Ubuntu
systemd package

Bug #1846787
Activity log

Activity log for bug #1846787

Date	Who	What changed	Old value	New value	Message
2019-10-04 15:50:27	Heitor Alves de Siqueira	bug			added bug
2019-10-04 15:51:12	Heitor Alves de Siqueira	bug task added		dbus (Ubuntu)
2019-10-04 15:51:23	Heitor Alves de Siqueira	nominated for series		Ubuntu Xenial
2019-10-04 15:51:23	Heitor Alves de Siqueira	bug task added		dbus (Ubuntu Xenial)
2019-10-04 15:51:23	Heitor Alves de Siqueira	bug task added		systemd (Ubuntu Xenial)
2019-10-04 15:51:35	Heitor Alves de Siqueira	dbus (Ubuntu): status	New	Fix Released
2019-10-04 15:51:36	Heitor Alves de Siqueira	systemd (Ubuntu): status	New	Fix Released
2019-10-04 15:51:47	Heitor Alves de Siqueira	dbus (Ubuntu Xenial): assignee		Heitor Alves de Siqueira (halves)
2019-10-04 15:51:49	Heitor Alves de Siqueira	systemd (Ubuntu Xenial): assignee		Heitor Alves de Siqueira (halves)
2019-10-04 15:52:56	Heitor Alves de Siqueira	description	[Impact] Scope file leakage can cause SSH delays and reduce performance in systemd [Description] The current systemd-logind version present in Xenial can leave abandoned SSH sessions and scope files in cases where the host sees a lot of concurrent SSH connections. These leftover sessions can slow down systemd performance greatly, and can have an impact on sshd handling a great number of concurrent connections. To fix this issue, patches are needed in both dbus and systemd. These improve the performance of the communication between dbus and systemd, so that they can handle a better volume of events (e.g. SSH logins). All of those patches are already present from Bionic onwards, so we only need those fixes for Xenial. == Systemd == Upstream patches: - core: use an AF_UNIX/SOCK_DGRAM socket for cgroup agent notification (d8fdc62037b5) - tree-wide: introduce new SOCKADDR_UN_LEN() macro, and use it everywhere (fc2fffe7706e) - journald: stack allocation cannot fail (23be5709e10b) $ git describe --contains d8fdc62037b5 fc2fffe7706e 23be5709e10b v230~71^2~2 v230~71^2~1 v230~71^2 $ rmadison systemd systemd \| 229-4ubuntu4 \| xenial \| source, ... systemd \| 229-4ubuntu21.21 \| xenial-security \| source, ... systemd \| 229-4ubuntu21.22 \| xenial-updates \| source, ... <-------- systemd \| 237-3ubuntu10 \| bionic \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-security \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-updates \| source, ... systemd \| 237-3ubuntu10.31 \| bionic-proposed \| source, ... == DBus == Upstream patches: - Only read one message at a time if there are fds pending (892f084eeda0) - bus: Fix timeout restarts (529600397bca) - DBusMainLoop: ensure all required timeouts are restarted (446b0d9ac75a) $ git describe --contains 892f084eeda0 529600397bca 446b0d9ac75a dbus-1.11.10~44 dbus-1.11.10~45 dbus-1.11.16~2 $ rmadison dbus dbus \| 1.10.6-1ubuntu3 \| xenial \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-security \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-updates \| source, ... <-------- dbus \| 1.12.2-1ubuntu1 \| bionic \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-security \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-updates \| source, ... [Test Case] 1) Simulate a lot of concurrent SSH connections with e.g. a for loop: multipass@xenial-logind:~$ for i in {1..1000}; do sleep 0.1; ssh localhost sleep 1 > /dev/null & done 2) Check for leaked sessions in /run/systemd/system/: multipass@xenial-logind:~$ ls -ld /run/systemd/system/session-.scope drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-103.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-104.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-105.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-106.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-110.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-111.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-112.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-113.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-114.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-115.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-116.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-117.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-118.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-119.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-120.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-121.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-122.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-123.