Forwarded: https://github.com/systemd/systemd/pull/23858
On Debian, cryptsetup does not link against libgcc_s.so.1 which leads to
the following test failure in TEST-70-TPM2:
systemd[1]: Starting testsuite-70.service...
systemd[329]: testsuite-70.service: Executing: /usr/lib/systemd/tests/testdata/units/testsuite-70.sh
testsuite-70.sh[329]: + export SYSTEMD_LOG_LEVEL=debug
testsuite-70.sh[329]: + SYSTEMD_LOG_LEVEL=debug
testsuite-70.sh[329]: + img=/var/tmp/test.img
testsuite-70.sh[329]: + dd if=/dev/zero of=/var/tmp/test.img bs=1024k count=20 status=none
testsuite-70.sh[329]: + echo -n passphrase
testsuite-70.sh[329]: + cryptsetup luksFormat -q --use-urandom /var/tmp/test.img /tmp/passphrase
testsuite-70.sh[333]: libgcc_s.so.1 must be installed for pthread_exit to work
testsuite-70.sh[329]: /usr/lib/systemd/tests/testdata/units/testsuite-70.sh: line 12: 333 Aborted (core dumped) cryptsetup luksFormat -q --use-urandom $img /tmp/passphrase
To fix this, manually install libgcc_s.so.1 to the test image if running
on Debian-like systems.
Gbp-Pq: Name test-copy-libgcc_s.so.1-to-TPM2-test-image-on-Debian-like.patch
These tests have a tendency to fail with OOM on the autopkgtest
infrastructure. Increase QEMU_MEM to try and alleviate that.
Gbp-Pq: Name test-increase-QEMU_MEM-for-some-tests.patch
Origin: upstream, beff73f94e
Currently, the systemd-hwdb --root flag only has an effect for the
'update' verb. It would be useful to be able to use the --root option
for the 'query' verb too (e.g. for testing a hwdb.bin created with
systemd-hwdb update --root <path>).
Use sd_hwdb_new_from_path to initialize the hwdb if --root is passed to
systemd-hwdb query.
Note that this functionality was not added to 'udevadm hwdb' since that
command is deprecated.
Gbp-Pq: Name hwdb-implement-root-option-for-systemd-hwdb-query.patch
Origin: upstream, 60f0ba7556
The existing sd_hwdb_new function always initializes the hwdb from the
first successful hwdb.bin it finds from hwdb_bin_paths. This means there
is currently no way to initialize a hwdb from an explicit path, which
would be useful for systemd-hwdb query.
Add sd_hwdb_new_from_path to allow a sd_hwdb to be initialized from a
custom path outside of hwdb_bin_paths.
Gbp-Pq: Name sd-hwdb-add-sd_hwdb_new_from_path.patch
This test currently fails inside privileged LXD containers (LP: #1959013)
This reverts commit ae53f4b5e48860b473c4d05958486a77f84ecc6d.
Gbp-Pq: Name 0001-Revert-tests-add-test-case-for-UMask-BindPaths-combi.patch
blkid reports bcache superblock dev.uuid as a filesystem UUID but it actually
is not a filesystem, it's the UUID of the backing device, which is maintained
at /dev/bcache/by-uuid instead of /dev/disk/by-uuid.
[Forwarding Note]
There is an on-going discussion upstream whether this patch should exist.
This patch is not a FIX to LP: #1861941, but can work as a mitigation. The
FIX for LP: #1861941 is the bcache-tools (0003-Add-bcache-export-cached-
helper.patch).
Ryan Harper arguments are that blkid - and/or udev default rules - should skip
devices with "ID_FS_TYPE = bcache" by default from creating symlinks at
/dev/disk/{by-uuid,by-label}/{ID_FS_UUID_ENC,ID_FS_LABEL_ENC} just because
those devices aren't meant to be used directly (as they are backing devices
to bcache). Actually this is what was causing the issue fixed by bcache-tools
udev rules: symlink management for bcache backing devices were removing
/dev/bcache/xxx symlinks.
Considering that this is a minor delta, and I agree to Ryan's arguments, of
not having /dev/disk/by-uuid/xxx symlinks to devices that should not be
accessed directly, thus giving a better experience to end user, I'm keeping
this until either upstream provides it by default OR the patch
0003-Add-bcache-export-cached-helper.patch can be removed from bcache-tools
because udev and/or libblkid started differentiating UUID_CACHED and FS_UUID
when doing /dev/disk/ symlinks.
-
rafaeldtinoco
Author: Ryan Harper <ryan.harper@canonical.com>
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1861941
Forwarded: https://github.com/systemd/systemd/pull/16317
Reviewed-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
Last-Update: 2020-07-23
Gbp-Pq: Name lp1861941-dont-generate-disk-byuuid-for-bcache-uuid.patch
The change broke networking in LXD containers
This reverts commit 96d7083c5499b264ecebd6a30a92e0e8fda14cd5.
LP: #1857123
Gbp-Pq: Name Revert-network-if-sys-is-rw-then-udev-should-be-around.patch
LP: #1895418
Thanks: Dimitri John Ledkov for the suggestion and
Co-authored-by: Dan Streetman <ddstreet@canonical.com>
Gbp-Pq: Topic debian
Gbp-Pq: Name UBUNTU-resolved-default-no-negative-caching.patch
This partially reverts commit 1beab8b0d0ff2d7d1436b52d4a0c3d56dc908962.
