+systemd (249.4-1) experimental; urgency=medium
+
+ * New upstream version 249.4
+ * Rebase patches
+
+ -- Michael Biebl <biebl@debian.org> Mon, 30 Aug 2021 11:20:16 +0200
+
+systemd (249.3-4) experimental; urgency=medium
+
+ * Add Conflicts/Replaces: systemd to systemd-standalone-{sysusers,tmpfiles}
+ This allows upgrades from older systemd versions which do not have
+ Provides: systemd-{sysusers,tmpfiles}. (Closes: #992376)
+
+ -- Michael Biebl <biebl@debian.org> Wed, 25 Aug 2021 09:35:03 +0200
+
+systemd (249.3-3) experimental; urgency=medium
+
+ * Use C/R/P for systemd-sysusers and systemd-tmpfiles.
+ It's an interface/facility that can only be provided by a single package
+ at a time.
+
+ -- Michael Biebl <biebl@debian.org> Thu, 12 Aug 2021 22:45:02 +0200
+
+systemd (249.3-2) experimental; urgency=medium
+
+ * Provide standalone binaries for sysusers and tmpfiles (Closes: #946456)
+ * Fix test dependencies of upstream test.
+ After splitting out the standalone binaries for sysusers and tmpfiles
+ into separate packages (which conflict with the main systemd package),
+ we can no longer use the '@' notation in the upstream test.
+ This reverts commit 5eeeb1b562a1a9802df105091bda4741c263336d and also
+ adds systemd-tests and systemd-timesyncd to the upstream test
+ dependencies.
+
+ -- Michael Biebl <biebl@debian.org> Sun, 08 Aug 2021 22:51:18 +0200
+
+systemd (249.3-1) experimental; urgency=medium
+
+ * New upstream version 249.3
+ * Rebase patches
+ * Remove obsolete systemd-resolve compat symlink
+
+ -- Michael Biebl <biebl@debian.org> Sun, 08 Aug 2021 22:39:25 +0200
+
+systemd (249.2-2) experimental; urgency=medium
+
+ * Remove obsolete upgrade code from maintainer scripts
+ * Clean up old versions from maintscript files
+ * Drop obsolete systemd Breaks/Replaces
+ * Drop obsolete python-dbusmock Breaks
+ * Turn versioned systemd-shim Breaks into unversioned Conflicts.
+ There never was a fixed systemd-shim version before it was removed from
+ the archive.
+ * Drop patches which are no longer needed after bullseye
+ * Stop setting up device symlinks for CD-RW/DVD drives.
+ Those udev rules were a Debian specific workaround that were mainly
+ added for compat with older software which wasn't able to automatically
+ discover those types of devices. Those rules didn't provide
+ stable/predictable names though, so remove them. (Closes: #991639)
+ * autopkgtest: add systemd-timesyncd dependency to timedated test.
+ We need systemd-timesyncd in the timedated test, not just an arbitrary
+ provider of time-daemon.
+ * autopkgtest: clean up dependencies of boot-smoke test.
+ A lot of the dependencies are not needed but were originally added to
+ avoid a testbed reset and make it possible to reuse the testbed of the
+ upstream test. This turned out to be a maintenance problem and the
+ dependencies were not updated accordingly. Instead of trying to keep the
+ two tests in sync, trim down the boot-smoke dependencies to its bare
+ minimum.
+
+ -- Michael Biebl <biebl@debian.org> Sat, 31 Jul 2021 21:49:05 +0200
+
+systemd (249.2-1) experimental; urgency=medium
+
+ * New upstream version 249.2
+ * Rebase patches
+
+ -- Michael Biebl <biebl@debian.org> Fri, 23 Jul 2021 21:44:35 +0200
+
+systemd (249.1-1) experimental; urgency=medium
+
+ * New upstream version 249.1
+ - basic/unit-name: do not use strdupa() on a path (CVE-2021-33910)
+
+ -- Michael Biebl <biebl@debian.org> Tue, 20 Jul 2021 21:20:12 +0200
+
+systemd (249-1) experimental; urgency=medium
+
+ * New upstream version 249
+ * Rebase patches
+ * Update symbol versions for the v249 release
+ * Fix removal of systemd-hwdb-update.service.
