Ubuntu
systemd package

Merge ~enr0n/ubuntu/+source/systemd:ubuntu-jammy-sru into ~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-jammy

  1. Git
  2. lp:~enr0n/ubuntu/+source/systemd
  3. ubuntu-jammy-sru
  4. Merge into ubuntu-jammy
Proposed by Nick Rosbrook
Status: Merged
Merged at revision: 0b9eadf05ee6db0e009dacbc71521480095880b3
Proposed branch: ~enr0n/ubuntu/+source/systemd:ubuntu-jammy-sru
Merge into: ~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-jammy
Diff against target: 796 lines (+623/-45)
16 files modified
debian/patches/lp1977630-fix_machinectl_pull_tar.patch (+81/-0)
debian/patches/lp1978079-efi-pstore-not-cleared-on-boot.patch (+5/-4)
debian/patches/lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch (+29/-0)
debian/patches/lp1999275/binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch (+80/-0)
debian/patches/lp1999275/binfmt-util-also-check-if-binfmt-is-mounted-in-read-write.patch (+41/-0)
debian/patches/lp1999275/binfmt-util-split-out-binfmt_mounted.patch (+69/-0)
debian/patches/lp1999275/unit-check-more-specific-path-to-be-written-by-systemd-bi.patch (+26/-0)
debian/patches/lp2009743/network-dhcp4-do-not-ignore-the-gateway-even-if-the-desti.patch (+59/-0)
debian/patches/lp2009743/test-network-add-one-more-testcase-for-DHCPv4-classless-r.patch (+33/-0)
debian/patches/lp2013543-core-reorder-systemd-arguments-on-reexec.patch (+58/-0)
debian/patches/lp2025563-shutdown-get-only-active-md-arrays.patch (+67/-0)
debian/patches/lp2028180-udev-rules-fix-nvme-symlink-creation-on-namespace-changes.patch (+47/-0)
debian/patches/series (+11/-1)
debian/systemd.postinst (+16/-1)
debian/tests/tests-in-lxd (+1/-1)
dev/null (+0/-38)
Reviewer Review Type Date Requested Status
Lukas Märdian Approve
Review via email: mp+449220@code.launchpad.net

Description of the change

SRU several bug fixes to Jammy.

To post a comment you must log in.
Revision history for this message
Lukas Märdian (slyon) wrote :

Thanks, lgtm!

I've added two inline comments about the "systemd-networkd-wait-online --any" behavior on GKE cloud images (see my forwarded email) and a potential systemd.postinst interference with debhelper for extra considerations.

review: Approve
Revision history for this message
Nick Rosbrook (enr0n) wrote :

Thanks for your review! I will review the email before proceeding.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/patches/debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch b/debian/patches/debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch
0deleted file mode 1006440deleted file mode 100644
index 56295f5..0000000
--- a/debian/patches/debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch
+++ /dev/null
@@ -1,38 +0,0 @@
1From: Dimitri John Ledkov <xnox@ubuntu.com>
2Date: Mon, 26 Mar 2018 13:17:01 +0100
3Subject: wait-online: exit, if no links are managed.
4
5(cherry picked from commit 19d11f607ac0f8b1e31f72a8e9d3d44371b9dadb)
6---
7 src/network/wait-online/manager.c | 7 ++++++-
8 1 file changed, 6 insertions(+), 1 deletion(-)
9
10--- a/src/network/wait-online/manager.c
11+++ b/src/network/wait-online/manager.c
12@@ -118,6 +118,7 @@ static int manager_link_is_online(Manage
13
14 bool manager_configured(Manager *m) {
15 bool one_ready = false;
16+ bool none_managed = true;
17 const char *ifname;
18 Link *l;
19 int r;
20@@ -168,13 +169,17 @@ bool manager_configured(Manager *m) {
21 _LINK_OPERSTATE_INVALID });
22 if (r < 0 && !m->any)
23 return false;
24+ if (l->state && STR_IN_SET(l->state, "configured", "failed")) {
25+ log_info("managing: %s", l->ifname);
26+ none_managed = false;
27+ }
28 if (r > 0)
29 /* we wait for at least one link to be ready,
30 * regardless of who manages it */
31 one_ready = true;
32 }
33
34- return one_ready;
35+ return one_ready || none_managed;
36 }
37
38 static int manager_process_link(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
diff --git a/debian/patches/lp1977630-fix_machinectl_pull_tar.patch b/debian/patches/lp1977630-fix_machinectl_pull_tar.patch
39new file mode 1006440new file mode 100644
index 0000000..675cd43
--- /dev/null
+++ b/debian/patches/lp1977630-fix_machinectl_pull_tar.patch
@@ -0,0 +1,81 @@
1From: Dan Streetman <ddstreet@ieee.org>
2Bug-Ubuntu: https://bugs.launchpad.net/bugs/1977630
3Forwarded: not-needed
4
5Since import_make_read_only handles a dir by chattr +i, that has to happen
6after renaming, since an immutable dir can't be renamed.
