New upstream version 249.1

docs/BOOT_LOADER_INTERFACE.md

@@ -76,10 +76,10 @@ variables. All EFI variables use the vendor UUID
   * `1 << 6` → The boot loader supports passing a random seed to the OS.
 
 * The EFI variable `LoaderRandomSeed` contains a binary random seed if set. It
-  is set by the boot loader to pass an entropy seed read from the ESP partition
+  is set by the boot loader to pass an entropy seed read from the ESP to the OS.
-  to the OS. The system manager then credits this seed to the kernel's entropy
+  The system manager then credits this seed to the kernel's entropy pool. It is
-  pool. It is the responsibility of the boot loader to ensure the quality and
+  the responsibility of the boot loader to ensure the quality and integrity of
-  integrity of the random seed.
+  the random seed.
 
 * The EFI variable `LoaderSystemToken` contains binary random data,
   persistently set by the OS installer. Boot loaders that support passing

docs/BOOT_LOADER_SPECIFICATION.md

@@ -61,8 +61,8 @@ Everything described below is located on a placeholder file system `$BOOT`. The
 * On disks with GPT (GUID Partition Table)
   * If the OS is installed on a disk with GPT, and an Extended Boot Loader Partition or XBOOTLDR partition for short, i.e. a partition with GPT type GUID of `bc13c2ff-59e6-4262-a352-b275fd6f7172`, already exists, it should be used as `$BOOT`.
   * Otherwise, if the OS is installed on a disk with GPT, and an EFI System Partition or ESP for short, i.e. a partition with GPT type UID of `c12a7328-f81f-11d2-ba4b-00a0c93ec93b`) already exists and is large enough (let's say 250MB) and otherwise qualifies, it should be used as `$BOOT`.
-  * Otherwise, if the OS is installed on a disk with GPT, and if the ESP partition already exists but is too small, a new suitably sized (let's say 500MB) XBOOTLDR partition shall be created and used as `$BOOT`.
+  * Otherwise, if the OS is installed on a disk with GPT, and if the ESP already exists but is too small, a new suitably sized (let's say 500MB) XBOOTLDR partition shall be created and used as `$BOOT`.
-  * Otherwise, if the OS is installed on a disk with GPT, and no ESP partition exists yet, a new suitably sized (let's say 500MB) ESP should be created and used as `$BOOT`.
+  * Otherwise, if the OS is installed on a disk with GPT, and no ESP exists yet, a new suitably sized (let's say 500MB) ESP should be created and used as `$BOOT`.
 
 This placeholder file system shall be determined during _installation time_, and an fstab entry may be created. It should be mounted to either `/boot/` or `/efi/`. Additional locations like `/boot/efi/`, with `/boot/` being a separate file system, might be supported by implementations. This is not recommended because the mounting of `$BOOT` is then dependent on and requires the mounting of the intermediate file system.
 

man/sd_bus_set_property.xml

@@ -39,7 +39,6 @@
         <paramdef>const char *<parameter>interface</parameter></paramdef>
         <paramdef>const char *<parameter>member</parameter></paramdef>
         <paramdef>sd_bus_error *<parameter>ret_error</parameter></paramdef>
-        <paramdef>sd_bus_message **<parameter>reply</parameter></paramdef>
         <paramdef>const char *<parameter>type</parameter></paramdef>
         <paramdef>...</paramdef>
       </funcprototype>
@@ -52,7 +51,6 @@
         <paramdef>const char *<parameter>interface</parameter></paramdef>
         <paramdef>const char *<parameter>member</parameter></paramdef>
         <paramdef>sd_bus_error *<parameter>ret_error</parameter></paramdef>
-        <paramdef>sd_bus_message **<parameter>reply</parameter></paramdef>
         <paramdef>const char *<parameter>type</parameter></paramdef>
         <paramdef>va_list <parameter>ap</parameter></paramdef>
       </funcprototype>
@@ -115,10 +113,9 @@
     <citerefentry><refentrytitle>sd_bus_call_method</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
     </para>
 
-    <para><function>sd_bus_set_property()</function> sets a D-Bus property. On success, the response
+    <para><function>sd_bus_set_property()</function> sets a D-Bus property. If setting the property
-    is stored in <parameter>reply</parameter>. If setting the property fails or an internal error
+    fails or an internal error occurs, an error is returned and an extended description of the error
-    occurs, an error is returned and an extended description of the error is optionally stored in
+    is optionally stored in <parameter>ret_error</parameter> if it is not <constant>NULL</constant>.
-    <parameter>ret_error</parameter> if it is not <constant>NULL</constant>.
     <parameter>type</parameter> and the arguments that follow it describe the new value of the
     property and must follow the format described in
     <citerefentry><refentrytitle>sd_bus_message_append</refentrytitle><manvolnum>3</manvolnum></citerefentry>.