+ As we don't support factory-reset, we don't need this service.
+ In Debian, the hwdb binary database is updated via a dpkg file trigger.
+
+ -- Michael Biebl <biebl@debian.org> Wed, 07 Jul 2021 22:33:31 +0200
+
+systemd (249~rc3-1) experimental; urgency=medium
+
+ * New upstream version 249~rc3
+ * Rebase patches
+
+ -- Michael Biebl <biebl@debian.org> Thu, 01 Jul 2021 23:55:11 +0200
+
+systemd (249~rc2-1) experimental; urgency=medium
+
+ * New upstream version 249~rc2
+ * Rebase patches
+
+ -- Michael Biebl <biebl@debian.org> Sun, 27 Jun 2021 17:10:18 +0200
+
+systemd (249~rc1-1) experimental; urgency=medium
+
+ [ Michael Biebl ]
+ * New upstream version 249~rc1
+ * Rebase patches
+ * Replace m4 Build-Depends with python3-jinja2
+ * Update symbols file for libsystemd0
+ * test: do not run 'meson configure' if NO_BUILD is set
+ * test: drop the mawk-incompatible expression
+ * Add gawk <!nocheck> to Build-Depends.
+ It is used in tools/check-directives.sh which is run during "meson test".
+ * autopkgtest: add udev dependency to unit-tests.
+ Without a properly set up hwdb the test-sd-hwdb test is skipped.
+
+ [ Luca Boccassi ]
+ * autopkgtest: add dependency on dosfstools for upstream test.
+ Needed to create EFI partition (vfat)
+
+ -- Michael Biebl <biebl@debian.org> Thu, 17 Jun 2021 18:09:43 +0200
+
+systemd (248.3-1) experimental; urgency=medium
+
+ [ Michael Biebl ]
+ * New upstream version 248.3
+ * Rebase patches
+
+ [ Dan Streetman ]
+ * d/t: replace 'root-unittests' shell script with simple call to upstream script.
+ The upstream test runner script is much better, as it only prints failing test
+ output, and gives a summary of the test results at the end.
+
+ -- Michael Biebl <biebl@debian.org> Wed, 19 May 2021 13:09:57 +0200
+
+systemd (248.2-1) experimental; urgency=medium
+
+ * New upstream version 248.2
+
+ -- Michael Biebl <biebl@debian.org> Sun, 09 May 2021 21:17:10 +0200
+
+systemd (248.1-1) experimental; urgency=medium
+
+ [ Michael Biebl ]
+ * New upstream version 248.1
+ * Rebase patches
+ * d/e/checkout-upstream: switch to main branch
+ * Update make-fbdev-blacklist to not blacklist hyperv_fb
+
+ [ Luca Boccassi ]
+ * systemd.install: catch all files installed in usr/bin and bin.
+ At the moment, individual binaries are mentioned specifically in the
+ install file. When new binaries are added, manual work is needed to get
+ them packaged, which affects the upstream autopkgtest-based CI.
+ Change systemd.install to instead pick up everything from usr/bin and bin.
+ * upstream suite: add build-dep on vim-tiny.
+ Required by some of the images in the upstream test suite
+
+ [ Zbigniew Jędrzejewski-Szmek ]
+ * Let "upstream" test use upstream test runner
+
+ [ Dan Streetman ]
+ * Slight adjustments to previous patch for deny/black-list naming.
+ Also add in two vars used by the integration runner script
+ * d/t/upstream: use NO_BUILD=1.
+ Also don't bother sed-modifying test-functions file, as the NO_BUILD
+ changes remove the need for that.
+ * d/t/control: install all binary packages for upstream test.
+ With the change to just call the upstream script to run the integration
+ tests, the packages to test need to be installed so the test-function
+ script can list out the files each package contains, and copy those files
+ into each nspawn and/or qemu testbed. Without all packages installed,
+ some tests fail; specifically TEST-30 currently requires systemd-timesyncd
+ which was not previously installed for the 'upstream' test suite.
