[systemd/f17] post-v44 patches from upstream git
Michal Schmidt
michich at fedoraproject.org
Fri Mar 30 11:21:25 UTC 2012
commit f950845e41419b95022ad8547394c189b9dcc3d3
Author: Michal Schmidt <mschmidt at redhat.com>
Date: Fri Mar 30 13:15:01 2012 +0200
post-v44 patches from upstream git
Post-v44 patches from upstream git up to bbd1a83, except:
ee4cbc2 remove GTK pieces
231931f units: don't mount tmpfs on /media anymore
623ac9d units: mount /tmp as tmpfs
...l-never-follow-symlinks-in-rm_rf_children.patch | 30 +
0002-man-fix-parameter-name-for-sd_uid_xxx.patch | 62 +
...ow-passing-more-than-one-config-file-name.patch | 68 +
...d-drop-lib-from-search-path-if-we-don-t-h.patch | 55 +
...ccept-multiple-passed-configuration-files.patch | 76 +
0006-man-updates-to-sysctl.d-5.patch | 92 ++
...ct-with-immediate-rotation-to-a-couple-of.patch | 49 +
...E_SIZE-is-not-known-on-ppc-and-other-arch.patch | 12 +-
...nt-the-securityfs-filesystem-at-early-sta.patch | 95 ++
...d-support-for-loading-IMA-custom-policies.patch | 281 ++++
0011-man-systemd-cat-1-typo-fix.patch | 24 +
0012-binfmt-fix-apply-loop.patch | 24 +
...d-sparse-support-to-detect-endianness-bug.patch | 379 +++++
0014-update-TODO.patch | 23 +
...d-extend-comment-about-X11-socket-symlink.patch | 26 +
...close-FIFO-before-ending-sessions-cleanly.patch | 154 ++
...an-minor-typo-in-reference-to-manual-page.patch | 23 +
0018-build-sys-fix-make-dist-check.patch | 25 +
...loginctl-drop-systemd-prefix-in-binary-na.patch | 1724 ++++++++++++++++++++
0020-build-sys-do-not-set-CFLAGS-directly.patch | 135 ++
0021-build-sys-separate-ldflags-from-cflags.patch | 43 +
0022-man-don-t-claim-f-was-short-for-follow.patch | 22 +
0023-journalctl-add-local-switch.patch | 103 ++
0024-cat-fix-priority-type.patch | 24 +
...t-rid-of-var-run.mount-and-var-lock.mount.patch | 121 ++
...perly-handle-if-we-interleave-files-with-.patch | 38 +
...ob-fix-loss-of-ordering-with-restart-jobs.patch | 144 ++
...-debug-prints-where-job-type-gets-changed.patch | 67 +
systemd.spec | 50 +-
29 files changed, 3959 insertions(+), 10 deletions(-)
---
diff --git a/0001-util-never-follow-symlinks-in-rm_rf_children.patch b/0001-util-never-follow-symlinks-in-rm_rf_children.patch
new file mode 100644
index 0000000..a9a54f0
--- /dev/null
+++ b/0001-util-never-follow-symlinks-in-rm_rf_children.patch
@@ -0,0 +1,30 @@
+From 3496aedb2c09bd464964ee70cbf9cff2919dac5b Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt at redhat.com>
+Date: Fri, 2 Mar 2012 10:39:10 +0100
+Subject: [PATCH] util: never follow symlinks in rm_rf_children()
+
+The function checks if the entry is a directory before recursing, but
+there is a window between the check and the open, during which the
+directory could be replaced with a symlink.
+
+CVE-2012-1174
+https://bugzilla.redhat.com/show_bug.cgi?id=803358
+(cherry picked from commit 5ebff5337594d690b322078c512eb222d34aaa82)
+---
+ src/util.c | 3 ++-
+ 1 files changed, 2 insertions(+), 1 deletions(-)
+
+diff --git a/src/util.c b/src/util.c
+index 20cbc2b..dfc1dc6 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -3593,7 +3593,8 @@ static int rm_rf_children(int fd, bool only_dirs, bool honour_sticky) {
+ if (is_dir) {
+ int subdir_fd;
+
+- if ((subdir_fd = openat(fd, de->d_name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC)) < 0) {
++ subdir_fd = openat(fd, de->d_name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW);
++ if (subdir_fd < 0) {
+ if (ret == 0 && errno != ENOENT)
+ ret = -errno;
+ continue;
diff --git a/0002-man-fix-parameter-name-for-sd_uid_xxx.patch b/0002-man-fix-parameter-name-for-sd_uid_xxx.patch
new file mode 100644
index 0000000..a58f8d2
--- /dev/null
+++ b/0002-man-fix-parameter-name-for-sd_uid_xxx.patch
@@ -0,0 +1,62 @@
+From 3cb385fec1784f7176b0087f8fc3a59933dadc28 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 20 Mar 2012 15:28:35 +0100
+Subject: [PATCH] man: fix parameter name for sd_uid_xxx() (cherry picked from
+ commit bd08f2422491169e92dc0899d5ba848fcae4c15c)
+
+---
+ TODO | 4 ++++
+ man/sd_uid_get_state.xml | 8 ++++----
+ 2 files changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/TODO b/TODO
+index d33ae7f..3e11f70 100644
+--- a/TODO
++++ b/TODO
+@@ -18,6 +18,10 @@ Bugfixes:
+
+ Features:
+
++* show getty in container mode, not sulogin
++
++* support container_ttys=
++
+ * journald: make configurable "store-on-var", "store-on-run", "dont-store", "auto"
+ (store-persistent, store-volatile?)
+
+diff --git a/man/sd_uid_get_state.xml b/man/sd_uid_get_state.xml
+index 6777625..9249021 100644
+--- a/man/sd_uid_get_state.xml
++++ b/man/sd_uid_get_state.xml
+@@ -56,27 +56,27 @@
+
+ <funcprototype>
+ <funcdef>int <function>sd_uid_get_state</function></funcdef>
+- <paramdef>uid_t <parameter>pid</parameter></paramdef>
++ <paramdef>uid_t <parameter>uid</parameter></paramdef>
+ <paramdef>char** <parameter>state</parameter></paramdef>
+ </funcprototype>
+
+ <funcprototype>
+ <funcdef>int <function>sd_uid_is_on_seat</function></funcdef>
+- <paramdef>uid_t <parameter>pid</parameter></paramdef>
++ <paramdef>uid_t <parameter>uid</parameter></paramdef>
+ <paramdef>int <parameter>require_active</parameter></paramdef>
+ <paramdef>const char* <parameter>seat</parameter></paramdef>
+ </funcprototype>
+
+ <funcprototype>
+ <funcdef>int <function>sd_uid_get_sessions</function></funcdef>
+- <paramdef>uid_t <parameter>pid</parameter></paramdef>
++ <paramdef>uid_t <parameter>uid</parameter></paramdef>
+ <paramdef>int <parameter>require_active</parameter></paramdef>
+ <paramdef>char*** <parameter>sessions</parameter></paramdef>
+ </funcprototype>
+
+ <funcprototype>
+ <funcdef>int <function>sd_uid_get_seats</function></funcdef>
+- <paramdef>uid_t <parameter>pid</parameter></paramdef>
++ <paramdef>uid_t <parameter>uid</parameter></paramdef>
+ <paramdef>int <parameter>require_active</parameter></paramdef>
+ <paramdef>char*** <parameter>seats</parameter></paramdef>
+ </funcprototype>
diff --git a/0003-bmfmt-allow-passing-more-than-one-config-file-name.patch b/0003-bmfmt-allow-passing-more-than-one-config-file-name.patch
new file mode 100644
index 0000000..d6c8791
--- /dev/null
+++ b/0003-bmfmt-allow-passing-more-than-one-config-file-name.patch
@@ -0,0 +1,68 @@
+From ae4105c8963bfc8b3373b646cb8bdd5af18b83c1 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 20 Mar 2012 15:29:49 +0100
+Subject: [PATCH] bmfmt: allow passing more than one config file name (cherry
+ picked from commit
+ 133176702a03e5f6264f35c403dd7720d9e05c3f)
+
+---
+ src/binfmt/binfmt.c | 25 +++++++++++++++----------
+ 1 files changed, 15 insertions(+), 10 deletions(-)
+
+diff --git a/src/binfmt/binfmt.c b/src/binfmt/binfmt.c
+index 0e60618..28925ac 100644
+--- a/src/binfmt/binfmt.c
++++ b/src/binfmt/binfmt.c
+@@ -118,11 +118,6 @@ finish:
+ int main(int argc, char *argv[]) {
+ int r = 0;
+
+- if (argc > 2) {
+- log_error("This program expects one or no arguments.");
+- return EXIT_FAILURE;
+- }
+-
+ log_set_target(LOG_TARGET_AUTO);
+ log_parse_environment();
+ log_open();
+@@ -130,25 +125,35 @@ int main(int argc, char *argv[]) {
+ umask(0022);
+
+ if (argc > 1) {
+- r = apply_file(argv[1], false);
++ int i;
++
++ for (i = 1; i < argc; i++) {
++ int k;
++
++ k = apply_file(argv[1], false);
++ if (k < 0 && r == 0)
++ r = k;
++ }
+ } else {
+ char **files, **f;
+
+- /* Flush out all rules */
+- write_one_line_file("/proc/sys/fs/binfmt_misc/status", "-1");
+-
+ r = conf_files_list(&files, ".conf",
+ "/etc/binfmt.d",
+ "/run/binfmt.d",
+ "/usr/local/lib/binfmt.d",
+ "/usr/lib/binfmt.d",
++#ifdef HAVE_SPLIT_USR
++ "/lib/binfmt.d",
++#endif
+ NULL);
+-
+ if (r < 0) {
+ log_error("Failed to enumerate binfmt.d files: %s", strerror(-r));
+ goto finish;
+ }
+
++ /* Flush out all rules */
++ write_one_line_file("/proc/sys/fs/binfmt_misc/status", "-1");
++
+ STRV_FOREACH(f, files) {
+ int k;
+
diff --git a/0004-modules-load-drop-lib-from-search-path-if-we-don-t-h.patch b/0004-modules-load-drop-lib-from-search-path-if-we-don-t-h.patch
new file mode 100644
index 0000000..0b93352
--- /dev/null
+++ b/0004-modules-load-drop-lib-from-search-path-if-we-don-t-h.patch
@@ -0,0 +1,55 @@
+From 12a8bd3e7f87fa6f94b08b01e37c2f9f71c94719 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 20 Mar 2012 15:30:42 +0100
+Subject: [PATCH] modules-load: drop /lib from search path if we don't have it
+ split off (cherry picked from commit
+ 4e2075ceea72b3e7e753bf5c6c0e8c4a3b68cdd9)
+
+---
+ src/modules-load.c | 11 ++++++++---
+ 1 files changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/src/modules-load.c b/src/modules-load.c
+index 77fe3ea..ff1f690 100644
+--- a/src/modules-load.c
++++ b/src/modules-load.c
+@@ -58,7 +58,8 @@ int main(int argc, char *argv[]) {
+
+ umask(0022);
+
+- if (!(ctx = kmod_new(NULL, NULL))) {
++ ctx = kmod_new(NULL, NULL);
++ if (!ctx) {
+ log_error("Failed to allocate memory for kmod.");
+ goto finish;
+ }
+@@ -72,7 +73,9 @@ int main(int argc, char *argv[]) {
+ "/run/modules-load.d",
+ "/usr/local/lib/modules-load.d",
+ "/usr/lib/modules-load.d",
++#ifdef HAVE_SPLIT_USR
+ "/lib/modules-load.d",
++#endif
+ NULL) < 0) {
+ log_error("Failed to enumerate modules-load.d files: %s", strerror(-r));
+ goto finish;
+@@ -99,7 +102,7 @@ int main(int argc, char *argv[]) {
+ struct kmod_list *itr, *modlist = NULL;
+ int err;
+
+- if (!(fgets(line, sizeof(line), f)))
++ if (!fgets(line, sizeof(line), f))
+ break;
+
+ l = strstrip(line);
+@@ -114,7 +117,9 @@ int main(int argc, char *argv[]) {
+ }
+
+ kmod_list_foreach(itr, modlist) {
+- struct kmod_module *mod = kmod_module_get_module(itr);
++ struct kmod_module *mod;
++
++ mod = kmod_module_get_module(itr);
+ err = kmod_module_probe_insert_module(mod, probe_flags,
+ NULL, NULL, NULL, NULL);
+
diff --git a/0005-sysctl-accept-multiple-passed-configuration-files.patch b/0005-sysctl-accept-multiple-passed-configuration-files.patch
new file mode 100644
index 0000000..0831196
--- /dev/null
+++ b/0005-sysctl-accept-multiple-passed-configuration-files.patch
@@ -0,0 +1,76 @@
+From ea02d6190130f19f33374a46c8861109bdd563d6 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 20 Mar 2012 15:31:09 +0100
+Subject: [PATCH] sysctl: accept multiple passed configuration files (cherry
+ picked from commit
+ de19ece73860e90a10029fbc4c4f6d3b296f1a1e)
+
+---
+ src/sysctl.c | 28 +++++++++++++++++-----------
+ 1 files changed, 17 insertions(+), 11 deletions(-)
+
+diff --git a/src/sysctl.c b/src/sysctl.c
+index 852ec91..17c6719 100644
+--- a/src/sysctl.c
++++ b/src/sysctl.c
+@@ -219,28 +219,34 @@ int main(int argc, char *argv[]) {
+ if (r <= 0)
+ return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
+
+- if (argc-optind > 1) {
+- log_error("This program expects one or no arguments.");
+- return EXIT_FAILURE;
+- }
+-
+ log_set_target(LOG_TARGET_AUTO);
+ log_parse_environment();
+ log_open();
+
+ umask(0022);
+
+- if (argc > optind)
+- r = apply_file(argv[optind], false);
+- else {
++ if (argc > optind) {
++ int i;
++
++ for (i = optind; i < argc; i++) {
++ int k;
++
++ k = apply_file(argv[i], false);
++ if (k < 0 && r == 0)
++ r = k;
++ }
++ } else {
+ char **files, **f;
++ int k;
+
+ r = conf_files_list(&files, ".conf",
+ "/etc/sysctl.d",
+ "/run/sysctl.d",
+ "/usr/local/lib/sysctl.d",
+ "/usr/lib/sysctl.d",
++#ifdef HAVE_SPLIT_USR
+ "/lib/sysctl.d",
++#endif
+ NULL);
+ if (r < 0) {
+ log_error("Failed to enumerate sysctl.d files: %s", strerror(-r));
+@@ -248,14 +254,14 @@ int main(int argc, char *argv[]) {
+ }
+
+ STRV_FOREACH(f, files) {
+- int k;
+-
+ k = apply_file(*f, true);
+ if (k < 0 && r == 0)
+ r = k;
+ }
+
+- apply_file("/etc/sysctl.conf", true);
++ k = apply_file("/etc/sysctl.conf", true);
++ if (k < 0 && r == 0)
++ r = k;
+
+ strv_free(files);
+ }
diff --git a/0006-man-updates-to-sysctl.d-5.patch b/0006-man-updates-to-sysctl.d-5.patch
new file mode 100644
index 0000000..3316387
--- /dev/null
+++ b/0006-man-updates-to-sysctl.d-5.patch
@@ -0,0 +1,92 @@
+From 171ac2d5ed66383127c437c7dd39dac69f10db14 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 21 Mar 2012 23:32:02 +0100
+Subject: [PATCH] man: updates to sysctl.d(5) (cherry picked from commit
+ 95f77929d8d94480015cd7383a5504cf9ebf2fa5)
+
+---
+ man/sysctl.d.xml | 65 ++++++++++++++++++++++++++++++++---------------------
+ 1 files changed, 39 insertions(+), 26 deletions(-)
+
+diff --git a/man/sysctl.d.xml b/man/sysctl.d.xml
+index 9c108b0..20f2e24 100644
+--- a/man/sysctl.d.xml
++++ b/man/sysctl.d.xml
+@@ -54,38 +54,51 @@
+ <refsect1>
+ <title>Description</title>
+
+- <para><command>systemd</command> uses configuration files
+- from the above directories to configure
++ <para><command>systemd</command> uses configuration
++ files from the above directories to configure
+ <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+- kernel parameters to load during boot.</para>
++ kernel parameters during boot.</para>
+ </refsect1>
+
+ <refsect1>
+ <title>Configuration Format</title>
+
+- <para>The configuration files should simply contain a
+- list of variable assignments, separated by
+- newlines. Empty lines and lines whose first
+- non-whitespace character is # or ; are ignored.</para>
+-
+- <para>Note that both / and . are accepted as
+- separators in sysctl variable names.</para>
+-
+- <para>Each configuration file is named in the style of
+- <filename><program>.conf</filename>.
+- Files in <filename>/etc/</filename> overwrite
+- files with the same name in <filename>/usr/lib/</filename>.
+- Files in <filename>/run</filename> overwrite files with
+- the same name in <filename>/etc/</filename> and
+- <filename>/usr/lib/</filename>. Packages should install their
+- configuration files in <filename>/usr/lib/</filename>, files
+- in <filename>/etc/</filename> are reserved for the local
+- administration, which possibly decides to overwrite the
+- configurations installed from packages. All files are sorted
+- by filename in alphabetical order, regardless in which of the
+- directories they reside, to ensure that a specific
+- configuration file takes precedence over another file with
+- an alphabetically later name.</para>
++ <para>The configuration files contain a list of
++ variable assignments, separated by newlines. Empty
++ lines and lines whose first non-whitespace character
++ is # or ; are ignored.</para>
++
++ <para>Note that both / and . are accepted as label
++ separators within sysctl variable
++ names. <literal>kernel.domainname=foo</literal> and
++ <literal>kernel/domainname=foo</literal> hence are
++ entirely equivalent.</para>
++
++ <para>Each configuration file shall be named in the
++ style of <filename><program>.conf</filename>.
++ Files in <filename>/run/</filename> override files
++ with the same name in <filename>/usr/lib/</filename>.
