A System and Service Manager
CentOS Sources
2016-11-03 1abbeecfa4b0d6d176beddb7d0f09518a37d4ce1
import systemd-219-30.el7
130 files added
7 files modified
21 files renamed
19914 ■■■■■ changed files
SOURCES/0258-run-synchronously-wait-until-the-scope-unit-we-creat.patch 4 ●●●● patch | view | raw | blame | history
SOURCES/0259-device-rework-how-we-enter-tentative-state.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0260-core-Do-not-bind-a-mount-unit-to-a-device-if-it-was-.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0261-logind-set-RemoveIPC-no-by-default.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0262-sysv-generator-follow-symlinks-in-etc-rc.d-init.d.patch 4 ●●●● patch | view | raw | blame | history
SOURCES/0263-sysv-generator-test-always-log-to-console.patch 3 ●●●● patch | view | raw | blame | history
SOURCES/0264-man-RemoveIPC-is-set-to-no-on-rhel.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0265-Avoid-tmp-being-mounted-as-tmpfs-without-the-user-s-.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0266-test-sysv-generator-Check-for-network-online.target.patch 3 ●●●● patch | view | raw | blame | history
SOURCES/0267-makefile-disable-udev-tests.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0268-arm-aarch64-detect-virt-check-dmi.patch 40 ●●●●● patch | view | raw | blame | history
SOURCES/0269-detect-virt-dmi-look-for-KVM.patch 40 ●●●●● patch | view | raw | blame | history
SOURCES/0270-Revert-journald-turn-ForwardToSyslog-off-by-default.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0271-terminal-util-when-resetting-terminals-don-t-wait-fo.patch 75 ●●●●● patch | view | raw | blame | history
SOURCES/0272-basic-terminal-util-introduce-SYSTEMD_COLORS-environ.patch 154 ●●●●● patch | view | raw | blame | history
SOURCES/0273-ask-password-don-t-abort-when-message-is-missing.patch 35 ●●●●● patch | view | raw | blame | history
SOURCES/0274-sysv-generator-do-not-join-dependencies-on-one-line-.patch 135 ●●●●● patch | view | raw | blame | history
SOURCES/0275-udev-fibre-channel-fix-NPIV-support.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0276-ata_id-unreverse-WWN-identifier.patch 4 ●●●● patch | view | raw | blame | history
SOURCES/0277-Fixup-WWN-bytes-for-big-endian-systems.patch 4 ●●●● patch | view | raw | blame | history
SOURCES/0278-sd-journal-introduce-has_runtime_files-and-has_persi.patch 276 ●●●●● patch | view | raw | blame | history
SOURCES/0279-journalctl-improve-error-messages-when-the-specified.patch 31 ●●●●● patch | view | raw | blame | history
SOURCES/0280-journalctl-show-friendly-info-when-using-b-on-runtim.patch 33 ●●●●● patch | view | raw | blame | history
SOURCES/0281-journalctl-make-journalctl-dev-sda-work.patch 206 ●●●●● patch | view | raw | blame | history
SOURCES/0282-journalctl-add-match-for-the-current-boot-when-calle.patch 27 ●●●●● patch | view | raw | blame | history
SOURCES/0283-man-clarify-what-happens-when-journalctl-is-called-w.patch 33 ●●●●● patch | view | raw | blame | history
SOURCES/0284-core-downgrade-warning-about-duplicate-device-names.patch 26 ●●●●● patch | view | raw | blame | history
SOURCES/0285-udev-downgrade-a-few-warnings-to-debug-messages.patch 44 ●●●●● patch | view | raw | blame | history
SOURCES/0286-man-LEVEL-in-systemd-analyze-set-log-level-is-not-op.patch 26 ●●●●● patch | view | raw | blame | history
SOURCES/0287-Revert-udev-fibre-channel-fix-NPIV-support.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0288-udev-path-id-fibre-channel-NPIV-use-fc_vport-s-port_.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0289-systemctl-is-active-failed-should-return-0-if-at-lea.patch 45 ●●●●● patch | view | raw | blame | history
SOURCES/0290-rules-set-SYSTEMD_READY-0-on-DM_UDEV_DISABLE_OTHER_R.patch 3 ●●●● patch | view | raw | blame | history
SOURCES/0291-s390-add-personality-support.patch 109 ●●●●● patch | view | raw | blame | history
SOURCES/0292-socket_address_listen-do-not-rely-on-errno.patch 34 ●●●●● patch | view | raw | blame | history
SOURCES/0293-path_id-reintroduce-by-path-links-for-virtio-block-d.patch 48 ●●●●● patch | view | raw | blame | history
SOURCES/0294-journal-fix-error-handling-when-compressing-journal-.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0295-journal-irrelevant-coding-style-fixes.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0296-install-follow-unit-file-symlinks-in-usr-but-not-etc.patch 4358 ●●●●● patch | view | raw | blame | history
SOURCES/0297-core-look-for-instance-when-processing-template-name.patch 41 ●●●●● patch | view | raw | blame | history
SOURCES/0298-core-improve-error-message-when-starting-template-wi.patch 30 ●●●●● patch | view | raw | blame | history
SOURCES/0299-man-tmpfiles.d-add-note-about-permissions-and-owners.patch 28 ●●●●● patch | view | raw | blame | history
SOURCES/0300-tmpfiles-don-t-follow-symlinks-when-adjusting-ACLs-f.patch 185 ●●●●● patch | view | raw | blame | history
SOURCES/0301-udev-filter-out-non-sensically-high-onboard-indexes-.patch 43 ●●●●● patch | view | raw | blame | history
SOURCES/0302-test-execute-add-tests-for-RuntimeDirectory.patch 74 ●●●●● patch | view | raw | blame | history
SOURCES/0303-core-fix-group-ownership-when-Group-is-set.patch 84 ●●●●● patch | view | raw | blame | history
SOURCES/0304-fstab-generator-cescape-device-name-in-root-fsck-ser.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0305-core-add-new-RandomSec-setting-for-time-units.patch 227 ●●●●● patch | view | raw | blame | history
SOURCES/0306-core-rename-Random-to-RandomizedDelay.patch 118 ●●●●● patch | view | raw | blame | history
SOURCES/0307-journal-remote-change-owner-of-var-log-journal-remot.patch 26 ●●●●● patch | view | raw | blame | history
SOURCES/0308-Add-Seal-option-in-the-configuration-file-for-journa.patch 57 ●●●●● patch | view | raw | blame | history
SOURCES/0309-tests-fix-make-check-failure.patch 26 ●●●●● patch | view | raw | blame | history
SOURCES/0310-device-make-sure-to-not-ignore-re-plugged-device.patch 65 ●●●●● patch | view | raw | blame | history
SOURCES/0311-device-Ensure-we-have-sysfs-path-before-comparing.patch 33 ●●●●● patch | view | raw | blame | history
SOURCES/0312-core-fix-memory-leak-on-set-default-enable-disable-e.patch 23 ●●●●● patch | view | raw | blame | history
SOURCES/0313-nspawn-fix-minor-memory-leak.patch 26 ●●●●● patch | view | raw | blame | history
SOURCES/0314-basic-fix-error-memleak-in-socket-util.patch 28 ●●●●● patch | view | raw | blame | history
SOURCES/0315-core-fix-memory-leak-in-manager_run_generators.patch 52 ●●●●● patch | view | raw | blame | history
SOURCES/0316-modules-load-fix-memory-leak.patch 41 ●●●●● patch | view | raw | blame | history
SOURCES/0317-core-fix-memory-leak-on-failed-preset-all.patch 66 ●●●●● patch | view | raw | blame | history
SOURCES/0318-sd-bus-fix-memory-leak-in-test-bus-chat.patch 37 ●●●●● patch | view | raw | blame | history
SOURCES/0319-core-fix-memory-leak-in-transient-units.patch 55 ●●●●● patch | view | raw | blame | history
SOURCES/0320-bus-fix-leak-in-error-path.patch 52 ●●●●● patch | view | raw | blame | history
SOURCES/0321-shared-logs-show-fix-memleak-in-add_matches_for_unit.patch 24 ●●●●● patch | view | raw | blame | history
SOURCES/0322-logind-introduce-LockedHint-and-SetLockedHint-3238.patch 164 ●●●●● patch | view | raw | blame | history
SOURCES/0323-import-use-the-old-curl-api.patch 40 ●●●●● patch | view | raw | blame | history
SOURCES/0324-importd-drop-dkr-support.patch 1694 ●●●●● patch | view | raw | blame | history
SOURCES/0325-import-add-support-for-gpg2-for-verifying-imported-i.patch 88 ●●●●● patch | view | raw | blame | history
SOURCES/0326-nspawn-when-connected-to-pipes-for-stdin-stdout-pass.patch 293 ●●●●● patch | view | raw | blame | history
SOURCES/0327-mount-remove-obsolete-n.patch 55 ●●●●● patch | view | raw | blame | history
SOURCES/0328-core-don-t-log-job-status-message-in-case-job-was-ef.patch 244 ●●●●● patch | view | raw | blame | history
SOURCES/0329-core-use-an-AF_UNIX-SOCK_DGRAM-socket-for-cgroup-age.patch 18 ●●●● patch | view | raw | blame | history
SOURCES/0330-logind-process-session-inhibitor-fds-at-higher-prior.patch 6 ●●●● patch | view | raw | blame | history
SOURCES/0331-Teach-bus_append_unit_property_assignment-about-Dele.patch 27 ●●●●● patch | view | raw | blame | history
SOURCES/0332-sd-netlink-fix-deep-recursion-in-message-destruction.patch 47 ●●●●● patch | view | raw | blame | history
SOURCES/0333-add-REMOTE_ADDR-and-REMOTE_PORT-for-Accept-yes.patch 281 ●●●●● patch | view | raw | blame | history
SOURCES/0334-core-don-t-dispatch-load-queue-when-setting-Slice-fo.patch 37 ●●●●● patch | view | raw | blame | history
SOURCES/0335-run-make-slice-work-in-conjunction-with-scope.patch 27 ●●●●● patch | view | raw | blame | history
SOURCES/0336-myhostname-fix-timeout-if-ipv6-is-disabled.patch 61 ●●●●● patch | view | raw | blame | history
SOURCES/0337-readahead-do-not-increase-nr_requests-for-root-fs-bl.patch 124 ●●●●● patch | view | raw | blame | history
SOURCES/0338-manager-reduce-complexity-of-unit_gc_sweep-3507.patch 10 ●●●● patch | view | raw | blame | history
SOURCES/0339-hwdb-selinuxify-a-bit-3460.patch 68 ●●●●● patch | view | raw | blame | history
SOURCES/0340-udevadm-explicitly-relabel-etc-udev-hwdb.bin-after-r.patch 55 ●●●●● patch | view | raw | blame | history
SOURCES/0341-systemctl-return-diffrent-error-code-if-service-exis.patch 82 ●●●●● patch | view | raw | blame | history
SOURCES/0342-systemctl-Replace-init-script-error-codes-with-enum-.patch 74 ●●●●● patch | view | raw | blame | history
SOURCES/0343-systemctl-rework-systemctl-status-a-bit.patch 234 ●●●●● patch | view | raw | blame | history
SOURCES/0344-journal-verify-don-t-hit-SIGFPE-when-determining-pro.patch 62 ●●●●● patch | view | raw | blame | history
SOURCES/0345-journal-avoid-mapping-empty-data-and-field-hash-tabl.patch 162 ●●●●● patch | view | raw | blame | history
SOURCES/0346-journal-when-verifying-journal-files-handle-empty-on.patch 84 ●●●●● patch | view | raw | blame | history
SOURCES/0347-journal-explain-the-error-when-we-find-a-non-DATA-ob.patch 31 ●●●●● patch | view | raw | blame | history
SOURCES/0348-journalctl-properly-detect-empty-journal-files.patch 31 ●●●●● patch | view | raw | blame | history
SOURCES/0349-journal-uppercase-first-character-in-verify-error-me.patch 642 ●●●●● patch | view | raw | blame | history
SOURCES/0350-journalctl-make-sure-journalctl-f-t-unmatched-blocks.patch 48 ●●●●● patch | view | raw | blame | history
SOURCES/0351-journalctl-don-t-print-No-entries-in-quiet-mode.patch 25 ●●●●● patch | view | raw | blame | history
SOURCES/0352-sd-event-expose-the-event-loop-iteration-counter-via.patch 2 ●●● patch | view | raw | blame | history
SOURCES/0353-manager-Only-invoke-a-single-sigchld-per-unit-within.patch 8 ●●●● patch | view | raw | blame | history
SOURCES/0354-manager-Fixing-a-debug-printf-formatting-mistake.patch 6 ●●●● patch | view | raw | blame | history
SOURCES/0355-core-support-IEC-suffixes-for-RLIMIT-stuff.patch 191 ●●●●● patch | view | raw | blame | history
SOURCES/0356-core-accept-time-units-for-time-based-resource-limit.patch 416 ●●●●● patch | view | raw | blame | history
SOURCES/0357-time-util-add-parse_time-which-is-like-parse_sec-but.patch 214 ●●●●● patch | view | raw | blame | history
SOURCES/0358-core-support-soft-hard-ranges-for-RLIMIT-options.patch 1003 ●●●●● patch | view | raw | blame | history
SOURCES/0359-core-fix-rlimit-parsing.patch 74 ●●●●● patch | view | raw | blame | history
SOURCES/0360-core-dump-rlim_cur-too.patch 26 ●●●●● patch | view | raw | blame | history
SOURCES/0361-install-fix-disable-via-unit-file-path.patch 39 ●●●●● patch | view | raw | blame | history
SOURCES/0362-manager-don-t-skip-sigchld-handler-for-main-and-cont.patch 22 ●●●● patch | view | raw | blame | history
SOURCES/0363-units-increase-watchdog-timeout-to-3min-for-all-our-.patch 156 ●●●●● patch | view | raw | blame | history
SOURCES/0364-core-bump-net.unix.max_dgram_qlen-really-early-durin.patch 90 ●●●●● patch | view | raw | blame | history
SOURCES/0365-core-fix-priority-ordering-in-notify-handling.patch 228 ●●●●● patch | view | raw | blame | history
SOURCES/0366-tests-fix-personality-tests-on-ppc64-and-aarch64.patch 85 ●●●●● patch | view | raw | blame | history
SOURCES/0367-systemctl-consider-service-running-only-when-it-is-i.patch 29 ●●●●● patch | view | raw | blame | history
SOURCES/0368-install-do-not-crash-when-processing-empty-masked-un.patch 24 ●●●●● patch | view | raw | blame | history
SOURCES/0369-Revert-install-fix-disable-via-unit-file-path.patch 32 ●●●●● patch | view | raw | blame | history
SOURCES/0370-systemctl-allow-disable-on-the-unit-file-path-but-wa.patch 82 ●●●●● patch | view | raw | blame | history
SOURCES/0371-tmpfiles-enforce-ordering-when-executing-lines.patch 102 ●●●●● patch | view | raw | blame | history
SOURCES/0372-Introduce-bus_unit_check_load_state-helper.patch 53 ●●●●● patch | view | raw | blame | history
SOURCES/0373-core-use-bus_unit_check_load_state-in-transaction_ad.patch 76 ●●●●● patch | view | raw | blame | history
SOURCES/0374-udev-path_id-correct-segmentation-fault-due-to-missi.patch 31 ●●●●● patch | view | raw | blame | history
