[El-errata] ELBA-2023-4358 Oracle Linux 9 systemd bug update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Aug 17 13:34:07 UTC 2023
Oracle Linux Bug Fix Advisory ELBA-2023-4358
http://linux.oracle.com/errata/ELBA-2023-4358.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
systemd-252-14.0.1.el9_2.3.i686.rpm
systemd-252-14.0.1.el9_2.3.x86_64.rpm
systemd-container-252-14.0.1.el9_2.3.i686.rpm
systemd-container-252-14.0.1.el9_2.3.x86_64.rpm
systemd-devel-252-14.0.1.el9_2.3.i686.rpm
systemd-devel-252-14.0.1.el9_2.3.x86_64.rpm
systemd-journal-remote-252-14.0.1.el9_2.3.x86_64.rpm
systemd-libs-252-14.0.1.el9_2.3.i686.rpm
systemd-libs-252-14.0.1.el9_2.3.x86_64.rpm
systemd-oomd-252-14.0.1.el9_2.3.x86_64.rpm
systemd-pam-252-14.0.1.el9_2.3.x86_64.rpm
systemd-resolved-252-14.0.1.el9_2.3.x86_64.rpm
systemd-rpm-macros-252-14.0.1.el9_2.3.noarch.rpm
systemd-udev-252-14.0.1.el9_2.3.x86_64.rpm
systemd-boot-unsigned-252-14.0.1.el9_2.3.x86_64.rpm
aarch64:
systemd-252-14.0.1.el9_2.3.aarch64.rpm
systemd-container-252-14.0.1.el9_2.3.aarch64.rpm
systemd-devel-252-14.0.1.el9_2.3.aarch64.rpm
systemd-journal-remote-252-14.0.1.el9_2.3.aarch64.rpm
systemd-libs-252-14.0.1.el9_2.3.aarch64.rpm
systemd-oomd-252-14.0.1.el9_2.3.aarch64.rpm
systemd-pam-252-14.0.1.el9_2.3.aarch64.rpm
systemd-resolved-252-14.0.1.el9_2.3.aarch64.rpm
systemd-rpm-macros-252-14.0.1.el9_2.3.noarch.rpm
systemd-udev-252-14.0.1.el9_2.3.aarch64.rpm
systemd-boot-unsigned-252-14.0.1.el9_2.3.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//systemd-252-14.0.1.el9_2.3.src.rpm
Description of changes:
[252-14.0.1.3]
- Backport upstream pstore dmesg fix [Orabug: 34868110]
- Remove upstream references [Orabug: 33995357]
- Disable unprivileged BPF by default [Orabug: 32870980]
- udev rules: fix memory hot add and remove [Orabug: 31310273]
- set "RemoveIPC=no" in logind.conf as default for OL7.2 [Orabug: 22224874]
- allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469]
- fix _netdev is missing for iscsi entry in /etc/fstab (tony.l.lam at oracle.com) [Orabug: 25897792]
- shutdown: get only active md arrays. [Orabug: 34467234]
- Removed unneeded patches from the systemd.spec file [Orabug: 34272490]
- A) 1004-orabug34272490-0001-core-device-ignore-DEVICE_FOUND_UDEV-bit-on-switchin.patch
- B) 1005-orabug34272490-0002-core-device-drop-unnecessary-condition.patch
[252-14.3]
- manager: don't taint the host if cgroups v1 is used (#2196479)
- elf-util: discard PT_LOAD segment early based on the start address. (#2222259)
- elf-util: check for overflow when computing end of core's PT_LOAD seg (#2222259)
[252-14.1]
- Bump version to 252-14.1 to make sure that NEVRA is higher than systemd-252-14.el9.rhaos4.13 (#2184929)
[252-13.1]
- journal-def: fix type of signature to match the actual field in the Header structure (#2184929)
- journal: use compound initialization for journal file Header structure (#2184929)
- journald: fix log message (#2184929)
- sd-journal: cache results of parsing environment variables (#2184929)
- compress: introduce compression_supported() helper function (#2184929)
- sd-journal: always use the compression algorithm specified in the header (#2184929)
- sd-journal: allow to specify compression algorithm through env (#2184929)
- test: add test case that journal file is created with the requested compression algorithm (#2184929)
- ci: workflow for gathering metadata for source-git automation (#2184929)
- ci: first part of the source-git automation - commit linter (#2184929)
[252-13]
- spec: release bump (#2179165)
[252-12]
- unit: In cgroupv1, gracefully terminate delegated scopes again (#2179165)
[252-11]
- spec: release bump (#2175619)
[252-10]
- spec: move man for sd-boot into boot-unsigned subpackage (#2175619)
[252-9]
- Revert "user: delegate cpu controller, assign weights to user slices" (#2173996)
- systemd: Support OOMPolicy in scope units (#2175619)
- systemd: Default to OOMPolicy=continue for login session scopes (#2175619)
- man: rework description of OOMPolicy= a bit (#2175619)
- core,man: add missing integration of OOMPolicy= in scopes (#2175619)
- meson: Store fuzz tests in structured way (#2175619)
- meson: Generate fuzzer inputs with directives (#2175619)
- oss-fuzz: include generated corpora in the final zip file (#2175619)
[252-8]
- journal-file: Fix return value in bump_entry_array() (#2173682)