++ Files in <filename>/etc</filename> override files with
++ the same name in <filename>/run/</filename> and
++ <filename>/usr/lib/</filename>. Packages should
++ install their configuration files in
++ <filename>/usr/lib/</filename>. Files in
++ <filename>/etc/</filename> are reserved for the local
++ administrator, who may use this logic to override the
++ configuration installed by vendor packages. All
++ configuration files are sorted by their name in
++ alphabetical order, regardless in which of the
++ directories they reside, to guarantee that a specific
++ configuration file takes precedence over another file
++ with an alphabetically earlier name, if both files
++ contain the same variable setting.</para>
++
++ <para>If the administrator wants to disable a
++ configuration file supplied by the vendor the
++ recommended way is to place a symlink to
++ <filename>/dev/null</filename> in
++ <filename>/etc/sysctl.d</filename> carrying with the
++ same name.</para>
+ </refsect1>
+
+ <refsect1>
diff --git a/0007-journal-react-with-immediate-rotation-to-a-couple-of.patch b/0007-journal-react-with-immediate-rotation-to-a-couple-of.patch
new file mode 100644
index 0000000..904fc6e
--- /dev/null
+++ b/0007-journal-react-with-immediate-rotation-to-a-couple-of.patch
@@ -0,0 +1,49 @@
+From 0cabeb9af382be288363ac4466499cae3c534b51 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 21 Mar 2012 23:40:51 +0100
+Subject: [PATCH] journal: react with immediate rotation to a couple of more
+ errors (cherry picked from commit
+ 0071d9f1db6dc9a1035cf5afb81455b67ed462f6)
+
+---
+ src/journal/journal-file.c | 5 ++++-
+ src/journal/journald.c | 10 +++++++++-
+ 2 files changed, 13 insertions(+), 2 deletions(-)
+
+diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
+index 474dd5c..5d540a7 100644
+--- a/src/journal/journal-file.c
++++ b/src/journal/journal-file.c
+@@ -1887,7 +1887,10 @@ int journal_file_open_reliably(
+ char *p;
+
+ r = journal_file_open(fname, flags, mode, template, ret);
+- if (r != -EBADMSG)
++ if (r != -EBADMSG && /* corrupted */
++ r != -ENODATA && /* truncated */
++ r != -EHOSTDOWN && /* other machine */
++ r != -EPROTONOSUPPORT) /* incompatible feature */
+ return r;
+
+ if ((flags & O_ACCMODE) == O_RDONLY)
+diff --git a/src/journal/journald.c b/src/journal/journald.c
+index baad3ab..d27cb60 100644
+--- a/src/journal/journald.c
++++ b/src/journal/journald.c
+@@ -609,7 +609,15 @@ retry:
+ else {
+ r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
+
+- if ((r == -EBADMSG || r == -E2BIG) && !vacuumed) {
++ if ((r == -E2BIG || /* hit limit */
++ r == -EFBIG || /* hit fs limit */
++ r == -EDQUOT || /* quota hit */
++ r == -ENOSPC || /* disk full */
++ r == -EBADMSG || /* corrupted */
++ r == -ENODATA || /* truncated */
++ r == -EHOSTDOWN || /* other machine */
++ r == -EPROTONOSUPPORT) && /* unsupported feature */
++ !vacuumed) {
+
+ if (r == -E2BIG)
+ log_info("Allocation limit reached, rotating.");
diff --git a/systemd-PAGE_SIZE.patch b/0008-journal-PAGE_SIZE-is-not-known-on-ppc-and-other-arch.patch
similarity index 84%
rename from systemd-PAGE_SIZE.patch
rename to 0008-journal-PAGE_SIZE-is-not-known-on-ppc-and-other-arch.patch
index 623bea1..43f5f20 100644
--- a/systemd-PAGE_SIZE.patch
+++ b/0008-journal-PAGE_SIZE-is-not-known-on-ppc-and-other-arch.patch
@@ -1,10 +1,14 @@
-From 7264278fbbdc1dc6c30fedc902d1337594aa6ff6 Mon Sep 17 00:00:00 2001
+From 618df2ac0d2343694e5eddda2e0899cdd9aeaab3 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart at poettering.net>
-Date: Wed, 21 Mar 2012 22:47:44 +0000
-Subject: journal: PAGE_SIZE is not known on ppc and other archs
+Date: Wed, 21 Mar 2012 23:47:44 +0100
+Subject: [PATCH] journal: PAGE_SIZE is not known on ppc and other archs
Let's use NAME_MAX, as suggested by Dan Walsh
+(cherry picked from commit 7264278fbbdc1dc6c30fedc902d1337594aa6ff6)
---
+ src/journal/journald.c | 15 ++++++++++++---
+ 1 files changed, 12 insertions(+), 3 deletions(-)
+
diff --git a/src/journal/journald.c b/src/journal/journald.c
index d27cb60..87390bd 100644
--- a/src/journal/journald.c
@@ -40,5 +44,3 @@ index d27cb60..87390bd 100644
} control;
ssize_t n;
int v;
---
-cgit v0.9.0.2-2-gbebe
diff --git a/0009-systemd-mount-the-securityfs-filesystem-at-early-sta.patch b/0009-systemd-mount-the-securityfs-filesystem-at-early-sta.patch
new file mode 100644
index 0000000..064a2a5
--- /dev/null
+++ b/0009-systemd-mount-the-securityfs-filesystem-at-early-sta.patch
@@ -0,0 +1,95 @@
+From 9f0b100352e3f14b212b8758613d8a8220e67846 Mon Sep 17 00:00:00 2001
+From: Roberto Sassu <roberto.sassu at polito.it>
+Date: Thu, 15 Mar 2012 19:06:10 +0100
+Subject: [PATCH] systemd: mount the securityfs filesystem at early stage
+
+This is an S/MIME signed message
+
+The mount of the securityfs filesystem is now performed in the main systemd
+executable as it is used by IMA to provide the interface for loading custom
+policies. The unit file 'units/sys-kernel-security.mount' has been removed
+because it is not longer necessary.
+
+Signed-off-by: Roberto Sassu <roberto.sassu at polito.it>
+Acked-by: Gianluca Ramunno <ramunno at polito.it>
+(cherry picked from commit 160481f68d0a5f26f75c04fb576fb854fd5416a5)
+---
+ Makefile.am | 3 ---
+ src/mount-setup.c | 6 ++++--
+ units/sys-kernel-security.mount | 17 -----------------
+ 3 files changed, 4 insertions(+), 22 deletions(-)
+ delete mode 100644 units/sys-kernel-security.mount
+
+diff --git a/Makefile.am b/Makefile.am
+index 079c118..af295a0 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -291,7 +291,6 @@ dist_systemunit_DATA = \
+ units/dev-mqueue.mount \
+ units/sys-kernel-config.mount \
+ units/sys-kernel-debug.mount \
+- units/sys-kernel-security.mount \
+ units/sys-fs-fuse-connections.mount \
+ units/var-run.mount \
+ units/media.mount \
+@@ -2349,7 +2348,6 @@ systemd-install-data-hook:
+ dev-mqueue.mount \
+ sys-kernel-config.mount \
+ sys-kernel-debug.mount \
+- sys-kernel-security.mount \
+ sys-fs-fuse-connections.mount \
+ systemd-modules-load.service \
+ systemd-tmpfiles-setup.service \
+@@ -2359,7 +2357,6 @@ systemd-install-data-hook:
+ $(LN_S) ../dev-mqueue.mount dev-mqueue.mount && \
+ $(LN_S) ../sys-kernel-config.mount sys-kernel-config.mount && \
+ $(LN_S) ../sys-kernel-debug.mount sys-kernel-debug.mount && \
+- $(LN_S) ../sys-kernel-security.mount sys-kernel-security.mount && \
+ $(LN_S) ../sys-fs-fuse-connections.mount sys-fs-fuse-connections.mount && \
+ $(LN_S) ../systemd-modules-load.service systemd-modules-load.service && \
+ $(LN_S) ../systemd-tmpfiles-setup.service systemd-tmpfiles-setup.service && \
+diff --git a/src/mount-setup.c b/src/mount-setup.c
+index 7c14ea8..aaffb65 100644
+--- a/src/mount-setup.c
++++ b/src/mount-setup.c
+@@ -51,13 +51,15 @@ typedef struct MountPoint {
+ } MountPoint;
+
+ /* The first three entries we might need before SELinux is up. The
+- * other ones we can delay until SELinux is loaded. */
+-#define N_EARLY_MOUNT 3
++ * fourth (securityfs) is needed by IMA to load a custom policy. The
++ * other ones we can delay until SELinux and IMA are loaded. */
++#define N_EARLY_MOUNT 4
+
+ static const MountPoint mount_table[] = {
+ { "proc", "/proc", "proc", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
+ { "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
+ { "devtmpfs", "/dev", "devtmpfs", "mode=755", MS_NOSUID, true },
++ { "securityfs", "/sys/kernel/security", "securityfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, false },
+ { "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV, true },
+ { "devpts", "/dev/pts", "devpts", "mode=620,gid=" STRINGIFY(TTY_GID), MS_NOSUID|MS_NOEXEC, false },
+ { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV, true },
+diff --git a/units/sys-kernel-security.mount b/units/sys-kernel-security.mount
+deleted file mode 100644
+index 80cd761..0000000
+--- a/units/sys-kernel-security.mount
++++ /dev/null
+@@ -1,17 +0,0 @@
+-# This file is part of systemd.
+-#
+-# systemd is free software; you can redistribute it and/or modify it
+-# under the terms of the GNU General Public License as published by
+-# the Free Software Foundation; either version 2 of the License, or
+-# (at your option) any later version.
+-
+-[Unit]
+-Description=Security File System
+-DefaultDependencies=no
+-ConditionPathExists=/sys/kernel/security
+-Before=sysinit.target
+-
+-[Mount]
+-What=securityfs
+-Where=/sys/kernel/security
+-Type=securityfs
diff --git a/0010-main-added-support-for-loading-IMA-custom-policies.patch b/0010-main-added-support-for-loading-IMA-custom-policies.patch
new file mode 100644
index 0000000..2e44ad8
--- /dev/null
+++ b/0010-main-added-support-for-loading-IMA-custom-policies.patch
@@ -0,0 +1,281 @@
+From 9281cdd00b1a07d499040b8778af023c7cb8342b Mon Sep 17 00:00:00 2001
+From: Roberto Sassu <roberto.sassu at polito.it>
+Date: Thu, 15 Mar 2012 19:06:11 +0100
+Subject: [PATCH] main: added support for loading IMA custom policies
+
+This is an S/MIME signed message
+
+The new function ima_setup() loads an IMA custom policy from a file in the
+default location '/etc/ima/ima-policy', if present, and writes it to the
+path 'ima/policy' in the security filesystem. This function is executed
+at early stage in order to avoid that some file operations are not measured
+by IMA and it is placed after the initialization of SELinux because IMA
+needs the latter (or other security modules) to understand LSM-specific
+rules. This feature is enabled by default and can be disabled by providing
+the option '--disable-ima' to the configure script.
+
+Signed-off-by: Roberto Sassu <roberto.sassu at polito.it>
+Acked-by: Gianluca Ramunno <ramunno at polito.it>
+(cherry picked from commit 816115863962548a9a0d9fbfe429c7f8e685beac)
+---
+ Makefile.am | 1 +
+ configure.ac | 14 +++++++
+ src/build.h | 8 +++-
+ src/ima-setup.c | 115 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ src/ima-setup.h | 29 ++++++++++++++
+ src/main.c | 6 ++-
+ 6 files changed, 171 insertions(+), 2 deletions(-)
+ create mode 100644 src/ima-setup.c
+ create mode 100644 src/ima-setup.h
+
+diff --git a/Makefile.am b/Makefile.am
+index af295a0..36a385f 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -516,6 +516,7 @@ libsystemd_core_la_SOURCES = \
+ src/mount-setup.c \
+ src/hostname-setup.c \
+ src/selinux-setup.c \
++ src/ima-setup.c \
+ src/loopback-setup.c \
+ src/kmod-setup.c \
+ src/locale-setup.c \
+diff --git a/configure.ac b/configure.ac
+index 629e505..976020d 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -127,6 +127,19 @@ PKG_CHECK_MODULES(UDEV, [ libudev >= 172 ])
+ PKG_CHECK_MODULES(DBUS, [ dbus-1 >= 1.3.2 ])
+ PKG_CHECK_MODULES(KMOD, [ libkmod >= 5 ])
+
++have_ima=yes
++AC_ARG_ENABLE([ima], AS_HELP_STRING([--disable-ima],[Disable optional IMA support]),
++ [case "${enableval}" in
++ yes) have_ima=yes ;;
++ no) have_ima=no ;;
++ *) AC_MSG_ERROR(bad value ${enableval} for --disable-ima) ;;
++ esac],
++ [have_ima=yes])
++
++if test "x${have_ima}" != xno ; then
++ AC_DEFINE(HAVE_IMA, 1, [Define if IMA is available])
++fi
++
+ have_selinux=no
+ AC_ARG_ENABLE(selinux, AS_HELP_STRING([--disable-selinux], [Disable optional SELINUX support]))
+ if test "x$enable_selinux" != "xno"; then
+@@ -629,6 +642,7 @@ AC_MSG_RESULT([
+ tcpwrap: ${have_tcpwrap}
+ PAM: ${have_pam}
+ AUDIT: ${have_audit}
++ IMA: ${have_ima}
+ SELinux: ${have_selinux}
+ XZ: ${have_xz}
+ ACL: ${have_acl}
+diff --git a/src/build.h b/src/build.h
+index 50cd79d..0619013 100644
+--- a/src/build.h
++++ b/src/build.h
+@@ -46,6 +46,12 @@
+ #define _SELINUX_FEATURE_ "-SELINUX"
+ #endif
+
++#ifdef HAVE_IMA
++#define _IMA_FEATURE_ "+IMA"
++#else
++#define _IMA_FEATURE_ "-IMA"
++#endif
++
+ #ifdef HAVE_SYSV_COMPAT
+ #define _SYSVINIT_FEATURE_ "+SYSVINIT"
+ #else
+@@ -58,6 +64,6 @@
+ #define _LIBCRYPTSETUP_FEATURE_ "-LIBCRYPTSETUP"
+ #endif
+
+-#define SYSTEMD_FEATURES _PAM_FEATURE_ " " _LIBWRAP_FEATURE_ " " _AUDIT_FEATURE_ " " _SELINUX_FEATURE_ " " _SYSVINIT_FEATURE_ " " _LIBCRYPTSETUP_FEATURE_
++#define SYSTEMD_FEATURES _PAM_FEATURE_ " " _LIBWRAP_FEATURE_ " " _AUDIT_FEATURE_ " " _SELINUX_FEATURE_ " " _IMA_FEATURE_ " " _SYSVINIT_FEATURE_ " " _LIBCRYPTSETUP_FEATURE_
+
+ #endif
+diff --git a/src/ima-setup.c b/src/ima-setup.c
+new file mode 100644
+index 0000000..03e43dc
+--- /dev/null
++++ b/src/ima-setup.c
+@@ -0,0 +1,115 @@
++/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
++
++/***
++ This file is part of systemd.
++
++ Copyright 2010 Lennart Poettering
++ Copyright (C) 2012 Roberto Sassu - Politecnico di Torino, Italy
++ TORSEC group -- http://security.polito.it
++
++ systemd is free software; you can redistribute it and/or modify it
++ under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2 of the License, or
++ (at your option) any later version.
++
++ systemd is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
++***/
++
++#include <unistd.h>
++#include <stdio.h>
++#include <errno.h>
++#include <string.h>
++#include <stdlib.h>
++#include <fcntl.h>
++#include <sys/stat.h>
++#include <sys/mman.h>
++
++#include "ima-setup.h"
++#include "mount-setup.h"
++#include "macro.h"
++#include "util.h"
++#include "log.h"
++#include "label.h"
++
++#define IMA_SECFS_DIR "/sys/kernel/security/ima"
++#define IMA_SECFS_POLICY IMA_SECFS_DIR "/policy"
++#define IMA_POLICY_PATH "/etc/ima/ima-policy"
++
++int ima_setup(void) {
++
++#ifdef HAVE_IMA
++ struct stat st;
++ ssize_t policy_size = 0, written = 0;
++ char *policy;
++ int policyfd = -1, imafd = -1;
++ int result = 0;
++
++#ifndef HAVE_SELINUX
++ /* Mount the securityfs filesystem */
++ mount_setup_early();
++#endif
++
++ if (stat(IMA_POLICY_PATH, &st) < 0)
++ return 0;
++
++ policy_size = st.st_size;
++ if (stat(IMA_SECFS_DIR, &st) < 0) {
++ log_debug("IMA support is disabled in the kernel, ignoring.");
++ return 0;
++ }
++
++ if (stat(IMA_SECFS_POLICY, &st) < 0) {
++ log_error("Another IMA custom policy has already been loaded, "
++ "ignoring.");
++ return 0;
++ }
++
++ policyfd = open(IMA_POLICY_PATH, O_RDONLY|O_CLOEXEC);
++ if (policyfd < 0) {
++ log_error("Failed to open the IMA custom policy file %s (%m), "
++ "ignoring.", IMA_POLICY_PATH);
++ return 0;
++ }
++
++ imafd = open(IMA_SECFS_POLICY, O_WRONLY|O_CLOEXEC);
++ if (imafd < 0) {
++ log_error("Failed to open the IMA kernel interface %s (%m), "
++ "ignoring.", IMA_SECFS_POLICY);
++ goto out;
++ }
++
++ policy = mmap(NULL, policy_size, PROT_READ, MAP_PRIVATE, policyfd, 0);
++ if (policy == MAP_FAILED) {
++ log_error("mmap() failed (%m), freezing");
++ result = -errno;
++ goto out;
++ }
++
++ written = loop_write(imafd, policy, (size_t)policy_size, false);
++ if (written != policy_size) {
++ log_error("Failed to load the IMA custom policy file %s (%m), "
++ "ignoring.", IMA_POLICY_PATH);
++ goto out_mmap;
++ }
++
++ log_info("Successfully loaded the IMA custom policy %s.",
++ IMA_POLICY_PATH);
++out_mmap:
++ munmap(policy, policy_size);
++out:
++ if (policyfd >= 0)
++ close_nointr_nofail(policyfd);
++ if (imafd >= 0)
++ close_nointr_nofail(imafd);
++ if (result)
++ return result;
++#endif /* HAVE_IMA */
++
++ return 0;
++}
+diff --git a/src/ima-setup.h b/src/ima-setup.h
+new file mode 100644
+index 0000000..7d677cf
+--- /dev/null
++++ b/src/ima-setup.h
+@@ -0,0 +1,29 @@
++/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
++
++#ifndef fooimasetuphfoo
++#define fooimasetuphfoo
++
++/***
++ This file is part of systemd.