SOURCES/0375-rules-load-sg-driver-also-when-scsi_target-appears-4.patch 22 ●●●●● patch | view | raw | blame | history
SOURCES/0376-fix-gcc-warnings-about-uninitialized-variables.patch 483 ●●●●● patch | view | raw | blame | history
SOURCES/0377-journalctl-rework-code-that-checks-whether-we-have-a.patch 339 ●●●●● patch | view | raw | blame | history
SOURCES/0378-journalctl-Improve-boot-ID-lookup.patch 55 ●●●●● patch | view | raw | blame | history
SOURCES/0379-journalctl-only-have-a-single-exit-path-from-main.patch 217 ●●●●● patch | view | raw | blame | history
SOURCES/0380-journalctl-free-all-command-line-argument-objects.patch 45 ●●●●● patch | view | raw | blame | history
SOURCES/0381-journalctl-rename-boot_id_t-to-BootId.patch 120 ●●●●● patch | view | raw | blame | history
SOURCES/0382-util-introduce-CMSG_FOREACH-macro-and-make-use-of-it.patch 301 ●●●●● patch | view | raw | blame | history
SOURCES/0383-journald-don-t-employ-inner-loop-for-reading-from-in.patch 251 ●●●●● patch | view | raw | blame | history
SOURCES/0384-journald-fix-count-of-object-meta-fields.patch 29 ●●●●● patch | view | raw | blame | history
SOURCES/0385-journal-cat-return-a-correct-error-not-1.patch 24 ●●●●● patch | view | raw | blame | history
SOURCES/0386-journalctl-introduce-short-options-for-since-and-unt.patch 90 ●●●●● patch | view | raw | blame | history
SOURCES/0387-journal-s-Envalid-Invalid.patch 24 ●●●●● patch | view | raw | blame | history
SOURCES/0388-journald-dispatch-SIGTERM-SIGINT-with-a-low-priority.patch 43 ●●●●● patch | view | raw | blame | history
SOURCES/0389-lz4-fix-size-check-which-had-no-chance-of-working-on.patch 25 ●●●●● patch | view | raw | blame | history
SOURCES/0390-journal-normalize-priority-of-logging-sources.patch 70 ●●●●● patch | view | raw | blame | history
SOURCES/0391-Fix-miscalculated-buffer-size-and-uses-of-size-unlim.patch 43 ●●●●● patch | view | raw | blame | history
SOURCES/0392-journal-Drop-monotonicity-check-when-appending-to-jo.patch 34 ●●●●● patch | view | raw | blame | history
SOURCES/0393-journalctl-unify-how-we-free-boot-id-lists-a-bit.patch 83 ●●●●● patch | view | raw | blame | history
SOURCES/0394-journalctl-don-t-trust-the-per-field-entry-tables-wh.patch 187 ●●●●● patch | view | raw | blame | history
SOURCES/0395-units-remove-udev-control-socket-when-systemd-stops-.patch 33 ●●●●● patch | view | raw | blame | history
SOURCES/0396-logind-don-t-assert-if-the-slice-is-missing.patch 26 ●●●●● patch | view | raw | blame | history
SOURCES/0397-core-enable-transient-unit-support-for-slice-units.patch 48 ●●●●● patch | view | raw | blame | history
SOURCES/0398-sd-bus-bump-message-queue-size.patch 31 ●●●●● patch | view | raw | blame | history
SOURCES/0399-install-fix-disable-when-etc-systemd-system-is-a-sym.patch 24 ●●●●● patch | view | raw | blame | history
SOURCES/0400-rules-add-NVMe-rules-3136.patch 36 ●●●●● patch | view | raw | blame | history
SOURCES/0401-rules-introduce-disk-by-id-model_serial-symlinks-for.patch 36 ●●●●● patch | view | raw | blame | history
SOURCES/0402-rules-fix-for-possible-whitespace-in-the-model-attri.patch 33 ●●●●● patch | view | raw | blame | history
SOURCES/0403-systemctl-pid1-do-not-warn-about-missing-install-inf.patch 111 ●●●●● patch | view | raw | blame | history
SOURCES/0404-systemctl-core-ignore-masked-units-in-preset-all.patch 148 ●●●●● patch | view | raw | blame | history
SOURCES/0405-shared-install-handle-dangling-aliases-as-an-explici.patch 113 ●●●●● patch | view | raw | blame | history
SOURCES/0406-shared-install-ignore-unit-symlinks-when-doing-prese.patch 75 ●●●●● patch | view | raw | blame | history
SOURCES/0407-40-redhat.rules-don-t-hoplug-memory-on-s390x.patch 23 ●●●●● patch | view | raw | blame | history
SOURCES/org.freedesktop.hostname1.policy 100 ●●●●● patch | view | raw | blame | history
SOURCES/org.freedesktop.import1.policy 27 ●●●●● patch | view | raw | blame | history
SOURCES/org.freedesktop.locale1.policy 70 ●●●●● patch | view | raw | blame | history
SOURCES/org.freedesktop.login1.policy 743 ●●●●● patch | view | raw | blame | history
SOURCES/org.freedesktop.machine1.policy 34 ●●●●● patch | view | raw | blame | history
SOURCES/org.freedesktop.systemd1.policy 118 ●●●●● patch | view | raw | blame | history
SOURCES/org.freedesktop.timedate1.policy 130 ●●●●● patch | view | raw | blame | history
SPECS/systemd.spec 400 ●●●● patch | view | raw | blame | history
SOURCES/0258-run-synchronously-wait-until-the-scope-unit-we-creat.patch
@@ -1,4 +1,4 @@
From 18d515aeb3a2007fa0a762b9b9658f489d4b403d Mon Sep 17 00:00:00 2001
From 5532bedf8ef456f02fdec62d46bc1be65cdfde30 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 28 Apr 2015 12:21:31 +0200
Subject: [PATCH] run: synchronously wait until the scope unit we create is
@@ -11,7 +11,7 @@
https://bugs.freedesktop.org/show_bug.cgi?id=86520
Cherry-picked from: de158ed22db60e3a6654557fa4aa72f7248550af
Resolves: #1283192
Resolves: #1272368
---
 src/libsystemd/sd-bus/bus-util.c | 10 ++++++++++
 src/libsystemd/sd-bus/bus-util.h |  1 +
SOURCES/0259-device-rework-how-we-enter-tentative-state.patch
@@ -1,4 +1,4 @@
From 960ea6ae7a9e2aca3594318ab893f7d5383e46b6 Mon Sep 17 00:00:00 2001
From ff6c50a1451e0e8fdca72039a0a00ebb0a20ba6c Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 24 Apr 2015 12:29:05 +0200
Subject: [PATCH] device: rework how we enter tentative state
SOURCES/0260-core-Do-not-bind-a-mount-unit-to-a-device-if-it-was-.patch
@@ -1,4 +1,4 @@
From c81de449d57bc563be7b4d4d53d07de28adcaa9b Mon Sep 17 00:00:00 2001
From 75b183700853e616362cf2f22831e1e9dc8a5515 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Tue, 24 Nov 2015 09:41:26 +0100
Subject: [PATCH] core: Do not bind a mount unit to a device, if it was from
SOURCES/0261-logind-set-RemoveIPC-no-by-default.patch
@@ -1,4 +1,4 @@
From b4d12e023a1418e850ec96616739e7be1d71c4f5 Mon Sep 17 00:00:00 2001
From 07cda5adb4ccecc6208b9fc85f4ea3ed8dece47d Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Thu, 26 Nov 2015 14:14:55 +0100
Subject: [PATCH] logind: set RemoveIPC=no by default
SOURCES/0262-sysv-generator-follow-symlinks-in-etc-rc.d-init.d.patch
@@ -1,4 +1,4 @@
From 25dc202140f4daa18faeae11e26e9e16e8dae84e Mon Sep 17 00:00:00 2001
From 7374770f790080b677f504075ba9659230e11226 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Fri, 11 Sep 2015 16:23:07 +0200
Subject: [PATCH] sysv-generator: follow symlinks in /etc/rc.d/init.d
@@ -11,7 +11,7 @@
instread of symlink, but this is not usable for other distributions.
Cherry-picked from: 7b729f8686a83b24f3d9a891cde1c
Resolves: #1288005
Resolves: #1285492
---
 src/sysv-generator/sysv-generator.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
SOURCES/0263-sysv-generator-test-always-log-to-console.patch
File was renamed from SOURCES/0265-sysv-generator-test-always-log-to-console.patch
@@ -1,4 +1,4 @@
From dff573ed5425cad26370ce5f4dc95c859d58ee72 Mon Sep 17 00:00:00 2001
From a714212703b3fe5f2a27773602cabbc4ab53da15 Mon Sep 17 00:00:00 2001
From: Martin Pitt <martin.pitt@ubuntu.com>
Date: Mon, 15 Jun 2015 08:59:44 +0200
Subject: [PATCH] sysv-generator test: always log to console
@@ -9,6 +9,7 @@
https://github.com/systemd/systemd/issues/195
Cherry-picked from: 6b7d32add4733a83f86e18bb86f914037a6688b7
Resolves: #1279034
---
 test/sysv-generator-test.py | 1 +
 1 file changed, 1 insertion(+)
SOURCES/0264-man-RemoveIPC-is-set-to-no-on-rhel.patch
File was renamed from SOURCES/0263-man-RemoveIPC-is-set-to-no-on-rhel.patch
@@ -1,4 +1,4 @@
From 931ad3c2c253b40cb2c8eef8876b962e8f2d1072 Mon Sep 17 00:00:00 2001
From 7602b4a03ef2b932ef3c22ce25d01a782074059f Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Thu, 10 Dec 2015 09:34:34 +0100
Subject: [PATCH] man: RemoveIPC is set to no on rhel
SOURCES/0265-Avoid-tmp-being-mounted-as-tmpfs-without-the-user-s-.patch
File was renamed from SOURCES/0267-Avoid-tmp-being-mounted-as-tmpfs-without-the-user-s-.patch
@@ -1,4 +1,4 @@
From 73d33e8e1b310c292dc92d26ca0cd7bfefa31852 Mon Sep 17 00:00:00 2001
From 14eaa63230a16a32f49db74d4b0d78247874ccdd Mon Sep 17 00:00:00 2001
From: Didier Roche <didrocks@ubuntu.com>
Date: Wed, 13 Jan 2016 12:49:57 +0100
Subject: [PATCH] Avoid /tmp being mounted as tmpfs without the user's will
SOURCES/0266-test-sysv-generator-Check-for-network-online.target.patch
@@ -1,8 +1,9 @@
From dc923c37bf23c035e510c241ff228e3e2f92c1ef Mon Sep 17 00:00:00 2001
From e955c2298241b9a2957dd8d36c48cbfe0a108d49 Mon Sep 17 00:00:00 2001
From: Branislav Blaskovic <bblaskov@redhat.com>
Date: Sat, 7 Nov 2015 11:32:49 +0100
Subject: [PATCH] test sysv-generator: Check for network-online.target.
Resolves: #1279034
---
 test/sysv-generator-test.py | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)
SOURCES/0267-makefile-disable-udev-tests.patch
File was renamed from SOURCES/0264-makefile-disable-udev-tests.patch
@@ -1,4 +1,4 @@
From c79d960c9cf769e913c6824363c0f2f7f257762e Mon Sep 17 00:00:00 2001
From 7da662710420fdcbf2691f4a82644332d18d4605 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Thu, 10 Dec 2015 11:08:19 +0100
Subject: [PATCH] makefile: disable udev tests
SOURCES/0268-arm-aarch64-detect-virt-check-dmi.patch
New file
@@ -0,0 +1,40 @@
From a64e8d52d4058451e8b8d291db4cc276ee31d46d Mon Sep 17 00:00:00 2001
From: Andrew Jones <drjones@redhat.com>
Date: Mon, 9 Nov 2015 14:22:20 +0100
Subject: [PATCH] arm/aarch64: detect-virt: check dmi
ARM/AArch64 guests now have SMBIOS tables populated (when boot
with a late enough QEMU and a late enough AAVMF is used as the
bootloader). Furthermore, when booting ARM/AArch64 guests with
ACPI, the DT detection obviously no longer works, so we need
dmi detection.
Cherry-picked from: 2ef8a4c4399dcb7b6fcaecd41f27377b584e9a4b
Resolves: #1278165
---
 src/shared/virt.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/src/shared/virt.c b/src/shared/virt.c
index 54c4655..d3ce8dd 100644
--- a/src/shared/virt.c
+++ b/src/shared/virt.c
@@ -29,7 +29,7 @@
 static int detect_vm_cpuid(const char **_id) {
-        /* Both CPUID and DMI are x86 specific interfaces... */
+        /* CPUID is an x86 specific interface. */
 #if defined(__i386__) || defined(__x86_64__)
         static const char cpuid_vendor_table[] =
@@ -139,8 +139,7 @@ static int detect_vm_devicetree(const char **_id) {
 static int detect_vm_dmi(const char **_id) {
-        /* Both CPUID and DMI are x86 specific interfaces... */
-#if defined(__i386__) || defined(__x86_64__)
+#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
         static const char *const dmi_vendors[] = {
                 "/sys/class/dmi/id/sys_vendor",
SOURCES/0269-detect-virt-dmi-look-for-KVM.patch
New file
@@ -0,0 +1,40 @@
From 795d7cadb7b49ae11e2544ce325779f8d5ec7526 Mon Sep 17 00:00:00 2001
From: Andrew Jones <drjones@redhat.com>
Date: Mon, 9 Nov 2015 14:29:09 +0100
Subject: [PATCH] detect-virt: dmi: look for KVM
Some guests (ARM, AArch64, x86-RHEL) have 'KVM' in the product name.
Look for that first in order to more precisely report "kvm" when
detecting a QEMU/KVM guest. Without this patch we report "qemu",
even if KVM acceleration is in use on ARM/AArch64 guests.
I've only tested a backported version of this and the previous
patch on an AArch64 guest (which worked). Of course it would be
nice to get regression testing on all guest types that depend on
dmi done.
Cherry-picked from: 3728dcde4542b7b2792d9ef0baeb742d82983b03
Resolves: #1278165
---
 src/shared/virt.c | 2 ++
 1 file changed, 2 insertions(+)
diff --git a/src/shared/virt.c b/src/shared/virt.c
index d3ce8dd..55a6ca9 100644
--- a/src/shared/virt.c
+++ b/src/shared/virt.c
@@ -142,12 +142,14 @@ static int detect_vm_dmi(const char **_id) {
 #if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
         static const char *const dmi_vendors[] = {
+                "/sys/class/dmi/id/product_name", /* Test this before sys_vendor to detect KVM over QEMU */
                 "/sys/class/dmi/id/sys_vendor",
                 "/sys/class/dmi/id/board_vendor",
                 "/sys/class/dmi/id/bios_vendor"
         };
         static const char dmi_vendor_table[] =
+                "KVM\0"                   "kvm\0"
                 "QEMU\0"                  "qemu\0"
                 /* http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1009458 */
                 "VMware\0"                "vmware\0"
SOURCES/0270-Revert-journald-turn-ForwardToSyslog-off-by-default.patch
File was renamed from SOURCES/0274-Revert-journald-turn-ForwardToSyslog-off-by-default.patch
@@ -1,4 +1,4 @@
From 298dd4f0bf734002a4fc7f51e5a46216017db2f6 Mon Sep 17 00:00:00 2001
From 1b8d3a9c51d5584b6f6e394592a83b43cfbc693d Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 25 Jan 2016 14:03:47 +0100
Subject: [PATCH] Revert "journald: turn ForwardToSyslog= off by default"
SOURCES/0271-terminal-util-when-resetting-terminals-don-t-wait-fo.patch
New file
@@ -0,0 +1,75 @@
From 067fbebee46a376c639c9369dcaf80004047414d Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 3 Aug 2015 19:04:08 +0200
Subject: [PATCH] terminal-util: when resetting terminals, don't wait for
 carrier
In case of non-CLOCAL lines (i.e. those with carrier detect configured)
we shouldnt wait for a carrier if all we try to do is reset the TTY.
