1
diff --git a/.gitignore b/.gitignore
2
index 9763766..7b6d0a3 100644
3
--- a/.gitignore
4
+++ b/.gitignore
5
@@ -36,3 +36,4 @@ __pycache__/
6
36
# Ignore any mkosi config files with "local" in the name
36
# Ignore any mkosi config files with "local" in the name
7
37
/mkosi.default.d/**/*local*.conf
37
/mkosi.default.d/**/*local*.conf
8
38
/tags
38
/tags
9
39
.dir-locals-2.el
10
diff --git a/debian/changelog b/debian/changelog
11
index 2c2c602..acbfad0 100644
12
--- a/debian/changelog
13
+++ b/debian/changelog
14
@@ -1,10 +1,195 @@
16
1
systemd (251.2-2ubuntu3) UNRELEASED; urgency=medium
1
systemd (251.4-1ubuntu1) kinetic; urgency=medium
17
2
2
21
3
  * Cherry-pick upstream commit (3657d3a) to fix glibc 2.36 compat
3
  * Merge 251.4-1 from Debian
22
4
    File: debian/patches/glibc-Remove-include-linux-fs.h-to-resolve-fsconfig_comma.patch
4
    - debian/rules: Keep our diff for TPM2 build on i386
23
5
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1e8048741cc0f811faf6b9e713a3fb7e38ef3503
5
    - Drop EFI build patches.
24
6
      An upstream patch that covers these changes was backported to the 251
25
7
      stable branch.
26
8
      Files:
27
9
      - debian/patches/lp1979215-boot-efi-missing-.note.GNU-stack-section-implies-executab.patch
28
10
      - debian/patches/lp1979236-boot-efi-set-no-warn-rwx-segments-on-arm.patch
29
11
      https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=983b46f110b5a6e32a28b87c4b9458442624c0cd
30
12
    - Drop debian/patches/units-remove-the-restart-limit-on-the-modprobe-.service.patch.
31
13
      This patch was backported to the 251 stable branch.
32
14
      File: debian/patches/units-remove-the-restart-limit-on-the-modprobe-.service.patch
33
15
      https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=959fe326da87466775b37088e9bfd476056373ea
34
16
    - debian/rules: update i386 debugedit workaround.
35
17
      This linuxia32.elf.stub is shipped with systemd-boot-efi now, so update
36
18
      the workaround to include that path as well.
37
19
      File: debian/rules
38
20
      https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=354f9fccc94dcb0d555329921510d5f22e62351a
39
21
  * test: denylist TEST-29-PORTABLE again
40
22
    File: debian/patches/test-denylist-TEST-29-PORTABLE-again.patch
41
23
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6036de78481f8cbf3e8f3a52dac711c732d80c59
42
24
  * debian/control: add systemd-resolved to systemd's Recommends:
43
25
    In Ubuntu, systemd-resolved is used by default, so after the
44
26
    systemd-resolved package split, we should have a stronger relationship
45
27
    than Suggests: systemd-resolved.
46
28
    File: debian/control
47
29
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=400bf9dd2cf83c91f47326769eff0259429f3e0a
48
30
  * debian/control: add Recommends: systemd-hwe-hwdb to udev.
49
31
    The systemd-hwe-hwdb brings in additional hwdb rules for HWE, so we want
50
32
    those installed with udev by default.
51
33
    File: debian/control
52
34
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=148d8d9cd4c260559ad944de3427f183e04858cc
53
35
54
36
 -- Nick Rosbrook <nick.rosbrook@canonical.com>  Tue, 23 Aug 2022 17:45:48 -0400
55
37
56
38
systemd (251.4-1) unstable; urgency=medium
57
39
58
40
  * New upstream version 251.4
59
41
  * Rebase patches
60
42
  * Rebuild against fixed dh-nss to avoid duplicates in /etc/nsswitch.conf
61
43
    (Closes: #1017096)
62
44
63
45
 -- Michael Biebl <biebl@debian.org>  Sun, 14 Aug 2022 20:06:18 +0200
64
46
65
47
systemd (251.3-2) unstable; urgency=medium
66
48
67
49
  [ Luca Boccassi ]
68
50
  * libnss-systemd: also let userdbd manage passwords.
69
51
    As of upstream commit:
70
52
    https://github.com/systemd/systemd/commit/f43a19ecd6e3415e
71
53
    in v249 userdbd can also synthesize shadow/gshadow records,
72
54
    so add the shadow config to nsswitch.conf on installation.
73
55
    (Closes: #1004326)
74
56
  * homed: make PAM rules higher priority than unix users.
75
57
    Make sure homed is tried first when logging in. This is required
76
58
    after adding nss-systemd support for 'shadow' in /etc/nsswitch.conf.
77
59
    See Arch bug: https://bugs.archlinux.org/task/72967
78
60
79
61
  [ Gioele Barabucci ]
80
62
  * d/control: Use dh_installnss
81
63
  * d/libnss-myhostname.nss: Install NSS service `myhostname` via dh_installnss
82
64
  * d/libnss-mymaschines.nss: Install NSS service `mymaschines` via dh_installnss
83
65
  * d/libnss-resolve.nss: Install NSS service `resolve` via dh_installnss
84
66
  * d/libnss-systemd.nss: Install NSS service `systemd` via dh_installnss
85
67
86
68
 -- Michael Biebl <biebl@debian.org>  Fri, 12 Aug 2022 19:06:38 +0200
87
69
88
70
systemd (251.3-2~exp2) experimental; urgency=medium
89
71
90
72
  * Note in systemd.NEWS that resolved has moved to a new package
91
73
  * systemd-resolved: move conffile from systemd. Copied from systemd-
92
74
    timesyncd
93
75
94
76
 -- Luca Boccassi <bluca@debian.org>  Sun, 07 Aug 2022 00:06:03 +0100
95
77
96
78
systemd (251.3-2~exp1) experimental; urgency=medium
97
79
98
80
  * Split systemd-resolved into its own package which takes over
99
81
    /etc/resolv.conf (Closes: #939904)
100
82
101
83
 -- Luca Boccassi <bluca@debian.org>  Thu, 04 Aug 2022 14:55:48 +0100
102
84
103
85
systemd (251.3-1) unstable; urgency=medium
104
86
105
87
  * New upstream version 251.3
106
88
  * Rebase patches
107
89
108
90
 -- Michael Biebl <biebl@debian.org>  Wed, 13 Jul 2022 23:05:40 +0200
109
91
110
92
systemd (251.2-8) unstable; urgency=medium
111
93
112
94
  * autopkgtest: install openssl for upstream test.
113
95
    Install openssl explicitly and do not rely on other packages, like
114
96
    swtpm-libs, to pull this dependency for us.
115
97
    Used by TEST-50-DISSECT, which otherwise just silently skips the test.
116
98
  * Add versioned dependency on init-system-helpers to systemd-homed.
117
99
    Ensure that we have a version of deb-systemd-helper which properly
118
100
    handles loops in Also= dependencies. (Closes: #1014115)
119
101
  * Demote shlibs dependencies of libsystemd0 from Pre-Depends to Depends.
120
102
    As systemctl, which is quasi-essential, no longer links against
121
103
    libsystemd0, we do not need those strict requirements anymore.
122
104
  * Work around some more dh_installman issues
123
6
105
125
7
 -- Lukas Märdian <slyon@ubuntu.com>  Mon, 15 Aug 2022 15:29:16 +0200
106
 -- Michael Biebl <biebl@debian.org>  Wed, 06 Jul 2022 21:23:38 +0200
126
107
127
108
systemd (251.2-7) unstable; urgency=medium
128
109
129
110
  [ Luca Boccassi ]
130
111
  * sd-boot: add kernel hooks scripts
131
112
132
113
  [ Andrea Pappacoda ]
133
114
  * sd-boot: add initramfs hook (Closes: #826045)
134
115
135
116
  [ Michael Biebl ]
136
117
  * sd-boot: exit early in initramfs and kernel hook scripts if package is
137
118
    removed but not purged
138
119
  * Do not fail with older binutils.
139
120
    Test if the linker supports --no-warn-execstack and --no-warn-rwx-segments
140
121
    before using those flags. (Closes: #1013967)
141
122
142
123
 -- Michael Biebl <biebl@debian.org>  Tue, 28 Jun 2022 14:33:37 +0200
143
124
144
125
systemd (251.2-6) unstable; urgency=medium
145
126
146
127
  [ Helmut Grohne ]
147
128
  * Mark systemd-userdbd and systemd-homed as !stage1 (Closes: #1012738)
148
129
149
130
  [ Luca Boccassi ]
150
131
  * Remove unused Lintian overrides
151
132
  * Stop overriding the build directory name.
152
133
    We don't do a separate udeb build anymore, so there's no need
153
134
    to specify a separate build directory.
154
135
  * Use execute_before_/after_ instead of override_
155
136
  * Add nodoc profile support.
156
137
    Co-authored-by: Michael Biebl <biebl@debian.org>
157
138
158
139
  [ Michael Biebl ]
159
140
  * Do not fail EFI build with newer binutils (Closes: #1013482)
160
141
  * shared/microhttp-util: silence gcc warning
161
142
  * Clarify NEWS message about systemd-boot split (Closes: #1013340)
162
143
163
144
 -- Michael Biebl <biebl@debian.org>  Fri, 24 Jun 2022 10:12:34 +0200
164
145
165
146
systemd (251.2-5) unstable; urgency=medium
166
147
167
148
  * Tweak description of systemd-homed package
168
149
  * Move shlibs dependencies of libsystemd-shared from Pre-Depends to Depends
169
150
    (Closes: #1012637)
170
151
  * Add versioned Breaks against sicherboot for the systemd-boot split
171
152
    (Closes: #1012625)
172
153
  * Drop old Conflicts against hal from udev.
173
154
    The hal package has been gone for several release cycles, so this
174
155
    Conflicts should not be necessary anymore.
175
156
176
157
 -- Michael Biebl <biebl@debian.org>  Fri, 10 Jun 2022 23:51:50 +0200
177
158
178
159
systemd (251.2-4) unstable; urgency=medium
179
160
180
161
  * Use try-restart in systemd-binfmt dpkg trigger
181
162
  * Fix bashism in kernel-install
182
163
  * Upload to unstable
183
164
184
165
 -- Michael Biebl <biebl@debian.org>  Fri, 10 Jun 2022 09:16:48 +0200
185
166
186
167
systemd (251.2-3) experimental; urgency=medium
187
168
188
169
  [ Luca Boccassi ]
189
170
  * Add systemd-userdbd package. This can be used to synthetize dynamic
190
171
    user/groups, and can be useful by itself. It will also be used by
191
172
    homed.
192
173
  * Add systemd-homed package (Closes: #976960)
193
174
  * Add systemd-boot-efi multiarch package. Allows EFI binaries for
194
175
    different architectures to be co-installed. Useful when the EFI has a
195
176
    different architecture, or to manipulate images. The userspace tooling
196
177
    doesn't need to match the EFI binaries. Also allows one to reduce the
197
178
    number of packages and dependencies needed when i386 is not a full
198
179
    architecture, but a subset for libraries and for EFI support.
199
180
200
181
  [ Michael Biebl ]
201
182
  * Move homectl and userdbctl to /usr/bin
202
183
  * Install libsystemd-shared into rootpkglibdir
203
184
  * Split out libsystemd-shared into its own package. Since libsystem-
204
185
    shared is an internal implementation detail, do not generate a shlibs
205
186
    file for it. This means dh_shlibdeps needs to be told explicitly where
206
187
    it can find libsystemd-shared. Mark this new package as Multi-Arch:
207
188
    same. (Closes: #990547)
208
189
  * Split out systemd-boot into its own package
209
190
  * Add NEWS entry for the systemd-boot package split
210
191
211
192
 -- Luca Boccassi <bluca@debian.org>  Wed, 08 Jun 2022 23:56:04 +0100
212
8
193
213
9
systemd (251.2-2ubuntu2) kinetic; urgency=medium
194
systemd (251.2-2ubuntu2) kinetic; urgency=medium
214
10
195
215
diff --git a/debian/control b/debian/control
216
index d940ed4..6bafebb 100644
217
--- a/debian/control
218
+++ b/debian/control
219
@@ -15,11 +15,12 @@ Vcs-Git: https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd
220
15
Vcs-Browser:  https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd
15
Vcs-Browser:  https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd
221
16
Homepage: https://www.freedesktop.org/wiki/Software/systemd
16
Homepage: https://www.freedesktop.org/wiki/Software/systemd
222
17
Build-Depends: debhelper-compat (= 13),
17
Build-Depends: debhelper-compat (= 13),
223
18
               dh-sequence-installnss,
224
18
               dh-sequence-package-notes,
19
               dh-sequence-package-notes,
225
19
               pkg-config,
20
               pkg-config,
229
20
               xsltproc,
21
               xsltproc <!nodoc>,
230
21
               docbook-xsl,
22
               docbook-xsl <!nodoc>,
231
22
               docbook-xml,
23
               docbook-xml <!nodoc>,
232
23
               meson (>= 0.53.2),
24
               meson (>= 0.53.2),
233
24
               gettext,
25
               gettext,
234
25
               gperf,
26
               gperf,
235
@@ -75,7 +76,11 @@ Priority: important
236
75
Recommends: default-dbus-system-bus | dbus-system-bus,
76
Recommends: default-dbus-system-bus | dbus-system-bus,
237
76
            networkd-dispatcher,
77
            networkd-dispatcher,
238
77
            systemd-timesyncd | time-daemon,
78
            systemd-timesyncd | time-daemon,
239
79
            systemd-resolved,
240
78
Suggests: systemd-container,
80
Suggests: systemd-container,
241
81
          systemd-homed,
242
82
          systemd-userdbd,
243
83
          systemd-boot,
244
79
          libfido2-1,
84
          libfido2-1,
245
80
          libtss2-esys-3.0.2-0,
85
          libtss2-esys-3.0.2-0,
246
81
          libtss2-mu0,
86
          libtss2-mu0,
247
@@ -94,6 +99,7 @@ Conflicts: consolekit,
248
94
Breaks: resolvconf (<< 1.83~),
99
Breaks: resolvconf (<< 1.83~),
249
95
        udev (<< 247~),
100
        udev (<< 247~),
250
96
        less (<< 563),
101
        less (<< 563),
251
102
        sicherboot (<< 0.1.6),
252
97
Provides: systemd-sysusers (= ${binary:Version}),
103
Provides: systemd-sysusers (= ${binary:Version}),
253
98
          systemd-tmpfiles (= ${binary:Version}),
104
          systemd-tmpfiles (= ${binary:Version}),
254
99
Description: system and service manager
105
Description: system and service manager
255
@@ -272,11 +278,11 @@ Multi-Arch: same
256
272
Pre-Depends: ${misc:Pre-Depends}
278
Pre-Depends: ${misc:Pre-Depends}
257
273
Depends: ${shlibs:Depends},
279
Depends: ${shlibs:Depends},
258
274
         ${misc:Depends},
280
         ${misc:Depends},
260
275
         systemd (= ${binary:Version}),
281
         systemd-resolved (= ${binary:Version}),
261
276
Description: nss module to resolve names via systemd-resolved
282
Description: nss module to resolve names via systemd-resolved
262
277
 nss-resolve is a plugin for the GNU Name Service Switch (NSS) functionality
283
 nss-resolve is a plugin for the GNU Name Service Switch (NSS) functionality
263
278
 of the GNU C Library (glibc) providing DNS and LLMNR resolution to programs via
284
 of the GNU C Library (glibc) providing DNS and LLMNR resolution to programs via
265
279
 the systemd-resolved daemon (provided in the systemd package).
285
 the systemd-resolved daemon (provided in the systemd-resolved package).
266
280
 .
286
 .
267
281
 Installing this package automatically adds resolve to /etc/nsswitch.conf.
287
 Installing this package automatically adds resolve to /etc/nsswitch.conf.
268
282
288
269
@@ -301,9 +307,8 @@ Package: libsystemd0
270
301
Architecture: linux-any
307
Architecture: linux-any
271
302
Multi-Arch: same
308
Multi-Arch: same
272
303
Section: libs
309
Section: libs
276
304
Pre-Depends: ${shlibs:Depends},
310
Depends: ${shlibs:Depends},
277
305
             ${misc:Pre-Depends}
311
         ${misc:Depends}
275
306
Depends: ${misc:Depends}
278
307
Description: systemd utility library
312
Description: systemd utility library
279
308
 This library provides APIs to interface with various system components such as
313
 This library provides APIs to interface with various system components such as
280
309
 the system journal, the system service manager, D-Bus and more.
314
 the system journal, the system service manager, D-Bus and more.
281
@@ -321,6 +326,18 @@ Description: systemd utility library - development files
282
321
 This package contains the files needed for developing applications that
326
 This package contains the files needed for developing applications that
283
322
 use libsystemd.
327
 use libsystemd.
284
323
328
285
329
Package: libsystemd-shared
286
330
Architecture: linux-any
287
331
Multi-Arch: same
288
332
Section: libs
289
333
Pre-Depends: ${misc:Pre-Depends}
290
334
Depends: ${shlibs:Depends},
291
335
         ${misc:Depends}
292
336
Description: systemd shared private library
293
337
 This internal shared library provides common code used by various systemd
294
338
 components. It is supposed to decrease memory and disk footprint.
295
339
 The shared library is not meant for public use and is not API or ABI stable.
296
340
297
324
Package: udev
341
Package: udev
298
325
Priority: important
342
Priority: important
299
326
Architecture: linux-any
343
Architecture: linux-any
300
@@ -331,7 +348,7 @@ Depends: ${shlibs:Depends},
301
331
         adduser,
348
         adduser,
302
332
         libudev1 (= ${binary:Version}),
349
         libudev1 (= ${binary:Version}),
303
333
         s390-tools [s390],
350
         s390-tools [s390],
305
334
Conflicts: hal
351
Recommends: systemd-hwe-hwdb,
306
335
Breaks: systemd (<< ${binary:Version}),
352
Breaks: systemd (<< ${binary:Version}),
307
336
Description: /dev/ and hotplug management daemon
353
Description: /dev/ and hotplug management daemon
308
337
 udev is a daemon which dynamically creates and removes device nodes from
354
 udev is a daemon which dynamically creates and removes device nodes from
309
@@ -427,3 +444,87 @@ Description: userspace out-of-memory (OOM) killer
310
427
 systemd-oomd is a system service that uses cgroups-v2 and
444
 systemd-oomd is a system service that uses cgroups-v2 and
311
428
 pressure stall information (PSI) to monitor and take action on
445
 pressure stall information (PSI) to monitor and take action on
312
429
 processes before an OOM occurs in kernel space.
446
 processes before an OOM occurs in kernel space.
313
447
314
448
Package: systemd-userdbd
315
449
Build-Profiles: <!stage1>
316
450
Architecture: linux-any
317
451
Depends: ${shlibs:Depends},
318
452
         ${misc:Depends},
319
453
         systemd (= ${binary:Version}),
320
454
Description: dynamic user/group manager
321
455
 systemd-userdbd is a system service that multiplexes user/group lookups to all
322
456
 local services that provide JSON user/group record definitions to the system.
323
457
 In addition it synthesizes JSON user/group records from classic UNIX/glibc NSS
324
458
 user/group records in order to provide full backwards compatibility. It may
325
459
 also pick up statically defined JSON user/group records from drop-in files.
326
460
327
461
Package: systemd-homed
328
462
Build-Profiles: <!stage1>
329
463
Architecture: linux-any
330
464
Pre-Depends: ${misc:Pre-Depends},
331
465
             init-system-helpers (>= 1.64~),
332
466
Depends: ${shlibs:Depends},
333
467
         ${misc:Depends},
334
468
         systemd-userdbd (= ${binary:Version}),
335
469
         systemd (= ${binary:Version}),
336
470
         libpam-runtime,
337
471
Description: home area manager
338
472
 systemd-homed is a system service designed to manage home directories. This
339
473
 package includes the homed service, a PAM module to automatically mount home
340
474
 directories on user login, tools and documentation.
341
475
342
476
Package: systemd-boot
343
477
Architecture: amd64 i386 arm64 armhf
344
478
Depends: ${shlibs:Depends},
345
479
         ${misc:Depends},
346
480
         systemd-boot-efi (= ${binary:Version}),
347
481
Recommends: efibootmgr,
348
482
Breaks: systemd (<< 251.2-3~)
349
483
Replaces: systemd (<< 251.2-3~)
350
484
Description: simple UEFI boot manager - tools and services
351
485
 systemd-boot (short: sd-boot) is a simple UEFI boot manager. It provides a
352
486
 textual menu to select the entry to boot and an editor for the kernel command
353
487
 line. It supports systems with UEFI firmware only.
354
488
 .
355
489
 Installing systemd-boot will not automatically switch your boot loader.
356
490
 .
357
491
 This package contains various tools and services to manage systems using
358
492
 systemd-boot.
359
493
360
494
Package: systemd-boot-efi
361
495
Architecture: amd64 i386 arm64 armhf
362
496
Multi-Arch: same
363
497
Pre-Depends: ${misc:Pre-Depends},
364
498
Depends: ${misc:Depends},
365
499
Breaks: systemd (<< 251.2-3~)
366
500
Replaces: systemd (<< 251.2-3~)
367
501
Description: simple UEFI boot manager - EFI binaries
368
502
 systemd-boot (short: sd-boot) is a simple UEFI boot manager. It provides a
369
503
 textual menu to select the entry to boot and an editor for the kernel command
370
504
 line. It supports systems with UEFI firmware only.
371
505
 .
372
506
 This package contains the EFI binaries.
373
507
374
508
Package: systemd-resolved
375
509
Multi-Arch: foreign
376
510
Architecture: linux-any
377
511
Pre-Depends: ${misc:Pre-Depends}
378
512
Depends: ${shlibs:Depends},
379
513
         ${misc:Depends},
380
514
         adduser,
381
515
         systemd (= ${binary:Version}),
382
516
         default-dbus-system-bus | dbus-system-bus
383
517
Recommends: libnss-myhostname,
384
518
            libnss-resolve,
385
519
Suggests: policykit-1,
386
520
Provides: resolvconf
387
521
Conflicts: resolvconf
388
522
Replaces: resolvconf,
389
523
          systemd (<< 251.3-2~)
390
524
Breaks: systemd (<< 251.3-2~)
391
525
Description: systemd DNS resolver
392
526
 This package provides systemd's DNS resolver and the command line tool to
393
527
 manage it.
394
528
 .
395
529
 Installing this package automatically overwrites /etc/resolv.conf and switches
396
530
 it to be managed by systemd-resolved.
397
diff --git a/debian/extra/initramfs/post-update.d/systemd-boot b/debian/extra/initramfs/post-update.d/systemd-boot
398
430
new file mode 100755
531
new file mode 100755
399
index 0000000..1cee51c
400
--- /dev/null
401
+++ b/debian/extra/initramfs/post-update.d/systemd-boot
402
@@ -0,0 +1,11 @@
403
1
#!/bin/sh
404
2
405
3
set -eu
406
4
407
5
test -x /usr/bin/bootctl || exit 0
408
6
409
7
bootctl is-installed --quiet || exit 0
410
8
411
9
echo "Updating kernel version $1 in systemd-boot..."
412
10
413
11
kernel-install add "$1" "/boot/vmlinuz-$1" "$2"
414
diff --git a/debian/extra/kernel/postinst.d/systemd-boot b/debian/extra/kernel/postinst.d/systemd-boot
415
0
new file mode 100755
12
new file mode 100755
416
index 0000000..8901140
417
--- /dev/null
418
+++ b/debian/extra/kernel/postinst.d/systemd-boot
419
@@ -0,0 +1,11 @@
420
1
#!/bin/sh
421
2
422
3
set -e
423
4
424
5
test -x /usr/bin/bootctl || exit 0
425
6
426
7
bootctl is-installed --quiet || exit 0
427
8
428
9
echo "Installing kernel version $1 in systemd-boot..."
429
10
430
11
kernel-install add "$1" "$2"
431
diff --git a/debian/extra/kernel/postrm.d/systemd-boot b/debian/extra/kernel/postrm.d/systemd-boot
432
0
new file mode 100755
12
new file mode 100755
433
index 0000000..4db5e51
434
--- /dev/null
435
+++ b/debian/extra/kernel/postrm.d/systemd-boot
436
@@ -0,0 +1,11 @@
437
1
#!/bin/sh
438
2
439
3
set -e
440
4
441
5
test -x /usr/bin/bootctl || exit 0
442
6
443
7
bootctl is-installed --quiet || exit 0
444
8
445
9
echo "Removing kernel version $1 from systemd-boot..."
446
10
447
11
kernel-install remove "$1"
448
diff --git a/debian/extra/pam-configs/systemd-homed b/debian/extra/pam-configs/systemd-homed
449
0
new file mode 100644
12
new file mode 100644
450
index 0000000..0613efc
451
--- /dev/null
452
+++ b/debian/extra/pam-configs/systemd-homed
453
@@ -0,0 +1,15 @@
454
1
Name: Enable user management by systemd-homed
455
2
Default: yes
456
3
Priority: 257
457
4
Auth-Type: Primary
458
5
Auth:
459
6
	[success=end default=ignore]	pam_systemd_home.so
460
7
Account-Type: Primary
461
8
Account:
462
9
	[success=end default=ignore]	pam_systemd_home.so
463
10
Session-Type: Additional
464
11
Session:
465
12
	optional	pam_systemd_home.so
466
13
Password-Type: Primary
467
14
Password:
468
15
	[success=end default=ignore]	pam_systemd_home.so
469
diff --git a/debian/gitlab-ci.yml b/debian/gitlab-ci.yml
470
index f39ddcf..c405d57 100644
471
--- a/debian/gitlab-ci.yml
472
+++ b/debian/gitlab-ci.yml
473
@@ -9,3 +9,5 @@ variables:
474
9
  # Many false positives due to issue in binutils:
9
  # Many false positives due to issue in binutils:
475
10
  # https://bugs.debian.org/1000977
10
  # https://bugs.debian.org/1000977
476
11
  SALSA_CI_LINTIAN_SUPPRESS_TAGS: "elf-error"
11
  SALSA_CI_LINTIAN_SUPPRESS_TAGS: "elf-error"
477
12
  # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011649
478
13
  SALSA_CI_DISABLE_PIUPARTS: 1
479
diff --git a/debian/libnss-myhostname.install b/debian/libnss-myhostname.install
480
index 758fe00..fa88dd6 100644
481
--- a/debian/libnss-myhostname.install
482
+++ b/debian/libnss-myhostname.install
483
@@ -1,3 +1 @@
484
1
usr/lib/*/libnss_myhostname*.so.*
1
usr/lib/*/libnss_myhostname*.so.*
485
2
usr/share/man/man8/libnss_myhostname.so.2.8
486
3
usr/share/man/man8/nss-myhostname.8
487
diff --git a/debian/libnss-myhostname.manpages b/debian/libnss-myhostname.manpages
488
4
new file mode 100644
2
new file mode 100644
489
index 0000000..d3ba44d
490
--- /dev/null
491
+++ b/debian/libnss-myhostname.manpages
492
@@ -0,0 +1,2 @@
493
1
usr/share/man/man8/libnss_myhostname.so.2.8
494
2
usr/share/man/man8/nss-myhostname.8
495
diff --git a/debian/libnss-myhostname.nss b/debian/libnss-myhostname.nss
496
0
new file mode 100644
3
new file mode 100644
497
index 0000000..0ef4054
498
--- /dev/null
499
+++ b/debian/libnss-myhostname.nss
500
@@ -0,0 +1 @@
501
1
hosts	last	myhostname
502
diff --git a/debian/libnss-myhostname.postinst b/debian/libnss-myhostname.postinst
503
0
deleted file mode 100644
2
deleted file mode 100644
504
index 1ee0c99..0000000
505
--- a/debian/libnss-myhostname.postinst
506
+++ /dev/null
507
@@ -1,41 +0,0 @@
508
1
#!/bin/sh
509
2
510
3
set -e
511
4
512
5
# This code was taken from libnss-myhostname
513
6
514
7
# try to insert myhostname entries to the "hosts" line in /etc/nsswitch.conf to
515
8
# automatically enable libnss-myhostname support; do not change the
516
9
# configuration if the "hosts" line already references some myhostname lookups
517
10
insert_nss_entry() {
518
11
    echo "Checking NSS setup..."
519
12
    # abort if /etc/nsswitch.conf does not exist
520
13
    if ! [ -e /etc/nsswitch.conf ]; then
521
14
        echo "Could not find /etc/nsswitch.conf."
522
15
        return
523
16
    fi
524
17
    perl -i -pe '
525
18
        sub insert {
526
19
            my $line = shift;
527
20
            # this also splits on tab
528
21
            my @bits=split(" ", $line);
529
22
            # do not break configuration if the "hosts" line already references
530
23
            # myhostname
531
24
            if (grep { $_ eq "myhostname"} @bits) {
532
25
                return $line;
533
26
            }
534
27
            # add myhostname at the end
535
28
            return $line . " myhostname";
536
29
        }
537
30
        s/^(hosts:\s+)(.*)/$1.insert($2)/e;
538
31
    ' /etc/nsswitch.conf
539
32
}
540
33
541
34
if [ "$1" = configure ] && [ -z "$2" ]; then
542
35
    echo "First installation detected..."
543
36
    # first install: setup the recommended configuration (unless
544
37
    # nsswitch.conf already contains myhostname entries)
545
38
    insert_nss_entry
546
39
fi
547
40
548
41
#DEBHELPER#
549
diff --git a/debian/libnss-myhostname.postrm b/debian/libnss-myhostname.postrm
550
42
deleted file mode 100644
0
deleted file mode 100644
551
index 90e3c38..0000000
552
--- a/debian/libnss-myhostname.postrm
553
+++ /dev/null
554
@@ -1,29 +0,0 @@
555
1
#!/bin/sh
556
2
557
3
set -e
558
4
559
5
remove_nss_entry() {
560
6
    local file=$1
561
7
    local pkg=$2
562
8
    local module=$3
563
9
    refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \
564
10
        -W $pkg | grep '^i' | wc -l)
565
11
    if [ "$refcount" -gt 0 ] ; then
566
12
        # package is installed for other architectures still, do nothing
567
13
        return
568
14
    fi
569
15
    echo "Checking NSS setup..."
570
16
    # abort if file does not exist
571
17
    if ! [ -e $file ]; then
572
18
        echo "Could not find ${file}."
573
19
        return
574
20
    fi
575
21
    # we must remove possible [foo=bar] options as well
576
22
    sed -i -r "/hosts:/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file
577
23
}
578
24
579
25
if [ "$1" = remove ]; then
580
26
    remove_nss_entry /etc/nsswitch.conf libnss-myhostname myhostname
581
27
fi
582
28
583
29
#DEBHELPER#
584
diff --git a/debian/libnss-mymachines.install b/debian/libnss-mymachines.install
585
index 1923505..50e7d2e 100644
586
--- a/debian/libnss-mymachines.install
587
+++ b/debian/libnss-mymachines.install
588
@@ -1,3 +1 @@
589
1
usr/lib/*/libnss_mymachines*.so.*
1
usr/lib/*/libnss_mymachines*.so.*
590
2
usr/share/man/man8/libnss_mymachines.so.2.8
591
3
usr/share/man/man8/nss-mymachines.8
592
diff --git a/debian/libnss-mymachines.manpages b/debian/libnss-mymachines.manpages
593
4
new file mode 100644
2
new file mode 100644
594
index 0000000..7afe71d
595
--- /dev/null
596
+++ b/debian/libnss-mymachines.manpages
597
@@ -0,0 +1,2 @@
598
1
usr/share/man/man8/libnss_mymachines.so.2.8
599
2
usr/share/man/man8/nss-mymachines.8
600
diff --git a/debian/libnss-mymachines.nss b/debian/libnss-mymachines.nss
601
0
new file mode 100644
3
new file mode 100644
602
index 0000000..dd7e3a1
603
--- /dev/null
604
+++ b/debian/libnss-mymachines.nss
605
@@ -0,0 +1 @@
606
1
hosts	last	mymachines
607
diff --git a/debian/libnss-mymachines.postinst b/debian/libnss-mymachines.postinst
608
0
deleted file mode 100644
2
deleted file mode 100644
609
index 165a80a..0000000
610
--- a/debian/libnss-mymachines.postinst
611
+++ /dev/null
612
@@ -1,41 +0,0 @@
613
1
#!/bin/sh
614
2
615
3
set -e
616
4
617
5
# This code was taken from libnss-myhostname
618
6
619
7
# try to insert mymachines entries to the "hosts" line in /etc/nsswitch.conf to
620
8
# automatically enable libnss-mymachines support; do not change the
621
9
# configuration if the "hosts" line already references some mymachines lookups
622
10
insert_nss_entry() {
623
11
    echo "Checking NSS setup..."
624
12
    # abort if /etc/nsswitch.conf does not exist
625
13
    if ! [ -e /etc/nsswitch.conf ]; then
626
14
        echo "Could not find /etc/nsswitch.conf."
627
15
        return
628
16
    fi
629
17
    perl -i -pe '
630
18
        sub insert {
631
19
            my $line = shift;
632
20
            # this also splits on tab
633
21
            my @bits=split(" ", $line);
634
22
            # do not break configuration if the "hosts" line already references
635
23
            # mymachines
636
24
            if (grep { $_ eq "mymachines"} @bits) {
637
25
                return $line;
638
26
            }
639
27
            # add mymachines at the end
640
28
            return $line . " mymachines";
641
29
        }
642
30
        s/^(hosts:\s+)(.*)/$1.insert($2)/e;
643
31
    ' /etc/nsswitch.conf
644
32
}
645
33
646
34
if [ "$1" = configure ] && [ -z "$2" ]; then
647
35
    echo "First installation detected..."
648
36
    # first install: setup the recommended configuration (unless
649
37
    # nsswitch.conf already contains mymachines entries)
650
38
    insert_nss_entry
651
39
fi
652
40
653
41
#DEBHELPER#
654
diff --git a/debian/libnss-mymachines.postrm b/debian/libnss-mymachines.postrm
655
42
deleted file mode 100644
0
deleted file mode 100644
656
index c8fb09c..0000000
657
--- a/debian/libnss-mymachines.postrm
658
+++ /dev/null
659
@@ -1,29 +0,0 @@
660
1
#!/bin/sh
661
2
662
3
set -e
663
4
664
5
remove_nss_entry() {
665
6
    local file=$1
666
7
    local pkg=$2
667
8
    local module=$3
668
9
    refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \
669
10
        -W $pkg | grep '^i' | wc -l)
670
11
    if [ "$refcount" -gt 0 ] ; then
671
12
        # package is installed for other architectures still, do nothing
672
13
        return
673
14
    fi
674
15
    echo "Checking NSS setup..."
675
16
    # abort if file does not exist
676
17
    if ! [ -e $file ]; then
677
18
        echo "Could not find ${file}."
678
19
        return
679
20
    fi
680
21
    # we must remove possible [foo=bar] options as well
681
22
    sed -i -r "/hosts:/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file
682
23
}
683
24
684
25
if [ "$1" = remove ]; then
685
26
    remove_nss_entry /etc/nsswitch.conf libnss-mymachines mymachines
686
27
fi
687
28
688
29
#DEBHELPER#
689
diff --git a/debian/libnss-resolve.install b/debian/libnss-resolve.install
690
index 871aac0..3554b53 100644
691
--- a/debian/libnss-resolve.install
692
+++ b/debian/libnss-resolve.install
693
@@ -1,3 +1 @@
694
1
usr/lib/*/libnss_resolve*.so.*
1
usr/lib/*/libnss_resolve*.so.*
695
2
usr/share/man/man8/libnss_resolve.so.2.8
696
3
usr/share/man/man8/nss-resolve.8
697
diff --git a/debian/libnss-resolve.lintian-overrides b/debian/libnss-resolve.lintian-overrides
698
index d29b4e3..06097e8 100644
699
--- a/debian/libnss-resolve.lintian-overrides
700
+++ b/debian/libnss-resolve.lintian-overrides
701
@@ -1,3 +1,2 @@
702
1
# Lintian is really bad at associating manpages
1
# Lintian is really bad at associating manpages
703
2
libnss-resolve: spare-manual-page
2
libnss-resolve: spare-manual-page
704
3
libnss-resolve: maintainer-script-calls-systemctl
705
diff --git a/debian/libnss-resolve.manpages b/debian/libnss-resolve.manpages
706
4
new file mode 100644
3
new file mode 100644
707
index 0000000..b3c5a78
708
--- /dev/null
709
+++ b/debian/libnss-resolve.manpages
710
@@ -0,0 +1,2 @@
711
1
usr/share/man/man8/libnss_resolve.so.2.8
712
2
usr/share/man/man8/nss-resolve.8
713
diff --git a/debian/libnss-resolve.nss b/debian/libnss-resolve.nss
714
0
new file mode 100644
3
new file mode 100644
715
index 0000000..a7142b3
716
--- /dev/null
717
+++ b/debian/libnss-resolve.nss
718
@@ -0,0 +1 @@
719
1
hosts	before=dns	resolve [!UNAVAIL=return]
720
diff --git a/debian/libnss-resolve.postinst b/debian/libnss-resolve.postinst
721
0
deleted file mode 100644
2
deleted file mode 100644
722
index 382364e..0000000
723
--- a/debian/libnss-resolve.postinst
724
+++ /dev/null
725
@@ -1,48 +0,0 @@
726
1
#!/bin/sh
727
2
728
3
set -e
729
4
730
5
# This code was taken from libnss-myhostname
731
6
732
7
# try to insert resolve entries to the "hosts" line in /etc/nsswitch.conf to
733
8
# automatically enable libnss-resolve support; do not change the
734
9
# configuration if the "hosts" line already references some resolve lookups
735
10
insert_nss_entry() {
736
11
    echo "Checking NSS setup..."
737
12
    # abort if /etc/nsswitch.conf does not exist
738
13
    if ! [ -e /etc/nsswitch.conf ]; then
739
14
        echo "Could not find /etc/nsswitch.conf."
740
15
        return
741
16
    fi
742
17
    perl -i -pe '
743
18
        sub insert {
744
19
            my $line = shift;
745
20
            # this also splits on tab
746
21
            my @bits=split(" ", $line);
747
22
            # do not break configuration if the "hosts" line already references
748
23
            # resolve
749
24
            if (grep { $_ eq "resolve"} @bits) {
750
25
                return $line;
751
26
            }
752
27
            # add resolve before dns
753
28
            return join " ", map {
754
29
                $_ eq "dns" ? ("resolve [!UNAVAIL=return]", "$_") : $_
755
30
            } @bits;
756
31
        }
757
32
        s/^(hosts:\s+)(.*)/$1.insert($2)/e;
758
33
    ' /etc/nsswitch.conf
759
34
}
760
35
761
36
if [ "$1" = configure ] && [ -z "$2" ]; then
762
37
    echo "First installation detected..."
763
38
    # first install: setup the recommended configuration (unless
764
39
    # nsswitch.conf already contains resolve entries)
765
40
    insert_nss_entry
766
41
    # ... and enable resolved
767
42
    systemctl enable systemd-resolved.service
768
43
    if [ -d /run/systemd/system ]; then
769
44
        deb-systemd-invoke start systemd-resolved.service || true
770
45
    fi
771
46
fi
772
47
773
48
#DEBHELPER#
774
diff --git a/debian/libnss-resolve.postrm b/debian/libnss-resolve.postrm
775
49
deleted file mode 100644
0
deleted file mode 100644
776
index 32b9b8f..0000000
777
--- a/debian/libnss-resolve.postrm
778
+++ /dev/null
779
@@ -1,29 +0,0 @@
780
1
#!/bin/sh
781
2
782
3
set -e
783
4
784
5
remove_nss_entry() {
785
6
    local file=$1
786
7
    local pkg=$2
787
8
    local module=$3
788
9
    refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \
789
10
        -W $pkg | grep '^i' | wc -l)
790
11
    if [ "$refcount" -gt 0 ] ; then
791
12
        # package is installed for other architectures still, do nothing
792
13
        return
793
14
    fi
794
15
    echo "Checking NSS setup..."
795
16
    # abort if file does not exist
796
17
    if ! [ -e $file ]; then
797
18
        echo "Could not find ${file}."
798
19
        return
799
20
    fi
800
21
    # we must remove possible [foo=bar] options as well
801
22
    sed -i -r "/hosts:/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file
802
23
}
803
24
804
25
if [ "$1" = remove ]; then
805
26
    remove_nss_entry /etc/nsswitch.conf libnss-resolve resolve
806
27
fi
807
28
808
29
#DEBHELPER#
809
diff --git a/debian/libnss-systemd.install b/debian/libnss-systemd.install
810
index 858f307..df23cb8 100644
811
--- a/debian/libnss-systemd.install
812
+++ b/debian/libnss-systemd.install
813
@@ -1,3 +1 @@
814
1
usr/lib/*/libnss_systemd*.so.*
1
usr/lib/*/libnss_systemd*.so.*
815
2
usr/share/man/man8/libnss_systemd*
816
3
usr/share/man/man8/nss-systemd*
817
diff --git a/debian/libnss-systemd.manpages b/debian/libnss-systemd.manpages
818
4
new file mode 100644
2
new file mode 100644
819
index 0000000..bf1e840
820
--- /dev/null
821
+++ b/debian/libnss-systemd.manpages
822
@@ -0,0 +1,2 @@
823
1
usr/share/man/man8/libnss_systemd*
824
2
usr/share/man/man8/nss-systemd*
825
diff --git a/debian/libnss-systemd.nss b/debian/libnss-systemd.nss
826
0
new file mode 100644
3
new file mode 100644
827
index 0000000..9c3f443
828
--- /dev/null
829
+++ b/debian/libnss-systemd.nss
830
@@ -0,0 +1,4 @@
831
1
passwd	last	systemd
832
2
group	last	systemd
833
3
shadow	last	systemd
834
4
gshadow	last	systemd
835
diff --git a/debian/libnss-systemd.postinst b/debian/libnss-systemd.postinst
836
0
deleted file mode 100644
5
deleted file mode 100644
837
index 16040bc..0000000
838
--- a/debian/libnss-systemd.postinst
839
+++ /dev/null
840
@@ -1,39 +0,0 @@
841
1
#!/bin/sh
842
2
843
3
set -e
844
4
845
5
# try to insert the systemd entry to the "passwd" and "group" lines in
846
6
# /etc/nsswitch.conf to automatically enable libnss-systemd support; do not
847
7
# change the configuration if the lines already contain "systemd"
848
8
insert_nss_entry() {
849
9
    echo "Checking NSS setup..."
850
10
    # abort if /etc/nsswitch.conf does not exist
851
11
    if ! [ -e /etc/nsswitch.conf ]; then
852
12
        echo "Could not find /etc/nsswitch.conf."
853
13
        return
854
14
    fi
855
15
    perl -i -pe '
856
16
        sub insert {
857
17
            my $line = shift;
858
18
            # this also splits on tab
859
19
            my @bits=split(" ", $line);
860
20
            # do not break configuration if the line already references
861
21
            # systemd
862
22
            if (grep { $_ eq "systemd"} @bits) {
863
23
                return $line;
864
24
            }
865
25
            # add systemd at the end
866
26
            return $line . " systemd";
867
27
        }
868
28
        s/^(passwd:\s+)(.*)/$1.insert($2)/e;
869
29
        s/^(group:\s+)(.*)/$1.insert($2)/e;
870
30
    ' /etc/nsswitch.conf
871
31
}
872
32
873
33
if [ "$1" = configure ] && [ -z "$2" ]; then
874
34
    echo "First installation detected..."
875
35
    # first install: setup the recommended configuration
876
36
    insert_nss_entry
877
37
fi
878
38
879
39
#DEBHELPER#
880
diff --git a/debian/libnss-systemd.postrm b/debian/libnss-systemd.postrm
881
40
deleted file mode 100644
0
deleted file mode 100644
882
index ce8e954..0000000
883
--- a/debian/libnss-systemd.postrm
884
+++ /dev/null
885
@@ -1,29 +0,0 @@
886
1
#!/bin/sh
887
2
888
3
set -e
889
4
890
5
remove_nss_entry() {
891
6
    local file=$1
892
7
    local pkg=$2
893
8
    local module=$3
894
9
    refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \
895
10
        -W $pkg | grep '^i' | wc -l)
896
11
    if [ "$refcount" -gt 0 ] ; then
897
12
        # package is installed for other architectures still, do nothing
898
13
        return
899
14
    fi
900
15
    echo "Checking NSS setup..."
901
16
    # abort if file does not exist
902
17
    if ! [ -e $file ]; then
903
18
        echo "Could not find ${file}."
904
19
        return
905
20
    fi
906
21
    # we must remove possible [foo=bar] options as well
907
22
    sed -i -r "/(passwd|group):/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file
908
23
}
909
24
910
25
if [ "$1" = remove ]; then
911
26
    remove_nss_entry /etc/nsswitch.conf libnss-systemd systemd
912
27
fi
913
28
914
29
#DEBHELPER#
915
diff --git a/debian/libpam-systemd.install b/debian/libpam-systemd.install
916
index 7b5a260..b4faf87 100644
917
--- a/debian/libpam-systemd.install
918
+++ b/debian/libpam-systemd.install
919
@@ -1,3 +1,2 @@
920
1
lib/*/security/pam_systemd.so
1
lib/*/security/pam_systemd.so
923
2
usr/share/man/man8/pam_systemd.8
2
../extra/pam-configs/systemd usr/share/pam-configs/
922
3
../extra/pam-configs usr/share/
924
diff --git a/debian/libpam-systemd.manpages b/debian/libpam-systemd.manpages
925
4
new file mode 100644
3
new file mode 100644
926
index 0000000..d30ee0f
927
--- /dev/null
928
+++ b/debian/libpam-systemd.manpages
929
@@ -0,0 +1 @@
930
1
usr/share/man/man8/pam_systemd.8
931
diff --git a/debian/libsystemd-dev.install b/debian/libsystemd-dev.install
932
index eef73a9..5a73373 100644
933
--- a/debian/libsystemd-dev.install
934
+++ b/debian/libsystemd-dev.install
935
@@ -1,5 +1,3 @@
936
1
usr/include/systemd/
1
usr/include/systemd/
937
2
usr/lib/*/libsystemd.so
2
usr/lib/*/libsystemd.so
938
3
usr/lib/*/pkgconfig/libsystemd.pc
3
usr/lib/*/pkgconfig/libsystemd.pc
939
4
usr/share/man/man3/sd*
940
5
usr/share/man/man3/SD*
941
diff --git a/debian/libsystemd-dev.manpages b/debian/libsystemd-dev.manpages
942
6
new file mode 100644
4
new file mode 100644
943
index 0000000..0723dcb
944
--- /dev/null
945
+++ b/debian/libsystemd-dev.manpages
946
@@ -0,0 +1,2 @@
947
1
usr/share/man/man3/sd*
948
2
usr/share/man/man3/SD*
949
diff --git a/debian/libsystemd-shared.install b/debian/libsystemd-shared.install
950
0
new file mode 100644
3
new file mode 100644
951
index 0000000..085a7cd
952
--- /dev/null
953
+++ b/debian/libsystemd-shared.install
954
@@ -0,0 +1,2 @@
955
1
usr/lib/*/systemd/libsystemd-core-*.so
956
2
usr/lib/*/systemd/libsystemd-shared-*.so
957
diff --git a/debian/libsystemd-shared.lintian-overrides b/debian/libsystemd-shared.lintian-overrides
958
0
new file mode 100644
3
new file mode 100644
959
index 0000000..065ba9b
960
--- /dev/null
961
+++ b/debian/libsystemd-shared.lintian-overrides
962
@@ -0,0 +1,2 @@
963
1
# Intentional: value of config got in a release by mistake, needs to be kept
964
2
libsystemd-shared: spelling-error-in-binary usr/lib/*/systemd/libsystemd-shared-251.so anually annually
965
diff --git a/debian/libudev-dev.install b/debian/libudev-dev.install
966
index 3cd6bf0..ac9a6b4 100644
967
--- a/debian/libudev-dev.install
968
+++ b/debian/libudev-dev.install
969
@@ -1,5 +1,3 @@
970
1
usr/include/libudev.h
1
usr/include/libudev.h
971
2
usr/lib/*/libudev.so
2
usr/lib/*/libudev.so
972
3
usr/lib/*/pkgconfig/libudev.pc
3
usr/lib/*/pkgconfig/libudev.pc
973
4
usr/share/man/man3/udev*
974
5
usr/share/man/man3/libudev*
975
diff --git a/debian/libudev-dev.manpages b/debian/libudev-dev.manpages
976
6
new file mode 100644
4
new file mode 100644
977
index 0000000..009109c
978
--- /dev/null
979
+++ b/debian/libudev-dev.manpages
980
@@ -0,0 +1,2 @@
981
1
usr/share/man/man3/udev*
982
2
usr/share/man/man3/libudev*
983
diff --git a/debian/patches/Move-homectl-and-userdbctl-to-bindir.patch b/debian/patches/Move-homectl-and-userdbctl-to-bindir.patch
984
0
new file mode 100644
3
new file mode 100644
985
index 0000000..a07e5cd
986
--- /dev/null
987
+++ b/debian/patches/Move-homectl-and-userdbctl-to-bindir.patch
988
@@ -0,0 +1,35 @@
989
1
From: Michael Biebl <biebl@debian.org>
990
2
Date: Sat, 28 May 2022 12:00:08 +0200
991
3
Subject: Move homectl and userdbctl to bindir
992
4
993
5
Those binaries aren't needed during early boot.
994
6
995
7
(cherry picked from commit 003a67616148a8c2b94aa0c87595465f5dcac508)
996
8
---
997
9
 meson.build | 6 ++----
998
10
 1 file changed, 2 insertions(+), 4 deletions(-)
999
11
1000
12
diff --git a/meson.build b/meson.build
1001
13
index dbba108..ecc5533 100644
1002
14
--- a/meson.build
1003
15
+++ b/meson.build
1004
16
@@ -2577,8 +2577,7 @@ if conf.get('ENABLE_USERDB') == 1
1005
17
                 link_with : [libshared],
1006
18
                 dependencies : [threads],
1007
19
                 install_rpath : rootlibexecdir,
1008
20
-                install : true,
1009
21
-                install_dir : rootbindir)
1010
22
+                install : true)
1011
23
 endif
1012
24
 