++
++ Copyright 2010 Lennart Poettering
++ Copyright (C) 2012 Roberto Sassu - Politecnico di Torino, Italy
++ TORSEC group -- http://security.polito.it
++
++ systemd is free software; you can redistribute it and/or modify it
++ under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2 of the License, or
++ (at your option) any later version.
++
++ systemd is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
++***/
++
++int ima_setup(void);
++
++#endif
+diff --git a/src/main.c b/src/main.c
+index ed317b4..7ae8841 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -41,6 +41,7 @@
+ #include "kmod-setup.h"
+ #include "locale-setup.h"
+ #include "selinux-setup.h"
++#include "ima-setup.h"
+ #include "machine-id-setup.h"
+ #include "load-fragment.h"
+ #include "fdset.h"
+@@ -1203,9 +1204,12 @@ int main(int argc, char *argv[]) {
+ arg_running_as = MANAGER_SYSTEM;
+ log_set_target(detect_container(NULL) > 0 ? LOG_TARGET_CONSOLE : LOG_TARGET_JOURNAL_OR_KMSG);
+
+- if (!is_reexec)
++ if (!is_reexec) {
+ if (selinux_setup(&loaded_policy) < 0)
+ goto finish;
++ if (ima_setup() < 0)
++ goto finish;
++ }
+
+ log_open();
+
diff --git a/0011-man-systemd-cat-1-typo-fix.patch b/0011-man-systemd-cat-1-typo-fix.patch
new file mode 100644
index 0000000..7738d79
--- /dev/null
+++ b/0011-man-systemd-cat-1-typo-fix.patch
@@ -0,0 +1,24 @@
+From d9e0101e7168205d7c89d3167768714d24e755be Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 22 Mar 2012 00:35:19 +0100
+Subject: [PATCH] man: systemd-cat(1) typo fix
+
+Noticed by Sergey Ptashnick
+(cherry picked from commit 9adf646d0ae85192027319e2f47f2d092a298d99)
+---
+ man/systemd-cat.xml | 2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/man/systemd-cat.xml b/man/systemd-cat.xml
+index 5e5431f..350a345 100644
+--- a/man/systemd-cat.xml
++++ b/man/systemd-cat.xml
+@@ -66,7 +66,7 @@
+ generates to the journal.</para>
+
+ <para>If no parameter is passed
+- <command>systemd-command</command> will write
++ <command>systemd-cat</command> will write
+ everything it reads from standard input (STDIN) to the journal.</para>
+
+ <para>If parameters are passed they are executed as
diff --git a/0012-binfmt-fix-apply-loop.patch b/0012-binfmt-fix-apply-loop.patch
new file mode 100644
index 0000000..3c35fd9
--- /dev/null
+++ b/0012-binfmt-fix-apply-loop.patch
@@ -0,0 +1,24 @@
+From f0bd52e567edb38d1648865bd86aaf37c2e1166d Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 22 Mar 2012 00:35:42 +0100
+Subject: [PATCH] binfmt: fix apply loop
+
+Noticed by Sergey Ptashnick
+(cherry picked from commit 170dcb7bd575f61aa75ce55d7fc0183ace6b8b76)
+---
+ src/binfmt/binfmt.c | 2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/src/binfmt/binfmt.c b/src/binfmt/binfmt.c
+index 28925ac..3c8d815 100644
+--- a/src/binfmt/binfmt.c
++++ b/src/binfmt/binfmt.c
+@@ -130,7 +130,7 @@ int main(int argc, char *argv[]) {
+ for (i = 1; i < argc; i++) {
+ int k;
+
+- k = apply_file(argv[1], false);
++ k = apply_file(argv[i], false);
+ if (k < 0 && r == 0)
+ r = k;
+ }
diff --git a/0013-add-sparse-support-to-detect-endianness-bug.patch b/0013-add-sparse-support-to-detect-endianness-bug.patch
new file mode 100644
index 0000000..35f398c
--- /dev/null
+++ b/0013-add-sparse-support-to-detect-endianness-bug.patch
@@ -0,0 +1,379 @@
+From c29bdf1fac1d1e51c317e627cf0f7db7339a9a69 Mon Sep 17 00:00:00 2001
+From: Frederic Crozat <fcrozat at suse.com>
+Date: Fri, 16 Mar 2012 11:59:04 +0100
+Subject: [PATCH] add sparse support to detect endianness bug
+
+le16/32/64_t type should be used when storing little-endian value
+
+header to integrate with sparse from Josh Triplett <josh at joshtriplett.org>
+(cherry picked from commit 4fd052aede13eb3041277c54ac2f5dee6e6c29cf)
+---
+ src/journal/journal-def.h | 74 +++++++++++++++++-----------------
+ src/journal/journal-file.c | 15 ++++---
+ src/journal/journal-file.h | 1 +
+ src/journal/journal-internal.h | 2 +-
+ src/journal/journald.c | 5 +-
+ src/journal/sd-journal.c | 10 +++--
+ src/journal/sparse-endian.h | 87 ++++++++++++++++++++++++++++++++++++++++
+ 7 files changed, 143 insertions(+), 51 deletions(-)
+ create mode 100644 src/journal/sparse-endian.h
+
+diff --git a/src/journal/journal-def.h b/src/journal/journal-def.h
+index 964e0c2..9cb8051 100644
+--- a/src/journal/journal-def.h
++++ b/src/journal/journal-def.h
+@@ -22,7 +22,7 @@
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+ ***/
+
+-#include <inttypes.h>
++#include "sparse-endian.h"
+
+ #include <systemd/sd-id128.h>
+
+@@ -60,48 +60,48 @@ _packed_ struct ObjectHeader {
+ uint8_t type;
+ uint8_t flags;
+ uint8_t reserved[6];
+- uint64_t size;
++ le64_t size;
+ uint8_t payload[];
+ };
+
+ _packed_ struct DataObject {
+ ObjectHeader object;
+- uint64_t hash;
+- uint64_t next_hash_offset;
+- uint64_t next_field_offset;
+- uint64_t entry_offset; /* the first array entry we store inline */
+- uint64_t entry_array_offset;
+- uint64_t n_entries;
++ le64_t hash;
++ le64_t next_hash_offset;
++ le64_t next_field_offset;
++ le64_t entry_offset; /* the first array entry we store inline */
++ le64_t entry_array_offset;
++ le64_t n_entries;
+ uint8_t payload[];
+ };
+
+ _packed_ struct FieldObject {
+ ObjectHeader object;
+- uint64_t hash;
+- uint64_t next_hash_offset;
+- uint64_t head_data_offset;
+- uint64_t tail_data_offset;
++ le64_t hash;
++ le64_t next_hash_offset;
++ le64_t head_data_offset;
++ le64_t tail_data_offset;
+ uint8_t payload[];
+ };
+
+ _packed_ struct EntryItem {
+- uint64_t object_offset;
+- uint64_t hash;
++ le64_t object_offset;
++ le64_t hash;
+ };
+
+ _packed_ struct EntryObject {
+ ObjectHeader object;
+- uint64_t seqnum;
+- uint64_t realtime;
+- uint64_t monotonic;
++ le64_t seqnum;
++ le64_t realtime;
++ le64_t monotonic;
+ sd_id128_t boot_id;
+- uint64_t xor_hash;
++ le64_t xor_hash;
+ EntryItem items[];
+ };
+
+ _packed_ struct HashItem {
+- uint64_t head_hash_offset;
+- uint64_t tail_hash_offset;
++ le64_t head_hash_offset;
++ le64_t tail_hash_offset;
+ };
+
+ _packed_ struct HashTableObject {
+@@ -111,8 +111,8 @@ _packed_ struct HashTableObject {
+
+ _packed_ struct EntryArrayObject {
+ ObjectHeader object;
+- uint64_t next_entry_array_offset;
+- uint64_t items[];
++ le64_t next_entry_array_offset;
++ le64_t items[];
+ };
+
+ union Object {
+@@ -145,21 +145,21 @@ _packed_ struct Header {
+ sd_id128_t machine_id;
+ sd_id128_t boot_id;
+ sd_id128_t seqnum_id;
+- uint64_t arena_offset;
+- uint64_t arena_size;
+- uint64_t data_hash_table_offset; /* for looking up data objects */
+- uint64_t data_hash_table_size;
+- uint64_t field_hash_table_offset; /* for looking up field objects */
+- uint64_t field_hash_table_size;
+- uint64_t tail_object_offset;
+- uint64_t n_objects;
+- uint64_t n_entries;
+- uint64_t seqnum;
+- uint64_t first_seqnum;
+- uint64_t entry_array_offset;
+- uint64_t head_entry_realtime;
+- uint64_t tail_entry_realtime;
+- uint64_t tail_entry_monotonic;
++ le64_t arena_offset;
++ le64_t arena_size;
++ le64_t data_hash_table_offset; /* for looking up data objects */
++ le64_t data_hash_table_size;
++ le64_t field_hash_table_offset; /* for looking up field objects */
++ le64_t field_hash_table_size;
++ le64_t tail_object_offset;
++ le64_t n_objects;
++ le64_t n_entries;
++ le64_t seqnum;
++ le64_t first_seqnum;
++ le64_t entry_array_offset;
++ le64_t head_entry_realtime;
++ le64_t tail_entry_realtime;
++ le64_t tail_entry_monotonic;
+ };
+
+ #endif
+diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
+index 5d540a7..c7ebcdb 100644
+--- a/src/journal/journal-file.c
++++ b/src/journal/journal-file.c
+@@ -793,8 +793,8 @@ static uint64_t journal_file_entry_array_n_items(Object *o) {
+ }
+
+ static int link_entry_into_array(JournalFile *f,
+- uint64_t *first,
+- uint64_t *idx,
++ le64_t *first,
++ le64_t *idx,
+ uint64_t p) {
+ int r;
+ uint64_t n = 0, ap = 0, q, i, a, hidx;
+@@ -857,9 +857,9 @@ static int link_entry_into_array(JournalFile *f,
+ }
+
+ static int link_entry_into_array_plus_one(JournalFile *f,
+- uint64_t *extra,
+- uint64_t *first,
+- uint64_t *idx,
++ le64_t *extra,
++ le64_t *first,
++ le64_t *idx,
+ uint64_t p) {
+
+ int r;
+@@ -873,7 +873,7 @@ static int link_entry_into_array_plus_one(JournalFile *f,
+ if (*idx == 0)
+ *extra = htole64(p);
+ else {
+- uint64_t i;
++ le64_t i;
+
+ i = htole64(le64toh(*idx) - 1);
+ r = link_entry_into_array(f, first, &i, p);
+@@ -2144,7 +2144,8 @@ int journal_file_copy_entry(JournalFile *from, JournalFile *to, Object *o, uint6
+ items = alloca(sizeof(EntryItem) * n);
+
+ for (i = 0; i < n; i++) {
+- uint64_t le_hash, l, h;
++ uint64_t l, h;
++ le64_t le_hash;
+ size_t t;
+ void *data;
+ Object *u;
+diff --git a/src/journal/journal-file.h b/src/journal/journal-file.h
+index 4d6e140..57d66ca 100644
+--- a/src/journal/journal-file.h
++++ b/src/journal/journal-file.h
+@@ -26,6 +26,7 @@
+
+ #include <systemd/sd-id128.h>
+
++#include "sparse-endian.h"
+ #include "journal-def.h"
+ #include "util.h"
+
+diff --git a/src/journal/journal-internal.h b/src/journal/journal-internal.h
+index e5914bf..17f1d31 100644
+--- a/src/journal/journal-internal.h
++++ b/src/journal/journal-internal.h
+@@ -35,7 +35,7 @@ typedef struct Match Match;
+ struct Match {
+ char *data;
+ size_t size;
+- uint64_t le_hash;
++ le64_t le_hash;
+
+ LIST_FIELDS(Match, matches);
+ };
+diff --git a/src/journal/journald.c b/src/journal/journald.c
+index 87390bd..f0f5103 100644
+--- a/src/journal/journald.c
++++ b/src/journal/journald.c
+@@ -1258,6 +1258,7 @@ static void process_native_message(
+ p = e + 1;
+ continue;
+ } else {
++ le64_t l_le;
+ uint64_t l;
+ char *k;
+
+@@ -1266,8 +1267,8 @@ static void process_native_message(
+ break;
+ }
+
+- memcpy(&l, e + 1, sizeof(uint64_t));
+- l = le64toh(l);
++ memcpy(&l_le, e + 1, sizeof(uint64_t));
++ l = le64toh(l_le);
+
+ if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
+ e[1+sizeof(uint64_t)+l] != '\n') {
+diff --git a/src/journal/sd-journal.c b/src/journal/sd-journal.c
+index 86ac267..e9cd26e 100644
+--- a/src/journal/sd-journal.c
++++ b/src/journal/sd-journal.c
+@@ -108,7 +108,7 @@ static int same_field(const void *_a, size_t s, const void *_b, size_t t) {
+
+ _public_ int sd_journal_add_match(sd_journal *j, const void *data, size_t size) {
+ Match *m, *after = NULL;
+- uint64_t le_hash;
++ le64_t le_hash;
+
+ if (!j)
+ return -EINVAL;
+@@ -356,7 +356,7 @@ static int find_location(sd_journal *j, JournalFile *f, direction_t direction, O
+ Object *c, *d;
+ uint64_t cp, dp;
+
+- r = journal_file_find_data_object_with_hash(f, m->data, m->size, m->le_hash, &d, &dp);
++ r = journal_file_find_data_object_with_hash(f, m->data, m->size, le64toh(m->le_hash), &d, &dp);
+ if (r <= 0)
+ return r;
+
+@@ -1349,7 +1349,8 @@ _public_ int sd_journal_get_data(sd_journal *j, const char *field, const void **
+
+ n = journal_file_entry_n_items(o);
+ for (i = 0; i < n; i++) {
+- uint64_t p, l, le_hash;
++ uint64_t p, l;
++ le64_t le_hash;
+ size_t t;
+
+ p = le64toh(o->entry.items[i].object_offset);
+@@ -1410,7 +1411,8 @@ _public_ int sd_journal_get_data(sd_journal *j, const char *field, const void **
+
+ _public_ int sd_journal_enumerate_data(sd_journal *j, const void **data, size_t *size) {
+ JournalFile *f;
+- uint64_t p, l, n, le_hash;
++ uint64_t p, l, n;
++ le64_t le_hash;
+ int r;
+ Object *o;
+ size_t t;
+diff --git a/src/journal/sparse-endian.h b/src/journal/sparse-endian.h
+new file mode 100644
+index 0000000..eb4dbf3
+--- /dev/null
++++ b/src/journal/sparse-endian.h
+@@ -0,0 +1,87 @@
++/* Copyright (c) 2012 Josh Triplett <josh at joshtriplett.org>
++ *
++ * Permission is hereby granted, free of charge, to any person obtaining a copy
++ * of this software and associated documentation files (the "Software"), to
++ * deal in the Software without restriction, including without limitation the
++ * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
++ * sell copies of the Software, and to permit persons to whom the Software is
++ * furnished to do so, subject to the following conditions:
++ *
++ * The above copyright notice and this permission notice shall be included in
++ * all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
++ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
++ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
++ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
++ * IN THE SOFTWARE.