[252-7]
- test: add coverage for #24177 (#1985288)
- logind-session: make stopping of idle session visible to admins (#2172401)
[252-6]
- journalctl: actually run the static destructors (#2122500)
- efi: drop executable-stack bit from .elf file (#2140646)
- install: fail early if specifier expansion failed (#2138081)
- test: add coverage for #26467 (#2138081)
[252-5]
- nss-myhostname: fix inverted condition in (#2167468)
- nss-myhostname: do not return empty result with NSS_STATUS_SUCCESS (#2167468)
- sleep: rename hibernate_delay_sec -> _usec (#2151612)
- sleep: fetch_batteries_capacity_by_name() does not return -ENOENT (#2151612)
- sleep: drop unnecessary temporal vaiable and initialization (#2151612)
- sleep: introduce SuspendEstimationSec= (#2151612)
- sleep: coding style fixlets (#2151612)
- sleep: simplify code a bit (#2151612)
- sleep: fix indentation (#2151612)
- sleep: enumerate only existing and non-device batteries (#2151612)
- core: when isolating to a unit, also keep units running that are triggered by units we keep running (#1952378)
- udev/net_id: introduce naming scheme for RHEL-9.2 (#2170500)
[252-4]
- udev: make get_virtfn_info() provide physical PCI device (#2159448)
- test: make helper_check_device_units() log unit name (#2138081)
- test: add a testcase for lvextend (#2138081)
- pid1: fix segv triggered by status query (#26279) (#2138081)
- test: create config under /run (#2138081)
- test: add tests for mDNS and LLMNR settings (#2138081)
- resolved: introduce the _localdnsstub and _localdnsproxy special hostnames for 127.0.0.54 + 127.0.0.53 (#2138081)
- test: wait for the monitoring service to become active (#2138081)
- test: suppress echo in monitor_check_rr() (#2138081)
- Revert "test: wait for the monitoring service to become active" (#2138081)
- test: show and check almost all journal entries since the relevant command being invoked (#2138081)
- test: cover IPv6 in the resolved test suite (#2138081)
- test: add a couple of SRV records to check service resolution (#2138081)
- test: add a test for the OPENPGPKEY RR (#2138081)
- test: don't hang indefinitely on no match (#2138081)
- test-ndisc: fix memleak and fd leak (#2138081)
- test-unit-name: fix fd leak (#2138081)
- test: bump D-Bus service start timeout if we run without accel (#2138081)
- test: bump the client-side timeout in sd-bus as well (#2138081)
- test: bump the container spawn timeout to 60s (#2138081)
- network: fix memleak (#2138081)
- busctl: fix introspecting DBus properties (#2138081)
- busctl: simplify peeking the type (#2138081)
- resolve: drop redundant call of socket_ipv6_is_supported() (#2138081)
- resolve: introduce link_get_llmnr_support() and link_get_mdns_support() (#2138081)
- resolve: provide effective supporting levels of mDNS and LLMNR (#2138081)
- resolvectl: warn if the global mDNS or LLMNR support level is lower than the requested one (#2138081)
- resolve: enable per-link mDNS setting by default (#2138081)
[252-3]
- swap: tell swapon to reinitialize swap if needed (#2151993)
- coredump: adjust whitespace (#2155517)
- coredump: do not allow user to access coredumps with changed uid/gid/capabilities (#2155517)
- Revert "basic: add fallback in chase_symlinks_and_opendir() for cases when /proc is not mounted" (#2138081)
- glyph-util: add warning sign special glyph (#2138081)
- chase-symlink: when converting directory O_PATH fd to real fd, don't bother with /proc/ (#2138081)
- systemctl: print a clear warning if people invoke systemctl without /proc/ (#2138081)
- TEST-65: check cat-config operation in chroot (#2138081)
- TEST-65: use [[ -v ]] more (#2138081)
- systemctl: warn if trying to disable a unit with no install info (#2141979)
- systemctl: allow suppress the warning of no install info using --no-warn (#2141979)
- rpm/systemd-update-helper: use --no-warn when disabling units (#2141979)
- systemctl: suppress warning about missing /proc/ when --no-warn (#2141979)
- shell-completion: systemctl: add --no-warn (#2141979)
- core/unit: drop doubled empty line (#2160477)
- core/unit: drop dependency to the unit being merged (#2160477)
- core/unit: fix logic of dropping self-referencing dependencies (#2160477)
- core/unit: merge two loops into one (#2160477)
- test: add test case for sysv-generator and invalid dependency (#2160477)