Hence, whenever we open such a TTY pass O_NONBLOCK.
Note that we continue to open ttys we intend to write to without
O_ONBLOCK, we only add it in cases we invoke ioctl()s or other terminal
operations without reading or writing to the device.
Fixes #835.
Cherry-picked from: 0a8b555ceb07ce916b9bd48782d1eb69a12f0f2e
Resolves: #1266745
---
 src/shared/util.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/src/shared/util.c b/src/shared/util.c
index 778c2b0..5092588 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -1713,7 +1713,7 @@ bool fstype_is_network(const char *fstype) {
 int chvt(int vt) {
         _cleanup_close_ int fd;
-        fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
+        fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK);
         if (fd < 0)
                 return -errno;
@@ -1953,7 +1953,11 @@ finish:
 int reset_terminal(const char *name) {
         _cleanup_close_ int fd = -1;
-        fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
+        /* We open the terminal with O_NONBLOCK here, to ensure we
+         * don't block on carrier if this is a terminal with carrier
+         * configured. */
+
+        fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK);
         if (fd < 0)
                 return fd;
@@ -2204,7 +2208,7 @@ int release_terminal(void) {
         struct sigaction sa_old;
         int r = 0;
-        fd = open("/dev/tty", O_RDWR|O_NOCTTY|O_NDELAY|O_CLOEXEC);
+        fd = open("/dev/tty", O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK);
         if (fd < 0)
                 return -errno;
@@ -4405,7 +4409,7 @@ int terminal_vhangup_fd(int fd) {
 int terminal_vhangup(const char *name) {
         _cleanup_close_ int fd;
-        fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
+        fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK);
         if (fd < 0)
                 return fd;
@@ -4452,7 +4456,7 @@ int vt_disallocate(const char *name) {
                 return -EINVAL;
         /* Try to deallocate */
-        fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
+        fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK);
         if (fd < 0)
                 return fd;
SOURCES/0272-basic-terminal-util-introduce-SYSTEMD_COLORS-environ.patch
New file
@@ -0,0 +1,154 @@
From 9d67a3a2d4fd378ca04726c5eb5f31ee222c50e4 Mon Sep 17 00:00:00 2001
From: Jan Synacek <jsynacek@redhat.com>
Date: Tue, 19 Jan 2016 10:17:19 +0100
Subject: [PATCH] basic/terminal-util: introduce SYSTEMD_COLORS environment
 variable
... to determine if color output should be enabled. If the variable is not set,
fall back to using on_tty(). Also, rewrite existing code to use
colors_enabled() where appropriate.
Cherry-picked from: 40c9fe4c0862114dab390c8ed16f78cf056b9140
Resolves: #1247963
---
 man/systemd.xml           |  7 +++++++
 src/journal/journalctl.c  |  2 +-
 src/login/loginctl.c      |  2 +-
 src/machine/machinectl.c  |  2 +-
 src/shared/util.c         | 13 +++++++++++++
 src/shared/util.h         | 13 +++++++------
 src/systemctl/systemctl.c |  2 +-
 7 files changed, 31 insertions(+), 10 deletions(-)
diff --git a/man/systemd.xml b/man/systemd.xml
index eb289f0..30005b1 100644
--- a/man/systemd.xml
+++ b/man/systemd.xml
@@ -755,6 +755,13 @@
       </varlistentry>
       <varlistentry>
+        <term><varname>$SYSTEMD_COLORS</varname></term>
+
+        <listitem><para>Controls whether colorized output should be generated.
+        </para></listitem>
+      </varlistentry>
+
+      <varlistentry>
         <term><varname>$LISTEN_PID</varname></term>
         <term><varname>$LISTEN_FDS</varname></term>
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index 8236d08..7058788 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -2140,7 +2140,7 @@ int main(int argc, char *argv[]) {
                         flags =
                                 arg_all * OUTPUT_SHOW_ALL |
                                 arg_full * OUTPUT_FULL_WIDTH |
-                                on_tty() * OUTPUT_COLOR |
+                                colors_enabled() * OUTPUT_COLOR |
                                 arg_catalog * OUTPUT_CATALOG |
                                 arg_utc * OUTPUT_UTC;
diff --git a/src/login/loginctl.c b/src/login/loginctl.c
index 6c8a59e..8e3bfbe 100644
--- a/src/login/loginctl.c
+++ b/src/login/loginctl.c
@@ -83,7 +83,7 @@ static OutputFlags get_output_flags(void) {
                 arg_all * OUTPUT_SHOW_ALL |
                 arg_full * OUTPUT_FULL_WIDTH |
                 (!on_tty() || pager_have()) * OUTPUT_FULL_WIDTH |
-                on_tty() * OUTPUT_COLOR;
+                colors_enabled() * OUTPUT_COLOR;
 }
 static int list_sessions(int argc, char *argv[], void *userdata) {
diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c
index f191070..ef1214a 100644
--- a/src/machine/machinectl.c
+++ b/src/machine/machinectl.c
@@ -105,7 +105,7 @@ static OutputFlags get_output_flags(void) {
                 arg_all * OUTPUT_SHOW_ALL |
                 arg_full * OUTPUT_FULL_WIDTH |
                 (!on_tty() || pager_have()) * OUTPUT_FULL_WIDTH |
-                on_tty() * OUTPUT_COLOR |
+                colors_enabled() * OUTPUT_COLOR |
                 !arg_quiet * OUTPUT_WARN_CUTOFF;
 }
diff --git a/src/shared/util.c b/src/shared/util.c
index 5092588..dc51852 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -8146,3 +8146,16 @@ char *shell_maybe_quote(const char *s) {
         return r;
 }
+
+bool colors_enabled(void) {
+        const char *colors;
+
+        colors = getenv("SYSTEMD_COLORS");
+        if (!colors) {
+                if (streq_ptr(getenv("TERM"), "dumb"))
+                        return false;
+                return on_tty();
+        }
+
+        return parse_boolean(colors) != 0;
+}
diff --git a/src/shared/util.h b/src/shared/util.h
index 7ecfd85..b4a4a49 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -485,29 +485,30 @@ unsigned lines(void);
 void columns_lines_cache_reset(int _unused_ signum);
 bool on_tty(void);
+bool colors_enabled(void);
 static inline const char *ansi_highlight(void) {
-        return on_tty() ? ANSI_HIGHLIGHT_ON : "";
+        return colors_enabled() ? ANSI_HIGHLIGHT_ON : "";
 }
 static inline const char *ansi_highlight_red(void) {
-        return on_tty() ? ANSI_HIGHLIGHT_RED_ON : "";
+        return colors_enabled() ? ANSI_HIGHLIGHT_RED_ON : "";
 }
 static inline const char *ansi_highlight_green(void) {
-        return on_tty() ? ANSI_HIGHLIGHT_GREEN_ON : "";
+        return colors_enabled() ? ANSI_HIGHLIGHT_GREEN_ON : "";
 }
 static inline const char *ansi_highlight_yellow(void) {
-        return on_tty() ? ANSI_HIGHLIGHT_YELLOW_ON : "";
+        return colors_enabled() ? ANSI_HIGHLIGHT_YELLOW_ON : "";
 }
 static inline const char *ansi_highlight_blue(void) {
-        return on_tty() ? ANSI_HIGHLIGHT_BLUE_ON : "";
+        return colors_enabled() ? ANSI_HIGHLIGHT_BLUE_ON : "";
 }
 static inline const char *ansi_highlight_off(void) {
-        return on_tty() ? ANSI_HIGHLIGHT_OFF : "";
+        return colors_enabled() ? ANSI_HIGHLIGHT_OFF : "";
 }
 int files_same(const char *filea, const char *fileb);
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
index 89d0b3b..5d3a85f 100644
--- a/src/systemctl/systemctl.c
+++ b/src/systemctl/systemctl.c
@@ -197,7 +197,7 @@ static OutputFlags get_output_flags(void) {
                 arg_all * OUTPUT_SHOW_ALL |
                 arg_full * OUTPUT_FULL_WIDTH |
                 (!on_tty() || pager_have()) * OUTPUT_FULL_WIDTH |
-                on_tty() * OUTPUT_COLOR |
+                colors_enabled() * OUTPUT_COLOR |
                 !arg_quiet * OUTPUT_WARN_CUTOFF;
 }
SOURCES/0273-ask-password-don-t-abort-when-message-is-missing.patch
New file
@@ -0,0 +1,35 @@
From 2737fab0dba5ed238b4e0e927139e46e4911e1b4 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Thu, 28 Jan 2016 16:01:51 +0100
Subject: [PATCH] ask-password: don't abort when message is missing
This was fixed in upstream in
e287086b8aa2558356af225a12d9bfea8e7d61ca
add support for caching passwords in the kernel keyring
But we don't want that in rhel.
rhel-only
Resolves: #1261136
---
 src/shared/ask-password-api.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index 0a61daf..19baa6b 100644
--- a/src/shared/ask-password-api.c
+++ b/src/shared/ask-password-api.c
@@ -70,9 +70,11 @@ int ask_password_tty(
                 POLL_INOTIFY
         };
-        assert(message);
         assert(_passphrase);
+        if (!message)
+                message = "Password:";
+
         if (flag_file) {
                 notify = inotify_init1(IN_CLOEXEC|IN_NONBLOCK);
                 if (notify < 0) {
SOURCES/0274-sysv-generator-do-not-join-dependencies-on-one-line-.patch
New file
@@ -0,0 +1,135 @@
From 72b3ff75e786efa2c9b2fdfb50e46597434c5420 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Wed, 20 Jan 2016 15:16:32 +0100
Subject: [PATCH] sysv-generator: do not join dependencies on one line, split
 them
If there is a lot of initscripts and dependencies between them we might
end generating After= (and similar) lines which are longer then LINE_MAX
and thus rejected by parser in systemd.
Fixes #2099
Cherry-picked from: c584ffc0b75d4b9e9229bf1d8edb7d89562be3c1
Resolves: #1288600
---
 src/sysv-generator/sysv-generator.c | 44 ++++++++++---------------------------
 test/sysv-generator-test.py         | 18 +++++++++++++--
 2 files changed, 28 insertions(+), 34 deletions(-)
diff --git a/src/sysv-generator/sysv-generator.c b/src/sysv-generator/sysv-generator.c
index 0a8a528..d60e75a 100644
--- a/src/sysv-generator/sysv-generator.c
+++ b/src/sysv-generator/sysv-generator.c
@@ -134,34 +134,14 @@ static int add_alias(const char *service, const char *alias) {
 }
 static int generate_unit_file(SysvStub *s) {
-        char **p;
         _cleanup_fclose_ FILE *f = NULL;
-        _cleanup_free_ char *unit = NULL;
-        _cleanup_free_ char *before = NULL;
-        _cleanup_free_ char *after = NULL;
-        _cleanup_free_ char *wants = NULL;
-        _cleanup_free_ char *conflicts = NULL;
+        const char *unit;
+        char **p;
         int r;
-        before = strv_join(s->before, " ");
-        if (!before)
-                return log_oom();
-
-        after = strv_join(s->after, " ");
-        if (!after)
-                return log_oom();
-
-        wants = strv_join(s->wants, " ");
-        if (!wants)
-                return log_oom();
-
-        conflicts = strv_join(s->conflicts, " ");
-        if (!conflicts)
-                return log_oom();
+        assert(s);
-        unit = strjoin(arg_dest, "/", s->name, NULL);
-        if (!unit)
-                return log_oom();
+        unit = strjoina(arg_dest, "/", s->name);
         /* We might already have a symlink with the same name from a Provides:,
          * or from backup files like /etc/init.d/foo.bak. Real scripts always win,
@@ -183,14 +163,14 @@ static int generate_unit_file(SysvStub *s) {
                 "Description=%s\n",
                 s->path, s->description);
-        if (!isempty(before))
-                fprintf(f, "Before=%s\n", before);
-        if (!isempty(after))
-                fprintf(f, "After=%s\n", after);
-        if (!isempty(wants))
-                fprintf(f, "Wants=%s\n", wants);
-        if (!isempty(conflicts))
-                fprintf(f, "Conflicts=%s\n", conflicts);
+        STRV_FOREACH(p, s->before)
+                fprintf(f, "Before=%s\n", *p);
+        STRV_FOREACH(p, s->after)
+                fprintf(f, "After=%s\n", *p);
+        STRV_FOREACH(p, s->wants)
+                fprintf(f, "Wants=%s\n", *p);
+        STRV_FOREACH(p, s->conflicts)
+                fprintf(f, "Conflicts=%s\n", *p);
         fprintf(f,
                 "\n[Service]\n"
diff --git a/test/sysv-generator-test.py b/test/sysv-generator-test.py
index 2060ad7..25a35da 100644
--- a/test/sysv-generator-test.py
+++ b/test/sysv-generator-test.py
@@ -23,6 +23,7 @@ import subprocess
 import tempfile
 import shutil
 from glob import glob
+import collections
 try:
     from configparser import RawConfigParser
@@ -32,6 +33,12 @@ except ImportError:
 sysv_generator = os.path.join(os.environ.get('builddir', '.'), 'systemd-sysv-generator')
+class MultiDict(collections.OrderedDict):
+    def __setitem__(self, key, value):
+        if isinstance(value, list) and key in self:
+            self[key].extend(value)
+        else:
+            super(MultiDict, self).__setitem__(key, value)
 class SysvGeneratorTest(unittest.TestCase):
     def setUp(self):
@@ -77,7 +84,14 @@ class SysvGeneratorTest(unittest.TestCase):
         for service in glob(self.out_dir + '/*.service'):
             if os.path.islink(service):
                 continue
-            cp = RawConfigParser()
+            try:
+                # for python3 we need here strict=False to parse multiple
+                # lines with the same key
+                cp = RawConfigParser(dict_type=MultiDict, strict=False)
+            except TypeError:
+                # RawConfigParser in python2 does not have the strict option
+                # but it allows multiple lines with the same key by default
+                cp = RawConfigParser(dict_type=MultiDict)
             cp.optionxform = lambda o: o  # don't lower-case option names
             with open(service) as f:
                 cp.readfp(f)
@@ -215,7 +229,7 @@ class SysvGeneratorTest(unittest.TestCase):
         s = self.run_generator()[1]['foo.service']
         self.assertEqual(set(s.options('Unit')),
                          set(['Documentation', 'SourcePath', 'Description', 'After']))
-        self.assertEqual(s.get('Unit', 'After'), 'nss-lookup.target rpcbind.target')
+        self.assertEqual(s.get('Unit', 'After').split(), ['nss-lookup.target', 'rpcbind.target'])
     def test_lsb_deps(self):
         '''LSB header dependencies to other services'''
SOURCES/0275-udev-fibre-channel-fix-NPIV-support.patch
File was renamed from SOURCES/0268-udev-fibre-channel-fix-NPIV-support.patch
@@ -1,4 +1,4 @@
From 41bcd014886cfd2bc4415f2c78668008963934a9 Mon Sep 17 00:00:00 2001
From 569d98e9caae425120bf28f6b440e6cc117abc0d Mon Sep 17 00:00:00 2001
From: Maurizio Lombardi <mlombard@redhat.com>
Date: Mon, 1 Feb 2016 14:44:22 +0100
Subject: [PATCH] udev: fibre channel: fix NPIV support
SOURCES/0276-ata_id-unreverse-WWN-identifier.patch
File was renamed from SOURCES/0269-ata_id-unreverse-WWN-identifier.patch
@@ -1,4 +1,4 @@
From af5732176cb192206f555a1c00dd5431a757367f Mon Sep 17 00:00:00 2001
From d1c32b69edc7f0f62a7c3f65691c2cb9fedcb112 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 22 Jul 2015 00:23:47 -0400
Subject: [PATCH] ata_id: unreverse WWN identifier
@@ -9,7 +9,7 @@
https://bugzilla.redhat.com/show_bug.cgi?id=1227503
Cherry-picked from: 01f61d331bb5038f0c877ac03c54333328b6ea28
Resolves: #1308795
Resolves: #1273306
---
 src/udev/ata_id/ata_id.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)
SOURCES/0277-Fixup-WWN-bytes-for-big-endian-systems.patch
File was renamed from SOURCES/0270-Fixup-WWN-bytes-for-big-endian-systems.patch
@@ -1,10 +1,10 @@
From e2236a77928842bbf092956f8fa1918f2b4f7b9b Mon Sep 17 00:00:00 2001
From 2a62c3c66698148f1439176bd6ca5a946b8de550 Mon Sep 17 00:00:00 2001
From: Tom Lyon <pugs@drivescale.com>
Date: Mon, 21 Sep 2015 14:36:32 -0700
Subject: [PATCH] Fixup WWN bytes for big-endian systems
Cherry-picked from: cf22cddcfd07d10fecd7b03ef465e957054daec2
Resolves: #1308795
Resolves: #1273306
---
 src/udev/ata_id/ata_id.c | 4 ++++
 1 file changed, 4 insertions(+)
SOURCES/0278-sd-journal-introduce-has_runtime_files-and-has_persi.patch
New file
@@ -0,0 +1,276 @@
From 5ec508cc5c13d831c93ce98d84b1d9cedb0117a7 Mon Sep 17 00:00:00 2001
From: Jan Synacek <jsynacek@redhat.com>
Date: Mon, 1 Feb 2016 09:23:58 +0100
Subject: [PATCH] sd-journal: introduce has_runtime_files and
 has_persistent_files
Also introduce sd_journal_has_runtime_files() and
sd_journal_has_persistent_files() to the public API. These functions
can be used to easily find out if the open journal files are runtime
and/or persistent.
