--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: systemd/241-4
- From: Michael Biebl <biebl@debian.org>
- Date: Sun, 19 May 2019 12:19:29 +0200
- Message-id: <155826116918.15899.11445509191417755991.reportbug@pluto.milchstrasse.xx>
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package systemd
All patches are cherry-picked from upstream git.
Annotated changelog:
systemd (241-4) unstable; urgency=medium
* journal-remote: Do not request Content-Length if Transfer-Encoding is
chunked (Closes: #927008)
https://salsa.debian.org/systemd-team/systemd/commit/d8e4bc4487b0f32b39b15152040351261329e92a
Without this fix, systemd-journal-remote is pretty much completely
broken, that's why I had marked this bug RC for the
systemd-journal-remote package
* systemctl: Restore "systemctl reboot ARG" functionality.
Fixes a regression introduced in v240. (Closes: #928659)
https://salsa.debian.org/systemd-team/systemd/commit/8127cbd86fadf245dd28666c1bfe82a3eb116448
* random-util: Eat up bad RDRAND values seen on AMD CPUs.
Some AMD CPUs return bogus data via RDRAND after a suspend/resume cycle
while still reporting success via the carry flag.
Filter out invalid data like -1 (and also 0, just to be sure).
(Closes: #921267)
https://salsa.debian.org/systemd-team/systemd/commit/efbcf5102f0ac7b43a2f7b8c79084fdfd2d1fa72
RDRAND is used by systemd for its hashmap implementation. On some AMD
CPUs (AMD CPU family 22), RDRAND returns bogus data after
suspend/resume, leading to severe mis-behaviour of systemd. Typical
symptoms are failure to shutdown properly or when trying suspend again.
* Add check to switch VTs only between K_XLATE or K_UNICODE.
Switching to K_UNICODE from other than L_XLATE can make the keyboard
unusable and possibly leak keypresses from X.
(CVE-2018-20839, Closes: #929116)
https://salsa.debian.org/systemd-team/systemd/commit/5a564c6ef3906c0f3885a3a2aafce772393f760a
* Document that DRM render nodes are now owned by group "render"
(Closes: #926886)
https://salsa.debian.org/systemd-team/systemd/commit/e3772a013721083a740ab9dedbf060cf5b3c3709
Documentation update, which was explicitly requested for the
video->render change of the the /dev/dri/renderD* devices.
KiBi (and debian-boot) is in CC
Full debdiff is attached.
Regards,
Michael
unblock systemd/241-4
-- System Information:
Debian Release: 10.0
APT prefers unstable
APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff --git a/debian/changelog b/debian/changelog
index 231cbb6..e13fd93 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,23 @@
+systemd (241-4) unstable; urgency=medium
+
+ * journal-remote: Do not request Content-Length if Transfer-Encoding is
+ chunked (Closes: #927008)
+ * systemctl: Restore "systemctl reboot ARG" functionality.
+ Fixes a regression introduced in v240. (Closes: #928659)
+ * random-util: Eat up bad RDRAND values seen on AMD CPUs.
+ Some AMD CPUs return bogus data via RDRAND after a suspend/resume cycle
+ while still reporting success via the carry flag.
+ Filter out invalid data like -1 (and also 0, just to be sure).
+ (Closes: #921267)
+ * Add check to switch VTs only between K_XLATE or K_UNICODE.
+ Switching to K_UNICODE from other than L_XLATE can make the keyboard
+ unusable and possibly leak keypresses from X.
+ (CVE-2018-20839, Closes: #929116)
+ * Document that DRM render nodes are now owned by group "render"
+ (Closes: #926886)
+
+ -- Michael Biebl <biebl@debian.org> Fri, 17 May 2019 21:16:33 +0200
+
systemd (241-3) unstable; urgency=high
[ Michael Biebl ]
diff --git a/debian/patches/Add-check-to-switch-VTs-only-between-K_XLATE-or-K_UNICODE.patch b/debian/patches/Add-check-to-switch-VTs-only-between-K_XLATE-or-K_UNICODE.patch
new file mode 100644
index 0000000..6efd7ec
--- /dev/null
+++ b/debian/patches/Add-check-to-switch-VTs-only-between-K_XLATE-or-K_UNICODE.patch
@@ -0,0 +1,56 @@
+From: Balint Reczey <balint.reczey@canonical.com>
+Date: Wed, 24 Apr 2019 17:24:02 +0200
+Subject: Add check to switch VTs only between K_XLATE or K_UNICODE
+
+Switching to K_UNICODE from other than L_XLATE can make the keyboard
+unusable and possibly leak keypresses from X.