++ */
++#ifndef SPARSE_ENDIAN_H
++#define SPARSE_ENDIAN_H
++
++#include <endian.h>
++#include <stdint.h>
++
++#ifdef __CHECKER__
++#define __bitwise __attribute__((bitwise))
++#define __force __attribute__((force))
++#else
++#define __bitwise
++#define __force
++#endif
++
++typedef uint16_t __bitwise le16_t;
++typedef uint16_t __bitwise be16_t;
++typedef uint32_t __bitwise le32_t;
++typedef uint32_t __bitwise be32_t;
++typedef uint64_t __bitwise le64_t;
++typedef uint64_t __bitwise be64_t;
++
++#undef htobe16
++#undef htole16
++#undef be16toh
++#undef le16toh
++#undef htobe32
++#undef htole32
++#undef be32toh
++#undef le32toh
++#undef htobe64
++#undef htole64
++#undef be64toh
++#undef le64toh
++
++#if __BYTE_ORDER == __LITTLE_ENDIAN
++#define bswap_16_on_le(x) __bswap_16(x)
++#define bswap_32_on_le(x) __bswap_32(x)
++#define bswap_64_on_le(x) __bswap_64(x)
++#define bswap_16_on_be(x) (x)
++#define bswap_32_on_be(x) (x)
++#define bswap_64_on_be(x) (x)
++#elif __BYTE_ORDER == __BIG_ENDIAN
++#define bswap_16_on_le(x) (x)
++#define bswap_32_on_le(x) (x)
++#define bswap_64_on_le(x) (x)
++#define bswap_16_on_be(x) __bswap_16(x)
++#define bswap_32_on_be(x) __bswap_32(x)
++#define bswap_64_on_be(x) __bswap_64(x)
++#endif
++
++static inline le16_t htole16(uint16_t value) { return (le16_t __force) bswap_16_on_be(value); }
++static inline le32_t htole32(uint32_t value) { return (le32_t __force) bswap_32_on_be(value); }
++static inline le64_t htole64(uint64_t value) { return (le64_t __force) bswap_64_on_be(value); }
++
++static inline be16_t htobe16(uint16_t value) { return (be16_t __force) bswap_16_on_le(value); }
++static inline be32_t htobe32(uint32_t value) { return (be32_t __force) bswap_32_on_le(value); }
++static inline be64_t htobe64(uint64_t value) { return (be64_t __force) bswap_64_on_le(value); }
++
++static inline uint16_t le16toh(le16_t value) { return bswap_16_on_be((uint16_t __force)value); }
++static inline uint32_t le32toh(le32_t value) { return bswap_32_on_be((uint32_t __force)value); }
++static inline uint64_t le64toh(le64_t value) { return bswap_64_on_be((uint64_t __force)value); }
++
++static inline uint16_t be16toh(be16_t value) { return bswap_16_on_le((uint16_t __force)value); }
++static inline uint32_t be32toh(be32_t value) { return bswap_32_on_le((uint32_t __force)value); }
++static inline uint64_t be64toh(be64_t value) { return bswap_64_on_le((uint64_t __force)value); }
++
++#endif /* SPARSE_ENDIAN_H */
diff --git a/0014-update-TODO.patch b/0014-update-TODO.patch
new file mode 100644
index 0000000..edbe5f2
--- /dev/null
+++ b/0014-update-TODO.patch
@@ -0,0 +1,23 @@
+From 45f7f5413c6767689492b6a981942e168cffbbff Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 22 Mar 2012 01:42:34 +0100
+Subject: [PATCH] update TODO (cherry picked from commit
+ 6ba383fa49e01302dfeae1f5083bb942b055628b)
+
+---
+ TODO | 2 ++
+ 1 files changed, 2 insertions(+), 0 deletions(-)
+
+diff --git a/TODO b/TODO
+index 3e11f70..176c2a7 100644
+--- a/TODO
++++ b/TODO
+@@ -18,6 +18,8 @@ Bugfixes:
+
+ Features:
+
++* add man page documenting all kernel cmdline options, including stuff like fsck.mode=
++
+ * show getty in container mode, not sulogin
+
+ * support container_ttys=
diff --git a/0015-logind-extend-comment-about-X11-socket-symlink.patch b/0015-logind-extend-comment-about-X11-socket-symlink.patch
new file mode 100644
index 0000000..c8fcd78
--- /dev/null
+++ b/0015-logind-extend-comment-about-X11-socket-symlink.patch
@@ -0,0 +1,26 @@
+From 37b4f8f1e56788e55e18cd855c8c96b15f894015 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 22 Mar 2012 01:43:36 +0100
+Subject: [PATCH] logind: extend comment about X11 socket symlink (cherry
+ picked from commit
+ c9d8629baa09f853fbcc44972c9748e70562270c)
+
+---
+ src/login/logind-session.c | 4 ++++
+ 1 files changed, 4 insertions(+), 0 deletions(-)
+
+diff --git a/src/login/logind-session.c b/src/login/logind-session.c
+index af9c12d..4e0af86 100644
+--- a/src/login/logind-session.c
++++ b/src/login/logind-session.c
+@@ -391,6 +391,10 @@ static int session_link_x11_socket(Session *s) {
+ return -ENOENT;
+ }
+
++ /* Note that this cannot be in a subdir to avoid
++ * vulnerabilities since we are privileged but the runtime
++ * path is owned by the user */
++
+ t = strappend(s->user->runtime_path, "/X11-display");
+ if (!t) {
+ log_error("Out of memory");
diff --git a/0016-logind-close-FIFO-before-ending-sessions-cleanly.patch b/0016-logind-close-FIFO-before-ending-sessions-cleanly.patch
new file mode 100644
index 0000000..b205ed9
--- /dev/null
+++ b/0016-logind-close-FIFO-before-ending-sessions-cleanly.patch
@@ -0,0 +1,154 @@
+From 4887f9ab1f8b585fad235d1bbd5407a5fda84402 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Thu, 22 Mar 2012 02:06:40 +0100
+Subject: [PATCH] logind: close FIFO before ending sessions cleanly
+
+For clean session endings ask logind explicitly to get rid of the FIFO
+before closing it so that the FIFO logic doesn't result in su/sudo to be
+terminated immediately.
+(cherry picked from commit 75c8e3cffd7da8eede614cf61384957af2c82a29)
+---
+ src/login/logind-dbus.c | 30 ++++++++++++++++++++
+ src/login/pam-module.c | 71 +++++++++++++++++++++++++++++++++++++++++++++--
+ 2 files changed, 98 insertions(+), 3 deletions(-)
+
+diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
+index d8f4d89..ea6b89f 100644
+--- a/src/login/logind-dbus.c
++++ b/src/login/logind-dbus.c
+@@ -80,6 +80,9 @@
+ " <arg name=\"seat\" type=\"s\" direction=\"out\"/>\n" \
+ " <arg name=\"vtnr\" type=\"u\" direction=\"out\"/>\n" \
+ " </method>\n" \
++ " <method name=\"ReleaseSession\">\n" \
++ " <arg name=\"id\" type=\"s\" direction=\"in\"/>\n" \
++ " </method>\n" \
+ " <method name=\"ActivateSession\">\n" \
+ " <arg name=\"id\" type=\"s\" direction=\"in\"/>\n" \
+ " </method>\n" \
+@@ -1075,6 +1078,33 @@ static DBusHandlerResult manager_message_handler(
+ if (r < 0)
+ return bus_send_error_reply(connection, message, &error, r);
+
++ } else if (dbus_message_is_method_call(message, "org.freedesktop.login1.Manager", "ReleaseSession")) {
++ const char *name;
++ Session *session;
++
++ if (!dbus_message_get_args(
++ message,
++ &error,
++ DBUS_TYPE_STRING, &name,
++ DBUS_TYPE_INVALID))
++ return bus_send_error_reply(connection, message, &error, -EINVAL);
++
++ session = hashmap_get(m->sessions, name);
++ if (!session)
++ return bus_send_error_reply(connection, message, &error, -ENOENT);
++
++ /* We use the FIFO to detect stray sessions where the
++ process invoking PAM dies abnormally. We need to make
++ sure that that process is not killed if at the clean
++ end of the session it closes the FIFO. Hence, with
++ this call explicitly turn off the FIFO logic, so that
++ the PAM code can finish clean up on its own */
++ session_remove_fifo(session);
++
++ reply = dbus_message_new_method_return(message);
++ if (!reply)
++ goto oom;
++
+ } else if (dbus_message_is_method_call(message, "org.freedesktop.login1.Manager", "ActivateSession")) {
+ const char *name;
+ Session *session;
+diff --git a/src/login/pam-module.c b/src/login/pam-module.c
+index 8544413..4106d2b 100644
+--- a/src/login/pam-module.c
++++ b/src/login/pam-module.c
+@@ -414,7 +414,6 @@ _public_ PAM_EXTERN int pam_sm_open_session(
+ "/org/freedesktop/login1",
+ "org.freedesktop.login1.Manager",
+ "CreateSession");
+-
+ if (!m) {
+ pam_syslog(handle, LOG_ERR, "Could not allocate create session message.");
+ r = PAM_BUF_ERR;
+@@ -620,11 +619,77 @@ _public_ PAM_EXTERN int pam_sm_close_session(
+ int argc, const char **argv) {
+
+ const void *p = NULL;
++ const char *id;
++ DBusConnection *bus = NULL;
++ DBusMessage *m = NULL, *reply = NULL;
++ DBusError error;
++ int r;
+
+- pam_get_data(handle, "systemd.session-fd", &p);
++ assert(handle);
++
++ dbus_error_init(&error);
++
++ id = pam_getenv(handle, "XDG_SESSION_ID");
++ if (id) {
++
++ /* Before we go and close the FIFO we need to tell
++ * logind that this is a clean session shutdown, so
++ * that it doesn't just go and slaughter us
++ * immediately after closing the fd */
++
++ bus = dbus_bus_get_private(DBUS_BUS_SYSTEM, &error);
++ if (!bus) {
++ pam_syslog(handle, LOG_ERR, "Failed to connect to system bus: %s", bus_error_message(&error));
++ r = PAM_SESSION_ERR;
++ goto finish;
++ }
++
++ m = dbus_message_new_method_call(
++ "org.freedesktop.login1",
++ "/org/freedesktop/login1",
++ "org.freedesktop.login1.Manager",
++ "ReleaseSession");
++ if (!m) {
++ pam_syslog(handle, LOG_ERR, "Could not allocate release session message.");
++ r = PAM_BUF_ERR;
++ goto finish;
++ }
++
++ if (!dbus_message_append_args(m,
++ DBUS_TYPE_STRING, &id,
++ DBUS_TYPE_INVALID)) {
++ pam_syslog(handle, LOG_ERR, "Could not attach parameters to message.");
++ r = PAM_BUF_ERR;
++ goto finish;
++ }
+
++ reply = dbus_connection_send_with_reply_and_block(bus, m, -1, &error);
++ if (!reply) {
++ pam_syslog(handle, LOG_ERR, "Failed to release session: %s", bus_error_message(&error));
++ r = PAM_SESSION_ERR;
++ goto finish;
++ }
++ }
++
++ r = PAM_SUCCESS;
++
++finish:
++ pam_get_data(handle, "systemd.session-fd", &p);
+ if (p)
+ close_nointr(PTR_TO_INT(p) - 1);
+
+- return PAM_SUCCESS;
++ dbus_error_free(&error);
++
++ if (bus) {
++ dbus_connection_close(bus);
++ dbus_connection_unref(bus);
++ }
++
++ if (m)
++ dbus_message_unref(m);
++
++ if (reply)
++ dbus_message_unref(reply);
++
++ return r;
+ }
diff --git a/0017-man-minor-typo-in-reference-to-manual-page.patch b/0017-man-minor-typo-in-reference-to-manual-page.patch
new file mode 100644
index 0000000..38f81d7
--- /dev/null
+++ b/0017-man-minor-typo-in-reference-to-manual-page.patch
@@ -0,0 +1,23 @@
+From 7d34f8bdf72bd6482b2662ec26ec1d55db365bb9 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Elan=20Ruusam=C3=A4e?= <glen at delfi.ee>
+Date: Sat, 24 Mar 2012 15:06:00 +0200
+Subject: [PATCH] man: minor typo in reference to manual page (cherry picked
+ from commit 6ad548625e53cb4fcf1fd092b44707777d6a5071)
+
+---
+ src/login/systemd-logind.conf | 2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/src/login/systemd-logind.conf b/src/login/systemd-logind.conf
+index 9909804..a8d9833 100644
+--- a/src/login/systemd-logind.conf
++++ b/src/login/systemd-logind.conf
+@@ -5,7 +5,7 @@
+ # the Free Software Foundation; either version 2 of the License, or
+ # (at your option) any later version.
+ #
+-# See system-logind.conf(5) for details
++# See systemd-logind.conf(5) for details
+
+ [Login]
+ #NAutoVTs=6
diff --git a/0018-build-sys-fix-make-dist-check.patch b/0018-build-sys-fix-make-dist-check.patch
new file mode 100644
index 0000000..b3aa4cd
--- /dev/null
+++ b/0018-build-sys-fix-make-dist-check.patch
@@ -0,0 +1,25 @@
+From 9a62688d4ff44fbedf62621a431428f441b44bce Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Mon, 26 Mar 2012 20:56:54 +0200
+Subject: [PATCH] build-sys: fix make dist-check (cherry picked from commit
+ c64c338e31f6e96f20560a426dce3cda0a0cc3ab)
+
+---
+ Makefile.am | 4 +++-
+ 1 files changed, 3 insertions(+), 1 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 36a385f..ab22a30 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -651,7 +651,9 @@ EXTRA_DIST += \
+ src/spawn-agent.h \
+ src/acl-util.h \
+ src/logs-show.h \
+- src/utf8.h
++ src/utf8.h \
++ src/journal/sparse-endian.h \
++ src/ima-setup.h
+
+ MANPAGES = \
+ man/systemd.1 \
diff --git a/0019-journalctl-loginctl-drop-systemd-prefix-in-binary-na.patch b/0019-journalctl-loginctl-drop-systemd-prefix-in-binary-na.patch
new file mode 100644
index 0000000..928f3ad
--- /dev/null
+++ b/0019-journalctl-loginctl-drop-systemd-prefix-in-binary-na.patch
@@ -0,0 +1,1724 @@
+From 249a12f4e0b0bf4a223a34fac9f6240966058e98 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Mon, 26 Mar 2012 20:58:47 +0200
+Subject: [PATCH] journalctl,loginctl: drop systemd- prefix in binary names
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Let's make things a bit easier to type, drop the systemd- prefix for
+journalctl and loginctl, but provide the old names for compat.
+
+All systemd binaries are hence now prefixed with "systemd-" with the
+exception of the three primary user interface binaries:
+
+systemctl
+loginctl
+journalctl
+
+For those three we do provide systemd-xyz names as well, via symlinks:
+
+systemd-systemctl → systemctl
+systemd-loginctl → loginctl
+systemd-journalctl → journalctl
+
+We do this only for the *primary* user tools, in order to avoid
+unnecessary namespace problems. That means tools like systemd-notify
+stay the way they are.
+(cherry picked from commit 169c4f65131fbc7bcb51e7d5487a715cdcd0e0eb)
+---
+ Makefile.am | 56 ++++--
+ TODO | 4 +
+ man/journalctl.xml | 253 +++++++++++++++++++++++
+ man/loginctl.xml | 458 +++++++++++++++++++++++++++++++++++++++++
+ man/systemctl.xml | 7 +-
+ man/systemd-journalctl.xml | 252 ----------------------
+ man/systemd-journald.conf.xml | 2 +-
+ man/systemd-loginctl.xml | 457 ----------------------------------------
+ man/systemd-logind.conf.xml | 2 +-
+ man/systemd.exec.xml | 3 +-
+ 10 files changed, 766 insertions(+), 728 deletions(-)
+ create mode 100644 man/journalctl.xml
+ create mode 100644 man/loginctl.xml
+ delete mode 100644 man/systemd-journalctl.xml
+ delete mode 100644 man/systemd-loginctl.xml
+
+diff --git a/Makefile.am b/Makefile.am
+index ab22a30..6825f8c 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -697,16 +697,22 @@ MANPAGES = \
+ man/systemd-cat.1 \
+ man/systemd-machine-id-setup.1 \
+ man/systemd-journald.conf.5 \
+- man/systemd-journalctl.1
++ man/journalctl.1
+
+ MANPAGES_ALIAS = \
+ man/reboot.8 \
+ man/poweroff.8 \
+- man/init.1
++ man/init.1 \
++ man/systemd-systemctl.1 \
++ man/systemd-loginctl.1 \
++ man/systemd-journalctl.1
+
+ man/reboot.8: man/halt.8
+ man/poweroff.8: man/halt.8
+ man/init.1: man/systemd.1
++man/systemd-systemctl.1: man/systemctl.1
++man/systemd-loginctl.1: man/loginctl.1
++man/systemd-journalctl.1: man/journalctl.1
+
+ XML_FILES = \
+ ${patsubst %.1,%.xml,${patsubst %.3,%.xml,${patsubst %.5,%.xml,${patsubst %.7,%.xml,${patsubst %.8,%.xml,$(MANPAGES)}}}}}
+@@ -986,6 +992,14 @@ systemctl_LDADD = \
+ libsystemd-id128.la \
+ $(DBUS_LIBS)
+
++systemctl-install-hook:
++ cd $(DESTDIR)$(rootbindir) && \
++ rm -f systemd-systemctl && \
++ $(LN_S) systemctl systemd-systemctl
++
++INSTALL_EXEC_HOOKS += \
++ systemctl-install-hook
++
+ systemd_notify_SOURCES = \
+ src/notify.c \
+ src/readahead/sd-readahead.c
+@@ -1260,26 +1274,34 @@ systemd_cat_LDADD = \
+ libsystemd-basic.la \
+ libsystemd-journal.la
+
+-systemd_journalctl_SOURCES = \
++journalctl_SOURCES = \
+ src/journal/journalctl.c \
+ src/pager.c \
+ src/logs-show.c
+
+-systemd_journalctl_LDADD = \
++journalctl_LDADD = \
+ libsystemd-basic.la \
+ libsystemd-journal.la \
+ libsystemd-id128.la
+
+ if HAVE_XZ
+-systemd_journalctl_SOURCES += \
++journalctl_SOURCES += \
+ src/journal/compress.c
+-systemd_journalctl_CFLAGS = \
++journalctl_CFLAGS = \
+ $(AM_CFLAGS) \
+ $(XZ_CFLAGS)
+-systemd_journalctl_LDADD += \
++journalctl_LDADD += \
+ $(XZ_LIBS)
+ endif
+
++journalctl-install-hook:
++ cd $(DESTDIR)$(rootbindir) && \
++ rm -f systemd-journalctl && \
++ $(LN_S) journalctl systemd-journalctl
++
++INSTALL_EXEC_HOOKS += \
++ journalctl-install-hook
++
+ test_journal_SOURCES = \
+ src/journal/test-journal.c \
+ src/journal/sd-journal.c \
+@@ -1366,7 +1388,7 @@ rootlibexec_PROGRAMS += \
+ systemd-journald
+
+ rootbin_PROGRAMS += \
+- systemd-journalctl
++ journalctl
+
+ bin_PROGRAMS += \
+ systemd-cat
+@@ -1866,7 +1888,7 @@ rootlibexec_PROGRAMS += \
+ systemd-logind \
+ systemd-user-sessions
+
+-systemd_loginctl_SOURCES = \
++loginctl_SOURCES = \
+ src/login/loginctl.c \
+ src/login/sysfs-show.c \
+ src/dbus-common.c \
+@@ -1874,18 +1896,26 @@ systemd_loginctl_SOURCES = \
+ src/cgroup-util.c \
+ src/pager.c
+
+-systemd_loginctl_CFLAGS = \
++loginctl_CFLAGS = \
+ $(AM_CFLAGS) \
+ $(DBUS_CFLAGS) \
+ $(UDEV_CFLAGS)
+
+-systemd_loginctl_LDADD = \
++loginctl_LDADD = \
+ libsystemd-basic.la \
+ $(DBUS_LIBS) \
+ $(UDEV_LIBS)
+
+ rootbin_PROGRAMS += \
+- systemd-loginctl
++ loginctl
++
++loginctl-install-hook:
++ cd $(DESTDIR)$(rootbindir) && \
++ rm -f systemd-loginctl && \
++ $(LN_S) loginctl systemd-loginctl
++
++INSTALL_EXEC_HOOKS += \
++ loginctl-install-hook
+
+ test_login_SOURCES = \
+ src/login/test-login.c
+@@ -2050,7 +2080,7 @@ nodist_udevrules_DATA += \
+ MANPAGES += \
+ man/systemd-logind.conf.5 \
+ man/sd-login.7 \
+- man/systemd-loginctl.1 \
++ man/loginctl.1 \
+ man/sd_login_monitor_new.3 \
+ man/sd_pid_get_session.3 \
+ man/sd_uid_get_state.3 \
+diff --git a/TODO b/TODO
+index 176c2a7..7f19c3a 100644
+--- a/TODO
++++ b/TODO
+@@ -18,6 +18,10 @@ Bugfixes:
+
+ Features:
+
++* ensure that logind sets the syslog facility to AUTH when logging
++
++* when a service has the same env var set twice we actually store it twice and return that in systemctl show -p... We should only show the last setting
++
+ * add man page documenting all kernel cmdline options, including stuff like fsck.mode=
+
+ * show getty in container mode, not sulogin
+diff --git a/man/journalctl.xml b/man/journalctl.xml
+new file mode 100644
+index 0000000..c4d2a7e
+--- /dev/null
++++ b/man/journalctl.xml
+@@ -0,0 +1,253 @@
++<?xml version='1.0'?> <!--*-nxml-*-->
++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
++ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
++
++<!--
++ This file is part of systemd.