Cherry-picked from: 39fd5b08a73f144a20202a665bd25cad51d8a90b
Resolves: #1082179
---
 Makefile-man.am                      |  7 +++
 man/sd-journal.xml                   |  8 ++-
 man/sd_journal_has_runtime_files.xml | 95 ++++++++++++++++++++++++++++++++++++
 src/journal/journal-internal.h       |  2 +
 src/journal/sd-journal.c             | 29 +++++++----
 src/systemd/sd-journal.h             |  3 ++
 6 files changed, 133 insertions(+), 11 deletions(-)
 create mode 100644 man/sd_journal_has_runtime_files.xml
diff --git a/Makefile-man.am b/Makefile-man.am
index 497be66..7ec709c 100644
--- a/Makefile-man.am
+++ b/Makefile-man.am
@@ -40,6 +40,7 @@ MANPAGES += \
     man/sd_journal_get_fd.3 \
     man/sd_journal_get_realtime_usec.3 \
     man/sd_journal_get_usage.3 \
+    man/sd_journal_has_runtime_files.3 \
     man/sd_journal_next.3 \
     man/sd_journal_open.3 \
     man/sd_journal_print.3 \
@@ -176,6 +177,7 @@ MANPAGES_ALIAS += \
     man/sd_journal_get_events.3 \
     man/sd_journal_get_monotonic_usec.3 \
     man/sd_journal_get_timeout.3 \
+    man/sd_journal_has_persistent_files.3 \
     man/sd_journal_next_skip.3 \
     man/sd_journal_open_container.3 \
     man/sd_journal_open_directory.3 \
@@ -287,6 +289,7 @@ man/sd_journal_get_data_threshold.3: man/sd_journal_get_data.3
 man/sd_journal_get_events.3: man/sd_journal_get_fd.3
 man/sd_journal_get_monotonic_usec.3: man/sd_journal_get_realtime_usec.3
 man/sd_journal_get_timeout.3: man/sd_journal_get_fd.3
+man/sd_journal_has_persistent_files.3: man/sd_journal_has_runtime_files.3
 man/sd_journal_next_skip.3: man/sd_journal_next.3
 man/sd_journal_open_container.3: man/sd_journal_open.3
 man/sd_journal_open_directory.3: man/sd_journal_open.3
@@ -500,6 +503,9 @@ man/sd_journal_get_monotonic_usec.html: man/sd_journal_get_realtime_usec.html
 man/sd_journal_get_timeout.html: man/sd_journal_get_fd.html
     $(html-alias)
+man/sd_journal_has_persistent_files.html: man/sd_journal_has_runtime_files.html
+    $(html-alias)
+
 man/sd_journal_next_skip.html: man/sd_journal_next.html
     $(html-alias)
@@ -1727,6 +1733,7 @@ EXTRA_DIST += \
     man/sd_journal_get_fd.xml \
     man/sd_journal_get_realtime_usec.xml \
     man/sd_journal_get_usage.xml \
+    man/sd_journal_has_runtime_files.xml \
     man/sd_journal_next.xml \
     man/sd_journal_open.xml \
     man/sd_journal_print.xml \
diff --git a/man/sd-journal.xml b/man/sd-journal.xml
index 9b1a522..a1185d3 100644
--- a/man/sd-journal.xml
+++ b/man/sd-journal.xml
@@ -81,9 +81,11 @@
     <citerefentry><refentrytitle>sd_journal_get_cutoff_realtime_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
     <citerefentry><refentrytitle>sd_journal_get_cutoff_monotonic_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
     <citerefentry><refentrytitle>sd_journal_get_usage</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
-    <citerefentry><refentrytitle>sd_journal_get_catalog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+    <citerefentry><refentrytitle>sd_journal_get_catalog</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+    <citerefentry><refentrytitle>sd_journal_get_fd</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+    <citerefentry><refentrytitle>sd_journal_has_runtime_files</refentrytitle><manvolnum>3</manvolnum></citerefentry>
     and
-    <citerefentry><refentrytitle>sd_journal_get_fd</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+    <citerefentry><refentrytitle>sd_journal_has_persistent_files</refentrytitle><manvolnum>3</manvolnum></citerefentry>
     for more information about the functions implemented.</para>
     <para>Command line access for submitting entries to the journal is
@@ -116,6 +118,8 @@
       <citerefentry><refentrytitle>sd_journal_get_fd</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>sd_journal_query_unique</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>sd_journal_get_catalog</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>sd_journal_has_runtime_files</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>sd_journal_has_persistent_files</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>sd-id128</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
       <citerefentry project='die-net'><refentrytitle>pkg-config</refentrytitle><manvolnum>1</manvolnum></citerefentry>
diff --git a/man/sd_journal_has_runtime_files.xml b/man/sd_journal_has_runtime_files.xml
new file mode 100644
index 0000000..237e649
--- /dev/null
+++ b/man/sd_journal_has_runtime_files.xml
@@ -0,0 +1,95 @@
+<?xml version='1.0'?> <!--*-nxml-*-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+
+<!--
+  This file is part of systemd.
+
+  Copyright 2016 Jan Synáček
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+-->
+
+<refentry id="sd_journal_has_runtime_files">
+
+  <refentryinfo>
+    <title>sd_journal_has_runtime_files</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Jan</firstname>
+        <surname>Synáček</surname>
+        <email>jan.synacek@gmail.com</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>sd_journal_has_runtime_files</refentrytitle>
+    <manvolnum>3</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>sd_journal_has_runtime_files</refname>
+    <refname>sd_journal_has_persistent_files</refname>
+    <refpurpose>Query availability of runtime or persistent journal files.</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <funcsynopsis>
+      <funcsynopsisinfo>#include &lt;systemd/sd-journal.h&gt;</funcsynopsisinfo>
+
+      <funcprototype>
+        <funcdef>int <function>sd_journal_has_runtime_files</function></funcdef>
+        <paramdef>sd_journal *<parameter>j</parameter></paramdef>
+      </funcprototype>
+
+      <funcprototype>
+        <funcdef>int <function>sd_journal_has_persistent_files</function></funcdef>
+        <paramdef>sd_journal *<parameter>j</parameter></paramdef>
+      </funcprototype>
+
+    </funcsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para><function>sd_journal_has_runtime_files()</function> returns a positive value
+    if runtime journal files (present in /run/systemd/journal/) have been found.
+    Otherwise returns 0.</para>
+
+    <para><function>sd_journal_has_persistent_files()</function> returns a positive value
+    if persistent journal files (present in /var/log/journal/) have been found.
+    Otherwise returns 0.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>Return value</title>
+    <para>Both <function>sd_journal_has_runtime_files()</function>
+    and <function>sd_journal_has_persistent_files()</function> return -EINVAL
+    if their argument is NULL.
+    </para>
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <para>
+      <citerefentry><refentrytitle>sd-journal</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+    </para>
+  </refsect1>
+
+</refentry>
diff --git a/src/journal/journal-internal.h b/src/journal/journal-internal.h
index b51ecdb..115d777 100644
--- a/src/journal/journal-internal.h
+++ b/src/journal/journal-internal.h
@@ -115,6 +115,8 @@ struct sd_journal {
                                   removed, and there were no more
                                   files, so sd_j_enumerate_unique
                                   will return a value equal to 0. */
+        bool has_runtime_files:1;
+        bool has_persistent_files:1;
         size_t data_threshold;
diff --git a/src/journal/sd-journal.c b/src/journal/sd-journal.c
index 9b9e8ac..20456c3 100644
--- a/src/journal/sd-journal.c
+++ b/src/journal/sd-journal.c
@@ -1230,8 +1230,7 @@ static int add_any_file(sd_journal *j, const char *path) {
 }
 static int add_file(sd_journal *j, const char *prefix, const char *filename) {
-        _cleanup_free_ char *path = NULL;
-        int r;
+        char *path = NULL;
         assert(j);
         assert(prefix);
@@ -1241,14 +1240,14 @@ static int add_file(sd_journal *j, const char *prefix, const char *filename) {
             !file_type_wanted(j->flags, filename))
                 return 0;
-        path = strjoin(prefix, "/", filename, NULL);
-        if (!path)
-                return -ENOMEM;
+        path = strjoina(prefix, "/", filename);
-        r = add_any_file(j, path);
-        if (r == -ENOENT)
-                return 0;
-        return r;
+        if (!j->has_runtime_files && path_startswith(path, "/run/log/journal"))
+                j->has_runtime_files = true;
+        else if (!j->has_persistent_files && path_startswith(path, "/var/log/journal"))
+                j->has_persistent_files = true;
+
+        return add_any_file(j, path);
 }
 static int remove_file(sd_journal *j, const char *prefix, const char *filename) {
@@ -2616,3 +2615,15 @@ _public_ int sd_journal_get_data_threshold(sd_journal *j, size_t *sz) {
         *sz = j->data_threshold;
         return 0;
 }
+
+_public_ int sd_journal_has_runtime_files(sd_journal *j) {
+        assert_return(j, -EINVAL);
+
+        return j->has_runtime_files;
+}
+
+_public_ int sd_journal_has_persistent_files(sd_journal *j) {
+        assert_return(j, -EINVAL);
+
+        return j->has_persistent_files;
+}
diff --git a/src/systemd/sd-journal.h b/src/systemd/sd-journal.h
index 00237a2..d5fd46e 100644
--- a/src/systemd/sd-journal.h
+++ b/src/systemd/sd-journal.h
@@ -138,6 +138,9 @@ int sd_journal_reliable_fd(sd_journal *j);
 int sd_journal_get_catalog(sd_journal *j, char **text);
 int sd_journal_get_catalog_for_message_id(sd_id128_t id, char **text);
+int sd_journal_has_runtime_files(sd_journal *j);
+int sd_journal_has_persistent_files(sd_journal *j);
+
 /* the inverse condition avoids ambiguity of danling 'else' after the macro */
 #define SD_JOURNAL_FOREACH(j)                                           \
         if (sd_journal_seek_head(j) < 0) { }                            \
SOURCES/0279-journalctl-improve-error-messages-when-the-specified.patch
New file
@@ -0,0 +1,31 @@
From 046d996001c0b3fe34d34683e55f62481a5af932 Mon Sep 17 00:00:00 2001
From: Jan Synacek <jsynacek@redhat.com>
Date: Mon, 1 Feb 2016 09:29:02 +0100
Subject: [PATCH] journalctl: improve error messages when the specified boot is
 not found
Cherry-picked from: c34e939909710bf124e7741c3648592a30418ffd
Resolves: #1082179
---
 src/journal/journalctl.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index 7058788..964f849 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -1090,10 +1090,11 @@ static int add_boot(sd_journal *j) {
                 const char *reason = (r == 0) ? "No such boot ID in journal" : strerror(-r);
                 if (sd_id128_is_null(arg_boot_id))
-                        log_error("Failed to look up boot %+i: %s", arg_boot_offset, reason);
+                        log_error("Data from the specified boot (%+i) is not available: %s",
+                                  arg_boot_offset, reason);
                 else
-                        log_error("Failed to look up boot ID "SD_ID128_FORMAT_STR"%+i: %s",
-                                  SD_ID128_FORMAT_VAL(arg_boot_id), arg_boot_offset, reason);
+                        log_error("Data from the specified boot ("SD_ID128_FORMAT_STR") is not available: %s",
+                                  SD_ID128_FORMAT_VAL(arg_boot_id), reason);
                 return r == 0 ? -ENODATA : r;
         }
SOURCES/0280-journalctl-show-friendly-info-when-using-b-on-runtim.patch
New file
@@ -0,0 +1,33 @@
From a932c70a76846aa7dbb4b783291b44bfc8cbd76c Mon Sep 17 00:00:00 2001
From: Jan Synacek <jsynacek@redhat.com>
Date: Mon, 1 Feb 2016 09:25:22 +0100
Subject: [PATCH] journalctl: show friendly info when using -b on runtime
 journal only
Make it clear that specifing boot when there is actually only one has no
effect. This cosmetic patch improves user experience a bit.
