ubuntu/+source/systemd:debian/buster

Last commit made on 2019-09-07
Get this branch:
git clone -b debian/buster https://git.launchpad.net/ubuntu/+source/systemd
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/buster
Repository:
lp:ubuntu/+source/systemd

Recent commits

d404ea9... by Michael Biebl on 2019-08-20

Import patches-unapplied version 241-7~deb10u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: e6ff7e0ed6f1a851dd384f354fb47b2827183431

New changelog entries:
  * Rebuild for buster

e6ff7e0... by Michael Biebl on 2019-07-18

Import patches-unapplied version 241-7 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 5da5ac31dc2a1e115041a5fee36e4a1da4b90f78

New changelog entries:
  [ Michael Biebl ]
  * network: Fix failure to bring up interface with Linux kernel 5.2.
    Backport two patches from systemd master in order to fix a bug with 5.2
    kernels where the network interface fails to come up with the following
    error: "enp3s0: Could not bring up interface: Invalid argument"
    (Closes: #931636)
  * Use /usr/sbin/nologin as nologin shell.
    In Debian the nologin shell is installed in /usr/sbin, not /sbin.
    (Closes: #931850)
  [ Mert Dirik ]
  * 40-systemd: Don't fail if SysV init script uses set -u and $1 is unset
    (Closes: #931719)

5da5ac3... by Michael Biebl on 2019-07-08

Import patches-unapplied version 241-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 90a6b791689787c1c05a607ec04fdaa50c970a49

New changelog entries:
  * ask-password: Prevent buffer overflow when reading from keyring.
    Fixes a possible memory corruption that causes systemd-cryptsetup to
    crash either when a single large password is used or when multiple
    passwords have already been pushed to the keyring. (Closes: #929726)
  * Clarify documentation regarding %h/%u/%U specifiers.
    Make it clear, that setting "User=" has no effect on those specifiers.
    Also ensure that "%h" is actually resolved to "/root" for the system
    manager instance as documented in the systemd.unit man page.
    (Closes: #927911)
  * network: Behave more gracefully when IPv6 has been disabled.
    Ignore any configured IPv6 settings when IPv6 has been disabled in the
    kernel via sysctl. Instead of failing completely, continue and log a
    warning instead. (Closes: #929469)

90a6b79... by Michael Biebl on 2019-05-24

Import patches-unapplied version 241-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4ab6e0112101614275e877bcbf6a34cd7c1ce5c5

New changelog entries:
  * Revert "Add check to switch VTs only between K_XLATE or K_UNICODE"
    This change left the keyboard in an unusable state when exiting an X
    session. (Closes: #929229)

4ab6e01... by Michael Biebl on 2019-05-17

Import patches-unapplied version 241-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: d33735d84ea02af803cd42882b123bb8702c26e6

New changelog entries:
  * journal-remote: Do not request Content-Length if Transfer-Encoding is
    chunked (Closes: #927008)
  * systemctl: Restore "systemctl reboot ARG" functionality.
    Fixes a regression introduced in v240. (Closes: #928659)
  * random-util: Eat up bad RDRAND values seen on AMD CPUs.
    Some AMD CPUs return bogus data via RDRAND after a suspend/resume cycle
    while still reporting success via the carry flag.
    Filter out invalid data like -1 (and also 0, just to be sure).
    (Closes: #921267)
  * Add check to switch VTs only between K_XLATE or K_UNICODE.
    Switching to K_UNICODE from other than L_XLATE can make the keyboard
    unusable and possibly leak keypresses from X.
    (CVE-2018-20839, Closes: #929116)
  * Document that DRM render nodes are now owned by group "render"
    (Closes: #926886)

d33735d... by Michael Biebl on 2019-04-08

Import patches-unapplied version 241-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4813c70e5fc42b48dcaf8d2469f176b2cab4378d

New changelog entries:
  [ Michael Biebl ]
  * Drop systemd-shim alternative from libpam-systemd.
    A fixed systemd-shim package which works with newer versions of systemd
    is unlikely to happen given that the systemd-shim package has been
    removed from the archive. Drop the alternative dependency from
    libpam-systemd accordingly.
  * Properly remove duplicate directories from systemd package.
    When removing duplicate directories from the systemd package, sort the
    list of directories in reverse order so we properly delete nested
    directories.
  * udev: Run programs in the specified order (Closes: #925190)
  * bash-completion: Use default completion for redirect operators
    (Closes: #924541)
  * networkd: Clarify that IPv6 RA uses our own stack, no the kernel's
    (Closes: #815582)
  * Revert "Drop systemd-timesyncd.service.d/disable-with-time-daemon.conf"
    Apparently Conflicts= are not a reliable mechanism to ensure alternative
    NTP implementations take precedence over systemd-timesyncd.
    (Closes: #902026)
  * network: Fix routing policy rule issue.
    When multiple links request a routing policy, make sure they are all
    applied correctly. (Closes: #924406)
  * pam-systemd: Use secure_getenv() rather than getenv()
    Fixes a vulnerability in the systemd PAM module which insecurely uses
    the environment and lacks seat verification permitting spoofing an
    active session to PolicyKit. (CVE-2019-3842)
  [ Martin Pitt ]
  * Enable udev autopkgtest in containers.
    This test doesn't actually need udev.service (which is disabled in
    containers) and works fine in LXC.
  * Enable boot-and-service autopkgtest in containers
    - Skip tests which can't work in containers.
    - Add missing rsyslog test dependency.
    - e2scrub_reap.service fails in containers, ignore (filed as #926138)
    - Relax pgrep pattern for gdm, as there's no wayland session in
      containers.