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-126.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-131.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-134.scope.d ... [Regression Potential] The regression potential is low, as these patches have seen extensive testing both upstream and in more recent releases of Ubuntu. Nonetheless, these new packages will be rigorously tested through autopkgtest to avoid any possible Xenial-specific regressions.	[Impact] Scope file leakage can cause SSH delays and reduce performance in systemd [Description] The current systemd-logind version present in Xenial can leave abandoned SSH sessions and scope files in cases where the host sees a lot of concurrent SSH connections. These leftover sessions can slow down systemd performance greatly, and can have an impact on sshd handling a great number of concurrent connections. To fix this issue, patches are needed in both dbus and systemd. These improve the performance of the communication between dbus and systemd, so that they can handle a better volume of events (e.g. SSH logins). All of those patches are already present from Bionic onwards, so we only need those fixes for Xenial. == Systemd == Upstream patches: - core: use an AF_UNIX/SOCK_DGRAM socket for cgroup agent notification (d8fdc62037b5) - tree-wide: introduce new SOCKADDR_UN_LEN() macro, and use it everywhere (fc2fffe7706e) - journald: stack allocation cannot fail (23be5709e10b) $ git describe --contains d8fdc62037b5 fc2fffe7706e 23be5709e10b v230~71^2~2 v230~71^2~1 v230~71^2 $ rmadison systemd systemd \| 229-4ubuntu4 \| xenial \| source, ... systemd \| 229-4ubuntu21.21 \| xenial-security \| source, ... systemd \| 229-4ubuntu21.22 \| xenial-updates \| source, ... <-------- systemd \| 237-3ubuntu10 \| bionic \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-security \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-updates \| source, ... systemd \| 237-3ubuntu10.31 \| bionic-proposed \| source, ... == DBus == Upstream patches: - Only read one message at a time if there are fds pending (892f084eeda0) - bus: Fix timeout restarts (529600397bca) - DBusMainLoop: ensure all required timeouts are restarted (446b0d9ac75a) $ git describe --contains 892f084eeda0 529600397bca 446b0d9ac75a dbus-1.11.10~44 dbus-1.11.10~45 dbus-1.11.16~2 $ rmadison dbus dbus \| 1.10.6-1ubuntu3 \| xenial \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-security \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-updates \| source, ... <-------- dbus \| 1.12.2-1ubuntu1 \| bionic \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-security \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-updates \| source, ... [Test Case] 1) Simulate a lot of concurrent SSH connections with e.g. a for loop: multipass@xenial-logind:~$ for i in {1..1000}; do sleep 0.1; ssh localhost sleep 1 > /dev/null & done 2) Check for leaked sessions in /run/systemd/system/: multipass@xenial-logind:~$ ls -ld /run/systemd/system/session-.scope drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-103.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-104.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-105.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-106.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-110.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-111.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-112.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-113.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-114.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-115.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-116.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-117.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-118.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-119.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-120.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-121.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-122.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-123.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-126.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-131.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-134.scope.d ... [Regression Potential] The regression potential is low, as these patches have seen extensive testing both upstream and in more recent releases of Ubuntu. Nonetheless, these new packages will be rigorously tested through autopkgtest to avoid any possible Xenial-specific regressions.