Until after the lowest LXD version running this packaged systemd contains
a6b7807033
The first LXD version fixed is 3.10. Ubuntu 18.04 LTS has LXD 3.0.3 and is
supported until 2028.
Gbp-Pq: Topic debian
Gbp-Pq: Name UBUNTU-Revert-namespace-be-more-careful-when-handling-namespacin.patch
Origin: other
Bug-Ubuntu: https://bugs.launchpad.net/snappy/+bug/1650688
Forwarded: not-needed (part of read-only /etc workaround)
Last-Update: 2021-09-24
Due to our read-only /etc workaround, the localtime link on such
system ends up in /etc/writable, not /etc. To make the link target
correct in both normal and such systems, makes the path absolute.
On Ubuntu Core, this eliminates the need for the wrapper script, and
makes the DBus interface work properly.
This patch can be dropped once LP: #1953172 got resolved
Last-Update: 2021-09-24
Gbp-Pq: Topic debian
Gbp-Pq: Name UBUNTU-Fix-timezone-setting-on-read-only-etc.patch
Origin: vendor, https://bugs.launchpad.net/snappy/+bug/1650688/comments/46
Bug-Ubuntu: https://bugs.launchpad.net/snappy/+bug/1650688
Forwarded: not-needed (part of read-only /etc workaround)
Last-Update: 2021-09-24
get_timezone() retrieve it by reading the link destination of
/etc/localtime, which on systems with read-only /etc will always point
to /etc/writable. Makes this function aware of the /etc/writable
redirection and handle it.
[ratchanan@ubports.com: add descrtiption and other metadata.]
This patch can be dropped once LP: #1953172 got resolved
Last-Update: 2021-09-24
Gbp-Pq: Topic debian
Gbp-Pq: Name timedatectl-lp1650688.patch
On Ubuntu Phone with readonly /etc we symlink
/etc/{adjtime,localtime,timezone,hostname,machine-info} to /etc/writable/, so
we need to update those files instead if the original files are symlinks into
/etc/writable/.
Forwarded: OMGno, this is a rather nasty hack until we fix system-image to get a writable /etc
Bug-Ubuntu: https://launchpad.net/bugs/1227520
Gbp-Pq: Topic debian
Gbp-Pq: Name UBUNTU-Support-system-image-read-only-etc.patch
On v4.4 kernels, on top of btrfs ephemeral lxd v3.0 containers generate this
other error code, instead of not supported. Skip the test for both error codes.
Gbp-Pq: Topic debian
Gbp-Pq: Name UBUNTU-test-sleep-skip-test_fiemap-upon-inapproriate-ioctl-.patch
lxd/lxc usually keep the usernamespace capabilities, whilst in practice one
does not have these in the initial namespace. Thus add additional condition
!container, such that sys-kernel-config.mount and systemd-modules.load.service
are not started in the lxd containers. This should make default lxd containers
start non-degraded.
Gbp-Pq: Topic debian
Gbp-Pq: Name UBUNTU-units-block-CAP_SYS_MODULE-units-in-containers-too.patch
When booting ppc64el virtual machines, they require seabios, unless -vga none
is specified. Since we do a direct kernel & initrd boot, with -nographic, we
really have no need for vga or seabios in this case.
Gbp-Pq: Topic debian
Gbp-Pq: Name UBUNTU-test-test-functions-launch-qemu-with-vga-none.patch
A change in apparmor mediates auto-activation attempts now through
AppArmor: https://cgit.freedesktop.org/dbus/dbus/commit/?id=dc25979eb
This breaks the snapd time{zone,server}-control interfaces which limt
sending dbus message to a (label=unconfined) org.freedesktop.timedate1
peers.
By adding the AssumedApparmorLabel=unconfined label the snapd interfaces
work again.
LP: #1749000
Gbp-Pq: Topic debian
Gbp-Pq: Name UBUNTU-Add-AssumedApparmorLabel-unconfined-to-timedate1-dbus.patch
As it fails to start in an unpriviledged container.
Gbp-Pq: Topic debian
Gbp-Pq: Name Ubuntu-units-set-ConditionVirtualization-private-users-on-j.patch
On Ubuntu, fallback DNS servers are disabled, therefore we do not leak queries
to a preset 3rd party by default. In resolved, dnssec is also disabled by
default, as too much of the internet is broken and using Ubuntu users to debug
the internet is not very productive - most of the time the end-user cannot fix
or know how to notify the site owners about the dnssec mistakes. Inherintally
the DHCP acquired DNS servers are therefore trusted, and are free to spoof
records. Not trusting DNS search domains, in such scenario, provides limited
security or privacy benefits. From user point of view, this also appears to be
a regression from previous Ubuntu releases which do trust DHCP acquired search
domains by default.
Therefore we are enabling UseDomains by default on Ubuntu.
Users may override this setting in the .network files by specifying
[DHCP|IPv6AcceptRA] UseDomains=no|route options.
Gbp-Pq: Topic debian
Gbp-Pq: Name Ubuntu-UseDomains-by-default.patch
If a package still ships only a SysV init script or if a service file or
tmpfile uses /var/run, downgrade those messages to debug. We can use
lintian to detect those issues.
For service files and tmpfiles in /etc, keep the warning, as those files
are typically added locally and aren't checked by lintian.
Closes: #981407
Gbp-Pq: Topic debian
Gbp-Pq: Name Downgrade-a-couple-of-warnings-to-debug.patch
luoyaoming
handsome_feng
zhangtianxiong