Bug#1078157: systemd: Backport pid1: only add a Wants= type dependency on /tmp when PrivateTmp=yes

Luca Boccassi bluca at debian.org
Wed Aug 7 15:25:16 BST 2024 

Control: tags -1 wontfix
Control: close -1

On Wed, 07 Aug 2024 13:11:42 +0000 Bastien =?ISO-8859-1?Q?Roucari=E8s?=
<rouca at debian.org> wrote:
> Package: systemd
> Version: 247.3-7+deb11u5
> Severity: important
> Tags: patch upstream jessie stretch buster bullseye
> Forwarded: https://github.com/systemd/systemd/commit/b2c7d1bbc2
> 
> Dear Maintainer,
> 
> Without this commit autopkgtest on salsa are broken.
> 
> See for instance
> https://salsa.debian.org/apache-team/apache2/-/jobs/5960590
> 
> Can you consider to release a PU release this patch ?
> 
> I can do the work.
> 
> It breaks your testing infrastructure, particularly for testing
daemon, particularly security update testing.

As mentioned on IRC, I am not very comfortable with shipping code
changes in oldstable at this point in time for a specific corner case
that only happens due to a particular setup in a particular container
environment.

Also as mentioned, this is only a problem for units that set
PrivateTmp=yes, so what the autopkgtest branch for that affected
package can do is add a drop-in in
/run/systemd/system/foo.service.d/disabletmp.conf with:

[Service]
PrivateTmp=yes

and do a daemon-reload at the beginning of the test case, and the
problem should be bypassed. If the unit really needs an individual
tmpdir, you can also add:

TemporaryFileSystem=/tmp

Which is very similar but doesn't add a dependency on the host's
tmp.mount

Hence I am closing for now. If it turns out that there are hundreds of
packages affected that need to run tests on bullseye in salsa-ci and
are also using PrivateTmp and it's impractical to add workarounds
everywhere we can reconsider, but if it's just a handful and the
workaround works, please use that instead, so that we can minimize
risk.

-- 
Kind regards,
Luca Boccassi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20240807/068b6d67/attachment.sig>

More information about the Pkg-systemd-maintainers mailing list