1013
25
 if conf.get('ENABLE_HOMED') == 1
1014
26
@@ -2621,8 +2620,7 @@ if conf.get('ENABLE_HOMED') == 1
1015
27
                                 libp11kit,
1016
28
                                 libdl],
1017
29
                 install_rpath : rootlibexecdir,
1018
30
-                install : true,
1019
31
-                install_dir : rootbindir)
1020
32
+                install : true)
1021
33
 
1022
34
         if conf.get('HAVE_PAM') == 1
1023
35
                 version_script_arg = project_source_root / pam_systemd_home_sym
1024
diff --git a/debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch b/debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch
1025
index 0c8f9f4..1c4762c 100644
1026
--- a/debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch
1027
+++ b/debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch
1028
@@ -16,7 +16,7 @@ Closes: #981407
1029
16
 3 files changed, 7 insertions(+), 3 deletions(-)
16
 3 files changed, 7 insertions(+), 3 deletions(-)
1030
17
17
1031
18
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
18
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
1033
19
index 3ff6eae..09ba381 100644
19
index 11991ec..76893db 100644
1034
20
--- a/src/core/load-fragment.c
20
--- a/src/core/load-fragment.c
1035
21
+++ b/src/core/load-fragment.c
21
+++ b/src/core/load-fragment.c
1036
22
@@ -522,6 +522,7 @@ static int patch_var_run(
22
@@ -522,6 +522,7 @@ static int patch_var_run(
1037
@@ -51,10 +51,10 @@ index 14ae873..aa9e94b 100644
1038
51
                                     "Please update package to include a native systemd unit file, in order to make it more safe and robust.", fpath);
51
                                     "Please update package to include a native systemd unit file, in order to make it more safe and robust.", fpath);
1039
52
 
52
 
1040
53
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
53
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
1042
54
index 94973c2..0d27daa 100644
54
index 53cd570..7d71edd 100644
1043
55
--- a/src/tmpfiles/tmpfiles.c
55
--- a/src/tmpfiles/tmpfiles.c
1044
56
+++ b/src/tmpfiles/tmpfiles.c
56
+++ b/src/tmpfiles/tmpfiles.c
1046
57
@@ -2760,6 +2760,7 @@ static int specifier_expansion_from_arg(const Specifier *specifier_table, Item *
57
@@ -2757,6 +2757,7 @@ static int specifier_expansion_from_arg(const Specifier *specifier_table, Item *
1047
58
 static int patch_var_run(const char *fname, unsigned line, char **path) {
58
 static int patch_var_run(const char *fname, unsigned line, char **path) {
1048
59
         const char *k;
59
         const char *k;
1049
60
         char *n;
60
         char *n;
1050
@@ -62,7 +62,7 @@ index 94973c2..0d27daa 100644
1051
62
 
62
 
1052
63
         assert(path);
63
         assert(path);
1053
64
         assert(*path);
64
         assert(*path);
1055
65
@@ -2785,7 +2786,8 @@ static int patch_var_run(const char *fname, unsigned line, char **path) {
65
@@ -2782,7 +2783,8 @@ static int patch_var_run(const char *fname, unsigned line, char **path) {
1056
66
         /* Also log about this briefly. We do so at LOG_NOTICE level, as we fixed up the situation automatically, hence
66
         /* Also log about this briefly. We do so at LOG_NOTICE level, as we fixed up the situation automatically, hence
1057
67
          * there's no immediate need for action by the user. However, in the interest of making things less confusing
67
          * there's no immediate need for action by the user. However, in the interest of making things less confusing
1058
68
          * to the user, let's still inform the user that these snippets should really be updated. */
68
          * to the user, let's still inform the user that these snippets should really be updated. */
1059
diff --git a/debian/patches/debian/Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-back-to-.patch b/debian/patches/debian/Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-back-to-.patch
1060
index 3cb53bc..9a39629 100644
1061
--- a/debian/patches/debian/Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-back-to-.patch
1062
+++ b/debian/patches/debian/Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-back-to-.patch
1063
@@ -14,12 +14,12 @@ Closes: #971282
1064
14
 2 files changed, 8 insertions(+), 8 deletions(-)
14
 2 files changed, 8 insertions(+), 8 deletions(-)
1065
15
15
1066
16
diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
16
diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
1068
17
index fc0f8c3..65996bb 100644
17
index 693433b..8368a3f 100644
1069
18
--- a/src/core/systemd.pc.in
18
--- a/src/core/systemd.pc.in
1070
19
+++ b/src/core/systemd.pc.in
19
+++ b/src/core/systemd.pc.in
1074
20
@@ -65,16 +65,16 @@ systemdshutdowndir=${systemd_shutdown_dir}
20
@@ -67,16 +67,16 @@ tmpfilesdir=${tmpfiles_dir}
1075
21
 tmpfiles_dir=${prefix}/lib/tmpfiles.d
21
 
1076
22
 tmpfilesdir=${tmpfiles_dir}
22
 user_tmpfiles_dir=${prefix}/share/user-tmpfiles.d
1077
23
 
23
 
1078
24
-sysusers_dir=${rootprefix}/lib/sysusers.d
24
-sysusers_dir=${rootprefix}/lib/sysusers.d
1079
25
+sysusers_dir=${prefix}/lib/sysusers.d
25
+sysusers_dir=${prefix}/lib/sysusers.d
1080
diff --git a/debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch b/debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch
1081
index 37f3a0a..6043efd 100644
1082
--- a/debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch
1083
+++ b/debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch
1084
@@ -19,7 +19,7 @@ Bug-Debian: https://bugs.debian.org/815020
1085
19
 2 files changed, 1 insertion(+), 21 deletions(-)
19
 2 files changed, 1 insertion(+), 21 deletions(-)
1086
20
20
1087
21
diff --git a/src/core/main.c b/src/core/main.c
21
diff --git a/src/core/main.c b/src/core/main.c
1089
22
index 409b84a..7989bbe 100644
22
index 69d450a..badd385 100644
1090
23
--- a/src/core/main.c
23
--- a/src/core/main.c
1091
24
+++ b/src/core/main.c
24
+++ b/src/core/main.c
1092
25
@@ -1619,24 +1619,6 @@ static void cmdline_take_random_seed(void) {
25
@@ -1619,24 +1619,6 @@ static void cmdline_take_random_seed(void) {
1093
@@ -47,7 +47,7 @@ index 409b84a..7989bbe 100644
1094
47
 static void initialize_core_pattern(bool skip_setup) {
47
 static void initialize_core_pattern(bool skip_setup) {
1095
48
         int r;
48
         int r;
1096
49
 
49
 
1098
50
@@ -2765,8 +2747,6 @@ int main(int argc, char *argv[]) {
50
@@ -2763,8 +2745,6 @@ int main(int argc, char *argv[]) {
1099
51
                         kernel_timestamp = DUAL_TIMESTAMP_NULL;
51
                         kernel_timestamp = DUAL_TIMESTAMP_NULL;
1100
52
                 }
52
                 }
1101
53
 
53
 
1102
diff --git a/debian/patches/debian/Use-Debian-specific-config-files.patch b/debian/patches/debian/Use-Debian-specific-config-files.patch
1103
index 3b25027..b7a2c6d 100644
1104
--- a/debian/patches/debian/Use-Debian-specific-config-files.patch
1105
+++ b/debian/patches/debian/Use-Debian-specific-config-files.patch
1106
@@ -16,7 +16,7 @@ Read/write /etc/timezone if /etc/localtime does not exist.
1107
16
 4 files changed, 164 insertions(+), 113 deletions(-)
16
 4 files changed, 164 insertions(+), 113 deletions(-)
1108
17
17
1109
18
diff --git a/src/basic/time-util.c b/src/basic/time-util.c
18
diff --git a/src/basic/time-util.c b/src/basic/time-util.c
1111
19
index c309369..6e3fbd1 100644
19
index 0ad8de4..f0f0ef4 100644
1112
20
--- a/src/basic/time-util.c
20
--- a/src/basic/time-util.c
1113
21
+++ b/src/basic/time-util.c
21
+++ b/src/basic/time-util.c
1114
22
@@ -1477,19 +1477,43 @@ int get_timezone(char **ret) {
22
@@ -1477,19 +1477,43 @@ int get_timezone(char **ret) {
1115
@@ -101,7 +101,7 @@ index 716febb..9818602 100644
1116
101
                 char *s;
101
                 char *s;
1117
102
 
102
 
1118
103
diff --git a/src/locale/keymap-util.c b/src/locale/keymap-util.c
103
diff --git a/src/locale/keymap-util.c b/src/locale/keymap-util.c
1120
104
index 9759f46..4eb48bb 100644
104
index 2d1b982..96b7eca 100644
1121
105
--- a/src/locale/keymap-util.c
105
--- a/src/locale/keymap-util.c
1122
106
+++ b/src/locale/keymap-util.c
106
+++ b/src/locale/keymap-util.c
1123
107
@@ -91,6 +91,7 @@ void locale_simplify(char *locale[_VARIABLE_LC_MAX]) {
107
@@ -91,6 +91,7 @@ void locale_simplify(char *locale[_VARIABLE_LC_MAX]) {
1124
diff --git a/debian/patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch b/debian/patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch
1125
index e028e3c..80211e4 100644
1126
--- a/debian/patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch
1127
+++ b/debian/patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch
1128
@@ -239,10 +239,10 @@ index 0000000..b7ad58d
1129
239
+
239
+
1130
240
+</refentry>
240
+</refentry>
1131
241
diff --git a/meson.build b/meson.build
241
diff --git a/meson.build b/meson.build
1133
242
index 36cbfa4..2abc0f1 100644
242
index f73c7ff..d94e75d 100644
1134
243
--- a/meson.build
243
--- a/meson.build
1135
244
+++ b/meson.build
244
+++ b/meson.build
1137
245
@@ -3207,6 +3207,15 @@ executable(
245
@@ -3219,6 +3219,15 @@ executable(
1138
246
         install : true,
246
         install : true,
1139
247
         install_dir : rootlibexecdir)
247
         install_dir : rootlibexecdir)
1140
248
 
248
 
1141
@@ -251,7 +251,7 @@ index 36cbfa4..2abc0f1 100644
1142
251
+        'src/fsckd/fsckd.c',
251
+        'src/fsckd/fsckd.c',
1143
252
+        include_directories : includes,
252
+        include_directories : includes,
1144
253
+        link_with : [libshared],
253
+        link_with : [libshared],
1146
254
+        install_rpath : rootlibexecdir,
254
+        install_rpath : rootpkglibdir,
1147
255
+        install : true,
255
+        install : true,
1148
256
+        install_dir : rootlibexecdir)
256
+        install_dir : rootlibexecdir)
1149
257
+
257
+
1150
diff --git a/debian/patches/glibc-Remove-include-linux-fs.h-to-resolve-fsconfig_comma.patch b/debian/patches/glibc-Remove-include-linux-fs.h-to-resolve-fsconfig_comma.patch
1151
258
deleted file mode 100644
258
deleted file mode 100644
1152
index c11f3e8..0000000
1153
--- a/debian/patches/glibc-Remove-include-linux-fs.h-to-resolve-fsconfig_comma.patch
1154
+++ /dev/null
1155
@@ -1,95 +0,0 @@
1156
1
From: Rudi Heitbaum <rudi@heitbaum.com>
1157
2
Date: Sat, 23 Jul 2022 10:38:49 +0000
1158
3
Subject: glibc: Remove #include <linux/fs.h> to resolve
1159
4
Origin: upstream,https://github.com/systemd/systemd/pull/23992
1160
5
1161
6
fsconfig_command/mount_attr conflict with glibc 2.36
1162
7
Fixes: #23984
1163
8
1164
9
---
1165
10
 meson.build             | 13 ++++++++++++-
1166
11
 src/basic/fd-util.c     |  2 ++
1167
12
 src/core/namespace.c    |  2 ++
1168
13
 src/shared/mount-util.c |  2 ++
1169
14
 4 files changed, 18 insertions(+), 1 deletion(-)
1170
15
1171
16
diff --git a/meson.build b/meson.build
1172
17
index 2abc0f1..9f00405 100644
1173
18
--- a/meson.build
1174
19
+++ b/meson.build
1175
20
@@ -479,7 +479,6 @@ decl_headers = '''
1176
21
 #include <uchar.h>
1177
22
 #include <sys/mount.h>
1178
23
 #include <sys/stat.h>
1179
24
-#include <linux/fs.h>
1180
25
 '''
1181
26
 
1182
27
 foreach decl : ['char16_t',
1183
28
@@ -491,6 +490,17 @@ foreach decl : ['char16_t',
1184
29
         # We get -1 if the size cannot be determined
1185
30
         have = cc.sizeof(decl, prefix : decl_headers, args : '-D_GNU_SOURCE') > 0
1186
31
 
1187
32
+        if decl == 'struct mount_attr'
1188
33
+                if have
1189
34
+                        want_linux_fs_h = false
1190
35
+                else
1191
36
+                        have = cc.sizeof(decl,
1192
37
+                                         prefix : decl_headers + '#include <linux/fs.h>',
1193
38
+                                         args : '-D_GNU_SOURCE') > 0
1194
39
+                        want_linux_fs_h = have
1195
40
+                endif
1196
41
+        endif
1197
42
+
1198
43
         if decl == 'struct statx'
1199
44
                 if have
1200
45
                         want_linux_stat_h = false
1201
46
@@ -506,6 +516,7 @@ foreach decl : ['char16_t',
1202
47
 endforeach
1203
48
 
1204
49
 conf.set10('WANT_LINUX_STAT_H', want_linux_stat_h)
1205
50
+conf.set10('WANT_LINUX_FS_H', want_linux_fs_h)
1206
51
 
1207
52
 foreach ident : ['secure_getenv', '__secure_getenv']
1208
53
         conf.set10('HAVE_' + ident.to_upper(), cc.has_function(ident))
1209
54
diff --git a/src/basic/fd-util.c b/src/basic/fd-util.c
1210
55
index 6c1de92..00591d6 100644
1211
56
--- a/src/basic/fd-util.c
1212
57
+++ b/src/basic/fd-util.c
1213
58
@@ -3,7 +3,9 @@
1214
59
 #include <errno.h>
1215
60
 #include <fcntl.h>
1216
61
 #include <linux/btrfs.h>
1217
62
+#if WANT_LINUX_FS_H
1218
63
 #include <linux/fs.h>
1219
64
+#endif
1220
65
 #include <linux/magic.h>
1221
66
 #include <sys/ioctl.h>
1222
67
 #include <sys/resource.h>
1223
68
diff --git a/src/core/namespace.c b/src/core/namespace.c
1224
69
index 926aa96..c85a947 100644
1225
70
--- a/src/core/namespace.c
1226
71
+++ b/src/core/namespace.c
1227
72
@@ -6,7 +6,9 @@
1228
73
 #include <stdio.h>
1229
74
 #include <sys/mount.h>
1230
75
 #include <unistd.h>
1231
76
+#if WANT_LINUX_FS_H
1232
77
 #include <linux/fs.h>
1233
78
+#endif
1234
79
 
1235
80
 #include "alloc-util.h"
1236
81
 #include "base-filesystem.h"
1237
82
diff --git a/src/shared/mount-util.c b/src/shared/mount-util.c
1238
83
index e76e4a0..0c8dec7 100644
1239
84
--- a/src/shared/mount-util.c
1240
85
+++ b/src/shared/mount-util.c
1241
86
@@ -7,7 +7,9 @@
1242
87
 #include <sys/statvfs.h>
1243
88
 #include <unistd.h>
1244
89
 #include <linux/loop.h>
1245
90
+#if WANT_LINUX_FS_H
1246
91
 #include <linux/fs.h>
1247
92
+#endif
1248
93
 
1249
94
 #include "alloc-util.h"
1250
95
 #include "chase-symlinks.h"
1251
diff --git a/debian/patches/lp1979215-boot-efi-missing-.note.GNU-stack-section-implies-executab.patch b/debian/patches/lp1979215-boot-efi-missing-.note.GNU-stack-section-implies-executab.patch
1252
96
deleted file mode 100644
0
deleted file mode 100644
1253
index 150eb84..0000000
1254
--- a/debian/patches/lp1979215-boot-efi-missing-.note.GNU-stack-section-implies-executab.patch
1255
+++ /dev/null
1256
@@ -1,32 +0,0 @@
1257
1
Description: Ignore 'missing .note.GNU-stack section implies executable stack' warning
1258
2
  This is actually caused by crt0-efi-x86_64.o from gnu-efi. Ignore the warning until
1259
3
  this package is fixed.
1260
4
Author: Nick Rosbrook <nick.rosbrook@canonical.com>
1261
5
Bug: https://sourceforge.net/p/gnu-efi/bugs/28/
1262
6
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/gnu-efi/+bug/1979215
1263
7
Last-Update: 2022-06-20
1264
8
---
1265
9
From: Nick Rosbrook <nick.rosbrook@canonical.com>
1266
10
Date: Fri, 17 Jun 2022 14:48:49 -0400
1267
11
Subject: boot/efi: ignore 'missing .note.GNU-stack section implies executable stack' warning
1268
12
1269
13
This actually comes from gnu-efi [1], so once that is fixed we can drop
1270
14
this patch.
1271
15
1272
16
[1] https://sourceforge.net/p/gnu-efi/bugs/28/
1273
17
---
1274
18
 src/boot/efi/meson.build | 1 +
1275
19
 1 file changed, 1 insertion(+)
1276
20
1277
21
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
1278
22
index 299a01b..6f0d7b9 100644
1279
23
--- a/src/boot/efi/meson.build
1280
24
+++ b/src/boot/efi/meson.build
1281
25
@@ -256,6 +256,7 @@ efi_ldflags = [
1282
26
         '-Wl,--fatal-warnings',
1283
27
         '-Wl,--no-undefined',
1284
28
         '-Wl,--warn-common',
1285
29
+        '-Wl,--no-warn-execstack',
1286
30
         '-Wl,-Bsymbolic',
1287
31
         '-z', 'nocombreloc',
1288
32
         efi_crt0,
1289
diff --git a/debian/patches/lp1979236-boot-efi-set-no-warn-rwx-segments-on-arm.patch b/debian/patches/lp1979236-boot-efi-set-no-warn-rwx-segments-on-arm.patch
1290
33
deleted file mode 100644
0
deleted file mode 100644
1291
index 2e09a6d..0000000
1292
--- a/debian/patches/lp1979236-boot-efi-set-no-warn-rwx-segments-on-arm.patch
1293
+++ /dev/null
1294
@@ -1,34 +0,0 @@
1295
1
Description: Set --no-warn-rwx-segments on arm
1296
2
 A new linker warning is causing FTBFS on arm. Until upstream systemd
1297
3
 has an appropriate patch, just disable the warning.
1298
4
Author: Nick Rosbrook <nick.rosbrook@canonical.com>
1299
5
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1979236
1300
6
Last-Update: 2022-06-20
1301
7
---
1302
8
From: Nick Rosbrook <nick.rosbrook@canonical.com>
1303
9
Date: Fri, 17 Jun 2022 15:54:34 -0400
1304
10
Subject: boot/efi: set --no-warn-rwx-segments on arm
1305
11
1306
12
---
1307
13
 src/boot/efi/meson.build | 2 ++
1308
14
 1 file changed, 2 insertions(+)
1309
15
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
1310
16
index 6f0d7b9..c0beffb 100644
1311
17
--- a/src/boot/efi/meson.build
1312
18
+++ b/src/boot/efi/meson.build
1313
19
@@ -266,6 +266,7 @@ if efi_arch[1] in ['aarch64', 'arm', 'riscv64']
1314
20
         # Aarch64, ARM32 and 64bit RISC-V don't have an EFI capable objcopy.
1315
21
         # Use 'binary' instead, and add required symbols manually.
1316
22
         efi_ldflags += ['-Wl,--defsym=EFI_SUBSYSTEM=0xa']
1317
23
+        efi_ldflags += ['-Wl,--no-warn-rwx-segments']
1318
24
         efi_format = ['-O', 'binary']
1319
25
 else
1320
26
         efi_ldflags += ['-pie']
1321
27
@@ -280,6 +281,7 @@ if efi_arch[1] == 'arm'
1322
28
         # is because libgcc is not compiled with -fshort-wchar, but it does not
1323
29
         # have any occurrences of wchar_t in its sources or the documentation, so
1324
30
         # it is safe to assume that we can ignore this warning.
1325
31
+        efi_ldflags += ['-Wl,--no-warn-rwx-segments']
1326
32
         efi_ldflags += ['-Wl,--no-wchar-size-warning']
1327
33
 endif
1328
34
 
1329
diff --git a/debian/patches/meson-install-libsystemd-shared-into-rootpkglibdir.patch b/debian/patches/meson-install-libsystemd-shared-into-rootpkglibdir.patch
1330
35
new file mode 100644
0
new file mode 100644
1331
index 0000000..91a4e3a
1332
--- /dev/null
1333
+++ b/debian/patches/meson-install-libsystemd-shared-into-rootpkglibdir.patch
1334
@@ -0,0 +1,1218 @@
1335
1
From: Michael Biebl <biebl@debian.org>
1336
2
Date: Wed, 1 Jun 2022 08:23:02 +0200
1337
3
Subject: meson: install libsystemd-shared into rootpkglibdir
1338
4
1339
5
Introduce rootpkglibdir for installing libsystemd-{shared,core}.so.
1340
6
The benefit over using rootlibexecdir is that this path can be
1341
7
multiarch aware, i.e. this path can be architecture qualified.
1342
8
1343
9
This is something we'd like to make use of in Debian/Ubuntu to make
1344
10
libsystemd-shared co-installable, e.g. for i386 the path would be
1345
11
/usr/lib/i386-linux-gnu/systemd/libsystemd-shared-*.so and for amd64
1346
12
/usr/lib/x86_64-linux-gnu/systemd/libsystemd-shared-*.so.
1347
13
This will allow for example to install and run systemd-boot/i386 on an
1348
14
amd64 host. It also simplifies/enables cross-building/bootstrapping.
1349
15
1350
16
For more infos about Multi-Arch see https://wiki.debian.org/Multiarch.
1351
17
1352
18
See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990547
1353
19
1354
20
(cherry picked from commit 5fb225615bf751b97644bed7aae44f69ba03cc84)
1355
21
---
1356
22
 meson.build              | 249 ++++++++++++++++++++++++-----------------------
1357
23
 src/core/meson.build     |   2 +-
1358
24
 src/nspawn/nspawn-util.c |   5 +-
1359
25
 src/shared/meson.build   |   2 +-
1360
26
 src/udev/meson.build     |   2 +-
1361
27
 5 files changed, 132 insertions(+), 128 deletions(-)
1362
28
1363
29
diff --git a/meson.build b/meson.build
1364
30
index ecc5533..f73c7ff 100644
1365
31
--- a/meson.build
1366
32
+++ b/meson.build
1367
33
@@ -146,6 +146,7 @@ rootlibdir = get_option('rootlibdir')
1368
34
 if rootlibdir == ''
1369
35
         rootlibdir = rootprefixdir / libdir.split('/')[-1]
1370
36
 endif
1371
37
+rootpkglibdir = rootlibdir / 'systemd'
1372
38
 
1373
39
 install_sysconfdir = get_option('install-sysconfdir') != 'false'
1374
40
 install_sysconfdir_samples = get_option('install-sysconfdir') == 'true'
1375
41
@@ -1994,7 +1995,7 @@ if conf.get('HAVE_LIBCRYPTSETUP_PLUGINS') == 1
1376
42
                                         tpm2,
1377
43
                                         versiondep],
1378
44
                         link_depends : cryptsetup_token_sym,
1379
45
-                        install_rpath : rootlibexecdir,
1380
46
+                        install_rpath : rootpkglibdir,
1381
47
                         install : true,
1382
48
                         install_dir : libcryptsetup_plugins_dir)
1383
49
         endif
1384
50
@@ -2012,7 +2013,7 @@ if conf.get('HAVE_LIBCRYPTSETUP_PLUGINS') == 1
1385
51
                                         libfido2,
1386
52
                                         versiondep],
1387
53
                         link_depends : cryptsetup_token_sym,
1388
54
-                        install_rpath : rootlibexecdir,
1389
55
+                        install_rpath : rootpkglibdir,
1390
56
                         install : true,
1391
57
                         install_dir : libcryptsetup_plugins_dir)
1392
58
         endif
1393
59
@@ -2030,7 +2031,7 @@ if conf.get('HAVE_LIBCRYPTSETUP_PLUGINS') == 1
1394
60
                                         libp11kit,
1395
61
                                         versiondep],
1396
62
                         link_depends : cryptsetup_token_sym,
1397
63
-                        install_rpath : rootlibexecdir,
1398
64
+                        install_rpath : rootpkglibdir,
1399
65
                         install : true,
1400
66
                         install_dir : libcryptsetup_plugins_dir)
1401
67
         endif
1402
68
@@ -2165,7 +2166,7 @@ exe = executable(
1403
69
                      libshared],
1404
70
         dependencies : [versiondep,
1405
71
                         libseccomp],
1406
72
-        install_rpath : rootlibexecdir,
1407
73
+        install_rpath : rootpkglibdir,
1408
74
         install : true,
1409
75
         install_dir : rootlibexecdir)
1410
76
 dbus_programs += exe
1411
77
@@ -2183,7 +2184,7 @@ public_programs += executable(
1412
78
                      libshared],
1413
79
         dependencies : [versiondep,
1414
80
                         libseccomp],
1415
81
-        install_rpath : rootlibexecdir,
1416
82
+        install_rpath : rootpkglibdir,
1417
83
         install : conf.get('ENABLE_ANALYZE') == 1)
1418
84
 
1419
85
 executable(
1420
86
@@ -2197,7 +2198,7 @@ executable(
1421
87
                         liblz4,
1422
88
                         libselinux,
1423
89
                         libzstd],
1424
90
-        install_rpath : rootlibexecdir,
1425
91
+        install_rpath : rootpkglibdir,
1426
92
         install : true,
1427
93
         install_dir : rootlibexecdir)
1428
94
 
1429
95
@@ -2208,7 +2209,7 @@ public_programs += executable(
1430
96
         link_with : [libjournal_core,
1431
97
                      libshared],
1432
98
         dependencies : [threads],
1433
99
-        install_rpath : rootlibexecdir,
1434
100
+        install_rpath : rootpkglibdir,
1435
101
         install : true)
1436
102
 
1437
103
 public_programs += executable(
1438
104
@@ -2222,7 +2223,7 @@ public_programs += executable(
1439
105
                         liblz4,
1440
106
                         libzstd,
1441
107
                         libdl],
1442
108
-        install_rpath : rootlibexecdir,
1443
109
+        install_rpath : rootpkglibdir,
1444
110
         install : true,
1445
111
         install_dir : rootbindir)
1446
112
 
1447
113
@@ -2231,7 +2232,7 @@ executable(
1448
114
         'src/getty-generator/getty-generator.c',
1449
115
         include_directories : includes,
1450
116
         link_with : [libshared],
1451
117
-        install_rpath : rootlibexecdir,
1452
118
+        install_rpath : rootpkglibdir,
1453
119
         install : true,
1454
120
         install_dir : systemgeneratordir)
1455
121
 
1456
122
@@ -2240,7 +2241,7 @@ executable(
1457
123
         'src/debug-generator/debug-generator.c',
1458
124
         include_directories : includes,
1459
125
         link_with : [libshared],
1460
126
-        install_rpath : rootlibexecdir,
1461
127
+        install_rpath : rootpkglibdir,
1462
128
         install : true,
1463
129
         install_dir : systemgeneratordir)
1464
130
 
1465
131
@@ -2249,7 +2250,7 @@ executable(
1466
132
         'src/run-generator/run-generator.c',
1467
133
         include_directories : includes,
1468
134
         link_with : [libshared],
1469
135
-        install_rpath : rootlibexecdir,
1470
136
+        install_rpath : rootpkglibdir,
1471
137
         install : true,
1472
138
         install_dir : systemgeneratordir)
1473
139
 
1474
140
@@ -2258,7 +2259,7 @@ exe = executable(
1475
141
         'src/fstab-generator/fstab-generator.c',
1476
142
         include_directories : includes,
1477
143
         link_with : [libshared],
1478
144
-        install_rpath : rootlibexecdir,
1479
145
+        install_rpath : rootpkglibdir,
1480
146
         install : true,
1481
147
         install_dir : systemgeneratordir)
1482
148
 
1483
149
@@ -2276,7 +2277,7 @@ if conf.get('ENABLE_ENVIRONMENT_D') == 1
1484
150
                 'src/environment-d-generator/environment-d-generator.c',
1485
151
                 include_directories : includes,
1486
152
                 link_with : [libshared],
1487
153
-                install_rpath : rootlibexecdir,
1488
154
+                install_rpath : rootpkglibdir,
1489
155
                 install : true,
1490
156
                 install_dir : userenvgeneratordir)
1491
157
 
1492
158
@@ -2291,7 +2292,7 @@ if conf.get('ENABLE_HIBERNATE') == 1
1493
159
                 'src/hibernate-resume/hibernate-resume-generator.c',
1494
160
                 include_directories : includes,
1495
161
                 link_with : [libshared],
1496
162
-                install_rpath : rootlibexecdir,
1497
163
+                install_rpath : rootpkglibdir,
1498
164
                 install : true,
1499
165
                 install_dir : systemgeneratordir)
1500
166
 
1501
167
@@ -2300,7 +2301,7 @@ if conf.get('ENABLE_HIBERNATE') == 1
1502
168
                 'src/hibernate-resume/hibernate-resume.c',
1503
169
                 include_directories : includes,
1504
170
                 link_with : [libshared],
1505
171
-                install_rpath : rootlibexecdir,
1506
172
+                install_rpath : rootpkglibdir,
1507
173
                 install : true,
1508
174
                 install_dir : rootlibexecdir)
1509
175
 endif
1510
176
@@ -2312,7 +2313,7 @@ if conf.get('HAVE_BLKID') == 1
1511
177
                 include_directories : includes,
1512
178
                 link_with : [libshared],
1513
179
                 dependencies : libblkid,
1514
180
-                install_rpath : rootlibexecdir,
1515
181
+                install_rpath : rootpkglibdir,
1516
182
                 install : true,
1517
183
                 install_dir : systemgeneratordir)
1518
184
 
