diff options
Diffstat (limited to 'pkgs/os-specific/linux/systemd/fixes.patch')
-rw-r--r-- | pkgs/os-specific/linux/systemd/fixes.patch | 3317 |
1 files changed, 813 insertions, 2504 deletions
diff --git a/pkgs/os-specific/linux/systemd/fixes.patch b/pkgs/os-specific/linux/systemd/fixes.patch index 72cf0e92bb8..c1c768dbacb 100644 --- a/pkgs/os-specific/linux/systemd/fixes.patch +++ b/pkgs/os-specific/linux/systemd/fixes.patch @@ -1,72 +1,5 @@ -diff --git a/Makefile.am b/Makefile.am -index 3d9e5c1..46487f6 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -1095,7 +1095,7 @@ BUILT_SOURCES += \ - - src/shared/errno-list.txt: - $(AM_V_at)$(MKDIR_P) $(dir $@) -- $(AM_V_GEN)$(CPP) $(CFLAGS) $(AM_CPPFLAGS) $(CPPFLAGS) -dM -include errno.h - < /dev/null | $(AWK) '/^#define[ \t]+E[^ _]+[ \t]+[0-9]/ { print $$2; }' > $@ -+ $(AM_V_GEN)$(CPP) $(CFLAGS) $(AM_CPPFLAGS) $(CPPFLAGS) -dM -include errno.h - < /dev/null | $(AWK) '/^#define[ \t]+E[^ _]+[ \t]+/ { print $$2; }' > $@ - - src/shared/errno-from-name.gperf: src/shared/errno-list.txt - $(AM_V_at)$(MKDIR_P) $(dir $@) -@@ -1107,7 +1107,7 @@ src/shared/errno-from-name.h: src/shared/errno-from-name.gperf - - src/shared/errno-to-name.h: src/shared/errno-list.txt - $(AM_V_at)$(MKDIR_P) $(dir $@) -- $(AM_V_GEN)$(AWK) 'BEGIN{ print "static const char* const errno_names[] = { "} { printf "[%s] = \"%s\",\n", $$1, $$1 } END{print "};"}' < $< > $@ -+ $(AM_V_GEN)$(AWK) 'BEGIN{ print "static const char* const errno_names[] = { "} !/EDEADLOCK/ && !/EWOULDBLOCK/ && !/ENOTSUP/ { printf "[%s] = \"%s\",\n", $$1, $$1 } END{print "};"}' < $< > $@ - - src/shared/af-list.txt: - $(AM_V_at)$(MKDIR_P) $(dir $@) -@@ -1707,7 +1707,9 @@ dist_tmpfiles_DATA += \ - endif - - SYSINIT_TARGET_WANTS += \ -- systemd-tmpfiles-setup-dev.service \ -+ systemd-tmpfiles-setup-dev.service -+ -+MULTI_USER_TARGET_WANTS += \ - systemd-tmpfiles-setup.service - - dist_zshcompletion_DATA += \ -@@ -1961,6 +1963,7 @@ systemd_cgls_SOURCES = \ - src/cgls/cgls.c - - systemd_cgls_LDADD = \ -+ libsystemd-internal.la \ - libsystemd-shared.la - - # ------------------------------------------------------------------------------ -diff --git a/TODO b/TODO -index e2ca1e6..d7efdd5 100644 ---- a/TODO -+++ b/TODO -@@ -1,4 +1,6 @@ - Bugfixes: -+* Should systemctl status \* work on all unit types, not just .service? -+ - * enabling an instance unit creates a pointless link, and - the unit will be started with getty@getty.service: - $ systemctl enable getty@.service -diff --git a/rules/42-usb-hid-pm.rules b/rules/42-usb-hid-pm.rules -index c675b5b..4c300da 100644 ---- a/rules/42-usb-hid-pm.rules -+++ b/rules/42-usb-hid-pm.rules -@@ -12,10 +12,6 @@ ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Mouse", ATTR{serial}!= - ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Tablet", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto" - ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Keyboard", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto" - --# Catch-all for Avocent HID devices. Keyed off interface in order to only --# trigger on HID class devices. --ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="0624", ATTR{bInterfaceClass}=="03", TEST=="../power/control", ATTR{../power/control}="auto" -- - # Dell DRAC 4 - ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="413c", ATTR{idProduct}=="2500", TEST=="power/control", ATTR{power/control}="auto" - diff --git a/rules/99-systemd.rules.in b/rules/99-systemd.rules.in -index db72373..2875958 100644 +index e30d9a8..a3d399b 100644 --- a/rules/99-systemd.rules.in +++ b/rules/99-systemd.rules.in @@ -14,10 +14,6 @@ KERNEL=="vport*", TAG+="systemd" @@ -80,583 +13,191 @@ index db72373..2875958 100644 # Ignore raid devices that are not yet assembled and started SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", TEST!="md/array_state", ENV{SYSTEMD_READY}="0" SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", ATTR{md/array_state}=="|clear|inactive", ENV{SYSTEMD_READY}="0" -@@ -43,7 +39,7 @@ SUBSYSTEM=="net", KERNEL!="lo", TAG+="systemd", ENV{SYSTEMD_ALIAS}+="/sys/subsys - SUBSYSTEM=="bluetooth", TAG+="systemd", ENV{SYSTEMD_ALIAS}+="/sys/subsystem/bluetooth/devices/%k" - - SUBSYSTEM=="bluetooth", TAG+="systemd", ENV{SYSTEMD_WANTS}+="bluetooth.target" --ENV{ID_SMARTCARD_READER}=="*?", TAG+="systemd", ENV{SYSTEMD_WANTS}+="smartcard.target" -+ENV{ID_SMARTCARD_READER}=="?*", TAG+="systemd", ENV{SYSTEMD_WANTS}+="smartcard.target" - SUBSYSTEM=="sound", KERNEL=="card*", TAG+="systemd", ENV{SYSTEMD_WANTS}+="sound.target" - - SUBSYSTEM=="printer", TAG+="systemd", ENV{SYSTEMD_WANTS}+="printer.target" -diff --git a/src/cgls/cgls.c b/src/cgls/cgls.c -index b8e275d..1840594 100644 ---- a/src/cgls/cgls.c -+++ b/src/cgls/cgls.c -@@ -35,6 +35,10 @@ - #include "build.h" - #include "output-mode.h" - #include "fileio.h" -+#include "sd-bus.h" -+#include "bus-util.h" -+#include "bus-error.h" -+#include "unit-name.h" - - static bool arg_no_pager = false; - static bool arg_kernel_threads = false; -@@ -127,6 +131,7 @@ int main(int argc, char *argv[]) { - int r = 0, retval = EXIT_FAILURE; - int output_flags; - char _cleanup_free_ *root = NULL; -+ _cleanup_bus_unref_ sd_bus *bus = NULL; - - log_parse_environment(); - log_open(); -@@ -151,6 +156,12 @@ int main(int argc, char *argv[]) { - arg_all * OUTPUT_SHOW_ALL | - (arg_full > 0) * OUTPUT_FULL_WIDTH; - -+ r = bus_open_transport(BUS_TRANSPORT_LOCAL, NULL, false, &bus); -+ if (r < 0) { -+ log_error("Failed to create bus connection: %s", strerror(-r)); -+ goto finish; -+ } -+ - if (optind < argc) { - int i; - -@@ -189,8 +200,52 @@ int main(int argc, char *argv[]) { - } else { - if (arg_machine) { - char *m; -+ const char *cgroup; -+ _cleanup_free_ char *scope = NULL; -+ _cleanup_free_ char *path = NULL; -+ _cleanup_bus_message_unref_ sd_bus_message *reply = NULL; -+ _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; -+ - m = strappenda("/run/systemd/machines/", arg_machine); -- r = parse_env_file(m, NEWLINE, "CGROUP", &root, NULL); -+ r = parse_env_file(m, NEWLINE, "SCOPE", &scope, NULL); -+ if (r < 0) { -+ log_error("Failed to get machine path: %s", strerror(-r)); -+ goto finish; -+ } -+ -+ path = unit_dbus_path_from_name(scope); -+ if (!path) { -+ r = log_oom(); -+ goto finish; -+ } -+ -+ r = sd_bus_get_property( -+ bus, -+ "org.freedesktop.systemd1", -+ path, -+ "org.freedesktop.systemd1.Scope", -+ "ControlGroup", -+ &error, -+ &reply, -+ "s"); -+ -+ if (r < 0) { -+ log_error("Failed to query ControlGroup: %s", bus_error_message(&error, -r)); -+ goto finish; -+ } -+ -+ r = sd_bus_message_read(reply, "s", &cgroup); -+ if (r < 0) { -+ bus_log_parse_error(r); -+ goto finish; -+ } -+ -+ root = strdup(cgroup); -+ if (!root) { -+ r = log_oom(); -+ goto finish; -+ } -+ - } else - r = cg_get_root_path(&root); - if (r < 0) { -diff --git a/src/core/cgroup.c b/src/core/cgroup.c -index 3dd4c91..4201e1e 100644 ---- a/src/core/cgroup.c -+++ b/src/core/cgroup.c -@@ -871,7 +871,7 @@ int manager_setup_cgroup(Manager *m) { - safe_close(m->pin_cgroupfs_fd); - - m->pin_cgroupfs_fd = open(path, O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOCTTY|O_NONBLOCK); -- if (r < 0) { -+ if (m->pin_cgroupfs_fd < 0) { - log_error("Failed to open pin file: %m"); - return -errno; - } -diff --git a/src/core/dbus-cgroup.c b/src/core/dbus-cgroup.c -index 775825b..5b1c4e3 100644 ---- a/src/core/dbus-cgroup.c -+++ b/src/core/dbus-cgroup.c -@@ -173,6 +173,7 @@ int bus_cgroup_set_property( - - if (mode != UNIT_CHECK) { - c->cpu_accounting = b; -+ u->cgroup_realized_mask &= ~CGROUP_CPUACCT; - unit_write_drop_in_private(u, mode, name, b ? "CPUAccounting=yes" : "CPUAccounting=no"); - } - -@@ -192,6 +193,7 @@ int bus_cgroup_set_property( - - if (mode != UNIT_CHECK) { - c->cpu_shares = ul; -+ u->cgroup_realized_mask &= ~CGROUP_CPU; - unit_write_drop_in_private_format(u, mode, name, "CPUShares=%lu", ul); - } - -@@ -206,6 +208,7 @@ int bus_cgroup_set_property( - - if (mode != UNIT_CHECK) { - c->blockio_accounting = b; -+ u->cgroup_realized_mask &= ~CGROUP_BLKIO; - unit_write_drop_in_private(u, mode, name, b ? "BlockIOAccounting=yes" : "BlockIOAccounting=no"); - } - -@@ -225,6 +228,7 @@ int bus_cgroup_set_property( - - if (mode != UNIT_CHECK) { - c->blockio_weight = ul; -+ u->cgroup_realized_mask &= ~CGROUP_BLKIO; - unit_write_drop_in_private_format(u, mode, name, "BlockIOWeight=%lu", ul); - } - -@@ -294,6 +298,8 @@ int bus_cgroup_set_property( - cgroup_context_free_blockio_device_bandwidth(c, a); - } - -+ u->cgroup_realized_mask &= ~CGROUP_BLKIO; -+ - f = open_memstream(&buf, &size); - if (!f) - return -ENOMEM; -@@ -375,6 +381,8 @@ int bus_cgroup_set_property( - cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights); - } - -+ u->cgroup_realized_mask &= ~CGROUP_BLKIO; -+ - f = open_memstream(&buf, &size); - if (!f) - return -ENOMEM; -@@ -398,6 +406,7 @@ int bus_cgroup_set_property( - - if (mode != UNIT_CHECK) { - c->memory_accounting = b; -+ u->cgroup_realized_mask &= ~CGROUP_MEMORY; - unit_write_drop_in_private(u, mode, name, b ? "MemoryAccounting=yes" : "MemoryAccounting=no"); - } - -@@ -412,6 +421,7 @@ int bus_cgroup_set_property( - - if (mode != UNIT_CHECK) { - c->memory_limit = limit; -+ u->cgroup_realized_mask &= ~CGROUP_MEMORY; - unit_write_drop_in_private_format(u, mode, name, "%s=%" PRIu64, name, limit); - } - -@@ -433,6 +443,7 @@ int bus_cgroup_set_property( - char *buf; - - c->device_policy = p; -+ u->cgroup_realized_mask &= ~CGROUP_DEVICE; - - buf = strappenda("DevicePolicy=", policy); - unit_write_drop_in_private(u, mode, name, buf); -@@ -511,6 +522,8 @@ int bus_cgroup_set_property( - cgroup_context_free_device_allow(c, c->device_allow); - } - -+ u->cgroup_realized_mask &= ~CGROUP_DEVICE; -+ - f = open_memstream(&buf, &size); - if (!f) - return -ENOMEM; -diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c -index 13b3d0d..37d4154 100644 ---- a/src/core/dbus-execute.c -+++ b/src/core/dbus-execute.c -@@ -842,7 +842,7 @@ int bus_exec_context_set_transient_property( - strv_free(c->environment); - c->environment = e; - -- joined = strv_join(c->environment, " "); -+ joined = strv_join_quoted(c->environment); - if (!joined) - return -ENOMEM; - diff --git a/src/core/job.c b/src/core/job.c -index 35a9de6..dc4f441 100644 +index eaa4bb1..db44fee 100644 --- a/src/core/job.c +++ b/src/core/job.c -@@ -1060,6 +1060,9 @@ int job_coldplug(Job *j) { - if (r < 0) - return r; +@@ -352,6 +352,9 @@ bool job_type_is_redundant(JobType a, UnitActiveState b) { + return + b == UNIT_ACTIVATING; -+ if (j->state == JOB_WAITING) -+ job_add_to_run_queue(j); ++ case JOB_NOP: ++ return true; + - if (j->begin_usec == 0 || j->unit->job_timeout == 0) - return 0; - -diff --git a/src/core/killall.c b/src/core/killall.c -index 57ed41c..eab48f7 100644 ---- a/src/core/killall.c -+++ b/src/core/killall.c -@@ -168,7 +168,7 @@ static int killall(int sig, Set *pids, bool send_sighup) { - continue; - - if (sig == SIGKILL) { -- _cleanup_free_ char *s; -+ _cleanup_free_ char *s = NULL; - - get_process_comm(pid, &s); - log_notice("Sending SIGKILL to PID "PID_FMT" (%s).", pid, strna(s)); -diff --git a/src/core/machine-id-setup.c b/src/core/machine-id-setup.c -index d459afe..2a58e48 100644 ---- a/src/core/machine-id-setup.c -+++ b/src/core/machine-id-setup.c -@@ -93,32 +93,9 @@ static int generate(char id[34], const char *root) { - } + default: + assert_not_reached("Invalid job type"); } +diff --git a/src/core/job.h b/src/core/job.h +index 1e7c61b..ee8e54a 100644 +--- a/src/core/job.h ++++ b/src/core/job.h +@@ -49,9 +49,11 @@ enum JobType { + _JOB_TYPE_MAX_MERGING, + + /* JOB_NOP can enter into a transaction, but as it won't pull in +- * any dependencies, it won't have to merge with anything. +- * job_install() avoids the problem of merging JOB_NOP too (it's +- * special-cased, only merges with other JOB_NOPs). */ ++ * any dependencies and it uses the special 'nop_job' slot in Unit, ++ * it won't have to merge with anything (except possibly into another ++ * JOB_NOP, previously installed). JOB_NOP is special-cased in ++ * job_type_is_*() functions so that the transaction can be ++ * activated. */ + JOB_NOP = _JOB_TYPE_MAX_MERGING, /* do nothing */ + + _JOB_TYPE_MAX_IN_TRANSACTION, +@@ -190,11 +192,15 @@ _pure_ static inline bool job_type_is_mergeable(JobType a, JobType b) { + } -- /* If that didn't work, see if we are running in qemu/kvm and a -- * machine ID was passed in via -uuid on the qemu/kvm command -- * line */ -- -- r = detect_vm(&vm_id); -- if (r > 0 && streq(vm_id, "kvm")) { -- char uuid[37]; -- -- fd = open("/sys/class/dmi/id/product_uuid", O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW); -- if (fd >= 0) { -- k = loop_read(fd, uuid, 36, false); -- safe_close(fd); -- -- if (k >= 36) { -- r = shorten_uuid(id, uuid); -- if (r >= 0) { -- log_info("Initializing machine ID from KVM UUID."); -- return 0; -- } -- } -- } -- } -- -- /* If that didn't work either, see if we are running in a -- * container, and a machine ID was passed in via -- * $container_uuid the way libvirt/LXC does it */ -+ /* If that didn't work, see if we are running in a container, -+ * and a machine ID was passed in via $container_uuid the way -+ * libvirt/LXC does it */ - r = detect_container(NULL); - if (r > 0) { - _cleanup_free_ char *e = NULL; -@@ -133,6 +110,30 @@ static int generate(char id[34], const char *root) { - } - } - } -+ -+ } else { -+ /* If we are not running in a container, see if we are -+ * running in qemu/kvm and a machine ID was passed in -+ * via -uuid on the qemu/kvm command line */ -+ -+ r = detect_vm(&vm_id); -+ if (r > 0 && streq(vm_id, "kvm")) { -+ char uuid[37]; -+ -+ fd = open("/sys/class/dmi/id/product_uuid", O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW); -+ if (fd >= 0) { -+ k = loop_read(fd, uuid, 36, false); -+ safe_close(fd); -+ -+ if (k >= 36) { -+ r = shorten_uuid(id, uuid); -+ if (r >= 0) { -+ log_info("Initializing machine ID from KVM UUID."); -+ return 0; -+ } -+ } -+ } -+ } - } + _pure_ static inline bool job_type_is_conflicting(JobType a, JobType b) { +- return !job_type_is_mergeable(a, b); ++ return a != JOB_NOP && b != JOB_NOP && !job_type_is_mergeable(a, b); + } + + _pure_ static inline bool job_type_is_superset(JobType a, JobType b) { + /* Checks whether operation a is a "superset" of b in its actions */ ++ if (b == JOB_NOP) ++ return true; ++ if (a == JOB_NOP) ++ return false; + return a == job_type_lookup_merge(a, b); + } - /* If that didn't work, generate a random machine id */ -diff --git a/src/core/main.c b/src/core/main.c -index 41605ee..c65701d 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -1840,6 +1840,7 @@ finish: - if (reexecute) { - const char **args; - unsigned i, args_size; -+ sigset_t ss; - - /* Close and disarm the watchdog, so that the