7
8--- a/src/import/pull-tar.c
9+++ b/src/import/pull-tar.c
10@@ -353,10 +353,6 @@ static void tar_pull_job_on_finished(Pul
11 if (r < 0)
12 goto finish;
13
14- r = import_make_read_only(i->temp_path);
15- if (r < 0)
16- goto finish;
17-
18 r = rename_noreplace(AT_FDCWD, i->temp_path, AT_FDCWD, i->final_path);
19 if (r < 0) {
20 log_error_errno(r, "Failed to rename to final image name to %s: %m", i->final_path);
21@@ -365,6 +361,10 @@ static void tar_pull_job_on_finished(Pul
22
23 i->temp_path = mfree(i->temp_path);
24
25+ r = import_make_read_only(i->final_path);
26+ if (r < 0)
27+ goto finish;
28+
29 if (i->settings_job &&
30 i->settings_job->error == 0) {
31
32@@ -380,10 +380,6 @@ static void tar_pull_job_on_finished(Pul
33 if (r < 0)
34 goto finish;
35
36- r = import_make_read_only(i->settings_temp_path);
37- if (r < 0)
38- goto finish;
39-
40 r = rename_noreplace(AT_FDCWD, i->settings_temp_path, AT_FDCWD, i->settings_path);
41 if (r < 0) {
42 log_error_errno(r, "Failed to rename settings file to %s: %m", i->settings_path);
43@@ -391,6 +387,10 @@ static void tar_pull_job_on_finished(Pul
44 }
45
46 i->settings_temp_path = mfree(i->settings_temp_path);
47+
48+ r = import_make_read_only(i->settings_path);
49+ if (r < 0)
50+ goto finish;
51 }
52 }
53
54--- a/src/import/import-tar.c
55+++ b/src/import/import-tar.c
56@@ -179,12 +179,6 @@ static int tar_import_finish(TarImport *
57 if (r < 0)
58 return r;
59
60- if (i->flags & IMPORT_READ_ONLY) {
61- r = import_make_read_only(i->temp_path);
62- if (r < 0)
63- return r;
64- }
65-
66 if (i->flags & IMPORT_FORCE)
67 (void) rm_rf(i->final_path, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME);
68
69@@ -194,6 +188,12 @@ static int tar_import_finish(TarImport *
70
71 i->temp_path = mfree(i->temp_path);
72
73+ if (i->flags & IMPORT_READ_ONLY) {
74+ r = import_make_read_only(i->final_path);
75+ if (r < 0)
76+ return r;
77+ }
78+
79 return 0;
80 }
81
diff --git a/debian/patches/lp1978079-efi-pstore-not-cleared-on-boot.patch b/debian/patches/lp1978079-efi-pstore-not-cleared-on-boot.patch
index 9331b73..49584bd 100644
--- a/debian/patches/lp1978079-efi-pstore-not-cleared-on-boot.patch
+++ b/debian/patches/lp1978079-efi-pstore-not-cleared-on-boot.patch
@@ -6,9 +6,10 @@ Subject: [PATCH] pstore: Run after modules are loaded
6Origin: upstream, https://github.com/systemd/systemd/commit/70e74a5997ae2ce7ba72a74ac949c3b2dad1a1d66Origin: upstream, https://github.com/systemd/systemd/commit/70e74a5997ae2ce7ba72a74ac949c3b2dad1a1d6
7Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/19780797Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1978079
8Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/19816228Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1981622
9Last-Updated: 2022-07-229Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2023462
10Last-Updated: 2023-08-02
1011
11The original commit has been modified to not load mtdpstore.12The original commit has been modified to only load efi_pstore, as that is all that was really needed.
1213
13---14---
14The systemd-pstore service takes pstore files on boot and transfers them15The systemd-pstore service takes pstore files on boot and transfers them
@@ -42,8 +43,8 @@ index 848e311e9642..86de30ad4a72 100644
42 DefaultDependencies=no43 DefaultDependencies=no
43 Conflicts=shutdown.target44 Conflicts=shutdown.target
44 Before=sysinit.target shutdown.target45 Before=sysinit.target shutdown.target
45+After=modprobe@efi_pstore.service modprobe@chromeos_pstore.service modprobe@ramoops.service modprobe@pstore_zone.service modprobe@pstore_blk.service46+After=modprobe@efi_pstore.service
46+Wants=modprobe@efi_pstore.service modprobe@chromeos_pstore.service modprobe@ramoops.service modprobe@pstore_zone.service modprobe@pstore_blk.service47+Wants=modprobe@efi_pstore.service
47 48
48 [Service]49 [Service]
49 Type=oneshot50 Type=oneshot
diff --git a/debian/patches/lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch b/debian/patches/lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch
50new file mode 10064451new file mode 100644
index 0000000..d35aa0f
--- /dev/null
+++ b/debian/patches/lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch
@@ -0,0 +1,29 @@
1From 137d162c42ed858613afc3d7493d08d4ae6d5c1b Mon Sep 17 00:00:00 2001
2From: Dan Streetman <ddstreet@ieee.org>
3Date: Fri, 16 Sep 2022 10:50:59 -0400
4Subject: [PATCH] add CAP_LINUX_IMMUTABLE to systemd-machined, so it can handle
5 machinectl read-only requests
6Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1991829
7Origin: upstream, https://github.com/systemd/systemd/pull/24697
8
9Without this, the 'machinectl read-only ...' command always fails.