++
++ Copyright 2012 Lennart Poettering
++
++ systemd is free software; you can redistribute it and/or modify it
++ under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2 of the License, or
++ (at your option) any later version.
++
++ systemd is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
++-->
++
++<refentry id="journalctl">
++
++ <refentryinfo>
++ <title>journalctl</title>
++ <productname>systemd</productname>
++
++ <authorgroup>
++ <author>
++ <contrib>Developer</contrib>
++ <firstname>Lennart</firstname>
++ <surname>Poettering</surname>
++ <email>lennart at poettering.net</email>
++ </author>
++ </authorgroup>
++ </refentryinfo>
++
++ <refmeta>
++ <refentrytitle>journalctl</refentrytitle>
++ <manvolnum>1</manvolnum>
++ </refmeta>
++
++ <refnamediv>
++ <refname>journalctl</refname>
++ <refname>systemd-journalctl</refname>
++ <refpurpose>Query the systemd journal</refpurpose>
++ </refnamediv>
++
++ <refsynopsisdiv>
++ <cmdsynopsis>
++ <command>journalctl <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="opt">MATCH</arg></command>
++ </cmdsynopsis>
++ </refsynopsisdiv>
++
++ <refsect1>
++ <title>Description</title>
++
++ <para><command>journalctl</command> may be
++ used to query the contents of the
++ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
++ journal.</para>
++
++ <para>If called without parameter will show the full
++ contents of the journal, starting with the oldest
++ entry collected.</para>
++
++ <para>If a match argument is passed the output is
++ filtered accordingly. A match is in the format
++ <literal>FIELD=VALUE</literal>,
++ e.g. <literal>_SYSTEMD_UNIT=httpd.service</literal>.</para>
++
++ <para>Output is interleaved from all accessible
++ journal files, whether they are rotated or currently
++ being written, and regardless whether they belong to the
++ system itself or are accessible user journals.</para>
++
++ <para>All users are granted access to their private
++ per-user journals. However, by default only root and
++ users who are members of the <literal>adm</literal>
++ group get access to the system journal and the
++ journals of other users.</para>
++ </refsect1>
++
++ <refsect1>
++ <title>Options</title>
++
++ <para>The following options are understood:</para>
++
++ <variablelist>
++ <varlistentry>
++ <term><option>--help</option></term>
++ <term><option>-h</option></term>
++
++ <listitem><para>Prints a short help
++ text and exits.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--version</option></term>
++
++ <listitem><para>Prints a short version
++ string and exits.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--no-pager</option></term>
++
++ <listitem><para>Do not pipe output into a
++ pager.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--all</option></term>
++ <term><option>-a</option></term>
++
++ <listitem><para>Show all fields in
++ full, even if they include unprintable
++ characters or are very
++ long.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--follow</option></term>
++ <term><option>-f</option></term>
++
++ <listitem><para>Show only most recent
++ journal entries, and continously print
++ new entries as they are appended to
++ the journal.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--lines=</option></term>
++ <term><option>-n</option></term>
++
++ <listitem><para>Controls the number of
++ journal lines to show, counting from
++ the most recent ones. Takes a positive
++ integer argument. In follow mode
++ defaults to 10, otherwise is unset
++ thus not limiting how many lines are
++ shown.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--no-tail</option></term>
++
++ <listitem><para>Show all stored output
++ lines, even in follow mode. Undoes the
++ effect of
++ <option>--lines=</option>.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--output=</option></term>
++ <term><option>-o</option></term>
++
++ <listitem><para>Controls the
++ formatting of the journal entries that are
++ shown. Takes one of
++ <literal>short</literal>,
++ <literal>short-monotonic</literal>,
++ <literal>verbose</literal>,
++ <literal>export</literal>,
++ <literal>json</literal>,
++ <literal>cat</literal>. <literal>short</literal>
++ is the default and generates an output
++ that is mostly identical to the
++ formatting of classic syslog log
++ files, showing one line per journal
++ entry. <literal>short-monotonic</literal>
++ is very similar but shows monotonic
++ timestamps instead of wallclock
++ timestamps. <literal>verbose</literal>
++ shows the full structered entry items
++ with all
++ fiels. <literal>export</literal>
++ serializes the journal into a binary
++ (but mostly text-based) stream
++ suitable for backups and network
++ transfer. <literal>json</literal>
++ formats entries as JSON data
++ structures. <literal>cat</literal>
++ generates a very terse output only
++ showing the actual message of each
++ journal entry with no meta data, not
++ even a timestamp.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--quiet</option></term>
++ <term><option>-q</option></term>
++
++ <listitem><para>Suppresses any warning
++ message regarding inaccessable system
++ journals when run as normal
++ user.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--new-id128</option></term>
++
++ <listitem><para>Instead of showing
++ journal contents generate a new 128
++ bit ID suitable for identifying
++ messages. This is intended for usage
++ by developers who need a new
++ identifier for a new message they
++ introduce and want to make
++ recognizable. Will print the new ID in
++ three different formats which can be
++ copied into source code or
++ similar.</para></listitem>
++ </varlistentry>
++
++ </variablelist>
++ </refsect1>
++
++ <refsect1>
++ <title>Exit status</title>
++
++ <para>On success 0 is returned, a non-zero failure
++ code otherwise.</para>
++ </refsect1>
++
++ <refsect1>
++ <title>Environment</title>
++
++ <variablelist>
++ <varlistentry>
++ <term><varname>$SYSTEMD_PAGER</varname></term>
++ <listitem><para>Pager to use when
++ <option>--no-pager</option> is not given;
++ overrides <varname>$PAGER</varname>. Setting
++ this to an empty string or the value
++ <literal>cat</literal> is equivalent to passing
++ <option>--no-pager</option>.</para></listitem>
++ </varlistentry>
++ </variablelist>
++ </refsect1>
++
++ <refsect1>
++ <title>See Also</title>
++ <para>
++ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
++ </para>
++ </refsect1>
++
++</refentry>
+diff --git a/man/loginctl.xml b/man/loginctl.xml
+new file mode 100644
+index 0000000..be72cc3
+--- /dev/null
++++ b/man/loginctl.xml
+@@ -0,0 +1,458 @@
++<?xml version='1.0'?> <!--*-nxml-*-->
++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
++ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
++
++<!--
++ This file is part of systemd.
++
++ Copyright 2010 Lennart Poettering
++
++ systemd is free software; you can redistribute it and/or modify it
++ under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2 of the License, or
++ (at your option) any later version.
++
++ systemd is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
++-->
++
++<refentry id="loginctl">
++
++ <refentryinfo>
++ <title>loginctl</title>
++ <productname>systemd</productname>
++
++ <authorgroup>
++ <author>
++ <contrib>Developer</contrib>
++ <firstname>Lennart</firstname>
++ <surname>Poettering</surname>
++ <email>lennart at poettering.net</email>
++ </author>
++ </authorgroup>
++ </refentryinfo>
++
++ <refmeta>
++ <refentrytitle>loginctl</refentrytitle>
++ <manvolnum>1</manvolnum>
++ </refmeta>
++
++ <refnamediv>
++ <refname>loginctl</refname>
++ <refname>systemd-loginctl</refname>
++ <refpurpose>Control the systemd login manager</refpurpose>
++ </refnamediv>
++
++ <refsynopsisdiv>
++ <cmdsynopsis>
++ <command>loginctl <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="req">COMMAND</arg> <arg choice="opt" rep="repeat">NAME</arg></command>
++ </cmdsynopsis>
++ </refsynopsisdiv>
++
++ <refsect1>
++ <title>Description</title>
++
++ <para><command>loginctl</command> may be used to
++ introspect and control the state of the
++ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
++ login manager.</para>
++ </refsect1>
++
++ <refsect1>
++ <title>Options</title>
++
++ <para>The following options are understood:</para>
++
++ <variablelist>
++ <varlistentry>
++ <term><option>--help</option></term>
++ <term><option>-h</option></term>
++
++ <listitem><para>Prints a short help
++ text and exits.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--version</option></term>
++
++ <listitem><para>Prints a short version
++ string and exits.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--property=</option></term>
++ <term><option>-p</option></term>
++
++ <listitem><para>When showing
++ session/user/ properties, limit
++ display to certain properties as
++ specified as argument. If not
++ specified all set properties are
++ shown. The argument should be a
++ property name, such as
++ <literal>Sessions</literal>. If
++ specified more than once all
++ properties with the specified names
++ are shown.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--all</option></term>
++ <term><option>-a</option></term>
++
++ <listitem><para>When showing
++ unit/job/manager properties, show all
++ properties regardless whether they are
++ set or not.</para></listitem>
++ </varlistentry>
++
++
++ <varlistentry>
++ <term><option>--no-pager</option></term>
++
++ <listitem><para>Do not pipe output into a
++ pager.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--kill-who=</option></term>
++
++ <listitem><para>When used with
++ <command>kill-session</command>,
++ choose which processes to kill. Must
++ be one of <option>leader</option>, or
++ <option>all</option> to select whether
++ to kill only the leader process of the
++ session or all processes of the
++ session. If omitted defaults to
++ <option>all</option>.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>--signal=</option></term>
++ <term><option>-s</option></term>
++
++ <listitem><para>When used with
++ <command>kill-session</command> or
++ <command>kill-user</command>, choose
++ which signal to send to selected
++ processes. Must be one of the well
++ known signal specifiers such as
++ SIGTERM, SIGINT or SIGSTOP. If omitted
++ defaults to
++ <option>SIGTERM</option>.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>-H</option></term>
++ <term><option>--host</option></term>
++
++ <listitem><para>Execute operation
++ remotely. Specify a hostname, or
++ username and hostname separated by @,
++ to connect to. This will use SSH to
++ talk to the remote login manager
++ instance.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><option>-P</option></term>
++ <term><option>--privileged</option></term>
++
++ <listitem><para>Acquire privileges via
++ PolicyKit before executing the
++ operation.</para></listitem>
++ </varlistentry>
++ </variablelist>
++
++ <para>The following commands are understood:</para>
++
++ <variablelist>
++ <varlistentry>
++ <term><command>list-sessions</command></term>
++
++ <listitem><para>List current sessions.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>session-status [ID...]</command></term>
++
++ <listitem><para>Show terse runtime
++ status information about one or more
++ sessions. This function is intended to
++ generate human-readable output. If you
++ are looking for computer-parsable
++ output, use
++ <command>show-session</command>
++ instead.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>show-session [ID...]</command></term>
++
++ <listitem><para>Show properties of one
++ or more sessions or the manager
++ itself. If no argument is specified
++ properties of the manager will be
++ shown. If a session ID is specified
++ properties of the session is shown. By
++ default, empty properties are
++ suppressed. Use <option>--all</option>
++ to show those too. To select specific
++ properties to show use
++ <option>--property=</option>. This
++ command is intended to be used
++ whenever computer-parsable output is
++ required. Use
++ <command>session-status</command> if
++ you are looking for formatted
++ human-readable
++ output.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>activate [ID...]</command></term>
++
++ <listitem><para>Activate one or more
++ sessions. This brings one or more
++ sessions into the foreground, if
++ another session is currently in the
++ foreground on the respective
++ seat.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>lock-session [ID...]</command></term>
++ <term><command>unlock-session [ID...]</command></term>
++
++ <listitem><para>Activates/deactivates
++ the screen lock on one or more
++ sessions, if the session supports it.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>terminate-session [ID...]</command></term>
++
++ <listitem><para>Terminates a
++ session. This kills all processes of
++ the session and deallocates all
++ resources attached to the
++ session.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>kill-session [ID...]</command></term>
++
++ <listitem><para>Send a signal to one
++ or more processes of the session. Use
++ <option>--kill-who=</option> to select
++ which process to kill. Use
++ <option>--signal=</option> to select
++ the signal to send.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>list-users</command></term>
++
++ <listitem><para>List currently logged
++ in users.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>user-status [USER...]</command></term>
++
++ <listitem><para>Show terse runtime
++ status information about one or more
++ logged in users. This function is
++ intended to generate human-readable
++ output. If you are looking for
++ computer-parsable output, use
++ <command>show-user</command>
++ instead. Users may be specified by
++ their usernames or numeric user
++ IDs.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>show-user [USER...]</command></term>
++
++ <listitem><para>Show properties of one
++ or more users or the manager
++ itself. If no argument is specified
++ properties of the manager will be
++ shown. If a user is specified
++ properties of the user is shown. By
++ default, empty properties are
++ suppressed. Use <option>--all</option>
++ to show those too. To select specific
++ properties to show use
++ <option>--property=</option>. This
++ command is intended to be used
++ whenever computer-parsable output is
++ required. Use
++ <command>user-status</command> if
++ you are looking for formatted
++ human-readable
++ output.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>enable-linger [USER...]</command></term>
++ <term><command>disable-linger [USER...]</command></term>
++
++ <listitem><para>Enable/disable user
++ lingering for one or more users. If
++ enabled for a specific user a user
++ manager is spawned for him/her at
++ boot, and kept around after
++ logouts. This allows users who aren't
++ logged in to run long-running
++ services.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>terminate-user [USER...]</command></term>
++
++ <listitem><para>Terminates all
++ sessions of a user. This kills all
++ processes of all sessions of the user
++ and deallocates all runtime resources
++ attached to the
++ user.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>kill-user [USER...]</command></term>
++
++ <listitem><para>Send a signal to all
++ processes of a user. Use
++ <option>--signal=</option> to select
++ the signal to send.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>list-seats</command></term>
++
++ <listitem><para>List currently
++ available seats on the local
++ system.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>seat-status [NAME...]</command></term>
++
++ <listitem><para>Show terse runtime
++ status information about one or more
++ seats. This function is
++ intended to generate human-readable
++ output. If you are looking for
++ computer-parsable output, use
++ <command>show-seat</command>
++ instead.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>show-seat [NAME...]</command></term>
++
++ <listitem><para>Show properties of one
++ or more seats or the manager
++ itself. If no argument is specified
++ properties of the manager will be
++ shown. If a seat is specified
++ properties of the seat are shown. By
++ default, empty properties are
++ suppressed. Use <option>--all</option>
++ to show those too. To select specific
++ properties to show use
++ <option>--property=</option>. This
++ command is intended to be used
++ whenever computer-parsable output is
++ required. Use
++ <command>seat-status</command> if you
++ are looking for formatted
++ human-readable
++ output.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>attach [NAME] [DEVICE...]</command></term>
++
++ <listitem><para>Attach one or more
++ devices to a seat. The devices should
++ be specified via device paths in the
++ <filename>/sys</filename> file
++ system. To create a new seat attach at
++ least one graphics card to a
++ previously unused seat names. seat
++ names may consist only of a-z, A-Z,
++ 0-9, "-" and "_" and must be prefixed
++ with "seat". To drop assignment of a
++ device to a specific seat just
++ reassign it to a different seat, or
++ use
++ <command>flush-devices</command>.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>flush-devices</command></term>
++
++ <listitem><para>Removes all device
++ assignments previously created with
++ <command>attach</command>. After this
++ call only automatically generated
++ seats will remain and all seat
++ hardware is assigned to
++ them.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term><command>terminate-seat [NAME...]</command></term>
++
++ <listitem><para>Terminates all
++ sessions on a seat. This kills all
++ processes of all sessions on a seat and
++ deallocates all runtime resources
++ attached to them.</para></listitem>
++ </varlistentry>
++ </variablelist>
++
++ </refsect1>
++
++ <refsect1>
++ <title>Exit status</title>
++
++ <para>On success 0 is returned, a non-zero failure
++ code otherwise.</para>
++ </refsect1>
++
++ <refsect1>
++ <title>Environment</title>
++
++ <variablelist>
++ <varlistentry>
++ <term><varname>$SYSTEMD_PAGER</varname></term>
++ <listitem><para>Pager to use when
++ <option>--no-pager</option> is not given;
++ overrides <varname>$PAGER</varname>. Setting
++ this to an empty string or the value
++ <literal>cat</literal> is equivalent to passing
++ <option>--no-pager</option>.</para></listitem>
++ </varlistentry>
++ </variablelist>
++ </refsect1>
++
++ <refsect1>
++ <title>See Also</title>
++ <para>
++ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>systemd-logind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
++ </para>
++ </refsect1>
++
++</refentry>
+diff --git a/man/systemctl.xml b/man/systemctl.xml
+index c467ed8..ffe0164 100644
+--- a/man/systemctl.xml
++++ b/man/systemctl.xml
+@@ -44,6 +44,7 @@
+
+ <refnamediv>
+ <refname>systemctl</refname>
++ <refname>systemd-systemctl</refname>
+ <refpurpose>Control the systemd system and service manager</refpurpose>
+ </refnamediv>
+
+@@ -448,7 +449,7 @@
+ formatting of the journal entries that
+ are shown. For the available choices
+ see
+- <citerefentry><refentrytitle>systemd-journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>. Defaults
++ <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>. Defaults
+ to
+ <literal>short</literal>.</para></listitem>
+ </varlistentry>
+@@ -1179,8 +1180,8 @@
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemadm</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>systemd-journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>systemd-loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>wall</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+diff --git a/man/systemd-journalctl.xml b/man/systemd-journalctl.xml
+deleted file mode 100644
+index 1441eca..0000000
+--- a/man/systemd-journalctl.xml
++++ /dev/null
+@@ -1,252 +0,0 @@
+-<?xml version='1.0'?> <!--*-nxml-*-->
+-<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+- "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+-
+-<!--
+- This file is part of systemd.
+-
+- Copyright 2012 Lennart Poettering
+-
+- systemd is free software; you can redistribute it and/or modify it
+- under the terms of the GNU General Public License as published by
+- the Free Software Foundation; either version 2 of the License, or
+- (at your option) any later version.
+-
+- systemd is distributed in the hope that it will be useful, but
+- WITHOUT ANY WARRANTY; without even the implied warranty of
+- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+- General Public License for more details.
