Merge ~enr0n/ubuntu/+source/systemd:ubuntu-jammy-sru into ~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-jammy
- Git
- lp:~enr0n/ubuntu/+source/systemd
- ubuntu-jammy-sru
- Merge into ubuntu-jammy
Proposed by
Nick Rosbrook
Status: | Merged | ||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Merged at revision: | 0b9eadf05ee6db0e009dacbc71521480095880b3 | ||||||||||||||||||||||||||||||||||||||||
Proposed branch: | ~enr0n/ubuntu/+source/systemd:ubuntu-jammy-sru | ||||||||||||||||||||||||||||||||||||||||
Merge into: | ~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-jammy | ||||||||||||||||||||||||||||||||||||||||
Diff against target: |
796 lines (+623/-45) 16 files modified
debian/patches/lp1977630-fix_machinectl_pull_tar.patch (+81/-0) debian/patches/lp1978079-efi-pstore-not-cleared-on-boot.patch (+5/-4) debian/patches/lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch (+29/-0) debian/patches/lp1999275/binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch (+80/-0) debian/patches/lp1999275/binfmt-util-also-check-if-binfmt-is-mounted-in-read-write.patch (+41/-0) debian/patches/lp1999275/binfmt-util-split-out-binfmt_mounted.patch (+69/-0) debian/patches/lp1999275/unit-check-more-specific-path-to-be-written-by-systemd-bi.patch (+26/-0) debian/patches/lp2009743/network-dhcp4-do-not-ignore-the-gateway-even-if-the-desti.patch (+59/-0) debian/patches/lp2009743/test-network-add-one-more-testcase-for-DHCPv4-classless-r.patch (+33/-0) debian/patches/lp2013543-core-reorder-systemd-arguments-on-reexec.patch (+58/-0) debian/patches/lp2025563-shutdown-get-only-active-md-arrays.patch (+67/-0) debian/patches/lp2028180-udev-rules-fix-nvme-symlink-creation-on-namespace-changes.patch (+47/-0) debian/patches/series (+11/-1) debian/systemd.postinst (+16/-1) debian/tests/tests-in-lxd (+1/-1) dev/null (+0/-38) |
||||||||||||||||||||||||||||||||||||||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Lukas Märdian | Approve | ||
Review via email: mp+449220@code.launchpad.net |
Commit message
Description of the change
SRU several bug fixes to Jammy.
To post a comment you must log in.
Revision history for this message
Nick Rosbrook (enr0n) wrote : | # |
Thanks for your review! I will review the email before proceeding.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/debian/patches/debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch b/debian/patches/debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch | |||
2 | 0 | deleted file mode 100644 | 0 | deleted file mode 100644 |
3 | index 56295f5..0000000 | |||
4 | --- a/debian/patches/debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch | |||
5 | +++ /dev/null | |||
6 | @@ -1,38 +0,0 @@ | |||
7 | 1 | From: Dimitri John Ledkov <xnox@ubuntu.com> | ||
8 | 2 | Date: Mon, 26 Mar 2018 13:17:01 +0100 | ||
9 | 3 | Subject: wait-online: exit, if no links are managed. | ||
10 | 4 | |||
11 | 5 | (cherry picked from commit 19d11f607ac0f8b1e31f72a8e9d3d44371b9dadb) | ||
12 | 6 | --- | ||
13 | 7 | src/network/wait-online/manager.c | 7 ++++++- | ||
14 | 8 | 1 file changed, 6 insertions(+), 1 deletion(-) | ||
15 | 9 | |||
16 | 10 | --- a/src/network/wait-online/manager.c | ||
17 | 11 | +++ b/src/network/wait-online/manager.c | ||
18 | 12 | @@ -118,6 +118,7 @@ static int manager_link_is_online(Manage | ||
19 | 13 | |||
20 | 14 | bool manager_configured(Manager *m) { | ||
21 | 15 | bool one_ready = false; | ||
22 | 16 | + bool none_managed = true; | ||
23 | 17 | const char *ifname; | ||
24 | 18 | Link *l; | ||
25 | 19 | int r; | ||
26 | 20 | @@ -168,13 +169,17 @@ bool manager_configured(Manager *m) { | ||
27 | 21 | _LINK_OPERSTATE_INVALID }); | ||
28 | 22 | if (r < 0 && !m->any) | ||
29 | 23 | return false; | ||
30 | 24 | + if (l->state && STR_IN_SET(l->state, "configured", "failed")) { | ||
31 | 25 | + log_info("managing: %s", l->ifname); | ||
32 | 26 | + none_managed = false; | ||
33 | 27 | + } | ||
34 | 28 | if (r > 0) | ||
35 | 29 | /* we wait for at least one link to be ready, | ||
36 | 30 | * regardless of who manages it */ | ||
37 | 31 | one_ready = true; | ||
38 | 32 | } | ||
39 | 33 | |||
40 | 34 | - return one_ready; | ||
41 | 35 | + return one_ready || none_managed; | ||
42 | 36 | } | ||
43 | 37 | |||
44 | 38 | static int manager_process_link(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) { | ||
45 | diff --git a/debian/patches/lp1977630-fix_machinectl_pull_tar.patch b/debian/patches/lp1977630-fix_machinectl_pull_tar.patch | |||
46 | 39 | new file mode 100644 | 0 | new file mode 100644 |
47 | index 0000000..675cd43 | |||
48 | --- /dev/null | |||
49 | +++ b/debian/patches/lp1977630-fix_machinectl_pull_tar.patch | |||
50 | @@ -0,0 +1,81 @@ | |||
51 | 1 | From: Dan Streetman <ddstreet@ieee.org> | ||
52 | 2 | Bug-Ubuntu: https://bugs.launchpad.net/bugs/1977630 | ||
53 | 3 | Forwarded: not-needed | ||
54 | 4 | |||
55 | 5 | Since import_make_read_only handles a dir by chattr +i, that has to happen | ||
56 | 6 | after renaming, since an immutable dir can't be renamed. | ||
57 | 7 | |||
58 | 8 | --- a/src/import/pull-tar.c | ||
59 | 9 | +++ b/src/import/pull-tar.c | ||
60 | 10 | @@ -353,10 +353,6 @@ static void tar_pull_job_on_finished(Pul | ||
61 | 11 | if (r < 0) | ||
62 | 12 | goto finish; | ||
63 | 13 | |||
64 | 14 | - r = import_make_read_only(i->temp_path); | ||
65 | 15 | - if (r < 0) | ||
66 | 16 | - goto finish; | ||
67 | 17 | - | ||
68 | 18 | r = rename_noreplace(AT_FDCWD, i->temp_path, AT_FDCWD, i->final_path); | ||
69 | 19 | if (r < 0) { | ||
70 | 20 | log_error_errno(r, "Failed to rename to final image name to %s: %m", i->final_path); | ||
71 | 21 | @@ -365,6 +361,10 @@ static void tar_pull_job_on_finished(Pul | ||
72 | 22 | |||
73 | 23 | i->temp_path = mfree(i->temp_path); | ||
74 | 24 | |||
75 | 25 | + r = import_make_read_only(i->final_path); | ||
76 | 26 | + if (r < 0) | ||
77 | 27 | + goto finish; | ||
78 | 28 | + | ||
79 | 29 | if (i->settings_job && | ||