10---
11 units/systemd-machined.service.in | 2 +-
12 1 file changed, 1 insertion(+), 1 deletion(-)
13
14diff --git a/units/systemd-machined.service.in b/units/systemd-machined.service.in
15index e92f436dfd..d3f8abd9e4 100644
16--- a/units/systemd-machined.service.in
17+++ b/units/systemd-machined.service.in
18@@ -18,7 +18,7 @@ RequiresMountsFor=/var/lib/machines
19
20 [Service]
21 BusName=org.freedesktop.machine1
22-CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD
23+CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD CAP_LINUX_IMMUTABLE
24 ExecStart={{ROOTLIBEXECDIR}}/systemd-machined
25 IPAddressDeny=any
26 LockPersonality=yes
27--
282.34.1
29
diff --git a/debian/patches/lp1999275/binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch b/debian/patches/lp1999275/binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch
0new file mode 10064430new file mode 100644
index 0000000..792097d
--- /dev/null
+++ b/debian/patches/lp1999275/binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch
@@ -0,0 +1,80 @@
1From: Yu Watanabe <watanabe.yu+github@gmail.com>
2Date: Sat, 10 Dec 2022 11:42:50 +0900
3Subject: binfmt: check if binfmt is mounted before applying rules
4
5Origin: upstream, https://github.com/systemd/systemd/commit/94ba5b15329d9d19277ca418bfd0266da98f7b2a
6Bug-Ubuntu: https://launchpad.net/bugs/1999275
7
8---
9 src/binfmt/binfmt.c | 19 +++++++++++++++++++
10 src/shared/binfmt-util.c | 2 +-
11 src/shared/binfmt-util.h | 1 +
12 3 files changed, 21 insertions(+), 1 deletion(-)
13
14diff --git a/src/binfmt/binfmt.c b/src/binfmt/binfmt.c
15index 981218f..999ccd0 100644
16--- a/src/binfmt/binfmt.c
17+++ b/src/binfmt/binfmt.c
18@@ -184,6 +184,18 @@ static int parse_argv(int argc, char *argv[]) {
19 return 1;
20 }
21
22+static int binfmt_mounted_warn(void) {
23+ int r;
24+
25+ r = binfmt_mounted();
26+ if (r < 0)
27+ return log_error_errno(r, "Failed to check if /proc/sys/fs/binfmt_misc is mounted: %m");
28+ if (r == 0)
29+ log_debug("/proc/sys/fs/binfmt_misc is not mounted in read-write mode, skipping.");
30+
31+ return r;
32+}
33+
34 static int run(int argc, char *argv[]) {
35 int r, k;
36
37@@ -201,6 +213,9 @@ static int run(int argc, char *argv[]) {
38 return disable_binfmt();
39
40 if (argc > optind) {
41+ r = binfmt_mounted_warn();
42+ if (r <= 0)
43+ return r;
44 int i;
45
46 for (i = optind; i < argc; i++) {
47@@ -222,6 +237,10 @@ static int run(int argc, char *argv[]) {
48 return cat_files(NULL, files, 0);
49 }
50
51+ r = binfmt_mounted_warn();
52+ if (r <= 0)
53+ return r;
54+
55 /* Flush out all rules */
56 (void) write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", WRITE_STRING_FILE_DISABLE_BUFFER);
57
58diff --git a/src/shared/binfmt-util.c b/src/shared/binfmt-util.c
59index 51fc245..a261754 100644
60--- a/src/shared/binfmt-util.c
61+++ b/src/shared/binfmt-util.c
62@@ -12,7 +12,7 @@
63 #include "missing_magic.h"
64 #include "stat-util.h"
65
66-static int binfmt_mounted(void) {
67+int binfmt_mounted(void) {
68 _cleanup_close_ int fd = -EBADF;
69 int r;
70
71diff --git a/src/shared/binfmt-util.h b/src/shared/binfmt-util.h
72index 2f008d1..13f4548 100644
73--- a/src/shared/binfmt-util.h
74+++ b/src/shared/binfmt-util.h
75@@ -1,4 +1,5 @@
76 /* SPDX-License-Identifier: LGPL-2.1-or-later */
77 #pragma once
78
79+int binfmt_mounted(void);
80 int disable_binfmt(void);
diff --git a/debian/patches/lp1999275/binfmt-util-also-check-if-binfmt-is-mounted-in-read-write.patch b/debian/patches/lp1999275/binfmt-util-also-check-if-binfmt-is-mounted-in-read-write.patch
0new file mode 10064481new file mode 100644
index 0000000..9541dbd
--- /dev/null
+++ b/debian/patches/lp1999275/binfmt-util-also-check-if-binfmt-is-mounted-in-read-write.patch
@@ -0,0 +1,41 @@
1From: Yu Watanabe <watanabe.yu+github@gmail.com>
2Date: Sat, 10 Dec 2022 11:32:24 +0900
3Subject: binfmt-util: also check if binfmt is mounted in read-write
4
5Origin: upstream, https://github.com/systemd/systemd/commit/5aaa79ce96997825b4dcdcf5be10d8f955fb3339
6Bug-Ubuntu: https://launchpad.net/bugs/1999275
7
8---
9 src/shared/binfmt-util.c | 5 +++--
10 1 file changed, 3 insertions(+), 2 deletions(-)
11
12diff --git a/src/shared/binfmt-util.c b/src/shared/binfmt-util.c
13index e813c3e..51fc245 100644
14--- a/src/shared/binfmt-util.c
15+++ b/src/shared/binfmt-util.c
16@@ -8,6 +8,7 @@
17 #include "errno-util.h"
18 #include "fd-util.h"
19 #include "fileio.h"
20+#include "fs-util.h"
21 #include "missing_magic.h"
22 #include "stat-util.h"
23
24@@ -25,7 +26,7 @@ static int binfmt_mounted(void) {
25 if (r <= 0)
26 return r;
27
28- return true;
29+ return access_fd(fd, W_OK) >= 0;
30 }
31
32 int disable_binfmt(void) {
33@@ -41,7 +42,7 @@ int disable_binfmt(void) {
34 if (r < 0)
35 return log_warning_errno(r, "Failed to determine whether binfmt_misc is mounted: %m");
36 if (r == 0) {
37- log_debug("binfmt_misc is not mounted, not detaching entries.");
38+ log_debug("binfmt_misc is not mounted in read-write mode, not detaching entries.");
39 return 0;
40 }
41
diff --git a/debian/patches/lp1999275/binfmt-util-split-out-binfmt_mounted.patch b/debian/patches/lp1999275/binfmt-util-split-out-binfmt_mounted.patch
0new file mode 10064442new file mode 100644
index 0000000..74f1d4c
--- /dev/null
+++ b/debian/patches/lp1999275/binfmt-util-split-out-binfmt_mounted.patch
@@ -0,0 +1,69 @@
1From: Yu Watanabe <watanabe.yu+github@gmail.com>
2Date: Sat, 10 Dec 2022 11:25:28 +0900
3Subject: binfmt-util: split out binfmt_mounted()
4
5Origin: upstream, https://github.com/systemd/systemd/commit/a51a9684c926af917ad1b8e2f34538aee3c7ce2d
6Bug-Ubuntu: https://launchpad.net/bugs/1999275
7
8No functional changes, just refactoring and preparation for later
9commits.
