The systemd package was getting stale and causing problems, as discussed
in issue 3690. This update fixes the problems. What I did was:
- Synchronized changes with the Arch package.
- Worked around an issue, where 'vmlinux.h' was not found during
compilation, so I had add 'linux-libre-vanilla-headers' as makedeps,
and had to specify the path to 'linux-libre-vanilla/vmlinux.h' for
the meson compile command.
- Re-positioned the parabola FSDN patches files, so they can patch,
but I didn't check if there are any new FSDG issues in the systemd
documentation.
On my computer I also had to add '--timeout-multiplier 10' on the meson
test command, because otherwise one of the tests was failing. I didn't
add this to the patch, because it's probably just my computer being
slow.
>From 4fb25b6da5c96a34cde414caa14b2b2caa883edd Mon Sep 17 00:00:00 2001
From: Martin Sotirov <[email protected]>
Date: Wed, 23 Apr 2025 22:14:13 +0900
Subject: [PATCH] Update systemd to 257.5-2
---
...-Systemd-Boot-Manager-instead-of-Lin.patch | 14 +-
...-Use-Arch-Linux-device-access-groups.patch | 67 +----
...Default-PRETTY_NAME-to-GNU-Linux-ins.patch | 16 +-
...to-the-operating-system-as-GNU-Linux.patch | 237 +++++++++---------
libre/systemd/30-systemd-restart-marked.hook | 9 +
libre/systemd/PKGBUILD | 108 ++++----
libre/systemd/systemd-hook | 18 +-
libre/systemd/systemd.install | 21 +-
8 files changed, 239 insertions(+), 251 deletions(-)
create mode 100644 libre/systemd/30-systemd-restart-marked.hook
diff --git a/libre/systemd/0001-FSDG-bootctl-Say-Systemd-Boot-Manager-instead-of-Lin.patch b/libre/systemd/0001-FSDG-bootctl-Say-Systemd-Boot-Manager-instead-of-Lin.patch
index a2cae07f7..722838e62 100644
--- a/libre/systemd/0001-FSDG-bootctl-Say-Systemd-Boot-Manager-instead-of-Lin.patch
+++ b/libre/systemd/0001-FSDG-bootctl-Say-Systemd-Boot-Manager-instead-of-Lin.patch
@@ -13,7 +13,7 @@ diff --git a/man/bootctl.xml b/man/bootctl.xml
index d5ded286cc..e1a2936b2e 100644
--- a/man/bootctl.xml
+++ b/man/bootctl.xml
-@@ -475,10 +475,10 @@
+@@ -503,10 +503,10 @@
<varlistentry>
<term><option>--efi-boot-option-description=</option></term>
@@ -26,7 +26,7 @@ index d5ded286cc..e1a2936b2e 100644
one bootloader installed to a single ESP partition should be used to boot any number of OS installations
found on the various disks installed in the system. Specifically distributions should not use this flag
to install a branded entry in the boot option list. However in situations with multiple disks, each with
-@@ -570,7 +570,7 @@ Available Boot Loaders on ESP:
+@@ -627,7 +627,7 @@ Available Boot Loaders on ESP:
File: └─/EFI/BOOT/BOOTX64.EFI (systemd-boot 251
Boot Loaders Listed in EFI Variables:
@@ -35,11 +35,11 @@ index d5ded286cc..e1a2936b2e 100644
ID: 0x0001
Status: active, boot-order
Partition: /dev/disk/by-partuuid/…
-diff --git a/src/boot/bootctl-install.c b/src/boot/bootctl-install.c
-index dc46d30c5b..d907926f2a 100644
---- a/src/boot/bootctl-install.c
-+++ b/src/boot/bootctl-install.c
-@@ -683,7 +683,7 @@ static int remove_from_order(uint16_t slot) {
+diff --git a/src/bootctl/bootctl-install.c b/src/bootctl/bootctl-install.c
+index 7ad264d8821..a43dc626104 100644
+--- a/src/bootctl/bootctl-install.c
++++ b/src/bootctl/bootctl-install.c
+@@ -849,7 +849,7 @@ static int remove_from_order(uint16_t slot) {
}
static const char *pick_efi_boot_option_description(void) {
diff --git a/libre/systemd/0001-Use-Arch-Linux-device-access-groups.patch b/libre/systemd/0001-Use-Arch-Linux-device-access-groups.patch
index d88486575..79c23585b 100644
--- a/libre/systemd/0001-Use-Arch-Linux-device-access-groups.patch
+++ b/libre/systemd/0001-Use-Arch-Linux-device-access-groups.patch
@@ -1,10 +1,7 @@
-From 0e8c18bc2639da328274d02d9222ee2c1f6bf696 Mon Sep 17 00:00:00 2001
+From dfdd57b81916ac4c9a69b4c4400a9145d9746e9f Mon Sep 17 00:00:00 2001
From: "Jan Alexander Steffens (heftig)" <[email protected]>
Date: Tue, 6 Mar 2018 23:39:47 +0100
Subject: [PATCH] Use Arch Linux' device access groups
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
cdrom → optical
dialout → uucp
@@ -17,10 +14,10 @@ Content-Transfer-Encoding: 8bit
4 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/meson.build b/meson.build
-index 76ad51d3fb..5cf679b088 100644
+index d392610625..ab8689da68 100644
--- a/meson.build
+++ b/meson.build
-@@ -915,19 +915,19 @@ conf.set_quoted('NOBODY_GROUP_NAME', nobody_group)
+@@ -940,19 +940,19 @@ conf.set_quoted('NOBODY_GROUP_NAME', nobody_group)
static_ugids = []
foreach option : ['adm-gid',
'audio-gid',
@@ -44,10 +41,10 @@ index 76ad51d3fb..5cf679b088 100644
'wheel-gid',
'systemd-journal-gid',
diff --git a/meson_options.txt b/meson_options.txt
-index 814f340840..253a77ecb3 100644
+index 78ec25bfa3..0ac81db762 100644
--- a/meson_options.txt
+++ b/meson_options.txt
-@@ -257,10 +257,6 @@ option('adm-gid', type : 'integer', value : 0,
+@@ -287,10 +287,6 @@ option('adm-gid', type : 'integer', value : 0,
description : 'soft-static allocation for the "adm" group')
option('audio-gid', type : 'integer', value : 0,
description : 'soft-static allocation for the "audio" group')
@@ -58,7 +55,7 @@ index 814f340840..253a77ecb3 100644
option('disk-gid', type : 'integer', value : 0,
description : 'soft-static allocation for the "disk" group')
option('input-gid', type : 'integer', value : 0,
-@@ -271,18 +267,22 @@ option('kvm-gid', type : 'integer', value : 0,
+@@ -301,18 +297,22 @@ option('kvm-gid', type : 'integer', value : 0,
description : 'soft-static allocation for the "kvm" group')
option('lp-gid', type : 'integer', value : 0,
description : 'soft-static allocation for the "lp" group')
@@ -84,19 +81,19 @@ index 814f340840..253a77ecb3 100644
description : 'soft-static allocation for the "video" group')
option('wheel-gid', type : 'integer', value : 0,
diff --git a/rules.d/50-udev-default.rules.in b/rules.d/50-udev-default.rules.in
-index 843bdaf9ce..a192f091df 100644
+index 6f80feeecf..40c1bf3dbc 100644
--- a/rules.d/50-udev-default.rules.in
+++ b/rules.d/50-udev-default.rules.in
-@@ -26,7 +26,7 @@ SUBSYSTEM=="tty", KERNEL=="sclp_line[0-9]*", GROUP="tty", MODE="0620"
- SUBSYSTEM=="tty", KERNEL=="ttysclp[0-9]*", GROUP="tty", MODE="0620"
- SUBSYSTEM=="tty", KERNEL=="3270/tty[0-9]*", GROUP="tty", MODE="0620"
+@@ -39,7 +39,7 @@ SUBSYSTEM=="tty", KERNEL=="ptmx", GROUP="tty", MODE="0666"
+ SUBSYSTEM=="tty", KERNEL=="tty", GROUP="tty", MODE="0666"
+ SUBSYSTEM=="tty", KERNEL=="tty[0-9]*|hvc[0-9]*|sclp_line[0-9]*|ttysclp[0-9]*|3270/tty[0-9]*", GROUP="tty", MODE="0620"
SUBSYSTEM=="vc", KERNEL=="vcs*|vcsa*", GROUP="tty"
-KERNEL=="tty[A-Z]*[0-9]|ttymxc[0-9]*|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*", GROUP="dialout"
+KERNEL=="tty[A-Z]*[0-9]|ttymxc[0-9]*|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*", GROUP="uucp"
SUBSYSTEM=="mem", KERNEL=="mem|kmem|port", GROUP="kmem", MODE="0640"
-@@ -72,13 +72,13 @@ KERNEL=="irlpt[0-9]*", GROUP="lp"
+@@ -86,13 +86,13 @@ KERNEL=="irlpt[0-9]*", GROUP="lp"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0701??:*", GROUP="lp"
SUBSYSTEM=="block", GROUP="disk"
@@ -117,10 +114,10 @@ index 843bdaf9ce..a192f091df 100644
KERNEL=="qft[0-9]*|nqft[0-9]*|zqft[0-9]*|nzqft[0-9]*|rawqft[0-9]*|nrawqft[0-9]*", GROUP="disk"
KERNEL=="loop-control", GROUP="disk", OPTIONS+="static_node=loop-control"
diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in
-index a602b872e4..8d38febb6a 100644
+index 992af346ca..86e622e5dd 100644
--- a/sysusers.d/basic.conf.in
+++ b/sysusers.d/basic.conf.in
-@@ -23,17 +23,17 @@ g utmp {{UTMP_GID }} - -
+@@ -24,17 +24,17 @@ g utmp {{UTMP_GID }} - -
# Physical and virtual hardware access groups
g audio {{AUDIO_GID }} - -
@@ -141,41 +138,3 @@ index a602b872e4..8d38febb6a 100644
g video {{VIDEO_GID }} - -
# Default group for normal users
-
-From 9e2987a7b4d09d7b554141e9ef2c911cb3fda570 Mon Sep 17 00:00:00 2001
-From: Christian Hesse <[email protected]>
-Date: Mon, 27 Dec 2021 23:32:42 +0100
-Subject: [PATCH] generate tmpfiles.d/legacy.conf
-
----
- tmpfiles.d/legacy.conf.in | 3 ---
- tmpfiles.d/meson.build | 2 +-
- 2 files changed, 1 insertion(+), 4 deletions(-)
-
-diff --git a/tmpfiles.d/legacy.conf.in b/tmpfiles.d/legacy.conf.in
-index 4f2c0d7c43..62e2ae0986 100644
---- a/tmpfiles.d/legacy.conf.in
-+++ b/tmpfiles.d/legacy.conf.in
-@@ -12,9 +12,6 @@
-
- d /run/lock 0755 root root -
- L /var/lock - - - - ../run/lock
--{% if CREATE_LOG_DIRS %}
--L /var/log/README - - - - ../..{{DOC_DIR}}/README.logs
--{% endif %}
-
- # /run/lock/subsys is used for serializing SysV service execution, and
- # hence without use on SysV-less systems.
