In this document, I will explain how to upgrade the default systemd version from 237 to 242.

upgrade-systemd-on-ubuntu-18.04.md

Upgrade systemd on Ubuntu 18.04

In this document, I will explain how to upgrade the default systemd version from 237 to 242.

The main reason why I needed this was related to the DNS-over-TLS that was not supported in the version 237 but available from version 242.

Later, when playing with Lynis, the security auditing tool, I then discovered that the version 242 was also providing the command systemd-analyze that is used by lynis to detect if existing systemd services are configured correctly in the security context, meaning that the existing services can run as expected but needs few or several changes in their configuration to make them safe without any exploitable attack surfaces.

You can try it once you've installed the version 242 of systemd that way:

$ systemd-analyze security [service-or-unit-to-analyze]

Install required dependencies

# Install required dependencies
sudo apt install build-essential devscripts python3-pip cmake libssl-dev libpcre2-dev

# Upgrade Meson version
sudo -H pip3 install --target=/usr/bin --upgrade meson

# Install new user Meson version
pip3 install --user meson

# Reboot to complete changes
sudo reboot

Enable source repositories

# Patch sources file
sudo sed -e 's/# deb-src/deb-src/' -i /etc/apt/sources.list

# Update package cache
sudo apt update --fix-missing -y

Install build dependencies

sudo apt build-dep systemd

Download required sources

wget https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/systemd/242-7ubuntu3.11/systemd_242.orig.tar.gz
wget https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/systemd/242-7ubuntu3.11/systemd_242-7ubuntu3.11.debian.tar.xz
wget https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/systemd/242-7ubuntu3.11/systemd_242-7ubuntu3.11.dsc

It won't work with later versions

Unpack downloaded sources

# Move to home
cd $HOME

# Uncompress orig archive
tar xvzf systemd_242.orig.tar.gz

# Move to decompressed folder
cd systemd-242

# Uncompress debian files
tar xvJf ../systemd_242-7ubuntu3.11.debian.tar.xz

Compile everything

This will also generate debian packages to install in next step.

dpkg-buildpackage -us -uc -d

This step is pretty long so be patient if you don't have a lot of CPU cores.

The argument -d is required to bypass the requested Meson version.

Install generated packages

Now we will install the new compiled systemd version.

# Move back to home
cd $HOME

# List generated debian packages
ll | grep deb

# Create dedicated folder for debian packages
mkdir -v systemd-242-debs

# Move all created packages
mv -v *.*deb systemd-242-debs/

# Move to debian packages folder
cd systemd-242-debs

# Install generated packages
sudo dpkg --auto-deconfigure -i *.deb

# Reboot to apply changes
sudo reboot

You can safely ignore this error:

Errors were encountered while processing:
systemd-coredump_242-7ubuntu3.11_amd64.deb

Verify installed version

systemd --version

It should return something similar:

systemd 242 (242)
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid

References

• https://wiki.archlinux.org/index.php/systemd
• https://askubuntu.com/questions/627174/how-would-i-upgrade-systemd
• https://www.freedesktop.org/wiki/Software/systemd/
• https://launchpad.net/ubuntu/+source/systemd
• https://launchpad.net/ubuntu/+source/systemd/242-7ubuntu3.11
• https://github.com/systemd/systemd
• https://askubuntu.com/questions/1212424/update-meson-on-ubuntu-18-04-4-lts-force-update

nice documentation.