Cherry-picked from: 0f1a9a830c87d8accdc3a44d0a93ad343e52a7bd
Resolves: #1082179
---
 src/journal/journalctl.c | 7 +++++++
 1 file changed, 7 insertions(+)
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index 964f849..836d7d2 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -1905,6 +1905,13 @@ int main(int argc, char *argv[]) {
                 goto finish;
         }
+        if (arg_boot_offset != 0 &&
+            sd_journal_has_runtime_files(j) > 0 &&
+            sd_journal_has_persistent_files(j) == 0) {
+                log_info("Specifying boot ID has no effect, no persistent journal was found");
+                r = 0;
+                goto finish;
+        }
         /* add_boot() must be called first!
          * It may need to seek the journal to find parent boot IDs. */
         r = add_boot(j);
SOURCES/0281-journalctl-make-journalctl-dev-sda-work.patch
New file
@@ -0,0 +1,206 @@
From 1c33de9e1370bc56e10f3b5306e27c8aa6a18873 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 1 Feb 2016 10:44:58 +0100
Subject: [PATCH] journalctl: make "journalctl /dev/sda" work
Currently when journalctl is called with path to block device node we
add following match _KERNEL_DEVICE=b$MAJOR:$MINOR.
That is not sufficient to actually obtain logs about the disk because
dev_printk() kernel helper puts to /dev/kmsg information about the
device in following format, +$SUBSYSTEM:$ADDRESS,
e.g. "+pci:pci:0000:00:14.0".
Now we will walk upward the syspath and add match for every device in
format produced by dev_printk() as well as match for its device node if
it exists.
Cherry-picked from: 795ab08f783e78e85f1493879f13ac44cb113b00
Resolves: #947636
---
 Makefile.am              |   3 +-
 src/journal/journalctl.c | 118 ++++++++++++++++++++++++++++++++++++++---------
 2 files changed, 97 insertions(+), 24 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 2645f66..2559376 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -4245,7 +4245,8 @@ journalctl_LDADD = \
     libsystemd-journal-internal.la \
     libsystemd-internal.la \
     libsystemd-logs.la \
-    libsystemd-shared.la
+    libsystemd-shared.la \
+    libudev-core.la
 if HAVE_ACL
 journalctl_LDADD += \
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index 836d7d2..3db1cd2 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -63,6 +63,8 @@
 #include "mkdir.h"
 #include "bus-util.h"
 #include "bus-error.h"
+#include "udev.h"
+#include "udev-util.h"
 #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
@@ -134,6 +136,80 @@ typedef struct boot_id_t {
         LIST_FIELDS(struct boot_id_t, boot_list);
 } boot_id_t;
+static int add_matches_for_device(sd_journal *j, const char *devpath) {
+        int r;
+        _cleanup_udev_unref_ struct udev *udev = NULL;
+        _cleanup_udev_device_unref_ struct udev_device *device = NULL;
+        struct udev_device *d = NULL;
+        struct stat st;
+
+        assert(j);
+        assert(devpath);
+
+        if (!path_startswith(devpath, "/dev/")) {
+                log_error("Devpath does not start with /dev/");
+                return -EINVAL;
+        }
+
+        udev = udev_new();
+        if (!udev)
+                return log_oom();
+
+        r = stat(devpath, &st);
+        if (r < 0)
+                log_error_errno(errno, "Couldn't stat file: %m");
+
+        d = device = udev_device_new_from_devnum(udev, S_ISBLK(st.st_mode) ? 'b' : 'c', st.st_rdev);
+        if (!device)
+                return log_error_errno(errno, "Failed to get udev device from devnum %u:%u: %m", major(st.st_rdev), minor(st.st_rdev));
+
+        while (d) {
+                _cleanup_free_ char *match = NULL;
+                const char *subsys, *sysname, *devnode;
+
+                subsys = udev_device_get_subsystem(d);
+                if (!subsys) {
+                        d = udev_device_get_parent(d);
+                        continue;
+                }
+
+                sysname = udev_device_get_sysname(d);
+                if (!sysname) {
+                        d = udev_device_get_parent(d);
+                        continue;
+                }
+
+                match = strjoin("_KERNEL_DEVICE=+", subsys, ":", sysname, NULL);
+                if (!match)
+                        return log_oom();
+
+                r = sd_journal_add_match(j, match, 0);
+                if (r < 0)
+                        return log_error_errno(r, "Failed to add match: %m");
+
+                devnode = udev_device_get_devnode(d);
+                if (devnode) {
+                        _cleanup_free_ char *match1 = NULL;
+
+                        r = stat(devnode, &st);
+                        if (r < 0)
+                                return log_error_errno(r, "Failed to stat() device node \"%s\": %m", devnode);
+
+                        r = asprintf(&match1, "_KERNEL_DEVICE=%c%u:%u", S_ISBLK(st.st_mode) ? 'b' : 'c', major(st.st_rdev), minor(st.st_rdev));
+                        if (r < 0)
+                                return log_oom();
+
+                        r = sd_journal_add_match(j, match1, 0);
+                        if (r < 0)
+                                return log_error_errno(r, "Failed to add match: %m");
+                }
+
+                d = udev_device_get_parent(d);
+        }
+
+        return 0;
+}
+
 static void pager_open_if_enabled(void) {
         if (arg_no_pager)
@@ -788,13 +864,12 @@ static int add_matches(sd_journal *j, char **args) {
                         have_term = false;
                 } else if (path_is_absolute(*i)) {
-                        _cleanup_free_ char *p, *t = NULL, *t2 = NULL;
+                        _cleanup_free_ char *p, *t = NULL, *t2 = NULL, *interpreter = NULL;
                         const char *path;
-                        _cleanup_free_ char *interpreter = NULL;
                         struct stat st;
                         p = canonicalize_file_name(*i);
-                        path = p ? p : *i;
+                        path = p ?: *i;
                         if (stat(path, &st) < 0)
                                 return log_error_errno(errno, "Couldn't stat file: %m");
@@ -808,40 +883,37 @@ static int add_matches(sd_journal *j, char **args) {
                                                 return log_oom();
                                         t = strappend("_COMM=", comm);
+                                        if (!t)
+                                                return log_oom();
                                         /* Append _EXE only if the interpreter is not a link.
                                            Otherwise, it might be outdated often. */
-                                        if (lstat(interpreter, &st) == 0 &&
-                                            !S_ISLNK(st.st_mode)) {
+                                        if (lstat(interpreter, &st) == 0 && !S_ISLNK(st.st_mode)) {
                                                 t2 = strappend("_EXE=", interpreter);
                                                 if (!t2)
                                                         return log_oom();
                                         }
-                                } else
+                                } else {
                                         t = strappend("_EXE=", path);
-                        } else if (S_ISCHR(st.st_mode)) {
-                                if (asprintf(&t, "_KERNEL_DEVICE=c%u:%u",
-                                             major(st.st_rdev),
-                                             minor(st.st_rdev)) < 0)
-                                        return -ENOMEM;
-                        } else if (S_ISBLK(st.st_mode)) {
-                                if (asprintf(&t, "_KERNEL_DEVICE=b%u:%u",
-                                             major(st.st_rdev),
-                                             minor(st.st_rdev)) < 0)
-                                        return -ENOMEM;
+                                        if (!t)
+                                                return log_oom();
+                                }
+
+                                r = sd_journal_add_match(j, t, 0);
+
+                                if (r >=0 && t2)
+                                        r = sd_journal_add_match(j, t2, 0);
+
+                        } else if (S_ISCHR(st.st_mode) || S_ISBLK(st.st_mode)) {
+                                r = add_matches_for_device(j, path);
+                                if (r < 0)
+                                        return r;
                         } else {
                                 log_error("File is neither a device node, nor regular file, nor executable: %s", *i);
                                 return -EINVAL;
                         }
-                        if (!t)
-                                return log_oom();
-
-                        r = sd_journal_add_match(j, t, 0);
-                        if (t2)
-                                r = sd_journal_add_match(j, t2, 0);
                         have_term = true;
-
                 } else {
                         r = sd_journal_add_match(j, *i, 0);
                         have_term = true;
SOURCES/0282-journalctl-add-match-for-the-current-boot-when-calle.patch
New file
@@ -0,0 +1,27 @@
From fb7acf90df3d675261b18f8e7c2de315dadee756 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 3 Feb 2016 11:22:52 +0100
Subject: [PATCH] journalctl: add match for the current boot when called with
 devpath
Cherry-picked from: 485fd9a7b9d59b9f2302a873f7ee5ccac256dd93
Related: #947636
---
 src/journal/journalctl.c | 4 ++++
 1 file changed, 4 insertions(+)
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index 3db1cd2..6948ed6 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -207,6 +207,10 @@ static int add_matches_for_device(sd_journal *j, const char *devpath) {
                 d = udev_device_get_parent(d);
         }
+        r = add_match_this_boot(j, arg_machine);
+        if (r < 0)
+                return log_error_errno(r, "Failed to add match for the current boot: %m");
+
         return 0;
 }
SOURCES/0283-man-clarify-what-happens-when-journalctl-is-called-w.patch
New file
@@ -0,0 +1,33 @@
From a4f12d4849daed23651ab3c23b5ff830aa32b2a0 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 3 Feb 2016 10:38:29 +0100
Subject: [PATCH] man: clarify what happens when journalctl is called with
 devpath
Cherry-picked from: 3cea8e06e45fc1757de8f74da29fb5fb181db4eb
Related: #947636
---
 man/journalctl.xml | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/man/journalctl.xml b/man/journalctl.xml
index 2764f66..0981fba 100644
--- a/man/journalctl.xml
+++ b/man/journalctl.xml
@@ -91,8 +91,14 @@
       paths may be specified. If a file path refers to an executable
       file, this is equivalent to an <literal>_EXE=</literal> match
       for the canonicalized binary path. Similarly, if a path refers
-      to a device node, this is equivalent to a
-      <literal>_KERNEL_DEVICE=</literal> match for the device.</para>
+      to a device node then match is added for the kernel name of the
+      device (<literal>_KERNEL_DEVICE=</literal>). Also, matches for the
+      kernel names of all the parent devices are added automatically.
+      Device node paths are not stable across reboots, therefore match
+      for the current boot id (<literal>_BOOT_ID=</literal>) is
+      always added as well. Note that only the log entries for
+      the existing device nodes maybe queried by providing path to
+      the device node.</para>
       <para>Additional constraints may be added using options
       <option>--boot</option>, <option>--unit=</option>, etc, to
SOURCES/0284-core-downgrade-warning-about-duplicate-device-names.patch
New file
@@ -0,0 +1,26 @@
From ad2cedec3cf3e6ddefd70d9f3dece3ca837676cf Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 23 Apr 2015 13:50:01 +0200
Subject: [PATCH] core: downgrade warning about duplicate device names
http://lists.freedesktop.org/archives/systemd-devel/2015-April/031094.html
Cherry-picked from: 5259bcf6a638d8d489db1ddefd55327aa15f3e51
Resolves: #1296249
---
 src/core/device.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/device.c b/src/core/device.c
index 8a6855d..1995e3c 100644
--- a/src/core/device.c
+++ b/src/core/device.c
@@ -317,7 +317,7 @@ static int device_setup_unit(Manager *m, struct udev_device *dev, const char *pa
         if (u &&
             DEVICE(u)->sysfs &&
             !path_equal(DEVICE(u)->sysfs, sysfs)) {
-                log_unit_error(u->id, "Device %s appeared twice with different sysfs paths %s and %s", e, DEVICE(u)->sysfs, sysfs);
+                log_unit_debug(u->id, "Device %s appeared twice with different sysfs paths %s and %s", e, DEVICE(u)->sysfs, sysfs);
                 return -EEXIST;
         }
SOURCES/0285-udev-downgrade-a-few-warnings-to-debug-messages.patch
New file
@@ -0,0 +1,44 @@
From 95a6f0f1b2a24e40380af5db1797ee60c8763ca2 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 14 Apr 2015 15:48:26 +0200
Subject: [PATCH] udev: downgrade a few warnings to debug messages
https://bugs.freedesktop.org/show_bug.cgi?id=89885
Cherry-picked from: 8d8ce9e2
Resolves: #1289461
---
 src/udev/udev-builtin-blkid.c  | 2 +-
 src/udev/udev-builtin-usb_id.c | 6 ++----
 2 files changed, 3 insertions(+), 5 deletions(-)
diff --git a/src/udev/udev-builtin-blkid.c b/src/udev/udev-builtin-blkid.c
index 8999583..2b2c3da 100644
--- a/src/udev/udev-builtin-blkid.c
+++ b/src/udev/udev-builtin-blkid.c
@@ -263,7 +263,7 @@ static int builtin_blkid(struct udev_device *dev, int argc, char *argv[], bool t
         fd = open(udev_device_get_devnode(dev), O_RDONLY|O_CLOEXEC);
         if (fd < 0) {
-                fprintf(stderr, "error: %s: %m\n", udev_device_get_devnode(dev));
+                err = log_debug_errno(errno, "Failure opening block device %s: %m", udev_device_get_devnode(dev));
                 goto out;
         }
diff --git a/src/udev/udev-builtin-usb_id.c b/src/udev/udev-builtin-usb_id.c
index ab0d96e..64b763c 100644
--- a/src/udev/udev-builtin-usb_id.c
+++ b/src/udev/udev-builtin-usb_id.c
@@ -168,10 +168,8 @@ static int dev_if_packed_info(struct udev_device *dev, char *ifs_str, size_t len
                 return log_oom();
         fd = open(filename, O_RDONLY|O_CLOEXEC);
-        if (fd < 0) {
-                fprintf(stderr, "error opening USB device 'descriptors' file\n");
-                return -errno;
-        }
+        if (fd < 0)
+                return log_debug_errno(errno, "Error opening USB device 'descriptors' file: %m");
         size = read(fd, buf, sizeof(buf));
         if (size < 18 || size == sizeof(buf))
SOURCES/0286-man-LEVEL-in-systemd-analyze-set-log-level-is-not-op.patch
New file
@@ -0,0 +1,26 @@
From ffe00d391c0cfc52897820bb19c6a0b8a43680d8 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 5 Oct 2015 12:19:13 +0200
Subject: [PATCH] man: LEVEL in systemd-analyze set-log level is not optional
rhbz#1268336
Cherry-picked from: 62b29f83cdd3059fda5bf5d2e098293f6dccf863
Resolves: #1268336
---
 man/systemd-analyze.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/man/systemd-analyze.xml b/man/systemd-analyze.xml
index b2e0f42..e58d9a7 100644
--- a/man/systemd-analyze.xml
+++ b/man/systemd-analyze.xml
@@ -93,7 +93,7 @@
       <command>systemd-analyze</command>
       <arg choice="opt" rep="repeat">OPTIONS</arg>
       <arg choice="plain">set-log-level</arg>
-      <arg choice="opt"><replaceable>LEVEL</replaceable></arg>
+      <arg choice="plain"><replaceable>LEVEL</replaceable></arg>
     </cmdsynopsis>
     <cmdsynopsis>
       <command>systemd-analyze</command>
SOURCES/0287-Revert-udev-fibre-channel-fix-NPIV-support.patch
File was renamed from SOURCES/0271-Revert-udev-fibre-channel-fix-NPIV-support.patch
@@ -1,4 +1,4 @@
From 3b9db589b168cef9c07ad63c8cc06950844bfd5b Mon Sep 17 00:00:00 2001
From 4c895cb7bbb307f3c865d9a37f448605797d2b42 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 29 Feb 2016 16:33:38 +0100
Subject: [PATCH] Revert "udev: fibre channel: fix NPIV support"
SOURCES/0288-udev-path-id-fibre-channel-NPIV-use-fc_vport-s-port_.patch
File was renamed from SOURCES/0272-udev-path-id-fibre-channel-NPIV-use-fc_vport-s-port_.patch
@@ -1,4 +1,4 @@
From 77314a3851676724fa018d76a4136fba059082d4 Mon Sep 17 00:00:00 2001
From 05004e584a76645dcbcaaa4d5c2d3d3255900770 Mon Sep 17 00:00:00 2001
From: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>
Date: Tue, 23 Feb 2016 15:02:02 -0300
Subject: [PATCH] udev: path-id: fibre channel NPIV - use fc_vport's port_name
SOURCES/0289-systemctl-is-active-failed-should-return-0-if-at-lea.patch
New file
@@ -0,0 +1,45 @@
From f3b1b4ae42a2d0d6383c6587a842418abad645a9 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 25 Jan 2016 15:21:28 +0100
Subject: [PATCH] systemctl: is-active/failed should return 0 if at least one
 unit is in given state
Previously we have return the not-found code, in the case that we found a
unit which does not belong to set active (resp. failed), which is the
opposite than what is written in man page.