-diff --git a/tmpfiles.d/meson.build b/tmpfiles.d/meson.build
-index ca1abbf3fe..25e2b53402 100644
---- a/tmpfiles.d/meson.build
-+++ b/tmpfiles.d/meson.build
-@@ -29,7 +29,7 @@ foreach pair : files
- endforeach
-
- in_files = [['etc.conf', ''],
-- ['legacy.conf', 'HAVE_SYSV_COMPAT'],
-+ ['legacy.conf', ''],
- ['static-nodes-permissions.conf', ''],
- ['systemd.conf', ''],
- ['var.conf', ''],
diff --git a/libre/systemd/0002-FSDG-os-release-Default-PRETTY_NAME-to-GNU-Linux-ins.patch b/libre/systemd/0002-FSDG-os-release-Default-PRETTY_NAME-to-GNU-Linux-ins.patch
index 7108a3f4e..570994acd 100644
--- a/libre/systemd/0002-FSDG-os-release-Default-PRETTY_NAME-to-GNU-Linux-ins.patch
+++ b/libre/systemd/0002-FSDG-os-release-Default-PRETTY_NAME-to-GNU-Linux-ins.patch
@@ -15,7 +15,7 @@ Subject: [PATCH 2/7] FSDG: os-release: Default PRETTY_NAME to "GNU/Linux"
7 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/man/check-os-release-simple.py b/man/check-os-release-simple.py
-index ce73c77b14..9ad899a814 100644
+index ce73c77b14a..9ad899a8148 100644
--- a/man/check-os-release-simple.py
+++ b/man/check-os-release-simple.py
@@ -4,7 +4,7 @@
@@ -28,7 +28,7 @@ index ce73c77b14..9ad899a814 100644
if 'fedora' in [os_release.get('ID', 'linux'),
diff --git a/man/check-os-release.py b/man/check-os-release.py
-index 19b193ec76..373b77ed06 100644
+index 19b193ec76a..373b77ed065 100644
--- a/man/check-os-release.py
+++ b/man/check-os-release.py
@@ -29,7 +29,7 @@ def read_os_release():
@@ -41,7 +41,7 @@ index 19b193ec76..373b77ed06 100644
if 'debian' in [os_release.get('ID', 'linux'),
diff --git a/man/check-os-release.sh b/man/check-os-release.sh
-index 12f7ee12cc..084647a38b 100644
+index 12f7ee12cc5..084647a38b0 100644
--- a/man/check-os-release.sh
+++ b/man/check-os-release.sh
@@ -4,7 +4,7 @@
@@ -54,7 +54,7 @@ index 12f7ee12cc..084647a38b 100644
if [ "${ID:-linux}" = "debian" ] || [ "${ID_LIKE#*debian*}" != "${ID_LIKE}" ]; then
echo "Looks like Debian!"
diff --git a/man/kernel-install.xml b/man/kernel-install.xml
-index f3468bbde0..163e233489 100644
+index f3468bbde0e..163e2334893 100644
--- a/man/kernel-install.xml
+++ b/man/kernel-install.xml
@@ -140,7 +140,7 @@
@@ -76,7 +76,7 @@ index f3468bbde0..163e233489 100644
<xi:include href="version-info.xml" xpointer="v198"/>
diff --git a/man/os-release.xml b/man/os-release.xml
-index afdb21fc57..a1f0bbb9f4 100644
+index 99e31ba24eb..b5e02c04db4 100644
--- a/man/os-release.xml
+++ b/man/os-release.xml
@@ -190,7 +190,7 @@
@@ -89,10 +89,10 @@ index afdb21fc57..a1f0bbb9f4 100644
<para>Example: <literal>PRETTY_NAME="Fedora 17 (Beefy Miracle)"</literal>.</para></listitem>
</varlistentry>
diff --git a/src/basic/os-util.c b/src/basic/os-util.c
-index 79f641b364..efbb08c985 100644
+index 21b6f669e6a..f144c595005 100644
--- a/src/basic/os-util.c
+++ b/src/basic/os-util.c
-@@ -476,5 +476,5 @@ const char *os_release_pretty_name(const char *pretty_name, const char *name) {
+@@ -482,5 +482,5 @@ const char* os_release_pretty_name(const char *pretty_name, const char *name) {
* exists mostly to ensure we use the same logic wherever possible. */
return empty_to_null(pretty_name) ?:
@@ -100,7 +100,7 @@ index 79f641b364..efbb08c985 100644
+ empty_to_null(name) ?: "GNU/Linux";
}
diff --git a/src/kernel-install/90-loaderentry.install.in b/src/kernel-install/90-loaderentry.install.in
-index 766d321595..56775e63d0 100755
+index 832a82794ca..bb92d272fe2 100755
--- a/src/kernel-install/90-loaderentry.install.in
+++ b/src/kernel-install/90-loaderentry.install.in
@@ -66,7 +66,7 @@ elif [ -f /usr/lib/os-release ]; then
diff --git a/libre/systemd/0007-FSDG-man-Refer-to-the-operating-system-as-GNU-Linux.patch b/libre/systemd/0007-FSDG-man-Refer-to-the-operating-system-as-GNU-Linux.patch
index 3a0ac4e06..ab0950709 100644
--- a/libre/systemd/0007-FSDG-man-Refer-to-the-operating-system-as-GNU-Linux.patch
+++ b/libre/systemd/0007-FSDG-man-Refer-to-the-operating-system-as-GNU-Linux.patch
@@ -70,7 +70,7 @@ There are still a few false-positives in that output.
55 files changed, 99 insertions(+), 99 deletions(-)
diff --git a/man/bootup.xml b/man/bootup.xml
-index c942bab344..be292bf3cd 100644
+index a0aafe5e790..4b187e097e3 100644
--- a/man/bootup.xml
+++ b/man/bootup.xml
@@ -23,7 +23,7 @@
@@ -83,7 +83,7 @@ index c942bab344..be292bf3cd 100644
loader (e.g.
<citerefentry><refentrytitle>systemd-boot</refentrytitle><manvolnum>7</manvolnum></citerefentry> or
diff --git a/man/daemon.xml b/man/daemon.xml
-index 42630d2782..dad234eb54 100644
+index 1d9b937b2f6..e74220281aa 100644
--- a/man/daemon.xml
+++ b/man/daemon.xml
@@ -47,7 +47,7 @@
@@ -132,7 +132,7 @@ index 42630d2782..dad234eb54 100644
leave the scheduling of processes to the OS scheduler itself. systemd provides fine-grained access to
the CPU and I/O schedulers. If a process executed by the service manager shall not negatively impact
diff --git a/man/homectl.xml b/man/homectl.xml
-index 43bde52e0d..d7790beacb 100644
+index 927fe939ee9..cdbea006111 100644
--- a/man/homectl.xml
+++ b/man/homectl.xml
@@ -442,7 +442,7 @@
@@ -145,7 +145,7 @@ index 43bde52e0d..d7790beacb 100644
<literal>hmac-secret</literal> extension that shall be able to unlock the user account. A random salt
value is generated on the host and passed to the FIDO2 device, which calculates a HMAC hash of the
diff --git a/man/hostnamectl.xml b/man/hostnamectl.xml
-index 0f50bf9e44..b0ae42d42e 100644
+index 70a6d295f6b..4b26f095b10 100644
--- a/man/hostnamectl.xml
+++ b/man/hostnamectl.xml
@@ -47,7 +47,7 @@
@@ -167,7 +167,7 @@ index 0f50bf9e44..b0ae42d42e 100644
<xi:include href="version-info.xml" xpointer="v249"/></listitem>
</varlistentry>
diff --git a/man/journald.conf.xml b/man/journald.conf.xml
-index 1aa74926ab..9743d53ce7 100644
+index 1aa74926ab5..9743d53ce79 100644
--- a/man/journald.conf.xml
+++ b/man/journald.conf.xml
@@ -147,7 +147,7 @@
@@ -180,7 +180,7 @@ index 1aa74926ab..9743d53ce7 100644
<literal>uid</literal>, all regular users (with UID outside the range of system users, dynamic service users,
and the nobody user) will each get their own journal files, and system users will log to the system journal.
diff --git a/man/machinectl.xml b/man/machinectl.xml
-index 3964dc0580..790079c4c2 100644
+index 5b19a9abbd7..f7e9f87efb7 100644
--- a/man/machinectl.xml
+++ b/man/machinectl.xml
@@ -72,7 +72,7 @@
@@ -202,7 +202,7 @@ index 3964dc0580..790079c4c2 100644
non-empty label strings, separated by dots. No leading or trailing
dots are allowed. No sequences of multiple dots are allowed. The
diff --git a/man/org.freedesktop.machine1.xml b/man/org.freedesktop.machine1.xml
-index 8abef00e53..ed0f6840f0 100644
+index 77923205466..332d494ab50 100644
--- a/man/org.freedesktop.machine1.xml
+++ b/man/org.freedesktop.machine1.xml
@@ -323,7 +323,7 @@ node /org/freedesktop/machine1 {
@@ -215,7 +215,7 @@ index 8abef00e53..ed0f6840f0 100644
<literal>a-zA-Z0-9-_.</literal> are allowed, the name may not begin with a dot, and it may not contain
two dots immediately following each other. Container and VM managers should ideally use the hostname
diff --git a/man/org.freedesktop.resolve1.xml b/man/org.freedesktop.resolve1.xml
-index f6b70d6e4f..241c58ee1e 100644
+index a9c121d12f5..531590790b5 100644
--- a/man/org.freedesktop.resolve1.xml
+++ b/man/org.freedesktop.resolve1.xml
@@ -246,7 +246,7 @@ node /org/freedesktop/resolve1 {
@@ -255,10 +255,10 @@ index f6b70d6e4f..241c58ee1e 100644
object path for a link object given the network interface index (see above).</para>
diff --git a/man/org.freedesktop.systemd1.xml b/man/org.freedesktop.systemd1.xml
-index b0b45097e3..a9aec94723 100644
+index 021aa86ac99..297efe4db97 100644
--- a/man/org.freedesktop.systemd1.xml
+++ b/man/org.freedesktop.systemd1.xml
-@@ -1269,7 +1269,7 @@ node /org/freedesktop/systemd1 {
+@@ -1268,7 +1268,7 @@ node /org/freedesktop/systemd1 {
<para><function>GetUnitByPID()</function> may be used to get the unit object path of the unit a process
ID belongs to. It takes a UNIX PID and returns the object path. The PID must refer to an existing system process.