new - * instance can reinitialize it, but doesn't get -@@ -1883,7 +1884,7 @@ finish: - char_array_0(sfd); - - i = 0; -- args[i++] = SYSTEMD_BINARY_PATH; -+ args[i++] = "/run/current-system/systemd/lib/systemd/systemd"; - if (switch_root_dir) - args[i++] = "--switched-root"; - args[i++] = arg_running_as == SYSTEMD_SYSTEM ? "--system" : "--user"; -@@ -1923,6 +1924,13 @@ finish: - args[i++] = NULL; - assert(i <= args_size); - -+ /* reenable any blocked signals, especially important -+ * if we switch from initial ramdisk to init=... */ -+ reset_all_signal_handlers(); -+ -+ assert_se(sigemptyset(&ss) == 0); -+ assert_se(sigprocmask(SIG_SETMASK, &ss, NULL) == 0); -+ - if (switch_root_init) { - args[0] = switch_root_init; - execv(args[0], (char* const*) args); diff --git a/src/core/manager.c b/src/core/manager.c -index 224106c..7342095 100644 +index d427d88..256d6f7 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -422,7 +422,7 @@ int manager_new(SystemdRunningAs running_as, Manager **_m) { - return -ENOMEM; - - #ifdef ENABLE_EFI -- if (detect_container(NULL) <= 0) -+ if (running_as == SYSTEMD_SYSTEM && detect_container(NULL) <= 0) - boot_timestamps(&m->userspace_timestamp, &m->firmware_timestamp, &m->loader_timestamp); - #endif - -@@ -2129,9 +2129,6 @@ int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root) { - if (u->id != t) - continue; - -- if (!unit_can_serialize(u)) -- continue; -- - /* Start marker */ - fputs(u->id, f); - fputc('\n', f); -diff --git a/src/core/namespace.c b/src/core/namespace.c -index 9f15211..e41cf5b 100644 ---- a/src/core/namespace.c -+++ b/src/core/namespace.c -@@ -42,6 +42,7 @@ - #include "mkdir.h" - #include "dev-setup.h" - #include "def.h" -+#include "label.h" - - typedef enum MountMode { - /* This is ordered by priority! */ -@@ -68,6 +69,7 @@ static int append_mounts(BindMount **p, char **strv, MountMode mode) { - STRV_FOREACH(i, strv) { - - (*p)->ignore = false; -+ (*p)->done = false; - - if ((mode == INACCESSIBLE || mode == READONLY || mode == READWRITE) && (*i)[0] == '-') { - (*p)->ignore = true; -@@ -217,7 +219,10 @@ static int mount_dev(BindMount *m) { - goto fail; +@@ -662,9 +662,11 @@ static int manager_setup_notify(Manager *m) { + return -errno; } -+ label_context_set(d, st.st_mode); - r = mknod(dn, st.st_mode, st.st_rdev); -+ label_context_clear(); +- if (m->running_as == SYSTEMD_SYSTEM) ++ if (m->running_as == SYSTEMD_SYSTEM) { + m->notify_socket = strdup("/run/systemd/notify"); +- else { ++ if (!m->notify_socket) ++ return log_oom(); ++ } else { + const char *e; + + e = getenv("XDG_RUNTIME_DIR"); +@@ -674,9 +676,11 @@ static int manager_setup_notify(Manager *m) { + } + + m->notify_socket = strappend(e, "/systemd/notify"); ++ if (!m->notify_socket) ++ return log_oom(); + - if (r < 0) { - r = -errno; - goto fail; -@@ -350,7 +355,7 @@ int setup_namespace( - private_dev; ++ mkdir_parents_label(m->notify_socket, 0755); + } +- if (!m->notify_socket) +- return log_oom(); + + strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1); + r = bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path)); +diff --git a/src/core/shutdown.c b/src/core/shutdown.c +index 20cf526..03cfddc 100644 +--- a/src/core/shutdown.c ++++ b/src/core/shutdown.c +@@ -75,7 +75,9 @@ static int parse_argv(int argc, char *argv[]) { + assert(argc >= 1); + assert(argv); + +- while ((c = getopt_long(argc, argv, "", options, NULL)) >= 0) ++ /* "-" prevents getopt from permuting argv[] and moving the verb away ++ * from argv[1]. Our interface to initrd promises it'll be there. */ ++ while ((c = getopt_long(argc, argv, "-", options, NULL)) >= 0) + switch (c) { + + case ARG_LOG_LEVEL: +@@ -113,6 +115,13 @@ static int parse_argv(int argc, char *argv[]) { + + break; + ++ case '\001': ++ if (!arg_verb) ++ arg_verb = optarg; ++ else ++ log_error("Excess arguments, ignoring"); ++ break; ++ + case '?': + return -EINVAL; + +@@ -120,15 +129,11 @@ static int parse_argv(int argc, char *argv[]) { + assert_not_reached("Unhandled option code."); + } - if (n > 0) { -- m = mounts = (BindMount *) alloca(n * sizeof(BindMount)); -+ m = mounts = (BindMount *) alloca0(n * sizeof(BindMount)); - r = append_mounts(&m, read_write_dirs, READWRITE); - if (r < 0) - return r; -diff --git a/src/core/service.c b/src/core/service.c -index ae3695a..6b3aa45 100644 ---- a/src/core/service.c -+++ b/src/core/service.c -@@ -1096,11 +1096,6 @@ static int service_verify(Service *s) { +- if (optind >= argc) { ++ if (!arg_verb) { + log_error("Verb argument missing."); return -EINVAL; } -- if (s->type == SERVICE_ONESHOT && s->restart != SERVICE_RESTART_NO) { -- log_error_unit(UNIT(s)->id, "%s has Restart setting other than no, which isn't allowed for Type=oneshot services. Refusing.", UNIT(s)->id); -- return -EINVAL; -- } -- - if (s->type == SERVICE_DBUS && !s->bus_name) { - log_error_unit(UNIT(s)->id, "%s is of type D-Bus but no D-Bus service name has been specified. Refusing.", UNIT(s)->id); - return -EINVAL; -diff --git a/src/core/socket.c b/src/core/socket.c -index 7c18a2b..1a560a6 100644 ---- a/src/core/socket.c -+++ b/src/core/socket.c -@@ -663,16 +663,25 @@ static int instance_from_socket(int fd, unsigned nr, char **instance) { - int k; - - k = getpeercred(fd, &ucred); -- if (k < 0) -+ if (k == -ENODATA) { -+ /* This handles the case where somebody is -+ * connecting from another pid/uid namespace -+ * (e.g. from outside of our container). */ -+ if (asprintf(&r, -+ "%u-unknown", -+ nr) < 0) -+ return -ENOMEM; -+ } -+ else if (k < 0) - return k; -- -- if (asprintf(&r, -- "%u-%lu-%lu", -- nr, -- (unsigned long) ucred.pid, -- (unsigned long) ucred.uid) < 0) -- return -ENOMEM; +- arg_verb = argv[optind]; - -+ else { -+ if (asprintf(&r, -+ "%u-%lu-%lu", -+ nr, -+ (unsigned long) ucred.pid, -+ (unsigned long) ucred.uid) < 0) -+ return -ENOMEM; -+ } - break; - } +- if (optind + 1 < argc) +- log_error("Excess arguments, ignoring"); + return 0; + } -@@ -1242,6 +1251,8 @@ static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) { - NULL, - s->exec_runtime, - &pid); -+ if (r < 0) -+ goto fail; +diff --git a/src/core/snapshot.c b/src/core/snapshot.c +index 5eed615..c2678cb 100644 +--- a/src/core/snapshot.c ++++ b/src/core/snapshot.c +@@ -208,7 +208,7 @@ int snapshot_create(Manager *m, const char *name, bool cleanup, sd_bus_error *e, + return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s lacks snapshot suffix.", name); - strv_free(argv); - if (r < 0) -@@ -1497,6 +1508,12 @@ static void socket_enter_running(Socket *s, int cfd) { - } + if (manager_get_unit(m, name)) +- sd_bus_error_setf(e, BUS_ERROR_UNIT_EXISTS, "Snapshot %s exists already.", name); ++ return sd_bus_error_setf(e, BUS_ERROR_UNIT_EXISTS, "Snapshot %s exists already.", name); - if (!pending) { -+ if (!UNIT_ISSET(s->service)) { -+ log_error_unit(UNIT(s)->id, "%s: service to activate vanished, refusing activation.", UNIT(s)->id); -+ r = -ENOENT; -+ goto fail; -+ } -+ - r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL); - if (r < 0) - goto fail; + } else { + +diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in +index d5b86bf..9c66e7b 100644 +--- a/src/core/systemd.pc.in ++++ b/src/core/systemd.pc.in +@@ -14,8 +14,8 @@ systemduserunitdir=@userunitdir@ + systemduserpresetdir=@userpresetdir@ + systemdsystemconfdir=@pkgsysconfdir@/system + systemduserconfdir=@pkgsysconfdir@/user +-systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/run/systemd/system:/usr/local/lib/systemd/system:${systemdsystemunitdir}:/usr/lib/systemd/system:/lib/systemd/system +-systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/run/systemd/user:/usr/local/lib/systemd/user:/usr/local/share/systemd/user:${systemduserunitdir}:/usr/lib/systemd/user:/usr/share/systemd/user ++systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/etc/systemd-mutable/system:/nix/var/nix/profiles/default/lib/systemd/user:/run/systemd/system:${systemdsystemunitdir} ++systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/etc/systemd-mutable/user:/nix/var/nix/profiles/default/lib/systemd/system:/run/systemd/user:${systemduserunitdir} + systemdsystemgeneratordir=@systemgeneratordir@ + systemdusergeneratordir=@usergeneratordir@ + systemdsleepdir=@systemsleepdir@ diff --git a/src/core/timer.c b/src/core/timer.c -index 6c85304..720b8af 100644 +index a3713e2..5c4e9f9 100644 --- a/src/core/timer.c +++ b/src/core/timer.c -@@ -111,6 +111,23 @@ static int timer_add_default_dependencies(Timer *t) { - return unit_add_two_dependencies_by_name(UNIT(t), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true); - } +@@ -521,6 +521,7 @@ fail: -+static void update_stampfile(Timer *t, usec_t timestamp) { -+ _cleanup_close_ int fd = -1; -+ -+ mkdir_parents_label(t->stamp_path, 0755); -+ -+ /* Update the file atime + mtime, if we can */ -+ fd = open(t->stamp_path, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0644); -+ if (fd >= 0) { -+ struct timespec ts[2]; -+ -+ timespec_store(&ts[0], timestamp); -+ ts[1] = ts[0]; -+ -+ futimens(fd, ts); -+ } -+} -+ - static int timer_setup_persistent(Timer *t) { - int r; + static int timer_start(Unit *u) { + Timer *t = TIMER(u); ++ TimerValue *v; -@@ -131,7 +148,7 @@ static int timer_setup_persistent(Timer *t) { + assert(t); + assert(t->state == TIMER_DEAD || t->state == TIMER_FAILED); +@@ -530,6 +531,11 @@ static int timer_start(Unit *u) { - e = getenv("XDG_DATA_HOME"); - if (e) -- t->stamp_path = strjoin(e, "/systemd/timers/", UNIT(t)->id, NULL); -+ t->stamp_path = strjoin(e, "/systemd/timers/stamp-", UNIT(t)->id, NULL); - else { + t->last_trigger = DUAL_TIMESTAMP_NULL; - _cleanup_free_ char *h = NULL; -@@ -496,22 +513,8 @@ static void timer_enter_running(Timer *t) { - - dual_timestamp_get(&t->last_trigger); - -- if (t->stamp_path) { -- _cleanup_close_ int fd = -1; -- -- mkdir_parents_label(t->stamp_path, 0755); -- -- /* Update the file atime + mtime, if we can */ -- fd = open(t->stamp_path, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0644); -- if (fd >= 0) { -- struct timespec ts[2]; -- -- timespec_store(&ts[0], t->last_trigger.realtime); -- ts[1] = ts[0]; -- -- futimens(fd, ts); -- } -- } -+ if (t->stamp_path) -+ update_stampfile(t, t->last_trigger.realtime); - - timer_set_state(t, TIMER_RUNNING); - return; -@@ -539,6 +542,11 @@ static int timer_start(Unit *u) { - - if (stat(t->stamp_path, &st) >= 0) - t->last_trigger.realtime = timespec_load(&st.st_atim); -+ else if (errno == ENOENT) -+ /* The timer has never run before, -+ * make sure a stamp file exists. -+ */ -+ update_stampfile(t, now(CLOCK_REALTIME)); - } ++ /* Reenable all timers that depend on unit activation time */ ++ LIST_FOREACH(value, v, t->values) ++ if (v->base == TIMER_ACTIVE) ++ v->disabled = false; ++ + if (t->stamp_path) { + struct stat st; - t->result = TIMER_SUCCESS; -diff --git a/src/core/transaction.c b/src/core/transaction.c -index d00f427..2befc32 100644 ---- a/src/core/transaction.c -+++ b/src/core/transaction.c -@@ -378,7 +378,7 @@ static int transaction_verify_order_one(Transaction *tr, Job *j, Job *from, unsi - "Found dependency on %s/%s", - k->unit->id, job_type_to_string(k->type)); - -- if (!delete && -+ if (!delete && hashmap_get(tr->jobs, k->unit) && - !unit_matters_to_anchor(k->unit, k)) { - /* Ok, we can drop this one, so let's - * do so. */ diff --git a/src/core/umount.c b/src/core/umount.c -index d1258f0..0311812 100644 +index cffa453..4d1a9ff 100644 --- a/src/core/umount.c +++ b/src/core/umount.c -@@ -404,6 +404,8 @@ static int mount_points_list_umount(MountPoint **head, bool *changed, bool log_e +@@ -385,6 +385,8 @@ static int mount_points_list_umount(MountPoint **head, bool *changed, bool log_e * anyway, since we are running from it. They have * already been remounted ro. */ if (path_equal(m->path, "/") @@ -665,926 +206,405 @@ index d1258f0..0311812 100644 #ifndef HAVE_SPLIT_USR || path_equal(m->path, "/usr") #endif -diff --git a/src/core/unit.c b/src/core/unit.c -index 153b79b..ed52694 100644 ---- a/src/core/unit.c -+++ b/src/core/unit.c -@@ -2287,25 +2287,25 @@ bool unit_can_serialize(Unit *u) { - } - - int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) { -- ExecRuntime *rt; - int r; - - assert(u); - assert(f); - assert(fds); - -- if (!unit_can_serialize(u)) -- return 0; -- -- r = UNIT_VTABLE(u)->serialize(u, f, fds); -- if (r < 0) -- return r; -+ if (unit_can_serialize(u)) { -+ ExecRuntime *rt; - -- rt = unit_get_exec_runtime(u); -- if (rt) { -- r = exec_runtime_serialize(rt, u, f, fds); -+ r = UNIT_VTABLE(u)->serialize(u, f, fds); - if (r < 0) - return r; -+ -+ rt = unit_get_exec_runtime(u); -+ if (rt) { -+ r = exec_runtime_serialize(rt, u, f, fds); -+ if (r < 0) -+ return r; -+ } - } - - dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp); -@@ -2367,17 +2367,14 @@ void unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) { - } - - int unit_deserialize(Unit *u, FILE *f, FDSet *fds) { -- size_t offset; - ExecRuntime **rt = NULL; -+ size_t offset; - int r; - - assert(u); - assert(f); - assert(fds); - -- if (!unit_can_serialize(u)) -- return 0; -- - offset = UNIT_VTABLE(u)->exec_runtime_offset; - if (offset > 0) - rt = (ExecRuntime**) ((uint8_t*) u + offset); -@@ -2487,24 +2484,34 @@ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) { - if (!s) - return -ENOMEM; - -- free(u->cgroup_path); -- u->cgroup_path = s; -+ if (u->cgroup_path) { -+ void *p; - -+ p = hashmap_remove(u->manager->cgroup_unit, u->cgroup_path); -+ log_info("Removing cgroup_path %s from hashmap (%p)", -+ u->cgroup_path, p); -+ free(u->cgroup_path); -+ } -+ -+ u->cgroup_path = s; - assert(hashmap_put(u->manager->cgroup_unit, s, u) == 1); -+ - continue; - } - -- if (rt) { -- r = exec_runtime_deserialize_item(rt, u, l, v, fds); -+ if (unit_can_serialize(u)) { -+ if (rt) { -+ r = exec_runtime_deserialize_item(rt, u, l, v, fds); -+ if (r < 0) -+ return r; -+ if (r > 0) -+ continue; -+ } -+ -+ r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds); - if (r < 0) - return r; -- if (r > 0) -- continue; - } -- -- r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds); -- if (r < 0) -- return r; - } - } - -diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c -index 75d56dd..be8fb2f 100644 ---- a/src/cryptsetup/cryptsetup-generator.c -+++ b/src/cryptsetup/cryptsetup-generator.c -@@ -29,6 +29,7 @@ - #include "mkdir.h" - #include "strv.h" - #include "fileio.h" -+#include "path-util.h" - - static const char *arg_dest = "/tmp"; - static bool arg_enabled = true; -@@ -144,16 +145,19 @@ static int create_disk( - if (!uu) - return log_oom(); - -- if (is_device_path(uu)) { -- _cleanup_free_ char *dd; -+ if (!path_equal(uu, "/dev/null")) { - -- dd = unit_name_from_path(uu, ".device"); -- if (!dd) -- return log_oom(); -+ if (is_device_path(uu)) { -+ _cleanup_free_ char *dd; - -- fprintf(f, "After=%1$s\nRequires=%1$s\n", dd); -- } else -- fprintf(f, "RequiresMountsFor=%s\n", password); -+ dd = unit_name_from_path(uu, ".device"); -+ if (!dd) -+ return log_oom(); -+ -+ fprintf(f, "After=%1$s\nRequires=%1$s\n", dd); -+ } else -+ fprintf(f, "RequiresMountsFor=%s\n", password); -+ } - } - } - -@@ -287,7 +291,7 @@ static int parse_proc_cmdline_item(const char *key, const char *value) { - } else if (STR_IN_SET(key, "luks.key", "rd.luks.key") && value) { - - free(arg_keyfile); -- arg_keyfile = strdup(key); -+ arg_keyfile = strdup(value); - if (!arg_keyfile) - return log_oom(); - -diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c -index 9b9074c..ad6c76c 100644 ---- a/src/cryptsetup/cryptsetup.c -+++ b/src/cryptsetup/cryptsetup.c -@@ -88,6 +88,13 @@ static int parse_one_option(const char *option) { - return 0; - } +diff --git a/src/delta/delta.c b/src/delta/delta.c +index 25c4a0b..e1f2d6d 100644 +--- a/src/delta/delta.c ++++ b/src/delta/delta.c +@@ -487,7 +487,7 @@ static int parse_flags(const char *flag_str, int flags) { + const char *word, *state; + size_t l; -+ if (arg_key_size % 8) { -+ log_error("size= not a multiple of 8, ignoring."); -+ return 0; -+ } -+ -+ arg_key_size /= 8; -+ - } else if (startswith(option, "key-slot=")) { - - arg_type = CRYPT_LUKS1; -@@ -404,7 +411,7 @@ static int attach_luks_or_plain(struct crypt_device *cd, - /* for CRYPT_PLAIN limit reads - * from keyfile to key length, and - * ignore keyfile-size */ -- arg_keyfile_size = arg_key_size / 8; -+ arg_keyfile_size = arg_key_size; - - /* In contrast to what the name - * crypt_setup() might suggest this -@@ -567,7 +574,7 @@ int main(int argc, char *argv[]) { - else - until = 0; - -- arg_key_size = (arg_key_size > 0 ? arg_key_size : 256); -+ arg_key_size = (arg_key_size > 0 ? arg_key_size : (256 / 8)); - - if (key_file) { - struct stat st; +- FOREACH_WORD(word, l, flag_str, state) { ++ FOREACH_WORD_SEPARATOR(word, l, flag_str, ",", state) { + if (strneq("masked", word, l)) + flags |= SHOW_MASKED; + else if (strneq ("equivalent", word, l)) diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c -index 18f2aca..2a2b1ea 100644 +index 70a5918..1926e52 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c -@@ -285,7 +285,7 @@ int main(int argc, char *argv[]) { - - type = udev_device_get_property_value(udev_device, "ID_FS_TYPE"); - if (type) { -- const char *checker = strappenda("/sbin/fsck.", type); -+ const char *checker = strappenda("/run/current-system/sw/sbin/fsck.", type); - r = access(checker, X_OK); - if (r < 0) { - if (errno == ENOENT) { -@@ -302,7 +302,7 @@ int main(int argc, char *argv[]) { +@@ -315,8 +315,7 @@ int main(int argc, char *argv[]) { return EXIT_FAILURE; } - cmdline[i++] = "/sbin/fsck"; -+ cmdline[i++] = "/run/current-system/sw/sbin/fsck"; - cmdline[i++] = "-a"; +- cmdline[i++] = arg_repair; ++ cmdline[i++] = "/run/current-system/sw/bin/fsck"; cmdline[i++] = "-T"; - cmdline[i++] = "-l"; -diff --git a/src/getty-generator/getty-generator.c b/src/getty-generator/getty-generator.c -index 6a4aa2c..700e90a 100644 ---- a/src/getty-generator/getty-generator.c -+++ b/src/getty-generator/getty-generator.c -@@ -72,7 +72,7 @@ static int add_serial_getty(const char *tty) { - - log_debug("Automatically adding serial getty for /dev/%s.", tty); - -- n = unit_name_replace_instance("serial-getty@.service", tty); -+ n = unit_name_from_path_instance("serial-getty", tty, ".service"); - if (!n) - return log_oom(); - -@@ -86,7 +86,7 @@ static int add_container_getty(const char *tty) { - - log_debug("Automatically adding container getty for /dev/pts/%s.", tty); - -- n = unit_name_replace_instance("container-getty@.service", tty); -+ n = unit_name_from_path_instance("container-getty", tty, ".service"); - if (!n) - return log_oom(); - -diff --git a/src/journal/catalog.c b/src/journal/catalog.c -index 3ed0b7e..02dedc4 100644 ---- a/src/journal/catalog.c -+++ b/src/journal/catalog.c -@@ -103,7 +103,7 @@ static int finish_item( - const char *payload) { - - ssize_t offset; -- CatalogItem *i; -+ _cleanup_free_ CatalogItem *i = NULL; - int r; - assert(h); -@@ -126,13 +126,14 @@ static int finish_item( - i->offset = htole64((uint64_t) offset); + /* +diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c +index e257c12..1e04553 100644 +--- a/src/fstab-generator/fstab-generator.c ++++ b/src/fstab-generator/fstab-generator.c +@@ -485,7 +485,7 @@ static int add_usr_mount(void) { + return log_oom(); + } - r = hashmap_put(h, i, i); -- if (r == EEXIST) { -+ if (r == -EEXIST) { - log_warning("Duplicate entry for " SD_ID128_FORMAT_STR ".%s, ignoring.", - SD_ID128_FORMAT_VAL(id), language ? language : "C"); -- free(i); +- if (!arg_usr_what || !arg_usr_options) ++ if (!arg_usr_what) return 0; -- } -+ } else if (r < 0) -+ return r; - -+ i = NULL; - return 0; - } -@@ -383,8 +384,8 @@ error: - int catalog_update(const char* database, const char* root, const char* const* dirs) { - _cleanup_strv_free_ char **files = NULL; - char **f; -- Hashmap *h; - struct strbuf *sb = NULL; -+ _cleanup_hashmap_free_free_ Hashmap *h = NULL; - _cleanup_free_ CatalogItem *items = NULL; - CatalogItem *i; - Iterator j; -@@ -406,13 +407,17 @@ int catalog_update(const char* database, const char* root, const char* const* di + what = fstab_node_to_udev_node(arg_usr_what); +@@ -494,7 +494,13 @@ static int add_usr_mount(void) { + return -1; } - STRV_FOREACH(f, files) { -- log_debug("reading file '%s'", *f); -- catalog_import_file(h, sb, *f); -+ log_debug("Reading file '%s'", *f); -+ r = catalog_import_file(h, sb, *f); -+ if (r < 0) { -+ log_error("Failed to import file '%s': %s.", -+ *f, strerror(-r)); -+ goto finish; -+ } - } +- opts = arg_usr_options; ++ if (!arg_usr_options) ++ opts = arg_root_rw > 0 ? "rw" : "ro"; ++ else if (!mount_test_option(arg_usr_options, "ro") && ++ !mount_test_option(arg_usr_options, "rw")) ++ opts = strappenda(arg_usr_options, ",", arg_root_rw > 0 ? "rw" : "ro"); ++ else ++ opts = arg_usr_options; + + log_debug("Found entry what=%s where=/sysroot/usr type=%s", what, strna(arg_usr_fstype)); + return add_mount(what, +diff --git a/src/hostname/hostnamectl.c b/src/hostname/hostnamectl.c +index e487369..ff4e9c9 100644 +--- a/src/hostname/hostnamectl.c ++++ b/src/hostname/hostnamectl.c +@@ -536,5 +536,5 @@ int main(int argc, char *argv[]) { + r = hostnamectl_main(bus, argc, argv); - if (hashmap_size(h) <= 0) { - log_info("No items in catalog."); -- r = 0; - goto finish; - } else - log_debug("Found %u items in catalog.", hashmap_size(h)); -@@ -443,11 +448,7 @@ int catalog_update(const char* database, const char* root, const char* const* di - log_debug("%s: wrote %u items, with %zu bytes of strings, %ld total size.", - database, n, sb->len, r); - -- r = 0; -- finish: -- if (h) -- hashmap_free_free(h); - if (sb) - strbuf_cleanup(sb); - +- return r < 0 ? EXIT_FAILURE : r; ++ return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; + } diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c -index f2f1f35..fd9d2a8 100644 +index 8a2c0fc..9de3ddd 100644 --- a/src/journal/journal-file.c +++ b/src/journal/journal-file.c -@@ -274,12 +274,6 @@ static int journal_file_verify_header(JournalFile *f) { - !VALID64(le64toh(f->header->entry_array_offset))) - return -ENODATA; - -- if (le64toh(f->header->data_hash_table_offset) < le64toh(f->header->header_size) || -- le64toh(f->header->field_hash_table_offset) < le64toh(f->header->header_size) || -- le64toh(f->header->tail_object_offset) < le64toh(f->header->header_size) || -- le64toh(f->header->entry_array_offset) < le64toh(f->header->header_size)) -- return -ENODATA; -- - if (f->writable) { - uint8_t state; - sd_id128_t machine_id; -diff --git a/src/journal/journal-remote-parse.c b/src/journal/journal-remote-parse.c -index 142de0e..239ff38 100644 ---- a/src/journal/journal-remote-parse.c -+++ b/src/journal/journal-remote-parse.c -@@ -40,7 +40,7 @@ void source_free(RemoteSource *source) { - - static int get_line(RemoteSource *source, char **line, size_t *size) { - ssize_t n, remain; -- char *c; -+ char *c = NULL; - char *newbuf = NULL; - size_t newsize = 0; - -@@ -49,7 +49,9 @@ static int get_line(RemoteSource *source, char **line, size_t *size) { - assert(source->filled <= source->size); - assert(source->buf == NULL || source->size > 0); - -- c = memchr(source->buf, '\n', source->filled); -+ if (source->buf) -+ c = memchr(source->buf, '\n', source->filled); -+ - if (c != NULL) - goto docopy; - -diff --git a/src/journal/journald-kmsg.c b/src/journal/journald-kmsg.c -index 35948ea..48725e4 100644 ---- a/src/journal/journald-kmsg.c -+++ b/src/journal/journald-kmsg.c -@@ -152,7 +152,7 @@ static void dev_kmsg_record(Server *s, char *p, size_t l) { - /* Did we lose any? */ - if (serial > *s->kernel_seqnum) - server_driver_message(s, SD_MESSAGE_JOURNAL_MISSED, "Missed %"PRIu64" kernel messages", -- serial - *s->kernel_seqnum - 1); -+ serial - *s->kernel_seqnum); - - /* Make sure we never read this one again. Note that - * we always store the next message serial we expect +@@ -1657,7 +1657,7 @@ static int generic_array_bisect( + } + } + +- if (k > n) { ++ if (k >= n) { + if (direction == DIRECTION_UP) { + i = n; + subtract_one = true; +diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c +index f50faf4..03579fd 100644 +--- a/src/journal/journalctl.c ++++ b/src/journal/journalctl.c +@@ -682,7 +682,7 @@ static int parse_argv(int argc, char *argv[]) { + assert_not_reached("Unhandled option"); + } + +- if (arg_follow && !arg_no_tail && arg_lines == ARG_LINES_DEFAULT) ++ if (arg_follow && !arg_no_tail && !arg_since && arg_lines == ARG_LINES_DEFAULT) + arg_lines = 10; + + if (!!arg_directory + !!arg_file + !!arg_machine > 1) { diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c -index 6da81e7..b6f8e7e 100644 +index 12735c4..08b143b 100644 --- a/src/journal/journald-server.c +++ b/src/journal/journald-server.c -@@ -67,6 +67,7 @@ - #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE) - #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC) - #define DEFAULT_RATE_LIMIT_BURST 1000 -+#define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH - - #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC) - -@@ -1473,6 +1474,8 @@ int server_init(Server *s) { - s->forward_to_syslog = true; - s->forward_to_wall = true; +@@ -1655,6 +1655,7 @@ void server_done(Server *s) { + free(s->buffer); + free(s->tty_path); + free(s->cgroup_root); ++ free(s->hostname_field); + + if (s->mmap) + mmap_cache_unref(s->mmap); +diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c +index 372f3ed..d56ee51 100644 +--- a/src/libsystemd-network/network-internal.c ++++ b/src/libsystemd-network/network-internal.c +@@ -392,10 +392,12 @@ void serialize_dhcp_routes(FILE *f, const char *key, struct sd_dhcp_route *route + + fprintf(f, "%s=", key); + +- for (i = 0; i < size; i++) +- fprintf(f, "%s/%" PRIu8 ",%s%s", inet_ntoa(routes[i].dst_addr), +- routes[i].dst_prefixlen, inet_ntoa(routes[i].gw_addr), ++ for (i = 0; i < size; i++) { ++ fprintf(f, "%s/%" PRIu8, inet_ntoa(routes[i].dst_addr), ++ routes[i].dst_prefixlen); ++ fprintf(f, ",%s%s", inet_ntoa(routes[i].gw_addr), + (i < (size - 1)) ? " ": ""); ++ } -+ s->max_file_usec = DEFAULT_MAX_FILE_USEC; -+ - s->max_level_store = LOG_DEBUG; - s->max_level_syslog = LOG_DEBUG; - s->max_level_kmsg = LOG_NOTICE; -diff --git a/src/journal/microhttpd-util.c b/src/journal/microhttpd-util.c -index f693e0f..9a8d5c6 100644 ---- a/src/journal/microhttpd-util.c -+++ b/src/journal/microhttpd-util.c -@@ -129,7 +129,7 @@ void log_func_gnutls(int level, const char *message) { - if (0 <= level && level < (int) ELEMENTSOF(log_level_map)) - ourlevel = log_level_map[level]; - else -- level = LOG_DEBUG; -+ ourlevel = LOG_DEBUG; - - log_meta(ourlevel, NULL, 0, NULL, "gnutls: %s", message); + fputs("\n", f); } -diff --git a/src/journal/test-catalog.c b/src/journal/test-catalog.c -index b087a8b..967ab67 100644 ---- a/src/journal/test-catalog.c -+++ b/src/journal/test-catalog.c -@@ -157,7 +157,8 @@ int main(int argc, char *argv[]) { - - setlocale(LC_ALL, "de_DE.UTF-8"); +diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c +index 0eba4c3..9986b52 100644 +--- a/src/libsystemd-network/sd-dhcp-client.c ++++ b/src/libsystemd-network/sd-dhcp-client.c +@@ -68,7 +68,6 @@ struct sd_dhcp_client { + uint32_t mtu; + uint32_t xid; + usec_t start_time; +- uint16_t secs; + unsigned int attempt; + usec_t request_sent; + sd_event_source *timeout_t1; +@@ -321,10 +320,12 @@ static int client_message_init(sd_dhcp_client *client, DHCPPacket **ret, + _cleanup_free_ DHCPPacket *packet; + size_t optlen, optoffset, size; + be16_t max_size; ++ usec_t time_now; ++ uint16_t secs; + int r; -- log_set_max_level(LOG_DEBUG); -+ log_parse_environment(); -+ log_open(); + assert(client); +- assert(client->secs); ++ assert(client->start_time); + assert(ret); + assert(_optlen); + assert(_optoffset); +@@ -344,7 +345,15 @@ static int client_message_init(sd_dhcp_client *client, DHCPPacket **ret, + + /* Although 'secs' field is a SHOULD in RFC 2131, certain DHCP servers + refuse to issue an DHCP lease if 'secs' is set to zero */ +- packet->dhcp.secs = htobe16(client->secs); ++ r = sd_event_now(client->event, clock_boottime_or_monotonic(), &time_now); ++ if (r < 0) ++ return r; ++ assert(time_now >= client->start_time); ++ ++ /* seconds between sending first and last DISCOVER ++ * must always be strictly positive to deal with broken servers */ ++ secs = ((time_now - client->start_time) / USEC_PER_SEC) ? : 1; ++ packet->dhcp.secs = htobe16(secs); + + /* RFC2132 section 4.1 + A client that cannot receive unicast IP datagrams until its protocol +@@ -441,24 +450,12 @@ static int dhcp_client_send_raw(sd_dhcp_client *client, DHCPPacket *packet, + static int client_send_discover(sd_dhcp_client *client) { + _cleanup_free_ DHCPPacket *discover = NULL; + size_t optoffset, optlen; +- usec_t time_now; + int r; - test_catalog_file_lang(); + assert(client); + assert(client->state == DHCP_STATE_INIT || + client->state == DHCP_STATE_SELECTING); -diff --git a/src/libsystemd/sd-rtnl/rtnl-message.c b/src/libsystemd/sd-rtnl/rtnl-message.c -index 84a8ffa..e79b318 100644 ---- a/src/libsystemd/sd-rtnl/rtnl-message.c -+++ b/src/libsystemd/sd-rtnl/rtnl-message.c -@@ -335,24 +335,28 @@ int sd_rtnl_message_link_get_flags(sd_rtnl_message *m, unsigned *flags) { - /* If successful the updated message will be correctly aligned, if - unsuccessful the old message is untouched. */ - static int add_rtattr(sd_rtnl_message *m, unsigned short type, const void *data, size_t data_length) { -- uint32_t rta_length, message_length; -+ uint32_t rta_length; -+ size_t message_length, padding_length; - struct nlmsghdr *new_hdr; - struct rtattr *rta; - char *padding; - unsigned i; -+ int