diff options
| author | Vladimír Čunát <vcunat@gmail.com> | 2015-10-03 13:33:13 +0200 |
|---|---|---|
| committer | Vladimír Čunát <vcunat@gmail.com> | 2015-10-03 13:33:37 +0200 |
| commit | 5227fb1dd53fcb5918b9342dff4868f4ad68427e (patch) | |
| tree | d6cd521e3f67944031216a27f740f28f22b73b41 /pkgs/os-specific/linux/systemd | |
| parent | d6dd3b8bd1eaeeb21dfdb5051cd4732c748ce5d7 (diff) | |
| parent | 33373d939a19f465228ddede6d38ce9032b5916b (diff) | |
| download | nixlib-5227fb1dd53fcb5918b9342dff4868f4ad68427e.tar nixlib-5227fb1dd53fcb5918b9342dff4868f4ad68427e.tar.gz nixlib-5227fb1dd53fcb5918b9342dff4868f4ad68427e.tar.bz2 nixlib-5227fb1dd53fcb5918b9342dff4868f4ad68427e.tar.lz nixlib-5227fb1dd53fcb5918b9342dff4868f4ad68427e.tar.xz nixlib-5227fb1dd53fcb5918b9342dff4868f4ad68427e.tar.zst nixlib-5227fb1dd53fcb5918b9342dff4868f4ad68427e.zip | |
Merge commit staging+systemd into closure-size
Many non-conflict problems weren't (fully) resolved in this commit yet.
Diffstat (limited to 'pkgs/os-specific/linux/systemd')
| -rw-r--r-- | pkgs/os-specific/linux/systemd/default.nix | 56 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/systemd/fixes.patch | 1177 |
2 files changed, 33 insertions, 1200 deletions
diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index d61a242ed4dc..92630fbd9c65 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -1,7 +1,8 @@ -{ stdenv, fetchurl, pkgconfig, intltool, gperf, libcap, dbus, kmod +{ stdenv, fetchFromGitHub, pkgconfig, intltool, gperf, libcap, dbus, kmod , zlib, xz, pam, acl, cryptsetup, libuuid, m4, utillinux, libffi , glib, kbd, libxslt, coreutils, libgcrypt -, kexectools, libmicrohttpd, linuxHeaders +, kexectools, libmicrohttpd, linuxHeaders, libseccomp +, autoreconfHook, gettext, docbook_xsl, docbook_xml_dtd_42, docbook_xml_dtd_45 , pythonPackages ? null, pythonSupport ? false }: @@ -10,12 +11,14 @@ assert stdenv.isLinux; assert pythonSupport -> pythonPackages != null; stdenv.mkDerivation rec { - version = "217"; + version = "226"; name = "systemd-${version}"; - src = fetchurl { - url = "http://www.freedesktop.org/software/systemd/${name}.tar.xz"; - sha256 = "163l1y4p2a564d4ynfq3k3xf53j2v5s81blb6cvpn1y7rpxyccd0"; + src = fetchFromGitHub { + owner = "NixOS"; + repo = "systemd"; + rev = "16d61e9657b643cc25ff0538688eb870ce2dd4a5"; + sha256 = "07sc1x43j60d5jnps0d7bfka10fihnpgkdrfrh9iskgmc9qangjb"; }; outputs = [ "out" "libudev" "doc" ]; # TODO: "dev" @@ -23,16 +26,14 @@ stdenv.mkDerivation rec { outputDev = "out"; propagatedOutputs = "libudev"; - patches = - [ # These are all changes between upstream and - # https://github.com/edolstra/systemd/tree/nixos-v217. - ./fixes.patch - ]; - buildInputs = - [ pkgconfig intltool gperf libcap kmod xz pam acl + [ linuxHeaders pkgconfig intltool gperf libcap kmod xz pam acl /* cryptsetup */ libuuid m4 glib libxslt libgcrypt - libmicrohttpd linuxHeaders libffi + libmicrohttpd kexectools libseccomp libffi + /* FIXME: we may be able to prevent the following dependencies + by generating an autoconf'd tarball, but that's probably not + worth it. */ + autoreconfHook gettext docbook_xsl docbook_xml_dtd_42 docbook_xml_dtd_45 ] ++ stdenv.lib.optionals pythonSupport [pythonPackages.python pythonPackages.lxml]; @@ -43,11 +44,9 @@ stdenv.mkDerivation rec { "--with-kbd-loadkeys=${kbd}/bin/loadkeys" "--with-kbd-setfont=${kbd}/bin/setfont" "--with-rootprefix=$(out)" - "--with-dbusinterfacedir=$(out)/share/dbus-1/interfaces" "--with-dbuspolicydir=$(out)/etc/dbus-1/system.d" "--with-dbussystemservicedir=$(out)/share/dbus-1/system-services" "--with-dbussessionservicedir=$(out)/share/dbus-1/services" - "--with-firmware-path=/root/test-firmware:/run/current-system/firmware" "--with-tty-gid=3" # tty in NixOS has gid 3 "--enable-compat-libs" # get rid of this eventually "--disable-tests" @@ -57,11 +56,15 @@ stdenv.mkDerivation rec { "--disable-sysusers" "--disable-timedated" "--enable-timesyncd" - "--disable-readahead" "--disable-firstboot" "--disable-localed" "--enable-resolved" "--disable-split-usr" + "--disable-libcurl" + "--disable-libidn" + "--disable-quotacheck" + "--disable-ldconfig" + "--disable-smack" "--with-sysvinit-path=" "--with-sysvrcnd-path=" @@ -70,9 +73,10 @@ stdenv.mkDerivation rec { preConfigure = '' + ./autogen.sh + # FIXME: patch this in systemd properly (and send upstream). - # FIXME: use sulogin from util-linux once updated. - for i in src/remount-fs/remount-fs.c src/core/mount.c src/core/swap.c src/fsck/fsck.c units/emergency.service.in units/rescue.service.m4.in src/journal/cat.c src/core/shutdown.c src/nspawn/nspawn.c; do + for i in src/remount-fs/remount-fs.c src/core/mount.c src/core/swap.c src/fsck/fsck.c units/emergency.service.in units/rescue.service.in src/journal/cat.c src/core/shutdown.c src/nspawn/nspawn.c src/shared/generator.c; do test -e $i substituteInPlace $i \ --replace /usr/bin/getent ${stdenv.glibc.bin}/bin/getent \ @@ -84,13 +88,15 @@ stdenv.mkDerivation rec { --replace /bin/echo ${coreutils}/bin/echo \ --replace /bin/cat ${coreutils}/bin/cat \ --replace /sbin/sulogin ${utillinux}/sbin/sulogin \ - --replace /sbin/kexec ${kexectools}/sbin/kexec + --replace /usr/lib/systemd/systemd-fsck $out/lib/systemd/systemd-fsck done substituteInPlace src/journal/catalog.c \ --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ export NIX_CFLAGS_LINK+=" -Wl,-rpath,$libudev/lib" + + configureFlagsArray+=("--with-ntp-servers=0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") ''; makeFlags = [ @@ -100,9 +106,6 @@ stdenv.mkDerivation rec { "udevhwdbdir=$(out)/lib/udev/hwdb.d" ]; - # This is needed because systemd uses the gold linker, which doesn't - # yet have the wrapper script to add rpath flags automatically. - NIX_LDFLAGS = "-rpath ${pam.out}/lib -rpath ${libcap.out}/lib -rpath ${acl.out}/lib -rpath ${stdenv.cc.cc.lib}/lib"; PYTHON_BINARY = "${coreutils}/bin/env python"; # don't want a build time dependency on Python @@ -157,6 +160,13 @@ stdenv.mkDerivation rec { rm -rf $out/etc/rpm + rm $out/lib/*.la + + rm -rf $out/share/doc + + # "kernel-install" shouldn't be used on NixOS. + find $out -name "*kernel-install*" -exec rm {} \; + # Move lib(g)udev to a separate output. TODO: maybe split them up # to avoid libudev pulling glib mkdir -p "$libudev/lib" diff --git a/pkgs/os-specific/linux/systemd/fixes.patch b/pkgs/os-specific/linux/systemd/fixes.patch deleted file mode 100644 index c1c768dbacb9..000000000000 --- a/pkgs/os-specific/linux/systemd/fixes.patch +++ /dev/null @@ -1,1177 +0,0 @@ -diff --git a/rules/99-systemd.rules.in b/rules/99-systemd.rules.in -index e30d9a8..a3d399b 100644 ---- a/rules/99-systemd.rules.in -+++ b/rules/99-systemd.rules.in -@@ -14,10 +14,6 @@ KERNEL=="vport*", TAG+="systemd" - SUBSYSTEM=="block", KERNEL!="ram*", TAG+="systemd" - SUBSYSTEM=="block", KERNEL!="ram*", ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}=="1", ENV{SYSTEMD_READY}="0" - --# Ignore encrypted devices with no identified superblock on it, since --# we are probably still calling mke2fs or mkswap on it. --SUBSYSTEM=="block", KERNEL!="ram*", ENV{DM_UUID}=="CRYPT-*", ENV{ID_PART_TABLE_TYPE}=="", ENV{ID_FS_USAGE}=="", ENV{SYSTEMD_READY}="0" -- - # Ignore raid devices that are not yet assembled and started - SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", TEST!="md/array_state", ENV{SYSTEMD_READY}="0" - SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", ATTR{md/array_state}=="|clear|inactive", ENV{SYSTEMD_READY}="0" -diff --git a/src/core/job.c b/src/core/job.c -index eaa4bb1..db44fee 100644 ---- a/src/core/job.c -+++ b/src/core/job.c -@@ -352,6 +352,9 @@ bool job_type_is_redundant(JobType a, UnitActiveState b) { - return - b == UNIT_ACTIVATING; - -+ case JOB_NOP: -+ return true; -+ - default: - assert_not_reached("Invalid job type"); - } -diff --git a/src/core/job.h b/src/core/job.h -index 1e7c61b..ee8e54a 100644 ---- a/src/core/job.h -+++ b/src/core/job.h -@@ -49,9 +49,11 @@ enum JobType { - _JOB_TYPE_MAX_MERGING, - - /* JOB_NOP can enter into a transaction, but as it won't pull in -- * any dependencies, it won't have to merge with anything. -- * job_install() avoids the problem of merging JOB_NOP too (it's -- * special-cased, only merges with other JOB_NOPs). */ -+ * any dependencies and it uses the special 'nop_job' slot in Unit, -+ * it won't have to merge with anything (except possibly into another -+ * JOB_NOP, previously installed). JOB_NOP is special-cased in -+ * job_type_is_*() functions so that the transaction can be -+ * activated. */ - JOB_NOP = _JOB_TYPE_MAX_MERGING, /* do nothing */ - - _JOB_TYPE_MAX_IN_TRANSACTION, -@@ -190,11 +192,15 @@ _pure_ static inline bool job_type_is_mergeable(JobType a, JobType b) { - } - - _pure_ static inline bool job_type_is_conflicting(JobType a, JobType b) { -- return !job_type_is_mergeable(a, b); -+ return a != JOB_NOP && b != JOB_NOP && !job_type_is_mergeable(a, b); - } - - _pure_ static inline bool job_type_is_superset(JobType a, JobType b) { - /* Checks whether operation a is a "superset" of b in its actions */ -+ if (b == JOB_NOP) -+ return true; -+ if (a == JOB_NOP) -+ return false; - return a == job_type_lookup_merge(a, b); - } - -diff --git a/src/core/manager.c b/src/core/manager.c -index d427d88..256d6f7 100644 ---- a/src/core/manager.c -+++ b/src/core/manager.c -@@ -662,9 +662,11 @@ static int manager_setup_notify(Manager *m) { - return -errno; - } - -- if (m->running_as == SYSTEMD_SYSTEM) -+ if (m->running_as == SYSTEMD_SYSTEM) { - m->notify_socket = strdup("/run/systemd/notify"); -- else { -+ if (!m->notify_socket) -+ return log_oom(); -+ } else { - const char *e; - - e = getenv("XDG_RUNTIME_DIR"); -@@ -674,9 +676,11 @@ static int manager_setup_notify(Manager *m) { - } - - m->notify_socket = strappend(e, "/systemd/notify"); -+ if (!m->notify_socket) -+ return log_oom(); -+ -+ mkdir_parents_label(m->notify_socket, 0755); - } -- if (!m->notify_socket) -- return log_oom(); - - strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1); - r = bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path)); -diff --git a/src/core/shutdown.c b/src/core/shutdown.c -index 20cf526..03cfddc 100644 ---- a/src/core/shutdown.c -+++ b/src/core/shutdown.c -@@ -75,7 +75,9 @@ static int parse_argv(int argc, char *argv[]) { - assert(argc >= 1); - assert(argv); - -- while ((c = getopt_long(argc, argv, "", options, NULL)) >= 0) -+ /* "-" prevents getopt from permuting argv[] and moving the verb away -+ * from argv[1]. Our interface to initrd promises it'll be there. */ -+ while ((c = getopt_long(argc, argv, "-", options, NULL)) >= 0) - switch (c) { - - case ARG_LOG_LEVEL: -@@ -113,6 +115,13 @@ static int parse_argv(int argc, char *argv[]) { - - break; - -+ case '\001': -+ if (!arg_verb) -+ arg_verb = optarg; -+ else -+ log_error("Excess arguments, ignoring"); -+ break; -+ - case '?': - return -EINVAL; - -@@ -120,15 +129,11 @@ static int parse_argv(int argc, char *argv[]) { - assert_not_reached("Unhandled option code."); - } - -- if (optind >= argc) { -+ if (!arg_verb) { - log_error("Verb argument missing."); - return -EINVAL; - } - -- arg_verb = argv[optind]; -- -- if (optind + 1 < argc) -- log_error("Excess arguments, ignoring"); - return 0; - } - -diff --git a/src/core/snapshot.c b/src/core/snapshot.c -index 5eed615..c2678cb 100644 ---- a/src/core/snapshot.c -+++ b/src/core/snapshot.c -@@ -208,7 +208,7 @@ int snapshot_create(Manager *m, const char *name, bool cleanup, sd_bus_error *e, - return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s lacks snapshot suffix.", name); - - if (manager_get_unit(m, name)) -- sd_bus_error_setf(e, BUS_ERROR_UNIT_EXISTS, "Snapshot %s exists already.", name); -+ return