ /dev/null @@ -1,34 +0,0 @@ -From: Ioanna Alifieraki <ioanna-maria.alifieraki@canonical.com> -Date: Thu, 17 Dec 2020 14:52:07 +0000 -Subject: systemctl: do not shutdown immediately on scheduled shutdown - -When, for whatever reason, a scheduled shutdown fails to be set, systemd -will proceed with immediate shutdown without allowing the user to react. -This is counterintuitive because when a scheduled shutdown is issued, -it means the user wants to shutdown at a specified time in the future, -not immediately. This patch prevents the immediate shutdown and informs -the user that no action will be taken. - -Fixes: #17575 ---- - src/systemctl/systemctl-compat-halt.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/src/systemctl/systemctl-compat-halt.c b/src/systemctl/systemctl-compat-halt.c -index 4f6e304..520e794 100644 ---- a/src/systemctl/systemctl-compat-halt.c -+++ b/src/systemctl/systemctl-compat-halt.c -@@ -155,9 +155,11 @@ int halt_main(void) { - - if (arg_force == 0) { - /* always try logind first */ -- if (arg_when > 0) -+ if (arg_when > 0) { - r = logind_schedule_shutdown(arg_action); -- else { -+ if (r < 0) -+ return r; -+ } else { - r = logind_check_inhibitors(arg_action); - if (r < 0) - return r; diff --git a/debian/patches/series b/debian/patches/series index 007543e..4cfdb9d 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,8 +1 @@ -debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch -debian/Make-run-lock-tmpfs-an-API-fs.patch -debian/fsckd-daemon-for-inter-fsckd-communication.patch -debian/Skip-filesystem-check-if-already-done-by-the-initram.patch -debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch -debian/systemctl-do-not-shutdown-immediately-on-scheduled-shutdo.patch -debian/Downgrade-a-couple-of-warnings-to-debug.patch debian/localectl-disable-keymap-support.patch diff --git a/debian/rules b/debian/rules index 9761185..b9b00c4 100755 --- a/debian/rules +++ b/debian/rules @@ -11,7 +11,11 @@ include /usr/share/debhelper/dh_package_notes/package-notes.mk ifeq ($(DEB_VENDOR),Ubuntu) DEFAULT_NTP_SERVERS = ntp.ubuntu.com SUPPORT_URL = http://www.ubuntu.com/support - CONFFLAGS_DISTRO = + CONFFLAGS_DISTRO = \ + -Duser-path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ + -Ddefault-llmnr=no \ + -Ddefault-mdns=no + else DEFAULT_NTP_SERVERS = 0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org SUPPORT_URL = https://www.debian.org/support @@ -27,11 +31,11 @@ TEST_TIMEOUT_MULTIPLIER = "-t 10" # unnecessary rebuilds all the time. ifeq (, $(filter pkg.systemd.upstream, $(DEB_BUILD_PROFILES))) DH_MISSING ?= --fail-missing - GENSYMBOLS_LEVEL = 4 + GENSYMBOLS_LEVEL ?= 4 VERSION_TAG = $(DEB_VERSION) else DH_MISSING ?= --list-missing - GENSYMBOLS_LEVEL = 1 + GENSYMBOLS_LEVEL ?= 1 VERSION_TAG = $(DEB_VERSION_UPSTREAM) endif @@ -74,7 +78,6 @@ CONFFLAGS = \ -Dgnutls=disabled \ -Dlink-udev-shared=false \ -Dlink-systemctl-shared=false \ - -Dbump-proc-sys-fs-nr-open=false \ -Dntp-servers="$(DEFAULT_NTP_SERVERS)" \ -Ddns-servers='' \ -Dsystem-uid-max=999 \ @@ -83,6 +86,7 @@ CONFFLAGS = \ -Dnobody-group=nogroup \ -Ddev-kvm-mode=0660 \ -Dgroup-render-mode=0660 \ + -Dsbat-distro-url=https://tracker.debian.org/pkg/systemd \ -Drepart=enabled \ -Dfdisk=enabled \ -Dsysext=true \ @@ -92,6 +96,7 @@ CONFFLAGS = \ -Dsysusers=true \ -Dinstall-tests=$(if $(filter noinsttest,$(DEB_BUILD_PROFILES)),false,true) \ -Dman=$(if $(filter nodoc,$(DEB_BUILD_PROFILES)),disabled,enabled) \ + -Ddbus-interfaces-dir=$(if $(filter nodoc,$(DEB_BUILD_PROFILES)),no,yes) \ -Dtranslations=true \ -Dnss-myhostname=true \ -Dnss-mymachines=enabled \ @@ -133,7 +138,7 @@ CONFFLAGS += \ -Duserdb=true \ -Dpcre2=enabled \ -Dukify=enabled \ - -Dbootloader=$(if $(filter x32,$(DEB_HOST_ARCH)),disabled,auto) \ + -Dbootloader=$(if $(filter amd64 i386 arm64 armhf riscv64,$(DEB_HOST_ARCH)),enabled,disabled) \ -Dsysupdate=enabled else CONFFLAGS += \ @@ -162,13 +167,13 @@ CONFFLAGS += \ -Dsysupdate=disabled endif -ifneq (, $(filter pkg.systemd.upstream, $(DEB_BUILD_PROFILES))) +# BPF/BTF are only enabled and usable on a few architectures +ifeq (, $(filter $(DEB_BUILD_PROFILES), stage1 pkg.systemd.nobpf)) +ifneq (,$(filter $(DEB_TARGET_ARCH), amd64 arm64 ppc64el riscv64 s390x)) CONFFLAGS += \ -Dbpf-framework=enabled \ -Dbpf-compiler=clang -# Ubuntu does not yet ship vmlinux.h, generate it at build time for now, until -# https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2050083 is solved ifeq ($(DEB_VENDOR),Ubuntu) # Source: https://git.launchpad.net/ubuntu/+source/xdp-tools/tree/debian/rules # On Ubuntu, the `bpftool` in path is a shell wrapper pointing at @@ -186,16 +191,27 @@ bpftool_binary := $(shell find /usr/lib/linux-tools/ -name 'bpftool' -perm /u=x ifneq ($(bpftool_binary),) export PATH := $(shell dirname $(bpftool_binary)):$(PATH) endif -CONFFLAGS += -Dvmlinux-h=auto -else +endif + # The vmlinux.h we want is in the headers package that linux-headers-ARCH depends on, # which itself is the package that provides linux-headers-generic that we build depend on. -# This is available since Trixie. +# This is available since Trixie. If we can't find it, default to auto for the upstream CI +# so that it is generated at build time, or disabled for distribution builds, as we don't +# want to depend on the buildd kernels. +ifeq ($(DEB_VENDOR),Ubuntu) +HEADERS_PACKAGE = $(shell dpkg-query --showformat='$${Depends}' --show linux-headers-generic | sed "s/.*\(linux-headers-.*)\)-generic.*/\1/") +else HEADERS_PACKAGE = $(shell dpkg-query --showformat='$${Depends}' --show linux-headers-$(DEB_HOST_ARCH) | sed "s/.*\(linux-headers-.*-$(DEB_HOST_ARCH)\).*/\1/") +endif + ifneq ("$(wildcard /usr/src/$(HEADERS_PACKAGE)/vmlinux.h)","") CONFFLAGS += -Dvmlinux-h=provided -Dvmlinux-h-path=/usr/src/$(HEADERS_PACKAGE)/vmlinux.h else +ifneq (, $(filter pkg.systemd.upstream, $(DEB_BUILD_PROFILES))) CONFFLAGS += -Dvmlinux-h=auto +else +CONFFLAGS += -Dvmlinux-h=disabled +endif endif endif endif @@ -237,12 +253,16 @@ execute_before_dh_install: rm -f debian/tmp/usr/lib/udev/*.d/README rm -f debian/tmp/usr/lib/sysctl.d/50-default.conf rm -f debian/tmp/etc/X11/xinit/xinitrc.d/50-systemd-user.sh - rmdir -p --ignore-fail-on-non-empty debian/tmp/etc/X11/xinit/xinitrc.d/ + if [ -d debian/tmp/etc/X11/xinit/xinitrc.d/ ]; then \ + rmdir -p --ignore-fail-on-non-empty debian/tmp/etc/X11/xinit/xinitrc.d/; \ + fi # remove etc.conf and usr/share/factory for now, we are not using them yet find debian/tmp/ -name etc.conf -print -delete rm -rf debian/tmp/usr/share/factory/ # replace upstream sysusers.d/basic.conf with proper users for Debian - debian/extra/make-sysusers-basic > debian/tmp/usr/lib/sysusers.d/basic.conf + if [ -d debian/tmp/usr/lib/sysusers.d/ ]; then \ + debian/extra/make-sysusers-basic > debian/tmp/usr/lib/sysusers.d/basic.conf; \ + fi # remove obsolete compat symlink rm -f debian/tmp/usr/bin/systemd-resolve # we don't want repart and shutdown standalone binaries for now @@ -256,23 +276,21 @@ endif find debian/tmp -type d -empty -print execute_after_dh_install-arch: - # we don't want /tmp to be a tmpfs by default - mv debian/tmp/usr/lib/systemd/system/tmp.mount debian/systemd/usr/share/systemd/ - printf '\n[Install]\nWantedBy=local-fs.target\n' >> debian/systemd/usr/share/systemd/tmp.mount - rm debian/tmp/usr/lib/systemd/system/local-fs.target.wants/tmp.mount - # Ubuntu specific files ifeq ($(DEB_VENDOR),Ubuntu) install -D --mode=644 debian/extra/udev.py debian/udev/usr/share/apport/package-hooks/udev.py install -D --mode=644 debian/extra/systemd.py debian/systemd/usr/share/apport/package-hooks/systemd.py install --mode=644 debian/extra/rules-ubuntu/*.rules debian/udev/usr/lib/udev/rules.d/ + install -D --mode=644 debian/extra/resolved.conf.d/cache-no-negative.conf debian/systemd-resolved/usr/lib/systemd/resolved.conf.d/cache-no-negative.conf cp -a debian/extra/units-ubuntu/* debian/systemd/usr/lib/systemd/system/ endif # Remove empty directories from /usr/lib. # Those are not strictly needed and can trigger piuparts errors due to # accidential directory removal by dpkg on merged-/usr systems. - find debian/systemd/usr/lib -type d -empty -print -delete + if [ -d debian/systemd/usr/lib ]; then \ + find debian/systemd/usr/lib -type d -empty -print -delete; \ + fi # Can be dropped once upstream CI stops running on Jammy, which needs # the old pkla config files, which are created only when building with @@ -326,4 +344,4 @@ ifeq (, $(filter nocheck, $(DEB_BUILD_OPTIONS))) endif %: - dh $@ --without autoreconf --buildsystem=meson + dh $@ diff --git a/debian/systemd-boot.install b/debian/systemd-boot.install index 82947a3..14eff2a 100755..100644 --- a/debian/systemd-boot.install +++ b/debian/systemd-boot.install @@ -1,12 +1,11 @@ -#!/usr/bin/dh-exec usr/bin/bootctl usr/lib/systemd/systemd-bless-boot usr/lib/systemd/system-generators/systemd-bless-boot-generator -<pkg.systemd.upstream> usr/lib/systemd/system/sockets.target.wants/systemd-bootctl.socket +usr/lib/systemd/system/sockets.target.wants/systemd-bootctl.socket usr/lib/systemd/system/sysinit.target.wants/systemd-boot-random-seed.service usr/lib/systemd/system/systemd-bless-boot.service -<pkg.systemd.upstream> usr/lib/systemd/system/systemd-bootctl.socket -<pkg.systemd.upstream> usr/lib/systemd/system/systemd-bootctl@.service +usr/lib/systemd/system/systemd-bootctl.socket +usr/lib/systemd/system/systemd-bootctl@.service usr/lib/systemd/system/systemd-boot-random-seed.service usr/lib/systemd/system/systemd-boot-update.service usr/share/bash-completion/completions/bootctl diff --git a/debian/systemd-container.install b/debian/systemd-container.install index 2c0f1ed..b97c2ae 100755 --- a/debian/systemd-container.install +++ b/debian/systemd-container.install @@ -1,26 +1,26 @@ #!/usr/bin/dh-exec -<pkg.systemd.upstream> usr/bin/importctl +usr/bin/importctl <pkg.systemd.upstream> usr/bin/systemd-vmspawn <pkg.systemd.upstream> usr/lib/systemd/system/systemd-vmspawn@.service usr/bin/machinectl usr/bin/portablectl usr/lib/systemd/import-pubring.gpg -<pkg.systemd.upstream> usr/lib/systemd/network/80-namespace-ns.* +usr/lib/systemd/network/80-namespace-ns.* usr/lib/systemd/portable usr/lib/systemd/systemd-machined usr/lib/systemd/systemd-export usr/lib/systemd/systemd-import* -<pkg.systemd.upstream> usr/lib/systemd/systemd-mountfsd -<pkg.systemd.upstream> usr/lib/systemd/systemd-mountwork -<pkg.systemd.upstream> usr/lib/systemd/systemd-nsresourced -<pkg.systemd.upstream> usr/lib/systemd/systemd-nsresourcework +usr/lib/systemd/systemd-mountfsd +usr/lib/systemd/systemd-mountwork +usr/lib/systemd/systemd-nsresourced +usr/lib/systemd/systemd-nsresourcework usr/lib/systemd/systemd-portabled usr/lib/systemd/systemd-pull usr/lib/systemd/system/systemd-nspawn@.service usr/lib/systemd/system/systemd-importd.service usr/lib/systemd/system/systemd-machined.service -<pkg.systemd.upstream> usr/lib/systemd/system/systemd-mountfsd* -<pkg.systemd.upstream> usr/lib/systemd/system/systemd-nsresourced* +usr/lib/systemd/system/systemd-mountfsd* +usr/lib/systemd/system/systemd-nsresourced* usr/lib/systemd/system/systemd-portabled.service usr/lib/systemd/system/var-lib-machines.mount usr/lib/systemd/system/machines.target @@ -39,7 +39,7 @@ usr/share/dbus-1/system.d/org.freedesktop.portable1.conf usr/share/dbus-1/system-services/org.freedesktop.import1.service usr/share/dbus-1/system-services/org.freedesktop.machine1.service usr/share/dbus-1/system-services/org.freedesktop.portable1.service -<pkg.systemd.upstream> usr/share/polkit-1/actions/io.systemd.mount-file-system.policy +usr/share/polkit-1/actions/io.systemd.mount-file-system.policy usr/share/polkit-1/actions/org.freedesktop.import1.policy usr/share/polkit-1/actions/org.freedesktop.machine1.policy usr/share/polkit-1/actions/org.freedesktop.portable1.policy @@ -49,3 +49,5 @@ usr/share/zsh/vendor-completions/_machinectl usr/share/bash-completion/completions/machinectl usr/share/bash-completion/completions/portablectl usr/share/bash-completion/completions/systemd-nspawn +<pkg.systemd.upstream> usr/share/bash-completion/completions/systemd-vmspawn +usr/share/bash-completion/completions/importctl diff --git a/debian/systemd-container.lintian-overrides b/debian/systemd-container.lintian-overrides index 16d98dc..c9701da 100644 --- a/debian/systemd-container.lintian-overrides +++ b/debian/systemd-container.lintian-overrides @@ -4,4 +4,3 @@ systemd-container: systemd-service-file-refers-to-unusual-wantedby-target machin systemd-container: systemd-service-file-missing-install-key # Lintian is really bad at associating manpages systemd-container: spare-manual-page -systemd-container: maintainer-script-calls-systemctl diff --git a/debian/systemd-container.manpages b/debian/systemd-container.manpages index 5a74dd2..a64dc3f 100755 --- a/debian/systemd-container.manpages +++ b/debian/systemd-container.manpages @@ -1,5 +1,5 @@ #!