10
11(modified to apply to v249.11)
12---
13 src/shared/binfmt-util.c | 29 +++++++++++++++++++++++++----
14 1 file changed, 25 insertions(+), 4 deletions(-)
15
16diff --git a/src/shared/binfmt-util.c b/src/shared/binfmt-util.c
17index 724d7f2..d149382 100644
18--- a/src/shared/binfmt-util.c
19+++ b/src/shared/binfmt-util.c
20@@ -5,10 +5,31 @@
21 #include <sys/vfs.h>
22
23 #include "binfmt-util.h"
24+#include "errno-util.h"
25+#include "fd-util.h"
26 #include "fileio.h"
27 #include "missing_magic.h"
28 #include "stat-util.h"
29
30+static int binfmt_mounted(void) {
31+ _cleanup_close_ int fd = -EBADF;
32+ int r;
33+
34+ fd = open("/proc/sys/fs/binfmt_misc", O_CLOEXEC | O_DIRECTORY | O_PATH);
35+ if (fd < 0)
36+ fd = -errno;
37+ if (fd == -ENOENT)
38+ return false;
39+ if (fd < 0)
40+ return fd;
41+
42+ r = fd_is_fs_type(fd, BINFMTFS_MAGIC);
43+ if (r <= 0)
44+ return r;
45+
46+ return true;
47+}
48+
49 int disable_binfmt(void) {
50 int r;
51
52@@ -18,13 +39,13 @@ int disable_binfmt(void) {
53 * We are a bit careful here, since binfmt_misc might still be an autofs which we don't want to
54 * trigger. */
55
56- r = path_is_fs_type("/proc/sys/fs/binfmt_misc", BINFMTFS_MAGIC);
57- if (r == 0 || r == -ENOENT) {
58+ r = binfmt_mounted();
59+ if (r < 0)
60+ return log_warning_errno(r, "Failed to determine whether binfmt_misc is mounted: %m");
61+ if (r == 0) {
62 log_debug("binfmt_misc is not mounted, not detaching entries.");
63 return 0;
64 }
65- if (r < 0)
66- return log_warning_errno(r, "Failed to determine whether binfmt_misc is mounted: %m");
67
68 r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", WRITE_STRING_FILE_DISABLE_BUFFER);
69 if (r < 0)
diff --git a/debian/patches/lp1999275/unit-check-more-specific-path-to-be-written-by-systemd-bi.patch b/debian/patches/lp1999275/unit-check-more-specific-path-to-be-written-by-systemd-bi.patch
0new file mode 10064470new file mode 100644
index 0000000..5f0cfe2
--- /dev/null
+++ b/debian/patches/lp1999275/unit-check-more-specific-path-to-be-written-by-systemd-bi.patch
@@ -0,0 +1,26 @@
1From: Yu Watanabe <watanabe.yu+github@gmail.com>
2Date: Sat, 10 Dec 2022 11:46:45 +0900
3Subject: unit: check more specific path to be written by systemd-binfmt
4
5Origin: upstream, https://github.com/systemd/systemd/commit/f74a7cb45c2458f90de6d37c70fa3afc1a3be279
6Bug-Ubuntu: https://launchpad.net/bugs/1999275
7
8Follow-up for 41807efb1594ae8e71e0255e154ea7d17be2251a.
9Replaces #25690.
10---
11 units/systemd-binfmt.service.in | 2 +-
12 1 file changed, 1 insertion(+), 1 deletion(-)
13
14diff --git a/units/systemd-binfmt.service.in b/units/systemd-binfmt.service.in
15index 96f595a..5bf3e99 100644
16--- a/units/systemd-binfmt.service.in
17+++ b/units/systemd-binfmt.service.in
18@@ -18,7 +18,7 @@ After=proc-sys-fs-binfmt_misc.automount
19 After=proc-sys-fs-binfmt_misc.mount
20 After=local-fs.target
21 Before=sysinit.target shutdown.target
22-ConditionPathIsReadWrite=/proc/sys/
23+ConditionPathIsMountPoint=/proc/sys/fs/binfmt_misc
24 ConditionDirectoryNotEmpty=|/lib/binfmt.d
25 ConditionDirectoryNotEmpty=|/usr/lib/binfmt.d
26 ConditionDirectoryNotEmpty=|/usr/local/lib/binfmt.d
diff --git a/debian/patches/lp2009743/network-dhcp4-do-not-ignore-the-gateway-even-if-the-desti.patch b/debian/patches/lp2009743/network-dhcp4-do-not-ignore-the-gateway-even-if-the-desti.patch
0new file mode 10064427new file mode 100644
index 0000000..b83201f
--- /dev/null
+++ b/debian/patches/lp2009743/network-dhcp4-do-not-ignore-the-gateway-even-if-the-desti.patch
@@ -0,0 +1,59 @@
1From: Yu Watanabe <watanabe.yu+github@gmail.com>
2Date: Fri, 7 Jul 2023 06:31:04 +0900
3Subject: network/dhcp4: do not ignore the gateway even if the destination is
4 in the same network
5
6Origin: upstream, https://github.com/systemd/systemd/commit/77451f654a89d822cd288883edfac315949d1cb6
7Bug-Ubuntu: https://launchpad.net/bugs/2009743
8
9Fixes #28280.
