|
|
|
|
Changelog for systemd-239-41.el8_3.i686.rpm :
* Wed Oct 07 2020 systemd maintenance team - 239-41- cgroup: freezer action must be NOP when cgroup v2 freezer is not available (#1868831) * Fri Aug 28 2020 systemd maintenance team - 239-40- units: add generic boot-complete.target (#1872243)- man: document new \"boot-complete.target\" unit (#1872243)- core: make sure to restore the control command id, too (#1829867) * Thu Aug 06 2020 systemd maintenance team - 239-39- device: make sure we emit PropertiesChanged signal once we set sysfs (#1793533)- device: don\'t emit PropetiesChanged needlessly (#1793533) * Tue Aug 04 2020 systemd maintenance team - 239-38- spec: fix rpm verification (#1702300) * Wed Jul 08 2020 systemd maintenance team - 239-37- spec: don\'t package /etc/systemd/system/dbus-org.freedesktop.resolve1.service (#1844465) * Fri Jun 26 2020 systemd maintenance team - 239-36- core: don\'t consider SERVICE_SKIP_CONDITION for abnormal or failure restarts (#1737283)- selinux: do preprocessor check only in selinux-access.c (#1830861)- basic/cgroup-util: introduce cg_get_keyed_attribute_full() (#1830861)- shared: add generic logic for waiting for a unit to enter some state (#1830861)- shared: fix assert call (#1830861)- shared: Don\'t try calling NULL callback in bus_wait_for_units_clear (#1830861)- shared: add NULL callback check in one more place (#1830861)- core: introduce support for cgroup freezer (#1830861)- core/cgroup: fix return value of unit_cgorup_freezer_action() (#1830861)- core: fix the return value in order to make sure we don\'t dipatch method return too early (#1830861)- test: add test for cgroup v2 freezer support (#1830861)- fix mis-merge (#1848421)- tests: sleep a bit and give kernel time to perform the action after manual freeze/thaw (#1848421) * Fri Jun 26 2020 systemd maintenance team - 239-35- spec: fix rpm verification (#1702300) * Thu Jun 18 2020 systemd maintenance team - 239-34- spec: fix rpm verification (#1702300) * Tue Jun 09 2020 systemd maintenance team - 239-33- tmpfiles: fix crash with NULL in arg_root and other fixes and tests (#1836024)- sulogin-shell: Use force if SYSTEMD_SULOGIN_FORCE set (#1625929)- resolvconf: fixes for the compatibility interface (#1835594)- mount: don\'t add Requires for tmp.mount (#1748840)- core: coldplug possible nop_job (#1829798)- core: add IODeviceLatencyTargetSec (#1831519)- time-util: Introduce parse_sec_def_infinity (#1770379)- cgroup: use structured initialization (#1770379)- core: add CPUQuotaPeriodSec= (#1770379)- core: downgrade CPUQuotaPeriodSec= clamping logs to debug (#1770379)- sd-bus: avoid magic number in SASL length calculation (#1838081)- sd-bus: fix SASL reply to empty AUTH (#1838081)- sd-bus: skip sending formatted UIDs via SASL (#1838081)- core: add MemoryMin (#1763435)- core: introduce cgroup_add_device_allow() (#1763435)- test: remove support for suffix in get_testdata_dir() (#1763435)- cgroup: Implement default propagation of MemoryLow with DefaultMemoryLow (#1763435)- cgroup: Create UNIT_DEFINE_ANCESTOR_MEMORY_LOOKUP (#1763435)- unit: Add DefaultMemoryMin (#1763435)- cgroup: Polish hierarchically aware protection docs a bit (#1763435)- cgroup: Readd some plumbing for DefaultMemoryMin (#1763435)- cgroup: Support 0-value for memory protection directives (#1763435)- cgroup: Test that it\'s possible to set memory protection to 0 again (#1763435)- cgroup: Check ancestor memory min for unified memory config (#1763435)- cgroup: Respect DefaultMemoryMin when setting memory.min (#1763435)- cgroup: Mark memory protections as explicitly set in transient units (#1763435)- meson: allow setting the version string during configuration (#1804252) * Thu Jun 04 2020 systemd maintenance team - 239-32- pid1: fix DefaultTasksMax initialization (#1809037)- cgroup: make sure that cpuset is supported on cgroup v2 and disabled with v1 (#1808940)- test: introduce TEST-36-NUMAPOLICY (#1808940)- test: replace `tail -f` with journal cursor which should be... (#1808940)- test: support MPOL_LOCAL matching in unpatched strace versions (#1808940)- test: make sure the strace process is indeed dead (#1808940)- test: skip the test on systems without NUMA support (#1808940)- test: give strace some time to initialize (#1808940)- test: add a simple sanity check for systems without NUMA support (#1808940)- test: drop the missed || exit 1 expression (#1808940)- test: replace cursor file with a plain cursor (#1808940)- cryptsetup: Treat key file errors as a failed password attempt (#1763155)- swap: finish the secondary swap units\' jobs if deactivation of the primary swap unit fails (#1749622)- resolved: Recover missing PrivateTmp=yes and ProtectSystem=strict (#1810869)- bus_open leak sd_event_source when udevadm trigger。 (#1798504)- core: rework StopWhenUnneeded= logic (#1798046)- pid1: fix the names of AllowedCPUs= and AllowedMemoryNodes= (#1818054)- core: fix re-realization of cgroup siblings (#1818054)- basic: use comma as separator in cpuset cgroup cpu ranges (#1818054)- core: transition to FINAL_SIGTERM state after ExecStopPost= (#1766479)- sd-journal: close journal files that were deleted by journald before we\'ve setup inotify watch (#1796128)- sd-journal: remove the dead code and actually fix #14695 (#1796128)- udev: downgrade message when we fail to set inotify watch up (#1808051)- logind: check PolicyKit before allowing VT switch (#1797679)- test: do not use global variable to pass error (#1823767)- test: install libraries required by tests (#1823767)- test: introduce install_zoneinfo() (#1823767)- test: replace duplicated Makefile by symbolic link (#1823767)- test: add paths of keymaps in install_keymaps() (#1823767)- test: make install_keymaps() optionally install more keymaps (#1823767)- test-fs-util: skip some tests when running in unprivileged container (#1823767)- test-process-util: skip several verifications when running in unprivileged container (#1823767)- test-execute: also check python3 is installed or not (#1823767)- test-execute: skip several tests when running in container (#1823767)- test: introduce test_is_running_from_builddir() (#1823767)- test: make test-catalog relocatable (#1823767)- test: parallelize tasks in TEST-24-UNIT-TESTS (#1823767)- test: try to determine QEMU_SMP dynamically (#1823767)- test: store coredumps in journal (#1823767)- pid1: add new kernel cmdline arg systemd.cpu_affinity= (#1812894)- udev-rules: make tape-changers also apprear in /dev/tape/by-path/ (#1820112)- man: be clearer that .timer time expressions need to be reset to override them (#1816908)- Add support for opening files for appending (#1809175)- nspawn: move payload to sub-cgroup first, then sync cgroup trees (#1837094)- core: move unit_status_emit_starting_stopping_reloading() and related calls to job.c (#1737283)- job: when a job was skipped due to a failed condition, log about it (#1737283)- core: split out all logic that updates a Job on a unit\'s unit_notify() invocation (#1737283)- core: make log messages about units entering a \'failed\' state recognizable (#1737283)- core: log a recognizable message when a unit succeeds, too (#1737283)- tests: always use the right vtable wrapper calls (#1737283)- test-execute: allow filtering test cases by pattern (#1737283)- test-execute: provide custom failure message (#1737283)- core: ExecCondition= for