/usr/bin/dh-exec -<pkg.systemd.upstream> debian/tmp/usr/share/man/man1/importctl.1 +debian/tmp/usr/share/man/man1/importctl.1 <pkg.systemd.upstream> debian/tmp/usr/share/man/man1/systemd-vmspawn.1 debian/tmp/usr/share/man/man1/mount.ddi.1 debian/tmp/usr/share/man/man1/systemd-nspawn.1 @@ -9,9 +9,9 @@ debian/tmp/usr/share/man/man1/portablectl.1 debian/tmp/usr/share/man/man1/systemd-dissect.1 debian/tmp/usr/share/man/man8/systemd-machined.8 debian/tmp/usr/share/man/man8/systemd-machined.service.8 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man8/systemd-mountfsd.8 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man8/systemd-mountfsd.service.8 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man8/systemd-nsresourced.8 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man8/systemd-nsresourced.service.8 +debian/tmp/usr/share/man/man8/systemd-mountfsd.8 +debian/tmp/usr/share/man/man8/systemd-mountfsd.service.8 +debian/tmp/usr/share/man/man8/systemd-nsresourced.8 +debian/tmp/usr/share/man/man8/systemd-nsresourced.service.8 debian/tmp/usr/share/man/man8/systemd-portabled.8 debian/tmp/usr/share/man/man8/systemd-portabled.service.8 diff --git a/debian/systemd-coredump.install b/debian/systemd-coredump.install index e86ba61..e6edc70 100644 --- a/debian/systemd-coredump.install +++ b/debian/systemd-coredump.install @@ -7,3 +7,6 @@ usr/lib/sysctl.d/50-coredump.conf usr/lib/sysusers.d/systemd-coredump.conf usr/share/bash-completion/completions/coredumpctl usr/share/zsh/vendor-completions/_coredumpctl +../extra/system.conf.d/20-coredump-debian.conf usr/lib/systemd/system.conf.d/ +../extra/user.conf.d/20-coredump-debian.conf usr/lib/systemd/user.conf.d/ +../extra/limits.d/20-coredump-debian.conf etc/security/limits.d/ diff --git a/debian/systemd-dev.install b/debian/systemd-dev.install index 6721f1f..b739806 100644..100755 --- a/debian/systemd-dev.install +++ b/debian/systemd-dev.install @@ -1,3 +1,4 @@ -usr/share/dbus-1/interfaces/ +#!/usr/bin/dh-exec +<!nodoc> usr/share/dbus-1/interfaces/ usr/share/pkgconfig/systemd.pc usr/share/pkgconfig/udev.pc diff --git a/debian/systemd-homed.install b/debian/systemd-homed.install index 5d49e39..e994449 100755..100644 --- a/debian/systemd-homed.install +++ b/debian/systemd-homed.install @@ -1,13 +1,12 @@ -#!/usr/bin/dh-exec etc/systemd/homed.conf usr/bin/homectl -<pkg.systemd.upstream> usr/bin/systemd-home-fallback-shell +usr/bin/systemd-home-fallback-shell usr/lib/*/security/pam_systemd_home.so usr/lib/systemd/systemd-homed usr/lib/systemd/systemd-homework usr/lib/systemd/system/systemd-homed.service usr/lib/systemd/system/systemd-homed-activate.service -<pkg.systemd.upstream> usr/lib/systemd/system/systemd-homed-firstboot.service +usr/lib/systemd/system/systemd-homed-firstboot.service usr/share/dbus-1/system.d/org.freedesktop.home1.conf usr/share/dbus-1/system-services/org.freedesktop.home1.service usr/share/polkit-1/actions/org.freedesktop.home1.policy diff --git a/debian/systemd-homed.lintian-overrides b/debian/systemd-homed.lintian-overrides index 8ef6bdb..0735f96 100644 --- a/debian/systemd-homed.lintian-overrides +++ b/debian/systemd-homed.lintian-overrides @@ -2,3 +2,5 @@ systemd-homed: spare-manual-page # False positive: Lintian doesn't recognize Also= systemd-homed: systemd-service-file-refers-to-unusual-wantedby-target +# Not to be called manually +systemd-homed: no-manual-page [usr/bin/systemd-home-fallback-shell] diff --git a/debian/systemd-homed.postinst b/debian/systemd-homed.postinst index 7e37590..0be578f 100644 --- a/debian/systemd-homed.postinst +++ b/debian/systemd-homed.postinst @@ -2,6 +2,25 @@ set -e -pam-auth-update --package +# pam-auth-update makes wrong assumptions and doesn't allow no-op modules, so +# we need to remove 'use_authtok try_first_pass' after it runs +_fixup_common_password() { + sed -i "s/pam_unix.so obscure use_authtok try_first_pass/pam_unix.so obscure/g" /etc/pam.d/common-password || true +} + +if [ "$1" = "triggered" ]; then + shift + for trigger in $@; do + case $trigger in + /usr/share/pam-configs) + _fixup_common_password + ;; + esac + done + exit 0 +fi + +pam-auth-update --package --enable systemd-homed +_fixup_common_password #DEBHELPER# diff --git a/debian/systemd-homed.triggers b/debian/systemd-homed.triggers new file mode 100644 index 0000000..29edf01 --- /dev/null +++ b/debian/systemd-homed.triggers @@ -0,0 +1 @@ +interest-noawait /usr/share/pam-configs diff --git a/debian/systemd-tests.lintian-overrides b/debian/systemd-tests.lintian-overrides index 69b3ba8..70c4531 100644 --- a/debian/systemd-tests.lintian-overrides +++ b/debian/systemd-tests.lintian-overrides @@ -2,8 +2,6 @@ systemd-tests: package-contains-documentation-outside-usr-share-doc # netlink keyword systemd-tests: spelling-error-in-binary iif if [usr/lib/systemd/tests/unit-tests/test-network] -# variable name, not a typo -systemd-tests: spelling-error-in-binary ressize resize [usr/lib/systemd/tests/unit-tests/manual/test-udev-rule-runner] # test binaries, we don't care about these flags systemd-tests: hardening-no-fortify-functions systemd-tests: hardening-no-bindnow diff --git a/debian/systemd-userdbd.install b/debian/systemd-userdbd.install index 4a5be38..bf94296 100755..100644 --- a/debian/systemd-userdbd.install +++ b/debian/systemd-userdbd.install @@ -1,9 +1,8 @@ -#!/usr/bin/dh-exec -<pkg.systemd.upstream> etc/ssh/sshd_config.d/20-systemd-userdb.conf +etc/ssh/sshd_config.d/20-systemd-userdb.conf usr/bin/userdbctl usr/lib/systemd/systemd-userdbd usr/lib/systemd/systemd-userwork usr/lib/systemd/system/systemd-userdbd.service usr/lib/systemd/system/systemd-userdbd.socket -<pkg.systemd.upstream> usr/lib/systemd/sshd_config.d/20-systemd-userdb.conf -<pkg.systemd.upstream> usr/lib/tmpfiles.d/20-systemd-userdb.conf +usr/lib/systemd/sshd_config.d/20-systemd-userdb.conf +usr/lib/tmpfiles.d/20-systemd-userdb.conf diff --git a/debian/systemd.bug-presubj b/debian/systemd.bug-presubj new file mode 100644 index 0000000..c47bf70 --- /dev/null +++ b/debian/systemd.bug-presubj @@ -0,0 +1,8 @@ +The systemd package contains very few and superficial patches, so bugs +about runtime functionality and feature requests should be opened directly +upstream at: https://github.com/systemd/systemd/issues/new/choose + +Issues about packaging and integration, maintainer scripts, enabling or +disabling existing features or dependencies, unit test or autopkgtest, +compilation, default configurations are all appropriate to be reported to +the distribution. diff --git a/debian/systemd.bug-script b/debian/systemd.bug-script index b1099e7..9c05835 100644 --- a/debian/systemd.bug-script +++ b/debian/systemd.bug-script @@ -31,6 +31,8 @@ echo "$DIR/systemd-delta.txt" >&3 if [ -d /run/systemd/system ]; then systemd-analyze --no-pager dump >$DIR/systemd-analyze-dump.txt 2>&1 echo "$DIR/systemd-analyze-dump.txt" >&3 + busctl --no-pager get-property org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager Tainted >$DIR/taints.txt 2>&1 + echo "$DIR/taints.txt" >&3 fi if [ -d /var/lib/systemd/deb-systemd-helper-enabled ]; then diff --git a/debian/systemd.install b/debian/systemd.install index 608257c..dbc82a9 