Cherry-picked from: d60f6ad0cb690d920b8acbfb545bad29554609f1
Resolves: #1254650
---
 src/systemctl/systemctl.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
index 5d3a85f..bf5bb39 100644
--- a/src/systemctl/systemctl.c
+++ b/src/systemctl/systemctl.c
@@ -3002,6 +3002,7 @@ static int check_unit_generic(sd_bus *bus, int code, const char *good_states, ch
         _cleanup_strv_free_ char **names = NULL;
         char **name;
         int r;
+        bool found = false;
         assert(bus);
         assert(args);
@@ -3016,11 +3017,13 @@ static int check_unit_generic(sd_bus *bus, int code, const char *good_states, ch
                 state = check_one_unit(bus, *name, good_states, arg_quiet);
                 if (state < 0)
                         return state;
-                if (state == 0)
-                        r = code;
+                if (state > 0)
+                        found = true;
         }
-        return r;
+        /* use the given return code for the case that we won't find
+         * any unit which matches the list */
+        return found ? 0 : code;
 }
 static int check_unit_active(sd_bus *bus, char **args) {
SOURCES/0290-rules-set-SYSTEMD_READY-0-on-DM_UDEV_DISABLE_OTHER_R.patch
File was renamed from SOURCES/0273-rules-set-SYSTEMD_READY-0-on-DM_UDEV_DISABLE_OTHER_R.patch
@@ -1,4 +1,4 @@
From 92f17bb12a37fe9deb0868ef8c4a43696319e72e Mon Sep 17 00:00:00 2001
From d77ced281c6d1f47b5dfc3abff6817d8f5756af9 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Thu, 25 Feb 2016 15:15:04 +0100
Subject: [PATCH] rules: set SYSTEMD_READY=0 on
@@ -13,7 +13,6 @@
See https://bugzilla.redhat.com/show_bug.cgi?id=1312011
RHEL-only
Cherry-picked from: 83a3642f617975d596b5001b1699c3d16773a6e5
Resolves: #1312011
---
SOURCES/0291-s390-add-personality-support.patch
New file
@@ -0,0 +1,109 @@
From 9435bd3d692c7b07e527b6a616018fa5620502e2 Mon Sep 17 00:00:00 2001
From: Hendrik Brueckner <brueckner@linux.vnet.ibm.com>
Date: Thu, 24 Sep 2015 12:47:22 +0200
Subject: [PATCH] s390: add personality support
Introduce personality support for Linux on z Systems to run
particular services with a 64-bit or 31-bit personality.
Cherry-picked from: 7517f51ef9921d3360453c8eec2c97256d320ceb
Resolves: #1300344
---
 Makefile.am                        |  1 +
 src/shared/util.c                  | 27 +++++++++++++++++++++++++++
 src/test/test-execute.c            |  8 ++++++--
 test/exec-personality-s390.service |  7 +++++++
 4 files changed, 41 insertions(+), 2 deletions(-)
 create mode 100644 test/exec-personality-s390.service
diff --git a/Makefile.am b/Makefile.am
index 2559376..3af720b 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1483,6 +1483,7 @@ EXTRA_DIST += \
     test/exec-ignoresigpipe-yes.service \
     test/exec-personality-x86-64.service \
     test/exec-personality-x86.service \
+    test/exec-personality-s390.service \
     test/exec-privatedevices-no.service \
     test/exec-privatedevices-yes.service \
     test/exec-privatetmp-no.service \
diff --git a/src/shared/util.c b/src/shared/util.c
index dc51852..a24aa7f 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -6748,6 +6748,19 @@ unsigned long personality_from_string(const char *p) {
         if (streq(p, "x86"))
                 return PER_LINUX;
+
+#elif defined(__s390x__)
+
+        if (streq(p, "s390"))
+                return PER_LINUX32;
+
+        if (streq(p, "s390x"))
+                return PER_LINUX;
+
+#elif defined(__s390__)
+
+        if (streq(p, "s390"))
+                return PER_LINUX;
 #endif
         /* personality(7) documents that 0xffffffffUL is used for
@@ -6770,6 +6783,20 @@ const char* personality_to_string(unsigned long p) {
         if (p == PER_LINUX)
                 return "x86";
+
+#elif defined(__s390x__)
+
+        if (p == PER_LINUX)
+                return "s390x";
+
+        if (p == PER_LINUX32)
+                return "s390";
+
+#elif defined(__s390__)
+
+        if (p == PER_LINUX)
+                return "s390";
+
 #endif
         return NULL;
diff --git a/src/test/test-execute.c b/src/test/test-execute.c
index 91ccaf7..00f3607 100644
--- a/src/test/test-execute.c
+++ b/src/test/test-execute.c
@@ -77,10 +77,14 @@ static void test_exec_workingdirectory(Manager *m) {
 }
 static void test_exec_personality(Manager *m) {
-        test(m, "exec-personality-x86.service", 0, CLD_EXITED);
-
 #if defined(__x86_64__)
         test(m, "exec-personality-x86-64.service", 0, CLD_EXITED);
+
+#elif defined(__s390__)
+        test(m, "exec-personality-s390.service", 0, CLD_EXITED);
+
+#else
+        test(m, "exec-personality-x86.service", 0, CLD_EXITED);
 #endif
 }
diff --git a/test/exec-personality-s390.service b/test/exec-personality-s390.service
new file mode 100644
index 0000000..f3c3b03
--- /dev/null
+++ b/test/exec-personality-s390.service
@@ -0,0 +1,7 @@
+[Unit]
+Description=Test for Personality=s390
+
+[Service]
+ExecStart=/bin/sh -c 'echo $(uname -m); exit $(test $(uname -m) = "s390")'
+Type=oneshot
+Personality=s390
SOURCES/0292-socket_address_listen-do-not-rely-on-errno.patch
New file
@@ -0,0 +1,34 @@
From 2ae0271ada810c06c12755699f0db955fc51061d Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Thu, 10 Mar 2016 10:19:56 +0100
Subject: [PATCH] socket_address_listen - do not rely on errno
Currently socket_address_listen() calls mac_selinux_bind() to bind a UNIX
socket and checks its return value and errno for EADDRINUSE. This is not
correct. When there's an SELinux context change made for the new socket,
bind() is not the last function called in mac_selinux_bind(). In that
case the last call is setfscreatecon() from libselinux which can change
errno as it uses access() to check if /proc/thread-self is available.
It fails on kernels before 3.17 and errno is set to ENOENT.
It's safe to check only the return value at it's set to -errno.
Cherry-picked from: a0c9496cc826957fe0f3926f619e073f17a9ab4d
Resolves: #1316452
---
 src/shared/socket-label.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/shared/socket-label.c b/src/shared/socket-label.c
index a6289eb..713e71b 100644
--- a/src/shared/socket-label.c
+++ b/src/shared/socket-label.c
@@ -119,7 +119,7 @@ int socket_address_listen(
                 r = mac_selinux_bind(fd, &a->sockaddr.sa, a->size);
-                if (r < 0 && errno == EADDRINUSE) {
+                if (r == -EADDRINUSE) {
                         /* Unlink and try again */
                         unlink(a->sockaddr.un.sun_path);
                         r = bind(fd, &a->sockaddr.sa, a->size);
SOURCES/0293-path_id-reintroduce-by-path-links-for-virtio-block-d.patch
New file
@@ -0,0 +1,48 @@
From b6fea1a0e0fd830e1aa82accf389cb8bfd0f0f37 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Tue, 9 Feb 2016 09:57:45 +0100
Subject: [PATCH] path_id: reintroduce by-path links for virtio block devices
Enumeration of virtio buses is global and hence
non-deterministic. However, we are guaranteed there is never going to be
more than one virtio bus per parent PCI device. While populating
ID_PATH we simply skip virtio part of the syspath and we extend the path
using the sysname of the parent PCI device.
With this patch udev creates following by-path links for virtio-blk
device /dev/vda which contains two partitions.
ls -l /dev/disk/by-path/
total 0
lrwxrwxrwx 1 root root  9 Feb  9 10:47 virtio-pci-0000:00:05.0 -> ../../vda
lrwxrwxrwx 1 root root 10 Feb  9 10:47 virtio-pci-0000:00:05.0-part1 -> ../../vda1
lrwxrwxrwx 1 root root 10 Feb  9 10:47 virtio-pci-0000:00:05.0-part2 -> ../../vda2
See:
http://lists.linuxfoundation.org/pipermail/virtualization/2015-August/030328.html
Fixes #2501
Cherry-picked from: f073b1b3c0f4f0df1b0bd61042ce85fb5d27d407
Resolves: #952567
---
 src/udev/udev-builtin-path_id.c | 6 ++++++
 1 file changed, 6 insertions(+)
diff --git a/src/udev/udev-builtin-path_id.c b/src/udev/udev-builtin-path_id.c
index 3b72922..8359e23 100644
--- a/src/udev/udev-builtin-path_id.c
+++ b/src/udev/udev-builtin-path_id.c
@@ -698,6 +698,12 @@ restart:
                         path_prepend(&path, "xen-%s", udev_device_get_sysname(parent));
                         parent = skip_subsystem(parent, "xen");
                         supported_parent = true;
+                } else if (streq(subsys, "virtio")) {
+                        while (parent && streq_ptr("virtio", udev_device_get_subsystem(parent)))
+                                parent = udev_device_get_parent(parent);
+                        path_prepend(&path, "virtio-pci-%s", udev_device_get_sysname(parent));
+                        supported_transport = true;
+                        supported_parent = true;
                 } else if (streq(subsys, "scm")) {
                         path_prepend(&path, "scm-%s", udev_device_get_sysname(parent));
                         parent = skip_subsystem(parent, "scm");
SOURCES/0294-journal-fix-error-handling-when-compressing-journal-.patch
File was renamed from SOURCES/0275-journal-fix-error-handling-when-compressing-journal-.patch
@@ -1,4 +1,4 @@
From 4c82b9247b29f31814e7ee5f77c745db659e27ac Mon Sep 17 00:00:00 2001
From f45b66a348f5778bd391ad1b0a0e09bf5789b415 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Sat, 24 Oct 2015 13:17:54 +0200
Subject: [PATCH] journal: fix error handling when compressing journal objects
SOURCES/0295-journal-irrelevant-coding-style-fixes.patch
File was renamed from SOURCES/0276-journal-irrelevant-coding-style-fixes.patch
@@ -1,4 +1,4 @@
From 8368db3b100bd587c580d5ed2561390c5ed76a8c Mon Sep 17 00:00:00 2001
From d205f5f85569e2dddca96362ce2db4e2a0b99d00 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Sat, 24 Oct 2015 15:08:15 +0200
Subject: [PATCH] journal: irrelevant coding style fixes
SOURCES/0296-install-follow-unit-file-symlinks-in-usr-but-not-etc.patch
New file
Diff too large
SOURCES/0297-core-look-for-instance-when-processing-template-name.patch
New file
@@ -0,0 +1,41 @@
From 0e6ec33b5e8c8790e60d1b79801dc360dad010d3 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 16 Mar 2016 15:47:18 +0100
Subject: [PATCH] core: look for instance when processing template name
If first attempt to merge units failed and we are trying to do
merge the other way around and at the same time we are working with
template name, then other unit can't possibly be template, because it is
not possible to have template unit running, only instances of the
template. Thus we need to look for already active instance instead.
rhel-only (upstream review pending)
Related: #1159308
---
 src/core/load-fragment.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index 70c0918..b188ec9 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -3472,8 +3472,17 @@ static int merge_by_names(Unit **u, Set *names, const char *id) {
                         /* Hmm, we couldn't merge the other unit into
                          * ours? Then let's try it the other way
                          * round */
+                        if (unit_name_is_template(k) && (*u)->instance) {
+                                _cleanup_free_ char *instance = NULL;
+
+                                instance = unit_name_replace_instance(k, (*u)->instance);
+                                if(!instance)
+                                        return -ENOMEM;
+                                other = manager_get_unit((*u)->manager, instance);
+
+                        } else
+                                other = manager_get_unit((*u)->manager, k);
-                        other = manager_get_unit((*u)->manager, k);
                         free(k);
                         if (other) {
SOURCES/0298-core-improve-error-message-when-starting-template-wi.patch
New file
@@ -0,0 +1,30 @@
From 9b33863a2cfa31bbe57bab685776b64731f528f1 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Wed, 30 Mar 2016 13:49:50 +0200
Subject: [PATCH] core: improve error message when starting template without
 instance
Cherry-picked from: 5d512d54429aa9d2f4a0ca215bb2e982db720d6b
Resolves: #1142369
---
 src/core/manager.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index bde17ce..bb50503 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1328,8 +1328,12 @@ int manager_load_unit_prepare(
         t = unit_name_to_type(name);
-        if (t == _UNIT_TYPE_INVALID || !unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
+        if (t == _UNIT_TYPE_INVALID || !unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE)) {
+                if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE))
+                        return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is missing the instance name.", name);
+
                 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is not valid.", name);
+        }
         ret = manager_get_unit(m, name);
         if (ret) {
SOURCES/0299-man-tmpfiles.d-add-note-about-permissions-and-owners.patch
New file
@@ -0,0 +1,28 @@
From b0edbac36cd75bfd5624f20884043553da14ced2 Mon Sep 17 00:00:00 2001
From: Jan Synacek <jsynacek@redhat.com>
Date: Wed, 13 Jan 2016 08:41:54 +0100
Subject: [PATCH] man/tmpfiles.d: add note about permissions and ownership of
 symlinks
...because this is might not be obvious.