services (#1737283)- Drop support for lz4 < 1.3.0 (#1843871)- test-compress: add test for short decompress_startswith calls (#1843871)- journal: adapt for new improved LZ4_decompress_safe_partial() (#1843871)- fuzz-compress: add fuzzer for compression and decompression (#1843871)- seccomp: fix __NR__sysctl usage (#1843871) * Fri Feb 21 2020 systemd maintenance team - 239-27- cgroup: introduce support for cgroup v2 CPUSET controller (#1724617) * Wed Feb 19 2020 systemd maintenance team - 239-26- seccomp: introduce seccomp_restrict_suid_sgid() for blocking chmod() for suid/sgid files (#1687512)- test: add test case for restrict_suid_sgid() (#1687512)- core: expose SUID/SGID restriction as new unit setting RestrictSUIDSGID= (#1687512)- analyze: check for RestrictSUIDSGID= in \"systemd-analyze security\" (#1687512)- man: document the new RestrictSUIDSGID= setting (#1687512)- units: turn on RestrictSUIDSGID= in most of our long-running daemons (#1687512)- core: imply NNP and SUID/SGID restriction for DynamicUser=yes service (#1687512) * Mon Feb 17 2020 systemd maintenance team - 239-25- sd-bus: use \"queue\" message references for managing r/w message queues in connection objects (CVE-2020-1712)- pid1: make sure to restore correct default values for some rlimits (#1789930)- main: introduce a define HIGH_RLIMIT_MEMLOCK similar to HIGH_RLIMIT_NOFILE (#1789930) * Thu Feb 13 2020 systemd maintenance team - 239-24- rules: reintroduce 60-alias-kmsg.rules (#1739353)- sd-bus: make rqueue/wqueue sizes of type size_t (CVE-2020-1712)- sd-bus: reorder bus ref and bus message ref handling (CVE-2020-1712)- sd-bus: make sure dispatch_rqueue() initializes return parameter on all types of success (CVE-2020-1712)- sd-bus: drop two inappropriate empty lines (CVE-2020-1712)- sd-bus: initialize mutex after we allocated the wqueue (CVE-2020-1712)- sd-bus: always go through sd_bus_unref() to free messages (CVE-2020-1712)- bus-message: introduce two kinds of references to bus messages (CVE-2020-1712)- sd-bus: introduce API for re-enqueuing incoming messages (CVE-2020-1712)- sd-event: add sd_event_source_disable_unref() helper (CVE-2020-1712)- polkit: when authorizing via PK let\'s re-resolve callback/userdata instead of caching it (CVE-2020-1712)- sysctl: let\'s by default increase the numeric PID range from 2^16 to 2^22 (#1744214)- journal: do not trigger assertion when journal_file_close() get NULL (#1788085)- journal: use cleanup attribute at one more place (#1788085) * Mon Jan 13 2020 systemd maintenance team - 239-23- catalog: fix name of variable (#1677768)- cryptsetup: add keyfile-timeout to allow a keydev timeout and allow to fallback to a password if it fails. (#1763155)- cryptsetup: add documentation for keyfile-timeout (#1763155)- cryptsetup: use unabbrieviated variable names (#1763155)- cryptsetup: don\'t assert on variable which is optional (#1763155)- cryptsetup-generator: guess whether the keyfile argument is two items or one (#1763155)- crypt-util: Translate libcryptsetup log level instead of using log_debug() (#1776408)- cryptsetup: add some commenting about EAGAIN generation (#1776408)- cryptsetup: downgrade a log message we ignore (#1776408)- cryptsetup: rework how we log about activation failures (#1776408) * Tue Dec 17 2019 systemd maintenance team - 239-22- spec: don\'t ship /var/log/README- spec: provide systemd-rpm-macros * Mon Dec 09 2019 systemd maintenance team - 239-21- test-cpu-set-util: fix comparison for allocation size (#1734787)- test-cpu-set-util: fix allocation size check on i386 (#1734787) * Mon Dec 09 2019 systemd maintenance team - 239-20- journal: rely on _cleanup_free_ to free a temporary string used in client_context_read_cgroup (#1764560)- basic/user-util: allow dots in user names (#1717603)- sd-bus: bump message queue size again (#1770189)- tests: put fuzz_journald_processing_function in a .c file (#1764560)- tests: add a fuzzer for dev_kmsg_record (#1764560)- basic: remove an assertion from cunescape_one (#1764560)- journal: fix an off-by-one error in dev_kmsg_record (#1764560)- tests: add a reproducer for a memory leak fixed in 30eddcd51b8a472e05d3b8d1 in August (#1764560)- tests: add a reproducer for a heap-buffer-overflow fixed in 937b1171378bc1000a (#1764560)- test: initialize syslog_fd in fuzz-journald-kmsg too (#1764560)- tests: add a fuzzer for process_audit_string (#1764560)- journald: check whether sscanf has changed the value corresponding to %n (#1764560)- tests: introduce dummy_server_init and use it in all journald fuzzers (#1764560)- tests: add a fuzzer for journald streams (#1764560)- tests: add a fuzzer for server_process_native_file (#1764560)- fuzz-journal-stream: avoid assertion failure on samples which don\'t fit in pipe (#1764560)- journald: take leading spaces into account in syslog_parse_identifier (#1764560)- Add a warning about the difference in permissions between existing directories and unit settings. (#1778384)- execute: remove one redundant comparison check (#1778384)- core: change ownership/mode of the execution directories also for static users (#1778384)- core/dbus-execute: remove unnecessary initialization (#1734787)- shared/cpu-set-util: move the part to print cpu-set into a separate function (#1734787)- shared/cpu-set-util: remove now-unused CPU_SIZE_TO_NUM() (#1734787)- Rework cpu affinity parsing (#1734787)- Move cpus_in_affinity_mask() to cpu-set-util.[ch] (#1734787)- test-cpu-set-util: add simple test for cpus_in_affinity_mask() (#1734787)- test-cpu-set-util: add a smoke test for test_parse_cpu_set_extend() (#1734787)- pid1: parse CPUAffinity= in incremental fashion (#1734787)- pid1: don\'t reset setting from /proc/cmdline upon restart (#1734787)- pid1: when reloading configuration, forget old settings (#1734787)- test-execute: use CPUSet too (#1734787)- shared/cpu-set-util: drop now-unused cleanup function (#1734787)- shared/cpu-set-util: make transfer of cpu_set_t over bus endian safe (#1734787)- test-cpu-set-util: add test for dbus conversions (#1734787)- shared/cpu-set-util: introduce cpu_set_to_range() (#1734787)- systemctl: present CPUAffinity mask as a list of CPU index ranges (#1734787)- shared/cpu-set-util: only force range printing one time (#1734787)- execute: dump CPUAffinity as a range string instead of a list of CPUs (#1734787)- cpu-set-util: use %d-%d format in cpu_set_to_range_string() only for actual ranges (#1734787)- core: introduce NUMAPolicy and NUMAMask options (#1734787)- core: disable CPUAccounting by default (#1734787)- set kptr_restrict=1 (#1689346)- cryptsetup: reduce the chance that we will be OOM killed (#1696602)- core, job: fix breakage of ordering dependencies by systemctl reload command (#1766417)- debug-generator: enable custom systemd.debug_shell tty (#1723722) * Thu Oct 24 2019 Lukas Nykryn - 239-19- core: never propagate reload failure to service result (#1735787)- man: document systemd-analyze security (#1750343)- man: reorder and add examples to systemd-analyze(1) (#1750343)- travis: move to CentOS 8 docker images (#1761519)- travis: drop SCL remains (#1761519)- syslog: fix segfault in syslog_parse_priority() (#1761519)- sd-bus: make strict asan shut up (#1761519)- travis: don\'t run slow tests under ASan/UBSan (#1761519)- kernel-install: do not require non-empty kernel cmdline (#1701454)- ask-password: prevent buffer