sd_bus_error_setf(e, BUS_ERROR_UNIT_EXISTS, "Snapshot %s exists already.", name); - - } else { - -diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in -index d5b86bf..9c66e7b 100644 ---- a/src/core/systemd.pc.in -+++ b/src/core/systemd.pc.in -@@ -14,8 +14,8 @@ systemduserunitdir=@userunitdir@ - systemduserpresetdir=@userpresetdir@ - systemdsystemconfdir=@pkgsysconfdir@/system - systemduserconfdir=@pkgsysconfdir@/user --systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/run/systemd/system:/usr/local/lib/systemd/system:${systemdsystemunitdir}:/usr/lib/systemd/system:/lib/systemd/system --systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/run/systemd/user:/usr/local/lib/systemd/user:/usr/local/share/systemd/user:${systemduserunitdir}:/usr/lib/systemd/user:/usr/share/systemd/user -+systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/etc/systemd-mutable/system:/nix/var/nix/profiles/default/lib/systemd/user:/run/systemd/system:${systemdsystemunitdir} -+systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/etc/systemd-mutable/user:/nix/var/nix/profiles/default/lib/systemd/system:/run/systemd/user:${systemduserunitdir} - systemdsystemgeneratordir=@systemgeneratordir@ - systemdusergeneratordir=@usergeneratordir@ - systemdsleepdir=@systemsleepdir@ -diff --git a/src/core/timer.c b/src/core/timer.c -index a3713e2..5c4e9f9 100644 ---- a/src/core/timer.c -+++ b/src/core/timer.c -@@ -521,6 +521,7 @@ fail: - - static int timer_start(Unit *u) { - Timer *t = TIMER(u); -+ TimerValue *v; - - assert(t); - assert(t->state == TIMER_DEAD || t->state == TIMER_FAILED); -@@ -530,6 +531,11 @@ static int timer_start(Unit *u) { - - t->last_trigger = DUAL_TIMESTAMP_NULL; - -+ /* Reenable all timers that depend on unit activation time */ -+ LIST_FOREACH(value, v, t->values) -+ if (v->base == TIMER_ACTIVE) -+ v->disabled = false; -+ - if (t->stamp_path) { - struct stat st; - -diff --git a/src/core/umount.c b/src/core/umount.c -index cffa453..4d1a9ff 100644 ---- a/src/core/umount.c -+++ b/src/core/umount.c -@@ -385,6 +385,8 @@ static int mount_points_list_umount(MountPoint **head, bool *changed, bool log_e - * anyway, since we are running from it. They have - * already been remounted ro. */ - if (path_equal(m->path, "/") -+ || path_equal(m->path, "/nix") -+ || path_equal(m->path, "/nix/store") - #ifndef HAVE_SPLIT_USR - || path_equal(m->path, "/usr") - #endif -diff --git a/src/delta/delta.c b/src/delta/delta.c -index 25c4a0b..e1f2d6d 100644 ---- a/src/delta/delta.c -+++ b/src/delta/delta.c -@@ -487,7 +487,7 @@ static int parse_flags(const char *flag_str, int flags) { - const char *word, *state; - size_t l; - -- FOREACH_WORD(word, l, flag_str, state) { -+ FOREACH_WORD_SEPARATOR(word, l, flag_str, ",", state) { - if (strneq("masked", word, l)) - flags |= SHOW_MASKED; - else if (strneq ("equivalent", word, l)) -diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c -index 70a5918..1926e52 100644 ---- a/src/fsck/fsck.c -+++ b/src/fsck/fsck.c -@@ -315,8 +315,7 @@ int main(int argc, char *argv[]) { - return EXIT_FAILURE; - } - -- cmdline[i++] = "/sbin/fsck"; -- cmdline[i++] = arg_repair; -+ cmdline[i++] = "/run/current-system/sw/bin/fsck"; - cmdline[i++] = "-T"; - - /* -diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c -index e257c12..1e04553 100644 ---- a/src/fstab-generator/fstab-generator.c -+++ b/src/fstab-generator/fstab-generator.c -@@ -485,7 +485,7 @@ static int add_usr_mount(void) { - return log_oom(); - } - -- if (!arg_usr_what || !arg_usr_options) -+ if (!arg_usr_what) - return 0; - - what = fstab_node_to_udev_node(arg_usr_what); -@@ -494,7 +494,13 @@ static int add_usr_mount(void) { - return -1; - } - -- opts = arg_usr_options; -+ if (!arg_usr_options) -+ opts = arg_root_rw > 0 ? "rw" : "ro"; -+ else if (!mount_test_option(arg_usr_options, "ro") && -+ !mount_test_option(arg_usr_options, "rw")) -+ opts = strappenda(arg_usr_options, ",", arg_root_rw > 0 ? "rw" : "ro"); -+ else -+ opts = arg_usr_options; - - log_debug("Found entry what=%s where=/sysroot/usr type=%s", what, strna(arg_usr_fstype)); - return add_mount(what, -diff --git a/src/hostname/hostnamectl.c b/src/hostname/hostnamectl.c -index e487369..ff4e9c9 100644 ---- a/src/hostname/hostnamectl.c -+++ b/src/hostname/hostnamectl.c -@@ -536,5 +536,5 @@ int main(int argc, char *argv[]) { - r = hostnamectl_main(bus, argc, argv); - - finish: -- return r < 0 ? EXIT_FAILURE : r; -+ return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; - } -diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c -index 8a2c0fc..9de3ddd 100644 ---- a/src/journal/journal-file.c -+++ b/src/journal/journal-file.c -@@ -1657,7 +1657,7 @@ static int generic_array_bisect( - } - } - -- if (k > n) { -+ if (k >= n) { - if (direction == DIRECTION_UP) { - i = n; - subtract_one = true; -diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c -index f50faf4..03579fd 100644 ---- a/src/journal/journalctl.c -+++ b/src/journal/journalctl.c -@@ -682,7 +682,7 @@ static int parse_argv(int argc, char *argv[]) { - assert_not_reached("Unhandled option"); - } - -- if (arg_follow && !arg_no_tail && arg_lines == ARG_LINES_DEFAULT) -+ if (arg_follow && !arg_no_tail && !arg_since && arg_lines == ARG_LINES_DEFAULT) - arg_lines = 10; - - if (!!arg_directory + !!arg_file + !!arg_machine > 1) { -diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c -index 12735c4..08b143b 100644 ---- a/src/journal/journald-server.c -+++ b/src/journal/journald-server.c -@@ -1655,6 +1655,7 @@ void server_done(Server *s) { - free(s->buffer); - free(s->tty_path); - free(s->cgroup_root); -+ free(s->hostname_field); - - if (s->mmap) - mmap_cache_unref(s->mmap); -diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c -index 372f3ed..d56ee51 100644 ---- a/src/libsystemd-network/network-internal.c -+++ b/src/libsystemd-network/network-internal.c -@@ -392,10 +392,12 @@ void serialize_dhcp_routes(FILE *f, const char *key, struct sd_dhcp_route *route - - fprintf(f, "%s=", key); - -- for (i = 0; i < size; i++) -- fprintf(f, "%s/%" PRIu8 ",%s%s", inet_ntoa(routes[i].dst_addr), -- routes[i].dst_prefixlen, inet_ntoa(routes[i].gw_addr), -+ for (i = 0; i < size; i++) { -+ fprintf(f, "%s/%" PRIu8, inet_ntoa(routes[i].dst_addr), -+ routes[i].dst_prefixlen); -+ fprintf(f, ",%s%s", inet_ntoa(routes[i].gw_addr), - (i < (size - 1)) ? " ": ""); -+ } - - fputs("\n", f); - } -diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c -index 0eba4c3..9986b52 100644 ---- a/src/libsystemd-network/sd-dhcp-client.c -+++ b/src/libsystemd-network/sd-dhcp-client.c -@@ -68,7 +68,6 @@ struct sd_dhcp_client { - uint32_t mtu; - uint32_t xid; - usec_t start_time; -- uint16_t secs; - unsigned int attempt; - usec_t request_sent; - sd_event_source *timeout_t1; -@@ -321,10 +320,12 @@ static int client_message_init(sd_dhcp_client *client, DHCPPacket **ret, - _cleanup_free_ DHCPPacket *packet; - size_t optlen, optoffset, size; - be16_t max_size; -+ usec_t time_now; -+ uint16_t secs; - int r; - - assert(client); -- assert(client->secs); -+ assert(client->start_time); - assert(ret); - assert(_optlen); - assert(_optoffset); -@@ -344,7 +345,15 @@ static int client_message_init(sd_dhcp_client *client, DHCPPacket **ret, - - /* Although 'secs' field is a SHOULD in RFC 2131, certain DHCP servers - refuse to issue an DHCP lease if 'secs' is set to zero */ -- packet->dhcp.secs = htobe16(client->secs); -+ r = sd_event_now(client->event, clock_boottime_or_monotonic(), &time_now); -+ if (r < 0) -+ return r; -+ assert(time_now >= client->start_time); -+ -+ /* seconds between sending first and last DISCOVER -+ * must always be strictly positive to deal with broken servers */ -+ secs = ((time_now - client->start_time) / USEC_PER_SEC) ? : 1; -+ packet->dhcp.secs = htobe16(secs); - - /* RFC2132 section 4.1 - A client that cannot receive unicast IP datagrams until its protocol -@@ -441,24 +450,12 @@ static int dhcp_client_send_raw(sd_dhcp_client *client, DHCPPacket *packet, - static int client_send_discover(sd_dhcp_client *client) { - _cleanup_free_ DHCPPacket *discover = NULL; - size_t optoffset, optlen; -- usec_t time_now; - int r; - - assert(client); - assert(client->state == DHCP_STATE_INIT || - client->state == DHCP_STATE_SELECTING); - -- /* See RFC2131 section 4.4.1 */ -- -- r = sd_event_now(client->event, clock_boottime_or_monotonic(), &time_now); -- if (r < 0) -- return r; -- assert(time_now >= client->start_time); -- -- /* seconds between sending first and last DISCOVER -- * must always be strictly positive to deal with broken servers */ -- client->secs = ((time_now - client->start_time) / USEC_PER_SEC) ? : 1; -- - r = client_message_init(client, &discover, DHCP_DISCOVER, - &optlen, &optoffset); - if (r < 0) -@@ -875,10 +872,8 @@ static int client_start(sd_dhcp_client *client) { - } - client->fd = r; - -- if (client->state == DHCP_STATE_INIT) { -+ if (client->state == DHCP_STATE_INIT || client->state == DHCP_STATE_INIT_REBOOT) - client->start_time = now(clock_boottime_or_monotonic()); -- client->secs = 0; -- } - - return client_initialize_events(client, client_receive_message_raw); - } -@@ -1269,6 +1264,9 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, - if (r >= 0) { - client->timeout_resend = - sd_event_source_unref(client->timeout_resend); -+ client->receive_message = -+ sd_event_source_unref(client->receive_message); -+ client->fd = asynchronous_close(client->fd); - - if (IN_SET(client->state, DHCP_STATE_REQUESTING, - DHCP_STATE_REBOOTING)) -diff --git a/src/libsystemd-network/sd-dhcp-lease.c b/src/libsystemd-network/sd-dhcp-lease.c -index 4fb01c0..b7c9a07 100644 ---- a/src/libsystemd-network/sd-dhcp-lease.c -+++ b/src/libsystemd-network/sd-dhcp-lease.c -@@ -50,7 +50,7 @@ int sd_dhcp_lease_get_address(sd_dhcp_lease *lease, struct in_addr *addr) { - - int sd_dhcp_lease_get_lifetime(sd_dhcp_lease *lease, uint32_t *lifetime) { - assert_return(lease, -EINVAL); -- assert_return(lease, -EINVAL); -+ assert_return(lifetime, -EINVAL); - - *lifetime = lease->lifetime; - -diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c -index fa4f9b5..dbec1a2 100644 ---- a/src/libsystemd-network/sd-dhcp6-client.c -+++ b/src/libsystemd-network/sd-dhcp6-client.c -@@ -200,19 +200,19 @@ int sd_dhcp6_client_set_duid(sd_dhcp6_client *client, uint16_t type, uint8_t *du - - switch (type) { - case DHCP6_DUID_LLT: -- if (duid_len <= sizeof(client->duid.llt)) -+ if (duid_len <= sizeof(client->duid.llt) - 2) - return -EINVAL; - break; - case DHCP6_DUID_EN: -- if (duid_len != sizeof(client->duid.en)) -+ if (duid_len != sizeof(client->duid.en) - 2) - return -EINVAL; - break; - case DHCP6_DUID_LL: -- if (duid_len <= sizeof(client->duid.ll)) -+ if (duid_len <= sizeof(client->duid.ll) - 2) - return -EINVAL; - break; - case DHCP6_DUID_UUID: -- if (duid_len != sizeof(client->duid.uuid)) -+ if (duid_len != sizeof(client->duid.uuid) - 2) - return -EINVAL; - break; - default: -@@ -222,7 +222,7 @@ int sd_dhcp6_client_set_duid(sd_dhcp6_client *client, uint16_t type, uint8_t *du - - client->duid.raw.type = htobe16(type); - memcpy(&client->duid.raw.data, duid, duid_len); -- client->duid_len = duid_len; -+ client->duid_len = duid_len + 2; /* +2 for sizeof(type) */ - - return 0; - } -diff --git a/src/libsystemd/sd-bus/bus-match.c b/src/libsystemd/sd-bus/bus-match.c -index 18afe0f..5658c61 100644 ---- a/src/libsystemd/sd-bus/bus-match.c -+++ b/src/libsystemd/sd-bus/bus-match.c -@@ -537,7 +537,7 @@ static int bus_match_find_compare_value( - else if (BUS_MATCH_CAN_HASH(t)) - n = hashmap_get(c->compare.children, value_str); - else { -- for (n = c->child; !value_node_same(n, t, value_u8, value_str); n = n->next) -+ for (n = c->child; n && !value_node_same(n, t, value_u8, value_str); n = n->next) - ; - } - -diff --git a/src/libsystemd/sd-bus/bus-objects.c b/src/libsystemd/sd-bus/bus-objects.c -index 0ab1119..6c3230a 100644 ---- a/src/libsystemd/sd-bus/bus-objects.c -+++ b/src/libsystemd/sd-bus/bus-objects.c -@@ -617,6 +617,9 @@ static int property_get_set_callbacks_run( - return r; - - } else { -+ const char *signature = NULL; -+ char type = 0; -+ - if (c->vtable->type != _SD_BUS_VTABLE_WRITABLE_PROPERTY) - return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_PROPERTY_READ_ONLY, "Property '%s' is not writable.", c->member); - -@@ -628,6 +631,13 @@ static int property_get_set_callbacks_run( - - c->last_iteration = bus->iteration_counter; - -+ r = sd_bus_message_peek_type(m, &type, &signature); -+ if (r < 0) -+ return r; -+ -+ if (type != 'v' || !streq(strempty(signature), strempty(c->vtable->x.property.signature))) -+ return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_INVALID_ARGS, "Incorrect parameters for property '%s', expected '%s', got '%s'.", c->member, strempty(c->vtable->x.property.signature), strempty(signature)); -+ - r = sd_bus_message_enter_container(m, 'v', c->vtable->x.property.signature); - if (r < 0) - return r; -diff --git a/src/libsystemd/sd-rtnl/rtnl-message.c b/src/libsystemd/sd-rtnl/rtnl-message.c -index b501a52..740133a 100644 ---- a/src/libsystemd/sd-rtnl/rtnl-message.c -+++ b/src/libsystemd/sd-rtnl/rtnl-message.c -@@ -36,6 +36,8 @@ - #define GET_CONTAINER(m, i) ((i) < (m)->n_containers ? (struct rtattr*)((uint8_t*)(m)->hdr + (m)->container_offsets[i]) : NULL) - #define PUSH_CONTAINER(m, new) (m)->container_offsets[(m)->n_containers ++] = (uint8_t*)(new) - (uint8_t*)(m)->hdr; - -+#define RTA_TYPE(rta) ((rta)->rta_type & NLA_TYPE_MASK) -+ - static int message_new_empty(sd_rtnl *rtnl, sd_rtnl_message **ret) { - sd_rtnl_message *m; - -@@ -566,8 +568,8 @@ int sd_rtnl_message_append_string(sd_rtnl_message *m, unsigned short type, const - size = (size_t)r; - - if (size) { -- length = strnlen(data, size); -- if (length >= size) -+ length = strnlen(data, size+1); -+ if (length > size) - return -EINVAL; - } else - length = strlen(data); -@@ -1066,7 +1068,7 @@ int rtnl_message_parse(sd_rtnl_message *m, - *rta_tb_size = max + 1; - - for (; RTA_OK(rta, rt_len); rta = RTA_NEXT(rta, rt_len)) { -- type = rta->rta_type; -+ type = RTA_TYPE(rta); - - /* if the kernel is newer than the headers we used - when building, we ignore out-of-range attributes -@@ -1222,7 +1224,7 @@ int socket_read_message(sd_rtnl *rtnl) { - } - } - -- for (new_msg = rtnl->rbuffer; NLMSG_OK(new_msg, len); new_msg = NLMSG_NEXT(new_msg, len)) { -+ for (new_msg = rtnl->rbuffer; NLMSG_OK(new_msg, len) && !done; new_msg = NLMSG_NEXT(new_msg, len)) { - _cleanup_rtnl_message_unref_ sd_rtnl_message *m = NULL; - const NLType *nl_type; - -@@ -1237,7 +1239,8 @@ int socket_read_message(sd_rtnl *rtnl) { - if (new_msg->nlmsg_type == NLMSG_DONE) { - /* finished reading multi-part message */ - done = true; -- break; -+ -+ continue; - } - - /* check that we support this message type */ -diff --git a/src/libudev/libudev-device.c b/src/libudev/libudev-device.c -index 2699374..e2afcb8 100644 ---- a/src/libudev/libudev-device.c -+++ b/src/libudev/libudev-device.c -@@ -730,8 +730,13 @@ _public_ struct udev_device *udev_device_new_from_syspath(struct udev *udev, con - return NULL; - } else { - /* everything else just needs to be a directory */ -- if (stat(path, &statbuf) != 0 || !S_ISDIR(statbuf.st_mode)) -+ if (stat(path, &statbuf) != 0) - return NULL; -+ -+ if (!S_ISDIR(statbuf.st_mode)) { -+ errno = EISDIR; -+ return NULL; -+ } - } - - udev_device = udev_device_new(udev); -diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index b6d9bc6..759794f 100644 ---- a/src/nspawn/nspawn.c -+++ b/src/nspawn/nspawn.c -@@ -758,7 +758,7 @@ static int mount_binds(const char *dest, char **l, bool ro) { - * and char devices. */ - if (S_ISDIR(source_st.st_mode)) { - r = mkdir_label(where, 0755); -- if (r < 0) { -+ if (r < 0 && errno != EEXIST) { - log_error("Failed to create mount point %s: %s", where, strerror(-r)); - - return r; -@@ -818,7 +818,7 @@ static int mount_tmpfs(const char *dest) { - return log_oom(); - - r = mkdir_label(where, 0755); -- if (r < 0) { -+ if (r < 0 && errno != EEXIST) { - log_error("creating mount point for tmpfs %s failed: %s", where, strerror(-r)); - - return r; -@@ -3073,6 +3073,7 @@ int main(int argc, char *argv[]) { - goto finish; - } - } else { -+#if 0 - const char *p; - - p = strappenda(arg_directory, -@@ -3082,6 +3083,7 @@ int main(int argc, char *argv[]) { - goto finish; - - } -+#endif - } - } else { - char template[] = "/tmp/nspawn-root-XXXXXX"; -diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c -index 7375f77..ec8efcc 100644 ---- a/src/resolve/resolved-dns-packet.c -+++ b/src/resolve/resolved-dns-packet.c -@@ -866,7 +866,7 @@ fail: - - int dns_packet_read_name(DnsPacket *p, char **_ret, - bool allow_compression, size_t *start) { -- size_t saved_rindex, after_rindex = 0; -+ size_t saved_rindex, after_rindex = 0, jump_barrier; - _cleanup_free_ char *ret = NULL; - size_t n = 0, allocated = 0; - bool first = true; -@@ -876,6 +876,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret, - assert(_ret); - - saved_rindex = p->rindex; -+ jump_barrier = p->rindex; - - for (;;) { - uint8_t c, d; -@@ -922,7 +923,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret, - goto fail; - - ptr = (uint16_t) (c & ~0xc0) << 8 | (uint16_t) d; -- if (ptr < DNS_PACKET_HEADER_SIZE || ptr >= saved_rindex) { -+ if (ptr < DNS_PACKET_HEADER_SIZE || ptr >= jump_barrier) { - r = -EBADMSG; - goto fail; - } -@@ -930,9 +931,13 @@ int dns_packet_read_name(DnsPacket *p, char **_ret, - if (after_rindex == 0) - after_rindex = p->rindex; - -+ /* Jumps are limited to a "prior occurence" (RFC-1035 