VUL-0: polkit: process subject race condition [bnc#835827]
- Build with --disable-ima as the openSUSE kernel
does not support IMA (CONFIG_IMA is not set)
- Build with --disable-smack as the openSUSE kernel
does not support smack (CONFIG_SECURITY_SMACK is not set)
- 0009-polkit-Avoid-race-condition-in-scraping-proc.patch
VUL-0: polkit: process subject race condition [bnc#835827]
- Build with --disable-ima as the openSUSE kernel
does not support IMA (CONFIG_IMA is not set)
- Build with --disable-smack as the openSUSE kernel
does not support smack (CONFIG_SECURITY_SMACK is not set)
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=439
really fixes the swap unit problem mentioned in previous
commit & the opensuse-factory mailing list.
- 0008-swap-create-.wants-symlink-to-auto-swap-devices.patch
really fixes the swap unit problem mentioned in previous
commit & the opensuse-factory mailing list.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=436
missing important check on return value.
- 0002-cgroup-correct-the-log-information.patch fix misleading
log information.
- 0003-cgroup-fix-incorrectly-setting-memory-cgroup.patch fix
setting memory cgroup
- 0004-random-seed-we-should-return-errno-of-failed-loop_wr.patch
should fail if write fails.
- 0005-core-cgroup-first-print-then-free.patch use-after-free
will trigger if there is an error condition.
- 0006-swap-fix-reverse-dependencies.patch reported in
opensuse-factory list, topic "swap isn't activated"
- 0007-libudev-fix-move_later-comparison.patch libudev
invalid usage of "move_later".
- while testing this new release I get in the logs ocassionally
at boot "systemd[1]: Failed to open private bus connection:
Failed to connect to socket /var/run/dbus/system_bus_socket:
No such file or directory" indeed DBUS_SYSTEM_BUS_DEFAULT_ADDRESS
is defined to /var/run/dbus/system_bus_socket instead of
/run/dbus/system_bus_socket and that does not fly when /var/run
is not yet available. (systemd-dbus-system-bus-address.patch)
- 0001-cgroup-add-the-missing-setting-of-variable-s-value.patch
missing important check on return value.
- 0002-cgroup-correct-the-log-information.patch fix misleading
log information.
- 0003-cgroup-fix-incorrectly-setting-memory-cgroup.patch fix
setting memory cgroup
- 0004-random-seed-we-should-return-errno-of-failed-loop_wr.patch
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=434
release notes see NEWS.
- Fixed:
* Failed at step PAM spawning /usr/lib/systemd/systemd:
Operation not permitted
* Fix shutdown hang "a stop job is running for Session 1 of user root"
that was reported in opensuse-factory list.
- systemd-sysctl no longer reads /etc/sysctl.conf however backward
compatbility is to be provides by a symlink created at %post.
- version 207, distribution specific changes follow, for overall
release notes see NEWS.
- Fixed:
* Failed at step PAM spawning /usr/lib/systemd/systemd:
Operation not permitted
* Fix shutdown hang "a stop job is running for Session 1 of user root"
that was reported in opensuse-factory list.
- systemd-sysctl no longer reads /etc/sysctl.conf however backward
compatbility is to be provides by a symlink created at %post.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=429
* Unit files now understand the new %v specifier which
resolves to the kernel version string as returned by "uname-r".
* "journalctl -b" may now be used to look for boot output of a
specific boot. Try "journalctl -b -1"
* Creation of "dead" device nodes has been moved from udev
into kmod and tmpfiles.
* The udev "keymap" data files and tools to apply keyboard
specific mappings of scan to key codes, and force-release
scan code lists have been entirely replaced by a udev
"keyboard" builtin and a hwdb data file.
- remove patches now in upstream
- systemd now requires libkmod >=14 and cryptsetup >= 1.6.0
- systemd now require the kmod tool in addition to the library.
- version 206 , highlights:
* Unit files now understand the new %v specifier which
resolves to the kernel version string as returned by "uname-r".
* "journalctl -b" may now be used to look for boot output of a
specific boot. Try "journalctl -b -1"
* Creation of "dead" device nodes has been moved from udev
into kmod and tmpfiles.
* The udev "keymap" data files and tools to apply keyboard
specific mappings of scan to key codes, and force-release
scan code lists have been entirely replaced by a udev
"keyboard" builtin and a hwdb data file.
- remove patches now in upstream
- systemd now requires libkmod >=14 and cryptsetup >= 1.6.0
- systemd now require the kmod tool in addition to the library. (forwarded request 184035 from elvigia)
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=416
+ two new unit types have been introduced:
- Scope units are very similar to service units, however, are
created out of pre-existing processes -- instead of PID 1
forking off the processes.
- Slice units may be used to partition system resources in an
hierarchial fashion and then assign other units to them. By
default there are now three slices: system.slice (for all
system services), user.slice (for all user sessions),
machine.slice (for VMs and containers).
+ new concept of "transient" units, which are created at runtime
using an API and not based on configuration from disk.