- core/unit: merge unit names after merging deps (#2160477)
- core/unit: fix log message (#2160477)
- test: explicitly create the /etc/init.d directory (#2160477)
- test: support a non-default SysV directory (#2160477)
[252-2]
- test: check if we can use SHA1 MD for signing before using it (#2141979)
- boot: cleanups for efivar_get() and friends (#2141979)
- boot: fix false maybe-uninitialized warning (#2141979)
- tree-wide: modernizations with RET_NERRNO() (#2137584)
- sd-bus: handle -EINTR return from bus_poll() (#2137584)
- stdio-bridge: don't be bothered with EINTR (#2137584)
- varlink: also handle EINTR gracefully when waiting for EIO via ppoll() (#2137584)
- sd-netlink: handle EINTR from poll() gracefully, as success (#2137584)
- resolved: handle -EINTR returned from fd_wait_for_event() better (#2137584)
- homed: handle EINTR gracefully when waiting for device node (#2137584)
- utmp-wtmp: fix error in case isatty() fails (#2137584)
- utmp-wtmp: handle EINTR gracefully when waiting to write to tty (#2137584)
- io-util: document EINTR situation a bit (#2137584)
- terminal-util: Set OPOST when setting ONLCR (#2138081)
- cgtop: Do not rewrite -P or -k options (#2138081)
- test: Add tests for systemd-cgtop args parsing (#2138081)
- resolved: remove inappropriate assert() (#2138081)
- boot: Add xstrn8_to_16 (#2138081)
- boot: Use xstr8_to_16 (#2138081)
- boot: Use xstr8_to_16 for path conversion (#2138081)
- stub: Fix cmdline handling (#2138081)
- stub: Detect empty LoadOptions when run from EFI shell (#2138081)
- boot: Use EFI_BOOT_MANAGER_POLICY_PROTOCOL to connect console devices (#2138081)
- boot: Make sure all partitions drivers are connected (#2138081)
- boot: improve support for qemu (#2138081)
- systemd-boot man page: add section for virtual machines (#2138081)
- boot: Only do full driver initialization in VMs (#2138081)
- dissect: rework DISSECT_IMAGE_ADD_PARTITION_DEVICES + DISSECT_IMAGE_OPEN_PARTITION_DEVICES (#2138081)
- ci(Mergify): v252 configuration update (#2138081)
- ci: Run GitHub workflows on rhel branches (#2138081)
- ci: Drop scorecards workflow, not relevant (#2138081)
[252-1]
- Rebase to systemd v252 + systemd-stable v252.2 (#2138081)
[250-13]
- build systemd-boot EFI tools (#2140646)
[250-11]
- scope: allow unprivileged delegation on scopes (#2120604)
- udev/net_id: add "rhel-9.1" naming scheme (#2121144)
[250-10]
- shared/install: fix crash when reenable is called without --root (#2120222)
[250-9]
- Revert "shared/install: create relative symlinks for enablement and aliasing" (#2118668)
- glyph-util: add new glyphs for up/down arrows (#2118297)
- tree-wide: allow ASCII fallback for → in logs (#2118297)
- tree-wide: allow ASCII fallback for … in logs (#2118297)
- core: allow to set default timeout for devices (#2116681)
- man: document DefaultDeviceTimeoutSec= (#2116681)
- man: update dbus docs (#2116681)
- hwdb: 60-keyboard: Fix volume-button mapping on Asus TF103C (#2087778)
- hwdb: CH Pro Pedals not classified correctly due to no buttons (#2087778)
- hwdb: Add accel orientation quirk for the GPD Pocket 3 (#2087778)
- hostname: Allow overriding the chassis type from hwdb (#2087778)
- hwdb: Add Microsoft Surface Pro 1 chassis quirk (#2087778)
- hwdb: treat logitech craft keyboard as a keyboard (#2087778)
- test: frequency in mouse DPI is optional (#2087778)
- hwdb: add two Elecom trackballs (#2087778)
- hwdb: add new database file for PDA devices (#2087778)
- hwdb: add support for Surface Laptop 2 & 3 (#22303) (#2087778)
- hwdb: add HP calculators (#2087778)
- hwbd: 60-sensor.hwdb: Add Pipo W2Pro (#2087778)
- hwdb: 60-keyboard: Support the buttons on CZC P10T tablet (#2087778)
- hwdb: add CST Laser Trackball (#22583) (#2087778)
- hwdb: Force release calculator key on all HP OMEN laptops (#2087778)
- Add support for NEC VersaPro VG-S (#2087778)
- Fix mic mute on Acer TravelMate B311-31 (#22677) (#2087778)
- Add AV production controllers to hwdb and add uaccess (#2087778)
- hwdb: Add AV production access to Elgado Stream Deck devices (#2087778)
- Add HP Elitebook 2760p support (#22766) (#2087778)
- hwdb: Add mic mute key mapping for HP Elite x360 (#2087778)
- hwdb: fix parser to work with newer pyparsing (#2087778)
- hwdb: update for v251 (#2087778)
- hwdb: update autosuspend entries (#2087778)