80 | 30 | i->settings_job->error == 0) { | ||
81 | 31 | |||
82 | 32 | @@ -380,10 +380,6 @@ static void tar_pull_job_on_finished(Pul | ||
83 | 33 | if (r < 0) | ||
84 | 34 | goto finish; | ||
85 | 35 | |||
86 | 36 | - r = import_make_read_only(i->settings_temp_path); | ||
87 | 37 | - if (r < 0) | ||
88 | 38 | - goto finish; | ||
89 | 39 | - | ||
90 | 40 | r = rename_noreplace(AT_FDCWD, i->settings_temp_path, AT_FDCWD, i->settings_path); | ||
91 | 41 | if (r < 0) { | ||
92 | 42 | log_error_errno(r, "Failed to rename settings file to %s: %m", i->settings_path); | ||
93 | 43 | @@ -391,6 +387,10 @@ static void tar_pull_job_on_finished(Pul | ||
94 | 44 | } | ||
95 | 45 | |||
96 | 46 | i->settings_temp_path = mfree(i->settings_temp_path); | ||
97 | 47 | + | ||
98 | 48 | + r = import_make_read_only(i->settings_path); | ||
99 | 49 | + if (r < 0) | ||
100 | 50 | + goto finish; | ||
101 | 51 | } | ||
102 | 52 | } | ||
103 | 53 | |||
104 | 54 | --- a/src/import/import-tar.c | ||
105 | 55 | +++ b/src/import/import-tar.c | ||
106 | 56 | @@ -179,12 +179,6 @@ static int tar_import_finish(TarImport * | ||
107 | 57 | if (r < 0) | ||
108 | 58 | return r; | ||
109 | 59 | |||
110 | 60 | - if (i->flags & IMPORT_READ_ONLY) { | ||
111 | 61 | - r = import_make_read_only(i->temp_path); | ||
112 | 62 | - if (r < 0) | ||
113 | 63 | - return r; | ||
114 | 64 | - } | ||
115 | 65 | - | ||
116 | 66 | if (i->flags & IMPORT_FORCE) | ||
117 | 67 | (void) rm_rf(i->final_path, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME); | ||
118 | 68 | |||
119 | 69 | @@ -194,6 +188,12 @@ static int tar_import_finish(TarImport * | ||
120 | 70 | |||
121 | 71 | i->temp_path = mfree(i->temp_path); | ||
122 | 72 | |||
123 | 73 | + if (i->flags & IMPORT_READ_ONLY) { | ||
124 | 74 | + r = import_make_read_only(i->final_path); | ||
125 | 75 | + if (r < 0) | ||
126 | 76 | + return r; | ||
127 | 77 | + } | ||
128 | 78 | + | ||
129 | 79 | return 0; | ||
130 | 80 | } | ||
131 | 81 | |||
132 | diff --git a/debian/patches/lp1978079-efi-pstore-not-cleared-on-boot.patch b/debian/patches/lp1978079-efi-pstore-not-cleared-on-boot.patch | |||
133 | index 9331b73..49584bd 100644 | |||
134 | --- a/debian/patches/lp1978079-efi-pstore-not-cleared-on-boot.patch | |||
135 | +++ b/debian/patches/lp1978079-efi-pstore-not-cleared-on-boot.patch | |||
136 | @@ -6,9 +6,10 @@ Subject: [PATCH] pstore: Run after modules are loaded | |||
137 | 6 | Origin: upstream, https://github.com/systemd/systemd/commit/70e74a5997ae2ce7ba72a74ac949c3b2dad1a1d6 | 6 | Origin: upstream, https://github.com/systemd/systemd/commit/70e74a5997ae2ce7ba72a74ac949c3b2dad1a1d6 |
138 | 7 | Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1978079 | 7 | Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1978079 |
139 | 8 | Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1981622 | 8 | Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1981622 |
141 | 9 | Last-Updated: 2022-07-22 | 9 | Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2023462 |
142 | 10 | Last-Updated: 2023-08-02 | ||
143 | 10 | 11 | ||
145 | 11 | The original commit has been modified to not load mtdpstore. | 12 | The original commit has been modified to only load efi_pstore, as that is all that was really needed. |
146 | 12 | 13 | ||
147 | 13 | --- | 14 | --- |
148 | 14 | The systemd-pstore service takes pstore files on boot and transfers them | 15 | The systemd-pstore service takes pstore files on boot and transfers them |
149 | @@ -42,8 +43,8 @@ index 848e311e9642..86de30ad4a72 100644 | |||
150 | 42 | DefaultDependencies=no | 43 | DefaultDependencies=no |
151 | 43 | Conflicts=shutdown.target | 44 | Conflicts=shutdown.target |
152 | 44 | Before=sysinit.target shutdown.target | 45 | Before=sysinit.target shutdown.target |
155 | 45 | +After=modprobe@efi_pstore.service modprobe@chromeos_pstore.service modprobe@ramoops.service modprobe@pstore_zone.service modprobe@pstore_blk.service | 46 | +After=modprobe@efi_pstore.service |
156 | 46 | +Wants=modprobe@efi_pstore.service modprobe@chromeos_pstore.service modprobe@ramoops.service modprobe@pstore_zone.service modprobe@pstore_blk.service | 47 | +Wants=modprobe@efi_pstore.service |
157 | 47 | 48 | ||
158 | 48 | [Service] | 49 | [Service] |
159 | 49 | Type=oneshot | 50 | Type=oneshot |
160 | diff --git a/debian/patches/lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch b/debian/patches/lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch | |||
161 | 50 | new file mode 100644 | 51 | new file mode 100644 |
162 | index 0000000..d35aa0f | |||
163 | --- /dev/null | |||
164 | +++ b/debian/patches/lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch | |||
165 | @@ -0,0 +1,29 @@ | |||
166 | 1 | From 137d162c42ed858613afc3d7493d08d4ae6d5c1b Mon Sep 17 00:00:00 2001 | ||
167 | 2 | From: Dan Streetman <ddstreet@ieee.org> | ||
168 | 3 | Date: Fri, 16 Sep 2022 10:50:59 -0400 | ||
169 | 4 | Subject: [PATCH] add CAP_LINUX_IMMUTABLE to systemd-machined, so it can handle | ||
170 | 5 | machinectl read-only requests | ||
171 | 6 | Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1991829 | ||
172 | 7 | Origin: upstream, https://github.com/systemd/systemd/pull/24697 | ||
173 | 8 | |||
174 | 9 | Without this, the 'machinectl read-only ...' command always fails. | ||
175 | 10 | --- | ||
176 | 11 | units/systemd-machined.service.in | 2 +- | ||
177 | 12 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
178 | 13 | |||
179 | 14 | diff --git a/units/systemd-machined.service.in b/units/systemd-machined.service.in | ||
180 | 15 | index e92f436dfd..d3f8abd9e4 100644 | ||
181 | 16 | --- a/units/systemd-machined.service.in | ||
182 | 17 | +++ b/units/systemd-machined.service.in | ||
183 | 18 | @@ -18,7 +18,7 @@ RequiresMountsFor=/var/lib/machines | ||
184 | 19 | |||
185 | 20 | [Service] | ||
186 | 21 | BusName=org.freedesktop.machine1 | ||
187 | 22 | -CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD | ||
188 | 23 | +CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD CAP_LINUX_IMMUTABLE | ||
