[systemd/f17] Patches from upstream
Michal Schmidt
michich at fedoraproject.org
Tue Jun 12 23:39:32 UTC 2012
commit 99043cc70768075dc724337e770a5c7fbfb328ad
Author: Michal Schmidt <mschmidt at redhat.com>
Date: Wed Jun 13 01:38:25 2012 +0200
Patches from upstream
- Fixes to journald, logind, tmpfiles
- Documentation improvements, systemctl help
- New config options for systemd, journal
- Add systemd-readahead-analyze, systemd-debug-shell.service
- Start using Type=idle
- Fixes: #828007, #814424, #831132, #791098, #823815, fdo#50402, fdo#50671
...ly-queue-default.target-after-switched-ro.patch | 118 ++++
...nal-crash-when-filesystem-is-low-on-space.patch | 56 ++
...ure-to-fstatat-at-most-once-in-rm_rf_chil.patch | 132 +++++
...-do-not-use-close-old_root_fd-after-rm_rf.patch | 28 +
0343-logind-fix-write-out-of-user-state-file.patch | 97 ++++
...all-back-to-bin-sh-in-case-sbin-init-does.patch | 36 ++
...-a-much-lower-idle-timeout-that-default-t.patch | 34 ++
...nal-log-journal-internal-messages-to-kmsg.patch | 24 +
...re-generators-never-log-into-the-journal-.patch | 122 ++++
...void-activating-the-journal-by-accident-l.patch | 38 ++
...void-running-of-readahead-services-if-rea.patch | 52 ++
...perly-document-FsckPassNo-for-mount-units.patch | 77 +++
...-t-complain-if-SELinux-userspace-is-avail.patch | 28 +
0352-units-fix-file-syntax.patch | 25 +
...-Type-idle-units-consider-START_PRE-START.patch | 98 ++++
...nfiguration-option-to-alter-capability-bo.patch | 565 ++++++++++++++++++
...ctl.xml-Add-missing-space-for-stopcommand.patch | 27 +
...t-new-name-of-loginctl-in-bash-completion.patch | 28 +
...ork-even-if-not-all-cgroups-are-available.patch | 45 ++
...s-when-dropping-capabilities-system-wide-.patch | 106 ++++
...-nice-messages-right-before-and-right-aft.patch | 40 ++
...nore-messages-read-from-proc-kmsg-that-we.patch | 57 ++
0361-build-sys-fix-built-with-disable-logind.patch | 459 +++++++++++++++
...for-now-complain-if-more-than-one-match-i.patch | 27 +
0363-journalctl-support-usr-bin-nginx-etc.patch | 69 +++
...alctl-check-first-if-match-is-a-path-name.patch | 95 +++
...-t-allow-adding-invalid-matches-to-the-co.patch | 28 +
...utdown-Don-t-skip-bind-mounts-on-shutdown.patch | 93 +++
...ngrade-database-load-time-message-to-LOG_.patch | 28 +
0368-login-properly-detect-MIMO-USB-displays.patch | 137 +++++
...operly-handle-if-we-have-no-PID-in-a-kmsg.patch | 24 +
...ntroduce-systemctl-man-to-show-man-page-f.patch | 155 +++++
...uce-a-proper-nsec_t-and-make-use-of-it-wh.patch | 363 ++++++++++++
...in-allow-setting-of-timer-slack-for-PID-1.patch | 90 +++
...require-libcap-when-building-libsystemd-s.patch | 27 +
...d-_label-to-all-mkdir-calls-that-explicit.patch | 603 ++++++++++++++++++++
...de-all-functions-with-and-without-selinux.patch | 150 +++++
...ocumentation-field-to-console-getty.servi.patch | 25 +
...umentation-for-the-binfmt-modules-load-sy.patch | 599 +++++++++++++++++++
0378-main-Silence-gcc-warning.patch | 23 +
...erly-clean-up-user-cgroups-when-they-run-.patch | 220 +++++++
0380-logind-add-new-user-state-closing.patch | 97 ++++
...plit-off-D-Bus-requires-from-selinux-conv.patch | 74 +++
...-Don-t-call-execute_directory-on-a-binary.patch | 47 ++
...rpret-the-can_sleep-return-value-properly.patch | 29 +
0384-logind-fix-indentation.patch | 31 +
0385-man-write-man-page-for-systemd-logind.patch | 252 ++++++++
0386-man-document-systemd-journal.patch | 250 ++++++++
...port-changing-the-console-tty-to-forward-.patch | 109 ++++
...ow-setting-of-a-cutoff-log-level-for-disk.patch | 392 +++++++++++++
0389-units-fix-man-section.patch | 30 +
0390-fix-typo.patch | 49 ++
...ine-MS_STRICTATIME-if-not-defined-already.patch | 37 ++
...ect-virt-fix-option-quiet-requires-an-arg.patch | 25 +
...-punt-duplicate-definition-of-InhibitWhat.patch | 25 +
...e-never-create-a-unit-name-with-a-leading.patch | 75 +++
...-support-for-deprecated-proc-self-oom_adj.patch | 61 ++
0396-systemctl-rename-man-to-help.patch | 80 +++
0397-silence-gcc-warning-on-32-bit.patch | 23 +
...dd-tool-to-analyze-the-contents-of-the-pa.patch | 252 ++++++++
...Revert-F17-units-do-not-use-Type-idle-yet.patch | 90 +++
...its-avoid-redundant-VT-clearing-by-agetty.patch | 30 +
0401-units-add-systemd-debug-shell.service.patch | 100 ++++
...-systemd-debug-shell-add-to-POTFILES.skip.patch | 21 +
...-tmpfiles-document-proper-config-file-sta.patch | 111 ++++
0404-man-replace-tabs-with-spaces.patch | 342 +++++++++++
...low-to-specify-basename-only-systemd-tmpf.patch | 94 +++
...int-error-if-basename-lookup-fails-docume.patch | 61 ++
0407-tmpfiles-fix-error-message.patch | 23 +
0408-logind-fix-check-for-multiple-sessions.patch | 62 ++
0409-journal-file-fix-mmap-leak.patch | 30 +
0410-man-fix-sysytemd-typos.patch | 65 +++
0411-F17-fix-manpage-name-typo.patch | 22 +
systemd.spec | 85 +++-
74 files changed, 8121 insertions(+), 1 deletions(-)
---
diff --git a/0339-main-properly-queue-default.target-after-switched-ro.patch b/0339-main-properly-queue-default.target-after-switched-ro.patch
new file mode 100644
index 0000000..6c0707f
--- /dev/null
+++ b/0339-main-properly-queue-default.target-after-switched-ro.patch
@@ -0,0 +1,118 @@
+From 33d882e04c830b8ca7854f2d00e00f8e6ac66e2f Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 22 May 2012 02:35:22 +0200
+Subject: [PATCH] main: properly queue default.target after switched root
+
+This also introduces rd.systemd.unit= to specify the unit to boot into
+in the initrd.
+(cherry picked from commit bf4df7c3b6cb24918d94835cafd9dd60881c8981)
+---
+ src/core/main.c | 34 +++++++++++++++++++++++++---------
+ 1 file changed, 25 insertions(+), 9 deletions(-)
+
+diff --git a/src/core/main.c b/src/core/main.c
+index 12679cb..6931627 100644
+--- a/src/core/main.c
++++ b/src/core/main.c
+@@ -77,6 +77,7 @@ static bool arg_crash_shell = false;
+ static int arg_crash_chvt = -1;
+ static bool arg_confirm_spawn = false;
+ static bool arg_show_status = true;
++static bool arg_switched_root = false;
+ #ifdef HAVE_SYSV_COMPAT
+ static bool arg_sysv_console = true;
+ #endif
+@@ -231,11 +232,13 @@ static int set_default_unit(const char *u) {
+
+ assert(u);
+
+- if (!(c = strdup(u)))
++ c = strdup(u);
++ if (!c)
+ return -ENOMEM;
+
+ free(arg_default_unit);
+ arg_default_unit = c;
++
+ return 0;
+ }
+
+@@ -257,10 +260,17 @@ static int parse_proc_cmdline_word(const char *word) {
+
+ assert(word);
+
+- if (startswith(word, "systemd.unit="))
+- return set_default_unit(word + 13);
++ if (startswith(word, "systemd.unit=")) {
++
++ if (!in_initrd())
++ return set_default_unit(word + 13);
++
++ } else if (startswith(word, "rd.systemd.unit=")) {
++
++ if (in_initrd())
++ return set_default_unit(word + 16);
+
+- else if (startswith(word, "systemd.log_target=")) {
++ } else if (startswith(word, "systemd.log_target=")) {
+
+ if (log_set_target_from_string(word + 19) < 0)
+ log_warning("Failed to parse log target %s. Ignoring.", word + 19);
+@@ -369,6 +379,7 @@ static int parse_proc_cmdline_word(const char *word) {
+
+ log_info("Supported kernel switches:\n"
+ "systemd.unit=UNIT Default unit to start\n"
++ "rd.systemd.unit=UNIT Default unit to start when run in initrd\n"
+ "systemd.dump_core=0|1 Dump core on crash\n"
+ "systemd.crash_shell=0|1 Run shell on crash\n"
+ "systemd.crash_chvt=N Change to VT #N on crash\n"
+@@ -966,7 +977,7 @@ static int parse_argv(int argc, char *argv[]) {
+ }
+
+ case ARG_SWITCHED_ROOT:
+- /* Nothing special yet */
++ arg_switched_root = true;
+ break;
+
+ case ARG_INTROSPECT: {
+@@ -1209,6 +1220,7 @@ int main(int argc, char *argv[]) {
+ int j;
+ bool loaded_policy = false;
+ bool arm_reboot_watchdog = false;
++ bool queue_default_job = false;
+ char *switch_root_dir = NULL, *switch_root_init = NULL;
+
+ #ifdef HAVE_SYSV_COMPAT
+@@ -1503,16 +1515,18 @@ int main(int argc, char *argv[]) {
+
+ manager_set_show_status(m, arg_show_status);
+
++ /* Remember whether we should queue the default job */
++ queue_default_job = !serialization || arg_switched_root;
++
+ before_startup = now(CLOCK_MONOTONIC);
+
+ r = manager_startup(m, serialization, fds);
+ if (r < 0)
+ log_error("Failed to fully start up daemon: %s", strerror(-r));
+
++ /* This will close all file descriptors that were opened, but
++ * not claimed by any unit. */
+ if (fds) {
+- /* This will close all file descriptors that were opened, but
+- * not claimed by any unit. */
+-
+ fdset_free(fds);
+ fds = NULL;
+ }
+@@ -1520,7 +1534,9 @@ int main(int argc, char *argv[]) {
+ if (serialization) {
+ fclose(serialization);
+ serialization = NULL;
+- } else {
++ }
++
++ if (queue_default_job) {
+ DBusError error;
+ Unit *target = NULL;
+ Job *default_unit_job;
diff --git a/0340-journal-crash-when-filesystem-is-low-on-space.patch b/0340-journal-crash-when-filesystem-is-low-on-space.patch
new file mode 100644
index 0000000..9df6471
--- /dev/null
+++ b/0340-journal-crash-when-filesystem-is-low-on-space.patch
@@ -0,0 +1,56 @@
+From 319abb7aa9997de34c815759f8d102d2fac4471d Mon Sep 17 00:00:00 2001
+From: Sjoerd Simons <sjoerd at luon.net>
+Date: Sat, 14 Apr 2012 14:11:08 +0200
+Subject: [PATCH] journal: crash when filesystem is low on space
+
+When space is getting too low on a file system rotating the journal file
+will fail after the rotation, as opening the new logfile will fail.
+
+Recognize this when logging the error and don't try to dereference a
+NULL JournalFile pointer.
+(cherry picked from commit 499fb2152f8518796607dd0406698cb6ce4c7098)
+---
+ src/journal/journald.c | 16 +++++++++++++---
+ 1 file changed, 13 insertions(+), 3 deletions(-)
+
+diff --git a/src/journal/journald.c b/src/journal/journald.c
+index da683d6..4d8e1ba 100644
+--- a/src/journal/journald.c
++++ b/src/journal/journald.c
+@@ -330,7 +330,10 @@ static void server_rotate(Server *s) {
+ if (s->runtime_journal) {
+ r = journal_file_rotate(&s->runtime_journal);
+ if (r < 0)
+- log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
++ if (s->runtime_journal)
++ log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
++ else
++ log_error("Failed to create new runtime journal: %s", strerror(-r));
+ else
+ server_fix_perms(s, s->runtime_journal, 0);
+ }
+@@ -338,7 +341,11 @@ static void server_rotate(Server *s) {
+ if (s->system_journal) {
+ r = journal_file_rotate(&s->system_journal);
+ if (r < 0)
+- log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
++ if (s->system_journal)
++ log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
++ else
++ log_error("Failed to create new system journal: %s", strerror(-r));
++
+ else
+ server_fix_perms(s, s->system_journal, 0);
+ }
+@@ -346,7 +353,10 @@ static void server_rotate(Server *s) {
+ HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
+ r = journal_file_rotate(&f);
+ if (r < 0)
+- log_error("Failed to rotate %s: %s", f->path, strerror(-r));
++ if (f->path)
++ log_error("Failed to rotate %s: %s", f->path, strerror(-r));
++ else
++ log_error("Failed to create user journal: %s", strerror(-r));
+ else {
+ hashmap_replace(s->user_journals, k, f);
+ server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
diff --git a/0341-util-make-sure-to-fstatat-at-most-once-in-rm_rf_chil.patch b/0341-util-make-sure-to-fstatat-at-most-once-in-rm_rf_chil.patch
new file mode 100644
index 0000000..a46d2da
--- /dev/null
+++ b/0341-util-make-sure-to-fstatat-at-most-once-in-rm_rf_chil.patch
@@ -0,0 +1,132 @@
+From 5865959e5e7280dad61eebd8ed4bd125984b387c Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 22 May 2012 16:14:34 +0200
+Subject: [PATCH] util: make sure to fstatat() at most once in
+ rm_rf_children() (cherry picked from commit
+ 7925c22a78d44b705c22a0d0972fb151d540697b)
+
+---
+ src/shared/util.c | 76 +++++++++++++++++++----------------------------------
+ 1 file changed, 27 insertions(+), 49 deletions(-)
+
+diff --git a/src/shared/util.c b/src/shared/util.c
+index aef6ebd..ae2f0fe 100644
+--- a/src/shared/util.c
++++ b/src/shared/util.c
+@@ -3146,7 +3146,7 @@ int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root
+ assert(fd >= 0);
+
+ /* This returns the first error we run into, but nevertheless
+- * tries to go on */
++ * tries to go on. This closes the passed fd. */
+
+ d = fdopendir(fd);
+ if (!d) {
+@@ -3157,7 +3157,8 @@ int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root
+
+ for (;;) {
+ struct dirent buf, *de;
+- bool is_dir, keep_around = false;
++ bool is_dir, keep_around;
++ struct stat st;
+ int r;
+
+ r = readdir_r(d, &buf, &de);
+@@ -3172,73 +3173,50 @@ int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root
+ if (streq(de->d_name, ".") || streq(de->d_name, ".."))
+ continue;
+
+- if (de->d_type == DT_UNKNOWN) {
+- struct stat st;
+-
++ if (de->d_type == DT_UNKNOWN ||
++ honour_sticky ||
++ (de->d_type == DT_DIR && root_dev)) {
+ if (fstatat(fd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
+ if (ret == 0 && errno != ENOENT)
+ ret = -errno;
+ continue;
+ }
+
+- if (honour_sticky)
+- keep_around =
+- (st.st_uid == 0 || st.st_uid == getuid()) &&
+- (st.st_mode & S_ISVTX);
+-
+ is_dir = S_ISDIR(st.st_mode);
+-
++ keep_around =
++ honour_sticky &&
++ (st.st_uid == 0 || st.st_uid == getuid()) &&
++ (st.st_mode & S_ISVTX);
+ } else {
+- if (honour_sticky) {
+- struct stat st;
+-
+- if (fstatat(fd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
+- if (ret == 0 && errno != ENOENT)
+- ret = -errno;
+- continue;
+- }
+-
+- keep_around =
+- (st.st_uid == 0 || st.st_uid == getuid()) &&
+- (st.st_mode & S_ISVTX);
+- }
+-
+ is_dir = de->d_type == DT_DIR;
++ keep_around = false;
+ }
+
+ if (is_dir) {
+ int subdir_fd;
+- struct stat sb;
+- if (root_dev) {
+- if (fstatat(fd, de->d_name, &sb, AT_SYMLINK_NOFOLLOW)) {
+- if (ret == 0 && errno != ENOENT)
+- ret = -errno;
+- continue;
+- }
+- }
+
+ /* if root_dev is set, remove subdirectories only, if device is same as dir */
+- if ((root_dev == NULL) || (sb.st_dev == root_dev->st_dev)) {
++ if (root_dev && st.st_dev != root_dev->st_dev)
++ continue;
+
+- subdir_fd = openat(fd, de->d_name,
+- O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
+- if (subdir_fd < 0) {
++ subdir_fd = openat(fd, de->d_name,
++ O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
++ if (subdir_fd < 0) {
++ if (ret == 0 && errno != ENOENT)
++ ret = -errno;
++ continue;
++ }
++
++ r = rm_rf_children(subdir_fd, only_dirs, honour_sticky, root_dev);
++ if (r < 0 && ret == 0)
++ ret = r;
++
++ if (!keep_around)
++ if (unlinkat(fd, de->d_name, AT_REMOVEDIR) < 0) {
+ if (ret == 0 && errno != ENOENT)
+ ret = -errno;
+- continue;
+ }
+
+- r = rm_rf_children(subdir_fd, only_dirs, honour_sticky, root_dev);
+- if (r < 0 && ret == 0)
+- ret = r;
+-
+- if (!keep_around)
+- if (unlinkat(fd, de->d_name, AT_REMOVEDIR) < 0) {
+- if (ret == 0 && errno != ENOENT)
+- ret = -errno;
+- }
+- }
+-
+ } else if (!only_dirs && !keep_around) {
+
+ if (unlinkat(fd, de->d_name, 0) < 0) {
diff --git a/0342-switch-root-do-not-use-close-old_root_fd-after-rm_rf.patch b/0342-switch-root-do-not-use-close-old_root_fd-after-rm_rf.patch
new file mode 100644
index 0000000..36cb479
--- /dev/null
+++ b/0342-switch-root-do-not-use-close-old_root_fd-after-rm_rf.patch
@@ -0,0 +1,28 @@
+From 8a55b789b2d3ca92ee3f7e5869b8ad143db08dc3 Mon Sep 17 00:00:00 2001
+From: Harald Hoyer <harald at redhat.com>
+Date: Tue, 22 May 2012 15:28:45 +0200
+Subject: [PATCH] switch-root: do not use close old_root_fd after
+ rm_rf_children()
+
+rm_rf_children() has already closed the fd with closedir().
+(cherry picked from commit b46178e5c2b95062b84257c0601c21c400089c09)
+---
+ src/core/switch-root.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/core/switch-root.c b/src/core/switch-root.c
+index ed0a31e..9832a52 100644
+--- a/src/core/switch-root.c
++++ b/src/core/switch-root.c
+@@ -111,8 +111,10 @@ int switch_root(const char *new_root) {
+
+ if (fstat(old_root_fd, &rb) < 0)
+ log_warning("Failed to stat old root directory, leaving: %m");
+- else
++ else {
+ rm_rf_children(old_root_fd, false, false, &rb);
++ old_root_fd = -1;
++ }
+ }
+
+ r = 0;
diff --git a/0343-logind-fix-write-out-of-user-state-file.patch b/0343-logind-fix-write-out-of-user-state-file.patch
new file mode 100644
index 0000000..bba71b3
--- /dev/null
+++ b/0343-logind-fix-write-out-of-user-state-file.patch
@@ -0,0 +1,97 @@
+From e41ba6c8d0f7e41bebdfd089c556aad748387378 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 22 May 2012 16:46:11 +0200
+Subject: [PATCH] logind: fix write out of user state file (cherry picked from
+ commit 9b958eff3fbcc345a72315a9167f6217dd841c40)
+
+---
+ src/login/logind-user.c | 65 ++++++++++++++++++++++++++++++-----------------
+ 1 file changed, 42 insertions(+), 23 deletions(-)
+
+diff --git a/src/login/logind-user.c b/src/login/logind-user.c
+index 92ba2c2..741f0e4 100644
+--- a/src/login/logind-user.c
++++ b/src/login/logind-user.c
+@@ -137,40 +137,59 @@ int user_save(User *u) {
+
+ if (u->sessions) {
+ Session *i;
++ bool first;
+
+ fputs("SESSIONS=", f);
++ first = true;
+ LIST_FOREACH(sessions_by_user, i, u->sessions) {
+- fprintf(f,
+- "%s%c",
+- i->id,
+- i->sessions_by_user_next ? ' ' : '\n');
++ if (first)
++ first = false;
++ else
++ fputc(' ', f);
++
++ fputs(i->id, f);
+ }
+
+- fputs("SEATS=", f);
++ fputs("\nSEATS=", f);
++ first = true;
+ LIST_FOREACH(sessions_by_user, i, u->sessions) {
+- if (i->seat)
+- fprintf(f,
+- "%s%c",
+- i->seat->id,
+- i->sessions_by_user_next ? ' ' : '\n');
++ if (!i->seat)
++ continue;
++
++ if (first)
++ first = false;
++ else
++ fputc(' ', f);
++
++ fputs(i->seat->id, f);
+ }
+
+- fputs("ACTIVE_SESSIONS=", f);
+- LIST_FOREACH(sessions_by_user, i, u->sessions)
+- if (session_is_active(i))
+- fprintf(f,
+- "%lu%c",
+- (unsigned long) i->user->uid,
+- i->sessions_by_user_next ? ' ' : '\n');
++ fputs("\nACTIVE_SESSIONS=", f);
++ first = true;
++ LIST_FOREACH(sessions_by_user, i, u->sessions) {
++ if (!session_is_active(i))
++ continue;
++
++ if (first)
++ first = false;
++ else
++ fputc(' ', f);
++
++ fputs(i->id, f);
++ }
+
+- fputs("ACTIVE_SEATS=", f);
++ fputs("\nACTIVE_SEATS=", f);
++ first = true;
+ LIST_FOREACH(sessions_by_user, i, u->sessions) {
+- if (session_is_active(i) && i->seat)
+- fprintf(f,
+- "%s%c",
+- i->seat->id,
+- i->sessions_by_user_next ? ' ' : '\n');
++ if (!session_is_active(i) || !i->seat)
++ continue;
++
++ if (first)
++ first = false;
++ else
++ fputs(i->seat->id, f);
+ }
++ fputc('\n', f);
+ }
+
+ fflush(f);
diff --git a/0344-main-only-fall-back-to-bin-sh-in-case-sbin-init-does.patch b/0344-main-only-fall-back-to-bin-sh-in-case-sbin-init-does.patch
new file mode 100644
index 0000000..f5b062d
--- /dev/null
+++ b/0344-main-only-fall-back-to-bin-sh-in-case-sbin-init-does.patch
@@ -0,0 +1,36 @@
+From c10c2bb95f68b085bfb70bd2ec5cd17411b18d8c Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Tue, 22 May 2012 19:11:10 +0200
+Subject: [PATCH] main: only fall back to /bin/sh in case /sbin/init does not
+ exist (cherry picked from commit
+ 745e2fb79ab20f3e98310d5e889a161ffe8b492c)
+
+---
+ src/core/main.c | 13 ++++++++-----
+ 1 file changed, 8 insertions(+), 5 deletions(-)
+
+diff --git a/src/core/main.c b/src/core/main.c
+index 6931627..f1b2b28 100644
+--- a/src/core/main.c
++++ b/src/core/main.c
+@@ -1755,12 +1755,15 @@ finish:
+ args[0] = "/sbin/init";
+ execv(args[0], (char* const*) args);
+
+- log_warning("Failed to execute /sbin/init, trying fallback: %m");
++ if (errno == ENOENT) {
++ log_warning("No /sbin/init, trying fallback");
+
+- args[0] = "/bin/sh";
+- args[1] = NULL;
+- execv(args[0], (char* const*) args);
+- log_error("Failed to execute /bin/sh, giving up: %m");
++ args[0] = "/bin/sh";
++ args[1] = NULL;
++ execv(args[0], (char* const*) args);
++ log_error("Failed to execute /bin/sh, giving up: %m");
++ } else
++ log_warning("Failed to execute /sbin/init, giving up: %m");
+ }
+
+ if (serialization)
diff --git a/0345-execute-use-a-much-lower-idle-timeout-that-default-t.patch b/0345-execute-use-a-much-lower-idle-timeout-that-default-t.patch
new file mode 100644
index 0000000..5a25d9f
--- /dev/null
+++ b/0345-execute-use-a-much-lower-idle-timeout-that-default-t.patch
@@ -0,0 +1,34 @@
+From 3f7522db1fff2959171da18b3a3599916645bab7 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 22 May 2012 19:26:13 +0200
+Subject: [PATCH] execute: use a much lower idle timeout that default time
+
+The idle timeout after all is for cosmetics only, hence avoid any
+substantial delays just for it.
+(cherry picked from commit e6a2674500dd4fa0b5eaa93ab77502ba14688c08)
+---
+ src/core/execute.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/core/execute.c b/src/core/execute.c
+index bd6c781..67b792b 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -61,6 +61,8 @@
+ #include "loopback-setup.h"
+ #include "path-util.h"
+
++#define IDLE_TIMEOUT_USEC (1*USEC_PER_SEC)
++
+ /* This assumes there is a 'tty' group */
+ #define TTY_MODE 0620
+
+@@ -1065,7 +1067,7 @@ int exec_spawn(ExecCommand *command,
+ if (idle_pipe[1] >= 0)
+ close_nointr_nofail(idle_pipe[1]);
+ if (idle_pipe[0] >= 0) {
+- fd_wait_for_event(idle_pipe[0], POLLHUP, DEFAULT_TIMEOUT_USEC);
++ fd_wait_for_event(idle_pipe[0], POLLHUP, IDLE_TIMEOUT_USEC);
+ close_nointr_nofail(idle_pipe[0]);
+ }
+ }
diff --git a/0346-journal-log-journal-internal-messages-to-kmsg.patch b/0346-journal-log-journal-internal-messages-to-kmsg.patch
new file mode 100644
index 0000000..c770bbc
--- /dev/null
+++ b/0346-journal-log-journal-internal-messages-to-kmsg.patch
@@ -0,0 +1,24 @@
+From bf326a68e6e332957e3c770d013d16528b01f170 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 22 May 2012 19:26:51 +0200
+Subject: [PATCH] journal: log journal internal messages to kmsg (cherry
+ picked from commit
+ 5ad661b6b05698f8cdb62c1191195b07c68db0f6)
+
+---
+ src/journal/journald.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/journal/journald.c b/src/journal/journald.c
+index 4d8e1ba..a097c72 100644
+--- a/src/journal/journald.c
++++ b/src/journal/journald.c
+@@ -2774,7 +2774,7 @@ int main(int argc, char *argv[]) {
+ return EXIT_FAILURE;
+ }
+
+- log_set_target(LOG_TARGET_CONSOLE);
++ log_set_target(LOG_TARGET_KMSG);
+ log_set_facility(LOG_SYSLOG);
+ log_parse_environment();
+ log_open();
diff --git a/0347-log-make-sure-generators-never-log-into-the-journal-.patch b/0347-log-make-sure-generators-never-log-into-the-journal-.patch
new file mode 100644
index 0000000..68ff185
--- /dev/null
+++ b/0347-log-make-sure-generators-never-log-into-the-journal-.patch
@@ -0,0 +1,122 @@
+From 3c841d30cc4945ba6abc0884730afb21a0af23e9 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 22 May 2012 22:00:37 +0200
+Subject: [PATCH] log: make sure generators never log into the journal to
+ avoid activation deadlocks
+
+This makes all generators log to kmsg by default.
+(cherry picked from commit a6903061530cac5fbaa99a080a93221c02c349f9)
+
+Conflicts:
+ src/fstab-generator/fstab-generator.c
+ src/system-update-generator/system-update-generator.c
+---
+ src/cryptsetup/cryptsetup-generator.c | 2 +-
+ src/getty-generator/getty-generator.c | 2 +-
+ src/journal/journald.c | 2 +-
+ src/rc-local-generator/rc-local-generator.c | 2 +-
+ src/shared/log.c | 5 ++++-
+ src/shared/log.h | 1 +
+ 6 files changed, 9 insertions(+), 5 deletions(-)
+
+diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
+index 29a7bf5..2e43f5e 100644
+--- a/src/cryptsetup/cryptsetup-generator.c
++++ b/src/cryptsetup/cryptsetup-generator.c
+@@ -248,7 +248,7 @@ int main(int argc, char *argv[]) {
+ if (argc > 1)
+ arg_dest = argv[1];
+
+- log_set_target(LOG_TARGET_AUTO);
++ log_set_target(LOG_TARGET_SAFE);
+ log_parse_environment();
+ log_open();
+
+diff --git a/src/getty-generator/getty-generator.c b/src/getty-generator/getty-generator.c
+index 323d29c..6a27213 100644
+--- a/src/getty-generator/getty-generator.c
++++ b/src/getty-generator/getty-generator.c
+@@ -104,7 +104,7 @@ int main(int argc, char *argv[]) {
+ return EXIT_FAILURE;
+ }
+
+- log_set_target(LOG_TARGET_AUTO);
++ log_set_target(LOG_TARGET_SAFE);
+ log_parse_environment();
+ log_open();
+
+diff --git a/src/journal/journald.c b/src/journal/journald.c
+index a097c72..99fbd6d 100644
+--- a/src/journal/journald.c
++++ b/src/journal/journald.c
+@@ -2774,7 +2774,7 @@ int main(int argc, char *argv[]) {
+ return EXIT_FAILURE;
+ }
+
+- log_set_target(LOG_TARGET_KMSG);
++ log_set_target(LOG_TARGET_SAFE);
+ log_set_facility(LOG_SYSLOG);
+ log_parse_environment();
+ log_open();
+diff --git a/src/rc-local-generator/rc-local-generator.c b/src/rc-local-generator/rc-local-generator.c
+index 26fe657..7add072 100644
+--- a/src/rc-local-generator/rc-local-generator.c
++++ b/src/rc-local-generator/rc-local-generator.c
+@@ -91,7 +91,7 @@ int main(int argc, char *argv[]) {
+ return EXIT_FAILURE;
+ }
+
+- log_set_target(LOG_TARGET_AUTO);
++ log_set_target(LOG_TARGET_SAFE);
+ log_parse_environment();
+ log_open();
+
+diff --git a/src/shared/log.c b/src/shared/log.c
+index b826880..a2fa653 100644
+--- a/src/shared/log.c
++++ b/src/shared/log.c
+@@ -240,7 +240,7 @@ int log_open(void) {
+ return 0;
+ }
+
+- if (log_target != LOG_TARGET_AUTO ||
++ if ((log_target != LOG_TARGET_AUTO && log_target != LOG_TARGET_SAFE) ||
+ getpid() == 1 ||
+ isatty(STDERR_FILENO) <= 0) {
+
+@@ -266,6 +266,7 @@ int log_open(void) {
+ }
+
+ if (log_target == LOG_TARGET_AUTO ||
++ log_target == LOG_TARGET_SAFE ||
+ log_target == LOG_TARGET_JOURNAL_OR_KMSG ||
+ log_target == LOG_TARGET_SYSLOG_OR_KMSG ||
+ log_target == LOG_TARGET_KMSG) {
+@@ -547,6 +548,7 @@ static int log_dispatch(
+
+ if (k <= 0 &&
+ (log_target == LOG_TARGET_AUTO ||
++ log_target == LOG_TARGET_SAFE ||
+ log_target == LOG_TARGET_SYSLOG_OR_KMSG ||
+ log_target == LOG_TARGET_JOURNAL_OR_KMSG ||
+ log_target == LOG_TARGET_KMSG)) {
+@@ -744,6 +746,7 @@ static const char *const log_target_table[] = {
+ [LOG_TARGET_SYSLOG] = "syslog",
+ [LOG_TARGET_SYSLOG_OR_KMSG] = "syslog-or-kmsg",
+ [LOG_TARGET_AUTO] = "auto",
++ [LOG_TARGET_SAFE] = "safe",
+ [LOG_TARGET_NULL] = "null"
+ };
+
+diff --git a/src/shared/log.h b/src/shared/log.h
+index 3283808..daea8b4 100644
+--- a/src/shared/log.h
++++ b/src/shared/log.h
+@@ -36,6 +36,7 @@ typedef enum LogTarget{
+ LOG_TARGET_SYSLOG,
+ LOG_TARGET_SYSLOG_OR_KMSG,
+ LOG_TARGET_AUTO, /* console if stderr is tty, JOURNAL_OR_KMSG otherwise */
++ LOG_TARGET_SAFE, /* console if stderr is tty, KMSG otherwise */
+ LOG_TARGET_NULL,
+ _LOG_TARGET_MAX,
+ _LOG_TARGET_INVALID = -1
diff --git a/0348-readahead-avoid-activating-the-journal-by-accident-l.patch b/0348-readahead-avoid-activating-the-journal-by-accident-l.patch
new file mode 100644
index 0000000..b8ba208
--- /dev/null
+++ b/0348-readahead-avoid-activating-the-journal-by-accident-l.patch
@@ -0,0 +1,38 @@
+From e3dc6c3c2ede5ad5a255bdd104e4c6aa3fa10bfd Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 23 May 2012 03:50:53 +0200
+Subject: [PATCH] readahead: avoid activating the journal by accident, log
+ directly to kmsg (cherry picked from commit
+ e905f48fdc78fe3e4708aeb8515fc260eaf4eb6b)
+
+---
+ src/readahead/readahead-collect.c | 2 +-
+ src/readahead/readahead-replay.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/readahead/readahead-collect.c b/src/readahead/readahead-collect.c
+index 66d08bb..46e5e2c 100644
+--- a/src/readahead/readahead-collect.c
++++ b/src/readahead/readahead-collect.c
+@@ -683,7 +683,7 @@ int main(int argc, char *argv[]) {
+ int r;
+ const char *root;
+
+- log_set_target(LOG_TARGET_AUTO);
++ log_set_target(LOG_TARGET_SAFE);
+ log_parse_environment();
+ log_open();
+
+diff --git a/src/readahead/readahead-replay.c b/src/readahead/readahead-replay.c
+index 7636cd4..2b30549 100644
+--- a/src/readahead/readahead-replay.c
++++ b/src/readahead/readahead-replay.c
+@@ -360,7 +360,7 @@ int main(int argc, char*argv[]) {
+ int r;
+ const char *root;
+
+- log_set_target(LOG_TARGET_AUTO);
++ log_set_target(LOG_TARGET_SAFE);
+ log_parse_environment();
+ log_open();
+
diff --git a/0349-readahead-avoid-running-of-readahead-services-if-rea.patch b/0349-readahead-avoid-running-of-readahead-services-if-rea.patch
new file mode 100644
index 0000000..7c63803
--- /dev/null
+++ b/0349-readahead-avoid-running-of-readahead-services-if-rea.patch
@@ -0,0 +1,52 @@
+From 49fe9ef9af86c84096976dcc75ad484abdee7814 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 23 May 2012 03:51:25 +0200
+Subject: [PATCH] readahead: avoid running of readahead services if readahead
+ is already done (cherry picked from commit
+ 08231e5142bff7ace79957835656672ac100031b)
+
+---
+ src/readahead/sd-readahead.c | 3 ++-
+ units/systemd-readahead-collect.service.in | 2 ++
+ units/systemd-readahead-replay.service.in | 1 +
+ 3 files changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/readahead/sd-readahead.c b/src/readahead/sd-readahead.c
+index a334066..d48cd76 100644
+--- a/src/readahead/sd-readahead.c
++++ b/src/readahead/sd-readahead.c
+@@ -57,7 +57,8 @@ static int touch(const char *path) {
+ mkdir("/run/systemd", 0755);
+ mkdir("/run/systemd/readahead", 0755);
+
+- if ((fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, 0666)) < 0)
++ fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, 0666);
++ if (fd < 0)
+ return -errno;
+
+ for (;;) {
+diff --git a/units/systemd-readahead-collect.service.in b/units/systemd-readahead-collect.service.in
+index ceef448..3cc11f1 100644
+--- a/units/systemd-readahead-collect.service.in
++++ b/units/systemd-readahead-collect.service.in
+@@ -11,6 +11,8 @@ DefaultDependencies=no
+ Wants=systemd-readahead-done.timer
+ Conflicts=shutdown.target
+ Before=sysinit.target shutdown.target
++ConditionFileExists=!/run/systemd/readahead/cancel
++ConditionFileExists=!/run/systemd/readahead/done
+ ConditionVirtualization=no
+
+ [Service]
+diff --git a/units/systemd-readahead-replay.service.in b/units/systemd-readahead-replay.service.in
+index f1e034b..bd91a61 100644
+--- a/units/systemd-readahead-replay.service.in
++++ b/units/systemd-readahead-replay.service.in
+@@ -10,6 +10,7 @@ Description=Replay Read-Ahead Data
+ DefaultDependencies=no
+ Conflicts=shutdown.target
+ Before=sysinit.target shutdown.target
++ConditionPathExists=!/run/systemd/readahead/noreplay
+ ConditionPathExists=/.readahead
+ ConditionVirtualization=no
+
diff --git a/0350-man-properly-document-FsckPassNo-for-mount-units.patch b/0350-man-properly-document-FsckPassNo-for-mount-units.patch
new file mode 100644
index 0000000..1cb8a5c
--- /dev/null
+++ b/0350-man-properly-document-FsckPassNo-for-mount-units.patch
@@ -0,0 +1,77 @@
+From 3afdec135ae68ea6249580f34f60fa040ada5910 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 23 May 2012 04:11:29 +0200
+Subject: [PATCH] man: properly document FsckPassNo= for mount units (cherry
+ picked from commit
+ 66b1a24790ccc3c60509e6f94890ed8c20a2fe9e)
+
+---
+ man/systemd.mount.xml | 13 +++++++++++++
+ man/systemd.service.xml | 9 ---------
+ src/core/load-fragment-gperf.gperf.m4 | 2 +-
+ 3 files changed, 14 insertions(+), 10 deletions(-)
+
+diff --git a/man/systemd.mount.xml b/man/systemd.mount.xml
+index a4e01fd..78cd652 100644
+--- a/man/systemd.mount.xml
++++ b/man/systemd.mount.xml
+@@ -257,6 +257,18 @@
+ value. Defaults to "yes".
+ </para></listitem>
+ </varlistentry>
++
++ <varlistentry>
++ <term><varname>FsckPassNo=</varname></term>
++
++ <listitem><para>The pass number for
++ the file system checking service for
++ this mount. See
++ <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
++ for more information on this setting.
++ </para></listitem>
++ </varlistentry>
++
+ </variablelist>
+ </refsect1>
+
+@@ -267,6 +279,7 @@
+ <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>mount</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+diff --git a/man/systemd.service.xml b/man/systemd.service.xml
+index 430971f..9a80dd7 100644
+--- a/man/systemd.service.xml
++++ b/man/systemd.service.xml
+@@ -824,15 +824,6 @@
+ <option>none</option>.</para></listitem>
+ </varlistentry>
+
+- <varlistentry>
+- <term><varname>FsckPassNo=</varname></term>
+-
+- <listitem><para>If this is an file
+- system checking service specify the
+- pass number. This should not be used
+- for normal services.</para></listitem>
+- </varlistentry>
+-
+ </variablelist>
+ </refsect1>
+
+diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4
+index 681f2e9..9c4a930 100644
+--- a/src/core/load-fragment-gperf.gperf.m4
++++ b/src/core/load-fragment-gperf.gperf.m4
+@@ -200,7 +200,7 @@ Mount.What, config_parse_string, 0,
+ Mount.Where, config_parse_path, 0, offsetof(Mount, where)
+ Mount.Options, config_parse_string, 0, offsetof(Mount, parameters_fragment.options)
+ Mount.Type, config_parse_string, 0, offsetof(Mount, parameters_fragment.fstype)
+-Mount.FsckPassNo, config_parse_int, 0, offsetof(Mount, parameters_fragment.passno)
++Mount.FsckPassNo, config_parse_fsck_passno, 0, offsetof(Mount, parameters_fragment.passno)
+ Mount.TimeoutSec, config_parse_usec, 0, offsetof(Mount, timeout_usec)
+ Mount.DirectoryMode, config_parse_mode, 0, offsetof(Mount, directory_mode)
+ EXEC_CONTEXT_CONFIG_ITEMS(Mount)m4_dnl
diff --git a/0351-journal-don-t-complain-if-SELinux-userspace-is-avail.patch b/0351-journal-don-t-complain-if-SELinux-userspace-is-avail.patch
new file mode 100644
index 0000000..db8345f
--- /dev/null
+++ b/0351-journal-don-t-complain-if-SELinux-userspace-is-avail.patch
@@ -0,0 +1,28 @@
+From 9f1da0958259de07716bd939e4f43556c89387c6 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 23 May 2012 12:49:41 +0200
+Subject: [PATCH] journal: don't complain if SELinux userspace is available
+ but the kernel lacks it (cherry picked from commit
+ 1afd5be42f8f4105dd47c71ce968c9d5bf81e0a8)
+
+Conflicts:
+ TODO
+---
+ src/journal/journald.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/journal/journald.c b/src/journal/journald.c
+index 99fbd6d..de0c604 100644
+--- a/src/journal/journald.c
++++ b/src/journal/journald.c
+@@ -1692,8 +1692,8 @@ static int stdout_stream_new(Server *s) {
+ }
+
+ #ifdef HAVE_SELINUX
+- if (getpeercon(fd, &stream->security_context) < 0)
+- log_error("Failed to determine peer security context.");
++ if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
++ log_error("Failed to determine peer security context: %m");
+ #endif
+
+ if (shutdown(fd, SHUT_WR) < 0) {
diff --git a/0352-units-fix-file-syntax.patch b/0352-units-fix-file-syntax.patch
new file mode 100644
index 0000000..abdaf2a
--- /dev/null
+++ b/0352-units-fix-file-syntax.patch
@@ -0,0 +1,25 @@
+From 99b3092dfd14db40a4b01ff40e257a6f6dde5f17 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 23 May 2012 12:49:49 +0200
+Subject: [PATCH] units: fix file syntax (cherry picked from commit
+ 659635ab22a2dc43e3ffec9b60cacc242fd02f52)
+
+---
+ units/systemd-readahead-collect.service.in | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/units/systemd-readahead-collect.service.in b/units/systemd-readahead-collect.service.in
+index 3cc11f1..0bc3954 100644
+--- a/units/systemd-readahead-collect.service.in
++++ b/units/systemd-readahead-collect.service.in
+@@ -11,8 +11,8 @@ DefaultDependencies=no
+ Wants=systemd-readahead-done.timer
+ Conflicts=shutdown.target
+ Before=sysinit.target shutdown.target
+-ConditionFileExists=!/run/systemd/readahead/cancel
+-ConditionFileExists=!/run/systemd/readahead/done
++ConditionPathExists=!/run/systemd/readahead/cancel
++ConditionPathExists=!/run/systemd/readahead/done
+ ConditionVirtualization=no
+
+ [Service]
diff --git a/0353-service-for-Type-idle-units-consider-START_PRE-START.patch b/0353-service-for-Type-idle-units-consider-START_PRE-START.patch
new file mode 100644
index 0000000..a04d8bc
--- /dev/null
+++ b/0353-service-for-Type-idle-units-consider-START_PRE-START.patch
@@ -0,0 +1,98 @@
+From b8eb35a32344948ab82138e8ecee471479ea0959 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 24 May 2012 02:22:35 +0200
+Subject: [PATCH] service: for Type=idle units consider START_PRE, START,
+ START_POST all as ACTIVE
+
+We want to avoid a deadlock when a service has ExecStartPre= programs
+that wait for the job queue to run empty because of Type=idle, but which
+themselves keep the queue non-empty because START_PRE was considered
+ACTIVATING and hence the job not complete. With this patch we alter the
+state translation table so that it is impossible ever to wait for
+Type=idle unit, hence removing the deadlock.