1519
185
@@ -2321,7 +2322,7 @@ if conf.get('HAVE_BLKID') == 1
1520
186
                 'src/dissect/dissect.c',
1521
187
                 include_directories : includes,
1522
188
                 link_with : [libshared],
1523
189
-                install_rpath : rootlibexecdir,
1524
190
+                install_rpath : rootpkglibdir,
1525
191
                 install : true)
1526
192
 endif
1527
193
 
1528
194
@@ -2334,7 +2335,7 @@ if conf.get('ENABLE_RESOLVE') == 1
1529
195
                              libbasic_gcrypt,
1530
196
                              libsystemd_resolve_core],
1531
197
                 dependencies : systemd_resolved_dependencies,
1532
198
-                install_rpath : rootlibexecdir,
1533
199
+                install_rpath : rootpkglibdir,
1534
200
                 install : true,
1535
201
                 install_dir : rootlibexecdir)
1536
202
 
1537
203
@@ -2349,7 +2350,7 @@ if conf.get('ENABLE_RESOLVE') == 1
1538
204
                                 lib_openssl_or_gcrypt,
1539
205
                                 libm,
1540
206
                                 libidn],
1541
207
-                install_rpath : rootlibexecdir,
1542
208
+                install_rpath : rootpkglibdir,
1543
209
                 install : true)
1544
210
 
1545
211
         meson.add_install_script(meson_make_symlink,
1546
212
@@ -2370,7 +2371,7 @@ if conf.get('ENABLE_LOGIND') == 1
1547
213
                              libshared],
1548
214
                 dependencies : [threads,
1549
215
                                 libacl],
1550
216
-                install_rpath : rootlibexecdir,
1551
217
+                install_rpath : rootpkglibdir,
1552
218
                 install : true,
1553
219
                 install_dir : rootlibexecdir)
1554
220
 
1555
221
@@ -2383,7 +2384,7 @@ if conf.get('ENABLE_LOGIND') == 1
1556
222
                                 liblz4,
1557
223
                                 libxz,
1558
224
                                 libzstd],
1559
225
-                install_rpath : rootlibexecdir,
1560
226
+                install_rpath : rootpkglibdir,
1561
227
                 install : true,
1562
228
                 install_dir : rootbindir)
1563
229
 
1564
230
@@ -2392,7 +2393,7 @@ if conf.get('ENABLE_LOGIND') == 1
1565
231
                 'src/login/inhibit.c',
1566
232
                 include_directories : includes,
1567
233
                 link_with : [libshared],
1568
234
-                install_rpath : rootlibexecdir,
1569
235
+                install_rpath : rootpkglibdir,
1570
236
                 install : true,
1571
237
                 install_dir : rootbindir)
1572
238
 
1573
239
@@ -2429,7 +2430,7 @@ if conf.get('ENABLE_LOGIND') == 1
1574
240
                 user_runtime_dir_sources,
1575
241
                 include_directories : includes,
1576
242
                 link_with : [libshared],
1577
243
-                install_rpath : rootlibexecdir,
1578
244
+                install_rpath : rootpkglibdir,
1579
245
                 install : true,
1580
246
                 install_dir : rootlibexecdir)
1581
247
 endif
1582
248
@@ -2440,7 +2441,7 @@ if conf.get('HAVE_PAM') == 1
1583
249
                 'src/user-sessions/user-sessions.c',
1584
250
                 include_directories : includes,
1585
251
                 link_with : [libshared],
1586
252
-                install_rpath : rootlibexecdir,
1587
253
+                install_rpath : rootpkglibdir,
1588
254
                 install : true,
1589
255
                 install_dir : rootlibexecdir)
1590
256
 endif
1591
257
@@ -2458,7 +2459,7 @@ if conf.get('HAVE_BLKID') == 1 and conf.get('HAVE_GNU_EFI') == 1
1592
258
                 include_directories : includes,
1593
259
                 link_with : [boot_link_with],
1594
260
                 dependencies : [libblkid],
1595
261
-                install_rpath : rootlibexecdir,
1596
262
+                install_rpath : rootpkglibdir,
1597
263
                 install : true)
1598
264
 
1599
265
         public_programs += executable(
1600
266
@@ -2467,7 +2468,7 @@ if conf.get('HAVE_BLKID') == 1 and conf.get('HAVE_GNU_EFI') == 1
1601
267
                 include_directories : includes,
1602
268
                 link_with : [boot_link_with],
1603
269
                 dependencies : [libblkid],
1604
270
-                install_rpath : rootlibexecdir,
1605
271
+                install_rpath : rootpkglibdir,
1606
272
                 install : true,
1607
273
                 install_dir : rootlibexecdir)
1608
274
 
1609
275
@@ -2476,7 +2477,7 @@ if conf.get('HAVE_BLKID') == 1 and conf.get('HAVE_GNU_EFI') == 1
1610
276
                 'src/boot/bless-boot-generator.c',
1611
277
                 include_directories : includes,
1612
278
                 link_with : [boot_link_with],
1613
279
-                install_rpath : rootlibexecdir,
1614
280
+                install_rpath : rootpkglibdir,
1615
281
                 install : true,
1616
282
                 install_dir : systemgeneratordir)
1617
283
 endif
1618
284
@@ -2487,7 +2488,7 @@ executable(
1619
285
         include_directories : includes,
1620
286
         link_with : [libshared],
1621
287
         dependencies : [libblkid],
1622
288
-        install_rpath : rootlibexecdir,
1623
289
+        install_rpath : rootpkglibdir,
1624
290
         install : true,
1625
291
         install_dir : rootlibexecdir)
1626
292
 
1627
293
@@ -2497,7 +2498,7 @@ public_programs += executable(
1628
294
         include_directories : includes,
1629
295
         link_with : [libshared],
1630
296
         dependencies : [threads],
1631
297
-        install_rpath : rootlibexecdir,
1632
298
+        install_rpath : rootpkglibdir,
1633
299
         install : true)
1634
300
 
1635
301
 systemctl = executable(
1636
302
@@ -2511,7 +2512,7 @@ systemctl = executable(
1637
303
                         libxz,
1638
304
                         liblz4,
1639
305
                         libzstd],
1640
306
-        install_rpath : rootlibexecdir,
1641
307
+        install_rpath : rootpkglibdir,
1642
308
         install : true,
1643
309
         install_dir : rootbindir)
1644
310
 public_programs += systemctl
1645
311
@@ -2523,7 +2524,7 @@ if conf.get('ENABLE_PORTABLED') == 1
1646
312
                 include_directories : includes,
1647
313
                 link_with : [libshared],
1648
314
                 dependencies : [threads, libselinux],
1649
315
-                install_rpath : rootlibexecdir,
1650
316
+                install_rpath : rootpkglibdir,
1651
317
                 install : true,
1652
318
                 install_dir : rootlibexecdir)
1653
319
 
1654
320
@@ -2533,7 +2534,7 @@ if conf.get('ENABLE_PORTABLED') == 1
1655
321
                 include_directories : includes,
1656
322
                 link_with : [libshared],
1657
323
                 dependencies : [threads],
1658
324
-                install_rpath : rootlibexecdir,
1659
325
+                install_rpath : rootpkglibdir,
1660
326
                 install : true,
1661
327
                 install_dir : rootbindir)
1662
328
 endif
1663
329
@@ -2544,7 +2545,7 @@ if conf.get('ENABLE_SYSEXT') == 1
1664
330
                 systemd_sysext_sources,
1665
331
                 include_directories : includes,
1666
332
                 link_with : [libshared],
1667
333
-                install_rpath : rootlibexecdir,
1668
334
+                install_rpath : rootpkglibdir,
1669
335
                 install : true,
1670
336
                 install_dir : rootbindir)
1671
337
 endif
1672
338
@@ -2556,7 +2557,7 @@ if conf.get('ENABLE_USERDB') == 1
1673
339
                 include_directories : includes,
1674
340
                 link_with : [libshared],
1675
341
                 dependencies : [threads],
1676
342
-                install_rpath : rootlibexecdir,
1677
343
+                install_rpath : rootpkglibdir,
1678
344
                 install : true,
1679
345
                 install_dir : rootlibexecdir)
1680
346
 
1681
347
@@ -2566,7 +2567,7 @@ if conf.get('ENABLE_USERDB') == 1
1682
348
                 include_directories : includes,
1683
349
                 link_with : [libshared],
1684
350
                 dependencies : [threads],
1685
351
-                install_rpath : rootlibexecdir,
1686
352
+                install_rpath : rootpkglibdir,
1687
353
                 install : true,
1688
354
                 install_dir : rootlibexecdir)
1689
355
 
1690
356
@@ -2576,7 +2577,7 @@ if conf.get('ENABLE_USERDB') == 1
1691
357
                 include_directories : includes,
1692
358
                 link_with : [libshared],
1693
359
                 dependencies : [threads],
1694
360
-                install_rpath : rootlibexecdir,
1695
361
+                install_rpath : rootpkglibdir,
1696
362
                 install : true)
1697
363
 endif
1698
364
 
1699
365
@@ -2592,7 +2593,7 @@ if conf.get('ENABLE_HOMED') == 1
1700
366
                                 libopenssl,
1701
367
                                 libfdisk,
1702
368
                                 libp11kit],
1703
369
-                install_rpath : rootlibexecdir,
1704
370
+                install_rpath : rootpkglibdir,
1705
371
                 install : true,
1706
372
                 install_dir : rootlibexecdir)
1707
373
 
1708
374
@@ -2605,7 +2606,7 @@ if conf.get('ENABLE_HOMED') == 1
1709
375
                                 libcrypt,
1710
376
                                 libopenssl,
1711
377
                                 libm],
1712
378
-                install_rpath : rootlibexecdir,
1713
379
+                install_rpath : rootpkglibdir,
1714
380
                 install : true,
1715
381
                 install_dir : rootlibexecdir)
1716
382
 
1717
383
@@ -2619,7 +2620,7 @@ if conf.get('ENABLE_HOMED') == 1
1718
384
                                 libopenssl,
1719
385
                                 libp11kit,
1720
386
                                 libdl],
1721
387
-                install_rpath : rootlibexecdir,
1722
388
+                install_rpath : rootpkglibdir,
1723
389
                 install : true)
1724
390
 
1725
391
         if conf.get('HAVE_PAM') == 1
1726
392
@@ -2661,7 +2662,7 @@ if conf.get('ENABLE_BACKLIGHT') == 1
1727
393
                 'src/backlight/backlight.c',
1728
394
                 include_directories : includes,
1729
395
                 link_with : [libshared],
1730
396
-                install_rpath : rootlibexecdir,
1731
397
+                install_rpath : rootpkglibdir,
1732
398
                 install : true,
1733
399
                 install_dir : rootlibexecdir)
1734
400
 endif
1735
401
@@ -2672,7 +2673,7 @@ if conf.get('ENABLE_RFKILL') == 1
1736
402
                 'src/rfkill/rfkill.c',
1737
403
                 include_directories : includes,
1738
404
                 link_with : [libshared],
1739
405
-                install_rpath : rootlibexecdir,
1740
406
+                install_rpath : rootpkglibdir,
1741
407
                 install : true,
1742
408
                 install_dir : rootlibexecdir)
1743
409
 endif
1744
410
@@ -2682,7 +2683,7 @@ executable(
1745
411
         'src/system-update-generator/system-update-generator.c',
1746
412
         include_directories : includes,
1747
413
         link_with : [libshared],
1748
414
-        install_rpath : rootlibexecdir,
1749
415
+        install_rpath : rootpkglibdir,
1750
416
         install : true,
1751
417
         install_dir : systemgeneratordir)
1752
418
 
1753
419
@@ -2694,7 +2695,7 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1
1754
420
                 link_with : [libshared],
1755
421
                 dependencies : [libcryptsetup,
1756
422
                                 libp11kit],
1757
423
-                install_rpath : rootlibexecdir,
1758
424
+                install_rpath : rootpkglibdir,
1759
425
                 install : true,
1760
426
                 install_dir : rootlibexecdir)
1761
427
 
1762
428
@@ -2703,7 +2704,7 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1
1763
429
                 'src/cryptsetup/cryptsetup-generator.c',
1764
430
                 include_directories : includes,
1765
431
                 link_with : [libshared],
1766
432
-                install_rpath : rootlibexecdir,
1767
433
+                install_rpath : rootpkglibdir,
1768
434
                 install : true,
1769
435
                 install_dir : systemgeneratordir)
1770
436
 
1771
437
@@ -2713,7 +2714,7 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1
1772
438
                 include_directories : includes,
1773
439
                 link_with : [libshared],
1774
440
                 dependencies : [libcryptsetup],
1775
441
-                install_rpath : rootlibexecdir,
1776
442
+                install_rpath : rootpkglibdir,
1777
443
                 install : true,
1778
444
                 install_dir : rootlibexecdir)
1779
445
 
1780
446
@@ -2722,7 +2723,7 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1
1781
447
                 'src/veritysetup/veritysetup-generator.c',
1782
448
                 include_directories : includes,
1783
449
                 link_with : [libshared],
1784
450
-                install_rpath : rootlibexecdir,
1785
451
+                install_rpath : rootpkglibdir,
1786
452
                 install : true,
1787
453
                 install_dir : systemgeneratordir)
1788
454
 
1789
455
@@ -2735,7 +2736,7 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1
1790
456
                                 libdl,
1791
457
                                 libopenssl,
1792
458
                                 libp11kit],
1793
459
-                install_rpath : rootlibexecdir,
1794
460
+                install_rpath : rootpkglibdir,
1795
461
                 install : true)
1796
462
 
1797
463
         executable(
1798
464
@@ -2744,7 +2745,7 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1
1799
465
                 include_directories : includes,
1800
466
                 link_with : [libshared],
1801
467
                 dependencies : [libcryptsetup],
1802
468
-                install_rpath : rootlibexecdir,
1803
469
+                install_rpath : rootpkglibdir,
1804
470
                 install : true,
1805
471
                 install_dir : rootlibexecdir)
1806
472
 
1807
473
@@ -2753,7 +2754,7 @@ if conf.get('HAVE_LIBCRYPTSETUP') == 1
1808
474
                 ['src/integritysetup/integritysetup-generator.c', 'src/integritysetup/integrity-util.c'],
1809
475
                 include_directories : includes,
1810
476
                 link_with : [libshared],
1811
477
-                install_rpath : rootlibexecdir,
1812
478
+                install_rpath : rootpkglibdir,
1813
479
                 install : true,
1814
480
                 install_dir : systemgeneratordir)
1815
481
 endif
1816
482
@@ -2764,7 +2765,7 @@ if conf.get('HAVE_SYSV_COMPAT') == 1
1817
483
                 'src/sysv-generator/sysv-generator.c',
1818
484
                 include_directories : includes,
1819
485
                 link_with : [libshared],
1820
486
-                install_rpath : rootlibexecdir,
1821
487
+                install_rpath : rootpkglibdir,
1822
488
                 install : true,
1823
489
                 install_dir : systemgeneratordir)
1824
490
 
1825
491
@@ -2780,7 +2781,7 @@ if conf.get('HAVE_SYSV_COMPAT') == 1
1826
492
                 'src/rc-local-generator/rc-local-generator.c',
1827
493
                 include_directories : includes,
1828
494
                 link_with : [libshared],
1829
495
-                install_rpath : rootlibexecdir,
1830
496
+                install_rpath : rootpkglibdir,
1831
497
                 install : true,
1832
498
                 install_dir : systemgeneratordir)
1833
499
 endif
1834
500
@@ -2791,7 +2792,7 @@ if conf.get('ENABLE_XDG_AUTOSTART') == 1
1835
501
                 systemd_xdg_autostart_generator_sources,
1836
502
                 include_directories : includes,
1837
503
                 link_with : [libshared],
1838
504
-                install_rpath : rootlibexecdir,
1839
505
+                install_rpath : rootpkglibdir,
1840
506
                 install : true,
1841
507
                 install_dir : usergeneratordir)
1842
508
 
1843
509
@@ -2800,7 +2801,7 @@ if conf.get('ENABLE_XDG_AUTOSTART') == 1
1844
510
                 'src/xdg-autostart-generator/xdg-autostart-condition.c',
1845
511
                 include_directories : includes,
1846
512
                 link_with : [libshared],
1847
513
-                install_rpath : rootlibexecdir,
1848
514
+                install_rpath : rootpkglibdir,
1849
515
                 install : true,
1850
516
                 install_dir : rootlibexecdir)
1851
517
 endif
1852
518
@@ -2811,7 +2812,7 @@ if conf.get('ENABLE_HOSTNAMED') == 1
1853
519
                 'src/hostname/hostnamed.c',
1854
520
                 include_directories : includes,
1855
521
                 link_with : [libshared],
1856
522
-                install_rpath : rootlibexecdir,
1857
523
+                install_rpath : rootpkglibdir,
1858
524
                 install : true,
1859
525
                 install_dir : rootlibexecdir)
1860
526
 
1861
527
@@ -2820,7 +2821,7 @@ if conf.get('ENABLE_HOSTNAMED') == 1
1862
528
                 'src/hostname/hostnamectl.c',
1863
529
                 include_directories : includes,
1864
530
                 link_with : [libshared],
1865
531
-                install_rpath : rootlibexecdir,
1866
532
+                install_rpath : rootpkglibdir,
1867
533
                 install : true)
1868
534
 endif
1869
535
 
1870
536
@@ -2839,7 +2840,7 @@ if conf.get('ENABLE_LOCALED') == 1
1871
537
                 include_directories : includes,
1872
538
                 link_with : [libshared],
1873
539
                 dependencies : deps,
1874
540
-                install_rpath : rootlibexecdir,
1875
541
+                install_rpath : rootpkglibdir,
1876
542
                 install : true,
1877
543
                 install_dir : rootlibexecdir)
1878
544
 
1879
545
@@ -2848,7 +2849,7 @@ if conf.get('ENABLE_LOCALED') == 1
1880
546
                 localectl_sources,
1881
547
                 include_directories : includes,
1882
548
                 link_with : [libshared],
1883
549
-                install_rpath : rootlibexecdir,
1884
550
+                install_rpath : rootpkglibdir,
1885
551
                 install : true)
1886
552
 endif
1887
553
 
1888
554
@@ -2858,7 +2859,7 @@ if conf.get('ENABLE_TIMEDATED') == 1
1889
555
                 'src/timedate/timedated.c',
1890
556
                 include_directories : includes,
1891
557
                 link_with : [libshared],
1892
558
-                install_rpath : rootlibexecdir,
1893
559
+                install_rpath : rootpkglibdir,
1894
560
                 install : true,
1895
561
                 install_dir : rootlibexecdir)
1896
562
 endif
1897
563
@@ -2868,7 +2869,7 @@ if conf.get('ENABLE_TIMEDATECTL') == 1
1898
564
                 'timedatectl',
1899
565
                 'src/timedate/timedatectl.c',
1900
566
                 include_directories : includes,
1901
567
-                install_rpath : rootlibexecdir,
1902
568
+                install_rpath : rootpkglibdir,
1903
569
                 link_with : [libshared],
1904
570
                 dependencies : [libm],
1905
571
                 install : true)
1906
572
@@ -2882,7 +2883,7 @@ if conf.get('ENABLE_TIMESYNCD') == 1
1907
573
                 link_with : [libtimesyncd_core],
1908
574
                 dependencies : [threads,
1909
575
                                 libm],
1910
576
-                install_rpath : rootlibexecdir,
1911
577
+                install_rpath : rootpkglibdir,
1912
578
                 install : true,
1913
579
                 install_dir : rootlibexecdir)
1914
580
 
1915
581
@@ -2891,7 +2892,7 @@ if conf.get('ENABLE_TIMESYNCD') == 1
1916
582
                 'src/timesync/wait-sync.c',
1917
583
                 include_directories : includes,
1918
584
                 link_with : [libtimesyncd_core],
1919
585
-                install_rpath : rootlibexecdir,
1920
586
+                install_rpath : rootpkglibdir,
1921
587
                 install : true,
1922
588
                 install_dir : rootlibexecdir)
1923
589
 endif
1924
590
@@ -2903,7 +2904,7 @@ if conf.get('ENABLE_MACHINED') == 1
1925
591
                 include_directories : includes,
1926
592
                 link_with : [libmachine_core,
1927
593
                              libshared],
1928
594
-                install_rpath : rootlibexecdir,
1929
595
+                install_rpath : rootpkglibdir,
1930
596
                 install : true,
1931
597
                 install_dir : rootlibexecdir)
1932
598
 
1933
599
@@ -2916,7 +2917,7 @@ if conf.get('ENABLE_MACHINED') == 1
1934
600
                                 libxz,
1935
601
                                 liblz4,
1936
602
                                 libzstd],
1937
603
-                install_rpath : rootlibexecdir,
1938
604
+                install_rpath : rootpkglibdir,
1939
605
                 install : true,
1940
606
                 install_dir : rootbindir)
1941
607
 endif
1942
608
@@ -2928,7 +2929,7 @@ if conf.get('ENABLE_IMPORTD') == 1
1943
609
                 include_directories : includes,
1944
610
                 link_with : [libshared],
1945
611
                 dependencies : [threads],
1946
612
-                install_rpath : rootlibexecdir,
1947
613
+                install_rpath : rootpkglibdir,
1948
614
                 install : true,
1949
615
                 install_dir : rootlibexecdir)
1950
616
 
1951
617
@@ -2944,7 +2945,7 @@ if conf.get('ENABLE_IMPORTD') == 1
1952
618
                                 libz,
1953
619
                                 libbzip2,
1954
620
                                 libxz],
1955
621
-                install_rpath : rootlibexecdir,
1956
622
+                install_rpath : rootpkglibdir,
1957
623
                 install : true,
1958
624
                 install_dir : rootlibexecdir)
1959
625
 
1960
626
@@ -2958,7 +2959,7 @@ if conf.get('ENABLE_IMPORTD') == 1
1961
627
                                 libz,
1962
628
                                 libbzip2,
1963
629
                                 libxz],
1964
630
-                install_rpath : rootlibexecdir,
1965
631
+                install_rpath : rootpkglibdir,
1966
632
                 install : true,
1967
633
                 install_dir : rootlibexecdir)
1968
634
 
1969
635
@@ -2968,7 +2969,7 @@ if conf.get('ENABLE_IMPORTD') == 1
1970
636
                 include_directories : includes,
1971
637
                 link_with : [libshared,
1972
638
                              lib_import_common],
1973
639
-                install_rpath : rootlibexecdir,
1974
640
+                install_rpath : rootpkglibdir,
1975
641
                 install : true,
1976
642
                 install_dir : rootlibexecdir)
1977
643
 
1978
644
@@ -2982,7 +2983,7 @@ if conf.get('ENABLE_IMPORTD') == 1
1979
645
                                 libz,
1980
646
                                 libbzip2,
1981
647
                                 libxz],
1982
648
-                install_rpath : rootlibexecdir,
1983
649
+                install_rpath : rootpkglibdir,
1984
650
                 install : true,
1985
651
                 install_dir : rootlibexecdir)
1986
652
 
1987
653
@@ -3002,7 +3003,7 @@ if conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_LIBCURL') == 1
1988
654
                                 libxz,
1989
655
                                 liblz4,
1990
656
                                 libzstd],
1991
657
-                install_rpath : rootlibexecdir,
1992
658
+                install_rpath : rootpkglibdir,
1993
659
                 install : true,
1994
660
                 install_dir : rootlibexecdir)
1995
661
 endif
1996
662
@@ -3020,7 +3021,7 @@ if conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1
1997
663
                                 libxz,
1998
664
                                 liblz4,
1999
665
                                 libzstd],
2000
666
-                install_rpath : rootlibexecdir,
2001
667
+                install_rpath : rootpkglibdir,
2002
668
                 install : true,
2003
669
                 install_dir : rootlibexecdir)
2004
670
 
2005
671
@@ -3035,7 +3036,7 @@ if conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1
2006
672
                                 libxz,
2007
673
                                 liblz4,
2008
674
                                 libzstd],
2009
675
-                install_rpath : rootlibexecdir,
2010
676
+                install_rpath : rootpkglibdir,
2011
677
                 install : true,
2012
678
                 install_dir : rootlibexecdir)
2013
679
 endif
2014
680
@@ -3052,7 +3053,7 @@ if conf.get('ENABLE_COREDUMP') == 1
2015
681
                                 libxz,
2016
682
                                 liblz4,
2017
683
                                 libzstd],
2018
684
-                install_rpath : rootlibexecdir,
2019
685
+                install_rpath : rootpkglibdir,
2020
686
                 install : true,
2021
687
                 install_dir : rootlibexecdir)
2022
688
 
2023
689
@@ -3066,7 +3067,7 @@ if conf.get('ENABLE_COREDUMP') == 1
2024
690
                                 libxz,
2025
691
                                 liblz4,
2026
692
                                 libzstd],
2027
693
-                install_rpath : rootlibexecdir,
2028
694
+                install_rpath : rootpkglibdir,
2029
695
                 install : true)
2030
696
 endif
2031
697
 
2032
698
@@ -3081,7 +3082,7 @@ if conf.get('ENABLE_PSTORE') == 1
2033
699
                                 libxz,
2034
700
                                 liblz4,
2035
701
                                 libzstd],
2036
702
-                install_rpath : rootlibexecdir,
2037
703
+                install_rpath : rootpkglibdir,
2038
704
                 install : true,
2039
705
                 install_dir : rootlibexecdir)
2040
706
 endif
2041
707
@@ -3092,7 +3093,7 @@ if conf.get('ENABLE_OOMD') == 1
2042
708
                    include_directories : includes,
2043
709
                    link_with : [libshared],
2044
710
                    dependencies : [],
2045
711
-                   install_rpath : rootlibexecdir,
2046
712
+                   install_rpath : rootpkglibdir,
2047
713
                    install : true,
2048
714
                    install_dir : rootlibexecdir)
2049
715
 
2050
716
@@ -3102,7 +3103,7 @@ if conf.get('ENABLE_OOMD') == 1
2051
717
                 include_directories : includes,
2052
718
                 link_with : [libshared],
2053
719
                 dependencies : [],
2054
720
-                install_rpath : rootlibexecdir,
2055
721
+                install_rpath : rootpkglibdir,
2056
722
                 install : true)
2057
723
 endif
2058
724
 
2059
725
@@ -3112,7 +3113,7 @@ if conf.get('ENABLE_BINFMT') == 1
2060
726
                 'src/binfmt/binfmt.c',
2061
727
                 include_directories : includes,
2062
728
                 link_with : [libshared],
2063
729
-                install_rpath : rootlibexecdir,
2064
730
+                install_rpath : rootpkglibdir,
2065
731
                 install : true,
2066
732
                 install_dir : rootlibexecdir)
2067
733
 
2068
734
@@ -3134,7 +3135,7 @@ if conf.get('ENABLE_SYSUPDATE') == 1
2069
735
                                 libblkid,
2070
736
                                 libfdisk,
2071
737
                                 libopenssl],
2072
738
-                install_rpath : rootlibexecdir,
2073
739
+                install_rpath : rootpkglibdir,
2074
740
                 install : true,
2075
741
                 install_dir : rootlibexecdir)
2076
742
         public_programs += exe
2077
743
@@ -3146,7 +3147,7 @@ if conf.get('ENABLE_VCONSOLE') == 1
2078
744
                 'src/vconsole/vconsole-setup.c',
2079
745
                 include_directories : includes,
2080
746
                 link_with : [libshared],
2081
747
-                install_rpath : rootlibexecdir,
2082
748
+                install_rpath : rootpkglibdir,
2083
749
                 install : true,
2084
750
                 install_dir : rootlibexecdir)
2085
751
 endif
2086
752
@@ -3157,7 +3158,7 @@ if conf.get('ENABLE_RANDOMSEED') == 1
2087
753
                 'src/random-seed/random-seed.c',
2088
754
                 include_directories : includes,
2089
755
                 link_with : [libshared],
2090
756
-                install_rpath : rootlibexecdir,
2091
757
+                install_rpath : rootpkglibdir,
2092
758
                 install : true,
2093
759
                 install_dir : rootlibexecdir)
2094
760
 endif
2095
761
@@ -3169,7 +3170,7 @@ if conf.get('ENABLE_FIRSTBOOT') == 1
2096
762
                 include_directories : includes,
2097
763
                 link_with : [libshared],
2098
764
                 dependencies : [libcrypt],
2099
765
-                install_rpath : rootlibexecdir,
2100
766
+                install_rpath : rootpkglibdir,
2101
767
                 install : true,
2102
768
                 install_dir : rootbindir)
2103
769
 endif
2104
770
@@ -3179,7 +3180,7 @@ executable(
2105
771
         'src/remount-fs/remount-fs.c',
2106
772
         include_directories : includes,
2107
773
         link_with : [libshared],
2108
774
-        install_rpath : rootlibexecdir,
2109
775
+        install_rpath : rootpkglibdir,
2110
776
         install : true,
2111
777
         install_dir : rootlibexecdir)
2112
778
 
2113
779
@@ -3188,7 +3189,7 @@ executable(
2114
780
         'src/machine-id-setup/machine-id-setup-main.c',
2115
781
         include_directories : includes,
2116
782
         link_with : [libshared],
2117
783
-        install_rpath : rootlibexecdir,
2118
784
+        install_rpath : rootpkglibdir,
2119
785
         install : true,
2120
786
         install_dir : rootbindir)
2121
787
 
2122
788
@@ -3197,7 +3198,7 @@ executable(
2123
789
         'src/fsck/fsck.c',
2124
790
         include_directories : includes,
2125
791
         link_with : [libshared],
2126
792
-        install_rpath : rootlibexecdir,
2127
793
+        install_rpath : rootpkglibdir,
2128
794
         install : true,
2129
795
         install_dir : rootlibexecdir)
2130
796
 
2131
797
@@ -3205,7 +3206,7 @@ executable('systemd-growfs',
2132
798
            'src/partition/growfs.c',
2133
799
            include_directories : includes,
2134
800
            link_with : [libshared],
2135
801
-           install_rpath : rootlibexecdir,
2136
802
+           install_rpath : rootpkglibdir,
2137
803
            install : true,
2138
804
            install_dir : rootlibexecdir)
2139
805
 
2140
806
@@ -3214,7 +3215,7 @@ executable(
2141
807
         'src/partition/makefs.c',
2142
808
         include_directories : includes,
2143
809
         link_with : [libshared],
2144
810
-        install_rpath : rootlibexecdir,
2145
811
+        install_rpath : rootpkglibdir,
2146
812
         install : true,
2147
813
         install_dir : rootlibexecdir)
2148
814
 
2149
815
@@ -3223,7 +3224,7 @@ executable(
2150
816
         'src/sleep/sleep.c',
2151
817
         include_directories : includes,
2152
818
         link_with : [libshared],
2153
819
-        install_rpath : rootlibexecdir,
2154
820
+        install_rpath : rootpkglibdir,
2155
821
         install : true,
2156
822
         install_dir : rootlibexecdir)
2157
823
 
2158
824
@@ -3237,7 +3238,7 @@ public_programs += executable(
2159
825
         'src/sysctl/sysctl.c',
2160
826
         include_directories : includes,
2161
827
         link_with : [libshared],
2162
828
-        install_rpath : rootlibexecdir,
2163
829
+        install_rpath : rootpkglibdir,
2164
830
         install : true,
2165
831
         install_dir : rootlibexecdir)
2166
832
 
2167
833
@@ -3246,7 +3247,7 @@ executable(
2168
834
         'src/ac-power/ac-power.c',
2169
835
         include_directories : includes,
2170
836
         link_with : [libshared],
2171
837
-        install_rpath : rootlibexecdir,
2172
838
+        install_rpath : rootpkglibdir,
2173
839
         install : true,
2174
840
         install_dir : rootlibexecdir)
2175
841
 
2176
842
@@ -3255,7 +3256,7 @@ public_programs += executable(
2177
843
         'src/detect-virt/detect-virt.c',
2178
844
         include_directories : includes,
2179
845
         link_with : [libshared],
2180
846
-        install_rpath : rootlibexecdir,
2181
847
+        install_rpath : rootpkglibdir,
2182
848
         install : true)
2183
849
 
2184
850
 public_programs += executable(
2185
851
@@ -3263,7 +3264,7 @@ public_programs += executable(
2186
852
         'src/delta/delta.c',
2187
853
         include_directories : includes,
2188
854
         link_with : [libshared],
2189
855
-        install_rpath : rootlibexecdir,
2190
856
+        install_rpath : rootpkglibdir,
2191
857
         install : true)
2192
858
 
2193
859
 public_programs += executable(
2194
860
@@ -3271,7 +3272,7 @@ public_programs += executable(
2195
861
         'src/escape/escape.c',
2196
862
         include_directories : includes,
2197
863
         link_with : [libshared],
2198
864
-        install_rpath : rootlibexecdir,
2199
865
+        install_rpath : rootpkglibdir,
2200
866
         install : true,
2201
867
         install_dir : rootbindir)
2202
868
 
2203
869
@@ -3280,7 +3281,7 @@ public_programs += executable(
2204
870
         'src/notify/notify.c',
2205
871
         include_directories : includes,
2206
872
         link_with : [libshared],
2207
873
-        install_rpath : rootlibexecdir,
2208
874
+        install_rpath : rootpkglibdir,
2209
875
         install : true,
2210
876
         install_dir : rootbindir)
2211
877
 
2212
878
@@ -3291,7 +3292,7 @@ public_programs += executable(
2213
879
         link_with : [libshared],
2214
880
         dependencies : [threads,
2215
881
                         libopenssl],
2216
882
-        install_rpath : rootlibexecdir,
2217
883
+        install_rpath : rootpkglibdir,
2218
884
         install : true,
2219
885
         install_dir : rootbindir)
2220
886
 
2221
887
@@ -3300,7 +3301,7 @@ executable(
2222
888
         'src/volatile-root/volatile-root.c',
2223
889
         include_directories : includes,
2224
890
         link_with : [libshared],
2225
891
-        install_rpath : rootlibexecdir,
2226
892
+        install_rpath : rootpkglibdir,
2227
893
         install : conf.get('ENABLE_INITRD') == 1,
2228
894
         install_dir : rootlibexecdir)
2229
895
 
2230
896
@@ -3309,7 +3310,7 @@ executable(
2231
897
         'src/cgroups-agent/cgroups-agent.c',
2232
898
         include_directories : includes,
2233
899
         link_with : [libshared],
2234
900
-        install_rpath : rootlibexecdir,
2235
901
+        install_rpath : rootpkglibdir,
2236
902
         install : true,
2237
903
         install_dir : rootlibexecdir)
2238
904
 
2239
905
@@ -3318,7 +3319,7 @@ systemd_id128 = executable(
2240
906
         'src/id128/id128.c',
2241
907
         include_directories : includes,
2242
908
         link_with : [libshared],
2243
909
-        install_rpath : rootlibexecdir,
2244
910
+        install_rpath : rootpkglibdir,
2245
911
         install : true)
2246
912
 public_programs += systemd_id128
2247
913
 
2248
914
@@ -3335,7 +3336,7 @@ public_programs += executable(
2249
915
         'src/path/path.c',
2250
916
         include_directories : includes,
2251
917
         link_with : [libshared],
2252
918
-        install_rpath : rootlibexecdir,
2253
919
+        install_rpath : rootpkglibdir,
2254
920
         install : true)
2255
921
 
2256
922
 public_programs += executable(
2257
923
@@ -3343,7 +3344,7 @@ public_programs += executable(
2258
924
         'src/ask-password/ask-password.c',
2259
925
         include_directories : includes,
2260
926
         link_with : [libshared],
2261
927
-        install_rpath : rootlibexecdir,
2262
928
+        install_rpath : rootpkglibdir,
2263
929
         install : true,
2264
930
         install_dir : rootbindir)
2265
931
 
2266
932
@@ -3352,7 +3353,7 @@ executable(
2267
933
         'src/reply-password/reply-password.c',
2268
934
         include_directories : includes,
2269
935
         link_with : [libshared],
2270
936
-        install_rpath : rootlibexecdir,
2271
937
+        install_rpath : rootpkglibdir,
2272
938
         install : true,
2273
939
         install_dir : rootlibexecdir)
2274
940
 
2275
941
@@ -3361,7 +3362,7 @@ public_programs += executable(
2276
942
         'src/tty-ask-password-agent/tty-ask-password-agent.c',
2277
943
         include_directories : includes,
2278
944
         link_with : [libshared],
2279
945
-        install_rpath : rootlibexecdir,
2280
946
+        install_rpath : rootpkglibdir,
2281
947
         install : true,
2282
948
         install_dir : rootbindir)
2283
949
 
2284
950
@@ -3370,7 +3371,7 @@ public_programs += executable(
2285
951
         'src/cgls/cgls.c',
2286
952
         include_directories : includes,
2287
953
         link_with : [libshared],
2288
954
-        install_rpath : rootlibexecdir,
2289
955
+        install_rpath : rootpkglibdir,
2290
956
         install : true)
2291
957
 
2292
958
 public_programs += executable(
2293
959
@@ -3378,7 +3379,7 @@ public_programs += executable(
2294
960
         'src/cgtop/cgtop.c',
2295
961
         include_directories : includes,
2296
962
         link_with : [libshared],
2297
963
-        install_rpath : rootlibexecdir,
2298
964
+        install_rpath : rootpkglibdir,
2299
965
         install : true)
2300
966
 
2301
967
 executable(
2302
968
@@ -3386,7 +3387,7 @@ executable(
2303
969
         'src/initctl/initctl.c',
2304
970
         include_directories : includes,
2305
971
         link_with : [libshared],
2306
972
-        install_rpath : rootlibexecdir,
2307
973
+        install_rpath : rootpkglibdir,
2308
974
         install : (conf.get('HAVE_SYSV_COMPAT') == 1),
2309
975
         install_dir : rootlibexecdir)
2310
976
 
2311
977
@@ -3396,7 +3397,7 @@ public_programs += executable(
2312
978
         include_directories : includes,
2313
979
         link_with : [libshared],
2314
980
         dependencies: [libmount],
2315
981
-        install_rpath : rootlibexecdir,
2316
982
+        install_rpath : rootpkglibdir,
2317
983
         install : true)
2318
984
 
2319
985
 meson.add_install_script(meson_make_symlink,
2320
986
@@ -3407,7 +3408,7 @@ public_programs += executable(
2321
987
         'src/run/run.c',
2322
988
         include_directories : includes,
2323
989
         link_with : [libshared],
2324
990
-        install_rpath : rootlibexecdir,
2325
991
+        install_rpath : rootpkglibdir,
2326
992
         install : true)
2327
993
 
2328
994
 public_programs += executable(
2329
995
@@ -3416,7 +3417,7 @@ public_programs += executable(
2330
996
         include_directories : includes,
2331
997
         link_with : [libshared],
2332
998
         dependencies : [versiondep],
2333
999
-        install_rpath : rootlibexecdir,
2334
1000
+        install_rpath : rootpkglibdir,
2335
1001
         install : true)
2336
1002
 
2337
1003
 public_programs += executable(
2338
1004
@@ -3425,7 +3426,7 @@ public_programs += executable(
2339
1005
         include_directories : includes,
2340
1006
         link_with : [libshared],
2341
1007
         dependencies : [versiondep],
2342
1008
-        install_rpath : rootlibexecdir,
2343
1009
+        install_rpath : rootpkglibdir,
2344
1010
         install : true)
2345
1011
 