+
+BugLink: https://launchpad.net/bugs/1803993
+(cherry picked from commit 13a43c73d8cbac4b65472de04bb88ea1bacdeb89)
+---
+ src/basic/terminal-util.c | 9 ++++++++-
+ src/vconsole/vconsole-setup.c | 7 +++++++
+ 2 files changed, 15 insertions(+), 1 deletion(-)
+
+diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c
+index 48ede7d..c7a7455 100644
+--- a/src/basic/terminal-util.c
++++ b/src/basic/terminal-util.c
+@@ -1273,11 +1273,18 @@ int vt_verify_kbmode(int fd) {
+ }
+
+ int vt_reset_keyboard(int fd) {
+- int kb;
++ int kb, r;
+
+ /* If we can't read the default, then default to unicode. It's 2017 after all. */
+ kb = vt_default_utf8() != 0 ? K_UNICODE : K_XLATE;
+
++ r = vt_verify_kbmode(fd);
++ if (r == -EBUSY) {
++ log_debug_errno(r, "Keyboard is not in XLATE or UNICODE mode, not resetting: %m");
++ return 0;
++ } else if (r < 0)
++ return r;
++
+ if (ioctl(fd, KDSKBMODE, kb) < 0)
+ return -errno;
+
+diff --git a/src/vconsole/vconsole-setup.c b/src/vconsole/vconsole-setup.c
+index be09619..bfa0f57 100644
+--- a/src/vconsole/vconsole-setup.c
++++ b/src/vconsole/vconsole-setup.c
+@@ -74,6 +74,13 @@ static int toggle_utf8(const char *name, int fd, bool utf8) {
+
+ assert(name);
+
++ r = vt_verify_kbmode(fd);
++ if (r == -EBUSY) {
++ log_warning_errno(r, "Virtual console %s is not in K_XLATE or K_UNICODE: %m", name);
++ return 0;
++ } else if (r < 0)
++ return log_warning_errno(r, "Failed to verify kbdmode on %s: %m", name);
++
+ r = ioctl(fd, KDSKBMODE, utf8 ? K_UNICODE : K_XLATE);
+ if (r < 0)
+ return log_warning_errno(errno, "Failed to %s UTF-8 kbdmode on %s: %m", enable_disable(utf8), name);
diff --git a/debian/patches/Move-verify_vc_kbmode-to-terminal-util.c-as-vt_verify_kbm.patch b/debian/patches/Move-verify_vc_kbmode-to-terminal-util.c-as-vt_verify_kbm.patch
new file mode 100644
index 0000000..b91340f
--- /dev/null
+++ b/debian/patches/Move-verify_vc_kbmode-to-terminal-util.c-as-vt_verify_kbm.patch
@@ -0,0 +1,106 @@
+From: Balint Reczey <balint.reczey@canonical.com>
+Date: Wed, 24 Apr 2019 16:35:32 +0200
+Subject: Move verify_vc_kbmode() to terminal-util.c as vt_verify_kbmode()
+
+(cherry picked from commit bb5ac84d79ac3aef606a4a9eeaafef94a1f199be)
+---
+ src/basic/terminal-util.c | 17 +++++++++++++++++
+ src/basic/terminal-util.h | 1 +
+ src/vconsole/vconsole-setup.c | 23 +++--------------------
+ 3 files changed, 21 insertions(+), 20 deletions(-)
+
+diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c
+index 0f38120..48ede7d 100644
+--- a/src/basic/terminal-util.c
++++ b/src/basic/terminal-util.c
+@@ -1255,6 +1255,23 @@ int vt_default_utf8(void) {
+ return parse_boolean(b);
+ }
+
++int vt_verify_kbmode(int fd) {
++ int curr_mode;
++
++ /*
++ * Make sure we only adjust consoles in K_XLATE or K_UNICODE mode.
++ * Otherwise we would (likely) interfere with X11's processing of the
++ * key events.