189 | 24 | ExecStart={{ROOTLIBEXECDIR}}/systemd-machined | ||
190 | 25 | IPAddressDeny=any | ||
191 | 26 | LockPersonality=yes | ||
192 | 27 | -- | ||
193 | 28 | 2.34.1 | ||
194 | 29 | |||
195 | diff --git a/debian/patches/lp1999275/binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch b/debian/patches/lp1999275/binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch | |||
196 | 0 | new file mode 100644 | 30 | new file mode 100644 |
197 | index 0000000..792097d | |||
198 | --- /dev/null | |||
199 | +++ b/debian/patches/lp1999275/binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch | |||
200 | @@ -0,0 +1,80 @@ | |||
201 | 1 | From: Yu Watanabe <watanabe.yu+github@gmail.com> | ||
202 | 2 | Date: Sat, 10 Dec 2022 11:42:50 +0900 | ||
203 | 3 | Subject: binfmt: check if binfmt is mounted before applying rules | ||
204 | 4 | |||
205 | 5 | Origin: upstream, https://github.com/systemd/systemd/commit/94ba5b15329d9d19277ca418bfd0266da98f7b2a | ||
206 | 6 | Bug-Ubuntu: https://launchpad.net/bugs/1999275 | ||
207 | 7 | |||
208 | 8 | --- | ||
209 | 9 | src/binfmt/binfmt.c | 19 +++++++++++++++++++ | ||
210 | 10 | src/shared/binfmt-util.c | 2 +- | ||
211 | 11 | src/shared/binfmt-util.h | 1 + | ||
212 | 12 | 3 files changed, 21 insertions(+), 1 deletion(-) | ||
213 | 13 | |||
214 | 14 | diff --git a/src/binfmt/binfmt.c b/src/binfmt/binfmt.c | ||
215 | 15 | index 981218f..999ccd0 100644 | ||
216 | 16 | --- a/src/binfmt/binfmt.c | ||
217 | 17 | +++ b/src/binfmt/binfmt.c | ||
218 | 18 | @@ -184,6 +184,18 @@ static int parse_argv(int argc, char *argv[]) { | ||
219 | 19 | return 1; | ||
220 | 20 | } | ||
221 | 21 | |||
222 | 22 | +static int binfmt_mounted_warn(void) { | ||
223 | 23 | + int r; | ||
224 | 24 | + | ||
225 | 25 | + r = binfmt_mounted(); | ||
226 | 26 | + if (r < 0) | ||
227 | 27 | + return log_error_errno(r, "Failed to check if /proc/sys/fs/binfmt_misc is mounted: %m"); | ||
228 | 28 | + if (r == 0) | ||
229 | 29 | + log_debug("/proc/sys/fs/binfmt_misc is not mounted in read-write mode, skipping."); | ||
230 | 30 | + | ||
231 | 31 | + return r; | ||
232 | 32 | +} | ||
233 | 33 | + | ||
234 | 34 | static int run(int argc, char *argv[]) { | ||
235 | 35 | int r, k; | ||
236 | 36 | |||
237 | 37 | @@ -201,6 +213,9 @@ static int run(int argc, char *argv[]) { | ||
238 | 38 | return disable_binfmt(); | ||
239 | 39 | |||
240 | 40 | if (argc > optind) { | ||
241 | 41 | + r = binfmt_mounted_warn(); | ||
242 | 42 | + if (r <= 0) | ||
243 | 43 | + return r; | ||
244 | 44 | int i; | ||
245 | 45 | |||
246 | 46 | for (i = optind; i < argc; i++) { | ||
247 | 47 | @@ -222,6 +237,10 @@ static int run(int argc, char *argv[]) { | ||
248 | 48 | return cat_files(NULL, files, 0); | ||
249 | 49 | } | ||
250 | 50 | |||
251 | 51 | + r = binfmt_mounted_warn(); | ||
252 | 52 | + if (r <= 0) | ||
253 | 53 | + return r; | ||
254 | 54 | + | ||
255 | 55 | /* Flush out all rules */ | ||
256 | 56 | (void) write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", WRITE_STRING_FILE_DISABLE_BUFFER); | ||
257 | 57 | |||
258 | 58 | diff --git a/src/shared/binfmt-util.c b/src/shared/binfmt-util.c | ||
259 | 59 | index 51fc245..a261754 100644 | ||
260 | 60 | --- a/src/shared/binfmt-util.c | ||
261 | 61 | +++ b/src/shared/binfmt-util.c | ||
262 | 62 | @@ -12,7 +12,7 @@ | ||
263 | 63 | #include "missing_magic.h" | ||
264 | 64 | #include "stat-util.h" | ||
265 | 65 | |||
266 | 66 | -static int binfmt_mounted(void) { | ||
267 | 67 | +int binfmt_mounted(void) { | ||
268 | 68 | _cleanup_close_ int fd = -EBADF; | ||
269 | 69 | int r; | ||
270 | 70 | |||
271 | 71 | diff --git a/src/shared/binfmt-util.h b/src/shared/binfmt-util.h | ||
272 | 72 | index 2f008d1..13f4548 100644 | ||
273 | 73 | --- a/src/shared/binfmt-util.h | ||
274 | 74 | +++ b/src/shared/binfmt-util.h | ||
275 | 75 | @@ -1,4 +1,5 @@ | ||
276 | 76 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ | ||
277 | 77 | #pragma once | ||
278 | 78 | |||
279 | 79 | +int binfmt_mounted(void); | ||
280 | 80 | int disable_binfmt(void); | ||
281 | diff --git a/debian/patches/lp1999275/binfmt-util-also-check-if-binfmt-is-mounted-in-read-write.patch b/debian/patches/lp1999275/binfmt-util-also-check-if-binfmt-is-mounted-in-read-write.patch | |||
282 | 0 | new file mode 100644 | 81 | new file mode 100644 |
283 | index 0000000..9541dbd | |||
284 | --- /dev/null | |||
285 | +++ b/debian/patches/lp1999275/binfmt-util-also-check-if-binfmt-is-mounted-in-read-write.patch | |||
286 | @@ -0,0 +1,41 @@ | |||
287 | 1 | From: Yu Watanabe <watanabe.yu+github@gmail.com> | ||
288 | 2 | Date: Sat, 10 Dec 2022 11:32:24 +0900 | ||
289 | 3 | Subject: binfmt-util: also check if binfmt is mounted in read-write | ||
290 | 4 | |||
291 | 5 | Origin: upstream, https://github.com/systemd/systemd/commit/5aaa79ce96997825b4dcdcf5be10d8f955fb3339 | ||
292 | 6 | Bug-Ubuntu: https://launchpad.net/bugs/1999275 | ||
293 | 7 | |||
294 | 8 | --- | ||
295 | 9 | src/shared/binfmt-util.c | 5 +++-- | ||
296 | 10 | 1 file changed, 3 insertions(+), 2 deletions(-) | ||
297 | 11 | |||
298 | 12 | diff --git a/src/shared/binfmt-util.c b/src/shared/binfmt-util.c | ||
299 | 13 | index e813c3e..51fc245 100644 | ||
300 | 14 | --- a/src/shared/binfmt-util.c | ||
301 | 15 | +++ b/src/shared/binfmt-util.c | ||
302 | 16 | @@ -8,6 +8,7 @@ | ||
303 | 17 | #include "errno-util.h" | ||
304 | 18 | #include "fd-util.h" | ||
305 | 19 | #include "fileio.h" | ||
306 | 20 | +#include "fs-util.h" | ||
307 | 21 | #include "missing_magic.h" | ||
308 | 22 | #include "stat-util.h" | ||
309 | 23 | |||
310 | 24 | @@ -25,7 +26,7 @@ static int binfmt_mounted(void) { | ||
311 | 25 | if (r <= 0) | ||
312 | 26 | return r; | ||
313 | 27 | |||
314 | 28 | - return true; | ||
315 | 29 | + return access_fd(fd, W_OK) >= 0; | ||
316 | 30 | } | ||
317 | 31 | |||
318 | 32 | int disable_binfmt(void) { | ||
319 | 33 | @@ -41,7 +42,7 @@ int disable_binfmt(void) { | ||
320 | 34 | if (r < 0) | ||