2346
1012
 if enable_sysusers
2347
1013
@@ -3434,7 +3435,7 @@ if enable_sysusers
2348
1014
                 'src/sysusers/sysusers.c',
2349
1015
                 include_directories : includes,
2350
1016
                 link_with : [libshared],
2351
1017
-                install_rpath : rootlibexecdir,
2352
1018
+                install_rpath : rootpkglibdir,
2353
1019
                 install : true,
2354
1020
                 install_dir : rootbindir)
2355
1021
         public_programs += exe
2356
1022
@@ -3476,7 +3477,7 @@ if conf.get('ENABLE_TMPFILES') == 1
2357
1023
                 include_directories : includes,
2358
1024
                 link_with : [libshared],
2359
1025
                 dependencies : [libacl],
2360
1026
-                install_rpath : rootlibexecdir,
2361
1027
+                install_rpath : rootpkglibdir,
2362
1028
                 install : true,
2363
1029
                 install_dir : rootbindir)
2364
1030
         public_programs += exe
2365
1031
@@ -3538,7 +3539,7 @@ if conf.get('ENABLE_QUOTACHECK') == 1
2366
1032
                 'src/quotacheck/quotacheck.c',
2367
1033
                 include_directories : includes,
2368
1034
                 link_with : [libshared],
2369
1035
-                install_rpath : rootlibexecdir,
2370
1036
+                install_rpath : rootpkglibdir,
2371
1037
                 install : true,
2372
1038
                 install_dir : rootlibexecdir)
2373
1039
 endif
2374
1040
@@ -3549,7 +3550,7 @@ public_programs += executable(
2375
1041
         include_directories : includes,
2376
1042
         link_with : [libshared],
2377
1043
         dependencies : [threads],
2378
1044
-        install_rpath : rootlibexecdir,
2379
1045
+        install_rpath : rootpkglibdir,
2380
1046
         install : true,
2381
1047
         install_dir : rootlibexecdir)
2382
1048
 
2383
1049
@@ -3578,7 +3579,7 @@ if conf.get('ENABLE_REPART') == 1
2384
1050
                 dependencies : [threads,
2385
1051
                                 libblkid,
2386
1052
                                 libfdisk],
2387
1053
-                install_rpath : rootlibexecdir,
2388
1054
+                install_rpath : rootpkglibdir,
2389
1055
                 install : true,
2390
1056
                 install_dir : rootbindir)
2391
1057
         public_programs += exe
2392
1058
@@ -3596,7 +3597,7 @@ executable(
2393
1059
         include_directories : includes,
2394
1060
         link_with : [libshared],
2395
1061
         dependencies : [libmount],
2396
1062
-        install_rpath : rootlibexecdir,
2397
1063
+        install_rpath : rootpkglibdir,
2398
1064
         install : true,
2399
1065
         install_dir : rootlibexecdir)
2400
1066
 
2401
1067
@@ -3605,7 +3606,7 @@ executable(
2402
1068
         'src/update-done/update-done.c',
2403
1069
         include_directories : includes,
2404
1070
         link_with : [libshared],
2405
1071
-        install_rpath : rootlibexecdir,
2406
1072
+        install_rpath : rootpkglibdir,
2407
1073
         install : true,
2408
1074
         install_dir : rootlibexecdir)
2409
1075
 
2410
1076
@@ -3615,7 +3616,7 @@ executable(
2411
1077
         include_directories : includes,
2412
1078
         link_with : [libshared],
2413
1079
         dependencies : [libaudit],
2414
1080
-        install_rpath : rootlibexecdir,
2415
1081
+        install_rpath : rootpkglibdir,
2416
1082
         install : (conf.get('ENABLE_UTMP') == 1),
2417
1083
         install_dir : rootlibexecdir)
2418
1084
 
2419
1085
@@ -3626,7 +3627,7 @@ if conf.get('HAVE_KMOD') == 1
2420
1086
                 include_directories : includes,
2421
1087
                 link_with : [libshared],
2422
1088
                 dependencies : [libkmod],
2423
1089
-                install_rpath : rootlibexecdir,
2424
1090
+                install_rpath : rootpkglibdir,
2425
1091
                 install : true,
2426
1092
                 install_dir : rootlibexecdir)
2427
1093
 
2428
1094
@@ -3646,7 +3647,7 @@ public_programs += executable(
2429
1095
                      libshared],
2430
1096
         dependencies : [libblkid,
2431
1097
                         libseccomp],
2432
1098
-        install_rpath : rootlibexecdir,
2433
1099
+        install_rpath : rootpkglibdir,
2434
1100
         install : true)
2435
1101
 
2436
1102
 if conf.get('ENABLE_NETWORKD') == 1
2437
1103
@@ -3658,7 +3659,7 @@ if conf.get('ENABLE_NETWORKD') == 1
2438
1104
                              libsystemd_network,
2439
1105
                              networkd_link_with],
2440
1106
                 dependencies : [threads],
2441
1107
-                install_rpath : rootlibexecdir,
2442
1108
+                install_rpath : rootpkglibdir,
2443
1109
                 install : true,
2444
1110
                 install_dir : rootlibexecdir)
2445
1111
 
2446
1112
@@ -3667,7 +3668,7 @@ if conf.get('ENABLE_NETWORKD') == 1
2447
1113
                 systemd_networkd_wait_online_sources,
2448
1114
                 include_directories : includes,
2449
1115
                 link_with : [networkd_link_with],
2450
1116
-                install_rpath : rootlibexecdir,
2451
1117
+                install_rpath : rootpkglibdir,
2452
1118
                 install : true,
2453
1119
                 install_dir : rootlibexecdir)
2454
1120
 
2455
1121
@@ -3677,7 +3678,7 @@ if conf.get('ENABLE_NETWORKD') == 1
2456
1122
                 include_directories : libsystemd_network_includes,
2457
1123
                 link_with : [libsystemd_network,
2458
1124
                              networkd_link_with],
2459
1125
-                install_rpath : rootlibexecdir,
2460
1126
+                install_rpath : rootpkglibdir,
2461
1127
                 install : true,
2462
1128
                 install_dir : rootbindir)
2463
1129
 endif
2464
1130
@@ -3687,7 +3688,7 @@ exe = executable(
2465
1131
         network_generator_sources,
2466
1132
         include_directories : includes,
2467
1133
         link_with : [networkd_link_with],
2468
1134
-        install_rpath : rootlibexecdir,
2469
1135
+        install_rpath : rootpkglibdir,
2470
1136
         install : true,
2471
1137
         install_dir : rootlibexecdir)
2472
1138
 
2473
1139
@@ -3704,7 +3705,7 @@ executable(
2474
1140
         'src/sulogin-shell/sulogin-shell.c',
2475
1141
         include_directories : includes,
2476
1142
         link_with : [libshared],
2477
1143
-        install_rpath : rootlibexecdir,
2478
1144
+        install_rpath : rootpkglibdir,
2479
1145
         install : true,
2480
1146
         install_dir : rootlibexecdir)
2481
1147
 
2482
1148
@@ -3767,7 +3768,7 @@ foreach tuple : tests
2483
1149
                                         dependencies],
2484
1150
                         c_args : defs,
2485
1151
                         build_by_default : want_tests != 'false',
2486
1152
-                        install_rpath : rootlibexecdir,
2487
1153
+                        install_rpath : rootpkglibdir,
2488
1154
                         install : install_tests,
2489
1155
                         install_dir : testsdir / type,
2490
1156
                         link_depends : runtest_env)
2491
1157
diff --git a/src/core/meson.build b/src/core/meson.build
2492
1158
index 9efa542..162090a 100644
2493
1159
--- a/src/core/meson.build
2494
1160
+++ b/src/core/meson.build
2495
1161
@@ -202,7 +202,7 @@ libcore = shared_library(
2496
1162
                         libblkid,
2497
1163
                         libacl],
2498
1164
         install : true,
2499
1165
-        install_dir : rootlibexecdir)
2500
1166
+        install_dir : rootpkglibdir)
2501
1167
 
2502
1168
 core_includes = [includes, include_directories('.')]
2503
1169
 
2504
1170
diff --git a/src/nspawn/nspawn-util.c b/src/nspawn/nspawn-util.c
2505
1171
index 402554f..830ac39 100644
2506
1172
--- a/src/nspawn/nspawn-util.c
2507
1173
+++ b/src/nspawn/nspawn-util.c
2508
1174
@@ -20,9 +20,12 @@ int systemd_installation_has_version(const char *root, const char *minimal_versi
2509
1175
                        /* /lib works for systems without usr-merge, and for systems with a sane
2510
1176
                         * usr-merge, where /lib is a symlink to /usr/lib. /usr/lib is necessary
2511
1177
                         * for Gentoo which does a merge without making /lib a symlink.
2512
1178
+                        * Also support multiarch paths von Debian/Ubuntu; *-linux-* is a small
2513
1179
+                        * optimization based on the naming scheme of existing multiarch tuples.
2514
1180
                         */
2515
1181
                        "/lib/systemd/libsystemd-shared-*.so",
2516
1182
                        "/lib64/systemd/libsystemd-shared-*.so",
2517
1183
+                       "/usr/lib/*-linux-*/systemd/libsystemd-shared-*.so",
2518
1184
                        "/usr/lib/systemd/libsystemd-shared-*.so",
2519
1185
                        "/usr/lib64/systemd/libsystemd-shared-*.so") {
2520
1186
 
2521
1187
@@ -47,7 +50,7 @@ int systemd_installation_has_version(const char *root, const char *minimal_versi
2522
1188
                         /* This is most likely to run only once, hence let's not optimize anything. */
2523
1189
                         char *t, *t2;
2524
1190
 
2525
1191
-                        t = startswith(*name, path);
2526
1192
+                        t = startswith(basename(*name), "libsystemd-shared-");
2527
1193
                         if (!t)
2528
1194
                                 continue;
2529
1195
 
2530
1196
diff --git a/src/shared/meson.build b/src/shared/meson.build
2531
1197
index 1d4e4a0..363693d 100644
2532
1198
--- a/src/shared/meson.build
2533
1199
+++ b/src/shared/meson.build
2534
1200
@@ -483,4 +483,4 @@ libshared = shared_library(
2535
1201
                       libsystemd_static],
2536
1202
         dependencies : libshared_deps,
2537
1203
         install : true,
2538
1204
-        install_dir : rootlibexecdir)
2539
1205
+        install_dir : rootpkglibdir)
2540
1206
diff --git a/src/udev/meson.build b/src/udev/meson.build
2541
1207
index 79964a7..c6711be 100644
2542
1208
--- a/src/udev/meson.build
2543
1209
+++ b/src/udev/meson.build
2544
1210
@@ -100,7 +100,7 @@ link_config_gperf_c = custom_target(
2545
1211
 
2546
1212
 if get_option('link-udev-shared')
2547
1213
         udev_link_with = [libshared]
2548
1214
-        udev_rpath = rootlibexecdir
2549
1215
+        udev_rpath = rootpkglibdir
2550
1216
 else
2551
1217
         udev_link_with = [libshared_static,
2552
1218
                           libsystemd_static]
2553
diff --git a/debian/patches/series b/debian/patches/series
2554
index 4b00a36..7c6674d 100644
2555
--- a/debian/patches/series
2556
+++ b/debian/patches/series
2557
@@ -1,5 +1,7 @@
2558
1
Do-not-require-a-valid-version-when-parsing-sd-boot-loade.patch
1
Do-not-require-a-valid-version-when-parsing-sd-boot-loade.patch
2560
2
sha256-fix-compilation-on-efi-ia32.patch
2
Move-homectl-and-userdbctl-to-bindir.patch
2561
3
meson-install-libsystemd-shared-into-rootpkglibdir.patch
2562
4
shellcheck-clean-kernel-install-again.patch
2563
3
debian/Use-Debian-specific-config-files.patch
5
debian/Use-Debian-specific-config-files.patch
2564
4
debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch
6
debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch
2565
5
debian/Make-run-lock-tmpfs-an-API-fs.patch
7
debian/Make-run-lock-tmpfs-an-API-fs.patch
2566
@@ -41,13 +43,10 @@ lp1950794-Revert-sd-dhcp-do-not-use-detect_container-to-guess-.patch
2567
41
0001-Revert-tests-add-test-case-for-UMask-BindPaths-combi.patch
43
0001-Revert-tests-add-test-case-for-UMask-BindPaths-combi.patch
2568
42
deny-list-TEST-55-OOMD-on-ppc64el.patch
44
deny-list-TEST-55-OOMD-on-ppc64el.patch
2569
43
debian/UBUNTU-Don-t-override-Ubuntu-s-default-sysctl-values-LP-1962038.patch
45
debian/UBUNTU-Don-t-override-Ubuntu-s-default-sysctl-values-LP-1962038.patch
2570
44
lp1979215-boot-efi-missing-.note.GNU-stack-section-implies-executab.patch
2571
45
lp1979236-boot-efi-set-no-warn-rwx-segments-on-arm.patch
2572
46
lp1978079-pstore-Run-after-modules-are-loaded.patch
46
lp1978079-pstore-Run-after-modules-are-loaded.patch
2573
47
sd-hwdb-add-sd_hwdb_new_from_path.patch
47
sd-hwdb-add-sd_hwdb_new_from_path.patch
2574
48
hwdb-implement-root-option-for-systemd-hwdb-query.patch
48
hwdb-implement-root-option-for-systemd-hwdb-query.patch
2575
49
test-increase-QEMU_MEM-for-some-tests.patch
49
test-increase-QEMU_MEM-for-some-tests.patch
2576
50
test-copy-libgcc_s.so.1-to-TPM2-test-image-on-Debian-like.patch
50
test-copy-libgcc_s.so.1-to-TPM2-test-image-on-Debian-like.patch
2577
51
units-remove-the-restart-limit-on-the-modprobe-.service.patch
2578
52
lp1981042-core-firstboot-workaround-timezone-issues-caused-by-Ubunt.patch
51
lp1981042-core-firstboot-workaround-timezone-issues-caused-by-Ubunt.patch
2580
53
glibc-Remove-include-linux-fs.h-to-resolve-fsconfig_comma.patch
52
test-denylist-TEST-29-PORTABLE-again.patch
2581
diff --git a/debian/patches/sha256-fix-compilation-on-efi-ia32.patch b/debian/patches/sha256-fix-compilation-on-efi-ia32.patch
2582
54
deleted file mode 100644
53
deleted file mode 100644
2583
index 9d0494a..0000000
2584
--- a/debian/patches/sha256-fix-compilation-on-efi-ia32.patch
2585
+++ /dev/null
2586
@@ -1,39 +0,0 @@
2587
1
From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
2588
2
Date: Fri, 3 Jun 2022 09:32:02 +0200
2589
3
Subject: sha256: fix compilation on efi-ia32
2590
4
MIME-Version: 1.0
2591
5
Content-Type: text/plain; charset="utf-8"
2592
6
Content-Transfer-Encoding: 8bit
2593
7
2594
8
/usr/bin/gcc -c ../src/fundamental/sha256.c -o src/boot/efi/sha256.c.o -Wno-format-signedness -Wno-missing-field-initializers -Wno-unused-parameter -Wdate-time -Wendif-labels -Werror=format=2 -Werror=implicit-function-declaration -Werror=incompatible-pointer-types -Werror=int-conversion -Werror=overflow -Werror=override-init -Werror=return-type -Werror=shift-count-overflow -Werror=shift-overflow=2 -Werror=undef -Wfloat-equal -Wimplicit-fallthrough=5 -Winit-self -Wlogical-op -Wmissing-include-dirs -Wmissing-noreturn -Wnested-externs -Wold-style-definition -Wpointer-arith -Wredundant-decls -Wshadow -Wstrict-aliasing=2 -Wstrict-prototypes -Wsuggest-attribute=noreturn -Wunused-function -Wwrite-strings -Wno-unused-result -fno-stack-protector -fno-strict-aliasing -fpic -fwide-exec-charset=UCS2 -Wall -Wextra -Wsign-compare -nostdlib -std=gnu99 -ffreestanding -fshort-wchar -fvisibility=hidden -isystem /usr/include/efi -isystem /usr/include/efi/ia32 -I /builddir/build/BUILD/systemd-stable-250.7/src/fundamental -DSD_BOOT -DGNU_EFI_USE_MS_ABI -include src/boot/efi/efi_config.h -include version.h -mno-sse -mno-mmx -flto -O2 -flto=auto
2595
9
../src/fundamental/sha256.c: In function ‘sha256_finish_ctx’:
2596
10
../src/fundamental/sha256.c:61:25: error: ‘false’ undeclared (first use in this function)
2597
11
   61 | # define UNALIGNED_P(p) false
2598
12
      |                         ^~~~~
2599
13
../src/fundamental/sha256.c:136:21: note: in expansion of macro ‘UNALIGNED_P’
2600
14
  136 |                 if (UNALIGNED_P(resbuf))
2601
15
      |                     ^~~~~~~~~~~
2602
16
../src/fundamental/sha256.c:32:1: note: ‘false’ is defined in header ‘<stdbool.h>’; did you forget to ‘#include <stdbool.h>’?
2603
17
   31 | #include "sha256.h"
2604
18
  +++ |+#include <stdbool.h>
2605
19
   32 |
2606
20
...
2607
21
2608
22
(cherry picked from commit 38c87ca2ab96d085158485ecfc46c7cb6af0f166)
2609
23
---
2610
24
 src/fundamental/sha256.c | 2 +-
2611
25
 1 file changed, 1 insertion(+), 1 deletion(-)
2612
26
2613
27
diff --git a/src/fundamental/sha256.c b/src/fundamental/sha256.c
2614
28
index cd16aec..58b1a80 100644
2615
29
--- a/src/fundamental/sha256.c
2616
30
+++ b/src/fundamental/sha256.c
2617
31
@@ -58,7 +58,7 @@
2618
32
 #  define UNALIGNED_P(p) (((size_t) p) % sizeof(uint32_t) != 0)
2619
33
 # endif
2620
34
 #else
2621
35
-# define UNALIGNED_P(p) false
2622
36
+# define UNALIGNED_P(p) sd_false
2623
37
 #endif
2624
38
 
2625
39
 /* This array contains the bytes used to pad the buffer to the next
2626
diff --git a/debian/patches/shellcheck-clean-kernel-install-again.patch b/debian/patches/shellcheck-clean-kernel-install-again.patch
2627
40
new file mode 100644
0
new file mode 100644
2628
index 0000000..ff3d498
2629
--- /dev/null
2630
+++ b/debian/patches/shellcheck-clean-kernel-install-again.patch
2631
@@ -0,0 +1,46 @@
2632
1
From: =?utf-8?b?0L3QsNCx?= <nabijaczleweli@nabijaczleweli.xyz>
2633
2
Date: Sun, 22 May 2022 22:09:23 +0200
2634
3
Subject: shellcheck-clean kernel-install again
2635
4
2636
5
(cherry picked from commit 35339eb88c72f30204589101765a0bca5424e253)
2637
6
---
2638
7
 src/kernel-install/kernel-install.in | 5 ++++-
2639
8
 1 file changed, 4 insertions(+), 1 deletion(-)
2640
9
2641
10
diff --git a/src/kernel-install/kernel-install.in b/src/kernel-install/kernel-install.in
2642
11
index cf1b81b..c6965ee 100755
2643
12
--- a/src/kernel-install/kernel-install.in
2644
13
+++ b/src/kernel-install/kernel-install.in
2645
14
@@ -115,6 +115,7 @@ fi
2646
15
 
2647
16
 if [ -n "$install_conf" ]; then
2648
17
     [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Reading $install_conf…"
2649
18
+    # shellcheck source=/dev/null
2650
19
     . "$install_conf"
2651
20
     # FIXME: This may override configuration in environment variables, e.g. $BOOT_ROOT.
2652
21
 fi
2653
22
@@ -133,6 +134,7 @@ fi
2654
23
 # generated one. If the user configured an explicit machine ID to use in
2655
24
 # /etc/machine-info to use for our purpose, we'll use that instead (for
2656
25
 # compatibility).
2657
26
+# shellcheck source=/dev/null
2658
27
 if [ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"; then
2659
28
     [ -n "$MACHINE_ID" ] && [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
2660
29
         echo "machine-id $MACHINE_ID acquired from /etc/machine-info"
2661
30
@@ -160,6 +162,7 @@ if [ -z "$ENTRY_TOKEN" ]; then
2662
31
     # the IMAGE_ID= and ID= fields from /etc/os-release and finally the fixed
2663
32
     # string "Default"
2664
33
     ENTRY_TOKEN_SEARCH="$MACHINE_ID"
2665
34
+    # shellcheck source=/dev/null
2666
35
     [ -r /etc/os-release ] && . /etc/os-release
2667
36
     [ -n "$IMAGE_ID" ] && ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH $IMAGE_ID"
2668
37
     [ -n "$ID" ] && ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH $ID"
2669
38
@@ -294,7 +297,7 @@ PLUGINS="$(
2670
39
 IFS="
2671
40
 "
2672
41
 
2673
42
-[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo -e "Plugin files:\n$PLUGINS"
2674
43
+[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && printf '%s\n' "Plugin files:" "$PLUGINS"
2675
44
 
2676
45
 case "$COMMAND" in
2677
46
     add)
2678
diff --git a/debian/patches/test-denylist-TEST-29-PORTABLE-again.patch b/debian/patches/test-denylist-TEST-29-PORTABLE-again.patch
2679
0
new file mode 100644
47
new file mode 100644
2680
index 0000000..5a97810
2681
--- /dev/null
2682
+++ b/debian/patches/test-denylist-TEST-29-PORTABLE-again.patch
2683
@@ -0,0 +1,18 @@
2684
1
From: Nick Rosbrook <nick.rosbrook@canonical.com>
2685
2
Date: Tue, 16 Aug 2022 17:38:36 -0400
2686
3
Subject: test: denylist TEST-29-PORTABLE again
2687
4
2688
5
Bug: https://github.com/systemd/systemd/issues/24147
2689
6
2690
7
---
2691
8
 test/TEST-29-PORTABLE/deny-list-upstream-ci | 1 +
2692
9
 1 file changed, 1 insertion(+)
2693
10
 create mode 100644 test/TEST-29-PORTABLE/deny-list-upstream-ci
2694
11
2695
12
diff --git a/test/TEST-29-PORTABLE/deny-list-upstream-ci b/test/TEST-29-PORTABLE/deny-list-upstream-ci
2696
13
new file mode 100644
2697
14
index 0000000..89e1567
2698
15
--- /dev/null
2699
16
+++ b/test/TEST-29-PORTABLE/deny-list-upstream-ci
2700
17
@@ -0,0 +1 @@
2701
18
+# Flaky test tracked in https://github.com/systemd/systemd/issues/24147
2702
diff --git a/debian/patches/units-remove-the-restart-limit-on-the-modprobe-.service.patch b/debian/patches/units-remove-the-restart-limit-on-the-modprobe-.service.patch
2703
0
deleted file mode 100644
19
deleted file mode 100644
2704
index f8668f9..0000000
2705
--- a/debian/patches/units-remove-the-restart-limit-on-the-modprobe-.service.patch
2706
+++ /dev/null
2707
@@ -1,33 +0,0 @@
2708
1
From: Alban Bedel <alban.bedel@aerq.com>
2709
2
Date: Wed, 15 Jun 2022 13:12:46 +0200
2710
3
Subject: units: remove the restart limit on the modprobe@.service
2711
4
2712
5
They are various cases where the same module might be repeatedly
2713
6
loaded in a short time frame, for example if a service depending on a
2714
7
module keep restarting, or if many instances of such service get
2715
8
started at the same time. If this happend the modprobe@.service
2716
9
instance will be marked as failed because it hit the restart limit.
2717
10
2718
11
Overall it doesn't seems to make much sense to have a restart limit on
2719
12
the modprobe service so just disable it.
2720
13
2721
14
Fixes: #23742
2722
15
---
2723
16
Origin: upstream, https://github.com/systemd/systemd/commit/9625350e5381a68c1179ae4581e7586c206663e1
2724
17
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1982462
2725
18
---
2726
19
 units/modprobe@.service | 1 +
2727
20
 1 file changed, 1 insertion(+)
2728
21
2729
22
diff --git a/units/modprobe@.service b/units/modprobe@.service
2730
23
index cf8baf6..85a2c08 100644
2731
24
--- a/units/modprobe@.service
2732
25
+++ b/units/modprobe@.service
2733
26
@@ -13,6 +13,7 @@ DefaultDependencies=no
2734
27
 Before=sysinit.target
2735
28
 Documentation=man:modprobe(8)
2736
29
 ConditionCapability=CAP_SYS_MODULE
2737
30
+StartLimitIntervalSec=0
2738
31
 