man/systemd-boot.xml

@@ -73,8 +73,8 @@
       <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
       details.</para></listitem>
 
-      <listitem><para>An EFI variable set by the boot loader informs the OS about the ESP partition used
+      <listitem><para>An EFI variable set by the boot loader informs the OS about the EFI System Partition used
-      during boot. This is then used to automatically mount the correct ESP partition to
+      during boot. This is then used to automatically mount the correct EFI System Partition to
       <filename>/efi/</filename> or <filename>/boot/</filename> during OS runtime. See
       <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
       for details.</para></listitem>

man/systemd-resolved.service.xml

@@ -144,7 +144,7 @@
       turn. Additionally, lookup of single-label names via unicast DNS may be enabled with the
       <varname>ResolveUnicastSingleLabel=yes</varname> setting. The details of which servers are queried and
       how the final reply is chosen are described below. Note that this means that address queries for
-      single-label names are never sent out to remote DNS servers by default, and resoulution is only
+      single-label names are never sent out to remote DNS servers by default, and resolution is only
       possible if search domains are defined.</para></listitem>
 
       <listitem><para>Multi-label names with the domain suffix <literal>.local</literal> are resolved using

man/systemd.network.xml

@@ -998,14 +998,6 @@ IPv6Token=prefixstable:2002:da8:1::</programlisting></para>
           </para>
         </listitem>
       </varlistentry>
-      <varlistentry>
-        <term><varname>Xfrm=</varname></term>
-        <listitem>
-          <para>The name of the xfrm to create on the link. See
-            <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
-            This option may be specified more than once.</para>
-        </listitem>
-      </varlistentry>
       <varlistentry>
         <term><varname>KeepConfiguration=</varname></term>
         <listitem>

man/systemd.xml

@@ -74,8 +74,8 @@
     configuration files, whose syntax and basic set of options is
     described in
     <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-    however some are created automatically from other configuration,
+    however some are created automatically from other configuration
-    dynamically from system state or programmatically at runtime.
+    files, dynamically from system state or programmatically at runtime.
     Units may be "active" (meaning started, bound, plugged in, …,
     depending on the unit type, see below), or "inactive" (meaning
     stopped, unbound, unplugged, …), as well as in the process of

shell-completion/zsh/_systemd-run

@@ -77,4 +77,5 @@ _arguments \
     '--version[Show package version]' \
     '--wait=[Wait until service stopped again]' \
     '--working-directory=[Run with the specified working directory]' \
-    '*::command:_command'
+    '(-):command: _command_names -e' \
+    '*::arguments:_normal'

src/basic/unit-name.c

@@ -378,12 +378,13 @@ int unit_name_unescape(const char *f, char **ret) {
 }
 
 int unit_name_path_escape(const char *f, char **ret) {
-        char *p, *s;
+        _cleanup_free_ char *p = NULL;
+        char *s;
 
         assert(f);
         assert(ret);
 
-        p = strdupa(f);
+        p = strdup(f);
         if (!p)
                 return -ENOMEM;
 
@@ -395,13 +396,9 @@ int unit_name_path_escape(const char *f, char **ret) {
                 if (!path_is_normalized(p))
                         return -EINVAL;
 
-                /* Truncate trailing slashes */
+                /* Truncate trailing slashes and skip leading slashes */
                 delete_trailing_chars(p, "/");
-
+                s = unit_name_escape(skip_leading_chars(p, "/"));
-                /* Truncate leading slashes */
-                p = skip_leading_chars(p, "/");
-
-                s = unit_name_escape(p);
         }
         if (!s)
                 return -ENOMEM;

src/boot/bootctl.c

@@ -1337,7 +1337,7 @@ static int verb_status(int argc, char *argv[], void *userdata) {
                 sd_id128_t bootloader_esp_uuid;
                 bool have_bootloader_esp_uuid = efi_loader_get_device_part_uuid(&bootloader_esp_uuid) >= 0;
 
-                print_yes_no_line(false, have_bootloader_esp_uuid, "Boot loader sets ESP partition information");
+                print_yes_no_line(false, have_bootloader_esp_uuid, "Boot loader sets ESP information");
                 if (have_bootloader_esp_uuid && !sd_id128_equal(esp_uuid, bootloader_esp_uuid))
                         printf("WARNING: The boot loader reports a different ESP UUID than detected!\n");
 

src/hostname/hostnamed.c

@@ -204,14 +204,14 @@ static const char* fallback_chassis(void) {
 
         r = read_one_line_file("/sys/class/dmi/id/chassis_type", &type);
         if (r < 0) {
-                log_debug_errno(v, "Failed to read DMI chassis type, ignoring: %m");
+                log_debug_errno(r, "Failed to read DMI chassis type, ignoring: %m");
                 goto try_acpi;
         }
 
         r = safe_atou(type, &t);
         free(type);
         if (r < 0) {
-                log_debug_errno(v, "Failed to parse DMI chassis type, ignoring: %m");
+                log_debug_errno(r, "Failed to parse DMI chassis type, ignoring: %m");
                 goto try_acpi;
         }
 