2019-10-07 11:35:15	Heitor Alves de Siqueira	dbus (Ubuntu Xenial): status	New	In Progress
2019-10-07 11:35:16	Heitor Alves de Siqueira	systemd (Ubuntu Xenial): status	New	In Progress
2019-10-07 11:36:01	Heitor Alves de Siqueira	description	[Impact] Scope file leakage can cause SSH delays and reduce performance in systemd [Description] The current systemd-logind version present in Xenial can leave abandoned SSH sessions and scope files in cases where the host sees a lot of concurrent SSH connections. These leftover sessions can slow down systemd performance greatly, and can have an impact on sshd handling a great number of concurrent connections. To fix this issue, patches are needed in both dbus and systemd. These improve the performance of the communication between dbus and systemd, so that they can handle a better volume of events (e.g. SSH logins). All of those patches are already present from Bionic onwards, so we only need those fixes for Xenial. == Systemd == Upstream patches: - core: use an AF_UNIX/SOCK_DGRAM socket for cgroup agent notification (d8fdc62037b5) - tree-wide: introduce new SOCKADDR_UN_LEN() macro, and use it everywhere (fc2fffe7706e) - journald: stack allocation cannot fail (23be5709e10b) $ git describe --contains d8fdc62037b5 fc2fffe7706e 23be5709e10b v230~71^2~2 v230~71^2~1 v230~71^2 $ rmadison systemd systemd \| 229-4ubuntu4 \| xenial \| source, ... systemd \| 229-4ubuntu21.21 \| xenial-security \| source, ... systemd \| 229-4ubuntu21.22 \| xenial-updates \| source, ... <-------- systemd \| 237-3ubuntu10 \| bionic \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-security \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-updates \| source, ... systemd \| 237-3ubuntu10.31 \| bionic-proposed \| source, ... == DBus == Upstream patches: - Only read one message at a time if there are fds pending (892f084eeda0) - bus: Fix timeout restarts (529600397bca) - DBusMainLoop: ensure all required timeouts are restarted (446b0d9ac75a) $ git describe --contains 892f084eeda0 529600397bca 446b0d9ac75a dbus-1.11.10~44 dbus-1.11.10~45 dbus-1.11.16~2 $ rmadison dbus dbus \| 1.10.6-1ubuntu3 \| xenial \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-security \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-updates \| source, ... <-------- dbus \| 1.12.2-1ubuntu1 \| bionic \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-security \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-updates \| source, ... [Test Case] 1) Simulate a lot of concurrent SSH connections with e.g. a for loop: multipass@xenial-logind:~$ for i in {1..1000}; do sleep 0.1; ssh localhost sleep 1 > /dev/null & done 2) Check for leaked sessions in /run/systemd/system/: multipass@xenial-logind:~$ ls -ld /run/systemd/system/session-.scope drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-103.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-104.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-105.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-106.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-110.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-111.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-112.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-113.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-114.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-115.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-116.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-117.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-118.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-119.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-120.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-121.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-122.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-123.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-126.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-131.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-134.scope.d ... [Regression Potential] The regression potential is low, as these patches have seen extensive testing both upstream and in more recent releases of Ubuntu. Nonetheless, these new packages will be rigorously tested through autopkgtest to avoid any possible Xenial-specific regressions.	[Impact] Scope file leakage can cause SSH delays and reduce performance in systemd [Description] The current systemd-logind version present in Xenial can leave abandoned SSH sessions and scope files in cases where the host sees a lot of concurrent SSH connections. These leftover sessions can slow down systemd performance greatly, and can have an impact on sshd handling a great number of concurrent connections. To fix this issue, patches are needed in both dbus and systemd. These improve the performance of the communication between dbus and systemd, so that they can handle a better volume of events (e.g. SSH logins). All of those patches are already present from Bionic onwards, so we only need those fixes for Xenial. == Systemd == Upstream patches: - core: use an AF_UNIX/SOCK_DGRAM socket for cgroup agent notification (d8fdc62037b5) - tree-wide: introduce new SOCKADDR_UN_LEN() macro, and use it everywhere (fc2fffe7706e) - journald: stack allocation cannot fail (23be5709e10b) $ git describe --contains d8fdc62037b5 fc2fffe7706e 23be5709e10b v230~71^2~2 v230~71^2~1 v230~71^2 $ rmadison systemd systemd \| 229-4ubuntu4 \| xenial \| source, ... systemd \| 229-4ubuntu21.21 \| xenial-security \| source, ... systemd \| 229-4ubuntu21.22 \| xenial-updates \| source, ... <-------- systemd \| 237-3ubuntu10 \| bionic \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-security \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-updates \| source, ... systemd \| 237-3ubuntu10.31 \| bionic-proposed \| source, ... == DBus == Upstream patches: - Only read one message at a time if there are fds pending (892f084eeda0) - bus: Fix timeout restarts (529600397bca) - DBusMainLoop: ensure all required timeouts are restarted (446b0d9ac75a) $ git describe --contains 892f084eeda0 529600397bca 446b0d9ac75a dbus-1.11.10~44 dbus-1.11.10~45 dbus-1.11.16~2 $ rmadison dbus dbus \| 1.10.6-1ubuntu3 \| xenial \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-security \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-updates \| source, ... <-------- dbus \| 1.12.2-1ubuntu1 \| bionic \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-security \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-updates \| source, ... [Test Case] 1) Simulate a lot of concurrent SSH connections with e.g. a for loop: multipass@xenial-logind:~$ for i in {1..1000}; do sleep 0.1; ssh localhost sleep 1 & done 2) Check for leaked sessions in /run/systemd/system/: multipass@xenial-logind:~$ ls -ld /run/systemd/system/session-.scope drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-103.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-104.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-105.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-106.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-110.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-111.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-112.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-113.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-114.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-115.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-116.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-117.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-118.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-119.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-120.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-121.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-122.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-123.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-126.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-131.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-134.scope.d ... [Regression Potential] The regression potential is low, as these patches have seen extensive testing both upstream and in more recent releases of Ubuntu. Nonetheless, these new packages will be rigorously tested through autopkgtest to avoid any possible Xenial-specific regressions.
