diff --git a/build_debian.sh b/build_debian.sh index 1391552d8f..e9bd233da3 100755 --- a/build_debian.sh +++ b/build_debian.sh @@ -108,7 +108,7 @@ sudo LANG=C chroot $FILESYSTEM_ROOT mount [ -d $TRUSTED_GPG_DIR ] && [ ! -z "$(ls $TRUSTED_GPG_DIR)" ] && sudo cp $TRUSTED_GPG_DIR/* ${FILESYSTEM_ROOT}/etc/apt/trusted.gpg.d/ ## Pointing apt to public apt mirrors and getting latest packages, needed for latest security updates -scripts/build_mirror_config.sh files/apt $CONFIGURED_ARCH $IMAGE_DISTRO +scripts/build_mirror_config.sh files/apt $CONFIGURED_ARCH $IMAGE_DISTRO sudo cp files/apt/sources.list.$CONFIGURED_ARCH $FILESYSTEM_ROOT/etc/apt/sources.list sudo cp files/apt/apt.conf.d/{81norecommends,apt-{clean,gzip-indexes,no-languages},no-check-valid-until} $FILESYSTEM_ROOT/etc/apt/apt.conf.d/ @@ -281,7 +281,7 @@ then ## Install Kubernetes master echo '[INFO] Install kubernetes master' install_kubernetes ${MASTER_KUBERNETES_VERSION} - + sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT curl -fsSL \ https://packages.microsoft.com/keys/microsoft.asc | \ sudo LANG=C chroot $FILESYSTEM_ROOT apt-key add - @@ -296,7 +296,7 @@ then sudo LANG=C chroot $FILESYSTEM_ROOT apt-get -y remove gnupg sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT curl -o /tmp/cri-dockerd.deb -fsSL \ https://github.com/Mirantis/cri-dockerd/releases/download/v${MASTER_CRI_DOCKERD}/cri-dockerd_${MASTER_CRI_DOCKERD}.3-0.debian-${IMAGE_DISTRO}_amd64.deb - sudo LANG=C chroot $FILESYSTEM_ROOT apt-get -y install -f /tmp/cri-dockerd.deb + sudo LANG=C chroot $FILESYSTEM_ROOT apt-get -y install -f /tmp/cri-dockerd.deb sudo LANG=C chroot $FILESYSTEM_ROOT rm -f /tmp/cri-dockerd.deb else echo '[INFO] Skipping Install kubernetes master' @@ -431,6 +431,15 @@ sudo LANG=C DEBIAN_FRONTEND=noninteractive chroot $FILESYSTEM_ROOT apt-get -y in systemd-sysv \ ntp +# Workaround for issue: The udev rule may fail to be executed because the +# daemon-reload command is executed in parallel +# Github issue: https://github.com/systemd/systemd/issues/24668 +# Github PR: https://github.com/systemd/systemd/pull/24673 +# This workaround should be removed after a upstream already contains the fixes +sudo patch $FILESYSTEM_ROOT/lib/systemd/system/systemd-udevd.service \ + files/image_config/systemd/systemd-udevd/fix-udev-rule-may-fail-if-daemon-reload-command-runs.patch + + if [[ $CONFIGURED_ARCH == amd64 ]]; then sudo LANG=C DEBIAN_FRONTEND=noninteractive chroot $FILESYSTEM_ROOT apt-get -y download \ grub-pc-bin diff --git a/files/image_config/systemd/systemd-udevd/fix-udev-rule-may-fail-if-daemon-reload-command-runs.patch b/files/image_config/systemd/systemd-udevd/fix-udev-rule-may-fail-if-daemon-reload-command-runs.patch new file mode 100644 index 0000000000..960efcbde6 --- /dev/null +++ b/files/image_config/systemd/systemd-udevd/fix-udev-rule-may-fail-if-daemon-reload-command-runs.patch @@ -0,0 +1,24 @@ +# ------------------------------------------------------------------- +# Patch for /lib/systemd/system/systemd-udevd.service +# Fix issue: The udev rule may fail to be executed because the +# daemon-reload command is executed in parallel +# Github issue: https://github.com/systemd/systemd/issues/24668 +# Github PR: https://github.com/systemd/systemd/pull/24673 +# ------------------------------------------------------------------- +@@ -16,8 +16,6 @@ + ConditionPathIsReadWrite=/sys + + [Service] +-DeviceAllow=block-* rwm +-DeviceAllow=char-* rwm + Type=notify + # Note that udev will reset the value internally for its workers + OOMScoreAdjust=-1000 +@@ -29,7 +27,6 @@ + KillMode=mixed + TasksMax=infinity + PrivateMounts=yes +-ProtectClock=yes + ProtectHostname=yes + MemoryDenyWriteExecute=yes + RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 \ No newline at end of file diff --git a/src/sonic-platform-daemons b/src/sonic-platform-daemons index f5a0ffca20..b01c88d738 160000 --- a/src/sonic-platform-daemons +++ b/src/sonic-platform-daemons @@ -1 +1 @@ -Subproject commit f5a0ffca2052e2f6b5570aecc5e53cffbee96bc9 +Subproject commit b01c88d7387be98e703d7fdbdc2f1d7c16fbd603