+(cherry picked from commit e056b01d8acea7fc06d52ef91d227d744faf5259)
+---
+ src/core/execute.c | 2 +-
+ src/core/service.c | 31 +++++++++++++++++++++++++++++--
+ 2 files changed, 30 insertions(+), 3 deletions(-)
+
+diff --git a/src/core/execute.c b/src/core/execute.c
+index 67b792b..a2ef77c 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -61,7 +61,7 @@
+ #include "loopback-setup.h"
+ #include "path-util.h"
+
+-#define IDLE_TIMEOUT_USEC (1*USEC_PER_SEC)
++#define IDLE_TIMEOUT_USEC (5*USEC_PER_SEC)
+
+ /* This assumes there is a 'tty' group */
+ #define TTY_MODE 0620
+diff --git a/src/core/service.c b/src/core/service.c
+index 3abb729..53b0847 100644
+--- a/src/core/service.c
++++ b/src/core/service.c
+@@ -108,6 +108,26 @@ static const UnitActiveState state_translation_table[_SERVICE_STATE_MAX] = {
+ [SERVICE_AUTO_RESTART] = UNIT_ACTIVATING
+ };
+
++/* For Type=idle we never want to delay any other jobs, hence we
++ * consider idle jobs active as soon as we start working on them */
++static const UnitActiveState state_translation_table_idle[_SERVICE_STATE_MAX] = {
++ [SERVICE_DEAD] = UNIT_INACTIVE,
++ [SERVICE_START_PRE] = UNIT_ACTIVE,
++ [SERVICE_START] = UNIT_ACTIVE,
++ [SERVICE_START_POST] = UNIT_ACTIVE,
++ [SERVICE_RUNNING] = UNIT_ACTIVE,
++ [SERVICE_EXITED] = UNIT_ACTIVE,
++ [SERVICE_RELOAD] = UNIT_RELOADING,
++ [SERVICE_STOP] = UNIT_DEACTIVATING,
++ [SERVICE_STOP_SIGTERM] = UNIT_DEACTIVATING,
++ [SERVICE_STOP_SIGKILL] = UNIT_DEACTIVATING,
++ [SERVICE_STOP_POST] = UNIT_DEACTIVATING,
++ [SERVICE_FINAL_SIGTERM] = UNIT_DEACTIVATING,
++ [SERVICE_FINAL_SIGKILL] = UNIT_DEACTIVATING,
++ [SERVICE_FAILED] = UNIT_FAILED,
++ [SERVICE_AUTO_RESTART] = UNIT_ACTIVATING
++};
++
+ static void service_init(Unit *u) {
+ Service *s = SERVICE(u);
+ int i;
+@@ -1469,8 +1489,11 @@ static void service_notify_sockets_dead(Service *s, bool failed_permanent) {
+
+ static void service_set_state(Service *s, ServiceState state) {
+ ServiceState old_state;
++ const UnitActiveState *table;
+ assert(s);
+
++ table = s->type == SERVICE_IDLE ? state_translation_table_idle : state_translation_table;
++
+ old_state = s->state;
+ s->state = state;
+
+@@ -1553,7 +1576,7 @@ static void service_set_state(Service *s, ServiceState state) {
+ if (old_state != state)
+ log_debug("%s changed %s -> %s", UNIT(s)->id, service_state_to_string(old_state), service_state_to_string(state));
+
+- unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], s->reload_result == SERVICE_SUCCESS);
++ unit_notify(UNIT(s), table[old_state], table[state], s->reload_result == SERVICE_SUCCESS);
+ s->reload_result = SERVICE_SUCCESS;
+ }
+
+@@ -2692,9 +2715,13 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value,
+ }
+
+ static UnitActiveState service_active_state(Unit *u) {
++ const UnitActiveState *table;
++
+ assert(u);
+
+- return state_translation_table[SERVICE(u)->state];
++ table = SERVICE(u)->type == SERVICE_IDLE ? state_translation_table_idle : state_translation_table;
++
++ return table[SERVICE(u)->state];
+ }
+
+ static const char *service_sub_state_to_string(Unit *u) {
diff --git a/0354-main-add-configuration-option-to-alter-capability-bo.patch b/0354-main-add-configuration-option-to-alter-capability-bo.patch
new file mode 100644
index 0000000..4cce595
--- /dev/null
+++ b/0354-main-add-configuration-option-to-alter-capability-bo.patch
@@ -0,0 +1,565 @@
+From fe55ab80cc20ed77f99bb39b292ddf91161b052a Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 24 May 2012 04:00:56 +0200
+Subject: [PATCH] main: add configuration option to alter capability bounding
+ set for PID 1
+
+This also ensures that caps dropped from the bounding set are also
+dropped from the inheritable set, to be extra-secure. Usually that should
+change very little though as the inheritable set is empty for all our uses
+anyway.
+(cherry picked from commit ec8927ca5940e809f0b72f530582c76f1db4f065)
+
+Conflicts:
+ TODO
+---
+ man/systemd.conf.xml | 45 +++++++++++++++--
+ man/systemd.exec.xml | 16 +++---
+ src/core/execute.c | 64 +-----------------------
+ src/core/load-fragment-gperf.gperf.m4 | 2 +-
+ src/core/load-fragment.c | 13 ++---
+ src/core/load-fragment.h | 2 +-
+ src/core/main.c | 11 ++++
+ src/core/system.conf | 17 +++++++
+ src/nspawn/nspawn.c | 70 ++++++++++----------------
+ src/shared/capability.c | 89 ++++++++++++++++++++++++++++++++-
+ src/shared/capability.h | 5 ++
+ 11 files changed, 208 insertions(+), 126 deletions(-)
+
+diff --git a/man/systemd.conf.xml b/man/systemd.conf.xml
+index d37c574..8e288eb 100644
+--- a/man/systemd.conf.xml
++++ b/man/systemd.conf.xml
+@@ -196,6 +196,38 @@
+ </varlistentry>
+
+ <varlistentry>
++ <term><varname>CapabilityBoundingSet=</varname></term>
++
++ <listitem><para>Controls which
++ capabilities to include in the
++ capability bounding set for PID 1 and
++ its children. See
++ <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
++ for details. Takes a whitespace
++ separated list of capability names as
++ read by
++ <citerefentry><refentrytitle>cap_from_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
++ Capabilities listed will be included
++ in the bounding set, all others are
++ removed. If the list of capabilities
++ is prefixed with ~ all but the listed
++ capabilities will be included, the
++ effect of the assignment
++ inverted. Note that this option also
++ effects the respective capabilities in
++ the effective, permitted and
++ inheritable capability sets. The
++ capability bounding set may also be
++ individually configured for units
++ using the
++ <varname>CapabilityBoundingSet=</varname>
++ directive for units, but note that
++ capabilities dropped for PID 1 cannot
++ be regained in individual units, they
++ are lost for good.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
+ <term><varname>DefaultLimitCPU=</varname></term>
+ <term><varname>DefaultLimitFSIZE=</varname></term>
+ <term><varname>DefaultLimitDATA=</varname></term>
+@@ -212,14 +244,21 @@
+ <term><varname>DefaultLimitNICE=</varname></term>
+ <term><varname>DefaultLimitRTPRIO=</varname></term>
+ <term><varname>DefaultLimitRTTIME=</varname></term>
++
+ <listitem><para>These settings control
+- various default resource limits for units. See
++ various default resource limits for
++ units. See
+ <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry>
+ for details. Use the string
+ <varname>infinity</varname> to
+ configure no limit on a specific
+- resource. They can be overriden in units files
+- using corresponding LimitXXXX parameter.</para></listitem>
++ resource. These settings may be
++ overriden in individual units
++ using the corresponding LimitXXX=
++ directives. Note that these resource
++ limits are only defaults for units,
++ they are not applied to PID 1
++ itself.</para></listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
+index e6f49c9..7d28545 100644
+--- a/man/systemd.exec.xml
++++ b/man/systemd.exec.xml
+@@ -678,17 +678,17 @@
+ is prefixed with ~ all but the listed
+ capabilities will be included, the
+ effect of the assignment
+- inverted. Note that this option does
+- not actually set or unset any
+- capabilities in the effective,
+- permitted or inherited capability
+- sets. That's what
+- <varname>Capabilities=</varname> is
+- for. If this option is not used the
++ inverted. Note that this option also
++ effects the respective capabilities in
++ the effective, permitted and
++ inheritable capability sets, on top of
++ what <varname>Capabilities=</varname>
++ does. If this option is not used the
+ capability bounding set is not
+ modified on process execution, hence
+ no limits on the capabilities of the
+- process are enforced.</para></listitem>
++ process are
++ enforced.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+diff --git a/src/core/execute.c b/src/core/execute.c
+index a2ef77c..f93c9a4 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -870,68 +870,6 @@ fail:
+ }
+ #endif
+
+-static int do_capability_bounding_set_drop(uint64_t drop) {
+- unsigned long i;
+- cap_t old_cap = NULL, new_cap = NULL;
+- cap_flag_value_t fv;
+- int r;
+-
+- /* If we are run as PID 1 we will lack CAP_SETPCAP by default
+- * in the effective set (yes, the kernel drops that when
+- * executing init!), so get it back temporarily so that we can
+- * call PR_CAPBSET_DROP. */
+-
+- old_cap = cap_get_proc();
+- if (!old_cap)
+- return -errno;
+-
+- if (cap_get_flag(old_cap, CAP_SETPCAP, CAP_EFFECTIVE, &fv) < 0) {
+- r = -errno;
+- goto finish;
+- }
+-
+- if (fv != CAP_SET) {
+- static const cap_value_t v = CAP_SETPCAP;
+-
+- new_cap = cap_dup(old_cap);
+- if (!new_cap) {
+- r = -errno;
+- goto finish;
+- }
+-
+- if (cap_set_flag(new_cap, CAP_EFFECTIVE, 1, &v, CAP_SET) < 0) {
+- r = -errno;
+- goto finish;
+- }
+-
+- if (cap_set_proc(new_cap) < 0) {
+- r = -errno;
+- goto finish;
+- }
+- }
+-
+- for (i = 0; i <= cap_last_cap(); i++)
+- if (drop & ((uint64_t) 1ULL << (uint64_t) i)) {
+- if (prctl(PR_CAPBSET_DROP, i) < 0) {
+- r = -errno;
+- goto finish;
+- }
+- }
+-
+- r = 0;
+-
+-finish:
+- if (new_cap)
+- cap_free(new_cap);
+-
+- if (old_cap) {
+- cap_set_proc(old_cap);
+- cap_free(old_cap);
+- }
+-
+- return r;
+-}
+-
+ static void rename_process_from_path(const char *path) {
+ char process_name[11];
+ const char *p;
+@@ -1398,7 +1336,7 @@ int exec_spawn(ExecCommand *command,
+ }
+
+ if (context->capability_bounding_set_drop) {
+- err = do_capability_bounding_set_drop(context->capability_bounding_set_drop);
++ err = capability_bounding_set_drop(context->capability_bounding_set_drop, false);
+ if (err < 0) {
+ r = EXIT_CAPABILITIES;
+ goto fail_child;
+diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4
+index 9c4a930..9efc859 100644
+--- a/src/core/load-fragment-gperf.gperf.m4
++++ b/src/core/load-fragment-gperf.gperf.m4
+@@ -46,7 +46,7 @@ $1.SyslogLevel, config_parse_level, 0,
+ $1.SyslogLevelPrefix, config_parse_bool, 0, offsetof($1, exec_context.syslog_level_prefix)
+ $1.Capabilities, config_parse_exec_capabilities, 0, offsetof($1, exec_context)
+ $1.SecureBits, config_parse_exec_secure_bits, 0, offsetof($1, exec_context)
+-$1.CapabilityBoundingSet, config_parse_exec_bounding_set, 0, offsetof($1, exec_context)
++$1.CapabilityBoundingSet, config_parse_bounding_set, 0, offsetof($1, exec_context.capability_bounding_set_drop)
+ $1.TimerSlackNSec, config_parse_exec_timer_slack_nsec, 0, offsetof($1, exec_context)
+ $1.LimitCPU, config_parse_limit, RLIMIT_CPU, offsetof($1, exec_context.rlimit)
+ $1.LimitFSIZE, config_parse_limit, RLIMIT_FSIZE, offsetof($1, exec_context.rlimit)
+diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
+index b59029e..bb27d95 100644
+--- a/src/core/load-fragment.c
++++ b/src/core/load-fragment.c
+@@ -931,7 +931,7 @@ int config_parse_exec_secure_bits(
+ return 0;
+ }
+
+-int config_parse_exec_bounding_set(
++int config_parse_bounding_set(
+ const char *filename,
+ unsigned line,
+ const char *section,
+@@ -941,7 +941,7 @@ int config_parse_exec_bounding_set(
+ void *data,
+ void *userdata) {
+
+- ExecContext *c = data;
++ uint64_t *capability_bounding_set_drop = data;
+ char *w;
+ size_t l;
+ char *state;
+@@ -968,7 +968,8 @@ int config_parse_exec_bounding_set(
+ int r;
+ cap_value_t cap;
+
+- if (!(t = strndup(w, l)))
++ t = strndup(w, l);
++ if (!t)
+ return -ENOMEM;
+
+ r = cap_from_name(t, &cap);
+@@ -983,9 +984,9 @@ int config_parse_exec_bounding_set(
+ }
+
+ if (invert)
+- c->capability_bounding_set_drop |= sum;
++ *capability_bounding_set_drop |= sum;
+ else
+- c->capability_bounding_set_drop |= ~sum;
++ *capability_bounding_set_drop |= ~sum;
+
+ return 0;
+ }
+@@ -2440,7 +2441,7 @@ void unit_dump_config_items(FILE *f) {
+ { config_parse_level, "LEVEL" },
+ { config_parse_exec_capabilities, "CAPABILITIES" },
+ { config_parse_exec_secure_bits, "SECUREBITS" },
+- { config_parse_exec_bounding_set, "BOUNDINGSET" },
++ { config_parse_bounding_set, "BOUNDINGSET" },
+ { config_parse_exec_timer_slack_nsec, "TIMERSLACK" },
+ { config_parse_limit, "LIMIT" },
+ { config_parse_unit_cgroup, "CGROUP [...]" },
+diff --git a/src/core/load-fragment.h b/src/core/load-fragment.h
+index d0efa90..7d73eec 100644
+--- a/src/core/load-fragment.h
++++ b/src/core/load-fragment.h
+@@ -56,7 +56,7 @@ int config_parse_exec_cpu_sched_prio(const char *filename, unsigned line, const
+ int config_parse_exec_cpu_affinity(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_exec_capabilities(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_exec_secure_bits(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+-int config_parse_exec_bounding_set(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
++int config_parse_bounding_set(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_exec_timer_slack_nsec(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_limit(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_unit_cgroup(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+diff --git a/src/core/main.c b/src/core/main.c
+index f1b2b28..4ebddab 100644
+--- a/src/core/main.c
++++ b/src/core/main.c
+@@ -50,6 +50,7 @@
+ #include "watchdog.h"
+ #include "path-util.h"
+ #include "switch-root.h"
++#include "capability.h"
+
+ #include "mount-setup.h"
+ #include "loopback-setup.h"
+@@ -90,6 +91,7 @@ static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
+ static usec_t arg_runtime_watchdog = 0;
+ static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
+ static struct rlimit *arg_default_rlimit[RLIMIT_NLIMITS] = {};
++static uint64_t arg_capability_bounding_set_drop = 0;
+
+ static FILE* serialization = NULL;
+
+@@ -682,6 +684,7 @@ static int parse_config_file(void) {
+ { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
+ { "Manager", "RuntimeWatchdogSec", config_parse_usec, 0, &arg_runtime_watchdog },
+ { "Manager", "ShutdownWatchdogSec", config_parse_usec, 0, &arg_shutdown_watchdog },
++ { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
+ { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU]},
+ { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE]},
+ { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA]},
+@@ -1488,6 +1491,14 @@ int main(int argc, char *argv[]) {
+ if (arg_running_as == MANAGER_SYSTEM && arg_runtime_watchdog > 0)
+ watchdog_set_timeout(&arg_runtime_watchdog);
+
++ if (arg_capability_bounding_set_drop) {
++ r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
++ if (r < 0) {
++ log_error("Failed to drop capability bounding set: %s", strerror(-r));
++ goto finish;
++ }
++ }
++
+ r = manager_new(arg_running_as, &m);
+ if (r < 0) {
+ log_error("Failed to allocate manager object: %s", strerror(-r));
+diff --git a/src/core/system.conf b/src/core/system.conf
+index 807d184..e50ee3c 100644
+--- a/src/core/system.conf
++++ b/src/core/system.conf
+@@ -26,3 +26,20 @@
+ #JoinControllers=cpu,cpuacct
+ #RuntimeWatchdogSec=0
+ #ShutdownWatchdogSec=10min
++#CapabilityBoundingSet=
++#DefaultLimitCPU=
++#DefaultLimitFSIZE=
++#DefaultLimitDATA=
++#DefaultLimitSTACK=
++#DefaultLimitCORE=
++#DefaultLimitRSS=
++#DefaultLimitNOFILE=
++#DefaultLimitAS=
++#DefaultLimitNPROC=
++#DefaultLimitMEMLOCK=
++#DefaultLimitLOCKS=
++#DefaultLimitSIGPENDING=
++#DefaultLimitMSGQUEUE=
++#DefaultLimitNICE=
++#DefaultLimitRTPRIO=
++#DefaultLimitRTTIME=
+diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
+index 7c36731..ad60e30 100644
+--- a/src/nspawn/nspawn.c
++++ b/src/nspawn/nspawn.c
+@@ -544,49 +544,31 @@ static int setup_hostname(void) {
+ }
+
+ static int drop_capabilities(void) {
+- static const unsigned long retain[] = {
+- CAP_CHOWN,
+- CAP_DAC_OVERRIDE,
+- CAP_DAC_READ_SEARCH,
+- CAP_FOWNER,
+- CAP_FSETID,
+- CAP_IPC_OWNER,
+- CAP_KILL,
+- CAP_LEASE,
+- CAP_LINUX_IMMUTABLE,
+- CAP_NET_BIND_SERVICE,
+- CAP_NET_BROADCAST,
+- CAP_NET_RAW,
+- CAP_SETGID,
+- CAP_SETFCAP,
+- CAP_SETPCAP,
+- CAP_SETUID,
+- CAP_SYS_ADMIN,
+- CAP_SYS_CHROOT,
+- CAP_SYS_NICE,
+- CAP_SYS_PTRACE,
+- CAP_SYS_TTY_CONFIG
+- };
+-
+- unsigned long l;
+-
+- for (l = 0; l <= cap_last_cap(); l++) {
+- unsigned i;
+-
+- for (i = 0; i < ELEMENTSOF(retain); i++)
+- if (retain[i] == l)
+- break;
+-
+- if (i < ELEMENTSOF(retain))
+- continue;
+
+- if (prctl(PR_CAPBSET_DROP, l) < 0) {
+- log_error("PR_CAPBSET_DROP failed: %m");
+- return -errno;
+- }
+- }
+-
+- return 0;
++ static const uint64_t retain =
++ (1ULL << CAP_CHOWN) |
++ (1ULL << CAP_DAC_OVERRIDE) |
++ (1ULL << CAP_DAC_READ_SEARCH) |
++ (1ULL << CAP_FOWNER) |
++ (1ULL << CAP_FSETID) |
++ (1ULL << CAP_IPC_OWNER) |
++ (1ULL << CAP_KILL) |
++ (1ULL << CAP_LEASE) |
++ (1ULL << CAP_LINUX_IMMUTABLE) |
++ (1ULL << CAP_NET_BIND_SERVICE) |
++ (1ULL << CAP_NET_BROADCAST) |
++ (1ULL << CAP_NET_RAW) |
++ (1ULL << CAP_SETGID) |
++ (1ULL << CAP_SETFCAP) |
++ (1ULL << CAP_SETPCAP) |
++ (1ULL << CAP_SETUID) |
++ (1ULL << CAP_SYS_ADMIN) |
++ (1ULL << CAP_SYS_CHROOT) |
++ (1ULL << CAP_SYS_NICE) |
++ (1ULL << CAP_SYS_PTRACE) |
++ (1ULL << CAP_SYS_TTY_CONFIG);
++
++ return capability_bounding_set_drop(~retain, false);
+ }
+
+ static int is_os_tree(const char *path) {
+@@ -1041,8 +1023,10 @@ int main(int argc, char *argv[]) {
+
+ loopback_setup();
+
+- if (drop_capabilities() < 0)
++ if (drop_capabilities() < 0) {
++ log_error("drop_capabilities() failed: %m");
+ goto child_fail;
++ }
+
+ if (arg_user) {
+
+diff --git a/src/shared/capability.c b/src/shared/capability.c
+index b800215..b2bcfed 100644
+--- a/src/shared/capability.c
++++ b/src/shared/capability.c
+@@ -40,7 +40,8 @@ int have_effective_cap(int value) {
+ cap_flag_value_t fv;
+ int r;
+
+- if (!(cap = cap_get_proc()))
++ cap = cap_get_proc();
++ if (!cap)
+ return -errno;
+
+ if (cap_get_flag(cap, value, CAP_EFFECTIVE, &fv) < 0)
+@@ -84,3 +85,89 @@ unsigned long cap_last_cap(void) {
+
+ return p;
+ }
++
++int capability_bounding_set_drop(uint64_t drop, bool right_now) {
++ unsigned long i;
++ cap_t after_cap = NULL, temp_cap = NULL;
++ cap_flag_value_t fv;
++ int r;
++
++ /* If we are run as PID 1 we will lack CAP_SETPCAP by default
++ * in the effective set (yes, the kernel drops that when
++ * executing init!), so get it back temporarily so that we can
++ * call PR_CAPBSET_DROP. */
++
++ after_cap = cap_get_proc();
++ if (!after_cap)
++ return -errno;
++
++ if (cap_get_flag(after_cap, CAP_SETPCAP, CAP_EFFECTIVE, &fv) < 0) {
++ cap_free(after_cap);
++ return -errno;
++ }
++
++ if (fv != CAP_SET) {
++ static const cap_value_t v = CAP_SETPCAP;
++
++ temp_cap = cap_dup(after_cap);
++ if (!temp_cap) {
++ r = -errno;
++ goto finish;
++ }
++
++ if (cap_set_flag(temp_cap, CAP_EFFECTIVE, 1, &v, CAP_SET) < 0) {
++ r = -errno;
++ goto finish;
++ }
++
++ if (cap_set_proc(temp_cap) < 0) {
++ r = -errno;
++ goto finish;
++ }
++ }
++
++ for (i = 0; i <= cap_last_cap(); i++) {
++
++ if (drop & ((uint64_t) 1ULL << (uint64_t) i)) {
++ cap_value_t v;
++
++ /* Drop it from the bounding set */
++ if (prctl(PR_CAPBSET_DROP, i) < 0) {
++ r = -errno;
++ goto finish;
++ }
++ v = i;
++
++ /* Also drop it from the inheritable set, so
++ * that anything we exec() loses the
++ * capability for good. */
++ if (cap_set_flag(after_cap, CAP_INHERITABLE, 1, &v, CAP_CLEAR) < 0) {
++ r = -errno;
++ goto finish;
++ }
++
++ /* If we shall apply this right now drop it
++ * also from our own capability sets. */
++ if (right_now) {
++ if (cap_set_flag(after_cap, CAP_PERMITTED, 1, &v, CAP_CLEAR) < 0 ||
++ cap_set_flag(after_cap, CAP_EFFECTIVE, 1, &v, CAP_CLEAR) < 0) {
++ r = -errno;
++ goto finish;
++ }
++ }
++ }
++ }
++
++ r = 0;
++
++finish:
++ if (temp_cap)
++ cap_free(temp_cap);
++
++ if (after_cap) {
++ cap_set_proc(after_cap);
++ cap_free(after_cap);
++ }
++
++ return r;
++}
+diff --git a/src/shared/capability.h b/src/shared/capability.h
+index ab7e40b..0daf4a6 100644
+--- a/src/shared/capability.h
++++ b/src/shared/capability.h
+@@ -22,6 +22,11 @@
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+ ***/
+
++#include <inttypes.h>
++#include <stdbool.h>
++
+ unsigned long cap_last_cap(void);
+ int have_effective_cap(int value);
++int capability_bounding_set_drop(uint64_t caps, bool right_now);
++
+ #endif
diff --git a/0355-man-systemctl.xml-Add-missing-space-for-stopcommand.patch b/0355-man-systemctl.xml-Add-missing-space-for-stopcommand.patch
new file mode 100644
index 0000000..edbbb59
--- /dev/null
+++ b/0355-man-systemctl.xml-Add-missing-space-for-stopcommand.patch
@@ -0,0 +1,27 @@
+From 567c81e6bb183ea603600b43c89370e3154f07a0 Mon Sep 17 00:00:00 2001
+From: Paul Menzel <paulepanter at users.sourceforge.net>
+Date: Thu, 24 May 2012 22:20:39 +0200
+Subject: [PATCH] =?UTF-8?q?man/systemctl.xml:=20Add=20missing=20space=20for=20?=
+ =?UTF-8?q?=C2=BBstopcommand=C2=AB=20(cherry=20picked=20from=20commit=206a28?=
+ =?UTF-8?q?57e6896c58dea94ec8c7b25f262b44849bc3)?=
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+---
+ man/systemctl.xml | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/man/systemctl.xml b/man/systemctl.xml
+index c7eb91c..7ae5add 100644
+--- a/man/systemctl.xml
++++ b/man/systemctl.xml
+@@ -755,7 +755,7 @@
+ command does not implicitly stop the
+ units that is being disabled. If this
+ is desired an additional
+- <command>stop</command>command should
++ <command>stop</command> command should
+ be executed afterwards.</para>
+
+ <para>This command will print the
diff --git a/0356-bash-Reflect-new-name-of-loginctl-in-bash-completion.patch b/0356-bash-Reflect-new-name-of-loginctl-in-bash-completion.patch
new file mode 100644
index 0000000..fcd7d72
--- /dev/null
+++ b/0356-bash-Reflect-new-name-of-loginctl-in-bash-completion.patch
@@ -0,0 +1,28 @@
+From 97e10791ecf091bc784c9bffffe984c32f4c9347 Mon Sep 17 00:00:00 2001
+From: Gert Michael Kulyk <gkulyk at klio>
+Date: Sun, 27 May 2012 20:43:55 +0200
+Subject: [PATCH] bash: Reflect new name of loginctl in bash-completion script
+
+https://bugs.freedesktop.org/show_bug.cgi?id=50402
+(cherry picked from commit 80d37ae7b9d2c471e89e018a8f1e7cab8cd53123)
+---
+ bash-completion/systemd-bash-completion.sh | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/bash-completion/systemd-bash-completion.sh b/bash-completion/systemd-bash-completion.sh
+index 7128b33..7fba694 100644
+--- a/bash-completion/systemd-bash-completion.sh
++++ b/bash-completion/systemd-bash-completion.sh
+@@ -197,9 +197,9 @@ _systemctl () {
+ }
+ complete -F _systemctl systemctl
+
+-__get_all_sessions () { systemd-loginctl list-sessions | { while read -r a b; do printf "%s\n" "$a"; done; } ; }
+-__get_all_users () { systemd-loginctl list-users | { while read -r a b; do printf "%s\n" "$b"; done; } ; }
+-__get_all_seats () { systemd-loginctl list-seats | { while read -r a b; do printf "%s\n" "$a"; done; } ; }
++__get_all_sessions () { loginctl list-sessions | { while read -r a b; do printf "%s\n" "$a"; done; } ; }
++__get_all_users () { loginctl list-users | { while read -r a b; do printf "%s\n" "$b"; done; } ; }
++__get_all_seats () { loginctl list-seats | { while read -r a b; do printf "%s\n" "$a"; done; } ; }
+
+ _loginctl () {
+ local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]}
diff --git a/0357-cgtop-work-even-if-not-all-cgroups-are-available.patch b/0357-cgtop-work-even-if-not-all-cgroups-are-available.patch
new file mode 100644
index 0000000..3f18114
--- /dev/null
+++ b/0357-cgtop-work-even-if-not-all-cgroups-are-available.patch
@@ -0,0 +1,45 @@
+From 15a0e7e31600299fa9ba076d58704116c95a8226 Mon Sep 17 00:00:00 2001
+From: Shawn Landden <shawnlandden at gmail.com>
+Date: Mon, 21 May 2012 22:54:41 -0700
+Subject: [PATCH] cgtop: work even if not all cgroups are available
+
+cgtop quits on startup if all the cgroup mounts it expects are not available.
+Just continue without nonexistant ones.
+(cherry picked from commit 63210a15e1efdbda3fb3abd9a6ae9961fd0ea153)
+---
+ src/cgtop/cgtop.c | 17 +++++++++++------
+ 1 file changed, 11 insertions(+), 6 deletions(-)
+
+diff --git a/src/cgtop/cgtop.c b/src/cgtop/cgtop.c
+index b8cf3b7..a44e59f 100644
+--- a/src/cgtop/cgtop.c
++++ b/src/cgtop/cgtop.c
+@@ -341,17 +341,22 @@ static int refresh(Hashmap *a, Hashmap *b, unsigned iteration) {
+
+ r = refresh_one("name=systemd", "/", a, b, iteration, 0);
+ if (r < 0)
+- return r;
+-
++ if (r != -ENOENT)
++ return r;
+ r = refresh_one("cpuacct", "/", a, b, iteration, 0);
+ if (r < 0)
+- return r;
+-
++ if (r != -ENOENT)
++ return r;
+ r = refresh_one("memory", "/", a, b, iteration, 0);
+ if (r < 0)
+- return r;
++ if (r != -ENOENT)
++ return r;
+
+- return refresh_one("blkio", "/", a, b, iteration, 0);
++ r = refresh_one("blkio", "/", a, b, iteration, 0);
++ if (r < 0)
++ if (r != -ENOENT)
++ return r;
++ return 0;
+ }
+
+ static int group_compare(const void*a, const void *b) {
diff --git a/0358-capabilities-when-dropping-capabilities-system-wide-.patch b/0358-capabilities-when-dropping-capabilities-system-wide-.patch
new file mode 100644
index 0000000..b34d43b
--- /dev/null
+++ b/0358-capabilities-when-dropping-capabilities-system-wide-.patch
@@ -0,0 +1,106 @@
+From 76e6ec63c9353cca9bc016bb3c60202c7e8a78cd Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 29 May 2012 23:33:38 +0200
+Subject: [PATCH] capabilities: when dropping capabilities system-wide also
+ drop them from usermode helpers
+
+This hooks things up with /proc/sys/kernel/usermodehelper/bset and
+/proc/sys/kernel/usermodehelper/inheritable.
+(cherry picked from commit 939b8f14dcd9312140d001b55b4e7a87173682ef)
+
+Conflicts:
+ TODO
+---
+ src/core/main.c | 5 +++++
+ src/shared/capability.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++
+ src/shared/capability.h | 3 ++-
+ 3 files changed, 58 insertions(+), 1 deletion(-)
+
+diff --git a/src/core/main.c b/src/core/main.c
+index 4ebddab..ccf993d 100644
+--- a/src/core/main.c
++++ b/src/core/main.c
+@@ -1497,6 +1497,11 @@ int main(int argc, char *argv[]) {
+ log_error("Failed to drop capability bounding set: %s", strerror(-r));
+ goto finish;
+ }
++ r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);
++ if (r < 0) {
++ log_error("Failed to drop capability bounding set of usermode helpers: %s", strerror(-r));
++ goto finish;
++ }
+ }
+
+ r = manager_new(arg_running_as, &m);
+diff --git a/src/shared/capability.c b/src/shared/capability.c
+index b2bcfed..005e0e8 100644
+--- a/src/shared/capability.c
++++ b/src/shared/capability.c
+@@ -171,3 +171,54 @@ finish:
+
+ return r;
+ }
++
++static int drop_from_file(const char *fn, uint64_t drop) {
++ int r, k;
++ uint32_t hi, lo;
++ uint64_t current, after;
++ char *p;
++
++ r = read_one_line_file(fn, &p);
++ if (r < 0)
++ return r;
++
++ assert_cc(sizeof(hi) == sizeof(unsigned));
++ assert_cc(sizeof(lo) == sizeof(unsigned));
++
++ k = sscanf(p, "%u %u", &lo, &hi);
++ free(p);
++
++ if (k != 2)
++ return -EIO;
++
++ current = (uint64_t) lo | ((uint64_t) hi << 32ULL);
++ after = current & ~drop;
++
++ if (current == after)
++ return 0;
++
++ lo = (unsigned) (after & 0xFFFFFFFFULL);
++ hi = (unsigned) ((after >> 32ULL) & 0xFFFFFFFFULL);
++
++ if (asprintf(&p, "%u %u", lo, hi) < 0)
++ return -ENOMEM;
++
++ r = write_one_line_file(fn, p);
++ free(p);
++
++ return r;
++}
++
++int capability_bounding_set_drop_usermode(uint64_t drop) {
++ int r;
++
++ r = drop_from_file("/proc/sys/kernel/usermodehelper/inheritable", drop);
++ if (r < 0)
++ return r;
++
++ r = drop_from_file("/proc/sys/kernel/usermodehelper/bset", drop);
++ if (r < 0)
++ return r;
++
++ return r;
++}
+diff --git a/src/shared/capability.h b/src/shared/capability.h
+index 0daf4a6..682f8ae 100644
+--- a/src/shared/capability.h
++++ b/src/shared/capability.h
+@@ -27,6 +27,7 @@
+
+ unsigned long cap_last_cap(void);
+ int have_effective_cap(int value);
+-int capability_bounding_set_drop(uint64_t caps, bool right_now);
++int capability_bounding_set_drop(uint64_t drop, bool right_now);
++int capability_bounding_set_drop_usermode(uint64_t drop);
+
+ #endif
diff --git a/0359-sleep-print-nice-messages-right-before-and-right-aft.patch b/0359-sleep-print-nice-messages-right-before-and-right-aft.patch
new file mode 100644
index 0000000..c65d054
--- /dev/null
+++ b/0359-sleep-print-nice-messages-right-before-and-right-aft.patch
@@ -0,0 +1,40 @@
+From b20704db01f0a290f4c04c3421111ab58288d2f9 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 30 May 2012 15:04:39 +0200
+Subject: [PATCH] sleep: print nice messages right before and right after
+ system hibernate/sleep (cherry picked from commit
+ eb2672893108e14d50bd79b7fc714b75c5427c0b)
+
+Conflicts:
+ TODO
+---
+ src/sleep/sleep.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c
+index 7062dc2..941edc3 100644
+--- a/src/sleep/sleep.c
++++ b/src/sleep/sleep.c
+@@ -65,12 +65,22 @@ int main(int argc, char *argv[]) {
+ arguments[3] = NULL;
+ execute_directory(SYSTEMD_SLEEP_BINARY_PATH, NULL, arguments);
+
++ if (streq(argv[1], "suspend"))
++ log_info("Suspending system...");
++ else
++ log_info("Hibernating system...");
++
+ fputs(verb, f);
+ fputc('\n', f);
+ fflush(f);
+
+ r = ferror(f) ? -errno : 0;
+
++ if (streq(argv[1], "suspend"))
++ log_info("System resumed.");
++ else
++ log_info("System thawed.");
++
+ arguments[1] = (char*) "post";
+ execute_directory(SYSTEMD_SLEEP_BINARY_PATH, NULL, arguments);
+
diff --git a/0360-journald-ignore-messages-read-from-proc-kmsg-that-we.patch b/0360-journald-ignore-messages-read-from-proc-kmsg-that-we.patch
new file mode 100644
index 0000000..b82c66b
--- /dev/null
+++ b/0360-journald-ignore-messages-read-from-proc-kmsg-that-we.patch
@@ -0,0 +1,57 @@
+From 1af87b4e93f8fd4873dfbbd12e069e81894f6943 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 30 May 2012 15:42:35 +0200
+Subject: [PATCH] journald: ignore messages read from /proc/kmsg that we
+ generated via /dev/kmsg
+
+Avoid a busy loop.