4.1.4) */ -+ jump_barrier = ptr; - p->rindex = ptr; -- } else -+ } else { -+ r = -EBADMSG; - goto fail; -+ } - } - - if (!GREEDY_REALLOC(ret, allocated, n + 1)) { -diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c -index 7d258c9..6dd4cad 100644 ---- a/src/resolve/resolved.c -+++ b/src/resolve/resolved.c -@@ -108,7 +108,7 @@ int main(int argc, char *argv[]) { - - finish: - sd_notify(false, -- "STOPPIN=1\n" -+ "STOPPING=1\n" - "STATUS=Shutting down..."); - - return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; -diff --git a/src/run/run.c b/src/run/run.c -index e3b6293..dcefb5c 100644 ---- a/src/run/run.c -+++ b/src/run/run.c -@@ -573,9 +573,12 @@ int main(int argc, char* argv[]) { - if (r <= 0) - goto finish; - -- r = find_binary(argv[optind], &command); -+ r = find_binary(argv[optind], arg_transport == BUS_TRANSPORT_LOCAL, &command); - if (r < 0) { -- log_error("Failed to find executable %s: %s", argv[optind], strerror(-r)); -+ log_error("Failed to find executable %s%s: %s", -+ argv[optind], -+ arg_transport == BUS_TRANSPORT_LOCAL ? "" : " on local system", -+ strerror(-r)); - goto finish; - } - argv[optind] = command; -diff --git a/src/shared/install.c b/src/shared/install.c -index 035b44c..cab93e8 100644 ---- a/src/shared/install.c -+++ b/src/shared/install.c -@@ -1620,12 +1620,10 @@ int unit_file_enable( - STRV_FOREACH(i, files) { - UnitFileState state; - -+ /* We only want to know if this unit is masked, so we ignore -+ * errors from unit_file_get_state, deferring other checks. -+ * This allows templated units to be enabled on the fly. */ - state = unit_file_get_state(scope, root_dir, *i); -- if (state < 0) { -- log_error("Failed to get unit file state for %s: %s", *i, strerror(-state)); -- return state; -- } -- - if (state == UNIT_FILE_MASKED || state == UNIT_FILE_MASKED_RUNTIME) { - log_error("Failed to enable unit: Unit %s is masked", *i); - return -ENOTSUP; -diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c -index 8f75a8e..c800e01 100644 ---- a/src/shared/path-lookup.c -+++ b/src/shared/path-lookup.c -@@ -86,17 +86,14 @@ static char** user_dirs( - const char * const config_unit_paths[] = { - USER_CONFIG_UNIT_PATH, - "/etc/systemd/user", -+ "/etc/systemd-mutable/user", - NULL - }; - - const char * const runtime_unit_path = "/run/systemd/user"; - - const char * const data_unit_paths[] = { -- "/usr/local/lib/systemd/user", -- "/usr/local/share/systemd/user", - USER_DATA_UNIT_PATH, -- "/usr/lib/systemd/user", -- "/usr/share/systemd/user", - NULL - }; - -@@ -260,13 +257,11 @@ int lookup_paths_init( - STRV_IFNOTNULL(generator_early), - USER_CONFIG_UNIT_PATH, - "/etc/systemd/user", -+ "/etc/systemd-mutable/user", -+ "/nix/var/nix/profiles/default/lib/systemd/user", - "/run/systemd/user", - STRV_IFNOTNULL(generator), -- "/usr/local/lib/systemd/user", -- "/usr/local/share/systemd/user", - USER_DATA_UNIT_PATH, -- "/usr/lib/systemd/user", -- "/usr/share/systemd/user", - STRV_IFNOTNULL(generator_late), - NULL); - } else -@@ -276,14 +271,11 @@ int lookup_paths_init( - STRV_IFNOTNULL(generator_early), - SYSTEM_CONFIG_UNIT_PATH, - "/etc/systemd/system", -+ "/etc/systemd-mutable/system", -+ "/nix/var/nix/profiles/default/lib/systemd/system", - "/run/systemd/system", - STRV_IFNOTNULL(generator), -- "/usr/local/lib/systemd/system", - SYSTEM_DATA_UNIT_PATH, -- "/usr/lib/systemd/system", --#ifdef HAVE_SPLIT_USR -- "/lib/systemd/system", --#endif - STRV_IFNOTNULL(generator_late), - NULL); - -diff --git a/src/shared/path-util.c b/src/shared/path-util.c -index 67566bc..be03695 100644 ---- a/src/shared/path-util.c -+++ b/src/shared/path-util.c -@@ -563,11 +563,11 @@ int path_is_os_tree(const char *path) { - return r >= 0; - } - --int find_binary(const char *name, char **filename) { -+int find_binary(const char *name, bool local, char **filename) { - assert(name); - - if (is_path(name)) { -- if (access(name, X_OK) < 0) -+ if (local && access(name, X_OK) < 0) - return -errno; - - if (filename) { -@@ -657,7 +657,7 @@ int fsck_exists(const char *fstype) { - - checker = strappenda("fsck.", fstype); - -- r = find_binary(checker, &p); -+ r = find_binary(checker, true, &p); - if (r < 0) - return r; - -diff --git a/src/shared/path-util.h b/src/shared/path-util.h -index 8d171a5..bd0d324 100644 ---- a/src/shared/path-util.h -+++ b/src/shared/path-util.h -@@ -55,7 +55,7 @@ int path_is_mount_point(const char *path, bool allow_symlink); - int path_is_read_only_fs(const char *path); - int path_is_os_tree(const char *path); - --int find_binary(const char *name, char **filename); -+int find_binary(const char *name, bool local, char **filename); - - bool paths_check_timestamp(const char* const* paths, usec_t *paths_ts_usec, bool update); - -diff --git a/src/shared/virt.c b/src/shared/virt.c -index f9c4e67..f10baab 100644 ---- a/src/shared/virt.c -+++ b/src/shared/virt.c -@@ -293,8 +293,26 @@ int detect_container(const char **id) { - - r = read_one_line_file("/run/systemd/container", &m); - if (r == -ENOENT) { -- r = 0; -- goto finish; -+ -+ /* Fallback for cases where PID 1 was not -+ * systemd (for example, cases where -+ * init=/bin/sh is used. */ -+ -+ r = getenv_for_pid(1, "container", &m); -+ if (r <= 0) { -+ -+ /* If that didn't work, give up, -+ * assume no container manager. -+ * -+ * Note: This means we still cannot -+ * detect containers if init=/bin/sh -+ * is passed but privileges dropped, -+ * as /proc/1/environ is only readable -+ * with privileges. */ -+ -+ r = 0; -+ goto finish; -+ } - } - if (r < 0) - return r; -diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c -index 28eaa6a..3866308 100644 ---- a/src/systemctl/systemctl.c -+++ b/src/systemctl/systemctl.c -@@ -2651,7 +2651,7 @@ static int start_unit_one( - - log_debug("Adding %s to the set", p); - r = set_consume(s, p); -- if (r < 0) -+ if (r < 0 && r != -EEXIST) - return log_oom(); - } - -@@ -6917,8 +6917,13 @@ done: - - static int halt_now(enum action a) { - --/* Make sure C-A-D is handled by the kernel from this -- * point on... */ -+ /* The kernel will automaticall flush ATA disks and suchlike -+ * on reboot(), but the file systems need to be synce'd -+ * explicitly in advance. */ -+ sync(); -+ -+ /* Make sure C-A-D is handled by the kernel from this point -+ * on... */ - reboot(RB_ENABLE_CAD); - - switch (a) { -diff --git a/src/test/test-path-util.c b/src/test/test-path-util.c -index 63d64b2..57264de 100644 ---- a/src/test/test-path-util.c -+++ b/src/test/test-path-util.c -@@ -85,29 +85,30 @@ static void test_path(void) { - } - } - --static void test_find_binary(const char *self) { -+static void test_find_binary(const char *self, bool local) { - char *p; - -- assert_se(find_binary("/bin/sh", &p) == 0); -+ assert_se(find_binary("/bin/sh", local, &p) == 0); - puts(p); - assert_se(streq(p, "/bin/sh")); - free(p); - -- assert_se(find_binary(self, &p) == 0); -+ assert_se(find_binary(self, local, &p) == 0); - puts(p); - assert_se(endswith(p, "/test-path-util")); - assert_se(path_is_absolute(p)); - free(p); - -- assert_se(find_binary("sh", &p) == 0); -+ assert_se(find_binary("sh", local, &p) == 0); - puts(p); - assert_se(endswith(p, "/sh")); - assert_se(path_is_absolute(p)); - free(p); - -- assert_se(find_binary("xxxx-xxxx", &p) == -ENOENT); -+ assert_se(find_binary("xxxx-xxxx", local, &p) == -ENOENT); - -- assert_se(find_binary("/some/dir/xxxx-xxxx", &p) == -ENOENT); -+ assert_se(find_binary("/some/dir/xxxx-xxxx", local, &p) == -+ (local ? -ENOENT : 0)); - } - - static void test_prefixes(void) { -@@ -244,7 +245,8 @@ static void test_strv_resolve(void) { - - int main(int argc, char **argv) { - test_path(); -- test_find_binary(argv[0]); -+ test_find_binary(argv[0], true); -+ test_find_binary(argv[0], false); - test_prefixes(); - test_path_join(); - test_fsck_exists(); -diff --git a/src/udev/udevd.c b/src/udev/udevd.c -index 2e6c713..193702c 100644 ---- a/src/udev/udevd.c -+++ b/src/udev/udevd.c -@@ -994,9 +994,9 @@ static void kernel_cmdline_options(struct udev *udev) { - if (r < 0) - log_warning("Invalid udev.exec-delay ignored: %s", opt + 16); - } else if (startswith(opt, "udev.event-timeout=")) { -- r = safe_atou64(opt + 16, &arg_event_timeout_usec); -+ r = safe_atou64(opt + 19, &arg_event_timeout_usec); - if (r < 0) { -- log_warning("Invalid udev.event-timeout ignored: %s", opt + 16); -+ log_warning("Invalid udev.event-timeout ignored: %s", opt + 19); - break; - } - arg_event_timeout_usec *= USEC_PER_SEC; -diff --git a/units/console-getty.service.m4.in b/units/console-getty.service.m4.in -index 8ac51a4..cae9fb5 100644 ---- a/units/console-getty.service.m4.in -+++ b/units/console-getty.service.m4.in -@@ -15,7 +15,6 @@ After=rc-local.service - Before=getty.target - - [Service] --ExecStart=-/sbin/agetty --noclear --keep-baud console 115200,38400,9600 $TERM - Type=idle - Restart=always - RestartSec=0 -diff --git a/units/container-getty@.service.m4.in b/units/container-getty@.service.m4.in -index 4f7794b..6dfc2e9 100644 ---- a/units/container-getty@.service.m4.in -+++ b/units/container-getty@.service.m4.in -@@ -14,9 +14,9 @@ After=rc-local.service - )m4_dnl - Before=getty.target - IgnoreOnIsolate=yes -+ConditionPathExists=/dev/pts/%I - - [Service] --ExecStart=-/sbin/agetty --noclear --keep-baud pts/%I 115200,38400,9600 $TERM - Type=idle - Restart=always - RestartSec=0 -diff --git a/units/emergency.service.in b/units/emergency.service.in -index 18973e7..3a99660 100644 ---- a/units/emergency.service.in -+++ b/units/emergency.service.in -@@ -16,7 +16,6 @@ Before=shutdown.target - [Service] - Environment=HOME=/root - WorkingDirectory=/root --ExecStartPre=-/bin/plymouth quit - ExecStartPre=-/bin/echo -e 'Welcome to emergency mode! After logging in, type "journalctl -xb" to view\\nsystem logs, "systemctl reboot" to reboot, "systemctl default" or ^D to\\ntry again to boot into default mode.' - ExecStart=-/bin/sh -c "/sbin/sulogin; @SYSTEMCTL@ --fail --no-block default" - Type=idle -diff --git a/units/getty@.service.m4 b/units/getty@.service.m4 -index 46164ab..f194a31 100644 ---- a/units/getty@.service.m4 -+++ b/units/getty@.service.m4 -@@ -23,11 +23,12 @@ IgnoreOnIsolate=yes - # On systems without virtual consoles, don't start any getty. Note - # that serial gettys are covered by serial-getty@.service, not this - # unit. --ConditionPathExists=/dev/tty0 -+ConditionPathExists=|/dev/tty0 -+ConditionVirtualization=|lxc -+ConditionVirtualization=|lxc-libvirt - - [Service] - # the VT is cleared by TTYVTDisallocate --ExecStart=-/sbin/agetty --noclear %I $TERM - Type=idle - Restart=always - RestartSec=0 -diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in -index 0934a87..7e30c9e 100644 ---- a/units/kmod-static-nodes.service.in -+++ b/units/kmod-static-nodes.service.in -@@ -10,7 +10,6 @@ Description=Create list of required static device nodes for the current kernel - DefaultDependencies=no - Before=sysinit.target systemd-tmpfiles-setup-dev.service - ConditionCapability=CAP_SYS_MODULE --ConditionPathExists=/lib/modules/%v/modules.devname - - [Service] - Type=oneshot -diff --git a/units/local-fs.target b/units/local-fs.target -index d2e5429..d26984b 100644 ---- a/units/local-fs.target -+++ b/units/local-fs.target -@@ -13,3 +13,5 @@ Conflicts=shutdown.target - After=local-fs-pre.target - OnFailure=emergency.target - OnFailureJobMode=replace-irreversibly -+ -+X-StopOnReconfiguration=yes -diff --git a/units/remote-fs.target b/units/remote-fs.target -index 43ffa5c..156a681 100644 ---- a/units/remote-fs.target -+++ b/units/remote-fs.target -@@ -12,5 +12,7 @@ After=remote-fs-pre.target - DefaultDependencies=no - Conflicts=shutdown.target - -+X-StopOnReconfiguration=yes -+ - [Install] - WantedBy=multi-user.target -diff --git a/units/rescue.service.in b/units/rescue.service.in -index fc93f1e..3c87cf8 100644 ---- a/units/rescue.service.in -+++ b/units/rescue.service.in -@@ -16,7 +16,6 @@ Before=shutdown.target - [Service] - Environment=HOME=/root - WorkingDirectory=/root --ExecStartPre=-/bin/plymouth quit - ExecStartPre=-/bin/echo -e 'Welcome to emergency mode! After logging in, type "journalctl -xb" to view\\nsystem logs, "systemctl reboot" to reboot, "systemctl default" or ^D to\\nboot into default mode.' - ExecStart=-/bin/sh -c "/sbin/sulogin; @SYSTEMCTL@ --fail --no-block default" - Type=idle -diff --git a/units/serial-getty@.service.m4 b/units/serial-getty@.service.m4 -index 4522d0d..96daa5c 100644 ---- a/units/serial-getty@.service.m4 -+++ b/units/serial-getty@.service.m4 -@@ -22,7 +22,6 @@ Before=getty.target - IgnoreOnIsolate=yes - - [Service] --ExecStart=-/sbin/agetty --keep-baud 115200,38400,9600 %I $TERM - Type=idle - Restart=always - UtmpIdentifier=%I -diff --git a/units/sysinit.target b/units/sysinit.target -index ec33503..4ac47b9 100644 ---- a/units/sysinit.target -+++ b/units/sysinit.target -@@ -9,5 +9,4 @@ - Description=System Initialization - Documentation=man:systemd.special(7) - Conflicts=emergency.service emergency.target --Wants=local-fs.target swap.target --After=local-fs.target swap.target emergency.service emergency.target -+After=emergency.service emergency.target -diff --git a/units/systemd-backlight@.service.in b/units/systemd-backlight@.service.in -index ecf3de4..7e83446 100644 ---- a/units/systemd-backlight@.service.in -+++ b/units/systemd-backlight@.service.in -@@ -19,3 +19,4 @@ Type=oneshot - RemainAfterExit=yes - ExecStart=@rootlibexecdir@/systemd-backlight load %i - ExecStop=@rootlibexecdir@/systemd-backlight save %i -+X-RestartIfChanged=false -diff --git a/units/systemd-journal-flush.service.in b/units/systemd-journal-flush.service.in -index 699670b..ba22c6d 100644 ---- a/units/systemd-journal-flush.service.in -+++ b/units/systemd-journal-flush.service.in -@@ -10,8 +10,10 @@ Description=Trigger Flushing of Journal to Persistent Storage - Documentation=man:systemd-journald.service(8) man:journald.conf(5) - DefaultDependencies=no - Requires=systemd-journald.service --After=systemd-journald.service local-fs.target remote-fs.target -+After=systemd-journald.service -+After=systemd-remount-fs.service - Before=systemd-user-sessions.service systemd-tmpfiles-setup.service -+RequiresMountsFor=/var/log/journal - - [Service] - ExecStart=@rootbindir@/journalctl --flush -diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in -index 4de38fa..2f23c13 100644 ---- a/units/systemd-journald.service.in -+++ b/units/systemd-journald.service.in -@@ -14,6 +14,7 @@ After=systemd-journald.socket systemd-journald-dev-log.socket syslog.socket - Before=sysinit.target - - [Service] -+Type=notify - Sockets=systemd-journald.socket systemd-journald-dev-log.socket - ExecStart=@rootlibexecdir@/systemd-journald - Restart=always -@@ -26,3 +27,8 @@ WatchdogSec=1min - # Increase the default a bit in order to allow many simultaneous - # services being run since we keep one fd open per service. - LimitNOFILE=16384 -+ -+# Don't restart journald, since that causes services connected to -+# journald to stop logging (see -+# https://bugs.freedesktop.org/show_bug.cgi?id=56043). -+X-RestartIfChanged=no -diff --git a/units/systemd-random-seed.service.in b/units/systemd-random-seed.service.in -index b55844b..3ef9fc6 100644 ---- a/units/systemd-random-seed.service.in -+++ b/units/systemd-random-seed.service.in -@@ -19,3 +19,4 @@ Type=oneshot - RemainAfterExit=yes - ExecStart=@rootlibexecdir@/systemd-random-seed load - ExecStop=@rootlibexecdir@/systemd-random-seed save -+X-RestartIfChanged=false -diff --git a/units/systemd-rfkill@.service.in b/units/systemd-rfkill@.service.in -index 0e9851b..9f8fa0d 100644 ---- a/units/systemd-rfkill@.service.in -+++ b/units/systemd-rfkill@.service.in -@@ -19,3 +19,4 @@ Type=oneshot - RemainAfterExit=yes - ExecStart=@rootlibexecdir@/systemd-rfkill load %I - ExecStop=@rootlibexecdir@/systemd-rfkill save %I -+X-RestartIfChanged=false -diff --git a/units/systemd-tmpfiles-setup.service.in b/units/systemd-tmpfiles-setup.service.in -index e895cda..194146f 100644 ---- a/units/systemd-tmpfiles-setup.service.in -+++ b/units/systemd-tmpfiles-setup.service.in -@@ -11,7 +11,7 @@ Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) - DefaultDependencies=no - Conflicts=shutdown.target - After=local-fs.target systemd-sysusers.service --Before=sysinit.target shutdown.target -+Before=shutdown.target - RefuseManualStop=yes - - [Service] -diff --git a/units/systemd-update-utmp.service.in b/units/systemd-update-utmp.service.in -index 163eccd..7357c12 100644 ---- a/units/systemd-update-utmp.service.in -+++ b/units/systemd-update-utmp.service.in -@@ -11,7 +11,7 @@ Documentation=man:systemd-update-utmp.service(8) man:utmp(5) - DefaultDependencies=no - RequiresMountsFor=/var/log/wtmp - Conflicts=shutdown.target --After=systemd-remount-fs.service systemd-tmpfiles-setup.service auditd.service -+After=systemd-remount-fs.service auditd.service - Before=sysinit.target shutdown.target - - [Service] -@@ -19,3 +19,4 @@ Type=oneshot - RemainAfterExit=yes - ExecStart=@rootlibexecdir@/systemd-update-utmp reboot - ExecStop=@rootlibexecdir@/systemd-update-utmp shutdown -+X-RestartIfChanged=false -diff --git a/units/systemd-user-sessions.service.in b/units/systemd-user-sessions.service.in -index 0869e73..b6ed958 100644 ---- a/units/systemd-user-sessions.service.in -+++ b/units/systemd-user-sessions.service.in -@@ -15,3 +15,6 @@ Type=oneshot - RemainAfterExit=yes - ExecStart=@rootlibexecdir@/systemd-user-sessions start - ExecStop=@rootlibexecdir@/systemd-user-sessions stop -+ -+# Restart kills all active sessions. -+X-RestartIfChanged=no |