321 | 35 | return log_warning_errno(r, "Failed to determine whether binfmt_misc is mounted: %m"); | ||
322 | 36 | if (r == 0) { | ||
323 | 37 | - log_debug("binfmt_misc is not mounted, not detaching entries."); | ||
324 | 38 | + log_debug("binfmt_misc is not mounted in read-write mode, not detaching entries."); | ||
325 | 39 | return 0; | ||
326 | 40 | } | ||
327 | 41 | |||
328 | diff --git a/debian/patches/lp1999275/binfmt-util-split-out-binfmt_mounted.patch b/debian/patches/lp1999275/binfmt-util-split-out-binfmt_mounted.patch | |||
329 | 0 | new file mode 100644 | 42 | new file mode 100644 |
330 | index 0000000..74f1d4c | |||
331 | --- /dev/null | |||
332 | +++ b/debian/patches/lp1999275/binfmt-util-split-out-binfmt_mounted.patch | |||
333 | @@ -0,0 +1,69 @@ | |||
334 | 1 | From: Yu Watanabe <watanabe.yu+github@gmail.com> | ||
335 | 2 | Date: Sat, 10 Dec 2022 11:25:28 +0900 | ||
336 | 3 | Subject: binfmt-util: split out binfmt_mounted() | ||
337 | 4 | |||
338 | 5 | Origin: upstream, https://github.com/systemd/systemd/commit/a51a9684c926af917ad1b8e2f34538aee3c7ce2d | ||
339 | 6 | Bug-Ubuntu: https://launchpad.net/bugs/1999275 | ||
340 | 7 | |||
341 | 8 | No functional changes, just refactoring and preparation for later | ||
342 | 9 | commits. | ||
343 | 10 | |||
344 | 11 | (modified to apply to v249.11) | ||
345 | 12 | --- | ||
346 | 13 | src/shared/binfmt-util.c | 29 +++++++++++++++++++++++++---- | ||
347 | 14 | 1 file changed, 25 insertions(+), 4 deletions(-) | ||
348 | 15 | |||
349 | 16 | diff --git a/src/shared/binfmt-util.c b/src/shared/binfmt-util.c | ||
350 | 17 | index 724d7f2..d149382 100644 | ||
351 | 18 | --- a/src/shared/binfmt-util.c | ||
352 | 19 | +++ b/src/shared/binfmt-util.c | ||
353 | 20 | @@ -5,10 +5,31 @@ | ||
354 | 21 | #include <sys/vfs.h> | ||
355 | 22 | |||
356 | 23 | #include "binfmt-util.h" | ||
357 | 24 | +#include "errno-util.h" | ||
358 | 25 | +#include "fd-util.h" | ||
359 | 26 | #include "fileio.h" | ||
360 | 27 | #include "missing_magic.h" | ||
361 | 28 | #include "stat-util.h" | ||
362 | 29 | |||
363 | 30 | +static int binfmt_mounted(void) { | ||
364 | 31 | + _cleanup_close_ int fd = -EBADF; | ||
365 | 32 | + int r; | ||
366 | 33 | + | ||
367 | 34 | + fd = open("/proc/sys/fs/binfmt_misc", O_CLOEXEC | O_DIRECTORY | O_PATH); | ||
368 | 35 | + if (fd < 0) | ||
369 | 36 | + fd = -errno; | ||
370 | 37 | + if (fd == -ENOENT) | ||
371 | 38 | + return false; | ||
372 | 39 | + if (fd < 0) | ||
373 | 40 | + return fd; | ||
374 | 41 | + | ||
375 | 42 | + r = fd_is_fs_type(fd, BINFMTFS_MAGIC); | ||
376 | 43 | + if (r <= 0) | ||
377 | 44 | + return r; | ||
378 | 45 | + | ||
379 | 46 | + return true; | ||
380 | 47 | +} | ||
381 | 48 | + | ||
382 | 49 | int disable_binfmt(void) { | ||
383 | 50 | int r; | ||
384 | 51 | |||
385 | 52 | @@ -18,13 +39,13 @@ int disable_binfmt(void) { | ||
386 | 53 | * We are a bit careful here, since binfmt_misc might still be an autofs which we don't want to | ||
387 | 54 | * trigger. */ | ||
388 | 55 | |||
389 | 56 | - r = path_is_fs_type("/proc/sys/fs/binfmt_misc", BINFMTFS_MAGIC); | ||
390 | 57 | - if (r == 0 || r == -ENOENT) { | ||
391 | 58 | + r = binfmt_mounted(); | ||
392 | 59 | + if (r < 0) | ||
393 | 60 | + return log_warning_errno(r, "Failed to determine whether binfmt_misc is mounted: %m"); | ||
394 | 61 | + if (r == 0) { | ||
395 | 62 | log_debug("binfmt_misc is not mounted, not detaching entries."); | ||
396 | 63 | return 0; | ||
397 | 64 | } | ||
398 | 65 | - if (r < 0) | ||
399 | 66 | - return log_warning_errno(r, "Failed to determine whether binfmt_misc is mounted: %m"); | ||
400 | 67 | |||
401 | 68 | r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", WRITE_STRING_FILE_DISABLE_BUFFER); | ||
402 | 69 | if (r < 0) | ||
403 | diff --git a/debian/patches/lp1999275/unit-check-more-specific-path-to-be-written-by-systemd-bi.patch b/debian/patches/lp1999275/unit-check-more-specific-path-to-be-written-by-systemd-bi.patch | |||
404 | 0 | new file mode 100644 | 70 | new file mode 100644 |
405 | index 0000000..5f0cfe2 | |||
406 | --- /dev/null | |||
407 | +++ b/debian/patches/lp1999275/unit-check-more-specific-path-to-be-written-by-systemd-bi.patch | |||
408 | @@ -0,0 +1,26 @@ | |||
409 | 1 | From: Yu Watanabe <watanabe.yu+github@gmail.com> | ||
410 | 2 | Date: Sat, 10 Dec 2022 11:46:45 +0900 | ||
411 | 3 | Subject: unit: check more specific path to be written by systemd-binfmt | ||
412 | 4 | |||
413 | 5 | Origin: upstream, https://github.com/systemd/systemd/commit/f74a7cb45c2458f90de6d37c70fa3afc1a3be279 | ||
414 | 6 | Bug-Ubuntu: https://launchpad.net/bugs/1999275 | ||
415 | 7 | |||
416 | 8 | Follow-up for 41807efb1594ae8e71e0255e154ea7d17be2251a. | ||
417 | 9 | Replaces #25690. | ||
418 | 10 | --- | ||
419 | 11 | units/systemd-binfmt.service.in | 2 +- | ||
420 | 12 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
421 | 13 | |||
422 | 14 | diff --git a/units/systemd-binfmt.service.in b/units/systemd-binfmt.service.in | ||
423 | 15 | index 96f595a..5bf3e99 100644 | ||
424 | 16 | --- a/units/systemd-binfmt.service.in | ||
425 | 17 | +++ b/units/systemd-binfmt.service.in | ||
426 | 18 | @@ -18,7 +18,7 @@ After=proc-sys-fs-binfmt_misc.automount | ||
427 | 19 | After=proc-sys-fs-binfmt_misc.mount | ||
428 | 20 | After=local-fs.target | ||
429 | 21 | Before=sysinit.target shutdown.target | ||
430 | 22 | -ConditionPathIsReadWrite=/proc/sys/ | ||
431 | 23 | +ConditionPathIsMountPoint=/proc/sys/fs/binfmt_misc | ||
432 | 24 | ConditionDirectoryNotEmpty=|/lib/binfmt.d | ||
433 | 25 | ConditionDirectoryNotEmpty=|/usr/lib/binfmt.d | ||
434 | 26 | ConditionDirectoryNotEmpty=|/usr/local/lib/binfmt.d | ||
435 | diff --git a/debian/patches/lp2009743/network-dhcp4-do-not-ignore-the-gateway-even-if-the-desti.patch b/debian/patches/lp2009743/network-dhcp4-do-not-ignore-the-gateway-even-if-the-desti.patch | |||
436 | 0 | new file mode 100644 | 27 | new file mode 100644 |
437 | index 0000000..b83201f | |||