overrow when reading from keyring (#1752050)- core: try to reopen /dev/kmsg again right after mounting /dev (#1749212)- buildsys: don\'t garbage collect sections while linking (#1748258)- udev: introduce CONST key name (#1762679)- Call getgroups() to know size of supplementary groups array to allocate (#1743230256 KB- Consider smb3 as remote filesystem (#1757257)- process-util: introduce pid_is_my_child() helper (#1744972)- core: reduce the number of stalled PIDs from the watched processes list when possible (#1744972)- core: only watch processes when it\'s really necessary (#1744972)- core: implement per unit journal rate limiting (#1719577)- path: stop watching path specs once we triggered the target unit (#1763161)- journald: fixed assertion failure when system journal rotation fails (#9893) (#1763619)- test: use PBKDF2 instead of Argon2 in cryptsetup... (#1761519)- test: mask several unnecessary services (#1761519)- test: bump the second partition\'s size to 50M (#1761519)- shared/sleep-config: exclude zram devices from hibernation candidates (#1763617)- selinux: don\'t log SELINUX_INFO and SELINUX_WARNING messages to audit (#1763612)- sd-device: introduce log_device_ *() macros (#1753369)- udev: Add id program and rule for FIDO security tokens (#1753369)- shared/but-util: drop trusted annotation from bus_open_system_watch_bind_with_description() (#1746857)- sd-bus: adjust indentation of comments (#1746857)- resolved: do not run loop twice (#1746857)- resolved: allow access to Set *Link and Revert methods through polkit (#1746857)- resolved: query polkit only after parsing the data (#1746857) * Fri Aug 30 2019 Lukas Nykryn - 239-18- shared/but-util: drop trusted annotation from bus_open_system_watch_bind_with_description() (#1746857)- sd-bus: adjust indentation of comments (#1746857)- resolved: do not run loop twice (#1746857)- resolved: allow access to Set *Link and Revert methods through polkit (#1746857)- resolved: query polkit only after parsing the data (#1746857) * Wed Aug 07 2019 Lukas Nykryn - 239-17- mount: simplify /proc/self/mountinfo handler (#1696178)- mount: rescan /proc/self/mountinfo before processing waitid() results (#1696178)- swap: scan /proc/swaps before processing waitid() results (#1696178)- analyze-security: fix potential division by zero (#1734400) * Fri Jul 26 2019 Lukas Nykryn - 239-16- sd-bus: deal with cookie overruns (#1694999)- journal-remote: do not request Content-Length if Transfer-Encoding is chunked (#1708849)- journal: do not remove multiple spaces after identifier in syslog message (#1691817)- cryptsetup: Do not fallback to PLAIN mapping if LUKS data device set fails. (#1719153)- cryptsetup: call crypt_load() for LUKS only once (#1719153)- cryptsetup: Add LUKS2 token support. (#1719153)- udev/scsi_id: fix incorrect page length when get device identification VPD page (#1713227)- Change job mode of manager triggered restarts to JOB_REPLACE (#11456- bash-completion: analyze: support \'security\' (#1733395)- man: note that journal does not validate syslog fields (#1707175)- rules: skip memory hotplug on ppc64 (#1713159) * Thu May 23 2019 Lukas Nykryn - 239-15- tree-wide: shorten error logging a bit (#1697893)- nspawn: simplify machine terminate bus call (#1697893)- nspawn: merge two variable declaration lines (#1697893)- nspawn: rework how we allocate/kill scopes (#1697893)- unit: enqueue cgroup empty check event if the last ref on a unit is dropped (#1697893)- Revert \"journal: remove journal audit socket\" (#1699287)- journal: don\'t enable systemd-journald-audit.socket by default (#1699287)- logs-show: use grey color for de-emphasizing journal log output (#1695601)- units: add [Install] section to tmp.mount (#1667065)- nss: do not modify errno when NSS_STATUS_NOTFOUND or NSS_STATUS_SUCCESS (#1691691)- util.h: add new UNPROTECT_ERRNO macro (#1691691)- nss: unportect errno before writing to NSS\' *errnop (#1691691)- seccomp: reduce logging about failure to add syscall to seccomp (#1658691)- format-table: when duplicating a cell, also copy the color (#1689832)- format-table: optionally make specific cells clickable links (#1689832)- format-table: before outputting a color, check if colors are available (#1689832)- format-table: add option to store/format percent and uint64_t values in cells (#1689832)- format-table: optionally allow reversing the sort order for a column (#1689832)- format-table: add table_update() to update existing entries (#1689832)- format-table: add an API for getting the cell at a specific row/column (#1689832)- format-table: always underline header line (#1689832)- format-table: add calls to query the data in a specific cell (#1689832)- format-table: make sure we never call memcmp() with NULL parameters (#1689832)- format-table: use right field for display (#1689832)- format-table: add option to uppercase cells on display (#1689832)- format-table: never try to reuse cells that have color/url/uppercase set (#1689832)- locale-util: add logic to output smiley emojis at various happiness levels (#1689832)- analyze: add new security verb (#1689832)- tests: add a rudimentary fuzzer for server_process_syslog_message (#9979) (#1696224)- journald: make it clear that dev_kmsg_record modifies the string passed to it (#1696224)- journald: free the allocated memory before returning from dev_kmsg_record (#1696224)- tests: rework the code fuzzing journald (#1696224)- journald: make server_process_native_message compatible with fuzz_journald_processing_function (#1696224)- tests: add a fuzzer for server_process_native_message (#1696224)- tests: add a fuzzer for sd-ndisc (#1696224)- ndisc: fix two infinite loops (#1696224)- tests: add reproducers for several issues uncovered with fuzz-journald-syslog (#1696224)- tests: add a reproducer for an infinite loop in ndisc_handle_datagram (#1696224)- tests: add a reproducer for another infinite loop in ndisc_handle_datagram (#1696224)- fuzz: rename \"fuzz-corpus\" directory to just \"fuzz\" (#1696224)- test: add testcase for issue 10007 by oss-fuzz (#1696224)- fuzz: unify the \"fuzz-regressions\" directory with the main corpus (#1696224)- test-bus-marshal: use cescaping instead of hexmem (#1696224)- meson: add -Dlog-trace to set LOG_TRACE (#1696224)- meson: allow building resolved and machined without nss modules (#1696224)- meson: drop duplicated condition (#1696224)- meson: use .source_root() in more places (#1696224)- meson: treat all fuzz cases as unit tests (#1696224)- fuzz-bus-message: add fuzzer for message parsing (#1696224)- bus-message: use structured initialization to avoid use of unitialized memory (#1696224)- bus-message: avoid an infinite loop on empty structures (#1696224)- bus-message: let\'s always use -EBADMSG when the message is bad (#1696224)- bus-message: rename function for clarity (#1696224)- bus-message: use define (#1696224)- bus: do not print (null) if the message has unknown type (#1696224)- bus-message: fix calculation of offsets table (#1696224)- bus-message: remove duplicate assignment (#1696224)- bus-message: fix calculation of offsets table for arrays (#1696224)- bus-message: drop asserts in functions which are wrappers for varargs version (#1696224)- bus-message: output debug information about offset troubles (#1696224)- bus-message: fix skipping of array fields in !gvariant messages (#1696224)- bus-message: also properly copy struct signature when skipping (#1696224)- fuzz-bus-message: add two test cases that pass now (#1696224)- bus-message: return -EBADMSG not -EINVAL on invalid !gvariant messages (#1696224)- bus-message: avoid wrap-around when using length read from message (#1696224)- util: do not use stack frame for parsing arbitrary inputs (#1696224)- travis: enable ASan and UBSan on RHEL8 (#1683319)- tests: keep SYS_PTRACE when running under ASan (#1683319)- tree-wide: various ubsan zero size memory fixes (#1683319)- util: introduce memcmp_safe() (#1683319)- test-socket-util: avoid \"memleak\" reported by valgrind (#1683319)- sd-journal: escape binary data in match_make_string() (#1683319)- capability: introduce CAP_TO_MASK_CORRECTED() macro replacing CAP_TO_MASK() (#1683319)- sd-bus: use size_t when dealing with memory offsets (#1683319)- sd-bus: call cap_last_cap() only once in has_cap() (#1683319)- mount-point: honour AT_SYMLINK_FOLLOW correctly (#1683319)- travis: switch from trusty to xenial (#1683319)- test-socket-util: Add tests for receive_fd_iov() and friends. (#1683319)- socket-util: Introduce send_one_fd_iov() and receive_one_fd_iov() (#1683319)- core: swap order of \"n_storage_fds\" and \"n_socket_fds\" parameters (#1683334)- execute: use our usual syntax for defining bit masks (#1683334)- core: introduce new Type=exec service type (#1683334)- man: document the new Type=exec type (#1683334)- sd-bus: allow connecting to the pseudo-container \".host\" (#1683334)- sd-login: let\'s also make sd-login understand \".host\" (#1683334)- test: add test for Type=exec (#1683334)- journal-gateway: explicitly declare local variables (#1705971)- tools: drop unused variable (#1705971)- journal-gateway: use localStorage[\"cursor\"] only when it has valid value (#1705971) * Tue Apr 30 2019 Lukas Nykryn - 239-14- rules: implement new memory hotplug policy (#1670728)- rules: add the rule that adds elevator= kernel command line parameter (#1670126)- bus-socket: Fix line_begins() to accept word matching full string (#1692991)- Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1678641)- Allocate temporary strings to hold dbus paths on the heap (#1678641)- sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1678641)- Revert \"core: one step back again, for nspawn we actually can\'t wait for cgroups running empty since systemd will get exactly zero notifications about it\" (#1703485) * Tue Feb 26 2019 Lukas Nykryn - 239-13- rules: add the rule that adds elevator= kernel command line parameter (#1670126) * Fri Feb 15 2019 Lukas Nykryn - 239-12- core: when deserializing state always use read_line(…, LONG_LINE_MAX, …) (CVE-2018-15686)- coredump: remove duplicate MESSAGE= prefix from message (#1664976)- journald: remove unnecessary {} (#1664976)- journald: do not store the iovec entry for process commandline on stack (#1664976)- basic/process-util: limit command line lengths to _SC_ARG_MAX (#1664976)- coredump: fix message when we fail to save a journald coredump (#1664976)- procfs-util: expose functionality to query total memory (#1664976)- basic/prioq: add prioq_peek_item() (#1664976)- journal: limit the number of entries in the cache based on available memory (#1664976)- journald: periodically drop cache for all dead PIDs (#1664976)- process-util: don\'t use overly large buffer to store process command line (#1664976)- Revert \"sysctl.d: switch net.ipv4.conf.all.rp_filter from 1 to 2\" (#1653824)- journal: fix syslog_parse_identifier() (#1664978)- journald: set a limit on the number of fields (1k) (#1664977)- journald: when processing a native message, bail more quickly on overbig messages (#1664977)- journald: lower the maximum entry size limit to ½ for non-sealed fds (#1664977)- µhttpd: use a cleanup function to call MHD_destroy_response (#1664977)- journal-remote: verify entry length from header (#1664977)- journal-remote: set a limit on the number of fields in a message (#1664977)- journald: correctly attribute log messages also with cgroupsv1 (#1658115)- rules: add elevator= kernel command line parameter (#1670126) * Mon Jan 14 2019 Lukas Nykryn - 239-11- unit: don\'t add Requires for tmp.mount (#1619292)- remove bootchart dependency (#1660119) * Wed Dec 12 2018 Lukas Nykryn - 239-10- cryptsetup-generator: introduce basic keydev support (#1656869)- cryptsetup: don\'t use %m if there\'s no error to show (#1656869)- cryptsetup-generator: don\'t return error if target directory already exists (#1656869)- cryptsetup-generator: allow whitespace characters in keydev specification (#1656869)- rules: watch metadata changes on DASD devices (#1638676)- sysctl.d: switch net.ipv4.conf.all.rp_filter from 1 to 2 (#1653824) * Thu Dec 06 2018 Lukas Nykryn - 239-9- dissect-image: use right comparison function (#1602706)- login: avoid leak of name returned by uid_to_name() (#1602706)- firewall-util: add an assert that we\'re not overwriting a buffer (#1602706)- journal-file: avoid calling ftruncate with invalid fd (#1602706)- dhcp6: make sure we have enough space for the DHCP6 option header (#1643363)- core: rename queued_message → pending_reload_message (#1647359)- core: when we can\'t send the pending reload message, say we ignore it in the warning we log (#1647359)- core: make sure we don\'t throttle change signal generator when a reload is pending (#1647359)- proc-cmdline: introduce PROC_CMDLINE_RD_STRICT (#1643429)- debug-generator: introduce rd. * version of all options (#1643429)- chown-recursive: let\'s rework the recursive logic to use O_PATH (#1643368)- chown-recursive: also drop ACLs when recursively chown()ing (#1643368)- chown-recursive: TAKE_FD() is your friend (#1643368)- test: add test case for recursive chown()ing (#1643368)- Revert \"sysctl.d: request ECN on both in and outgoing connections\" (#1619790)- detect-virt: do not try to read all of /proc/cpuinfo (#1631532)- sd-bus: unify three code-paths which free struct bus_container (#1635435)- sd-bus: properly initialize containers (#1635435) * Tue Oct 16 2018 Lukas Nykryn - 239-8- revert sd-bus: unify three code-paths which free struct bus_container (#1635435) * Fri Oct 12 2018 Michal Sekletár - 239-7- change default cgroup hierarchy to \"legacy\" (#1638650)- we never added mymachines module to passwd: or group: in RHEL8, hence don\'t try to remove it (#1638450)- bump minimal size of random pool to 1024 bytes (#1619268)- install RHEL-7 compatible rc.local (#1625209)- backport support for sector-size crypttab option (#1572563)- units: don\'t enable per-service IP firewall by default (#1630219)- sd-bus: unify three code-paths which free struct bus_container (#1635435)- bus-message: do not crash on message with a string of zero length (#1635439)- bus-message: stack based buffer overflow in free_and_strdup (#1635428)- journal: change support URL shown in the catalog entries (#1550548) * Mon Sep 10 2018 Michal Sekletár - 239-6- move /etc/yum/protected.d/systemd.conf to /etc/dnf/ (#1626973) * Fri Sep 07 2018 Josh Boyer - 239-5- Fix file conflict between yum and systemd (#1626682) * Tue Aug 14 2018 Michal Sekletár - 239-4- drop the patch for delayed loading of config in net_setup_link and set NAME in prefixdevname udev rules (#1614681)- bus: move BUS_DONT_DESTROY calls after asserts (#1610397) * Fri Aug 10 2018 Michal Sekletár - 239-3- net_setup_link: delay loading