10
11(modified to apply to v249.11)
12---
13 src/network/networkd-dhcp4.c | 12 ++++++++----
14 1 file changed, 8 insertions(+), 4 deletions(-)
15
16diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c
17index 9b06edc..8dc85a4 100644
18--- a/src/network/networkd-dhcp4.c
19+++ b/src/network/networkd-dhcp4.c
20@@ -290,7 +290,8 @@ static int dhcp4_request_route_to_gateway(Link *link, const struct in_addr *gw)
21 static int dhcp4_request_route_auto(
22 Route *in,
23 Link *link,
24- const struct in_addr *gw) {
25+ const struct in_addr *gw,
26+ bool force_use_gw) {
27
28 _cleanup_(route_freep) Route *route = in;
29 struct in_addr address, netmask, prefix;
30@@ -335,7 +336,8 @@ static int dhcp4_request_route_auto(
31 route->gw = IN_ADDR_NULL;
32 route->prefsrc.in = address;
33
34- } else if (route->dst_prefixlen >= prefixlen &&
35+ } else if (!force_use_gw &&
36+ route->dst_prefixlen >= prefixlen &&
37 (route->dst.in.s_addr & netmask.s_addr) == prefix.s_addr) {
38 if (in4_addr_is_set(gw))
39 log_link_debug(link, "DHCP: requested route destination "IPV4_ADDRESS_FMT_STR"/%u is in the assigned network "
40@@ -450,7 +452,9 @@ static int dhcp4_request_static_routes(Link *link, struct in_addr *ret_default_g
41 in4_addr_is_null(&default_gw))
42 default_gw = gw;
43
44- r = dhcp4_request_route_auto(TAKE_PTR(route), link, &gw);
45+ /* Do not ignore the gateway given by the classless route option even if the destination is
46+ * in the same network. See issue #28280. */
47+ r = dhcp4_request_route_auto(TAKE_PTR(route), link, &gw, /* force_use_gw = */ classless_route);
48 if (r < 0)
49 return r;
50 }
51@@ -575,7 +579,7 @@ static int dhcp4_request_routes_to_servers(
52 route->table = link_get_dhcp_route_table(link);
53 route->mtu = link->network->dhcp_route_mtu;
54
55- r = dhcp4_request_route_auto(TAKE_PTR(route), link, gw);
56+ r = dhcp4_request_route_auto(TAKE_PTR(route), link, gw, /* force_use_gw = */ false);
57 if (r < 0)
58 return r;
59 }
diff --git a/debian/patches/lp2009743/test-network-add-one-more-testcase-for-DHCPv4-classless-r.patch b/debian/patches/lp2009743/test-network-add-one-more-testcase-for-DHCPv4-classless-r.patch
0new file mode 10064460new file mode 100644
index 0000000..c19e9f7
--- /dev/null
+++ b/debian/patches/lp2009743/test-network-add-one-more-testcase-for-DHCPv4-classless-r.patch
@@ -0,0 +1,33 @@
1From: Yu Watanabe <watanabe.yu+github@gmail.com>
2Date: Fri, 7 Jul 2023 06:57:04 +0900
3Subject: test-network: add one more testcase for DHCPv4 classless route
4
5Origin: upstream, https://github.com/systemd/systemd/commit/86f6760038477e9e27ccea580f1b3b27328a98a7
6Bug-Ubuntu: https://launchpad.net/bugs/2009743
7
8For issue #28280.