438 | --- /dev/null | |||
439 | +++ b/debian/patches/lp2009743/network-dhcp4-do-not-ignore-the-gateway-even-if-the-desti.patch | |||
440 | @@ -0,0 +1,59 @@ | |||
441 | 1 | From: Yu Watanabe <watanabe.yu+github@gmail.com> | ||
442 | 2 | Date: Fri, 7 Jul 2023 06:31:04 +0900 | ||
443 | 3 | Subject: network/dhcp4: do not ignore the gateway even if the destination is | ||
444 | 4 | in the same network | ||
445 | 5 | |||
446 | 6 | Origin: upstream, https://github.com/systemd/systemd/commit/77451f654a89d822cd288883edfac315949d1cb6 | ||
447 | 7 | Bug-Ubuntu: https://launchpad.net/bugs/2009743 | ||
448 | 8 | |||
449 | 9 | Fixes #28280. | ||
450 | 10 | |||
451 | 11 | (modified to apply to v249.11) | ||
452 | 12 | --- | ||
453 | 13 | src/network/networkd-dhcp4.c | 12 ++++++++---- | ||
454 | 14 | 1 file changed, 8 insertions(+), 4 deletions(-) | ||
455 | 15 | |||
456 | 16 | diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c | ||
457 | 17 | index 9b06edc..8dc85a4 100644 | ||
458 | 18 | --- a/src/network/networkd-dhcp4.c | ||
459 | 19 | +++ b/src/network/networkd-dhcp4.c | ||
460 | 20 | @@ -290,7 +290,8 @@ static int dhcp4_request_route_to_gateway(Link *link, const struct in_addr *gw) | ||
461 | 21 | static int dhcp4_request_route_auto( | ||
462 | 22 | Route *in, | ||
463 | 23 | Link *link, | ||
464 | 24 | - const struct in_addr *gw) { | ||
465 | 25 | + const struct in_addr *gw, | ||
466 | 26 | + bool force_use_gw) { | ||
467 | 27 | |||
468 | 28 | _cleanup_(route_freep) Route *route = in; | ||
469 | 29 | struct in_addr address, netmask, prefix; | ||
470 | 30 | @@ -335,7 +336,8 @@ static int dhcp4_request_route_auto( | ||
471 | 31 | route->gw = IN_ADDR_NULL; | ||
472 | 32 | route->prefsrc.in = address; | ||
473 | 33 | |||
474 | 34 | - } else if (route->dst_prefixlen >= prefixlen && | ||
475 | 35 | + } else if (!force_use_gw && | ||
476 | 36 | + route->dst_prefixlen >= prefixlen && | ||
477 | 37 | (route->dst.in.s_addr & netmask.s_addr) == prefix.s_addr) { | ||
478 | 38 | if (in4_addr_is_set(gw)) | ||
479 | 39 | log_link_debug(link, "DHCP: requested route destination "IPV4_ADDRESS_FMT_STR"/%u is in the assigned network " | ||
480 | 40 | @@ -450,7 +452,9 @@ static int dhcp4_request_static_routes(Link *link, struct in_addr *ret_default_g | ||
481 | 41 | in4_addr_is_null(&default_gw)) | ||
482 | 42 | default_gw = gw; | ||
483 | 43 | |||
484 | 44 | - r = dhcp4_request_route_auto(TAKE_PTR(route), link, &gw); | ||
485 | 45 | + /* Do not ignore the gateway given by the classless route option even if the destination is | ||
486 | 46 | + * in the same network. See issue #28280. */ | ||
487 | 47 | + r = dhcp4_request_route_auto(TAKE_PTR(route), link, &gw, /* force_use_gw = */ classless_route); | ||
488 | 48 | if (r < 0) | ||
489 | 49 | return r; | ||
490 | 50 | } | ||
491 | 51 | @@ -575,7 +579,7 @@ static int dhcp4_request_routes_to_servers( | ||
492 | 52 | route->table = link_get_dhcp_route_table(link); | ||
493 | 53 | route->mtu = link->network->dhcp_route_mtu; | ||
494 | 54 | |||
495 | 55 | - r = dhcp4_request_route_auto(TAKE_PTR(route), link, gw); | ||
496 | 56 | + r = dhcp4_request_route_auto(TAKE_PTR(route), link, gw, /* force_use_gw = */ false); | ||
497 | 57 | if (r < 0) | ||
498 | 58 | return r; | ||
499 | 59 | } | ||
500 | diff --git a/debian/patches/lp2009743/test-network-add-one-more-testcase-for-DHCPv4-classless-r.patch b/debian/patches/lp2009743/test-network-add-one-more-testcase-for-DHCPv4-classless-r.patch | |||
501 | 0 | new file mode 100644 | 60 | new file mode 100644 |
502 | index 0000000..c19e9f7 | |||
503 | --- /dev/null | |||
504 | +++ b/debian/patches/lp2009743/test-network-add-one-more-testcase-for-DHCPv4-classless-r.patch | |||
505 | @@ -0,0 +1,33 @@ | |||
506 | 1 | From: Yu Watanabe <watanabe.yu+github@gmail.com> | ||
507 | 2 | Date: Fri, 7 Jul 2023 06:57:04 +0900 | ||
508 | 3 | Subject: test-network: add one more testcase for DHCPv4 classless route | ||
509 | 4 | |||
510 | 5 | Origin: upstream, https://github.com/systemd/systemd/commit/86f6760038477e9e27ccea580f1b3b27328a98a7 | ||
511 | 6 | Bug-Ubuntu: https://launchpad.net/bugs/2009743 | ||
512 | 7 | |||
513 | 8 | For issue #28280. | ||
514 | 9 | --- | ||
515 | 10 | test/test-network/systemd-networkd-tests.py | 3 ++- | ||
516 | 11 | 1 file changed, 2 insertions(+), 1 deletion(-) | ||
517 | 12 | |||
518 | 13 | diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py | ||
519 | 14 | index aab7b57..5143381 100755 | ||
520 | 15 | --- a/test/test-network/systemd-networkd-tests.py | ||
521 | 16 | +++ b/test/test-network/systemd-networkd-tests.py | ||
522 | 17 | @@ -3999,7 +3999,7 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities): | ||
523 | 18 | self.wait_online(['veth-peer:carrier']) | ||
524 | 19 | additional_options = '--dhcp-option=option:dns-server,192.168.5.10,8.8.8.8 --dhcp-option=option:ntp-server,192.168.5.11,9.9.9.9 --dhcp-option=option:static-route,192.168.5.100,192.168.5.2,8.8.8.8,192.168.5.3' | ||
525 | 20 | if classless: | ||
526 | 21 | - additional_options += ' --dhcp-option=option:classless-static-route,0.0.0.0/0,192.168.5.4,8.0.0.0/8,192.168.5.5' | ||
527 | 22 | + additional_options += ' --dhcp-option=option:classless-static-route,0.0.0.0/0,192.168.5.4,8.0.0.0/8,192.168.5.5,192.168.5.64/26,192.168.5.5' | ||
528 | 23 | start_dnsmasq(additional_options=additional_options, lease_time='2m') | ||
529 | 24 | self.wait_online(['veth99:routable', 'veth-peer:routable']) | ||
530 | 25 | |||
531 | 26 | @@ -4011,6 +4011,7 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities): | ||
532 | 27 | if classless: | ||
533 | 28 | self.assertRegex(output, r'default via 192.168.5.4 proto dhcp src 192.168.5.[0-9]* metric 1024') | ||
534 | 29 | self.assertRegex(output, r'8.0.0.0/8 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024') | ||
535 | 30 | + self.assertRegex(output, r'192.168.5.64/26 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024') | ||