Cherry-picked from: b908bb63c41eaf3c44004b6b737d105c39df2075
Resolves: #1296288
---
 man/tmpfiles.d.xml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml
index 9b4e11c..fc1fe13 100644
--- a/man/tmpfiles.d.xml
+++ b/man/tmpfiles.d.xml
@@ -187,7 +187,8 @@
           be removed and be replaced by the symlink. If the argument
           is omitted, symlinks to files with the same name residing in
           the directory <filename>/usr/share/factory/</filename> are
-          created.</para></listitem>
+          created. Note that permissions and ownership on symlinks
+          are ignored.</para></listitem>
         </varlistentry>
         <varlistentry>
SOURCES/0300-tmpfiles-don-t-follow-symlinks-when-adjusting-ACLs-f.patch
New file
@@ -0,0 +1,185 @@
From 595a93d716680715a751737ec2f87b06ea582763 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 13 Apr 2015 15:16:54 +0200
Subject: [PATCH] tmpfiles: don't follow symlinks when adjusting ACLs, fille
 attributes, access modes or ownership
Cherry-picked from: 48b8aaa82724bc2d8440470f414fb0d2416f29c
Resolves: #1296288
---
 src/tmpfiles/tmpfiles.c | 112 ++++++++++++++++++++++++++++++++----------------
 1 file changed, 74 insertions(+), 38 deletions(-)
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
index d0e6567..64c733a 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -570,51 +570,69 @@ finish:
 }
 static int path_set_perms(Item *i, const char *path) {
+        _cleanup_close_ int fd = -1;
         struct stat st;
-        bool st_valid;
         assert(i);
         assert(path);
-        st_valid = stat(path, &st) == 0;
+        /* We open the file with O_PATH here, to make the operation
+         * somewhat atomic. Also there's unfortunately no fchmodat()
+         * with AT_SYMLINK_NOFOLLOW, hence we emulate it here via
+         * O_PATH. */
+
+        fd = open(path, O_RDONLY|O_NOFOLLOW|O_CLOEXEC|O_PATH|O_NOATIME);
+        if (fd < 0)
+                return log_error_errno(errno, "Adjusting owner and mode for %s failed: %m", path);
+
+        if (fstatat(fd, "", &st, AT_EMPTY_PATH) < 0)
+                return log_error_errno(errno, "Failed to fstat() file %s: %m", path);
+
+        if (S_ISLNK(st.st_mode))
+                log_debug("Skipping mode an owner fix for symlink %s.", path);
+        else {
+                char fn[strlen("/proc/self/fd/") + DECIMAL_STR_MAX(int)];
+                xsprintf(fn, "/proc/self/fd/%i", fd);
-        /* not using i->path directly because it may be a glob */
-        if (i->mode_set) {
-                mode_t m = i->mode;
+                /* not using i->path directly because it may be a glob */
+                if (i->mode_set) {
+                        mode_t m = i->mode;
-                if (i->mask_perms && st_valid) {
-                        if (!(st.st_mode & 0111))
-                                m &= ~0111;
-                        if (!(st.st_mode & 0222))
+                        if (i->mask_perms) {
+                                if (!(st.st_mode & 0111))
+                                        m &= ~0111;
+                                if (!(st.st_mode & 0222))
                                 m &= ~0222;
-                        if (!(st.st_mode & 0444))
-                                m &= ~0444;
-                        if (!S_ISDIR(st.st_mode))
-                                m &= ~07000; /* remove sticky/sgid/suid bit, unless directory */
-                }
+                                if (!(st.st_mode & 0444))
+                                        m &= ~0444;
+                                if (!S_ISDIR(st.st_mode))
+                                        m &= ~07000; /* remove sticky/sgid/suid bit, unless directory */
+                        }
-                if (st_valid && m == (st.st_mode & 07777))
-                        log_debug("\"%s\" has right mode %o", path, st.st_mode);
-                else {
-                        log_debug("chmod \"%s\" to mode %o", path, m);
-                        if (chmod(path, m) < 0)
-                                return log_error_errno(errno, "chmod(%s) failed: %m", path);
+                        if (m == (st.st_mode & 07777))
+                                log_debug("\"%s\" has right mode %o", path, st.st_mode);
+                        else {
+                                log_debug("chmod \"%s\" to mode %o", path, m);
+                                if (chmod(fn, m) < 0)
+                                        return log_error_errno(errno, "chmod(%s) failed: %m", path);
+                        }
                 }
-        }
-
-        if ((!st_valid || i->uid != st.st_uid || i->gid != st.st_gid) &&
-            (i->uid_set || i->gid_set)) {
-                log_debug("chown \"%s\" to "UID_FMT"."GID_FMT,
-                          path,
-                          i->uid_set ? i->uid : UID_INVALID,
-                          i->gid_set ? i->gid : GID_INVALID);
-                if (chown(path,
-                          i->uid_set ? i->uid : UID_INVALID,
-                          i->gid_set ? i->gid : GID_INVALID) < 0)
+                if ((i->uid != st.st_uid || i->gid != st.st_gid) &&
+                    (i->uid_set || i->gid_set)) {
+                        log_debug("chown \"%s\" to "UID_FMT"."GID_FMT,
+                                  path,
+                                  i->uid_set ? i->uid : UID_INVALID,
+                                  i->gid_set ? i->gid : GID_INVALID);
+                        if (chown(fn,
+                                  i->uid_set ? i->uid : UID_INVALID,
+                                  i->gid_set ? i->gid : GID_INVALID) < 0)
                         return log_error_errno(errno, "chown(%s) failed: %m", path);
+                }
         }
+        fd = safe_close(fd);
+
         return label_fix(path, false, false);
 }
@@ -699,10 +717,10 @@ static int get_acls_from_arg(Item *item) {
 }
 #ifdef HAVE_ACL
-static int path_set_acl(const char *path, acl_type_t type, acl_t acl, bool modify) {
+static int path_set_acl(const char *path, const char *pretty, acl_type_t type, acl_t acl, bool modify) {
+        _cleanup_(acl_free_charpp) char *t = NULL;
         _cleanup_(acl_freep) acl_t dup = NULL;
         int r;
-        _cleanup_(acl_free_charpp) char *t = NULL;
         /* Returns 0 for success, positive error if already warned,
          * negative error otherwise. */
@@ -728,16 +746,16 @@ static int path_set_acl(const char *path, acl_type_t type, acl_t acl, bool modif
                 return r;
         t = acl_to_any_text(dup, NULL, ',', TEXT_ABBREVIATE);
-        log_debug("\"%s\": setting %s ACL \"%s\"", path,
+        log_debug("Setting %s ACL %s on %s.",
                   type == ACL_TYPE_ACCESS ? "access" : "default",
-                  strna(t));
+                  strna(t), pretty);
         r = acl_set_file(path, type, dup);
         if (r < 0)
                 return -log_error_errno(errno,
                                         "Setting %s ACL \"%s\" on %s failed: %m",
                                         type == ACL_TYPE_ACCESS ? "access" : "default",
-                                        strna(t), path);
+                                        strna(t), pretty);
         return 0;
 }
@@ -746,14 +764,32 @@ static int path_set_acl(const char *path, acl_type_t type, acl_t acl, bool modif
 static int path_set_acls(Item *item, const char *path) {
         int r = 0;
 #ifdef HAVE_ACL
+        char fn[strlen("/proc/self/fd/") + DECIMAL_STR_MAX(int)];
+        _cleanup_close_ int fd = -1;
+        struct stat st;
+
         assert(item);
         assert(path);
+        fd = open(path, O_RDONLY|O_NOFOLLOW|O_CLOEXEC|O_PATH|O_NOATIME);
+        if (fd < 0)
+                return log_error_errno(errno, "Adjusting ACL of %s failed: %m", path);
+
+        if (fstatat(fd, "", &st, AT_EMPTY_PATH) < 0)
+                return log_error_errno(errno, "Failed to fstat() file %s: %m", path);
+
+        if (S_ISLNK(st.st_mode)) {
+                log_debug("Skipping ACL fix for symlink %s.", path);
+                return 0;
+        }
+
+        xsprintf(fn, "/proc/self/fd/%i", fd);
+
         if (item->acl_access)
-                r = path_set_acl(path, ACL_TYPE_ACCESS, item->acl_access, item->force);
+                r = path_set_acl(fn, path, ACL_TYPE_ACCESS, item->acl_access, item->force);
         if (r == 0 && item->acl_default)
-                r = path_set_acl(path, ACL_TYPE_DEFAULT, item->acl_default, item->force);
+                r = path_set_acl(fn, path, ACL_TYPE_DEFAULT, item->acl_default, item->force);
         if (r > 0)
                 return -r; /* already warned */
SOURCES/0301-udev-filter-out-non-sensically-high-onboard-indexes-.patch
New file
@@ -0,0 +1,43 @@
From 0fa424a08a31af512a698b60b497cfc0cf0554e0 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 25 Jan 2016 17:16:27 +0100
Subject: [PATCH] udev: filter out non-sensically high onboard indexes reported
 by the kernel
Let's not accept onboard interface indexes, that are so high that they are obviously non-sensical.
Fixes: #2407
Cherry-picked from: 6c1e69f9456d022f14dd00737126cfa4d9cca10
Resolves: #1230210
---
 src/udev/udev-builtin-net_id.c | 9 +++++++++
 1 file changed, 9 insertions(+)
diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c
index ffd6ea4..19e1f26 100644
--- a/src/udev/udev-builtin-net_id.c
+++ b/src/udev/udev-builtin-net_id.c
@@ -101,6 +101,8 @@
 #include "udev.h"
 #include "fileio.h"
+#define ONBOARD_INDEX_MAX (16*1024-1)
+
 enum netname_type{
         NET_UNDEF,
         NET_PCI,
@@ -147,6 +149,13 @@ static int dev_pci_onboard(struct udev_device *dev, struct netnames *names) {
         if (idx <= 0)
                 return -EINVAL;
+        /* Some BIOSes report rubbish indexes that are excessively high (2^24-1 is an index VMware likes to report for
+         * example). Let's define a cut-off where we don't consider the index reliable anymore. We pick some arbitrary
+         * cut-off, which is somewhere beyond the realistic number of physical network interface a system might
+         * have. Ideally the kernel would already filter his crap for us, but it doesn't currently. */
+        if (idx > ONBOARD_INDEX_MAX)
+                return -ENOENT;
+
         /* kernel provided port index for multiple ports on a single PCI function */
         attr = udev_device_get_sysattr_value(dev, "dev_port");
         if (attr)
SOURCES/0302-test-execute-add-tests-for-RuntimeDirectory.patch
New file
@@ -0,0 +1,74 @@
From fb798a267d2bad8df98f49c2a4a309efa5569759 Mon Sep 17 00:00:00 2001
From: Ronny Chevalier <chevalier.ronny@gmail.com>
Date: Mon, 21 Sep 2015 15:36:07 +0200
Subject: [PATCH] test-execute: add tests for RuntimeDirectory
Cherry-picked from: cc3ddc851fbe5adf9dfc7e4a702a8b5b6a1186d6
Resolves: #1324826
---
 src/test/test-execute.c                 | 7 +++++++
 test/exec-runtimedirectory-mode.service | 8 ++++++++
 test/exec-runtimedirectory.service      | 7 +++++++
 3 files changed, 22 insertions(+)
 create mode 100644 test/exec-runtimedirectory-mode.service
 create mode 100644 test/exec-runtimedirectory.service
diff --git a/src/test/test-execute.c b/src/test/test-execute.c
index 00f3607..90b1c87 100644
--- a/src/test/test-execute.c
+++ b/src/test/test-execute.c
@@ -141,6 +141,11 @@ static void test_exec_umask(Manager *m) {
         test(m, "exec-umask-0177.service", 0, CLD_EXITED);
 }
+static void test_exec_runtimedirectory(Manager *m) {
+        test(m, "exec-runtimedirectory.service", 0, CLD_EXITED);
+        test(m, "exec-runtimedirectory-mode.service", 0, CLD_EXITED);
+}
+
 int main(int argc, char *argv[]) {
         test_function_t tests[] = {
                 test_exec_workingdirectory,
@@ -154,6 +159,7 @@ int main(int argc, char *argv[]) {
                 test_exec_group,
                 test_exec_environment,
                 test_exec_umask,
+                test_exec_runtimedirectory,
                 NULL,
         };
         test_function_t *test = NULL;
@@ -169,6 +175,7 @@ int main(int argc, char *argv[]) {
                 return EXIT_TEST_SKIP;
         }
+        assert_se(setenv("XDG_RUNTIME_DIR", "/tmp/", 1) == 0);
         assert_se(set_unit_path(TEST_DIR ":") >= 0);
         r = manager_new(SYSTEMD_USER, true, &m);
diff --git a/test/exec-runtimedirectory-mode.service b/test/exec-runtimedirectory-mode.service
new file mode 100644
index 0000000..ba6d7ee
--- /dev/null
+++ b/test/exec-runtimedirectory-mode.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Test for RuntimeDirectoryMode
+
+[Service]
+ExecStart=/bin/sh -c 's=$(stat -c %a /tmp/test-exec_runtimedirectory-mode); echo $s; exit $(test $s = "750")'
+Type=oneshot
+RuntimeDirectory=test-exec_runtimedirectory-mode
+RuntimeDirectoryMode=0750
diff --git a/test/exec-runtimedirectory.service b/test/exec-runtimedirectory.service
new file mode 100644
index 0000000..c12a6c6
--- /dev/null
+++ b/test/exec-runtimedirectory.service
@@ -0,0 +1,7 @@
+[Unit]
+Description=Test for RuntimeDirectory
+
+[Service]
+ExecStart=/bin/sh -c 'exit $(test -d /tmp/test-exec_runtimedirectory)'
+Type=oneshot
+RuntimeDirectory=test-exec_runtimedirectory
SOURCES/0303-core-fix-group-ownership-when-Group-is-set.patch
New file
@@ -0,0 +1,84 @@
From f2300a5c3226d3a66d77c34ae811401c638f430f Mon Sep 17 00:00:00 2001
From: Ronny Chevalier <chevalier.ronny@gmail.com>
Date: Mon, 21 Sep 2015 15:45:51 +0200
Subject: [PATCH] core: fix group ownership when Group is set
When Group is set in the unit, the runtime directories are owned by
this group and not the default group of the user (same for cgroup paths
and standard outputs)
Fix #1231
Cherry-picked from: 5bc7452b3219456e07f931e40da30bb94a884293
Resolves: #1324826
---
 src/core/execute.c                       | 19 +++++++++++--------
 src/test/test-execute.c                  |  1 +
 test/exec-runtimedirectory-owner.service |  9 +++++++++
 3 files changed, 21 insertions(+), 8 deletions(-)
 create mode 100644 test/exec-runtimedirectory-owner.service
diff --git a/src/core/execute.c b/src/core/execute.c
index 1815e3d..8172c8b 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -629,14 +629,6 @@ static int enforce_groups(const ExecContext *context, const char *username, gid_
          * we avoid NSS lookups for gid=0. */
         if (context->group || username) {
-
-                if (context->group) {
-                        const char *g = context->group;
-
-                        if ((r = get_group_creds(&g, &gid)) < 0)
-                                return r;
-                }
-
                 /* First step, initialize groups from /etc/groups */
                 if (username && gid != 0) {
                         if (initgroups(username, gid) < 0)
@@ -1374,6 +1366,17 @@ static int exec_child(
                 }
         }
+        if (context->group) {
+                const char *g = context->group;
+
+                r = get_group_creds(&g, &gid);
+                if (r < 0) {
+                        *exit_status = EXIT_GROUP;
+                        return r;
+                }
+        }
+
+
         /* If a socket is connected to STDIN/STDOUT/STDERR, we
          * must sure to drop O_NONBLOCK */
         if (socket_fd >= 0)
diff --git a/src/test/test-execute.c b/src/test/test-execute.c
index 90b1c87..38522a1 100644
--- a/src/test/test-execute.c
+++ b/src/test/test-execute.c
@@ -144,6 +144,7 @@ static void test_exec_umask(Manager *m) {
 static void test_exec_runtimedirectory(Manager *m) {
         test(m, "exec-runtimedirectory.service", 0, CLD_EXITED);
         test(m, "exec-runtimedirectory-mode.service", 0, CLD_EXITED);
+        test(m, "exec-runtimedirectory-owner.service", 0, CLD_EXITED);
 }
 int main(int argc, char *argv[]) {
diff --git a/test/exec-runtimedirectory-owner.service b/test/exec-runtimedirectory-owner.service
new file mode 100644
index 0000000..077e08d
--- /dev/null
+++ b/test/exec-runtimedirectory-owner.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set)
+
+[Service]
+ExecStart=/bin/sh -c 'f=/tmp/test-exec_runtimedirectory-owner;g=$(stat -c %G $f); echo "$g"; exit $(test $g = "nobody")'
+Type=oneshot
+Group=nobody
+User=root
+RuntimeDirectory=test-exec_runtimedirectory-owner
SOURCES/0304-fstab-generator-cescape-device-name-in-root-fsck-ser.patch
File was renamed from SOURCES/0277-fstab-generator-cescape-device-name-in-root-fsck-ser.patch
@@ -1,4 +1,4 @@
From f29f53f95636fea60a3f757786131790477ab71a Mon Sep 17 00:00:00 2001
From e591c1a47c067cd2d14dca569cc9f0cce9072200 Mon Sep 17 00:00:00 2001
From: Andrei Borzenkov <arvidjaar@gmail.com>
Date: Wed, 3 Jun 2015 20:50:59 +0300
Subject: [PATCH] fstab-generator: cescape device name in root-fsck service
SOURCES/0305-core-add-new-RandomSec-setting-for-time-units.patch
New file
@@ -0,0 +1,227 @@
From 338b8f9bca1cd7bd65123808fc7f7b2773e637db Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 18 Nov 2015 13:37:30 +0100
Subject: [PATCH] core: add new RandomSec= setting for time units
This allows configuration of a random time on top of the elapse events,
in order to spread time events in a network evenly across a range.