2739
32
 [Service]
2740
33
 Type=oneshot
2741
diff --git a/debian/rules b/debian/rules
2742
index 957f0c3..e47607a 100755
2743
--- a/debian/rules
2744
+++ b/debian/rules
2745
@@ -75,8 +75,6 @@ CONFFLAGS = \
2746
75
	-Dsysupdate=false \
75
	-Dsysupdate=false \
2747
76
	-Dxkbcommon=false \
76
	-Dxkbcommon=false \
2748
77
	-Dwheel-group=false \
77
	-Dwheel-group=false \
2749
78
	-Duserdb=false \
2750
79
	-Dhomed=false \
2751
80
	-Dpwquality=false \
78
	-Dpwquality=false \
2752
81
	-Dp11kit=false \
79
	-Dp11kit=false \
2753
82
	-Doomd=true \
80
	-Doomd=true \
2754
@@ -103,7 +101,7 @@ CONFFLAGS = \
2755
103
	-Dinstall-tests=$(if $(filter noinsttest,$(DEB_BUILD_PROFILES)),false,true) \
101
	-Dinstall-tests=$(if $(filter noinsttest,$(DEB_BUILD_PROFILES)),false,true) \
2756
104
	-Dlibcryptsetup-plugins=false \
102
	-Dlibcryptsetup-plugins=false \
2757
105
	-Defi=true \
103
	-Defi=true \
2759
106
	-Dman=true \
104
	-Dman=$(if $(filter nodoc,$(DEB_BUILD_PROFILES)),false,true) \
2760
107
	-Dtranslations=true \
105
	-Dtranslations=true \
2761
108
	-Dnss-myhostname=true \
106
	-Dnss-myhostname=true \
2762
109
	-Dnss-mymachines=true \
107
	-Dnss-mymachines=true \
2763
@@ -129,6 +127,8 @@ CONFFLAGS += \
2764
129
	-Ddns-over-tls=openssl \
127
	-Ddns-over-tls=openssl \
2765
130
	-Dlibfido2=true \
128
	-Dlibfido2=true \
2766
131
	-Dtpm2=$(if $(filter i386,$(DEB_HOST_ARCH)),false,true) \
129
	-Dtpm2=$(if $(filter i386,$(DEB_HOST_ARCH)),false,true) \
2767
130
	-Dhomed=true \
2768
131
	-Duserdb=true \
2769
132
	-Dpcre2=true
132
	-Dpcre2=true
2770
133
else
133
else
2771
134
CONFFLAGS += \
134
CONFFLAGS += \
2772
@@ -145,41 +145,46 @@ CONFFLAGS += \
2773
145
	-Dopenssl=false \
145
	-Dopenssl=false \
2774
146
	-Dlibfido2=false \
146
	-Dlibfido2=false \
2775
147
	-Dtpm2=false \
147
	-Dtpm2=false \
2776
148
	-Dhomed=false \
2777
149
	-Duserdb=false \
2778
148
	-Dpcre2=false
150
	-Dpcre2=false
2779
149
endif
151
endif
2780
150
152
2781
151
override_dh_auto_configure:
153
override_dh_auto_configure:
2783
152
	dh_auto_configure --builddirectory=build-deb \
154
	dh_auto_configure \
2784
153
		-- $(CONFFLAGS) $(CONFFLAGS_DISTRO) $(CONFFLAGS_UPSTREAM)
155
		-- $(CONFFLAGS) $(CONFFLAGS_DISTRO) $(CONFFLAGS_UPSTREAM)
2785
154
156
2787
155
override_dh_auto_build:
157
execute_before_dh_auto_build:
2788
156
	# blhc false positives: C++ fuzz test program, cc -E flags listing, PE-COFF EFI binaries
158
	# blhc false positives: C++ fuzz test program, cc -E flags listing, PE-COFF EFI binaries
2789
157
	@echo 'blhc: ignore-line-regexp: .* -o test-bus-vtable-cc.*'
159
	@echo 'blhc: ignore-line-regexp: .* -o test-bus-vtable-cc.*'
2790
158
	@echo 'blhc: ignore-line-regexp: .*cc -E.*'
160
	@echo 'blhc: ignore-line-regexp: .*cc -E.*'
2791
159
	@echo 'blhc: ignore-line-regexp: .* -o src/boot/efi.*'
161
	@echo 'blhc: ignore-line-regexp: .* -o src/boot/efi.*'
2793
160
	dh_auto_build --builddirectory=build-deb
162
2794
163
execute_after_dh_auto_build:
2795
161
	# generate POT file for translators
164
	# generate POT file for translators
2797
162
	ninja -C build-deb/ systemd-pot
165
	ninja -C obj-$(DEB_HOST_GNU_TYPE) systemd-pot
2798
163
166
2801
164
override_dh_auto_install:
167
execute_after_dh_auto_install:
2800
165
	dh_auto_install --builddirectory=build-deb
2802
166
	# fix paths in manpages; manually check the remaining /usr occurrences
168
	# fix paths in manpages; manually check the remaining /usr occurrences
2803
167
	# occasionally, with filtering out paths which are known to be in /usr:
169
	# occasionally, with filtering out paths which are known to be in /usr:
2804
168
	# grep -r /usr debian/tmp/usr/share/man/|egrep -v '/usr/local|os.*release|factory|zoneinfo|tmpfiles|kernel|foo|machines|sysctl|dbus|include|binfmt'
170
	# grep -r /usr debian/tmp/usr/share/man/|egrep -v '/usr/local|os.*release|factory|zoneinfo|tmpfiles|kernel|foo|machines|sysctl|dbus|include|binfmt'
2806
169
	find debian/tmp/usr/share/man/ -type f | xargs sed -ri 's_/usr(/lib/systemd/system|/lib/systemd/network|/lib/udev|/lib[^/]|/lib/[^a-z])_\1_g'
171
	if test -d debian/tmp/usr/share/man; then \
2807
172
		find debian/tmp/usr/share/man/ -type f | xargs sed -ri 's_/usr(/lib/systemd/system|/lib/systemd/network|/lib/udev|/lib[^/]|/lib/[^a-z])_\1_g'; \
2808
173
	fi
2809
170
174
2811
171
override_dh_auto_clean:
175
execute_before_dh_auto_clean:
2812
172
ifneq (, $(TEST_UPSTREAM))
176
ifneq (, $(TEST_UPSTREAM))
2813
173
	debian/extra/checkout-upstream
177
	debian/extra/checkout-upstream
2814
174
endif
178
endif
2816
175
	dh_auto_clean --builddirectory=build-deb
179
2817
180
execute_after_dh_auto_clean:
2818
176
	rm -f debian/shlibs.local
181
	rm -f debian/shlibs.local
2819
177
	# remove Python byte code files
182
	# remove Python byte code files
2820
178
	rm -rf tools/__pycache__/
183
	rm -rf tools/__pycache__/
2821
179
	rm -rf tools/chromiumos/__pycache__/
184
	rm -rf tools/chromiumos/__pycache__/
2822
180
	rm -f po/systemd.pot
185
	rm -f po/systemd.pot
2823
181
186
2825
182
override_dh_install:
187
execute_before_dh_install:
2826
183
	# remove unnecessary / unused files
188
	# remove unnecessary / unused files
2827
184
	rm -rf debian/tmp/usr/share/doc/systemd/LICENSES/
189
	rm -rf debian/tmp/usr/share/doc/systemd/LICENSES/
2828
185
	rm -f debian/tmp/usr/share/doc/systemd/LICENSE.*
190
	rm -f debian/tmp/usr/share/doc/systemd/LICENSE.*
2829
@@ -202,21 +207,14 @@ override_dh_install:
2830
202
	rm -rf debian/tmp/usr/share/factory/
207
	rm -rf debian/tmp/usr/share/factory/
2831
203
	# replace upstream sysusers.d/basic.conf with proper users for Debian
208
	# replace upstream sysusers.d/basic.conf with proper users for Debian
2832
204
	debian/extra/make-sysusers-basic > debian/tmp/usr/lib/sysusers.d/basic.conf
209
	debian/extra/make-sysusers-basic > debian/tmp/usr/lib/sysusers.d/basic.conf
2833
205
	# remove resolvconf compat symlink
2834
206
	rm -f debian/tmp/sbin/resolvconf
2835
207
	# remove obsolete compat symlink
210
	# remove obsolete compat symlink
2836
208
	rm -f debian/tmp/usr/bin/systemd-resolve
211
	rm -f debian/tmp/usr/bin/systemd-resolve
2837
209
	# do not create a potentially broken /etc/resolv.conf symlink
2838
210
	# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007018
2839
211
	rm -f debian/tmp/usr/lib/tmpfiles.d/systemd-resolve.conf
2840
212
2841
213
	dh_install
2842
214
212
2844
215
	# install standalone binaries and manpages
213
execute_after_dh_install:
2845
214
	# install standalone binaries
2846
216
	for pkg in sysusers tmpfiles; do \
215
	for pkg in sysusers tmpfiles; do \
2848
217
		mkdir -p debian/systemd-standalone-$$pkg/bin debian/systemd-standalone-$$pkg/usr/share/man/man8; \
216
		mkdir -p debian/systemd-standalone-$$pkg/bin; \
2849
218
		mv debian/systemd/bin/systemd-$$pkg.standalone debian/systemd-standalone-$$pkg/bin/systemd-$$pkg; \
217
		mv debian/systemd/bin/systemd-$$pkg.standalone debian/systemd-standalone-$$pkg/bin/systemd-$$pkg; \
2850
219
		cp debian/tmp/usr/share/man/man8/systemd-$$pkg.8 debian/systemd-standalone-$$pkg/usr/share/man/man8/; \
2851
220
	done
218
	done
2852
221
219
2853
222
	# we don't want /tmp to be a tmpfs by default
220
	# we don't want /tmp to be a tmpfs by default
2854
@@ -226,7 +224,7 @@ override_dh_install:
2855
226
224
2856
227
	# files shipped by cryptsetup
225
	# files shipped by cryptsetup
2857
228
ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES)))
226
ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES)))
2859
229
	rm debian/systemd/usr/share/man/man5/crypttab.5
227
	rm -f debian/tmp/usr/share/man/man5/crypttab.5
2860
230
endif
228
endif
2861
231
229
2862
232
	# files shipped by systemd
230
	# files shipped by systemd
2863
@@ -235,14 +233,6 @@ endif
2864
235
	rm debian/udev/lib/udev/rules.d/71-seat.rules
233
	rm debian/udev/lib/udev/rules.d/71-seat.rules
2865
236
	rm debian/udev/lib/udev/rules.d/99-systemd.rules
234
	rm debian/udev/lib/udev/rules.d/99-systemd.rules
2866
237
235
2867
238
	# remove duplicate files shipped by systemd-*/udev
2868
239
	echo "Removing duplicate files in systemd package:"
2869
240
	set -e; for pkg in $(shell dh_listpackages -Nudev-udeb -Nlibudev1-udeb -Nsystemd -Nsystemd-standalone-sysusers -Nsystemd-standalone-tmpfiles); do \
2870
241
		echo "... from $$pkg..."; \
2871
242
		(cd debian/$$pkg; find -type f -o -type l) | (cd debian/systemd; xargs rm -f --verbose); \
2872
243
		(cd debian/$$pkg; find -mindepth 1 -type d | sort -r) | (cd debian/systemd; xargs rmdir --ignore-fail-on-non-empty --verbose || true); \
2873
244
	done
2874
245
2875
246
	# Ubuntu specific files
236
	# Ubuntu specific files
2876
247
ifeq ($(DEB_VENDOR),Ubuntu)
237
ifeq ($(DEB_VENDOR),Ubuntu)
2877
248
	install -D --mode=644 debian/extra/udev.py debian/udev/usr/share/apport/package-hooks/udev.py
238
	install -D --mode=644 debian/extra/udev.py debian/udev/usr/share/apport/package-hooks/udev.py
2878
@@ -254,8 +244,30 @@ endif
2879
254
	# Remove unneeded file that produces errors in debugedit (LP: #1950445)
244
	# Remove unneeded file that produces errors in debugedit (LP: #1950445)
2880
255
ifeq ($(DEB_HOST_ARCH),i386)
245
ifeq ($(DEB_HOST_ARCH),i386)
2881
256
	rm -f debian/systemd/usr/lib/systemd/boot/efi/linuxia32.elf.stub
246
	rm -f debian/systemd/usr/lib/systemd/boot/efi/linuxia32.elf.stub
2882
247
	rm -f debian/systemd-boot-efi/usr/lib/systemd/boot/efi/linuxia32.elf.stub
2883
257
endif
248
endif
2884
258
249
2885
250
execute_after_dh_installman:
2886
251
	# remove duplicate files shipped by systemd-*/udev
2887
252
	# run after dh_installman, which runs after dh_install, to include manpages
2888
253
	echo "Removing duplicate files in systemd package:"
2889
254
	set -e; for pkg in $(shell dh_listpackages -Nudev-udeb -Nlibudev1-udeb -Nsystemd -Nsystemd-standalone-sysusers -Nsystemd-standalone-tmpfiles); do \
2890
255
		echo "... from $$pkg..."; \
2891
256
		(cd debian/$$pkg; find -type f -o -type l) | (cd debian/systemd; xargs rm -f --verbose); \
2892
257
		(cd debian/$$pkg; find -mindepth 1 -type d | sort -r) | (cd debian/systemd; xargs rmdir --ignore-fail-on-non-empty --verbose || true); \
2893
258
	done
2894
259
2895
260
	# dh_installman is affected by false positives and mangles manpages named as lib*.so.*
2896
261
	# fixed in debhelper 13.7.2 by https://salsa.debian.org/debian/debhelper/-/merge_requests/69
2897
262
	for pkg in libnss-myhostname libnss-mymachines libnss-resolve libnss-systemd; do \
2898
263
		rm -rf debian/$$pkg/usr/share/man/so; \
2899
264
	done
2900
265
	# work around some more dh_installman issues
2901
266
	# see https://salsa.debian.org/debian/debhelper/-/merge_requests/69#note_316102
2902
267
	for pkg in libnss-myhostname libnss-mymachines libnss-resolve libnss-systemd; do \
2903
268
		rm -rf debian/$$pkg/usr/share/man/man2/; \
2904
269
	done
2905
270
2906
259
override_dh_missing:
271
override_dh_missing:
2907
260
	dh_missing $(DH_MISSING)
272
	dh_missing $(DH_MISSING)
2908
261
273
2909
@@ -267,31 +279,35 @@ override_dh_installsystemd:
2910
267
	dh_installsystemd -psystemd-timesyncd
279
	dh_installsystemd -psystemd-timesyncd
2911
268
	dh_installsystemd -psystemd-oomd systemd-oomd.service
280
	dh_installsystemd -psystemd-oomd systemd-oomd.service
2912
269
	dh_installsystemd -psystemd-oomd --no-stop-on-upgrade systemd-oomd.socket
281
	dh_installsystemd -psystemd-oomd --no-stop-on-upgrade systemd-oomd.socket
2913
282
	dh_installsystemd -psystemd-userdbd --no-stop-on-upgrade systemd-userdbd.socket
2914
283
	dh_installsystemd -psystemd-homed --no-also systemd-homed.service systemd-homed-activate.service
2915
284
	dh_installsystemd -psystemd-resolved
2916
270
285
2917
271
override_dh_installsystemduser:
286
override_dh_installsystemduser:
2918
272
287
2920
273
PROJECT_VERSION ?= $(shell awk '/(PROJECT|PACKAGE)_VERSION/ {print $$3}' build-deb/config.h | tr -d \")
288
PROJECT_VERSION ?= $(shell awk '/(PROJECT|PACKAGE)_VERSION/ {print $$3}' obj-$(DEB_HOST_GNU_TYPE)/config.h | tr -d \")
2921
274
289
2922
275
# The SysV compat tools (which are symlinks to systemctl) are
290
# The SysV compat tools (which are symlinks to systemctl) are
2923
276
# quasi-essential, so add their dependencies to Pre-Depends
291
# quasi-essential, so add their dependencies to Pre-Depends
2924
277
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753589
292
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753589
2925
278
override_dh_shlibdeps:
293
override_dh_shlibdeps:
2927
279
	dh_shlibdeps -psystemd -llib/systemd/ -- \
294
	dh_shlibdeps -psystemd -Llibsystemd-shared -- \
2928
280
		-dPre-Depends -edebian/systemd/bin/systemctl \
295
		-dPre-Depends -edebian/systemd/bin/systemctl \
2929
281
		-dDepends
296
		-dDepends
2931
282
	dh_shlibdeps --remaining-packages -Lsystemd
297
	dh_shlibdeps -plibsystemd-shared -lusr/lib/$(DEB_HOST_MULTIARCH)/systemd
2932
298
	dh_shlibdeps --remaining-packages -Llibsystemd-shared
2933
283
299
2934
284
override_dh_makeshlibs:
300
override_dh_makeshlibs:
2935
285
	sed 's/SHARED_LIB_VERSION/$(PROJECT_VERSION)/' debian/shlibs.local.in > debian/shlibs.local
301
	sed 's/SHARED_LIB_VERSION/$(PROJECT_VERSION)/' debian/shlibs.local.in > debian/shlibs.local
2936
286
	dh_makeshlibs -plibudev1 --add-udeb=libudev1-udeb -- -c$(GENSYMBOLS_LEVEL)
302
	dh_makeshlibs -plibudev1 --add-udeb=libudev1-udeb -- -c$(GENSYMBOLS_LEVEL)
2938
287
	dh_makeshlibs -psystemd -Xlibsystemd-shared -Xlibsystemd-core -- -c$(GENSYMBOLS_LEVEL)
303
	dh_makeshlibs -plibsystemd-shared -Xlibsystemd-shared -Xlibsystemd-core -- -c$(GENSYMBOLS_LEVEL)
2939
288
	dh_makeshlibs --remaining-packages -- -c$(GENSYMBOLS_LEVEL)
304
	dh_makeshlibs --remaining-packages -- -c$(GENSYMBOLS_LEVEL)
2940
289
305
2941
290
override_dh_auto_test:
306
override_dh_auto_test:
2942
291
ifeq (, $(filter nocheck, $(DEB_BUILD_OPTIONS)))
307
ifeq (, $(filter nocheck, $(DEB_BUILD_OPTIONS)))
2944
292
	echo "01234567890123456789012345678901" > build-deb/machine-id
308
	echo "01234567890123456789012345678901" > obj-$(DEB_HOST_GNU_TYPE)/machine-id
2945
293
	# some tests hang under fakeroot, so disable fakeroot
309
	# some tests hang under fakeroot, so disable fakeroot
2947
294
	env -u LD_PRELOAD SYSTEMD_MACHINE_ID_PATH=$(CURDIR)/build-deb/machine-id meson test -C build-deb --print-errorlogs $(TEST_TIMEOUT_MULTIPLIER)
310
	env -u LD_PRELOAD SYSTEMD_MACHINE_ID_PATH=$(CURDIR)/obj-$(DEB_HOST_GNU_TYPE)/machine-id meson test -C obj-$(DEB_HOST_GNU_TYPE) --print-errorlogs $(TEST_TIMEOUT_MULTIPLIER)
2948
295
endif
311
endif
2949
296
312
2950
297
%:
313
%:
2951
diff --git a/debian/shlibs.local.in b/debian/shlibs.local.in
2952
index 3a5cc0d..085835d 100644
2953
--- a/debian/shlibs.local.in
2954
+++ b/debian/shlibs.local.in
2955
@@ -1,4 +1,4 @@
2956
1
udeb: libudev 1 libudev1-udeb
1
udeb: libudev 1 libudev1-udeb
2957
2
libsystemd 0 libsystemd0 (= ${binary:Version})
2
libsystemd 0 libsystemd0 (= ${binary:Version})
2960
3
libsystemd-shared SHARED_LIB_VERSION systemd (= ${binary:Version})
3
libsystemd-shared SHARED_LIB_VERSION libsystemd-shared (= ${binary:Version})
2961
4
libsystemd-core SHARED_LIB_VERSION systemd (= ${binary:Version})
4
libsystemd-core SHARED_LIB_VERSION libsystemd-shared (= ${binary:Version})
2962
diff --git a/debian/systemd-boot-efi.install b/debian/systemd-boot-efi.install
2963
5
new file mode 100644
5
new file mode 100644
2964
index 0000000..1cb75d0
2965
--- /dev/null
2966
+++ b/debian/systemd-boot-efi.install
2967
@@ -0,0 +1 @@
2968
1
usr/lib/systemd/boot/
2969
diff --git a/debian/systemd-boot-efi.lintian-overrides b/debian/systemd-boot-efi.lintian-overrides
2970
0
new file mode 100644
2
new file mode 100644
2971
index 0000000..79067b8
2972
--- /dev/null
2973
+++ b/debian/systemd-boot-efi.lintian-overrides
2974
@@ -0,0 +1,6 @@
2975
1
# Not a shared library
2976
2
systemd-boot-efi: shared-library-lacks-prerequisites
2977
3
# PE-COFF EFI binaries, false positives
2978
4
systemd-boot-efi: executable-not-elf-or-script
2979
5
# These are EFI binaries, not libraries, they all ship in /usr/lib/systemd/boot
2980
6
systemd-boot-efi: arch-dependent-file-not-in-arch-specific-directory
2981
diff --git a/debian/systemd-boot-efi.manpages b/debian/systemd-boot-efi.manpages
2982
0
new file mode 100644
7
new file mode 100644
2983
index 0000000..4af7d86
2984
--- /dev/null
2985
+++ b/debian/systemd-boot-efi.manpages
2986
@@ -0,0 +1 @@
2987
1
usr/share/man/man7/*.efi.stub.7
2988
diff --git a/debian/systemd-boot.install b/debian/systemd-boot.install
2989
0
new file mode 100644
2
new file mode 100644
2990
index 0000000..29cd23b
2991
--- /dev/null
2992
+++ b/debian/systemd-boot.install
2993
@@ -0,0 +1,10 @@
2994
1
lib/systemd/systemd-bless-boot
2995
2
lib/systemd/system-generators/systemd-bless-boot-generator
2996
3
lib/systemd/system/sysinit.target.wants/systemd-boot-system-token.service
2997
4
lib/systemd/system/systemd-bless-boot.service
2998
5
lib/systemd/system/systemd-boot-system-token.service
2999
6
lib/systemd/system/systemd-boot-update.service
3000
7
usr/bin/bootctl
3001
8
usr/share/bash-completion/completions/bootctl
3002
9
../extra/initramfs etc/
3003
10
../extra/kernel etc/
3004
diff --git a/debian/systemd-boot.lintian-overrides b/debian/systemd-boot.lintian-overrides
3005
0
new file mode 100644
11
new file mode 100644
3006
index 0000000..9a3c32a
3007
--- /dev/null
3008
+++ b/debian/systemd-boot.lintian-overrides
3009
@@ -0,0 +1,3 @@
3010
1
# Lintian is really bad at associating manpages
3011
2
systemd-boot: spare-manual-page
3012
3
systemd-boot: package-supports-alternative-init-but-no-init.d-script
3013
diff --git a/debian/systemd-boot.manpages b/debian/systemd-boot.manpages
3014
0
new file mode 100644
4
new file mode 100644
3015
index 0000000..e9c96fd
3016
--- /dev/null
3017
+++ b/debian/systemd-boot.manpages
3018
@@ -0,0 +1,8 @@
3019
1
usr/share/man/man1/bootctl.1
3020
2
usr/share/man/man5/loader.conf.5
3021
3
usr/share/man/man7/sd-boot.7
3022
4
usr/share/man/man7/systemd-boot.7
3023
5
usr/share/man/man8/systemd-bless-boot.8
3024
6
usr/share/man/man8/systemd-bless-boot-generator.8
3025
7
usr/share/man/man8/systemd-bless-boot.service.8
3026
8
usr/share/man/man8/systemd-boot-system-token.service.8
3027
diff --git a/debian/systemd-container.install b/debian/systemd-container.install
3028
index a092998..0d0a86c 100644
3029
--- a/debian/systemd-container.install
3030
+++ b/debian/systemd-container.install
3031
@@ -27,12 +27,6 @@ usr/share/dbus-1/system.d/org.freedesktop.portable1.conf
3032
27
usr/share/dbus-1/system-services/org.freedesktop.import1.service
27
usr/share/dbus-1/system-services/org.freedesktop.import1.service
3033
28
usr/share/dbus-1/system-services/org.freedesktop.machine1.service
28
usr/share/dbus-1/system-services/org.freedesktop.machine1.service
3034
29
usr/share/dbus-1/system-services/org.freedesktop.portable1.service
29
usr/share/dbus-1/system-services/org.freedesktop.portable1.service
3035
30
usr/share/man/man*/*nspawn*
3036
31
usr/share/man/man*/machinectl*
3037
32
usr/share/man/man*/portablectl*
3038
33
usr/share/man/man*/systemd-dissect*
3039
34
usr/share/man/man*/systemd-machined*
3040
35
usr/share/man/man*/systemd-portabled*
3041
36
usr/share/polkit-1/actions/org.freedesktop.import1.policy
30
usr/share/polkit-1/actions/org.freedesktop.import1.policy
3042
37
usr/share/polkit-1/actions/org.freedesktop.machine1.policy
31
usr/share/polkit-1/actions/org.freedesktop.machine1.policy
3043
38
usr/share/polkit-1/actions/org.freedesktop.portable1.policy
32
usr/share/polkit-1/actions/org.freedesktop.portable1.policy
3044
diff --git a/debian/systemd-container.manpages b/debian/systemd-container.manpages
3045
39
new file mode 100644
33
new file mode 100644
3046
index 0000000..c09a172
3047
--- /dev/null
3048
+++ b/debian/systemd-container.manpages
3049
@@ -0,0 +1,6 @@
3050
1
usr/share/man/man*/*nspawn*
3051
2
usr/share/man/man*/machinectl*
3052
3
usr/share/man/man*/portablectl*
3053
4
usr/share/man/man*/systemd-dissect*
3054
5
usr/share/man/man*/systemd-machined*
3055
6
usr/share/man/man*/systemd-portabled*
3056
diff --git a/debian/systemd-coredump.install b/debian/systemd-coredump.install
3057
index e3c3245..730a98c 100644
3058
--- a/debian/systemd-coredump.install
3059
+++ b/debian/systemd-coredump.install
3060
@@ -5,8 +5,5 @@ lib/systemd/system/*/systemd-coredump*
3061
5
usr/bin/coredumpctl
5
usr/bin/coredumpctl
3062
6
usr/lib/sysctl.d/50-coredump.conf
6
usr/lib/sysctl.d/50-coredump.conf
3063
7
usr/lib/sysusers.d/systemd-coredump.conf
7
usr/lib/sysusers.d/systemd-coredump.conf
3064
8
usr/share/man/man1/coredumpctl*
3065
9
usr/share/man/man5/coredump.conf*
3066
10
usr/share/man/man8/systemd-coredump*
3067
11
usr/share/bash-completion/completions/coredumpctl
8
usr/share/bash-completion/completions/coredumpctl
3068
12
usr/share/zsh/vendor-completions/_coredumpctl
9
usr/share/zsh/vendor-completions/_coredumpctl
3069
diff --git a/debian/systemd-coredump.manpages b/debian/systemd-coredump.manpages
3070
13
new file mode 100644
10
new file mode 100644
3071
index 0000000..5e7573e
3072
--- /dev/null
3073
+++ b/debian/systemd-coredump.manpages
3074
@@ -0,0 +1,3 @@
3075
1
usr/share/man/man1/coredumpctl*
3076
2
usr/share/man/man5/coredump.conf*
3077
3
usr/share/man/man8/systemd-coredump*
3078
diff --git a/debian/systemd-homed.install b/debian/systemd-homed.install
3079
0
new file mode 100644
4
new file mode 100644
3080
index 0000000..b8357a3
3081
--- /dev/null
3082
+++ b/debian/systemd-homed.install
3083
@@ -0,0 +1,11 @@
3084
1
etc/systemd/homed.conf
3085
2
lib/*/security/pam_systemd_home.so
3086
3
lib/systemd/systemd-homed
3087
4
lib/systemd/systemd-homework
3088
5
lib/systemd/system/systemd-homed.service
3089
6
lib/systemd/system/systemd-homed-activate.service
3090
7
usr/bin/homectl
3091
8
usr/share/dbus-1/*/*home*
3092
9
usr/share/polkit-1/actions/org.freedesktop.home1.policy
3093
10
usr/share/bash-completion/completions/homectl
3094
11
../extra/pam-configs/systemd-homed usr/share/pam-configs/
3095
diff --git a/debian/systemd-homed.lintian-overrides b/debian/systemd-homed.lintian-overrides
3096
0
new file mode 100644
12
new file mode 100644
3097
index 0000000..51274e4
3098
--- /dev/null
3099
+++ b/debian/systemd-homed.lintian-overrides
3100
@@ -0,0 +1,5 @@
3101
1
# Lintian is really bad at associating manpages
3102
2
systemd-homed: spare-manual-page
3103
3
# False positive: Lintian doesn't recognize Also=
3104
4
systemd-homed: systemd-service-file-refers-to-unusual-wantedby-target
3105
5
systemd-homed: package-supports-alternative-init-but-no-init.d-script
3106
diff --git a/debian/systemd-homed.manpages b/debian/systemd-homed.manpages
3107
0
new file mode 100644
6
new file mode 100644
3108
index 0000000..4696f75
3109
--- /dev/null
3110
+++ b/debian/systemd-homed.manpages
3111
@@ -0,0 +1 @@
3112
1
usr/share/man/man*/*home*
3113
diff --git a/debian/systemd-homed.postinst b/debian/systemd-homed.postinst
3114
0
new file mode 100644
2
new file mode 100644
3115
index 0000000..7e37590
3116
--- /dev/null
3117
+++ b/debian/systemd-homed.postinst
3118
@@ -0,0 +1,7 @@
3119
1
#!/bin/sh
3120
2
3121
3
set -e
3122
4
3123
5
pam-auth-update --package
3124
6
3125
7
#DEBHELPER#
3126
diff --git a/debian/systemd-homed.prerm b/debian/systemd-homed.prerm
3127
0
new file mode 100644
8
new file mode 100644
3128
index 0000000..0dd38b0
3129
--- /dev/null
3130
+++ b/debian/systemd-homed.prerm
3131
@@ -0,0 +1,20 @@
3132
1
#!/bin/sh
3133
2
3134
3
set -e
3135
4
3136
5
# pam-auth-update --remove removes the named profile from the active config.
3137
6
# It arguably should be called during deconfigure as well, but deconfigure
3138
7
# can happen in some cases during a dist-upgrade and we don't want to
3139
8
# deconfigure all PAM modules in the middle of a dist-upgrade by accident.
3140
9
#
3141
10
# More importantly, with the current implementation, --remove also removes
3142
11
# all local preferences for the named config (such as whether it's enabled
3143
12
# or disabled), which we don't want to do on deconfigure.
3144
13
#
3145
14
# This may need to change later as pam-auth-update evolves.
3146
15
3147
16
if [ "$1" = remove ] && [ "${DPKG_MAINTSCRIPT_PACKAGE_REFCOUNT:-1}" = 1 ]; then
3148
17
    pam-auth-update --package --remove systemd-homed
3149
18
fi
3150
19
3151
20
#DEBHELPER#
3152
diff --git a/debian/systemd-journal-remote.install b/debian/systemd-journal-remote.install
3153
index 188628b..f187d8f 100644
3154
--- a/debian/systemd-journal-remote.install
3155
+++ b/debian/systemd-journal-remote.install
3156
@@ -2,10 +2,6 @@
3157
2
etc/systemd/journal-upload.conf
2
etc/systemd/journal-upload.conf
3158
3
lib/systemd/systemd-journal-upload
3
lib/systemd/systemd-journal-upload
3159
4
lib/systemd/system/systemd-journal-upload.service
4
lib/systemd/system/systemd-journal-upload.service
3160
5
usr/share/man/man5/journal-upload.conf.d.5
3161
6
usr/share/man/man5/journal-upload.conf.5
3162
7
usr/share/man/man8/systemd-journal-upload.8
3163
8
usr/share/man/man8/systemd-journal-upload.service.8
3164
9
5
3165
10
# systemd-journal-remote
6
# systemd-journal-remote
3166
11
etc/systemd/journal-remote.conf
7
etc/systemd/journal-remote.conf
3167
@@ -13,17 +9,9 @@ lib/systemd/systemd-journal-remote
3168
13
lib/systemd/system/systemd-journal-remote.service
9
lib/systemd/system/systemd-journal-remote.service
3169
14
lib/systemd/system/systemd-journal-remote.socket
10
lib/systemd/system/systemd-journal-remote.socket
3170
15
usr/lib/sysusers.d/systemd-remote.conf
11
usr/lib/sysusers.d/systemd-remote.conf
3171
16
usr/share/man/man5/journal-remote.conf.d.5
3172
17
usr/share/man/man5/journal-remote.conf.5
3173
18
usr/share/man/man8/systemd-journal-remote.service.8
3174
19
usr/share/man/man8/systemd-journal-remote.socket.8
3175
20
usr/share/man/man8/systemd-journal-remote.8
3176
21
12
3177
22
# systemd-journal-gatewayd
13
# systemd-journal-gatewayd
3178
23
lib/systemd/systemd-journal-gatewayd
14
lib/systemd/systemd-journal-gatewayd
3179
24
lib/systemd/system/systemd-journal-gatewayd.service
15
lib/systemd/system/systemd-journal-gatewayd.service
3180
25
lib/systemd/system/systemd-journal-gatewayd.socket
16
lib/systemd/system/systemd-journal-gatewayd.socket
3181
26
usr/share/systemd/gatewayd/
17
usr/share/systemd/gatewayd/
3182
27
usr/share/man/man8/systemd-journal-gatewayd.service.8
3183
28
usr/share/man/man8/systemd-journal-gatewayd.socket.8
3184
29
usr/share/man/man8/systemd-journal-gatewayd.8
3185
diff --git a/debian/systemd-journal-remote.manpages b/debian/systemd-journal-remote.manpages
3186
30
new file mode 100644
18
new file mode 100644
3187
index 0000000..55ede14
3188
--- /dev/null
3189
+++ b/debian/systemd-journal-remote.manpages
3190
@@ -0,0 +1,12 @@
3191
1
usr/share/man/man5/journal-upload.conf.d.5
3192
2
usr/share/man/man5/journal-upload.conf.5
3193
3
usr/share/man/man8/systemd-journal-upload.8
3194
4
usr/share/man/man8/systemd-journal-upload.service.8
3195
5
usr/share/man/man5/journal-remote.conf.d.5
3196
6
usr/share/man/man5/journal-remote.conf.5
3197
7
usr/share/man/man8/systemd-journal-remote.service.8
3198
8
usr/share/man/man8/systemd-journal-remote.socket.8
3199
9
usr/share/man/man8/systemd-journal-remote.8
3200
10
usr/share/man/man8/systemd-journal-gatewayd.service.8
3201
11
usr/share/man/man8/systemd-journal-gatewayd.socket.8
3202
12
usr/share/man/man8/systemd-journal-gatewayd.8
3203
diff --git a/debian/systemd-oomd.install b/debian/systemd-oomd.install
3204
index f9f6686..7bbe7cd 100644
3205
--- a/debian/systemd-oomd.install
3206
+++ b/debian/systemd-oomd.install
3207
@@ -8,6 +8,5 @@ lib/systemd/system/systemd-oomd.socket
3208
8
usr/bin/oomctl
8
usr/bin/oomctl
3209
9
usr/lib/sysusers.d/systemd-oom.conf
9
usr/lib/sysusers.d/systemd-oom.conf
3210
10
usr/share/dbus-1/*/*oom*
10
usr/share/dbus-1/*/*oom*
3211
11
usr/share/man/man*/*oom*
3212
12
usr/share/bash-completion/completions/oomctl
11
usr/share/bash-completion/completions/oomctl
3213
13
usr/share/zsh/vendor-completions/_oomctl
12
usr/share/zsh/vendor-completions/_oomctl
3214
diff --git a/debian/systemd-oomd.manpages b/debian/systemd-oomd.manpages
3215
14
new file mode 100644
13
new file mode 100644
3216
index 0000000..b1f4970
3217
--- /dev/null
3218
+++ b/debian/systemd-oomd.manpages
3219
@@ -0,0 +1 @@
3220
1
usr/share/man/man*/*oom*
3221
diff --git a/debian/systemd-resolved.install b/debian/systemd-resolved.install
3222
0
new file mode 100644
2
new file mode 100644
3223
index 0000000..6d7241d
3224
--- /dev/null
3225
+++ b/debian/systemd-resolved.install
3226
@@ -0,0 +1,13 @@
3227
1
/sbin/resolvconf
3228
2
/etc/systemd/resolved.conf
3229
3
/lib/systemd/systemd-resolved
3230
4
/lib/systemd/system/systemd-resolved.service
3231
5
/usr/bin/resolvectl
3232
6
/usr/lib/sysusers.d/systemd-resolve.conf
3233
7
/usr/lib/tmpfiles.d/systemd-resolve.conf
3234
8
/usr/share/bash-completion/completions/resolvectl
3235
9
/usr/share/bash-completion/completions/systemd-resolve
3236
10
/usr/share/dbus-1/system.d/org.freedesktop.resolve1.conf
3237
11
/usr/share/dbus-1/system-services/org.freedesktop.resolve1.service
3238
12
/usr/share/polkit-1/actions/org.freedesktop.resolve1.policy
3239
13
/usr/share/zsh/vendor-completions/_resolvectl
3240
diff --git a/debian/systemd-resolved.links b/debian/systemd-resolved.links
3241
0
new file mode 100644
14
new file mode 100644
3242
index 0000000..63b933a
3243
--- /dev/null
3244
+++ b/debian/systemd-resolved.links
3245
@@ -0,0 +1 @@
3246
1
/run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
3247
diff --git a/debian/systemd-resolved.lintian-overrides b/debian/systemd-resolved.lintian-overrides
3248
0
new file mode 100644
2
new file mode 100644
3249
index 0000000..459af93
3250
--- /dev/null
3251
+++ b/debian/systemd-resolved.lintian-overrides
3252
@@ -0,0 +1,3 @@
3253
1
# Lintian is really bad at associating manpages
3254
2
systemd-resolved: spare-manual-page
3255
3
systemd-resolved: package-supports-alternative-init-but-no-init.d-script
3256
diff --git a/debian/systemd-resolved.manpages b/debian/systemd-resolved.manpages
3257
0
new file mode 100644
4
new file mode 100644
3258
index 0000000..2933665
3259
--- /dev/null
3260
+++ b/debian/systemd-resolved.manpages
3261
@@ -0,0 +1,4 @@
3262
1
usr/share/man/man1/resolv*
3263
2
usr/share/man/man5/org.freedesktop.resolve1*
3264
3
usr/share/man/man5/resolved.conf.*
3265
4
usr/share/man/man8/systemd-resolved.*
3266
diff --git a/debian/systemd-resolved.postinst b/debian/systemd-resolved.postinst
3267
0
new file mode 100644
5
new file mode 100644
3268
index 0000000..17ab957
3269
--- /dev/null
3270
+++ b/debian/systemd-resolved.postinst
3271
@@ -0,0 +1,28 @@
3272
1
#!/bin/sh
3273
2
3274
3
set -e
3275
4
3276
5
_adopt_conffile() {
3277
6
    conffile=$1
3278
7
    pkg=$2
3279
8
3280
9
    [ -f ${conffile}.dpkg-bak ] || return 0
3281
10
3282
11
    md5sum="$(md5sum ${conffile} | sed -e 's/ .*//')"
3283
12
    old_md5sum="$(dpkg-query -W -f='${Conffiles}' $pkg | \
3284
13
                        sed -n -e "\' ${conffile} ' { s/ obsolete$//; s/.* //; p }")"
3285
14
    # On new installs, if the policy file was preserved on systemd upgrade
3286
15
    # by dpkg-maintscript helper, copy it back if the new file has not been modified yet
3287
16
    if [ "$md5sum" = "$old_md5sum" ]; then
3288
17
        mv ${conffile}.dpkg-bak ${conffile}
3289
18
    fi
3290
19
}
3291
20
3292
21
3293
22
if [ "$1" = configure ] && [ -z "$2" ]; then
3294
23
    adduser --quiet --system --group --no-create-home --home /run/systemd \
3295
24
        --gecos "systemd Resolver" systemd-resolve
3296
25
    _adopt_conffile /etc/systemd/resolved.conf systemd-resolved
3297
26
fi
3298
27
3299
28
#DEBHELPER#
3300
diff --git a/debian/systemd-standalone-sysusers.manpages b/debian/systemd-standalone-sysusers.manpages
3301
0
new file mode 100644
29
new file mode 100644
3302
index 0000000..daaab6a
3303
--- /dev/null
3304
+++ b/debian/systemd-standalone-sysusers.manpages
3305
@@ -0,0 +1 @@
3306
1
usr/share/man/man8/systemd-sysusers.8
3307
diff --git a/debian/systemd-standalone-tmpfiles.manpages b/debian/systemd-standalone-tmpfiles.manpages
3308
0
new file mode 100644
2
new file mode 100644
3309
index 0000000..d90ac8f
3310
--- /dev/null
3311
+++ b/debian/systemd-standalone-tmpfiles.manpages
3312
@@ -0,0 +1 @@
3313
1
usr/share/man/man8/systemd-tmpfiles.8
3314
diff --git a/debian/systemd-sysv.install b/debian/systemd-sysv.install
3315
index 9c104a9..34e4528 100644
3316
--- a/debian/systemd-sysv.install
3317
+++ b/debian/systemd-sysv.install
3318
@@ -1,10 +1,3 @@
3319
1
usr/share/man/man1/init.1
3320
2
usr/share/man/man8/telinit.8
3321
3
usr/share/man/man8/runlevel.8
3322
4
usr/share/man/man8/shutdown.8
3323
5
usr/share/man/man8/poweroff.8
3324
6
usr/share/man/man8/reboot.8
3325
7
usr/share/man/man8/halt.8
3326
8
sbin/init
1
sbin/init
3327
9
sbin/telinit
2
sbin/telinit
3328
10
sbin/runlevel
3
sbin/runlevel
3329
diff --git a/debian/systemd-sysv.manpages b/debian/systemd-sysv.manpages
3330
11
new file mode 100644
4
new file mode 100644
3331
index 0000000..0a949c9
3332
--- /dev/null
3333
+++ b/debian/systemd-sysv.manpages
3334
@@ -0,0 +1,7 @@
3335
1
usr/share/man/man1/init.1
3336
2
usr/share/man/man8/telinit.8
3337
3
usr/share/man/man8/runlevel.8
3338
4
usr/share/man/man8/shutdown.8
3339
5
usr/share/man/man8/poweroff.8
3340
6
usr/share/man/man8/reboot.8
3341
7
usr/share/man/man8/halt.8
3342
diff --git a/debian/systemd-timesyncd.install b/debian/systemd-timesyncd.install
3343
index 7090dba..a5be5b5 100644
3344
--- a/debian/systemd-timesyncd.install
3345
+++ b/debian/systemd-timesyncd.install
3346
@@ -4,5 +4,4 @@ lib/systemd/systemd-timesyncd
3347
4
lib/systemd/system/systemd-timesyncd.service
4
lib/systemd/system/systemd-timesyncd.service
3348
5
usr/lib/sysusers.d/systemd-timesync.conf
5
usr/lib/sysusers.d/systemd-timesync.conf
3349
6
usr/share/dbus-1/*/*timesync*
6
usr/share/dbus-1/*/*timesync*
3350
7
usr/share/man/man*/*timesyncd*
3351
8
../extra/dhclient-exit-hooks.d/ etc/dhcp/
7
../extra/dhclient-exit-hooks.d/ etc/dhcp/
3352
diff --git a/debian/systemd-timesyncd.manpages b/debian/systemd-timesyncd.manpages
3353
9
new file mode 100644
8
new file mode 100644
3354
index 0000000..b77577f
3355
--- /dev/null
3356
+++ b/debian/systemd-timesyncd.manpages
3357
@@ -0,0 +1 @@
3358
1
usr/share/man/man*/*timesyncd*
3359
diff --git a/debian/systemd-userdbd.install b/debian/systemd-userdbd.install
3360
0
new file mode 100644
2
new file mode 100644
3361
index 0000000..c40ee43
3362
--- /dev/null
3363
+++ b/debian/systemd-userdbd.install
3364
@@ -0,0 +1,5 @@
3365
1
lib/systemd/systemd-userdbd
3366
2
lib/systemd/systemd-userwork
3367
3
lib/systemd/system/systemd-userdbd.service
3368
4
lib/systemd/system/systemd-userdbd.socket
3369
5
usr/bin/userdbctl
3370
diff --git a/debian/systemd-userdbd.lintian-overrides b/debian/systemd-userdbd.lintian-overrides
3371
0
new file mode 100644
6
new file mode 100644
3372
index 0000000..f834679
3373
--- /dev/null
3374
+++ b/debian/systemd-userdbd.lintian-overrides
3375
@@ -0,0 +1,3 @@
3376
1
# Lintian is really bad at associating manpages
3377
2
systemd-userdbd: spare-manual-page
3378
3
systemd-userdbd: package-supports-alternative-init-but-no-init.d-script
3379
diff --git a/debian/systemd-userdbd.manpages b/debian/systemd-userdbd.manpages
3380
0
new file mode 100644
4
new file mode 100644
3381
index 0000000..95d4d26
3382
--- /dev/null
3383
+++ b/debian/systemd-userdbd.manpages
3384
@@ -0,0 +1 @@
3385
1
usr/share/man/man*/*userdb*
3386
diff --git a/debian/systemd.NEWS b/debian/systemd.NEWS
3387
index 4003182..100a1df 100644
3388
--- a/debian/systemd.NEWS
3389
+++ b/debian/systemd.NEWS
3390
@@ -1,3 +1,24 @@
3391
1
systemd (251.3-2) unstable; urgency=medium
3392
2
3393
3
  systemd-resolved has been split into a separate package.
3394
4
  This new systemd-resolved package will not be installed automatically on
3395
5
  upgrades. If you are using systemd-resolved, please install this new
3396
6
  package manually.
3397
7
3398
8
 -- Luca Boccassi <bluca@debian.org>  Thu, 05 Aug 2022 20:26:12 +0100
3399
9
3400
10
systemd (251.2-3) unstable; urgency=medium
3401
11
3402
12
  systemd-boot has been split into a separate package.
3403
13
  This new systemd-boot package will not be installed automatically on
3404
14
  upgrades. If you are using systemd-boot, please install this new
3405
15
  package manually.
3406
16
3407
17
  The default boot loader in Debian is grub2. If you have not set up
3408
18
  systemd-boot manually, no action is required on your side.
3409
19
3410
20
 -- Michael Biebl <biebl@debian.org>  Wed, 08 Jun 2022 21:49:47 +0200
3411
21
3412
1
systemd (251.1-1) unstable; urgency=medium
22
systemd (251.1-1) unstable; urgency=medium
3413
2
23
3414
3
  systemd-journal-gatewayd and systemd-journal-remote are now built
24
  systemd-journal-gatewayd and systemd-journal-remote are now built
3415
diff --git a/debian/systemd.install b/debian/systemd.install
3416
index c2e5c69..f5547d0 100644
3417
--- a/debian/systemd.install
3418
+++ b/debian/systemd.install
3419
@@ -14,14 +14,9 @@ usr/lib/sysctl.d/
3420
14
usr/lib/sysusers.d/basic.conf
14
usr/lib/sysusers.d/basic.conf
3421
15
usr/lib/sysusers.d/systemd-journal.conf
15
usr/lib/sysusers.d/systemd-journal.conf
3422
16
usr/lib/sysusers.d/systemd-network.conf
16
usr/lib/sysusers.d/systemd-network.conf
3423
17
usr/lib/sysusers.d/systemd-resolve.conf
3424
18
usr/lib/systemd/
17
usr/lib/systemd/
3425
19
usr/lib/tmpfiles.d/
18
usr/lib/tmpfiles.d/
3426
20
usr/lib/kernel
19
usr/lib/kernel
3427
21
usr/share/man/man1/
3428
22
usr/share/man/man5/
3429
23
usr/share/man/man7/
3430
24
usr/share/man/man8/
3431
25
usr/share/bash-completion/
20
usr/share/bash-completion/
3432
26
usr/share/zsh/vendor-completions/
21
usr/share/zsh/vendor-completions/
3433
27
usr/share/dbus-1/
22
usr/share/dbus-1/
3434
diff --git a/debian/systemd.lintian-overrides b/debian/systemd.lintian-overrides
3435
index 1c2a8f2..5159e2c 100644
3436
--- a/debian/systemd.lintian-overrides
3437
+++ b/debian/systemd.lintian-overrides
3438
@@ -15,12 +15,5 @@ systemd: package-contains-empty-directory lib/systemd/system/runlevel4.target.wa
3439
15
systemd: package-contains-empty-directory lib/systemd/system/runlevel5.target.wants/
15
systemd: package-contains-empty-directory lib/systemd/system/runlevel5.target.wants/
3440
16
systemd: package-contains-empty-directory usr/lib/binfmt.d/
16
systemd: package-contains-empty-directory usr/lib/binfmt.d/
3441
17
systemd: package-contains-empty-directory usr/lib/modules-load.d/
17
systemd: package-contains-empty-directory usr/lib/modules-load.d/
3442
18
# Not a shared library
3443
19
systemd: shared-library-lacks-prerequisites usr/lib/systemd/boot/efi/linuxx64.elf.stub
3444
20
# PE-COFF EFI binaries, false positives
3445
21
systemd: executable-not-elf-or-script usr/lib/systemd/boot/efi/linuxx64.efi.stub
3446
22
systemd: executable-not-elf-or-script usr/lib/systemd/boot/efi/systemd-bootx64.efi
3447
23
# Intentional: value of config got in a release by mistake, needs to be kept
3448
24
systemd: spelling-error-in-binary lib/systemd/libsystemd-shared-251.so anually annually
3449
25
# netlink keyword
18
# netlink keyword
3450
26
systemd: spelling-error-in-binary lib/systemd/systemd-networkd iif if
19
systemd: spelling-error-in-binary lib/systemd/systemd-networkd iif if
3451
diff --git a/debian/systemd.maintscript b/debian/systemd.maintscript
3452
index a4cd38d..e7fd0a1 100644
3453
--- a/debian/systemd.maintscript
3454
+++ b/debian/systemd.maintscript
3455
@@ -2,3 +2,4 @@ rm_conffile /etc/dhcp/dhclient-exit-hooks.d/timesyncd 245.4-2~
3456
2
rm_conffile /etc/systemd/timesyncd.conf 245.4-2~
2
rm_conffile /etc/systemd/timesyncd.conf 245.4-2~
3457
3
rm_conffile /etc/dhcp/dhclient-enter-hooks.d/resolved 246-2ubuntu1~
3
rm_conffile /etc/dhcp/dhclient-enter-hooks.d/resolved 246-2ubuntu1~
3458
4
rm_conffile /etc/pam.d/systemd-user 246.6-3~
4
rm_conffile /etc/pam.d/systemd-user 246.6-3~
3459
5
rm_conffile /etc/systemd/resolved.conf 251.3-2~
3460
diff --git a/debian/systemd.manpages b/debian/systemd.manpages
3461
5
new file mode 100644
6
new file mode 100644
3462
index 0000000..57f666f
3463
--- /dev/null
3464
+++ b/debian/systemd.manpages
3465
@@ -0,0 +1,4 @@
3466
1
usr/share/man/man1/*
3467
2
usr/share/man/man5/*
3468
3
usr/share/man/man7/*
3469
4
usr/share/man/man8/*
3470
diff --git a/debian/systemd.postinst b/debian/systemd.postinst
3471
index 32fa7db..63e78ca 100644
3472
--- a/debian/systemd.postinst
3473
+++ b/debian/systemd.postinst
3474
@@ -19,7 +19,7 @@ _update_binfmt() {
3475
19
    # configuration ship a corresponding binfmt.d snippet yet.
19
    # configuration ship a corresponding binfmt.d snippet yet.
3476
20
    # Once this is the case, this additional safety check can be removed.
20
    # Once this is the case, this additional safety check can be removed.
3477
21
    if ! _systemctl -q is-active binfmt-support.service; then
21
    if ! _systemctl -q is-active binfmt-support.service; then
3479
22
        _systemctl restart systemd-binfmt.service || true
22
        _systemctl try-restart systemd-binfmt.service || true
3480
23
    fi
23
    fi
3481
24
}
24
}
3482
25
25
3483
@@ -84,8 +84,6 @@ addgroup --quiet --system systemd-journal
3484
84
84
3485
85
adduser --quiet --system --group --no-create-home --home /run/systemd \
85
adduser --quiet --system --group --no-create-home --home /run/systemd \
3486
86
    --gecos "systemd Network Management" systemd-network
86
    --gecos "systemd Network Management" systemd-network
3487
87
adduser --quiet --system --group --no-create-home --home /run/systemd \