+-
+- You should have received a copy of the GNU General Public License
+- along with systemd; If not, see <http://www.gnu.org/licenses/>.
+--->
+-
+-<refentry id="systemd-journalctl">
+-
+- <refentryinfo>
+- <title>systemd-journalctl</title>
+- <productname>systemd</productname>
+-
+- <authorgroup>
+- <author>
+- <contrib>Developer</contrib>
+- <firstname>Lennart</firstname>
+- <surname>Poettering</surname>
+- <email>lennart at poettering.net</email>
+- </author>
+- </authorgroup>
+- </refentryinfo>
+-
+- <refmeta>
+- <refentrytitle>systemd-journalctl</refentrytitle>
+- <manvolnum>1</manvolnum>
+- </refmeta>
+-
+- <refnamediv>
+- <refname>systemd-journalctl</refname>
+- <refpurpose>Query the systemd journal</refpurpose>
+- </refnamediv>
+-
+- <refsynopsisdiv>
+- <cmdsynopsis>
+- <command>systemd-journalctl <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="opt">MATCH</arg></command>
+- </cmdsynopsis>
+- </refsynopsisdiv>
+-
+- <refsect1>
+- <title>Description</title>
+-
+- <para><command>systemd-journalctl</command> may be
+- used to query the contents of the
+- <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+- journal.</para>
+-
+- <para>If called without parameter will show the full
+- contents of the journal, starting with the oldest
+- entry collected.</para>
+-
+- <para>If a match argument is passed the output is
+- filtered accordingly. A match is in the format
+- <literal>FIELD=VALUE</literal>,
+- e.g. <literal>_SYSTEMD_UNIT=httpd.service</literal>.</para>
+-
+- <para>Output is interleaved from all accessible
+- journal files, whether they are rotated or currently
+- being written, and regardless whether they belong to the
+- system itself or are accessible user journals.</para>
+-
+- <para>All users are granted access to their private
+- per-user journals. However, by default only root and
+- users who are members of the <literal>adm</literal>
+- group get access to the system journal and the
+- journals of other users.</para>
+- </refsect1>
+-
+- <refsect1>
+- <title>Options</title>
+-
+- <para>The following options are understood:</para>
+-
+- <variablelist>
+- <varlistentry>
+- <term><option>--help</option></term>
+- <term><option>-h</option></term>
+-
+- <listitem><para>Prints a short help
+- text and exits.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--version</option></term>
+-
+- <listitem><para>Prints a short version
+- string and exits.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--no-pager</option></term>
+-
+- <listitem><para>Do not pipe output into a
+- pager.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--all</option></term>
+- <term><option>-a</option></term>
+-
+- <listitem><para>Show all fields in
+- full, even if they include unprintable
+- characters or are very
+- long.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--follow</option></term>
+- <term><option>-f</option></term>
+-
+- <listitem><para>Show only most recent
+- journal entries, and continously print
+- new entries as they are appended to
+- the journal.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--lines=</option></term>
+- <term><option>-n</option></term>
+-
+- <listitem><para>Controls the number of
+- journal lines to show, counting from
+- the most recent ones. Takes a positive
+- integer argument. In follow mode
+- defaults to 10, otherwise is unset
+- thus not limiting how many lines are
+- shown.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--no-tail</option></term>
+-
+- <listitem><para>Show all stored output
+- lines, even in follow mode. Undoes the
+- effect of
+- <option>--lines=</option>.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--output=</option></term>
+- <term><option>-o</option></term>
+-
+- <listitem><para>Controls the
+- formatting of the journal entries that are
+- shown. Takes one of
+- <literal>short</literal>,
+- <literal>short-monotonic</literal>,
+- <literal>verbose</literal>,
+- <literal>export</literal>,
+- <literal>json</literal>,
+- <literal>cat</literal>. <literal>short</literal>
+- is the default and generates an output
+- that is mostly identical to the
+- formatting of classic syslog log
+- files, showing one line per journal
+- entry. <literal>short-monotonic</literal>
+- is very similar but shows monotonic
+- timestamps instead of wallclock
+- timestamps. <literal>verbose</literal>
+- shows the full structered entry items
+- with all
+- fiels. <literal>export</literal>
+- serializes the journal into a binary
+- (but mostly text-based) stream
+- suitable for backups and network
+- transfer. <literal>json</literal>
+- formats entries as JSON data
+- structures. <literal>cat</literal>
+- generates a very terse output only
+- showing the actual message of each
+- journal entry with no meta data, not
+- even a timestamp.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--quiet</option></term>
+- <term><option>-q</option></term>
+-
+- <listitem><para>Suppresses any warning
+- message regarding inaccessable system
+- journals when run as normal
+- user.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--new-id128</option></term>
+-
+- <listitem><para>Instead of showing
+- journal contents generate a new 128
+- bit ID suitable for identifying
+- messages. This is intended for usage
+- by developers who need a new
+- identifier for a new message they
+- introduce and want to make
+- recognizable. Will print the new ID in
+- three different formats which can be
+- copied into source code or
+- similar.</para></listitem>
+- </varlistentry>
+-
+- </variablelist>
+- </refsect1>
+-
+- <refsect1>
+- <title>Exit status</title>
+-
+- <para>On success 0 is returned, a non-zero failure
+- code otherwise.</para>
+- </refsect1>
+-
+- <refsect1>
+- <title>Environment</title>
+-
+- <variablelist>
+- <varlistentry>
+- <term><varname>$SYSTEMD_PAGER</varname></term>
+- <listitem><para>Pager to use when
+- <option>--no-pager</option> is not given;
+- overrides <varname>$PAGER</varname>. Setting
+- this to an empty string or the value
+- <literal>cat</literal> is equivalent to passing
+- <option>--no-pager</option>.</para></listitem>
+- </varlistentry>
+- </variablelist>
+- </refsect1>
+-
+- <refsect1>
+- <title>See Also</title>
+- <para>
+- <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>systemd-journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+- </para>
+- </refsect1>
+-
+-</refentry>
+diff --git a/man/systemd-journald.conf.xml b/man/systemd-journald.conf.xml
+index f3cd4db..37dae68 100644
+--- a/man/systemd-journald.conf.xml
++++ b/man/systemd-journald.conf.xml
+@@ -246,7 +246,7 @@
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>systemd-journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+diff --git a/man/systemd-loginctl.xml b/man/systemd-loginctl.xml
+deleted file mode 100644
+index 6a28276..0000000
+--- a/man/systemd-loginctl.xml
++++ /dev/null
+@@ -1,457 +0,0 @@
+-<?xml version='1.0'?> <!--*-nxml-*-->
+-<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+- "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+-
+-<!--
+- This file is part of systemd.
+-
+- Copyright 2010 Lennart Poettering
+-
+- systemd is free software; you can redistribute it and/or modify it
+- under the terms of the GNU General Public License as published by
+- the Free Software Foundation; either version 2 of the License, or
+- (at your option) any later version.
+-
+- systemd is distributed in the hope that it will be useful, but
+- WITHOUT ANY WARRANTY; without even the implied warranty of
+- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+- General Public License for more details.
+-
+- You should have received a copy of the GNU General Public License
+- along with systemd; If not, see <http://www.gnu.org/licenses/>.
+--->
+-
+-<refentry id="systemd-loginctl">
+-
+- <refentryinfo>
+- <title>systemd-loginctl</title>
+- <productname>systemd</productname>
+-
+- <authorgroup>
+- <author>
+- <contrib>Developer</contrib>
+- <firstname>Lennart</firstname>
+- <surname>Poettering</surname>
+- <email>lennart at poettering.net</email>
+- </author>
+- </authorgroup>
+- </refentryinfo>
+-
+- <refmeta>
+- <refentrytitle>systemd-loginctl</refentrytitle>
+- <manvolnum>1</manvolnum>
+- </refmeta>
+-
+- <refnamediv>
+- <refname>systemd-loginctl</refname>
+- <refpurpose>Control the systemd login manager</refpurpose>
+- </refnamediv>
+-
+- <refsynopsisdiv>
+- <cmdsynopsis>
+- <command>systemd-loginctl <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="req">COMMAND</arg> <arg choice="opt" rep="repeat">NAME</arg></command>
+- </cmdsynopsis>
+- </refsynopsisdiv>
+-
+- <refsect1>
+- <title>Description</title>
+-
+- <para><command>systemd-loginctl</command> may be used to
+- introspect and control the state of the
+- <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+- login manager.</para>
+- </refsect1>
+-
+- <refsect1>
+- <title>Options</title>
+-
+- <para>The following options are understood:</para>
+-
+- <variablelist>
+- <varlistentry>
+- <term><option>--help</option></term>
+- <term><option>-h</option></term>
+-
+- <listitem><para>Prints a short help
+- text and exits.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--version</option></term>
+-
+- <listitem><para>Prints a short version
+- string and exits.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--property=</option></term>
+- <term><option>-p</option></term>
+-
+- <listitem><para>When showing
+- session/user/ properties, limit
+- display to certain properties as
+- specified as argument. If not
+- specified all set properties are
+- shown. The argument should be a
+- property name, such as
+- <literal>Sessions</literal>. If
+- specified more than once all
+- properties with the specified names
+- are shown.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--all</option></term>
+- <term><option>-a</option></term>
+-
+- <listitem><para>When showing
+- unit/job/manager properties, show all
+- properties regardless whether they are
+- set or not.</para></listitem>
+- </varlistentry>
+-
+-
+- <varlistentry>
+- <term><option>--no-pager</option></term>
+-
+- <listitem><para>Do not pipe output into a
+- pager.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--kill-who=</option></term>
+-
+- <listitem><para>When used with
+- <command>kill-session</command>,
+- choose which processes to kill. Must
+- be one of <option>leader</option>, or
+- <option>all</option> to select whether
+- to kill only the leader process of the
+- session or all processes of the
+- session. If omitted defaults to
+- <option>all</option>.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>--signal=</option></term>
+- <term><option>-s</option></term>
+-
+- <listitem><para>When used with
+- <command>kill-session</command> or
+- <command>kill-user</command>, choose
+- which signal to send to selected
+- processes. Must be one of the well
+- known signal specifiers such as
+- SIGTERM, SIGINT or SIGSTOP. If omitted
+- defaults to
+- <option>SIGTERM</option>.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>-H</option></term>
+- <term><option>--host</option></term>
+-
+- <listitem><para>Execute operation
+- remotely. Specify a hostname, or
+- username and hostname separated by @,
+- to connect to. This will use SSH to
+- talk to the remote login manager
+- instance.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><option>-P</option></term>
+- <term><option>--privileged</option></term>
+-
+- <listitem><para>Acquire privileges via
+- PolicyKit before executing the
+- operation.</para></listitem>
+- </varlistentry>
+- </variablelist>
+-
+- <para>The following commands are understood:</para>
+-
+- <variablelist>
+- <varlistentry>
+- <term><command>list-sessions</command></term>
+-
+- <listitem><para>List current sessions.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>session-status [ID...]</command></term>
+-
+- <listitem><para>Show terse runtime
+- status information about one or more
+- sessions. This function is intended to
+- generate human-readable output. If you
+- are looking for computer-parsable
+- output, use
+- <command>show-session</command>
+- instead.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>show-session [ID...]</command></term>
+-
+- <listitem><para>Show properties of one
+- or more sessions or the manager
+- itself. If no argument is specified
+- properties of the manager will be
+- shown. If a session ID is specified
+- properties of the session is shown. By
+- default, empty properties are
+- suppressed. Use <option>--all</option>
+- to show those too. To select specific
+- properties to show use
+- <option>--property=</option>. This
+- command is intended to be used
+- whenever computer-parsable output is
+- required. Use
+- <command>session-status</command> if
+- you are looking for formatted
+- human-readable
+- output.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>activate [ID...]</command></term>
+-
+- <listitem><para>Activate one or more
+- sessions. This brings one or more
+- sessions into the foreground, if
+- another session is currently in the
+- foreground on the respective
+- seat.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>lock-session [ID...]</command></term>
+- <term><command>unlock-session [ID...]</command></term>
+-
+- <listitem><para>Activates/deactivates
+- the screen lock on one or more
+- sessions, if the session supports it.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>terminate-session [ID...]</command></term>
+-
+- <listitem><para>Terminates a
+- session. This kills all processes of
+- the session and deallocates all
+- resources attached to the
+- session.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>kill-session [ID...]</command></term>
+-
+- <listitem><para>Send a signal to one
+- or more processes of the session. Use
+- <option>--kill-who=</option> to select
+- which process to kill. Use
+- <option>--signal=</option> to select
+- the signal to send.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>list-users</command></term>
+-
+- <listitem><para>List currently logged
+- in users.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>user-status [USER...]</command></term>
+-
+- <listitem><para>Show terse runtime
+- status information about one or more
+- logged in users. This function is
+- intended to generate human-readable
+- output. If you are looking for
+- computer-parsable output, use
+- <command>show-user</command>
+- instead. Users may be specified by
+- their usernames or numeric user
+- IDs.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>show-user [USER...]</command></term>
+-
+- <listitem><para>Show properties of one
+- or more users or the manager
+- itself. If no argument is specified
+- properties of the manager will be
+- shown. If a user is specified
+- properties of the user is shown. By
+- default, empty properties are
+- suppressed. Use <option>--all</option>
+- to show those too. To select specific
+- properties to show use
+- <option>--property=</option>. This
+- command is intended to be used
+- whenever computer-parsable output is
+- required. Use
+- <command>user-status</command> if
+- you are looking for formatted
+- human-readable
+- output.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>enable-linger [USER...]</command></term>
+- <term><command>disable-linger [USER...]</command></term>
+-
+- <listitem><para>Enable/disable user
+- lingering for one or more users. If
+- enabled for a specific user a user
+- manager is spawned for him/her at
+- boot, and kept around after
+- logouts. This allows users who aren't
+- logged in to run long-running
+- services.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>terminate-user [USER...]</command></term>
+-
+- <listitem><para>Terminates all
+- sessions of a user. This kills all
+- processes of all sessions of the user
+- and deallocates all runtime resources
+- attached to the
+- user.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>kill-user [USER...]</command></term>
+-
+- <listitem><para>Send a signal to all
+- processes of a user. Use
+- <option>--signal=</option> to select
+- the signal to send.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>list-seats</command></term>
+-
+- <listitem><para>List currently
+- available seats on the local
+- system.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>seat-status [NAME...]</command></term>
+-
+- <listitem><para>Show terse runtime
+- status information about one or more
+- seats. This function is
+- intended to generate human-readable
+- output. If you are looking for
+- computer-parsable output, use
+- <command>show-seat</command>
+- instead.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>show-seat [NAME...]</command></term>
+-
+- <listitem><para>Show properties of one
+- or more seats or the manager
+- itself. If no argument is specified
+- properties of the manager will be
+- shown. If a seat is specified
+- properties of the seat are shown. By
+- default, empty properties are
+- suppressed. Use <option>--all</option>
+- to show those too. To select specific
+- properties to show use
+- <option>--property=</option>. This
+- command is intended to be used
+- whenever computer-parsable output is
+- required. Use
+- <command>seat-status</command> if you
+- are looking for formatted
+- human-readable
+- output.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>attach [NAME] [DEVICE...]</command></term>
+-
+- <listitem><para>Attach one or more
+- devices to a seat. The devices should
+- be specified via device paths in the
+- <filename>/sys</filename> file
+- system. To create a new seat attach at
+- least one graphics card to a
+- previously unused seat names. seat
+- names may consist only of a-z, A-Z,
+- 0-9, "-" and "_" and must be prefixed
+- with "seat". To drop assignment of a
+- device to a specific seat just
+- reassign it to a different seat, or
+- use
+- <command>flush-devices</command>.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>flush-devices</command></term>
+-
+- <listitem><para>Removes all device
+- assignments previously created with
+- <command>attach</command>. After this
+- call only automatically generated
+- seats will remain and all seat
+- hardware is assigned to
+- them.</para></listitem>
+- </varlistentry>
+-
+- <varlistentry>
+- <term><command>terminate-seat [NAME...]</command></term>
+-
+- <listitem><para>Terminates all
+- sessions on a seat. This kills all
+- processes of all sessions on a seat and
+- deallocates all runtime resources
+- attached to them.</para></listitem>
+- </varlistentry>
+- </variablelist>
+-
+- </refsect1>
+-
+- <refsect1>
+- <title>Exit status</title>
+-
+- <para>On success 0 is returned, a non-zero failure
+- code otherwise.</para>
+- </refsect1>
+-
+- <refsect1>
+- <title>Environment</title>
+-
+- <variablelist>
+- <varlistentry>
+- <term><varname>$SYSTEMD_PAGER</varname></term>
+- <listitem><para>Pager to use when
+- <option>--no-pager</option> is not given;
+- overrides <varname>$PAGER</varname>. Setting
+- this to an empty string or the value
+- <literal>cat</literal> is equivalent to passing
+- <option>--no-pager</option>.</para></listitem>
+- </varlistentry>
+- </variablelist>
+- </refsect1>
+-
+- <refsect1>
+- <title>See Also</title>
+- <para>
+- <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>systemd-logind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+- </para>
+- </refsect1>
+-
+-</refentry>
+diff --git a/man/systemd-logind.conf.xml b/man/systemd-logind.conf.xml
+index 4b02815..27c11c2 100644
+--- a/man/systemd-logind.conf.xml
++++ b/man/systemd-logind.conf.xml
+@@ -167,7 +167,7 @@
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+- <citerefentry><refentrytitle>systemd-loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
+index ac0f89f..e6f49c9 100644
+--- a/man/systemd.exec.xml
++++ b/man/systemd.exec.xml
+@@ -397,7 +397,7 @@
+ <citerefentry><refentrytitle>dmesg</refentrytitle><manvolnum>1</manvolnum></citerefentry>. <option>journal</option>
+ connects it with the journal which is
+ accessible via
+- <citerefentry><refentrytitle>systemd-journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
++ <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+ (Note that everything that is written
+ to syslog or kmsg is implicitly stored
+ in the journal as well, those options
+@@ -1094,6 +1094,7 @@
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
++ <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
diff --git a/0020-build-sys-do-not-set-CFLAGS-directly.patch b/0020-build-sys-do-not-set-CFLAGS-directly.patch
new file mode 100644
index 0000000..313f7a2
--- /dev/null
+++ b/0020-build-sys-do-not-set-CFLAGS-directly.patch
@@ -0,0 +1,135 @@
+From 4dc3672f0e238c3236202c95e893b81eb7ca5e0c Mon Sep 17 00:00:00 2001
+From: Lucas De Marchi <lucas.demarchi at profusion.mobi>
+Date: Mon, 19 Mar 2012 13:20:42 -0300
+Subject: [PATCH] build-sys: do not set CFLAGS directly
+
+Set a separate variable for adding warning flags. Build systems are not
+supposed to change CFLAGS and LDFLAGS, these are user variables.