+ logind has been updated to make use of scope and slice units to
manage user sessions. Logind will no longer create cgroups
hierchies itself but will relying on PID 1.
+ A new mini-daemon "systemd-machined" has been added which
may be used by virtualization managers to register local
VMs/containers. machinectl tool has been added to query
meta-data from systemd-machined.
+ Low-level cgroup configuration options ControlGroup=,
ControlGroupModify=, ControlGroupPersistent=,
ControlGroupAttribute= have been removed. High-level attribute
settings or slice units should be used instead?
+ A new bus call SetUnitProperties() has been added to alter
various runtime parameters of a unit, including cgroup
parameters. systemctl gained set-properties command to wrap
this call.
+ A new tool "systemd-run" has been added which can be used to
run arbitrary command lines as transient services or scopes,
while configuring a number of settings via the command
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=412
parse-etc-insserv.conf-and-adds-dependencies-accordingly.patch
patch with insserv-generator.patch: no longer patch systemd main
binary but generate systemd drop-in files using a generator, for
insserv.conf compatibility.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=410
in /dev/disk/by-id, will need proper rework (bnc#826528).
- 0160-mount-when-learning-about-the-root-mount-from-mounti.patch Another
case where we are trying to umount the root directory at shutdown.
- 0185-core-only-attempt-to-connect-to-a-session-bus-if-one.patch
only attempt to connect to a session bus if one likely exists
- Drop 1007-add-msft-compability-rules.patch, breaks boot and links
in /dev/disk/by-id, will need proper rework (bnc#826528).
- 0160-mount-when-learning-about-the-root-mount-from-mounti.patch Another
case where we are trying to umount the root directory at shutdown.
- 0185-core-only-attempt-to-connect-to-a-session-bus-if-one.patch
only attempt to connect to a session bus if one likely exists
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=405
(bnc#703100, fate#311831).
add: 1008-physical-hotplug-cpu-and-memory.patch
0002-journal-remember-last-direction-of-search-and-keep-o.patch
fix possible infinite loops in the journal code, related to
bnc #817778
- Automatically online CPUs/Memory on CPU/Memory hotplug add events
(bnc#703100, fate#311831).
add: 1008-physical-hotplug-cpu-and-memory.patch
0002-journal-remember-last-direction-of-search-and-keep-o.patch
fix possible infinite loops in the journal code, related to
bnc #817778
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=401
0002-journal-remember-last-direction-of-search-and-keep-o.patch
fix possible infinite loops in the journal code, related to
bnc #817778
- 0001-journal-letting-interleaved-seqnums-go.patch and
0002-journal-remember-last-direction-of-search-and-keep-o.patch
fix possible infinite loops in the journal code, related to
bnc #817778 (forwarded request 179367 from elvigia)
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=396
add: 1007-add-msft-compability-rules.patch
- Add sg3_utils requires, need it by 61-msft.rules (bnc#805059).
- Clean-up spec file, put udev patches after systemd patches.
- Rebase patches so they would apply nicely.
- Add udev MSFT compability rules (bnc#805059).
add: 1007-add-msft-compability-rules.patch
- Add sg3_utils requires, need it by 61-msft.rules (bnc#805059).
- Clean-up spec file, put udev patches after systemd patches.
- Rebase patches so they would apply nicely.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=391
fixes :
* systemd-journald[347]: Failed to set ACL on
/var/log/journal/11d90b1c0239b5b2e38ed54f513722e3/user-1000.journal,
ignoring: Invalid argument
- 006-systemctl-core-allow-nuking-of-symlinks-to-removed-u.patch
systemctl disable should remove dangling symlinks.
- 0008-service-don-t-report-alien-child-as-alive-when-it-s-.patch
alien childs are reported as alive when they are really dead.
- 0004-journald-DO-recalculate-the-ACL-mask-but-only-if-it-.patch
fixes :
* systemd-journald[347]: Failed to set ACL on
/var/log/journal/11d90b1c0239b5b2e38ed54f513722e3/user-1000.journal,
ignoring: Invalid argument
- 006-systemctl-core-allow-nuking-of-symlinks-to-removed-u.patch
systemctl disable should remove dangling symlinks.
- 0008-service-don-t-report-alien-child-as-alive-when-it-s-.patch
alien childs are reported as alive when they are really dead.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=390
+ systemd-nspawn creates etc/resolv.conf in container if needed.
+ systemd-nspawn will store metadata about container in container
cgroup including its root directory.
+ cgroup hierarchy has been reworked, all objects are now suffxed
(with .session for user sessions, .user for users, .nspawn for
containers). All cgroup names are now escaped to preven
collision of object names.
+ systemctl list-dependencies gained --plain, --reverse, --after
and --before switches.
+ systemd-inhibit shows processes name taking inhibitor lock.
+ nss-myhostname will now resolve "localhost" implicitly.
+ .include is not allowed recursively anymore and only in unit
files. Drop-in files should be favored in most cases.
+ systemd-analyze gained "critical-chain" command, to get slowest
chain of units run during boot-up.