configuration, just before we apply it (#1614681) * Thu Aug 09 2018 Michal Sekletár - 239-2- 20-grubby.install: populate symvers.gz file (#1609698)- net_setup_link: allow renaming interfaces that were renamed already- units: drop DynamicUser=yes from systemd-resolved.service- journal: remove journal audit socket * Wed Aug 01 2018 Michal Sekletár - 239-1- rebase to systemd-239- Override systemd-user PAM config in install and not prep (patch by Filipe Brandenburger )- use %autosetup -S git_am to apply patches- revert upstream default for RemoveIPC (#1523233)- bump DefaultTasksMax to 80% of kernel default (#1523236)- avoid /tmp being mounted as tmpfs without the user\'s will (#1578772)- bump maximum number of processes in user slice to 80% of pid.max (#1523236)- forwardport downstream-only udev rules from RHEL-7 (#1523227)- don\'t ship systemd-networkd- don\'t ship systemd-timesyncd- add back support for WAIT_FOR to udev rules (#1523213) * Wed May 16 2018 Jan Synáček - 238-8- do not mount /tmp as tmpfs (#1578772) * Tue May 15 2018 Jan Synáček - 238-7- fix compilation (#1578318) * Fri Apr 27 2018 Michal Sekletar - 238-6- forwardport downstream-only udev rules from RHEL-7 (#1523227)- set RemoveIPC=no by default (#1523233) * Thu Apr 12 2018 Michal Sekletar - 238-5- also drop qrencode-devel from BuildRequires as it is no longer needed (#1566158) * Wed Apr 11 2018 Michal Sekletar - 238-4- disable support for qrencode (#1566158)- bump default journal rate limit to 10000 messages per 30s (#1563729)- fix unit reloads (#1560549)- don\'t create /var/log/journal during package installation (#1523188) * Fri Mar 09 2018 Troy Dawson - 238-3.1- Rebuild with cryptsetup-2 * Wed Mar 07 2018 Zbigniew Jędrzejewski-Szmek - 238-3- Revert the patches for GRUB BootLoaderSpec support- Add patch for /etc/machine-id creation (#1552843) * Tue Mar 06 2018 Yu Watanabe - 238-2- Fix transfiletrigger script (#1551793) * Mon Mar 05 2018 Zbigniew Jędrzejewski-Szmek - 238-1- Update to latest version- This fixes a hard-to-trigger potential vulnerability (CVE-2018-6954)- New transfiletriggers are installed for udev hwdb and rules, the journal catalog, sysctl.d, binfmt.d, sysusers.d, tmpfiles.d. * Tue Feb 27 2018 Javier Martinez Canillas - 237-7.git84c8da5- Add patch to install kernel images for GRUB BootLoaderSpec support * Sat Feb 24 2018 Zbigniew Jędrzejewski-Szmek - 237-6.git84c8da5- Create /etc/systemd in %post libs if necessary (#1548607) * Fri Feb 23 2018 Adam Williamson - 237-5.git84c8da5- Use : not touch to create file in -libs %post * Thu Feb 22 2018 Patrick Uiterwijk - 237-4.git84c8da5- Add coreutils dep for systemd-libs %post- Add patch to typecast USB IDs to avoid compile failure * Wed Feb 21 2018 Zbigniew Jędrzejewski-Szmek - 237-3.git84c8da5- Update some patches for test skipping that were updated upstream before merging- Add /usr/lib/systemd/purge-nobody-user — a script to check if nobody is defined correctly and possibly replace existing mappings * Tue Feb 20 2018 Zbigniew Jędrzejewski-Szmek - 237-2.gitdff4849- Backport a bunch of patches, most notably for the journal and various memory issues. Some minor build fixes.- Switch to new ldconfig macros that do nothing in F28+- /etc/systemd/dont-synthesize-nobody is created in %post if nfsnobody or nobody users are defined (#1537262) * Fri Feb 09 2018 Zbigniew Jędrzejeweski-Szmek - 237-1.git78bd769- Update to first stable snapshot (various minor memory leaks and misaccesses, some documentation bugs, build fixes). * Sun Jan 28 2018 Zbigniew Jędrzejewski-Szmek - 237-1- Update to latest version * Sun Jan 21 2018 Björn Esser - 236-4.git3e14c4c- Add patch to include if needed * Sat Jan 20 2018 Björn Esser - 236-3.git3e14c4c- Rebuilt for switch to libxcrypt * Thu Jan 11 2018 Zbigniew Jędrzejewski-Szmek - 236-2.git23e14c4- Backport a bunch of bugfixes from upstream (#1531502, #1531381, #1526621 various memory corruptions in systemd-networkd)- /dev/kvm is marked as a static node which fixes permissions on s390x and ppc64 (#1532382) * Fri Dec 15 2017 Zbigniew Jędrzejewski-Szmek - 236-1- Update to latest version * Mon Dec 11 2017 Zbigniew Jędrzejewski-Szmek - 235-5.git4a0e928- Update to latest git snapshot, do not build for realz- Switch to libidn2 again (#1449145) * Tue Nov 07 2017 Zbigniew Jędrzejewski-Szmek - 235-4- Rebuild for cryptsetup-2.0.0-0.2.fc28 * Wed Oct 25 2017 Zbigniew Jędrzejewski-Szmek - 235-3- Backport a bunch of patches, including LP#172535 * Wed Oct 18 2017 Zbigniew Jędrzejewski-Szmek - 235-2- Patches for cryptsetup _netdev * Fri Oct 06 2017 Zbigniew Jędrzejewski-Szmek - 235-1- Update to latest version * Tue Sep 26 2017 Nathaniel McCallum - 234-8- Backport /etc/crypttab _netdev feature from upstream * Thu Sep 21 2017 Michal Sekletar - 234-7- Make sure to remove all device units sharing the same sysfs path (#1475570) * Mon Sep 18 2017 Zbigniew Jędrzejewski-Szmek - 234-6- Bump xslt recursion limit for libxslt-1.30 * Mon Jul 31 2017 Zbigniew Jędrzejewski-Szmek - 234-5- Backport more patches (#1476005, hopefully #1462378) * Thu Jul 27 2017 Fedora Release Engineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Mon Jul 17 2017 Zbigniew Jędrzejewski-Szmek - 234-3- Fix x-systemd.timeout=0 in /etc/fstab (#1462378)- Minor patches (memleaks, --help fixes, seccomp on arm64) * Thu Jul 13 2017 Zbigniew Jędrzejewski-Szmek - 234-2- Create kvm group (#1431876) * Thu Jul 13 2017 Zbigniew Jędrzejewski-Szmek - 234-1- Latest release * Sat Jul 01 2017 Zbigniew Jędrzejewski-Szmek - 233-7.git74d8f1c- Update to snapshot- Build with meson again * Tue Jun 27 2017 Zbigniew Jędrzejewski-Szmek - 233-6- Fix an out-of-bounds write in systemd-resolved (CVE-2017-9445) * Fri Jun 16 2017 Zbigniew Jędrzejewski-Szmek - 233-5.gitec36d05- Update to snapshot version, build with meson * Thu Jun 15 2017 Zbigniew Jędrzejewski-Szmek - 233-4- Backport a bunch of small fixes (memleaks, wrong format strings, man page clarifications, shell completion)- Fix systemd-resolved crash on crafted DNS packet (CVE-2017-9217, #1455493)- Fix systemd-vconsole-setup.service error on systems with no VGA console (#1272686)- Drop soft-static uid for systemd-journal-gateway- Use ID from /etc/os-release as ntpvendor * Thu Mar 16 2017 Michal Sekletar - 233-3- Backport bugfixes from upstream- Don\'t return error when machinectl couldn\'t figure out container IP addresses (#1419501) * Thu Mar 02 2017 Zbigniew Jędrzejewski-Szmek - 233-2- Fix installation conflict with polkit * Thu Mar 02 2017 Zbigniew Jędrzejewski-Szmek - 233-1- New upstream release (#1416201, #1405439, #1420753, many others)- New systemd-tests subpackage with \"installed tests\" * Thu Feb 16 2017 Zbigniew Jędrzejewski-Szmek - 232-15- Add %ghost %dir entries for .wants dirs of our targets (#1422894) * Tue Feb 14 2017 Zbigniew Jędrzejewski-Szmek - 232-14- Ignore the hwdb parser test * Tue Feb 14 2017 Jan Synáček - 232-14- machinectl fails when virtual machine is running (#1419501) * Sat Feb 11 2017 Fedora Release Engineering - 232-13- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Tue Jan 31 2017 Zbigniew Jędrzejewski-Szmek - 232-12- Backport patch for initrd-switch-root.service getting killed (#1414904)- Fix sd-journal-gatewayd -D, --trust, and COREDUMP_CONTAINER_CMDLINE extraction by sd-coredump. * Sun Jan 29 2017 zbyszek - 232-11- Backport a number of patches (#1411299, #1413075, #1415745, - Fix various memleaks and unitialized variable access- Shell completion enhancements- Enable TPM logging by default (#1411156)- Update hwdb (#1270124) * Thu Jan 19 2017 Adam Williamson - 232-10- Backport fix for boot failure in initrd-switch-root (#1414904) * Wed Jan 18 2017 Zbigniew Jędrzejewski-Szmek - 232-9- Add fake dependency on systemd-pam to systemd-devel to ensure systemd-pam is available as multilib (#1414153) * Tue Jan 17 2017 Zbigniew Jędrzejewski-Szmek - 232-8- Fix buildsystem to check for lz4 correctly (#1404406) * Wed Jan 11 2017 Zbigniew Jędrzejewski-Szmek - 232-7- Various small tweaks to scriplets * Sat Jan 07 2017 Kevin Fenzi - 232-6- Fix scriptlets to never fail in libs post * Fri Jan 06 2017 Kevin Fenzi - 232-5- Add patch from Michal Schmidt to avoid process substitution (#1392236) * Sun Nov 06 2016 Zbigniew Jędrzejewski-Szmek - 232-4- Rebuild (#1392236) * Fri Nov 04 2016 Zbigniew Jędrzejewski-Szmek - 232-3- Make /etc/dbus-1/system.d directory non-%ghost * Fri Nov 04 2016 Zbigniew Jędrzejewski-Szmek - 232-2- Fix kernel-install (#1391829)- Restore previous systemd-user PAM config (#1391836)- Move journal-upload.conf.5 from systemd main to journal-remote subpackage (#1391833)- Fix permissions on /var/lib/systemd/journal-upload (#1262665) * Thu Nov 03 2016 Zbigniew Jędrzejewski-Szmek - 232-1- Update to latest version (#998615, #1181922, #1374371, #1390704, #1384150, #1287161)- Add %{_isa} to Provides on arch-full packages (#1387912)- Create systemd-coredump user in %pre (#1309574)- Replace grubby patch with a short-circuiting install.d \"plugin\"- Enable nss-systemd in the passwd, group lines in nsswith.conf- Add [!UNAVAIL=return] fallback after nss-resolve in hosts line in nsswith.conf- Move systemd-nspawn man pages to the right subpackage (#1391703) * Tue Oct 18 2016 Jan Synáček - 231-11- SPC - Cannot restart host operating from container (#1384523) * Sun Oct 09 2016 Zbigniew Jędrzejewski-Szmek - 231-10- Do not recreate /var/log/journal on upgrades (#1383066)- Move nss-myhostname provides to systemd-libs (#1383271) * Fri Oct 07 2016 Zbigniew Jędrzejewski-Szmek - 231-9- Fix systemctl set-default (#1374371)- Prevent systemd-udev-trigger.service from restarting (follow-up for #1378974) * Tue Oct 04 2016 Zbigniew Jędrzejewski-Szmek - 231-8- Apply fix for #1378974 * Mon Oct 03 2016 Zbigniew Jędrzejewski-Szmek - 231-7- Apply patches properly * Thu Sep 29 2016 Zbigniew Jędrzejewski-Szmek - 231-6- Better fix for (#1380286) * Thu Sep 29 2016 Zbigniew Jędrzejewski-Szmek - 231-5- Denial-of-service bug against pid1 (#1380286) * Thu Aug 25 2016 Zbigniew Jędrzejewski-Szmek - 231-4- Fix preset-all (#1363858)- Fix issue with daemon-reload messing up graphics (#1367766)- A few other bugfixes * Wed Aug 03 2016 Adam Williamson - 231-3- Revert preset-all change, it broke stuff (#1363858) * Wed Jul 27 2016 Zbigniew Jędrzejewski-Szmek - 231-2- Call preset-all on initial installation (#1118740)- Fix botched Recommends for libxkbcommon * Tue Jul 26 2016 Zbigniew Jędrzejewski-Szmek - 231-1- Update to latest version * Wed Jun 08 2016 Zbigniew Jędrzejewski-Szmek - 230-3- Update to latest git snapshot (fixes for systemctl set-default, polkit lingering policy, reversal of the framebuffer rules, unaligned access fixes, fix for StartupBlockIOWeight-over-dbus). Those changes are interspersed with other changes and new features (mostly in lldp, networkd, and nspawn). Some of those new features might not work, but I think that existing functionality should not be broken, so it seems worthwile to update to the snapshot. * Sat May 21 2016 Zbigniew Jędrzejewski-Szmek - 230-2- Remove systemd-compat-libs on upgrade * Sat May 21 2016 Zbigniew Jędrzejewski-Szmek - 230-1- New version- Drop compat-libs- Require libxkbcommon explictly, since the automatic dependency will not be generated anymore * Tue Apr 26 2016 Zbigniew Jędrzejewski-Szmek - 229-15- Remove duplicated entries in -container %files (#1330395) * Fri Apr 22 2016 Zbigniew Jędrzejewski-Szmek - 229-14- Move installation of udev services to udev subpackage (#1329023) * Mon Apr 18 2016 Zbigniew Jędrzejewski-Szmek - 229-13- Split out systemd-pam subpackage (#1327402) * Mon Apr 18 2016 Harald Hoyer - 229-12- move more binaries and services from the main package to subpackages * Mon Apr 18 2016 Harald Hoyer - 229-11- move more binaries and services from the main package to subpackages * Mon Apr 18 2016 Harald Hoyer - 229-10- move device dependant stuff to the udev subpackage * Tue Mar 22 2016 Zbigniew Jędrzejewski-Szmek - 229-9- Add myhostname to /etc/nsswitch.conf (#1318303) * Mon Mar 21 2016 Harald Hoyer - 229-8- fixed kernel-install for copying files for grubbyResolves: rhbz#1299019 * Thu Mar 17 2016 Zbigniew Jędrzejewski-Szmek - 229-7- Moar patches (#1316964, #1317928)- Move vconsole-setup and tmpfiles-setup-dev bits to systemd-udev- Protect systemd-udev from deinstallation * Fri Mar 11 2016 Zbigniew Jędrzejewski-Szmek - 229-6- Create /etc/resolv.conf symlink from systemd-resolved (#1313085) * Fri Mar 04 2016 Zbigniew Jędrzejewski-Szmek - 229-5- Split out systemd-container subpackage (#1163412)- Split out system-udev subpackage- Add various bugfix patches, incl. a tentative fix for #1308771 * Tue Mar 01 2016 Peter Robinson 229-4- Power64 and s390(x) now have libseccomp support- aarch64 has gnu-efi * Tue Feb 23 2016 Jan Synáček - 229-3- Fix build failures on ppc64 (#1310800) * Tue Feb 16 2016 Dennis Gilmore - 229-2- revert: fixed kernel-install for copying files for grubbyResolves: rhbz#1299019- this causes the dtb files to not get installed at all and the fdtdir- line in extlinux.conf to not get updated correctly * Thu Feb 11 2016 Michal Sekletar - 229-1- New upstream release * Thu Feb 11 2016 Harald Hoyer - 228-10.gite35a787- fixed kernel-install for copying files for grubbyResolves: rhbz#1299019 * Fri Feb 05 2016 Fedora Release Engineering - 228-9.gite35a787- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Wed Jan 27 2016 Peter Robinson 228-8.gite35a787- Rebuild for binutils on aarch64 fix * Fri Jan 08 2016 Dan Horák - 228-7.gite35a787- apply the conflict with fedora-release only in Fedora * Thu Dec 10 2015 Jan Synáček - 228-6.gite35a787- Fix rawhide build failures on ppc64 (#1286249) * Sun Nov 29 2015 Zbigniew Jędrzejewski-Szmek - 228-6.gite35a787- Create /etc/systemd/network (#1286397) * Thu Nov 26 2015 Zbigniew Jędrzejewski-Szmek - 228-5.gite35a787- Do not install nss modules by default * Tue Nov 24 2015 Zbigniew Jędrzejewski-Szmek - 228-4.gite35a787- Update to latest upstream git: there is a bunch of fixes (nss-mymachines overflow bug, networkd fixes, more completions are properly installed), mixed with some new resolved features.