++ *
++ * http://lists.freedesktop.org/archives/systemd-devel/2013-February/008573.html
++ */
++
++ if (ioctl(fd, KDGKBMODE, &curr_mode) < 0)
++ return -errno;
++
++ return IN_SET(curr_mode, K_XLATE, K_UNICODE) ? 0 : -EBUSY;
++}
++
+ int vt_reset_keyboard(int fd) {
+ int kb;
+
+diff --git a/src/basic/terminal-util.h b/src/basic/terminal-util.h
+index c885e0a..b32528f 100644
+--- a/src/basic/terminal-util.h
++++ b/src/basic/terminal-util.h
+@@ -155,6 +155,7 @@ int openpt_in_namespace(pid_t pid, int flags);
+ int open_terminal_in_namespace(pid_t pid, const char *name, int mode);
+
+ int vt_default_utf8(void);
++int vt_verify_kbmode(int fd);
+ int vt_reset_keyboard(int fd);
+ int vt_restore(int fd);
+ int vt_release(int fd, bool restore_vt);
+diff --git a/src/vconsole/vconsole-setup.c b/src/vconsole/vconsole-setup.c
+index ebdeba3..be09619 100644
+--- a/src/vconsole/vconsole-setup.c
++++ b/src/vconsole/vconsole-setup.c
+@@ -68,23 +68,6 @@ static int verify_vc_allocation_byfd(int fd) {
+ return verify_vc_allocation(vcs.v_active);
+ }
+
+-static int verify_vc_kbmode(int fd) {
+- int curr_mode;
+-
+- /*
+- * Make sure we only adjust consoles in K_XLATE or K_UNICODE mode.
+- * Otherwise we would (likely) interfere with X11's processing of the
+- * key events.
+- *
+- * http://lists.freedesktop.org/archives/systemd-devel/2013-February/008573.html
+- */
+-
+- if (ioctl(fd, KDGKBMODE, &curr_mode) < 0)
+- return -errno;
+-
+- return IN_SET(curr_mode, K_XLATE, K_UNICODE) ? 0 : -EBUSY;
+-}
+-
+ static int toggle_utf8(const char *name, int fd, bool utf8) {
+ int r;
+ struct termios tc = {};
+@@ -288,7 +271,7 @@ static void setup_remaining_vcs(int src_fd, unsigned src_idx, bool utf8) {
+ continue;
+ }
+
+- if (verify_vc_kbmode(fd_d) < 0)
++ if (vt_verify_kbmode(fd_d) < 0)
+ continue;
+
+ toggle_utf8(ttyname, fd_d, utf8);
+@@ -363,7 +346,7 @@ static int find_source_vc(char **ret_path, unsigned *ret_idx) {
+ err = -fd;
+ continue;
+ }
+- r = verify_vc_kbmode(fd);
++ r = vt_verify_kbmode(fd);
+ if (r < 0) {
+ if (!err)
+ err = -r;
+@@ -396,7 +379,7 @@ static int verify_source_vc(char **ret_path, const char *src_vc) {
+ if (r < 0)
+ return log_error_errno(r, "Virtual console %s is not allocated: %m", src_vc);
+
+- r = verify_vc_kbmode(fd);
++ r = vt_verify_kbmode(fd);
+ if (r < 0)
+ return log_error_errno(r, "Virtual console %s is not in K_XLATE or K_UNICODE: %m", src_vc);
+
diff --git a/debian/patches/journal-remote-do-not-request-Content-Length-if-Transfer-.patch b/debian/patches/journal-remote-do-not-request-Content-Length-if-Transfer-.patch
new file mode 100644
index 0000000..a8ab578
--- /dev/null
+++ b/debian/patches/journal-remote-do-not-request-Content-Length-if-Transfer-.patch
@@ -0,0 +1,74 @@
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Mon, 11 Mar 2019 12:27:18 +0900
+Subject: journal-remote: do not request Content-Length if Transfer-Encoding
+ is chunked
+
+This fixes a bug introduced by 7fdb237f5473cb8fc2129e57e8a0039526dcb4fd.
+
+Closes #11571.