3488
88
    --gecos "systemd Resolver" systemd-resolve
3489
89
87
3490
90
# Enable persistent journal, in auto-mode, by default on new installs installs and upgrades
88
# Enable persistent journal, in auto-mode, by default on new installs installs and upgrades
3491
91
if dpkg --compare-versions "$2" lt "235-3ubuntu3~"; then
89
if dpkg --compare-versions "$2" lt "235-3ubuntu3~"; then
3492
@@ -116,7 +114,6 @@ if [ -n "$2" ] && [ "$(systemctl is-system-running)" != "stopping" ]; then
3493
116
        _systemctl stop systemd-networkd.socket || true
114
        _systemctl stop systemd-networkd.socket || true
3494
117
    fi
115
    fi
3495
118
    _systemctl try-restart systemd-networkd.service || true
116
    _systemctl try-restart systemd-networkd.service || true
3496
119
    _systemctl try-restart systemd-resolved.service || true
3497
120
    _systemctl try-restart systemd-journald.service || true
117
    _systemctl try-restart systemd-journald.service || true
3498
121
fi
118
fi
3499
122
119
3500
diff --git a/debian/tests/control b/debian/tests/control
3501
index 56626f9..361abe0 100644
3502
--- a/debian/tests/control
3503
+++ b/debian/tests/control
3504
@@ -37,6 +37,7 @@ Tests: networkd-test.py
3505
37
Tests-Directory: test
37
Tests-Directory: test
3506
38
Depends: systemd,
38
Depends: systemd,
3507
39
  udev,
39
  udev,
3508
40
  systemd-resolved,
3509
40
  libpam-systemd,
41
  libpam-systemd,
3510
41
  libnss-systemd,
42
  libnss-systemd,
3511
42
  acl,
43
  acl,
3512
@@ -137,6 +138,8 @@ Depends: systemd-tests,
3513
137
  systemd-coredump,
138
  systemd-coredump,
3514
138
  systemd-timesyncd,
139
  systemd-timesyncd,
3515
139
  systemd-oomd,
140
  systemd-oomd,
3516
141
  systemd-homed,
3517
142
  systemd-resolved,
3518
140
  libnss-myhostname,
143
  libnss-myhostname,
3519
141
  libnss-mymachines,
144
  libnss-mymachines,
3520
142
  libnss-resolve,
145
  libnss-resolve,
3521
@@ -188,6 +191,7 @@ Depends: systemd-tests,
3522
188
  swtpm,
191
  swtpm,
3523
189
  tpm2-tools,
192
  tpm2-tools,
3524
190
  libgcc-s1,
193
  libgcc-s1,
3525
194
  openssl,
3526
191
Restrictions: needs-root, allow-stderr, isolation-machine
195
Restrictions: needs-root, allow-stderr, isolation-machine
3527
192
196
3528
193
Tests: boot-smoke
197
Tests: boot-smoke
3529
diff --git a/debian/udev.install b/debian/udev.install
3530
index cb52122..adeb7ad 100644
3531
--- a/debian/udev.install
3532
+++ b/debian/udev.install
3533
@@ -7,13 +7,6 @@ lib/systemd/systemd-udevd
3534
7
bin/udevadm
7
bin/udevadm
3535
8
bin/systemd-hwdb
8
bin/systemd-hwdb
3536
9
usr/lib/tmpfiles.d/static-nodes-permissions.conf
9
usr/lib/tmpfiles.d/static-nodes-permissions.conf
3537
10
usr/share/man/man5/udev.conf.5
3538
11
usr/share/man/man5/systemd.link.5
3539
12
usr/share/man/man7/hwdb.7
3540
13
usr/share/man/man7/udev.7
3541
14
usr/share/man/man8/systemd-hwdb*
3542
15
usr/share/man/man8/systemd-udevd*
3543
16
usr/share/man/man8/udevadm.8
3544
17
usr/share/bash-completion/completions/udevadm
10
usr/share/bash-completion/completions/udevadm
3545
18
usr/share/zsh/vendor-completions/_udevadm
11
usr/share/zsh/vendor-completions/_udevadm
3546
19
usr/share/pkgconfig/udev.pc
12
usr/share/pkgconfig/udev.pc
3547
diff --git a/debian/udev.manpages b/debian/udev.manpages
3548
20
new file mode 100644
13
new file mode 100644
3549
index 0000000..f55622c
3550
--- /dev/null
3551
+++ b/debian/udev.manpages
3552
@@ -0,0 +1,7 @@
3553
1
usr/share/man/man5/udev.conf.5
3554
2
usr/share/man/man5/systemd.link.5
3555
3
usr/share/man/man7/hwdb.7
3556
4
usr/share/man/man7/udev.7
3557
5
usr/share/man/man8/systemd-hwdb*
3558
6
usr/share/man/man8/systemd-udevd*
3559
7
usr/share/man/man8/udevadm.8
3560
diff --git a/hwdb.d/70-analyzers.hwdb b/hwdb.d/70-analyzers.hwdb
3561
index 899ece3..0a19115 100644
3562
--- a/hwdb.d/70-analyzers.hwdb
3563
+++ b/hwdb.d/70-analyzers.hwdb
3564
@@ -29,7 +29,6 @@ usb:v1679p3001*
3565
29
29
3566
30
# Power Delivery Analyzers
30
# Power Delivery Analyzers
3567
31
usb:v1679p6003*
31
usb:v1679p6003*
3568
32
usb:v0483pDF11*
3569
33
 ID_SIGNAL_ANALYZER=1
32
 ID_SIGNAL_ANALYZER=1
3570
34
33
3571
35
###########################################################
34
###########################################################
3572
diff --git a/man/journalctl.xml b/man/journalctl.xml
3573
index 424acc9..e226663 100644
3574
--- a/man/journalctl.xml
3575
+++ b/man/journalctl.xml
3576
@@ -650,7 +650,7 @@
3577
650
650
3578
651
        <listitem><para>If <replaceable>FILE</replaceable> exists and contains a
651
        <listitem><para>If <replaceable>FILE</replaceable> exists and contains a
3579
652
        cursor, start showing entries <emphasis>after</emphasis> this location.
652
        cursor, start showing entries <emphasis>after</emphasis> this location.
3581
653
        Otherwise the show entries according the other given options. At the end,
653
        Otherwise show entries according to the other given options. At the end,
3582
654
        write the cursor of the last entry to <replaceable>FILE</replaceable>. Use
654
        write the cursor of the last entry to <replaceable>FILE</replaceable>. Use
3583
655
        this option to continually read the journal by sequentially calling
655
        this option to continually read the journal by sequentially calling
3584
656
        <command>journalctl</command>.</para></listitem>
656
        <command>journalctl</command>.</para></listitem>
3585
diff --git a/man/os-release.xml b/man/os-release.xml
3586
index 875ac94..dd135d6 100644
3587
--- a/man/os-release.xml
3588
+++ b/man/os-release.xml
3589
@@ -429,7 +429,7 @@
3590
429
          <listitem><para>Takes a space-separated list of one or more valid prefix match strings for the
429
          <listitem><para>Takes a space-separated list of one or more valid prefix match strings for the
3591
430
          <ulink url="https://systemd.io/PORTABLE_SERVICES">Portable Services</ulink> logic. This field
430
          <ulink url="https://systemd.io/PORTABLE_SERVICES">Portable Services</ulink> logic. This field
3592
431
          serves two purposes: it is informational, identifying portable service images as such (and thus
431
          serves two purposes: it is informational, identifying portable service images as such (and thus
3594
432
          allowing them to be distinguished from other OS images, such as bootable system images). In is also
432
          allowing them to be distinguished from other OS images, such as bootable system images). It is also
3595
433
          used when a portable service image is attached: the specified or implied portable service prefix is
433
          used when a portable service image is attached: the specified or implied portable service prefix is
3596
434
          checked against the list specified here, to enforce restrictions how images may be attached to a
434
          checked against the list specified here, to enforce restrictions how images may be attached to a
3597
435
          system.</para></listitem>
435
          system.</para></listitem>
3598
diff --git a/man/pam_systemd_home.xml b/man/pam_systemd_home.xml
3599
index 906d1c1..9fa0e0a 100644
3600
--- a/man/pam_systemd_home.xml
3601
+++ b/man/pam_systemd_home.xml
3602
@@ -17,8 +17,8 @@
3603
17
17
3604
18
  <refnamediv>
18
  <refnamediv>
3605
19
    <refname>pam_systemd_home</refname>
19
    <refname>pam_systemd_home</refname>
3608
20
    <refpurpose>Automatically mount home directories managed by <filename>systemd-homed.service</filename> on
20
    <refpurpose>Authenticate users and mount home directories via <filename>systemd-homed.service</filename>
3609
21
    login, and unmount them on logout</refpurpose>
21
    </refpurpose>
3610
22
  </refnamediv>
22
  </refnamediv>
3611
23
23
3612
24
  <refsynopsisdiv>
24
  <refsynopsisdiv>
3613
@@ -31,7 +31,11 @@
3614
31
    <para><command>pam_systemd_home</command> ensures that home directories managed by
31
    <para><command>pam_systemd_home</command> ensures that home directories managed by
3615
32
    <citerefentry><refentrytitle>systemd-homed.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
32
    <citerefentry><refentrytitle>systemd-homed.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
3616
33
    are automatically activated (mounted) on user login, and are deactivated (unmounted) when the last
33
    are automatically activated (mounted) on user login, and are deactivated (unmounted) when the last
3618
34
    session of the user ends.</para>
34
    session of the user ends. For such users, it also provides authentication (when per-user disk encryption
3619
35
    is used, the disk encryption key is derived from the authentication credential supplied at login time),
3620
36
    account management (the <ulink url="https://systemd.io/USER_RECORD/">JSON user record</ulink> embedded in
3621
37
    the home store contains account details), and implements the updating of the encryption password (which
3622
38
    is also used for user authentication).</para>
3623
35
  </refsect1>
39
  </refsect1>
3624
36
40
3625
37
  <refsect1>
41
  <refsect1>
3626
@@ -93,8 +97,13 @@
3627
93
  <refsect1>
97
  <refsect1>
3628
94
    <title>Module Types Provided</title>
98
    <title>Module Types Provided</title>
3629
95
99
3632
96
    <para>The module provides all four management operations: <option>auth</option>, <option>account</option>,
100
    <para>The module implements all four PAM operations: <option>auth</option> (reason: to allow
3633
97
    <option>session</option>, <option>password</option>.</para>
101
    authentication using the encrypted data), <option>account</option> (reason: users with
3634
102
    <filename>systemd-homed.service</filename> user accounts are described in a <ulink
3635
103
    url="https://systemd.io/USER_RECORD/">JSON user record</ulink> and may be configured in more detail than
3636
104
    in the traditional Linux user database), <option>session</option> (user sessions must be tracked in order
3637
105
    to implement automatic release when the last session of the user is gone), <option>password</option> (to
3638
106
    change the encryption password — also used for user authentication — through PAM).</para>
3639
98
  </refsect1>
107
  </refsect1>
3640
99
108
3641
100
  <refsect1>
109
  <refsect1>
3642
diff --git a/man/sd_notify.xml b/man/sd_notify.xml
3643
index 4a0a7b3..31388b9 100644
3644
--- a/man/sd_notify.xml
3645
+++ b/man/sd_notify.xml
3646
@@ -272,13 +272,14 @@
3647
272
      <varlistentry>
272
      <varlistentry>
3648
273
        <term>BARRIER=1</term>
273
        <term>BARRIER=1</term>
3649
274
274
3657
275
        <listitem><para>Tells the service manager that the client is explicitly requesting synchronization by means of
275
        <listitem><para>Tells the service manager that the client is explicitly requesting synchronization by
3658
276
        closing the file descriptor sent with this command. The service manager guarantees that the processing of a <varname>
276
        means of closing the file descriptor sent with this command. The service manager guarantees that the
3659
277
        BARRIER=1</varname> command will only happen after all previous notification messages sent before this command
277
        processing of a <varname>BARRIER=1</varname> command will only happen after all previous notification
3660
278
        have been processed. Hence, this command accompanied with a single file descriptor can be used to synchronize
278
        messages sent before this command have been processed. Hence, this command accompanied with a single
3661
279
        against reception of all previous status messages. Note that this command cannot be mixed with other notifications,
279
        file descriptor can be used to synchronize against reception of all previous status messages. Note
3662
280
        and has to be sent in a separate message to the service manager, otherwise all assignments will be ignored. Note that
280
        that this command cannot be mixed with other notifications, and has to be sent in a separate message
3663
281
        sending 0 or more than 1 file descriptor with this command is a violation of the protocol.</para></listitem>
281
        to the service manager, otherwise all assignments will be ignored. Note that sending 0 or more than 1
3664
282
        file descriptor with this command is a violation of the protocol.</para></listitem>
3665
282
      </varlistentry>
283
      </varlistentry>
3666
283
    </variablelist>
284
    </variablelist>
3667
284
285
3668
@@ -341,7 +342,7 @@
3669
341
342
3670
342
    <para><function>sd_notify_barrier()</function> allows the caller to
343
    <para><function>sd_notify_barrier()</function> allows the caller to
3671
343
    synchronize against reception of previously sent notification messages
344
    synchronize against reception of previously sent notification messages
3673
344
    and uses the <literal>BARRIER=1</literal> command. It takes a relative
345
    and uses the <varname>BARRIER=1</varname> command. It takes a relative
3674
345
    <varname>timeout</varname> value in microseconds which is passed to
346
    <varname>timeout</varname> value in microseconds which is passed to
3675
346
    <citerefentry><refentrytitle>ppoll</refentrytitle><manvolnum>2</manvolnum>
347
    <citerefentry><refentrytitle>ppoll</refentrytitle><manvolnum>2</manvolnum>
3676
347
    </citerefentry>. A value of UINT64_MAX is interpreted as infinite timeout.
348
    </citerefentry>. A value of UINT64_MAX is interpreted as infinite timeout.
3677
diff --git a/man/system-or-user-ns.xml b/man/system-or-user-ns.xml
3678
index 01d1dd0..7a302d5 100644
3679
--- a/man/system-or-user-ns.xml
3680
+++ b/man/system-or-user-ns.xml
3681
@@ -8,9 +8,9 @@
3682
8
<refsect1>
8
<refsect1>
3683
9
9
3684
10
<para id="singular">This option is only available for system services, or for services running in per-user
10
<para id="singular">This option is only available for system services, or for services running in per-user
3686
11
 instances of the service manager when unprivileged user namespaces are available.</para>
11
 instances of the service manager when <varname>PrivateUsers=</varname> is enabled.</para>
3687
12
12
3688
13
<para id="plural">These options are only available for system services, or for services running in per-user
13
<para id="plural">These options are only available for system services, or for services running in per-user
3690
14
 instances of the service manager when unprivileged user namespaces are available.</para>
14
 instances of the service manager when <varname>PrivateUsers=</varname> is enabled.</para>
3691
15
15
3692
16
</refsect1>
16
</refsect1>
3693
diff --git a/man/systemctl.xml b/man/systemctl.xml
3694
index 963eb9e..64af099 100644
3695
--- a/man/systemctl.xml
3696
+++ b/man/systemctl.xml
3697
@@ -196,32 +196,31 @@ Sun 2017-02-26 20:57:49 EST  2h 3min left  Sun 2017-02-26 11:56:36 EST  6h ago  
3698
196
            <option>-t</option>). If a PID is passed, show information
196
            <option>-t</option>). If a PID is passed, show information
3699
197
            about the unit the process belongs to.</para>
197
            about the unit the process belongs to.</para>
3700
198
198
3720
199
            <para>This function is intended to generate human-readable
199
            <para>This function is intended to generate human-readable output. If you are looking for
3721
200
            output. If you are looking for computer-parsable output,
200
            computer-parsable output, use <command>show</command> instead. By default, this function only
3722
201
            use <command>show</command> instead. By default, this
201
            shows 10 lines of output and ellipsizes lines to fit in the terminal window. This can be changed
3723
202
            function only shows 10 lines of output and ellipsizes
202
            with <option>--lines</option> and <option>--full</option>, see above. In addition,
3724
203
            lines to fit in the terminal window. This can be changed
203
            <command>journalctl --unit=<replaceable>NAME</replaceable></command> or <command>journalctl
3725
204
            with <option>--lines</option> and <option>--full</option>,
204
            --user-unit=<replaceable>NAME</replaceable></command> use a similar filter for messages and might
3726
205
            see above. In addition, <command>journalctl
205
            be more convenient.</para>
3727
206
            --unit=<replaceable>NAME</replaceable></command> or
206
3728
207
            <command>journalctl
207
            <para>Note that this operation only displays <emphasis>runtime</emphasis> status, i.e. information about
3729
208
            --user-unit=<replaceable>NAME</replaceable></command> use
208
            the current invocation of the unit (if it is running) or the most recent invocation (if it is not
3730
209
            a similar filter for messages and might be more
209
            running anymore, and has not been released from memory). Information about earlier invocations,
3731
210
            convenient.
210
            invocations from previous system boots, or prior invocations that have already been released from
3732
211
            </para>
211
            memory may be retrieved via <command>journalctl --unit=</command>.</para>
3733
212
212
3734
213
            <para>systemd implicitly loads units as necessary, so just running the <command>status</command> will
213
            <para>systemd implicitly loads units as necessary, so just running the <command>status</command>
3735
214
            attempt to load a file. The command is thus not useful for determining if something was already loaded or
214
            will attempt to load a file. The command is thus not useful for determining if something was
3736
215
            not.  The units may possibly also be quickly unloaded after the operation is completed if there's no reason
215
            already loaded or not.  The units may possibly also be quickly unloaded after the operation is
3737
216
            to keep it in memory thereafter.
216
            completed if there's no reason to keep it in memory thereafter.</para>
3719
217
            </para>
3738
218
217
3739
219
            <example>
218
            <example>
3740
220
              <title>Example output from systemctl status </title>
219
              <title>Example output from systemctl status </title>
3741
221
220
3742
222
              <programlisting>$ systemctl status bluetooth
221
              <programlisting>$ systemctl status bluetooth
3743
223
● bluetooth.service - Bluetooth service
222
● bluetooth.service - Bluetooth service
3745
224
   Loaded: loaded (/usr/lib/systemd/system/bluetooth.service; enabled; vendor preset: enabled)
223
   Loaded: loaded (/usr/lib/systemd/system/bluetooth.service; enabled; preset: enabled)
3746
225
   Active: active (running) since Wed 2017-01-04 13:54:04 EST; 1 weeks 0 days ago
224
   Active: active (running) since Wed 2017-01-04 13:54:04 EST; 1 weeks 0 days ago
3747
226
     Docs: man:bluetoothd(8)
225
     Docs: man:bluetoothd(8)
3748
227
 Main PID: 930 (bluetoothd)
226
 Main PID: 930 (bluetoothd)
3749
@@ -237,29 +236,31 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: Current Time Service could not be 
3750
237
Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output error (5)
236
Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output error (5)
3751
238
</programlisting>
237
</programlisting>
3752
239
238
3768
240
            <para>The dot ("●") uses color on supported terminals to summarize the unit state at a glance. Along with
239
            <para>The dot ("●") uses color on supported terminals to summarize the unit state at a
3769
241
            its color, its shape varies according to its state: <literal>inactive</literal> or
240
            glance. Along with its color, its shape varies according to its state:
3770
242
            <literal>maintenance</literal> is a white circle ("○"), <literal>active</literal> is a green dot ("●"),
241
            <literal>inactive</literal> or <literal>maintenance</literal> is a white circle ("○"),
3771
243
            <literal>deactivating</literal> is a white dot, <literal>failed</literal> or <literal>error</literal> is
242
            <literal>active</literal> is a green dot ("●"), <literal>deactivating</literal> is a white dot,
3772
244
            a red cross ("×"), and <literal>reloading</literal> is a green clockwise circle arrow ("↻").
243
            <literal>failed</literal> or <literal>error</literal> is a red cross ("×"), and
3773
245
            </para>
244
            <literal>reloading</literal> is a green clockwise circle arrow ("↻").</para>
3774
246
245
3775
247
            <para>The "Loaded:" line in the output will show <literal>loaded</literal> if the unit has been loaded into
246
            <para>The "Loaded:" line in the output will show <literal>loaded</literal> if the unit has been
3776
248
            memory. Other possible values for "Loaded:" include: <literal>error</literal> if there was a problem
247
            loaded into memory. Other possible values for "Loaded:" include: <literal>error</literal> if
3777
249
            loading it, <literal>not-found</literal> if no unit file was found for this unit,
248
            there was a problem loading it, <literal>not-found</literal> if no unit file was found for this
3778
250
            <literal>bad-setting</literal> if an essential unit file setting could not be parsed and
249
            unit, <literal>bad-setting</literal> if an essential unit file setting could not be parsed and
3779
251
            <literal>masked</literal> if the unit file has been masked. Along with showing the path to the unit file,
250
            <literal>masked</literal> if the unit file has been masked. Along with showing the path to the
3780
252
            this line will also show the enablement state.  Enabled commands start at boot.  See the full table of
251
            unit file, this line will also show the enablement state.  Enabled units are included in the
3781
253
            possible enablement states — including the definition of <literal>masked</literal> — in the documentation
252
            dependency network between units, and thus are started at boot or via some other form of
3782
254
            for the <command>is-enabled</command> command.
253
            activation.  See the full table of possible enablement states — including the definition of
3783
254
            <literal>masked</literal> — in the documentation for the <command>is-enabled</command> command.
3784
255
            </para>
255
            </para>
3785
256
256
3786
257
            <para>The "Active:" line shows active state.  The value is usually <literal>active</literal> or
257
            <para>The "Active:" line shows active state.  The value is usually <literal>active</literal> or
3792
258
            <literal>inactive</literal>. Active could mean started, bound, plugged in, etc depending on the unit type.
258
            <literal>inactive</literal>. Active could mean started, bound, plugged in, etc depending on the
3793
259
            The unit could also be in process of changing states, reporting a state of <literal>activating</literal> or
259
            unit type.  The unit could also be in process of changing states, reporting a state of
3794
260
            <literal>deactivating</literal>. A special <literal>failed</literal> state is entered when the service
260
            <literal>activating</literal> or <literal>deactivating</literal>. A special
3795
261
            failed in some way, such as a crash, exiting with an error code or timing out. If the failed state is
261
            <literal>failed</literal> state is entered when the service failed in some way, such as a crash,
3796
262
            entered the cause will be logged for later reference.</para>
262
            exiting with an error code or timing out. If the failed state is entered the cause will be logged
3797
263
            for later reference.</para>
3798
263
            </example>
264
            </example>
3799
264
265
3800
265
          </listitem>
266
          </listitem>
3801
diff --git a/man/systemd-creds.xml b/man/systemd-creds.xml
3802
index d803b5c..7592961 100644
3803
--- a/man/systemd-creds.xml
3804
+++ b/man/systemd-creds.xml
3805
@@ -172,7 +172,7 @@
3806
172
        <term><command>has-tpm2</command></term>
172
        <term><command>has-tpm2</command></term>
3807
173
173
3808
174
        <listitem><para>Reports whether the system is equipped with a TPM2 device usable for protecting
174
        <listitem><para>Reports whether the system is equipped with a TPM2 device usable for protecting
3810
175
        credentials. If the a TPM2 device has been discovered, is supported, and is being used by firmware,
175
        credentials. If a TPM2 device has been discovered, is supported, and is being used by firmware,
3811
176
        by the OS kernel drivers and by userspace (i.e. systemd) this prints <literal>yes</literal> and exits
176
        by the OS kernel drivers and by userspace (i.e. systemd) this prints <literal>yes</literal> and exits
3812
177
        with exit status zero. If no such device is discovered/supported/used, prints
177
        with exit status zero. If no such device is discovered/supported/used, prints
3813
178
        <literal>no</literal>. Otherwise prints <literal>partial</literal>. In either of these two cases
178
        <literal>no</literal>. Otherwise prints <literal>partial</literal>. In either of these two cases
3814
diff --git a/man/systemd-integritysetup-generator.xml b/man/systemd-integritysetup-generator.xml
3815
index 23eab01..44248b2 100644
3816
--- a/man/systemd-integritysetup-generator.xml
3817
+++ b/man/systemd-integritysetup-generator.xml
3818
@@ -41,7 +41,7 @@
3819
41
    <para>
41
    <para>
3820
42
      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
42
      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
3821
43
      <citerefentry><refentrytitle>systemd-integritysetup@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
43
      <citerefentry><refentrytitle>systemd-integritysetup@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
3823
44
      <citerefentry project='die-net'><refentrytitle>integritysetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
44
      <citerefentry project='die-net'><refentrytitle>integritysetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
3824
45
    </para>
45
    </para>
3825
46
  </refsect1>
46
  </refsect1>
3826
47
47
3827
diff --git a/man/systemd-sysctl.service.xml b/man/systemd-sysctl.service.xml
3828
index 751aa2b..ea81084 100644
3829
--- a/man/systemd-sysctl.service.xml
3830
+++ b/man/systemd-sysctl.service.xml
3831
@@ -122,7 +122,7 @@ kernel.core_pattern = |/usr/libexec/abrt-hook-ccpp %s %c %p %u %g %t %P %I
3832
122
    <para>
122
    <para>
3833
123
      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
123
      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
3834
124
      <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
124
      <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
3836
125
      <citerefentry project='man-pages'><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
125
      <citerefentry project='man-pages'><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
3837
126
    </para>
126
    </para>
3838
127
  </refsect1>
127
  </refsect1>
3839
128
128
3840
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
3841
index 50c5c89..daa2249 100644
3842
--- a/man/systemd.exec.xml
3843
+++ b/man/systemd.exec.xml
3844
@@ -819,13 +819,13 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
3845
819
819
3846
820
        <listitem><para>Set soft and hard limits on various resources for executed processes. See
820
        <listitem><para>Set soft and hard limits on various resources for executed processes. See
3847
821
        <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry> for
821
        <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry> for
3855
822
        details on the resource limit concept. Resource limits may be specified in two formats: either as
822
        details on the process resource limit concept. Process resource limits may be specified in two formats:
3856
823
        single value to set a specific soft and hard limit to the same value, or as colon-separated pair
823
        either as single value to set a specific soft and hard limit to the same value, or as colon-separated
3857
824
        <option>soft:hard</option> to set both limits individually (e.g. <literal>LimitAS=4G:16G</literal>).
824
        pair <option>soft:hard</option> to set both limits individually
3858
825
        Use the string <option>infinity</option> to configure no limit on a specific resource. The
825
        (e.g. <literal>LimitAS=4G:16G</literal>).  Use the string <option>infinity</option> to configure no
3859
826
        multiplicative suffixes K, M, G, T, P and E (to the base 1024) may be used for resource limits
826
        limit on a specific resource. The multiplicative suffixes K, M, G, T, P and E (to the base 1024) may
3860
827
        measured in bytes (e.g. <literal>LimitAS=16G</literal>). For the limits referring to time values, the
827
        be used for resource limits measured in bytes (e.g. <literal>LimitAS=16G</literal>). For the limits
3861
828
        usual time units ms, s, min, h and so on may be used (see
828
        referring to time values, the usual time units ms, s, min, h and so on may be used (see
3862
829
        <citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
829
        <citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
3863
830
        details). Note that if no time unit is specified for <varname>LimitCPU=</varname> the default unit of
830
        details). Note that if no time unit is specified for <varname>LimitCPU=</varname> the default unit of
3864
831
        seconds is implied, while for <varname>LimitRTTIME=</varname> the default unit of microseconds is
831
        seconds is implied, while for <varname>LimitRTTIME=</varname> the default unit of microseconds is
3865
@@ -875,15 +875,17 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
3866
875
        <table>
875
        <table>
3867
876
          <title>Resource limit directives, their equivalent <command>ulimit</command> shell commands and the unit used</title>
876
          <title>Resource limit directives, their equivalent <command>ulimit</command> shell commands and the unit used</title>
3868
877
877
3870
878
          <tgroup cols='3'>
878
          <tgroup cols='4'>
3871
879
            <colspec colname='directive' />
879
            <colspec colname='directive' />
3872
880
            <colspec colname='equivalent' />
880
            <colspec colname='equivalent' />
3873
881
            <colspec colname='unit' />
881
            <colspec colname='unit' />
3874
882
            <colspec colname='notes' />
3875
882
            <thead>
883
            <thead>
3876
883
              <row>
884
              <row>
3877
884
                <entry>Directive</entry>
885
                <entry>Directive</entry>
3878
885
                <entry><command>ulimit</command> equivalent</entry>
886
                <entry><command>ulimit</command> equivalent</entry>
3879
886
                <entry>Unit</entry>
887
                <entry>Unit</entry>
3880
888
                <entry>Notes</entry>
3881
887
              </row>
889
              </row>
3882
888
            </thead>
890
            </thead>
3883
889
            <tbody>
891
            <tbody>
3884
@@ -891,81 +893,97 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
3885
891
                <entry>LimitCPU=</entry>
893
                <entry>LimitCPU=</entry>
3886
892
                <entry>ulimit -t</entry>
894
                <entry>ulimit -t</entry>
3887
893
                <entry>Seconds</entry>
895
                <entry>Seconds</entry>
3888
896
                <entry>-</entry>
3889
894
              </row>
897
              </row>
3890
895
              <row>
898
              <row>
3891
896
                <entry>LimitFSIZE=</entry>
899
                <entry>LimitFSIZE=</entry>
3892
897
                <entry>ulimit -f</entry>
900
                <entry>ulimit -f</entry>
3893
898
                <entry>Bytes</entry>
901
                <entry>Bytes</entry>
3894
902
                <entry>-</entry>
3895
899
              </row>
903
              </row>
3896
900
              <row>
904
              <row>
3897
901
                <entry>LimitDATA=</entry>
905
                <entry>LimitDATA=</entry>
3898
902
                <entry>ulimit -d</entry>
906
                <entry>ulimit -d</entry>
3899
903
                <entry>Bytes</entry>
907
                <entry>Bytes</entry>
3900
908
                <entry>Don't use. This limits the allowed address range, not memory use! Defaults to unlimited and should not be lowered. To limit memory use, see <varname>MemoryMax=</varname> in <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</entry>
3901
904
              </row>
909
              </row>
3902
905
              <row>
910
              <row>
3903
906
                <entry>LimitSTACK=</entry>
911
                <entry>LimitSTACK=</entry>
3904
907
                <entry>ulimit -s</entry>
912
                <entry>ulimit -s</entry>
3905
908
                <entry>Bytes</entry>
913
                <entry>Bytes</entry>
3906
914
                <entry>-</entry>
3907
909
              </row>
915
              </row>
3908
910
              <row>
916
              <row>
3909
911
                <entry>LimitCORE=</entry>
917
                <entry>LimitCORE=</entry>
3910
912
                <entry>ulimit -c</entry>
918
                <entry>ulimit -c</entry>
3911
913
                <entry>Bytes</entry>
919
                <entry>Bytes</entry>
3912
920
                <entry>-</entry>
3913
914
              </row>
921
              </row>
3914
915
              <row>
922
              <row>
3915
916
                <entry>LimitRSS=</entry>
923
                <entry>LimitRSS=</entry>
3916
917
                <entry>ulimit -m</entry>
924
                <entry>ulimit -m</entry>
3917
918
                <entry>Bytes</entry>
925
                <entry>Bytes</entry>
3918
926
                <entry>Don't use. No effect on Linux.</entry>
3919
919
              </row>
927
              </row>
3920
920
              <row>
928
              <row>
3921
921
                <entry>LimitNOFILE=</entry>
929
                <entry>LimitNOFILE=</entry>
3922
922
                <entry>ulimit -n</entry>
930
                <entry>ulimit -n</entry>
3923
923
                <entry>Number of File Descriptors</entry>
931
                <entry>Number of File Descriptors</entry>
3924
932
                <entry>Don't use. Be careful when raising the soft limit above 1024, since <function>select()</function> cannot function with file descriptors above 1023 on Linux. Nowadays, the hard limit defaults to 524288, a very high value compared to historical defaults. Typically applications should increase their soft limit to the hard limit on their own, if they are OK with working with file descriptors above 1023, i.e. do not use <function>select()</function>. Note that file descriptors are nowadays accounted like any other form of memory, thus there should not be any need to lower the hard limit. Use <varname>MemoryMax=</varname> to control overall service memory use, including file descriptor memory.</entry>
3925
924
              </row>
933
              </row>
3926
925
              <row>
934
              <row>
3927
926
                <entry>LimitAS=</entry>
935
                <entry>LimitAS=</entry>
3928
927
                <entry>ulimit -v</entry>
936
                <entry>ulimit -v</entry>
3929
928
                <entry>Bytes</entry>
937
                <entry>Bytes</entry>
3930
938
                <entry>Don't use. This limits the allowed address range, not memory use! Defaults to unlimited and should not be lowered. To limit memory use, see <varname>MemoryMax=</varname> in <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</entry>
3931
929
              </row>
939
              </row>
3932
930
              <row>
940
              <row>
3933
931
                <entry>LimitNPROC=</entry>
941
                <entry>LimitNPROC=</entry>
3934
932
                <entry>ulimit -u</entry>
942
                <entry>ulimit -u</entry>
3935
933
                <entry>Number of Processes</entry>
943
                <entry>Number of Processes</entry>
3936
944
                <entry>This limit is enforced based on the number of processes belonging to the user. Typically it's better to track processes per service, i.e. use <varname>TasksMax=</varname>, see <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</entry>
3937
934
              </row>
945
              </row>
3938
935
              <row>
946
              <row>
3939
936
                <entry>LimitMEMLOCK=</entry>
947
                <entry>LimitMEMLOCK=</entry>
3940
937
                <entry>ulimit -l</entry>
948
                <entry>ulimit -l</entry>
3941
938
                <entry>Bytes</entry>
949
                <entry>Bytes</entry>
3942
950
                <entry>-</entry>
3943
939
              </row>
951
              </row>
3944
940
              <row>
952
              <row>
3945
941
                <entry>LimitLOCKS=</entry>
953
                <entry>LimitLOCKS=</entry>
3946
942
                <entry>ulimit -x</entry>
954
                <entry>ulimit -x</entry>
3947
943
                <entry>Number of Locks</entry>
955
                <entry>Number of Locks</entry>
3948
956
                <entry>-</entry>
3949
944
              </row>
957
              </row>
3950
945
              <row>
958
              <row>
3951
946
                <entry>LimitSIGPENDING=</entry>
959
                <entry>LimitSIGPENDING=</entry>
3952
947
                <entry>ulimit -i</entry>
960
                <entry>ulimit -i</entry>
3953
948
                <entry>Number of Queued Signals</entry>
961
                <entry>Number of Queued Signals</entry>
3954
962
                <entry>-</entry>
3955
949
              </row>
963
              </row>
3956
950
              <row>
964
              <row>
3957
951
                <entry>LimitMSGQUEUE=</entry>
965
                <entry>LimitMSGQUEUE=</entry>
3958
952
                <entry>ulimit -q</entry>
966
                <entry>ulimit -q</entry>
3959
953
                <entry>Bytes</entry>
967
                <entry>Bytes</entry>
3960
968
                <entry>-</entry>
3961
954
              </row>
969
              </row>
3962
955
              <row>
970
              <row>
3963
956
                <entry>LimitNICE=</entry>
971
                <entry>LimitNICE=</entry>
3964
957
                <entry>ulimit -e</entry>
972
                <entry>ulimit -e</entry>
3965
958
                <entry>Nice Level</entry>
973
                <entry>Nice Level</entry>
3966
974
                <entry>-</entry>
3967
959
              </row>
975
              </row>
3968
960
              <row>
976
              <row>
3969
961
                <entry>LimitRTPRIO=</entry>
977
                <entry>LimitRTPRIO=</entry>
3970
962
                <entry>ulimit -r</entry>
978
                <entry>ulimit -r</entry>
3971
963
                <entry>Realtime Priority</entry>
979
                <entry>Realtime Priority</entry>
3972
980
                <entry>-</entry>
3973
964
              </row>
981
              </row>
3974
965
              <row>
982
              <row>
3975
966
                <entry>LimitRTTIME=</entry>
983
                <entry>LimitRTTIME=</entry>
3977
967
                <entry>No equivalent</entry>
984
                <entry>ulimit -R</entry>
3978
968
                <entry>Microseconds</entry>
985
                <entry>Microseconds</entry>
3979
986
                <entry>-</entry>
3980
969
              </row>
987
              </row>
3981
970
            </tbody>
988
            </tbody>
3982
971
          </tgroup>
989
          </tgroup>
3983
@@ -2774,7 +2792,11 @@ SystemCallErrorNumber=EPERM</programlisting>
3984
2774
        writing text to stderr will not work. To mitigate this use the construct <command>echo "hello"
2792
        writing text to stderr will not work. To mitigate this use the construct <command>echo "hello"
3985
2775
        >&amp;2</command> instead, which is mostly equivalent and avoids this pitfall.</para>
2793
        >&amp;2</command> instead, which is mostly equivalent and avoids this pitfall.</para>
3986
2776
2794
3988
2777
        <para>This setting defaults to the value set with <varname>DefaultStandardOutput=</varname> in
2795
        <para>If <varname>StandardInput=</varname> is set to one of <option>tty</option>, <option>tty-force</option>,
3989
2796
        <option>tty-fail</option>, <option>socket</option>, or <option>fd:<replaceable>name</replaceable></option>, this
3990
2797
        setting defaults to <option>inherit</option>.</para>
3991
2798
3992
2799