- hwdb: drop boilerplate about match patterns being unstable (#2087778)
- hwdb: Update 60-keyboard.hwdb (#23074) (#2087778)
- hwdb: 60-keyboard: Add Acer Aspire One AO532h keymappings (#2087778)
- hwdb 60-keyboard Add HP/Compaq KBR0133 (#2087778)
- hwdb: add resolutions for the Vaio FE14 touchpad (#23136) (#2087778)
- hwdb: Remap micmute to f20 for ASUS WMI hotkeys (#2087778)
- hwdb: Fix rotation for HP Pro Tablet 408 G1 (#2087778)
- hwdb: add keyboard mapping for HP ProBook 11G2 (#2087778)
- hwdb: make sure "ninja update-hwdb" works on f35 (#2087778)
- hwbd: run "update-hwdb" for v251-rc2 (#2087778)
- hwdb: run "ninja update-hwdb-autosuspend" for v251-rc2 (#2087778)
- Fix orientation detection for Asus Transformer T100TAF, copied T100TA rule (#2087778)
- Fix orientation detection for HP Pavilion X2 10-k010nr (#2087778)
- fix typo (#2087778)
- Adding a description of the keyboard shortcut Fn+F12 for the HP EliteBook 845 G7 device. (#23253) (#2087778)
- hwdb: run "update-hwdb" (#2087778)
- hwdb: add rammus accelerometer support (#2087778)
- Add support to set autosuspend delay via hwdb (#2087778)
- Set autosuspend delay for Fibocom LG850-GL (#2087778)
- Add HUION Inspiroy H420X to hwdb (#2087778)
- hwdb: run 'update-hwdb' for v251-rc3 (#2087778)
- hwdb: add touchpad parameters for Lenovo T15g Gen1 (#23373) (#2087778)
- hwdb: Add accel orientation for the I15-TG (#2087778)
- hwdb: fix accelerometer mount matrix for Aquarius NS483 (#2087778)
- hwdb: Add Google Hangouts Meet speakermic (#2087778)
- hwdb: update via ninja -C build update-hwdb (#2087778)
- hwdb: Add Google Meet speakermic (#2087778)
- hwdb: Add accel orientation quirk for the Aya Neo Next (#2087778)
- hwdb: Add HP Dev One (#2087778)
- hwdb: analyzers: remove generic "STM Device in DFU Mode" (#2087778)
- hwdb: Add Lenovo ThinkPad C13 Yoga (#2087778)
- Fix automatic screen rotation for Asus Transformer T100TAM (#2087778)
- hwdb: Add Acer Aspire A317-33 (#24050) (#2087778)
- Add ACCEL_MOUNT_MATRIX for OXP Mini (#2087778)
- Added DERE DBook D10 (#24173) (#2087778)
- hwdb: analyzers: Clarify the type of devices we want listed (#2087778)
- hwdb: Add Greaseweazle "drives" to the list of analyzers (#2087778)
- hwdb: Apply existing accel orientation quirk to all Chromebooks (#2087778)
[250-8]
- core: shorten long unit names that are based on paths and append path hash at the end (#2083493)
- tests: add test case for long unit names (#2083493)
- tests: reflect that we can now handle devices with very long sysfs paths (#2083493)
- test: extend the "hashed" unit names coverage a bit (#2083493)
- Revert "kernel-install: also remove modules.builtin.alias.bin" (#2065061)
- Revert "kernel-install: prefer /boot over /boot/efi for $BOOT_ROOT" (#2065061)
- kernel-install: 50-depmod: port to /bin/sh (#2065061)
- kernel-install: 90-loaderentry: port to /bin/sh (#2065061)
- kernel-install: fix shellcheck (#2065061)
- kernel-install: port to /bin/sh (#2065061)
- kernel-install: 90-loaderentry: error out on nonexistent initrds instead of swallowing them quietly (#2065061)
- kernel-install: don't pull out KERNEL_IMAGE (#2065061)
- kernel-install: prefer /boot over /boot/efi for $BOOT_ROOT (#2065061)
- kernel-install: also remove modules.builtin.alias.bin (#2065061)
- kernel-install: add new variable $KERNEL_INSTALL_INITRD_GENERATOR (#2065061)
- kernel-install: k-i already creates $ENTRY_DIR_ABS, no need to do it again (#2065061)
- kernel-install: prefix errors with "Error:", exit immediately (#2065061)
- kernel-install: add "$KERNEL_INSTALL_STAGING_AREA" directory (#2065061)
- kernel-install: add missing log line (#2065061)
- kernel-install: don't try to persist used machine ID locally (#2065061)
- kernel-install: add a new $ENTRY_TOKEN variable for naming boot entries (#2065061)
- kernel-install: only generate systemd.boot_id= in kernel command line if used for naming the boot loader spec files/dirs (#2065061)
- kernel-install: search harder for kernel image/initrd drop-in dir (#2065061)
- kernel-install: add new "inspect" verb, showing paths and parameters we discovered (#2065061)
- ci(Mergify): configuration update (#2087652)
- ci(Mergify): fix copy&paste bug (#2087652)
- shared: Fix memory leak in bus_append_execute_property() (#2087652)
- fuzz: no longer skip empty files (#2087652)
- networkctl: open the bus just once (#2087652)