+(cherry picked from commit 6c3569e11aa1f658a9ef3f3c6efda4ae696e5aa8)
+
+Conflicts:
+ TODO
+---
+ src/journal/journald.c | 17 +++++++++++++++++
+ 1 file changed, 17 insertions(+)
+
+diff --git a/src/journal/journald.c b/src/journal/journald.c
+index de0c604..0799f20 100644
+--- a/src/journal/journald.c
++++ b/src/journal/journald.c
+@@ -1768,6 +1768,17 @@ static int parse_kernel_timestamp(char **_p, usec_t *t) {
+ return 1;
+ }
+
++static bool is_us(const char *pid) {
++ pid_t t;
++
++ assert(pid);
++
++ if (parse_pid(pid, &t) < 0)
++ return false;
++
++ return t == getpid();
++}
++
+ static void proc_kmsg_line(Server *s, const char *p) {
+ struct iovec iovec[N_IOVEC_META_FIELDS + 7];
+ char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
+@@ -1807,6 +1818,11 @@ static void proc_kmsg_line(Server *s, const char *p) {
+ } else {
+ read_identifier(&p, &identifier, &pid);
+
++ /* Avoid any messages we generated ourselves via
++ * log_info() and friends. */
++ if (is_us(pid))
++ goto finish;
++
+ if (s->forward_to_syslog)
+ forward_syslog(s, priority, identifier, p, NULL, NULL);
+
+@@ -1832,6 +1848,7 @@ static void proc_kmsg_line(Server *s, const char *p) {
+
+ dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, priority);
+
++finish:
+ free(message);
+ free(syslog_priority);
+ free(syslog_identifier);
diff --git a/0361-build-sys-fix-built-with-disable-logind.patch b/0361-build-sys-fix-built-with-disable-logind.patch
new file mode 100644
index 0000000..7e5858c
--- /dev/null
+++ b/0361-build-sys-fix-built-with-disable-logind.patch
@@ -0,0 +1,459 @@
+From c65b7417c0986716e623a51ca34241c40aed2375 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 30 May 2012 22:25:01 +0200
+Subject: [PATCH] build-sys: fix built with --disable-logind (cherry picked
+ from commit ba1261bc02693ac8a7712ade14aab8e22989ba88)
+
+Conflicts:
+ TODO
+---
+ Makefile.am | 12 ++++-
+ src/journal/coredump.c | 9 +++-
+ src/journal/journald.c | 19 +++++---
+ src/login/sd-login.c | 112 +++++----------------------------------------
+ src/shared/cgroup-util.c | 105 ++++++++++++++++++++++++++++++++++++++++++
+ src/shared/cgroup-util.h | 2 +
+ src/systemctl/systemctl.c | 2 +
+ 7 files changed, 152 insertions(+), 109 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 56fe147..9649ec5 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -1444,9 +1444,13 @@ systemd_journald_LDADD = \
+ libsystemd-shared.la \
+ libsystemd-audit.la \
+ libsystemd-daemon.la \
+- libsystemd-login.la \
+ libsystemd-id128.la
+
++if ENABLE_LOGIND
++systemd_journald_LDADD += \
++ libsystemd-login.la
++endif
++
+ if HAVE_ACL
+ systemd_journald_LDADD += \
+ libsystemd-acl.la
+@@ -1624,10 +1628,14 @@ systemd_coredump_SOURCES = \
+
+ systemd_coredump_LDADD = \
+ libsystemd-journal.la \
+- libsystemd-login.la \
+ libsystemd-label.la \
+ libsystemd-shared.la
+
++if ENABLE_LOGIND
++systemd_coredump_LDADD += \
++ libsystemd-login.la
++endif
++
+ rootlibexec_PROGRAMS += \
+ systemd-coredump
+
+diff --git a/src/journal/coredump.c b/src/journal/coredump.c
+index 5ecdef3..069c340 100644
+--- a/src/journal/coredump.c
++++ b/src/journal/coredump.c
+@@ -25,12 +25,16 @@
+ #include <sys/prctl.h>
+
+ #include <systemd/sd-journal.h>
++
++#ifdef HAVE_LOGIND
+ #include <systemd/sd-login.h>
++#endif
+
+ #include "log.h"
+ #include "util.h"
+ #include "mkdir.h"
+ #include "special.h"
++#include "cgroup-util.h"
+
+ #define COREDUMP_MAX (24*1024*1024)
+
+@@ -126,7 +130,7 @@ int main(int argc, char* argv[]) {
+ goto finish;
+ }
+
+- if (sd_pid_get_unit(pid, &t) >= 0) {
++ if (cg_pid_get_unit(pid, &t) >= 0) {
+
+ if (streq(t, SPECIAL_JOURNALD_SERVICE)) {
+ /* Make sure we don't make use of the journal,
+@@ -182,6 +186,7 @@ int main(int argc, char* argv[]) {
+ if (core_comm)
+ IOVEC_SET_STRING(iovec[j++], core_comm);
+
++#ifdef HAVE_LOGIND
+ if (sd_pid_get_session(pid, &t) >= 0) {
+ core_session = strappend("COREDUMP_SESSION=", t);
+ free(t);
+@@ -190,6 +195,8 @@ int main(int argc, char* argv[]) {
+ IOVEC_SET_STRING(iovec[j++], core_session);
+ }
+
++#endif
++
+ if (get_process_exe(pid, &t) >= 0) {
+ core_exe = strappend("COREDUMP_EXE=", t);
+ free(t);
+diff --git a/src/journal/journald.c b/src/journal/journald.c
+index 0799f20..7cfa5c8 100644
+--- a/src/journal/journald.c
++++ b/src/journal/journald.c
+@@ -31,10 +31,13 @@
+ #include <sys/statvfs.h>
+
+ #include <systemd/sd-journal.h>
+-#include <systemd/sd-login.h>
+ #include <systemd/sd-messages.h>
+ #include <systemd/sd-daemon.h>
+
++#ifdef HAVE_LOGIND
++#include <systemd/sd-login.h>
++#endif
++
+ #include "mkdir.h"
+ #include "hashmap.h"
+ #include "journal-file.h"
+@@ -479,7 +482,9 @@ static void dispatch_message_real(
+
+ if (ucred) {
+ uint32_t audit;
++#ifdef HAVE_LOGIND
+ uid_t owner;
++#endif
+
+ realuid = ucred->uid;
+
+@@ -538,6 +543,7 @@ static void dispatch_message_real(
+ IOVEC_SET_STRING(iovec[n++], cgroup);
+ }
+
++#ifdef HAVE_LOGIND
+ if (sd_pid_get_session(ucred->pid, &t) >= 0) {
+ session = strappend("_SYSTEMD_SESSION=", t);
+ free(t);
+@@ -546,7 +552,12 @@ static void dispatch_message_real(
+ IOVEC_SET_STRING(iovec[n++], session);
+ }
+
+- if (sd_pid_get_unit(ucred->pid, &t) >= 0) {
++ if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
++ if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
++ IOVEC_SET_STRING(iovec[n++], owner_uid);
++#endif
++
++ if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
+ unit = strappend("_SYSTEMD_UNIT=", t);
+ free(t);
+
+@@ -554,10 +565,6 @@ static void dispatch_message_real(
+ IOVEC_SET_STRING(iovec[n++], unit);
+ }
+
+- if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
+- if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
+- IOVEC_SET_STRING(iovec[n++], owner_uid);
+-
+ #ifdef HAVE_SELINUX
+ if (label) {
+ selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
+diff --git a/src/login/sd-login.c b/src/login/sd-login.c
+index 887c421..a17c1d4 100644
+--- a/src/login/sd-login.c
++++ b/src/login/sd-login.c
+@@ -30,67 +30,17 @@
+ #include "sd-login.h"
+ #include "strv.h"
+
+-static int pid_get_cgroup(pid_t pid, char **root, char **cgroup) {
+- char *cg_process, *cg_init, *p;
+- int r;
+-
+- if (pid == 0)
+- pid = getpid();
+-
+- if (pid <= 0)
+- return -EINVAL;
+-
+- r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &cg_process);
+- if (r < 0)
+- return r;
+-
+- r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &cg_init);
+- if (r < 0) {
+- free(cg_process);
+- return r;
+- }
+-
+- if (endswith(cg_init, "/system"))
+- cg_init[strlen(cg_init)-7] = 0;
+- else if (streq(cg_init, "/"))
+- cg_init[0] = 0;
+-
+- if (startswith(cg_process, cg_init))
+- p = cg_process + strlen(cg_init);
+- else
+- p = cg_process;
+-
+- free(cg_init);
+-
+- if (cgroup) {
+- char* c;
+-
+- c = strdup(p);
+- if (!c) {
+- free(cg_process);
+- return -ENOMEM;
+- }
+-
+- *cgroup = c;
+- }
+-
+- if (root) {
+- cg_process[p-cg_process] = 0;
+- *root = cg_process;
+- } else
+- free(cg_process);
+-
+- return 0;
+-}
+-
+ _public_ int sd_pid_get_session(pid_t pid, char **session) {
+ int r;
+ char *cgroup, *p;
+
++ if (pid < 0)
++ return -EINVAL;
++
+ if (!session)
+ return -EINVAL;
+
+- r = pid_get_cgroup(pid, NULL, &cgroup);
++ r = cg_pid_get_cgroup(pid, NULL, &cgroup);
+ if (r < 0)
+ return r;
+
+@@ -122,55 +72,14 @@ _public_ int sd_pid_get_session(pid_t pid, char **session) {
+ }
+
+ _public_ int sd_pid_get_unit(pid_t pid, char **unit) {
+- int r;
+- char *cgroup, *p, *at, *b;
+- size_t k;
+
+- if (!unit)
++ if (pid < 0)
+ return -EINVAL;
+
+- r = pid_get_cgroup(pid, NULL, &cgroup);
+- if (r < 0)
+- return r;
+-
+- if (!startswith(cgroup, "/system/")) {
+- free(cgroup);
+- return -ENOENT;
+- }
+-
+- p = cgroup + 8;
+- k = strcspn(p, "/");
+-
+- at = memchr(p, '@', k);
+- if (at && at[1] == '.') {
+- size_t j;
+-
+- /* This is a templated service */
+- if (p[k] != '/') {
+- free(cgroup);
+- return -EIO;
+- }
+-
+- j = strcspn(p+k+1, "/");
+-
+- b = malloc(k + j + 1);
+-
+- if (b) {
+- memcpy(b, p, at - p + 1);
+- memcpy(b + (at - p) + 1, p + k + 1, j);
+- memcpy(b + (at - p) + 1 + j, at + 1, k - (at - p) - 1);
+- b[k+j] = 0;
+- }
+- } else
+- b = strndup(p, k);
+-
+- free(cgroup);
+-
+- if (!b)
+- return -ENOMEM;
++ if (!unit)
++ return -EINVAL;
+
+- *unit = b;
+- return 0;
++ return cg_pid_get_unit(pid, unit);
+ }
+
+ _public_ int sd_pid_get_owner_uid(pid_t pid, uid_t *uid) {
+@@ -178,10 +87,13 @@ _public_ int sd_pid_get_owner_uid(pid_t pid, uid_t *uid) {
+ char *root, *cgroup, *p, *cc;
+ struct stat st;
+
++ if (pid < 0)
++ return -EINVAL;
++
+ if (!uid)
+ return -EINVAL;
+
+- r = pid_get_cgroup(pid, &root, &cgroup);
++ r = cg_pid_get_cgroup(pid, &root, &cgroup);
+ if (r < 0)
+ return r;
+
+diff --git a/src/shared/cgroup-util.c b/src/shared/cgroup-util.c
+index 7bb7f54..e617b9f 100644
+--- a/src/shared/cgroup-util.c
++++ b/src/shared/cgroup-util.c
+@@ -1149,3 +1149,108 @@ char **cg_shorten_controllers(char **controllers) {
+ *t = NULL;
+ return controllers;
+ }
++
++int cg_pid_get_cgroup(pid_t pid, char **root, char **cgroup) {
++ char *cg_process, *cg_init, *p;
++ int r;
++
++ assert(pid >= 0);
++
++ if (pid == 0)
++ pid = getpid();
++
++ r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &cg_process);
++ if (r < 0)
++ return r;
++
++ r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &cg_init);
++ if (r < 0) {
++ free(cg_process);
++ return r;
++ }
++
++ if (endswith(cg_init, "/system"))
++ cg_init[strlen(cg_init)-7] = 0;
++ else if (streq(cg_init, "/"))
++ cg_init[0] = 0;
++
++ if (startswith(cg_process, cg_init))
++ p = cg_process + strlen(cg_init);
++ else
++ p = cg_process;
++
++ free(cg_init);
++
++ if (cgroup) {
++ char* c;
++
++ c = strdup(p);
++ if (!c) {
++ free(cg_process);
++ return -ENOMEM;
++ }
++
++ *cgroup = c;
++ }
++
++ if (root) {
++ cg_process[p-cg_process] = 0;
++ *root = cg_process;
++ } else
++ free(cg_process);
++
++ return 0;
++}
++
++int cg_pid_get_unit(pid_t pid, char **unit) {
++ int r;
++ char *cgroup, *p, *at, *b;
++ size_t k;
++
++ assert(pid >= 0);
++ assert(unit);
++
++ r = cg_pid_get_cgroup(pid, NULL, &cgroup);
++ if (r < 0)
++ return r;
++
++ if (!startswith(cgroup, "/system/")) {
++ free(cgroup);
++ return -ENOENT;
++ }
++
++ p = cgroup + 8;
++ k = strcspn(p, "/");
++
++ at = memchr(p, '@', k);
++ if (at && at[1] == '.') {
++ size_t j;
++
++ /* This is a templated service */
++ if (p[k] != '/') {
++ free(cgroup);
++ return -EIO;
++ }
++
++ j = strcspn(p+k+1, "/");
++
++ b = malloc(k + j + 1);
++
++ if (b) {
++ memcpy(b, p, at - p + 1);
++ memcpy(b + (at - p) + 1, p + k + 1, j);
++ memcpy(b + (at - p) + 1 + j, at + 1, k - (at - p) - 1);
++ b[k+j] = 0;
++ }
++ } else
++ b = strndup(p, k);
++
++ free(cgroup);
++
++ if (!b)
++ return -ENOMEM;
++
++ *unit = b;
++ return 0;
++
++}
+diff --git a/src/shared/cgroup-util.h b/src/shared/cgroup-util.h
+index 8b2c046..34d9120 100644
+--- a/src/shared/cgroup-util.h
++++ b/src/shared/cgroup-util.h
+@@ -69,6 +69,8 @@ int cg_is_empty(const char *controller, const char *path, bool ignore_self);
+ int cg_is_empty_recursive(const char *controller, const char *path, bool ignore_self);
+
+ int cg_get_user_path(char **path);
++int cg_pid_get_cgroup(pid_t pid, char **root, char **cgroup);
++int cg_pid_get_unit(pid_t pid, char **unit);
+
+ char **cg_shorten_controllers(char **controllers);
+
+diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
+index ba3d3be..7f03a65 100644
+--- a/src/systemctl/systemctl.c
++++ b/src/systemctl/systemctl.c
+@@ -171,6 +171,7 @@ static void ask_password_agent_open_if_enabled(void) {
+ ask_password_agent_open();
+ }
+
++#ifdef HAVE_LOGIND
+ static void polkit_agent_open_if_enabled(void) {
+
+ /* Open the polkit agent as a child process if necessary */
+@@ -183,6 +184,7 @@ static void polkit_agent_open_if_enabled(void) {
+
+ polkit_agent_open();
+ }
++#endif
+
+ static const char *ansi_highlight_red(bool b) {
+
diff --git a/0362-journalctl-for-now-complain-if-more-than-one-match-i.patch b/0362-journalctl-for-now-complain-if-more-than-one-match-i.patch
new file mode 100644
index 0000000..8757582
--- /dev/null
+++ b/0362-journalctl-for-now-complain-if-more-than-one-match-i.patch
@@ -0,0 +1,27 @@
+From fde5f969be73a71a8cb8bb6d1c5ee77082b2b731 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 30 May 2012 22:30:35 +0200
+Subject: [PATCH] journalctl: for now complain if more than one match is
+ provided since this is still broken (cherry picked from
+ commit ab4979d202e12d60bb2e31dee32fd3e79a4453fd)
+
+---
+ src/journal/sd-journal.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/journal/sd-journal.c b/src/journal/sd-journal.c
+index 6e5f4bb..6ed1e25 100644
+--- a/src/journal/sd-journal.c
++++ b/src/journal/sd-journal.c
+@@ -118,6 +118,11 @@ _public_ int sd_journal_add_match(sd_journal *j, const void *data, size_t size)
+ if (size <= 0)
+ return -EINVAL;
+
++ /* FIXME: iterating with multiple matches is currently
++ * broken */
++ if (j->matches)
++ return -ENOTSUP;
++
+ le_hash = htole64(hash64(data, size));
+
+ LIST_FOREACH(matches, m, j->matches) {
diff --git a/0363-journalctl-support-usr-bin-nginx-etc.patch b/0363-journalctl-support-usr-bin-nginx-etc.patch
new file mode 100644
index 0000000..5545f93
--- /dev/null
+++ b/0363-journalctl-support-usr-bin-nginx-etc.patch
@@ -0,0 +1,69 @@
+From 35ca99e200cd01fb27bde1930100a3057215459e Mon Sep 17 00:00:00 2001
+From: Shawn Landden <shawnlandden at gmail.com>
+Date: Wed, 30 May 2012 09:43:23 -0700
+Subject: [PATCH] journalctl: support /usr/bin/nginx, etc (cherry picked from
+ commit 509407003de0c77259e5e46b567d2a464acbb6f4)
+
+Conflicts:
+ TODO
+---
+ src/journal/journalctl.c | 25 ++++++++++++++++++++++++-
+ 1 file changed, 24 insertions(+), 1 deletion(-)
+
+diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
+index aaf455a..4109813 100644
+--- a/src/journal/journalctl.c
++++ b/src/journal/journalctl.c
+@@ -29,6 +29,7 @@
+ #include <sys/poll.h>
+ #include <time.h>
+ #include <getopt.h>
++#include <sys/stat.h>
+
+ #include <systemd/sd-journal.h>
+
+@@ -38,6 +39,8 @@
+ #include "pager.h"
+ #include "logs-show.h"
+
++#define SD_JOURNALCTL_EXE "_EXE="
++
+ static OutputMode arg_output = OUTPUT_SHORT;
+ static bool arg_follow = false;
+ static bool arg_show_all = false;
+@@ -205,6 +208,8 @@ int main(int argc, char *argv[]) {
+ sd_journal *j = NULL;
+ unsigned line = 0;
+ bool need_seek = false;
++ struct stat st;
++ char* journal_exe_buff;
+
+ log_parse_environment();
+ log_open();
+@@ -230,7 +235,25 @@ int main(int argc, char *argv[]) {
+ }
+
+ for (i = optind; i < argc; i++) {
+- r = sd_journal_add_match(j, argv[i], strlen(argv[i]));
++ if (strchr(argv[i], '=')) {
++ r = sd_journal_add_match(j, argv[i], strlen(argv[i]));
++ } else {
++ if (stat(argv[i], &st) < 0) {
++ log_error("Failed to add match: %s", strerror(-r));
++ goto finish; /* maybe try sd_journal_add_match() when stat() fails,
++ * even thought we know there is no '=' ? */
++ } else if (S_ISREG(st.st_mode) &&
++ S_IXUSR & st.st_mode) {
++ journal_exe_buff = malloc(strlen(SD_JOURNALCTL_EXE) + strlen(argv[i]) + 1);
++ journal_exe_buff = strcpy(journal_exe_buff, SD_JOURNALCTL_EXE);
++ strncat(journal_exe_buff, argv[i], strlen(argv[i]));
++ r = sd_journal_add_match(j, journal_exe_buff, strlen(journal_exe_buff));
++ free(journal_exe_buff);
++ } else {
++ log_error("File is not a regular file or is not executable: %s", argv[i]);
++ goto finish;
++ }
++ }
+ if (r < 0) {
+ log_error("Failed to add match: %s", strerror(-r));
+ goto finish;
diff --git a/0364-journalctl-check-first-if-match-is-a-path-name.patch b/0364-journalctl-check-first-if-match-is-a-path-name.patch
new file mode 100644
index 0000000..8ca9e18
--- /dev/null
+++ b/0364-journalctl-check-first-if-match-is-a-path-name.patch
@@ -0,0 +1,95 @@
+From 980d9f749475f50ea865e20c2b2adee47a1a88a9 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 30 May 2012 22:45:47 +0200
+Subject: [PATCH] journalctl: check first if match is a path name (cherry
+ picked from commit
+ e51240886f54e0128b1711c7dd0454b23e3f7d5e)
+
+---
+ src/journal/journalctl.c | 51 ++++++++++++++++++++++++++++++----------------
+ 1 file changed, 33 insertions(+), 18 deletions(-)
+
+diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
+index 4109813..53f0160 100644
+--- a/src/journal/journalctl.c
++++ b/src/journal/journalctl.c
+@@ -35,12 +35,11 @@
+
+ #include "log.h"
+ #include "util.h"
++#include "path-util.h"
+ #include "build.h"
+ #include "pager.h"
+ #include "logs-show.h"
+
+-#define SD_JOURNALCTL_EXE "_EXE="
+-
+ static OutputMode arg_output = OUTPUT_SHORT;
+ static bool arg_follow = false;
+ static bool arg_show_all = false;
+@@ -209,7 +208,6 @@ int main(int argc, char *argv[]) {
+ unsigned line = 0;
+ bool need_seek = false;
+ struct stat st;
+- char* journal_exe_buff;
+
+ log_parse_environment();
+ log_open();
+@@ -235,25 +233,42 @@ int main(int argc, char *argv[]) {
+ }
+
+ for (i = optind; i < argc; i++) {
+- if (strchr(argv[i], '=')) {
+- r = sd_journal_add_match(j, argv[i], strlen(argv[i]));
+- } else {
+- if (stat(argv[i], &st) < 0) {
+- log_error("Failed to add match: %s", strerror(-r));
+- goto finish; /* maybe try sd_journal_add_match() when stat() fails,
+- * even thought we know there is no '=' ? */
+- } else if (S_ISREG(st.st_mode) &&
+- S_IXUSR & st.st_mode) {
+- journal_exe_buff = malloc(strlen(SD_JOURNALCTL_EXE) + strlen(argv[i]) + 1);
+- journal_exe_buff = strcpy(journal_exe_buff, SD_JOURNALCTL_EXE);
+- strncat(journal_exe_buff, argv[i], strlen(argv[i]));
+- r = sd_journal_add_match(j, journal_exe_buff, strlen(journal_exe_buff));
+- free(journal_exe_buff);
++ if (path_is_absolute(argv[i])) {
++ char *p = NULL;
++ const char *path;
++
++ p = canonicalize_file_name(argv[i]);
++ path = p ? p : argv[i];
++
++ if (stat(path, &st) < 0) {
++ free(p);
++ log_error("Couldn't stat file: %m");
++ r = -errno;
++ goto finish;
++ }
++
++ if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) {
++ char *t;
++
++ t = strappend("_EXE=", path);
++ if (!t) {
++ free(p);
++ log_error("Out of memory");
++ goto finish;
++ }
++
++ r = sd_journal_add_match(j, t, strlen(t));
++ free(t);
+ } else {
++ free(p);
+ log_error("File is not a regular file or is not executable: %s", argv[i]);
+ goto finish;
+ }
+- }
++
++ free(p);
++ } else
++ r = sd_journal_add_match(j, argv[i], strlen(argv[i]));
++
+ if (r < 0) {
+ log_error("Failed to add match: %s", strerror(-r));
+ goto finish;
diff --git a/0365-journal-don-t-allow-adding-invalid-matches-to-the-co.patch b/0365-journal-don-t-allow-adding-invalid-matches-to-the-co.patch
new file mode 100644
index 0000000..b6837c7
--- /dev/null
+++ b/0365-journal-don-t-allow-adding-invalid-matches-to-the-co.patch
@@ -0,0 +1,28 @@
+From 9ccd4722cc74bacde76215a19de81cebf3276ea5 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 30 May 2012 22:46:07 +0200
+Subject: [PATCH] journal: don't allow adding invalid matches to the context
+ (cherry picked from commit
+ d94117a93c0a8431de5c765f21a97f6eb32580da)
+
+---
+ src/journal/sd-journal.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/journal/sd-journal.c b/src/journal/sd-journal.c
+index 6ed1e25..e80c6cb 100644
+--- a/src/journal/sd-journal.c
++++ b/src/journal/sd-journal.c
+@@ -115,7 +115,11 @@ _public_ int sd_journal_add_match(sd_journal *j, const void *data, size_t size)
+ return -EINVAL;
+ if (!data)
+ return -EINVAL;
+- if (size <= 0)
++ if (size <= 1)
++ return -EINVAL;
++ if (!memchr(data, '=', size))
++ return -EINVAL;
++ if (*(char*) data == '=')
+ return -EINVAL;
+
+ /* FIXME: iterating with multiple matches is currently
diff --git a/0366-shutdown-Don-t-skip-bind-mounts-on-shutdown.patch b/0366-shutdown-Don-t-skip-bind-mounts-on-shutdown.patch
new file mode 100644
index 0000000..92e381b
--- /dev/null
+++ b/0366-shutdown-Don-t-skip-bind-mounts-on-shutdown.patch
@@ -0,0 +1,93 @@
+From d1b52aaf37c6602c62980c02b836f92e3501b894 Mon Sep 17 00:00:00 2001
+From: Daniel Drake <dsd at laptop.org>
+Date: Wed, 25 Apr 2012 16:46:46 +0100
+Subject: [PATCH] shutdown: Don't skip bind mounts on shutdown
+
+This reverts commits d72238fcb34abc81aca97c5fb15888708ee937d3 and
+f3accc08.
+
+OLPC runs / as a bind-mount, so this must be remounted RO during
+shutdown to avoid corruption.
+
+As Lennert can't recall the exact reasons for making the shutdown
+code skip bind mounts, revert to previous behaviour to solve the
+issue for OLPC.
+
+http://lists.freedesktop.org/archives/systemd-devel/2012-April/004957.html
+(cherry picked from commit 7c49259fc8f63ade6cb212a43477d7030aaaf423)
+---
+ src/core/umount.c | 19 ++-----------------
+ 1 file changed, 2 insertions(+), 17 deletions(-)
+
+diff --git a/src/core/umount.c b/src/core/umount.c
+index 3770b7d..d65ed6a 100644
+--- a/src/core/umount.c
++++ b/src/core/umount.c
+@@ -38,7 +38,6 @@
+ typedef struct MountPoint {
+ char *path;
+ dev_t devnum;
+- bool skip_ro;
+ LIST_FIELDS (struct MountPoint, mount_point);
+ } MountPoint;
+
+@@ -73,8 +72,6 @@ static int mount_points_list_get(MountPoint **head) {
+ for (i = 1;; i++) {
+ int k;
+ MountPoint *m;
+- char *root;
+- bool skip_ro;
+
+ path = p = NULL;
+
+@@ -82,7 +79,7 @@ static int mount_points_list_get(MountPoint **head) {
+ "%*s " /* (1) mount id */
+ "%*s " /* (2) parent id */
+ "%*s " /* (3) major:minor */
+- "%ms " /* (4) root */
++ "%*s " /* (4) root */
+ "%ms " /* (5) mount point */
+ "%*s" /* (6) mount options */
+ "%*[^-]" /* (7) optional fields */
+@@ -91,8 +88,7 @@ static int mount_points_list_get(MountPoint **head) {
+ "%*s" /* (10) mount source */
+ "%*s" /* (11) mount options 2 */
+ "%*[^\n]", /* some rubbish at the end */
+- &root,
+- &path)) != 2) {
++ &path)) != 1) {
+ if (k == EOF)
+ break;
+
+@@ -102,11 +98,6 @@ static int mount_points_list_get(MountPoint **head) {
+ continue;
+ }
+
+- /* If we encounter a bind mount, don't try to remount
+- * the source dir too early */
+- skip_ro = !streq(root, "/");
+- free(root);
+-
+ p = cunescape(path);
+ free(path);
+
+@@ -132,7 +123,6 @@ static int mount_points_list_get(MountPoint **head) {
+ }
+
+ m->path = p;
+- m->skip_ro = skip_ro;
+ LIST_PREPEND(MountPoint, mount_point, *head, m);
+ }
+
+@@ -449,11 +439,6 @@ static int mount_points_list_remount_read_only(MountPoint **head, bool *changed)
+
+ LIST_FOREACH_SAFE(mount_point, m, n, *head) {
+
+- if (m->skip_ro) {
+- n_failed++;
+- continue;
+- }
+-
+ /* Trying to remount read-only */
+ if (mount(NULL, m->path, NULL, MS_MGC_VAL|MS_REMOUNT|MS_RDONLY, NULL) == 0) {
+ if (changed)
diff --git a/0367-selinux-downgrade-database-load-time-message-to-LOG_.patch b/0367-selinux-downgrade-database-load-time-message-to-LOG_.patch
new file mode 100644
index 0000000..52dcc2e
--- /dev/null
+++ b/0367-selinux-downgrade-database-load-time-message-to-LOG_.patch
@@ -0,0 +1,28 @@
+From 72015ed8686d3bfb7917401aea80e7b32d9b6d69 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 31 May 2012 01:10:44 +0200
+Subject: [PATCH] selinux: downgrade database load time message to LOG_DEBUG
+ (cherry picked from commit
+ 107a2db901d93ffaba4a2fe34e6b28643b96574f)
+
+---
+ src/shared/label.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/shared/label.c b/src/shared/label.c
+index 3c35f08..519fc7f 100644
+--- a/src/shared/label.c
++++ b/src/shared/label.c
+@@ -90,9 +90,9 @@ int label_init(const char *prefix) {
+
+ l = after_mallinfo.uordblks > before_mallinfo.uordblks ? after_mallinfo.uordblks - before_mallinfo.uordblks : 0;
+
+- log_info("Successfully loaded SELinux database in %s, size on heap is %iK.",
+- format_timespan(timespan, sizeof(timespan), after_timestamp - before_timestamp),
+- (l+1023)/1024);
++ log_debug("Successfully loaded SELinux database in %s, size on heap is %iK.",
++ format_timespan(timespan, sizeof(timespan), after_timestamp - before_timestamp),
++ (l+1023)/1024);
+ }
+ #endif
+
diff --git a/0368-login-properly-detect-MIMO-USB-displays.patch b/0368-login-properly-detect-MIMO-USB-displays.patch
new file mode 100644
index 0000000..fc2dcbf
--- /dev/null
+++ b/0368-login-properly-detect-MIMO-USB-displays.patch
@@ -0,0 +1,137 @@
+From 9dc49a6397b2060ffe6cb9f3b1b3c46479e5ea2f Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 31 May 2012 01:19:11 +0200
+Subject: [PATCH] login: properly detect MIMO USB displays
+
+MIMO USB displays use a generic VID/PID for the hub component. With a
+bit of trickery we can detect them by the VID/PID of the graphics
+component.
+(cherry picked from commit d7e1c95e0a22eb1ada8ad53dab3af5fec2af1d0c)
+
+Conflicts:
+ Makefile.am
+ TODO
+ src/login/.gitignore
+ src/login/71-seat.rules
+---
+ Makefile.am | 6 +++---
+ src/login/71-seat.rules | 25 ------------------------
+ src/login/71-seat.rules.in | 46 ++++++++++++++++++++++++++++++++++++++++++++
+ 3 files changed, 49 insertions(+), 28 deletions(-)
+ delete mode 100644 src/login/71-seat.rules
+ create mode 100644 src/login/71-seat.rules.in
+
+diff --git a/Makefile.am b/Makefile.am
+index 9649ec5..86adad0 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -2286,10 +2286,8 @@ rootlibexec_PROGRAMS += \
+ dist_udevrules_DATA += \
+ src/login/70-uaccess.rules
+
+-dist_udevrules_DATA += \
+- src/login/71-seat.rules
+-
+ nodist_udevrules_DATA += \
++ src/login/71-seat.rules \
+ src/login/73-seat-late.rules
+
+ MANPAGES += \
+@@ -2346,12 +2344,14 @@ EXTRA_DIST += \
+ src/login/logind-gperf.gperf \
+ src/login/libsystemd-login.pc.in \
+ src/login/libsystemd-login.sym \
++ src/login/71-seat.rules.in \
+ src/login/73-seat-late.rules.in \
+ units/systemd-logind.service.in \
+ units/systemd-user-sessions.service.in
+
+ CLEANFILES += \
+ src/login/logind-gperf.c \
++ src/login/71-seat.rules \
+ src/login/73-seat-late.rules
+ endif
+ # ------------------------------------------------------------------------------
+diff --git a/src/login/71-seat.rules b/src/login/71-seat.rules
+deleted file mode 100644
+index 04ccac7..0000000
+--- a/src/login/71-seat.rules
++++ /dev/null
+@@ -1,25 +0,0 @@
+-# This file is part of systemd.
+-#
+-# systemd is free software; you can redistribute it and/or modify it
+-# under the terms of the GNU General Public License as published by
+-# the Free Software Foundation; either version 2 of the License, or
+-# (at your option) any later version.
+-
+-ACTION=="remove", GOTO="seat_end"
+-
+-TAG=="uaccess", SUBSYSTEM!="sound", TAG+="seat"
+-SUBSYSTEM=="sound", KERNEL=="card*", TAG+="seat"
+-SUBSYSTEM=="input", KERNEL=="input*", TAG+="seat"
+-SUBSYSTEM=="graphics", KERNEL=="fb[0-9]*", TAG+="seat"
+-SUBSYSTEM=="usb", ATTR{bDeviceClass}=="09", TAG+="seat"
+-
+-# 'Plugable' USB hub, sound, network, graphics adapter
+-SUBSYSTEM=="usb", ATTR{idVendor}=="2230", ATTR{idProduct}=="000[13]", ENV{ID_AUTOSEAT}="1"
+-
+-# Mimo 720, with integrated USB hub, displaylink graphics, and e2i touchscreen
+-SUBSYSTEM=="usb", ATTR{idVendor}=="058f", ATTR{idProduct}=="6254", ENV{ID_AUTOSEAT}="1"
+-
+-TAG=="seat", ENV{ID_PATH}=="", IMPORT{program}="path_id %p"
+-TAG=="seat", ENV{ID_FOR_SEAT}=="", ENV{ID_PATH_TAG}!="", ENV{ID_FOR_SEAT}="$env{SUBSYSTEM}-$env{ID_PATH_TAG}"
+-
+-LABEL="seat_end"
+diff --git a/src/login/71-seat.rules.in b/src/login/71-seat.rules.in
+new file mode 100644
+index 0000000..03005b6
+--- /dev/null
++++ b/src/login/71-seat.rules.in
+@@ -0,0 +1,46 @@
++# This file is part of systemd.
++#
++# systemd is free software; you can redistribute it and/or modify it
++# under the terms of the GNU Lesser General Public License as published by
++# the Free Software Foundation; either version 2.1 of the License, or
++# (at your option) any later version.
++
++ACTION=="remove", GOTO="seat_end"
++
++TAG=="uaccess", SUBSYSTEM!="sound", TAG+="seat"
++SUBSYSTEM=="sound", KERNEL=="card*", TAG+="seat"
++SUBSYSTEM=="input", KERNEL=="input*", TAG+="seat"
++SUBSYSTEM=="graphics", KERNEL=="fb[0-9]*", TAG+="seat"
++SUBSYSTEM=="usb", ATTR{bDeviceClass}=="09", TAG+="seat"
++
++# 'Plugable' USB hub, sound, network, graphics adapter
++SUBSYSTEM=="usb", ATTR{idVendor}=="2230", ATTR{idProduct}=="000[13]", ENV{ID_AUTOSEAT}="1"
++
++# Mimo 720, with integrated USB hub, displaylink graphics, and e2i
++# touchscreen. This device carries no proper VID/PID in the USB hub,
++# but it does carry good ID data in the graphics component, hence we
++# check it from the parent. There's a bit of a race here however,
++# given that the child devices might not exist yet at the time this
++# rule is executed. To work around this we'll trigger the parent from
++# the child if we notice that the parent wasn't recognized yet.
++
++# Match parent
++SUBSYSTEM=="usb", ATTR{idVendor}=="058f", ATTR{idProduct}=="6254", \
++ ATTR{%k.2/idVendor}=="17e9", ATTR{%k.2/idProduct}=="401a", ATTR{%k.2/product}=="mimo inc", \
++ ENV{ID_AUTOSEAT}="1", ENV{ID_AVOID_LOOP}="1"
++
++# Match child, look for parent's ID_AVOID_LOOP
++SUBSYSTEM=="usb", ATTR{idVendor}=="17e9", ATTR{idProduct}=="401a", ATTR{product}=="mimo inc", \
++ ATTR{../idVendor}=="058f", ATTR{../idProduct}=="6254", \
++ IMPORT{parent}="ID_AVOID_LOOP"
++
++# Match child, retrigger parent
++SUBSYSTEM=="usb", ATTR{idVendor}=="17e9", ATTR{idProduct}=="401a", ATTR{product}=="mimo inc", \
++ ATTR{../idVendor}=="058f", ATTR{../idProduct}=="6254", \
++ ENV{ID_AVOID_LOOP}=="", \
++ RUN+="@bindir@/udevadm trigger --parent-match=%p/.."
++
++TAG=="seat", ENV{ID_PATH}=="", IMPORT{builtin}="path_id"
++TAG=="seat", ENV{ID_FOR_SEAT}=="", ENV{ID_PATH_TAG}!="", ENV{ID_FOR_SEAT}="$env{SUBSYSTEM}-$env{ID_PATH_TAG}"
++
++LABEL="seat_end"
diff --git a/0369-journald-properly-handle-if-we-have-no-PID-in-a-kmsg.patch b/0369-journald-properly-handle-if-we-have-no-PID-in-a-kmsg.patch
new file mode 100644
index 0000000..71a6388
--- /dev/null
+++ b/0369-journald-properly-handle-if-we-have-no-PID-in-a-kmsg.patch
@@ -0,0 +1,24 @@
+From b046fd6b4c9d6bc3dab2d2c78b426080bd4bf56d Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 31 May 2012 01:26:06 +0200
+Subject: [PATCH] journald: properly handle if we have no PID in a kmsg line
+ (cherry picked from commit
+ 96ceff5645faeaf02438d78996b8bdba4ebf05bb)
+
+---
+ src/journal/journald.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/journal/journald.c b/src/journal/journald.c
+index 7cfa5c8..490153c 100644
+--- a/src/journal/journald.c
++++ b/src/journal/journald.c
+@@ -1827,7 +1827,7 @@ static void proc_kmsg_line(Server *s, const char *p) {
+
+ /* Avoid any messages we generated ourselves via
+ * log_info() and friends. */
+- if (is_us(pid))
++ if (pid && is_us(pid))
+ goto finish;
+
+ if (s->forward_to_syslog)
diff --git a/0370-systemctl-introduce-systemctl-man-to-show-man-page-f.patch b/0370-systemctl-introduce-systemctl-man-to-show-man-page-f.patch
new file mode 100644
index 0000000..4644a88
--- /dev/null
+++ b/0370-systemctl-introduce-systemctl-man-to-show-man-page-f.patch
@@ -0,0 +1,155 @@
+From b0b19cfc571423eca0694c0da8ed1fe3b875105a Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 31 May 2012 04:11:57 +0200
+Subject: [PATCH] systemctl: introduce "systemctl man" to show man page for
+ unit
+
+For now this only reads man: URLs, but later on we might want to support
+info: too. http/https is probably out of focus.
