Package: cgroupfs-mount Version: 1.4+nmu1 Severity: normal X-Debbugs-CC: debian-init-divers...@chiark.greenend.org.uk
Dear Maintainer, After a recent upgrade (could be coincidence or a timing change) I found that cgroupfs-mount was being run before elogind's, preventing elogind from mounting a cgroup2 hierarchy at /sys/fs/cgroup. This prevented privilege elevation resulting in GnuPG no longer being able to use my Yubikey HSM from the console (there is no display manager or session running). This is similar to #1076278, recently solved by starting elogind before docker and #959021. I tried to perform a similar remedy as #1076278 by adding 'cgroupfs-mount' to X-Start-Before in the elogind initscript but this seemed to make no difference on my system, with the cgroupsfs-mount script still getting called first. Perhaps I needed to do something to recompute the dependencies but in any case there is an issue here that needs solving in one package or other! For my system, cgroupfs-mount is brought in as a Suggests of docker.io and liblxc1t64 and I have currently worked around the issue with update-rc.d cgroupsfs-mount disable. As well as solving the ordering issue, I wonder if it is worth reviewing the functionality of this package to do the right thing in a cgroup2 world, whatever that is, or whether it is in fact only needed in systems that don't have seat management and we could review when it gets pulled into a new installation? Thanks! Extract from boot.log: INIT: Entering runlevel: 2 Using makefile-style concurrent boot in runlevel 2. Setting up console font and keymap...done. Starting enhanced syslogd: rsyslogd. * Starting Citrix Log daemon [ OK ] Starting anac(h)ronistic cron: anacron. Starting deferred execution scheduler: atd. Mounting cgroupfs hierarchy. Starting mouse interface server: gpm. Starting system message bus: dbus. Starting NTP server: ntpd2025-01-15T19:07:29 ntpd[1569]: INIT: ntpd ntpsec-1.2.3: Starting 2025-01-15T19:07:29 ntpd[1569]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec . Starting Avahi mDNS/DNS-SD Daemon: avahi-daemon. Starting bluetooth: bluetoothd. Starting NetBIOS name server: nmbd. Starting CUPS Bonjour daemon: cups-browsed. Starting Common Unix Printing System: cupsd. Starting session management daemon: elogind ^@. Starting MTA: exim4. Starting network connection manager: NetworkManager. Starting Docker: docker. Starting SANE network scanner server: saned. Starting Samba Winbind daemon: winbindd. Starting periodic command scheduler: cron. Starting Samba SMB/CIFS daemon: smbd. -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Foreign Architectures: amd64 Kernel: Linux 6.10.12-686 (SMP w/2 CPU threads; PREEMPT) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: sysvinit (via /sbin/init) Versions of packages cgroupfs-mount depends on: ii sysvinit-utils [lsb-base] 3.13-1 cgroupfs-mount recommends no packages. cgroupfs-mount suggests no packages. -- no debconf information
signature.asc
Description: PGP signature