- json: align table (#2087652)
- fuzz-json: optionally allow logging and output (#2087652)
- shared/json: reduce scope of variables (#2087652)
- fuzz-json: also do sorting and normalizing and other easy calls (#2087652)
- shared/json: wrap long comments (#2087652)
- shared/json: fix memory leak on failed normalization (#2087652)
- shared/json: add helper to ref first, unref second (#2087652)
- basic/alloc-util: remove unnecessary parens (#2087652)
- fuzz-json: also try self-merge operations (#2087652)
- shared/json: fix another memleak in normalization (#2087652)
- shared/json: fix memleak in sort (#2087652)
- execute: fix resource leak (#2087652)
- tests: ignore dbus-broker-launcher (#2087652)
- core/timer: fix memleak (#2087652)
- timedatectl: fix a memory leak (#2087652)
- test: fix file descriptor leak in test-psi-util (#2087652)
- test: fix file descriptor leak in test-tmpfiles.c (#2087652)
- test: fix file descriptor leak in test-fs-util (#2087652)
- test: fix file descriptor leak in test-oomd-util (#2087652)
- test: fix file descriptor leak in test-catalog (#2087652)
- test: make masking of supplementary services configurable (#2087652)
- test: fuzz our dbus interfaces with dfuzzer (#2087652)
- test: skip TEST-21-DFUZZER without ASan (#2087652)
- core: annotate Reexecute() as NoReply (#2087652)
- test: always force a new image for dfuzzer (#2087652)
- test: make dfuzzer less verbose (#2087652)
- test: drop the at_exit() coredump check (#2087652)
- test: make the shutdown routine a bit more "robust" (#2087652)
- tree-wide: drop manually-crafted message for missing variables (#2087652)
- test: allow overriding $QEMU_MEM when running w/ ASan (#2087652)
- test: don't test buses we don't ship (#2087652)
- shutdown: get only active md arrays. (#2047682)
- bus: Use OrderedSet for introspection (#2068131)
- logind-session-dbus: allow to set display name via dbus (#2100340)
- ci: limit which env variables we pass through sudo (#2087652)
- ci(Mergify): Add ci-waived logic (#2087652)
- json: use unsigned for refernce counter (#2087652)
- macro: check over flow in reference counter (#2087652)
- sd-bus: fix reference counter to be incremented (#2087652)
- sd-bus: introduce ref/unref function for track_item (#2087652)
- sd-bus: do not read unused value (#2087652)
- sd-bus: do not return negative errno when unknown name is specified (#2087652)
- sd-bus: use hashmap_contains() and drop unnecessary cast (#2087652)
- test: shorten code a bit (#2087652)
- test: add several tests for track item (#2087652)
- core/slice: make slice_freezer_action() return 0 if freezing state is unchanged (#2087652)
- core/unit: fix use-after-free (#2087652)
- core/timer: fix potential use-after-free (#2087652)
- core: command argument can be longer than PATH_MAX (#2073994)
- shared/install: consistently use 'lp' as the name for the LookupPaths instance (#2082131)
- shared/specifier: treat NULL the same as "" (#2082131)
- shared/install: do not print aliases longer than UNIT_NAME_MAX (#2082131)
- shared/install-printf: drop now-unused install_path_printf() (#2082131)
- strv: declare iterator of FOREACH_STRING() in the loop (#2082131)
- basic/unit-file: split out the subroutine for symlink verification (#2082131)
- basic/stat-util: add null_or_empty_path_with_root() (#2082131)
- shared/install: reuse the standard symlink verification subroutine (#2082131)
- shared/install: add a bit more quoting (#2082131)
- test: add test for systemctl link & enable (#2082131)
- tests: add helper for creating tempfiles with content (#2082131)
- man: clarify the descriptions of aliases and linked unit files (#2082131)
- basic: add new variable $SYSTEMD_OS_RELEASE to override location of os-release (#2082131)
- test-os-util: add basic tests for os-release parsing (#2082131)
- basic/env-file: make load-env-file deduplicate entries with the same key (#2082131)
- man/os-release: add a note about repeating entries (#2082131)
- shared/specifier: clarify and add test for missing data (#2082131)
- shared/specifier: provide proper error messages when specifiers fail to read files (#2082131)
- shared/install: provide proper error messages when invalid specifiers are used (#2082131)
- shared/install: move scope into InstallContext (#2082131)
- shared/specifier: fix %u/%U/%g/%G when called as unprivileged user (#2082131)