+(cherry picked from commit 256425cc10d74c13602527eb86b4ba0938964565)
+
+Conflicts:
+ TODO
+---
+ man/systemctl.xml | 8 +++++
+ src/systemctl/systemctl.c | 79 +++++++++++++++++++++++++++++++++++++++++++--
+ 2 files changed, 84 insertions(+), 3 deletions(-)
+
+diff --git a/man/systemctl.xml b/man/systemctl.xml
+index 7ae5add..425bfd5 100644
+--- a/man/systemctl.xml
++++ b/man/systemctl.xml
+@@ -633,7 +633,15 @@
+ looking for formatted human-readable
+ output.</para></listitem>
+ </varlistentry>
++ <varlistentry>
++ <term><command>man [NAME...|PID...]</command></term>
+
++ <listitem><para>Show manual pages for
++ one or more units, if available. If a
++ PID is passed the manual pages for the
++ unit the process of the PID belongs to
++ is shown.</para></listitem>
++ </varlistentry>
+ <varlistentry>
+ <term><command>reset-failed [NAME...]</command></term>
+
+diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
+index 7f03a65..377a878 100644
+--- a/src/systemctl/systemctl.c
++++ b/src/systemctl/systemctl.c
+@@ -2449,6 +2449,73 @@ static void print_status_info(UnitStatusInfo *i) {
+ arg_scope == UNIT_FILE_SYSTEM ? "--system" : "--user");
+ }
+
++static void man_status_info(UnitStatusInfo *i) {
++ char **p;
++
++ assert(i);
++
++ if (!i->documentation) {
++ log_info("Documentation for %s not known.", i->id);
++ return;
++ }
++
++ STRV_FOREACH(p, i->documentation) {
++
++ if (startswith(*p, "man:")) {
++ size_t k;
++ char *e = NULL;
++ char *page = NULL, *section = NULL;
++ const char *args[4] = { "man", NULL, NULL, NULL };
++ pid_t pid;
++
++ k = strlen(*p);
++
++ if ((*p)[k-1] == ')')
++ e = strrchr(*p, '(');
++
++ if (e) {
++ page = strndup((*p) + 4, e - *p - 4);
++ if (!page) {
++ log_error("Out of memory.");
++ return;
++ }
++
++ section = strndup(e + 1, *p + k - e - 2);
++ if (!section) {
++ free(page);
++ log_error("Out of memory");
++ return;
++ }
++
++ args[1] = section;
++ args[2] = page;
++ } else
++ args[1] = *p + 4;
++
++ pid = fork();
++ if (pid < 0) {
++ log_error("Failed to fork: %m");
++ free(page);
++ free(section);
++ continue;
++ }
++
++ if (pid == 0) {
++ /* Child */
++ execvp(args[0], (char**) args);
++ log_error("Failed to execute man: %m");
++ _exit(EXIT_FAILURE);
++ }
++
++ free(page);
++ free(section);
++
++ wait_for_terminate(pid, NULL);
++ } else
++ log_info("Can't show %s.", *p);
++ }
++}
++
+ static int status_property(const char *name, DBusMessageIter *iter, UnitStatusInfo *i) {
+
+ assert(name);
+@@ -2947,8 +3014,12 @@ static int show_one(const char *verb, DBusConnection *bus, const char *path, boo
+
+ r = 0;
+
+- if (!show_properties)
+- print_status_info(&info);
++ if (!show_properties) {
++ if (streq(verb, "man"))
++ man_status_info(&info);
++ else
++ print_status_info(&info);
++ }
+
+ strv_free(info.documentation);
+
+@@ -3039,7 +3110,7 @@ static int show(DBusConnection *bus, char **args) {
+ assert(bus);
+ assert(args);
+
+- show_properties = !streq(args[0], "status");
++ show_properties = streq(args[0], "show");
+
+ if (show_properties)
+ pager_open_if_enabled();
+@@ -4209,6 +4280,7 @@ static int systemctl_help(void) {
+ " status [NAME...|PID...] Show runtime status of one or more units\n"
+ " show [NAME...|JOB...] Show properties of one or more\n"
+ " units/jobs or the manager\n"
++ " man [NAME...|PID...] Show manual for one or more units\n"
+ " reset-failed [NAME...] Reset failed state for all, one, or more\n"
+ " units\n"
+ " load [NAME...] Load one or more units\n\n"
+@@ -5172,6 +5244,7 @@ static int systemctl_main(DBusConnection *bus, int argc, char *argv[], DBusError
+ { "check", MORE, 2, check_unit },
+ { "show", MORE, 1, show },
+ { "status", MORE, 2, show },
++ { "man", MORE, 2, show },
+ { "dump", EQUAL, 1, dump },
+ { "dot", EQUAL, 1, dot },
+ { "snapshot", LESS, 2, snapshot },
diff --git a/0371-util-introduce-a-proper-nsec_t-and-make-use-of-it-wh.patch b/0371-util-introduce-a-proper-nsec_t-and-make-use-of-it-wh.patch
new file mode 100644
index 0000000..cd511ae
--- /dev/null
+++ b/0371-util-introduce-a-proper-nsec_t-and-make-use-of-it-wh.patch
@@ -0,0 +1,363 @@
+From d9674017a185997a3a518ad8ccfb8cad4a6d3af2 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 31 May 2012 04:27:03 +0200
+Subject: [PATCH] util: introduce a proper nsec_t and make use of it where
+ appropriate (cherry picked from commit
+ d88a251b125f6e9178b9ca9ea47ab7da3234cb58)
+
+---
+ man/systemd.exec.xml | 11 +++---
+ src/core/dbus-execute.c | 2 +-
+ src/core/execute.c | 5 ++-
+ src/core/execute.h | 3 +-
+ src/core/load-fragment-gperf.gperf.m4 | 2 +-
+ src/core/load-fragment.c | 30 +--------------
+ src/core/load-fragment.h | 1 -
+ src/shared/conf-parser.c | 25 ++++++++++++
+ src/shared/conf-parser.h | 1 +
+ src/shared/util.c | 67 ++++++++++++++++++++++++++++++++-
+ src/shared/util.h | 8 ++++
+ 11 files changed, 113 insertions(+), 42 deletions(-)
+
+diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
+index 7d28545..09e9f0f 100644
+--- a/man/systemd.exec.xml
++++ b/man/systemd.exec.xml
+@@ -581,16 +581,17 @@
+ <term><varname>TimerSlackNSec=</varname></term>
+ <listitem><para>Sets the timer slack
+ in nanoseconds for the executed
+- processes. The timer slack controls the
+- accuracy of wake-ups triggered by
++ processes. The timer slack controls
++ the accuracy of wake-ups triggered by
+ timers. See
+ <citerefentry><refentrytitle>prctl</refentrytitle><manvolnum>2</manvolnum></citerefentry>
+ for more information. Note that in
+ contrast to most other time span
+ definitions this parameter takes an
+- integer value in nano-seconds and does
+- not understand any other
+- units.</para></listitem>
++ integer value in nano-seconds if no
++ unit is specified. The usual time
++ units are understood
++ too.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
+index 1fd2b21..1812e61 100644
+--- a/src/core/dbus-execute.c
++++ b/src/core/dbus-execute.c
+@@ -216,7 +216,7 @@ int bus_execute_append_timer_slack_nsec(DBusMessageIter *i, const char *property
+ assert(property);
+ assert(c);
+
+- if (c->timer_slack_nsec_set)
++ if (c->timer_slack_nsec != (nsec_t) -1)
+ u = (uint64_t) c->timer_slack_nsec;
+ else
+ u = (uint64_t) prctl(PR_GET_TIMERSLACK);
+diff --git a/src/core/execute.c b/src/core/execute.c
+index f93c9a4..688ec4b 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -1183,7 +1183,7 @@ int exec_spawn(ExecCommand *command,
+ goto fail_child;
+ }
+
+- if (context->timer_slack_nsec_set)
++ if (context->timer_slack_nsec != (nsec_t) -1)
+ if (prctl(PR_SET_TIMERSLACK, context->timer_slack_nsec) < 0) {
+ err = -errno;
+ r = EXIT_TIMERSLACK;
+@@ -1494,6 +1494,7 @@ void exec_context_init(ExecContext *c) {
+ c->send_sigkill = true;
+ c->control_group_persistent = -1;
+ c->ignore_sigpipe = true;
++ c->timer_slack_nsec = (nsec_t) -1;
+ }
+
+ void exec_context_done(ExecContext *c) {
+@@ -1739,7 +1740,7 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
+ fputs("\n", f);
+ }
+
+- if (c->timer_slack_nsec_set)
++ if (c->timer_slack_nsec != (nsec_t) -1)
+ fprintf(f, "%sTimerSlackNSec: %lu\n", prefix, c->timer_slack_nsec);
+
+ fprintf(f,
+diff --git a/src/core/execute.h b/src/core/execute.h
+index 755fc2a..c696913 100644
+--- a/src/core/execute.h
++++ b/src/core/execute.h
+@@ -118,7 +118,7 @@ struct ExecContext {
+ ExecOutput std_output;
+ ExecOutput std_error;
+
+- unsigned long timer_slack_nsec;
++ nsec_t timer_slack_nsec;
+
+ char *tcpwrap_name;
+
+@@ -178,7 +178,6 @@ struct ExecContext {
+ bool nice_set:1;
+ bool ioprio_set:1;
+ bool cpu_sched_set:1;
+- bool timer_slack_nsec_set:1;
+ };
+
+ int exec_spawn(ExecCommand *command,
+diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4
+index 9efc859..d32aae9 100644
+--- a/src/core/load-fragment-gperf.gperf.m4
++++ b/src/core/load-fragment-gperf.gperf.m4
+@@ -47,7 +47,7 @@ $1.SyslogLevelPrefix, config_parse_bool, 0,
+ $1.Capabilities, config_parse_exec_capabilities, 0, offsetof($1, exec_context)
+ $1.SecureBits, config_parse_exec_secure_bits, 0, offsetof($1, exec_context)
+ $1.CapabilityBoundingSet, config_parse_bounding_set, 0, offsetof($1, exec_context.capability_bounding_set_drop)
+-$1.TimerSlackNSec, config_parse_exec_timer_slack_nsec, 0, offsetof($1, exec_context)
++$1.TimerSlackNSec, config_parse_nsec, 0, offsetof($1, exec_context.timer_slack_nsec)
+ $1.LimitCPU, config_parse_limit, RLIMIT_CPU, offsetof($1, exec_context.rlimit)
+ $1.LimitFSIZE, config_parse_limit, RLIMIT_FSIZE, offsetof($1, exec_context.rlimit)
+ $1.LimitDATA, config_parse_limit, RLIMIT_DATA, offsetof($1, exec_context.rlimit)
+diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
+index bb27d95..99f388e 100644
+--- a/src/core/load-fragment.c
++++ b/src/core/load-fragment.c
+@@ -991,34 +991,6 @@ int config_parse_bounding_set(
+ return 0;
+ }
+
+-int config_parse_exec_timer_slack_nsec(
+- const char *filename,
+- unsigned line,
+- const char *section,
+- const char *lvalue,
+- int ltype,
+- const char *rvalue,
+- void *data,
+- void *userdata) {
+-
+- ExecContext *c = data;
+- unsigned long u;
+-
+- assert(filename);
+- assert(lvalue);
+- assert(rvalue);
+- assert(data);
+-
+- if (safe_atolu(rvalue, &u) < 0) {
+- log_error("[%s:%u] Failed to parse time slack value, ignoring: %s", filename, line, rvalue);
+- return 0;
+- }
+-
+- c->timer_slack_nsec = u;
+-
+- return 0;
+-}
+-
+ int config_parse_limit(
+ const char *filename,
+ unsigned line,
+@@ -2442,7 +2414,6 @@ void unit_dump_config_items(FILE *f) {
+ { config_parse_exec_capabilities, "CAPABILITIES" },
+ { config_parse_exec_secure_bits, "SECUREBITS" },
+ { config_parse_bounding_set, "BOUNDINGSET" },
+- { config_parse_exec_timer_slack_nsec, "TIMERSLACK" },
+ { config_parse_limit, "LIMIT" },
+ { config_parse_unit_cgroup, "CGROUP [...]" },
+ { config_parse_unit_deps, "UNIT [...]" },
+@@ -2461,6 +2432,7 @@ void unit_dump_config_items(FILE *f) {
+ { config_parse_socket_bind, "SOCKETBIND" },
+ { config_parse_socket_bindtodevice, "NETWORKINTERFACE" },
+ { config_parse_usec, "SECONDS" },
++ { config_parse_nsec, "NANOSECONDS" },
+ { config_parse_path_strv, "PATH [...]" },
+ { config_parse_unit_requires_mounts_for, "PATH [...]" },
+ { config_parse_exec_mount_flags, "MOUNTFLAG [...]" },
+diff --git a/src/core/load-fragment.h b/src/core/load-fragment.h
+index 7d73eec..cd29948 100644
+--- a/src/core/load-fragment.h
++++ b/src/core/load-fragment.h
+@@ -57,7 +57,6 @@ int config_parse_exec_cpu_affinity(const char *filename, unsigned line, const ch
+ int config_parse_exec_capabilities(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_exec_secure_bits(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_bounding_set(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+-int config_parse_exec_timer_slack_nsec(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_limit(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_unit_cgroup(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_sysv_priority(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c
+index d77cd2b..1b7e8d8 100644
+--- a/src/shared/conf-parser.c
++++ b/src/shared/conf-parser.c
+@@ -817,6 +817,31 @@ int config_parse_usec(
+ return 0;
+ }
+
++int config_parse_nsec(
++ const char *filename,
++ unsigned line,
++ const char *section,
++ const char *lvalue,
++ int ltype,
++ const char *rvalue,
++ void *data,
++ void *userdata) {
++
++ nsec_t *nsec = data;
++
++ assert(filename);
++ assert(lvalue);
++ assert(rvalue);
++ assert(data);
++
++ if (parse_nsec(rvalue, nsec) < 0) {
++ log_error("[%s:%u] Failed to parse time value, ignoring: %s", filename, line, rvalue);
++ return 0;
++ }
++
++ return 0;
++}
++
+ int config_parse_mode(
+ const char *filename,
+ unsigned line,
+diff --git a/src/shared/conf-parser.h b/src/shared/conf-parser.h
+index be7d708..4656f8b 100644
+--- a/src/shared/conf-parser.h
++++ b/src/shared/conf-parser.h
+@@ -102,6 +102,7 @@ int config_parse_path(const char *filename, unsigned line, const char *section,
+ int config_parse_strv(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_path_strv(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_usec(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
++int config_parse_nsec(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_mode(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+
+ #define DEFINE_CONFIG_PARSE_ENUM(function,name,type,msg) \
+diff --git a/src/shared/util.c b/src/shared/util.c
+index ae2f0fe..b26298b 100644
+--- a/src/shared/util.c
++++ b/src/shared/util.c
+@@ -2707,7 +2707,7 @@ int parse_usec(const char *t, usec_t *usec) {
+ { "m", USEC_PER_MINUTE },
+ { "usec", 1ULL },
+ { "us", 1ULL },
+- { "", USEC_PER_SEC },
++ { "", USEC_PER_SEC }, /* default is sec */
+ };
+
+ const char *p;
+@@ -2753,6 +2753,71 @@ int parse_usec(const char *t, usec_t *usec) {
+ return 0;
+ }
+
++int parse_nsec(const char *t, nsec_t *nsec) {
++ static const struct {
++ const char *suffix;
++ nsec_t nsec;
++ } table[] = {
++ { "sec", NSEC_PER_SEC },
++ { "s", NSEC_PER_SEC },
++ { "min", NSEC_PER_MINUTE },
++ { "hr", NSEC_PER_HOUR },
++ { "h", NSEC_PER_HOUR },
++ { "d", NSEC_PER_DAY },
++ { "w", NSEC_PER_WEEK },
++ { "msec", NSEC_PER_MSEC },
++ { "ms", NSEC_PER_MSEC },
++ { "m", NSEC_PER_MINUTE },
++ { "usec", NSEC_PER_USEC },
++ { "us", NSEC_PER_USEC },
++ { "nsec", 1ULL },
++ { "ns", 1ULL },
++ { "", 1ULL }, /* default is nsec */
++ };
++
++ const char *p;
++ nsec_t r = 0;
++
++ assert(t);
++ assert(nsec);
++
++ p = t;
++ do {
++ long long l;
++ char *e;
++ unsigned i;
++
++ errno = 0;
++ l = strtoll(p, &e, 10);
++
++ if (errno != 0)
++ return -errno;
++
++ if (l < 0)
++ return -ERANGE;
++
++ if (e == p)
++ return -EINVAL;
++
++ e += strspn(e, WHITESPACE);
++
++ for (i = 0; i < ELEMENTSOF(table); i++)
++ if (startswith(e, table[i].suffix)) {
++ r += (nsec_t) l * table[i].nsec;
++ p = e + strlen(table[i].suffix);
++ break;
++ }
++
++ if (i >= ELEMENTSOF(table))
++ return -EINVAL;
++
++ } while (*p != 0);
++
++ *nsec = r;
++
++ return 0;
++}
++
+ int parse_bytes(const char *t, off_t *bytes) {
+ static const struct {
+ const char *suffix;
+diff --git a/src/shared/util.h b/src/shared/util.h
+index 38574d9..05a7f98 100644
+--- a/src/shared/util.h
++++ b/src/shared/util.h
+@@ -39,6 +39,7 @@
+ #include "macro.h"
+
+ typedef uint64_t usec_t;
++typedef unsigned long nsec_t;
+
+ typedef struct dual_timestamp {
+ usec_t realtime;
+@@ -53,11 +54,17 @@ typedef struct dual_timestamp {
+ #define NSEC_PER_USEC 1000ULL
+
+ #define USEC_PER_MINUTE (60ULL*USEC_PER_SEC)
++#define NSEC_PER_MINUTE (60ULL*NSEC_PER_SEC)
+ #define USEC_PER_HOUR (60ULL*USEC_PER_MINUTE)
++#define NSEC_PER_HOUR (60ULL*NSEC_PER_MINUTE)
+ #define USEC_PER_DAY (24ULL*USEC_PER_HOUR)
++#define NSEC_PER_DAY (24ULL*NSEC_PER_HOUR)
+ #define USEC_PER_WEEK (7ULL*USEC_PER_DAY)
++#define NSEC_PER_WEEK (7ULL*NSEC_PER_DAY)
+ #define USEC_PER_MONTH (2629800ULL*USEC_PER_SEC)
++#define NSEC_PER_MONTH (2629800ULL*NSEC_PER_SEC)
+ #define USEC_PER_YEAR (31557600ULL*USEC_PER_SEC)
++#define NSEC_PER_YEAR (31557600ULL*NSEC_PER_SEC)
+
+ /* What is interpreted as whitespace? */
+ #define WHITESPACE " \t\n\r"
+@@ -139,6 +146,7 @@ void close_many(const int fds[], unsigned n_fd);
+
+ int parse_boolean(const char *v);
+ int parse_usec(const char *t, usec_t *usec);
++int parse_nsec(const char *t, nsec_t *nsec);
+ int parse_bytes(const char *t, off_t *bytes);
+ int parse_pid(const char *s, pid_t* ret_pid);
+ int parse_uid(const char *s, uid_t* ret_uid);
diff --git a/0372-main-allow-setting-of-timer-slack-for-PID-1.patch b/0372-main-allow-setting-of-timer-slack-for-PID-1.patch
new file mode 100644
index 0000000..63fcfe5
--- /dev/null
+++ b/0372-main-allow-setting-of-timer-slack-for-PID-1.patch
@@ -0,0 +1,90 @@
+From a4522a3ae38e24e177db98aa8e262cdf54d42646 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 31 May 2012 04:36:08 +0200
+Subject: [PATCH] main: allow setting of timer slack for PID 1 (cherry picked
+ from commit aa0f64ac851ebf27342d66947b5170bfeb9f49ae)
+
+---
+ man/systemd.conf.xml | 24 ++++++++++++++++++++++++
+ src/core/main.c | 6 ++++++
+ src/core/system.conf | 1 +
+ 3 files changed, 31 insertions(+)
+
+diff --git a/man/systemd.conf.xml b/man/systemd.conf.xml
+index 8e288eb..db35519 100644
+--- a/man/systemd.conf.xml
++++ b/man/systemd.conf.xml
+@@ -228,6 +228,30 @@
+ </varlistentry>
+
+ <varlistentry>
++ <term><varname>TimerSlackNSec=</varname></term>
++
++ <listitem><para>Sets the timer slack
++ in nanoseconds for PID 1 which is then
++ inherited to all executed processes,
++ unless overriden individually, for
++ example with the
++ <varname>TimerSlackNSec=</varname>
++ setting in service units (for details
++ see
++ <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>). The
++ timer slack controls the accuracy of
++ wake-ups triggered by timers. See
++ <citerefentry><refentrytitle>prctl</refentrytitle><manvolnum>2</manvolnum></citerefentry>
++ for more information. Note that in
++ contrast to most other time span
++ definitions this parameter takes an
++ integer value in nano-seconds if no
++ unit is specified. The usual time
++ units are understood
++ too.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
+ <term><varname>DefaultLimitCPU=</varname></term>
+ <term><varname>DefaultLimitFSIZE=</varname></term>
+ <term><varname>DefaultLimitDATA=</varname></term>
+diff --git a/src/core/main.c b/src/core/main.c
+index ccf993d..2e79ca5 100644
+--- a/src/core/main.c
++++ b/src/core/main.c
+@@ -92,6 +92,7 @@ static usec_t arg_runtime_watchdog = 0;
+ static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
+ static struct rlimit *arg_default_rlimit[RLIMIT_NLIMITS] = {};
+ static uint64_t arg_capability_bounding_set_drop = 0;
++static nsec_t arg_timer_slack_nsec = (nsec_t) -1;
+
+ static FILE* serialization = NULL;
+
+@@ -685,6 +686,7 @@ static int parse_config_file(void) {
+ { "Manager", "RuntimeWatchdogSec", config_parse_usec, 0, &arg_runtime_watchdog },
+ { "Manager", "ShutdownWatchdogSec", config_parse_usec, 0, &arg_shutdown_watchdog },
+ { "Manager", "CapabilityBoundingSet", config_parse_bounding_set, 0, &arg_capability_bounding_set_drop },
++ { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
+ { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU]},
+ { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE]},
+ { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA]},
+@@ -1491,6 +1493,10 @@ int main(int argc, char *argv[]) {
+ if (arg_running_as == MANAGER_SYSTEM && arg_runtime_watchdog > 0)
+ watchdog_set_timeout(&arg_runtime_watchdog);
+
++ if (arg_timer_slack_nsec != (nsec_t) -1)
++ if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
++ log_error("Failed to adjust timer slack: %m");
++
+ if (arg_capability_bounding_set_drop) {
+ r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);
+ if (r < 0) {
+diff --git a/src/core/system.conf b/src/core/system.conf
+index e50ee3c..df0465e 100644
+--- a/src/core/system.conf
++++ b/src/core/system.conf
+@@ -27,6 +27,7 @@
+ #RuntimeWatchdogSec=0
+ #ShutdownWatchdogSec=10min
+ #CapabilityBoundingSet=
++#TimerSlackNSec=
+ #DefaultLimitCPU=
+ #DefaultLimitFSIZE=
+ #DefaultLimitDATA=
diff --git a/0373-util-don-t-require-libcap-when-building-libsystemd-s.patch b/0373-util-don-t-require-libcap-when-building-libsystemd-s.patch
new file mode 100644
index 0000000..73faa74
--- /dev/null
+++ b/0373-util-don-t-require-libcap-when-building-libsystemd-s.patch
@@ -0,0 +1,27 @@
+From f13bab0afa748011b526280f0f9e5a1f508c282c Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Thu, 31 May 2012 11:58:06 +0200
+Subject: [PATCH] util: don't require libcap when building libsystemd-shared
+
+src/shared/util.c includes <sys/capability.h> but doesn't use anything
+defined there. Since <sys/capability.h> is part of libcap, not libc,
+don't require it.
+
+Allows systemd-without-udevd to require fewer external libraries.
+(cherry picked from commit 051d68786bd5bfe87e7cc0c1d68ec4be83eb662a)
+---
+ src/shared/util.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/src/shared/util.c b/src/shared/util.c
+index b26298b..035f01d 100644
+--- a/src/shared/util.c
++++ b/src/shared/util.c
+@@ -50,7 +50,6 @@
+ #include <linux/kd.h>
+ #include <dlfcn.h>
+ #include <sys/wait.h>
+-#include <sys/capability.h>
+ #include <sys/time.h>
+ #include <glob.h>
+ #include <grp.h>
diff --git a/0374-mkdir-append-_label-to-all-mkdir-calls-that-explicit.patch b/0374-mkdir-append-_label-to-all-mkdir-calls-that-explicit.patch
new file mode 100644
index 0000000..d1de0ec
--- /dev/null
+++ b/0374-mkdir-append-_label-to-all-mkdir-calls-that-explicit.patch
@@ -0,0 +1,603 @@
+From 66b063007f58ac63b4f872fe1135cf56b0367051 Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Thu, 31 May 2012 12:40:20 +0200
+Subject: [PATCH] mkdir: append _label to all mkdir() calls that explicitly
+ set the selinux context (cherry picked from commit
+ d2e54fae5ca7a0f71b5ac8b356a589ff0a09ea0a)
+
+Conflicts:
+ src/core/manager.c
+ src/fstab-generator/fstab-generator.c
+ src/libudev/libudev-device-private.c
+ src/test/test-udev.c
+ src/udev/udev-builtin-firmware.c
+ src/udev/udev-node.c
+ src/udev/udev-watch.c
+ src/udev/udevd.c
+---
+ src/core/automount.c | 4 ++--
+ src/core/dbus.c | 2 +-
+ src/core/mount-setup.c | 6 +++---
+ src/core/mount.c | 4 ++--
+ src/core/path.c | 2 +-
+ src/core/shutdown.c | 2 +-
+ src/core/socket.c | 2 +-
+ src/cryptsetup/cryptsetup-generator.c | 6 +++---
+ src/getty-generator/getty-generator.c | 2 +-
+ src/journal/coredump.c | 2 +-
+ src/journal/journald.c | 2 +-
+ src/locale/localed.c | 2 +-
+ src/login/logind-dbus.c | 6 +++---
+ src/login/logind-inhibit.c | 4 ++--
+ src/login/logind-seat.c | 2 +-
+ src/login/logind-session.c | 4 ++--
+ src/login/logind-user.c | 6 +++---
+ src/login/multi-seat-x.c | 2 +-
+ src/nspawn/nspawn.c | 10 +++++-----
+ src/random-seed/random-seed.c | 2 +-
+ src/rc-local-generator/rc-local-generator.c | 2 +-
+ src/shared/ask-password-api.c | 2 +-
+ src/shared/cgroup-label.c | 2 +-
+ src/shared/install.c | 2 +-
+ src/shared/mkdir.c | 12 ++++++++----
+ src/shared/mkdir.h | 7 ++++---
+ src/shared/path-lookup.c | 2 +-
+ src/shared/socket-label.c | 2 +-
+ src/shutdownd/shutdownd.c | 2 +-
+ src/tmpfiles/tmpfiles.c | 2 +-
+ src/tty-ask-password-agent/tty-ask-password-agent.c | 4 ++--
+ 31 files changed, 58 insertions(+), 53 deletions(-)
+
+diff --git a/src/core/automount.c b/src/core/automount.c
+index 398b484..be4e657 100644
+--- a/src/core/automount.c
++++ b/src/core/automount.c
+@@ -501,7 +501,7 @@ static void automount_enter_waiting(Automount *a) {
+ }
+
+ /* We knowingly ignore the results of this call */
+- mkdir_p(a->where, 0555);
++ mkdir_p_label(a->where, 0555);
+
+ if (pipe2(p, O_NONBLOCK|O_CLOEXEC) < 0) {
+ r = -errno;
+@@ -590,7 +590,7 @@ static void automount_enter_runnning(Automount *a) {
+ return;
+ }
+
+- mkdir_p(a->where, a->directory_mode);
++ mkdir_p_label(a->where, a->directory_mode);
+
+ /* Before we do anything, let's see if somebody is playing games with us? */
+ if (lstat(a->where, &st) < 0) {
+diff --git a/src/core/dbus.c b/src/core/dbus.c
+index 1cf93c5..d67a89c 100644
+--- a/src/core/dbus.c
++++ b/src/core/dbus.c
+@@ -1095,7 +1095,7 @@ static int bus_init_private(Manager *m) {
+ goto fail;
+ }
+
+- mkdir_parents(p+10, 0755);
++ mkdir_parents_label(p+10, 0755);
+ unlink(p+10);
+ m->private_bus = dbus_server_listen(p, &error);
+ free(p);
+diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
+index 3682547..d4f81cc 100644
+--- a/src/core/mount-setup.c
++++ b/src/core/mount-setup.c
+@@ -130,7 +130,7 @@ static int mount_one(const MountPoint *p, bool relabel) {
+
+ /* The access mode here doesn't really matter too much, since
+ * the mounted file system will take precedence anyway. */
+- mkdir_p(p->where, 0755);
++ mkdir_p_label(p->where, 0755);
+
+ log_debug("Mounting %s to %s of type %s with options %s.",
+ p->what,
+@@ -404,8 +404,8 @@ int mount_setup(bool loaded_policy) {
+ dev_setup();
+
+ /* Create a few directories we always want around */
+- label_mkdir("/run/systemd", 0755);
+- label_mkdir("/run/systemd/system", 0755);
++ mkdir_label("/run/systemd", 0755);
++ mkdir_label("/run/systemd/system", 0755);
+
+ return 0;
+ }
+diff --git a/src/core/mount.c b/src/core/mount.c
+index ffe1b2c..dcb6c5a 100644
+--- a/src/core/mount.c
++++ b/src/core/mount.c
+@@ -974,12 +974,12 @@ static void mount_enter_mounting(Mount *m) {
+ m->control_command_id = MOUNT_EXEC_MOUNT;
+ m->control_command = m->exec_command + MOUNT_EXEC_MOUNT;
+
+- mkdir_p(m->where, m->directory_mode);
++ mkdir_p_label(m->where, m->directory_mode);
+
+ /* Create the source directory for bind-mounts if needed */
+ p = get_mount_parameters_configured(m);
+ if (p && mount_is_bind(p))
+- mkdir_p(p->what, m->directory_mode);
++ mkdir_p_label(p->what, m->directory_mode);
+
+ if (m->from_fragment)
+ r = exec_command_set(
+diff --git a/src/core/path.c b/src/core/path.c
+index 9155fee..e183a15 100644
+--- a/src/core/path.c
++++ b/src/core/path.c
+@@ -215,7 +215,7 @@ static void path_spec_mkdir(PathSpec *s, mode_t mode) {
+ if (s->type == PATH_EXISTS || s->type == PATH_EXISTS_GLOB)
+ return;
+
+- if ((r = mkdir_p(s->path, mode)) < 0)
++ if ((r = mkdir_p_label(s->path, mode)) < 0)
+ log_warning("mkdir(%s) failed: %s", s->path, strerror(-r));
+ }
+
+diff --git a/src/core/shutdown.c b/src/core/shutdown.c
+index b4e1b69..4a2f309 100644
+--- a/src/core/shutdown.c
++++ b/src/core/shutdown.c
+@@ -238,7 +238,7 @@ static int prepare_new_root(void) {
+ }
+
+ NULSTR_FOREACH(dir, dirs)
+- if (mkdir_p(dir, 0755) < 0 && errno != EEXIST) {
++ if (mkdir_p_label(dir, 0755) < 0 && errno != EEXIST) {
+ log_error("Failed to mkdir %s: %m", dir);
+ return -errno;
+ }
+diff --git a/src/core/socket.c b/src/core/socket.c
+index 5098391..eab2243 100644
+--- a/src/core/socket.c
++++ b/src/core/socket.c
+@@ -761,7 +761,7 @@ static int fifo_address_create(
+ assert(path);
+ assert(_fd);
+
+- mkdir_parents(path, directory_mode);
++ mkdir_parents_label(path, directory_mode);
+
+ r = label_context_set(path, S_IFIFO);
+ if (r < 0)
+diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
+index 2e43f5e..e3e9a99 100644
+--- a/src/cryptsetup/cryptsetup-generator.c
++++ b/src/cryptsetup/cryptsetup-generator.c
+@@ -175,7 +175,7 @@ static int create_disk(
+ goto fail;
+ }
+
+- mkdir_parents(to, 0755);
++ mkdir_parents_label(to, 0755);
+ if (symlink(from, to) < 0) {
+ log_error("Failed to create symlink '%s' to '%s': %m", from, to);
+ r = -errno;
+@@ -193,7 +193,7 @@ static int create_disk(
+ goto fail;
+ }
+
+- mkdir_parents(to, 0755);
++ mkdir_parents_label(to, 0755);
+ if (symlink(from, to) < 0) {
+ log_error("Failed to create symlink '%s' to '%s': %m", from, to);
+ r = -errno;
+@@ -211,7 +211,7 @@ static int create_disk(
+ goto fail;
+ }
+
+- mkdir_parents(to, 0755);
++ mkdir_parents_label(to, 0755);
+ if (symlink(from, to) < 0) {
+ log_error("Failed to create symlink '%s' to '%s': %m", from, to);
+ r = -errno;
+diff --git a/src/getty-generator/getty-generator.c b/src/getty-generator/getty-generator.c
+index 6a27213..66b58a3 100644
+--- a/src/getty-generator/getty-generator.c
++++ b/src/getty-generator/getty-generator.c
+@@ -47,7 +47,7 @@ static int add_symlink(const char *fservice, const char *tservice) {
+ goto finish;
+ }
+
+- mkdir_parents(to, 0755);
++ mkdir_parents_label(to, 0755);
+
+ r = symlink(from, to);
+ if (r < 0) {
+diff --git a/src/journal/coredump.c b/src/journal/coredump.c
+index 069c340..53c5915 100644
+--- a/src/journal/coredump.c
++++ b/src/journal/coredump.c
+@@ -54,7 +54,7 @@ static int divert_coredump(void) {
+
+ log_info("Detected coredump of the journal daemon itself, diverting coredump to /var/lib/systemd/coredump/.");
+
+- mkdir_p("/var/lib/systemd/coredump", 0755);
++ mkdir_p_label("/var/lib/systemd/coredump", 0755);
+
+ f = fopen("/var/lib/systemd/coredump/core.systemd-journald", "we");
+ if (!f) {
+diff --git a/src/journal/journald.c b/src/journal/journald.c
+index 490153c..4679300 100644
+--- a/src/journal/journald.c
++++ b/src/journal/journald.c
+@@ -1973,7 +1973,7 @@ static int system_journal_open(Server *s) {
+ /* OK, we really need the runtime journal, so create
+ * it if necessary. */
+
+- (void) mkdir_parents(fn, 0755);
++ (void) mkdir_parents_label(fn, 0755);
+ r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
+ free(fn);
+
+diff --git a/src/locale/localed.c b/src/locale/localed.c
+index e6aaa5c..da46106 100644
+--- a/src/locale/localed.c
++++ b/src/locale/localed.c
+@@ -591,7 +591,7 @@ static int write_data_x11(void) {
+ return 0;
+ }
+
+- mkdir_parents("/etc/X11/xorg.conf.d", 0755);
++ mkdir_parents_label("/etc/X11/xorg.conf.d", 0755);
+
+ r = fopen_temporary("/etc/X11/xorg.conf.d/00-keyboard.conf", &f, &temp_path);
+ if (r < 0)
+diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
+index 9b32464..61c4b30 100644
+--- a/src/login/logind-dbus.c
++++ b/src/login/logind-dbus.c
+@@ -868,7 +868,7 @@ static int attach_device(Manager *m, const char *seat, const char *sysfs) {
+ goto finish;
+ }
+
+- mkdir_p("/etc/udev/rules.d", 0755);
++ mkdir_p_label("/etc/udev/rules.d", 0755);
+ r = write_one_line_file_atomic(file, rule);
+ if (r < 0)
+ goto finish;
+@@ -1834,9 +1834,9 @@ static DBusHandlerResult manager_message_handler(
+ if (r < 0)
+ return bus_send_error_reply(connection, message, &error, r);
+
+- mkdir_p("/var/lib/systemd", 0755);
++ mkdir_p_label("/var/lib/systemd", 0755);
+
+- r = safe_mkdir("/var/lib/systemd/linger", 0755, 0, 0);
++ r = mkdir_safe_label("/var/lib/systemd/linger", 0755, 0, 0);
+ if (r < 0)
+ return bus_send_error_reply(connection, message, &error, r);
+
+diff --git a/src/login/logind-inhibit.c b/src/login/logind-inhibit.c
+index 512fc07..721b38d 100644
+--- a/src/login/logind-inhibit.c
++++ b/src/login/logind-inhibit.c
+@@ -84,7 +84,7 @@ int inhibitor_save(Inhibitor *i) {
+
+ assert(i);
+
+- r = safe_mkdir("/run/systemd/inhibit", 0755, 0, 0);
++ r = mkdir_safe_label("/run/systemd/inhibit", 0755, 0, 0);
+ if (r < 0)
+ goto finish;
+
+@@ -272,7 +272,7 @@ int inhibitor_create_fifo(Inhibitor *i) {
+
+ /* Create FIFO */
+ if (!i->fifo_path) {
+- r = safe_mkdir("/run/systemd/inhibit", 0755, 0, 0);
++ r = mkdir_safe_label("/run/systemd/inhibit", 0755, 0, 0);
+ if (r < 0)
+ return r;
+
+diff --git a/src/login/logind-seat.c b/src/login/logind-seat.c
+index b0dd5f9..2a4786c 100644
+--- a/src/login/logind-seat.c
++++ b/src/login/logind-seat.c
+@@ -91,7 +91,7 @@ int seat_save(Seat *s) {
+ if (!s->started)
+ return 0;
+
+- r = safe_mkdir("/run/systemd/seats", 0755, 0, 0);
++ r = mkdir_safe_label("/run/systemd/seats", 0755, 0, 0);
+ if (r < 0)
+ goto finish;
+
+diff --git a/src/login/logind-session.c b/src/login/logind-session.c
+index 60b5965..9bab7e8 100644
+--- a/src/login/logind-session.c
++++ b/src/login/logind-session.c
+@@ -116,7 +116,7 @@ int session_save(Session *s) {
+ if (!s->started)
+ return 0;
+
+- r = safe_mkdir("/run/systemd/sessions", 0755, 0, 0);
++ r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0);
+ if (r < 0)
+ goto finish;
+
+@@ -816,7 +816,7 @@ int session_create_fifo(Session *s) {
+
+ /* Create FIFO */
+ if (!s->fifo_path) {
+- r = safe_mkdir("/run/systemd/sessions", 0755, 0, 0);
++ r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0);
+ if (r < 0)
+ return r;
+
+diff --git a/src/login/logind-user.c b/src/login/logind-user.c
+index 741f0e4..39e8f9f 100644
+--- a/src/login/logind-user.c
++++ b/src/login/logind-user.c
+@@ -98,7 +98,7 @@ int user_save(User *u) {
+ if (!u->started)
+ return 0;
+
+- r = safe_mkdir("/run/systemd/users", 0755, 0, 0);
++ r = mkdir_safe_label("/run/systemd/users", 0755, 0, 0);
+ if (r < 0)
+ goto finish;
+
+@@ -250,7 +250,7 @@ static int user_mkdir_runtime_path(User *u) {
+
+ assert(u);
+
+- r = safe_mkdir("/run/user", 0755, 0, 0);
++ r = mkdir_safe_label("/run/user", 0755, 0, 0);
+ if (r < 0) {
+ log_error("Failed to create /run/user: %s", strerror(-r));
+ return r;
+@@ -266,7 +266,7 @@ static int user_mkdir_runtime_path(User *u) {
+ } else
+ p = u->runtime_path;
+
+- r = safe_mkdir(p, 0700, u->uid, u->gid);
++ r = mkdir_safe_label(p, 0700, u->uid, u->gid);
+ if (r < 0) {
+ log_error("Failed to create runtime directory %s: %s", p, strerror(-r));
+ free(p);
+diff --git a/src/login/multi-seat-x.c b/src/login/multi-seat-x.c
+index 9655446..b7b9a37 100644
+--- a/src/login/multi-seat-x.c
++++ b/src/login/multi-seat-x.c
+@@ -113,7 +113,7 @@ int main(int argc, char *argv[]) {
+ goto fail;
+ }
+
+- r = safe_mkdir("/run/systemd/multi-session-x", 0755, 0, 0);
++ r = mkdir_safe_label("/run/systemd/multi-session-x", 0755, 0, 0);
+ if (r < 0) {
+ log_error("Failed to create directory: %s", strerror(-r));
+ goto fail;
+diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
+index ad60e30..681cc2f 100644
+--- a/src/nspawn/nspawn.c
++++ b/src/nspawn/nspawn.c
+@@ -222,7 +222,7 @@ static int mount_all(const char *dest) {
+ continue;
+ }
+
+- mkdir_p(where, 0755);
++ mkdir_p_label(where, 0755);
+
+ if (mount(mount_table[k].what,
+ where,
+@@ -1035,13 +1035,13 @@ int main(int argc, char *argv[]) {
+ goto child_fail;
+ }
+
+- if (mkdir_parents(home, 0775) < 0) {
+- log_error("mkdir_parents() failed: %m");
++ if (mkdir_parents_label(home, 0775) < 0) {
++ log_error("mkdir_parents_label() failed: %m");
+ goto child_fail;
+ }
+
+- if (safe_mkdir(home, 0775, uid, gid) < 0) {
+- log_error("safe_mkdir() failed: %m");
++ if (mkdir_safe_label(home, 0775, uid, gid) < 0) {
++ log_error("mkdir_safe_label() failed: %m");
+ goto child_fail;
+ }
+
+diff --git a/src/random-seed/random-seed.c b/src/random-seed/random-seed.c
+index c1022c7..f957506 100644
+--- a/src/random-seed/random-seed.c
++++ b/src/random-seed/random-seed.c
+@@ -68,7 +68,7 @@ int main(int argc, char *argv[]) {
+ goto finish;
+ }
+
+- if (mkdir_parents(RANDOM_SEED, 0755) < 0) {
++ if (mkdir_parents_label(RANDOM_SEED, 0755) < 0) {
+ log_error("Failed to create directories parents of %s: %m", RANDOM_SEED);
+ goto finish;
+ }
+diff --git a/src/rc-local-generator/rc-local-generator.c b/src/rc-local-generator/rc-local-generator.c
+index 7add072..7eaa2c7 100644
+--- a/src/rc-local-generator/rc-local-generator.c
++++ b/src/rc-local-generator/rc-local-generator.c
+@@ -53,7 +53,7 @@ static int add_symlink(const char *service, const char *where) {
+ goto finish;
+ }
+
+- mkdir_parents(to, 0755);
++ mkdir_parents_label(to, 0755);
+
+ r = symlink(from, to);
+ if (r < 0) {
+diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
+index 4b50d28..e123914 100644
+--- a/src/shared/ask-password-api.c
++++ b/src/shared/ask-password-api.c
+@@ -324,7 +324,7 @@ int ask_password_agent(
+ sigset_add_many(&mask, SIGINT, SIGTERM, -1);
+ assert_se(sigprocmask(SIG_BLOCK, &mask, &oldmask) == 0);
+
+- mkdir_p("/run/systemd/ask-password", 0755);
++ mkdir_p_label("/run/systemd/ask-password", 0755);
+
+ u = umask(0022);
+ fd = mkostemp(temp, O_CLOEXEC|O_CREAT|O_WRONLY);
+diff --git a/src/shared/cgroup-label.c b/src/shared/cgroup-label.c
+index 3f00664..574d7cd 100644
+--- a/src/shared/cgroup-label.c
++++ b/src/shared/cgroup-label.c
+@@ -47,7 +47,7 @@ int cg_create(const char *controller, const char *path) {
+ if (r < 0)
+ return r;
+
+- r = mkdir_parents(fs, 0755);
++ r = mkdir_parents_label(fs, 0755);
+
+ if (r >= 0) {
+ if (mkdir(fs, 0755) >= 0)
+diff --git a/src/shared/install.c b/src/shared/install.c
+index 54435b8..2104c30 100644
+--- a/src/shared/install.c
++++ b/src/shared/install.c
+@@ -1150,7 +1150,7 @@ static int create_symlink(
+ assert(old_path);
+ assert(new_path);
+
+- mkdir_parents(new_path, 0755);
++ mkdir_parents_label(new_path, 0755);
+
+ if (symlink(old_path, new_path) >= 0) {
+ add_file_change(changes, n_changes, UNIT_FILE_SYMLINK, new_path, old_path);
+diff --git a/src/shared/mkdir.c b/src/shared/mkdir.c
+index 3d65aec..b6268fc 100644
+--- a/src/shared/mkdir.c
++++ b/src/shared/mkdir.c
+@@ -31,7 +31,11 @@
+ #include "util.h"
+ #include "log.h"
+
+-int safe_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid) {
++int mkdir_label(const char *path, mode_t mode) {
++ return label_mkdir(path, mode);
++}
++
++int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid) {
+ struct stat st;
+
+ if (label_mkdir(path, mode) >= 0)
+@@ -52,7 +56,7 @@ int safe_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid) {
+ return 0;
+ }
+
+-int mkdir_parents(const char *path, mode_t mode) {
++int mkdir_parents_label(const char *path, mode_t mode) {
+ struct stat st;
+ const char *p, *e;
+
+@@ -96,12 +100,12 @@ int mkdir_parents(const char *path, mode_t mode) {
+ }
+ }
+
+-int mkdir_p(const char *path, mode_t mode) {
++int mkdir_p_label(const char *path, mode_t mode) {
+ int r;
+
+ /* Like mkdir -p */
+
+- if ((r = mkdir_parents(path, mode)) < 0)
++ if ((r = mkdir_parents_label(path, mode)) < 0)
+ return r;
+
+ if (label_mkdir(path, mode) < 0 && errno != EEXIST)
+diff --git a/src/shared/mkdir.h b/src/shared/mkdir.h
+index c006e7c..4391bc3 100644
+--- a/src/shared/mkdir.h
++++ b/src/shared/mkdir.h
+@@ -22,7 +22,8 @@
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+ ***/
+
+-int safe_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid);
+-int mkdir_parents(const char *path, mode_t mode);
+-int mkdir_p(const char *path, mode_t mode);
++int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid);
++int mkdir_label(const char *path, mode_t mode);
++int mkdir_parents_label(const char *path, mode_t mode);
++int mkdir_p_label(const char *path, mode_t mode);
+ #endif
+diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c
+index b5073ad..9d2900b 100644
+--- a/src/shared/path-lookup.c
++++ b/src/shared/path-lookup.c
+@@ -112,7 +112,7 @@ static char** user_dirs(void) {
+ * then filter out this link, if it is actually is
+ * one. */
+
+- mkdir_parents(data_home, 0777);
++ mkdir_parents_label(data_home, 0777);
+ (void) symlink("../../../.config/systemd/user", data_home);
+ }
+
+diff --git a/src/shared/socket-label.c b/src/shared/socket-label.c
+index 9ab07a9..0dc7b05 100644
+--- a/src/shared/socket-label.c
++++ b/src/shared/socket-label.c
+@@ -106,7 +106,7 @@ int socket_address_listen(
+ mode_t old_mask;
+
+ /* Create parents */
+- mkdir_parents(a->sockaddr.un.sun_path, directory_mode);
++ mkdir_parents_label(a->sockaddr.un.sun_path, directory_mode);
+
+ /* Enforce the right access mode for the socket*/
+ old_mask = umask(~ socket_mode);
+diff --git a/src/shutdownd/shutdownd.c b/src/shutdownd/shutdownd.c
+index 9801b5e..0e4b21e 100644
+--- a/src/shutdownd/shutdownd.c
++++ b/src/shutdownd/shutdownd.c
+@@ -205,7 +205,7 @@ static int update_schedule_file(struct sd_shutdown_command *c) {
+
+ assert(c);
+
+- r = safe_mkdir("/run/systemd/shutdown", 0755, 0, 0);
++ r = mkdir_safe_label("/run/systemd/shutdown", 0755, 0, 0);
+ if (r < 0) {
+ log_error("Failed to create shutdown subdirectory: %s", strerror(-r));
+ return r;
+diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
+index 86c32ca..be45c71 100644
+--- a/src/tmpfiles/tmpfiles.c
++++ b/src/tmpfiles/tmpfiles.c
+@@ -652,7 +652,7 @@ static int create_item(Item *i) {
+ case CREATE_DIRECTORY:
+
+ u = umask(0);
+- mkdir_parents(i->path, 0755);
++ mkdir_parents_label(i->path, 0755);
+ r = mkdir(i->path, i->mode);
+ umask(u);
+
+diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c b/src/tty-ask-password-agent/tty-ask-password-agent.c
+index f77bacd..06f5a5a 100644
+--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
++++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
+@@ -446,7 +446,7 @@ static int wall_tty_block(void) {
+ if (asprintf(&p, "/run/systemd/ask-password-block/%u:%u", major(devnr), minor(devnr)) < 0)
+ return -ENOMEM;
+
+- mkdir_parents(p, 0700);
++ mkdir_parents_label(p, 0700);
+ mkfifo(p, 0600);
+
+ fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