4813c70... by Michael Biebl on 2019-03-15

Import patches-unapplied version 241-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7ecee535d6bb8306ad31cecd2c0575488ed4e316

New changelog entries:
  [ Martin Pitt ]
  * debian/tests/boot-smoke: Create journal and udevdb artifacts on all
    failures
  * autopkgtests: Replace obsolete $ADT_* variables
  * networkd-test: Ignore failures of test_route_only_dns* in containers.
    This test exposes a race condition when running in LXC, see issue #11848
    for details. Until that is understood and fixed, skip the test as it's
    not a recent regression. (Closes: #924539)
  * Bump Standards-Version to 4.3.0.
    No changes necessary.
  * debian/tests/boot-smoke: Only check current boot for connection timeouts.
    Otherwise we'll catch some
        Failed to resolve group 'render': Connection timed out
    messages that happen in earlier boots during VM setup, before the
    "render" group is created.
    Fixes https://github.com/systemd/systemd/issues/11875
  * timedated: Fix emitted value when ntp client is enabled/disabled.
    Fixes a regression introduced in 241.
  * debian/tests/timedated: Check enabling/disabling NTP.
    Assert that `timedatectl set-ntp` correctly controls the service, sets
    the `org.freedesktop.timedate1 NTP` property, and sends the right
    `PropertiesChanged` signal.
    This reproduces <https://github.com/systemd/systemd/issues/11944> and
    also the earlier <https://github.com/systemd/systemd/issues/9672>.
  [ Michael Biebl ]
  * Disable fallback DNS servers in resolved (Closes: #923081)
  * cgtop: Fix processing of controllers other than CPU (Closes: #921280)
  * udev: Restore debug level when logging a failure in the external prog
    called by IMPORT{program} (Closes: #924199)
  * core: Remove "." path components from required mount paths.
    Fixes mount related failures when a user's home directory contains "/./"
    (Closes: #923881)
  * udev.init: Use new s-s-d --notify-await to start udev daemon.
    Fixes a race condition during startup under SysV init.
    Add versioned dependency on dpkg (>= 1.19.3) to ensure that a version
    of start-stop-daemon which supports --notify-await is installed.
    (Closes: #908796)
  * Make /dev/dri/renderD* accessible to group "render"
    Follow upstream and make render nodes available to a dedicated system
    group "render" instead of "video". Keep the uaccess tag for local,
    active users.

7ecee53... by Felipe Sateler on 2019-02-21

Import patches-unapplied version 241-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: c63029d7d61802bc0f6d3f5002b712df1532bab1

New changelog entries:
  [ Adam Borowski ]
  * Make libpam-systemd Provide: logind, default-logind.
    This allows alternate logind implementations such as elogind, without
    having to recompile every dependant package -- as long as the client API
    remains compatible.
    These new virtual packages got policy-approved in #917431. (Closes: #915407)
  [ Felipe Sateler ]
  * New upstream version 241
    - Refresh patches
    - Backport upstream fix for Driver= matches in .network files
  [ Martin Pitt ]
  * debian/libsystemd0.symbols: Add new symbol from release 241
  * Fix various bugs and races in networkd tests.
    This should get the autopkgtest back to green, which regressed with
    dnsmasq 2.80.

c63029d... by Martin Pitt on 2019-02-18

Import patches-unapplied version 240-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 0bd28e4cef70407fe61fd7d8f332c8c65f438d7d

New changelog entries:
  * High urgency as this fixes a vulnerability.
  [ Felipe Sateler ]
  * Reenable pristine-tar in gbp.conf.
    The pristine-tar bug has been fixed, so we can use it again.
    This reverts commit 9fcfbbf6fea15eacfa3fad74240431c5f2c3300e.
  * d/watch: add version mangle to transform -rc to ~rc.
    Upstream has started releasing rcs, so let's account for that
  * Fix comment about why we disable hwclock.service.
    Systemd nowadays doesn't do it itself because the kernel does it on its
    own when necessary, and when not, it is not safe to save the hwclock (eg,
    there is no certainty the system clock
    is correct)
  * udev: Backport upstream preventing mass killings when not running under
    systemd (Closes: #918764)
  [ Dimitri John Ledkov ]
  * debian/tests/storage: improve cleanups.
    On fast ppc64el machines, cryptsetup start job may not complete by the
    time tearDown is executed. In that case stop, causes to simply cancel the
    start job without actually cleaning up the dmsetup node. This leads to
    failing subsequent test as it no longer starts with a clean device. Thus
    ensure the systemd-cryptsetup unit is started, before stopping it.
    Also rmmod scsi_debug module at the end, to allow re-running the test in a
    loop.
  * debian/tests/upstream: Mark TEST-13-NSPAWN-SMOKE as flakey.
  * debian/tests/control: add socat to upstream tests for pull #11591
  * Blacklist TEST-10-ISSUE-2467 #11706
  * debian/tests/storage: fix for LUKS2 and avoid interactive password
    prompts.
  [ Martin Pitt ]
  * udevadm: Fix segfault with subsystem-match containing '/'
    (Closes: #919206)
  * sd-bus: if we receive an invalid dbus message, ignore and proceed
  * sd-bus: enforce a size limit on D-Bus object paths.
    This avoids accessing/modifying memory outside of the allocated stack
    region by sending specially crafted D-Bus messages with very large object
    paths.
    Vulnerability discovered by Chris Coulson <email address hidden>,
    patch provided by Riccardo Schirone <email address hidden>.
    (CVE-2019-6454)

0bd28e4... by Martin Pitt on 2019-01-27

Import patches-unapplied version 240-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 0945b6d4802a3bd9d4c21ca78a4880ff34e6a109

New changelog entries:
  [ Felipe Sateler ]
  * Revert interface renaming changes. (Closes: #919390)
  [ Martin Pitt ]
  * process-util: Fix memory leak (Closes: #920018)