[Bugs] [Bug 11597] New: [fix 21] systemd 249-1.gitfab79a.12

bugzilla bugzilla на rosalinux.ru
Ср Ноя 3 23:50:55 MSK 2021 

https://bugzilla.rosalinux.ru/show_bug.cgi?id=11597

          Platform: 2021.1
            Bug ID: 11597
           Summary: [fix 21] systemd 249-1.gitfab79a.12
    Classification: ROSA-based products
           Product: ROSA Fresh
           Version: All
          Hardware: All
                OS: Linux
            Status: CONFIRMED
          Severity: normal
          Priority: Normal
         Component: Packages from Main
          Assignee: bugs на lists.rosalinux.ru
          Reporter: m.novosyolov на rosalinux.ru
        QA Contact: bugs на lists.rosalinux.ru
  Target Milestone: ---

********* QA ADVISORY **********

libseccomp 2.5.2-1

- updated from 2.5.1 to 2.5.2
- fixed building without %check

https://abf.io/build_lists/3950847
https://abf.io/build_lists/3950848
https://abf.io/build_lists/3950858



systemd 249-1.gitfab79a.12
**************************

- Disable DNSSEC in systemd-resolved by default

DNSSEC implementation in systemd-resolved is unreliable and causes random
failures of DNSSEC validation. Fedora disables it
(https://fedoraproject.org/wiki/Changes/systemd-resolved#DNSSEC). Disable it in
ROSA (set -Ddefault-dnssec=no) by default, it can be enabled via
/etc/systemd/resolved.conf or resolvectl(1).

Commit:
https://abf.io/import/systemd/commit/d0d22ad5b609ce71b6bce9ff017c3b8d68e31098
Fixes: https://bugzilla.rosalinux.ru/show_bug.cgi?id=11569
**************************

- Disable mDNS resolution via systemd-resolved by default

Let Avahi handle mDNS resolution, see:
https://bugzilla.redhat.com/show_bug.cgi?id=1867830
when both avahi and resolved run, they conflict. If we put mdns_minimal before
resolve in /etc/nsswitch.conf, than it is resolved who will actually do DNS
resolution, not Avahi.
Avahi, as an implementation of mDNS, is important because it can not only
resolve DNS, but also announce local service, we do it in openssh-server for
example.
So choosing to leave Avahi as it is for now. resolved will not respond for
mDNS-related DNS queries.

Disable LLMNR responding by default to avoid strange problems (see
rhbz#1867830) and listening to a port on 0.0.0.0 (security issue).
LLMNR resolving is still enabled by default.

Disabled functionality can be reenabled via /etc/systemd/resolved.conf or
resolvectl(1).

Commit:
https://abf.io/import/systemd/commit/ec66f86b9ee3905574627f653d9352464a1ad62f
Fixes: https://bugzilla.rosalinux.ru/show_bug.cgi?id=11570
Fixes: https://bugzilla.rosalinux.ru/show_bug.cgi?id=11534
Fixes: https://bugzilla.rosalinux.ru/show_bug.cgi?id=11328
**************************

- Make Yandex DNS have higher priority than Google ones

Most users of ROSA are in Russia. Yandex is a Russian service. Also, many
people have ping to Yandex lower than to Google.

Commit:
https://abf.io/import/systemd/commit/65ec259466770bd4c8ce86e7d3c9778ec8366b08
**************************

- Fix location of oomd and udev parts

* move all oomd-related files into systemd-oomd subpackage
* move all hwdb-related files into udev subpackage
* explicitly list files in some places instead of useing globs to make this
move possible and to track files better
* move some directories from systemd to systemd-units: current subpackage
systemd-units does not make much sense, but owning some ramdom directories by
systemd while most of the are owned by systemd-units makes even less sense
* remove some no more needed Obsoletes

Commit:
https://abf.io/import/systemd/commit/b04e4f7d287feb53d7e294c376d19fa8ccae2e56
Fixes: https://bugzilla.rosalinux.ru/show_bug.cgi?id=11559
**************************

- add provides for scripts compatibility with OMV (fedya@)
Commit:
https://abf.io/import/systemd/commit/5eeaecc0e0d3a75c2e0ce1dce1b69c71e2870d17
**************************

- Remove broken symlink /etc/systemd/system/syslog.service if it points to
nowhere

Commit:
https://abf.io/import/systemd/commit/5eeaecc0e0d3a75c2e0ce1dce1b69c71e2870d17
**************************

- Remove obsolete udev rule 

"all_partitions" is not known to udev.
udisks2 package has a rule for these devices in another form:

ENV{ID_VENDOR}=="*IOMEGA*", ENV{ID_MODEL}=="*ZIP*",
ENV{ID_DRIVE_FLOPPY_ZIP}="1"

"all_partitions" meant creating block devices for every partition in old
versions of udev,
there is no such option now. Let's just remove this line.

See: https://shallowsky.com/blog/linux/udev-static-devices.html
Commit:
https://abf.io/import/systemd/commit/9c37ce53f132a94d0f1682682969fb176eaea6e8
**************************

- Disable updater of systemd-boot by default
Grub2 is used in most cases, calling bootctl does not make sense, and it fails.
Commit:
https://abf.io/import/systemd/commit/270832d886afa4028d58218af05176c4cf78d58d
**************************

- Fixed licenses
systemd is licensed under LPGL, udev is licensed under GPL
Commit:
https://abf.io/import/systemd/commit/e9ac850382dfbf53db3eba4d5ff37dcdede28daa
**************************

- Enable login in emergency mode if root account is locked
Commit:
https://abf.io/import/systemd/commit/536a67c4ad9c9b3bf21013787a5f58be95277136
Fixes: https://bugzilla.rosalinux.ru/show_bug.cgi?id=11592
**************************

https://abf.io/build_lists/3953964
https://abf.io/build_lists/3953965
https://abf.io/build_lists/3953966

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
----------- следущая часть -----------
Вложение в формате HTML было извлечено…
URL: <http://lists.rosalinux.ru/pipermail/bugs/attachments/20211103/335c3a82/attachment-0001.html>

Подробная информация о списке рассылки Bugs