offset; - - assert(m); - assert(m->hdr); - assert(!m->sealed); - assert(NLMSG_ALIGN(m->hdr->nlmsg_len) == m->hdr->nlmsg_len); -- assert(!data || data_length > 0); -- assert(data || m->n_containers < RTNL_CONTAINER_DEPTH); -+ assert(!data || data_length); -+ -+ /* get offset of the new attribute */ -+ offset = m->hdr->nlmsg_len; - - /* get the size of the new rta attribute (with padding at the end) */ - rta_length = RTA_LENGTH(data_length); - - /* get the new message size (with padding at the end) */ -- message_length = m->hdr->nlmsg_len + RTA_ALIGN(rta_length); -+ message_length = offset + RTA_ALIGN(rta_length); - - /* realloc to fit the new attribute */ - new_hdr = realloc(m->hdr, message_length); -@@ -361,32 +365,35 @@ static int add_rtattr(sd_rtnl_message *m, unsigned short type, const void *data, - m->hdr = new_hdr; - - /* get pointer to the attribute we are about to add */ -- rta = (struct rtattr *) ((uint8_t *) m->hdr + m->hdr->nlmsg_len); -+ rta = (struct rtattr *) ((uint8_t *) m->hdr + offset); - - /* if we are inside containers, extend them */ - for (i = 0; i < m->n_containers; i++) -- GET_CONTAINER(m, i)->rta_len += message_length - m->hdr->nlmsg_len; -+ GET_CONTAINER(m, i)->rta_len += message_length - offset; - - /* fill in the attribute */ - rta->rta_type = type; - rta->rta_len = rta_length; -- if (!data) { -- /* this is the start of a new container */ -- m->container_offsets[m->n_containers ++] = m->hdr->nlmsg_len; -- } else { -+ if (data) - /* we don't deal with the case where the user lies about the type - * and gives us too little data (so don't do that) -- */ -+ */ - padding = mempcpy(RTA_DATA(rta), data, data_length); -- /* make sure also the padding at the end of the message is initialized */ -- memzero(padding, -- (uint8_t *) m->hdr + message_length - (uint8_t *) padding); -+ else { -+ /* if no data was passed, make sure we still initialize the padding -+ note that we can have data_length > 0 (used by some containers) */ -+ padding = RTA_DATA(rta); -+ data_length = 0; +- /* See RFC2131 section 4.4.1 */ +- +- r = sd_event_now(client->event, clock_boottime_or_monotonic(), &time_now); +- if (r < 0) +- return r; +- assert(time_now >= client->start_time); +- +- /* seconds between sending first and last DISCOVER +- * must always be strictly positive to deal with broken servers */ +- client->secs = ((time_now - client->start_time) / USEC_PER_SEC) ? : 1; +- + r = client_message_init(client, &discover, DHCP_DISCOVER, + &optlen, &optoffset); + if (r < 0) +@@ -875,10 +872,8 @@ static int client_start(sd_dhcp_client *client) { } + client->fd = r; -+ /* make sure also the padding at the end of the message is initialized */ -+ padding_length = (uint8_t*)m->hdr + message_length - (uint8_t*)padding; -+ memzero(padding, padding_length); -+ - /* update message size */ - m->hdr->nlmsg_len = message_length; +- if (client->state == DHCP_STATE_INIT) { ++ if (client->state == DHCP_STATE_INIT || client->state == DHCP_STATE_INIT_REBOOT) + client->start_time = now(clock_boottime_or_monotonic()); +- client->secs = 0; +- } -- return 0; -+ return offset; + return client_initialize_events(client, client_receive_message_raw); } +@@ -1269,6 +1264,9 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, + if (r >= 0) { + client->timeout_resend = + sd_event_source_unref(client->timeout_resend); ++ client->receive_message = ++ sd_event_source_unref(client->receive_message); ++ client->fd = asynchronous_close(client->fd); + + if (IN_SET(client->state, DHCP_STATE_REQUESTING, + DHCP_STATE_REBOOTING)) +diff --git a/src/libsystemd-network/sd-dhcp-lease.c b/src/libsystemd-network/sd-dhcp-lease.c +index 4fb01c0..b7c9a07 100644 +--- a/src/libsystemd-network/sd-dhcp-lease.c ++++ b/src/libsystemd-network/sd-dhcp-lease.c +@@ -50,7 +50,7 @@ int sd_dhcp_lease_get_address(sd_dhcp_lease *lease, struct in_addr *addr) { + + int sd_dhcp_lease_get_lifetime(sd_dhcp_lease *lease, uint32_t *lifetime) { + assert_return(lease, -EINVAL); +- assert_return(lease, -EINVAL); ++ assert_return(lifetime, -EINVAL); + + *lifetime = lease->lifetime; + +diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c +index fa4f9b5..dbec1a2 100644 +--- a/src/libsystemd-network/sd-dhcp6-client.c ++++ b/src/libsystemd-network/sd-dhcp6-client.c +@@ -200,19 +200,19 @@ int sd_dhcp6_client_set_duid(sd_dhcp6_client *client, uint16_t type, uint8_t *du + + switch (type) { + case DHCP6_DUID_LLT: +- if (duid_len <= sizeof(client->duid.llt)) ++ if (duid_len <= sizeof(client->duid.llt) - 2) + return -EINVAL; + break; + case DHCP6_DUID_EN: +- if (duid_len != sizeof(client->duid.en)) ++ if (duid_len != sizeof(client->duid.en) - 2) + return -EINVAL; + break; + case DHCP6_DUID_LL: +- if (duid_len <= sizeof(client->duid.ll)) ++ if (duid_len <= sizeof(client->duid.ll) - 2) + return -EINVAL; + break; + case DHCP6_DUID_UUID: +- if (duid_len != sizeof(client->duid.uuid)) ++ if (duid_len != sizeof(client->duid.uuid) - 2) + return -EINVAL; + break; + default: +@@ -222,7 +222,7 @@ int sd_dhcp6_client_set_duid(sd_dhcp6_client *client, uint16_t type, uint8_t *du - int sd_rtnl_message_append_string(sd_rtnl_message *m, unsigned short type, const char *data) { -@@ -761,22 +768,29 @@ int sd_rtnl_message_open_container(sd_rtnl_message *m, unsigned short type) { - - assert_return(m, -EINVAL); - assert_return(!m->sealed, -EPERM); -+ assert_return(m->n_containers < RTNL_CONTAINER_DEPTH, -ERANGE); - - sd_rtnl_message_get_type(m, &rtm_type); - -+ int r = -ENOTSUP; -+ - if (rtnl_message_type_is_link(rtm_type)) { - - if ((type == IFLA_LINKINFO && m->n_containers == 0) || - (type == IFLA_INFO_DATA && m->n_containers == 1 && - GET_CONTAINER(m, 0)->rta_type == IFLA_LINKINFO)) -- return add_rtattr(m, type, NULL, 0); -+ r = add_rtattr(m, type, NULL, 0); - else if (type == VETH_INFO_PEER && m->n_containers == 2 && - GET_CONTAINER(m, 1)->rta_type == IFLA_INFO_DATA && - GET_CONTAINER(m, 0)->rta_type == IFLA_LINKINFO) -- return add_rtattr(m, type, NULL, sizeof(struct ifinfomsg)); -+ r= add_rtattr(m, type, NULL, sizeof(struct ifinfomsg)); - } + client->duid.raw.type = htobe16(type); + memcpy(&client->duid.raw.data, duid, duid_len); +- client->duid_len = duid_len; ++ client->duid_len = duid_len + 2; /* +2 for sizeof(type) */ -- return -ENOTSUP; -+ if (r < 0) return r; -+ -+ m->container_offsets[m->n_containers ++] = r; -+ -+ return 0; + return 0; } - - int sd_rtnl_message_close_container(sd_rtnl_message *m) { -diff --git a/src/libudev/libudev-monitor.c b/src/libudev/libudev-monitor.c -index ba1b04d..85b1e40 100644 ---- a/src/libudev/libudev-monitor.c -+++ b/src/libudev/libudev-monitor.c -@@ -108,15 +108,13 @@ static struct udev_monitor *udev_monitor_new(struct udev *udev) - - /* we consider udev running when /dev is on devtmpfs */ - static bool udev_has_devtmpfs(struct udev *udev) { -- struct file_handle *h; -+ union file_handle_union h = { .handle.handle_bytes = MAX_HANDLE_SZ, }; - int mount_id; - _cleanup_fclose_ FILE *f = NULL; - char line[LINE_MAX], *e; - int r; - -- h = alloca(MAX_HANDLE_SZ); -- h->handle_bytes = MAX_HANDLE_SZ; -- r = name_to_handle_at(AT_FDCWD, "/dev", h, &mount_id, 0); -+ r = name_to_handle_at(AT_FDCWD, "/dev", &h.handle, &mount_id, 0); - if (r < 0) - return false; - -diff --git a/src/login/70-uaccess.rules b/src/login/70-uaccess.rules -index e1cf897..57f619d 100644 ---- a/src/login/70-uaccess.rules -+++ b/src/login/70-uaccess.rules -@@ -12,7 +12,7 @@ ENV{MAJOR}=="", GOTO="uaccess_end" - SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*", TAG+="uaccess" - - # Digicams with proprietary protocol --ENV{ID_GPHOTO2}=="*?", TAG+="uaccess" -+ENV{ID_GPHOTO2}=="?*", TAG+="uaccess" - - # SCSI and USB scanners - ENV{libsane_matched}=="yes", TAG+="uaccess" -@@ -49,13 +49,13 @@ SUBSYSTEM=="drm", KERNEL=="card*|renderD*", TAG+="uaccess" - SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="uaccess" - - # smart-card readers --ENV{ID_SMARTCARD_READER}=="*?", TAG+="uaccess" -+ENV{ID_SMARTCARD_READER}=="?*", TAG+="uaccess" - - # (USB) authentication devices --ENV{ID_SECURITY_TOKEN}=="*?", TAG+="uaccess" -+ENV{ID_SECURITY_TOKEN}=="?*", TAG+="uaccess" - - # PDA devices --ENV{ID_PDA}=="*?", TAG+="uaccess" -+ENV{ID_PDA}=="?*", TAG+="uaccess" - - # Programmable remote control - ENV{ID_REMOTE_CONTROL}=="1", TAG+="uaccess" -@@ -64,10 +64,10 @@ ENV{ID_REMOTE_CONTROL}=="1", TAG+="uaccess" - SUBSYSTEM=="input", ENV{ID_INPUT_JOYSTICK}=="?*", TAG+="uaccess" - - # color measurement devices --ENV{COLOR_MEASUREMENT_DEVICE}=="*?", TAG+="uaccess" -+ENV{COLOR_MEASUREMENT_DEVICE}=="?*", TAG+="uaccess" - - # DDC/CI device, usually high-end monitors such as the DreamColor --ENV{DDC_DEVICE}=="*?", TAG+="uaccess" -+ENV{DDC_DEVICE}=="?*", TAG+="uaccess" - - # media player raw devices (for user-mode drivers, Android SDK, etc.) - SUBSYSTEM=="usb", ENV{ID_MEDIA_PLAYER}=="?*", TAG+="uaccess" -diff --git a/src/login/logind-acl.c b/src/login/logind-acl.c -index dc86f0f..4bbeb64 100644 ---- a/src/login/logind-acl.c -+++ b/src/login/logind-acl.c -@@ -279,7 +279,9 @@ int devnode_acl_all(struct udev *udev, - - log_debug("Fixing up ACLs at %s for seat %s", n, seat); - k = devnode_acl(n, flush, del, old_uid, add, new_uid); -- if (k < 0) -+ if (k == -ENOENT) -+ log_debug("Device %s disappeared while setting ACLs", n); -+ else if (k < 0) - r = k; +diff --git a/src/libsystemd/sd-bus/bus-match.c b/src/libsystemd/sd-bus/bus-match.c +index 18afe0f..5658c61 100644 +--- a/src/libsystemd/sd-bus/bus-match.c ++++ b/src/libsystemd/sd-bus/bus-match.c +@@ -537,7 +537,7 @@ static int bus_match_find_compare_value( + else if (BUS_MATCH_CAN_HASH(t)) + n = hashmap_get(c->compare.children, value_str); + else { +- for (n = c->child; !value_node_same(n, t, value_u8, value_str); n = n->next) ++ for (n = c->child; n && !value_node_same(n, t, value_u8, value_str); n = n->next) + ; } -diff --git a/src/login/logind-action.c b/src/login/logind-action.c -index 1928f43..d69c7ad 100644 ---- a/src/login/logind-action.c -+++ b/src/login/logind-action.c -@@ -79,14 +79,12 @@ int manager_handle_action( - return 0; - } - -- /* If we have more than one or no displays connected, -- * don't react to lid closing. The no display case we -- * treat like this under the assumption that there is -- * no modern drm driver available. */ -+ /* If we have more than one display connected, -+ * don't react to lid closing. */ - n = manager_count_displays(m); - if (n < 0) - log_warning("Display counting failed: %s", strerror(-n)); -- else if (n != 1) { -+ else if (n > 1) { - log_debug("Ignoring lid switch request, %i displays connected.", n); - return 0; - } -diff --git a/src/login/logind-seat.c b/src/login/logind-seat.c -index 3f5efdc..1ee6ced 100644 ---- a/src/login/logind-seat.c -+++ b/src/login/logind-seat.c -@@ -275,8 +275,13 @@ int seat_switch_to(Seat *s, unsigned int num) { - if (!num) - return -EINVAL; +diff --git a/src/libsystemd/sd-bus/bus-objects.c b/src/libsystemd/sd-bus/bus-objects.c +index 0ab1119..6c3230a 100644 +--- a/src/libsystemd/sd-bus/bus-objects.c ++++ b/src/libsystemd/sd-bus/bus-objects.c +@@ -617,6 +617,9 @@ static int property_get_set_callbacks_run( + return r; -- if (num >= s->position_count || !s->positions[num]) -+ if (num >= s->position_count || !s->positions[num]) { -+ /* allow switching to unused VTs to trigger auto-activate */ -+ if (seat_has_vts(s) && num < 64) -+ return chvt(num); + } else { ++ const char *signature = NULL; ++ char type = 0; + - return -EINVAL; -+ } + if (c->vtable->type != _SD_BUS_VTABLE_WRITABLE_PROPERTY) + return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_PROPERTY_READ_ONLY, "Property '%s' is not writable.", c->member); - return session_activate(s->positions[num]); - } -diff --git a/src/login/logind-session.c b/src/login/logind-session.c -index 4ca6b5d..02a780d 100644 ---- a/src/login/logind-session.c -+++ b/src/login/logind-session.c -@@ -213,7 +213,6 @@ int session_save(Session *s) { - - if (s->scope) - fprintf(f, "SCOPE=%s\n", s->scope); -- - if (s->scope_job) - fprintf(f, "SCOPE_JOB=%s\n", s->scope_job); +@@ -628,6 +631,13 @@ static int property_get_set_callbacks_run( -@@ -229,17 +228,54 @@ int session_save(Session *s) { - if (s->display) - fprintf(f, "DISPLAY=%s\n", s->display); + c->last_iteration = bus->iteration_counter; -- if (s->remote_host) -- fprintf(f, "REMOTE_HOST=%s\n", s->remote_host); -+ if (s->remote_host) { -+ _cleanup_free_ char *escaped; -+ -+ escaped = cescape(s->remote_host); -+ if (!escaped) { -+ r = -ENOMEM; -+ goto finish; -+ } -+ -+ fprintf(f, "REMOTE_HOST=%s\n", escaped); -+ } -+ -+ if (s->remote_user) { -+ _cleanup_free_ char *escaped; -+ -+ escaped = cescape(s->remote_user); -+ if (!escaped) { -+ r = -ENOMEM; -+ goto finish; -+ } -+ -+ fprintf(f, "REMOTE_USER=%s\n", escaped); -+ } ++ r = sd_bus_message_peek_type(m, &type, &signature); ++ if (r < 0) ++ return r; + -+ if (s->service) { -+ _cleanup_free_ char *escaped; - -- if (s->remote_user) -- fprintf(f, "REMOTE_USER=%s\n", s->remote_user); -+ escaped = cescape(s->service); -+ if (!escaped) { -+ r = -ENOMEM; -+ goto finish; -+ } ++ if (type != 'v' || !streq(strempty(signature), strempty(c->vtable->x.property.signature))) ++ return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_INVALID_ARGS, "Incorrect parameters for property '%s', expected '%s', got '%s'.", c->member, strempty(c->vtable->x.property.signature), strempty(signature)); + -+ fprintf(f, "SERVICE=%s\n", escaped); -+ } - -- if (s->service) -- fprintf(f, "SERVICE=%s\n", s->service); -+ if (s->desktop) { -+ _cleanup_free_ char *escaped; + r = sd_bus_message_enter_container(m, 'v', c->vtable->x.property.signature); + if (r < 0) + return r; +diff --git a/src/libsystemd/sd-rtnl/rtnl-message.c b/src/libsystemd/sd-rtnl/rtnl-message.c +index b501a52..740133a 100644 +--- a/src/libsystemd/sd-rtnl/rtnl-message.c ++++ b/src/libsystemd/sd-rtnl/rtnl-message.c +@@ -36,6 +36,8 @@ + #define GET_CONTAINER(m, i) ((i) < (m)->n_containers ? (struct rtattr*)((uint8_t*)(m)->hdr + (m)->container_offsets[i]) : NULL) + #define PUSH_CONTAINER(m, new) (m)->container_offsets[(m)->n_containers ++] = (uint8_t*)(new) - (uint8_t*)(m)->hdr; -- if (s->desktop) -- fprintf(f, "DESKTOP=%s\n", s->desktop); -+ -+ escaped = cescape(s->desktop); -+ if (!escaped) { -+ r = -ENOMEM; -+ goto finish; -+ } ++#define RTA_TYPE(rta) ((rta)->rta_type & NLA_TYPE_MASK) + -+ fprintf(f, "DESKTOP=%s\n", escaped); -+ } + static int message_new_empty(sd_rtnl *rtnl, sd_rtnl_message **ret) { + sd_rtnl_message *m; - if (s->seat && seat_has_vts(s->seat)) - fprintf(f, "VTNR=%u\n", s->vtnr); -@@ -972,6 +1008,10 @@ void session_mute_vt(Session *s) { - if (vt < 0) - return; +@@ -566,8 +568,8 @@ int sd_rtnl_message_append_string(sd_rtnl_message *m, unsigned short type, const + size = (size_t)r; -+ r = fchown(vt, s->user->uid, -1); -+ if (r < 0) -+ goto error; -+ - r = ioctl(vt, KDSKBMODE, K_OFF); - if (r < 0) - goto error; -@@ -1026,6 +1066,8 @@ void session_restore_vt(Session *s) { - mode.mode = VT_AUTO; - ioctl(vt, VT_SETMODE, &mode); + if (size) { +- length = strnlen(data, size); +- if (length >= size) ++ length = strnlen(data, size+1); ++ if (length > size) + return -EINVAL; + } else + length = strlen(data); +@@ -1066,7 +1068,7 @@ int rtnl_message_parse(sd_rtnl_message *m, + *rta_tb_size = max + 1; -+ fchown(vt, 0, -1); -+ - s->vtfd = safe_close(s->vtfd); - } + for (; RTA_OK(rta, rt_len); rta = RTA_NEXT(rta, rt_len)) { +- type = rta->rta_type; ++ type = RTA_TYPE(rta); -diff --git a/src/login/org.freedesktop.login1.policy.in b/src/login/org.freedesktop.login1.policy.in -index b96d32d..b8e90f1 100644 ---- a/src/login/org.freedesktop.login1.policy.in -+++ b/src/login/org.freedesktop.login1.policy.in -@@ -254,7 +254,7 @@ - <defaults> - <allow_any>auth_admin_keep</allow_any> - <allow_inactive>auth_admin_keep</allow_inactive> -- <allow_active>auth_admin_keep</allow_active> -+ <allow_active>yes</allow_active> - </defaults> - <annotate key="org.freedesktop.policykit.imply">org.freedesktop.login1.hibernate</annotate> - </action> -diff --git a/src/login/pam-module.c b/src/login/pam-module.c -index 9873dd5..1259457 100644 ---- a/src/login/pam-module.c -+++ b/src/login/pam-module.c -@@ -475,7 +475,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( + /* if the kernel is newer than the headers we used + when building, we ignore out-of-range attributes +@@ -1222,7 +1224,7 @@ int socket_read_message(sd_rtnl *rtnl) { + } } - if (session_fd >= 0) { -- session_fd = dup(session_fd); -+ session_fd = fcntl(session_fd, F_DUPFD_CLOEXEC, 3); - if (session_fd < 0) { - pam_syslog(handle, LOG_ERR, "Failed to dup session fd: %m"); - return PAM_SESSION_ERR; -diff --git a/src/machine/machine.c b/src/machine/machine.c -index 9a5cc9a..de701ad 100644 ---- a/src/machine/machine.c -+++ b/src/machine/machine.c -@@ -123,17 +123,42 @@ int machine_save(Machine *m) { - "NAME=%s\n", - m->name); - -- if (m->unit) -- fprintf(f, "SCOPE=%s\n", m->unit); /* We continue to call this "SCOPE=" because it is internal only, and we want to stay compatible with old files */ -+ if (m->unit) { -+ _cleanup_free_ char *escaped; -+ -+ escaped = cescape(m->unit); -+ if (!escaped) { -+ r = -ENOMEM; -+ goto finish; -+ } -+ -+ fprintf(f, "SCOPE=%s\n", escaped); /* We continue to call this "SCOPE=" because it is internal only, and we want to stay compatible with old files */ -+ } - - if (m->scope_job) - fprintf(f, "SCOPE_JOB=%s\n", m->scope_job); +- for (new_msg = rtnl->rbuffer; NLMSG_OK(new_msg, len); new_msg = NLMSG_NEXT(new_msg, len)) { ++ for (new_msg = rtnl->rbuffer; NLMSG_OK(new_msg, len) && !done; new_msg = NLMSG_NEXT(new_msg, len)) { + _cleanup_rtnl_message_unref_ sd_rtnl_message *m = NULL; + const NLType *nl_type; -- if (m->service) -- fprintf(f, "SERVICE=%s\n", m->service); -+ if (m->service) { -+ _cleanup_free_ char *escaped; - -- if (m->root_directory) -- fprintf(f, "ROOT=%s\n", m->root_directory); -+ escaped = cescape(m->service); -+ if (!escaped) { -+ r = -ENOMEM; -+ goto finish; -+ } -+ fprintf(f, "SERVICE=%s\n", escaped); -+ } -+ -+ if (m->root_directory) { -+ _cleanup_free_ char *escaped; +@@ -1237,7 +1239,8 @@ int socket_read_message(sd_rtnl *rtnl) { + if (new_msg->nlmsg_type == NLMSG_DONE) { + /* finished reading multi-part message */ + done = true; +- break; + -+ escaped = cescape(m->root_directory); -+ if (!escaped) { -+ r = -ENOMEM; -+ goto finish; -+ } -+ fprintf(f, "ROOT=%s\n", escaped); -+ } - - if (!sd_id128_equal(m->id, SD_ID128_NULL)) - fprintf(f, "ID=" SD_ID128_FORMAT_STR "\n", SD_ID128_FORMAT_VAL(m->id)); -@@ -330,16 +355,18 @@ static int machine_stop_scope(Machine *m) { - if (!m->unit) - return 0; ++ continue; + } -- r = manager_stop_unit(m->manager, m->unit, &error, &job); -- if (r < 0) { -- log_error("Failed to stop machine scope: %s", bus_error_message(&error, r)); -- return r; -+ if (!m->registered) { -+ r = manager_stop_unit(m->manager, m->unit, &error, &job); -+ if (r < 0) { -+ log_error("Failed to stop machine scope: %s", bus_error_message(&error, r)); -+ return r; + /* check that we support this message type */ +diff --git a/src/libudev/libudev-device.c b/src/libudev/libudev-device.c +index 2699374..e2afcb8 100644 +--- a/src/libudev/libudev-device.c ++++ b/src/libudev/libudev-device.c +@@ -730,8 +730,13 @@ _public_ struct udev_device *udev_device_new_from_syspath(struct udev *udev, con + return NULL; + } else { + /* everything else just needs to be a directory */ +- if (stat(path, &statbuf) != 0 || !S_ISDIR(statbuf.st_mode)) ++ if (stat(path, &statbuf) != 0) + return NULL; ++ ++ if (!S_ISDIR(statbuf.st_mode)) { ++ errno = EISDIR; ++ return NULL; + } } - free(m->scope_job); - m->scope_job = job; - -- return r; -+ return 0; - } - - int machine_stop(Machine *m) { -@@ -415,6 +442,8 @@ int machine_kill(Machine *m, KillWho who, int signo) { - - if (kill(m->leader, signo) < 0) - return -errno; -+ -+ return 0; - } - - /* Otherwise make PID 1 do it for us, for the entire cgroup */ -diff --git a/src/machine/machine.h b/src/machine/machine.h -index f4aefc5..de3536d 100644 ---- a/src/machine/machine.h -+++ b/src/machine/machine.h -@@ -72,6 +72,7 @@ struct Machine { - - bool in_gc_queue:1; - bool started:1; -+ bool registered:1; - - sd_bus_message *create_message; - -diff --git a/src/machine/machined-dbus.c b/src/machine/machined-dbus.c -index 9473105..154a335 100644 ---- a/src/machine/machined-dbus.c -+++ b/src/machine/machined-dbus.c -@@ -241,6 +241,7 @@ static int method_create_or_register_machine(Manager *manager, sd_bus_message *m - m->leader = leader; - m->class = c; - m->id = id; -+ m->registered = true; - - if (!isempty(service)) { - m->service = strdup(service); + udev_device = udev_device_new(udev); diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 9a9ed9d..c3e6d23 100644 +index b6d9bc6..759794f 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -769,6 +769,15 @@ static int setup_resolv_conf(const char *dest) { - return 0; - } +@@ -758,7 +758,7 @@ static int mount_binds(const char *dest, char **l, bool ro) { + * and char devices. */ + if (S_ISDIR(source_st.st_mode)) { + r = mkdir_label(where, 0755); +- if (r < 0) { ++ if (r < 0 && errno != EEXIST) { + log_error("Failed to create mount point %s: %s", where, strerror(-r)); -+static char* id128_format_as_uuid(sd_id128_t id, char s[37]) { -+ -+ snprintf(s, 37, -+ "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x", -+ SD_ID128_FORMAT_VAL(id)); -+ -+ return s; -+} -+ - static int setup_boot_id(const char *dest) { - _cleanup_free_ char *from = NULL, *to = NULL; - sd_id128_t rnd = {}; -@@ -794,10 +803,7 @@ static int setup_boot_id(const char *dest) { - return r; - } + return r; +@@ -818,7 +818,7 @@ static int mount_tmpfs(const char *dest) { + return log_oom(); -- snprintf(as_uuid, sizeof(as_uuid), -- "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x", -- SD_ID128_FORMAT_VAL(rnd)); -- char_array_0(as_uuid); -+ id128_format_as_uuid(rnd, as_uuid); + r = mkdir_label(where, 0755); +- if (r < 0) { ++ if (r < 0 && errno != EEXIST) { + log_error("creating mount point for tmpfs %s failed: %s", where, strerror(-r)); - r = write_string_file(from, as_uuid); - if (r < 0) { -@@ -2378,7 +2384,7 @@ static int change_uid_gid(char **_home) { - _cleanup_fclose_ FILE *f = NULL; - _cleanup_close_ int fd = -1; - unsigned n_uids = 0; -- size_t sz, l; -+ size_t sz = 0, l; - uid_t uid; - gid_t gid; - pid_t pid; -@@ -2667,6 +2673,7 @@ int main(int argc, char *argv[]) { + return r; +@@ -3073,6 +3073,7 @@ int main(int argc, char *argv[]) { goto finish; } } else { @@ -1592,7 +612,7 @@ index 9a9ed9d..c3e6d23 100644 const char *p; p = strappenda(arg_directory, -@@ -2676,6 +2683,7 @@ int main(int argc, char *argv[]) { +@@ -3082,6 +3083,7 @@ int main(int argc, char *argv[]) { goto finish; } @@ -1600,510 +620,237 @@ index 9a9ed9d..c3e6d23 100644 } } else { char template[] = "/tmp/nspawn-root-XXXXXX"; -@@ -2748,8 +2756,6 @@ int main(int argc, char *argv[]) { - goto finish; - } +diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c +index 7375f77..ec8efcc 100644 +--- a/src/resolve/resolved-dns-packet.c ++++ b/src/resolve/resolved-dns-packet.c +@@ -866,7 +866,7 @@ fail: + + int dns_packet_read_name(DnsPacket *p, char **_ret, + bool allow_compression, size_t *start) { +- size_t saved_rindex, after_rindex = 0; ++ size_t saved_rindex, after_rindex = 0, jump_barrier; + _cleanup_free_ char *ret = NULL; + size_t n = 0, allocated = 0; + bool first = true; +@@ -876,6 +876,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret, + assert(_ret); + + saved_rindex = p->rindex; ++ jump_barrier = p->rindex; + + for (;;) { + uint8_t c, d; +@@ -922,7 +923,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret, + goto fail; -- sd_notify(0, "READY=1"); -- - assert_se(sigemptyset(&mask) == 0); - sigset_add_many(&mask, SIGCHLD, SIGWINCH, SIGTERM, SIGINT, -1); - assert_se(sigprocmask(SIG_BLOCK, &mask, NULL) == 0); -@@ -2966,7 +2972,9 @@ int main(int argc, char *argv[]) { + ptr = (uint16_t) (c & ~0xc0) << 8 | (uint16_t) d; +- if (ptr < DNS_PACKET_HEADER_SIZE || ptr >= saved_rindex) { ++ if (ptr < DNS_PACKET_HEADER_SIZE || ptr >= jump_barrier) { + r = -EBADMSG; + goto fail; } +@@ -930,9 +931,13 @@ int dns_packet_read_name(DnsPacket *p, char **_ret, + if (after_rindex == 0) + after_rindex = p->rindex; - if (!sd_id128_equal(arg_uuid, SD_ID128_NULL)) { -- if (asprintf((char**)(envp + n_env++), "container_uuid=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(arg_uuid)) < 0) { -+ char as_uuid[37]; -+ -+ if (asprintf((char**)(envp + n_env++), "container_uuid=%s", id128_format_as_uuid(arg_uuid, as_uuid)) < 0) { - log_oom(); - goto child_fail; - } -@@ -3086,6 +3094,8 @@ int main(int argc, char *argv[]) { - if (r < 0) - goto finish; - -+ sd_notify(0, "READY=1"); -+ - /* Notify the child that the parent is ready with all - * its setup, and thtat the child can now hand over - * control to the code to run inside the container. */ -@@ -3136,6 +3146,10 @@ int main(int argc, char *argv[]) { - - if (!arg_quiet) - log_info("Container %s is being rebooted.", arg_machine); -+ if (getenv("EXIT_ON_REBOOT") != 0) { -+ r = 10; -+ break; -+ } - continue; - } else if (status.si_code == CLD_KILLED || - status.si_code == CLD_DUMPED) { -diff --git a/src/nss-myhostname/netlink.c b/src/nss-myhostname/netlink.c -index d61ecdf..228a3a4 100644 ---- a/src/nss-myhostname/netlink.c -+++ b/src/nss-myhostname/netlink.c -@@ -112,6 +112,10 @@ static int read_reply(int fd, struct address **list, unsigned *n_list) { - ifaddrmsg->ifa_scope == RT_SCOPE_NOWHERE) - continue; - -+ if (ifaddrmsg->ifa_family == AF_INET6 && -+ ifaddrmsg->ifa_scope == RT_SCOPE_LINK) -+ continue; -+ - if (ifaddrmsg->ifa_flags & IFA_F_DEPRECATED) - continue; - -diff --git a/src/python-systemd/_reader.c b/src/python-systemd/_reader.c -index 059b904..9a19a10 100644 ---- a/src/python-systemd/_reader.c -+++ b/src/python-systemd/_reader.c -@@ -902,7 +902,6 @@ static PyObject* get_catalog(PyObject *self, PyObject *args) { - sd_id128_t id; - _cleanup_free_ char *msg = NULL; - -- assert(!self); - assert(args); - - if (!PyArg_ParseTuple(args, "z:get_catalog", &id_)) -diff --git a/src/python-systemd/journal.py b/src/python-systemd/journal.py -index 9c7e004..dd1f229 100644 ---- a/src/python-systemd/journal.py -+++ b/src/python-systemd/journal.py -@@ -293,7 +293,7 @@ class Reader(_Reader): - monotonic = monotonic.totalseconds() - monotonic = int(monotonic * 1000000) - if isinstance(bootid, _uuid.UUID): -- bootid = bootid.get_hex() -+ bootid = bootid.hex - return super(Reader, self).seek_monotonic(monotonic, bootid) - - def log_level(self, level): -@@ -314,7 +314,7 @@ class Reader(_Reader): - Equivalent to add_match(MESSAGE_ID=`messageid`). - """ - if isinstance(messageid, _uuid.UUID): -- messageid = messageid.get_hex() -+ messageid = messageid.hex - self.add_match(MESSAGE_ID=messageid) - - def this_boot(self, bootid=None): -@@ -346,7 +346,7 @@ class Reader(_Reader): - - def get_catalog(mid): - if isinstance(mid, _uuid.UUID): -- mid = mid.get_hex() -+ mid = mid.hex - return _get_catalog(mid) - - def _make_line(field, value): -diff --git a/src/readahead/readahead-common.c b/src/readahead/readahead-common.c -index 5ffa88b..49679fc 100644 ---- a/src/readahead/readahead-common.c -+++ b/src/readahead/readahead-common.c -@@ -75,7 +75,7 @@ int fs_on_ssd(const char *p) { - if (major(st.st_dev) == 0) { - _cleanup_fclose_ FILE *f = NULL; - int mount_id; -- struct file_handle *h; -+ union file_handle_union h = { .handle.handle_bytes = MAX_HANDLE_SZ, }; - - /* Might be btrfs, which exposes "ssd" as mount flag if it is on ssd. - * -@@ -83,9 +83,7 @@ int fs_on_ssd(const char *p) { - * and then lookup the mount ID in mountinfo to find - * the mount options. */ - -- h = alloca(MAX_HANDLE_SZ); -- h->handle_bytes = MAX_HANDLE_SZ; -- r = name_to_handle_at(AT_FDCWD, p, h, &mount_id, AT_SYMLINK_FOLLOW); -+ r = name_to_handle_at(AT_FDCWD, p, &h.handle, &mount_id, AT_SYMLINK_FOLLOW); - if (r < 0) - return false; - -diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c -index d27b1b7..905a2e1 100644 ---- a/src/shared/conf-parser.c -+++ b/src/shared/conf-parser.c -@@ -336,8 +336,8 @@ int config_parse(const char *unit, - if (!f) { - f = ours = fopen(filename, "re"); - if (!f) { -- log_error("Failed to open configuration file '%s': %m", filename); -- return -errno; -+ log_full(errno == ENOENT ? LOG_DEBUG : LOG_ERR, "Failed to open configuration file '%s': %m", filename); -+ return errno == ENOENT ? 