100755 --- a/debian/systemd.install +++ b/debian/systemd.install @@ -4,7 +4,7 @@ etc/credstore/ etc/credstore.encrypted/ etc/init.d/ etc/kernel/install.d/ -<pkg.systemd.upstream> etc/ssh/ssh_config.d/20-systemd-ssh-proxy.conf +etc/ssh/ssh_config.d/20-systemd-ssh-proxy.conf etc/systemd/journald.conf etc/systemd/logind.conf etc/systemd/network/ @@ -54,8 +54,8 @@ usr/bin/systemd-sysusers usr/bin/systemd-tmpfiles usr/bin/systemd-tty-ask-password-agent usr/bin/systemd-umount -<pkg.systemd.upstream> usr/bin/run0 -<pkg.systemd.upstream> usr/bin/systemd-vpick +usr/bin/run0 +usr/bin/systemd-vpick usr/bin/timedatectl usr/bin/varlinkctl usr/lib/environment.d/99-environment.conf @@ -67,17 +67,17 @@ usr/lib/modprobe.d/systemd.conf <!stage1> usr/lib/pcrlock.d/ [alpha amd64 arm64 ia64 loong64 mips64el ppc64 ppc64el riscv64 s390x sparc64] usr/lib/sysctl.d/50-pid-max.conf usr/lib/systemd/catalog/ -<pkg.systemd.upstream> usr/lib/systemd/network/80-6rd-tunnel.link +usr/lib/systemd/network/80-6rd-tunnel.link usr/lib/systemd/network/80-6rd-tunnel.network usr/lib/systemd/network/80-auto-link-local.network.example -usr/lib/systemd/network/80-container-host0.network -<pkg.systemd.upstream> usr/lib/systemd/network/80-container-vb.link +usr/lib/systemd/network/80-container-host0*.network +usr/lib/systemd/network/80-container-vb.link usr/lib/systemd/network/80-container-vb.network -<pkg.systemd.upstream> usr/lib/systemd/network/80-container-ve.link +usr/lib/systemd/network/80-container-ve.link usr/lib/systemd/network/80-container-ve.network -<pkg.systemd.upstream> usr/lib/systemd/network/80-container-vz.link +usr/lib/systemd/network/80-container-vz.link usr/lib/systemd/network/80-container-vz.network -<pkg.systemd.upstream> usr/lib/systemd/network/80-vm-vt.link +usr/lib/systemd/network/80-vm-vt.link usr/lib/systemd/network/80-vm-vt.network usr/lib/systemd/network/80-wifi-adhoc.network usr/lib/systemd/network/80-wifi-ap.network.example @@ -85,14 +85,14 @@ usr/lib/systemd/network/80-wifi-station.network.example usr/lib/systemd/network/89-ethernet.network.example usr/lib/systemd/repart/ usr/lib/systemd/resolv.conf -<pkg.systemd.upstream> usr/lib/systemd/ssh_config.d/20-systemd-ssh-proxy.conf +usr/lib/systemd/ssh_config.d/20-systemd-ssh-proxy.conf usr/lib/systemd/system/autovt@.service usr/lib/systemd/system/basic.target usr/lib/systemd/system/blockdev@.target usr/lib/systemd/system/bluetooth.target usr/lib/systemd/system/boot-complete.target -<pkg.systemd.upstream> usr/lib/systemd/system/capsule.slice -<pkg.systemd.upstream> usr/lib/systemd/system/capsule@.service +usr/lib/systemd/system/capsule.slice +usr/lib/systemd/system/capsule@.service usr/lib/systemd/system/console-getty.service usr/lib/systemd/system/container-getty@.service <!stage1> usr/lib/systemd/system/cryptsetup-pre.target @@ -116,7 +116,6 @@ usr/lib/systemd/system/dev-hugepages.mount usr/lib/systemd/system/dev-mqueue.mount usr/lib/systemd/systemd-executor usr/lib/systemd/systemd-fsck -<!pkg.systemd.upstream> usr/lib/systemd/systemd-fsckd usr/lib/systemd/systemd-growfs usr/lib/systemd/systemd-hibernate-resume usr/lib/systemd/systemd-hostnamed @@ -142,7 +141,7 @@ usr/lib/systemd/systemd-rfkill usr/lib/systemd/systemd-shutdown usr/lib/systemd/systemd-sleep usr/lib/systemd/systemd-socket-proxyd -<pkg.systemd.upstream> usr/lib/systemd/systemd-ssh-proxy +usr/lib/systemd/systemd-ssh-proxy usr/lib/systemd/systemd-storagetm usr/lib/systemd/systemd-sulogin-shell usr/lib/systemd/systemd-sysctl @@ -173,10 +172,10 @@ usr/lib/systemd/system-generators/systemd-hibernate-resume-generator <!stage1> usr/lib/systemd/system-generators/systemd-integritysetup-generator usr/lib/systemd/system-generators/systemd-rc-local-generator usr/lib/systemd/system-generators/systemd-run-generator -<pkg.systemd.upstream> usr/lib/systemd/system-generators/systemd-ssh-generator +usr/lib/systemd/system-generators/systemd-ssh-generator usr/lib/systemd/system-generators/systemd-system-update-generator usr/lib/systemd/system-generators/systemd-sysv-generator -<pkg.systemd.upstream> usr/lib/systemd/system-generators/systemd-tpm2-generator +usr/lib/systemd/system-generators/systemd-tpm2-generator <!stage1> usr/lib/systemd/system-generators/systemd-veritysetup-generator usr/lib/systemd/system/getty-pre.target usr/lib/systemd/system/getty@.service @@ -209,6 +208,7 @@ usr/lib/systemd/system/kmod-static-nodes.service usr/lib/systemd/system/ldconfig.service usr/lib/systemd/system/local-fs-pre.target usr/lib/systemd/system/local-fs.target +usr/lib/systemd/system/local-fs.target.wants/tmp.mount usr/lib/systemd/system/machine.slice usr/lib/systemd/system/modprobe@.service usr/lib/systemd/system/multi-user.target @@ -253,17 +253,17 @@ usr/lib/systemd/system/sleep.target usr/lib/systemd/system/slices.target usr/lib/systemd/system/smartcard.target usr/lib/systemd/system/sockets.target -<pkg.systemd.upstream> usr/lib/systemd/system/sockets.target.wants/systemd-creds.socket +usr/lib/systemd/system/sockets.target.wants/systemd-creds.socket usr/lib/systemd/system/sockets.target.wants/systemd-initctl.socket -<pkg.systemd.upstream> usr/lib/systemd/system/sockets.target.wants/systemd-hostnamed.socket +usr/lib/systemd/system/sockets.target.wants/systemd-hostnamed.socket usr/lib/systemd/system/sockets.target.wants/systemd-journald-dev-log.socket usr/lib/systemd/system/sockets.target.wants/systemd-journald.socket [amd64 i386 arm64 armhf riscv64] <!stage1> usr/lib/systemd/system/sockets.target.wants/systemd-pcrextend.socket -[amd64 i386 arm64 armhf riscv64] <pkg.systemd.upstream> usr/lib/systemd/system/sockets.target.wants/systemd-pcrlock.socket +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/sockets.target.wants/systemd-pcrlock.socket usr/lib/systemd/system/sockets.target.wants/systemd-sysext.socket usr/lib/systemd/system/soft-reboot.target usr/lib/systemd/system/sound.target -<pkg.systemd.upstream> usr/lib/systemd/system/ssh-access.target +usr/lib/systemd/system/ssh-access.target usr/lib/systemd/system/storage-target-mode.target usr/lib/systemd/system/suspend.target usr/lib/systemd/system/suspend-then-hibernate.target @@ -271,7 +271,7 @@ usr/lib/systemd/system/swap.target usr/lib/systemd/system/sys-fs-fuse-connections.mount usr/lib/systemd/system/sysinit.target <!stage1> usr/lib/systemd/system/sysinit.target.wants/cryptsetup.target -<pkg.systemd.upstream> usr/lib/systemd/system/sysinit.target.wants/systemd-hibernate-clear.service +usr/lib/systemd/system/sysinit.target.wants/systemd-hibernate-clear.service usr/lib/systemd/system/sysinit.target.wants/dev-hugepages.mount usr/lib/systemd/system/sysinit.target.wants/dev-mqueue.mount <!stage1> usr/lib/systemd/system/sysinit.target.wants/integritysetup.target @@ -319,22 +319,20 @@ usr/lib/systemd/system/systemd-binfmt.service usr/lib/systemd/system/systemd-boot-check-no-failures.service <!stage1> usr/lib/systemd/system/systemd-bsod.service usr/lib/systemd/system/systemd-confext.service -<pkg.systemd.upstream> usr/lib/systemd/system/systemd-creds.socket -<pkg.systemd.upstream> usr/lib/systemd/system/systemd-creds@.service +usr/lib/systemd/system/systemd-creds.socket +usr/lib/systemd/system/systemd-creds@.service usr/lib/systemd/system/systemd-exit.service usr/lib/systemd/system/systemd-firstboot.service -<!pkg.systemd.upstream> usr/lib/systemd/system/systemd-fsckd.service -<!pkg.systemd.upstream> usr/lib/systemd/system/systemd-fsckd.socket usr/lib/systemd/system/systemd-fsck-root.service usr/lib/systemd/system/systemd-fsck@.service usr/lib/systemd/system/systemd-growfs-root.service usr/lib/systemd/system/systemd-growfs@.service usr/lib/systemd/system/systemd-halt.service -<pkg.systemd.upstream> usr/lib/systemd/system/systemd-hibernate-clear.service +usr/lib/systemd/system/systemd-hibernate-clear.service usr/lib/systemd/system/systemd-hibernate-resume.service usr/lib/systemd/system/systemd-hibernate.service usr/lib/systemd/system/systemd-hostnamed.service -<pkg.systemd.upstream> usr/lib/systemd/system/systemd-hostnamed.socket +usr/lib/systemd/system/systemd-hostnamed.socket usr/lib/systemd/system/systemd-hybrid-sleep.service usr/lib/systemd/system/systemd-initctl.service usr/lib/systemd/system/systemd-initctl.socket @@ -345,6 +343,7 @@ usr/lib/systemd/system/systemd-journald.service usr/lib/systemd/system/systemd-journald@.service usr/lib/systemd/system/systemd-journald.socket usr/lib/systemd/system/systemd-journald@.socket +usr/lib/systemd/system/systemd-journald-sync@.service usr/lib/systemd/system/systemd-journald-varlink@.socket usr/lib/systemd/system/systemd-journal-flush.service usr/lib/systemd/system/systemd-kexec.service @@ -359,8 +358,8 @@ usr/lib/systemd/system/systemd-network-generator.service [amd64 i386 arm64 armhf riscv64] <!stage1> usr/lib/systemd/system/systemd-pcrextend.socket [amd64 i386 arm64 armhf riscv64] <!stage1> usr/lib/systemd/system/systemd-pcrfs-root.service [amd64 i386 arm64 armhf riscv64] <!stage1> usr/lib/systemd/system/systemd-pcrfs@.service -[amd64 i386 arm64 armhf riscv64] <pkg.systemd.upstream> usr/lib/systemd/system/systemd-pcrlock.socket -[amd64 i386 arm64 armhf riscv64] <pkg.systemd.upstream> usr/lib/systemd/system/systemd-pcrlock@.service +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrlock.socket +[amd64 i386 arm64 armhf riscv64] usr/lib/systemd/system/systemd-pcrlock@.service [amd64 i386 arm64 armhf riscv64] <!stage1> usr/lib/systemd/system/systemd-pcrlock-file-system.service [amd64 i386 arm64 armhf riscv64] <!stage1> usr/lib/systemd/system/systemd-pcrlock-firmware-code.service [amd64 i386 arm64 armhf riscv64] <!stage1> usr/lib/systemd/system/systemd-pcrlock-firmware-config.service @@ -417,7 +416,8 @@ usr/lib/systemd/system/timers.target usr/lib/systemd/system/timers.target.wants/systemd-tmpfiles-clean.timer usr/lib/systemd/system/time-set.target usr/lib/systemd/system/time-sync.target -<pkg.systemd.upstream> usr/lib/systemd/system/tpm2.target +usr/lib/systemd/system/tmp.mount +usr/lib/systemd/system/tpm2.target usr/lib/systemd/system/umount.target usr/lib/systemd/system/usb-gadget.target usr/lib/systemd/system/user@0.service.d/10-login-barrier.conf @@ -432,7 +432,7 @@ usr/lib/systemd/user/app.slice usr/lib/systemd/user/background.slice usr/lib/systemd/user/basic.target usr/lib/systemd/user/bluetooth.target -<pkg.systemd.upstream> usr/lib/systemd/user/capsule@.target +usr/lib/systemd/user/capsule@.target usr/lib/systemd/user/default.target usr/lib/systemd/user-environment-generators/30-systemd-environment-d-generator usr/lib/systemd/user/exit.target @@ -456,7 +456,7 @@ usr/lib/systemd/user/xdg-desktop-autostart.target usr/lib/sysusers.d/basic.conf usr/lib/sysusers.d/systemd-journal.conf usr/lib/sysusers.d/systemd-network.conf -<pkg.systemd.upstream> usr/lib/tmpfiles.d/20-systemd-ssh-generator.conf +usr/lib/tmpfiles.d/20-systemd-ssh-generator.conf usr/lib/tmpfiles.d/credstore.conf usr/lib/tmpfiles.d/home.conf usr/lib/tmpfiles.d/journal-nocow.conf @@ -482,11 +482,13 @@ usr/share/bash-completion/completions/kernel-install usr/share/bash-completion/completions/localectl usr/share/bash-completion/completions/loginctl usr/share/bash-completion/completions/networkctl +usr/share/bash-completion/completions/run0 usr/share/bash-completion/completions/systemctl usr/share/bash-completion/completions/systemd-analyze usr/share/bash-completion/completions/systemd-cat usr/share/bash-completion/completions/systemd-cgls usr/share/bash-completion/completions/systemd-cgtop +usr/share/bash-completion/completions/systemd-confext <!stage1> usr/share/bash-completion/completions/systemd-cryptenroll usr/share/bash-completion/completions/systemd-delta usr/share/bash-completion/completions/systemd-detect-virt @@ -495,6 +497,7 @@ usr/share/bash-completion/completions/systemd-id128 usr/share/bash-completion/completions/systemd-path usr/share/bash-completion/completions/systemd-run usr/share/bash-completion/completions/systemd-sysext +usr/share/bash-completion/completions/systemd-vpick usr/share/bash-completion/completions/timedatectl usr/share/dbus-1/services/org.freedesktop.systemd1.service usr/share/dbus-1/system.d/org.freedesktop.hostname1.conf @@ -511,8 +514,8 @@ usr/share/dbus-1/system-services/org.freedesktop.systemd1.service usr/share/dbus-1/system-services/org.freedesktop.timedate1.service usr/share/doc/systemd/ usr/share/locale/ -<pkg.systemd.upstream> usr/share/mime/packages/io.systemd.xml -<pkg.systemd.upstream> usr/share/polkit-1/actions/io.systemd.credentials.policy +usr/share/mime/packages/io.systemd.xml +usr/share/polkit-1/actions/io.systemd.credentials.policy usr/share/polkit-1/actions/org.freedesktop.hostname1.policy usr/share/polkit-1/actions/org.freedesktop.locale1.policy usr/share/polkit-1/actions/org.freedesktop.login1.policy @@ -552,5 +555,11 @@ var/lib/systemd/ ../extra/journald.conf.d usr/lib/systemd/ ../extra/units/getty-static.service usr/lib/systemd/system/ ../extra/units/rc-local.service.d usr/lib/systemd/system/ +../extra/units/run-lock.mount usr/lib/systemd/system/ +../extra/units/systemd-fsck-root.service.d/ usr/lib/systemd/system/ ../extra/units/systemd-localed.service.d usr/lib/systemd/system/ ../extra/units/systemd-logind.service.d usr/lib/systemd/system/ +../extra/system.conf.d/10-coredump-debian.conf usr/lib/systemd/system.conf.d/ +../extra/user.conf.d/10-coredump-debian.conf usr/lib/systemd/user.conf.d/ +../extra/sysctl.d/10-coredump-debian.conf