9---
10 test/test-network/systemd-networkd-tests.py | 3 ++-
11 1 file changed, 2 insertions(+), 1 deletion(-)
12
13diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py
14index aab7b57..5143381 100755
15--- a/test/test-network/systemd-networkd-tests.py
16+++ b/test/test-network/systemd-networkd-tests.py
17@@ -3999,7 +3999,7 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
18 self.wait_online(['veth-peer:carrier'])
19 additional_options = '--dhcp-option=option:dns-server,192.168.5.10,8.8.8.8 --dhcp-option=option:ntp-server,192.168.5.11,9.9.9.9 --dhcp-option=option:static-route,192.168.5.100,192.168.5.2,8.8.8.8,192.168.5.3'
20 if classless:
21- additional_options += ' --dhcp-option=option:classless-static-route,0.0.0.0/0,192.168.5.4,8.0.0.0/8,192.168.5.5'
22+ additional_options += ' --dhcp-option=option:classless-static-route,0.0.0.0/0,192.168.5.4,8.0.0.0/8,192.168.5.5,192.168.5.64/26,192.168.5.5'
23 start_dnsmasq(additional_options=additional_options, lease_time='2m')
24 self.wait_online(['veth99:routable', 'veth-peer:routable'])
25
26@@ -4011,6 +4011,7 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
27 if classless:
28 self.assertRegex(output, r'default via 192.168.5.4 proto dhcp src 192.168.5.[0-9]* metric 1024')
29 self.assertRegex(output, r'8.0.0.0/8 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
30+ self.assertRegex(output, r'192.168.5.64/26 via 192.168.5.5 proto dhcp src 192.168.5.[0-9]* metric 1024')
31 self.assertRegex(output, r'192.168.5.4 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
32 self.assertRegex(output, r'192.168.5.5 proto dhcp scope link src 192.168.5.[0-9]* metric 1024')
33 else:
diff --git a/debian/patches/lp2013543-core-reorder-systemd-arguments-on-reexec.patch b/debian/patches/lp2013543-core-reorder-systemd-arguments-on-reexec.patch
0new file mode 10064434new file mode 100644
index 0000000..b4bb1ff
--- /dev/null
+++ b/debian/patches/lp2013543-core-reorder-systemd-arguments-on-reexec.patch
@@ -0,0 +1,58 @@
1From: Frantisek Sumsal <frantisek@sumsal.cz>
2Date: Thu, 29 Jun 2023 13:31:19 +0200
3Subject: core: reorder systemd arguments on reexec
4
5Origin: upstream, https://github.com/systemd/systemd/commit/163be31d380fbdcb56ec06c09e81774840df90dc
6Bug-Ubuntu: https://launchpad.net/bugs/2013543
7
8When reexecuting system let's put our arguments carrying deserialization
9info first followed by any existing arguments to make sure they get
10parsed in case we get weird stuff from the kernel cmdline (like --).
11
12See: https://github.com/systemd/systemd/issues/28184
13(cherry picked from commit 06afda6b38d5d730fca3c65449096425933272bc)
14(cherry picked from commit 884ab38057dca70b8779c85884f4646057e80921)
15---
16 src/core/main.c | 6 +++++-
17 test/TEST-01-BASIC/test.sh | 5 +++++
18 2 files changed, 10 insertions(+), 1 deletion(-)
19
20diff --git a/src/core/main.c b/src/core/main.c
21index 66897c2..1bb3b6b 100644
22--- a/src/core/main.c
23+++ b/src/core/main.c
24@@ -1797,13 +1797,17 @@ static void do_reexecute(
25 xsprintf(sfd, "%i", fileno(arg_serialization));
26
27 i = 1; /* Leave args[0] empty for now. */
28- filter_args(args, &i, argv, argc);
29
30+ /* Put our stuff first to make sure it always gets parsed in case
31+ * we get weird stuff from the kernel cmdline (like --) */
32 if (switch_root_dir)
33 args[i++] = "--switched-root";
34 args[i++] = arg_system ? "--system" : "--user";
35 args[i++] = "--deserialize";
36 args[i++] = sfd;
37+
38+ filter_args(args, &i, argv, argc);
39+
40 args[i++] = NULL;
41
42 assert(i <= args_size);
43diff --git a/test/TEST-01-BASIC/test.sh b/test/TEST-01-BASIC/test.sh
44index d42c0df..dbca6ac 100755
45--- a/test/TEST-01-BASIC/test.sh
46+++ b/test/TEST-01-BASIC/test.sh
47@@ -6,6 +6,11 @@ IMAGE_NAME="basic"
48 RUN_IN_UNPRIVILEGED_CONTAINER=${RUN_IN_UNPRIVILEGED_CONTAINER:-yes}
49 TEST_REQUIRE_INSTALL_TESTS=0
50
51+# Check if we can correctly deserialize if the kernel cmdline contains "weird" stuff
52+# like an invalid argument, "end of arguments" separator, or a sysvinit argument (-z)
53+# See: https://github.com/systemd/systemd/issues/28184
54+KERNEL_APPEND="foo -- -z bar --- baz $KERNEL_APPEND"
55+
56 # shellcheck source=test/test-functions
57 . "${TEST_BASE_DIR:?}/test-functions"
58
diff --git a/debian/patches/lp2025563-shutdown-get-only-active-md-arrays.patch b/debian/patches/lp2025563-shutdown-get-only-active-md-arrays.patch
0new file mode 10064459new file mode 100644
index 0000000..d2cc39f
--- /dev/null
+++ b/debian/patches/lp2025563-shutdown-get-only-active-md-arrays.patch
@@ -0,0 +1,67 @@
1From: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
2Date: Tue, 29 Mar 2022 12:49:54 +0200
3Subject: shutdown: get only active md arrays.
4
5Origin: upstream, https://github.com/systemd/systemd/commit/3a3b022d2cc112803ea7b9beea98bbcad110368a
6Bug-Ubuntu: https://launchpad.net/bugs/2025563
7
8Current md_list_get() implementation filters all block devices, started from
9"md*". This is ambiguous because list could contain:
10- partitions created upon md device (mdXpY)
11- external metadata container- specific type of md array.
12
13For partitions there is no issue, because they aren't handle STOP_ARRAY
14ioctl sent later. It generates misleading errors only.
15
16Second case is more problematic because containers are not locked in kernel.
17They are stopped even if container member array is active. For that reason
18reboot or shutdown flow could be blocked because metadata manager cannot be
19restarted after switch root on shutdown.
20
21Add filters to remove partitions and containers from md_list. Partitions
22can be excluded by DEVTYPE. Containers are determined by MD_LEVEL
23property, we are excluding all with "container" value.