+ This changes the control file to just install all binary packages, using
+ the '@' notation.
+ * d/t/boot-smoke: update test to avoid false negatives
+
+ [ Frantisek Sumsal ]
+ * upstream-ci: fix test_no_failed() check.
+ Without `--plain` `systemctl` prints a circle (●) in the first column
+ for each failed service, which with the current code interferes with
+ attempted journal listing for each such service.
+
+ -- Michael Biebl <biebl@debian.org> Fri, 07 May 2021 12:25:15 +0200
+
+systemd (248-1) experimental; urgency=medium
+
+ [ Balint Reczey ]
+ * New upstream version 248
+ - add support for answering DNSSEC questions on the stub resolver
+ (Closes: #988132)
+ - turn off DNSSEC validation when timesyncd resolves hostnames
+ (Closes: #898530)
+ - add networkd/nspawn nftables backend
+ (Closes: #934584)
+ - support ipv6 for masquerade and dnat in nspawn and networkd
+ (Closes: #934676)
+ * Refresh patches
+ * debian/rules: Enable new systemd-sysext tool
+ * debian/rules: Build support for flushing of the nscd caches
+ * debian/rules: Build translations for debs but not for udebs
+ * debian/rules: Build without TPM2 support.
+ This is a new feature and needs further review.
+ * Ship systemd-cryptenroll in systemd package
+ * Update symbols file for libsystemd0
+ * debian/tests/control: Upstream test depends on attr
+ * debian/udev.postinst: Create the sgx system group.
+ Intel SGX enclave device nodes are now owned by this group.
+ * debian/rules: Don't ship README files in (/usr)/lib/*.d.
+ README files are typically shipped in /usr/share/doc.
+ * Revert "pager: stop disabling urlification under a pager"
+ Debian and Ubuntu do not yet have a less version that supports
+ urlification. This requires less 563 or later.
+
+ -- Michael Biebl <biebl@debian.org> Thu, 06 May 2021 23:00:08 +0200
+
+ systemd (247.9-4) unstable; urgency=medium
+
+ * Revert "tests/udev-test.pl: add multiple device test"
+ Follow-up to make sure the udev autopkgtest passes successfully again
+ after reverting the multipath symlink race fix.
+ * test: Fix flakiness in TEST-10-ISSUE-2467
+ * autopktest: Fix timedated test dependencies.
+ Add an explicit systemd-timesyncd dependency as it is required by the
+ timedated test.
+ * autopkgtest: Merge configuration of logind test with timedated and related
+ tests.
+ They share the same restrictions and merging them avoids a bit of
+ duplication.
+ * Revert "test: disable DnsmasqClientTest.test_resolved_etc_hosts in
+ networkd-test.py"
+ Let's see if this test is still flaky on debci.
+ * networkd-test: fix resolved_domain_restricted_dns.
+ Cherry-pick upstream commit which hopefully fixes the flakiness in
+ DnsmasqClientTest.test_resolved_domain_restricted_dns.
+
+ -- Michael Biebl <biebl@debian.org> Fri, 01 Oct 2021 10:12:14 +0200
+
+ systemd (247.9-3) unstable; urgency=medium
+
+ * Revert multipath symlink race fix.
+ Revert upstream commits which caused a regression in udev resulting in
+ long delays when processing partitions with the same label.
+ (Closes: #993738)
+
+ -- Michael Biebl <biebl@debian.org> Sat, 25 Sep 2021 22:01:17 +0200
+
+ systemd (247.9-2) unstable; urgency=medium
+
+ * Demote systemd-timesyncd from Depends to Recommends.
+ This avoids a dependency cycle between systemd and systemd-timesyncd and
+ thus makes dist upgrades more predictable and robust.
+ It also allows minimal, systemd based containers where no NTP client is
+ strictly necessary.
+ To ensure that systemd-timesyncd is installed in a default installation
+ created by d-i, bump its priority to standard. (Closes: #986651, #993947)
+
+ -- Michael Biebl <biebl@debian.org> Wed, 22 Sep 2021 21:10:53 +0200
+
+ systemd (247.9-1) unstable; urgency=medium
+
+ [ Michael Biebl ]
+ * New upstream version 247.9
+ * Rebase patches
+ * Fix removal of systemd-hwdb-update.service.