+@@ -570,7 +570,7 @@ static int watch_passwords(void) {
+
+ tty_block_fd = wall_tty_block();
+
+- mkdir_p("/run/systemd/ask-password", 0755);
++ mkdir_p_label("/run/systemd/ask-password", 0755);
+
+ if ((notify = inotify_init1(IN_CLOEXEC)) < 0) {
+ r = -errno;
diff --git a/0375-mkdir-provide-all-functions-with-and-without-selinux.patch b/0375-mkdir-provide-all-functions-with-and-without-selinux.patch
new file mode 100644
index 0000000..0ea4871
--- /dev/null
+++ b/0375-mkdir-provide-all-functions-with-and-without-selinux.patch
@@ -0,0 +1,150 @@
+From b8898251d34c23b526b220b00c9a723090bbd740 Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Thu, 31 May 2012 13:17:26 +0200
+Subject: [PATCH] mkdir: provide all functions with and without selinux label
+ application (cherry picked from commit
+ c66e7f04997fb42b778703418097a5023fa17581)
+
+---
+ src/shared/label.c | 5 ++---
+ src/shared/label.h | 2 +-
+ src/shared/mkdir.c | 41 +++++++++++++++++++++++++++++++++--------
+ src/shared/mkdir.h | 5 ++++-
+ 4 files changed, 40 insertions(+), 13 deletions(-)
+
+diff --git a/src/shared/label.c b/src/shared/label.c
+index 519fc7f..4a828b9 100644
+--- a/src/shared/label.c
++++ b/src/shared/label.c
+@@ -263,15 +263,14 @@ void label_free(const char *label) {
+ #endif
+ }
+
+-int label_mkdir(const char *path, mode_t mode) {
++int label_mkdir(const char *path, mode_t mode, bool apply) {
+
+ /* Creates a directory and labels it according to the SELinux policy */
+-
+ #ifdef HAVE_SELINUX
+ int r;
+ security_context_t fcon = NULL;
+
+- if (!use_selinux() || !label_hnd)
++ if (!apply || !use_selinux() || !label_hnd)
+ goto skipped;
+
+ if (path_is_absolute(path))
+diff --git a/src/shared/label.h b/src/shared/label.h
+index 6166bc3..fcf34d2 100644
+--- a/src/shared/label.h
++++ b/src/shared/label.h
+@@ -41,7 +41,7 @@ void label_free(const char *label);
+
+ int label_get_create_label_from_exe(const char *exe, char **label);
+
+-int label_mkdir(const char *path, mode_t mode);
++int label_mkdir(const char *path, mode_t mode, bool apply);
+
+ void label_retest_selinux(void);
+
+diff --git a/src/shared/mkdir.c b/src/shared/mkdir.c
+index b6268fc..d8c3275 100644
+--- a/src/shared/mkdir.c
++++ b/src/shared/mkdir.c
+@@ -32,13 +32,13 @@
+ #include "log.h"
+
+ int mkdir_label(const char *path, mode_t mode) {
+- return label_mkdir(path, mode);
++ return label_mkdir(path, mode, true);
+ }
+
+-int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid) {
++static int makedir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid, bool apply) {
+ struct stat st;
+
+- if (label_mkdir(path, mode) >= 0)
++ if (label_mkdir(path, mode, apply) >= 0)
+ if (chmod_and_chown(path, mode, uid, gid) < 0)
+ return -errno;
+
+@@ -56,7 +56,15 @@ int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid) {
+ return 0;
+ }
+
+-int mkdir_parents_label(const char *path, mode_t mode) {
++int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid) {
++ return makedir_safe(path, mode, uid, gid, false);
++}
++
++int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid) {
++ return makedir_safe(path, mode, uid, gid, true);
++}
++
++static int makedir_parents(const char *path, mode_t mode, bool apply) {
+ struct stat st;
+ const char *p, *e;
+
+@@ -92,7 +100,7 @@ int mkdir_parents_label(const char *path, mode_t mode) {
+ if (!t)
+ return -ENOMEM;
+
+- r = label_mkdir(t, mode);
++ r = label_mkdir(t, mode, apply);
+ free(t);
+
+ if (r < 0 && errno != EEXIST)
+@@ -100,16 +108,33 @@ int mkdir_parents_label(const char *path, mode_t mode) {
+ }
+ }
+
+-int mkdir_p_label(const char *path, mode_t mode) {
++int mkdir_parents(const char *path, mode_t mode) {
++ return makedir_parents(path, mode, false);
++}
++
++int mkdir_parents_label(const char *path, mode_t mode) {
++ return makedir_parents(path, mode, true);
++}
++
++static int makedir_p(const char *path, mode_t mode, bool apply) {
+ int r;
+
+ /* Like mkdir -p */
+
+- if ((r = mkdir_parents_label(path, mode)) < 0)
++ r = makedir_parents(path, mode, apply);
++ if (r < 0)
+ return r;
+
+- if (label_mkdir(path, mode) < 0 && errno != EEXIST)
++ if (label_mkdir(path, mode, apply) < 0 && errno != EEXIST)
+ return -errno;
+
+ return 0;
+ }
++
++int mkdir_p(const char *path, mode_t mode) {
++ return makedir_p(path, mode, false);
++}
++
++int mkdir_p_label(const char *path, mode_t mode) {
++ return makedir_p(path, mode, true);
++}
+diff --git a/src/shared/mkdir.h b/src/shared/mkdir.h
+index 4391bc3..94ca701 100644
+--- a/src/shared/mkdir.h
++++ b/src/shared/mkdir.h
+@@ -22,8 +22,11 @@
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+ ***/
+
+-int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid);
+ int mkdir_label(const char *path, mode_t mode);
++int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid);
++int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid);
++int mkdir_parents(const char *path, mode_t mode);
+ int mkdir_parents_label(const char *path, mode_t mode);
++int mkdir_p(const char *path, mode_t mode);
+ int mkdir_p_label(const char *path, mode_t mode);
+ #endif
diff --git a/0376-units-add-Documentation-field-to-console-getty.servi.patch b/0376-units-add-Documentation-field-to-console-getty.servi.patch
new file mode 100644
index 0000000..b4e1595
--- /dev/null
+++ b/0376-units-add-Documentation-field-to-console-getty.servi.patch
@@ -0,0 +1,25 @@
+From 99f7dc3134d3f491c58a1096176f8fda26f1fee7 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 31 May 2012 14:51:05 +0200
+Subject: [PATCH] units: add Documentation= field to console-getty.service
+ (cherry picked from commit
+ 88f8ffbd63d09b0f2899a8d45fc82e22839aeb81)
+
+Conflicts:
+ TODO
+---
+ units/console-getty.service.m4.in | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/units/console-getty.service.m4.in b/units/console-getty.service.m4.in
+index 9473d61..cc8c364 100644
+--- a/units/console-getty.service.m4.in
++++ b/units/console-getty.service.m4.in
+@@ -7,6 +7,7 @@
+
+ [Unit]
+ Description=Console Getty
++Documentation=man:agetty(8)
+ After=systemd-user-sessions.service plymouth-quit-wait.service
+ m4_ifdef(`TARGET_FEDORA',
+ After=rc-local.service
diff --git a/0377-man-add-documentation-for-the-binfmt-modules-load-sy.patch b/0377-man-add-documentation-for-the-binfmt-modules-load-sy.patch
new file mode 100644
index 0000000..f0afc26
--- /dev/null
+++ b/0377-man-add-documentation-for-the-binfmt-modules-load-sy.patch
@@ -0,0 +1,599 @@
+From 220c29d0e10e4a869bffe1f0d4a54e233020d9dd Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 31 May 2012 16:00:34 +0200
+Subject: [PATCH] man: add documentation for the binfmt, modules-load, sysctl
+ services (cherry picked from commit
+ 9393a8774c1acd60deea40007061b9ffc783bf7e)
+
+Conflicts:
+ Makefile.am
+---
+ Makefile.am | 16 ++++++-
+ man/binfmt.d.xml | 53 +++++++++++++---------
+ man/modules-load.d.xml | 52 ++++++++++++----------
+ man/sysctl.d.xml | 30 +++++++------
+ man/systemd-binfmt.service.xml | 76 ++++++++++++++++++++++++++++++++
+ man/systemd-modules-load.service.xml | 76 ++++++++++++++++++++++++++++++++
+ man/systemd-sysctl.service.xml | 78 +++++++++++++++++++++++++++++++++
+ units/systemd-binfmt.service.in | 3 +-
+ units/systemd-modules-load.service.in | 2 +-
+ units/systemd-sysctl.service.in | 2 +-
+ 10 files changed, 328 insertions(+), 60 deletions(-)
+ create mode 100644 man/systemd-binfmt.service.xml
+ create mode 100644 man/systemd-modules-load.service.xml
+ create mode 100644 man/systemd-sysctl.service.xml
+
+diff --git a/Makefile.am b/Makefile.am
+index 86adad0..600becf 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -467,7 +467,9 @@ MANPAGES = \
+ man/os-release.5 \
+ man/machine-info.5 \
+ man/modules-load.d.5 \
++ man/systemd-modules-load.service.8 \
+ man/sysctl.d.5 \
++ man/systemd-sysctl.service.8 \
+ man/systemd-ask-password.1 \
+ man/systemd-cat.1 \
+ man/systemd-machine-id-setup.1 \
+@@ -482,7 +484,9 @@ MANPAGES_ALIAS = \
+ man/init.1 \
+ man/systemd-systemctl.1 \
+ man/systemd-loginctl.1 \
+- man/systemd-journalctl.1
++ man/systemd-journalctl.1 \
++ man/systemd-modules-load.8 \
++ man/systemd-sysctl.8
+
+ man/reboot.8: man/halt.8
+ man/poweroff.8: man/halt.8
+@@ -490,6 +494,8 @@ man/init.1: man/systemd.1
+ man/systemd-systemctl.1: man/systemctl.1
+ man/systemd-loginctl.1: man/loginctl.1
+ man/systemd-journalctl.1: man/journalctl.1
++man/systemd-modules-load.8: man/systemd-modules-load.service.8
++man/systemd-sysctl.8: man/systemd-sysctl.service.8
+
+ XML_FILES = \
+ ${patsubst %.1,%.xml,${patsubst %.3,%.xml,${patsubst %.5,%.xml,${patsubst %.7,%.xml,${patsubst %.8,%.xml,$(MANPAGES)}}}}}
+@@ -1682,7 +1688,13 @@ INSTALL_DATA_HOOKS += \
+ binfmt-install-data-hook
+
+ MANPAGES += \
+- man/binfmt.d.5
++ man/binfmt.d.5 \
++ man/systemd-binfmt.service.8
++
++MANPAGES_ALIAS += \
++ man/systemd-binfmt.8
++
++man/systemd-binfmt.8: man/systemd-binfmt.service.8
+
+ EXTRA_DIST += \
+ units/systemd-binfmt.service.in
+diff --git a/man/binfmt.d.xml b/man/binfmt.d.xml
+index ca40ad9..fedde88 100644
+--- a/man/binfmt.d.xml
++++ b/man/binfmt.d.xml
+@@ -42,7 +42,8 @@
+
+ <refnamediv>
+ <refname>binfmt.d</refname>
+- <refpurpose>Configure additional binary formats at boot</refpurpose>
++ <refpurpose>Configure additional binary formats for
++ executables at boot</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+@@ -54,10 +55,11 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para><command>systemd</command> uses
+- files from the above directories to configure
+- additional binary formats to register during boot in
+- the kernel.</para>
++ <para>At boot,
++ <citerefentry><refentrytitle>systemd-binfmt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ reads configuration files from the above directories
++ to register in the kernel additional binary
++ formats for executables.</para>
+ </refsect1>
+
+ <refsect1>
+@@ -73,21 +75,30 @@
+ ignored. Note that this means you may not use ; and #
+ as delimiter in binary format rules.</para>
+
+- <para>Each configuration file is named in the style of
+- <filename><program>.conf</filename>.
+- Files in <filename>/etc/</filename> override
+- files with the same name in <filename>/usr/lib/</filename>.
+- Files in <filename>/run</filename> override files with
+- the same name in <filename>/etc/</filename> and
+- <filename>/usr/lib/</filename>. Packages should install their
+- configuration files in <filename>/usr/lib/</filename>, files
+- in <filename>/etc/</filename> are reserved for the local
+- administration, which possibly decides to override the
+- configurations installed from packages. All files are sorted
+- by filename in alphabetical order, regardless in which of the
+- directories they reside, to ensure that a specific
+- configuration file takes precedence over another file with
+- an alphabetically later name.</para>
++ <para>Each configuration file shall be named in the
++ style of <filename><program>.conf</filename>.
++ Files in <filename>/etc/</filename> override files
++ with the same name in <filename>/usr/lib/</filename>
++ and <filename>/run/</filename>. Files in
++ <filename>/run/</filename> override files with the
++ same name in <filename>/usr/lib/</filename>. Packages
++ should install their configuration files in
++ <filename>/usr/lib/</filename>, files in
++ <filename>/etc/</filename> are reserved for the local
++ administrator, who may use this logic to override the
++ configuration files installed from vendor
++ packages. All files are sorted by their filename in
++ alphabetical order, regardless in which of the
++ directories they reside, to guarantee that a specific
++ configuration file takes precedence over another file
++ with an alphabetically later name.</para>
++
++ <para>If the administrator wants to disable a
++ configuration file supplied by the vendor the
++ recommended way is to place a symlink to
++ <filename>/dev/null</filename> in
++ <filename>/etc/binfmt.d/</filename> bearing the
++ same file name.</para>
+ </refsect1>
+
+ <refsect1>
+@@ -104,6 +115,8 @@
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-binfmt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>wine</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+diff --git a/man/modules-load.d.xml b/man/modules-load.d.xml
+index 9b1afc9..9ae5020 100644
+--- a/man/modules-load.d.xml
++++ b/man/modules-load.d.xml
+@@ -54,16 +54,17 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para><command>systemd</command> uses
+- files from the above directories to configure
++ <para><citerefentry><refentrytitle>systemd-modules-load.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ reads files from the above directories which contain
+ kernel modules to load during boot in a static list.
+ Each configuration file is named in the style of
+ <filename>/etc/modules-load.d/<program>.conf</filename>. Note
+- that it is usually a better idea to use the automatic
+- module loading by PCI ID, by DMI ID or similar
+- triggers configured in the kernel modules themselves
+- instead of relying on static configuration like
+- this.</para>
++ that it is usually a better idea to rely on the
++ automatic module loading by PCI IDs, USB IDs, DMI IDs
++ or similar triggers encoded in the kernel modules
++ themselves instead of static configuration like
++ this. In fact, most modern kernel modules are prepared
++ for automatic loading already.</para>
+ </refsect1>
+
+ <refsect1>
+@@ -74,21 +75,26 @@
+ newlines. Empty lines and lines whose first
+ non-whitespace character is # or ; are ignored.</para>
+
+- <para>Each configuration file is named in the style of
+- <filename><program>.conf</filename>.
+- Files in <filename>/etc/</filename> override
+- files with the same name in <filename>/usr/lib/</filename>.
+- Files in <filename>/run</filename> override files with
+- the same name in <filename>/etc/</filename> and
+- <filename>/usr/lib/</filename>. Packages should install their
+- configuration files in <filename>/usr/lib/</filename>, files
+- in <filename>/etc/</filename> are reserved for the local
+- administration, which possibly decides to override the
+- configurations installed from packages. All files are sorted
+- by filename in alphabetical order, regardless in which of the
+- directories they reside, to ensure that a specific
+- configuration file takes precedence over another file with
+- an alphabetically later name.</para>
++ <para>Each configuration file shall be named in the
++ style of <filename><program>.conf</filename>.
++ Files in <filename>/etc/</filename> override files
++ with the same name in <filename>/usr/lib/</filename>
++ and <filename>/run/</filename>. Files in
++ <filename>/run/</filename> override files with the
++ same name in <filename>/usr/lib/</filename>. Packages
++ should install their configuration files in
++ <filename>/usr/lib/</filename>, files in
++ <filename>/etc/</filename> are reserved for the local
++ administrator, who may use this logic to override the
++ configuration files installed from vendor
++ packages.</para>
++
++ <para>If the administrator wants to disable a
++ configuration file supplied by the vendor the
++ recommended way is to place a symlink to
++ <filename>/dev/null</filename> in
++ <filename>/etc/modules-load.d/</filename> bearing the
++ same file name.</para>
+ </refsect1>
+
+ <refsect1>
+@@ -105,6 +111,8 @@ virtio-net</programlisting>
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-modules-load.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>modprobe</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+diff --git a/man/sysctl.d.xml b/man/sysctl.d.xml
+index 20f2e24..f6dd52f 100644
+--- a/man/sysctl.d.xml
++++ b/man/sysctl.d.xml
+@@ -54,10 +54,12 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para><command>systemd</command> uses configuration
+- files from the above directories to configure
++ <para>At boot,
++ <citerefentry><refentrytitle>systemd-binfmt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ reads configuration files from the above directories
++ to configure
+ <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+- kernel parameters during boot.</para>
++ kernel parameters.</para>
+ </refsect1>
+
+ <refsect1>
+@@ -76,17 +78,17 @@
+
+ <para>Each configuration file shall be named in the
+ style of <filename><program>.conf</filename>.
+- Files in <filename>/run/</filename> override files
+- with the same name in <filename>/usr/lib/</filename>.
+- Files in <filename>/etc</filename> override files with
+- the same name in <filename>/run/</filename> and
+- <filename>/usr/lib/</filename>. Packages should
+- install their configuration files in
++ Files in <filename>/etc/</filename> override files
++ with the same name in <filename>/usr/lib/</filename>
++ and <filename>/run/</filename>. Files in
++ <filename>/run</filename> override files with the same
++ name in <filename>/usr/lib/</filename>. Packages
++ should install their configuration files in
+ <filename>/usr/lib/</filename>. Files in
+ <filename>/etc/</filename> are reserved for the local
+ administrator, who may use this logic to override the
+- configuration installed by vendor packages. All
+- configuration files are sorted by their name in
++ configuration files installed by vendor packages. All
++ configuration files are sorted by their filename in
+ alphabetical order, regardless in which of the
+ directories they reside, to guarantee that a specific
+ configuration file takes precedence over another file
+@@ -97,8 +99,8 @@
+ configuration file supplied by the vendor the
+ recommended way is to place a symlink to
+ <filename>/dev/null</filename> in
+- <filename>/etc/sysctl.d</filename> carrying with the
+- same name.</para>
++ <filename>/etc/sysctl.d/</filename> bearing the
++ same file name.</para>
+ </refsect1>
+
+ <refsect1>
+@@ -115,6 +117,8 @@ kernel.domainname=example.com</programlisting>
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-sysctl.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>sysctl.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ </para>
+diff --git a/man/systemd-binfmt.service.xml b/man/systemd-binfmt.service.xml
+new file mode 100644
+index 0000000..73e9836
+--- /dev/null
++++ b/man/systemd-binfmt.service.xml
+@@ -0,0 +1,76 @@
++<?xml version="1.0"?>
++<!--*-nxml-*-->
++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
++<!--
++ This file is part of systemd.
++
++ Copyright 2012 Lennart Poettering
++
++ systemd is free software; you can redistribute it and/or modify it
++ under the terms of the GNU Lesser General Public License as published by
++ the Free Software Foundation; either version 2.1 of the License, or
++ (at your option) any later version.
++
++ systemd is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public License
++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
++-->
++<refentry id="systemd-binfmt.service">
++
++ <refentryinfo>
++ <title>systemd-binfmt.service</title>
++ <productname>systemd</productname>
++
++ <authorgroup>
++ <author>
++ <contrib>Developer</contrib>
++ <firstname>Lennart</firstname>
++ <surname>Poettering</surname>
++ <email>lennart at poettering.net</email>
++ </author>
++ </authorgroup>
++ </refentryinfo>
++
++ <refmeta>
++ <refentrytitle>systemd-binfmt.service</refentrytitle>
++ <manvolnum>8</manvolnum>
++ </refmeta>
++
++ <refnamediv>
++ <refname>systemd-binfmt.service</refname>
++ <refname>systemd-binfmt</refname>
++ <refpurpose>Configure additional binary formats for executables at boot</refpurpose>
++ </refnamediv>
++
++ <refsynopsisdiv>
++ <para><filename>sysytemd-binfmt.service</filename></para>
++ <para><filename>/usr/lib/systemd/systemd-binfmt</filename></para>
++ </refsynopsisdiv>
++
++ <refsect1>
++ <title>Description</title>
++
++ <para><filename>systemd-binfmt.service</filename> is
++ an early-boot service that registers additional binary
++ formats for executables in the kernel.</para>
++
++ <para>See
++ <citerefentry><refentrytitle>binfmt.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
++ for information about the configuration of this
++ service.</para>
++ </refsect1>
++
++ <refsect1>
++ <title>See Also</title>
++ <para>
++ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>binfmt.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>wine</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ </para>
++ </refsect1>
++
++</refentry>
+diff --git a/man/systemd-modules-load.service.xml b/man/systemd-modules-load.service.xml
+new file mode 100644
+index 0000000..405ae4f
+--- /dev/null
++++ b/man/systemd-modules-load.service.xml
+@@ -0,0 +1,76 @@
++<?xml version="1.0"?>
++<!--*-nxml-*-->
++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
++<!--
++ This file is part of systemd.
++
++ Copyright 2012 Lennart Poettering
++
++ systemd is free software; you can redistribute it and/or modify it
++ under the terms of the GNU Lesser General Public License as published by
++ the Free Software Foundation; either version 2.1 of the License, or
++ (at your option) any later version.
++
++ systemd is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public License
++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
++-->
++<refentry id="systemd-modules-load.service">
++
++ <refentryinfo>
++ <title>systemd-modules-load.service</title>
++ <productname>systemd</productname>
++
++ <authorgroup>
++ <author>
++ <contrib>Developer</contrib>
++ <firstname>Lennart</firstname>
++ <surname>Poettering</surname>
++ <email>lennart at poettering.net</email>
++ </author>
++ </authorgroup>
++ </refentryinfo>
++
++ <refmeta>
++ <refentrytitle>systemd-modules-load.service</refentrytitle>
++ <manvolnum>8</manvolnum>
++ </refmeta>
++
++ <refnamediv>
++ <refname>systemd-modules-load.service</refname>
++ <refname>systemd-modules-load</refname>
++ <refpurpose>Configure kernel modules to load at boot</refpurpose>
++ </refnamediv>
++
++ <refsynopsisdiv>
++ <para><filename>sysytemd-modules-load.service</filename></para>
++ <para><filename>/usr/lib/systemd/systemd-modules-load</filename></para>
++ </refsynopsisdiv>
++
++ <refsect1>
++ <title>Description</title>
++
++ <para><filename>systemd-modules-load.service</filename>
++ is an early-boot service that loads kernel modules
++ from static configuration.</para>
++
++ <para>See
++ <citerefentry><refentrytitle>modules-load.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
++ for information about the configuration of this
++ service.</para>
++ </refsect1>
++
++ <refsect1>
++ <title>See Also</title>
++ <para>
++ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>modules-load.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>wine</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ </para>
++ </refsect1>
++
++</refentry>
+diff --git a/man/systemd-sysctl.service.xml b/man/systemd-sysctl.service.xml
+new file mode 100644
+index 0000000..116fcd0
+--- /dev/null
++++ b/man/systemd-sysctl.service.xml
+@@ -0,0 +1,78 @@
++<?xml version="1.0"?>
++<!--*-nxml-*-->
++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
++<!--
++ This file is part of systemd.
++
++ Copyright 2012 Lennart Poettering
++
++ systemd is free software; you can redistribute it and/or modify it
++ under the terms of the GNU Lesser General Public License as published by
++ the Free Software Foundation; either version 2.1 of the License, or
++ (at your option) any later version.
++
++ systemd is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public License
++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
++-->
++<refentry id="systemd-sysctl.service">
++
++ <refentryinfo>
++ <title>systemd-sysctl.service</title>
++ <productname>systemd</productname>
++
++ <authorgroup>
++ <author>
++ <contrib>Developer</contrib>
++ <firstname>Lennart</firstname>
++ <surname>Poettering</surname>
++ <email>lennart at poettering.net</email>
++ </author>
++ </authorgroup>
++ </refentryinfo>
++
++ <refmeta>
++ <refentrytitle>systemd-sysctl.service</refentrytitle>
++ <manvolnum>8</manvolnum>
++ </refmeta>
++
++ <refnamediv>
++ <refname>systemd-sysctl.service</refname>
++ <refname>systemd-sysctl</refname>
++ <refpurpose>Configure kernel parameters at boot</refpurpose>
++ </refnamediv>
++
++ <refsynopsisdiv>
++ <para><filename>sysytemd-sysctl.service</filename></para>
++ <para><filename>/usr/lib/systemd/systemd-sysctl</filename></para>
++ </refsynopsisdiv>
++
++ <refsect1>
++ <title>Description</title>
++
++ <para><filename>systemd-sysctl.service</filename> is
++ an early-boot service that configures
++ <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ kernel parameters.</para>
++
++ <para>See
++ <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
++ for information about the configuration of this
++ service.</para>
++ </refsect1>
++
++ <refsect1>
++ <title>See Also</title>
++ <para>
++ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>wine</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ </para>
++ </refsect1>
++
++</refentry>
+diff --git a/units/systemd-binfmt.service.in b/units/systemd-binfmt.service.in
+index 1295ca0..27acabb 100644
+--- a/units/systemd-binfmt.service.in
++++ b/units/systemd-binfmt.service.in
+@@ -7,13 +7,14 @@
+
+ [Unit]
+ Description=Set Up Additional Binary Formats
+-Documentation=man:binfmt.d(5)
++Documentation=man:systemd-binfmt.service(8) man:binfmt.d(5)
+ Documentation=https://www.kernel.org/doc/Documentation/binfmt_misc.txt
+ DefaultDependencies=no
+ Conflicts=shutdown.target
+ After=systemd-readahead-collect.service systemd-readahead-replay.service proc-sys-fs-binfmt_misc.automount
+ Before=sysinit.target shutdown.target
+ ConditionPathIsReadWrite=/proc/sys/
++ConditionDirectoryNotEmpty=|/lib/binfmt.d
+ ConditionDirectoryNotEmpty=|/usr/lib/binfmt.d
+ ConditionDirectoryNotEmpty=|/usr/local/lib/binfmt.d
+ ConditionDirectoryNotEmpty=|/etc/binfmt.d
+diff --git a/units/systemd-modules-load.service.in b/units/systemd-modules-load.service.in
+index 6c2a164..90d1fe0 100644
+--- a/units/systemd-modules-load.service.in
++++ b/units/systemd-modules-load.service.in
+@@ -7,7 +7,7 @@
+
+ [Unit]
+ Description=Load Kernel Modules
+-Documentation=man:modules-load.d(5)
++Documentation=man:systemd-modules-load.service(8) man:modules-load.d(5)
+ DefaultDependencies=no
+ Conflicts=shutdown.target
+ After=systemd-readahead-collect.service systemd-readahead-replay.service
+diff --git a/units/systemd-sysctl.service.in b/units/systemd-sysctl.service.in
+index 4794df9..1ec1e79 100644
+--- a/units/systemd-sysctl.service.in
++++ b/units/systemd-sysctl.service.in
+@@ -7,7 +7,7 @@
+
+ [Unit]
+ Description=Apply Kernel Variables
+-Documentation=man:sysctl.d(5)
++Documentation=man:systemd-sysctl.service(8) man:sysctl.d(5)
+ DefaultDependencies=no
+ Conflicts=shutdown.target
+ After=systemd-readahead-collect.service systemd-readahead-replay.service
diff --git a/0378-main-Silence-gcc-warning.patch b/0378-main-Silence-gcc-warning.patch
new file mode 100644
index 0000000..99bd98a
--- /dev/null
+++ b/0378-main-Silence-gcc-warning.patch
@@ -0,0 +1,23 @@
+From aa8df60c5217e4b9f827b445caf2033e400ec963 Mon Sep 17 00:00:00 2001
+From: Marc-Antoine Perennou <Marc-Antoine at Perennou.com>
+Date: Thu, 31 May 2012 15:54:22 +0200
+Subject: [PATCH] main: Silence gcc warning (cherry picked from commit
+ 952d817a41dfe207d159f8278f4d7f1f7654c572)
+
+---
+ src/shared/util.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/shared/util.h b/src/shared/util.h
+index 05a7f98..1bc1a75 100644
+--- a/src/shared/util.h
++++ b/src/shared/util.h
+@@ -39,7 +39,7 @@
+ #include "macro.h"
+
+ typedef uint64_t usec_t;
+-typedef unsigned long nsec_t;
++typedef uint64_t nsec_t;
+
+ typedef struct dual_timestamp {
+ usec_t realtime;
diff --git a/0379-logind-properly-clean-up-user-cgroups-when-they-run-.patch b/0379-logind-properly-clean-up-user-cgroups-when-they-run-.patch
new file mode 100644
index 0000000..ab3203e
--- /dev/null
+++ b/0379-logind-properly-clean-up-user-cgroups-when-they-run-.patch
@@ -0,0 +1,220 @@
+From 8bd4cc6712282161ab085cf87f34cc3a682f2bdc Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 31 May 2012 19:46:42 +0200
+Subject: [PATCH] logind: properly clean up user cgroups when they run empty
+ (cherry picked from commit
+ 8c8c43515cee56dfc2298998a9e5958308c46f99)
+
+Conflicts:
+ src/login/logind.c
+---
+ src/login/logind-session.c | 6 ++--
+ src/login/logind-user.c | 6 ++++
+ src/login/logind.c | 65 ++++++++++++++++++++++++++++++++++++++------
+ src/login/logind.h | 5 +++-
+ 4 files changed, 70 insertions(+), 12 deletions(-)
+
+diff --git a/src/login/logind-session.c b/src/login/logind-session.c
+index 9bab7e8..49e1e5c 100644
+--- a/src/login/logind-session.c
++++ b/src/login/logind-session.c
+@@ -88,7 +88,7 @@ void session_free(Session *s) {
+ }
+
+ if (s->cgroup_path)
+- hashmap_remove(s->manager->cgroups, s->cgroup_path);
++ hashmap_remove(s->manager->session_cgroups, s->cgroup_path);
+
+ free(s->cgroup_path);
+ strv_free(s->controllers);
+@@ -527,7 +527,7 @@ static int session_create_cgroup(Session *s) {
+ }
+ }
+
+- hashmap_put(s->manager->cgroups, s->cgroup_path, s);
++ hashmap_put(s->manager->session_cgroups, s->cgroup_path, s);
+
+ return 0;
+ }
+@@ -646,7 +646,7 @@ static int session_terminate_cgroup(Session *s) {
+ STRV_FOREACH(k, s->user->manager->controllers)
+ cg_trim(*k, s->cgroup_path, true);
+
+- hashmap_remove(s->manager->cgroups, s->cgroup_path);
++ hashmap_remove(s->manager->session_cgroups, s->cgroup_path);
+
+ free(s->cgroup_path);
+ s->cgroup_path = NULL;
+diff --git a/src/login/logind-user.c b/src/login/logind-user.c
+index 39e8f9f..f813aac 100644
+--- a/src/login/logind-user.c
++++ b/src/login/logind-user.c
+@@ -75,6 +75,8 @@ void user_free(User *u) {
+ while (u->sessions)
+ session_free(u->sessions);
+
++ if (u->cgroup_path)
++ hashmap_remove(u->manager->user_cgroups, u->cgroup_path);
+ free(u->cgroup_path);
+
+ free(u->service);
+@@ -313,6 +315,8 @@ static int user_create_cgroup(User *u) {
+ log_warning("Failed to create cgroup %s:%s: %s", *k, p, strerror(-r));
+ }
+
++ hashmap_put(u->manager->user_cgroups, u->cgroup_path, u);
++
+ return 0;
+ }
+
+@@ -417,6 +421,8 @@ static int user_terminate_cgroup(User *u) {
+ STRV_FOREACH(k, u->manager->controllers)
+ cg_trim(*k, u->cgroup_path, true);
+
++ hashmap_remove(u->manager->user_cgroups, u->cgroup_path);
++
+ free(u->cgroup_path);
+ u->cgroup_path = NULL;
+
+diff --git a/src/login/logind.c b/src/login/logind.c
+index b2f6e65..c3f79df 100644
+--- a/src/login/logind.c
++++ b/src/login/logind.c
+@@ -58,12 +58,15 @@ Manager *manager_new(void) {
+ m->users = hashmap_new(trivial_hash_func, trivial_compare_func);
+ m->inhibitors = hashmap_new(string_hash_func, string_compare_func);
+
+- m->cgroups = hashmap_new(string_hash_func, string_compare_func);
++ m->user_cgroups = hashmap_new(string_hash_func, string_compare_func);
++ m->session_cgroups = hashmap_new(string_hash_func, string_compare_func);
++
+ m->session_fds = hashmap_new(trivial_hash_func, trivial_compare_func);
+ m->inhibitor_fds = hashmap_new(trivial_hash_func, trivial_compare_func);
+
+ if (!m->devices || !m->seats || !m->sessions || !m->users || !m->inhibitors ||
+- !m->cgroups || !m->session_fds || !m->inhibitor_fds) {
++ !m->user_cgroups || !m->session_cgroups ||
++ !m->session_fds || !m->inhibitor_fds) {
+ manager_free(m);
+ return NULL;
+ }
+@@ -119,7 +122,9 @@ void manager_free(Manager *m) {
+ hashmap_free(m->users);
+ hashmap_free(m->inhibitors);
+
+- hashmap_free(m->cgroups);
++ hashmap_free(m->user_cgroups);
++ hashmap_free(m->session_cgroups);
++
+ hashmap_free(m->session_fds);
+ hashmap_free(m->inhibitor_fds);
+
+@@ -864,7 +869,7 @@ int manager_get_session_by_cgroup(Manager *m, const char *cgroup, Session **sess
+ assert(cgroup);
+ assert(session);
+
+- s = hashmap_get(m->cgroups, cgroup);
++ s = hashmap_get(m->session_cgroups, cgroup);
+ if (s) {
+ *session = s;
+ return 1;
+@@ -888,7 +893,7 @@ int manager_get_session_by_cgroup(Manager *m, const char *cgroup, Session **sess
+
+ *e = 0;
+
+- s = hashmap_get(m->cgroups, p);
++ s = hashmap_get(m->session_cgroups, p);
+ if (s) {
+ free(p);
+ *session = s;
+@@ -897,6 +902,47 @@ int manager_get_session_by_cgroup(Manager *m, const char *cgroup, Session **sess
+ }
+ }
+
++int manager_get_user_by_cgroup(Manager *m, const char *cgroup, User **user) {
++ User *u;
++ char *p;
++
++ assert(m);
++ assert(cgroup);
++ assert(user);
++
++ u = hashmap_get(m->user_cgroups, cgroup);
++ if (u) {
++ *user = u;
++ return 1;
++ }
++
++ p = strdup(cgroup);
++ if (!p) {
++ log_error("Out of memory.");
++ return -ENOMEM;
++ }
++
++ for (;;) {
++ char *e;
++
++ e = strrchr(p, '/');
++ if (!e || e == p) {
++ free(p);
++ *user = NULL;
++ return 0;
++ }
++
++ *e = 0;
++
++ u = hashmap_get(m->user_cgroups, p);
++ if (u) {
++ free(p);
++ *user = u;
++ return 1;
++ }
++ }
++}
++
+ int manager_get_session_by_pid(Manager *m, pid_t pid, Session **session) {
+ char *p;
+ int r;
+@@ -917,13 +963,16 @@ int manager_get_session_by_pid(Manager *m, pid_t pid, Session **session) {
+
+ void manager_cgroup_notify_empty(Manager *m, const char *cgroup) {
+ Session *s;
++ User *u;
+ int r;
+
+ r = manager_get_session_by_cgroup(m, cgroup, &s);
+- if (r <= 0)
+- return;
++ if (r > 0)
++ session_add_to_gc_queue(s);
+
+- session_add_to_gc_queue(s);
++ r = manager_get_user_by_cgroup(m, cgroup, &u);
++ if (r > 0)
++ user_add_to_gc_queue(u);
+ }
+
+ static void manager_pipe_notify_eof(Manager *m, int fd) {
+diff --git a/src/login/logind.h b/src/login/logind.h
+index e03ef31..4e5cb01 100644
+--- a/src/login/logind.h
++++ b/src/login/logind.h
+@@ -78,7 +78,9 @@ struct Manager {
+ unsigned long session_counter;
+ unsigned long inhibit_counter;
+
+- Hashmap *cgroups;
++ Hashmap *session_cgroups;
++ Hashmap *user_cgroups;
++
+ Hashmap *session_fds;
+ Hashmap *inhibitor_fds;
+
+@@ -132,6 +134,7 @@ void manager_gc(Manager *m, bool drop_not_started);
+
+ int manager_get_idle_hint(Manager *m, dual_timestamp *t);
+
++int manager_get_user_by_cgroup(Manager *m, const char *cgroup, User **user);
+ int manager_get_session_by_cgroup(Manager *m, const char *cgroup, Session **session);
+ int manager_get_session_by_pid(Manager *m, pid_t pid, Session **session);
+
diff --git a/0380-logind-add-new-user-state-closing.patch b/0380-logind-add-new-user-state-closing.patch
new file mode 100644
index 0000000..f8a7ba7
--- /dev/null
+++ b/0380-logind-add-new-user-state-closing.patch
@@ -0,0 +1,97 @@
+From d100f1b0816ea412651275ccd2029f0a1117e887 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 31 May 2012 19:47:52 +0200
+Subject: [PATCH] logind: add new user state 'closing' (cherry picked from
+ commit e96cd586c5195b73af74791280d8461510258b48)
+
+---
+ src/login/logind-user.c | 36 +++++++++++++++++++++++-------------
+ src/login/logind-user.h | 1 +
+ 2 files changed, 24 insertions(+), 13 deletions(-)
+
+diff --git a/src/login/logind-user.c b/src/login/logind-user.c
+index f813aac..fa12e1d 100644
+--- a/src/login/logind-user.c
++++ b/src/login/logind-user.c
+@@ -523,9 +523,21 @@ int user_get_idle_hint(User *u, dual_timestamp *t) {
+ return idle_hint;
+ }
+
++static int user_check_linger_file(User *u) {
++ char *p;
++ int r;
++
++ if (asprintf(&p, "/var/lib/systemd/linger/%s", u->name) < 0)
++ return -ENOMEM;
++
++ r = access(p, F_OK) >= 0;
++ free(p);
++
++ return r;
++}
++
+ int user_check_gc(User *u, bool drop_not_started) {
+ int r;
+- char *p;
+
+ assert(u);
+
+@@ -535,13 +547,7 @@ int user_check_gc(User *u, bool drop_not_started) {
+ if (u->sessions)
+ return 1;
+
+- if (asprintf(&p, "/var/lib/systemd/linger/%s", u->name) < 0)
+- return -ENOMEM;
+-
+- r = access(p, F_OK) >= 0;
+- free(p);
+-
+- if (r > 0)
++ if (user_check_linger_file(u) > 0)
+ return 1;
+
+ if (u->cgroup_path) {
+@@ -571,14 +577,17 @@ UserState user_get_state(User *u) {
+
+ assert(u);
+
+- if (!u->sessions)
+- return USER_LINGERING;
+-
+ LIST_FOREACH(sessions_by_user, i, u->sessions)
+ if (session_is_active(i))
+ return USER_ACTIVE;
+
+- return USER_ONLINE;
++ if (u->sessions)
++ return USER_ONLINE;
++
++ if (user_check_linger_file(u) > 0)
++ return USER_LINGERING;
++
++ return USER_CLOSING;
+ }
+
+ int user_kill(User *u, int signo) {
+@@ -609,7 +618,8 @@ static const char* const user_state_table[_USER_STATE_MAX] = {
+ [USER_OFFLINE] = "offline",
+ [USER_LINGERING] = "lingering",
+ [USER_ONLINE] = "online",
+- [USER_ACTIVE] = "active"
++ [USER_ACTIVE] = "active",
++ [USER_CLOSING] = "closing"
+ };
+
+ DEFINE_STRING_TABLE_LOOKUP(user_state, UserState);
+diff --git a/src/login/logind-user.h b/src/login/logind-user.h
+index db9a5f6..802f1ed 100644
+--- a/src/login/logind-user.h
++++ b/src/login/logind-user.h
+@@ -34,6 +34,7 @@ typedef enum UserState {
+ USER_LINGERING,
+ USER_ONLINE,
+ USER_ACTIVE,
++ USER_CLOSING,
+ _USER_STATE_MAX,
+ _USER_STATE_INVALID = -1
+ } UserState;
diff --git a/0381-build-sys-split-off-D-Bus-requires-from-selinux-conv.patch b/0381-build-sys-split-off-D-Bus-requires-from-selinux-conv.patch
new file mode 100644
index 0000000..afb8d9d
--- /dev/null
+++ b/0381-build-sys-split-off-D-Bus-requires-from-selinux-conv.patch
@@ -0,0 +1,74 @@
+From e607320d492d31917aac0d556684c532fe301dd1 Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Thu, 31 May 2012 22:12:47 +0200
+Subject: [PATCH] build-sys: split-off D-Bus requires from selinux convenience
+ lib (cherry picked from commit
+ 477572f5c7ffc2febc75277ca84d15bd151d42ca)
+
+---
+ Makefile.am | 20 ++++++++++++++++----
+ 1 file changed, 16 insertions(+), 4 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 600becf..c283738 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -595,13 +595,23 @@ libsystemd_dbus_la_LIBADD = \
+
+ # ------------------------------------------------------------------------------
+ noinst_LTLIBRARIES += \
+- libsystemd-label.la
++ libsystemd-units.la
+
+-libsystemd_label_la_SOURCES = \
++libsystemd_units_la_SOURCES = \
+ src/shared/install.c \
+ src/shared/install.h \
+ src/shared/path-lookup.c \
+- src/shared/path-lookup.h \
++ src/shared/path-lookup.h
++
++libsystemd_units_la_CFLAGS = \
++ $(AM_CFLAGS) \
++ $(DBUS_CFLAGS)
++
++# ------------------------------------------------------------------------------
++noinst_LTLIBRARIES += \
++ libsystemd-label.la
++
++libsystemd_label_la_SOURCES = \
+ src/shared/cgroup-label.c \
+ src/shared/socket-label.c \
+ src/shared/label.c \
+@@ -615,7 +625,6 @@ libsystemd_label_la_SOURCES = \
+
+ libsystemd_label_la_CFLAGS = \
+ $(AM_CFLAGS) \
+- $(DBUS_CFLAGS) \
+ $(SELINUX_CFLAGS)
+
+ libsystemd_label_la_LIBADD = \
+@@ -800,6 +809,7 @@ libsystemd_core_la_CFLAGS = \
+
+ libsystemd_core_la_LIBADD = \
+ libsystemd-capability.la \
++ libsystemd-units.la \
+ libsystemd-label.la \
+ libsystemd-shared.la \
+ libsystemd-dbus.la \
+@@ -971,6 +981,7 @@ test_install_CFLAGS = \
+ $(DBUS_CFLAGS)
+
+ test_install_LDADD = \
++ libsystemd-units.la \
+ libsystemd-label.la \
+ libsystemd-shared.la
+
+@@ -1174,6 +1185,7 @@ systemctl_CFLAGS = \
+ $(DBUS_CFLAGS)
+
+ systemctl_LDADD = \
++ libsystemd-units.la \
+ libsystemd-label.la \
+ libsystemd-shared.la \
+ libsystemd-daemon.la \
diff --git a/0382-sleep-Don-t-call-execute_directory-on-a-binary.patch b/0382-sleep-Don-t-call-execute_directory-on-a-binary.patch
new file mode 100644
index 0000000..4cee412
--- /dev/null
+++ b/0382-sleep-Don-t-call-execute_directory-on-a-binary.patch
@@ -0,0 +1,47 @@
+From a2fe9e343fc4345026f6a3c9b4dd4db08539c653 Mon Sep 17 00:00:00 2001
+From: Matthias Clasen <mclasen at redhat.com>
+Date: Thu, 31 May 2012 20:07:12 -0400
+Subject: [PATCH] sleep: Don't call execute_directory() on a binary
+
+Probably a copy-paste error, SYSTEMD_SLEEP_BINARY_PATH should
+have been SYSTEMD_SLEEP_PATH.