+
+(cherry picked from commit a289dfd69b3ff4bccdde93e84b67c947bafa27e1)
+---
+ src/journal-remote/journal-remote-main.c | 41 +++++++++++++++++++++-----------
+ 1 file changed, 27 insertions(+), 14 deletions(-)
+
+diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c
+index 802c3ea..2321a91 100644
+--- a/src/journal-remote/journal-remote-main.c
++++ b/src/journal-remote/journal-remote-main.c
+@@ -265,6 +265,7 @@ static int request_handler(
+ const char *header;
+ int r, code, fd;
+ _cleanup_free_ char *hostname = NULL;
++ bool chunked = false;
+ size_t len;
+
+ assert(connection);
+@@ -290,21 +291,33 @@ static int request_handler(
+ return mhd_respond(connection, MHD_HTTP_UNSUPPORTED_MEDIA_TYPE,
+ "Content-Type: application/vnd.fdo.journal is required.");
+
++ header = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, "Transfer-Encoding");
++ if (header) {
++ if (!strcaseeq(header, "chunked"))
++ return mhd_respondf(connection, 0, MHD_HTTP_BAD_REQUEST,
++ "Unsupported Transfer-Encoding type: %s", header);
++
++ chunked = true;
++ }
++
+ header = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, "Content-Length");
+- if (!header)
+- return mhd_respond(connection, MHD_HTTP_LENGTH_REQUIRED,
+- "Content-Length header is required.");
+- r = safe_atozu(header, &len);
+- if (r < 0)
+- return mhd_respondf(connection, r, MHD_HTTP_LENGTH_REQUIRED,
+- "Content-Length: %s cannot be parsed: %m", header);
+-
+- if (len > ENTRY_SIZE_MAX)
+- /* When serialized, an entry of maximum size might be slightly larger,
+- * so this does not correspond exactly to the limit in journald. Oh well.
+- */
+- return mhd_respondf(connection, 0, MHD_HTTP_PAYLOAD_TOO_LARGE,
+- "Payload larger than maximum size of %u bytes", ENTRY_SIZE_MAX);
++ if (header) {
++ if (chunked)
++ return mhd_respond(connection, MHD_HTTP_BAD_REQUEST,
++ "Content-Length must not specified when Transfer-Encoding type is 'chuncked'");
++
++ r = safe_atozu(header, &len);
++ if (r < 0)
++ return mhd_respondf(connection, r, MHD_HTTP_LENGTH_REQUIRED,
++ "Content-Length: %s cannot be parsed: %m", header);
++
++ if (len > ENTRY_SIZE_MAX)
++ /* When serialized, an entry of maximum size might be slightly larger,
++ * so this does not correspond exactly to the limit in journald. Oh well.
++ */
++ return mhd_respondf(connection, 0, MHD_HTTP_PAYLOAD_TOO_LARGE,
++ "Payload larger than maximum size of %u bytes", ENTRY_SIZE_MAX);
++ }
+
+ {
+ const union MHD_ConnectionInfo *ci;
diff --git a/debian/patches/random-util-eat-up-bad-RDRAND-values-seen-on-AMD-CPUs.patch b/debian/patches/random-util-eat-up-bad-RDRAND-values-seen-on-AMD-CPUs.patch
new file mode 100644
index 0000000..5c464ad
--- /dev/null
+++ b/debian/patches/random-util-eat-up-bad-RDRAND-values-seen-on-AMD-CPUs.patch
@@ -0,0 +1,54 @@
+From: Michael Biebl <biebl@debian.org>
+Date: Tue, 14 May 2019 13:12:35 +0200
+Subject: random-util: eat up bad RDRAND values seen on AMD CPUs
+
+An ugly, ugly work-around for #11810. And no, we shouldn't have to do
+this. This is something for AMD, the firmware or the kernel to
+fix/work-around, not us. But nonetheless, this should do it for now.