2019-10-07 11:48:04	Heitor Alves de Siqueira	description	[Impact] Scope file leakage can cause SSH delays and reduce performance in systemd [Description] The current systemd-logind version present in Xenial can leave abandoned SSH sessions and scope files in cases where the host sees a lot of concurrent SSH connections. These leftover sessions can slow down systemd performance greatly, and can have an impact on sshd handling a great number of concurrent connections. To fix this issue, patches are needed in both dbus and systemd. These improve the performance of the communication between dbus and systemd, so that they can handle a better volume of events (e.g. SSH logins). All of those patches are already present from Bionic onwards, so we only need those fixes for Xenial. == Systemd == Upstream patches: - core: use an AF_UNIX/SOCK_DGRAM socket for cgroup agent notification (d8fdc62037b5) - tree-wide: introduce new SOCKADDR_UN_LEN() macro, and use it everywhere (fc2fffe7706e) - journald: stack allocation cannot fail (23be5709e10b) $ git describe --contains d8fdc62037b5 fc2fffe7706e 23be5709e10b v230~71^2~2 v230~71^2~1 v230~71^2 $ rmadison systemd systemd \| 229-4ubuntu4 \| xenial \| source, ... systemd \| 229-4ubuntu21.21 \| xenial-security \| source, ... systemd \| 229-4ubuntu21.22 \| xenial-updates \| source, ... <-------- systemd \| 237-3ubuntu10 \| bionic \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-security \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-updates \| source, ... systemd \| 237-3ubuntu10.31 \| bionic-proposed \| source, ... == DBus == Upstream patches: - Only read one message at a time if there are fds pending (892f084eeda0) - bus: Fix timeout restarts (529600397bca) - DBusMainLoop: ensure all required timeouts are restarted (446b0d9ac75a) $ git describe --contains 892f084eeda0 529600397bca 446b0d9ac75a dbus-1.11.10~44 dbus-1.11.10~45 dbus-1.11.16~2 $ rmadison dbus dbus \| 1.10.6-1ubuntu3 \| xenial \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-security \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-updates \| source, ... <-------- dbus \| 1.12.2-1ubuntu1 \| bionic \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-security \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-updates \| source, ... [Test Case] 1) Simulate a lot of concurrent SSH connections with e.g. a for loop: multipass@xenial-logind:~$ for i in {1..1000}; do sleep 0.1; ssh localhost sleep 1 & done 2) Check for leaked sessions in /run/systemd/system/: multipass@xenial-logind:~$ ls -ld /run/systemd/system/session-.scope drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-103.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-104.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-105.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-106.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-110.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-111.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-112.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-113.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-114.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-115.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-116.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-117.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-118.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-119.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-120.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-121.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-122.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-123.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-126.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-131.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-134.scope.d ... [Regression Potential] The regression potential is low, as these patches have seen extensive testing both upstream and in more recent releases of Ubuntu. Nonetheless, these new packages will be rigorously tested through autopkgtest to avoid any possible Xenial-specific regressions.	[Impact] Scope file leakage can cause SSH delays and reduce performance in systemd [Description] The current systemd-logind version present in Xenial can leave abandoned SSH sessions and scope files in cases where the host sees a lot of concurrent SSH connections. These leftover sessions can slow down systemd performance greatly, and can have an impact on sshd handling a great number of concurrent connections. To fix this issue, patches are needed in both dbus and systemd. These improve the performance of the communication between dbus and systemd, so that they can handle a better volume of events (e.g. SSH logins). All of those patches are already present from Bionic onwards, so we only need those fixes for Xenial. == Systemd == Upstream patches: - core: use an AF_UNIX/SOCK_DGRAM socket for cgroup agent notification (d8fdc62037b5) $ git describe --contains d8fdc62037b5 v230~71^2~2 $ rmadison systemd systemd \| 229-4ubuntu4 \| xenial \| source, ... systemd \| 229-4ubuntu21.21 \| xenial-security \| source, ... systemd \| 229-4ubuntu21.22 \| xenial-updates \| source, ... <-------- systemd \| 237-3ubuntu10 \| bionic \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-security \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-updates \| source, ... systemd \| 237-3ubuntu10.31 \| bionic-proposed \| source, ... == DBus == Upstream patches: - Only read one message at a time if there are fds pending (892f084eeda0) - bus: Fix