24
25Signed-off-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
26---
27 src/shutdown/umount.c | 18 +++++++++++++++++-
28 1 file changed, 17 insertions(+), 1 deletion(-)
29
30diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c
31index 1f945b7..9325870 100644
32--- a/src/shutdown/umount.c
33+++ b/src/shutdown/umount.c
34@@ -352,9 +352,14 @@ static int md_list_get(MountPoint **head) {
35 if (r < 0)
36 return r;
37
38+ /* Filter out partitions. */
39+ r = sd_device_enumerator_add_match_property(e, "DEVTYPE", "disk");
40+ if (r < 0)
41+ return r;
42+
43 FOREACH_DEVICE(e, d) {
44 _cleanup_free_ char *p = NULL;
45- const char *dn;
46+ const char *dn, *md_level;
47 MountPoint *m;
48 dev_t devnum;
49
50@@ -362,6 +367,17 @@ static int md_list_get(MountPoint **head) {
51 sd_device_get_devname(d, &dn) < 0)
52 continue;
53
54+ r = sd_device_get_property_value(d, "MD_LEVEL", &md_level);
55+ if (r < 0) {
56+ log_warning_errno(r, "Failed to get MD_LEVEL property for %s, ignoring: %m", dn);
57+ continue;
58+ }
59+
60+ /* MD "containers" are a special type of MD devices, used for external metadata.
61+ * Since it doesn't provide RAID functionality in itself we don't need to stop it. */
62+ if (streq(md_level, "container"))
63+ continue;
64+
65 p = strdup(dn);
66 if (!p)
67 return -ENOMEM;
diff --git a/debian/patches/lp2028180-udev-rules-fix-nvme-symlink-creation-on-namespace-changes.patch b/debian/patches/lp2028180-udev-rules-fix-nvme-symlink-creation-on-namespace-changes.patch
0new file mode 10064468new file mode 100644
index 0000000..6f1adfe
--- /dev/null
+++ b/debian/patches/lp2028180-udev-rules-fix-nvme-symlink-creation-on-namespace-changes.patch
@@ -0,0 +1,47 @@
1From: Thomas Blume <Thomas.Blume@suse.com>
2Date: Thu, 2 Mar 2023 12:06:13 +0100
3Subject: udev-rules: fix nvme symlink creation on namespace changes
4
5Origin: upstream, https://github.com/systemd/systemd/commit/c5ba7a2a4dd19a2d31b8a9d52d3c4bdde78387f0
6Bug-Ubuntu: https://launchpad.net/bugs/2028180
7
8The nvme by-id symlink changes to the latest namespace when a new namespace gets
9added, for example by connecting multiple NVMe/TCP host controllers via nvme
10connect-all.
11That is incorrect for persistent device links.
12The persistent symbolic device link should continue to point to the same NVMe
13namespace throughout the lifetime of the current boot.
14Therefore the namespace id needs to be added to the link name.
15
16(modified to apply to v249.11)
17---
18 rules.d/60-persistent-storage.rules | 8 ++++++++
19 1 file changed, 8 insertions(+)
20
21diff --git a/rules.d/60-persistent-storage.rules b/rules.d/60-persistent-storage.rules
22index a2417cd..1e78f04 100644
23--- a/rules.d/60-persistent-storage.rules
24+++ b/rules.d/60-persistent-storage.rules
25@@ -37,14 +37,22 @@ KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{serial}=="?*", ENV{ID_S
26 KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{wwid}=="?*", ENV{ID_WWN}="$attr{wwid}"
27 KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{model}=="?*", ENV{ID_MODEL}="$attr{model}"
28 KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{firmware_rev}=="?*", ENV{ID_REVISION}="$attr{firmware_rev}"
29+KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{nsid}=="?*", ENV{ID_NSID}="$attr{nsid}"
30+# obsolete symlink that might get overridden on adding a new nvme controller, kept for backward compatibility
31 KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ENV{ID_MODEL}=="?*", ENV{ID_SERIAL_SHORT}=="?*", \
32 OPTIONS="string_escape=replace", ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}"
33+KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ENV{ID_MODEL}=="?*", ENV{ID_SERIAL_SHORT}=="?*", ENV{ID_NSID}=="?*",\
34+ OPTIONS="string_escape=replace", ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}_$env{ID_NSID}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}"
35
36 KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{serial}=="?*", ENV{ID_SERIAL_SHORT}="$attr{serial}"
37 KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{model}=="?*", ENV{ID_MODEL}="$attr{model}"
38 KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{firmware_rev}=="?*", ENV{ID_REVISION}="$attr{firmware_rev}"
39+KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{nsid}=="?*", ENV{ID_NSID}="$attr{nsid}"
40+# obsolete symlink that might get overridden on adding a new nvme controller, kept for backward compatibility
41 KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ENV{ID_MODEL}=="?*", ENV{ID_SERIAL_SHORT}=="?*", \
42 OPTIONS="string_escape=replace", ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}-part%n"
43+KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ENV{ID_MODEL}=="?*", ENV{ID_SERIAL_SHORT}=="?*", ENV{ID_NSID}=="?*",\
44+ OPTIONS="string_escape=replace", ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}_$env{ID_NSID}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}-part%n"
45
46 # virtio-blk