0 : -errno; - } - } - -diff --git a/src/shared/generator.c b/src/shared/generator.c -index 6110303..e679cb1 100644 ---- a/src/shared/generator.c -+++ b/src/shared/generator.c -@@ -48,7 +48,7 @@ int generator_write_fsck_deps( - const char *checker; - int r; - -- checker = strappenda("/sbin/fsck.", fstype); -+ checker = strappenda("/run/current-system/sw/sbin/fsck.", fstype); - r = access(checker, X_OK); - if (r < 0) { - log_warning("Checking was requested for %s, but %s cannot be used: %m", what, checker); -diff --git a/src/shared/install.c b/src/shared/install.c -index 7409046..4517c9c 100644 ---- a/src/shared/install.c -+++ b/src/shared/install.c -@@ -560,7 +560,7 @@ int unit_file_mask( - unsigned *n_changes) { - - char **i; -- _cleanup_free_ char *prefix; -+ _cleanup_free_ char *prefix = NULL; - int r; - - assert(scope >= 0); -diff --git a/src/shared/log.c b/src/shared/log.c -index a4b3b68..890a9fa 100644 ---- a/src/shared/log.c -+++ b/src/shared/log.c -@@ -878,6 +878,9 @@ void log_parse_environment(void) { - if (l == 5 && startswith(w, "debug")) { - log_set_max_level(LOG_DEBUG); - break; -+ } else if (l == 5 && startswith(w, "quiet")) { -+ log_set_max_level(LOG_WARNING); -+ break; - } - } - } -diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c -index 9d14933..b0b66f6 100644 ---- a/src/shared/logs-show.c -+++ b/src/shared/logs-show.c -@@ -547,7 +547,9 @@ static int output_export( - startswith(data, "_BOOT_ID=")) - continue; - -- if (!utf8_is_printable(data, length)) { -+ if (utf8_is_printable_newline(data, length, false)) -+ fwrite(data, length, 1, f); -+ else { - const char *c; - uint64_t le64; - -@@ -562,8 +564,7 @@ static int output_export( - le64 = htole64(length - (c - (const char*) data) - 1); - fwrite(&le64, sizeof(le64), 1, f); - fwrite(c + 1, length - (c - (const char*) data) - 1, 1, f); ++ /* Jumps are limited to a "prior occurence" (RFC-1035 4.1.4) */ ++ jump_barrier = ptr; + p->rindex = ptr; - } else -- fwrite(data, length, 1, f); ++ } else { ++ r = -EBADMSG; + goto fail; + } - - fputc('\n', f); } -diff --git a/src/shared/unit-name.c b/src/shared/unit-name.c -index 6c167b4..d0e71f2 100644 ---- a/src/shared/unit-name.c -+++ b/src/shared/unit-name.c -@@ -332,7 +332,7 @@ char *unit_name_path_unescape(const char *f) { - } - - bool unit_name_is_template(const char *n) { -- const char *p; -+ const char *p, *e; - assert(n); + if (!GREEDY_REALLOC(ret, allocated, n + 1)) { +diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c +index 7d258c9..6dd4cad 100644 +--- a/src/resolve/resolved.c ++++ b/src/resolve/resolved.c +@@ -108,7 +108,7 @@ int main(int argc, char *argv[]) { -@@ -340,11 +340,15 @@ bool unit_name_is_template(const char *n) { - if (!p) - return false; + finish: + sd_notify(false, +- "STOPPIN=1\n" ++ "STOPPING=1\n" + "STATUS=Shutting down..."); + + return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; +diff --git a/src/run/run.c b/src/run/run.c +index e3b6293..dcefb5c 100644 +--- a/src/run/run.c ++++ b/src/run/run.c +@@ -573,9 +573,12 @@ int main(int argc, char* argv[]) { + if (r <= 0) + goto finish; -- return p[1] == '.'; -+ e = strrchr(p+1, '.'); -+ if (!e) -+ return false; -+ -+ return e == p + 1; +- r = find_binary(argv[optind], &command); ++ r = find_binary(argv[optind], arg_transport == BUS_TRANSPORT_LOCAL, &command); + if (r < 0) { +- log_error("Failed to find executable %s: %s", argv[optind], strerror(-r)); ++ log_error("Failed to find executable %s%s: %s", ++ argv[optind], ++ arg_transport == BUS_TRANSPORT_LOCAL ? "" : " on local system", ++ strerror(-r)); + goto finish; + } + argv[optind] = command; +diff --git a/src/shared/install.c b/src/shared/install.c +index 035b44c..cab93e8 100644 +--- a/src/shared/install.c ++++ b/src/shared/install.c +@@ -1620,12 +1620,10 @@ int unit_file_enable( + STRV_FOREACH(i, files) { + UnitFileState state; + ++ /* We only want to know if this unit is masked, so we ignore ++ * errors from unit_file_get_state, deferring other checks. ++ * This allows templated units to be enabled on the fly. */ + state = unit_file_get_state(scope, root_dir, *i); +- if (state < 0) { +- log_error("Failed to get unit file state for %s: %s", *i, strerror(-state)); +- return state; +- } +- + if (state == UNIT_FILE_MASKED || state == UNIT_FILE_MASKED_RUNTIME) { + log_error("Failed to enable unit: Unit %s is masked", *i); + return -ENOTSUP; +diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c +index 8f75a8e..c800e01 100644 +--- a/src/shared/path-lookup.c ++++ b/src/shared/path-lookup.c +@@ -86,17 +86,14 @@ static char** user_dirs( + const char * const config_unit_paths[] = { + USER_CONFIG_UNIT_PATH, + "/etc/systemd/user", ++ "/etc/systemd-mutable/user", + NULL + }; + + const char * const runtime_unit_path = "/run/systemd/user"; + + const char * const data_unit_paths[] = { +- "/usr/local/lib/systemd/user", +- "/usr/local/share/systemd/user", + USER_DATA_UNIT_PATH, +- "/usr/lib/systemd/user", +- "/usr/share/systemd/user", + NULL + }; + +@@ -260,13 +257,11 @@ int lookup_paths_init( + STRV_IFNOTNULL(generator_early), + USER_CONFIG_UNIT_PATH, + "/etc/systemd/user", ++ "/etc/systemd-mutable/user", ++ "/nix/var/nix/profiles/default/lib/systemd/user", + "/run/systemd/user", + STRV_IFNOTNULL(generator), +- "/usr/local/lib/systemd/user", +- "/usr/local/share/systemd/user", + USER_DATA_UNIT_PATH, +- "/usr/lib/systemd/user", +- "/usr/share/systemd/user", + STRV_IFNOTNULL(generator_late), + NULL); + } else +@@ -276,14 +271,11 @@ int lookup_paths_init( + STRV_IFNOTNULL(generator_early), + SYSTEM_CONFIG_UNIT_PATH, + "/etc/systemd/system", ++ "/etc/systemd-mutable/system", ++ "/nix/var/nix/profiles/default/lib/systemd/system", + "/run/systemd/system", + STRV_IFNOTNULL(generator), +- "/usr/local/lib/systemd/system", + SYSTEM_DATA_UNIT_PATH, +- "/usr/lib/systemd/system", +-#ifdef HAVE_SPLIT_USR +- "/lib/systemd/system", +-#endif + STRV_IFNOTNULL(generator_late), + NULL); + +diff --git a/src/shared/path-util.c b/src/shared/path-util.c +index 67566bc..be03695 100644 +--- a/src/shared/path-util.c ++++ b/src/shared/path-util.c +@@ -563,11 +563,11 @@ int path_is_os_tree(const char *path) { + return r >= 0; } - bool unit_name_is_instance(const char *n) { -- const char *p; -+ const char *p, *e; - - assert(n); +-int find_binary(const char *name, char **filename) { ++int find_binary(const char *name, bool local, char **filename) { + assert(name); -@@ -352,7 +356,11 @@ bool unit_name_is_instance(const char *n) { - if (!p) - return false; + if (is_path(name)) { +- if (access(name, X_OK) < 0) ++ if (local && access(name, X_OK) < 0) + return -errno; -- return p[1] != '.'; -+ e = strrchr(p+1, '.'); -+ if (!e) -+ return false; -+ -+ return e > p + 1; - } + if (filename) { +@@ -657,7 +657,7 @@ int fsck_exists(const char *fstype) { - char *unit_name_replace_instance(const char *f, const char *i) { -diff --git a/src/shared/utf8.c b/src/shared/utf8.c -index 0b524d8..c559c13 100644 ---- a/src/shared/utf8.c -+++ b/src/shared/utf8.c -@@ -136,7 +136,7 @@ int utf8_encoded_to_unichar(const char *str) { - return unichar; - } + checker = strappenda("fsck.", fstype); --bool utf8_is_printable(const char* str, size_t length) { -+bool utf8_is_printable_newline(const char* str, size_t length, bool newline) { - const uint8_t *p; - - assert(str); -@@ -145,7 +145,8 @@ bool utf8_is_printable(const char* str, size_t length) { - int encoded_len = utf8_encoded_valid_unichar((const char *)p); - int val = utf8_encoded_to_unichar((const char*)p); - -- if (encoded_len < 0 || val < 0 || is_unicode_control(val)) -+ if (encoded_len < 0 || val < 0 || is_unicode_control(val) || -+ (!newline && val == '\n')) - return false; - - length -= encoded_len; -diff --git a/src/shared/utf8.h b/src/shared/utf8.h -index c0eb73a..c087995 100644 ---- a/src/shared/utf8.h -+++ b/src/shared/utf8.h -@@ -31,7 +31,10 @@ const char *utf8_is_valid(const char *s) _pure_; - char *ascii_is_valid(const char *s) _pure_; - char *utf8_escape_invalid(const char *s); - --bool utf8_is_printable(const char* str, size_t length) _pure_; -+bool utf8_is_printable_newline(const char* str, size_t length, bool newline) _pure_; -+_pure_ static inline bool utf8_is_printable(const char* str, size_t length) { -+ return utf8_is_printable_newline(str, length, true); -+} - - char *utf16_to_utf8(const void *s, size_t length); - -diff --git a/src/shared/util.c b/src/shared/util.c -index ffe6624..2a2b2b2 100644 ---- a/src/shared/util.c -+++ b/src/shared/util.c -@@ -166,19 +166,19 @@ int close_nointr(int fd) { - - assert(fd >= 0); - r = close(fd); -- -- /* Just ignore EINTR; a retry loop is the wrong -- * thing to do on Linux. -- * -- * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html -- * https://bugzilla.gnome.org/show_bug.cgi?id=682819 -- * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR -- * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain -- */ -- if (_unlikely_(r < 0 && errno == EINTR)) -- return 0; -- else if (r >= 0) -+ if (r >= 0) +- r = find_binary(checker, &p); ++ r = find_binary(checker, true, &p); + if (r < 0) return r; -+ else if (errno == EINTR) -+ /* -+ * Just ignore EINTR; a retry loop is the wrong -+ * thing to do on Linux. -+ * -+ * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html -+ * https://bugzilla.gnome.org/show_bug.cgi?id=682819 -+ * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR -+ * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain -+ */ -+ return 0; - else - return -errno; - } -@@ -195,7 +195,13 @@ int safe_close(int fd) { - - if (fd >= 0) { - PROTECT_ERRNO; -- assert_se(close_nointr(fd) == 0); -+ -+ /* The kernel might return pretty much any error code -+ * via close(), but the fd will be closed anyway. The -+ * only condition we want to check for here is whether -+ * the fd was invalid at all... */ -+ -+ assert_se(close_nointr(fd) != -EBADF); - } - return -1; -@@ -1365,7 +1371,7 @@ bool ignore_file(const char *filename) { - assert(filename); +diff --git a/src/shared/path-util.h b/src/shared/path-util.h +index 8d171a5..bd0d324 100644 +--- a/src/shared/path-util.h ++++ b/src/shared/path-util.h +@@ -55,7 +55,7 @@ int path_is_mount_point(const char *path, bool allow_symlink); + int path_is_read_only_fs(const char *path); + int path_is_os_tree(const char *path); - if (endswith(filename, "~")) -- return false; -+ return true; +-int find_binary(const char *name, char **filename); ++int find_binary(const char *name, bool local, char **filename); - return ignore_file_allow_backup(filename); - } -@@ -1495,6 +1501,7 @@ bool fstype_is_network(const char *fstype) { - static const char table[] = - "cifs\0" - "smbfs\0" -+ "sshfs\0" - "ncpfs\0" - "ncp\0" - "nfs\0" -@@ -1581,8 +1588,9 @@ int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) { - if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0) - return -ETIMEDOUT; - -+ errno = 0; - if (!fgets(line, sizeof(line), f)) -- return -EIO; -+ return errno ? -errno : -EIO; - - truncate_nl(line); - -@@ -5327,6 +5335,9 @@ bool string_is_safe(const char *p) { - if (*t > 0 && *t < ' ') - return false; - -+ if (*t == 127) -+ return false; -+ - if (strchr("\\\"\'", *t)) - return false; - } -@@ -5343,10 +5354,14 @@ bool string_has_cc(const char *p) { - - assert(p); - -- for (t = p; *t; t++) -+ for (t = p; *t; t++) { - if (*t > 0 && *t < ' ' && *t != '\t') - return true; - -+ if (*t == 127) -+ return true; -+ } -+ - return false; - } + bool paths_check_timestamp(const char* const* paths, usec_t *paths_ts_usec, bool update); -@@ -6391,3 +6406,19 @@ void hexdump(FILE *f, const void *p, size_t s) { - s -= 16; - } - } -+ -+int update_reboot_param_file(const char *param) -+{ -+ int r = 0; -+ -+ if (param) { -+ -+ r = write_string_file(REBOOT_PARAM_FILE, param); -+ if (r < 0) -+ log_error("Failed to write reboot param to " -+ REBOOT_PARAM_FILE": %s", strerror(-r)); -+ } else -+ unlink(REBOOT_PARAM_FILE); -+ -+ return r; -+} -diff --git a/src/shared/util.h b/src/shared/util.h -index 90464c9..122ac91 100644 ---- a/src/shared/util.h -+++ b/src/shared/util.h -@@ -22,6 +22,7 @@ - ***/ - - #include <alloca.h> -+#include <fcntl.h> - #include <inttypes.h> - #include <time.h> - #include <sys/time.h> -@@ -922,3 +923,10 @@ uint64_t physical_memory(void); - char* mount_test_option(const char *haystack, const char *needle); - - void hexdump(FILE *f, const void *p, size_t s); -+ -+union file_handle_union { -+ struct file_handle handle; -+ char padding[sizeof(struct file_handle) + MAX_HANDLE_SZ]; -+}; -+ -+int update_reboot_param_file(const char *param); diff --git a/src/shared/virt.c b/src/shared/virt.c -index ec2ddcf..f03e790 100644 +index f9c4e67..f10baab 100644 --- a/src/shared/virt.c +++ b/src/shared/virt.c -@@ -149,7 +149,7 @@ static int detect_vm_dmi(const char **_id) { - - /* Returns a short identifier for the various VM implementations */ - int detect_vm(const char **id) { -- _cleanup_free_ char *hvtype = NULL, *cpuinfo_contents = NULL; -+ _cleanup_free_ char *domcap = NULL, *cpuinfo_contents = NULL; - static thread_local int cached_found = -1; - static thread_local const char *cached_id = NULL; - const char *_id = NULL; -@@ -163,17 +163,37 @@ int detect_vm(const char **id) { - return cached_found; - } +@@ -293,8 +293,26 @@ int detect_container(const char **id) { -- /* Try high-level hypervisor sysfs file first: -+ /* Try xen capabilities file first, if not found try high-level hypervisor sysfs file: - * -- * https://bugs.freedesktop.org/show_bug.cgi?id=61491 */ -- r = read_one_line_file("/sys/hypervisor/type", &hvtype); -+ * https://bugs.freedesktop.org/show_bug.cgi?id=77271 */ -+ r = read_one_line_file("/proc/xen/capabilities", &domcap); - if (r >= 0) { -- if (streq(hvtype, "xen")) { -+ char *cap, *i = domcap; -+ -+ while ((cap = strsep(&i, ","))) -+ if (streq(cap, "control_d")) -+ break; -+ -+ if (!i) { - _id = "xen"; - r = 1; + r = read_one_line_file("/run/systemd/container", &m); + if (r == -ENOENT) { +- r = 0; - goto finish; - } -- } else if (r != -ENOENT) + -+ goto finish; ++ /* Fallback for cases where PID 1 was not ++ * systemd (for example, cases where ++ * init=/bin/sh is used. */ + -+ } else if (r == -ENOENT) { -+ _cleanup_free_ char *hvtype = NULL; ++ r = getenv_for_pid(1, "container", &m); ++ if (r <= 0) { + -+ r = read_one_line_file("/sys/hypervisor/type", &hvtype); -+ if (r >= 0) { -+ if (streq(hvtype, "xen")) { -+ _id = "xen"; -+ r = 1; ++ /* If that didn't work, give up, ++ * assume no container manager. ++ * ++ * Note: This means we still cannot ++ * detect containers if init=/bin/sh ++ * is passed but privileges dropped, ++ * as /proc/1/environ is only readable ++ * with privileges. */ ++ ++ r = 0; + goto finish; + } -+ } else if (r != -ENOENT) -+ return r; -+ } else - return r; - - /* this will set _id to "other" and return 0 for unknown hypervisors */ + } + if (r < 0) + return r; diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c -index 0887bc3..d02ee2b 100644 +index 28eaa6a..3866308 100644 --- a/src/systemctl/systemctl.c +++ b/src/systemctl/systemctl.c -@@ -461,7 +461,7 @@ static int output_units_list(const UnitInfo *unit_infos, unsigned c) { - } - - if (circle_len > 0) -- printf("%s%s%s", on_circle, circle ? draw_special_char(DRAW_BLACK_CIRCLE) : " ", off_circle); -+ printf("%s%s%s ", on_circle, circle ? draw_special_char(DRAW_BLACK_CIRCLE) : " ", off_circle); - - printf("%s%-*s%s %s%-*s%s %s%-*s %-*s%s %-*s", - on_active, id_len, id, off_active, -@@ -2561,7 +2561,7 @@ static int start_unit_one( +@@ -2651,7 +2651,7 @@ static int start_unit_one( log_debug("Adding %s to the set", p); r = set_consume(s, p); @@ -2112,523 +859,89 @@ index 0887bc3..d02ee2b 100644 return log_oom(); } -@@ -4240,7 +4240,7 @@ static int show_all( - _cleanup_free_ UnitInfo *unit_infos = NULL; - const UnitInfo *u; - unsigned c; -- int r; -+ int r, ret = 0; +@@ -6917,8 +6917,13 @@ done: - r = get_unit_list(bus, NULL, NULL, &unit_infos, 0, &reply); - if (r < 0) -@@ -4262,9 +4262,11 @@ static int show_all( - r = show_one(verb, bus, p, show_properties, new_line, ellipsized); - if (r < 0) - return r; -+ else if (r > 0 && ret == 0) -+ ret = r; - } - -- return 0; -+ return ret; - } - - static int show_system_status(sd_bus *bus) { -@@ -4386,7 +4388,12 @@ static int show(sd_bus *bus, char **args) { - } - } + static int halt_now(enum action a) { -- show_one(args[0], bus, unit, show_properties, &new_line, &ellipsized); -+ r = show_one(args[0], bus, unit, show_properties, -+ &new_line, &ellipsized); -+ if (r < 0) -+ return r; -+ else if (r > 0 && ret == 0) -+ ret = r; - } - - if (!strv_isempty(patterns)) { -@@ -4403,7 +4410,12 @@ static int show(sd_bus *bus, char **args) { - if (!unit) - return log_oom(); - -- show_one(args[0], bus, unit, show_properties, &new_line, &ellipsized); -+ r = show_one(args[0], bus, unit, show_properties, -+ &new_line, &ellipsized); -+ if (r < 0) -+ return r; -+ else if (r > 0 && ret == 0) -+ ret = r; - } - } - } -@@ -5403,15 +5415,15 @@ static int systemctl_help(void) { - " otherwise restart if active\n" - " isolate NAME Start one unit and stop all others\n" - " kill NAME... Send signal to processes of a unit\n" -- " is-active NAME... Check whether units are active\n" -- " is-failed NAME... Check whether units are failed\n" -- " status [NAME...