+(cherry picked from commit ddcbc8737873ca1904562d7d3ca3de9946e2f889)
+---
+ Makefile.am | 1 +
+ src/sleep/sleep.c | 4 ++--
+ 2 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index c283738..f77dc10 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -111,6 +111,7 @@ AM_CPPFLAGS = \
+ -DSYSTEM_GENERATOR_PATH=\"$(systemgeneratordir)\" \
+ -DUSER_GENERATOR_PATH=\"$(usergeneratordir)\" \
+ -DSYSTEM_SHUTDOWN_PATH=\"$(systemshutdowndir)\" \
++ -DSYSTEM_SLEEP_PATH=\"$(systemsleepdir)\" \
+ -DSYSTEMD_KBD_MODEL_MAP=\"$(pkgdatadir)/kbd-model-map\" \
+ -DX_SERVER=\"$(bindir)/X\" \
+ -DPOLKIT_AGENT_BINARY_PATH=\"$(bindir)/pkttyagent\" \
+diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c
+index 941edc3..c86f69c 100644
+--- a/src/sleep/sleep.c
++++ b/src/sleep/sleep.c
+@@ -63,7 +63,7 @@ int main(int argc, char *argv[]) {
+ arguments[1] = (char*) "pre";
+ arguments[2] = argv[1];
+ arguments[3] = NULL;
+- execute_directory(SYSTEMD_SLEEP_BINARY_PATH, NULL, arguments);
++ execute_directory(SYSTEM_SLEEP_PATH, NULL, arguments);
+
+ if (streq(argv[1], "suspend"))
+ log_info("Suspending system...");
+@@ -82,7 +82,7 @@ int main(int argc, char *argv[]) {
+ log_info("System thawed.");
+
+ arguments[1] = (char*) "post";
+- execute_directory(SYSTEMD_SLEEP_BINARY_PATH, NULL, arguments);
++ execute_directory(SYSTEM_SLEEP_PATH, NULL, arguments);
+
+ fclose(f);
+
diff --git a/0383-logind-interpret-the-can_sleep-return-value-properly.patch b/0383-logind-interpret-the-can_sleep-return-value-properly.patch
new file mode 100644
index 0000000..b476846
--- /dev/null
+++ b/0383-logind-interpret-the-can_sleep-return-value-properly.patch
@@ -0,0 +1,29 @@
+From 009af3b4bacaa7325e895649232a73fa017c7d8f Mon Sep 17 00:00:00 2001
+From: Matthias Clasen <mclasen at redhat.com>
+Date: Thu, 31 May 2012 21:50:23 -0400
+Subject: [PATCH] logind: interpret the can_sleep return value properly
+
+can_sleep() returns a boolean, so a return value > 0 does not
+mean 'na'.
+(cherry picked from commit 398f7c881b90d2ca4edafcb60dba3822eb9f73eb)
+---
+ src/login/logind-dbus.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
+index 61c4b30..b6f2204 100644
+--- a/src/login/logind-dbus.c
++++ b/src/login/logind-dbus.c
+@@ -1062,8 +1062,10 @@ static int bus_manager_can_shutdown_or_sleep(
+ if (r < 0)
+ return r;
+
+- result = "na";
+- goto finish;
++ if (r == 0) {
++ result = "na";
++ goto finish;
++ }
+ }
+
+ r = have_multiple_sessions(connection, m, message, error);
diff --git a/0384-logind-fix-indentation.patch b/0384-logind-fix-indentation.patch
new file mode 100644
index 0000000..3a69562
--- /dev/null
+++ b/0384-logind-fix-indentation.patch
@@ -0,0 +1,31 @@
+From 810be4366f21ee8d0b22139e91a243e101d45843 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Fri, 1 Jun 2012 15:57:21 +0200
+Subject: [PATCH] logind: fix indentation (cherry picked from commit
+ d5a745df4da6265e32db667807b4f7214cac95f0)
+
+---
+ src/login/logind-dbus.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
+index b6f2204..84fd785 100644
+--- a/src/login/logind-dbus.c
++++ b/src/login/logind-dbus.c
+@@ -1082,11 +1082,11 @@ static int bus_manager_can_shutdown_or_sleep(
+
+ if (r > 0)
+ result = "yes";
+- else if (challenge)
+- result = "challenge";
+- else
+- result = "no";
+- }
++ else if (challenge)
++ result = "challenge";
++ else
++ result = "no";
++ }
+
+ if (blocked) {
+ r = verify_polkit(connection, message, action_ignore_inhibit, false, &challenge, error);
diff --git a/0385-man-write-man-page-for-systemd-logind.patch b/0385-man-write-man-page-for-systemd-logind.patch
new file mode 100644
index 0000000..8945842
--- /dev/null
+++ b/0385-man-write-man-page-for-systemd-logind.patch
@@ -0,0 +1,252 @@
+From e6c7ceadb950adae8d702fc2ce2fb7fa672588da Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Fri, 1 Jun 2012 00:14:07 +0200
+Subject: [PATCH] man: write man page for systemd-logind (cherry picked from
+ commit af3bccd6d87759f0b146bf5980bdd56144d70c7e)
+
+Conflicts:
+ Makefile.am
+ man/loginctl.xml
+ man/pam_systemd.xml
+ units/systemd-logind.service.in
+---
+ Makefile.am | 3 ++
+ man/loginctl.xml | 3 +-
+ man/pam_systemd.xml | 15 +++---
+ man/systemd-logind.conf.xml | 3 +-
+ man/systemd-logind.service.xml | 98 +++++++++++++++++++++++++++++++++++++++
+ units/systemd-logind.service.in | 2 +-
+ 6 files changed, 115 insertions(+), 9 deletions(-)
+ create mode 100644 man/systemd-logind.service.xml
+
+diff --git a/Makefile.am b/Makefile.am
+index f77dc10..9693a84 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -2316,6 +2316,7 @@ nodist_udevrules_DATA += \
+ src/login/73-seat-late.rules
+
+ MANPAGES += \
++ man/systemd-logind.service.8 \
+ man/systemd-logind.conf.5 \
+ man/sd-login.7 \
+ man/loginctl.1 \
+@@ -2327,6 +2328,7 @@ MANPAGES += \
+ man/sd_get_seats.3
+
+ MANPAGES_ALIAS += \
++ man/systemd-logind.8 \
+ man/sd_login_monitor_unref.3 \
+ man/sd_login_monitor_flush.3 \
+ man/sd_login_monitor_get_fd.3 \
+@@ -2346,6 +2348,7 @@ MANPAGES_ALIAS += \
+ man/sd_get_sessions.3 \
+ man/sd_get_uids.3
+
++man/systemd-logind.8: man/systemd-logind.service.8
+ man/sd_login_monitor_unref.3: man/sd_login_monitor_new.3
+ man/sd_login_monitor_flush.3: man/sd_login_monitor_new.3
+ man/sd_login_monitor_get_fd.3: man/sd_login_monitor_new.3
+diff --git a/man/loginctl.xml b/man/loginctl.xml
+index 7cfb194..e0ab344 100644
+--- a/man/loginctl.xml
++++ b/man/loginctl.xml
+@@ -60,7 +60,7 @@
+ <para><command>loginctl</command> may be used to
+ introspect and control the state of the
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+- login manager.</para>
++ login manager <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+ </refsect1>
+
+ <refsect1>
+@@ -459,6 +459,7 @@
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd-logind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml
+index 883b50b..e1d37b0 100644
+--- a/man/pam_systemd.xml
++++ b/man/pam_systemd.xml
+@@ -44,7 +44,7 @@
+
+ <refnamediv>
+ <refname>pam_systemd</refname>
+- <refpurpose>Register user sessions in the systemd control group hierarchy</refpurpose>
++ <refpurpose>Register user sessions in the systemd login manager</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+@@ -57,8 +57,9 @@
+ <title>Description</title>
+
+ <para><command>pam_systemd</command> registers user
+- sessions in the systemd control group
+- hierarchy.</para>
++ sessions in the systemd login manager
++ <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
++ and hence the systemd control group hierarchy.</para>
+
+ <para>On login, this module ensures the following:</para>
+
+@@ -304,12 +305,14 @@ session required pam_systemd.so kill-session-processes=1</programlisting>
+ <refsect1>
+ <title>See Also</title>
+ <para>
++ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-logind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>pam_loginuid</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>systemd-logind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
++ <citerefentry><refentrytitle>pam_loginuid</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+
+diff --git a/man/systemd-logind.conf.xml b/man/systemd-logind.conf.xml
+index a765f44..2ca0078 100644
+--- a/man/systemd-logind.conf.xml
++++ b/man/systemd-logind.conf.xml
+@@ -54,7 +54,7 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para>This files configures various parameters of the systemd login manager.</para>
++ <para>This files configures various parameters of the systemd login manager <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+
+ </refsect1>
+
+@@ -182,6 +182,7 @@
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ </para>
+diff --git a/man/systemd-logind.service.xml b/man/systemd-logind.service.xml
+new file mode 100644
+index 0000000..98b31dd
+--- /dev/null
++++ b/man/systemd-logind.service.xml
+@@ -0,0 +1,98 @@
++<?xml version='1.0'?> <!--*-nxml-*-->
++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
++ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
++
++<!--
++ This file is part of systemd.
++
++ Copyright 2010 Lennart Poettering
++
++ systemd is free software; you can redistribute it and/or modify it
++ under the terms of the GNU Lesser General Public License as published by
++ the Free Software Foundation; either version 2.1 of the License, or
++ (at your option) any later version.
++
++ systemd is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public License
++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
++-->
++
++<refentry id="systemd-logind.service">
++
++ <refentryinfo>
++ <title>systemd-logind</title>
++ <productname>systemd</productname>
++
++ <authorgroup>
++ <author>
++ <contrib>Developer</contrib>
++ <firstname>Lennart</firstname>
++ <surname>Poettering</surname>
++ <email>lennart at poettering.net</email>
++ </author>
++ </authorgroup>
++ </refentryinfo>
++
++ <refmeta>
++ <refentrytitle>systemd-logind</refentrytitle>
++ <manvolnum>8</manvolnum>
++ </refmeta>
++
++ <refnamediv>
++ <refname>systemd-logind.service</refname>
++ <refname>systemd-logind</refname>
++ <refpurpose>systemd Login Manager</refpurpose>
++ </refnamediv>
++
++ <refsynopsisdiv>
++ <para><filename>sysytemd-logind.service</filename></para>
++ <para><filename>/usr/lib/systemd/systemd-logind</filename></para>
++ </refsynopsisdiv>
++
++ <refsect1>
++ <title>Description</title>
++
++ <para><filename>systemd-logind</filename> is a system
++ service that manages user logins. It is responsible
++ for: keeping track of users and sessions, their
++ processes and their idle state; creating control
++ groups for user processes; provide PolicyKit-based
++ access for users to operations such as system shutdown
++ or sleep; implementing a shutdown/sleep inhibition
++ logic for applications; handling of power/sleep
++ hardware keys; multi-seat management; session switch
++ management; device access management for users;
++ automatic spawning of text logins (gettys) and user
++ runtime directory management.
++ </para>
++
++ <para>User sessions are registered in logind via the
++ <citerefentry><refentrytitle>pam_systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ PAM module.</para>
++
++ <para>See
++ <citerefentry><refentrytitle>systemd-logind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
++ for information about the configuration of this
++ service.</para>
++
++ <para>See <ulink
++ url="http://www.freedesktop.org/wiki/Software/systemd/multiseat">Multi-Seat
++ on Linux</ulink> for an introduction into basic
++ concepts of logind such as users, sessions and seats.</para>
++ </refsect1>
++
++ <refsect1>
++ <title>See Also</title>
++ <para>
++ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>logind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>pam_systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ </para>
++ </refsect1>
++
++</refentry>
+diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in
+index cf0aa07..c8ab974 100644
+--- a/units/systemd-logind.service.in
++++ b/units/systemd-logind.service.in
+@@ -7,8 +7,8 @@
+
+ [Unit]
+ Description=Login Service
++Documentation=man:systemd-logind.service(7) man:systemd-logind.conf(5)
+ Documentation=http://www.freedesktop.org/wiki/Software/systemd/multiseat
+-Documentation=man:systemd-logind.conf(5)
+ After=nss-user-lookup.target
+
+ [Service]
diff --git a/0386-man-document-systemd-journal.patch b/0386-man-document-systemd-journal.patch
new file mode 100644
index 0000000..c191a1c
--- /dev/null
+++ b/0386-man-document-systemd-journal.patch
@@ -0,0 +1,250 @@
+From fa0108f678e002788d0ceadf49ea9f26f5d361a6 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Fri, 1 Jun 2012 01:05:38 +0200
+Subject: [PATCH] man: document systemd-journal (cherry picked from commit
+ 01cf0ca850dd1c21e1c405a4493fe61d0c28d721)
+
+Conflicts:
+ Makefile.am
+ man/systemd-journald.conf.xml
+ man/systemd-logind.conf.xml
+ units/systemd-journald.service.in
+---
+ Makefile.am | 5 +-
+ man/journalctl.xml | 8 ++-
+ man/systemd-journald.conf.xml | 7 ++-
+ man/systemd-journald.service.xml | 110 +++++++++++++++++++++++++++++++++++++
+ man/systemd-logind.conf.xml | 2 +-
+ units/systemd-journald.service.in | 2 +-
+ 6 files changed, 126 insertions(+), 8 deletions(-)
+ create mode 100644 man/systemd-journald.service.xml
+
+diff --git a/Makefile.am b/Makefile.am
+index 9693a84..cb6d77d 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -476,6 +476,7 @@ MANPAGES = \
+ man/systemd-machine-id-setup.1 \
+ man/systemd-detect-virt.1 \
+ man/systemd-journald.conf.5 \
++ man/systemd-journald.service.8 \
+ man/journalctl.1 \
+ man/systemd-inhibit.1
+
+@@ -487,7 +488,8 @@ MANPAGES_ALIAS = \
+ man/systemd-loginctl.1 \
+ man/systemd-journalctl.1 \
+ man/systemd-modules-load.8 \
+- man/systemd-sysctl.8
++ man/systemd-sysctl.8 \
++ man/systemd-journald.8
+
+ man/reboot.8: man/halt.8
+ man/poweroff.8: man/halt.8
+@@ -497,6 +499,7 @@ man/systemd-loginctl.1: man/loginctl.1
+ man/systemd-journalctl.1: man/journalctl.1
+ man/systemd-modules-load.8: man/systemd-modules-load.service.8
+ man/systemd-sysctl.8: man/systemd-sysctl.service.8
++man/systemd-journald.8: man/systemd-journald.service.8
+
+ XML_FILES = \
+ ${patsubst %.1,%.xml,${patsubst %.3,%.xml,${patsubst %.5,%.xml,${patsubst %.7,%.xml,${patsubst %.8,%.xml,$(MANPAGES)}}}}}
+diff --git a/man/journalctl.xml b/man/journalctl.xml
+index 7e011c9..5594672 100644
+--- a/man/journalctl.xml
++++ b/man/journalctl.xml
+@@ -57,10 +57,11 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para><command>journalctl</command> may be
+- used to query the contents of the
++ <para><command>journalctl</command> may be used to
++ query the contents of the
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+- journal.</para>
++ journal as written by
++ <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+
+ <para>If called without parameter will show the full
+ contents of the journal, starting with the oldest
+@@ -255,6 +256,7 @@
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd-journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+diff --git a/man/systemd-journald.conf.xml b/man/systemd-journald.conf.xml
+index e96bbb1..b8a5749 100644
+--- a/man/systemd-journald.conf.xml
++++ b/man/systemd-journald.conf.xml
+@@ -48,13 +48,15 @@
+ </refnamediv>
+
+ <refsynopsisdiv>
+- <para><filename>systemd-journald.conf</filename></para>
++ <para><filename>/etc/systemd/systemd-journald.conf</filename></para>
+ </refsynopsisdiv>
+
+ <refsect1>
+ <title>Description</title>
+
+- <para>This files configures various parameters of the systemd journal service.</para>
++ <para>This files configures various parameters of the
++ systemd journal service
++ <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+
+ </refsect1>
+
+@@ -246,6 +248,7 @@
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+diff --git a/man/systemd-journald.service.xml b/man/systemd-journald.service.xml
+new file mode 100644
+index 0000000..202ea00
+--- /dev/null
++++ b/man/systemd-journald.service.xml
+@@ -0,0 +1,110 @@
++<?xml version='1.0'?> <!--*-nxml-*-->
++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
++ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
++
++<!--
++ This file is part of systemd.
++
++ Copyright 2010 Lennart Poettering
++
++ systemd is free software; you can redistribute it and/or modify it
++ under the terms of the GNU Lesser General Public License as published by
++ the Free Software Foundation; either version 2.1 of the License, or
++ (at your option) any later version.
++
++ systemd is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public License
++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
++-->
++
++<refentry id="systemd-journald.service">
++
++ <refentryinfo>
++ <title>systemd-journald</title>
++ <productname>systemd</productname>
++
++ <authorgroup>
++ <author>
++ <contrib>Developer</contrib>
++ <firstname>Lennart</firstname>
++ <surname>Poettering</surname>
++ <email>lennart at poettering.net</email>
++ </author>
++ </authorgroup>
++ </refentryinfo>
++
++ <refmeta>
++ <refentrytitle>systemd-journald</refentrytitle>
++ <manvolnum>8</manvolnum>
++ </refmeta>
++
++ <refnamediv>
++ <refname>systemd-journald.service</refname>
++ <refname>systemd-journald</refname>
++ <refpurpose>systemd Journal Service</refpurpose>
++ </refnamediv>
++
++ <refsynopsisdiv>
++ <para><filename>systemd-journald.service</filename></para>
++ <para><filename>/usr/lib/systemd/systemd-journald</filename></para>
++ </refsynopsisdiv>
++
++ <refsect1>
++ <title>Description</title>
++
++ <para><filename>systemd-journald</filename> is a
++ system service that collects and stores logging
++ data. It creates and maintains structured, indexed
++ journals based on logging information that is received
++ from the kernel, from user processes via the libc
++ <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
++ call, from STDOUT/STDERR of system services or via its
++ native API. It will implicitly collect numerous meta
++ data fields for each log messages in a secure and
++ unfakeable way. See
++ <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>
++ for more information about the collected meta data.
++ </para>
++
++ <para>Log data collected by the journal is primarily
++ text based but can also include binary data where
++ necessary. All objects stored in the journal can be up
++ to 2^64-1 bytes in size.</para>
++
++ <para>By default the journal stores log data in
++ <filename>/run/log/journal/</filename>. Since
++ <filename>/run/</filename> is volatile log data is
++ lost at reboot. To make the data persistant it
++ is sufficient to create
++ <filename>/var/log/journal/</filename> where
++ <filename>systemd-journald</filename> will then store
++ the data.</para>
++
++ <para><filename>systemd-journald</filename> will
++ forward all received log messages to the AF_UNIX
++ SOCK_DGRAM socket
++ <filename>/run/systemd/journal/syslog</filename> (if it exists) which
++ may be used by UNIX syslog daemons to process the data
++ further.</para>
++
++ <para>See
++ <citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
++ for information about the configuration of this
++ service.</para>
++ </refsect1>
++
++ <refsect1>
++ <title>See Also</title>
++ <para>
++ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>
++ </para>
++ </refsect1>
++
++</refentry>
+diff --git a/man/systemd-logind.conf.xml b/man/systemd-logind.conf.xml
+index 2ca0078..549122a 100644
+--- a/man/systemd-logind.conf.xml
++++ b/man/systemd-logind.conf.xml
+@@ -48,7 +48,7 @@
+ </refnamediv>
+
+ <refsynopsisdiv>
+- <para><filename>systemd-logind.conf</filename></para>
++ <para><filename>/etc/systemd/systemd-logind.conf</filename></para>
+ </refsynopsisdiv>
+
+ <refsect1>
+diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
+index 809e48c..c72fd7b 100644
+--- a/units/systemd-journald.service.in
++++ b/units/systemd-journald.service.in
+@@ -7,7 +7,7 @@
+
+ [Unit]
+ Description=Journal Service
+-Documentation=man:systemd-journald.conf(5)
++Documentation=man:systemd-journald.service(7) man:systemd-journald.conf(5)
+ DefaultDependencies=no
+ Requires=systemd-journald.socket
+ After=systemd-journald.socket
diff --git a/0387-journal-support-changing-the-console-tty-to-forward-.patch b/0387-journal-support-changing-the-console-tty-to-forward-.patch
new file mode 100644
index 0000000..bb90e6a
--- /dev/null
+++ b/0387-journal-support-changing-the-console-tty-to-forward-.patch
@@ -0,0 +1,109 @@
+From f87a841a18ac9b1ecd39490a6547ea9bed3cfe8c Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Fri, 1 Jun 2012 01:06:10 +0200
+Subject: [PATCH] journal: support changing the console tty to forward to
+ (cherry picked from commit
+ 0d9243f022d244632b1ab26cfc8b46794b7fc5d6)
+
+Conflicts:
+ TODO
+---
+ man/systemd-journald.conf.xml | 10 ++++++++++
+ src/journal/journald-gperf.gperf | 1 +
+ src/journal/journald.c | 10 +++++++---
+ src/journal/journald.h | 2 ++
+ src/journal/systemd-journald.conf | 1 +
+ 5 files changed, 21 insertions(+), 3 deletions(-)
+
+diff --git a/man/systemd-journald.conf.xml b/man/systemd-journald.conf.xml
+index b8a5749..add7a7b 100644
+--- a/man/systemd-journald.conf.xml
++++ b/man/systemd-journald.conf.xml
+@@ -225,6 +225,16 @@
+ </varlistentry>
+
+ <varlistentry>
++ <term><varname>TTYPath=</varname></term>
++
++ <listitem><para>Change the console TTY
++ to use if
++ <varname>ForwardToConsole=yes</varname>
++ is used. Defaults to
++ <filename>/dev/console</filename>.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
+ <term><varname>ImportKernel=</varname></term>
+
+ <listitem><para>Controls whether
+diff --git a/src/journal/journald-gperf.gperf b/src/journal/journald-gperf.gperf
+index a56f6d9..9c778fc 100644
+--- a/src/journal/journald-gperf.gperf
++++ b/src/journal/journald-gperf.gperf
+@@ -29,3 +29,4 @@ Journal.ForwardToSyslog, config_parse_bool, 0, offsetof(Server, forward_
+ Journal.ForwardToKMsg, config_parse_bool, 0, offsetof(Server, forward_to_kmsg)
+ Journal.ForwardToConsole, config_parse_bool, 0, offsetof(Server, forward_to_console)
+ Journal.ImportKernel, config_parse_bool, 0, offsetof(Server, import_proc_kmsg)
++Journal.TTYPath, config_parse_path, 0, offsetof(Server, tty_path)
+diff --git a/src/journal/journald.c b/src/journal/journald.c
+index 4679300..2838d8b 100644
+--- a/src/journal/journald.c
++++ b/src/journal/journald.c
+@@ -965,6 +965,7 @@ static void forward_console(Server *s, const char *identifier, const char *messa
+ char header_pid[16];
+ int n = 0, fd;
+ char *ident_buf = NULL;
++ const char *tty;
+
+ assert(s);
+ assert(message);
+@@ -992,14 +993,16 @@ static void forward_console(Server *s, const char *identifier, const char *messa
+ IOVEC_SET_STRING(iovec[n++], message);
+ IOVEC_SET_STRING(iovec[n++], "\n");
+
+- fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
++ tty = s->tty_path ? s->tty_path : "/dev/console";
++
++ fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
+ if (fd < 0) {
+- log_debug("Failed to open /dev/console for logging: %s", strerror(errno));
++ log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
+ goto finish;
+ }
+
+ if (writev(fd, iovec, n) < 0)
+- log_debug("Failed to write to /dev/console for logging: %s", strerror(errno));
++ log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
+
+ close_nointr_nofail(fd);
+
+@@ -2782,6 +2785,7 @@ static void server_done(Server *s) {
+ journal_rate_limit_free(s->rate_limit);
+
+ free(s->buffer);
++ free(s->tty_path);
+ }
+
+ int main(int argc, char *argv[]) {
+diff --git a/src/journal/journald.h b/src/journal/journald.h
+index 7840fd5..6a2c4a9 100644
+--- a/src/journal/journald.h
++++ b/src/journal/journald.h
+@@ -79,6 +79,8 @@ typedef struct Server {
+
+ LIST_HEAD(StdoutStream, stdout_streams);
+ unsigned n_stdout_streams;
++
++ char *tty_path;
+ } Server;
+
+ /* gperf lookup function */
+diff --git a/src/journal/systemd-journald.conf b/src/journal/systemd-journald.conf
+index 710b0aa..4d5f8fb 100644
+--- a/src/journal/systemd-journald.conf
++++ b/src/journal/systemd-journald.conf
+@@ -23,3 +23,4 @@
+ #ForwardToKMsg=no
+ #ForwardToConsole=no
+ #ImportKernel=yes
++#TTYPath=/dev/console
diff --git a/0388-journal-allow-setting-of-a-cutoff-log-level-for-disk.patch b/0388-journal-allow-setting-of-a-cutoff-log-level-for-disk.patch
new file mode 100644
index 0000000..19bf620
--- /dev/null
+++ b/0388-journal-allow-setting-of-a-cutoff-log-level-for-disk.patch
@@ -0,0 +1,392 @@
+From 3ce4969dbc09cc3b647a9ef7212c15e55fa31f78 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Fri, 1 Jun 2012 17:26:16 +0200
+Subject: [PATCH] journal: allow setting of a cutoff log level for disk
+ storage, syslog, kmsg, console forwarding (cherry picked
+ from commit 213ba152fdf7978773be5b8a72e040584765137f)
+
+---
+ man/systemd-journald.conf.xml | 36 +++++++++++++++++++++++
+ src/core/load-fragment.c | 55 -----------------------------------
+ src/core/load-fragment.h | 2 --
+ src/journal/journald-gperf.gperf | 4 +++
+ src/journal/journald.c | 37 +++++++++++++++++++-----
+ src/journal/journald.h | 5 ++++
+ src/journal/systemd-journald.conf | 4 +++
+ src/shared/conf-parser.c | 57 +++++++++++++++++++++++++++++++++++++
+ src/shared/conf-parser.h | 2 ++
+ 9 files changed, 138 insertions(+), 64 deletions(-)
+
+diff --git a/man/systemd-journald.conf.xml b/man/systemd-journald.conf.xml
+index add7a7b..100c458 100644
+--- a/man/systemd-journald.conf.xml
++++ b/man/systemd-journald.conf.xml
+@@ -225,6 +225,42 @@
+ </varlistentry>
+
+ <varlistentry>
++ <term><varname>MaxLevelStore=</varname></term>
++ <term><varname>MaxLevelSyslog=</varname></term>
++ <term><varname>MaxLevelKMsg=</varname></term>
++ <term><varname>MaxLevelConsole=</varname></term>
++
++ <listitem><para>Controls the maximum
++ log level of messages that are stored
++ on disk, forwarded to syslog, kmsg or
++ the console (if that is enabled, see
++ above). As argument, takes one of
++ <literal>emerg</literal>,
++ <literal>alert</literal>,
++ <literal>crit</literal>,
++ <literal>err</literal>,
++ <literal>warning</literal>,
++ <literal>notice</literal>,
++ <literal>info</literal>,
++ <literal>debug</literal> or integer
++ values in the range of 0..7 (corresponding
++ to the same levels). Messages equal or below
++ the log level specified are
++ stored/forwarded, messages above are
++ dropped. Defaults to
++ <literal>debug</literal> for
++ <varname>MaxLevelStore=</varname> and
++ <varname>MaxLevelSyslog=</varname>, to
++ ensure that the all messages are
++ written to disk and forwarded to
++ syslog. Defaults to
++ <literal>notice</literal> for
++ <varname>MaxLevelKMsg=</varname> and
++ <literal>info</literal> for
++ <varname>MaxLevelConsole=</varname>.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
+ <term><varname>TTYPath=</varname></term>
+
+ <listitem><para>Change the console TTY
+diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
+index 99f388e..9bbb45e 100644
+--- a/src/core/load-fragment.c
++++ b/src/core/load-fragment.c
+@@ -637,61 +637,6 @@ int config_parse_socket_bindtodevice(
+ DEFINE_CONFIG_PARSE_ENUM(config_parse_output, exec_output, ExecOutput, "Failed to parse output specifier");
+ DEFINE_CONFIG_PARSE_ENUM(config_parse_input, exec_input, ExecInput, "Failed to parse input specifier");
+
+-int config_parse_facility(
+- const char *filename,
+- unsigned line,
+- const char *section,
+- const char *lvalue,
+- int ltype,
+- const char *rvalue,
+- void *data,
+- void *userdata) {
+-
+-
+- int *o = data, x;
+-
+- assert(filename);
+- assert(lvalue);
+- assert(rvalue);
+- assert(data);
+-
+- if ((x = log_facility_unshifted_from_string(rvalue)) < 0) {
+- log_error("[%s:%u] Failed to parse log facility, ignoring: %s", filename, line, rvalue);
+- return 0;
+- }
+-
+- *o = (x << 3) | LOG_PRI(*o);
+-
+- return 0;
+-}
+-
+-int config_parse_level(
+- const char *filename,
+- unsigned line,
+- const char *section,
+- const char *lvalue,
+- int ltype,
+- const char *rvalue,
+- void *data,
+- void *userdata) {
+-
+-
+- int *o = data, x;
+-
+- assert(filename);
+- assert(lvalue);
+- assert(rvalue);
+- assert(data);
+-
+- if ((x = log_level_from_string(rvalue)) < 0) {
+- log_error("[%s:%u] Failed to parse log level, ignoring: %s", filename, line, rvalue);
+- return 0;
+- }
+-
+- *o = (*o & LOG_FACMASK) | x;
+- return 0;
+-}
+-
+ int config_parse_exec_io_class(
+ const char *filename,
+ unsigned line,
+diff --git a/src/core/load-fragment.h b/src/core/load-fragment.h
+index cd29948..3166b18 100644
+--- a/src/core/load-fragment.h
++++ b/src/core/load-fragment.h
+@@ -47,8 +47,6 @@ int config_parse_service_restart(const char *filename, unsigned line, const char
+ int config_parse_socket_bindtodevice(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_output(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_input(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+-int config_parse_facility(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+-int config_parse_level(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_exec_io_class(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_exec_io_priority(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_exec_cpu_sched_policy(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+diff --git a/src/journal/journald-gperf.gperf b/src/journal/journald-gperf.gperf
+index 9c778fc..c9b0fbb 100644
+--- a/src/journal/journald-gperf.gperf
++++ b/src/journal/journald-gperf.gperf
+@@ -30,3 +30,7 @@ Journal.ForwardToKMsg, config_parse_bool, 0, offsetof(Server, forward_
+ Journal.ForwardToConsole, config_parse_bool, 0, offsetof(Server, forward_to_console)
+ Journal.ImportKernel, config_parse_bool, 0, offsetof(Server, import_proc_kmsg)
+ Journal.TTYPath, config_parse_path, 0, offsetof(Server, tty_path)
++Journal.MaxLevelStore, config_parse_level, 0, offsetof(Server, max_level_store)
++Journal.MaxLevelSyslog, config_parse_level, 0, offsetof(Server, max_level_syslog)
++Journal.MaxLevelKMsg, config_parse_level, 0, offsetof(Server, max_level_kmsg)
++Journal.MaxLevelConsole, config_parse_level, 0, offsetof(Server, max_level_console)
+diff --git a/src/journal/journald.c b/src/journal/journald.c
+index 2838d8b..bd62999 100644
+--- a/src/journal/journald.c
++++ b/src/journal/journald.c
+@@ -720,6 +720,9 @@ static void dispatch_message(Server *s,
+ if (n == 0)
+ return;
+
++ if (LOG_PRI(priority) > s->max_level_store)
++ return;
++
+ if (!ucred)
+ goto finish;
+
+@@ -829,12 +832,15 @@ static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned
+ log_debug("Failed to forward syslog message: %m");
+ }
+
+-static void forward_syslog_raw(Server *s, const char *buffer, struct ucred *ucred, struct timeval *tv) {
++static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
+ struct iovec iovec;
+
+ assert(s);
+ assert(buffer);
+
++ if (LOG_PRI(priority) > s->max_level_syslog)
++ return;
++
+ IOVEC_SET_STRING(iovec, buffer);
+ forward_syslog_iovec(s, &iovec, 1, ucred, tv);
+ }
+@@ -852,6 +858,9 @@ static void forward_syslog(Server *s, int priority, const char *identifier, cons
+ assert(priority <= 999);
+ assert(message);
+
++ if (LOG_PRI(priority) > s->max_level_syslog)
++ return;
++
+ /* First: priority field */
+ snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
+ char_array_0(header_priority);
+@@ -913,6 +922,9 @@ static void forward_kmsg(Server *s, int priority, const char *identifier, const
+ assert(priority <= 999);
+ assert(message);
+
++ if (LOG_PRI(priority) > s->max_level_kmsg)
++ return;
++
+ /* Never allow messages with kernel facility to be written to
+ * kmsg, regardless where the data comes from. */
+ priority = fixup_priority(priority);
+@@ -960,7 +972,7 @@ finish:
+ free(ident_buf);
+ }
+
+-static void forward_console(Server *s, const char *identifier, const char *message, struct ucred *ucred) {
++static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
+ struct iovec iovec[4];
+ char header_pid[16];
+ int n = 0, fd;
+@@ -970,6 +982,9 @@ static void forward_console(Server *s, const char *identifier, const char *messa
+ assert(s);
+ assert(message);
+
++ if (LOG_PRI(priority) > s->max_level_console)
++ return;
++
+ /* First: identifier and PID */
+ if (ucred) {
+ if (!identifier) {
+@@ -1066,14 +1081,17 @@ static void process_syslog_message(Server *s, const char *buf, struct ucred *ucr
+ unsigned n = 0;
+ int priority = LOG_USER | LOG_INFO;
+ char *identifier = NULL, *pid = NULL;
++ const char *orig;
+
+ assert(s);
+ assert(buf);
+
++ orig = buf;
++ parse_syslog_priority((char**) &buf, &priority);
++
+ if (s->forward_to_syslog)
+- forward_syslog_raw(s, buf, ucred, tv);
++ forward_syslog_raw(s, priority, orig, ucred, tv);
+
+- parse_syslog_priority((char**) &buf, &priority);
+ skip_syslog_date((char**) &buf);
+ read_identifier(&buf, &identifier, &pid);
+
+@@ -1081,7 +1099,7 @@ static void process_syslog_message(Server *s, const char *buf, struct ucred *ucr
+ forward_kmsg(s, priority, identifier, buf, ucred);
+
+ if (s->forward_to_console)
+- forward_console(s, identifier, buf, ucred);
++ forward_console(s, priority, identifier, buf, ucred);
+
+ IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
+
+@@ -1333,7 +1351,7 @@ static void process_native_message(
+ forward_kmsg(s, priority, identifier, message, ucred);
+
+ if (s->forward_to_console)
+- forward_console(s, identifier, message, ucred);
++ forward_console(s, priority, identifier, message, ucred);
+ }
+
+ dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, priority);
+@@ -1431,7 +1449,7 @@ static int stdout_stream_log(StdoutStream *s, const char *p) {
+ forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
+
+ if (s->forward_to_console || s->server->forward_to_console)
+- forward_console(s->server, s->identifier, p, &s->ucred);
++ forward_console(s->server, priority, s->identifier, p, &s->ucred);
+
+ IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
+
+@@ -2655,6 +2673,11 @@ static int server_init(Server *s) {
+ s->forward_to_syslog = true;
+ s->import_proc_kmsg = true;
+
++ s->max_level_store = LOG_DEBUG;
++ s->max_level_syslog = LOG_DEBUG;
++ s->max_level_kmsg = LOG_NOTICE;
++ s->max_level_console = LOG_INFO;
++
+ memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
+ memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
+
+diff --git a/src/journal/journald.h b/src/journal/journald.h
+index 6a2c4a9..aea15bb 100644
+--- a/src/journal/journald.h
++++ b/src/journal/journald.h
+@@ -81,6 +81,11 @@ typedef struct Server {
+ unsigned n_stdout_streams;
+
+ char *tty_path;
++
++ int max_level_store;
++ int max_level_syslog;
++ int max_level_kmsg;
++ int max_level_console;
+ } Server;
+
+ /* gperf lookup function */
+diff --git a/src/journal/systemd-journald.conf b/src/journal/systemd-journald.conf
+index 4d5f8fb..946ee97 100644
+--- a/src/journal/systemd-journald.conf
++++ b/src/journal/systemd-journald.conf
+@@ -24,3 +24,7 @@
+ #ForwardToConsole=no
+ #ImportKernel=yes
+ #TTYPath=/dev/console
++#MaxLevelStore=debug
++#MaxLevelSyslog=debug
++#MaxLevelKMsg=notice
++#MaxLevelConsole=info
+diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c
+index 1b7e8d8..8582f6d 100644
+--- a/src/shared/conf-parser.c
++++ b/src/shared/conf-parser.c
+@@ -876,3 +876,60 @@ int config_parse_mode(
+ *m = (mode_t) l;
+ return 0;
+ }
++
++int config_parse_facility(
++ const char *filename,
++ unsigned line,
++ const char *section,
++ const char *lvalue,
++ int ltype,
++ const char *rvalue,
++ void *data,
++ void *userdata) {
++
++
++ int *o = data, x;
++
++ assert(filename);
++ assert(lvalue);
++ assert(rvalue);
++ assert(data);
++
++ x = log_facility_unshifted_from_string(rvalue);
++ if (x < 0) {
++ log_error("[%s:%u] Failed to parse log facility, ignoring: %s", filename, line, rvalue);
++ return 0;
++ }
++
++ *o = (x << 3) | LOG_PRI(*o);
++
++ return 0;
++}
++
++int config_parse_level(
++ const char *filename,
++ unsigned line,
++ const char *section,
++ const char *lvalue,
++ int ltype,
++ const char *rvalue,
++ void *data,
++ void *userdata) {
++
++
++ int *o = data, x;
++
++ assert(filename);
++ assert(lvalue);
++ assert(rvalue);
++ assert(data);
++
++ x = log_level_from_string(rvalue);
++ if (x < 0) {
++ log_error("[%s:%u] Failed to parse log level, ignoring: %s", filename, line, rvalue);
++ return 0;
++ }
++
++ *o = (*o & LOG_FACMASK) | x;
++ return 0;
++}
+diff --git a/src/shared/conf-parser.h b/src/shared/conf-parser.h
+index 4656f8b..81d6720 100644
+--- a/src/shared/conf-parser.h
++++ b/src/shared/conf-parser.h
+@@ -104,6 +104,8 @@ int config_parse_path_strv(const char *filename, unsigned line, const char *sect
+ int config_parse_usec(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_nsec(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+ int config_parse_mode(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
++int config_parse_facility(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
++int config_parse_level(const char *filename, unsigned line, const char *section, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+
+ #define DEFINE_CONFIG_PARSE_ENUM(function,name,type,msg) \
+ int function( \
diff --git a/0389-units-fix-man-section.patch b/0389-units-fix-man-section.patch
new file mode 100644
index 0000000..3ebae64
--- /dev/null
+++ b/0389-units-fix-man-section.patch
@@ -0,0 +1,30 @@
+From c0e80ae8b9f2f45f13cecfbb6387bf2ad9f545e4 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Fri, 1 Jun 2012 17:26:28 +0200
+Subject: [PATCH] units: fix man section (cherry picked from commit
+ 63cb20a28b3f5e858a306daf7e0657ccbb0ab163)
+
+Conflicts:
+ units/systemd-journald.service.in
+---
+ units/systemd-journald.service.in | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
+index c72fd7b..e27db0c 100644
+--- a/units/systemd-journald.service.in
++++ b/units/systemd-journald.service.in
+@@ -7,11 +7,10 @@
+
+ [Unit]
+ Description=Journal Service
+-Documentation=man:systemd-journald.service(7) man:systemd-journald.conf(5)
++Documentation=man:systemd-journald.service(8) man:systemd-journald.conf(5)
+ DefaultDependencies=no
+ Requires=systemd-journald.socket
+-After=systemd-journald.socket
+-After=syslog.socket
++After=systemd-journald.socket syslog.socket
+
+ [Service]
+ ExecStart=@rootlibexecdir@/systemd-journald
diff --git a/0390-fix-typo.patch b/0390-fix-typo.patch
new file mode 100644
index 0000000..b9b0659
--- /dev/null
+++ b/0390-fix-typo.patch
@@ -0,0 +1,49 @@
+From e582c88a98e7da3abc3a2581b792445203cbfc40 Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Fri, 1 Jun 2012 17:56:11 +0200
+Subject: [PATCH] fix typo (cherry picked from commit
+ 3ab1e259d918228c68c1829bd67625e1dc660862)
+
+---
+ man/systemd-journald.conf.xml | 6 +++---
+ man/systemd-journald.service.xml | 2 +-
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/man/systemd-journald.conf.xml b/man/systemd-journald.conf.xml
+index 100c458..9314694 100644
+--- a/man/systemd-journald.conf.xml
++++ b/man/systemd-journald.conf.xml
+@@ -128,7 +128,7 @@
+ prefixed with
+ <literal>System</literal> apply to the
+ journal files when stored on a
+- persistant file system, more
++ persistent file system, more
+ specifically
+ <filename>/var/log/journal</filename>. The
+ options prefixed with
+@@ -144,9 +144,9 @@
+ exists. Otherwise only the latter
+ applies. Note that this means that
+ during early boot and if the
+- administrator disabled persistant
++ administrator disabled persistent
+ logging only the latter options apply,
+- while the former apply if persistant
++ while the former apply if persistent
+ logging is enabled and the system is
+ fully booted
+ up. <varname>SystemMaxUse=</varname>
+diff --git a/man/systemd-journald.service.xml b/man/systemd-journald.service.xml
+index 202ea00..5d39c50 100644
+--- a/man/systemd-journald.service.xml
++++ b/man/systemd-journald.service.xml
+@@ -78,7 +78,7 @@
+ <para>By default the journal stores log data in
+ <filename>/run/log/journal/</filename>. Since
+ <filename>/run/</filename> is volatile log data is
+- lost at reboot. To make the data persistant it
++ lost at reboot. To make the data persistent it
+ is sufficient to create
+ <filename>/var/log/journal/</filename> where
+ <filename>systemd-journald</filename> will then store
diff --git a/0391-missing-define-MS_STRICTATIME-if-not-defined-already.patch b/0391-missing-define-MS_STRICTATIME-if-not-defined-already.patch
new file mode 100644
index 0000000..96e120f
--- /dev/null
+++ b/0391-missing-define-MS_STRICTATIME-if-not-defined-already.patch
@@ -0,0 +1,37 @@
+From edfd5fabfa7c8fde6a81dbf8c5085fa01edf86b7 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Fri, 1 Jun 2012 21:25:29 +0200
+Subject: [PATCH] missing: define MS_STRICTATIME if not defined already
+ (cherry picked from commit
+ 48ac500bb65f1f2eb09704f15104eeebb9330d47)
+
+---
+ src/core/mount-setup.c | 1 +
+ src/shared/missing.h | 4 ++++
+ 2 files changed, 5 insertions(+)
+
+diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
+index d4f81cc..39049de 100644
+--- a/src/core/mount-setup.c
++++ b/src/core/mount-setup.c
+@@ -39,6 +39,7 @@
+ #include "strv.h"
+ #include "mkdir.h"
+ #include "path-util.h"
++#include "missing.h"
+
+ #ifndef TTY_GID
+ #define TTY_GID 5
+diff --git a/src/shared/missing.h b/src/shared/missing.h
+index 638d4d7..522c467 100644
+--- a/src/shared/missing.h
++++ b/src/shared/missing.h
+@@ -184,4 +184,8 @@ static inline pid_t gettid(void) {
+ #define SCM_SECURITY 0x03
+ #endif
+
++#ifndef MS_STRICTATIME
++#define MS_STRICTATIME (1<<24)
++#endif
++
+ #endif
diff --git a/0392-systemd-detect-virt-fix-option-quiet-requires-an-arg.patch b/0392-systemd-detect-virt-fix-option-quiet-requires-an-arg.patch
new file mode 100644
index 0000000..f273668
--- /dev/null
+++ b/0392-systemd-detect-virt-fix-option-quiet-requires-an-arg.patch
@@ -0,0 +1,25 @@
+From 7fe5a8d80274f07431596e28bda0ae542f8fa40f Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Mon, 4 Jun 2012 12:39:22 +0200
+Subject: [PATCH] systemd-detect-virt: fix "option '--quiet' requires an
+ argument"
+
+https://bugs.freedesktop.org/show_bug.cgi?id=50671
+(cherry picked from commit 8c32f0143b15e4c18142cce6703f66e26db69899)
+---
+ src/detect-virt/detect-virt.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/detect-virt/detect-virt.c b/src/detect-virt/detect-virt.c
+index 6f8187d..ec79655 100644
+--- a/src/detect-virt/detect-virt.c
++++ b/src/detect-virt/detect-virt.c
+@@ -61,7 +61,7 @@ static int parse_argv(int argc, char *argv[]) {
+ { "version", no_argument, NULL, ARG_VERSION },
+ { "container", no_argument, NULL, 'c' },
+ { "vm", optional_argument, NULL, 'v' },
+- { "quiet", required_argument, NULL, 'q' },
++ { "quiet", no_argument, NULL, 'q' },
+ { NULL, 0, NULL, 0 }
+ };
+
diff --git a/0393-logind-punt-duplicate-definition-of-InhibitWhat.patch b/0393-logind-punt-duplicate-definition-of-InhibitWhat.patch
new file mode 100644
index 0000000..c7f4f6a
--- /dev/null
+++ b/0393-logind-punt-duplicate-definition-of-InhibitWhat.patch
@@ -0,0 +1,25 @@
+From 40eb4b8e44702676efe48928bbdb237301a11f86 Mon Sep 17 00:00:00 2001
+From: Malte Starostik <m-starostik at versanet.de>
+Date: Sun, 3 Jun 2012 21:39:21 +0200
+Subject: [PATCH] logind: punt duplicate definition of InhibitWhat
+
+Trivial fix for:
+ src/login/logind-inhibit.h:37:3: error: redefinition of typedef 'InhibitWhat'
+ src/login/logind-inhibit.h:26:26: note: previous declaration of 'InhibitWhat' was here
+(cherry picked from commit cabe5d25640914be1000d23bcdd29d2ffc6333de)
+---
+ src/login/logind-inhibit.h | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/src/login/logind-inhibit.h b/src/login/logind-inhibit.h
+index 4377f00..e72536f 100644
+--- a/src/login/logind-inhibit.h
++++ b/src/login/logind-inhibit.h
+@@ -23,7 +23,6 @@
+ ***/
+
+ typedef struct Inhibitor Inhibitor;
+-typedef enum InhibitWhat InhibitWhat;
+
+ #include "list.h"
+ #include "util.h"
diff --git a/0394-unit-name-never-create-a-unit-name-with-a-leading.patch b/0394-unit-name-never-create-a-unit-name-with-a-leading.patch
new file mode 100644
index 0000000..4d41f62
--- /dev/null
+++ b/0394-unit-name-never-create-a-unit-name-with-a-leading.patch
@@ -0,0 +1,75 @@
+From d69ab4923308c5010ffa0da3e6be882af03b0cc7 Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Mon, 4 Jun 2012 14:57:24 +0200
+Subject: [PATCH] unit-name: never create a unit name with a leading '.'