usr/lib/sysctl.d/ +../extra/limits.d/10-coredump-debian.conf etc/security/limits.d/ diff --git a/debian/systemd.links b/debian/systemd.links index 234a097..f19ac90 100644 --- a/debian/systemd.links +++ b/debian/systemd.links @@ -19,9 +19,7 @@ # Enable Debian specific units /usr/lib/systemd/system/getty-static.service /usr/lib/systemd/system/getty.target.wants/getty-static.service - -# Compat symlink -/usr/lib/systemd/systemd /usr/bin/systemd +/usr/lib/systemd/system/run-lock.mount /usr/lib/systemd/system/local-fs.target.wants/run-lock.mount # Create a compat symlink as systemd-sysctl no longer reads /etc/sysctl.conf /etc/sysctl.conf /etc/sysctl.d/99-sysctl.conf diff --git a/debian/systemd.lintian-overrides b/debian/systemd.lintian-overrides index 986918d..a6988a8 100644 --- a/debian/systemd.lintian-overrides +++ b/debian/systemd.lintian-overrides @@ -5,3 +5,6 @@ systemd: systemd-service-file-missing-install-key systemd: spare-manual-page # netlink keyword systemd: spelling-error-in-binary iif if [usr/lib/systemd/systemd-networkd] +# False positives due to the '/tmp' string mentioned for tmpfiles.d/tmp.conf +systemd: possibly-insecure-handling-of-tmp-files-in-maintainer-script /tmp [postinst:*] +systemd: possibly-insecure-handling-of-tmp-files-in-maintainer-script /tmp [postrm:*] diff --git a/debian/systemd.manpages b/debian/systemd.manpages index 66104de..ed7eb16 100755 --- a/debian/systemd.manpages +++ b/debian/systemd.manpages @@ -5,7 +5,7 @@ debian/tmp/usr/share/man/man1/journalctl.1 debian/tmp/usr/share/man/man1/localectl.1 debian/tmp/usr/share/man/man1/loginctl.1 debian/tmp/usr/share/man/man1/networkctl.1 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man1/run0.1 +debian/tmp/usr/share/man/man1/run0.1 debian/tmp/usr/share/man/man1/systemctl.1 debian/tmp/usr/share/man/man1/systemd.1 debian/tmp/usr/share/man/man1/systemd-ac-power.1 @@ -25,21 +25,21 @@ debian/tmp/usr/share/man/man1/systemd-id128.1 debian/tmp/usr/share/man/man1/systemd-inhibit.1 debian/tmp/usr/share/man/man1/systemd-machine-id-setup.1 [amd64 i386 arm64 armhf riscv64] <!stage1 !pkg.systemd.upstream> debian/tmp/usr/share/man/man1/systemd-measure.1 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man1/systemd-measure.1 +debian/tmp/usr/share/man/man1/systemd-measure.1 debian/tmp/usr/share/man/man1/systemd-mount.1 debian/tmp/usr/share/man/man1/systemd-notify.1 debian/tmp/usr/share/man/man1/systemd-path.1 debian/tmp/usr/share/man/man1/systemd-run.1 debian/tmp/usr/share/man/man1/systemd-socket-activate.1 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man1/systemd-ssh-proxy.1 +debian/tmp/usr/share/man/man1/systemd-ssh-proxy.1 debian/tmp/usr/share/man/man1/systemd-stdio-bridge.1 debian/tmp/usr/share/man/man1/systemd-tty-ask-password-agent.1 debian/tmp/usr/share/man/man1/systemd-umount.1 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man1/systemd-vpick.1 +debian/tmp/usr/share/man/man1/systemd-vpick.1 debian/tmp/usr/share/man/man1/timedatectl.1 debian/tmp/usr/share/man/man1/varlinkctl.1 debian/tmp/usr/share/man/man5/binfmt.d.5 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man5/capsule@.service.5 +debian/tmp/usr/share/man/man5/capsule@.service.5 debian/tmp/usr/share/man/man5/dnssec-trust-anchors.d.5 debian/tmp/usr/share/man/man5/environment.d.5 debian/tmp/usr/share/man/man5/extension-release.5 @@ -129,7 +129,7 @@ debian/tmp/usr/share/man/man7/systemd.special.7 debian/tmp/usr/share/man/man7/systemd.syntax.7 debian/tmp/usr/share/man/man7/systemd.system-credentials.7 debian/tmp/usr/share/man/man7/systemd.time.7 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man7/systemd.v.7 +debian/tmp/usr/share/man/man7/systemd.v.7 debian/tmp/usr/share/man/man8/30-systemd-environment-d-generator.8 debian/tmp/usr/share/man/man8/kernel-install.8 debian/tmp/usr/share/man/man8/pam_systemd_loadkey.8 @@ -156,9 +156,6 @@ debian/tmp/usr/share/man/man8/systemd-confext.service.8 debian/tmp/usr/share/man/man8/systemd-debug-generator.8 debian/tmp/usr/share/man/man8/systemd-environment-d-generator.8 debian/tmp/usr/share/man/man8/systemd-fsck.8 -<!pkg.systemd.upstream> debian/tmp/usr/share/man/man8/systemd-fsckd.8 -<!pkg.systemd.upstream> debian/tmp/usr/share/man/man8/systemd-fsckd.service.8 -<!pkg.systemd.upstream> debian/tmp/usr/share/man/man8/systemd-fsckd.socket.8 debian/tmp/usr/share/man/man8/systemd-fsck-root.service.8 debian/tmp/usr/share/man/man8/systemd-fsck@.service.8 debian/tmp/usr/share/man/man8/systemd-fsck-usr.service.8 @@ -169,7 +166,7 @@ debian/tmp/usr/share/man/man8/systemd-growfs.8 debian/tmp/usr/share/man/man8/systemd-growfs-root.service.8 debian/tmp/usr/share/man/man8/systemd-growfs@.service.8 debian/tmp/usr/share/man/man8/systemd-halt.service.8 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man8/systemd-hibernate-clear.service.8 +debian/tmp/usr/share/man/man8/systemd-hibernate-clear.service.8 debian/tmp/usr/share/man/man8/systemd-hibernate-resume.8 debian/tmp/usr/share/man/man8/systemd-hibernate-resume-generator.8 debian/tmp/usr/share/man/man8/systemd-hibernate-resume.service.8 @@ -247,7 +244,7 @@ debian/tmp/usr/share/man/man8/systemd-shutdown.8 debian/tmp/usr/share/man/man8/systemd-sleep.8 debian/tmp/usr/share/man/man8/systemd-socket-proxyd.8 debian/tmp/usr/share/man/man8/systemd-soft-reboot.service.8 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man8/systemd-ssh-generator.8 +debian/tmp/usr/share/man/man8/systemd-ssh-generator.8 debian/tmp/usr/share/man/man8/systemd-storagetm.8 debian/tmp/usr/share/man/man8/systemd-storagetm.service.8 debian/tmp/usr/share/man/man8/systemd-suspend.service.8 @@ -275,7 +272,7 @@ debian/tmp/usr/share/man/man8/systemd-tmpfiles-clean.timer.8 debian/tmp/usr/share/man/man8/systemd-tmpfiles-setup-dev-early.service.8 debian/tmp/usr/share/man/man8/systemd-tmpfiles-setup-dev.service.8 debian/tmp/usr/share/man/man8/systemd-tmpfiles-setup.service.8 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man8/systemd-tpm2-generator.8 +debian/tmp/usr/share/man/man8/systemd-tpm2-generator.8 [amd64 i386 arm64 armhf riscv64] <!stage1> debian/tmp/usr/share/man/man8/systemd-tpm2-setup.8 [amd64 i386 arm64 armhf riscv64] <!stage1> debian/tmp/usr/share/man/man8/systemd-tpm2-setup-early.service.8 [amd64 i386 arm64 armhf riscv64] <!stage1> debian/tmp/usr/share/man/man8/systemd-tpm2-setup.service.8 diff --git a/debian/systemd.postinst b/debian/systemd.postinst index 7019651..f71bf26 100644 --- a/debian/systemd.postinst +++ b/debian/systemd.postinst @@ -16,6 +16,18 @@ _update_binfmt() { _systemctl restart systemd-binfmt.service || true } +_restart_managers() { + _systemctl daemon-reexec || true + # Re-exec user instances so that running user managers