Am 05.07.2014 03:40, schrieb Russell Coker: > Source: systemd > Version: all > Severity: normal > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753726 > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753727 > > The above bugs concern the ability of library packages to request that systemd > use the new version on an upgrade. I don't think it's reasonable for the > library updates to never be applied because there's the risk of a security > flaw being discovered in one of them that affects the operation of systemd.
While I agree with you in general, keep in mind that this is actually also a general issue. PID 1 is in no way special in that regard and this concerns every long running process / daemon. It's not like a security update of libselinux (or any other library for that matter) restarts all daemons / binaries linking against said library. Incidentally we discussed exactly that within the pkg-systemd team before I filed this bug. Our conclusion was, that the right answer for that is probably something like checkrestart which is run *after* the upgrade has completed. > As there is apparently a reliability issue in the library postinst calling > "telinit u" I think that systemd should have triggers to allow it to take the > new libraries when they are installed. I'm not convinced that a package-individual trigger is the right answer for this (we also discussed this possibility within the team). Every package providing a long running system service would have to provide such a trigger and every library would have to call all triggers. That doesn't scale. We need a general solution for this. What I'm convinced about though is, that restarting a daemon (or re-execing PID 1) midway through an upgrade is bound to fail one way or another. So I still kindly ask you to apply the patches in #753726 and #753727 Cheers, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