536 | 31 | self.assertRegex(output, r'192.168.5.4 proto dhcp scope link src 192.168.5.[0-9]* metric 1024') | ||
537 | 32 | self.assertRegex(output, r'192.168.5.5 proto dhcp scope link src 192.168.5.[0-9]* metric 1024') | ||
538 | 33 | else: | ||
539 | diff --git a/debian/patches/lp2013543-core-reorder-systemd-arguments-on-reexec.patch b/debian/patches/lp2013543-core-reorder-systemd-arguments-on-reexec.patch | |||
540 | 0 | new file mode 100644 | 34 | new file mode 100644 |
541 | index 0000000..b4bb1ff | |||
542 | --- /dev/null | |||
543 | +++ b/debian/patches/lp2013543-core-reorder-systemd-arguments-on-reexec.patch | |||
544 | @@ -0,0 +1,58 @@ | |||
545 | 1 | From: Frantisek Sumsal <frantisek@sumsal.cz> | ||
546 | 2 | Date: Thu, 29 Jun 2023 13:31:19 +0200 | ||
547 | 3 | Subject: core: reorder systemd arguments on reexec | ||
548 | 4 | |||
549 | 5 | Origin: upstream, https://github.com/systemd/systemd/commit/163be31d380fbdcb56ec06c09e81774840df90dc | ||
550 | 6 | Bug-Ubuntu: https://launchpad.net/bugs/2013543 | ||
551 | 7 | |||
552 | 8 | When reexecuting system let's put our arguments carrying deserialization | ||
553 | 9 | info first followed by any existing arguments to make sure they get | ||
554 | 10 | parsed in case we get weird stuff from the kernel cmdline (like --). | ||
555 | 11 | |||
556 | 12 | See: https://github.com/systemd/systemd/issues/28184 | ||
557 | 13 | (cherry picked from commit 06afda6b38d5d730fca3c65449096425933272bc) | ||
558 | 14 | (cherry picked from commit 884ab38057dca70b8779c85884f4646057e80921) | ||
559 | 15 | --- | ||
560 | 16 | src/core/main.c | 6 +++++- | ||
561 | 17 | test/TEST-01-BASIC/test.sh | 5 +++++ | ||
562 | 18 | 2 files changed, 10 insertions(+), 1 deletion(-) | ||
563 | 19 | |||
564 | 20 | diff --git a/src/core/main.c b/src/core/main.c | ||
565 | 21 | index 66897c2..1bb3b6b 100644 | ||
566 | 22 | --- a/src/core/main.c | ||
567 | 23 | +++ b/src/core/main.c | ||
568 | 24 | @@ -1797,13 +1797,17 @@ static void do_reexecute( | ||
569 | 25 | xsprintf(sfd, "%i", fileno(arg_serialization)); | ||
570 | 26 | |||
571 | 27 | i = 1; /* Leave args[0] empty for now. */ | ||
572 | 28 | - filter_args(args, &i, argv, argc); | ||
573 | 29 | |||
574 | 30 | + /* Put our stuff first to make sure it always gets parsed in case | ||
575 | 31 | + * we get weird stuff from the kernel cmdline (like --) */ | ||
576 | 32 | if (switch_root_dir) | ||
577 | 33 | args[i++] = "--switched-root"; | ||
578 | 34 | args[i++] = arg_system ? "--system" : "--user"; | ||
579 | 35 | args[i++] = "--deserialize"; | ||
580 | 36 | args[i++] = sfd; | ||
581 | 37 | + | ||
582 | 38 | + filter_args(args, &i, argv, argc); | ||
583 | 39 | + | ||
584 | 40 | args[i++] = NULL; | ||
585 | 41 | |||
586 | 42 | assert(i <= args_size); | ||
587 | 43 | diff --git a/test/TEST-01-BASIC/test.sh b/test/TEST-01-BASIC/test.sh | ||
588 | 44 | index d42c0df..dbca6ac 100755 | ||
589 | 45 | --- a/test/TEST-01-BASIC/test.sh | ||
590 | 46 | +++ b/test/TEST-01-BASIC/test.sh | ||
591 | 47 | @@ -6,6 +6,11 @@ IMAGE_NAME="basic" | ||
592 | 48 | RUN_IN_UNPRIVILEGED_CONTAINER=${RUN_IN_UNPRIVILEGED_CONTAINER:-yes} | ||
593 | 49 | TEST_REQUIRE_INSTALL_TESTS=0 | ||
594 | 50 | |||
595 | 51 | +# Check if we can correctly deserialize if the kernel cmdline contains "weird" stuff | ||
596 | 52 | +# like an invalid argument, "end of arguments" separator, or a sysvinit argument (-z) | ||
597 | 53 | +# See: https://github.com/systemd/systemd/issues/28184 | ||
598 | 54 | +KERNEL_APPEND="foo -- -z bar --- baz $KERNEL_APPEND" | ||
599 | 55 | + | ||
600 | 56 | # shellcheck source=test/test-functions | ||
601 | 57 | . "${TEST_BASE_DIR:?}/test-functions" | ||
602 | 58 | |||
603 | diff --git a/debian/patches/lp2025563-shutdown-get-only-active-md-arrays.patch b/debian/patches/lp2025563-shutdown-get-only-active-md-arrays.patch | |||
604 | 0 | new file mode 100644 | 59 | new file mode 100644 |
605 | index 0000000..d2cc39f | |||
606 | --- /dev/null | |||
607 | +++ b/debian/patches/lp2025563-shutdown-get-only-active-md-arrays.patch | |||
608 | @@ -0,0 +1,67 @@ | |||
609 | 1 | From: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> | ||
610 | 2 | Date: Tue, 29 Mar 2022 12:49:54 +0200 | ||
611 | 3 | Subject: shutdown: get only active md arrays. | ||
612 | 4 | |||
613 | 5 | Origin: upstream, https://github.com/systemd/systemd/commit/3a3b022d2cc112803ea7b9beea98bbcad110368a | ||
614 | 6 | Bug-Ubuntu: https://launchpad.net/bugs/2025563 | ||
615 | 7 | |||
616 | 8 | Current md_list_get() implementation filters all block devices, started from | ||
617 | 9 | "md*". This is ambiguous because list could contain: | ||
618 | 10 | - partitions created upon md device (mdXpY) | ||
619 | 11 | - external metadata container- specific type of md array. | ||
620 | 12 | |||
621 | 13 | For partitions there is no issue, because they aren't handle STOP_ARRAY | ||
622 | 14 | ioctl sent later. It generates misleading errors only. | ||
623 | 15 | |||
624 | 16 | Second case is more problematic because containers are not locked in kernel. | ||
625 | 17 | They are stopped even if container member array is active. For that reason | ||
626 | 18 | reboot or shutdown flow could be blocked because metadata manager cannot be | ||
627 | 19 | restarted after switch root on shutdown. | ||
628 | 20 | |||
629 | 21 | Add filters to remove partitions and containers from md_list. Partitions | ||
630 | 22 | can be excluded by DEVTYPE. Containers are determined by MD_LEVEL | ||
631 | 23 | property, we are excluding all with "container" value. | ||
632 | 24 | |||
633 | 25 | Signed-off-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> | ||
634 | 26 | --- | ||
635 | 27 | src/shutdown/umount.c | 18 +++++++++++++++++- | ||
636 | 28 | 1 file changed, 17 insertions(+), 1 deletion(-) | ||
637 | 29 | |||
638 | 30 | diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c | ||
639 | 31 | index 1f945b7..9325870 100644 | ||
640 | 32 | --- a/src/shutdown/umount.c | ||
641 | 33 | +++ b/src/shutdown/umount.c | ||