+
+Fixes: #11810
+(cherry picked from commit 1c53d4a070edbec8ad2d384ba0014d0eb6bae077)
+---
+ src/basic/random-util.c | 15 ++++++++++++++-
+ 1 file changed, 14 insertions(+), 1 deletion(-)
+
+diff --git a/src/basic/random-util.c b/src/basic/random-util.c
+index f7decf6..38f8180 100644
+--- a/src/basic/random-util.c
++++ b/src/basic/random-util.c
+@@ -37,6 +37,7 @@ int rdrand(unsigned long *ret) {
+
+ #if defined(__i386__) || defined(__x86_64__)
+ static int have_rdrand = -1;
++ unsigned long v;
+ unsigned char err;
+
+ if (have_rdrand < 0) {
+@@ -56,7 +57,7 @@ int rdrand(unsigned long *ret) {
+
+ asm volatile("rdrand %0;"
+ "setc %1"
+- : "=r" (*ret),
++ : "=r" (v),
+ "=qm" (err));
+
+ #if HAS_FEATURE_MEMORY_SANITIZER
+@@ -66,6 +67,18 @@ int rdrand(unsigned long *ret) {
+ if (!err)
+ return -EAGAIN;
+
++ /* Apparently on some AMD CPUs RDRAND will sometimes (after a suspend/resume cycle?) report success
++ * via the carry flag but nonetheless return the same fixed value -1 in all cases. This appears to be
++ * a bad bug in the CPU or firmware. Let's deal with that and work-around this by explicitly checking
++ * for this special value (and also 0, just to be sure) and filtering it out. This is a work-around
++ * only however and something AMD really should fix properly. The Linux kernel should probably work
++ * around this issue by turning off RDRAND altogether on those CPUs. See:
++ * https://github.com/systemd/systemd/issues/11810 */
++ if (v == 0 || v == ULONG_MAX)
++ return log_debug_errno(SYNTHETIC_ERRNO(EUCLEAN),
++ "RDRAND returned suspicious value %lx, assuming bad hardware RNG, not using value.", v);
++
++ *ret = v;
+ return 0;
+ #else
+ return -EOPNOTSUPP;
diff --git a/debian/patches/series b/debian/patches/series
index c4bdca5..ead31db 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -16,6 +16,11 @@ networkd-clarify-that-IPv6-RA-uses-our-own-stack-no-the-k.patch
network-remove-routing-policy-rule-from-foreign-rule-data.patch
network-do-not-remove-rule-when-it-is-requested-by-existi.patch
pam-systemd-use-secure_getenv-rather-than-getenv.patch
+journal-remote-do-not-request-Content-Length-if-Transfer-.patch
+systemctl-restore-systemctl-reboot-ARG-functionality.patch
+random-util-eat-up-bad-RDRAND-values-seen-on-AMD-CPUs.patch
+Move-verify_vc_kbmode-to-terminal-util.c-as-vt_verify_kbm.patch
+Add-check-to-switch-VTs-only-between-K_XLATE-or-K_UNICODE.patch
debian/Use-Debian-specific-config-files.patch
debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch
debian/Make-run-lock-tmpfs-an-API-fs.patch
diff --git a/debian/patches/systemctl-restore-systemctl-reboot-ARG-functionality.patch b/debian/patches/systemctl-restore-systemctl-reboot-ARG-functionality.patch
new file mode 100644
index 0000000..b10ee8b
--- /dev/null
+++ b/debian/patches/systemctl-restore-systemctl-reboot-ARG-functionality.patch
@@ -0,0 +1,108 @@
+From: =?utf-8?b?VmVzYSBKw6TDpHNrZWzDpGluZW4=?=
+ <vesa.jaaskelainen@vaisala.com>
+Date: Sat, 9 Mar 2019 22:30:45 +0200
+Subject: systemctl: restore "systemctl reboot ARG" functionality
+
+Commit d85515edcf9700dc068201ab9f7103f04f3b25b2 changed logic how reboot is
+executed. That commit changed behavior to use emergency action reboot code path
+to perform the reboot.
+
+This inadvertently broke rebooting with argument:
+$ systemctl reboot custom-reason
+
+Restore original behavior so that if reboot service unit similar to
+systemd-reboot.service is executed it is possible to override reboot reason
+with "systemctl reboot ARG".
+
+When "systemctl reboot ARG" is executed ARG is placed in file
+/run/systemd/reboot-param and reboot is issued using logind's Reboot
+dbus-service.
+
+If RebootArgument is specified in systemd-reboot.service it takes precedence
+over what systemctl sets.