@@ -268,10 +268,10 @@ index b0b45097e3..a9aec94723 100644
of a PID, which is safer as UNIX PIDs can be recycled. The latter method returns the unit id and the
invocation id together with the unit object path.</para>
diff --git a/man/os-release.xml b/man/os-release.xml
-index e5a797489c..a1a1cf39ec 100644
+index 99e31ba24eb..0bb186e42d6 100644
--- a/man/os-release.xml
+++ b/man/os-release.xml
-@@ -458,7 +458,7 @@
+@@ -535,7 +535,7 @@
present and no other configuration source specifies the hostname. Must be either a single DNS label
(a string composed of 7-bit ASCII lower-case characters and no spaces or dots, limited to the
format allowed for DNS domain name labels), or a sequence of such labels separated by single dots
@@ -281,7 +281,7 @@ index e5a797489c..a1a1cf39ec 100644
<para>See <citerefentry><refentrytitle>org.freedesktop.hostname1</refentrytitle><manvolnum>5</manvolnum></citerefentry>
diff --git a/man/pam_systemd_home.xml b/man/pam_systemd_home.xml
-index 5bd48de4a6..ee2f99557c 100644
+index 5bd48de4a60..ee2f99557c4 100644
--- a/man/pam_systemd_home.xml
+++ b/man/pam_systemd_home.xml
@@ -106,7 +106,7 @@
@@ -294,7 +294,7 @@ index 5bd48de4a6..ee2f99557c 100644
<option>password</option> (to change the encryption password — also used for user authentication —
through PAM).</para>
diff --git a/man/portablectl.xml b/man/portablectl.xml
-index 92d8ff03aa..6ee898487b 100644
+index cafb3565ace..7868f30cd00 100644
--- a/man/portablectl.xml
+++ b/man/portablectl.xml
@@ -58,7 +58,7 @@
@@ -307,10 +307,10 @@ index 92d8ff03aa..6ee898487b 100644
</itemizedlist>
diff --git a/man/repart.d.xml b/man/repart.d.xml
-index 52e6b97240..31a850a85e 100644
+index 204fc162081..8a4a783d0eb 100644
--- a/man/repart.d.xml
+++ b/man/repart.d.xml
-@@ -141,7 +141,7 @@
+@@ -132,7 +132,7 @@
<row>
<entry><constant>linux-generic</constant></entry>
@@ -320,7 +320,7 @@ index 52e6b97240..31a850a85e 100644
<row>
diff --git a/man/sd-bus-errors.xml b/man/sd-bus-errors.xml
-index b9919b13f6..5c0c2d3629 100644
+index b9919b13f65..5c0c2d3629f 100644
--- a/man/sd-bus-errors.xml
+++ b/man/sd-bus-errors.xml
@@ -110,7 +110,7 @@
@@ -333,7 +333,7 @@ index b9919b13f6..5c0c2d3629 100644
to D-Bus errors and back. For example, the error
<constant>EUCLEAN</constant> is mapped to
diff --git a/man/sd-event.xml b/man/sd-event.xml
-index 46b50ea401..e1e6edf92d 100644
+index 46b50ea401b..e1e6edf92d5 100644
--- a/man/sd-event.xml
+++ b/man/sd-event.xml
@@ -36,7 +36,7 @@
@@ -346,7 +346,7 @@ index 46b50ea401..e1e6edf92d 100644
</para>
diff --git a/man/sd-id128.xml b/man/sd-id128.xml
-index 5a2ca4636a..f3f05ff2dd 100644
+index c568fbf4bc0..ed0aa37bd49 100644
--- a/man/sd-id128.xml
+++ b/man/sd-id128.xml
@@ -195,7 +195,7 @@ int main(int argc, char **argv) {
@@ -359,7 +359,7 @@ index 5a2ca4636a..f3f05ff2dd 100644
generated by the sd-id128 APIs strictly conform to Variant 1 Version 4 UUIDs, as per RFC 4122.</para>
diff --git a/man/sd_bus_error_add_map.xml b/man/sd_bus_error_add_map.xml
-index e6e635130e..faaf69828b 100644
+index e6e635130ee..faaf69828b2 100644
--- a/man/sd_bus_error_add_map.xml
+++ b/man/sd_bus_error_add_map.xml
@@ -51,7 +51,7 @@
@@ -372,7 +372,7 @@ index e6e635130e..faaf69828b 100644
<citerefentry><refentrytitle>sd_bus_error_set</refentrytitle><manvolnum>3</manvolnum></citerefentry>
or
diff --git a/man/sd_bus_get_name_machine_id.xml b/man/sd_bus_get_name_machine_id.xml
-index 486701841b..5d61735af8 100644
+index 486701841b7..5d61735af88 100644
--- a/man/sd_bus_get_name_machine_id.xml
+++ b/man/sd_bus_get_name_machine_id.xml
@@ -40,7 +40,7 @@
@@ -385,7 +385,7 @@ index 486701841b..5d61735af8 100644
stored in <parameter>machine</parameter>.</para>
</refsect1>
diff --git a/man/sd_event_add_io.xml b/man/sd_event_add_io.xml
-index 3a405f0595..21eff70e2a 100644
+index 6eab52b0305..8c8b1585c17 100644
--- a/man/sd_event_add_io.xml
+++ b/man/sd_event_add_io.xml
@@ -104,7 +104,7 @@
@@ -398,7 +398,7 @@ index 3a405f0595..21eff70e2a 100644
<parameter>events</parameter> parameter takes a bit mask of events to watch for, a combination of the
following event flags: <constant>EPOLLIN</constant>, <constant>EPOLLOUT</constant>,
diff --git a/man/sd_event_set_signal_exit.xml b/man/sd_event_set_signal_exit.xml
-index 10b68a0edf..6247e7936d 100644
+index 10b68a0edfc..6247e7936d5 100644
--- a/man/sd_event_set_signal_exit.xml
+++ b/man/sd_event_set_signal_exit.xml
@@ -49,7 +49,7 @@
@@ -411,7 +411,7 @@ index 10b68a0edf..6247e7936d 100644
<para>It's customary for UNIX programs to exit on either of these two signals, hence it's typically a
good idea to enable this functionality for the main event loop of a program.</para>
diff --git a/man/sd_id128_to_string.xml b/man/sd_id128_to_string.xml
-index b2f3030534..a237284cb5 100644
+index b2f30305346..a237284cb58 100644
--- a/man/sd_id128_to_string.xml
+++ b/man/sd_id128_to_string.xml
@@ -83,7 +83,7 @@
@@ -424,7 +424,7 @@ index b2f3030534..a237284cb5 100644
<para>For more information about the <literal>sd_id128_t</literal> type see
diff --git a/man/sd_is_fifo.xml b/man/sd_is_fifo.xml
-index 8f6fa43f6b..dd7b3ad35f 100644
+index 8f6fa43f6b3..dd7b3ad35fa 100644
--- a/man/sd_is_fifo.xml
+++ b/man/sd_is_fifo.xml
@@ -140,7 +140,7 @@
@@ -437,10 +437,10 @@ index 8f6fa43f6b..dd7b3ad35f 100644
size of the address, including the initial 0 byte, and set the
<parameter>path</parameter> to the initial 0 byte of the socket
diff --git a/man/sd_notify.xml b/man/sd_notify.xml
-index 35c450b128..9e5354cb15 100644
+index a465e02f528..27f19945ee7 100644
--- a/man/sd_notify.xml
+++ b/man/sd_notify.xml
-@@ -479,7 +479,7 @@
+@@ -533,7 +533,7 @@
<para>These functions send a single datagram with the state string as payload to the socket referenced in
the <varname>$NOTIFY_SOCKET</varname> environment variable. If the first character of
<varname>$NOTIFY_SOCKET</varname> is <literal>/</literal> or <literal>@</literal>, the string is
@@ -450,7 +450,7 @@ index 35c450b128..9e5354cb15 100644
SCM_CREDENTIALS. If the string starts with <literal>vsock:</literal> then the string is understood as an
<constant>AF_VSOCK</constant> address, which is useful for hypervisors/VMMs or other processes on the
diff --git a/man/sd_uid_get_state.xml b/man/sd_uid_get_state.xml
-index 2a91686e1c..15d6ab745b 100644
+index 2a91686e1c7..15d6ab745b0 100644
--- a/man/sd_uid_get_state.xml
+++ b/man/sd_uid_get_state.xml
@@ -181,7 +181,7 @@
@@ -463,12 +463,12 @@ index 2a91686e1c..15d6ab745b 100644
</varlistentry>
diff --git a/man/systemd-analyze.xml b/man/systemd-analyze.xml
-index 9a4b0cada4..a84e430396 100644
+index 68d006a1cef..0c3bdfb4d73 100644
--- a/man/systemd-analyze.xml
+++ b/man/systemd-analyze.xml
-@@ -438,7 +438,7 @@ DATAERR 65 BSD
- <refsect2>
- <title><command>systemd-analyze capability <optional><replaceable>CAPABILITY</replaceable>...</optional></command></title>
+@@ -470,7 +470,7 @@ DATAERR 65 BSD
+ </command>
+ </title>
- <para>This command prints a list of Linux capabilities along with their numeric IDs. See <citerefentry
+ <para>This command prints a list of Linux kernel capabilities along with their numeric IDs. See <citerefentry
@@ -476,7 +476,7 @@ index 9a4b0cada4..a84e430396 100644
for details. If no argument is specified the full list of capabilities known to the service manager and
the kernel is shown. Capabilities defined by the kernel but not known to the service manager are shown
diff --git a/man/systemd-boot.xml b/man/systemd-boot.xml
-index cc4504926c..d92beba056 100644
+index 2c2128482fc..56ed9fe4471 100644
--- a/man/systemd-boot.xml
+++ b/man/systemd-boot.xml
@@ -111,7 +111,7 @@
@@ -489,7 +489,7 @@ index cc4504926c..d92beba056 100644
booted kernel images.</para>
</refsect1>
diff --git a/man/systemd-cgls.xml b/man/systemd-cgls.xml
-index 5280992c8c..e9d55ff6a8 100644
+index 5280992c8c6..e9d55ff6a86 100644
--- a/man/systemd-cgls.xml
+++ b/man/systemd-cgls.xml
@@ -39,7 +39,7 @@
@@ -502,7 +502,7 @@ index 5280992c8c..e9d55ff6a8 100644
specified control groups plus all their subgroups and their
members. The control groups may either be specified by their full
diff --git a/man/systemd-cgtop.xml b/man/systemd-cgtop.xml
-index 5b5ab5b736..eaee2111df 100644
+index 5b5ab5b7360..eaee2111df7 100644
--- a/man/systemd-cgtop.xml
+++ b/man/systemd-cgtop.xml
@@ -33,7 +33,7 @@
@@ -515,7 +515,7 @@ index 5b5ab5b736..eaee2111df 100644
regular intervals (by default every 1s), similar in style to
<citerefentry project='man-pages'><refentrytitle>top</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
diff --git a/man/systemd-cryptenroll.xml b/man/systemd-cryptenroll.xml
-index a47866ba61..c2474b1bb7 100644
+index fb36f455ba9..66886758433 100644
--- a/man/systemd-cryptenroll.xml
+++ b/man/systemd-cryptenroll.xml
@@ -158,7 +158,7 @@
@@ -528,7 +528,7 @@ index a47866ba61..c2474b1bb7 100644
<row>
diff --git a/man/systemd-detect-virt.xml b/man/systemd-detect-virt.xml
-index 2239294145..b0af55c2ce 100644
+index a4fcdfbc9d5..10bcb6b8b31 100644
--- a/man/systemd-detect-virt.xml
+++ b/man/systemd-detect-virt.xml
@@ -160,12 +160,12 @@
@@ -558,7 +558,7 @@ index 2239294145..b0af55c2ce 100644
Multiple WSL environments share the same kernel and services
should generally behave like when being run in a container.</para>
diff --git a/man/systemd-dissect.xml b/man/systemd-dissect.xml
-index b65a2c39f1..e4436a3ea6 100644
+index b65a2c39f1d..e4436a3ea6b 100644
--- a/man/systemd-dissect.xml