timeout restarts (529600397bca) - DBusMainLoop: ensure all required timeouts are restarted (446b0d9ac75a) $ git describe --contains 892f084eeda0 529600397bca 446b0d9ac75a dbus-1.11.10~44 dbus-1.11.10~45 dbus-1.11.16~2 $ rmadison dbus dbus \| 1.10.6-1ubuntu3 \| xenial \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-security \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-updates \| source, ... <-------- dbus \| 1.12.2-1ubuntu1 \| bionic \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-security \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-updates \| source, ... [Test Case] 1) Simulate a lot of concurrent SSH connections with e.g. a for loop: multipass@xenial-logind:~$ for i in {1..1000}; do sleep 0.1; ssh localhost sleep 1 & done 2) Check for leaked sessions in /run/systemd/system/: multipass@xenial-logind:~$ ls -ld /run/systemd/system/session-.scope drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-103.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-104.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-105.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-106.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-110.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-111.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-112.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-113.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-114.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-115.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-116.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-117.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-118.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-119.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-120.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-121.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-122.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-123.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-126.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-131.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-134.scope.d ... [Regression Potential] The regression potential is low, as these patches have seen extensive testing both upstream and in more recent releases of Ubuntu. Nonetheless, these new packages will be rigorously tested through autopkgtest to avoid any possible Xenial-specific regressions.
2019-10-07 11:48:43	Heitor Alves de Siqueira	tags	sts	sts sts-sponsor
2019-10-07 11:48:55	Heitor Alves de Siqueira	bug			added subscriber STS Sponsors
2019-10-07 11:49:25	Heitor Alves de Siqueira	attachment added		lp1846787-dbus-xenial.debdiff https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1846787/+attachment/5295136/+files/lp1846787-dbus-xenial.debdiff
2019-10-07 11:49:43	Heitor Alves de Siqueira	attachment added		lp1846787-systemd-xenial.debdiff https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1846787/+attachment/5295137/+files/lp1846787-systemd-xenial.debdiff
2019-10-07 13:11:03	Heitor Alves de Siqueira	description	[Impact] Scope file leakage can cause SSH delays and reduce performance in systemd [Description] The current systemd-logind version present in Xenial can leave abandoned SSH sessions and scope files in cases where the host sees a lot of concurrent SSH connections. These leftover sessions can slow down systemd performance greatly, and can have an impact on sshd handling a great number of concurrent connections. To fix this issue, patches are needed in both dbus and systemd. These improve the performance of the communication between dbus and systemd, so that they can handle a better volume of events (e.g. SSH logins). All of those patches are already present from Bionic onwards, so we only need those fixes for Xenial. == Systemd == Upstream patches: - core: use an AF_UNIX/SOCK_DGRAM socket for cgroup agent notification (d8fdc62037b5) $ git describe --contains d8fdc62037b5 v230~71^2~2 $ rmadison systemd systemd \| 229-4ubuntu4 \| xenial \| source, ... systemd \| 229-4ubuntu21.21 \| xenial-security \| source, ... systemd \| 229-4ubuntu21.22 \| xenial-updates \| source, ... <-------- systemd \| 237-3ubuntu10 \| bionic \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-security \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-updates \| source, ... systemd \| 237-3ubuntu10.31 \| bionic-proposed \| source, ... == DBus == Upstream patches: - Only read one message at a time if there are fds pending (892f084eeda0) - bus: Fix timeout restarts (529600397bca) - DBusMainLoop: ensure all required timeouts are restarted (446b0d9ac75a) $ git describe --contains 892f084eeda0 529600397bca 446b0d9ac75a dbus-1.11.10~44 dbus-1.11.10~45 dbus-1.11.16~2 $ rmadison dbus dbus \| 1.10.6-1ubuntu3 \| xenial \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-security \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-updates \| source, ... <-------- dbus \| 1.12.2-1ubuntu1 \| bionic \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-security \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-updates \| source, ... [Test Case] 1) Simulate a lot of concurrent SSH connections with e.g. a for loop: multipass@xenial-logind:~$ for i in {1..1000}; do sleep 0.1; ssh localhost sleep 1 & done 2) Check for leaked sessions in /run/systemd/system/: multipass@xenial-logind:~$ ls -ld /run/systemd/system/session-.scope drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-103.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-104.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-105.