+
+Fixes: #11828
+(cherry picked from commit 77defcf5382a557189350f928967d676510e362c)
+---
+ src/core/emergency-action.c | 4 ++--
+ src/shared/reboot-util.c | 5 ++++-
+ src/shared/reboot-util.h | 2 +-
+ src/systemctl/systemctl.c | 4 ++--
+ 4 files changed, 9 insertions(+), 6 deletions(-)
+
+diff --git a/src/core/emergency-action.c b/src/core/emergency-action.c
+index f98b0de..52edec0 100644
+--- a/src/core/emergency-action.c
++++ b/src/core/emergency-action.c
+@@ -47,7 +47,7 @@ int emergency_action(
+ case EMERGENCY_ACTION_REBOOT:
+ log_and_status(m, warn, "Rebooting", reason);
+
+- (void) update_reboot_parameter_and_warn(reboot_arg);
++ (void) update_reboot_parameter_and_warn(reboot_arg, true);
+ (void) manager_add_job_by_name_and_warn(m, JOB_START, SPECIAL_REBOOT_TARGET, JOB_REPLACE_IRREVERSIBLY, NULL);
+
+ break;
+@@ -55,7 +55,7 @@ int emergency_action(
+ case EMERGENCY_ACTION_REBOOT_FORCE:
+ log_and_status(m, warn, "Forcibly rebooting", reason);
+
+- (void) update_reboot_parameter_and_warn(reboot_arg);
++ (void) update_reboot_parameter_and_warn(reboot_arg, true);
+ m->objective = MANAGER_REBOOT;
+
+ break;
+diff --git a/src/shared/reboot-util.c b/src/shared/reboot-util.c
+index ca40159..6d5eee0 100644
+--- a/src/shared/reboot-util.c
++++ b/src/shared/reboot-util.c
+@@ -12,10 +12,13 @@
+ #include "umask-util.h"
+ #include "virt.h"
+
+-int update_reboot_parameter_and_warn(const char *parameter) {
++int update_reboot_parameter_and_warn(const char *parameter, bool keep) {
+ int r;
+
+ if (isempty(parameter)) {
++ if (keep)
++ return 0;
++
+ if (unlink("/run/systemd/reboot-param") < 0) {
+ if (errno == ENOENT)
+ return 0;
+diff --git a/src/shared/reboot-util.h b/src/shared/reboot-util.h
+index d459333..ac59b7d 100644
+--- a/src/shared/reboot-util.h
++++ b/src/shared/reboot-util.h
+@@ -1,7 +1,7 @@
+ /* SPDX-License-Identifier: LGPL-2.1+ */
+ #pragma once
+
+-int update_reboot_parameter_and_warn(const char *parameter);
++int update_reboot_parameter_and_warn(const char *parameter, bool keep);
+
+ typedef enum RebootFlags {
+ REBOOT_LOG = 1 << 0, /* log about what we are going to do and all errors */
+diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
+index 63dae2c..d05219d 100644
+--- a/src/systemctl/systemctl.c
++++ b/src/systemctl/systemctl.c
+@@ -3634,7 +3634,7 @@ static int start_special(int argc, char *argv[], void *userdata) {
+ return r;
+
+ if (a == ACTION_REBOOT && argc > 1) {
+- r = update_reboot_parameter_and_warn(argv[1]);
++ r = update_reboot_parameter_and_warn(argv[1], false);
+ if (r < 0)
+ return r;
+
+@@ -8005,7 +8005,7 @@ static int halt_parse_argv(int argc, char *argv[]) {
+ }
+
+ if (arg_action == ACTION_REBOOT && (argc == optind || argc == optind + 1)) {
+- r = update_reboot_parameter_and_warn(argc == optind + 1 ? argv[optind] : NULL);
++ r = update_reboot_parameter_and_warn(argc == optind + 1 ? argv[optind] : NULL, false);
+ if (r < 0)
+ return r;
+ } else if (optind < argc)
diff --git a/debian/udev.NEWS b/debian/udev.NEWS
index abca3dd..5a0194e 100644
--- a/debian/udev.NEWS
+++ b/debian/udev.NEWS
@@ -1,3 +1,13 @@
+systemd (241-4) unstable; urgency=medium
+
+ DRM render nodes (/dev/dri/renderD*) are now owned by group "render"
+ (previously group "video"). Dynamic ACLs via the "uaccess" udev tag are still
+ applied, so in the common case things should just continue to work.
+ If you rely on static permissions to access those devices, you need to update
+ group memberships accordingly to use group "render" now.
+
+ -- Michael Biebl <biebl@debian.org> Fri, 17 May 2019 19:15:32 +0200
+
systemd (220-7) unstable; urgency=medium
The mechanism for providing stable network interface names changed.
--- End Message ---