+++ b/man/systemd-dissect.xml
@@ -100,7 +100,7 @@
@@ -571,7 +571,7 @@ index b65a2c39f1..e4436a3ea6 100644
with <citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
<option>--image=</option> switch, and be used as root file system for system service using the
diff --git a/man/systemd-machine-id-setup.xml b/man/systemd-machine-id-setup.xml
-index bb53cc7069..c8ffa86e2b 100644
+index bb53cc7069d..c8ffa86e2bd 100644
--- a/man/systemd-machine-id-setup.xml
+++ b/man/systemd-machine-id-setup.xml
@@ -62,7 +62,7 @@
@@ -584,7 +584,7 @@ index bb53cc7069..c8ffa86e2b 100644
url="https://systemd.io/CONTAINER_INTERFACE";>Container Interface</ulink>. This step is skipped if
<option>--root=</option> is specified or running in a chroot environment.</para></listitem>
diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml
-index e7ceb94012..da11ab17c5 100644
+index 7bdb55d5d5f..f7408a0a60d 100644
--- a/man/systemd-nspawn.xml
+++ b/man/systemd-nspawn.xml
@@ -57,7 +57,7 @@
@@ -594,9 +594,9 @@ index e7ceb94012..da11ab17c5 100644
- may be used to boot full Linux-based operating systems in a container.</para>
+ may be used to boot full Linux-kernel-based operating systems in a container.</para>
- <para><command>systemd-nspawn</command> limits access to various kernel interfaces in the container to read-only,
- such as <filename>/sys/</filename>, <filename>/proc/sys/</filename> or <filename>/sys/fs/selinux/</filename>. The
-@@ -1029,7 +1029,7 @@ After=sys-subsystem-net-devices-ens1.device</programlisting>
+ <para><command>systemd-nspawn</command> limits access to various kernel interfaces in the container to
+ read-only, such as <filename>/sys/</filename>, <filename>/proc/sys/</filename>, or
+@@ -1034,7 +1034,7 @@ After=sys-subsystem-net-devices-ens1.device</programlisting>
<para>Note that <option>--network-veth</option> is the default if the
<filename>[email protected]</filename> template unit file is used.</para>
@@ -605,7 +605,7 @@ index e7ceb94012..da11ab17c5 100644
container names may have a length up to 64 characters. As this option derives the host-side interface
name from the container name the name is possibly truncated. Thus, care needs to be taken to ensure
that interface names remain unique in this case, or even better container names are generally not
-@@ -1072,7 +1072,7 @@ After=sys-subsystem-net-devices-ens1.device</programlisting>
+@@ -1077,7 +1077,7 @@ After=sys-subsystem-net-devices-ens1.device</programlisting>
as argument. Note that <option>--network-bridge=</option> implies <option>--network-veth</option>. If
this option is used, the host side of the Ethernet link will use the <literal>vb-</literal> prefix
instead of <literal>ve-</literal>. Regardless of the used naming prefix the same network interface
@@ -615,7 +615,7 @@ index e7ceb94012..da11ab17c5 100644
<para>As with <option>--network-interface=</option>, the underlying bridge network interface must
diff --git a/man/systemd-nsresourced.service.xml b/man/systemd-nsresourced.service.xml
-index d0a561e492..d277da86ed 100644
+index 787312d858f..2fab6af6893 100644
--- a/man/systemd-nsresourced.service.xml
+++ b/man/systemd-nsresourced.service.xml
@@ -53,7 +53,7 @@
@@ -628,10 +628,10 @@ index d0a561e492..d277da86ed 100644
this is sufficient to implement fully unprivileged container environments, as implemented by
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, fully
diff --git a/man/systemd-oomd.service.xml b/man/systemd-oomd.service.xml
-index 51a9377ea0..f73ea68255 100644
+index 53a92509830..79c1cd2e554 100644
--- a/man/systemd-oomd.service.xml
+++ b/man/systemd-oomd.service.xml
-@@ -68,7 +68,7 @@
+@@ -74,7 +74,7 @@
is set to <constant>true</constant> in
<citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
@@ -641,7 +641,7 @@ index 51a9377ea0..f73ea68255 100644
<para>It is highly recommended for the system to have swap enabled for <command>systemd-oomd</command> to
function optimally. With swap enabled, the system spends enough time swapping pages to let
diff --git a/man/systemd-pstore.service.xml b/man/systemd-pstore.service.xml
-index 12c5459597..1e8722435f 100644
+index f3a879625f0..e9bb94ccd42 100644
--- a/man/systemd-pstore.service.xml
+++ b/man/systemd-pstore.service.xml
@@ -30,11 +30,11 @@
@@ -659,7 +659,7 @@ index 12c5459597..1e8722435f 100644
(currently the kernel stores the tail of the kernel log, which also contains a stack backtrace, into
pstore).</para>
diff --git a/man/systemd-resolved.service.xml b/man/systemd-resolved.service.xml
-index 13c0da987f..b87715c17d 100644
+index 2578eb0073b..a1af9ef712c 100644
--- a/man/systemd-resolved.service.xml
+++ b/man/systemd-resolved.service.xml
@@ -55,7 +55,7 @@
@@ -671,16 +671,16 @@ index 13c0da987f..b87715c17d 100644
expose DNSSEC validation status information however, and is synchronous only. This API is backed by the
glibc Name Service Switch
(<citerefentry project='man-pages'><refentrytitle>nss</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
-@@ -340,7 +340,7 @@ search foobar.com barbar.com
+@@ -342,7 +342,7 @@ search foobar.com barbar.com
<itemizedlist>
<listitem><para><command>systemd-resolved</command> maintains the
<filename>/run/systemd/resolve/stub-resolv.conf</filename> file for compatibility with traditional
- Linux programs. This file lists the 127.0.0.53 DNS stub (see above) as the only DNS server. It also
+ GNU/Linux programs. This file lists the 127.0.0.53 DNS stub (see above) as the only DNS server. It also
- contains a list of search domains that are in use by systemd-resolved. The list of search domains is
- always kept up-to-date. Note that <filename>/run/systemd/resolve/stub-resolv.conf</filename> should not
- be used directly by applications, but only through a symlink from
-@@ -356,7 +356,7 @@ search foobar.com barbar.com
+ contains a list of search domains that are in use by <command>systemd-resolved</command>. The list of
+ search domains is always kept up-to-date. Note that
+ <filename>/run/systemd/resolve/stub-resolv.conf</filename> should not be used directly by applications,
+@@ -358,7 +358,7 @@ search foobar.com barbar.com
</para></listitem>
<listitem><para><command>systemd-resolved</command> maintains the
@@ -690,10 +690,10 @@ index 13c0da987f..b87715c17d 100644
up-to-date, containing information about all known DNS servers. Note the file format's limitations: it
does not know a concept of per-interface DNS servers and hence only contains system-wide DNS server
diff --git a/man/systemd-sleep.conf.xml b/man/systemd-sleep.conf.xml
-index 623e614b6a..e42b3cc276 100644
+index c02b44f3de6..a15b5555eb9 100644
--- a/man/systemd-sleep.conf.xml
+++ b/man/systemd-sleep.conf.xml
-@@ -246,7 +246,7 @@
+@@ -263,7 +263,7 @@
<title>Example: freeze</title>
<para>Example: to exploit the <quote>freeze</quote> mode added
@@ -703,7 +703,7 @@ index 623e614b6a..e42b3cc276 100644
<programlisting>[Sleep]
SuspendState=freeze</programlisting></para>
diff --git a/man/systemd-stub.xml b/man/systemd-stub.xml
-index 2724c57ef9..f7356b8d0f 100644
+index 779867f4d6c..6e45e420763 100644
--- a/man/systemd-stub.xml
+++ b/man/systemd-stub.xml
@@ -48,7 +48,7 @@
@@ -714,9 +714,9 @@ index 2724c57ef9..f7356b8d0f 100644
+ system into the Linux kernel's world.</para>
<para>The UEFI boot stub looks for various resources for the kernel invocation inside the UEFI PE binary
- itself. This allows combining various resources inside a single PE binary image (usually called "Unified
+ itself. This allows combining various resources inside a single PE binary image (a "Unified Kernel Image"
diff --git a/man/systemd-sysext.xml b/man/systemd-sysext.xml
-index c9bbf49907..93f641850b 100644
+index b196503cd9b..98aa67c9e21 100644
--- a/man/systemd-sysext.xml
+++ b/man/systemd-sysext.xml
@@ -84,7 +84,7 @@
@@ -729,10 +729,10 @@ index c9bbf49907..93f641850b 100644
</orderedlist>
diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml
-index ae5b61b149..2ba51f293a 100644
+index 144bbfe1530..c96e716946c 100644
--- a/man/systemd-system.conf.xml
+++ b/man/systemd-system.conf.xml
-@@ -580,7 +580,7 @@
+@@ -290,7 +290,7 @@
<varlistentry>
<term><varname>DefaultOOMPolicy=</varname></term>
@@ -742,7 +742,7 @@ index ae5b61b149..2ba51f293a 100644
<varname>OOMPolicy=</varname> setting. See
<citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
diff --git a/man/systemd.automount.xml b/man/systemd.automount.xml
-index 20ae3c76df..f4f590d6c9 100644
+index 20ae3c76df4..f4f590d6c98 100644
--- a/man/systemd.automount.xml
+++ b/man/systemd.automount.xml
@@ -60,7 +60,7 @@
@@ -755,7 +755,7 @@ index 20ae3c76df..f4f590d6c9 100644
managers.</para>
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
-index 21527f756d..2865ec133d 100644
+index 14075cb4e7d..0d1d1bd48d8 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -42,7 +42,7 @@
@@ -776,7 +776,7 @@ index 21527f756d..2865ec133d 100644
that follows the
<ulink url="https://uapi-group.org/specifications/specs/discoverable_partitions_specification";>
Discoverable Partitions Specification</ulink>.</para>
-@@ -408,7 +408,7 @@
+@@ -425,7 +425,7 @@
unit's processes. This controls the <literal>subset=</literal> mount option of the
<literal>procfs</literal> instance for the unit. For further details see <ulink
url="https://docs.kernel.org/filesystems/proc.html#mount-options";>The /proc
@@ -785,7 +785,7 @@ index 21527f756d..2865ec133d 100644
which are made unavailable with this setting. Since these APIs are used frequently this option is