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Supposed to prevent creating unit files like:
+ ├── dev-sda1.device.wants
+ │  └── .dot.mount -> /run/systemd/generator/.dot.mount
+ ├── .dot.mount
+from:
+ # cat /etc/fstab
+ /dev/sda1 /.dot vfat ro 1 3
+
+which we later skip reading because of the leading '.'.
+(cherry picked from commit 4b7126538c25268c79ff10d166920934f149a329)
+---
+ src/shared/unit-name.c | 29 ++++++++++++++++++++---------
+ 1 file changed, 20 insertions(+), 9 deletions(-)
+
+diff --git a/src/shared/unit-name.c b/src/shared/unit-name.c
+index 05baa4a..b74ab29 100644
+--- a/src/shared/unit-name.c
++++ b/src/shared/unit-name.c
+@@ -179,19 +179,30 @@ char *unit_name_build(const char *prefix, const char *instance, const char *suff
+ return join(prefix, "@", instance, suffix, NULL);
+ }
+
+-static char* do_escape(const char *f, char *t) {
++static char *do_escape_char(char c, char *t) {
++ *(t++) = '\\';
++ *(t++) = 'x';
++ *(t++) = hexchar(c >> 4);
++ *(t++) = hexchar(c);
++ return t;
++}
++
++static char *do_escape(const char *f, char *t) {
+ assert(f);
+ assert(t);
+
++ /* do not create units with a leading '.', like for "/.dotdir" mount points */
++ if (*f == '.') {
++ t = do_escape_char(*f, t);
++ f++;
++ }
++
+ for (; *f; f++) {
+ if (*f == '/')
+ *(t++) = '-';
+- else if (*f == '-' || *f == '\\' || !strchr(VALID_CHARS, *f)) {
+- *(t++) = '\\';
+- *(t++) = 'x';
+- *(t++) = hexchar(*f >> 4);
+- *(t++) = hexchar(*f);
+- } else
++ else if (*f == '-' || *f == '\\' || !strchr(VALID_CHARS, *f))
++ t = do_escape_char(*f, t);
++ else
+ *(t++) = *f;
+ }
+
+@@ -209,8 +220,8 @@ char *unit_name_build_escape(const char *prefix, const char *instance, const cha
+ * suffix and makes a nice string suitable as unit name of it,
+ * escaping all weird chars on the way.
+ *
+- * / becomes ., and all chars not allowed in a unit name get
+- * escaped as \xFF, including \ and ., of course. This
++ * / becomes -, and all chars not allowed in a unit name get
++ * escaped as \xFF, including \ and -, of course. This
+ * escaping is hence reversible.
+ *
+ * This is primarily useful to make nice unit names from
diff --git a/0395-remove-support-for-deprecated-proc-self-oom_adj.patch b/0395-remove-support-for-deprecated-proc-self-oom_adj.patch
new file mode 100644
index 0000000..1fdbb21
--- /dev/null
+++ b/0395-remove-support-for-deprecated-proc-self-oom_adj.patch
@@ -0,0 +1,61 @@
+From b6570de4b8a1195a3f1e5a412909f9c3e454d250 Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Mon, 4 Jun 2012 16:41:10 +0200
+Subject: [PATCH] remove support for deprecated /proc/self/oom_adj (cherry
+ picked from commit
+ 8600c525cb1420570e7670c963abd19c5696b683)
+
+---
+ src/core/dbus-execute.c | 8 --------
+ src/core/execute.c | 19 +++----------------
+ 2 files changed, 3 insertions(+), 24 deletions(-)
+
+diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
+index 1812e61..49040d9 100644
+--- a/src/core/dbus-execute.c
++++ b/src/core/dbus-execute.c
+@@ -83,14 +83,6 @@ int bus_execute_append_oom_score_adjust(DBusMessageIter *i, const char *property
+ if (read_one_line_file("/proc/self/oom_score_adj", &t) >= 0) {
+ safe_atoi(t, &n);
+ free(t);
+- } else if (read_one_line_file("/proc/self/oom_adj", &t) >= 0) {
+- safe_atoi(t, &n);
+- free(t);
+-
+- if (n == OOM_ADJUST_MAX)
+- n = OOM_SCORE_ADJ_MAX;
+- else
+- n = (n * OOM_SCORE_ADJ_MAX) / -OOM_DISABLE;
+ }
+ }
+
+diff --git a/src/core/execute.c b/src/core/execute.c
+index 688ec4b..a5e857d 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -1129,22 +1129,9 @@ int exec_spawn(ExecCommand *command,
+ char_array_0(t);
+
+ if (write_one_line_file("/proc/self/oom_score_adj", t) < 0) {
+- /* Compatibility with Linux <= 2.6.35 */
+-
+- int adj;
+-
+- adj = (context->oom_score_adjust * -OOM_DISABLE) / OOM_SCORE_ADJ_MAX;
+- adj = CLAMP(adj, OOM_DISABLE, OOM_ADJUST_MAX);
+-
+- snprintf(t, sizeof(t), "%i", adj);
+- char_array_0(t);
+-
+- if (write_one_line_file("/proc/self/oom_adj", t) < 0
+- && errno != EACCES) {
+- err = -errno;
+- r = EXIT_OOM_ADJUST;
+- goto fail_child;
+- }
++ err = -errno;
++ r = EXIT_OOM_ADJUST;
++ goto fail_child;
+ }
+ }
+
diff --git a/0396-systemctl-rename-man-to-help.patch b/0396-systemctl-rename-man-to-help.patch
new file mode 100644
index 0000000..70199a0
--- /dev/null
+++ b/0396-systemctl-rename-man-to-help.patch
@@ -0,0 +1,80 @@
+From e223b6b8295b30a0c04216ae35111b3062097add Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Mon, 4 Jun 2012 19:48:32 +0200
+Subject: [PATCH] systemctl: rename "man" to "help" (cherry picked from commit
+ b43f208f78666fd27e274daa946ae57becd59dd6)
+
+---
+ man/systemctl.xml | 2 +-
+ src/systemctl/systemctl.c | 17 +++++++++--------
+ 2 files changed, 10 insertions(+), 9 deletions(-)
+
+diff --git a/man/systemctl.xml b/man/systemctl.xml
+index 425bfd5..4bc16c4 100644
+--- a/man/systemctl.xml
++++ b/man/systemctl.xml
+@@ -634,7 +634,7 @@
+ output.</para></listitem>
+ </varlistentry>
+ <varlistentry>
+- <term><command>man [NAME...|PID...]</command></term>
++ <term><command>help [NAME...|PID...]</command></term>
+
+ <listitem><para>Show manual pages for
+ one or more units, if available. If a
+diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
+index 377a878..ed3dbab 100644
+--- a/src/systemctl/systemctl.c
++++ b/src/systemctl/systemctl.c
+@@ -2449,7 +2449,7 @@ static void print_status_info(UnitStatusInfo *i) {
+ arg_scope == UNIT_FILE_SYSTEM ? "--system" : "--user");
+ }
+
+-static void man_status_info(UnitStatusInfo *i) {
++static void show_unit_help(UnitStatusInfo *i) {
+ char **p;
+
+ assert(i);
+@@ -3015,8 +3015,8 @@ static int show_one(const char *verb, DBusConnection *bus, const char *path, boo
+ r = 0;
+
+ if (!show_properties) {
+- if (streq(verb, "man"))
+- man_status_info(&info);
++ if (streq(verb, "help"))
++ show_unit_help(&info);
+ else
+ print_status_info(&info);
+ }
+@@ -4280,7 +4280,7 @@ static int systemctl_help(void) {
+ " status [NAME...|PID...] Show runtime status of one or more units\n"
+ " show [NAME...|JOB...] Show properties of one or more\n"
+ " units/jobs or the manager\n"
+- " man [NAME...|PID...] Show manual for one or more units\n"
++ " help [NAME...|PID...] Show manual for one or more units\n"
+ " reset-failed [NAME...] Reset failed state for all, one, or more\n"
+ " units\n"
+ " load [NAME...] Load one or more units\n\n"
+@@ -5244,7 +5244,7 @@ static int systemctl_main(DBusConnection *bus, int argc, char *argv[], DBusError
+ { "check", MORE, 2, check_unit },
+ { "show", MORE, 1, show },
+ { "status", MORE, 2, show },
+- { "man", MORE, 2, show },
++ { "help", MORE, 2, show },
+ { "dump", EQUAL, 1, dump },
+ { "dot", EQUAL, 1, dot },
+ { "snapshot", LESS, 2, snapshot },
+@@ -5289,9 +5289,10 @@ static int systemctl_main(DBusConnection *bus, int argc, char *argv[], DBusError
+ /* Special rule: no arguments means "list-units" */
+ i = 0;
+ else {
+- if (streq(argv[optind], "help")) {
+- systemctl_help();
+- return 0;
++ if (streq(argv[optind], "help") && !argv[optind+1]) {
++ log_error("This command expects one or more "
++ "unit names. Did you mean --help?");
++ return -EINVAL;
+ }
+
+ for (i = 0; i < ELEMENTSOF(verbs); i++)
diff --git a/0397-silence-gcc-warning-on-32-bit.patch b/0397-silence-gcc-warning-on-32-bit.patch
new file mode 100644
index 0000000..d919ec5
--- /dev/null
+++ b/0397-silence-gcc-warning-on-32-bit.patch
@@ -0,0 +1,23 @@
+From 406e1359b492c50cab48da841593decf50c9cb9b Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Mon, 4 Jun 2012 22:27:39 +0200
+Subject: [PATCH] silence gcc warning on 32 bit (cherry picked from commit
+ f96096dbbf0cc7335babf0386b8888431cd70728)
+
+---
+ src/core/execute.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/core/execute.c b/src/core/execute.c
+index a5e857d..8f2d646 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -1728,7 +1728,7 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
+ }
+
+ if (c->timer_slack_nsec != (nsec_t) -1)
+- fprintf(f, "%sTimerSlackNSec: %lu\n", prefix, c->timer_slack_nsec);
++ fprintf(f, "%sTimerSlackNSec: %lu\n", prefix, (unsigned long)c->timer_slack_nsec);
+
+ fprintf(f,
+ "%sStandardInput: %s\n"
diff --git a/0398-readahead-Add-tool-to-analyze-the-contents-of-the-pa.patch b/0398-readahead-Add-tool-to-analyze-the-contents-of-the-pa.patch
new file mode 100644
index 0000000..d6249d2
--- /dev/null
+++ b/0398-readahead-Add-tool-to-analyze-the-contents-of-the-pa.patch
@@ -0,0 +1,252 @@
+From 86b3f6ff003335d7bc939ca68c11d996654c7f02 Mon Sep 17 00:00:00 2001
+From: Auke Kok <auke-jan.h.kok at intel.com>
+Date: Tue, 5 Jun 2012 13:32:20 -0700
+Subject: [PATCH] readahead: Add tool to analyze the contents of the pack
+ file. v3.
+
+This patch adds code to compile 'systemd-readahead-analyze' and install
+it into $bindir.
+
+Use this program to parse the contents of the readahead pack file, or
+an arbitrary pack file and display which files are listed in it, and
+how much of the files are requested to be readahead.
+
+This code is not new - it's partially taken from sreadahead (formerly
+maintained by Arjan van der Ven and me, and was originally written
+by me), and adapted with the right bits to parse the systemd
+readahead pack files, which are slightly different in format.
+
+v2 adds a common READAHEAD_PACK_FILE_VERSION used in all the code
+to provide a quick way to assure all these programs are always
+synchronized. v3 fixes the integer math.
+(cherry picked from commit cae544bcdb073134bcaa2031aeb1f1705030046e)
+---
+ Makefile.am | 10 ++-
+ src/readahead/readahead-analyze.c | 141 +++++++++++++++++++++++++++++++++++++
+ src/readahead/readahead-collect.c | 2 +-
+ src/readahead/readahead-common.h | 2 +
+ src/readahead/readahead-replay.c | 2 +-
+ 5 files changed, 154 insertions(+), 3 deletions(-)
+ create mode 100644 src/readahead/readahead-analyze.c
+
+diff --git a/Makefile.am b/Makefile.am
+index cb6d77d..05e420c 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -1765,7 +1765,8 @@ systemd_readahead_collect_CFLAGS = \
+
+ systemd_readahead_replay_SOURCES = \
+ src/readahead/readahead-replay.c \
+- src/readahead/readahead-common.c
++ src/readahead/readahead-common.c \
++ src/readahead/readahead-common.h
+
+ systemd_readahead_replay_CFLAGS = \
+ $(AM_CFLAGS) \
+@@ -1776,6 +1777,10 @@ systemd_readahead_replay_LDADD = \
+ libsystemd-daemon.la \
+ $(UDEV_LIBS)
+
++systemd_readahead_analyze_SOURCES = \
++ src/readahead/readahead-analyze.c \
++ src/readahead/readahead-common.h
++
+ pkginclude_HEADERS += \
+ src/systemd/sd-readahead.h
+
+@@ -1783,6 +1788,9 @@ rootlibexec_PROGRAMS += \
+ systemd-readahead-collect \
+ systemd-readahead-replay
+
++bin_PROGRAMS += \
++ systemd-readahead-analyze
++
+ dist_systemunit_DATA += \
+ units/systemd-readahead-done.timer
+
+diff --git a/src/readahead/readahead-analyze.c b/src/readahead/readahead-analyze.c
+new file mode 100644
+index 0000000..6ee3551
+--- /dev/null
++++ b/src/readahead/readahead-analyze.c
+@@ -0,0 +1,141 @@
++/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
++
++/***
++ This file is part of systemd.
++
++ Copyright 2012 Auke Kok <auke-jan.h.kok at intel.com>
++
++ systemd is free software; you can redistribute it and/or modify it
++ under the terms of the GNU Lesser General Public License as published by
++ the Free Software Foundation; either version 2.1 of the License, or
++ (at your option) any later version.
++
++ systemd is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public License
++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
++***/
++
++
++#include <stdio.h>
++#include <stdlib.h>
++#include <stdbool.h>
++#include <unistd.h>
++#include <inttypes.h>
++#include <linux/limits.h>
++#include <sys/types.h>
++#include <sys/stat.h>
++#include <string.h>
++
++#include "readahead-common.h"
++
++
++int main(int argc, char *argv[])
++{
++ char line[1024];
++ char path[PATH_MAX];
++ FILE *pack;
++ int a;
++ int missing = 0;
++ off_t size;
++ long tsize = 0;
++ uint64_t inode;
++ uint32_t b;
++ uint32_t c;
++ struct stat st;
++ int pagesize = getpagesize();
++
++ if (argc != 2)
++ snprintf(path, PATH_MAX, "/.readahead");
++ else
++ snprintf(path, PATH_MAX, "%s", argv[1]);
++
++ pack = fopen(path, "r");
++ if (!pack) {
++ fprintf(stderr, "Pack file missing\n");
++ exit(EXIT_FAILURE);
++ }
++
++ if (!(fgets(line, sizeof(line), pack))) {
++ fprintf(stderr, "Pack file corrupt\n");
++ exit(EXIT_FAILURE);
++ }
++
++ if (!strstr(line, READAHEAD_PACK_FILE_VERSION)) {
++ fprintf(stderr, "Pack file version incompatible with this parser\n");
++ exit(EXIT_FAILURE);
++ }
++
++ if ((a = getc(pack)) == EOF) {
++ fprintf(stderr, "Pack file corrupt\n");
++ exit(EXIT_FAILURE);
++ }
++
++ fprintf(stdout, " pct sections size: path\n");
++ fprintf(stdout, " === ======== ====: ====\n");
++
++ while(true) {
++ int pages = 0;
++ int sections = 0;
++
++ if (!fgets(path, sizeof(path), pack))
++ break; /* done */
++
++ path[strlen(path)-1] = 0;
++
++ if (fread(&inode, sizeof(inode), 1, pack) != 1) {
++ fprintf(stderr, "Pack file corrupt\n");
++ exit(EXIT_FAILURE);
++ }
++
++ while (true) {
++ if (fread(&b, sizeof(b), 1, pack) != 1 ||
++ fread(&c, sizeof(c), 1, pack) != 1) {
++ fprintf(stderr, "Pack file corrupt\n");
++ exit(EXIT_FAILURE);
++ }
++ if ((b == 0) && (c == 0))
++ break;
++
++ /* Uncomment this to get all the chunks separately
++ fprintf(stdout, " %d: %d %d\n", sections, b, c);
++ */
++
++ pages += (c - b);
++ sections++;
++ }
++
++ if (stat(path, &st) == 0) {
++ if (sections == 0)
++ size = st.st_size;
++ else
++ size = pages * pagesize;
++
++ tsize += size;
++
++ fprintf(stdout, " %4d%% (%2d) %12ld: %s\n",
++ sections ? (int)(size / st.st_size * 100.0) : 100,
++ sections ? sections : 1,
++ (unsigned long)size,
++ path);
++ } else {
++ fprintf(stdout, " %4dp (%2d) %12s: %s (MISSING)\n",
++ sections ? pages : -1,
++ sections ? sections : 1,
++ "???",
++ path);
++ missing++;
++ }
++
++ }
++
++ fprintf(stdout, "\nHOST: %s", line);
++ fprintf(stdout, "TYPE: %c\n", a);
++ fprintf(stdout, "MISSING: %d\n", missing);
++ fprintf(stdout, "TOTAL: %ld\n", tsize);
++
++ exit(EXIT_SUCCESS);
++}
+diff --git a/src/readahead/readahead-collect.c b/src/readahead/readahead-collect.c
+index 46e5e2c..b8825a6 100644
+--- a/src/readahead/readahead-collect.c
++++ b/src/readahead/readahead-collect.c
+@@ -493,7 +493,7 @@ done:
+ goto finish;
+ }
+
+- fputs(CANONICAL_HOST ";VERSION=2\n", pack);
++ fputs(CANONICAL_HOST READAHEAD_PACK_FILE_VERSION, pack);
+ putc(on_ssd ? 'S' : 'R', pack);
+
+ if (on_ssd || on_btrfs) {
+diff --git a/src/readahead/readahead-common.h b/src/readahead/readahead-common.h
+index f0e12e3..1f7f331 100644
+--- a/src/readahead/readahead-common.h
++++ b/src/readahead/readahead-common.h
+@@ -29,6 +29,8 @@
+
+ #define READAHEAD_FILE_SIZE_MAX (10*1024*1024)
+
++#define READAHEAD_PACK_FILE_VERSION ";VERSION=2\n"
++
+ int file_verify(int fd, const char *fn, off_t file_size_max, struct stat *st);
+
+ int fs_on_ssd(const char *p);
+diff --git a/src/readahead/readahead-replay.c b/src/readahead/readahead-replay.c
+index 2b30549..4b36b98 100644
+--- a/src/readahead/readahead-replay.c
++++ b/src/readahead/readahead-replay.c
+@@ -183,7 +183,7 @@ static int replay(const char *root) {
+
+ char_array_0(line);
+
+- if (!streq(line, CANONICAL_HOST ";VERSION=2\n")) {
++ if (!streq(line, CANONICAL_HOST READAHEAD_PACK_FILE_VERSION)) {
+ log_debug("Pack file host or version type mismatch.");
+ goto finish;
+ }
diff --git a/0399-Revert-F17-units-do-not-use-Type-idle-yet.patch b/0399-Revert-F17-units-do-not-use-Type-idle-yet.patch
new file mode 100644
index 0000000..6c53bd6
--- /dev/null
+++ b/0399-Revert-F17-units-do-not-use-Type-idle-yet.patch
@@ -0,0 +1,90 @@
+From db3c3d82184ef2819c3317e1f8d55a652966783b Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt at redhat.com>
+Date: Wed, 13 Jun 2012 00:00:52 +0200
+Subject: [PATCH] Revert "F17: units: do not use Type=idle yet"
+
+This reverts commit 0b4dd49539db110d27e327a5a34b739d634f7341.
+
+Now that Type=idle bugs have been fixed and it uses acceptable timeouts,
+we can enable it in F17.
+---
+ units/console-getty.service.m4.in | 1 +
+ units/console-shell.service.m4.in | 1 +
+ units/emergency.service.in | 1 +
+ units/getty at .service.m4 | 1 +
+ units/rescue.service.m4.in | 1 +
+ units/serial-getty at .service.m4 | 1 +
+ 6 files changed, 6 insertions(+)
+
+diff --git a/units/console-getty.service.m4.in b/units/console-getty.service.m4.in
+index cc8c364..9d80d4b 100644
+--- a/units/console-getty.service.m4.in
++++ b/units/console-getty.service.m4.in
+@@ -31,6 +31,7 @@ Before=getty.target
+
+ [Service]
+ ExecStart=-/sbin/agetty --noclear -s console 115200,38400,9600
++Type=idle
+ Restart=always
+ RestartSec=0
+ UtmpIdentifier=cons
+diff --git a/units/console-shell.service.m4.in b/units/console-shell.service.m4.in
+index b0ced10..90c7c78 100644
+--- a/units/console-shell.service.m4.in
++++ b/units/console-shell.service.m4.in
+@@ -33,6 +33,7 @@ Environment=HOME=/root
+ WorkingDirectory=/root
+ ExecStart=-/sbin/sulogin
+ ExecStopPost=- at SYSTEMCTL@ poweroff
++Type=idle
+ StandardInput=tty-force
+ StandardOutput=inherit
+ StandardError=inherit
+diff --git a/units/emergency.service.in b/units/emergency.service.in
+index a1fc2ea..c76a738 100644
+--- a/units/emergency.service.in
++++ b/units/emergency.service.in
+@@ -18,6 +18,7 @@ ExecStartPre=-/bin/plymouth quit
+ ExecStartPre=-/bin/echo 'Welcome to emergency mode. Use "systemctl default" or ^D to enter default mode.'
+ ExecStart=-/sbin/sulogin
+ ExecStopPost=@SYSTEMCTL@ --fail --no-block default
++Type=idle
+ StandardInput=tty-force
+ StandardOutput=inherit
+ StandardError=inherit
+diff --git a/units/getty at .service.m4 b/units/getty at .service.m4
+index f57ba99..7022743 100644
+--- a/units/getty at .service.m4
++++ b/units/getty at .service.m4
+@@ -42,6 +42,7 @@ ConditionPathExists=/dev/tty0
+ [Service]
+ Environment=TERM=linux
+ ExecStart=-/sbin/agetty %I 38400
++Type=idle
+ Restart=always
+ RestartSec=0
+ UtmpIdentifier=%I
+diff --git a/units/rescue.service.m4.in b/units/rescue.service.m4.in
+index 76f8946..6b601b9 100644
+--- a/units/rescue.service.m4.in
++++ b/units/rescue.service.m4.in
+@@ -31,6 +31,7 @@ m4_ifdef(`TARGET_MEEGO',
+ ExecStart=-/bin/bash -c "exec ${SINGLE}"',
+ `ExecStart=-/sbin/sulogin'))))
+ ExecStopPost=- at SYSTEMCTL@ --fail --no-block default
++Type=idle
+ StandardInput=tty-force
+ StandardOutput=inherit
+ StandardError=inherit
+diff --git a/units/serial-getty at .service.m4 b/units/serial-getty at .service.m4
+index 66dfeed..6f6a99f 100644
+--- a/units/serial-getty at .service.m4
++++ b/units/serial-getty at .service.m4
+@@ -38,6 +38,7 @@ IgnoreOnIsolate=yes
+ [Service]
+ Environment=TERM=vt102
+ ExecStart=-/sbin/agetty -s %I 115200,38400,9600
++Type=idle
+ Restart=always
+ RestartSec=0
+ UtmpIdentifier=%I
diff --git a/0400-units-avoid-redundant-VT-clearing-by-agetty.patch b/0400-units-avoid-redundant-VT-clearing-by-agetty.patch
new file mode 100644
index 0000000..c874892
--- /dev/null
+++ b/0400-units-avoid-redundant-VT-clearing-by-agetty.patch
@@ -0,0 +1,30 @@
+From 1065f2a05f99a7287408a88a4b33bc8003eb7c88 Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt at redhat.com>
+Date: Wed, 6 Jun 2012 11:26:30 +0200
+Subject: [PATCH] units: avoid redundant VT clearing by agetty
+
+TTYVTDisallocate=yes already clears the VT. agetty does not need to do
+it again. Run it with --noclear.
+
+Felix Miata found the double clearing confusing in this bugreport:
+https://bugzilla.redhat.com/show_bug.cgi?id=828007
+Add a comment explaining what clears the VT.
+(cherry picked from commit 3305d6806d428010b1cd2abd716aa1bb7f81311f)
+---
+ units/getty at .service.m4 | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/units/getty at .service.m4 b/units/getty at .service.m4
+index 7022743..fec101f 100644
+--- a/units/getty at .service.m4
++++ b/units/getty at .service.m4
+@@ -41,7 +41,8 @@ ConditionPathExists=/dev/tty0
+
+ [Service]
+ Environment=TERM=linux
+-ExecStart=-/sbin/agetty %I 38400
++# the VT is cleared by TTYVTDisallocate
++ExecStart=-/sbin/agetty --noclear %I 38400
+ Type=idle
+ Restart=always
+ RestartSec=0
diff --git a/0401-units-add-systemd-debug-shell.service.patch b/0401-units-add-systemd-debug-shell.service.patch
new file mode 100644
index 0000000..c7799e5
--- /dev/null
+++ b/0401-units-add-systemd-debug-shell.service.patch
@@ -0,0 +1,100 @@
+From 1d69d8d6f1459f23977a8eefb32176d6b09491fa Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt at redhat.com>
+Date: Thu, 7 Jun 2012 16:03:33 +0200
+Subject: [PATCH] units: add systemd-debug-shell.service
+
+If enabled, the service provides a root shell from an early boot. It also
+remains active late into shutdown. It is useful for debugging startup and
+shutdown problems.
+
+This is the unit referenced in
+http://freedesktop.org/wiki/Software/systemd/Debugging#early_debug_shell
+(cherry picked from commit ed061a8dc2acd93c2eb569d2d983d5a77f7e5b77)
+
+Conflicts:
+ Makefile.am
+---
+ Makefile.am | 5 ++++-
+ configure.ac | 6 ++++++
+ units/systemd-debug-shell.service.in | 25 +++++++++++++++++++++++++
+ 3 files changed, 35 insertions(+), 1 deletion(-)
+ create mode 100644 units/systemd-debug-shell.service.in
+
+diff --git a/Makefile.am b/Makefile.am
+index 05e420c..8e387a1 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -320,7 +320,8 @@ nodist_systemunit_DATA = \
+ units/fsck-root.service \
+ units/rescue.service \
+ units/suspend.service \
+- units/user at .service
++ units/user at .service \
++ units/systemd-debug-shell.service
+
+ dist_userunit_DATA = \
+ units/user/default.target \
+@@ -355,6 +356,7 @@ EXTRA_DIST += \
+ units/fsck at .service.in \
+ units/fsck-root.service.in \
+ units/user at .service.in \
++ units/systemd-debug-shell.service.in \
+ units/hibernate.service.in \
+ units/suspend.service.in \
+ introspect.awk \
+@@ -2415,6 +2417,7 @@ SED_PROCESS = \
+ -e 's, at exec_prefix\@,$(exec_prefix),g' \
+ -e 's, at libdir\@,$(libdir),g' \
+ -e 's, at includedir\@,$(includedir),g' \
++ -e 's, at sushell\@,$(sushell),g' \
+ < $< > $@ || rm $@
+
+ units/%: units/%.in Makefile
+diff --git a/configure.ac b/configure.ac
+index 8aa6e93..6e13583 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -161,6 +161,12 @@ if test "x$enable_selinux" != "xno"; then
+ fi
+ fi
+ AM_CONDITIONAL(HAVE_SELINUX, [test "$have_selinux" = "yes"])
++if test "x${have_selinux}" != xno ; then
++ sushell=/sbin/sushell
++else
++ sushell=/bin/bash
++fi
++AC_SUBST(sushell)
+
+ have_xz=no
+ AC_ARG_ENABLE(xz, AS_HELP_STRING([--disable-xz], [Disable optional XZ support]))
+diff --git a/units/systemd-debug-shell.service.in b/units/systemd-debug-shell.service.in
+new file mode 100644
+index 0000000..70c01c2
+--- /dev/null
++++ b/units/systemd-debug-shell.service.in
+@@ -0,0 +1,25 @@
++[Unit]
++Description=Early root shell on tty9 FOR DEBUGGING ONLY
++DefaultDependencies=no
++IgnoreOnIsolate=yes
++
++[Service]
++Environment=TERM=linux
++ExecStart=@sushell@
++Restart=always
++RestartSec=0
++StandardInput=tty
++TTYPath=/dev/tty9
++TTYReset=yes
++TTYVHangup=yes
++KillMode=process
++IgnoreSIGPIPE=no
++# bash ignores SIGTERM
++KillSignal=SIGHUP
++
++# Unset locale for the console getty since the console has problems
++# displaying some internationalized messages.