- Rework file triggers so that they always run before daemons are restarted * Thu Nov 19 2015 Zbigniew Jędrzejewski-Szmek - 228-3- Enable rpm file triggers for daemon-reload * Thu Nov 19 2015 Zbigniew Jędrzejewski-Szmek - 228-2- Fix version number in obsoleted package name (#1283452) * Wed Nov 18 2015 Kay Sievers - 228-1- New upstream release * Thu Nov 12 2015 Zbigniew Jędrzejewski-Szmek - 227-7- Rename journal-gateway subpackage to journal-remote- Ignore the access mode on /var/log/journal (#1048424)- Do not assume fstab is present (#1281606) * Wed Nov 11 2015 Fedora Release Engineering - 227-6- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5 * Tue Nov 10 2015 Lukáš Nykrýn - 227-5- Rebuild for libmicrohttpd soname bump * Fri Nov 06 2015 Robert Kuska - 227-4- Rebuilt for Python3.5 rebuild * Wed Nov 04 2015 Zbigniew Jędrzejewski-Szmek - 227-3- Fix syntax in kernel-install (#1277264) * Tue Nov 03 2015 Michal Schmidt - 227-2- Rebuild for libmicrohttpd soname bump. * Wed Oct 07 2015 Kay Sievers - 227-1- New upstream release * Fri Sep 18 2015 Jan Synáček - 226-3- user systemd-journal-upload should be in systemd-journal group (#1262743) * Fri Sep 18 2015 Kay Sievers - 226-2- Add selinux to system-user PAM config * Tue Sep 08 2015 Kay Sievers - 226-1- New upstream release * Thu Aug 27 2015 Kay Sievers - 225-1- New upstream release * Fri Jul 31 2015 Kay Sievers - 224-1- New upstream release * Wed Jul 29 2015 Kay Sievers - 223-2- update to git snapshot * Wed Jul 29 2015 Kay Sievers - 223-1- New upstream release * Thu Jul 09 2015 Zbigniew Jędrzejewski-Szmek - 222-2- Remove python subpackages (python-systemd in now standalone) * Tue Jul 07 2015 Kay Sievers - 222-1- New upstream release * Mon Jul 06 2015 Kay Sievers - 221-5.git619b80a- update to git snapshot * Mon Jul 06 2015 Zbigniew Jędrzejewski-Szmek - 221-4.git604f02a- Add example file with yama config (#1234951) * Sun Jul 05 2015 Kay Sievers - 221-3.git604f02a- update to git snapshot * Mon Jun 22 2015 Kay Sievers - 221-2- build systemd-boot EFI tools * Fri Jun 19 2015 Lennart Poettering - 221-1- New upstream release- Undoes botched translation check, should be reinstated later? * Fri Jun 19 2015 Fedora Release Engineering - 220-10- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Thu Jun 11 2015 Peter Robinson 220-9- The gold linker is now fixed on aarch64 * Tue Jun 09 2015 Zbigniew Jędrzejewski-Szmek - 220-8- Remove gudev which is now provided as separate package (libgudev)- Fix for spurious selinux denials (#1224211)- Udev change events (#1225905)- Patches for some potential crashes- ProtectSystem=yes does not touch /home- Man page fixes, hwdb updates, shell completion updates- Restored persistent device symlinks for bcache, xen block devices- Tag all DRM cards as master-of-seat * Tue Jun 09 2015 Harald Hoyer 220-7- fix udev block device watch * Tue Jun 09 2015 Harald Hoyer 220-6- add support for network disk encryption * Sun Jun 07 2015 Peter Robinson 220-5- Disable gold on aarch64 until it\'s fixed (tracked in rhbz #1225156) * Sat May 30 2015 Zbigniew Jędrzejewski-Szmek - 220-4- systemd-devel should require systemd-libs, not the main package (#1226301)- Check for botched translations (#1226566)- Make /etc/udev/hwdb.d part of the rpm (#1226379) * Thu May 28 2015 Richard W.M. Jones - 220-3- Add patch to fix udev --daemon not cleaning child processes (upstream commit 86c3bece38bcf5). * Wed May 27 2015 Richard W.M. Jones - 220-2- Add patch to fix udev --daemon crash (upstream commit 040e689654ef08). * Thu May 21 2015 Lennart Poettering - 220-1- New upstream release- Drop /etc/mtab hack, as that\'s apparently fixed in mock now (#1116158)- Remove ghosting for %{_sysconfdir}/systemd/system/runlevel *.target, these targets are not configurable anymore in systemd upstream- Drop work-around for #1002806, since this is solved upstream now * Wed May 20 2015 Dennis Gilmore - 219-15- fix up the conflicts version for fedora-release * Wed May 20 2015 Zbigniew Jędrzejewski-Szmek - 219-14- Remove presets (#1221340)- Fix (potential) crash and memory leak in timedated, locking failure in systemd-nspawn, crash in resolved.- journalctl --list-boots should be faster- zsh completions are improved- various ommissions in docs are corrected (#1147651)- VARIANT and VARIANT_ID fields in os-release are documented- systemd-fsck-root.service is generated in the initramfs (#1201979, #1107818)- systemd-tmpfiles should behave better on read-only file systems (#1207083) * Wed Apr 29 2015 Zbigniew Jędrzejewski-Szmek - 219-13- Patches for some outstanding annoyances- Small keyboard hwdb updates * Wed Apr 08 2015 Zbigniew Jędrzejewski-Szmek - 219-12- Tighten requirements between subpackages (#1207381). * Sun Mar 22 2015 Zbigniew Jędrzejewski-Szmek - 219-11- Move all parts systemd-journal-{remote,upload} to systemd-journal-gatewayd subpackage (#1193143).- Create /var/lib/systemd/journal-upload directory (#1193145).- Cut out lots of stupid messages at debug level which were obscuring more important stuff.- Apply \"tentative\" state for devices only when they are added, not removed.- Ignore invalid swap pri= settings (#1204336)- Fix SELinux check for timedated operations to enable/disable ntp (#1014315)- Fix comparing of filesystem paths (#1184016) * Sat Mar 14 2015 Zbigniew Jędrzejewski-Szmek - 219-10- Fixes for bugs 1186018, 1195294, 1185604, 1196452.- Hardware database update.- Documentation fixes.- A fix for journalctl performance regression.- Fix detection of inability to open files in journalctl.- Detect SuperH architecture properly.- The first of duplicate lines in tmpfiles wins again.- Do vconsole setup after loading vconsole driver, not fbcon.- Fix problem where some units were restarted during systemd reexec.- Fix race in udevadm settle tripping up NetworkManager.- Downgrade various log messages.- Fix issue where journal-remote would process some messages with a delay.- GPT /srv partition autodiscovery is fixed.- Reconfigure old Finnish keymaps in post (#1151958) * Tue Mar 10 2015 Jan Synáček - 219-9- Buttons on Lenovo X6 * tablets broken (#1198939) * Tue Mar 03 2015 Zbigniew Jędrzejewski-Szmek - 219-8- Reworked device handling (#1195761)- ACL handling fixes (with a script in %post)- Various log messages downgraded (#1184712)- Allow PIE on s390 again (#1197721) * Wed Feb 25 2015 Michal Schmidt - 219-7- arm: reenable lto. gcc-5.0.0-0.16 fixed the crash (#1193212) * Tue Feb 24 2015 Colin Walters - 219-6- Revert patch that breaks Atomic/OSTree (#1195761) * Fri Feb 20 2015 Michal Schmidt - 219-5- Undo the resolv.conf workaround, Aim for a proper fix in Rawhide. * Fri Feb 20 2015 Michal Schmidt - 219-4- Revive fedora-disable-resolv.conf-symlink.patch to unbreak composes. * Wed Feb 18 2015 Michal Schmidt - 219-3- arm: disabling gold did not help; disable lto instead (#1193212) * Tue Feb 17 2015 Peter Jones - 219-2- Update 90-default.present for dbxtool. * Mon Feb 16 2015 Lennart Poettering - 219-1- New upstream release- This removes the sysctl/bridge hack, a different solution needs to be found for this (see #634736)- This removes the /etc/resolv.conf hack, anaconda needs to fix their handling of /etc/resolv.conf as symlink- This enables \"%check\"- disable gold on arm, as that is broken (see #1193212) * Mon Feb 16 2015 Peter Robinson 218-6- aarch64 now has seccomp support * Thu Feb 05 2015 Michal Schmidt - 218-5- Don\'t overwrite systemd.macros with unrelated Source file. * Thu Feb 05 2015 Jan Synáček - 218-4- Add a touchpad hwdb (#1189319) * Thu Jan 15 2015 Zbigniew Jędrzejewski-Szmek - 218-4- Enable xkbcommon dependency to allow checking of keymaps- Fix permissions of /var/log/journal (#1048424)- Enable timedatex in presets (#1187072)- Disable rpcbind in presets (#1099595) * Wed Jan 07 2015 Jan Synáček - 218-3- RFE: journal: automatically rotate the file if it is unlinked (#1171719) * Mon Jan 05 2015 Zbigniew Jędrzejewski-Szmek - 218-3- Add firewall description files (#1176626) * Thu Dec 18 2014 Jan Synáček - 218-2- systemd-nspawn doesn\'t work on s390/s390x (#1175394) * Wed Dec 10 2014 Lennart Poettering - 218-1- New upstream release- Enable \"nss-mymachines\" in /etc/nsswitch.conf * Thu Nov 06 2014 Zbigniew Jędrzejewski-Szmek - 217-4- Change libgudev1 to only require systemd-libs (#727499), there\'s no need to require full systemd stack.