useful only in a few, specific cases, and is not suitable for most non-trivial programs.</para>
-@@ -627,7 +627,7 @@
+@@ -644,7 +644,7 @@
<literal>-</literal>, except for the first character which must be one of a-z, A-Z and
<literal>_</literal> (i.e. digits and <literal>-</literal> are not permitted as first character). The
user/group name must have at least one character, and at most 31. These restrictions are made in
@@ -794,7 +794,7 @@ index 21527f756d..2865ec133d 100644
systems. For further details on the names accepted and the names warned about see <ulink
url="https://systemd.io/USER_NAMES";>User/Group Name Syntax</ulink>.</para>
-@@ -966,13 +966,13 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
+@@ -986,13 +986,13 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
enforcement. For example, time limits specified for <varname>LimitCPU=</varname> will be rounded up
implicitly to multiples of 1s. For <varname>LimitNICE=</varname> the value may be specified in two
syntaxes: if prefixed with <literal>+</literal> or <literal>-</literal>, the value is understood as
@@ -810,7 +810,7 @@ index 21527f756d..2865ec133d 100644
controls listed in
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
over these per-process limits, as they apply to services as a whole, may be altered dynamically at
-@@ -1056,13 +1056,13 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
+@@ -1076,13 +1076,13 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
<entry>LimitRSS=</entry>
<entry>ulimit -m</entry>
<entry>Bytes</entry>
@@ -826,16 +826,16 @@ index 21527f756d..2865ec133d 100644
</row>
<row>
<entry>LimitAS=</entry>
-@@ -1318,7 +1318,7 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
+@@ -1338,7 +1338,7 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
<option>local</option>. A list of NUMA nodes that should be associated with the policy must be specified
in <varname>NUMAMask=</varname>. For more details on each policy please see,
<citerefentry><refentrytitle>set_mempolicy</refentrytitle><manvolnum>2</manvolnum></citerefentry>. For overall
- overview of NUMA support in Linux see,
-+ overview of NUMA support in GNU/Linux see
++ overview of NUMA support in GNU/Linux see,
<citerefentry project='man-pages'><refentrytitle>numa</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
</para>
-@@ -1654,7 +1654,7 @@ StateDirectory=aaa/bbb ccc</programlisting>
+@@ -1691,7 +1691,7 @@ StateDirectory=aaa/bbb ccc</programlisting>
order to provide writable subdirectories within read-only directories. Use
<varname>ReadWritePaths=</varname> in order to allow-list specific paths for write access if
<varname>ProtectSystem=strict</varname> is used. Note that <varname>ReadWritePaths=</varname> cannot
@@ -844,7 +844,7 @@ index 21527f756d..2865ec133d 100644
each mount point write access is granted only if the mount point itself <emphasis>and</emphasis> the
file system superblock backing it are not marked read-only. <varname>ReadWritePaths=</varname> only
controls the former, not the latter, hence a read-only file system superblock remains
-@@ -1847,7 +1847,7 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
+@@ -1891,7 +1891,7 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
<varlistentry>
<term><varname>NetworkNamespacePath=</varname></term>
@@ -853,7 +853,7 @@ index 21527f756d..2865ec133d 100644
pseudo-file (i.e. a file like <filename>/proc/$PID/ns/net</filename> or a bind mount or symlink to
one). When set the invoked processes are added to the network namespace referenced by that path. The
path has to point to a valid namespace file at the moment the processes are forked off. If this
-@@ -1881,7 +1881,7 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
+@@ -1925,7 +1925,7 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
<para>Note that IPC namespacing does not have an effect on
<constant>AF_UNIX</constant> sockets, which are the most common
@@ -862,7 +862,7 @@ index 21527f756d..2865ec133d 100644
sockets in the file system are subject to mount namespacing, and
those in the abstract namespace are subject to network namespacing.
IPC namespacing only has an effect on SysV IPC (which is mostly
-@@ -1905,7 +1905,7 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
+@@ -1949,7 +1949,7 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
<varlistentry>
<term><varname>IPCNamespacePath=</varname></term>
@@ -871,36 +871,25 @@ index 21527f756d..2865ec133d 100644
pseudo-file (i.e. a file like <filename>/proc/$PID/ns/ipc</filename> or a bind mount or symlink to
one). When set the invoked processes are added to the network namespace referenced by that path. The
path has to point to a valid namespace file at the moment the processes are forked off. If this
-@@ -2081,7 +2081,7 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
- <varlistentry>
+@@ -2161,7 +2161,7 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
<term><varname>ProtectControlGroups=</varname></term>
-- <listitem><para>Takes a boolean argument. If true, the Linux Control Groups (<citerefentry
-+ <listitem><para>Takes a boolean argument. If true, the Linux kernel Control Groups (<citerefentry
- project='man-pages'><refentrytitle>cgroups</refentrytitle><manvolnum>7</manvolnum></citerefentry>) hierarchies
+ <listitem><para>Takes a boolean argument or the special values <literal>private</literal> or
+- <literal>strict</literal>. If true, the Linux Control Groups (<citerefentry project='man-pages'>
++ <literal>strict</literal>. If true, the Linux kernel Control Groups (<citerefentry project='man-pages'>
+ <refentrytitle>cgroups</refentrytitle><manvolnum>7</manvolnum></citerefentry>) hierarchies
accessible through <filename>/sys/fs/cgroup/</filename> will be made read-only to all processes of the
- unit. Except for container managers no services should require write access to the control groups hierarchies;
-@@ -2228,8 +2228,8 @@ RestrictFileSystems=ext4</programlisting>
+ unit. If set to <literal>private</literal>, the unit will run in a cgroup namespace with a private
+@@ -2315,7 +2315,7 @@ RestrictFileSystems=ext4</programlisting>
<varlistentry>
<term><varname>RestrictNamespaces=</varname></term>
- <listitem><para>Restricts access to Linux namespace functionality for the processes of this unit. For details
-- about Linux namespaces, see <citerefentry
+ <listitem><para>Restricts access to Linux kernel namespace functionality for the processes of this unit. For details
-+ about Linux kernel namespaces, see <citerefentry
+ about Linux namespaces, see <citerefentry
project='man-pages'><refentrytitle>namespaces</refentrytitle><manvolnum>7</manvolnum></citerefentry>. Either
takes a boolean argument, or a space-separated list of namespace type identifiers. If false (the default), no
- restrictions on namespace creation and switching are made. If true, access to any kind of namespacing is
-@@ -3224,7 +3224,7 @@ StandardInputData=V2XigLJyZSBubyBzdHJhbmdlcnMgdG8gbG92ZQpZb3Uga25vdyB0aGUgcnVsZX
- <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- for details about journal namespaces.</para>
-
-- <para>Internally, journal namespaces are implemented through Linux mount namespacing and
-+ <para>Internally, journal namespaces are implemented through Linux kernel mount namespacing and
- over-mounting the directory that contains the relevant <constant>AF_UNIX</constant> sockets used for
- logging in the unit's mount namespace. Since mount namespaces are used this setting disconnects
- propagation of mounts from the unit's processes to the host, similarly to how
-@@ -4485,7 +4485,7 @@ StandardInputData=V2XigLJyZSBubyBzdHJhbmdlcnMgdG8gbG92ZQpZb3Uga25vdyB0aGUgcnVsZX
+@@ -4614,7 +4614,7 @@ StandardInputData=V2XigLJyZSBubyBzdHJhbmdlcnMgdG8gbG92ZQpZb3Uga25vdyB0aGUgcnVsZX
</tgroup>
</table>
@@ -910,10 +899,10 @@ index 21527f756d..2865ec133d 100644
<table>
<title>BSD exit codes</title>
diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml
-index 4fba788950..71efbee6ac 100644
+index 4e65885295a..553a80d2447 100644
--- a/man/systemd.netdev.xml
+++ b/man/systemd.netdev.xml
-@@ -515,7 +515,7 @@
+@@ -531,7 +531,7 @@
<term><varname>EgressQOSMaps=</varname></term>
<term><varname>IngressQOSMaps=</varname></term>
<listitem>
@@ -923,19 +912,19 @@ index 4fba788950..71efbee6ac 100644
whitespace-separated list of integer pairs, where each integer must be in the range
1…4294967294, in the format <literal>from</literal>-<literal>to</literal>, e.g.,
diff --git a/man/systemd.network.xml b/man/systemd.network.xml
-index b0efd62dbd..b9dbba28f6 100644
+index 32cfb207e0e..bd1e2b6c1ff 100644
--- a/man/systemd.network.xml
+++ b/man/systemd.network.xml
-@@ -1404,7 +1404,7 @@ Table=1234</programlisting></para>
+@@ -1455,7 +1455,7 @@ DuplicateAddressDetection=none</programlisting></para>
<para>Takes a boolean. Joining multicast group on ethernet level via
<command>ip maddr</command> command would not work if we have an Ethernet switch that does
IGMP snooping since the switch would not replicate multicast packets on ports that did not
- have IGMP reports for the multicast addresses. Linux vxlan interfaces created via
+ have IGMP reports for the multicast addresses. Linux kernel vxlan interfaces created via
- <command>ip link add vxlan</command> or networkd's netdev kind vxlan have the group option
