Package: systemd
Version: 241-5
Severity: important
Tags: upstream
Dear Maintainer,
systemd kills the main process of a service unit after issuing a reload
command, if the command in `ExecReload` fails. This is a regression
introduced in v239 by upstream commit ec5b145 [1].
This behavior is not an expected one and changed systemd's behavior
during the reload of a unit. Before v239, an `ExecReload` command with
a non-successful exit code, would not kill the main process of the
unit. The change may cause problems in production environments, when
configuration changes happen, that include typos or syntax errors.
Imagine the following scenario:
* Production server runs haproxy
* A configuration change happens
* A reload gets triggered from a configuration management tool
* HAProxy's `ExecReload` command, `haproxy -c` exits with code 1 due
to a syntax error.
* systemd kills HAProxy, causing an outage
This issue has been reported upstream in issue #11238 [2] and has been
fixed in commit d611cfa [3] of pull request #13098 [4]. The fix is
quite fresh (2019-07-17) and seems that will be included in v243.
Unfortunately, this issue has unexpected side-effects and may cause
problems to Debian users that use systemd to manage production-grade
services, after upgrading to Buster.
I tried to apply the fix [3] on the package's source tree for Buster
and it seems to work; the patch applies cleanly, the package gets
builded and systemd behaves as expected.
I think that it is possible to include this fix in Buster.
Thanks for maintaining systemd in Debian,
Nikos
[1]
https://github.com/systemd/systemd/commit/ec5b1452ac73e41274f9b3ca401f813fa079b9f0
[2] https://github.com/systemd/systemd/issues/11238
[3]
https://github.com/systemd/systemd/commit/86bc88ca8dbdeeefc2e5032636b9677fda126184
[4] https://github.com/systemd/systemd/pull/13098
-- Package-specific info:
-- System Information:
Debian Release: 10.0
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages systemd depends on:
ii adduser 3.118
ii libacl1 2.2.53-4
ii libapparmor1 2.13.2-10
ii libaudit1 1:2.8.4-3
ii libblkid1 2.33.1-0.1
ii libc6 2.28-10
ii libcap2 1:2.25-2
ii libcryptsetup12 2:2.1.0-5
ii libgcrypt20 1.8.4-5
ii libgnutls30 3.6.7-4
ii libgpg-error0 1.35-1
ii libidn11 1.33-2.2
ii libip4tc0 1.8.2-4
ii libkmod2 26-1
ii liblz4-1 1.8.3-1
ii liblzma5 5.2.4-1
ii libmount1 2.33.1-0.1
ii libpam0g 1.3.1-5
ii libseccomp2 2.3.3-4
ii libselinux1 2.8-1+b1
ii libsystemd0 241-5
ii mount 2.33.1-0.1
ii util-linux 2.33.1-0.1
Versions of packages systemd recommends:
ii dbus 1.12.16-1
ii libpam-systemd 241-5
Versions of packages systemd suggests:
ii policykit-1 0.105-25
pn systemd-container <none>
Versions of packages systemd is related to:
pn dracut <none>
ii initramfs-tools 0.133
ii udev 241-5
-- no debconf information