+
+Reference: http://www.gnu.org/software/automake/manual/html_node/Flag-Variables-Ordering.html
+(cherry picked from commit eb2e280f9c59b66965c9316eadc4c113a13ca744)
+---
+ Makefile.am | 2 +
+ configure.ac | 3 +-
+ m4/attributes.m4 | 65 +++++++++++++++++------------------------------------
+ 3 files changed, 25 insertions(+), 45 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 6825f8c..5c19dbb 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -106,6 +106,8 @@ AM_CPPFLAGS = \
+ -I $(top_srcdir)/src/journal \
+ -I $(top_srcdir)/src/systemd
+
++AM_CFLAGS = $(WARNINGFLAGS)
++
+ if TARGET_GENTOO
+ AM_CPPFLAGS += \
+ -DKBD_LOADKEYS=\"/usr/bin/loadkeys\" \
+diff --git a/configure.ac b/configure.ac
+index 976020d..03ed1f7 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -60,7 +60,7 @@ if test -z "$GPERF" ; then
+ AC_MSG_ERROR([*** gperf not found])
+ fi
+
+-CC_CHECK_CFLAGS_APPEND([ \
++CC_CHECK_FLAGS_APPEND([with_cflags], [CFLAGS], [\
+ -pipe \
+ -Wall \
+ -W \
+@@ -105,6 +105,7 @@ CC_CHECK_CFLAGS_APPEND([ \
+ -fdata-sections \
+ -Wl,--as-needed \
+ -Wl,--gc-sections])
++AC_SUBST([WARNINGFLAGS], $with_cflags)
+
+ LT_PREREQ(2.2)
+ LT_INIT
+diff --git a/m4/attributes.m4 b/m4/attributes.m4
+index 9d561c2..e354375 100644
+--- a/m4/attributes.m4
++++ b/m4/attributes.m4
+@@ -1,6 +1,7 @@
+ dnl Macros to check the presence of generic (non-typed) symbols.
+ dnl Copyright (c) 2006-2008 Diego Pettenò <flameeyes at gmail.com>
+ dnl Copyright (c) 2006-2008 xine project
++dnl Copyright (c) 2012 Lucas De Marchi <lucas.de.marchi at gmail.com>
+ dnl
+ dnl This program is free software; you can redistribute it and/or modify
+ dnl it under the terms of the GNU General Public License as published by
+@@ -32,52 +33,28 @@ dnl distribute a modified version of the Autoconf Macro, you may extend
+ dnl this special exception to the GPL to apply to your modified version as
+ dnl well.
+
+-dnl Check if the flag is supported by compiler
+-dnl CC_CHECK_CFLAGS_SILENT([FLAG], [ACTION-IF-FOUND],[ACTION-IF-NOT-FOUND])
+-
+-AC_DEFUN([CC_CHECK_CFLAGS_SILENT], [
+- AC_CACHE_VAL(AS_TR_SH([cc_cv_cflags_$1]),
+- [ac_save_CFLAGS="$CFLAGS"
+- CFLAGS="$CFLAGS $1"
+- AC_COMPILE_IFELSE([AC_LANG_SOURCE([int a;])],
+- [eval "AS_TR_SH([cc_cv_cflags_$1])='yes'"],
+- [eval "AS_TR_SH([cc_cv_cflags_$1])='no'"])
+- CFLAGS="$ac_save_CFLAGS"
+- ])
+-
+- AS_IF([eval test x$]AS_TR_SH([cc_cv_cflags_$1])[ = xyes],
+- [$2], [$3])
+-])
+-
+-dnl Check if the flag is supported by compiler (cacheable)
+-dnl CC_CHECK_CFLAGS([FLAG], [ACTION-IF-FOUND],[ACTION-IF-NOT-FOUND])
+-
+-AC_DEFUN([CC_CHECK_CFLAGS], [
+- AC_CACHE_CHECK([if $CC supports $1 flag],
+- AS_TR_SH([cc_cv_cflags_$1]),
+- CC_CHECK_CFLAGS_SILENT([$1]) dnl Don't execute actions here!
+- )
+-
+- AS_IF([eval test x$]AS_TR_SH([cc_cv_cflags_$1])[ = xyes],
+- [$2], [$3])
+-])
+-
+-dnl CC_CHECK_CFLAG_APPEND(FLAG, [action-if-found], [action-if-not-found])
+-dnl Check for CFLAG and appends them to CFLAGS if supported
+-AC_DEFUN([CC_CHECK_CFLAG_APPEND], [
+- AC_CACHE_CHECK([if $CC supports $1 flag],
+- AS_TR_SH([cc_cv_cflags_$1]),
+- CC_CHECK_CFLAGS_SILENT([$1]) dnl Don't execute actions here!
+- )
+-
+- AS_IF([eval test x$]AS_TR_SH([cc_cv_cflags_$1])[ = xyes],
+- [CFLAGS="$CFLAGS $1"; DEBUG_CFLAGS="$DEBUG_CFLAGS $1"; $2], [$3])
++dnl Check if FLAG in ENV-VAR is supported by compiler and append it
++dnl to WHERE-TO-APPEND variable
++dnl CC_CHECK_FLAG_APPEND([WHERE-TO-APPEND], [ENV-VAR], [FLAG])
++
++AC_DEFUN([CC_CHECK_FLAG_APPEND], [
++ AC_CACHE_CHECK([if $CC supports flag $3 in envvar $2],
++ AS_TR_SH([cc_cv_$2_$3]),
++ [eval "AS_TR_SH([cc_save_$2])='${$2}'"
++ eval "AS_TR_SH([$2])='$3'"
++ AC_COMPILE_IFELSE([AC_LANG_SOURCE([int a = 0; int main(void) { return a; } ])],
++ [eval "AS_TR_SH([cc_cv_$2_$3])='yes'"],
++ [eval "AS_TR_SH([cc_cv_$2_$3])='no'"])
++ eval "AS_TR_SH([$2])='$cc_save_$2'"])
++
++ AS_IF([eval test x$]AS_TR_SH([cc_cv_$2_$3])[ = xyes],
++ [eval "$1='${$1} $3'"])
+ ])
+
+-dnl CC_CHECK_CFLAGS_APPEND([FLAG1 FLAG2], [action-if-found], [action-if-not])
+-AC_DEFUN([CC_CHECK_CFLAGS_APPEND], [
+- for flag in $1; do
+- CC_CHECK_CFLAG_APPEND($flag, [$2], [$3])
++dnl CC_CHECK_FLAGS_APPEND([WHERE-TO-APPEND], [ENV-VAR], [FLAG1 FLAG2])
++AC_DEFUN([CC_CHECK_FLAGS_APPEND], [
++ for flag in $3; do
++ CC_CHECK_FLAG_APPEND($1, $2, $flag)
+ done
+ ])
+
diff --git a/0021-build-sys-separate-ldflags-from-cflags.patch b/0021-build-sys-separate-ldflags-from-cflags.patch
new file mode 100644
index 0000000..77ad30d
--- /dev/null
+++ b/0021-build-sys-separate-ldflags-from-cflags.patch
@@ -0,0 +1,43 @@
+From 2a01e5dcb958413a47413056dc0b1355afcefc08 Mon Sep 17 00:00:00 2001
+From: Lucas De Marchi <lucas.demarchi at profusion.mobi>
+Date: Mon, 19 Mar 2012 13:20:43 -0300
+Subject: [PATCH] build-sys: separate ldflags from cflags (cherry picked from
+ commit 9e7adc3ae1133fa08a468768a490812299fad030)
+
+---
+ Makefile.am | 1 +
+ configure.ac | 7 +++++--
+ 2 files changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 5c19dbb..d563cfd 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -107,6 +107,7 @@ AM_CPPFLAGS = \
+ -I $(top_srcdir)/src/systemd
+
+ AM_CFLAGS = $(WARNINGFLAGS)
++AM_LDFLAGS = $(GCLDFLAGS)
+
+ if TARGET_GENTOO
+ AM_CPPFLAGS += \
+diff --git a/configure.ac b/configure.ac
+index 03ed1f7..0c70bae 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -102,10 +102,13 @@ CC_CHECK_FLAGS_APPEND([with_cflags], [CFLAGS], [\
+ -fno-strict-aliasing \
+ -fvisibility=hidden \
+ -ffunction-sections \
+- -fdata-sections \
++ -fdata-sections])
++AC_SUBST([WARNINGFLAGS], $with_cflags)
++
++CC_CHECK_FLAGS_APPEND([with_ldflags], [LDFLAGS], [\
+ -Wl,--as-needed \
+ -Wl,--gc-sections])
+-AC_SUBST([WARNINGFLAGS], $with_cflags)
++AC_SUBST([GCLDFLAGS], $with_ldflags)
+
+ LT_PREREQ(2.2)
+ LT_INIT
diff --git a/0022-man-don-t-claim-f-was-short-for-follow.patch b/0022-man-don-t-claim-f-was-short-for-follow.patch
new file mode 100644
index 0000000..1940908
--- /dev/null
+++ b/0022-man-don-t-claim-f-was-short-for-follow.patch
@@ -0,0 +1,22 @@
+From dca8f897441d8dea1230a9063eca7508adc54fa7 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Mon, 26 Mar 2012 23:51:56 +0200
+Subject: [PATCH] man: don't claim -f was short for --follow (cherry picked
+ from commit 0aed10889b42ac3adc1954eb07c8653784f46e58)
+
+---
+ man/systemctl.xml | 1 -
+ 1 files changed, 0 insertions(+), 1 deletions(-)
+
+diff --git a/man/systemctl.xml b/man/systemctl.xml
+index ffe0164..25b9266 100644
+--- a/man/systemctl.xml
++++ b/man/systemctl.xml
+@@ -431,7 +431,6 @@
+
+ <varlistentry>
+ <term><option>--follow</option></term>
+- <term><option>-f</option></term>
+
+ <listitem><para>When used with
+ <command>status</command> continously
diff --git a/0023-journalctl-add-local-switch.patch b/0023-journalctl-add-local-switch.patch
new file mode 100644
index 0000000..87b7b8c
--- /dev/null
+++ b/0023-journalctl-add-local-switch.patch
@@ -0,0 +1,103 @@
+From 7597d725aedc4bce6dc5ad20350d4f8e17b756d9 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 27 Mar 2012 00:14:29 +0200
+Subject: [PATCH] journalctl: add --local switch (cherry picked from commit
+ 2bd3c38a44c5c3acbf5afdb9c0bcbaf4a72dac3f)
+
+---
+ TODO | 2 ++
+ man/journalctl.xml | 8 ++++++++
+ src/journal/journalctl.c | 13 ++++++++++---
+ 3 files changed, 20 insertions(+), 3 deletions(-)
+
+diff --git a/TODO b/TODO
+index 7f19c3a..2fe676a 100644
+--- a/TODO
++++ b/TODO
+@@ -18,6 +18,8 @@ Bugfixes:
+
+ Features:
+
++* Make -f in systemctl enable both --follow and --force
++
+ * ensure that logind sets the syslog facility to AUTH when logging
+
+ * when a service has the same env var set twice we actually store it twice and return that in systemctl show -p... We should only show the last setting
+diff --git a/man/journalctl.xml b/man/journalctl.xml
+index c4d2a7e..efceefa 100644
+--- a/man/journalctl.xml
++++ b/man/journalctl.xml
+@@ -200,6 +200,14 @@
+ </varlistentry>
+
+ <varlistentry>
++ <term><option>--local</option></term>
++ <term><option>-l</option></term>
++
++ <listitem><para>Show only locally
++ generated messages.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
+ <term><option>--new-id128</option></term>
+
+ <listitem><para>Instead of showing
+diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
+index f90b2dd..01dceca 100644
+--- a/src/journal/journalctl.c
++++ b/src/journal/journalctl.c
+@@ -46,6 +46,7 @@ static int arg_lines = -1;
+ static bool arg_no_tail = false;
+ static bool arg_new_id128 = false;
+ static bool arg_quiet = false;
++static bool arg_local = false;
+
+ static int help(void) {
+
+@@ -61,7 +62,8 @@ static int help(void) {
+ " -o --output=STRING Change journal output mode (short, short-monotonic,\n"
+ " verbose, export, json, cat)\n"
+ " -q --quiet Don't show privilege warning\n"
+- " --new-id128 Generate a new 128 Bit id\n",
++ " --new-id128 Generate a new 128 Bit id\n"
++ " -l --local Only local entries\n",
+ program_invocation_short_name);
+
+ return 0;
+@@ -87,6 +89,7 @@ static int parse_argv(int argc, char *argv[]) {
+ { "no-tail", no_argument, NULL, ARG_NO_TAIL },
+ { "new-id128", no_argument, NULL, ARG_NEW_ID128 },
+ { "quiet", no_argument, NULL, 'q' },
++ { "local", no_argument, NULL, 'l' },
+ { NULL, 0, NULL, 0 }
+ };
+
+@@ -95,7 +98,7 @@ static int parse_argv(int argc, char *argv[]) {
+ assert(argc >= 0);
+ assert(argv);
+
+- while ((c = getopt_long(argc, argv, "hfo:an:q", options, NULL)) >= 0) {
++ while ((c = getopt_long(argc, argv, "hfo:an:ql", options, NULL)) >= 0) {
+
+ switch (c) {
+
+@@ -150,6 +153,10 @@ static int parse_argv(int argc, char *argv[]) {
+ arg_quiet = true;
+ break;
+
++ case 'l':
++ arg_local = true;
++ break;
++
+ case '?':
+ return -EINVAL;
+
+@@ -216,7 +223,7 @@ int main(int argc, char *argv[]) {
+ log_warning("Showing user generated messages only. Users in the group 'adm' can see all messages. Pass -q to turn this message off.");
+ #endif
+
+- r = sd_journal_open(&j, 0);
++ r = sd_journal_open(&j, arg_local ? SD_JOURNAL_LOCAL_ONLY : 0);
+ if (r < 0) {
+ log_error("Failed to open journal: %s", strerror(-r));
+ goto finish;
diff --git a/0024-cat-fix-priority-type.patch b/0024-cat-fix-priority-type.patch
new file mode 100644
index 0000000..bee6217
--- /dev/null
+++ b/0024-cat-fix-priority-type.patch
@@ -0,0 +1,24 @@
+From 1a00e659a6c001d2241b7f6478fcdb850469adcc Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 27 Mar 2012 00:20:48 +0200
+Subject: [PATCH] cat: fix priority type
+
+Needs to be "int", not "char". Spotted by Frederic Crozat.
+(cherry picked from commit d508ac0ba0c43efa8caacdd8050970efb1e30243)
+---
+ src/journal/cat.c | 2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/src/journal/cat.c b/src/journal/cat.c
+index 31d76f3..f0a6666 100644
+--- a/src/journal/cat.c
++++ b/src/journal/cat.c
+@@ -33,7 +33,7 @@
+ #include "build.h"
+
+ static char *arg_identifier = NULL;
+-static char arg_priority = LOG_INFO;
++static int arg_priority = LOG_INFO;
+ static bool arg_level_prefix = true;
+
+ static int help(void) {
diff --git a/0025-units-get-rid-of-var-run.mount-and-var-lock.mount.patch b/0025-units-get-rid-of-var-run.mount-and-var-lock.mount.patch
new file mode 100644
index 0000000..7c2c692
--- /dev/null
+++ b/0025-units-get-rid-of-var-run.mount-and-var-lock.mount.patch
@@ -0,0 +1,121 @@
+From fc3db84daaf5612dac1a9c09b1ec188a3ec2c3d3 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 27 Mar 2012 17:11:00 +0200
+Subject: [PATCH] units: get rid of var-run.mount and var-lock.mount
+
+Since a number of distribitions don't need this compat glue anymore drop
+it from systemd upstream. Distributions which still haven't converted
+to /run can steal these unit files from the git history if they need to.
+(cherry picked from commit 55d029addf7d97b15faacea597a4ff65542aaf0e)
+
+Conflicts:
+
+ Makefile.am
+---
+ Makefile.am | 14 --------------
+ units/var-lock.mount | 19 -------------------
+ units/var-run.mount | 19 -------------------
+ 3 files changed, 0 insertions(+), 52 deletions(-)
+ delete mode 100644 units/var-lock.mount
+ delete mode 100644 units/var-run.mount
+
+diff --git a/Makefile.am b/Makefile.am
+index d563cfd..63bb817 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -295,7 +295,6 @@ dist_systemunit_DATA = \
+ units/sys-kernel-config.mount \
+ units/sys-kernel-debug.mount \
+ units/sys-fs-fuse-connections.mount \
+- units/var-run.mount \
+ units/media.mount \
+ units/remount-rootfs.service \
+ units/printer.target \
+@@ -308,11 +307,6 @@ dist_systemunit_DATA = \
+ units/systemd-ask-password-console.path \
+ units/syslog.target
+
+-if HAVE_SYSV_COMPAT
+-dist_systemunit_DATA += \
+- units/var-lock.mount
+-endif
+-
+ nodist_systemunit_DATA = \
+ units/getty at .service \
+ units/serial-getty at .service \
+@@ -2341,12 +2335,10 @@ systemd-install-data-hook:
+ rm -f systemd-remount-api-vfs.service \
+ fsck-root.service \
+ remount-rootfs.service \
+- var-run.mount \
+ media.mount && \
+ $(LN_S) ../systemd-remount-api-vfs.service systemd-remount-api-vfs.service && \
+ $(LN_S) ../fsck-root.service fsck-root.service && \
+ $(LN_S) ../remount-rootfs.service remount-rootfs.service && \
+- $(LN_S) ../var-run.mount var-run.mount && \
+ $(LN_S) ../media.mount media.mount )
+ ( cd $(DESTDIR)$(userunitdir) && \
+ rm -f shutdown.target sockets.target bluetooth.target printer.target sound.target && \
+@@ -2506,12 +2498,6 @@ if TARGET_MAGEIA
+ $(LN_S) $(systemunitdir)/display-manager.service display-manager.service )
+ endif
+
+-if HAVE_SYSV_COMPAT
+- ( cd $(DESTDIR)$(systemunitdir)/local-fs.target.wants && \
+- rm -f var-lock.mount && \
+- $(LN_S) ../var-lock.mount var-lock.mount )
+-endif
+-
+ install-exec-hook: $(INSTALL_EXEC_HOOKS)
+
+ uninstall-hook: $(UNINSTALL_EXEC_HOOKS)
+diff --git a/units/var-lock.mount b/units/var-lock.mount
+deleted file mode 100644
+index 07277ad..0000000
+--- a/units/var-lock.mount
++++ /dev/null
+@@ -1,19 +0,0 @@
+-# This file is part of systemd.