- that enables them to do the required join. By extending <command>ip address</command> command
- with option <literal>autojoin</literal> we can get similar functionality for openvswitch (OVS)
-@@ -1420,7 +1420,7 @@ Table=1234</programlisting></para>
+ <command>ip link add vxlan</command> or <command>systemd-networkd</command>'s netdev kind vxlan
+ have the group option that enables them to do the required join. By extending
+ <command>ip address</command> command with option <literal>autojoin</literal> we can get similar
+@@ -1471,7 +1471,7 @@ DuplicateAddressDetection=none</programlisting></para>
<listitem>
<para>This setting provides a method for integrating static and dynamic network configuration into
@@ -944,7 +933,7 @@ index b0efd62dbd..b9dbba28f6 100644
used by <ulink url="https://en.wikipedia.org/wiki/Linux_Security_Modules";>Linux Security Modules
(LSMs)</ulink> for network access control. The label, with suitable LSM rules, can be used to
control connectivity of (for example) a service with peers in the local network. At least with
-@@ -1441,7 +1441,7 @@ Table=1234</programlisting></para>
+@@ -1492,7 +1492,7 @@ DuplicateAddressDetection=none</programlisting></para>
<warning>
<para>Once labeling is enabled for network traffic, a lot of LSM access control points in
@@ -953,7 +942,7 @@ index b0efd62dbd..b9dbba28f6 100644
situation where for example remote connectivity is broken, when the security policy hasn't been
updated to consider LSM per-packet access controls and no rules would allow any network
traffic. Also note that additional configuration with <citerefentry
-@@ -2468,7 +2468,7 @@ NFTSet=prefix:netdev:filter:eth_ipv4_prefix</programlisting>
+@@ -2534,7 +2534,7 @@ NFTSet=prefix:netdev:filter:eth_ipv4_prefix</programlisting>
<varlistentry>
<term><varname>SocketPriority=</varname></term>
<listitem>
@@ -963,7 +952,7 @@ index b0efd62dbd..b9dbba28f6 100644
More details about <constant>SO_PRIORITY</constant> socket option in
<citerefentry project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
diff --git a/man/systemd.nspawn.xml b/man/systemd.nspawn.xml
-index 591933a10c..bcf83b9cd3 100644
+index 591933a10cc..bcf83b9cd36 100644
--- a/man/systemd.nspawn.xml
+++ b/man/systemd.nspawn.xml
@@ -191,7 +191,7 @@
@@ -985,7 +974,7 @@ index 591933a10c..bcf83b9cd3 100644
<citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
for details). The <varname>AmbientCapability=</varname> setting
diff --git a/man/systemd.resource-control.xml b/man/systemd.resource-control.xml
-index 3773a38d62..f269afb48e 100644
+index 5ad9793c7a2..448df0e4c3a 100644
--- a/man/systemd.resource-control.xml
+++ b/man/systemd.resource-control.xml
@@ -34,7 +34,7 @@
@@ -998,10 +987,10 @@ index 3773a38d62..f269afb48e 100644
resource management.</para>
diff --git a/man/systemd.service.xml b/man/systemd.service.xml
-index 58439dfa6e..f0199ff37b 100644
+index 2bb7d05189a..701a259a6ae 100644
--- a/man/systemd.service.xml
+++ b/man/systemd.service.xml
-@@ -1226,7 +1226,7 @@
+@@ -1250,7 +1250,7 @@
<listitem><para>Configure the out-of-memory (OOM) killing policy for the kernel and the userspace OOM
killer
<citerefentry><refentrytitle>systemd-oomd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
@@ -1010,7 +999,7 @@ index 58439dfa6e..f0199ff37b 100644
itself, it might decide to kill a running process in order to free up memory and reduce memory
pressure. Note that <filename>systemd-oomd.service</filename> is a more flexible solution that aims
to prevent out-of-memory situations for the userspace too, not just the kernel, by attempting to
-@@ -1248,7 +1248,7 @@
+@@ -1272,7 +1272,7 @@
<constant>continue</constant>.</para>
<para>Use the <varname>OOMScoreAdjust=</varname> setting to configure whether processes of the unit
@@ -1020,7 +1009,7 @@ index 58439dfa6e..f0199ff37b 100644
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
details.</para>
diff --git a/man/systemd.slice.xml b/man/systemd.slice.xml
-index a5987a3a45..ecfa7c4af4 100644
+index a5987a3a455..ecfa7c4af4a 100644
--- a/man/systemd.slice.xml
+++ b/man/systemd.slice.xml
@@ -28,7 +28,7 @@
@@ -1033,7 +1022,7 @@ index a5987a3a45..ecfa7c4af4 100644
apply to all processes of all units contained in that slice. Slices are organized hierarchically in a tree. The
name of the slice encodes the location in the tree. The name consists of a dash-separated series of names, which
diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml
-index a944efad3b..061659c89b 100644
+index bbcd7f051a3..9c046a909c9 100644
--- a/man/systemd.socket.xml
+++ b/man/systemd.socket.xml
@@ -294,7 +294,7 @@
@@ -1046,7 +1035,7 @@ index a944efad3b..061659c89b 100644
</varlistentry>
diff --git a/man/systemd.swap.xml b/man/systemd.swap.xml
-index f5e3c0742b..889b55881e 100644
+index 2b65ba68f3f..cfa03470870 100644
--- a/man/systemd.swap.xml
+++ b/man/systemd.swap.xml
@@ -58,7 +58,7 @@
@@ -1059,7 +1048,7 @@ index f5e3c0742b..889b55881e 100644
</refsect1>
diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml
-index 919e641c5c..1fe4ad9d5b 100644
+index d44eb028ca9..5fa40d6b48c 100644
--- a/man/systemd.unit.xml
+++ b/man/systemd.unit.xml
@@ -1557,7 +1557,7 @@
@@ -1072,7 +1061,7 @@ index 919e641c5c..1fe4ad9d5b 100644
<row>
<entry>uefi-secureboot</entry>
diff --git a/man/systemd.xml b/man/systemd.xml
-index f4aa7e06ca..f44068046d 100644
+index d11c601a88f..1a6fb5bedda 100644
--- a/man/systemd.xml
+++ b/man/systemd.xml
@@ -37,7 +37,7 @@
@@ -1084,7 +1073,7 @@ index f4aa7e06ca..f44068046d 100644
boot (as PID 1), it acts as init system that brings up and maintains userspace services. Separate
instances are started for logged-in users to start their services.</para>
-@@ -231,7 +231,7 @@
+@@ -223,7 +223,7 @@
memory its accounting data is flushed out too. However, this data is generally not lost, as a journal log record
is generated declaring the consumed resources whenever a unit shuts down.</para>
@@ -1103,10 +1092,10 @@ index f4aa7e06ca..f44068046d 100644
the Options section above. If run outside of Linux containers, these arguments are parsed from
<filename>/proc/cmdline</filename> and from the <literal>SystemdOptions</literal> EFI variable
diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml
-index e0baf3824c..9f085f383d 100644
+index 8fb7aca7c61..857b70d8887 100644
--- a/man/tmpfiles.d.xml
+++ b/man/tmpfiles.d.xml
-@@ -415,7 +415,7 @@ L /tmp/foobar - - - - /dev/null</programlisting>
+@@ -413,7 +413,7 @@ L /tmp/foobar - - - - /dev/null</programlisting>
names. This can be useful for setting SMACK labels. Does not follow symlinks.</para>
<para>Please note that extended attributes settable with this line type are a different concept
@@ -1115,7 +1104,7 @@ index e0baf3824c..9f085f383d 100644
below.</para>
<xi:include href="version-info.xml" xpointer="v218"/></listitem>
-@@ -430,7 +430,7 @@ L /tmp/foobar - - - - /dev/null</programlisting>
+@@ -428,7 +428,7 @@ L /tmp/foobar - - - - /dev/null</programlisting>
<varlistentry>
<term><varname>h</varname></term>
@@ -1124,7 +1113,7 @@ index e0baf3824c..9f085f383d 100644
place of normal path names.</para>
<para>The format of the argument field is <varname>[+-=][aAcCdDeijPsStTu]</varname>. The prefix
-@@ -446,7 +446,7 @@ L /tmp/foobar - - - - /dev/null</programlisting>
+@@ -444,7 +444,7 @@ L /tmp/foobar - - - - /dev/null</programlisting>
corresponding to the letters listed here. All other attributes will be left untouched. Does not
follow symlinks.</para>
@@ -1134,10 +1123,10 @@ index e0baf3824c..9f085f383d 100644
see above.</para></listitem>
</varlistentry>
diff --git a/man/ukify.xml b/man/ukify.xml
-index bf6f328536..c7e5cb6ffe 100644
+index fc68d837720..f28b3009bce 100644
--- a/man/ukify.xml
+++ b/man/ukify.xml
-@@ -478,7 +478,7 @@
+@@ -575,7 +575,7 @@
<term><option>--sign-kernel</option></term>
<term><option>--no-sign-kernel</option></term>
@@ -1146,12 +1135,12 @@ index bf6f328536..c7e5cb6ffe 100644
embedded in the combined image. If not specified, it will be signed if a SecureBoot signing key is
provided via the
<varname>SecureBootPrivateKey=</varname>/<option>--secureboot-private-key=</option> option and the
-@@ -604,7 +604,7 @@
+@@ -684,7 +684,7 @@
<constant>enter-initrd</constant> phase) with the key
- <filename index='false'>pcr-private-initrd-key.pem</filename>, and for the main system (phases
+ <filename index='false'>tpm2-pcr-private-key-initrd.pem</filename>, and for the main system (phases
<constant>leave-initrd</constant>, <constant>sysinit</constant>, <constant>ready</constant>) with the
-- key <filename index='false'>pcr-private-system-key.pem</filename>. The Linux binary and the resulting
-+ key <filename index='false'>pcr-private-system-key.pem</filename>. The Linux kernel binary and the resulting
+- key <filename index='false'>tpm2-pcr-private-key-system.pem</filename>. The Linux binary and the resulting
++ key <filename index='false'>tpm2-pcr-private-key-system.pem</filename>. The Linux kernel binary and the resulting
combined image will be signed with the SecureBoot key <filename index='false'>sb.key</filename>.</para>
</example>
diff --git a/libre/systemd/30-systemd-restart-marked.hook b/libre/systemd/30-systemd-restart-marked.hook
new file mode 100644
index 000000000..9f62fd061
--- /dev/null
+++ b/libre/systemd/30-systemd-restart-marked.hook
@@ -0,0 +1,9 @@
+[Trigger]
+Type = Path
+Operation = Upgrade
+Target = usr/lib/systemd/system/*
+
+[Action]
+Description = Restarting marked services...