        <para>In other cases, this setting defaults to the value set with <varname>DefaultStandardOutput=</varname> in
3993
2778
        <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, which
2800
        <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, which
3994
2779
        defaults to <option>journal</option>. Note that setting this parameter might result in additional dependencies
2801
        defaults to <option>journal</option>. Note that setting this parameter might result in additional dependencies
3995
2780
        to be added to the unit (see above).</para></listitem>
2802
        to be added to the unit (see above).</para></listitem>
3996
@@ -3635,7 +3657,7 @@ StandardInputData=V2XigLJyZSBubyBzdHJhbmdlcnMgdG8gbG92ZQpZb3Uga25vdyB0aGUgcnVsZX
3997
3635
          <term><varname>$MONITOR_INVOCATION_ID</varname></term>
3657
          <term><varname>$MONITOR_INVOCATION_ID</varname></term>
3998
3636
          <term><varname>$MONITOR_UNIT</varname></term>
3658
          <term><varname>$MONITOR_UNIT</varname></term>
3999
3637
3659
4001
3638
          <listitem><para>Only defined for the service unit type. Those environment variable are passed to
3660
          <listitem><para>Only defined for the service unit type. Those environment variables are passed to
4002
3639
          all <varname>ExecStart=</varname> and <varname>ExecStartPre=</varname> processes which run in
3661
          all <varname>ExecStart=</varname> and <varname>ExecStartPre=</varname> processes which run in
4003
3640
          services triggered by <varname>OnFailure=</varname> or <varname>OnSuccess=</varname> dependencies.
3662
          services triggered by <varname>OnFailure=</varname> or <varname>OnSuccess=</varname> dependencies.
4004
3641
          </para>
3663
          </para>
4005
@@ -3644,7 +3666,7 @@ StandardInputData=V2XigLJyZSBubyBzdHJhbmdlcnMgdG8gbG92ZQpZb3Uga25vdyB0aGUgcnVsZX
4006
3644
          and <varname>$MONITOR_EXIT_STATUS</varname> take the same values as for
3666
          and <varname>$MONITOR_EXIT_STATUS</varname> take the same values as for
4007
3645
          <varname>ExecStop=</varname> and <varname>ExecStopPost=</varname> processes. Variables
3667
          <varname>ExecStop=</varname> and <varname>ExecStopPost=</varname> processes. Variables
4008
3646
          <varname>$MONITOR_INVOCATION_ID</varname> and <varname>$MONITOR_UNIT</varname> are set to the
3668
          <varname>$MONITOR_INVOCATION_ID</varname> and <varname>$MONITOR_UNIT</varname> are set to the
4010
3647
          invocaton id and unit name of the service which triggered the dependency.</para>
3669
          invocation id and unit name of the service which triggered the dependency.</para>
4011
3648
3670
4012
3649
          <para>Note that when multiple services trigger the same unit, those variables will be
3671
          <para>Note that when multiple services trigger the same unit, those variables will be
4013
3650
          <emphasis>not</emphasis> be passed. Consider using a template handler unit for that case instead:
3672
          <emphasis>not</emphasis> be passed. Consider using a template handler unit for that case instead:
4014
diff --git a/man/systemd.mount.xml b/man/systemd.mount.xml
4015
index 6d21d32..0b247c1 100644
4016
--- a/man/systemd.mount.xml
4017
+++ b/man/systemd.mount.xml
4018
@@ -155,16 +155,14 @@
4019
155
  <refsect1>
155
  <refsect1>
4020
156
    <title><filename>fstab</filename></title>
156
    <title><filename>fstab</filename></title>
4021
157
157
4024
158
    <para>Mount units may either be configured via unit files, or via
158
    <para>Mount units may either be configured via unit files, or via <filename>/etc/fstab</filename> (see
4023
159
    <filename>/etc/fstab</filename> (see
4025
160
    <citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>
159
    <citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>
4033
161
    for details). Mounts listed in <filename>/etc/fstab</filename>
160
    for details). Mounts listed in <filename>/etc/fstab</filename> will be converted into native units
4034
162
    will be converted into native units dynamically at boot and when
161
    dynamically at boot and when the configuration of the system manager is reloaded. In general, configuring
4035
163
    the configuration of the system manager is reloaded. In general,
162
    mount points through <filename>/etc/fstab</filename> is the preferred approach to manage mounts for
4036
164
    configuring mount points through <filename>/etc/fstab</filename>
163
    humans. For tooling, writing mount units should be preferred over editing <filename>/etc/fstab</filename>.
4037
165
    is the preferred approach. See
164
    See <citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
4038
166
    <citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
165
    for details about the conversion from <filename>/etc/fstab</filename> to mount units.</para>
4032
167
    for details about the conversion.</para>
4039
168
166
4040
169
    <para>The NFS mount option <option>bg</option> for NFS background mounts
167
    <para>The NFS mount option <option>bg</option> for NFS background mounts
4041
170
    as documented in <citerefentry project='man-pages'><refentrytitle>nfs</refentrytitle><manvolnum>5</manvolnum></citerefentry>
168
    as documented in <citerefentry project='man-pages'><refentrytitle>nfs</refentrytitle><manvolnum>5</manvolnum></citerefentry>
4042
diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml
4043
index 3a776b3..b197f33 100644
4044
--- a/man/systemd.netdev.xml
4045
+++ b/man/systemd.netdev.xml
4046
@@ -2199,7 +2199,7 @@
4047
2199
        <term><varname>PhysicalDevice=</varname></term>
2199
        <term><varname>PhysicalDevice=</varname></term>
4048
2200
        <listitem>
2200
        <listitem>
4049
2201
          <para>Specifies the name or index of the physical WLAN device (e.g. <literal>0</literal> or
2201
          <para>Specifies the name or index of the physical WLAN device (e.g. <literal>0</literal> or
4051
2202
          <literal>phy0</literal>). The list of the physical WLAN devices that exist os the host can be
2202
          <literal>phy0</literal>). The list of the physical WLAN devices that exist on the host can be
4052
2203
          obtained by <command>iw phy</command> command. This option is mandatory.</para>
2203
          obtained by <command>iw phy</command> command. This option is mandatory.</para>
4053
2204
        </listitem>
2204
        </listitem>
4054
2205
      </varlistentry>
2205
      </varlistentry>
4055
diff --git a/man/systemd.network.xml b/man/systemd.network.xml
4056
index c2ce1b1..3b29905 100644
4057
--- a/man/systemd.network.xml
4058
+++ b/man/systemd.network.xml
4059
@@ -1103,9 +1103,9 @@ Table=1234</programlisting></para>
4060
1103
          IGMP snooping since the switch would not replicate multicast packets on  ports that did not
1103
          IGMP snooping since the switch would not replicate multicast packets on  ports that did not
4061
1104
          have IGMP reports for the multicast addresses. Linux vxlan interfaces created via
1104
          have IGMP reports for the multicast addresses. Linux vxlan interfaces created via
4062
1105
          <command>ip link add vxlan</command> or networkd's netdev kind vxlan have the group option
1105
          <command>ip link add vxlan</command> or networkd's netdev kind vxlan have the group option
4066
1106
          that enables then to do the required join. By extending ip address command with option
1106
          that enables them to do the required join. By extending <command>ip address</command> command
4067
1107
          <literal>autojoin</literal> we can get similar functionality for openvswitch (OVS) vxlan
1107
          with option <literal>autojoin</literal> we can get similar functionality for openvswitch (OVS)
4068
1108
          interfaces as well as other tunneling mechanisms that need to receive multicast traffic.
1108
          vxlan interfaces as well as other tunneling mechanisms that need to receive multicast traffic.
4069
1109
          Defaults to <literal>no</literal>.</para>
1109
          Defaults to <literal>no</literal>.</para>
4070
1110
        </listitem>
1110
        </listitem>
4071
1111
      </varlistentry>
1111
      </varlistentry>
4072
@@ -1487,7 +1487,7 @@ Table=1234</programlisting></para>
4073
1487
          <para>For IPv4 route, defaults to <literal>host</literal> if <varname>Type=</varname> is
1487
          <para>For IPv4 route, defaults to <literal>host</literal> if <varname>Type=</varname> is
4074
1488
          <literal>local</literal> or <literal>nat</literal>, and <literal>link</literal> if
1488
          <literal>local</literal> or <literal>nat</literal>, and <literal>link</literal> if
4075
1489
          <varname>Type=</varname> is <literal>broadcast</literal>, <literal>multicast</literal>,
1489
          <varname>Type=</varname> is <literal>broadcast</literal>, <literal>multicast</literal>,
4077
1490
          <literal>anycast</literal>, or direct <literal>unicast</literal> routes. In other cases,
1490
          <literal>anycast</literal>, or <literal>unicast</literal>. In other cases,
4078
1491
          defaults to <literal>global</literal>. The value is not used for IPv6.</para>
1491
          defaults to <literal>global</literal>. The value is not used for IPv6.</para>
4079
1492
        </listitem>
1492
        </listitem>
4080
1493
      </varlistentry>
1493
      </varlistentry>
4081
@@ -2534,7 +2534,7 @@ Token=prefixstable:2002:da8:1::</programlisting></para>
4082
2534
      <varlistentry>
2534
      <varlistentry>
4083
2535
        <term><varname>ServerAddress=</varname></term>
2535
        <term><varname>ServerAddress=</varname></term>
4084
2536
        <listitem><para>Specifies server address for the DHCP server. Takes an IPv4 address with prefix
2536
        <listitem><para>Specifies server address for the DHCP server. Takes an IPv4 address with prefix
4086
2537
        length, for example <literal>192.168.0.1/24</literal>. This setting may be useful when the link on
2537
        length, for example 192.168.0.1/24. This setting may be useful when the link on
4087
2538
        which the DHCP server is running has multiple static addresses. When unset, one of static addresses
2538
        which the DHCP server is running has multiple static addresses. When unset, one of static addresses
4088
2539
        in the link will be automatically selected. Defaults to unset.</para></listitem>
2539
        in the link will be automatically selected. Defaults to unset.</para></listitem>
4089
2540
      </varlistentry>
2540
      </varlistentry>
4090
@@ -2956,7 +2956,7 @@ Token=prefixstable:2002:da8:1::</programlisting></para>
4091
2956
2956
4092
2957
        <listitem><para>The IPv6 route that is to be distributed to hosts.  Similarly to configuring static
2957
        <listitem><para>The IPv6 route that is to be distributed to hosts.  Similarly to configuring static
4093
2958
        IPv6 routes, the setting is configured as an IPv6 prefix routes and its prefix route length,
2958
        IPv6 routes, the setting is configured as an IPv6 prefix routes and its prefix route length,
4095
2959
        separated by a <literal>/</literal> character. Use multiple [IPv6PrefixRoutes] sections to configure
2959
        separated by a <literal>/</literal> character. Use multiple [IPv6RoutePrefix] sections to configure
4096
2960
        multiple IPv6 prefix routes.</para></listitem>
2960
        multiple IPv6 prefix routes.</para></listitem>
4097
2961
      </varlistentry>
2961
      </varlistentry>
4098
2962
2962
4099
diff --git a/man/sysupdate.d.xml b/man/sysupdate.d.xml
4100
index 03d27b9..d57fbf0 100644
4101
--- a/man/sysupdate.d.xml
4102
+++ b/man/sysupdate.d.xml
4103
@@ -76,7 +76,7 @@
4104
76
76
4105
77
      <listitem><para>Similarly, a file <literal>https://download.example.com/foobarOS_47.verity.xz</literal>
77
      <listitem><para>Similarly, a file <literal>https://download.example.com/foobarOS_47.verity.xz</literal>
4106
78
      should be downloaded, decompressed and written to a previously empty partition with GPT partition type
78
      should be downloaded, decompressed and written to a previously empty partition with GPT partition type
4108
79
      UUID of 2c7357ed-ebd2-46d9-aec1-23d437ec2bf5 (i.e the partition type for Verity integrity information
79
      UUID of 2c7357ed-ebd2-46d9-aec1-23d437ec2bf5 (i.e. the partition type for Verity integrity information
4109
80
      for x86-64 root file systems).</para></listitem>
80
      for x86-64 root file systems).</para></listitem>
4110
81
81
4111
82
      <listitem><para>Finally, a file <literal>https://download.example.com/foobarOS_47.efi.xz</literal> (a
82
      <listitem><para>Finally, a file <literal>https://download.example.com/foobarOS_47.efi.xz</literal> (a
4112
@@ -117,7 +117,7 @@
4113
117
    <itemizedlist>
117
    <itemizedlist>
4114
118
      <listitem><para>For partitions: the surrounding GPT partition table contains a list of defined
118
      <listitem><para>For partitions: the surrounding GPT partition table contains a list of defined
4115
119
      partitions, including a partition type UUID and a partition label (in this scheme the partition label
119
      partitions, including a partition type UUID and a partition label (in this scheme the partition label
4117
120
      plays a role for the partition similar to the filename for a regular file)</para></listitem>
120
      plays a role for the partition similar to the filename for a regular file).</para></listitem>
4118
121
121
4119
122
      <listitem><para>For regular files: the directory listing of the directory the files are contained in
122
      <listitem><para>For regular files: the directory listing of the directory the files are contained in
4120
123
      provides a list of existing files in a straightforward way.</para></listitem>
123
      provides a list of existing files in a straightforward way.</para></listitem>
4121
@@ -369,7 +369,7 @@
4122
369
            <entry><literal>@r</literal></entry>
369
            <entry><literal>@r</literal></entry>
4123
370
            <entry>Read-only flag</entry>
370
            <entry>Read-only flag</entry>
4124
371
            <entry>Either <literal>0</literal> or <literal>1</literal></entry>
371
            <entry>Either <literal>0</literal> or <literal>1</literal></entry>
4126
372
            <entry>Controls ReadOnly bit of the GPT partition flags, as per <ulink url="https://systemd.io/DISCOVERABLE_PARTITIONS">Discoverable Partitions Specification</ulink> and other output read-only flags, see <varname>ReadOnly=</varname> below.</entry>
372
            <entry>Controls ReadOnly bit of the GPT partition flags, as per <ulink url="https://systemd.io/DISCOVERABLE_PARTITIONS">Discoverable Partitions Specification</ulink> and other output read-only flags, see <varname>ReadOnly=</varname> below</entry>
4127
373
          </row>
373
          </row>
4128
374
374
4129
375
          <row>
375
          <row>
4130
@@ -404,14 +404,14 @@
4131
404
            <entry><literal>@l</literal></entry>
404
            <entry><literal>@l</literal></entry>
4132
405
            <entry>Tries left</entry>
405
            <entry>Tries left</entry>
4133
406
            <entry>Formatted decimal integer</entry>
406
            <entry>Formatted decimal integer</entry>
4135
407
            <entry>Useful when operating with kernel images, as per <ulink url="https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT">Automatic Boot Assessment</ulink></entry>
407
            <entry>Useful when operating with kernel image files, as per <ulink url="https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT">Automatic Boot Assessment</ulink></entry>
4136
408
          </row>
408
          </row>
4137
409
409
4138
410
          <row>
410
          <row>
4139
411
            <entry><literal>@h</literal></entry>
411
            <entry><literal>@h</literal></entry>
4140
412
            <entry>SHA256 hash of compressed file</entry>
412
            <entry>SHA256 hash of compressed file</entry>
4141
413
            <entry>64 hexadecimal characters</entry>
413
            <entry>64 hexadecimal characters</entry>
4143
414
            <entry>The SHA256 hash of the compressed file; not useful for <constant>url-file</constant> or <constant>url-tar</constant> where the SHA256 hash is already included in the manifest file anyway.</entry>
414
            <entry>The SHA256 hash of the compressed file; not useful for <constant>url-file</constant> or <constant>url-tar</constant> where the SHA256 hash is already included in the manifest file anyway</entry>
4144
415
          </row>
415
          </row>
4145
416
        </tbody>
416
        </tbody>
4146
417
      </tgroup>
417
      </tgroup>
4147
@@ -432,7 +432,7 @@
4148
432
  <refsect1>
432
  <refsect1>
4149
433
    <title>[Transfer] Section Options</title>
433
    <title>[Transfer] Section Options</title>
4150
434
434
4152
435
    <para>This section defines general properties of this transfer.</para>
435
    <para>This section defines general properties of this transfer:</para>
4153
436
436
4154
437
    <variablelist>
437
    <variablelist>
4155
438
      <varlistentry>
438
      <varlistentry>
4156
@@ -555,8 +555,8 @@
4157
555
        <listitem><para>Specifies a file system path where to look for already installed versions or place
555
        <listitem><para>Specifies a file system path where to look for already installed versions or place
4158
556
        newly downloaded versions of this configured resource. If <varname>Type=</varname> is set to
556
        newly downloaded versions of this configured resource. If <varname>Type=</varname> is set to
4159
557
        <constant>partition</constant>, expects a path to a (whole) block device node, or the special string
557
        <constant>partition</constant>, expects a path to a (whole) block device node, or the special string
4162
558
        <literal>auto</literal> in which case the block device the root file system of the currently booted
558
        <literal>auto</literal> in which case the block device which contains the root file system of the
4163
559
        system is automatically determined and used. If <varname>Type=</varname> is set to
559
        currently booted system is automatically determined and used. If <varname>Type=</varname> is set to
4164
560
        <constant>regular-file</constant>, <constant>directory</constant> or <constant>subvolume</constant>,
560
        <constant>regular-file</constant>, <constant>directory</constant> or <constant>subvolume</constant>,
4165
561
        must refer to a path in the local file system referencing the directory to find or place the version
561
        must refer to a path in the local file system referencing the directory to find or place the version
4166
562
        files or directories under.</para>
562
        files or directories under.</para>
4167
@@ -818,7 +818,7 @@ Path=https://download.example.com/
4168
818
MatchPattern=foobarOS_@v.efi.xz
818
MatchPattern=foobarOS_@v.efi.xz
4169
819
819
4170
820
[Target]
820
[Target]
4172
821
Type=file
821
Type=regular-file
4173
822
Path=/efi/EFI/Linux
822
Path=/efi/EFI/Linux
4174
823
MatchPattern=foobarOS_@v+@l-@d.efi \
823
MatchPattern=foobarOS_@v+@l-@d.efi \
4175
824
             foobarOS_@v+@l.efi \
824
             foobarOS_@v+@l.efi \
4176
@@ -831,7 +831,7 @@ InstancesMax=2</programlisting></para>
4177
831
        <para>The above installs a unified kernel image into the ESP (which is mounted to
831
        <para>The above installs a unified kernel image into the ESP (which is mounted to
4178
832
        <filename>/efi/</filename>), as per <ulink url="https://systemd.io/BOOT_LOADER_SPECIFICATION">Boot
832
        <filename>/efi/</filename>), as per <ulink url="https://systemd.io/BOOT_LOADER_SPECIFICATION">Boot
4179
833
        Loader Specification</ulink> Type #2. This defines three possible patterns for the names of the
833
        Loader Specification</ulink> Type #2. This defines three possible patterns for the names of the
4181
834
        kernel images images, as per <ulink url="https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT">Automatic Boot
834
        kernel images, as per <ulink url="https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT">Automatic Boot
4182
835
        Assessment</ulink>, and ensures when installing new kernels, they are set up with 3 tries left. No
835
        Assessment</ulink>, and ensures when installing new kernels, they are set up with 3 tries left. No
4183
836
        more than two parallel kernels are kept.</para>
836
        more than two parallel kernels are kept.</para>
4184
837
837
4185
diff --git a/man/udevadm.xml b/man/udevadm.xml
4186
index 3a9b133..89ebfbd 100644
4187
--- a/man/udevadm.xml
4188
+++ b/man/udevadm.xml
4189
@@ -802,7 +802,8 @@
4190
802
      <para><command>udevadm lock</command> takes an (advisory) exclusive lock(s) on a block device (or
802
      <para><command>udevadm lock</command> takes an (advisory) exclusive lock(s) on a block device (or
4191
803
      multiple thereof), as per <ulink url="https://systemd.io/BLOCK_DEVICE_LOCKING">Locking Block Device
803
      multiple thereof), as per <ulink url="https://systemd.io/BLOCK_DEVICE_LOCKING">Locking Block Device
4192
804
      Access</ulink> and invokes a program with the lock(s) taken. When the invoked program exits the lock(s)
804
      Access</ulink> and invokes a program with the lock(s) taken. When the invoked program exits the lock(s)
4194
805
      are automatically released.</para>
805
      are automatically released and its return value is propagated as exit code of <command>udevadm
4195
806
      lock</command>.</para>
4196
806
807
4197
807
      <para>This tool is in particular useful to ensure that
808
      <para>This tool is in particular useful to ensure that
4198
808
      <citerefentry><refentrytitle>systemd-udevd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
809
      <citerefentry><refentrytitle>systemd-udevd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
4199
diff --git a/meson.build b/meson.build
4200
index 36cbfa4..dbba108 100644
4201
--- a/meson.build
4202
+++ b/meson.build
4203
@@ -169,6 +169,7 @@ pkgsysconfdir = sysconfdir / 'systemd'
4204
169
userunitdir = prefixdir / 'lib/systemd/user'
169
userunitdir = prefixdir / 'lib/systemd/user'
4205
170
userpresetdir = prefixdir / 'lib/systemd/user-preset'
170
userpresetdir = prefixdir / 'lib/systemd/user-preset'
4206
171
tmpfilesdir = prefixdir / 'lib/tmpfiles.d'
171
tmpfilesdir = prefixdir / 'lib/tmpfiles.d'
4207
172
usertmpfilesdir = prefixdir / 'share/user-tmpfiles.d'
4208
172
sysusersdir = prefixdir / 'lib/sysusers.d'
173
sysusersdir = prefixdir / 'lib/sysusers.d'
4209
173
sysctldir = prefixdir / 'lib/sysctl.d'
174
sysctldir = prefixdir / 'lib/sysctl.d'
4210
174
binfmtdir = prefixdir / 'lib/binfmt.d'
175
binfmtdir = prefixdir / 'lib/binfmt.d'
4211
@@ -278,6 +279,7 @@ conf.set_quoted('SYSTEM_SYSVINIT_PATH',                       sysvinit_path)
4212
278
conf.set_quoted('SYSTEM_SYSVRCND_PATH',                       sysvrcnd_path)
279
conf.set_quoted('SYSTEM_SYSVRCND_PATH',                       sysvrcnd_path)
4213
279
conf.set_quoted('SYSUSERS_DIR',                               sysusersdir)
280
conf.set_quoted('SYSUSERS_DIR',                               sysusersdir)
4214
280
conf.set_quoted('TMPFILES_DIR',                               tmpfilesdir)
281
conf.set_quoted('TMPFILES_DIR',                               tmpfilesdir)
4215
282
conf.set_quoted('USER_TMPFILES_DIR',                          usertmpfilesdir)
4216
281
conf.set_quoted('UDEVLIBEXECDIR',                             udevlibexecdir)
283
conf.set_quoted('UDEVLIBEXECDIR',                             udevlibexecdir)
4217
282
conf.set_quoted('UDEV_HWDB_DIR',                              udevhwdbdir)
284
conf.set_quoted('UDEV_HWDB_DIR',                              udevhwdbdir)
4218
283
conf.set_quoted('UDEV_RULES_DIR',                             udevrulesdir)
285
conf.set_quoted('UDEV_RULES_DIR',                             udevrulesdir)
4219
@@ -479,7 +481,6 @@ decl_headers = '''
4220
479
#include <uchar.h>
481
#include <uchar.h>
4221
480
#include <sys/mount.h>
482
#include <sys/mount.h>
4222
481
#include <sys/stat.h>
483
#include <sys/stat.h>
4223
482
#include <linux/fs.h>
4224
483
'''
484
'''
4225
484
485
4226
485
foreach decl : ['char16_t',
486
foreach decl : ['char16_t',
4227
@@ -491,6 +492,17 @@ foreach decl : ['char16_t',
4228
491
        # We get -1 if the size cannot be determined
492
        # We get -1 if the size cannot be determined
4229
492
        have = cc.sizeof(decl, prefix : decl_headers, args : '-D_GNU_SOURCE') > 0
493
        have = cc.sizeof(decl, prefix : decl_headers, args : '-D_GNU_SOURCE') > 0
4230
493
494
4231
495
        if decl == 'struct mount_attr'
4232
496
                if have
4233
497
                        want_linux_fs_h = false
4234
498
                else
4235
499
                        have = cc.sizeof(decl,
4236
500
                                         prefix : decl_headers + '#include <linux/fs.h>',
4237
501
                                         args : '-D_GNU_SOURCE') > 0
4238
502
                        want_linux_fs_h = have
4239
503
                endif
4240
504
        endif
4241
505
4242
494
        if decl == 'struct statx'
506
        if decl == 'struct statx'
4243
495
                if have
507
                if have
4244
496
                        want_linux_stat_h = false
508
                        want_linux_stat_h = false
4245
@@ -506,6 +518,7 @@ foreach decl : ['char16_t',
4246
506
endforeach
518
endforeach
4247
507
519
4248
508
conf.set10('WANT_LINUX_STAT_H', want_linux_stat_h)
520
conf.set10('WANT_LINUX_STAT_H', want_linux_stat_h)
4249
521
conf.set10('WANT_LINUX_FS_H', want_linux_fs_h)
4250
509
522
4251
510
foreach ident : ['secure_getenv', '__secure_getenv']
523
foreach ident : ['secure_getenv', '__secure_getenv']
4252
511
        conf.set10('HAVE_' + ident.to_upper(), cc.has_function(ident))
524
        conf.set10('HAVE_' + ident.to_upper(), cc.has_function(ident))
4253
@@ -2171,7 +2184,7 @@ public_programs += executable(
4254
2171
        dependencies : [versiondep,
2184
        dependencies : [versiondep,
4255
2172
                        libseccomp],
2185
                        libseccomp],
4256
2173
        install_rpath : rootlibexecdir,
2186
        install_rpath : rootlibexecdir,
4258
2174
        install : conf.get('ENABLE_ANALYZE'))
2187
        install : conf.get('ENABLE_ANALYZE') == 1)
4259
2175
2188
4260
2176
executable(
2189
executable(
4261
2177
        'systemd-journald',
2190
        'systemd-journald',
4262
diff --git a/src/analyze/analyze-security.c b/src/analyze/analyze-security.c
4263
index 5b4d4ca..9255f4c 100644
4264
--- a/src/analyze/analyze-security.c
4265
+++ b/src/analyze/analyze-security.c
4266
@@ -105,7 +105,7 @@ typedef struct SecurityInfo {
4267
105
        Set *system_call_architectures;
105
        Set *system_call_architectures;
4268
106
106
4269
107
        bool system_call_filter_allow_list;
107
        bool system_call_filter_allow_list;
4271
108
        Hashmap *system_call_filter;
108
        Set *system_call_filter;
4272
109
109
4273
110
        mode_t _umask;
110
        mode_t _umask;
4274
111
} SecurityInfo;
111
} SecurityInfo;
4275
@@ -172,8 +172,7 @@ static SecurityInfo *security_info_free(SecurityInfo *i) {
4276
172
172
4277
173
        strv_free(i->supplementary_groups);
173
        strv_free(i->supplementary_groups);
4278
174
        set_free(i->system_call_architectures);
174
        set_free(i->system_call_architectures);
4281
175
175
        set_free(i->system_call_filter);
4280
176
        hashmap_free(i->system_call_filter);
4282
177
176
4283
178
        return mfree(i);
177
        return mfree(i);
4284
179
}
178
}
4285
@@ -567,12 +566,10 @@ static int assess_system_call_architectures(
4286
567
        return 0;
566
        return 0;
4287
568
}
567
}
4288
569
568
4290
570
static bool syscall_names_in_filter(Hashmap *s, bool allow_list, const SyscallFilterSet *f, const char **ret_offending_syscall) {
569
static bool syscall_names_in_filter(Set *s, bool allow_list, const SyscallFilterSet *f, const char **ret_offending_syscall) {
4291
571
        const char *syscall;
570
        const char *syscall;
4292
572
571
4293
573
        NULSTR_FOREACH(syscall, f->value) {
572
        NULSTR_FOREACH(syscall, f->value) {
4294
574
                int id;
4295
575
4296
576
                if (syscall[0] == '@') {
573
                if (syscall[0] == '@') {
4297
577
                        const SyscallFilterSet *g;
574
                        const SyscallFilterSet *g;
4298
578
575
4299
@@ -584,11 +581,10 @@ static bool syscall_names_in_filter(Hashmap *s, bool allow_list, const SyscallFi
4300
584
                }
581
                }
4301
585
582
4302
586
                /* Let's see if the system call actually exists on this platform, before complaining */
583
                /* Let's see if the system call actually exists on this platform, before complaining */
4305
587
                id = seccomp_syscall_resolve_name(syscall);
584
                if (seccomp_syscall_resolve_name(syscall) < 0)
4304
588
                if (id < 0)
4306
589
                        continue;
585
                        continue;
4307
590
586
4309
591
                if (hashmap_contains(s, syscall) != allow_list) {
587
                if (set_contains(s, syscall) == allow_list) {
4310
592
                        log_debug("Offending syscall filter item: %s", syscall);
588
                        log_debug("Offending syscall filter item: %s", syscall);
4311
593
                        if (ret_offending_syscall)
589
                        if (ret_offending_syscall)
4312
594
                                *ret_offending_syscall = syscall;
590
                                *ret_offending_syscall = syscall;
4313
@@ -619,7 +615,7 @@ static int assess_system_call_filter(
4314
619
        uint64_t b;
615
        uint64_t b;
4315
620
        int r;
616
        int r;
4316
621
617
4318
622
        if (!info->system_call_filter_allow_list && hashmap_isempty(info->system_call_filter)) {
618
        if (!info->system_call_filter_allow_list && set_isempty(info->system_call_filter)) {
4319
623
                r = free_and_strdup(&d, "Service does not filter system calls");
619
                r = free_and_strdup(&d, "Service does not filter system calls");
4320
624
                b = 10;
620
                b = 10;
4321
625
        } else {
621
        } else {
4322
@@ -2139,9 +2135,8 @@ static int property_read_system_call_filter(
4323
2139
                if (r == 0)
2135
                if (r == 0)
4324
2140
                        break;
2136
                        break;
4325
2141
2137
4329
2142
                /* The actual ExecContext stores the system call id as the map value, which we don't
2138
                /* ignore errno or action after colon */
4330
2143
                 * need. So we assign NULL to all values here. */
2139
                r = set_put_strndup(&info->system_call_filter, name, strchrnul(name, ':') - name);
4328
2144
                r = hashmap_put_strdup(&info->system_call_filter, name, NULL);
4331
2145
                if (r < 0)
2140
                if (r < 0)
4332
2146
                        return r;
2141
                        return r;
4333
2147
        }
2142
        }
4334
@@ -2589,14 +2584,24 @@ static int get_security_info(Unit *u, ExecContext *c, CGroupContext *g, Security
4335
2589
                        if (set_put_strdup(&info->system_call_architectures, name) < 0)
2584
                        if (set_put_strdup(&info->system_call_architectures, name) < 0)
4336
2590
                                return log_oom();
2585
                                return log_oom();
4337
2591
                }
2586
                }
4338
2592
#endif
4339
2593
2587
4340
2594
                info->system_call_filter_allow_list = c->syscall_allow_list;
2588
                info->system_call_filter_allow_list = c->syscall_allow_list;
4344
2595
                if (c->syscall_filter) {
2589
4345
2596
                        info->system_call_filter = hashmap_copy(c->syscall_filter);
2590
                void *id, *num;
4346
2597
                        if (!info->system_call_filter)
2591
                HASHMAP_FOREACH_KEY(num, id, c->syscall_filter) {
4347
2592
                        _cleanup_free_ char *name = NULL;
4348
2593
4349
2594
                        if (info->system_call_filter_allow_list && PTR_TO_INT(num) >= 0)
4350
2595
                                continue;
4351
2596
4352
2597
                        name = seccomp_syscall_resolve_num_arch(SCMP_ARCH_NATIVE, PTR_TO_INT(id) - 1);
4353
2598
                        if (!name)
4354
2599
                                continue;
4355
2600
4356
2601
                        if (set_ensure_consume(&info->system_call_filter, &string_hash_ops_free, TAKE_PTR(name)) < 0)
4357
2598
                                return log_oom();
2602
                                return log_oom();
4358
2599
                }
2603
                }
4359
2604
#endif
4360
2600
        }
2605
        }
4361
2601
2606
4362
2602
        if (g) {
2607
        if (g) {
4363
diff --git a/src/basic/fd-util.c b/src/basic/fd-util.c
4364
index 6c1de92..00591d6 100644
4365
--- a/src/basic/fd-util.c
4366
+++ b/src/basic/fd-util.c
4367
@@ -3,7 +3,9 @@
4368
3
#include <errno.h>
3
#include <errno.h>
4369
4
#include <fcntl.h>
4
#include <fcntl.h>
4370
5
#include <linux/btrfs.h>
5
#include <linux/btrfs.h>
4371
6
#if WANT_LINUX_FS_H
4372
6
#include <linux/fs.h>
7
#include <linux/fs.h>
4373
8
#endif
4374
7
#include <linux/magic.h>
9
#include <linux/magic.h>
4375
8
#include <sys/ioctl.h>
10
#include <sys/ioctl.h>
4376
9
#include <sys/resource.h>
11
#include <sys/resource.h>
4377
diff --git a/src/basic/gcrypt-util.c b/src/basic/gcrypt-util.c
4378
index 64c63cd..41c9362 100644
4379
--- a/src/basic/gcrypt-util.c
4380
+++ b/src/basic/gcrypt-util.c
4381
@@ -9,12 +9,14 @@ void initialize_libgcrypt(bool secmem) {
4382
9
        if (gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P))
9
        if (gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P))
4383
10
                return;
10
                return;
4384
11
11
4385
12
        gcry_control(GCRYCTL_SET_PREFERRED_RNG_TYPE, GCRY_RNG_TYPE_SYSTEM);
4386
12
        assert_se(gcry_check_version("1.4.5"));
13
        assert_se(gcry_check_version("1.4.5"));
4387
13
14
4388
14
        /* Turn off "secmem". Clients which wish to make use of this
15
        /* Turn off "secmem". Clients which wish to make use of this
4389
15
         * feature should initialize the library manually */
16
         * feature should initialize the library manually */
4390
16
        if (!secmem)
17
        if (!secmem)
4391
17
                gcry_control(GCRYCTL_DISABLE_SECMEM);
18
                gcry_control(GCRYCTL_DISABLE_SECMEM);
4392
19
4393
18
        gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
20
        gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
4394
19
}
21
}
4395
20
22
4396
diff --git a/src/basic/hashmap.c b/src/basic/hashmap.c
4397
index e33d6c3..62380b0 100644
4398
--- a/src/basic/hashmap.c
4399
+++ b/src/basic/hashmap.c
4400
@@ -1842,7 +1842,7 @@ int _hashmap_put_strdup_full(Hashmap **h, const struct hash_ops *hash_ops, const
4401
1842
        return r;
1842
        return r;
4402
1843
}
1843
}
4403
1844
1844
4405
1845
int _set_put_strdup_full(Set **s, const struct hash_ops *hash_ops, const char *p  HASHMAP_DEBUG_PARAMS) {
1845
int _set_put_strndup_full(Set **s, const struct hash_ops *hash_ops, const char *p, size_t n  HASHMAP_DEBUG_PARAMS) {
4406
1846
        char *c;
1846
        char *c;
4407
1847
        int r;
1847
        int r;
4408
1848
1848
4409
@@ -1853,10 +1853,13 @@ int _set_put_strdup_full(Set **s, const struct hash_ops *hash_ops, const char *p
4410
1853
        if (r < 0)
1853
        if (r < 0)
4411
1854
                return r;
1854
                return r;
4412
1855
1855
4415
1856
        if (set_contains(*s, (char*) p))
1856
        if (n == SIZE_MAX) {
4416
1857
                return 0;
1857
                if (set_contains(*s, (char*) p))
4417
1858
                        return 0;
4418
1858
1859
4420
1859
        c = strdup(p);
1860
                c = strdup(p);
4421
1861
        } else
4422
1862
                c = strndup(p, n);
4423
1860
        if (!c)
1863
        if (!c)
4424
1861
                return -ENOMEM;
1864
                return -ENOMEM;
4425
1862
1865
4426
@@ -1869,7 +1872,7 @@ int _set_put_strdupv_full(Set **s, const struct hash_ops *hash_ops, char **l  HA
4427
1869
        assert(s);
1872
        assert(s);
4428
1870
1873
4429
1871
        STRV_FOREACH(i, l) {
1874
        STRV_FOREACH(i, l) {
4431
1872
                r = _set_put_strdup_full(s, hash_ops, *i  HASHMAP_DEBUG_PASS_ARGS);
1875
                r = _set_put_strndup_full(s, hash_ops, *i, SIZE_MAX  HASHMAP_DEBUG_PASS_ARGS);
4432
1873
                if (r < 0)
1876
                if (r < 0)
4433
1874
                        return r;
1877
                        return r;
4434
1875
1878
4435
diff --git a/src/basic/missing_fs.h b/src/basic/missing_fs.h
4436
index 0cacd49..6638d76 100644
4437
--- a/src/basic/missing_fs.h
4438
+++ b/src/basic/missing_fs.h
4439
@@ -64,3 +64,8 @@
4440
64
#ifndef FS_PROJINHERIT_FL
64
#ifndef FS_PROJINHERIT_FL
4441
65
#define FS_PROJINHERIT_FL 0x20000000
65
#define FS_PROJINHERIT_FL 0x20000000
4442
66
#endif
66
#endif
4443
67
4444
68
/* linux/fscrypt.h */
4445
69
#ifndef FS_KEY_DESCRIPTOR_SIZE
4446
70
#define FS_KEY_DESCRIPTOR_SIZE 8
4447
71
#endif
4448
diff --git a/src/basic/set.h b/src/basic/set.h
4449
index 243a747..52cf63e 100644
4450
--- a/src/basic/set.h
4451
+++ b/src/basic/set.h
4452
@@ -127,9 +127,12 @@ int _set_ensure_consume(Set **s, const struct hash_ops *hash_ops, void *key  HAS
4453
127
127
4454
128
int set_consume(Set *s, void *value);
128
int set_consume(Set *s, void *value);
4455
129
129
4459
130
int _set_put_strdup_full(Set **s, const struct hash_ops *hash_ops, const char *p  HASHMAP_DEBUG_PARAMS);
130
int _set_put_strndup_full(Set **s, const struct hash_ops *hash_ops, const char *p, size_t n  HASHMAP_DEBUG_PARAMS);
4460
131
#define set_put_strdup_full(s, hash_ops, p) _set_put_strdup_full(s, hash_ops, p  HASHMAP_DEBUG_SRC_ARGS)
131
#define set_put_strndup_full(s, hash_ops, p, n) _set_put_strndup_full(s, hash_ops, p, n  HASHMAP_DEBUG_SRC_ARGS)
4461
132
#define set_put_strdup(s, p) set_put_strdup_full(s, &string_hash_ops_free, p)
132
#define set_put_strdup_full(s, hash_ops, p) set_put_strndup_full(s, hash_ops, p, SIZE_MAX)
4462
133
#define set_put_strndup(s, p, n) set_put_strndup_full(s, &string_hash_ops_free, p, n)
4463
134
#define set_put_strdup(s, p) set_put_strndup(s, p, SIZE_MAX)
4464
135
4465
133
int _set_put_strdupv_full(Set **s, const struct hash_ops *hash_ops, char **l  HASHMAP_DEBUG_PARAMS);
136
int _set_put_strdupv_full(Set **s, const struct hash_ops *hash_ops, char **l  HASHMAP_DEBUG_PARAMS);
4466
134
#define set_put_strdupv_full(s, hash_ops, l) _set_put_strdupv_full(s, hash_ops, l  HASHMAP_DEBUG_SRC_ARGS)
137
#define set_put_strdupv_full(s, hash_ops, l) _set_put_strdupv_full(s, hash_ops, l  HASHMAP_DEBUG_SRC_ARGS)
4467
135
#define set_put_strdupv(s, l) set_put_strdupv_full(s, &string_hash_ops_free, l)
138
#define set_put_strdupv(s, l) set_put_strdupv_full(s, &string_hash_ops_free, l)
4468
diff --git a/src/basic/stat-util.c b/src/basic/stat-util.c
4469
index 64c2f80..c31b4d8 100644
4470
--- a/src/basic/stat-util.c
4471
+++ b/src/basic/stat-util.c
4472
@@ -35,31 +35,23 @@ int is_symlink(const char *path) {
4473
35
        return !!S_ISLNK(info.st_mode);
35
        return !!S_ISLNK(info.st_mode);
4474
36
}
36
}
4475
37
37
4477
38
int is_dir(const char* path, bool follow) {
38
int is_dir_full(int atfd, const char* path, bool follow) {
4478
39
        struct stat st;
39
        struct stat st;
4479
40
        int r;
40
        int r;
4480
41
41
4482
42
        assert(path);
42
        assert(atfd >= 0 || atfd == AT_FDCWD);
4483
43
        assert(atfd >= 0 || path);
4484
43
44
4487
44
        if (follow)
45
        if (path)
4488
45
                r = stat(path, &st);
46
                r = fstatat(atfd, path, &st, follow ? 0 : AT_SYMLINK_NOFOLLOW);
4489
46
        else
47
        else
4491
47
                r = lstat(path, &st);
48
                r = fstat(atfd, &st);
4492
48
        if (r < 0)
49
        if (r < 0)
4493
49
                return -errno;
50
                return -errno;
4494
50
51
4495
51
        return !!S_ISDIR(st.st_mode);
52
        return !!S_ISDIR(st.st_mode);
4496
52
}
53
}
4497
53
54
4498
54
int is_dir_fd(int fd) {
4499
55
        struct stat st;
4500
56
4501
57
        if (fstat(fd, &st) < 0)
4502
58
                return -errno;
4503
59
4504
60
        return !!S_ISDIR(st.st_mode);
4505
61
}
4506
62
4507
63
int is_device_node(const char *path) {
55
int is_device_node(const char *path) {
4508
64
        struct stat info;
56
        struct stat info;
4509
65
57
4510
diff --git a/src/basic/stat-util.h b/src/basic/stat-util.h
4511