@@ -260,14 +260,14 @@ static const char* fallback_chassis(void) {
 try_acpi:
         r = read_one_line_file("/sys/firmware/acpi/pm_profile", &type);
         if (r < 0) {
-                log_debug_errno(v, "Failed read ACPI PM profile, ignoring: %m");
+                log_debug_errno(r, "Failed read ACPI PM profile, ignoring: %m");
                 return NULL;
         }
 
         r = safe_atou(type, &t);
         free(type);
         if (r < 0) {
-                log_debug_errno(v, "Failed parse ACPI PM profile, ignoring: %m");
+                log_debug_errno(r, "Failed parse ACPI PM profile, ignoring: %m");
                 return NULL;
         }
 

src/shared/format-table.c

@@ -1409,7 +1409,7 @@ static const char *table_data_format(Table *t, TableData *d, bool avoid_uppercas
                 _cleanup_free_ char *p = NULL;
                 char *ret;
 
-                p = new(char, FORMAT_TIMESTAMP_MAX);
+                p = new(char, d->type == TABLE_TIMESTAMP_RELATIVE ? FORMAT_TIMESTAMP_RELATIVE_MAX : FORMAT_TIMESTAMP_MAX);
                 if (!p)
                         return NULL;
 
@@ -1418,7 +1418,7 @@ static const char *table_data_format(Table *t, TableData *d, bool avoid_uppercas
                 else if (d->type == TABLE_TIMESTAMP_UTC)
                         ret = format_timestamp_style(p, FORMAT_TIMESTAMP_MAX, d->timestamp, TIMESTAMP_UTC);
                 else
-                        ret = format_timestamp_relative(p, FORMAT_TIMESTAMP_MAX, d->timestamp);
+                        ret = format_timestamp_relative(p, FORMAT_TIMESTAMP_RELATIVE_MAX, d->timestamp);
                 if (!ret)
                         return "n/a";
 

src/systemctl/systemctl-show.c

@@ -1915,7 +1915,7 @@ static int show_one(
                 return log_error_errno(r, "Failed to get properties: %s", bus_error_message(&error, r));
 
         if (unit && streq_ptr(info.load_state, "not-found") && streq_ptr(info.active_state, "inactive")) {
-                log_full(show_mode == SYSTEMCTL_SHOW_STATUS ? LOG_ERR : LOG_DEBUG,
+                log_full(show_mode == SYSTEMCTL_SHOW_PROPERTIES ? LOG_DEBUG : LOG_ERR,
                          "Unit %s could not be found.", unit);
 
                 if (show_mode == SYSTEMCTL_SHOW_STATUS)

src/systemctl/systemctl-start-special.c

@@ -36,7 +36,7 @@ static int load_kexec_kernel(void) {
                 return log_error_errno(r,
                                        "No kexec kernel loaded and autodetection failed.\n%s",
                                        is_efi_boot()
-                                       ? "Cannot automatically load kernel: ESP partition mount point not found."
+                                       ? "Cannot automatically load kernel: ESP mount point not found."
                                        : "Automatic loading works only on systems booted with EFI.");
         if (r < 0)
                 return r;

test/TEST-52-HONORFIRSTSHUTDOWN/test.sh

@@ -11,7 +11,7 @@ TEST_NO_QEMU=1
 # Using timeout because if the test fails it can loop.
 # The reason is because the poweroff executed by end.service
 # could turn into a reboot if the test fails.
-NSPAWN_TIMEOUT=20
+NSPAWN_TIMEOUT=60
 
 # Remove this file if it exists. This is used along with
 # the make target "finish". Since concrete confirmation is

test/test-functions

@@ -35,6 +35,7 @@ QEMU_MEM="${QEMU_MEM:-512M}"
 # To force creating a new image from scratch (eg: to encrypt it), also define
 # TEST_FORCE_NEWIMAGE=1 in the test setup script.
 IMAGE_NAME=${IMAGE_NAME:-default}
+STRIP_BINARIES="${STRIP_BINARIES:-yes}"
 TEST_REQUIRE_INSTALL_TESTS="${TEST_REQUIRE_INSTALL_TESTS:-1}"
 TEST_PARALLELIZE="${TEST_PARALLELIZE:-0}"
 LOOPDEV=

units/systemd-homed.service.in

@@ -20,6 +20,7 @@ CapabilityBoundingSet=CAP_SYS_ADMIN CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER CAP_FS
 DeviceAllow=/dev/loop-control rw
 DeviceAllow=/dev/mapper/control rw
 DeviceAllow=block-* rw
+DeviceAllow=char-hidraw rw
 ExecStart={{ROOTLIBEXECDIR}}/systemd-homed
 IPAddressDeny=any
 KillMode=mixed