+-#
+-# systemd is free software; you can redistribute it and/or modify it
+-# under the terms of the GNU General Public License as published by
+-# the Free Software Foundation; either version 2 of the License, or
+-# (at your option) any later version.
+-
+-[Unit]
+-Description=Lock Directory
+-Before=local-fs.target
+-# skip mounting if the directory does not exist or is a symlink
+-ConditionPathIsDirectory=/var/lock
+-ConditionPathIsSymbolicLink=!/var/lock
+-
+-[Mount]
+-What=/run/lock
+-Where=/var/lock
+-Type=bind
+-Options=bind
+diff --git a/units/var-run.mount b/units/var-run.mount
+deleted file mode 100644
+index ab4da42..0000000
+--- a/units/var-run.mount
++++ /dev/null
+@@ -1,19 +0,0 @@
+-# This file is part of systemd.
+-#
+-# systemd is free software; you can redistribute it and/or modify it
+-# under the terms of the GNU General Public License as published by
+-# the Free Software Foundation; either version 2 of the License, or
+-# (at your option) any later version.
+-
+-[Unit]
+-Description=Runtime Directory
+-Before=local-fs.target
+-# skip mounting if the directory does not exist or is a symlink
+-ConditionPathIsDirectory=/var/run
+-ConditionPathIsSymbolicLink=!/var/run
+-
+-[Mount]
+-What=/run
+-Where=/var/run
+-Type=bind
+-Options=bind
diff --git a/0026-journal-properly-handle-if-we-interleave-files-with-.patch b/0026-journal-properly-handle-if-we-interleave-files-with-.patch
new file mode 100644
index 0000000..01092c5
--- /dev/null
+++ b/0026-journal-properly-handle-if-we-interleave-files-with-.patch
@@ -0,0 +1,38 @@
+From 508157bef06840c3df94bfd2dc8fa5f65af950f6 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Tue, 27 Mar 2012 18:50:34 +0200
+Subject: [PATCH] journal: properly handle if we interleave files with
+ different boot ids
+
+If we try to locate a monotonic time in a file that doesn't have any
+entries with the matching boot id, then don't fail on it, simply
+fall back to calendar time.
+(cherry picked from commit 6030831d5b85539a2a209b6d3a6f28b400207d78)
+---
+ src/journal/sd-journal.c | 12 ++++++++++--
+ 1 files changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/src/journal/sd-journal.c b/src/journal/sd-journal.c
+index e9cd26e..92ba578 100644
+--- a/src/journal/sd-journal.c
++++ b/src/journal/sd-journal.c
+@@ -325,9 +325,17 @@ static int find_location(sd_journal *j, JournalFile *f, direction_t direction, O
+ else if (j->current_location.seqnum_set &&
+ sd_id128_equal(j->current_location.seqnum_id, f->header->seqnum_id))
+ r = journal_file_move_to_entry_by_seqnum(f, j->current_location.seqnum, direction, &o, &p);
+- else if (j->current_location.monotonic_set)
++ else if (j->current_location.monotonic_set) {
+ r = journal_file_move_to_entry_by_monotonic(f, j->current_location.boot_id, j->current_location.monotonic, direction, &o, &p);
+- else if (j->current_location.realtime_set)
++
++ if (r == -ENOENT) {
++ /* boot id unknown in this file */
++ if (j->current_location.realtime_set)
++ r = journal_file_move_to_entry_by_realtime(f, j->current_location.realtime, direction, &o, &p);
++ else
++ r = journal_file_next_entry(f, NULL, 0, direction, &o, &p);
++ }
++ } else if (j->current_location.realtime_set)
+ r = journal_file_move_to_entry_by_realtime(f, j->current_location.realtime, direction, &o, &p);
+ else
+ r = journal_file_next_entry(f, NULL, 0, direction, &o, &p);
diff --git a/0027-job-fix-loss-of-ordering-with-restart-jobs.patch b/0027-job-fix-loss-of-ordering-with-restart-jobs.patch
new file mode 100644
index 0000000..dc62a7e
--- /dev/null
+++ b/0027-job-fix-loss-of-ordering-with-restart-jobs.patch
@@ -0,0 +1,144 @@
+From 9c53948822726352c65cbe74da919106da957993 Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt at redhat.com>
+Date: Wed, 28 Mar 2012 00:42:27 +0200
+Subject: [PATCH] job: fix loss of ordering with restart jobs
+
+Suppose that foo.service/start is a job waiting on other job bar.service/start
+to finish. And then foo.service/restart is enqueued (not using
+--ignore-dependencies).
+
+Currently this makes foo.service start immediately, forgetting about the
+ordering to bar.service.
+
+The runnability check for JOB_RESTART jobs looks only at dependencies for
+stopping. That's actually correct, because restart jobs should be treated the
+same as stop jobs at first. The bug is that job_run_and_invalidate() does not
+treat them exactly the same as stop jobs. unit_start() gets called without
+checking for the runnability of the converted JOB_START job.
+
+The fix is to simplify the switch in job_run_and_invalidate(). Handle
+JOB_RESTART identically to JOB_STOP.
+Also simplify the handling of JOB_TRY_RESTART - just convert it to JOB_RESTART
+if the unit is active and let it fall through to the JOB_RESTART case.
+Similarly for JOB_RELOAD_OR_START - have a fall through to JOB_START.
+
+In job_finish_and_invalidate() it's not necessary to check for JOB_TRY_RESTART
+with JOB_DONE, because JOB_TRY_RESTART jobs will have been converted to
+JOB_RESTART already.
+
+Speeding up the restart of services in "auto-restart" state still works as
+before.
+
+Improves: https://bugzilla.redhat.com/show_bug.cgi?id=753586
+but it's still not perfect. With this fix the try-restart action will wait for
+the restart to complete in the right order, but the optimal behaviour would be
+to finish quickly (without disturbing the start job).
+(cherry picked from commit dd17d38879503f018fdf6bbff822970afcddb6f1)
+---
+ src/job.c | 64 ++++++++++++++++++++-----------------------------------------
+ 1 files changed, 21 insertions(+), 43 deletions(-)
+
+diff --git a/src/job.c b/src/job.c
+index e57286f..d43ce8e 100644
+--- a/src/job.c
++++ b/src/job.c
+@@ -387,14 +387,21 @@ int job_run_and_invalidate(Job *j) {
+
+ switch (j->type) {
+
++ case JOB_RELOAD_OR_START:
++ if (unit_active_state(j->unit) == UNIT_ACTIVE) {
++ j->type = JOB_RELOAD;
++ r = unit_reload(j->unit);
++ break;
++ }
++ j->type = JOB_START;
++ /* fall through */
++
+ case JOB_START:
+ r = unit_start(j->unit);
+
+- /* If this unit cannot be started, then simply
+- * wait */
++ /* If this unit cannot be started, then simply wait */
+ if (r == -EBADR)
+ r = 0;
+-
+ break;
+
+ case JOB_VERIFY_ACTIVE: {
+@@ -408,11 +415,19 @@ int job_run_and_invalidate(Job *j) {
+ break;
+ }
+
++ case JOB_TRY_RESTART:
++ if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(j->unit))) {
++ r = -ENOEXEC;
++ break;
++ }
++ j->type = JOB_RESTART;
++ /* fall through */
++
+ case JOB_STOP:
++ case JOB_RESTART:
+ r = unit_stop(j->unit);
+
+- /* If this unit cannot stopped, then simply
+- * wait. */
++ /* If this unit cannot stopped, then simply wait. */
+ if (r == -EBADR)
+ r = 0;
+ break;
+@@ -421,43 +436,6 @@ int job_run_and_invalidate(Job *j) {
+ r = unit_reload(j->unit);
+ break;
+
+- case JOB_RELOAD_OR_START:
+- if (unit_active_state(j->unit) == UNIT_ACTIVE) {
+- j->type = JOB_RELOAD;
+- r = unit_reload(j->unit);
+- } else {
+- j->type = JOB_START;
+- r = unit_start(j->unit);
+-
+- if (r == -EBADR)
+- r = 0;
+- }
+- break;
+-
+- case JOB_RESTART: {
+- UnitActiveState t = unit_active_state(j->unit);
+- if (t == UNIT_INACTIVE || t == UNIT_FAILED || t == UNIT_ACTIVATING) {
+- j->type = JOB_START;
+- r = unit_start(j->unit);
+- } else
+- r = unit_stop(j->unit);
+- break;
+- }
+-
+- case JOB_TRY_RESTART: {
+- UnitActiveState t = unit_active_state(j->unit);
+- if (t == UNIT_INACTIVE || t == UNIT_FAILED || t == UNIT_DEACTIVATING)
+- r = -ENOEXEC;
+- else if (t == UNIT_ACTIVATING) {
+- j->type = JOB_START;
+- r = unit_start(j->unit);
+- } else {
+- j->type = JOB_RESTART;
+- r = unit_stop(j->unit);
+- }
+- break;
+- }
+-
+ default:
+ assert_not_reached("Unknown job type");
+ }
+@@ -536,7 +514,7 @@ int job_finish_and_invalidate(Job *j, JobResult result) {
+ job_add_to_dbus_queue(j);
+
+ /* Patch restart jobs so that they become normal start jobs */
+- if (result == JOB_DONE && (j->type == JOB_RESTART || j->type == JOB_TRY_RESTART)) {
++ if (result == JOB_DONE && j->type == JOB_RESTART) {
+
+ log_debug("Converting job %s/%s -> %s/%s",
+ j->unit->id, job_type_to_string(j->type),
diff --git a/0028-job-add-debug-prints-where-job-type-gets-changed.patch b/0028-job-add-debug-prints-where-job-type-gets-changed.patch
new file mode 100644
index 0000000..dfdcaf3
--- /dev/null
+++ b/0028-job-add-debug-prints-where-job-type-gets-changed.patch
@@ -0,0 +1,67 @@
+From 3b5680806cc525123904eacd917e749018a18e1a Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt at redhat.com>
+Date: Wed, 28 Mar 2012 01:26:04 +0200
+Subject: [PATCH] job: add debug prints where job type gets changed (cherry
+ picked from commit
+ bbd1a8374f90605319d0404ebb423795337161bd)
+
+---
+ src/job.c | 20 ++++++++++++--------
+ 1 files changed, 12 insertions(+), 8 deletions(-)
+
+diff --git a/src/job.c b/src/job.c
+index d43ce8e..8e944b3 100644
+--- a/src/job.c
++++ b/src/job.c
+@@ -355,6 +355,14 @@ bool job_is_runnable(Job *j) {
+ return true;
+ }
+
++static void job_change_type(Job *j, JobType newtype) {
++ log_debug("Converting job %s/%s -> %s/%s",
++ j->unit->id, job_type_to_string(j->type),
++ j->unit->id, job_type_to_string(newtype));
++
++ j->type = newtype;
++}
++
+ int job_run_and_invalidate(Job *j) {
+ int r;
+ uint32_t id;
+@@ -389,11 +397,11 @@ int job_run_and_invalidate(Job *j) {
+
+ case JOB_RELOAD_OR_START:
+ if (unit_active_state(j->unit) == UNIT_ACTIVE) {
+- j->type = JOB_RELOAD;
++ job_change_type(j, JOB_RELOAD);
+ r = unit_reload(j->unit);
+ break;
+ }
+- j->type = JOB_START;
++ job_change_type(j, JOB_START);
+ /* fall through */
+
+ case JOB_START:
+@@ -420,7 +428,7 @@ int job_run_and_invalidate(Job *j) {
+ r = -ENOEXEC;
+ break;
+ }
+- j->type = JOB_RESTART;
++ job_change_type(j, JOB_RESTART);
+ /* fall through */
+
+ case JOB_STOP:
+@@ -516,12 +524,8 @@ int job_finish_and_invalidate(Job *j, JobResult result) {
+ /* Patch restart jobs so that they become normal start jobs */
+ if (result == JOB_DONE && j->type == JOB_RESTART) {
+
+- log_debug("Converting job %s/%s -> %s/%s",
+- j->unit->id, job_type_to_string(j->type),
+- j->unit->id, job_type_to_string(JOB_START));
+-
++ job_change_type(j, JOB_START);
+ j->state = JOB_WAITING;
+- j->type = JOB_START;
+
+ job_add_to_run_queue(j);
+
diff --git a/systemd.spec b/systemd.spec
index 528307e..6ad102c 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -3,7 +3,7 @@
Name: systemd
Url: http://www.freedesktop.org/wiki/Software/systemd
Version: 44
-Release: 4%{?gitcommit:.git%{gitcommit}}%{?dist}
+Release: 5%{?gitcommit:.git%{gitcommit}}%{?dist}
License: GPLv2+
Group: System Environment/Base
Summary: A System and Service Manager
@@ -29,11 +29,11 @@ BuildRequires: intltool >= 0.40.0
BuildRequires: gperf
BuildRequires: xz-devel
BuildRequires: kmod-devel >= 5
-%if %{defined gitcommit}
+
BuildRequires: automake
BuildRequires: autoconf
BuildRequires: libtool
-%endif
+
Requires(post): authconfig
Requires(post): coreutils
Requires(post): gawk
@@ -58,7 +58,34 @@ Source2: systemd-sysv-convert
Source3: udlfb.conf
# Stop-gap, just to ensure things work fine with rsyslog without having to change the package right-away
Source4: listen.conf
-Patch0: systemd-PAGE_SIZE.patch
+Patch0001: 0001-util-never-follow-symlinks-in-rm_rf_children.patch
+Patch0002: 0002-man-fix-parameter-name-for-sd_uid_xxx.patch
+Patch0003: 0003-bmfmt-allow-passing-more-than-one-config-file-name.patch
+Patch0004: 0004-modules-load-drop-lib-from-search-path-if-we-don-t-h.patch
+Patch0005: 0005-sysctl-accept-multiple-passed-configuration-files.patch
+Patch0006: 0006-man-updates-to-sysctl.d-5.patch
+Patch0007: 0007-journal-react-with-immediate-rotation-to-a-couple-of.patch
+Patch0008: 0008-journal-PAGE_SIZE-is-not-known-on-ppc-and-other-arch.patch
+Patch0009: 0009-systemd-mount-the-securityfs-filesystem-at-early-sta.patch
+Patch0010: 0010-main-added-support-for-loading-IMA-custom-policies.patch
+Patch0011: 0011-man-systemd-cat-1-typo-fix.patch
+Patch0012: 0012-binfmt-fix-apply-loop.patch
+Patch0013: 0013-add-sparse-support-to-detect-endianness-bug.patch
+Patch0014: 0014-update-TODO.patch
+Patch0015: 0015-logind-extend-comment-about-X11-socket-symlink.patch
+Patch0016: 0016-logind-close-FIFO-before-ending-sessions-cleanly.patch
+Patch0017: 0017-man-minor-typo-in-reference-to-manual-page.patch
+Patch0018: 0018-build-sys-fix-make-dist-check.patch
+Patch0019: 0019-journalctl-loginctl-drop-systemd-prefix-in-binary-na.patch
+Patch0020: 0020-build-sys-do-not-set-CFLAGS-directly.patch
+Patch0021: 0021-build-sys-separate-ldflags-from-cflags.patch
+Patch0022: 0022-man-don-t-claim-f-was-short-for-follow.patch
+Patch0023: 0023-journalctl-add-local-switch.patch
+Patch0024: 0024-cat-fix-priority-type.patch
+Patch0025: 0025-units-get-rid-of-var-run.mount-and-var-lock.mount.patch
+Patch0026: 0026-journal-properly-handle-if-we-interleave-files-with-.patch
+Patch0027: 0027-job-fix-loss-of-ordering-with-restart-jobs.patch
+Patch0028: 0028-job-add-debug-prints-where-job-type-gets-changed.patch
# For sysvinit tools
Obsoletes: SysVinit < 2.86-24, sysvinit < 2.86-24
@@ -130,10 +157,16 @@ at boot.
%prep
%setup -q %{?gitcommit:-n %{name}-git%{gitcommit}}
-%patch0 -p1
+set +x
+for p in %{patches}; do
+ echo "Applying $p"
+ patch -p1 < $p
+done
+set -x
%build
%{?gitcommit: ./autogen.sh }
+autoreconf -i
%configure --with-distro=fedora --disable-static
make %{?_smp_mflags}
@@ -324,10 +357,13 @@ mv /etc/systemd/system/default.target.save /etc/systemd/system/default.target >/
%{_prefix}/lib/systemd/systemd
%{_bindir}/systemd
%{_bindir}/systemctl
+%{_bindir}/loginctl
+%{_bindir}/journalctl
%{_bindir}/systemd-notify
%{_bindir}/systemd-ask-password
%{_bindir}/systemd-tty-ask-password-agent
%{_bindir}/systemd-machine-id-setup
+%{_bindir}/systemd-systemctl
%{_bindir}/systemd-loginctl
%{_bindir}/systemd-journalctl
%{_bindir}/systemd-tmpfiles
@@ -414,6 +450,10 @@ mv /etc/systemd/system/default.target.save /etc/systemd/system/default.target >/
%{_bindir}/systemd-analyze
%changelog
+* Fri Mar 30 2012 Michal Schmidt <mschmidt at redhat.com> - 44-5
+- Post-v44 patches from upstream git, except the changes of /media, /tmp
+ mountpoints and the gtk removal.
+
* Wed Mar 28 2012 Michal Schmidt <mschmidt at redhat.com> - 44-4
- Add triggers from Bill Nottingham to correct the damage done by
the obsoleted systemd-units's preun scriptlet (#807457).
More information about the scm-commits
mailing list