47 KERNEL=="vd*[!0-9]", ATTRS{serial}=="?*", ENV{ID_SERIAL}="$attr{serial}", SYMLINK+="disk/by-id/virtio-$env{ID_SERIAL}"
diff --git a/debian/patches/series b/debian/patches/series
index c98336a..7730bb0 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -46,7 +46,6 @@ debian/Ubuntu-core-in-execute-soft-fail-setting-Nice-priority-when.patch
46debian/Ubuntu-units-set-ConditionVirtualization-private-users-on-j.patch46debian/Ubuntu-units-set-ConditionVirtualization-private-users-on-j.patch
47debian/UBUNTU-Add-AssumedApparmorLabel-unconfined-to-timedate1-dbus.patch47debian/UBUNTU-Add-AssumedApparmorLabel-unconfined-to-timedate1-dbus.patch
48debian/UBUNTU-test-test-functions-launch-qemu-with-vga-none.patch48debian/UBUNTU-test-test-functions-launch-qemu-with-vga-none.patch
49debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch
50debian/UBUNTU-journald.service-set-Nice-1-to-dodge-watchdog-on-soft-loc.patch49debian/UBUNTU-journald.service-set-Nice-1-to-dodge-watchdog-on-soft-loc.patch
51debian/UBUNTU-units-block-CAP_SYS_MODULE-units-in-containers-too.patch50debian/UBUNTU-units-block-CAP_SYS_MODULE-units-in-containers-too.patch
52debian/UBUNTU-test-sleep-skip-test_fiemap-upon-inapproriate-ioctl-.patch51debian/UBUNTU-test-sleep-skip-test_fiemap-upon-inapproriate-ioctl-.patch
@@ -113,3 +112,14 @@ lp2002445/sd-device-make-device_set_syspath-clear-sysname-and-sysnu.patch
113lp2002445/udev-restore-syspath-and-properties-on-failure.patch112lp2002445/udev-restore-syspath-and-properties-on-failure.patch
114lp2002445/sd-device-introduce-device_get_property_int.patch113lp2002445/sd-device-introduce-device_get_property_int.patch
115lp2002445/core-device-ignore-failed-uevents.patch114lp2002445/core-device-ignore-failed-uevents.patch
115lp2025563-shutdown-get-only-active-md-arrays.patch
116lp2028180-udev-rules-fix-nvme-symlink-creation-on-namespace-changes.patch
117lp2013543-core-reorder-systemd-arguments-on-reexec.patch
118lp2009743/network-dhcp4-do-not-ignore-the-gateway-even-if-the-desti.patch
119lp2009743/test-network-add-one-more-testcase-for-DHCPv4-classless-r.patch
120lp1977630-fix_machinectl_pull_tar.patch
121lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch
122lp1999275/binfmt-util-split-out-binfmt_mounted.patch
123lp1999275/binfmt-util-also-check-if-binfmt-is-mounted-in-read-write.patch
124lp1999275/binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch
125lp1999275/unit-check-more-specific-path-to-be-written-by-systemd-bi.patch
diff --git a/debian/systemd.postinst b/debian/systemd.postinst
index d6799d0..73c529c 100644
--- a/debian/systemd.postinst
+++ b/debian/systemd.postinst
@@ -87,7 +87,22 @@ fi
8787
88# skip daemon-reexec and try-restarts during shutdown to avoid hitting LP: #180339188# skip daemon-reexec and try-restarts during shutdown to avoid hitting LP: #1803391
89if [ -n "$2" ] && [ "$(systemctl is-system-running)" != "stopping" ]; then89if [ -n "$2" ] && [ "$(systemctl is-system-running)" != "stopping" ]; then
90 _systemctl daemon-reexec || true90 # LP: #2013543 - the systemd cmdline can get mangled depending on the
91 # contents of /proc/cmdline, which causes systemd to fail to deserialize
92 # it's previous state on daemon-reexec. This means that for upgrades from
93 # affected versions, we need a reboot and cannot re-exec here, else the
94 # bug could be triggered.
95 if dpkg --compare-versions "$2" lt "249.11-0ubuntu3.10~"; then
96 if ! grep -Fqsx systemd /run/reboot-required.pkgs; then
97 echo systemd >> /run/reboot-required.pkgs || true
98 fi
99
100 # Reload to avoid warnings when restarting services below
101 _systemctl daemon-reload || true
102 else
103 _systemctl daemon-reexec || true
104 fi
105
91 # don't restart logind; this can be done again once this gets implemented:106 # don't restart logind; this can be done again once this gets implemented:
92 # https://github.com/systemd/systemd/issues/1163107 # https://github.com/systemd/systemd/issues/1163
93 if dpkg --compare-versions "$2" lt-nl "246.2-2~"; then108 if dpkg --compare-versions "$2" lt-nl "246.2-2~"; then
diff --git a/debian/tests/tests-in-lxd b/debian/tests/tests-in-lxd
index b442ed1..6d5921b 100644
--- a/debian/tests/tests-in-lxd
+++ b/debian/tests/tests-in-lxd
@@ -52,7 +52,7 @@ lxc exec systemd-lxc -- sh -c "echo [Service] > /etc/systemd/system/systemd-sysu
52lxc exec systemd-lxc -- sh -c "echo LoadCredential= >> /etc/systemd/system/systemd-sysusers.service.d/override.conf"52lxc exec systemd-lxc -- sh -c "echo LoadCredential= >> /etc/systemd/system/systemd-sysusers.service.d/override.conf"
5353
54lxc stop systemd-lxc54lxc stop systemd-lxc
55lxc publish systemd-lxc --alias $IMAGE55lxc publish systemd-lxc --reuse --alias $IMAGE
5656
57for t in unit-tests boot-and-services; do57for t in unit-tests boot-and-services; do
58 autopkgtest -U -B . --test-name=$t -- lxd $IMAGE || [ $? = 2 ] # see Debian's #96026758 autopkgtest -U -B . --test-name=$t -- lxd $IMAGE || [ $? = 2 ] # see Debian's #960267

Subscribers

People subscribed via source and target branches