systemd 234-2ubuntu1 source package in Ubuntu
Changelog
systemd (234-2ubuntu1) artful; urgency=medium [ Dimitri John Ledkov ] * ubuntu: udev.postinst preserve virtio interfaces names on upgrades, on s390x. New udev generates stable interface names on s390x kvm instances, however, upon upgrades existing ethX names should be preserved to prevent breaking networking and software configurations. This patch only affects Ubuntu systems. (Closes: #860246) (LP: #1682437) * Set UseDomains to true, by default, on Ubuntu. On Ubuntu, fallback DNS servers are disabled, therefore we do not leak queries to a preset 3rd party by default. In resolved, dnssec is also disabled by default, as too much of the internet is broken and using Ubuntu users to debug the internet is not very productive - most of the time the end-user cannot fix or know how to notify the site owners about the dnssec mistakes. Inherintally the DHCP acquired DNS servers are therefore trusted, and are free to spoof records. Not trusting DNS search domains, in such scenario, provides limited security or privacy benefits. From user point of view, this also appears to be a regression from previous Ubuntu releases which do trust DHCP acquired search domains by default. Therefore we are enabling UseDomains by default on Ubuntu. Users may override this setting in the .network files by specifying [DHCP|IPv6AcceptRA] UseDomains=no|route options. * resolved: create private stub resolve file for integration with resolvconf. The stub-resolve.conf file points at resolved stub resolver, but also lists the available search domains. This is required to correctly resolve domains without using resolve nss module. * Enable systemd-resolved by default * Create /etc/resolv.conf at postinst, pointing at the stub resolver. The stub resolver file is dynamically managed by systemd-resolved. It points at the stub resolver as the nameserver, however it also dynamically updates the search stanza, thus non-nss dns tools work correctly with unqualified names and correctly use the DHCP acquired search domains. * libnss-resolve: do not disable and stop systemd-resolved resolved is always used by default on ubuntu via stub resolver, therefore it should continue to operate without libnss-resolve module installed. * modprobe.d: set max_bonds=0 for bonding module to prevent bond0 creation. This prevents confusing networkd, and allows networkd to manage bond0. * Cherrypick upstream networkd-test.py assertion/check fixes. This resolves ADT test suite failures, when running tests under lxc/lxd providers. * Cherrypick arm* seccomp fixes. This should resolve ADT test failures, on arm64, when running as root. * Re-enable seccomp and execute tests on arm. [ Balint Reczey ] * Skip starting systemd-remount-fs.service in containers even when /etc/fstab is present. This allows entering fully running state even when /etc/fstab lists / to be mounted from a device which is not present in the container. (LP: #1576341) [ Michael Biebl ] * selinux: Enable labeling and access checks for unprivileged users. Revert commit that inadvertently broke a lot of SELinux related functionality for both unprivileged users and systemd instances running as MANAGER_USER and instead deal with the auditd issue by checking for the CAP_AUDIT_WRITE capability before opening an audit netlink socket. (Closes: #863800) -- Dimitri John Ledkov <email address hidden> Tue, 25 Jul 2017 13:30:58 +0100
Upload details
- Uploaded by:
- Dimitri John Ledkov
- Uploaded to:
- Artful
- Original maintainer:
- Ubuntu Developers
- Architectures:
- linux-any
- Section:
- admin
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
systemd_234.orig.tar.gz | 4.6 MiB | da3e69d10aa1c983d33833372ad4929037b411ac421fb085c8cee79ae1d80b6a |
systemd_234-2ubuntu1.debian.tar.xz | 135.5 KiB | 9a1742152ef2026e45333801d1d6e40ed2ac2957ea5233de8469c8a54e0c16de |
systemd_234-2ubuntu1.dsc | 4.0 KiB | c72fc2380d6cccd23c45674033af68c1dc54a2bfbf27eff4f312f4cb686851cc |
Available diffs
Binary packages built by this source
- libnss-myhostname: No summary available for libnss-myhostname in ubuntu artful.
No description available for libnss-myhostname in ubuntu artful.
- libnss-myhostname-dbgsym: No summary available for libnss-myhostname-dbgsym in ubuntu artful.
No description available for libnss-
myhostname- dbgsym in ubuntu artful.
