Dimitri John Ledkov authored Mar 26, 2018 and Simon McVittie committed Feb 27, 2019

systemd (237-3ubuntu5) bionic; urgency=medium

  * Drop old keyring/invocation_id patch, which made keyring setup be skipped in containers.
  * Use new patch, which sets up session keyring without relying on chown operation.
  * Drop systemd.prerm safety check.
    On Ubuntu, systemd is the only choice, and is essential, via init ->
    systemd-sysv -> systemd dependency chain, thus removing systemd is already
    quite hard, and appropriate warnings are emitted by dpkg. (LP: #1758438)
  * Detect Masked unit with drop-ins. (LP: #1752722)
  * wait-online: do not wait, if no links are managed (neither configured, or failed).
    (LP: #1728181)
  * journald.service: set Nice=-1 to dodge watchdog on soft lockups.
    (LP: #1696970)
  * Refresh all patches.

Dimitri John Ledkov authored Mar 05, 2018 and Simon McVittie committed Feb 27, 2019

systemd (237-3ubuntu4) bionic; urgency=medium

  * systemd-sysv-install: fix name initialisation.
    Only initialise NAME, after --root optional argument has been parsed, otherwise
    NAME is initialized to e.g. `enable', instead of to the `unit-name`, resulting
    in failures. (LP: #1752882)

Dimitri John Ledkov authored Feb 20, 2018 and Simon McVittie committed Feb 27, 2019

systemd (237-3ubuntu3) bionic; urgency=medium

  * tests/control: drop qemu-system-ppc.
    Whilst some tests pass, many regress / fail to boot. This is not a regression,
    as qemu-based tests were not run previously.

Dimitri John Ledkov authored Feb 20, 2018 and Simon McVittie committed Feb 27, 2019

systemd (237-3ubuntu2) bionic; urgency=medium

  * tests/boot-smoke: ignore udevd connection timeouts resolving colord group.
  * tests/systemd-fsckd: ignore systemd_fsck_with_plymouth_failure.
  * tests/control: ensure boot-smoke uses latest systemd & udev.
  * test/test-functions: on PPC64 use hvc0 console.

Dimitri John Ledkov authored Feb 19, 2018 and Simon McVittie committed Feb 27, 2019

systemd (237-3ubuntu1) bionic; urgency=medium

  [ Gunnar Hjalmarsson ]
  * Fix PO template creation.
    Cherry-pick upstream patches to build a correct systemd.pot including
    the polkit policy files even without policykit-1 being installed.
    (LP: #1707898)

  [ Dimitri John Ledkov ]
  * Blacklist TEST-16-EXTEND-TIMEOUT
  * test/test-functions: use vmlinux for ppc64 tests.

Always initialize `$ROOT`, to avoid the script getting confused by an
existing outside env variable. Also fix the `--root` option to actually
work, the previous approach was conceptually broken due to how shell
quoting works.

Make the work with `set -u`.

Closes: #890436

Use the existing upstream build system instead of a manual call to
`intltool-update` and `xgettext` to build systemd.pot. Remove the now
obsolete intltool build dependency, but still explicitly keep gettext.

Closes: #890423

- State the gettext package domain "systemd" explicitly, as with the
  move to meson it ended up as "untitled.pot"
- Call xgettext to extract strings from polkit *.policy.in files, which
  intltool-update ignores.

LP: #1707898

Also fail the test if calling journalctl fails, and avoid calling it
twice. See https://github.com/systemd/systemd/pull/8032

Let's read the PID file after all if there's a potentially unsafe
symlink chain in place. But if we do, then refuse taking the PID if its
outside of the cgroup.

Closes: #889144

Up-to-date udev rules for U2F devices are shipped in libu2f-udev
nowadays.

Closes: #889665

Update to upstream version '237'
with Debian dir 43ba4b4a8c6efb608fe3849a61612573b64553a5

This is used by hwdb/parse_hwdb.py to perform additional validation on
hwdb files.

Follow-up fix for the previous commit, it forgot the first two hunks.

Gbp-Dch: Ignore

Closes: #882629

Pick upstream patch requiring the existence of the systemd-timesync user only when running
as root, which is not the case for the system unit.

Closes: #887343

This was making mounts from SSH sessions invisible to the system.

Closes: #885325

This was done so changes to the [Install] section would be applied on
upgrades. Forcefully re-enabling a service might overwrite local
modifications though and thus far, none of the affected services did
actually change its [Install] section. So remove this code from the
maintainer scripts as it was apparently doing more harm then good.

Closes: #869354

Fixes "systemd-analyze plot" failing to run as root.

Closes: #884506

Fixes systemd-cryptsetup-generator failing to run during boot.

Closes: #885201

Mention in the recent NEWS entry that the associated system groups
should be removed as well.

Closes: #885061

This makes it compliant with recent versions of debian-policy which
recommends to use priority optional for library packages.

This would introduce a new system group "render". As the name is rather
generic, this needs further discussion first, so revert this change for
now.

We no longer create those system users as the corresponding services now
use DynamicUser=yes. Removing those system users automatically is tricky,
as the relevant services might be running during upgrade. Add a NEWS
entry instead which documents this change.

DynamicUser=yes has been enabled for systemd-timesyncd.service so
allocating a system user statically is no longer necessary.