|PID...] Show runtime status of one or more units\n" -- " show [NAME...|JOB...] Show properties of one or more\n" -+ " is-active PATTERN... Check whether units are active\n" -+ " is-failed PATTERN... Check whether units are failed\n" -+ " status [PATTERN...|PID...] Show runtime status of one or more units\n" -+ " show [PATTERN...|JOB...] Show properties of one or more\n" - " units/jobs or the manager\n" -- " cat NAME... Show files and drop-ins of one or more units\n" -+ " cat PATTERN... Show files and drop-ins of one or more units\n" - " set-property NAME ASSIGNMENT... Sets one or more properties of a unit\n" -- " help NAME...|PID... Show manual for one or more units\n" -- " reset-failed [NAME...] Reset failed state for all, one, or more\n" -+ " help PATTERN...|PID... Show manual for one or more units\n" -+ " reset-failed [PATTERN...] Reset failed state for all, one, or more\n" - " units\n" - " list-dependencies [NAME] Recursively show units which are required\n" - " or wanted by this unit or by which this\n" -@@ -5973,13 +5985,10 @@ static int halt_parse_argv(int argc, char *argv[]) { - } - } +-/* Make sure C-A-D is handled by the kernel from this +- * point on... */ ++ /* The kernel will automaticall flush ATA disks and suchlike ++ * on reboot(), but the file systems need to be synce'd ++ * explicitly in advance. */ ++ sync(); ++ ++ /* Make sure C-A-D is handled by the kernel from this point ++ * on... */ + reboot(RB_ENABLE_CAD); -- if (arg_action == ACTION_REBOOT && argc == optind + 1) { -- r = write_string_file(REBOOT_PARAM_FILE, argv[optind]); -- if (r < 0) { -- log_error("Failed to write reboot param to " -- REBOOT_PARAM_FILE": %s", strerror(-r)); -+ if (arg_action == ACTION_REBOOT && (argc == optind || argc == optind + 1)) { -+ r = update_reboot_param_file(argc == optind + 1 ? argv[optind] : NULL); -+ if (r < 0) - return r; -- } - } else if (optind < argc) { - log_error("Too many arguments."); - return -EINVAL; -diff --git a/src/test/test-udev.c b/src/test/test-udev.c -index b064744..b057cc8 100644 ---- a/src/test/test-udev.c -+++ b/src/test/test-udev.c -@@ -155,9 +155,8 @@ int main(int argc, char *argv[]) { - } + switch (a) { +diff --git a/src/test/test-path-util.c b/src/test/test-path-util.c +index 63d64b2..57264de 100644 +--- a/src/test/test-path-util.c ++++ b/src/test/test-path-util.c +@@ -85,29 +85,30 @@ static void test_path(void) { } - -- err = udev_event_execute_rules(event, rules, &sigmask_orig); -- if (err == 0) -- udev_event_execute_run(event, NULL); -+ udev_event_execute_rules(event, rules, &sigmask_orig); -+ udev_event_execute_run(event, NULL); - out: - if (event != NULL && event->fd_signal >= 0) - close(event->fd_signal); -diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c -index 33e7cbc..04b472d 100644 ---- a/src/tmpfiles/tmpfiles.c -+++ b/src/tmpfiles/tmpfiles.c -@@ -217,19 +217,16 @@ static bool unix_socket_alive(const char *fn) { } - static int dir_is_mount_point(DIR *d, const char *subdir) { -- struct file_handle *h; -+ union file_handle_union h = { .handle.handle_bytes = MAX_HANDLE_SZ }; - int mount_id_parent, mount_id; - int r_p, r; - -- h = alloca(MAX_HANDLE_SZ); -- -- h->handle_bytes = MAX_HANDLE_SZ; -- r_p = name_to_handle_at(dirfd(d), ".", h, &mount_id_parent, 0); -+ r_p = name_to_handle_at(dirfd(d), ".", &h.handle, &mount_id_parent, 0); - if (r_p < 0) - r_p = -errno; - -- h->handle_bytes = MAX_HANDLE_SZ; -- r = name_to_handle_at(dirfd(d), subdir, h, &mount_id, 0); -+ h.handle.handle_bytes = MAX_HANDLE_SZ; -+ r = name_to_handle_at(dirfd(d), subdir, &h.handle, &mount_id, 0); - if (r < 0) - r = -errno; - -diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c b/src/tty-ask-password-agent/tty-ask-password-agent.c -index 1d067af..3203474 100644 ---- a/src/tty-ask-password-agent/tty-ask-password-agent.c -+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c -@@ -432,7 +432,7 @@ static int wall_tty_block(void) { - - r = get_ctty_devnr(0, &devnr); - if (r < 0) -- return -r; -+ return r; - - if (asprintf(&p, "/run/systemd/ask-password-block/%u:%u", major(devnr), minor(devnr)) < 0) - return -ENOMEM; -diff --git a/src/udev/accelerometer/accelerometer.c b/src/udev/accelerometer/accelerometer.c -index 925d38d..32adf27 100644 ---- a/src/udev/accelerometer/accelerometer.c -+++ b/src/udev/accelerometer/accelerometer.c -@@ -180,7 +180,7 @@ get_prev_orientation(struct udev_device *dev) - return string_to_orientation(value); +-static void test_find_binary(const char *self) { ++static void test_find_binary(const char *self, bool local) { + char *p; + +- assert_se(find_binary("/bin/sh", &p) == 0); ++ assert_se(find_binary("/bin/sh", local, &p) == 0); + puts(p); + assert_se(streq(p, "/bin/sh")); + free(p); + +- assert_se(find_binary(self, &p) == 0); ++ assert_se(find_binary(self, local, &p) == 0); + puts(p); + assert_se(endswith(p, "/test-path-util")); + assert_se(path_is_absolute(p)); + free(p); + +- assert_se(find_binary("sh", &p) == 0); ++ assert_se(find_binary("sh", local, &p) == 0); + puts(p); + assert_se(endswith(p, "/sh")); + assert_se(path_is_absolute(p)); + free(p); + +- assert_se(find_binary("xxxx-xxxx", &p) == -ENOENT); ++ assert_se(find_binary("xxxx-xxxx", local, &p) == -ENOENT); + +- assert_se(find_binary("/some/dir/xxxx-xxxx", &p) == -ENOENT); ++ assert_se(find_binary("/some/dir/xxxx-xxxx", local, &p) == ++ (local ? -ENOENT : 0)); } --#define SET_AXIS(axis, code_) if (ev[i].code == code_) { if (got_##axis == 0) { axis = ev[i].value; got_##axis = true; } } -+#define READ_AXIS(axis, var) { memzero(&abs_info, sizeof(abs_info)); r = ioctl(fd, EVIOCGABS(axis), &abs_info); if (r < 0) return; var = abs_info.value; } - - /* accelerometers */ - static void test_orientation(struct udev *udev, -@@ -189,10 +189,9 @@ static void test_orientation(struct udev *udev, - { - OrientationUp old, new; - _cleanup_close_ int fd = -1; -- struct input_event ev[64]; -- bool got_syn = false; -- bool got_x = false, got_y = false, got_z = false; -+ struct input_absinfo abs_info; - int x = 0, y = 0, z = 0; -+ int r; - char text[64]; - - old = get_prev_orientation(dev); -@@ -201,30 +200,10 @@ static void test_orientation(struct udev *udev, - if (fd < 0) - return; - -- while (1) { -- int i, r; -- -- r = read(fd, ev, sizeof(struct input_event) * 64); -- -- if (r < (int) sizeof(struct input_event)) -- return; -- -- for (i = 0; i < r / (int) sizeof(struct input_event); i++) { -- if (got_syn) { -- if (ev[i].type == EV_ABS) { -- SET_AXIS(x, ABS_X); -- SET_AXIS(y, ABS_Y); -- SET_AXIS(z, ABS_Z); -- } -- } -- if (ev[i].type == EV_SYN && ev[i].code == SYN_REPORT) -- got_syn = true; -- if (got_x && got_y && got_z) -- goto read_dev; -- } -- } -+ READ_AXIS(ABS_X, x); -+ READ_AXIS(ABS_Y, y); -+ READ_AXIS(ABS_Z, z); - --read_dev: - new = orientation_calc(old, x, y, z); - snprintf(text, sizeof(text), - "ID_INPUT_ACCELEROMETER_ORIENTATION=%s", orientation_to_string(new)); -diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c -index 5bb6b02..b31ad80 100644 ---- a/src/udev/net/link-config.c -+++ b/src/udev/net/link-config.c -@@ -184,7 +184,7 @@ failure: - } + static void test_prefixes(void) { +@@ -244,7 +245,8 @@ static void test_strv_resolve(void) { - static bool enable_name_policy(void) { -- _cleanup_free_ char *line; -+ _cleanup_free_ char *line = NULL; - char *w, *state; - int r; - size_t l; -@@ -391,7 +391,9 @@ int link_config_apply(link_config_ctx *ctx, link_config *config, struct udev_dev - case MACPOLICY_PERSISTENT: - if (!mac_is_permanent(device)) { - r = get_mac(device, false, &generated_mac); -- if (r < 0) -+ if (r == -ENOENT) -+ break; -+ else if (r < 0) - return r; - mac = &generated_mac; - } -@@ -399,7 +401,9 @@ int link_config_apply(link_config_ctx *ctx, link_config *config, struct udev_dev - case MACPOLICY_RANDOM: - if (!mac_is_random(device)) { - r = get_mac(device, true, &generated_mac); -- if (r < 0) -+ if (r == -ENOENT) -+ break; -+ else if (r < 0) - return r; - mac = &generated_mac; - } -diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c -index 5998be2..5213a4a 100644 ---- a/src/udev/udev-event.c -+++ b/src/udev/udev-event.c -@@ -771,18 +771,17 @@ static int rename_netif(struct udev_event *event) - log_error("error changing net interface name %s to %s: %s", - oldname, name, strerror(-r)); - else -- print_kmsg("renamed network interface %s to %s", oldname, name); -+ print_kmsg("renamed network interface %s to %s\n", oldname, name); - - return r; - } - --int udev_event_execute_rules(struct udev_event *event, struct udev_rules *rules, const sigset_t *sigmask) -+void udev_event_execute_rules(struct udev_event *event, struct udev_rules *rules, const sigset_t *sigmask) - { - struct udev_device *dev = event->dev; -- int err = 0; - - if (udev_device_get_subsystem(dev) == NULL) -- return -1; -+ return; - - if (streq(udev_device_get_action(dev), "remove")) { - udev_device_read_db(dev, NULL); -@@ -816,9 +815,10 @@ int udev_event_execute_rules(struct udev_event *event, struct udev_rules *rules, - event->name != NULL && !streq(event->name, udev_device_get_sysname(dev))) { - char syspath[UTIL_PATH_SIZE]; - char *pos; -+ int r; - -- err = rename_netif(event); -- if (err == 0) { -+ r = rename_netif(event); -+ if (r >= 0) { - log_debug("renamed netif to '%s'", event->name); - - /* remember old name */ -@@ -881,7 +881,6 @@ int udev_event_execute_rules(struct udev_event *event, struct udev_rules *rules, - udev_device_unref(event->dev_db); - event->dev_db = NULL; - } -- return err; - } - - void udev_event_execute_run(struct udev_event *event, const sigset_t *sigmask) -diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c -index 2630264..17f47f2 100644 ---- a/src/udev/udev-rules.c -+++ b/src/udev/udev-rules.c -@@ -2555,10 +2555,15 @@ int udev_rules_apply_static_dev_perms(struct udev_rules *rules) - struct stat stats; - - /* we assure, that the permissions tokens are sorted before the static token */ -+ - if (mode == 0 && uid == 0 && gid == 0 && tags == NULL) - goto next; - - strscpyl(device_node, sizeof(device_node), "/dev/", rules_str(rules, cur->key.value_off), NULL); -+ if (stat(device_node, &stats) != 0) -+ break; -+ if (!S_ISBLK(stats.st_mode) && !S_ISCHR(stats.st_mode)) -+ break; - - /* export the tags to a directory as symlinks, allowing otherwise dead nodes to be tagged */ - if (tags) { -@@ -2588,11 +2593,6 @@ int udev_rules_apply_static_dev_perms(struct udev_rules *rules) - if (mode == 0 && uid == 0 && gid == 0) - break; - -- if (stat(device_node, &stats) != 0) -- break; -- if (!S_ISBLK(stats.st_mode) && !S_ISCHR(stats.st_mode)) -- break; -- - if (mode == 0) { - if (gid > 0) - mode = 0660; -diff --git a/src/udev/udev.h b/src/udev/udev.h -index 936adfb..62538bc 100644 ---- a/src/udev/udev.h -+++ b/src/udev/udev.h -@@ -84,7 +84,7 @@ int udev_event_apply_subsys_kernel(struct udev_event *event, const char *string, - int udev_event_spawn(struct udev_event *event, - const char *cmd, char **envp, const sigset_t *sigmask, - char *result, size_t ressize); --int udev_event_execute_rules(struct udev_event *event, struct udev_rules *rules, const sigset_t *sigset); -+void udev_event_execute_rules(struct udev_event *event, struct udev_rules *rules, const sigset_t *sigset); - void udev_event_execute_run(struct udev_event *event, const sigset_t *sigset); - int udev_build_argv(struct udev *udev, char *cmd, int *argc, char *argv[]); - -diff --git a/src/udev/udevadm-test.c b/src/udev/udevadm-test.c -index 6cd311b..6a2f548 100644 ---- a/src/udev/udevadm-test.c -+++ b/src/udev/udevadm-test.c -@@ -43,7 +43,6 @@ static int adm_test(struct udev *udev, int argc, char *argv[]) - _cleanup_udev_device_unref_ struct udev_device *dev = NULL; - _cleanup_udev_event_unref_ struct udev_event *event = NULL; - sigset_t mask, sigmask_orig; -- int err; - int rc = 0, c; - - static const struct option options[] = { -@@ -139,18 +138,16 @@ static int adm_test(struct udev *udev, int argc, char *argv[]) - goto out; - } - -- err = udev_event_execute_rules(event, rules, &sigmask_orig); -+ udev_event_execute_rules(event, rules, &sigmask_orig); - - udev_list_entry_foreach(entry, udev_device_get_properties_list_entry(dev)) - printf("%s=%s\n", udev_list_entry_get_name(entry), udev_list_entry_get_value(entry)); - -- if (err == 0) { -- udev_list_entry_foreach(entry, udev_list_get_entry(&event->run_list)) { -- char program[UTIL_PATH_SIZE]; -+ udev_list_entry_foreach(entry, udev_list_get_entry(&event->run_list)) { -+ char program[UTIL_PATH_SIZE]; - -- udev_event_apply_format(event, udev_list_entry_get_name(entry), program, sizeof(program)); -- printf("run: '%s'\n", program); -- } -+ udev_event_apply_format(event, udev_list_entry_get_name(entry), program, sizeof(program)); -+ printf("run: '%s'\n", program); - } - out: - if (event != NULL && event->fd_signal >= 0) + int main(int argc, char **argv) { + test_path(); +- test_find_binary(argv[0]); ++ test_find_binary(argv[0], true); ++ test_find_binary(argv[0], false); + test_prefixes(); + test_path_join(); + test_fsck_exists(); diff --git a/src/udev/udevd.c b/src/udev/udevd.c -index f21c227..93afca1 100644 +index 2e6c713..193702c 100644 --- a/src/udev/udevd.c +++ b/src/udev/udevd.c -@@ -288,10 +288,9 @@ static void worker_new(struct event *event) - udev_event->exec_delay = exec_delay; - - /* apply rules, create node, symlinks */ -- err = udev_event_execute_rules(udev_event, rules, &sigmask_orig); -+ udev_event_execute_rules(udev_event, rules, &sigmask_orig); - -- if (err == 0) -- udev_event_execute_run(udev_event, &sigmask_orig); -+ udev_event_execute_run(udev_event, &sigmask_orig); - - /* apply/restore inotify watch */ - if (err == 0 && udev_event->inotify_watch) { -diff --git a/src/vconsole/vconsole-setup.c b/src/vconsole/vconsole-setup.c -index 0f2b706..645b1e6 100644 ---- a/src/vconsole/vconsole-setup.c -+++ b/src/vconsole/vconsole-setup.c -@@ -180,6 +180,10 @@ static int font_load(const char *vc, const char *font, const char *map, const ch - */ - static void font_copy_to_all_vcs(int fd) { - struct vt_stat vcs = {}; -+ unsigned char map8[E_TABSZ]; -+ unsigned short map16[E_TABSZ]; -+ struct unimapdesc unimapd; -+ struct unipair unipairs[USHRT_MAX]; - int i, r; - - /* get active, and 16 bit mask of used VT numbers */ -@@ -209,17 +213,35 @@ static void font_copy_to_all_vcs(int fd) { - cfo.op = KD_FONT_OP_COPY; - cfo.height = vcs.v_active-1; /* tty1 == index 0 */ - ioctl(vcfd, KDFONTOP, &cfo); -+ -+ /* copy map of 8bit chars */ -+ if (ioctl(fd, GIO_SCRNMAP, map8) >= 0) -+ ioctl(vcfd, PIO_SCRNMAP, map8); -+ -+ /* copy map of 8bit chars -> 16bit Unicode values */ -+ if (ioctl(fd, GIO_UNISCRNMAP, map16) >= 0) -+ ioctl(vcfd, PIO_UNISCRNMAP, map16); -+ -+ /* copy unicode translation table */ -+ /* unimapd is a ushort count and a pointer to an -+ array of struct unipair { ushort, ushort } */ -+ unimapd.entries = unipairs; -+ unimapd.entry_ct = USHRT_MAX; -+ if (ioctl(fd, GIO_UNIMAP, &unimapd) >= 0) { -+ struct unimapinit adv = { 0, 0, 0 }; -+ -+ ioctl(vcfd, PIO_UNIMAPCLR, &adv); -+ ioctl(vcfd, PIO_UNIMAP, &unimapd); -+ } - } - } - - int main(int argc, char **argv) { - const char *vc; -- char *vc_keymap = NULL; -- char *vc_keymap_toggle = NULL; -- char *vc_font = NULL; -- char *vc_font_map = NULL; -- char *vc_font_unimap = NULL; -- int fd = -1; -+ _cleanup_free_ char -+ *vc_keymap = NULL, *vc_keymap_toggle = NULL, -+ *vc_font = NULL, *vc_font_map = NULL, *vc_font_unimap = NULL; -+ _cleanup_close_ int fd = -1; - bool utf8; - pid_t font_pid = 0, keymap_pid = 0; - bool font_copy = false; -@@ -241,12 +263,12 @@ int main(int argc, char **argv) { - fd = open_terminal(vc, O_RDWR|O_CLOEXEC); - if (fd < 0) { - log_error("Failed to open %s: %m", vc); -- goto finish; -+ return EXIT_FAILURE; - } - - if (!is_vconsole(fd)) { - log_error("Device %s is not a virtual console.", vc); -- goto finish; -+ return EXIT_FAILURE; - } - - utf8 = is_locale_utf8(); -@@ -281,27 +303,27 @@ int main(int argc, char **argv) { - else - disable_utf8(fd); - -- r = EXIT_FAILURE; -- if (keymap_load(vc, vc_keymap, vc_keymap_toggle, utf8, &keymap_pid) >= 0 && -- font_load(vc, vc_font, vc_font_map, vc_font_unimap, &font_pid) >= 0) -- r = EXIT_SUCCESS; -- --finish: -- if (keymap_pid > 0) -- wait_for_terminate_and_warn(KBD_LOADKEYS, keymap_pid); -+ r = font_load(vc, vc_font, vc_font_map, vc_font_unimap, &font_pid); -+ if (r < 0) { -+ log_error("Failed to start " KBD_SETFONT ": %s", strerror(-r)); -+ return EXIT_FAILURE; -+ } - -- if (font_pid > 0) { -+ if (font_pid > 0) - wait_for_terminate_and_warn(KBD_SETFONT, font_pid); -- if (font_copy) -- font_copy_to_all_vcs(fd); -+ -+ r = keymap_load(vc, vc_keymap, vc_keymap_toggle, utf8, &keymap_pid); -+ if (r < 0) { -+ log_error("Failed to start " KBD_LOADKEYS ": %s", strerror(-r)); -+ return EXIT_FAILURE; - } - -- free(vc_keymap); -- free(vc_font); -- free(vc_font_map); -- free(vc_font_unimap); -+ if (keymap_pid > 0) -+ wait_for_terminate_and_warn(KBD_LOADKEYS, keymap_pid); - -- safe_close(fd); -+ /* Only copy the font when we started setfont successfully */ -+ if (font_copy && font_pid > 0) -+ font_copy_to_all_vcs(fd); - -- return r; -+ return EXIT_SUCCESS; - } -diff --git a/tmpfiles.d/systemd.conf b/tmpfiles.d/systemd.conf -index 7c6d6b9..c470045 100644 ---- a/tmpfiles.d/systemd.conf -+++ b/tmpfiles.d/systemd.conf -@@ -23,6 +23,6 @@ d /run/systemd/machines 0755 root root - - d /run/systemd/shutdown 0755 root root - - - m /var/log/journal 2755 root systemd-journal - - --m /var/log/journal/%m 2755 root systemd-journal - - -+Z /var/log/journal/%m 2755 root systemd-journal - - - m /run/log/journal 2755 root systemd-journal - - --m /run/log/journal/%m 2755 root systemd-journal - - -+Z /run/log/journal/%m 2755 root systemd-journal - - +@@ -994,9 +994,9 @@ static void kernel_cmdline_options(struct udev *udev) { + if (r < 0) + log_warning("Invalid udev.exec-delay ignored: %s", opt + 16); + } else if (startswith(opt, "udev.event-timeout=")) { +- r = safe_atou64(opt + 16, &arg_event_timeout_usec); ++ r = safe_atou64(opt + 19, &arg_event_timeout_usec); + if (r < 0) { +- log_warning("Invalid udev.event-timeout ignored: %s", opt + 16); ++ log_warning("Invalid udev.event-timeout ignored: %s", opt + 19); + break; + } + arg_event_timeout_usec *= USEC_PER_SEC; diff --git a/units/console-getty.service.m4.in b/units/console-getty.service.m4.in index 8ac51a4..cae9fb5 100644 --- a/units/console-getty.service.m4.in @@ -2642,11 +955,14 @@ index 8ac51a4..cae9fb5 100644 Restart=always RestartSec=0 diff --git a/units/container-getty@.service.m4.in b/units/container-getty@.service.m4.in -index 4f7794b..bad2a9a 100644 +index 4f7794b..6dfc2e9 100644 --- a/units/container-getty@.service.m4.in +++ b/units/container-getty@.service.m4.in -@@ -16,7 +16,6 @@ Before=getty.target +@@ -14,9 +14,9 @@ After=rc-local.service + )m4_dnl + Before=getty.target IgnoreOnIsolate=yes ++ConditionPathExists=/dev/pts/%I [Service] -ExecStart=-/sbin/agetty --noclear --keep-baud pts/%I 115200,38400,9600 $TERM @@ -2654,19 +970,19 @@ index 4f7794b..bad2a9a 100644 Restart=always RestartSec=0 diff --git a/units/emergency.service.in b/units/emergency.service.in -index 94c090f..0d20640 100644 +index 18973e7..3a99660 100644 --- a/units/emergency.service.in +++ b/units/emergency.service.in -@@ -15,7 +15,6 @@ Before=shutdown.target +@@ -16,7 +16,6 @@ Before=shutdown.target [Service] Environment=HOME=/root WorkingDirectory=/root -ExecStartPre=-/bin/plymouth quit - ExecStartPre=-/bin/echo -e 'Welcome to emergency mode! After logging in, type "journalctl -xb" to view\\nsystem logs, "systemctl reboot" to reboot, "systemctl default" to try again\\nto boot into default mode.' - ExecStart=-/sbin/sulogin - ExecStopPost=@SYSTEMCTL@ --fail --no-block default + ExecStartPre=-/bin/echo -e 'Welcome to emergency mode! After logging in, type "journalctl -xb" to view\\nsystem logs, "systemctl reboot" to reboot, "systemctl default" or ^D to\\ntry again to boot into default mode.' + ExecStart=-/bin/sh -c "/sbin/sulogin; @SYSTEMCTL@ --fail --no-block default" + Type=idle diff --git a/units/getty@.service.m4 b/units/getty@.service.m4 -index aa853b8..8bcc647 100644 +index 46164ab..f194a31 100644 --- a/units/getty@.service.m4 +++ b/units/getty@.service.m4 @@ -23,11 +23,12 @@ IgnoreOnIsolate=yes @@ -2685,23 +1001,23 @@ index aa853b8..8bcc647 100644 Restart=always RestartSec=0 diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in -index 368f980..d0c1bd2 100644 +index 0934a87..7e30c9e 100644 --- a/units/kmod-static-nodes.service.in +++ b/units/kmod-static-nodes.service.in @@ -10,7 +10,6 @@ Description=Create list of required static device nodes for the current kernel DefaultDependencies=no Before=sysinit.target systemd-tmpfiles-setup-dev.service - ConditionCapability=CAP_MKNOD + ConditionCapability=CAP_SYS_MODULE -ConditionPathExists=/lib/modules/%v/modules.devname [Service] Type=oneshot diff --git a/units/local-fs.target b/units/local-fs.target -index ae3cedc..0e36840 100644 +index d2e5429..d26984b 100644 --- a/units/local-fs.target +++ b/units/local-fs.target -@@ -13,3 +13,5 @@ DefaultDependencies=no - Conflicts=shutdown.target +@@ -13,3 +13,5 @@ Conflicts=shutdown.target + After=local-fs-pre.target OnFailure=emergency.target OnFailureJobMode=replace-irreversibly + @@ -2718,47 +1034,43 @@ index 43ffa5c..156a681 100644 + [Install] WantedBy=multi-user.target -diff --git a/units/rescue.service.m4.in b/units/rescue.service.m4.in -index 552ef89..af3915f 100644 ---- a/units/rescue.service.m4.in -+++ b/units/rescue.service.m4.in +diff --git a/units/rescue.service.in b/units/rescue.service.in +index fc93f1e..3c87cf8 100644 +--- a/units/rescue.service.in ++++ b/units/rescue.service.in @@ -16,7 +16,6 @@ Before=shutdown.target [Service] Environment=HOME=/root WorkingDirectory=/root -ExecStartPre=-/bin/plymouth quit - ExecStartPre=-/bin/echo -e 'Welcome to rescue mode! Type "systemctl default" or ^D to enter default mode.\\nType "journalctl -xb" to view system logs. Type "systemctl reboot" to reboot.' - ExecStart=-/sbin/sulogin - ExecStopPost=-@SYSTEMCTL@ --fail --no-block default + ExecStartPre=-/bin/echo -e 'Welcome to emergency mode! After logging in, type "journalctl -xb" to view\\nsystem logs, "systemctl reboot" to reboot, "systemctl default" or ^D to\\nboot into default mode.' + ExecStart=-/bin/sh -c "/sbin/sulogin; @SYSTEMCTL@ --fail --no-block default" + Type=idle diff --git a/units/serial-getty@.service.m4 b/units/serial-getty@.service.m4 -index 4ac51e7..96daa5c 100644 +index 4522d0d..96daa5c 100644 --- a/units/serial-getty@.service.m4 +++ b/units/serial-getty@.service.m4 -@@ -22,10 +22,8 @@ Before=getty.target +@@ -22,7 +22,6 @@ Before=getty.target IgnoreOnIsolate=yes [Service] -ExecStart=-/sbin/agetty --keep-baud 115200,38400,9600 %I $TERM Type=idle Restart=always --RestartSec=0 UtmpIdentifier=%I - TTYPath=/dev/%I - TTYReset=yes diff --git a/units/sysinit.target b/units/sysinit.target -index 8f4fb8f..e0f0147 100644 +index ec33503..4ac47b9 100644 --- a/units/sysinit.target +++ b/units/sysinit.target -@@ -9,6 +9,5 @@ +@@ -9,5 +9,4 @@ Description=System Initialization Documentation=man:systemd.special(7) Conflicts=emergency.service emergency.target -Wants=local-fs.target swap.target -After=local-fs.target swap.target emergency.service emergency.target +After=emergency.service emergency.target - RefuseManualStart=yes diff --git a/units/systemd-backlight@.service.in b/units/systemd-backlight@.service.in -index e945d87..77728f2 100644 +index ecf3de4..7e83446 100644 --- a/units/systemd-backlight@.service.in +++ b/units/systemd-backlight@.service.in @@ -19,3 +19,4 @@ Type=oneshot @@ -2767,25 +1079,34 @@ index e945d87..77728f2 100644 ExecStop=@rootlibexecdir@/systemd-backlight save %i +X-RestartIfChanged=false diff --git a/units/systemd-journal-flush.service.in b/units/systemd-journal-flush.service.in -index 503e8a6..fe23b8b 100644 +index 699670b..ba22c6d 100644 --- a/units/systemd-journal-flush.service.in +++ b/units/systemd-journal-flush.service.in -@@ -10,8 +10,9 @@ Description=Trigger Flushing of Journal to Persistent Storage +@@ -10,8 +10,10 @@ Description=Trigger Flushing of Journal to Persistent Storage Documentation=man:systemd-journald.service(8) man:journald.conf(5) DefaultDependencies=no Requires=systemd-journald.service -After=systemd-journald.service local-fs.target remote-fs.target +After=systemd-journald.service - Before=systemd-user-sessions.service ++After=systemd-remount-fs.service + Before=systemd-user-sessions.service systemd-tmpfiles-setup.service +RequiresMountsFor=/var/log/journal [Service] - ExecStart=@rootbindir@/systemctl kill --kill-who=main --signal=SIGUSR1 systemd-journald.service + ExecStart=@rootbindir@/journalctl --flush diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in -index de93879..c9a49f3 100644 +index 4de38fa..2f23c13 100644 --- a/units/systemd-journald.service.in +++ b/units/systemd-journald.service.in -@@ -25,3 +25,8 @@ WatchdogSec=1min +@@ -14,6 +14,7 @@ After=systemd-journald.socket systemd-journald-dev-log.socket syslog.socket + Before=sysinit.target + + [Service] ++Type=notify + Sockets=systemd-journald.socket systemd-journald-dev-log.socket + ExecStart=@rootlibexecdir@/systemd-journald + Restart=always +@@ -26,3 +27,8 @@ WatchdogSec=1min # Increase the default a bit in order to allow many simultaneous # services being run since we keep one fd open per service. LimitNOFILE=16384 @@ -2794,20 +1115,8 @@ index de93879..c9a49f3 100644 +# journald to stop logging (see +# https://bugs.freedesktop.org/show_bug.cgi?id=56043). +X-RestartIfChanged=no -diff --git a/units/systemd-nspawn@.service.in b/units/systemd-nspawn@.service.in -index ff36e90..e373628 100644 ---- a/units/systemd-nspawn@.service.in -+++ b/units/systemd-nspawn@.service.in -@@ -11,6 +11,7 @@ Documentation=man:systemd-nspawn(1) - - [Service] - ExecStart=@bindir@/systemd-nspawn --quiet --keep-unit --boot --link-journal=guest --directory=/var/lib/container/%i -+KillMode=mixed - Type=notify - - [Install] diff --git a/units/systemd-random-seed.service.in b/units/systemd-random-seed.service.in -index 1879b2f..9b895b9 100644 +index b55844b..3ef9fc6 100644 --- a/units/systemd-random-seed.service.in +++ b/units/systemd-random-seed.service.in @@ -19,3 +19,4 @@ Type=oneshot @@ -2816,7 +1125,7 @@ index 1879b2f..9b895b9 100644 ExecStop=@rootlibexecdir@/systemd-random-seed save +X-RestartIfChanged=false diff --git a/units/systemd-rfkill@.service.in b/units/systemd-rfkill@.service.in -index 9d264a2..c505535 100644 +index 0e9851b..9f8fa0d 100644 --- a/units/systemd-rfkill@.service.in +++ b/units/systemd-rfkill@.service.in @@ -19,3 +19,4 @@ Type=oneshot @@ -2825,28 +1134,28 @@ index 9d264a2..c505535 100644 ExecStop=@rootlibexecdir@/systemd-rfkill save %I +X-RestartIfChanged=false diff --git a/units/systemd-tmpfiles-setup.service.in b/units/systemd-tmpfiles-setup.service.in -index 01043b7..507f820 100644 +index e895cda..194146f 100644 --- a/units/systemd-tmpfiles-setup.service.in +++ b/units/systemd-tmpfiles-setup.service.in -@@ -12,7 +12,7 @@ DefaultDependencies=no - Wants=local-fs.target +@@ -11,7 +11,7 @@ Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) + DefaultDependencies=no Conflicts=shutdown.target - After=systemd-readahead-collect.service systemd-readahead-replay.service local-fs.target + After=local-fs.target systemd-sysusers.service -Before=sysinit.target shutdown.target +Before=shutdown.target - ConditionDirectoryNotEmpty=|/usr/lib/tmpfiles.d - ConditionDirectoryNotEmpty=|/lib/tmpfiles.d - ConditionDirectoryNotEmpty=|/usr/local/lib/tmpfiles.d + RefuseManualStop=yes + + [Service] diff --git a/units/systemd-update-utmp.service.in b/units/systemd-update-utmp.service.in -index da7dda7..e638145 100644 +index 163eccd..7357c12 100644 --- a/units/systemd-update-utmp.service.in +++ b/units/systemd-update-utmp.service.in @@ -11,7 +11,7 @@ Documentation=man:systemd-update-utmp.service(8) man:utmp(5) DefaultDependencies=no RequiresMountsFor=/var/log/wtmp Conflicts=shutdown.target --After=systemd-readahead-collect.service systemd-readahead-replay.service systemd-remount-fs.service systemd-tmpfiles-setup.service auditd.service -+After=systemd-readahead-collect.service systemd-readahead-replay.service systemd-remount-fs.service auditd.service +-After=systemd-remount-fs.service systemd-tmpfiles-setup.service auditd.service ++After=systemd-remount-fs.service auditd.service Before=sysinit.target shutdown.target [Service] |