- libnss-mymachines: No summary available for libnss-mymachines in ubuntu artful.
No description available for libnss-mymachines in ubuntu artful.
- libnss-mymachines-dbgsym: No summary available for libnss-mymachines-dbgsym in ubuntu artful.
No description available for libnss-
mymachines- dbgsym in ubuntu artful.
- libnss-resolve: No summary available for libnss-resolve in ubuntu artful.
No description available for libnss-resolve in ubuntu artful.
- libnss-resolve-dbgsym: No summary available for libnss-resolve-dbgsym in ubuntu artful.
No description available for libnss-
resolve- dbgsym in ubuntu artful.
- libnss-systemd: No summary available for libnss-systemd in ubuntu artful.
No description available for libnss-systemd in ubuntu artful.
- libnss-systemd-dbgsym: No summary available for libnss-systemd-dbgsym in ubuntu artful.
No description available for libnss-
systemd- dbgsym in ubuntu artful.
- libpam-systemd: No summary available for libpam-systemd in ubuntu artful.
No description available for libpam-systemd in ubuntu artful.
- libpam-systemd-dbgsym: No summary available for libpam-systemd-dbgsym in ubuntu artful.
No description available for libpam-
systemd- dbgsym in ubuntu artful.
- libsystemd-dev: No summary available for libsystemd-dev in ubuntu artful.
No description available for libsystemd-dev in ubuntu artful.
- libsystemd0: No summary available for libsystemd0 in ubuntu artful.
No description available for libsystemd0 in ubuntu artful.
- libsystemd0-dbgsym: No summary available for libsystemd0-dbgsym in ubuntu artful.
No description available for libsystemd0-dbgsym in ubuntu artful.
- libudev-dev: No summary available for libudev-dev in ubuntu artful.
No description available for libudev-dev in ubuntu artful.
- libudev1: No summary available for libudev1 in ubuntu artful.
No description available for libudev1 in ubuntu artful.
- libudev1-dbgsym: No summary available for libudev1-dbgsym in ubuntu artful.
No description available for libudev1-dbgsym in ubuntu artful.
- libudev1-udeb: No summary available for libudev1-udeb in ubuntu artful.
No description available for libudev1-udeb in ubuntu artful.
- systemd: No summary available for systemd in ubuntu artful.
No description available for systemd in ubuntu artful.
- systemd-container: No summary available for systemd-container in ubuntu artful.
No description available for systemd-container in ubuntu artful.
- systemd-container-dbgsym: No summary available for systemd-container-dbgsym in ubuntu artful.
No description available for systemd-
container- dbgsym in ubuntu artful.
- systemd-coredump: No summary available for systemd-coredump in ubuntu artful.
No description available for systemd-coredump in ubuntu artful.
- systemd-coredump-dbgsym: No summary available for systemd-coredump-dbgsym in ubuntu artful.
No description available for systemd-
coredump- dbgsym in ubuntu artful.
- systemd-dbgsym: No summary available for systemd-dbgsym in ubuntu artful.
No description available for systemd-dbgsym in ubuntu artful.
- systemd-journal-remote: No summary available for systemd-journal-remote in ubuntu artful.
No description available for systemd-
journal- remote in ubuntu artful.
- systemd-journal-remote-dbgsym: No summary available for systemd-journal-remote-dbgsym in ubuntu artful.
No description available for systemd-
journal- remote- dbgsym in ubuntu artful.
- systemd-sysv: No summary available for systemd-sysv in ubuntu artful.
No description available for systemd-sysv in ubuntu artful.
- systemd-tests: No summary available for systemd-tests in ubuntu artful.
No description available for systemd-tests in ubuntu artful.
- systemd-tests-dbgsym: No summary available for systemd-tests-dbgsym in ubuntu artful.
No description available for systemd-
tests-dbgsym in ubuntu artful.
- udev: No summary available for udev in ubuntu artful.
No description available for udev in ubuntu artful.
- udev-dbgsym: No summary available for udev-dbgsym in ubuntu artful.
No description available for udev-dbgsym in ubuntu artful.
- udev-udeb: No summary available for udev-udeb in ubuntu artful.
No description available for udev-udeb in ubuntu artful.