- shared/install: simplify unit_file_dump_changes() (#2082131)
- shared/install: propagate errors about invalid aliases and such too (#2082131)
- shared/install: return failure when enablement fails, but process as much as possible (#2082131)
- systemctl: fix silent failure when --root is not found (#2082131)
- shared/install: also check for self-aliases during installation and ignore them (#2082131)
- docs: Correct WantedBy= regarding template units (#2082131)
- man: fix invalid description of template handling in WantedBy= (#2082131)
- shared/install: drop unnecessary casts (#2082131)
- strv: make iterator in STRV_FOREACH() declaread in the loop (#2082131)
- core: ExecContext::restrict_filesystems is set of string (#2082131)
- install: when linking a file, create the link first or abort (#2082131)
- shared/install: split unit_file_{disable,enable}() so _reenable doesn't do setup twice (#2082131)
- shared/install: fix reenable on linked unit files (#2082131)
- test-systemctl-enable: extend the test for repeated WantedBy/RequiredBy (#2082131)
- shared/install: when we fail to chase a symlink, show some logs (#2082131)
- shared/install: do not try to resolve symlinks outside of root directory (#2082131)
- test-systemctl-enable: enhance the test for unit file linking (#2082131)
- shared/install: skip unnecessary chasing of symlinks in disable (#2082131)
- shared/install: also remove symlinks like .wants/foo at one.service → ../foo at one.service (#2082131)
- shared/install: create relative symlinks for enablement and aliasing (#2082131)
- shared/install: when looking for symlinks in .wants/.requires, ignore symlink target (#2082131)
- shared/install: stop passing duplicate root argument to install_name_printf() (#2082131)
- basic/unit-file: reverse negative conditional (#2082131)
- shared/install: split UNIT_FILE_SYMLINK into two states (#2082131)
- shared/install: fix handling of a linked unit file (#2082131)
- test-systemctl-enable: make shellcheck happy (#2082131)
- shared/install: when creating symlinks, accept different but equivalent symlinks (#2082131)
- test-systemctl-enable: use magic syntax to allow inverted tests (#2082131)
- test-systemctl-enable: also use freshly-built systemd-id128 (#2082131)
- test-systemctl-enable: disable the test for %a for now (#2082131)
- Rename UnitFileScope to LookupScope (#2082131)
- core: handle lookup paths being symlinks (#2082131)
- shared/install: use correct cleanup function (#2082131)
- udev/net_id: avoid slot based names only for single function devices (#2073003)
- test: import logind test from debian/ubuntu test suite (#2087652)
- test: drop redundant IMAGE_NAME= (#2087652)
- test: import timedated test from debian/ubuntu test suite (#2087652)
- test: introduce assert_not_in() helper function (#2087652)
- test: drop unnecessary --no-pager option (#2087652)
- test: support debian/ubuntu specific timezone config file (#2087652)
- test: import hostnamed tests from debian/ubuntu test suite (#2087652)
- locale-util: fix memleak on failure (#2087652)
- locale-util: check if enumerated locales are valid (#2087652)
- locale-util: align locale entries (#2087652)
- core: inline an iterator variable (#2087652)
- locale-setup: merge locale handling in PID1 and localed (#2087652)
- locale: rename keymap-util.[ch] -> localed-util.[ch] (#2087652)
- test: add one more path to search keymaps (#2087652)
- test: introduce inst_recursive() helper function (#2087652)
- hmac/sha256: move size define to sha256.h (#2087652)
- tpm2: support policies with PIN (#2087652)
- cryptenroll: add support for TPM2 pin (#2087652)
- cryptsetup: add support for TPM2 pin (#2087652)
- cryptsetup: add libcryptsetup TPM2 PIN support (#2087652)
- cryptenroll: add TPM2 PIN documentation (#2087652)
- cryptsetup: add manual TPM2 PIN configuration (#2087652)
- cryptenroll: add tests for TPM2 unlocking (#2087652)
- env-util: replace unsetenv_erase() by new getenv_steal_erase() helper (#2087652)
- test: install libxkbcommon and x11 keymaps (#2087652)
- test: install C.UTF-8 and English locales (#2087652)
- test: import localed tests from debian/ubuntu test suite (#2087652)
- unit: check for mount rate limiting before checking active state (#2087652)
- tests: make sure we delay running mount start jobs when /p/s/mountinfo is rate limited (#2087652)