+ As we don't support factory-reset, we don't need this service.
+ In Debian, the hwdb binary database is updated via a dpkg file trigger.
+
+ [ Balint Reczey ]
+ * debian/rules: Don't ship README files in (/usr)/lib/*.d.
+ README files are typically shipped in /usr/share/doc.
+
+ -- Michael Biebl <biebl@debian.org> Sun, 15 Aug 2021 21:10:56 +0200
+
+ systemd (247.3-6) unstable; urgency=high
+
+ * Non-maintainer upload (acked by maintainers)
+ * unit-name: generate a clear error code when converting an overly long fs
+ path to a unit name
+ * basic/unit-name: do not use strdupa() on a path (CVE-2021-33910)
+ * basic/unit-name: adjust comments
+
+ -- Salvatore Bonaccorso <carnil@debian.org> Tue, 13 Jul 2021 19:29:24 +0200
+
systemd (247.3-5) unstable; urgency=medium
* udev-udeb: setup /dev/fd, /dev/std{in,out,err} symlinks.
--- /dev/null
- test/networkd-test.py | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
+ From: Michael Biebl <biebl@debian.org>
+ Date: Fri, 1 Oct 2021 01:00:28 +0200
+ Subject: networkd-test: fix resolved_domain_restricted_dns
+
+ megasearch.net was meant to be a non-existing bogus domain, and had been
+ for a long time. But it seems some domain grabber recently registered
+ it, and it's an actual thing now:
+
+ $ host megasearch.net
+ megasearch.net has address 207.148.248.143
+
+ This causes the test to fail randomly.
+
+ Use search.example.com instead which yields
+
+ $ host search.example.com
+ Host search.example.com not found: 3(NXDOMAIN)
+
+ Fixes: #18357
+ (cherry picked from commit 528dd6a42389fcf4aa490c0fa0d858772e930d13)
+ ---
-index 8496ec8..8cdb600 100755
++ test/networkd-test.py | 10 +++++-----
++ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+ diff --git a/test/networkd-test.py b/test/networkd-test.py
-@@ -656,8 +656,8 @@ Domains= ~company ~lab''')
++index 799df08..6062207 100755
+ --- a/test/networkd-test.py
+ +++ b/test/networkd-test.py
-@@ -671,8 +671,8 @@ Domains= ~company ~lab''')
++@@ -635,7 +635,7 @@ Name={}
++ [Network]
++ DHCP=ipv4
++ IPv6AcceptRA=False
++-DNSSECNegativeTrustAnchors=megasearch.net
+++DNSSECNegativeTrustAnchors=search.example.com
++ '''.format(self.iface))
++
++ # create second device/dnsmasq for a .company/.lab VPN interface
++@@ -681,8 +681,8 @@ DNSSECNegativeTrustAnchors=company lab
+ self.assertIn(b'kettle.cantina.company: 10.241.4.4', out)
+
+ # test general domains
+ - out = subprocess.check_output(['resolvectl', 'query', 'megasearch.net'])
+ - self.assertIn(b'megasearch.net: 192.168.42.1', out)
+ + out = subprocess.check_output(['resolvectl', 'query', 'search.example.com'])
+ + self.assertIn(b'search.example.com: 192.168.42.1', out)
+
+ with open(self.dnsmasq_log) as f:
+ general_log = f.read()
++@@ -696,8 +696,8 @@ DNSSECNegativeTrustAnchors=company lab
+ self.assertNotIn('.company', general_log)
+
+ # general domains should not be sent to the VPN DNS
+ - self.assertRegex(general_log, 'query.*megasearch.net')
+ - self.assertNotIn('megasearch.net', vpn_log)
+ + self.assertRegex(general_log, 'query.*search.example.com')
+ + self.assertNotIn('search.example.com', vpn_log)
+
+ def test_resolved_etc_hosts(self):
+ '''resolved queries to /etc/hosts'''