642 | 34 | @@ -352,9 +352,14 @@ static int md_list_get(MountPoint **head) { | ||
643 | 35 | if (r < 0) | ||
644 | 36 | return r; | ||
645 | 37 | |||
646 | 38 | + /* Filter out partitions. */ | ||
647 | 39 | + r = sd_device_enumerator_add_match_property(e, "DEVTYPE", "disk"); | ||
648 | 40 | + if (r < 0) | ||
649 | 41 | + return r; | ||
650 | 42 | + | ||
651 | 43 | FOREACH_DEVICE(e, d) { | ||
652 | 44 | _cleanup_free_ char *p = NULL; | ||
653 | 45 | - const char *dn; | ||
654 | 46 | + const char *dn, *md_level; | ||
655 | 47 | MountPoint *m; | ||
656 | 48 | dev_t devnum; | ||
657 | 49 | |||
658 | 50 | @@ -362,6 +367,17 @@ static int md_list_get(MountPoint **head) { | ||
659 | 51 | sd_device_get_devname(d, &dn) < 0) | ||
660 | 52 | continue; | ||
661 | 53 | |||
662 | 54 | + r = sd_device_get_property_value(d, "MD_LEVEL", &md_level); | ||
663 | 55 | + if (r < 0) { | ||
664 | 56 | + log_warning_errno(r, "Failed to get MD_LEVEL property for %s, ignoring: %m", dn); | ||
665 | 57 | + continue; | ||
666 | 58 | + } | ||
667 | 59 | + | ||
668 | 60 | + /* MD "containers" are a special type of MD devices, used for external metadata. | ||
669 | 61 | + * Since it doesn't provide RAID functionality in itself we don't need to stop it. */ | ||
670 | 62 | + if (streq(md_level, "container")) | ||
671 | 63 | + continue; | ||
672 | 64 | + | ||
673 | 65 | p = strdup(dn); | ||
674 | 66 | if (!p) | ||
675 | 67 | return -ENOMEM; | ||
676 | diff --git a/debian/patches/lp2028180-udev-rules-fix-nvme-symlink-creation-on-namespace-changes.patch b/debian/patches/lp2028180-udev-rules-fix-nvme-symlink-creation-on-namespace-changes.patch | |||
677 | 0 | new file mode 100644 | 68 | new file mode 100644 |
678 | index 0000000..6f1adfe | |||
679 | --- /dev/null | |||
680 | +++ b/debian/patches/lp2028180-udev-rules-fix-nvme-symlink-creation-on-namespace-changes.patch | |||
681 | @@ -0,0 +1,47 @@ | |||
682 | 1 | From: Thomas Blume <Thomas.Blume@suse.com> | ||
683 | 2 | Date: Thu, 2 Mar 2023 12:06:13 +0100 | ||
684 | 3 | Subject: udev-rules: fix nvme symlink creation on namespace changes | ||
685 | 4 | |||
686 | 5 | Origin: upstream, https://github.com/systemd/systemd/commit/c5ba7a2a4dd19a2d31b8a9d52d3c4bdde78387f0 | ||
687 | 6 | Bug-Ubuntu: https://launchpad.net/bugs/2028180 | ||
688 | 7 | |||
689 | 8 | The nvme by-id symlink changes to the latest namespace when a new namespace gets | ||
690 | 9 | added, for example by connecting multiple NVMe/TCP host controllers via nvme | ||
691 | 10 | connect-all. | ||
692 | 11 | That is incorrect for persistent device links. | ||
693 | 12 | The persistent symbolic device link should continue to point to the same NVMe | ||
694 | 13 | namespace throughout the lifetime of the current boot. | ||
695 | 14 | Therefore the namespace id needs to be added to the link name. | ||
696 | 15 | |||
697 | 16 | (modified to apply to v249.11) | ||
698 | 17 | --- | ||
699 | 18 | rules.d/60-persistent-storage.rules | 8 ++++++++ | ||
700 | 19 | 1 file changed, 8 insertions(+) | ||
701 | 20 | |||
702 | 21 | diff --git a/rules.d/60-persistent-storage.rules b/rules.d/60-persistent-storage.rules | ||
703 | 22 | index a2417cd..1e78f04 100644 | ||
704 | 23 | --- a/rules.d/60-persistent-storage.rules | ||
705 | 24 | +++ b/rules.d/60-persistent-storage.rules | ||
706 | 25 | @@ -37,14 +37,22 @@ KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{serial}=="?*", ENV{ID_S | ||
707 | 26 | KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{wwid}=="?*", ENV{ID_WWN}="$attr{wwid}" | ||
708 | 27 | KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{model}=="?*", ENV{ID_MODEL}="$attr{model}" | ||
709 | 28 | KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{firmware_rev}=="?*", ENV{ID_REVISION}="$attr{firmware_rev}" | ||
710 | 29 | +KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{nsid}=="?*", ENV{ID_NSID}="$attr{nsid}" | ||
711 | 30 | +# obsolete symlink that might get overridden on adding a new nvme controller, kept for backward compatibility | ||
712 | 31 | KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ENV{ID_MODEL}=="?*", ENV{ID_SERIAL_SHORT}=="?*", \ | ||
713 | 32 | OPTIONS="string_escape=replace", ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}" | ||
714 | 33 | +KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ENV{ID_MODEL}=="?*", ENV{ID_SERIAL_SHORT}=="?*", ENV{ID_NSID}=="?*",\ | ||
715 | 34 | + OPTIONS="string_escape=replace", ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}_$env{ID_NSID}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}" | ||
716 | 35 | |||
717 | 36 | KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{serial}=="?*", ENV{ID_SERIAL_SHORT}="$attr{serial}" | ||
718 | 37 | KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{model}=="?*", ENV{ID_MODEL}="$attr{model}" | ||
719 | 38 | KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{firmware_rev}=="?*", ENV{ID_REVISION}="$attr{firmware_rev}" | ||
720 | 39 | +KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{nsid}=="?*", ENV{ID_NSID}="$attr{nsid}" | ||
721 | 40 | +# obsolete symlink that might get overridden on adding a new nvme controller, kept for backward compatibility | ||
722 | 41 | KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ENV{ID_MODEL}=="?*", ENV{ID_SERIAL_SHORT}=="?*", \ | ||
723 | 42 | OPTIONS="string_escape=replace", ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}-part%n" | ||
724 | 43 | +KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ENV{ID_MODEL}=="?*", ENV{ID_SERIAL_SHORT}=="?*", ENV{ID_NSID}=="?*",\ | ||
725 | 44 | + OPTIONS="string_escape=replace", ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}_$env{ID_NSID}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}-part%n" | ||
726 | 45 | |||
727 | 46 | # virtio-blk | ||
728 | 47 | KERNEL=="vd*[!0-9]", ATTRS{serial}=="?*", ENV{ID_SERIAL}="$attr{serial}", SYMLINK+="disk/by-id/virtio-$env{ID_SERIAL}" | ||
729 | diff --git a/debian/patches/series b/debian/patches/series | |||