++Environment=LANG= LANGUAGE= LC_CTYPE= LC_NUMERIC= LC_TIME= LC_COLLATE= LC_MONETARY= LC_MESSAGES= LC_PAPER= LC_NAME= LC_ADDRESS= LC_TELEPHONE= LC_MEASUREMENT= LC_IDENTIFICATION=
++
++[Install]
++WantedBy=sysinit.target
diff --git a/0402-systemd-debug-shell-add-to-POTFILES.skip.patch b/0402-systemd-debug-shell-add-to-POTFILES.skip.patch
new file mode 100644
index 0000000..c51d062
--- /dev/null
+++ b/0402-systemd-debug-shell-add-to-POTFILES.skip.patch
@@ -0,0 +1,21 @@
+From 0441a435c7329143fd6b81dfa02cfcfb31194d66 Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Thu, 7 Jun 2012 19:34:13 +0200
+Subject: [PATCH] systemd-debug-shell: add to POTFILES.skip (cherry picked
+ from commit 7a5498fe926eb41520c3e4b0e97ff8359ae37e9e)
+
+Conflicts:
+ units/.gitignore
+---
+ po/POTFILES.skip | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/po/POTFILES.skip b/po/POTFILES.skip
+index 5dc4a51..40584d4 100644
+--- a/po/POTFILES.skip
++++ b/po/POTFILES.skip
+@@ -17,3 +17,4 @@ src/core/org.freedesktop.systemd1.policy.in.in
+ src/timedate/timedated.c
+ units/systemd-readahead-done.service.in
+ units/user at .service.in
++units/systemd-debug-shell.service.in
diff --git a/0403-man-systemd-tmpfiles-document-proper-config-file-sta.patch b/0403-man-systemd-tmpfiles-document-proper-config-file-sta.patch
new file mode 100644
index 0000000..505730a
--- /dev/null
+++ b/0403-man-systemd-tmpfiles-document-proper-config-file-sta.patch
@@ -0,0 +1,111 @@
+From cdbf5606c3e8ab73c4ecc125feed473aad0df18c Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Sun, 10 Jun 2012 18:26:11 +0200
+Subject: [PATCH] man: systemd-tmpfiles - document proper config-file-stack
+ order (cherry picked from commit
+ 6110885c2c4b7c576ac5819af5416ec54200d8e3)
+
+---
+ man/sysctl.d.xml | 2 +-
+ man/systemd-tmpfiles.xml | 17 ++++++++---------
+ man/tmpfiles.d.xml | 36 +++++++++++++++++++++---------------
+ 3 files changed, 30 insertions(+), 25 deletions(-)
+
+diff --git a/man/sysctl.d.xml b/man/sysctl.d.xml
+index f6dd52f..9423971 100644
+--- a/man/sysctl.d.xml
++++ b/man/sysctl.d.xml
+@@ -81,7 +81,7 @@
+ Files in <filename>/etc/</filename> override files
+ with the same name in <filename>/usr/lib/</filename>
+ and <filename>/run/</filename>. Files in
+- <filename>/run</filename> override files with the same
++ <filename>/run/</filename> override files with the same
+ name in <filename>/usr/lib/</filename>. Packages
+ should install their configuration files in
+ <filename>/usr/lib/</filename>. Files in
+diff --git a/man/systemd-tmpfiles.xml b/man/systemd-tmpfiles.xml
+index bbb80b2..218840e 100644
+--- a/man/systemd-tmpfiles.xml
++++ b/man/systemd-tmpfiles.xml
+@@ -59,14 +59,14 @@
+
+ <para><command>systemd-tmpfiles</command> creates,
+ deletes and cleans up volatile and temporary files and
+- directories, based on the configuration from
+- <filename>/etc/tmpfiles.d/</filename>. See
+- <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+- for more details on these files.</para>
+-
+- <para>If invoked with no arguments applies all
+- directives from all configuration files in
+- <filename>/etc/tmpfiles.d/*.conf</filename>. If one or
++ directories, based on the configuration file format and
++ location specified in <citerefentry>
++ <refentrytitle>tmpfiles.d</refentrytitle>
++ <manvolnum>5</manvolnum>
++ </citerefentry>.</para>
++
++ <para>If invoked with no arguments, it applies all
++ directives from all configuration files. If one or
+ more absolute file names are passed on the command
+ line only the directives in these files are
+ applied.</para>
+@@ -145,7 +145,6 @@
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>tmpwatch</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+
+diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml
+index f70bf0e..0cf15ed 100644
+--- a/man/tmpfiles.d.xml
++++ b/man/tmpfiles.d.xml
+@@ -66,24 +66,30 @@
+ <refsect1>
+ <title>Configuration Format</title>
+
+- <para>Each configuration file is named in the style of
+- <filename><program>.conf</filename>. Files in
+- <filename>/etc/</filename> override files with the
+- same name in <filename>/usr/lib/</filename>. Files in
+- <filename>/run</filename> override files with the same
+- name in <filename>/etc/</filename> and
+- <filename>/usr/lib/</filename>. Packages should
+- install their configuration files in
+- <filename>/usr/lib/</filename>, files in
++ <para>Each configuration file shall be named in the
++ style of <filename><program>.conf</filename>.
++ Files in <filename>/etc/</filename> override files
++ with the same name in <filename>/usr/lib/</filename>
++ and <filename>/run/</filename>. Files in
++ <filename>/run/</filename> override files with the same
++ name in <filename>/usr/lib/</filename>. Packages
++ should install their configuration files in
++ <filename>/usr/lib/</filename>. Files in
+ <filename>/etc/</filename> are reserved for the local
+- administrator, who may choose to override the
+- configurations installed from packages. The list of
++ administrator, who may use this logic to override the
++ configuration files installed by vendor packages. All
+ configuration files are sorted by their filename in
+ alphabetical order, regardless in which of the
+- directories they reside, to guarantee that a
+- configuration file takes precedence over another
+- configuration file with an alphabetically later
+- name.</para>
++ directories they reside, to guarantee that a specific
++ configuration file takes precedence over another file
++ with an alphabetically later name</para>
++
++ <para>If the administrator wants to disable a
++ configuration file supplied by the vendor the
++ recommended way is to place a symlink to
++ <filename>/dev/null</filename> in
++ <filename>/etc/tmpfiles.d/</filename> bearing the
++ same file name.</para>
+
+ <para>The configuration format is one line per path
+ containing action, path, mode, ownership, age and argument
diff --git a/0404-man-replace-tabs-with-spaces.patch b/0404-man-replace-tabs-with-spaces.patch
new file mode 100644
index 0000000..2167ff6
--- /dev/null
+++ b/0404-man-replace-tabs-with-spaces.patch
@@ -0,0 +1,342 @@
+From 6ce94dc4d58a50327d8ee863c0a20c0047bfeb9b Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Sun, 10 Jun 2012 18:32:11 +0200
+Subject: [PATCH] man: replace tabs with spaces (cherry picked from commit
+ 0e25e94ea72ca3db70484014280ddb709840f952)
+
+---
+ man/binfmt.d.xml | 12 ++++++------
+ man/journalctl.xml | 6 +++---
+ man/loginctl.xml | 6 +++---
+ man/modules-load.d.xml | 32 ++++++++++++++++----------------
+ man/sysctl.d.xml | 22 +++++++++++-----------
+ man/systemctl.xml | 12 ++++++------
+ man/systemd-binfmt.service.xml | 6 +++---
+ man/systemd-cgls.xml | 14 +++++++-------
+ man/systemd-delta.xml | 6 +++---
+ man/systemd-modules-load.service.xml | 6 +++---
+ man/systemd-sysctl.service.xml | 10 +++++-----
+ man/tmpfiles.d.xml | 20 ++++++++++----------
+ 12 files changed, 76 insertions(+), 76 deletions(-)
+
+diff --git a/man/binfmt.d.xml b/man/binfmt.d.xml
+index fedde88..6fc4a4d 100644
+--- a/man/binfmt.d.xml
++++ b/man/binfmt.d.xml
+@@ -55,15 +55,15 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para>At boot,
+- <citerefentry><refentrytitle>systemd-binfmt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+- reads configuration files from the above directories
+- to register in the kernel additional binary
+- formats for executables.</para>
++ <para>At boot,
++ <citerefentry><refentrytitle>systemd-binfmt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ reads configuration files from the above directories
++ to register in the kernel additional binary
++ formats for executables.</para>
+ </refsect1>
+
+ <refsect1>
+- <title>Configuration Format</title>
++ <title>Configuration Format</title>
+
+ <para>Each file contains a list of binfmt_misc kernel
+ binary format rules. Consult <ulink
+diff --git a/man/journalctl.xml b/man/journalctl.xml
+index 5594672..9ad8ae1 100644
+--- a/man/journalctl.xml
++++ b/man/journalctl.xml
+@@ -110,9 +110,9 @@
+ <varlistentry>
+ <term><option>--no-pager</option></term>
+
+- <listitem><para>Do not pipe output into a
+- pager.</para></listitem>
+- </varlistentry>
++ <listitem><para>Do not pipe output into a
++ pager.</para></listitem>
++ </varlistentry>
+
+ <varlistentry>
+ <term><option>--all</option></term>
+diff --git a/man/loginctl.xml b/man/loginctl.xml
+index e0ab344..c8191bb 100644
+--- a/man/loginctl.xml
++++ b/man/loginctl.xml
+@@ -115,9 +115,9 @@
+ <varlistentry>
+ <term><option>--no-pager</option></term>
+
+- <listitem><para>Do not pipe output into a
+- pager.</para></listitem>
+- </varlistentry>
++ <listitem><para>Do not pipe output into a
++ pager.</para></listitem>
++ </varlistentry>
+
+ <varlistentry>
+ <term><option>--no-ask-password</option></term>
+diff --git a/man/modules-load.d.xml b/man/modules-load.d.xml
+index 9ae5020..5889b83 100644
+--- a/man/modules-load.d.xml
++++ b/man/modules-load.d.xml
+@@ -54,26 +54,26 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para><citerefentry><refentrytitle>systemd-modules-load.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+- reads files from the above directories which contain
+- kernel modules to load during boot in a static list.
+- Each configuration file is named in the style of
+- <filename>/etc/modules-load.d/<program>.conf</filename>. Note
+- that it is usually a better idea to rely on the
+- automatic module loading by PCI IDs, USB IDs, DMI IDs
+- or similar triggers encoded in the kernel modules
+- themselves instead of static configuration like
+- this. In fact, most modern kernel modules are prepared
+- for automatic loading already.</para>
++ <para><citerefentry><refentrytitle>systemd-modules-load.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ reads files from the above directories which contain
++ kernel modules to load during boot in a static list.
++ Each configuration file is named in the style of
++ <filename>/etc/modules-load.d/<program>.conf</filename>. Note
++ that it is usually a better idea to rely on the
++ automatic module loading by PCI IDs, USB IDs, DMI IDs
++ or similar triggers encoded in the kernel modules
++ themselves instead of static configuration like
++ this. In fact, most modern kernel modules are prepared
++ for automatic loading already.</para>
+ </refsect1>
+
+ <refsect1>
+- <title>Configuration Format</title>
++ <title>Configuration Format</title>
+
+- <para>The configuration files should simply contain a
+- list of kernel module names to load, separated by
+- newlines. Empty lines and lines whose first
+- non-whitespace character is # or ; are ignored.</para>
++ <para>The configuration files should simply contain a
++ list of kernel module names to load, separated by
++ newlines. Empty lines and lines whose first
++ non-whitespace character is # or ; are ignored.</para>
+
+ <para>Each configuration file shall be named in the
+ style of <filename><program>.conf</filename>.
+diff --git a/man/sysctl.d.xml b/man/sysctl.d.xml
+index 9423971..55de921 100644
+--- a/man/sysctl.d.xml
++++ b/man/sysctl.d.xml
+@@ -54,21 +54,21 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para>At boot,
+- <citerefentry><refentrytitle>systemd-binfmt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+- reads configuration files from the above directories
+- to configure
+- <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+- kernel parameters.</para>
++ <para>At boot,
++ <citerefentry><refentrytitle>systemd-binfmt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ reads configuration files from the above directories
++ to configure
++ <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ kernel parameters.</para>
+ </refsect1>
+
+ <refsect1>
+- <title>Configuration Format</title>
++ <title>Configuration Format</title>
+
+- <para>The configuration files contain a list of
+- variable assignments, separated by newlines. Empty
+- lines and lines whose first non-whitespace character
+- is # or ; are ignored.</para>
++ <para>The configuration files contain a list of
++ variable assignments, separated by newlines. Empty
++ lines and lines whose first non-whitespace character
++ is # or ; are ignored.</para>
+
+ <para>Note that both / and . are accepted as label
+ separators within sysctl variable
+diff --git a/man/systemctl.xml b/man/systemctl.xml
+index 4bc16c4..7ed8f35 100644
+--- a/man/systemctl.xml
++++ b/man/systemctl.xml
+@@ -201,17 +201,17 @@
+ <varlistentry>
+ <term><option>--no-legend</option></term>
+
+- <listitem><para>Do not print a legend, i.e.
++ <listitem><para>Do not print a legend, i.e.
+ the column headers and the footer with hints.
+- </para></listitem>
+- </varlistentry>
++ </para></listitem>
++ </varlistentry>
+
+ <varlistentry>
+ <term><option>--no-pager</option></term>
+
+- <listitem><para>Do not pipe output into a
+- pager.</para></listitem>
+- </varlistentry>
++ <listitem><para>Do not pipe output into a
++ pager.</para></listitem>
++ </varlistentry>
+
+ <varlistentry>
+ <term><option>--system</option></term>
+diff --git a/man/systemd-binfmt.service.xml b/man/systemd-binfmt.service.xml
+index 73e9836..7f2bb9a 100644
+--- a/man/systemd-binfmt.service.xml
++++ b/man/systemd-binfmt.service.xml
+@@ -54,9 +54,9 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para><filename>systemd-binfmt.service</filename> is
+- an early-boot service that registers additional binary
+- formats for executables in the kernel.</para>
++ <para><filename>systemd-binfmt.service</filename> is
++ an early-boot service that registers additional binary
++ formats for executables in the kernel.</para>
+
+ <para>See
+ <citerefentry><refentrytitle>binfmt.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+diff --git a/man/systemd-cgls.xml b/man/systemd-cgls.xml
+index 28a8783..13c10ab 100644
+--- a/man/systemd-cgls.xml
++++ b/man/systemd-cgls.xml
+@@ -98,17 +98,17 @@
+ <varlistentry>
+ <term><option>--no-pager</option></term>
+
+- <listitem><para>Do not pipe output into a
+- pager.</para></listitem>
+- </varlistentry>
++ <listitem><para>Do not pipe output into a
++ pager.</para></listitem>
++ </varlistentry>
+
+ <varlistentry>
+ <term><option>--all</option></term>
+
+- <listitem><para>Don't hide empty
+- control groups in the
+- outpout.</para></listitem>
+- </varlistentry>
++ <listitem><para>Don't hide empty
++ control groups in the
++ outpout.</para></listitem>
++ </varlistentry>
+
+ <varlistentry>
+ <term><option>-k</option></term>
+diff --git a/man/systemd-delta.xml b/man/systemd-delta.xml
+index 523b590..9ded28b 100644
+--- a/man/systemd-delta.xml
++++ b/man/systemd-delta.xml
+@@ -95,9 +95,9 @@
+ <varlistentry>
+ <term><option>--no-pager</option></term>
+
+- <listitem><para>Do not pipe output into a
+- pager.</para></listitem>
+- </varlistentry>
++ <listitem><para>Do not pipe output into a
++ pager.</para></listitem>
++ </varlistentry>
+
+ <varlistentry>
+ <term><option>--type=</option></term>
+diff --git a/man/systemd-modules-load.service.xml b/man/systemd-modules-load.service.xml
+index 405ae4f..c92947f 100644
+--- a/man/systemd-modules-load.service.xml
++++ b/man/systemd-modules-load.service.xml
+@@ -54,9 +54,9 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para><filename>systemd-modules-load.service</filename>
+- is an early-boot service that loads kernel modules
+- from static configuration.</para>
++ <para><filename>systemd-modules-load.service</filename>
++ is an early-boot service that loads kernel modules
++ from static configuration.</para>
+
+ <para>See
+ <citerefentry><refentrytitle>modules-load.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+diff --git a/man/systemd-sysctl.service.xml b/man/systemd-sysctl.service.xml
+index 116fcd0..2ee6346 100644
+--- a/man/systemd-sysctl.service.xml
++++ b/man/systemd-sysctl.service.xml
+@@ -54,10 +54,10 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para><filename>systemd-sysctl.service</filename> is
+- an early-boot service that configures
+- <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+- kernel parameters.</para>
++ <para><filename>systemd-sysctl.service</filename> is
++ an early-boot service that configures
++ <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
++ kernel parameters.</para>
+
+ <para>See
+ <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+@@ -70,7 +70,7 @@
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>wine</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml
+index 0cf15ed..3b69968 100644
+--- a/man/tmpfiles.d.xml
++++ b/man/tmpfiles.d.xml
+@@ -55,16 +55,16 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para><command>systemd-tmpfiles</command> uses the
+- configuration files from the above directories to describe the
+- creation, cleaning and removal of volatile and
+- temporary files and directories which usually reside
+- in directories such as <filename>/run</filename>
+- or <filename>/tmp</filename>.</para>
++ <para><command>systemd-tmpfiles</command> uses the
++ configuration files from the above directories to describe the
++ creation, cleaning and removal of volatile and
++ temporary files and directories which usually reside
++ in directories such as <filename>/run</filename>
++ or <filename>/tmp</filename>.</para>
+ </refsect1>
+
+ <refsect1>
+- <title>Configuration Format</title>
++ <title>Configuration Format</title>
+
+ <para>Each configuration file shall be named in the
+ style of <filename><program>.conf</filename>.
+@@ -91,9 +91,9 @@
+ <filename>/etc/tmpfiles.d/</filename> bearing the
+ same file name.</para>
+
+- <para>The configuration format is one line per path
+- containing action, path, mode, ownership, age and argument
+- fields:</para>
++ <para>The configuration format is one line per path
++ containing action, path, mode, ownership, age and argument
++ fields:</para>
+
+ <programlisting>Type Path Mode UID GID Age Argument
+ d /run/user 0755 root root 10d -
diff --git a/0405-tmpfiles-allow-to-specify-basename-only-systemd-tmpf.patch b/0405-tmpfiles-allow-to-specify-basename-only-systemd-tmpf.patch
new file mode 100644
index 0000000..cbcbd20
--- /dev/null
+++ b/0405-tmpfiles-allow-to-specify-basename-only-systemd-tmpf.patch
@@ -0,0 +1,94 @@
+From 3039988e1657bb5984abdab6c820f37cfb643aa2 Mon Sep 17 00:00:00 2001
+From: Dave Reisner <dreisner at archlinux.org>
+Date: Fri, 8 Jun 2012 22:31:19 -0400
+Subject: [PATCH] tmpfiles: allow to specify basename only: systemd-tmpfiles
+ <program.conf>
+
+Allow passing of basename only, instead of the absolute path; letting
+systemd-tmpfiles perform a path lookup for the proper fragment path in
+the config directories.
+
+This allows distributions to call: systemd-tmpfiles <program.conf> on
+upgrade of a package, with respecting the possibly overriden (or even
+masked) tmpfile.
+(cherry picked from commit 9125670f9a3dc34adf16b87635b460b2e4099b78)
+---
+ src/tmpfiles/tmpfiles.c | 46 ++++++++++++++++++++++++++++++++++++++--------
+ 1 file changed, 38 insertions(+), 8 deletions(-)
+
+diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
+index be45c71..6f54962 100644
+--- a/src/tmpfiles/tmpfiles.c
++++ b/src/tmpfiles/tmpfiles.c
+@@ -100,6 +100,14 @@ static bool arg_remove = false;
+
+ static const char *arg_prefix = NULL;
+
++static const char *conf_file_dirs[] = {
++ "/etc/tmpfiles.d",
++ "/run/tmpfiles.d",
++ "/usr/local/lib/tmpfiles.d",
++ "/usr/lib/tmpfiles.d",
++ NULL
++};
++
+ #define MAX_DEPTH 256
+
+ static bool needs_glob(ItemType t) {
+@@ -1253,6 +1261,29 @@ static int read_config_file(const char *fn, bool ignore_enoent) {
+ return r;
+ }
+
++static char *resolve_fragment(const char *fragment, const char **search_paths) {
++ const char **p;
++ char *resolved_path;
++
++ if (is_path(fragment))
++ return strdup(fragment);
++
++ STRV_FOREACH(p, search_paths) {
++ resolved_path = join(*p, "/", fragment, NULL);
++ if (resolved_path == NULL) {
++ log_error("Out of memory");
++ return NULL;
++ }
++
++ if (access(resolved_path, F_OK) == 0)
++ return resolved_path;
++
++ free(resolved_path);
++ }
++
++ return NULL;
++}
++
+ int main(int argc, char *argv[]) {
+ int r;
+ Item *i;
+@@ -1284,19 +1315,18 @@ int main(int argc, char *argv[]) {
+ if (optind < argc) {
+ int j;
+
+- for (j = optind; j < argc; j++)
+- if (read_config_file(argv[j], false) < 0)
++ for (j = optind; j < argc; j++) {
++ char *fragment = resolve_fragment(argv[j], conf_file_dirs);
++ if (read_config_file(fragment, false) < 0)
+ r = EXIT_FAILURE;
++ free(fragment);
++ }
+
+ } else {
+ char **files, **f;
+
+- r = conf_files_list(&files, ".conf",
+- "/etc/tmpfiles.d",
+- "/run/tmpfiles.d",
+- "/usr/local/lib/tmpfiles.d",
+- "/usr/lib/tmpfiles.d",
+- NULL);
++ r = conf_files_list_strv(&files, ".conf",
++ (const char **)conf_file_dirs);
+ if (r < 0) {
+ log_error("Failed to enumerate tmpfiles.d files: %s", strerror(-r));
+ r = EXIT_FAILURE;
diff --git a/0406-tmpfiles-print-error-if-basename-lookup-fails-docume.patch b/0406-tmpfiles-print-error-if-basename-lookup-fails-docume.patch
new file mode 100644
index 0000000..d5b3f78
--- /dev/null
+++ b/0406-tmpfiles-print-error-if-basename-lookup-fails-docume.patch
@@ -0,0 +1,61 @@
+From 0e92caf541a07ec0ea47a42649f0dc660f84d77c Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Sun, 10 Jun 2012 19:21:50 +0200
+Subject: [PATCH] tmpfiles: print error if basename lookup fails; document it
+ in manpage (cherry picked from commit
+ ca2e894bdbd06b43800b57074be0e499a3539b0d)
+
+---
+ man/systemd-tmpfiles.xml | 10 +++++++---
+ src/tmpfiles/tmpfiles.c | 10 +++++++++-
+ 2 files changed, 16 insertions(+), 4 deletions(-)
+
+diff --git a/man/systemd-tmpfiles.xml b/man/systemd-tmpfiles.xml
+index 218840e..9888ba9 100644
+--- a/man/systemd-tmpfiles.xml
++++ b/man/systemd-tmpfiles.xml
+@@ -67,9 +67,13 @@
+
+ <para>If invoked with no arguments, it applies all
+ directives from all configuration files. If one or
+- more absolute file names are passed on the command
+- line only the directives in these files are
+- applied.</para>
++ more file names are passed on the command line, only
++ the directives in these files are applied. If only
++ the basename of a configuration file is specified,
++ all configuration directories as specified in <citerefentry>
++ <refentrytitle>tmpfiles.d</refentrytitle>
++ <manvolnum>5</manvolnum>
++ </citerefentry> are searched for a matching file.</para>
+ </refsect1>
+
+ <refsect1>
+diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
+index 6f54962..36da1fa 100644
+--- a/src/tmpfiles/tmpfiles.c
++++ b/src/tmpfiles/tmpfiles.c
+@@ -1281,6 +1281,7 @@ static char *resolve_fragment(const char *fragment, const char **search_paths) {
+ free(resolved_path);
+ }
+
++ errno = ENOENT;
+ return NULL;
+ }
+
+@@ -1316,7 +1317,14 @@ int main(int argc, char *argv[]) {
+ int j;
+
+ for (j = optind; j < argc; j++) {
+- char *fragment = resolve_fragment(argv[j], conf_file_dirs);
++ char *fragment;
++
++ fragment = resolve_fragment(argv[j], conf_file_dirs);
++ if (!fragment) {
++ log_error("Failed to find any: %s file: %m", argv[j]);
++ r = EXIT_FAILURE;
++ goto finish;
++ }
+ if (read_config_file(fragment, false) < 0)
+ r = EXIT_FAILURE;
+ free(fragment);
diff --git a/0407-tmpfiles-fix-error-message.patch b/0407-tmpfiles-fix-error-message.patch
new file mode 100644
index 0000000..fb2f144
--- /dev/null
+++ b/0407-tmpfiles-fix-error-message.patch
@@ -0,0 +1,23 @@
+From f71700e61e36e2263d13fa1499dbe5211101aa1d Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay at vrfy.org>
+Date: Sun, 10 Jun 2012 19:31:39 +0200
+Subject: [PATCH] tmpfiles: fix error message (cherry picked from commit
+ 94f7a71442bda7c43191979ea13cc97112745ce4)
+
+---
+ src/tmpfiles/tmpfiles.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
+index 36da1fa..dd9f159 100644
+--- a/src/tmpfiles/tmpfiles.c
++++ b/src/tmpfiles/tmpfiles.c
+@@ -1321,7 +1321,7 @@ int main(int argc, char *argv[]) {
+
+ fragment = resolve_fragment(argv[j], conf_file_dirs);
+ if (!fragment) {
+- log_error("Failed to find any: %s file: %m", argv[j]);
++ log_error("Failed to find a %s file: %m", argv[j]);
+ r = EXIT_FAILURE;
+ goto finish;
+ }
diff --git a/0408-logind-fix-check-for-multiple-sessions.patch b/0408-logind-fix-check-for-multiple-sessions.patch
new file mode 100644
index 0000000..0b1a632
--- /dev/null
+++ b/0408-logind-fix-check-for-multiple-sessions.patch
@@ -0,0 +1,62 @@
+From cf7286226f558e27336639aa9fad8283c38b184c Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt at redhat.com>
+Date: Tue, 12 Jun 2012 09:31:43 +0200
+Subject: [PATCH] logind: fix check for multiple sessions
+
+The "$action-multiple-sessions" polkit actions are defined as
+"$action while other users are logged in". To me this implies that the
+following sessions should not count:
+ - greeter sessions
+ - user sessions belonging to the same user as the one who's asking
+
+Not sure how to treat class SESSION_LOCK_SCREEN. I never have these.
+I just ignore every class that's not SESSION_USER.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=814424
+(cherry picked from commit 2154761fbbc931e3e3d83100fa42609c99cd2536)
+---
+ src/login/logind-dbus.c | 27 ++++++++++-----------------
+ 1 file changed, 10 insertions(+), 17 deletions(-)
+
+diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
+index 84fd785..719fad6 100644
+--- a/src/login/logind-dbus.c
++++ b/src/login/logind-dbus.c
+@@ -924,27 +924,20 @@ static int have_multiple_sessions(
+ DBusMessage *message,
+ DBusError *error) {
+
+- Session *s;
++ Session *session;
++ Iterator i;
++ unsigned long ul;
+
+ assert(m);
+
+- if (hashmap_size(m->sessions) > 1)
+- return true;
+-
+- /* Hmm, there's only one session, but let's make sure it
+- * actually belongs to the user who is asking. If not, better
+- * be safe than sorry. */
+-
+- s = hashmap_first(m->sessions);
+- if (s) {
+- unsigned long ul;
+-
+- ul = dbus_bus_get_unix_user(connection, dbus_message_get_sender(message), error);
+- if (ul == (unsigned long) -1)
+- return -EIO;
++ ul = dbus_bus_get_unix_user(connection, dbus_message_get_sender(message), error);
++ if (ul == (unsigned long) -1)
++ return -EIO;
+
+- return s->user->uid != ul;
+- }
++ /* Check for other users' sessions. Greeter sessions do not count. */
++ HASHMAP_FOREACH(session, m->sessions, i)
++ if (session->class == SESSION_USER && session->user->uid != ul)
++ return true;
+
+ return false;
+ }
diff --git a/0409-journal-file-fix-mmap-leak.patch b/0409-journal-file-fix-mmap-leak.patch
new file mode 100644
index 0000000..fc401ea
--- /dev/null
+++ b/0409-journal-file-fix-mmap-leak.patch
@@ -0,0 +1,30 @@
+From 8c15fd59c8ad0e2ef87b8bc24d552114bacaa445 Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt at redhat.com>
+Date: Tue, 12 Jun 2012 16:45:09 +0200
+Subject: [PATCH] journal-file: fix mmap leak
+
+https://bugzilla.redhat.com/show_bug.cgi?id=831132
+(cherry picked from commit d384c7a8741aa5dda89c6eee63bfa3107181ee17)
+---
+ src/journal/journal-file.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
+index 4fb416f..df4cbd5 100644
+--- a/src/journal/journal-file.c
++++ b/src/journal/journal-file.c
+@@ -67,9 +67,12 @@ void journal_file_close(JournalFile *f) {
+
+ assert(f);
+
+- if (f->header && f->writable)
+- f->header->state = STATE_OFFLINE;
++ if (f->header) {
++ if (f->writable)
++ f->header->state = STATE_OFFLINE;
+
++ munmap(f->header, PAGE_ALIGN(sizeof(Header)));
++ }
+
+ for (t = 0; t < _WINDOW_MAX; t++)
+ if (f->windows[t].ptr)
diff --git a/0410-man-fix-sysytemd-typos.patch b/0410-man-fix-sysytemd-typos.patch
new file mode 100644
index 0000000..dabb4f4
--- /dev/null
+++ b/0410-man-fix-sysytemd-typos.patch
@@ -0,0 +1,65 @@
+From 0a263591efe16ec17b366df5d62f6e6191dc6dbf Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt at redhat.com>
+Date: Wed, 13 Jun 2012 00:08:46 +0200
+Subject: [PATCH] man: fix 'sysytemd' typos (cherry picked from commit
+ 68afbe5f0d079f16cc2ba69088a650ee3208eb43)
+
+---
+ man/systemd-binfmt.service.xml | 2 +-
+ man/systemd-logind.service.xml | 2 +-
+ man/systemd-modules-load.service.xml | 2 +-
+ man/systemd-sysctl.service.xml | 2 +-
+ 4 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/man/systemd-binfmt.service.xml b/man/systemd-binfmt.service.xml
+index 7f2bb9a..1db735a 100644
+--- a/man/systemd-binfmt.service.xml
++++ b/man/systemd-binfmt.service.xml
+@@ -47,7 +47,7 @@
+ </refnamediv>
+
+ <refsynopsisdiv>
+- <para><filename>sysytemd-binfmt.service</filename></para>
++ <para><filename>systemd-binfmt.service</filename></para>
+ <para><filename>/usr/lib/systemd/systemd-binfmt</filename></para>
+ </refsynopsisdiv>
+
+diff --git a/man/systemd-logind.service.xml b/man/systemd-logind.service.xml
+index 98b31dd..d55c2d2 100644
+--- a/man/systemd-logind.service.xml
++++ b/man/systemd-logind.service.xml
+@@ -49,7 +49,7 @@
+ </refnamediv>
+
+ <refsynopsisdiv>
+- <para><filename>sysytemd-logind.service</filename></para>
++ <para><filename>systemd-logind.service</filename></para>
+ <para><filename>/usr/lib/systemd/systemd-logind</filename></para>
+ </refsynopsisdiv>
+
+diff --git a/man/systemd-modules-load.service.xml b/man/systemd-modules-load.service.xml
+index c92947f..16c6a65 100644
+--- a/man/systemd-modules-load.service.xml
++++ b/man/systemd-modules-load.service.xml
+@@ -47,7 +47,7 @@
+ </refnamediv>
+
+ <refsynopsisdiv>
+- <para><filename>sysytemd-modules-load.service</filename></para>
++ <para><filename>systemd-modules-load.service</filename></para>
+ <para><filename>/usr/lib/systemd/systemd-modules-load</filename></para>
+ </refsynopsisdiv>
+
+diff --git a/man/systemd-sysctl.service.xml b/man/systemd-sysctl.service.xml
+index 2ee6346..72a102c 100644
+--- a/man/systemd-sysctl.service.xml
++++ b/man/systemd-sysctl.service.xml
+@@ -47,7 +47,7 @@
+ </refnamediv>
+
+ <refsynopsisdiv>
+- <para><filename>sysytemd-sysctl.service</filename></para>
++ <para><filename>systemd-sysctl.service</filename></para>
+ <para><filename>/usr/lib/systemd/systemd-sysctl</filename></para>
+ </refsynopsisdiv>
+
diff --git a/0411-F17-fix-manpage-name-typo.patch b/0411-F17-fix-manpage-name-typo.patch
new file mode 100644
index 0000000..0c5103f
--- /dev/null
+++ b/0411-F17-fix-manpage-name-typo.patch
@@ -0,0 +1,22 @@
+From dddb38a226a7c0bb408607bc136fd10aeba1d7bb Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt at redhat.com>
+Date: Wed, 13 Jun 2012 00:56:15 +0200
+Subject: [PATCH] F17: fix manpage name typo
+
+---
+ src/journal/systemd-journald.conf | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/journal/systemd-journald.conf b/src/journal/systemd-journald.conf
+index 946ee97..ed3dfd9 100644
+--- a/src/journal/systemd-journald.conf
++++ b/src/journal/systemd-journald.conf
+@@ -5,7 +5,7 @@
+ # the Free Software Foundation; either version 2 of the License, or
+ # (at your option) any later version.
+ #
+-# See system-journald.conf(5) for details
++# See systemd-journald.conf(5) for details
+
+ [Journal]
+ #Compress=yes
diff --git a/systemd.spec b/systemd.spec
index 7a26b4a..214960a 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -3,7 +3,7 @@
Name: systemd
Url: http://www.freedesktop.org/wiki/Software/systemd
Version: 44
-Release: 12%{?gitcommit:.git%{gitcommit}}%{?dist}
+Release: 13%{?gitcommit:.git%{gitcommit}}%{?dist}
License: GPLv2+
Group: System Environment/Base
Summary: A System and Service Manager
@@ -398,6 +398,79 @@ Patch0335: 0335-service-actually-delay-auto-restart-if-another-job-i.patch
Patch0336: 0336-service-fix-auto-restart-handling-in-service_stop.patch
Patch0337: 0337-service-fix-auto-restart-handling-in-service_start.patch
Patch0338: 0338-mount-use-the-same-fstab-extension-option-syntax-eve.patch
+Patch0339: 0339-main-properly-queue-default.target-after-switched-ro.patch
+Patch0340: 0340-journal-crash-when-filesystem-is-low-on-space.patch
+Patch0341: 0341-util-make-sure-to-fstatat-at-most-once-in-rm_rf_chil.patch
+Patch0342: 0342-switch-root-do-not-use-close-old_root_fd-after-rm_rf.patch
+Patch0343: 0343-logind-fix-write-out-of-user-state-file.patch
+Patch0344: 0344-main-only-fall-back-to-bin-sh-in-case-sbin-init-does.patch
+Patch0345: 0345-execute-use-a-much-lower-idle-timeout-that-default-t.patch
+Patch0346: 0346-journal-log-journal-internal-messages-to-kmsg.patch
+Patch0347: 0347-log-make-sure-generators-never-log-into-the-journal-.patch
+Patch0348: 0348-readahead-avoid-activating-the-journal-by-accident-l.patch
+Patch0349: 0349-readahead-avoid-running-of-readahead-services-if-rea.patch
+Patch0350: 0350-man-properly-document-FsckPassNo-for-mount-units.patch
+Patch0351: 0351-journal-don-t-complain-if-SELinux-userspace-is-avail.patch
+Patch0352: 0352-units-fix-file-syntax.patch
+Patch0353: 0353-service-for-Type-idle-units-consider-START_PRE-START.patch
+Patch0354: 0354-main-add-configuration-option-to-alter-capability-bo.patch
+Patch0355: 0355-man-systemctl.xml-Add-missing-space-for-stopcommand.patch
+Patch0356: 0356-bash-Reflect-new-name-of-loginctl-in-bash-completion.patch
+Patch0357: 0357-cgtop-work-even-if-not-all-cgroups-are-available.patch
+Patch0358: 0358-capabilities-when-dropping-capabilities-system-wide-.patch
+Patch0359: 0359-sleep-print-nice-messages-right-before-and-right-aft.patch
+Patch0360: 0360-journald-ignore-messages-read-from-proc-kmsg-that-we.patch
+Patch0361: 0361-build-sys-fix-built-with-disable-logind.patch
+Patch0362: 0362-journalctl-for-now-complain-if-more-than-one-match-i.patch
+Patch0363: 0363-journalctl-support-usr-bin-nginx-etc.patch
+Patch0364: 0364-journalctl-check-first-if-match-is-a-path-name.patch
+Patch0365: 0365-journal-don-t-allow-adding-invalid-matches-to-the-co.patch
+Patch0366: 0366-shutdown-Don-t-skip-bind-mounts-on-shutdown.patch
+Patch0367: 0367-selinux-downgrade-database-load-time-message-to-LOG_.patch
+Patch0368: 0368-login-properly-detect-MIMO-USB-displays.patch
+Patch0369: 0369-journald-properly-handle-if-we-have-no-PID-in-a-kmsg.patch
+Patch0370: 0370-systemctl-introduce-systemctl-man-to-show-man-page-f.patch
+Patch0371: 0371-util-introduce-a-proper-nsec_t-and-make-use-of-it-wh.patch
+Patch0372: 0372-main-allow-setting-of-timer-slack-for-PID-1.patch
+Patch0373: 0373-util-don-t-require-libcap-when-building-libsystemd-s.patch
+Patch0374: 0374-mkdir-append-_label-to-all-mkdir-calls-that-explicit.patch
+Patch0375: 0375-mkdir-provide-all-functions-with-and-without-selinux.patch
+Patch0376: 0376-units-add-Documentation-field-to-console-getty.servi.patch
+Patch0377: 0377-man-add-documentation-for-the-binfmt-modules-load-sy.patch
+Patch0378: 0378-main-Silence-gcc-warning.patch
+Patch0379: 0379-logind-properly-clean-up-user-cgroups-when-they-run-.patch
+Patch0380: 0380-logind-add-new-user-state-closing.patch
+Patch0381: 0381-build-sys-split-off-D-Bus-requires-from-selinux-conv.patch
+Patch0382: 0382-sleep-Don-t-call-execute_directory-on-a-binary.patch
+Patch0383: 0383-logind-interpret-the-can_sleep-return-value-properly.patch
+Patch0384: 0384-logind-fix-indentation.patch
+Patch0385: 0385-man-write-man-page-for-systemd-logind.patch
+Patch0386: 0386-man-document-systemd-journal.patch
+Patch0387: 0387-journal-support-changing-the-console-tty-to-forward-.patch
+Patch0388: 0388-journal-allow-setting-of-a-cutoff-log-level-for-disk.patch
+Patch0389: 0389-units-fix-man-section.patch
+Patch0390: 0390-fix-typo.patch
+Patch0391: 0391-missing-define-MS_STRICTATIME-if-not-defined-already.patch
+Patch0392: 0392-systemd-detect-virt-fix-option-quiet-requires-an-arg.patch
+Patch0393: 0393-logind-punt-duplicate-definition-of-InhibitWhat.patch
+Patch0394: 0394-unit-name-never-create-a-unit-name-with-a-leading.patch
+Patch0395: 0395-remove-support-for-deprecated-proc-self-oom_adj.patch
+Patch0396: 0396-systemctl-rename-man-to-help.patch
+Patch0397: 0397-silence-gcc-warning-on-32-bit.patch
+Patch0398: 0398-readahead-Add-tool-to-analyze-the-contents-of-the-pa.patch
+Patch0399: 0399-Revert-F17-units-do-not-use-Type-idle-yet.patch
+Patch0400: 0400-units-avoid-redundant-VT-clearing-by-agetty.patch
+Patch0401: 0401-units-add-systemd-debug-shell.service.patch
+Patch0402: 0402-systemd-debug-shell-add-to-POTFILES.skip.patch
+Patch0403: 0403-man-systemd-tmpfiles-document-proper-config-file-sta.patch
+Patch0404: 0404-man-replace-tabs-with-spaces.patch
+Patch0405: 0405-tmpfiles-allow-to-specify-basename-only-systemd-tmpf.patch
+Patch0406: 0406-tmpfiles-print-error-if-basename-lookup-fails-docume.patch
+Patch0407: 0407-tmpfiles-fix-error-message.patch
+Patch0408: 0408-logind-fix-check-for-multiple-sessions.patch
+Patch0409: 0409-journal-file-fix-mmap-leak.patch
+Patch0410: 0410-man-fix-sysytemd-typos.patch
+Patch0411: 0411-F17-fix-manpage-name-typo.patch
# For sysvinit tools
Obsoletes: SysVinit < 2.86-24, sysvinit < 2.86-24
@@ -694,6 +767,7 @@ mv /etc/systemd/system/default.target.save /etc/systemd/system/default.target >/
%{_bindir}/systemd-delta
%{_bindir}/systemd-detect-virt
%{_bindir}/systemd-inhibit
+%{_bindir}/systemd-readahead-analyze
%{_prefix}/lib/systemd/system
%{_prefix}/lib/systemd/user
%{_prefix}/lib/systemd/systemd-*
@@ -774,6 +848,15 @@ mv /etc/systemd/system/default.target.save /etc/systemd/system/default.target >/
%{_bindir}/systemd-analyze
%changelog
+* Wed Jun 13 2012 Michal Schmidt <mschmidt at redhat.com> - 44-13
+- Patches from upstream
+- Fixes to journald, logind, tmpfiles
+- Documentation improvements, systemctl help
+- New config options for systemd, journal
+- Add systemd-readahead-analyze, systemd-debug-shell.service
+- Start using Type=idle
+- Fixes: #828007, #814424, #831132, #791098, #823815, fdo#50402, fdo#50671
+
* Tue May 22 2012 Michal Schmidt <mschmidt at redhat.com> - 44-12
- Fixes for auto-restart (#817968, fdo#45511)
More information about the scm-commits
mailing list