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-106.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-110.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-111.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-112.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-113.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-114.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-115.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-116.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-117.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-118.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-119.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-120.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-121.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-122.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-123.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-126.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-131.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-134.scope.d ... [Regression Potential] The regression potential is low, as these patches have seen extensive testing both upstream and in more recent releases of Ubuntu. Nonetheless, these new packages will be rigorously tested through autopkgtest to avoid any possible Xenial-specific regressions.	[Impact] Scope file leakage can cause SSH delays and reduce performance in systemd [Description] The current systemd-logind version present in Xenial can leave abandoned SSH sessions and scope files in cases where the host sees a lot of concurrent SSH connections. These leftover sessions can slow down systemd performance greatly, and can have an impact on sshd handling a great number of concurrent connections. To fix this issue, patches are needed in both dbus and systemd. These improve the performance of the communication between dbus and systemd, so that they can handle a better volume of events (e.g. SSH logins). All of those patches are already present from Bionic onwards, so we only need those fixes for Xenial. == Systemd == Upstream patches: - core: use an AF_UNIX/SOCK_DGRAM socket for cgroup agent notification (d8fdc62037b5) $ git describe --contains d8fdc62037b5 v230~71^2~2 $ rmadison systemd systemd \| 229-4ubuntu4 \| xenial \| source, ... systemd \| 229-4ubuntu21.21 \| xenial-security \| source, ... systemd \| 229-4ubuntu21.22 \| xenial-updates \| source, ... <-------- systemd \| 237-3ubuntu10 \| bionic \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-security \| source, ... systemd \| 237-3ubuntu10.29 \| bionic-updates \| source, ... systemd \| 237-3ubuntu10.31 \| bionic-proposed \| source, ... == DBus == Upstream patches: - Only read one message at a time if there are fds pending (892f084eeda0) - bus: Fix timeout restarts (529600397bca) - DBusMainLoop: ensure all required timeouts are restarted (446b0d9ac75a) $ git describe --contains 892f084eeda0 529600397bca 446b0d9ac75a dbus-1.11.10~44 dbus-1.11.10~45 dbus-1.11.16~2 $ rmadison dbus dbus \| 1.10.6-1ubuntu3 \| xenial \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-security \| source, ... dbus \| 1.10.6-1ubuntu3.4 \| xenial-updates \| source, ... <-------- dbus \| 1.12.2-1ubuntu1 \| bionic \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-security \| source, ... dbus \| 1.12.2-1ubuntu1.1 \| bionic-updates \| source, ... [Test Case] 1) Simulate a lot of concurrent SSH connections with e.g. a for loop: multipass@xenial-logind:~$ for i in {1..1000}; do sleep 0.1; ssh localhost sleep 1 & done 2) Check for leaked sessions in /run/systemd/system/: multipass@xenial-logind:~$ ls -ld /run/systemd/system/session-.scope drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-103.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-104.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-105.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-106.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-110.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-111.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-112.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-113.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-114.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-115.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-116.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-117.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-118.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-119.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-120.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-121.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-122.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-123.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-126.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-131.scope.d drwxr-xr-x 2 root root 160 Oct 4 15:34 /run/systemd/system/session-134.scope.d ... [Regression Potential] As the patches change the communication socket between dbus and systemd, possible regressions could cause systemd to not be notified of dbus events and vice-versa. We could see units not getting started properly, and communication between different services break down (e.g. between systemd-logind and other processes). In this case, the regression potential should be low as these patches have seen extensive testing both upstream and in more recent releases of Ubuntu. Nonetheless, these new packages will be rigorously tested through autopkgtest to avoid any possible Xenial-specific regressions.