730 | index c98336a..7730bb0 100644 | |||
731 | --- a/debian/patches/series | |||
732 | +++ b/debian/patches/series | |||
733 | @@ -46,7 +46,6 @@ debian/Ubuntu-core-in-execute-soft-fail-setting-Nice-priority-when.patch | |||
734 | 46 | debian/Ubuntu-units-set-ConditionVirtualization-private-users-on-j.patch | 46 | debian/Ubuntu-units-set-ConditionVirtualization-private-users-on-j.patch |
735 | 47 | debian/UBUNTU-Add-AssumedApparmorLabel-unconfined-to-timedate1-dbus.patch | 47 | debian/UBUNTU-Add-AssumedApparmorLabel-unconfined-to-timedate1-dbus.patch |
736 | 48 | debian/UBUNTU-test-test-functions-launch-qemu-with-vga-none.patch | 48 | debian/UBUNTU-test-test-functions-launch-qemu-with-vga-none.patch |
737 | 49 | debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch | ||
738 | 50 | debian/UBUNTU-journald.service-set-Nice-1-to-dodge-watchdog-on-soft-loc.patch | 49 | debian/UBUNTU-journald.service-set-Nice-1-to-dodge-watchdog-on-soft-loc.patch |
739 | 51 | debian/UBUNTU-units-block-CAP_SYS_MODULE-units-in-containers-too.patch | 50 | debian/UBUNTU-units-block-CAP_SYS_MODULE-units-in-containers-too.patch |
740 | 52 | debian/UBUNTU-test-sleep-skip-test_fiemap-upon-inapproriate-ioctl-.patch | 51 | debian/UBUNTU-test-sleep-skip-test_fiemap-upon-inapproriate-ioctl-.patch |
741 | @@ -113,3 +112,14 @@ lp2002445/sd-device-make-device_set_syspath-clear-sysname-and-sysnu.patch | |||
742 | 113 | lp2002445/udev-restore-syspath-and-properties-on-failure.patch | 112 | lp2002445/udev-restore-syspath-and-properties-on-failure.patch |
743 | 114 | lp2002445/sd-device-introduce-device_get_property_int.patch | 113 | lp2002445/sd-device-introduce-device_get_property_int.patch |
744 | 115 | lp2002445/core-device-ignore-failed-uevents.patch | 114 | lp2002445/core-device-ignore-failed-uevents.patch |
745 | 115 | lp2025563-shutdown-get-only-active-md-arrays.patch | ||
746 | 116 | lp2028180-udev-rules-fix-nvme-symlink-creation-on-namespace-changes.patch | ||
747 | 117 | lp2013543-core-reorder-systemd-arguments-on-reexec.patch | ||
748 | 118 | lp2009743/network-dhcp4-do-not-ignore-the-gateway-even-if-the-desti.patch | ||
749 | 119 | lp2009743/test-network-add-one-more-testcase-for-DHCPv4-classless-r.patch | ||
750 | 120 | lp1977630-fix_machinectl_pull_tar.patch | ||
751 | 121 | lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch | ||
752 | 122 | lp1999275/binfmt-util-split-out-binfmt_mounted.patch | ||
753 | 123 | lp1999275/binfmt-util-also-check-if-binfmt-is-mounted-in-read-write.patch | ||
754 | 124 | lp1999275/binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch | ||
755 | 125 | lp1999275/unit-check-more-specific-path-to-be-written-by-systemd-bi.patch | ||
756 | diff --git a/debian/systemd.postinst b/debian/systemd.postinst | |||
757 | index d6799d0..73c529c 100644 | |||
758 | --- a/debian/systemd.postinst | |||
759 | +++ b/debian/systemd.postinst | |||
760 | @@ -87,7 +87,22 @@ fi | |||
761 | 87 | 87 | ||
762 | 88 | # skip daemon-reexec and try-restarts during shutdown to avoid hitting LP: #1803391 | 88 | # skip daemon-reexec and try-restarts during shutdown to avoid hitting LP: #1803391 |
763 | 89 | if [ -n "$2" ] && [ "$(systemctl is-system-running)" != "stopping" ]; then | 89 | if [ -n "$2" ] && [ "$(systemctl is-system-running)" != "stopping" ]; then |
765 | 90 | _systemctl daemon-reexec || true | 90 | # LP: #2013543 - the systemd cmdline can get mangled depending on the |
766 | 91 | # contents of /proc/cmdline, which causes systemd to fail to deserialize | ||
767 | 92 | # it's previous state on daemon-reexec. This means that for upgrades from | ||
768 | 93 | # affected versions, we need a reboot and cannot re-exec here, else the | ||
769 | 94 | # bug could be triggered. | ||
770 | 95 | if dpkg --compare-versions "$2" lt "249.11-0ubuntu3.10~"; then | ||
771 | 96 | if ! grep -Fqsx systemd /run/reboot-required.pkgs; then | ||
772 | 97 | echo systemd >> /run/reboot-required.pkgs || true | ||
773 | 98 | fi | ||
774 | 99 | |||
775 | 100 | # Reload to avoid warnings when restarting services below | ||
776 | 101 | _systemctl daemon-reload || true | ||
777 | 102 | else | ||
778 | 103 | _systemctl daemon-reexec || true | ||
779 | 104 | fi | ||
780 | 105 | |||
781 | 91 | # don't restart logind; this can be done again once this gets implemented: | 106 | # don't restart logind; this can be done again once this gets implemented: |
782 | 92 | # https://github.com/systemd/systemd/issues/1163 | 107 | # https://github.com/systemd/systemd/issues/1163 |
783 | 93 | if dpkg --compare-versions "$2" lt-nl "246.2-2~"; then | 108 | if dpkg --compare-versions "$2" lt-nl "246.2-2~"; then |
784 | diff --git a/debian/tests/tests-in-lxd b/debian/tests/tests-in-lxd | |||
785 | index b442ed1..6d5921b 100644 | |||
786 | --- a/debian/tests/tests-in-lxd | |||
787 | +++ b/debian/tests/tests-in-lxd | |||
788 | @@ -52,7 +52,7 @@ lxc exec systemd-lxc -- sh -c "echo [Service] > /etc/systemd/system/systemd-sysu | |||
789 | 52 | lxc exec systemd-lxc -- sh -c "echo LoadCredential= >> /etc/systemd/system/systemd-sysusers.service.d/override.conf" | 52 | lxc exec systemd-lxc -- sh -c "echo LoadCredential= >> /etc/systemd/system/systemd-sysusers.service.d/override.conf" |
790 | 53 | 53 | ||
791 | 54 | lxc stop systemd-lxc | 54 | lxc stop systemd-lxc |
793 | 55 | lxc publish systemd-lxc --alias $IMAGE | 55 | lxc publish systemd-lxc --reuse --alias $IMAGE |
794 | 56 | 56 | ||
795 | 57 | for t in unit-tests boot-and-services; do | 57 | for t in unit-tests boot-and-services; do |
796 | 58 | autopkgtest -U -B . --test-name=$t -- lxd $IMAGE || [ $? = 2 ] # see Debian's #960267 | 58 | autopkgtest -U -B . --test-name=$t -- lxd $IMAGE || [ $? = 2 ] # see Debian's #960267 |
Thanks, lgtm!
I've added two inline comments about the "systemd- networkd- wait-online --any" behavior on GKE cloud images (see my forwarded email) and a potential systemd.postinst interference with debhelper for extra considerations.