index 7f0b3dc..56f1553 100644
4512
--- a/src/basic/stat-util.h
4513
+++ b/src/basic/stat-util.h
4514
@@ -13,8 +13,13 @@
4515
13
#include "missing_stat.h"
13
#include "missing_stat.h"
4516
14
14
4517
15
int is_symlink(const char *path);
15
int is_symlink(const char *path);
4520
16
int is_dir(const char *path, bool follow);
16
int is_dir_full(int atfd, const char *fname, bool follow);
4521
17
int is_dir_fd(int fd);
17
static inline int is_dir(const char *path, bool follow) {
4522
18
        return is_dir_full(AT_FDCWD, path, follow);
4523
19
}
4524
20
static inline int is_dir_fd(int fd) {
4525
21
        return is_dir_full(fd, NULL, false);
4526
22
}
4527
18
int is_device_node(const char *path);
23
int is_device_node(const char *path);
4528
19
24
4529
20
int dir_is_empty_at(int dir_fd, const char *path, bool ignore_hidden_or_backup);
25
int dir_is_empty_at(int dir_fd, const char *path, bool ignore_hidden_or_backup);
4530
diff --git a/src/basic/time-util.c b/src/basic/time-util.c
4531
index c309369..0ad8de4 100644
4532
--- a/src/basic/time-util.c
4533
+++ b/src/basic/time-util.c
4534
@@ -591,7 +591,7 @@ char *format_timespan(char *buf, size_t l, usec_t t, usec_t accuracy) {
4535
591
                        t = b;
591
                        t = b;
4536
592
                }
592
                }
4537
593
593
4539
594
                n = MIN((size_t) k, l);
594
                n = MIN((size_t) k, l-1);
4540
595
595
4541
596
                l -= n;
596
                l -= n;
4542
597
                p += n;
597
                p += n;
4543
diff --git a/src/basic/unit-file.c b/src/basic/unit-file.c
4544
index 83c29bb..bfe8c02 100644
4545
--- a/src/basic/unit-file.c
4546
+++ b/src/basic/unit-file.c
4547
@@ -695,12 +695,9 @@ static int add_names(
4548
695
                                continue;
695
                                continue;
4549
696
                        }
696
                        }
4550
697
697
4554
698
                        r = set_consume(*names, TAKE_PTR(inst));
698
                        r = add_name(unit_name, names, inst);
4552
699
                        if (r > 0)
4553
700
                                log_debug("Unit %s has alias %s.", unit_name, inst);
4555
701
                } else
699
                } else
4556
702
                        r = add_name(unit_name, names, *alias);
700
                        r = add_name(unit_name, names, *alias);
4557
703
4558
704
                if (r < 0)
701
                if (r < 0)
4559
705
                        return r;
702
                        return r;
4560
706
        }
703
        }
4561
diff --git a/src/basic/virt.c b/src/basic/virt.c
4562
index c7ae2af..74e4ea8 100644
4563
--- a/src/basic/virt.c
4564
+++ b/src/basic/virt.c
4565
@@ -158,6 +158,7 @@ static Virtualization detect_vm_dmi_vendor(void) {
4566
158
        } dmi_vendor_table[] = {
158
        } dmi_vendor_table[] = {
4567
159
                { "KVM",                 VIRTUALIZATION_KVM       },
159
                { "KVM",                 VIRTUALIZATION_KVM       },
4568
160
                { "OpenStack",           VIRTUALIZATION_KVM       }, /* Detect OpenStack instance as KVM in non x86 architecture */
160
                { "OpenStack",           VIRTUALIZATION_KVM       }, /* Detect OpenStack instance as KVM in non x86 architecture */
4569
161
                { "KubeVirt",            VIRTUALIZATION_KVM       }, /* Detect KubeVirt instance as KVM in non x86 architecture */
4570
161
                { "Amazon EC2",          VIRTUALIZATION_AMAZON    },
162
                { "Amazon EC2",          VIRTUALIZATION_AMAZON    },
4571
162
                { "QEMU",                VIRTUALIZATION_QEMU      },
163
                { "QEMU",                VIRTUALIZATION_QEMU      },
4572
163
                { "VMware",              VIRTUALIZATION_VMWARE    }, /* https://kb.vmware.com/s/article/1009458 */
164
                { "VMware",              VIRTUALIZATION_VMWARE    }, /* https://kb.vmware.com/s/article/1009458 */
4573
@@ -436,18 +437,22 @@ Virtualization detect_vm(void) {
4574
436
437
4575
437
        /* We have to use the correct order here:
438
        /* We have to use the correct order here:
4576
438
         *
439
         *
4581
439
         * → First, try to detect Oracle Virtualbox and Amazon EC2 Nitro, even if they use KVM, as well as Xen even if
440
         * → First, try to detect Oracle Virtualbox, Amazon EC2 Nitro, and Parallels, even if they use KVM,
4582
440
         *   it cloaks as Microsoft Hyper-V. Attempt to detect uml at this stage also since it runs as a user-process
441
         *   as well as Xen even if it cloaks as Microsoft Hyper-V. Attempt to detect uml at this stage also
4583
441
         *   nested inside other VMs. Also check for Xen now, because Xen PV mode does not override CPUID when nested
442
         *   since it runs as a user-process nested inside other VMs. Also check for Xen now, because Xen PV
4584
442
         *   inside another hypervisor.
443
         *   mode does not override CPUID when nested inside another hypervisor.
4585
443
         *
444
         *
4588
444
         * → Second, try to detect from CPUID, this will report KVM for whatever software is used even if info in DMI is
445
         * → Second, try to detect from CPUID, this will report KVM for whatever software is used even if
4589
445
         *   overwritten.
446
         *   info in DMI is overwritten.
4590
446
         *
447
         *
4591
447
         * → Third, try to detect from DMI. */
448
         * → Third, try to detect from DMI. */
4592
448
449
4593
449
        dmi = detect_vm_dmi();
450
        dmi = detect_vm_dmi();
4595
450
        if (IN_SET(dmi, VIRTUALIZATION_ORACLE, VIRTUALIZATION_XEN, VIRTUALIZATION_AMAZON)) {
451
        if (IN_SET(dmi,
4596
452
                   VIRTUALIZATION_ORACLE,
4597
453
                   VIRTUALIZATION_XEN,
4598
454
                   VIRTUALIZATION_AMAZON,
4599
455
                   VIRTUALIZATION_PARALLELS)) {
4600
451
                v = dmi;
456
                v = dmi;
4601
452
                goto finish;
457
                goto finish;
4602
453
        }
458
        }
4603
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
4604
index 299a01b..370ae97 100644
4605
--- a/src/boot/efi/meson.build
4606
+++ b/src/boot/efi/meson.build
4607
@@ -200,6 +200,12 @@ efi_cflags = cc.get_supported_arguments(
4608
200
        '-include', version_h,
200
        '-include', version_h,
4609
201
]
201
]
4610
202
202
4611
203
# On some distros, sd-boot/-stub may trigger some bug somewhere that will cause
4612
204
# kernel execution to fail. The cause seems to be purely based on code size and
4613
205
# always compiling with at least -O1 will work around that.
4614
206
# https://github.com/systemd/systemd/issues/24202
4615
207
efi_cflags += '-O1'
4616
208
4617
203
efi_cflags += cc.get_supported_arguments({
209
efi_cflags += cc.get_supported_arguments({
4618
204
        'ia32':   ['-mno-sse', '-mno-mmx'],
210
        'ia32':   ['-mno-sse', '-mno-mmx'],
4619
205
        'x86_64': ['-mno-red-zone', '-mno-sse', '-mno-mmx'],
211
        'x86_64': ['-mno-red-zone', '-mno-sse', '-mno-mmx'],
4620
@@ -260,6 +266,13 @@ efi_ldflags = [
4621
260
        '-z', 'nocombreloc',
266
        '-z', 'nocombreloc',
4622
261
        efi_crt0,
267
        efi_crt0,
4623
262
]
268
]
4624
269
4625
270
possible_link_flags = [
4626
271
        '-Wl,--no-warn-execstack',
4627
272
        '-Wl,--no-warn-rwx-segments',
4628
273
]
4629
274
efi_ldflags += cc.get_supported_link_arguments(possible_link_flags)
4630
275
4631
263
if efi_arch[1] in ['aarch64', 'arm', 'riscv64']
276
if efi_arch[1] in ['aarch64', 'arm', 'riscv64']
4632
264
        efi_ldflags += ['-shared']
277
        efi_ldflags += ['-shared']
4633
265
        # Aarch64, ARM32 and 64bit RISC-V don't have an EFI capable objcopy.
278
        # Aarch64, ARM32 and 64bit RISC-V don't have an EFI capable objcopy.
4634
diff --git a/src/boot/efi/xbootldr.c b/src/boot/efi/xbootldr.c
4635
index 793e394..f73b5ee 100644
4636
--- a/src/boot/efi/xbootldr.c
4637
+++ b/src/boot/efi/xbootldr.c
4638
@@ -35,7 +35,7 @@ static BOOLEAN verify_gpt(union GptHeaderBuffer *gpt_header_buffer, EFI_LBA lba_
4639
35
        h = &gpt_header_buffer->gpt_header;
35
        h = &gpt_header_buffer->gpt_header;
4640
36
36
4641
37
        /* Some superficial validation of the GPT header */
37
        /* Some superficial validation of the GPT header */
4643
38
        if (CompareMem(&h->Header.Signature, "EFI PART", sizeof(h->Header.Signature) != 0))
38
        if (CompareMem(&h->Header.Signature, "EFI PART", sizeof(h->Header.Signature)) != 0)
4644
39
                return FALSE;
39
                return FALSE;
4645
40
40
4646
41
        if (h->Header.HeaderSize < 92 || h->Header.HeaderSize > 512)
41
        if (h->Header.HeaderSize < 92 || h->Header.HeaderSize > 512)
4647
diff --git a/src/cgroups-agent/cgroups-agent.c b/src/cgroups-agent/cgroups-agent.c
4648
index 071cba3..9126736 100644
4649
--- a/src/cgroups-agent/cgroups-agent.c
4650
+++ b/src/cgroups-agent/cgroups-agent.c
4651
@@ -16,6 +16,13 @@ int main(int argc, char *argv[]) {
4652
16
        _cleanup_close_ int fd = -1;
16
        _cleanup_close_ int fd = -1;
4653
17
        ssize_t n;
17
        ssize_t n;
4654
18
        size_t l;
18
        size_t l;
4655
19
        int r;
4656
20
4657
21
        r = rearrange_stdio(-1, -1, -1);
4658
22
        if (r < 0) {
4659
23
                log_error_errno(r, "Failed to connect stdin/stdout/stderr with /dev/null: %m");
4660
24
                return EXIT_FAILURE;
4661
25
        }
4662
19
26
4663
20
        if (argc != 2) {
27
        if (argc != 2) {
4664
21
                log_error("Incorrect number of arguments.");
28
                log_error("Incorrect number of arguments.");
4665
diff --git a/src/core/bpf/restrict_ifaces/restrict-ifaces.bpf.c b/src/core/bpf/restrict_ifaces/restrict-ifaces.bpf.c
4666
index 347a3a8..6c960b8 100644
4667
--- a/src/core/bpf/restrict_ifaces/restrict-ifaces.bpf.c
4668
+++ b/src/core/bpf/restrict_ifaces/restrict-ifaces.bpf.c
4669
@@ -6,7 +6,7 @@
4670
6
#include <linux/bpf.h>
6
#include <linux/bpf.h>
4671
7
#include <bpf/bpf_helpers.h>
7
#include <bpf/bpf_helpers.h>
4672
8
8
4674
9
const volatile __u8 is_allow_list = 0;
9
const volatile __u8 is_allow_list SEC(".rodata") = 0;
4675
10
10
4676
11
/* Map containing the network interfaces indexes.
11
/* Map containing the network interfaces indexes.
4677
12
 * The interpretation of the map depends on the value of is_allow_list.
12
 * The interpretation of the map depends on the value of is_allow_list.
4678
diff --git a/src/core/dbus.c b/src/core/dbus.c
4679
index 073675c..ad2230d 100644
4680
--- a/src/core/dbus.c
4681
+++ b/src/core/dbus.c
4682
@@ -42,6 +42,7 @@
4683
42
#include "string-util.h"
42
#include "string-util.h"
4684
43
#include "strv.h"
43
#include "strv.h"
4685
44
#include "strxcpyx.h"
44
#include "strxcpyx.h"
4686
45
#include "umask-util.h"
4687
45
#include "user-util.h"
46
#include "user-util.h"
4688
46
47
4689
47
#define CONNECTIONS_MAX 4096
48
#define CONNECTIONS_MAX 4096
4690
@@ -950,7 +951,8 @@ int bus_init_private(Manager *m) {
4691
950
        if (fd < 0)
951
        if (fd < 0)
4692
951
                return log_error_errno(errno, "Failed to allocate private socket: %m");
952
                return log_error_errno(errno, "Failed to allocate private socket: %m");
4693
952
953
4695
953
        r = bind(fd, &sa.sa, sa_len);
954
        RUN_WITH_UMASK(0077)
4696
955
                r = bind(fd, &sa.sa, sa_len);
4697
954
        if (r < 0)
956
        if (r < 0)
4698
955
                return log_error_errno(errno, "Failed to bind private socket: %m");
957
                return log_error_errno(errno, "Failed to bind private socket: %m");
4699
956
958
4700
diff --git a/src/core/import-creds.c b/src/core/import-creds.c
4701
index 8b87434..5379648 100644
4702
--- a/src/core/import-creds.c
4703
+++ b/src/core/import-creds.c
4704
@@ -226,7 +226,7 @@ static int import_credentials_boot(void) {
4705
226
                        if (nfd == -EEXIST)
226
                        if (nfd == -EEXIST)
4706
227
                                continue;
227
                                continue;
4707
228
                        if (nfd < 0)
228
                        if (nfd < 0)
4709
229
                                return r;
229
                                return nfd;
4710
230
230
4711
231
                        r = copy_bytes(cfd, nfd, st.st_size, 0);
231
                        r = copy_bytes(cfd, nfd, st.st_size, 0);
4712
232
                        if (r < 0) {
232
                        if (r < 0) {
4713
@@ -325,7 +325,7 @@ static int proc_cmdline_callback(const char *key, const char *value, void *data)
4714
325
        if (nfd == -EEXIST)
325
        if (nfd == -EEXIST)
4715
326
                return 0;
326
                return 0;
4716
327
        if (nfd < 0)
327
        if (nfd < 0)
4718
328
                return r;
328
                return nfd;
4719
329
329
4720
330
        r = loop_write(nfd, colon, l, /* do_poll= */ false);
330
        r = loop_write(nfd, colon, l, /* do_poll= */ false);
4721
331
        if (r < 0) {
331
        if (r < 0) {
4722
@@ -417,7 +417,7 @@ static int import_credentials_qemu(ImportCredentialContext *c) {
4723
417
417
4724
418
                rfd = openat(vfd, "raw", O_RDONLY|O_CLOEXEC);
418
                rfd = openat(vfd, "raw", O_RDONLY|O_CLOEXEC);
4725
419
                if (rfd < 0) {
419
                if (rfd < 0) {
4727
420
                        log_warning_errno(r, "Failed to open '" QEMU_FWCFG_PATH "'/%s/raw, ignoring: %m", d->d_name);
420
                        log_warning_errno(errno, "Failed to open '" QEMU_FWCFG_PATH "'/%s/raw, ignoring: %m", d->d_name);
4728
421
                        continue;
421
                        continue;
4729
422
                }
422
                }
4730
423
423
4731
@@ -429,7 +429,7 @@ static int import_credentials_qemu(ImportCredentialContext *c) {
4732
429
                if (nfd == -EEXIST)
429
                if (nfd == -EEXIST)
4733
430
                        continue;
430
                        continue;
4734
431
                if (nfd < 0)
431
                if (nfd < 0)
4736
432
                        return r;
432
                        return nfd;
4737
433
433
4738
434
                r = copy_bytes(rfd, nfd, sz, 0);
434
                r = copy_bytes(rfd, nfd, sz, 0);
4739
435
                if (r < 0) {
435
                if (r < 0) {
4740
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
4741
index 3ff6eae..11991ec 100644
4742
--- a/src/core/load-fragment.c
4743
+++ b/src/core/load-fragment.c
4744
@@ -4211,11 +4211,16 @@ int config_parse_io_device_weight(
4745
4211
        r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4211
        r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4746
4212
        if (r == -ENOMEM)
4212
        if (r == -ENOMEM)
4747
4213
                return log_oom();
4213
                return log_oom();
4749
4214
        if (r <= 0 || isempty(p)) {
4214
        if (r < 0) {
4750
4215
                log_syntax(unit, LOG_WARNING, filename, line, r,
4215
                log_syntax(unit, LOG_WARNING, filename, line, r,
4751
4216
                           "Failed to extract device path and weight from '%s', ignoring.", rvalue);
4216
                           "Failed to extract device path and weight from '%s', ignoring.", rvalue);
4752
4217
                return 0;
4217
                return 0;
4753
4218
        }
4218
        }
4754
4219
        if (r == 0 || isempty(p)) {
4755
4220
                log_syntax(unit, LOG_WARNING, filename, line, 0,
4756
4221
                           "Invalid device path or weight specified in '%s', ignoring.", rvalue);
4757
4222
                return 0;
4758
4223
        }
4759
4219
4224
4760
4220
        r = unit_path_printf(userdata, path, &resolved);
4225
        r = unit_path_printf(userdata, path, &resolved);
4761
4221
        if (r < 0) {
4226
        if (r < 0) {
4762
@@ -4280,11 +4285,16 @@ int config_parse_io_device_latency(
4763
4280
        r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4285
        r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4764
4281
        if (r == -ENOMEM)
4286
        if (r == -ENOMEM)
4765
4282
                return log_oom();
4287
                return log_oom();
4767
4283
        if (r <= 0 || isempty(p)) {
4288
        if (r < 0) {
4768
4284
                log_syntax(unit, LOG_WARNING, filename, line, r,
4289
                log_syntax(unit, LOG_WARNING, filename, line, r,
4769
4285
                           "Failed to extract device path and latency from '%s', ignoring.", rvalue);
4290
                           "Failed to extract device path and latency from '%s', ignoring.", rvalue);
4770
4286
                return 0;
4291
                return 0;
4771
4287
        }
4292
        }
4772
4293
        if (r == 0 || isempty(p)) {
4773
4294
                log_syntax(unit, LOG_WARNING, filename, line, 0,
4774
4295
                           "Invalid device path or latency specified in '%s', ignoring.", rvalue);
4775
4296
                return 0;
4776
4297
        }
4777
4288
4298
4778
4289
        r = unit_path_printf(userdata, path, &resolved);
4299
        r = unit_path_printf(userdata, path, &resolved);
4779
4290
        if (r < 0) {
4300
        if (r < 0) {
4780
@@ -4350,11 +4360,16 @@ int config_parse_io_limit(
4781
4350
        r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4360
        r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4782
4351
        if (r == -ENOMEM)
4361
        if (r == -ENOMEM)
4783
4352
                return log_oom();
4362
                return log_oom();
4785
4353
        if (r <= 0 || isempty(p)) {
4363
        if (r < 0) {
4786
4354
                log_syntax(unit, LOG_WARNING, filename, line, r,
4364
                log_syntax(unit, LOG_WARNING, filename, line, r,
4787
4355
                           "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
4365
                           "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
4788
4356
                return 0;
4366
                return 0;
4789
4357
        }
4367
        }
4790
4368
        if (r == 0 || isempty(p)) {
4791
4369
                log_syntax(unit, LOG_WARNING, filename, line, 0,
4792
4370
                           "Invalid device node or bandwidth specified in '%s', ignoring.", rvalue);
4793
4371
                return 0;
4794
4372
        }
4795
4358
4373
4796
4359
        r = unit_path_printf(userdata, path, &resolved);
4374
        r = unit_path_printf(userdata, path, &resolved);
4797
4360
        if (r < 0) {
4375
        if (r < 0) {
4798
@@ -4435,11 +4450,16 @@ int config_parse_blockio_device_weight(
4799
4435
        r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4450
        r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4800
4436
        if (r == -ENOMEM)
4451
        if (r == -ENOMEM)
4801
4437
                return log_oom();
4452
                return log_oom();
4803
4438
        if (r <= 0 || isempty(p)) {
4453
        if (r < 0) {
4804
4439
                log_syntax(unit, LOG_WARNING, filename, line, r,
4454
                log_syntax(unit, LOG_WARNING, filename, line, r,
4805
4440
                           "Failed to extract device node and weight from '%s', ignoring.", rvalue);
4455
                           "Failed to extract device node and weight from '%s', ignoring.", rvalue);
4806
4441
                return 0;
4456
                return 0;
4807
4442
        }
4457
        }
4808
4458
        if (r == 0 || isempty(p)) {
4809
4459
                log_syntax(unit, LOG_WARNING, filename, line, 0,
4810
4460
                           "Invalid device node or weight specified in '%s', ignoring.", rvalue);
4811
4461
                return 0;
4812
4462
        }
4813
4443
4463
4814
4444
        r = unit_path_printf(userdata, path, &resolved);
4464
        r = unit_path_printf(userdata, path, &resolved);
4815
4445
        if (r < 0) {
4465
        if (r < 0) {
4816
@@ -4508,11 +4528,16 @@ int config_parse_blockio_bandwidth(
4817
4508
        r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4528
        r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4818
4509
        if (r == -ENOMEM)
4529
        if (r == -ENOMEM)
4819
4510
                return log_oom();
4530
                return log_oom();
4821
4511
        if (r <= 0 || isempty(p)) {
4531
        if (r < 0) {
4822
4512
                log_syntax(unit, LOG_WARNING, filename, line, r,
4532
                log_syntax(unit, LOG_WARNING, filename, line, r,
4823
4513
                           "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
4533
                           "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
4824
4514
                return 0;
4534
                return 0;
4825
4515
        }
4535
        }
4826
4536
        if (r == 0 || isempty(p)) {
4827
4537
                log_syntax(unit, LOG_WARNING, filename, line, 0,
4828
4538
                           "Invalid device node or bandwidth specified in '%s', ignoring.", rvalue);
4829
4539
                return 0;
4830
4540
        }
4831
4516
4541
4832
4517
        r = unit_path_printf(userdata, path, &resolved);
4542
        r = unit_path_printf(userdata, path, &resolved);
4833
4518
        if (r < 0) {
4543
        if (r < 0) {
4834
@@ -4728,8 +4753,12 @@ int config_parse_set_credential(
4835
4728
        r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
4753
        r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
4836
4729
        if (r == -ENOMEM)
4754
        if (r == -ENOMEM)
4837
4730
                return log_oom();
4755
                return log_oom();
4840
4731
        if (r <= 0 || !p) {
4756
        if (r < 0) {
4841
4732
                log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
4757
                log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to extract credential name, ignoring: %s", rvalue);
4842
4758
                return 0;
4843
4759
        }
4844
4760
        if (r == 0 || isempty(p)) {
4845
4761
                log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid syntax, ignoring: %s", rvalue);
4846
4733
                return 0;
4762
                return 0;
4847
4734
        }
4763
        }
4848
4735
4764
4849
@@ -5208,7 +5237,7 @@ int config_parse_bind_paths(
4850
5208
                                if (r == -ENOMEM)
5237
                                if (r == -ENOMEM)
4851
5209
                                        return log_oom();
5238
                                        return log_oom();
4852
5210
                                if (r < 0) {
5239
                                if (r < 0) {
4854
5211
                                        log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
5240
                                        log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s=, ignoring: %s", lvalue, rvalue);
4855
5212
                                        return 0;
5241
                                        return 0;
4856
5213
                                }
5242
                                }
4857
5214
5243
4858
@@ -5858,6 +5887,7 @@ int config_parse_bpf_foreign_program(
4859
5858
                void *userdata) {
5887
                void *userdata) {
4860
5859
        _cleanup_free_ char *resolved = NULL, *word = NULL;
5888
        _cleanup_free_ char *resolved = NULL, *word = NULL;
4861
5860
        CGroupContext *c = data;
5889
        CGroupContext *c = data;
4862
5890
        const char *p = rvalue;
4863
5861
        Unit *u = userdata;
5891
        Unit *u = userdata;
4864
5862
        int attach_type, r;
5892
        int attach_type, r;
4865
5863
5893
4866
@@ -5872,13 +5902,17 @@ int config_parse_bpf_foreign_program(
4867
5872
                return 0;
5902
                return 0;
4868
5873
        }
5903
        }
4869
5874
5904
4871
5875
        r = extract_first_word(&rvalue, &word, ":", 0);
5905
        r = extract_first_word(&p, &word, ":", 0);
4872
5876
        if (r == -ENOMEM)
5906
        if (r == -ENOMEM)
4873
5877
                return log_oom();
5907
                return log_oom();
4875
5878
        if (r <= 0 || isempty(rvalue)) {
5908
        if (r < 0) {
4876
5879
                log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse foreign BPF program, ignoring: %s", rvalue);
5909
                log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse foreign BPF program, ignoring: %s", rvalue);
4877
5880
                return 0;
5910
                return 0;
4878
5881
        }
5911
        }
4879
5912
        if (r == 0 || isempty(p)) {
4880
5913
                log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid syntax in %s=, ignoring: %s", lvalue, rvalue);
4881
5914
                return 0;
4882
5915
        }
4883
5882
5916
4884
5883
        attach_type = bpf_cgroup_attach_type_from_string(word);
5917
        attach_type = bpf_cgroup_attach_type_from_string(word);
4885
5884
        if (attach_type < 0) {
5918
        if (attach_type < 0) {
4886
@@ -5886,9 +5920,9 @@ int config_parse_bpf_foreign_program(
4887
5886
                return 0;
5920
                return 0;
4888
5887
        }
5921
        }
4889
5888
5922
4891
5889
        r = unit_path_printf(u, rvalue, &resolved);
5923
        r = unit_path_printf(u, p, &resolved);
4892
5890
        if (r < 0) {
5924
        if (r < 0) {
4894
5891
                log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
5925
                log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %s", p, rvalue);
4895
5892
                return 0;
5926
                return 0;
4896
5893
        }
5927
        }
4897
5894
5928
4898
diff --git a/src/core/main.c b/src/core/main.c
4899
index 409b84a..69d450a 100644
4900
--- a/src/core/main.c
4901
+++ b/src/core/main.c
4902
@@ -2118,11 +2118,9 @@ static int initialize_runtime(
4903
2118
                        write_container_id();
2118
                        write_container_id();
4904
2119
                }
2119
                }
4905
2120
2120
4911
2121
                if (arg_watchdog_device) {
2121
                r = watchdog_set_device(arg_watchdog_device);
4912
2122
                        r = watchdog_set_device(arg_watchdog_device);
2122
                if (r < 0)
4913
2123
                        if (r < 0)
2123
                        log_warning_errno(r, "Failed to set watchdog device to %s, ignoring: %m", arg_watchdog_device);
4909
2124
                                log_warning_errno(r, "Failed to set watchdog device to %s, ignoring: %m", arg_watchdog_device);
4910
2125
                }
4914
2126
        } else {
2124
        } else {
4915
2127
                _cleanup_free_ char *p = NULL;
2125
                _cleanup_free_ char *p = NULL;
4916
2128
2126
4917
@@ -2377,8 +2375,8 @@ static void reset_arguments(void) {
4918
2377
        arg_reboot_watchdog = 10 * USEC_PER_MINUTE;
2375
        arg_reboot_watchdog = 10 * USEC_PER_MINUTE;
4919
2378
        arg_kexec_watchdog = 0;
2376
        arg_kexec_watchdog = 0;
4920
2379
        arg_pretimeout_watchdog = 0;
2377
        arg_pretimeout_watchdog = 0;
4923
2380
        arg_early_core_pattern = NULL;
2378
        arg_early_core_pattern = mfree(arg_early_core_pattern);
4924
2381
        arg_watchdog_device = NULL;
2379
        arg_watchdog_device = mfree(arg_watchdog_device);
4925
2382
        arg_watchdog_pretimeout_governor = mfree(arg_watchdog_pretimeout_governor);
2380
        arg_watchdog_pretimeout_governor = mfree(arg_watchdog_pretimeout_governor);
4926
2383
2381
4927
2384
        arg_default_environment = strv_free(arg_default_environment);
2382
        arg_default_environment = strv_free(arg_default_environment);
4928
@@ -2808,6 +2806,11 @@ int main(int argc, char *argv[]) {
4929
2808
                /* clear the kernel timestamp, because we are not PID 1 */
2806
                /* clear the kernel timestamp, because we are not PID 1 */
4930
2809
                kernel_timestamp = DUAL_TIMESTAMP_NULL;
2807
                kernel_timestamp = DUAL_TIMESTAMP_NULL;
4931
2810
2808
4932
2809
                /* Clear ambient capabilities, so services do not inherit them implicitly. Dropping them does
4933
2810
                 * not affect the permitted and effective sets which are important for the manager itself to
4934
2811
                 * operate. */
4935
2812
                capability_ambient_set_apply(0, /* also_inherit= */ false);
4936
2813
4937
2811
                if (mac_selinux_init() < 0) {
2814
                if (mac_selinux_init() < 0) {
4938
2812
                        error_message = "Failed to initialize SELinux support";
2815
                        error_message = "Failed to initialize SELinux support";
4939
2813
                        goto finish;
2816
                        goto finish;
4940
diff --git a/src/core/mount.c b/src/core/mount.c
4941
index 20b4bb6..029f132 100644
4942
--- a/src/core/mount.c
4943
+++ b/src/core/mount.c
4944
@@ -1029,11 +1029,13 @@ static void mount_enter_mounting(Mount *m) {
4945
1029
        if (p && mount_is_bind(p)) {
1029
        if (p && mount_is_bind(p)) {
4946
1030
                r = mkdir_p_label(p->what, m->directory_mode);
1030
                r = mkdir_p_label(p->what, m->directory_mode);
4947
1031
                /* mkdir_p_label() can return -EEXIST if the target path exists and is not a directory - which is
1031
                /* mkdir_p_label() can return -EEXIST if the target path exists and is not a directory - which is
4953
1032
                 * totally OK, in case the user wants us to overmount a non-directory inode. */
1032
                 * totally OK, in case the user wants us to overmount a non-directory inode. Also -EROFS can be
4954
1033
                if (r < 0 && r != -EEXIST) {
1033
                 * returned on read-only filesystem. Moreover, -EACCES (and also maybe -EPERM?) may be returned
4955
1034
                        log_unit_error_errno(UNIT(m), r, "Failed to make bind mount source '%s': %m", p->what);
1034
                 * when the path is on NFS. See issue #24120. All such errors will be logged in the debug level. */
4956
1035
                        goto fail;
1035
                if (r < 0 && r != -EEXIST)
4957
1036
                }
1036
                        log_unit_full_errno(UNIT(m),
4958
1037
                                            (r == -EROFS || ERRNO_IS_PRIVILEGE(r)) ? LOG_DEBUG : LOG_WARNING,
4959
1038
                                            r, "Failed to make bind mount source '%s', ignoring: %m", p->what);
4960
1037
        }
1039
        }
4961
1038
1040
4962
1039
        if (p) {
1041
        if (p) {
4963
diff --git a/src/core/namespace.c b/src/core/namespace.c
4964
index 926aa96..2eafe43 100644
4965
--- a/src/core/namespace.c
4966
+++ b/src/core/namespace.c
4967
@@ -4,9 +4,12 @@
4968
4
#include <linux/loop.h>
4
#include <linux/loop.h>
4969
5
#include <sched.h>
5
#include <sched.h>
4970
6
#include <stdio.h>
6
#include <stdio.h>
4971
7
#include <sys/file.h>
4972
7
#include <sys/mount.h>
8
#include <sys/mount.h>
4973
8
#include <unistd.h>
9
#include <unistd.h>
4974
10
#if WANT_LINUX_FS_H
4975
9
#include <linux/fs.h>
11
#include <linux/fs.h>
4976
12
#endif
4977
10
13
4978
11
#include "alloc-util.h"
14
#include "alloc-util.h"
4979
12
#include "base-filesystem.h"
15
#include "base-filesystem.h"
4980
@@ -928,7 +931,7 @@ static int mount_private_dev(MountEntry *m) {
4981
928
931
4982
929
        r = label_fix_container(dev, "/dev", 0);
932
        r = label_fix_container(dev, "/dev", 0);
4983
930
        if (r < 0) {
933
        if (r < 0) {
4985
931
                log_debug_errno(errno, "Failed to fix label of '%s' as /dev: %m", dev);
934
                log_debug_errno(r, "Failed to fix label of '%s' as /dev: %m", dev);
4986
932
                goto fail;
935
                goto fail;
4987
933
        }
936
        }
4988
934
937
4989
diff --git a/src/core/scope.c b/src/core/scope.c
4990
index 63d3288..080bb71 100644
4991
--- a/src/core/scope.c
4992
+++ b/src/core/scope.c
4993
@@ -392,7 +392,7 @@ static int scope_start(Unit *u) {
4994
392
                return r;
392
                return r;
4995
393
        }
393
        }
4996
394
        if (r == 0) {
394
        if (r == 0) {
4998
395
                log_unit_warning(u, "No PIDs left to attach to the scope's control group, refusing: %m");
395
                log_unit_warning(u, "No PIDs left to attach to the scope's control group, refusing.");
4999
396
                scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
396
                scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
5000
397
                return -ECHILD;
397
                return -ECHILD;
Status:	Merged
Merged at revision:	fb5fdc89d8514683e3c46b6e5267dce869495808
Proposed branch:	~enr0n/ubuntu/+source/systemd:ubuntu-kinetic
Merge into:	~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-kinetic
Diff against target:	7594 lines (+2925/-689) 205 files modified .gitignore (+1/-0) debian/changelog (+190/-5) debian/control (+110/-9) debian/extra/initramfs/post-update.d/systemd-boot (+11/-0) debian/extra/kernel/postinst.d/systemd-boot (+11/-0) debian/extra/kernel/postrm.d/systemd-boot (+11/-0) debian/extra/pam-configs/systemd-homed (+15/-0) debian/gitlab-ci.yml (+2/-0) debian/libnss-myhostname.install (+0/-2) debian/libnss-myhostname.manpages (+2/-0) debian/libnss-myhostname.nss (+1/-0) debian/libnss-mymachines.install (+0/-2) debian/libnss-mymachines.manpages (+2/-0) debian/libnss-mymachines.nss (+1/-0) debian/libnss-resolve.install (+0/-2) debian/libnss-resolve.lintian-overrides (+0/-1) debian/libnss-resolve.manpages (+2/-0) debian/libnss-resolve.nss (+1/-0) debian/libnss-systemd.install (+0/-2) debian/libnss-systemd.manpages (+2/-0) debian/libnss-systemd.nss (+4/-0) debian/libpam-systemd.install (+1/-2) debian/libpam-systemd.manpages (+1/-0) debian/libsystemd-dev.install (+0/-2) debian/libsystemd-dev.manpages (+2/-0) debian/libsystemd-shared.install (+2/-0) debian/libsystemd-shared.lintian-overrides (+2/-0) debian/libudev-dev.install (+0/-2) debian/libudev-dev.manpages (+2/-0) debian/patches/Move-homectl-and-userdbctl-to-bindir.patch (+35/-0) debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch (+4/-4) debian/patches/debian/Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-back-to-.patch (+4/-4) debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch (+2/-2) debian/patches/debian/Use-Debian-specific-config-files.patch (+2/-2) debian/patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch (+3/-3) debian/patches/meson-install-libsystemd-shared-into-rootpkglibdir.patch (+1218/-0) debian/patches/series (+4/-5) debian/patches/shellcheck-clean-kernel-install-again.patch (+46/-0) debian/patches/test-denylist-TEST-29-PORTABLE-again.patch (+18/-0) debian/rules (+54/-38) debian/shlibs.local.in (+2/-2) debian/systemd-boot-efi.install (+1/-0) debian/systemd-boot-efi.lintian-overrides (+6/-0) debian/systemd-boot-efi.manpages (+1/-0) debian/systemd-boot.install (+10/-0) debian/systemd-boot.lintian-overrides (+3/-0) debian/systemd-boot.manpages (+8/-0) debian/systemd-container.install (+0/-6) debian/systemd-container.manpages (+6/-0) debian/systemd-coredump.install (+0/-3) debian/systemd-coredump.manpages (+3/-0) debian/systemd-homed.install (+11/-0) debian/systemd-homed.lintian-overrides (+5/-0) debian/systemd-homed.manpages (+1/-0) debian/systemd-homed.postinst (+7/-0) debian/systemd-homed.prerm (+20/-0) debian/systemd-journal-remote.install (+0/-12) debian/systemd-journal-remote.manpages (+12/-0) debian/systemd-oomd.install (+0/-1) debian/systemd-oomd.manpages (+1/-0) debian/systemd-resolved.install (+13/-0) debian/systemd-resolved.links (+1/-0) debian/systemd-resolved.lintian-overrides (+3/-0) debian/systemd-resolved.manpages (+4/-0) debian/systemd-resolved.postinst (+28/-0) debian/systemd-standalone-sysusers.manpages (+1/-0) debian/systemd-standalone-tmpfiles.manpages (+1/-0) debian/systemd-sysv.install (+0/-7) debian/systemd-sysv.manpages (+7/-0) debian/systemd-timesyncd.install (+0/-1) debian/systemd-timesyncd.manpages (+1/-0) debian/systemd-userdbd.install (+5/-0) debian/systemd-userdbd.lintian-overrides (+3/-0) debian/systemd-userdbd.manpages (+1/-0) debian/systemd.NEWS (+21/-0) debian/systemd.install (+0/-5) debian/systemd.lintian-overrides (+0/-7) debian/systemd.maintscript (+1/-0) debian/systemd.manpages (+4/-0) debian/systemd.postinst (+1/-4) debian/tests/control (+4/-0) debian/udev.install (+0/-7) debian/udev.manpages (+7/-0) dev/null (+0/-33) hwdb.d/70-analyzers.hwdb (+0/-1) man/journalctl.xml (+1/-1) man/os-release.xml (+1/-1) man/pam_systemd_home.xml (+14/-5) man/sd_notify.xml (+9/-8) man/system-or-user-ns.xml (+2/-2) man/systemctl.xml (+41/-40) man/systemd-creds.xml (+1/-1) man/systemd-integritysetup-generator.xml (+1/-1) man/systemd-sysctl.service.xml (+1/-1) man/systemd.exec.xml (+34/-12) man/systemd.mount.xml (+7/-9) man/systemd.netdev.xml (+1/-1) man/systemd.network.xml (+6/-6) man/sysupdate.d.xml (+10/-10) man/udevadm.xml (+2/-1) meson.build (+15/-2) src/analyze/analyze-security.c (+22/-17) src/basic/fd-util.c (+2/-0) src/basic/gcrypt-util.c (+2/-0) src/basic/hashmap.c (+8/-5) src/basic/missing_fs.h (+5/-0) src/basic/set.h (+6/-3) src/basic/stat-util.c (+6/-14) src/basic/stat-util.h (+7/-2) src/basic/time-util.c (+1/-1) src/basic/unit-file.c (+1/-4) src/basic/virt.c (+12/-7) src/boot/efi/meson.build (+13/-0) src/boot/efi/xbootldr.c (+1/-1) src/cgroups-agent/cgroups-agent.c (+7/-0) src/core/bpf/restrict_ifaces/restrict-ifaces.bpf.c (+1/-1) src/core/dbus.c (+3/-1) src/core/import-creds.c (+4/-4) src/core/load-fragment.c (+46/-12) src/core/main.c (+10/-7) src/core/mount.c (+7/-5) src/core/namespace.c (+4/-1) src/core/scope.c (+1/-1) src/core/systemd.pc.in (+2/-0) src/coredump/coredump.c (+9/-2) src/dissect/dissect.c (+1/-0) src/fundamental/sha256.c (+1/-1) src/home/homed-home-bus.c (+2/-0) src/home/homework-cifs.c (+5/-0) src/home/homework-luks.c (+4/-8) src/home/homework-mount.c (+2/-0) src/home/homework.h (+2/-1) src/import/pull-common.h (+9/-9) src/integritysetup/integritysetup.c (+6/-6) src/journal-remote/microhttpd-util.c (+1/-1) src/kernel-install/kernel-install.in (+1/-1) src/libsystemd-network/dhcp6-option.c (+7/-7) src/libsystemd-network/sd-dhcp-lease.c (+1/-1) src/libsystemd-network/sd-dhcp6-lease.c (+22/-12) src/libsystemd-network/test-dhcp6-client.c (+42/-0) src/libsystemd/sd-bus/sd-bus.c (+1/-1) src/libsystemd/sd-device/device-internal.h (+1/-1) src/libsystemd/sd-device/device-monitor.c (+2/-2) src/libsystemd/sd-device/device-private.c (+33/-22) src/libsystemd/sd-device/device-private.h (+3/-3) src/libsystemd/sd-device/sd-device.c (+3/-0) src/libsystemd/sd-device/test-sd-device.c (+18/-4) src/libsystemd/sd-event/sd-event.c (+1/-1) src/libsystemd/sd-event/test-event.c (+52/-0) src/libsystemd/sd-id128/id128-util.c (+4/-4) src/libsystemd/sd-journal/journal-verify.c (+6/-1) src/libsystemd/sd-journal/sd-journal.c (+2/-0) src/locale/keymap-util.c (+1/-1) src/network/netdev/l2tp-tunnel.c (+1/-1) src/network/netdev/macsec.c (+0/-2) src/network/netdev/wireguard.c (+0/-2) src/network/networkctl.c (+1/-1) src/network/networkd-dhcp-common.c (+4/-7) src/network/networkd-dhcp4.c (+0/-5) src/network/networkd-dhcp6.c (+0/-5) src/network/networkd-link.c (+1/-1) src/network/networkd-ndisc.c (+5/-13) src/network/networkd-radv.c (+8/-3) src/nspawn/nspawn-settings.c (+5/-0) src/nspawn/nspawn.c (+2/-2) src/partition/growfs.c (+5/-1) src/partition/repart.c (+2/-2) src/portable/profile/trusted/service.conf (+2/-1) src/resolve/resolved-bus.c (+1/-7) src/resolve/resolved-dns-cache.c (+28/-6) src/resolve/resolved-dns-cache.h (+1/-1) src/resolve/resolved-dns-packet.c (+28/-10) src/resolve/resolved-dns-packet.h (+2/-0) src/resolve/resolved-dns-scope.c (+11/-8) src/resolve/resolved-dns-transaction.c (+157/-104) src/resolve/resolved-dns-transaction.h (+0/-4) src/resolve/resolved-mdns.c (+25/-10) src/rpm/macros.systemd.in (+1/-0) src/shared/base-filesystem.c (+1/-1) src/shared/dissect-image.c (+1/-0) src/shared/dns-domain.c (+1/-1) src/shared/json.c (+3/-1) src/shared/logs-show.c (+1/-1) src/shared/mount-util.c (+2/-0) src/shared/seccomp-util.c (+1/-0) src/shared/utmp-wtmp.h (+1/-1) src/sleep/sleep.conf (+1/-1) src/sysext/sysext.c (+1/-0) src/systemctl/systemctl-list-unit-files.c (+1/-1) src/systemctl/systemctl-show.c (+4/-4) src/systemctl/systemctl-util.c (+3/-1) src/systemctl/systemctl.c (+6/-5) src/systemd/_sd-common.h (+1/-1) src/test/test-dns-domain.c (+1/-0) src/test/test-loop-block.c (+1/-0) src/test/test-sd-hwdb.c (+1/-1) src/test/test-set.c (+30/-0) src/test/test-time-util.c (+5/-0) src/tmpfiles/tmpfiles.c (+8/-11) src/udev/udev-rules.c (+4/-4) src/udev/udevd.c (+1/-1) test/units/testsuite-04.sh (+1/-1) test/units/testsuite-67.sh (+25/-4) units/modprobe@.service (+1/-0) units/systemd-udev-trigger.service (+1/-1)
Related bugs:	Link a bug report
Reviewer	Review Type	Date Requested	Status
Lukas Märdian		2022-08-17	Approve on 2022-08-24
Review via email: mp+428504@code.launchpad.net