Ubuntu
systemd package

systemd ships nice.conf override for wrong service

  1. Noble (24.04)
  2. Bug #2067927
Bug #2067927 reported by Nick Rosbrook
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
systemd (Ubuntu)
Fix Released
Medium
Nick Rosbrook
Noble
Fix Released
Medium
Nick Rosbrook

Bug Description

[Impact]

Prior to Noble (since Bionic or so), we shipped systemd-journald.service with Nice=-1 due to bug 1696970. In Noble, we intended to do this with a drop-in config instead of an out-of-tree patch [1]. But, this drop-in was mistakenly shipped for systemd-logind.service, instead of systemd-journald.service. This means the mitigation for bug 1696970 is no longer in place on Noble, and users could potentially see regressions.

[Test]

Check that systemd-journald.service has Nice=-1 configured (and that systemd-logind.service does not):

$ systemctl show -p Nice systemd-journald.service
$ systemctl show -p Nice systemd-logind.service

[Where problems could occur]

Clearly, we should be careful that the drop-in is shipped for the correct service, otherwise we may apply the setting to the wrong unit.

[Other information]

I have not actually seen any regressions reported about this, but as we intended to keep the Nice=-1 setting for systemd-journald.service, we should restore it.

[1] https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?h=ubuntu-noble&id=9605a17332ee8a8dc9b390bd24acf116184b69d2

Nick Rosbrook (enr0n)
tags: added: systemd-sru-next
Changed in systemd (Ubuntu):
importance: Undecided → Medium
status: New → Triaged
Changed in systemd (Ubuntu Noble):
status: New → Triaged
importance: Undecided → Medium
assignee: nobody → Nick Rosbrook (enr0n)
Changed in systemd (Ubuntu):
assignee: nobody → Nick Rosbrook (enr0n)
Nick Rosbrook (enr0n)
Changed in systemd (Ubuntu):
status: Triaged → Fix Committed
Revision history for this message
Timo Aaltonen (tjaalton) wrote : Please test proposed package

Hello Nick, or anyone else affected,

Accepted systemd into noble-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/systemd/255.4-1ubuntu8.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-noble to verification-done-noble. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-noble. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in systemd (Ubuntu Noble):
status: Triaged → Fix Committed
tags: added: verification-needed verification-needed-noble
Revision history for this message
Nick Rosbrook (enr0n) wrote :
Download full text (12.3 KiB)

I have verified the fix using systemd 255.4-1ubuntu8.2 from noble-proposed:

nr@zero:~$ lxc launch ubuntu-daily:n n
Creating n
Starting n
nr@zero:~$ lxc exec n bash
root@n:~# vim /etc/apt/sources.list.d/ubuntu.sources
root@n:~# apt update && apt install -t noble-proposed systemd
Get:1 http://security.ubuntu.com/ubuntu noble-security InRelease [126 kB]
Hit:2 http://archive.ubuntu.com/ubuntu noble InRelease
Get:3 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages [199 kB]
Get:4 http://archive.ubuntu.com/ubuntu noble-updates InRelease [126 kB]
Get:5 http://security.ubuntu.com/ubuntu noble-security/main Translation-en [50.7 kB]
Get:6 http://security.ubuntu.com/ubuntu noble-security/main amd64 c-n-f Metadata [2432 B]
Get:7 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Packages [67.4 kB]
Get:8 http://security.ubuntu.com/ubuntu noble-security/universe Translation-en [23.9 kB]
Get:9 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Components [8632 B]
Get:10 http://security.ubuntu.com/ubuntu noble-security/universe amd64 c-n-f Metadata [2236 B]
Get:11 http://security.ubuntu.com/ubuntu noble-security/restricted amd64 Packages [145 kB]
Get:12 http://security.ubuntu.com/ubuntu noble-security/restricted Translation-en [27.8 kB]
Get:13 http://security.ubuntu.com/ubuntu noble-security/restricted amd64 c-n-f Metadata [420 B]
Get:14 http://security.ubuntu.com/ubuntu noble-security/multiverse amd64 Packages [10.6 kB]
Get:15 http://security.ubuntu.com/ubuntu noble-security/multiverse Translation-en [2808 B]
Get:16 http://security.ubuntu.com/ubuntu noble-security/multiverse amd64 Components [208 B]
Get:17 http://security.ubuntu.com/ubuntu noble-security/multiverse amd64 c-n-f Metadata [344 B]
Get:18 http://archive.ubuntu.com/ubuntu noble-backports InRelease [126 kB]
Get:19 http://archive.ubuntu.com/ubuntu noble-proposed InRelease [265 kB]
Get:20 http://archive.ubuntu.com/ubuntu noble/universe amd64 Packages [15.0 MB]
Get:21 http://archive.ubuntu.com/ubuntu noble/universe Translation-en [5982 kB]
Get:22 http://archive.ubuntu.com/ubuntu noble/universe amd64 Components [3871 kB]
Get:23 http://archive.ubuntu.com/ubuntu noble/universe amd64 c-n-f Metadata [301 kB]
Get:24 http://archive.ubuntu.com/ubuntu noble/multiverse amd64 Packages [269 kB]
Get:25 http://archive.ubuntu.com/ubuntu noble/multiverse Translation-en [118 kB]
Get:26 http://archive.ubuntu.com/ubuntu noble/multiverse amd64 Components [35.0 kB]
Get:27 http://archive.ubuntu.com/ubuntu noble/multiverse amd64 c-n-f Metadata [8328 B]
Get:28 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages [226 kB]
Get:29 http://archive.ubuntu.com/ubuntu noble-updates/main Translation-en [61.2 kB]
Get:30 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 c-n-f Metadata [3596 B]
Get:31 http://archive.ubuntu.com/ubuntu noble-updates/universe amd64 Packages [118 kB]
Get:32 http://archive.ubuntu.com/ubuntu noble-updates/universe Translation-en [43.8 kB]
Get:33 http://archive.ubuntu.com/ubuntu nob...