- Fixes for bugs #1159448, #1152220, #1158035.- Bash completions updates to allow propose more units for start/restart, and completions for set-default,get-default.- Again allow systemctl enable of instances.- Hardware database update and fixes.- Udev crash on invalid options and kernel commandline timeout parsing are fixed.- Add \"embedded\" chassis type.- Sync before \'reboot -f\'.- Fix restarting of timer units. * Wed Nov 05 2014 Michal Schmidt - 217-3- Fix hanging journal flush (#1159641) * Fri Oct 31 2014 Michal Schmidt - 217-2- Fix ordering cycles involving systemd-journal-flush.service and remote-fs.target (#1159117) * Tue Oct 28 2014 Lennart Poettering - 217-1- New upstream release * Fri Oct 17 2014 Zbigniew Jędrzejewski-Szmek - 216-12- Drop PackageKit.service from presets (#1154126) * Mon Oct 13 2014 Zbigniew Jędrzejewski-Szmek - 216-11- Conflict with old versions of initscripts (#1152183)- Remove obsolete Finnish keymap (#1151958) * Fri Oct 10 2014 Zbigniew Jędrzejewski-Szmek - 216-10- Fix a problem with voluntary daemon exits and some other bugs (#1150477, #1095962, #1150289) * Fri Oct 03 2014 Zbigniew Jędrzejewski-Szmek - 216-9- Update to latest git, but without the readahead removal patch (#1114786, #634736) * Wed Oct 01 2014 Kay Sievers - 216-8- revert \"don\'t reset selinux context during CHANGE events\" * Wed Oct 01 2014 Lukáš Nykrýn - 216-7- add temporary workaround for #1147910- don\'t reset selinux context during CHANGE events * Wed Sep 10 2014 Michal Schmidt - 216-6- Update timesyncd with patches to avoid hitting NTP pool too often. * Tue Sep 09 2014 Michal Schmidt - 216-5- Use common CONFIGURE_OPTS for build2 and build3.- Configure timesyncd with NTP servers from Fedora/RHEL vendor zone. * Wed Sep 03 2014 Zbigniew Jędrzejewski-Szmek - 216-4- Move config files for sd-j-remote/upload to sd-journal-gateway subpackage (#1136580) * Thu Aug 28 2014 Peter Robinson 216-3- Drop no LTO build option for aarch64/s390 now it\'s fixed in binutils (RHBZ 1091611) * Thu Aug 21 2014 Zbigniew Jędrzejewski-Szmek - 216-2- Re-add patch to disable resolve.conf symlink (#1043119) * Wed Aug 20 2014 Lennart Poettering - 216-1- New upstream release * Mon Aug 18 2014 Fedora Release Engineering - 215-12- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Wed Aug 13 2014 Dan Horák 215-11- disable LTO also on s390(x) * Sat Aug 09 2014 Harald Hoyer 215-10- fixed PPC64LE * Wed Aug 06 2014 Tom Callaway - 215-9- fix license handling * Wed Jul 30 2014 Zbigniew Jędrzejewski-Szmek - 215-8- Create systemd-journal-remote and systemd-journal-upload users (#1118907) * Thu Jul 24 2014 Zbigniew Jędrzejewski-Szmek - 215-7- Split out systemd-compat-libs subpackage * Tue Jul 22 2014 Kalev Lember - 215-6- Rebuilt for gobject-introspection 1.41.4 * Mon Jul 21 2014 Zbigniew Jędrzejewski-Szmek - 215-5- Fix SELinux context of /etc/passwd-, /etc/group-, /etc/.updated (#1121806)- Add missing BR so gnutls and elfutils are used * Sat Jul 19 2014 Zbigniew Jędrzejewski-Szmek - 215-4- Various man page updates- Static device node logic is conditionalized on CAP_SYS_MODULES instead of CAP_MKNOD for better behaviour in containers- Some small networkd link handling fixes- vconsole-setup runs setfont before loadkeys (https://bugs.freedesktop.org/show_bug.cgi?id=80685)- New systemd-escape tool- XZ compression settings are tweaked to greatly improve journald performance- \"watch\" is accepted as chassis type- Various sysusers fixes, most importantly correct selinux labels- systemd-timesyncd bug fix (https://bugs.freedesktop.org/show_bug.cgi?id=80932)- Shell completion improvements- New udev tag ID_SOFTWARE_RADIO can be used to instruct logind to allow user access- XEN and s390 virtualization is properly detected * Mon Jul 07 2014 Colin Walters - 215-3- Add patch to disable resolve.conf symlink (#1043119) * Sun Jul 06 2014 Zbigniew Jędrzejewski-Szmek - 215-2- Move systemd-journal-remote to systemd-journal-gateway package (#1114688)- Disable /etc/mtab handling temporarily (#1116158) * Thu Jul 03 2014 Lennart Poettering - 215-1- New upstream release- Enable coredump logic (which abrt would normally override) * Sun Jun 29 2014 Peter Robinson 214-5- On aarch64 disable LTO as it still has issues on that arch * Thu Jun 26 2014 Zbigniew Jędrzejewski-Szmek - 214-4- Bugfixes (#996133, #1112908) * Mon Jun 23 2014 Zbigniew Jędrzejewski-Szmek - 214-3- Actually create input group (#1054549) * Sun Jun 22 2014 Zbigniew Jędrzejewski-Szmek - 214-2- Do not restart systemd-logind on upgrades (#1110697)- Add some patches (#1081429, #1054549, #1108568, #928962) * Wed Jun 11 2014 Lennart Poettering - 214-1- New upstream release- Get rid of \"floppy\" group, since udev uses \"disk\" now- Reenable LTO * Sun Jun 08 2014 Fedora Release Engineering - 213-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed May 28 2014 Kay Sievers - 213-3- fix systemd-timesync user creation * Wed May 28 2014 Michal Sekletar - 213-2- Create temporary files after installation (#1101983)- Add sysstat-collect.timer, sysstat-summary.timer to preset policy (#1101621) * Wed May 28 2014 Kay Sievers - 213-1- New upstream release * Tue May 27 2014 Kalev Lember - 212-6- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 * Fri May 23 2014 Adam Williamson - 212-5- revert change from 212-4, causes boot fail on single CPU boxes (RHBZ 1095891) * Wed May 07 2014 Kay Sievers - 212-4- add netns udev workaround * Wed May 07 2014 Michal Sekletar - 212-3- enable uuidd.socket by default (#1095353) * Sat Apr 26 2014 Peter Robinson 212-2- Disable building with -flto for the moment due to gcc 4.9 issues (RHBZ 1091611) * Tue Mar 25 2014 Lennart Poettering - 212-1- New upstream release * Mon Mar 17 2014 Peter Robinson 211-2- Explicitly define which upstream platforms support libseccomp * Tue Mar 11 2014 Lennart Poettering - 211-1- New upstream release * Mon Mar 10 2014 Zbigniew Jędrzejewski-Szmek - 210-8- Fix logind unpriviledged reboot issue and a few other minor fixes- Limit generator execution time- Recognize buttonless joystick types * Fri Mar 07 2014 Karsten Hopp 210-7- ppc64le needs link warnings disabled, too * Fri Mar 07 2014 Karsten Hopp 210-6- move ifarch ppc64le to correct place (libseccomp req) * Fri Mar 07 2014 Zbigniew Jędrzejewski-Szmek - 210-5- Bugfixes: #1047568, #1047039, #1071128, #1073402- Bash completions for more systemd tools- Bluetooth database update- Manpage fixes * Thu Mar 06 2014 Zbigniew Jędrzejewski-Szmek - 210-4- Apply work-around for ppc64le too (#1073647). * Sat Mar 01 2014 Zbigniew Jędrzejewski-Szmek - 210-3- Backport a few patches, add completion for systemd-nspawn. * Fri Feb 28 2014 Zbigniew Jędrzejewski-Szmek - 210-3- Apply work-arounds for ppc/ppc64 for bugs 1071278 and 1071284 * Mon Feb 24 2014 Lennart Poettering - 210-2- Check more services against preset list and enable by default * Mon Feb 24 2014 Lennart Poettering - 210-1- new upstream release * Sun Feb 23 2014 Zbigniew Jędrzejewski-Szmek - 209-2.gitf01de96- Enable dnssec-triggerd.service by default (#1060754) | |