- test: insert space in for loop (#2087652)
- test: move "do" at the end of line (#2087652)
- test: use trap RETURN (#2087652)
- test: ignore the error about our own libraries missing during image creation (#2087652)
- test: wrap binaries using systemd DSOs when running w/ ASan (#2087652)
- test: set $ASAN_RT_PATH along with $LD_PRELOAD to the ASan runtime DSO (#2087652)
- test: drop all LD_PRELOAD-related ASan workarounds (#2087652)
- test: don't wrap binaries built with ASan (#2087652)
- test: send stdout/stderr of testsuite units to journal & console (#2087652)
- test: make the busy loop in TEST-02 less verbose (#2087652)
- test: always wrap useradd/userdel when running w/ ASan (#2087652)
- test: don't flush debug logs to the console (#2087652)
- test: fix a couple of issues found by shellcheck (#2087652)
- test: pass the initdir to check_result_{qemu,nspawn} hooks (#2087652)
- test: run the custom check hooks before common checks (#2087652)
- test: check journal directly instead of capturing console output (#2087652)
- test: use saved process PID instead of % (#2087652)
- test: account for ADDR_NO_RANDOMIZE if it's set (#2087652)
- fuzz-bcd: silence warning about always-true comparison (#2087652)
- test: disable test_ntp on RHEL (#2087652)
- core: do not filter out systemd.unit= and run-level specifier from kernel command line (#2087652)
- test: add a simple test for daemon-reexec (#2087652)
- test: install /usr/libexec/vi as well (#2087652)
- test: resize the terminal automagically with INTERACTIVE_DEBUG=yes (#2087652)
- test: create an ASan wrapper for getent and su (#2087652)
- test: mark partition bootable (#2087652)
- test: bump the data partition size if we don't strip binaries (#2087652)
- test: use PBKDF2 with capped iterations instead of Argon2 (#2087652)
- locale: drop unnecessary allocation (#2087652)
[250-7]
- test: check systemd RPM macros (#2017035)
- test: do not assume x86-64 arch in TEST-58-REPART (#2017035)
- tests: add repart tests for block devices with 1024, 2048, 4096 byte sector sizes (#2017035)
- test: accept both unpadded and padded partition sizes (#2017035)
- test: lvm 2.03.15 dropped the static autoactivation (#2017035)
- test: accept GC'ed units in newer LVM (#2017035)
- shared: Add more dlopen() tests (#2017035)
- systemctl: Show how long a service ran for after it exited in status output (#2017035)
- time-util: introduce TIMESTAMP_UNIX (#2017035)
- systemctl,man: update docs for --timestamp= (#2017035)
- systemctl: make --timestamp= affect the show verb as well (#2017035)
- tests: allow running all the services with SYSTEMD_LOG_LEVEL (#2017035)
- coredump: raise the coredump save size on 64bit systems to 32G (and lower it to 1G on 32bit systems) (#2017035)
- repart: fix sector size handling (#2017035)
- mkdir: allow to create directory whose path contains symlink (#2017035)
- mkdir: CHASE_NONEXISTENT cannot used in chase_symlinks_and_stat() (#2017035)
- meson: move efi file lists closer to where they are used (#2017035)
- meson: move efi summary() section to src/boot/efi (#2017035)
- meson: report SBAT settings (#2017035)
- boot: Build BCD parser only on arches supported by Windows (#2017035)
- meson: Remove efi-cc option (#2017035)
- meson: Get objcopy location from compiler (#2017035)
- meson: Use files() for source lists for boot and fundamental (#2017035)
- meson: Use files() for tests (#2017035)
- tests: add fuzz-bcd (#2017035)
- meson: Use files() for fuzzers (#2017035)
- meson: Add check argument to remaining run_command() calls (#2017035)
- meson: Use echo to list files (#2017035)
- test: add a test for mkdir_p() (#2017035)
- util: another set of CVE-2021-4034 assert()s (#2017035)
- basic: update CIFS magic (#2017035)
- shared: be extra paranoid and check if argc > 0 (#2017035)
- core: check if argc > 0 and argv[0] is set (#2017035)
- core: check argc/argv uncoditionally (#2017035)
- test: temporary workaround for #21819 (#2017035)
- test: don't leak local variable to outer scopes (#2017035)
- tree-wide: don't use strjoina() on getenv() values (#2017035)
- man: clarify Environmentfile format (#2017035)
- test-load-fragment: add a basic test for config_parse_unit_env_file() (#2017035)
- core/execute: use _cleanup_ in exec_context_load_environment() (#2017035)