tags: added: verification-done-noble
removed: verification-needed-noble
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (5.9 KiB)

This bug was fixed in the package systemd - 256-1ubuntu1

---------------
systemd (256-1ubuntu1) oracular; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - debian/tests/upstream{,-1,-2}: split upstream tests into two parts
    - debian/tests/tests-in-lxd: run some autopkgtests in LXD too
    - debian/tests/boot-and-services:
      + skip apparmor tests on armhf
      + consume stderr in systemctl status call in test_service
      + drop test_no_failed
    - debian/systemd.postinst:
      + skip daemon-reexec and try-restarts during shutdown
      + manually call systemd-tmpfiles --create in postinst
    - debian/systemd-resolved.postinst: copy existing /etc/resolv.conf to
      /run/systemd/resolve/stub-resolv.conf
    - debian/rules:
      + Remove unneeded efi artifacts on i386 to avoid debugedit errors
    - debian/rules,debian/control,debian/tests/control:
      + Do not build with tpm libraries on i386
      + Do not build with libqrencode on i386
    - debian/gbp.conf,debian/extra/wrap_cl.py:
      Use a customization script to add LP commit links to changelog
    - debian/control:
      + Add Recommends: networkd-dispatcher systemd-resolved to systemd package
      + Give systemd-resolved Priority: important
      + Add Recommends: systemd-hwe-hwdb to udev package
      + Add Breaks: systemd (<< ${binary:Version}) to udev package so that
        systemd is upgraded as well when upgrading udev
      + Make systemd-sysv Depends: on matching version of systemd
      + Drop Recommends: libnss-myhostname libnss-resolve from systemd-resolved
      + Build-Depends: linux-tools-generic
    - d/p/Revert-network-if-sys-is-rw-then-udev-should-be-around.patch:
      Revert "network: if /sys is rw, then udev should be around" upstream
      commit
    - debian/tests/upstream: export QEMU_MEM="1024M" for all tests
    - debian/systemd.links: mask systemd-gpt-auto-generator by default
    - debian/systemd.install: exclude files that are not built for i386
    - debian/systemd.manpages: do not ship un-built manpages on i386
    - debian/tests/control: only install systemd-boot-efi for supported arches
    - test: skip exec-privatenetwork-yes-privatemounts-yes.service in LXC
    - debian/test/unit-tests: skip test-execute on armhf.
  * Dropped changes, included in Debian:
    - debian/extra: use a drop-in resolved.conf to configure Cache=no-negative
    - debian/extra: use a dropin to configure Nice=-1 on systemd-journald.service.
    - debian/extra/systemd-oomd-defaults/-.slice.d/10-oomd-root-slice-defaults.conf:
      Set ManagedOOMSwap=auto, disabling swap kill by default
    - debian/rules:
      + Set default user path
      + Disable LLMNR by default
    - debian/tests/storage: skip tests if scsi_debug module is not available
  * Dropped changes:
    - debian/patches/tmpfiles.d-tmp.conf-make-cleanup-age-30d-on-Ubuntu.patch:
      We want to stay aligned with Debian and upstream instead of keeping this
      30d cleanup.
    - debian/systemd-resolved.install: drop unnecessary delta
    - d/p/debian/UBUNTU-Don-t-override-Ubuntu-s-default-sysctl-values-LP-1962038.patch:
      We do not actually ship sysctld.d/50-default.conf ...

Read more...

Changed in systemd (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package systemd - 255.4-1ubuntu8.2

---------------
systemd (255.4-1ubuntu8.2) noble; urgency=medium

  * mountpoint-util: Deal with kernel API breakage in "norecovery" mount option.
    Also include fixup commit
    055b465a3f ("shared/mountpoint-util: for old kernels, assume "norecovery" is supported by btrfs").
    (LP: #2067907)
  * cgroup-util: allow cg_read_pid() to skip unmapped (zero) pids (LP: #2067922)
  * debian/extra: ship nice.conf for journald, not logind (LP: #2067927)

 -- Nick Rosbrook <email address hidden> Fri, 14 Jun 2024 17:03:19 -0400

Changed in systemd (Ubuntu Noble):
status: Fix Committed → Fix Released
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Update Released

The verification of the Stable Release Update for systemd has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.