+When = PostTransaction
+Exec = /usr/share/libalpm/scripts/systemd-hook restart-marked
diff --git a/libre/systemd/PKGBUILD b/libre/systemd/PKGBUILD
index 9863add77..c141e65bb 100644
--- a/libre/systemd/PKGBUILD
+++ b/libre/systemd/PKGBUILD
@@ -3,6 +3,7 @@
# Contributor: Omar Vega Ramos <[email protected]>
# Contributor: Denis 'GNUtoo' Carikli <[email protected]>
# Contributor: bill-auger <[email protected]>
+# Contributor: Martin Sotirov <[email protected]>
# Tips for the maintainer (i.e.: future me?):
#
@@ -85,17 +86,17 @@ pkgname=('systemd'
'systemd-libs'
'systemd-resolvconf'
'systemd-sysvcompat'
+ 'systemd-tests'
'systemd-ukify')
-pkgname+=('systemd-common' 'systemd-udev' 'systemd-boot' 'systemd-tests')
+pkgname+=('systemd-common' 'systemd-udev' 'systemd-boot')
# We split Arch's systemd-libs into systemd-$X, for the following $X:
_systemd_libs=('libsystemd' 'libudev' 'nss-systemd' 'nss-myhostname' 'nss-mymachines' 'nss-resolve')
pkgname+=("${_systemd_libs[@]/#/systemd-}")
-_tag='256.5'
# Upstream versioning is incompatible with pacman's version comparisons, one
-# way or another. So we replace dashes and tildes with the empty string to
-# make sure pacman's version comparing does the right thing for rc versions:
-pkgver="${_tag/[-~]/}"
-pkgrel=1
+# way or another. We use proper version for pacman here (no dash for rc
+# release!), and change in source array below.
+pkgver='257.5'
+pkgrel=2
pkgrel+=.parabola1
arch=('x86_64')
arch+=('i686' 'armv7h' 'ppc64le')
@@ -108,16 +109,22 @@ makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam' 'libelf'
'meson' 'libseccomp' 'pcre2' 'audit' 'kexec-tools' 'libxkbcommon'
'bash-completion' 'p11-kit' 'systemd' 'libfido2' 'tpm2-tss' 'rsync'
'bpf' 'libbpf' 'clang' 'llvm' 'curl' 'gnutls' 'python-pyelftools'
- 'libpwquality' 'qrencode' 'lib32-gcc-libs' 'python-pefile')
+ 'libpwquality' 'qrencode' 'lib32-gcc-libs' 'python-pefile' 'linux-headers')
makedepends=(${makedepends[*]/lib32-gcc-libs}) # only include lib32-gcc-libs on x86_64
makedepends_x86_64=('lib32-gcc-libs')
makedepends+=('jq') # Parabola: For _lib_deps()
+
+makedepends=(${makedepends[*]/linux-headers/})
+makedepends+=('linux-libre-vanilla-headers')
+
conflicts=("mkinitcpio<38-1")
validpgpkeys=('63CDA1E5D3FC22B998D20DD6327F26951A015CC4' # Lennart Poettering <[email protected]>
'A9EA9081724FFAE0484C35A1A81CEA22BC8C7E2E' # Luca Boccassi <[email protected]>
'9A774DB5DB996C154EBBFBFDA0099A18E29326E1' # Yu Watanabe <[email protected]>
'5C251B5FC54EB2F80F407AAAC54CA336CFEB557E') # Zbigniew Jędrzejewski-Szmek <[email protected]>
-source=("git+https://github.com/systemd/systemd#tag=v${_tag}?signed";
+# For pacman's version comparisons $pkgver is missing the dash that would be
+# in an upstream rc version so add it back when fetching the tag from github.
+source=("git+https://github.com/systemd/systemd#tag=v${pkgver/rc/-rc}?signed";
'0001-Use-Arch-Linux-device-access-groups.patch'
'0001-FSDG-bootctl-Say-Systemd-Boot-Manager-instead-of-Lin.patch'
'0002-FSDG-os-release-Default-PRETTY_NAME-to-GNU-Linux-ins.patch'
@@ -140,73 +147,64 @@ source=("git+https://github.com/systemd/systemd#tag=v${_tag}?signed";
'30-systemd-daemon-reload-system.hook'
'30-systemd-daemon-reload-user.hook'
'30-systemd-hwdb.hook'
+ '30-systemd-restart-marked.hook'
'30-systemd-sysctl.hook'
'30-systemd-tmpfiles.hook'
'30-systemd-udev-reload.hook'
'30-systemd-update.hook')
-sha512sums=('493daf7c4d80b5c3c2f90822f0aa18cd2f9c8c5de950f71947a8b1ef2bada1b0b163ec5d850bab48ae46426694838041bbe1ee00920e384080b2a2625bf68ef5'
- '3ccf783c28f7a1c857120abac4002ca91ae1f92205dcd5a84aff515d57e706a3f9240d75a0a67cff5085716885e06e62597baa86897f298662ec36a940cf410e'
- '28bf5c24c962dc4aafc3838e6a8dd2bf2c05e44c15d018ea50a0b374b1741ebdd4dbe1df56bb5e2f32bc4d3fa8573b5a02004e475272f7949468706ce0c77f0e'
- 'a92a37e41a611dfc63417c641347d1c1784373d8100f5e999de3c7bc0c2ae9d9034f3daa08741a271447b35c7b2b786715b4bd0156d3f177cc51d1d1c64f43a9'
+
+sha512sums=('41b3a09f710a7801cec2d89a245c7ac06977aa91e133b72464179ab74c682f0a10320483ea48ebe774e0dc8d57bc453198cf91915d74ceda672379a4c06e77f8'
+ '78065bde708118b7d6e4ed492e096c763e4679a1c54bd98750d5d609d8cc2f1373023f308880f14fc923ae7f9fea34824917ef884c0f996b1f43d08ef022c0fb'
+ '733e1930d769d9f3cc0c1d52b7bc02c0a85f530b53a7a4c69a943f93f2bfb2d3dd8917a1015f87219355054c35b11bcc81a4bd0e9a8287998ed0db4f86f667fa'
+ '7136b72be988f098c02b4735367173536352bb089996a72c05d5111a4dbf2c55b95c53210299616184c2f753d753d5f03abf6dc4afde0b20e7925f2dbfbe1e8c'
'6885e3a04e53d2cd40475e3853394b2a97795c55fa4c8c696aff1f33a5f55400ddffbed710d70591a8c4e3bd2f46417d76dcdc19bca386a8e88e604dbf0b473d'
'846767c26613ebf91d8a25b69f92a50a056ae2908165c09af187159fae7da1617718ad23bd0b02ef08809630b5bd90c11cdb5f4bb8e7ec2c663156f68b18fa22'
'f3d77a2e66598e6b9875522e7541da4a3238234ad5beee134186ba230a352adb51a089709e949cde7d8ed4c6857680a4fea806f70c7d1cc15dd95bd8efe5c535'
'437c42469341caf18d74dd86f19b940a029f225c59321b3081eadb7116e1c1a2fbf71ac245cdf78610bf816dc4afc933db94fbd0e005d9569442f52009329df6'
- 'ec6a43d1297de5b0531b76615a394e616d72f3d434584c2c7119d17e9ab49fc58904ec4fb5cdff71cf8739403ce76cf60b884644e7908db9bfa776b41825bbf7'
+ '82ea15ee384fb1e975573e414879ebcf10396d4466d57ee0ed437dfa185f44adc1d7e5dbb30f8bb2d72cf5cadefd8eb7f84b4a51d9d5a5b2ede4fa011d658114'
'70b3f1d6aaa9cd4b6b34055a587554770c34194100b17b2ef3aaf4f16f68da0865f6b3ae443b3252d395e80efabd412b763259ffb76c902b60e23b6b522e3cc8'
'6c6f579644ea2ebb6b46ee274ab15110718b0de40def8c30173ba8480b045d403f2aedd15b50ad9b96453f4ad56920d1350ff76563755bb9a80b10fa7f64f1d9'
'a50bc85061a9a16d776235099867bc1a17c17dddb74c1ecf5614c849735a9779c5e34e5ddca8ca6af4b59a40f57c08ecf219b98cab09476ddb0f110e6a35e45c'
'b90c99d768dc2a4f020ba854edf45ccf1b86a09d2f66e475de21fe589ff7e32c33ef4aa0876d7f1864491488fd7edb2682fc0d68e83a6d4890a0778dc2d6fe19'
- '3cb8f88c1bffc753d0c540be5d25a0fdb9224478cca64743b5663340f2f26b197775286e6e680228db54c614dcd11da1135e625674a622127681662bec4fa886'
+ '81baa1ae439b0f4d1f09371a82c02db06a97a4fc35545fc2654f7905b4422fc8cf085f70304919a4323f39e662df1e05aa8d977d1dde73507527abe3072c386b'
'299dcc7094ce53474521356647bdd2fb069731c08d14a872a425412fcd72da840727a23664b12d95465bf313e8e8297da31259508d1c62cc2dcea596160e21c5'
'0d6bc3d928cfafe4e4e0bc04dbb95c5d2b078573e4f9e0576e7f53a8fab08a7077202f575d74a3960248c4904b5f7f0661bf17dbe163c524ab51dd30e3cb80f7'
'2b50b25e8680878f7974fa9d519df7e141ca11c4bfe84a92a5d01bb193f034b1726ea05b3c0030bad1fbda8dbb78bf1dc7b73859053581b55ba813c39b27d9dc'
'a436d3f5126c6c0d6b58c6865e7bd38dbfbfb7babe017eeecb5e9d162c21902cbf4e0a68cf3ac2f99815106f9fa003b075bd2b4eb5d16333fa913df6e2f3e32a'
'190112e38d5a5c0ca91b89cd58f95595262a551530a16546e1d84700fc9644aa2ca677953ffff655261e8a7bff6e6af4e431424df5f13c00bc90b77c421bc32d'
'a1661ab946c6cd7d3c6251a2a9fd68afe231db58ce33c92c42594aedb5629be8f299ba08a34713327b373a3badd1554a150343d8d3e5dfb102999c281bd49154'
+ 'f6b154fdc612916d7788720cf703e34255b43ba2d19413de5f3f63f07508f4ce561ca138f987c2118c7128e1dfb01976b0ac7d5efee4d9ebaadd180e70fa013e'