2019-10-07 13:11:54	Dan Streetman	systemd (Ubuntu Xenial): importance	Undecided	Medium
2019-10-07 13:11:57	Dan Streetman	systemd (Ubuntu): importance	Undecided	Medium
2019-10-07 13:12:00	Dan Streetman	dbus (Ubuntu): importance	Undecided	Medium
2019-10-07 13:12:02	Dan Streetman	dbus (Ubuntu Xenial): importance	Undecided	Medium
2019-10-07 13:13:51	Dan Streetman	tags	sts sts-sponsor	ddstreet sts sts-sponsor sts-sponsor-ddstreet systemd xenial
2019-10-08 19:00:18	Mauricio Faria de Oliveira	bug			added subscriber Mauricio Faria de Oliveira
2019-10-17 23:45:56	Robie Basak	bug			added subscriber Robie Basak
2019-11-06 12:09:00	geoff mcleod	bug			added subscriber geoff mcleod
2019-11-25 17:18:45	Steve Langasek	systemd (Ubuntu Xenial): status	In Progress	Incomplete
2019-11-25 17:32:55	Brian Murray	bug			added subscriber Balint Reczey
2019-11-25 17:33:00	Brian Murray	bug			added subscriber Brian Murray
2019-11-26 19:15:05	Dan Streetman	systemd (Ubuntu Xenial): status	Incomplete	In Progress
2019-11-26 22:20:01	Brian Murray	systemd (Ubuntu Xenial): status	In Progress	Fix Committed
2019-11-26 22:20:04	Brian Murray	bug			added subscriber Ubuntu Stable Release Updates Team
2019-11-26 22:20:07	Brian Murray	bug			added subscriber SRU Verification
2019-11-26 22:20:15	Brian Murray	tags	ddstreet sts sts-sponsor sts-sponsor-ddstreet systemd xenial	ddstreet sts sts-sponsor sts-sponsor-ddstreet systemd verification-needed verification-needed-xenial xenial
2019-11-29 12:33:00	Timo Aaltonen	dbus (Ubuntu Xenial): status	In Progress	Fix Committed
2019-12-03 20:36:11	Mauricio Faria de Oliveira	tags	ddstreet sts sts-sponsor sts-sponsor-ddstreet systemd verification-needed verification-needed-xenial xenial	ddstreet sts sts-sponsor sts-sponsor-ddstreet systemd verification-done-xenial verification-needed xenial
2019-12-03 20:36:49	Mauricio Faria de Oliveira	tags	ddstreet sts sts-sponsor sts-sponsor-ddstreet systemd verification-done-xenial verification-needed xenial	ddstreet sts sts-sponsor sts-sponsor-ddstreet systemd verification-done verification-done-xenial xenial
2019-12-05 13:01:18	Łukasz Zemczak	removed subscriber Ubuntu Stable Release Updates Team
2019-12-05 13:01:17	Launchpad Janitor	systemd (Ubuntu Xenial): status	Fix Committed	Fix Released
2019-12-05 16:28:58	Eric Desrochers	bug			added subscriber Eric Desrochers
2019-12-05 16:29:01	Eric Desrochers	removed subscriber STS Sponsors
2019-12-05 16:29:11	Eric Desrochers	bug			added subscriber Dan Streetman
2019-12-05 16:32:21	Dan Streetman	tags	ddstreet sts sts-sponsor sts-sponsor-ddstreet systemd verification-done verification-done-xenial xenial	sts sts-sponsor systemd verification-done verification-done-xenial xenial
2019-12-09 08:36:08	Launchpad Janitor	dbus (Ubuntu Xenial): status	Fix Committed	Fix Released

Ubuntusystemd package

Activity log for bug #1846787

Ubuntu
systemd package