+ systemd-nspawn@.service has been added to easily run nspawn
container for system services. Just start
"systemd-nspawn@foobar.service" and container from
/var/lib/container/foobar" will be booted.
+ systemd-cgls has new --machine parameter to list processes from
one container.
+ ConditionSecurity= can now check for apparmor and SMACK.
+ /etc/systemd/sleep.conf has been introduced to configure which
kernel operation will be execute when "suspend", "hibernate" or
"hybrid-sleep" is requrested. It allow new kernel "freeze"
state to be used too. (This setting won't have any effect if
pm-utils is installed).
+ ENV{SYSTEMD_WANTS} in udev rules will now implicitly escape
passed argument if applicable.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=388
support has been removed from the kernel.
- Drop ensure-systemd-udevd-is-started-before-local-fs-pre-for-lo.patch
fixed in systemd v199, commit 89d09e1b5c65a2d97840f682e0932c8bb499f166
- Apply rules-add-lid-switch-of-ARM-based-Chromebook-as-a-power-sw.patch
only on ARM, patch rejected upstream because is too generic.
- no such define TARGET_SUSE exists but it is used in
Revert-service-drop-support-for-SysV-scripts-for-the-early.patch
use HAVE_SYSV_COMPAT instead.
- Drop Add-bootsplash-handling-for-password-dialogs.patch bootsplash
support has been removed from the kernel.
- Drop ensure-systemd-udevd-is-started-before-local-fs-pre-for-lo.patch
fixed in systemd v199, commit 89d09e1b5c65a2d97840f682e0932c8bb499f166
- Apply rules-add-lid-switch-of-ARM-based-Chromebook-as-a-power-sw.patch
only on ARM, patch rejected upstream because is too generic.
- no such define TARGET_SUSE exists but it is used in
Revert-service-drop-support-for-SysV-scripts-for-the-early.patch
use HAVE_SYSV_COMPAT instead.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=387
- Generate %{_libexecdir}/modules-load.d/sg.conf so we load sg module at
boot time not from udev (bnc#761109).
- Drop unused patches:
1001-Reinstate-TIMEOUT-handling.patch
1005-udev-fix-sg-autoload-regression.patch
1026-re-add-persistent-net.patch
- Rename remaning udev patches (clean-up).
- Generate %{_libexecdir}/modules-load.d/sg.conf so we load sg module at
boot time not from udev (bnc#761109).
- Drop unused patches:
1001-Reinstate-TIMEOUT-handling.patch
1005-udev-fix-sg-autoload-regression.patch
1026-re-add-persistent-net.patch
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=371
- Add more conflicts to -mini packages
- Disable Predictable Network interface names until it has been
reviewed by network team, with /usr/lib/tmpfiles.d/network.conf.
- Don't package /usr/lib/firmware/update (not used)
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=367
+ 'systemctl list-jobs' got some polishing. '--type=' argument
may now be passed more than once. 'systemctl list-sockets' has
been added.
+ systemd gained a new unit 'systemd-static-nodes.service'
that generates static device nodes earlier during boot, and
can run in conjunction with udev.
+ systemd-nspawn now places all containers in the new /machine
top-level cgroup directory in the name=systemd hierarchy.
+ bootchart can now store its data in the journal.
+ journactl can now take multiple --unit= and --user-unit=
switches.
+ The cryptsetup logic now understands the "luks.key=" kernel
command line switch. If a configured key file is missing, it
will fallback to prompting the user.
- Rebase some patches
- Update handle-SYSTEMCTL_OPTIONS-environment-variable.patch to
properly handle SYSTEMCTL_OPTIONS
- Fix regression in the default for tmp auto-deletion
(systemd-tmp-safe-defaults.patch, FATE#314974).
- Add chromebook lid switch as a power switch to logind rule to
enable suspend on lid close
- Update to release 202:
+ 'systemctl list-jobs' got some polishing. '--type=' argument
may now be passed more than once. 'systemctl list-sockets' has
been added.
+ systemd gained a new unit 'systemd-static-nodes.service'
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=365
performance on spinning media with ext4.
- Add fix-journal-vacuum-logic.patch: fix vacuum logic in journal
(bnc#789589).
- Add fix-lsb-provides.patch: ensure LSB provides are correctly
handled if also referenced as dependencies (bnc#809646).
- Add fix-loopback-mount.patch: ensure udevd is started (and
therefore static devices are created) before mounting
(bnc#809820).
- Update systemd-sysv-convert to search services files in new
location (bnc#809695).
- Add logind-nvidia-acl.diff: set ACL on nvidia devices
(bnc#808319).
- Add do-no-isolate-on-fsck-failure.patch: do not turn off services
if fsck fails (bnc#812874)
- Add wait-for-processes-killed.patch: wait for processes killed by
SIGTERM before killing them with SIGKILL.
- Update systemctl-options.patch to only apply SYSTEMCTL_OPTIONS to
systemctl command (bnc#801878).
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=361