are updated too. + # SIGRTMIN+25 -> reexec. Note that this is asynchronous, but we can't use + # D-Bus as dbus-user-session is not guaranteed to be available. + _systemctl kill --kill-whom='main' --signal='SIGRTMIN+25' 'user@*.service' || true + # do not restart logind + # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919509 + _systemctl try-restart systemd-networkd.service || true + _systemctl try-restart systemd-journald.service || true +} + # Update Message Catalogs database and binfmt registrations in response to dpkg triggers if [ "$1" = "triggered" ]; then shift @@ -27,6 +39,9 @@ if [ "$1" = "triggered" ]; then /usr/lib/binfmt.d) _update_binfmt ;; + libc-upgrade) + _restart_managers + ;; esac done exit 0 @@ -51,20 +66,42 @@ fi _update_catalog # Move the old locale file into /etc. Symlinks will be created by tmpfiles.d later -if [ -f /etc/default/locale ] && [ ! -L /etc/default/locale ] && [ ! -f /etc/locale.conf ]; then - mv /etc/default/locale /etc/locale.conf +if [ -f "$DPKG_ROOT/etc/default/locale" ] && [ ! -L "$DPKG_ROOT/etc/default/locale" ] && [ ! -f "$DPKG_ROOT/etc/locale.conf" ]; then + mv "$DPKG_ROOT/etc/default/locale" "$DPKG_ROOT/etc/locale.conf" +fi + +# On upgrade for now keep the current tmpfiles.d (as it used to be after patches), +# drop in Forky +if [ -n "$2" ] && dpkg --compare-versions "$2" lt 256~rc3-3 && [ ! -f "$DPKG_ROOT/etc/tmpfiles.d/tmp.conf" ]; then + mkdir -p "$DPKG_ROOT/etc/tmpfiles.d/" + echo 'D /tmp 1777 root root -' > "$DPKG_ROOT/etc/tmpfiles.d/tmp.conf" +fi + +# We used to ship tmp.mount in /usr/share as an example, and some users link it in /etc/, +# remove the link as a workaround until Trixie ships. This method would also have created +# a link in local-fs.target.wants, so remove that too. +if [ -n "$2" ] && [ -L "$DPKG_ROOT/etc/systemd/system/tmp.mount" ] && [ "$(readlink "$DPKG_ROOT/etc/systemd/system/tmp.mount")" = "/usr/share/systemd/tmp.mount" ]; then + rm -f "$DPKG_ROOT/etc/systemd/system/tmp.mount" + rm -f "$DPKG_ROOT/etc/systemd/system/local-fs.target.wants/tmp.mount" +fi + +# The user may have used 'systemctl enable /usr/share/systemd/tmp.mount', which +# would have created a symlink in the local-fs.target.wants directory (as the +# pre-Trixie tmp.mount included an [install] section for that purpose). If it +# exists, remove it. +if [ -n "$2" ] && [ -L "$DPKG_ROOT/etc/systemd/system/local-fs.target.wants/tmp.mount" ] && [ "$(readlink "$DPKG_ROOT/etc/systemd/system/local-fs.target.wants/tmp.mount")" = "/usr/share/systemd/tmp.mount" ]; then + rm -f "$DPKG_ROOT/etc/systemd/system/local-fs.target.wants/tmp.mount" +fi + +# Unless it's already running, ensure /tmp/ does not get overwritten by +# the tmpfs from tmp.mount in case a unit is later activated that implicitly +# depends on it (for example with PrivateTmp=yes) by runtime masking it +if ! _systemctl is-active --quiet tmp.mount; then + _systemctl mask --runtime tmp.mount fi #DEBHELPER# if [ -n "$2" ]; then - _systemctl daemon-reexec || true - # Re-exec user instances so that running user managers are updated too. - # SIGRTMIN+25 -> reexec. Note that this is asynchronous, but we can't use - # D-Bus as dbus-user-session is not guaranteed to be available. - _systemctl kill --kill-whom='main' --signal='SIGRTMIN+25' 'user@*.service' || true - # do not restart logind - # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919509 - _systemctl try-restart systemd-networkd.service || true - _systemctl try-restart systemd-journald.service || true + _restart_managers fi diff --git a/debian/systemd.postrm b/debian/systemd.postrm index d03da26..ddf7c0e 100644 --- a/debian/systemd.postrm +++ b/debian/systemd.postrm @@ -14,6 +14,11 @@ case "$1" in rmdir --ignore-fail-on-non-empty /etc/systemd/system/multi-user.target.wants 2> /dev/null || true rmdir --ignore-fail-on-non-empty /etc/systemd/system/sysinit.target.wants 2> /dev/null || true + # If we created tmp.conf for compatibility with pre-Trixie, remove it (it is intentionally orphaned) + if [ -f /etc/tmpfiles.d/tmp.conf ] && [ "$(cat /etc/tmpfiles.d/tmp.conf)" = "D /tmp 1777 root root -" ]; then + rm -f /etc/tmpfiles.d/tmp.conf + fi + rm -f /var/lib/systemd/catalog/database rmdir --ignore-fail-on-non-empty /var/lib/systemd/catalog 2> /dev/null || true diff --git a/debian/systemd.triggers b/debian/systemd.triggers index 4302b56..ad7334f 100644 --- a/debian/systemd.triggers +++ b/debian/systemd.triggers @@ -1,2 +1,3 @@ interest-noawait /usr/lib/systemd/catalog interest-noawait /usr/lib/binfmt.d +interest-noawait libc-upgrade diff --git a/debian/tests/boot-and-services b/debian/tests/boot-and-services index dc35840..e4ed862 100755 --- a/debian/tests/boot-and-services +++ b/debian/tests/boot-and-services @@ -93,8 +93,9 @@ class ServicesTest(unittest.TestCase): self.active_unit('NetworkManager') def test_cron(self): - out = subprocess.check_output(['ps', 'u', '-C', 'cron']) - self.assertIn(b'root', out) + pid = subprocess.check_output(['pidof', 'cron'], universal_newlines=True).strip() + out = subprocess.check_output(['ps', 'u', pid], universal_newlines=True) + self.assertIn('root', out) self.active_unit('cron') def test_logind(self): @@ -105,8 +106,9 @@ class ServicesTest(unittest.TestCase): @unittest.skipIf('pkg.systemd.upstream' in os.environ.get('DEB_BUILD_PROFILES', ''), 'Forwarding to rsyslog is a Debian patch') def test_rsyslog(self): - out = subprocess.check_output(['ps', 'u', '-C', 'rsyslogd']) - self.assertIn(b'bin/rsyslogd', out) + pid = subprocess.check_output(['pidof', 'rsyslogd'], universal_newlines=True).strip() + out = subprocess.check_output(['ps', 'u', pid], universal_newlines=True) + self.assertIn('bin/rsyslogd', out) self.active_unit('rsyslog') with open('/var/log/syslog') as f: log = f.read() @@ -124,32 +126,6 @@ class ServicesTest(unittest.TestCase): self.assertIn(b'\nP: /devices/', out) self.active_unit('systemd-udevd') - def test_tmp_mount(self): - # check if we want to mount /tmp in fstab - want_tmp_mount = False - try: - with open('/etc/fstab') as f: - for l in f: - try: - if not l.startswith('#') and l.split()[1] in ('/tmp', '/tmp/'): - want_tmp_mount = True - break - except IndexError: - pass - except FileNotFoundError: - pass - - # ensure that we actually do/don't have a /tmp mount - (status, status_out) = subprocess.getstatusoutput('systemctl status tmp.mount') - findmnt = subprocess.call(['findmnt', '-n', '/tmp'], stdout=subprocess.PIPE) - if want_tmp_mount: - self.assertEqual(status, 0, status_out) - self.assertEqual(findmnt, 0) - else: - # 4 is correct (since upstream commit ca473d57), accept 3 for systemd <= 230 - self.assertIn(status, [3, 4], status_out) - self.assertNotEqual(findmnt, 