- test-env-file: add tests for quoting in env files (#2017035)
[250-4]
- udev/net-setup-link: change the default MACAddressPolicy to "none" (#2009237)
- man: mention System Administrator's Guide in systemctl manpage (#1982596)
- Net naming scheme for RHEL-9.0 (#2052106)
- core: decrease log level of messages about use of KillMode=none (#2013213)
- ci: replace apt-key with signed-by (#2013213)
- ci: fix clang-13 installation (#2013213)
[250-3]
- Treat EPERM as "not available" too (#2017035)
- test: copy portable profiles into the image if they don't exist there (#2017035)
- test: introduce get_cgroup_hierarchy() helper (#2047768)
- test: require unified cgroup hierarchy for TEST-56 (#2047768)
- tests: rework test macros to not take code as parameters (#2017035)
- test: allow to set NULL to intro or outro (#2017035)
[250-2]
- spec: make sure version string starts with version number (#2049054)
[250-1]
- Rebase to v250 (#2047768)
[249-9]
- test: don't install test-network-generator-conversion.sh w/o networkd (#2017035)
- meson.build: change operator combining bools from + to and (#2017035)
- openssl-util: use EVP API to get RSA bits (#2016042)
- procfs-util: fix confusion wrt. quantity limit and maximum value (#2017035)
- test-process-util: also add EROFS to the list of "good" errors (#2017035)
- ci: use C9S chroots in Packit (#2017035)
- test-mountpointutil-util: do not assert in test_mnt_id() (#2017035)
- core/mount: add implicit unit dependencies even if when mount unit is generated from /proc/self/mountinfo (#2019468)
- Drop Patch9001 - https://github.com/systemd/systemd/pull/17050 - Replaced by Patch0046
[249-8]
- Really don't enable systemd-journald-audit.socket (#1973856)
- rules: add elevator= kernel command line parameter (#2003002)
- boot: don't build bootctl when -Dgnu-efi=false is set (#2003130)
- unit: install the systemd-bless-boot.service only if we have gnu-efi (#2003130)
- units: don't enable tmp.mount statically in local-fs.target (#2000927)
- pid1: bump DefaultTasksMax to 80% of the kernel pid.max value (#2003031)
- sd-device: introduce device_has_devlink() (#2005024)
- udev-node: split out permission handling from udev_node_add() (#2005024)
- udev-node: stack directory must exist when adding device node symlink (#2005024)
- udev-node: save information about device node and priority in symlink (#2005024)
- udev-node: always update timestamp of stack directory (#2005024)
- udev-node: assume no new claim to a symlink if /run/udev/links is not updated (#2005024)
- udev-node: always atomically create symlink to device node (#2005024)
- udev-node: check stack directory change even if devlink is removed (#2005024)
- udev-node: shorten code a bit and update log message (#2005024)
- udev-node: add random delay on conflict in updating device node symlink (#2005024)
- udev-node: drop redundant trial of devlink creation (#2005024)
- udev-node: simplify the example of race (#2005024)
- udev-node: do not ignore unexpected errors on removing symlink in stack directory (#2005024)
- basic/time-util: introduce FORMAT_TIMESPAN (#2005024)
- udev/net-setup-link: change the default MACAddressPolicy to "none" (#2009237)
- set core ulimit to 0 like on RHEL-7 (#1998509)
[249-4]
- Revert "udev: remove WAIT_FOR key" (#1982666)
* Tue Aug 10 2021 Mohan Boddu <mboddu at redhat.com>
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
[249-2]
- basic/unit-name: do not use strdupa() on a path (#1984299)
- basic/unit-name: adjust comments (#1984299)
- tmpfiles: don't create resolv.conf -> stub-resolv.conf symlink (#1989472)
- Copy 40-redhat.rules from RHEL-8 (#1978639)
- Avoid /tmp being mounted as tmpfs without the user's will (#1959826)
- unit: don't add Requires for tmp.mount (#1619292)
- units: add [Install] section to tmp.mount (#1959826)
- rc-local: order after network-online.target (#1954429)
- ci: drop CIs irrelevant for downstream (#1960703)
- ci: reconfigure Packit for RHEL 9 (#1960703)
- ci: run unit tests on z-stream branches as well (#1960703)
- Check return value of pam_get_item/pam_get_data functions (#1973210)
- random-util: increase random seed size to 1024 (#1982603)
- journal: don't enable systemd-journald-audit.socket by default (#1973856)
- journald.conf: don't touch current audit settings (#1973856)
More information about the El-errata
mailing list