'9426829605bbb9e65002437e02ed54e35c20fdf94706770a3dc1049da634147906d6b98bf7f5e7516c84068396a12c6feaf72f92b51bdf19715e0f64620319de'
'da7a97d5d3701c70dd5388b0440da39006ee4991ce174777931fea2aa8c90846a622b2b911f02ae4d5fffb92680d9a7e211c308f0f99c04896278e2ee0d9a4dc'
'a50d202a9c2e91a4450b45c227b295e1840cc99a5e545715d69c8af789ea3dd95a03a30f050d52855cabdc9183d4688c1b534eaa755ebe93616f9d192a855ee3'
'825b9dd0167c072ba62cabe0677e7cd20f2b4b850328022540f122689d8b25315005fa98ce867cf6e7460b2b26df16b88bb3b5c9ebf721746dce4e2271af7b97')
_meson_version="${pkgver}-${pkgrel}"
-_meson_vcs_tag='false'
-_meson_mode='release'
-_meson_compile=()
-_meson_install=()
+_systemd_src_dir="${pkgbase}"
if ((_systemd_UPSTREAM)); then
_meson_version="${pkgver}"
- _meson_vcs_tag='true'
- _meson_mode='developer'
- pkgname+=('systemd-tests')
- if ((_systemd_QUIET)); then
- _meson_install=('--quiet')
- else
- _meson_compile=('--verbose')
- fi
+fi
+
+# Some heuristics to detect that we are building on OBS, with no network access. Skip
+# git verification, and use the OBS-provided tarball instead. The sources will be
+# unpacked by OBS in $package-$version/
+if [ -f /.build/build.dist ] && [ -d /usr/src/packages/SOURCES ] && [ -d /usr/src/packages/BUILD ] && [ -d /usr/src/packages/OTHER ]; then
+ source[0]="$(find . -name "${pkgbase}-${pkgver}.tar.*" -print -quit)"
+ sha512sums[0]='SKIP'
+ _systemd_src_dir="${pkgbase}-${pkgver}"
fi
_backports=(
+ # fast-forward to current v257-stable
+ "v${pkgver}..1fb1f637baa979fd58fef67ea72b3e7255a99e21"
)
_reverts=(
)
prepare() {
- cd "${pkgbase}"
-
- local _c _l
- for _c in "${_backports[@]}"; do
- if [[ "${_c}" == *..* ]]; then _l='--reverse'; else _l='--max-count=1'; fi
- git log --oneline "${_l}" "${_c}"
- git cherry-pick --mainline 1 --no-commit "${_c}"
- done
- for _c in "${_reverts[@]}"; do
- if [[ "${_c}" == *..* ]]; then _l='--reverse'; else _l='--max-count=1'; fi
- git log --oneline "${_l}" "${_c}"
- git revert --mainline 1 --no-commit "${_c}"
- done
+ cd "${_systemd_src_dir}"
# Replace cdrom/dialout/tape groups with optical/uucp/storage
patch -Np1 -i ../0001-Use-Arch-Linux-device-access-groups.patch
@@ -220,6 +218,23 @@ prepare() {
# avoid the warning and non-zero exit per mkinitcpio::install/consolefont
echo "FONT=sun12x22" >> factory/templates/vconsole.conf.in
+
+ # return if not a git repository
+ if ! git status >/dev/null 2>&1; then
+ return
+ fi
+
+ local _c _l
+ for _c in "${_backports[@]}"; do
+ if [[ "${_c}" == *..* ]]; then _l='--reverse'; else _l='--max-count=1'; fi
+ git log --oneline "${_l}" "${_c}"
+ git cherry-pick --mainline 1 --no-commit "${_c}"
+ done
+ for _c in "${_reverts[@]}"; do
+ if [[ "${_c}" == *..* ]]; then _l='--reverse'; else _l='--max-count=1'; fi
+ git log --oneline "${_l}" "${_c}"
+ git revert --mainline 1 --no-commit "${_c}"
+ done
}
build() {
@@ -239,9 +254,9 @@ build() {
local _meson_options=(
-Dversion-tag="${_meson_version}-parabola"
- -Dvcs-tag="${_meson_vcs_tag}"
+ -Dvcs-tag=false
-Dshared-lib-tag="${_meson_version}"
- -Dmode="${_meson_mode}"
+ -Dmode=release
-Dapparmor=disabled
-Dbootloader=enabled
@@ -252,15 +267,16 @@ build() {
-Dlibidn2=enabled
-Dlz4=enabled
-Dman=enabled
- -Dnscd=false
-Dselinux=disabled
+ -Dsshdprivsepdir=/usr/share/empty.sshd
+ -Dvmlinux-h=provided
+ -Dvmlinux-h-path=/usr/src/linux-libre-vanilla/vmlinux.h
# We disable DNSSEC by default, it still causes trouble:
# https://github.com/systemd/systemd/issues/10579
-Ddbuspolicydir=/usr/share/dbus-1/system.d
-Ddefault-dnssec=no
- -Ddefault-hierarchy=unified
-Ddefault-kill-user-processes=false
-Ddefault-locale='C.UTF-8'
-Dlocalegen-path=/usr/bin/locale-gen
@@ -280,9 +296,9 @@ build() {
-Dsbat-distro-url="https://www.parabola.nu/packages/libre/${CARCH}/${pkgname}/";
)
- arch-meson "${pkgbase}" build "${_meson_options[@]}" $MESON_EXTRA_CONFIGURE_OPTIONS
+ arch-meson "${_systemd_src_dir}" build "${_meson_options[@]}" $MESON_EXTRA_CONFIGURE_OPTIONS
- meson compile -C build "${_meson_compile[@]}"
+ meson compile -C build
}
check() {
@@ -485,7 +501,7 @@ package_systemd() {
etc/udev/udev.conf)
install=systemd.install
- meson install -C build --destdir "$pkgdir" "${_meson_install[@]}"
+ meson install -C build --no-rebuild --destdir "$pkgdir" --quiet
# split
(
diff --git a/libre/systemd/systemd-hook b/libre/systemd/systemd-hook
index d64341fd3..07f20e733 100644
--- a/libre/systemd/systemd-hook
+++ b/libre/systemd/systemd-hook
@@ -1,6 +1,6 @@
#!/bin/sh -e
-is_chrooted() {
+skip_chrooted() {
if systemd-detect-virt --chroot; then
echo >&2 " Skipped: Running in chroot."
exit 0
@@ -8,15 +8,17 @@ is_chrooted() {
}
systemd_live() {
- is_chrooted
- if [ ! -d /run/systemd/system ]; then
+ skip_chrooted
+
+ if ! systemd-notify --booted >/dev/null 2>&1; then
echo >&2 " Skipped: Current root is not booted."
exit 0
fi
}
udevd_live() {
- is_chrooted
+ skip_chrooted
+
if [ ! -S /run/udev/control ]; then
echo >&2 " Skipped: Device manager is not running."
exit 0
@@ -39,7 +41,7 @@ case "$op" in
;;
daemon-reload-user)
systemd_live
- /usr/bin/systemctl kill --kill-whom='main' --signal='SIGHUP' 'user@*.service'
+ /usr/bin/systemctl reload 'user@*.service'
;;
hwdb)
/usr/bin/systemd-hwdb --usr update
@@ -66,6 +68,12 @@ case "$op" in
fi
;;
+ # marked with 'systemctl set-property ... Markers=needs-restart'
+ restart-marked)
+ systemd_live
+ /usr/bin/systemctl reload-or-restart --marked
+ ;;
+
# For use by other packages
reload)
systemd_live
diff --git a/libre/systemd/systemd.install b/libre/systemd/systemd.install
index 1b9c6e259..33e9d0e6e 100644
--- a/libre/systemd/systemd.install
+++ b/libre/systemd/systemd.install
@@ -4,10 +4,11 @@ sd_booted() {
[[ -d run/systemd/system && ! -L run/systemd/system ]]
}
-add_journal_acls() {
- # ignore errors, since the filesystem might not support ACLs
- setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx var/log/journal/ 2>/dev/null
- :
+services_needing_restart() {
+ systemctl list-units --state=running --plain --quiet 'systemd-*.service' \
+ | cut -d' ' -f1 \
+ | grep -Ev '^systemd-(logind|networkd)\.service$' \
+ | grep -Ev '^systemd-.*@.*\.service$'
}
post_common() {
@@ -24,8 +25,6 @@ post_install() {
post_common "$@"
- add_journal_acls
-
# enable some services by default, but don't track them
systemctl enable \
[email protected] \
@@ -41,8 +40,16 @@ post_upgrade() {
post_common "$@"
if sd_booted; then
+ # reexec systemd system instance
systemctl --system daemon-reexec
- systemctl kill --kill-whom='main' --signal='SIGRTMIN+25' 'user@*.service'
+
+ # reexec systemd user instances
+ systemctl reload 'user@*.service'
+
+ # mark systemd services for later restart
+ for UNIT in $(services_needing_restart); do
+ systemctl set-property --runtime "${UNIT}" Markers=needs-restart
+ done
fi
# show for feature release: 255 -> 256 -> 257 -> ...
--
2.49.0
_______________________________________________
Dev mailing list
[email protected]
https://lists.parabola.nu/mailman/listinfo/dev