0) - @unittest.skipIf('pkg.systemd.upstream' in os.environ.get('DEB_BUILD_PROFILES', ''), 'Debian specific configuration, N/A for upstream') def test_tmp_cleanup(self): @@ -163,17 +139,16 @@ class ServicesTest(unittest.TestCase): # all files in /tmp/ should get cleaned up on boot self.assertFalse(os.path.exists('/tmp/oldfile.test')) self.assertFalse(os.path.exists('/tmp/newfile.test')) - # files in /var/tmp/ older than 30d should get cleaned up - # XXX FIXME: /var/tmp/ cleanup was disabled in #675422 - # if not is_container: - # self.assertFalse(os.path.exists('/var/tmp/oldfile.test')) + # files in /var/tmp/ older than 30d should get cleaned up, unless legacy + # compat tmpfiles.d is installed + if not is_container and not os.path.exists('/etc/tmpfiles.d/tmp.conf'): + self.assertFalse(os.path.exists('/var/tmp/oldfile.test')) self.assertTrue(os.path.exists('/var/tmp/newfile.test')) # next run should leave the recent ones os.close(os.open('/tmp/newfile.test', os.O_CREAT | os.O_EXCL | os.O_WRONLY)) subprocess.check_call(['systemctl', 'start', 'systemd-tmpfiles-clean']) - wait_unit_stop('systemd-tmpfiles-clean') self.assertTrue(os.path.exists('/tmp/newfile.test')) # Helper methods diff --git a/debian/tests/control b/debian/tests/control index a68437f..c167f97 100644 --- a/debian/tests/control +++ b/debian/tests/control @@ -12,6 +12,7 @@ Restrictions: needs-root, isolation-container, skippable, breaks-testbed Tests: unit-config Depends: systemd, systemd-resolved, + systemd-dev, libpam-systemd, libnss-systemd, acl, @@ -75,15 +76,17 @@ Depends: systemd-sysv, systemd-container, systemd-coredump, systemd-resolved, + systemd-dev, libpam-systemd, libdw-dev, libelf-dev, xserver-xorg-video-dummy, xserver-xorg, - gdm3 [!s390x], + gdm3 [!s390x !riscv64], cron, network-manager, busybox-static, + sysvinit-utils, rsyslog, apparmor, pkgconf, @@ -126,6 +129,7 @@ Restrictions: needs-root, isolation-container, breaks-testbed Tests: upstream Depends: systemd-tests, + systemd-dev, systemd-journal-remote, systemd-container, systemd-coredump, @@ -220,13 +224,16 @@ Depends: systemd-tests, softhsm2, openssh-client, openssh-server, + polkitd, + open-iscsi, + tgt, Restrictions: needs-root, allow-stderr, isolation-machine Tests: boot-smoke Depends: systemd-sysv, systemd-resolved, network-manager, - gdm3 [!s390x], + gdm3 [!s390x !riscv64], xserver-xorg-video-dummy, Restrictions: needs-root, isolation-container, allow-stderr, breaks-testbed diff --git a/debian/tests/logind b/debian/tests/logind index eea4005..a53910c 100755 --- a/debian/tests/logind +++ b/debian/tests/logind @@ -202,6 +202,12 @@ EOF # main # +# Make sure we are running with the logind package under test instead of the one +# from the base distro +if [ -z "$AUTOPKGTEST_REBOOT_MARK" ]; then + /tmp/autopkgtest-reboot 1 +fi + test_started test_properties test_in_logind_session diff --git a/debian/tests/storage b/debian/tests/storage index d1e42df..d2baf8f 100755 --- a/debian/tests/storage +++ b/debian/tests/storage @@ -21,15 +21,25 @@ TIMEOUT_SCSI_DEBUG_ADD_HOST = 5 SCSI_DEBUG_DIR = '/sys/bus/pseudo/drivers/scsi_debug' + +def have_scsi_debug(): + return os.path.isdir(SCSI_DEBUG_DIR) + + +def load_scsi_debug(): + return subprocess.call(['modprobe', 'scsi_debug', 'dev_size_mb=32'], + stderr=subprocess.STDOUT) == 0 + + +# Some custom Ubuntu kernels do not build the scsi_debug module at all, +# so skip the test if we can't load the module (LP: #1847816) +# This doesn't (currently) apply to Debian, as scsi_debug should always +# be available in Debian kernels +@unittest.skipIf(not have_scsi_debug() and not load_scsi_debug(), 'Failed to load scsi_debug module') class FakeDriveTestBase(unittest.TestCase): @classmethod def setUpClass(cls): - if os.path.isdir(SCSI_DEBUG_DIR): - return - - # Consider missing scsi_debug module a test failure - subprocess.check_call(['modprobe', 'scsi_debug', 'dev_size_mb=32']) - assert os.path.isdir(SCSI_DEBUG_DIR) + assert have_scsi_debug() def setUp(self): existing_adapters = set(glob(os.path.join(SCSI_DEBUG_DIR, 'adapter*'))) diff --git a/debian/udev.README.Debian b/debian/udev.README.Debian index dfe1fb4..97636d6 100644 --- a/debian/udev.README.Debian +++ b/debian/udev.README.Debian @@ -31,8 +31,8 @@ You can disable these stable names and go back to the kernel-provided ones "ln -s /dev/null /etc/systemd/network/73-usb-net-by-mac.link" and rebuild the initrd with "update-initramfs -u". -See this page for more information: -http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/ +See this manpage for more information: +https://www.freedesktop.org/software/systemd/man/latest/systemd.net-naming-scheme.html Legacy persistent network interface naming ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/debian/udev.install b/debian/udev.install index 32c943d..ab96e3a 100755 --- a/debian/udev.install +++ b/debian/udev.install @@ -12,7 +12,7 @@ usr/lib/systemd/system/sysinit.target.wants/systemd-udev-trigger.service usr/lib/systemd/system/systemd-hwdb-update.service usr/lib/systemd/system/systemd-udevd-control.socket usr/lib/systemd/system/systemd-udevd-kernel.socket -<pkg.systemd.upstream> usr/lib/systemd/system/systemd-udev-load-credentials.service +usr/lib/systemd/system/systemd-udev-load-credentials.service usr/lib/systemd/system/systemd-udevd.service usr/lib/systemd/system/systemd-udev-settle.service usr/lib/systemd/system/systemd-udev-trigger.service diff --git a/debian/udev.lintian-overrides b/debian/udev.lintian-overrides index 0a58964..a820205 100644 --- a/debian/udev.lintian-overrides +++ b/debian/udev.lintian-overrides @@ -2,6 +2,3 @@ udev: systemd-service-file-missing-install-key # Lintian is really bad at associating manpages udev: spare-manual-page -udev: maintainer-script-calls-systemctl -# variable name, not a typo -udev: spelling-error-in-binary ressize resize [usr/bin/udevadm] diff --git a/debian/udev.manpages b/debian/udev.manpages index 6a170e2..508365d 100755..100644 --- a/debian/udev.manpages +++ b/debian/udev.manpages @@ -1,6 +1,5 @@ -#!/usr/bin/dh-exec debian/tmp/usr/share/man/man5/udev.conf.5 -<pkg.systemd.upstream> debian/tmp/usr/share/man/man5/udev.conf.d.5 +debian/tmp/usr/share/man/man5/udev.conf.d.5 debian/tmp/usr/share/man/man5/systemd.link.5 debian/tmp/usr/share/man/man7/hwdb.7 debian/tmp/usr/share/man/man7/udev.7 diff --git a/debian/watch b/debian/watch index 5d5e366..ec6e1c7 100644 --- a/debian/watch +++ b/debian/watch @@ -1,3 +1,3 @@ version=4 opts=uversionmangle=s/-rc/~rc/,filenamemangle=s/.+\/v?(\d\S*)\.tar\.gz/systemd-$1\.tar\.gz/ \ - https://github.com/systemd/systemd-stable/tags .*/v?(\d\S*)\.tar\.gz + https://github.com/systemd/systemd/tags .*/v?(\d\S*)\.tar\.gz |