[DSE-Dev] Bug#753726: Please don't run "telinit u" under systemd

Michael Biebl biebl at debian.org
Fri Jul 4 14:24:02 UTC 2014


Package: libselinux1
Version: 2.3-1
Severity: important
Tags: patch

The current version of libselinux1.postint runs "telinit u" to tell init
to re-exec itself. This was added so the system can shutdown cleanly when
sysvinit is the active PID 1.

Under systemd this is not necessary since systemd uses a dedicated
systemd-shutdown [1] tool which replaces init on shutdown. This ensures all
file systems can be unmounted cleanly.

Running "telinit u" midway through a dist-upgrade can have unwanted side
effects as the systemd package might be in an inconsistent state.
As you can see at [2], apt decided to remove libaudit0 (which is a
dependency of systemd in wheezy) and replace it with libaudit1. The new
systemd package is not yet unpacked. Running "telinit u" in such a state
will then lead to kernel panic.

Therefore please consider applying the attached patch in your next
upload.

Cheers,
Michael


[1] http://www.freedesktop.org/software/systemd/man/systemd-halt.service.html
[2] http://people.debian.org/~biebl/Debian-2014-07-04T13-18-40-656412000Z.webm




-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.14-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libselinux1:amd64 depends on:
ii  libc6              2.19-4
ii  libpcre3           1:8.31-5
ii  multiarch-support  2.19-4

libselinux1:amd64 recommends no packages.

libselinux1:amd64 suggests no packages.

-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: libselinux-telinit.patch
Type: text/x-diff
Size: 668 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/selinux-devel/attachments/20140704/aedec683/attachment.patch>


More information about the SELinux-devel mailing list