Cherry-picked from: 744c7693751830149ae78fdaf95c6c6f99d59f07
Resolves: #1305279
---
 man/systemd.timer.xml                 | 43 ++++++++++++++++++++++++++++++-----
 src/core/dbus-timer.c                 | 17 ++++++++++++++
 src/core/load-fragment-gperf.gperf.m4 |  1 +
 src/core/timer.c                      | 28 +++++++++++++++++++++++
 src/core/timer.h                      |  1 +
 src/libsystemd/sd-bus/bus-util.c      | 16 +++++++++++++
 6 files changed, 100 insertions(+), 6 deletions(-)
diff --git a/man/systemd.timer.xml b/man/systemd.timer.xml
index 20890f2..bdd14d8 100644
--- a/man/systemd.timer.xml
+++ b/man/systemd.timer.xml
@@ -180,13 +180,12 @@
         <varname>OnUnitInactiveSec=</varname> and ending the time
         configured with <varname>AccuracySec=</varname> later. Within
         this time window, the expiry time will be placed at a
-        host-specific, randomized but stable position that is
+        host-specific, randomized, but stable position that is
         synchronized between all local timer units. This is done in
-        order to distribute the wake-up time in networked
-        installations, as well as optimizing power consumption to
-        suppress unnecessary CPU wake-ups. To get best accuracy, set
-        this option to 1us. Note that the timer is still subject to
-        the timer slack configured via
+        order to optimize power consumption to suppress unnecessary
+        CPU wake-ups. To get best accuracy, set this option to
+        1us. Note that the timer is still subject to the timer slack
+        configured via
         <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>'s
         <varname>TimerSlackNSec=</varname> setting. See
         <citerefentry><refentrytitle>prctl</refentrytitle><manvolnum>2</manvolnum></citerefentry>
@@ -194,6 +193,38 @@
         this value as high as possible and as low as
         necessary.</para></listitem>
       </varlistentry>
+
+      <varlistentry>
+        <term><varname>RandomSec=</varname></term>
+
+        <listitem><para>Delay the timer by a randomly selected, evenly
+        distributed amount of time between 0 and the specified time
+        value. Defaults to 0, indicating that no randomized delay
+        shall be applied. Each timer unit will determine this delay
+        randomly each time it is started, and the delay will simply be
+        added on top of the next determined elapsing time. This is
+        useful to stretch dispatching of similarly configured timer
+        events over a certain amount time, to avoid that they all fire
+        at the same time, possibly resulting in resource
+        congestion. Note the relation to
+        <varname>AccuracySec=</varname> above: the latter allows the
+        service manager to coalesce timer events within a specified
+        time range in order to minimize wakeups, the former does the
+        opposite: it stretches timer events over a time range, to make
+        it unlikely that they fire simultaneously. If
+        <varname>RandomSec=</varname> and
+        <varname>AccuracySec=</varname> are used in conjunction, first
+        the a randomized time is added, and the result is then
+        possibly shifted further to coalesce it with other timer
+        events possibly happening on the system. As mentioned above
+        <varname>AccuracySec=</varname> defaults to 1min and
+        <varname>RandomSec=</varname> to 0, thus encouraging
+        coalescing of timer events. In order to optimally stretch
+        timer events over a certain range of time, make sure to set
+        <varname>RandomSec=</varname> to a higher value, and
+        <varname>AccuracySec=1us</varname>.</para></listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><varname>Unit=</varname></term>
diff --git a/src/core/dbus-timer.c b/src/core/dbus-timer.c
index 43e7852..cd7bf44 100644
--- a/src/core/dbus-timer.c
+++ b/src/core/dbus-timer.c
@@ -181,6 +181,7 @@ const sd_bus_vtable bus_timer_vtable[] = {
         BUS_PROPERTY_DUAL_TIMESTAMP("LastTriggerUSec", offsetof(Timer, last_trigger), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
         SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Timer, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
         SD_BUS_PROPERTY("AccuracyUSec", "t", bus_property_get_usec, offsetof(Timer, accuracy_usec), SD_BUS_VTABLE_PROPERTY_CONST),
+        SD_BUS_PROPERTY("RandomUSec", "t", bus_property_get_usec, offsetof(Timer, random_usec), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("Persistent", "b", bus_property_get_bool, offsetof(Timer, persistent), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("WakeSystem", "b", bus_property_get_bool, offsetof(Timer, wake_system), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_VTABLE_END
@@ -284,6 +285,22 @@ static int bus_timer_set_transient_property(
                 return 1;
+        } else if (streq(name, "RandomUSec")) {
+                usec_t u = 0;
+
+                r = sd_bus_message_read(message, "t", &u);
+                if (r < 0)
+                        return r;
+
+                if (mode != UNIT_CHECK) {
+                        char time[FORMAT_TIMESPAN_MAX];
+
+                        t->random_usec = u;
+                        unit_write_drop_in_private_format(UNIT(t), mode, name, "RandomSec=%s\n", format_timespan(time, sizeof(time), u, USEC_PER_MSEC));
+                }
+
+                return 1;
+
         } else if (streq(name, "WakeSystem")) {
                 int b;
diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4
index 5305984..5106a98 100644
--- a/src/core/load-fragment-gperf.gperf.m4
+++ b/src/core/load-fragment-gperf.gperf.m4
@@ -336,6 +336,7 @@ Timer.OnUnitInactiveSec,         config_parse_timer,                 0,
 Timer.Persistent,                config_parse_bool,                  0,                             offsetof(Timer, persistent)
 Timer.WakeSystem,                config_parse_bool,                  0,                             offsetof(Timer, wake_system)
 Timer.AccuracySec,               config_parse_sec,                   0,                             offsetof(Timer, accuracy_usec)
+Timer.RandomSec,                 config_parse_sec,                   0,                             offsetof(Timer, random_usec)
 Timer.Unit,                      config_parse_trigger_unit,          0,                             0
 m4_dnl
 Path.PathExists,                 config_parse_path_spec,             0,                             0
diff --git a/src/core/timer.c b/src/core/timer.c
index 48cf9c1..972dd73 100644
--- a/src/core/timer.c
+++ b/src/core/timer.c
@@ -29,6 +29,7 @@
 #include "bus-util.h"
 #include "bus-error.h"
 #include "mkdir.h"
+#include "util.h"
 static const UnitActiveState state_translation_table[_TIMER_STATE_MAX] = {
         [TIMER_DEAD] = UNIT_INACTIVE,
@@ -315,6 +316,28 @@ static usec_t monotonic_to_boottime(usec_t t) {
                 return 0;
 }
+static void add_random(Timer *t, usec_t *v) {
+        char s[FORMAT_TIMESPAN_MAX];
+        usec_t add;
+
+        assert(t);
+        assert(*v);
+
+        if (t->random_usec == 0)
+                return;
+        if (*v == USEC_INFINITY)
+                return;
+
+        add = random_u64() % t->random_usec;
+
+        if (*v + add < *v) /* overflow */
+                *v = (usec_t) -2; /* Highest possible value, that is not USEC_INFINITY */
+        else
+                *v += add;
+
+        log_unit_info(UNIT(t)->id, "Adding %s random time.", format_timespan(s, sizeof(s), add, 0));
+}
+
 static void timer_enter_waiting(Timer *t, bool initial) {
         bool found_monotonic = false, found_realtime = false;
         usec_t ts_realtime, ts_monotonic;
@@ -431,6 +454,8 @@ static void timer_enter_waiting(Timer *t, bool initial) {
         if (found_monotonic) {
                 char buf[FORMAT_TIMESPAN_MAX];
+                add_random(t, &t->next_elapse_monotonic_or_boottime);
+
                 log_unit_debug(UNIT(t)->id, "%s: Monotonic timer elapses in %s.",
                                UNIT(t)->id,
                                format_timespan(buf, sizeof(buf), t->next_elapse_monotonic_or_boottime > ts_monotonic ? t->next_elapse_monotonic_or_boottime - ts_monotonic : 0, 0));
@@ -460,6 +485,9 @@ static void timer_enter_waiting(Timer *t, bool initial) {
         if (found_realtime) {
                 char buf[FORMAT_TIMESTAMP_MAX];
+
+                add_random(t, &t->next_elapse_realtime);
+
                 log_unit_debug(UNIT(t)->id, "%s: Realtime timer elapses at %s.", UNIT(t)->id, format_timestamp(buf, sizeof(buf), t->next_elapse_realtime));
                 if (t->realtime_event_source) {
diff --git a/src/core/timer.h b/src/core/timer.h
index de412a0..b977245 100644
--- a/src/core/timer.h
+++ b/src/core/timer.h
@@ -69,6 +69,7 @@ struct Timer {
         Unit meta;
         usec_t accuracy_usec;
+        usec_t random_usec;
         LIST_HEAD(TimerValue, values);
         usec_t next_elapse_realtime;
diff --git a/src/libsystemd/sd-bus/bus-util.c b/src/libsystemd/sd-bus/bus-util.c
index 6d56150..5ecb3be 100644
--- a/src/libsystemd/sd-bus/bus-util.c
+++ b/src/libsystemd/sd-bus/bus-util.c
@@ -1364,6 +1364,22 @@ int bus_append_unit_property_assignment(sd_bus_message *m, const char *assignmen
                         return bus_log_create_error(r);
                 return 0;
+        } else if (streq(field, "RandomSec")) {
+                usec_t t;
+
+                r = parse_sec(eq, &t);
+                if (r < 0)
+                        return log_error_errno(r, "Failed to parse RandomSec= parameter: %s", eq);
+
+                r = sd_bus_message_append_basic(m, SD_BUS_TYPE_STRING, "RandomUSec");
+                if (r < 0)
+                        return bus_log_create_error(r);
+
+                r = sd_bus_message_append(m, "v", "t", t);
+                if (r < 0)
+                        return bus_log_create_error(r);
+
+                return 0;
         }
         r = sd_bus_message_append_basic(m, SD_BUS_TYPE_STRING, field);
SOURCES/0306-core-rename-Random-to-RandomizedDelay.patch
New file
@@ -0,0 +1,118 @@
From 510ba7ebe71c8e4e64ead26a44b330d2e4375d9c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 26 Nov 2015 16:32:41 -0500
Subject: [PATCH] core: rename Random* to RandomizedDelay*
The name RandomSec is too generic: "Sec" just specifies the default
unit type, and "Random" by itself is not enough. Rename to something
that should give the user general idea what the setting does without
looking at documentation.
Cherry-picked from: 6f5d79986a9c98b9cacc83f865fed957e4e6e4e6
Resolves: #1305279
---
 man/systemd.timer.xml                 | 8 ++++----
 src/core/dbus-timer.c                 | 6 +++---
 src/core/load-fragment-gperf.gperf.m4 | 2 +-
 src/libsystemd/sd-bus/bus-util.c      | 6 +++---
 4 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/man/systemd.timer.xml b/man/systemd.timer.xml
index bdd14d8..ab83b2c 100644
--- a/man/systemd.timer.xml
+++ b/man/systemd.timer.xml
@@ -195,7 +195,7 @@
       </varlistentry>
       <varlistentry>
-        <term><varname>RandomSec=</varname></term>
+        <term><varname>RandomizedDelaySec=</varname></term>
         <listitem><para>Delay the timer by a randomly selected, evenly
         distributed amount of time between 0 and the specified time
@@ -212,16 +212,16 @@
         time range in order to minimize wakeups, the former does the
         opposite: it stretches timer events over a time range, to make
         it unlikely that they fire simultaneously. If
-        <varname>RandomSec=</varname> and
+        <varname>RandomizedDelaySec=</varname> and
         <varname>AccuracySec=</varname> are used in conjunction, first
         the a randomized time is added, and the result is then
         possibly shifted further to coalesce it with other timer
         events possibly happening on the system. As mentioned above
         <varname>AccuracySec=</varname> defaults to 1min and
-        <varname>RandomSec=</varname> to 0, thus encouraging
+        <varname>RandomizedDelaySec=</varname> to 0, thus encouraging
         coalescing of timer events. In order to optimally stretch
         timer events over a certain range of time, make sure to set
-        <varname>RandomSec=</varname> to a higher value, and
+        <varname>RandomizedDelaySec=</varname> to a higher value, and
         <varname>AccuracySec=1us</varname>.</para></listitem>
       </varlistentry>
diff --git a/src/core/dbus-timer.c b/src/core/dbus-timer.c
index cd7bf44..478905a 100644
--- a/src/core/dbus-timer.c
+++ b/src/core/dbus-timer.c
@@ -181,7 +181,7 @@ const sd_bus_vtable bus_timer_vtable[] = {
         BUS_PROPERTY_DUAL_TIMESTAMP("LastTriggerUSec", offsetof(Timer, last_trigger), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
         SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Timer, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
         SD_BUS_PROPERTY("AccuracyUSec", "t", bus_property_get_usec, offsetof(Timer, accuracy_usec), SD_BUS_VTABLE_PROPERTY_CONST),
-        SD_BUS_PROPERTY("RandomUSec", "t", bus_property_get_usec, offsetof(Timer, random_usec), SD_BUS_VTABLE_PROPERTY_CONST),
+        SD_BUS_PROPERTY("RandomizedDelayUSec", "t", bus_property_get_usec, offsetof(Timer, random_usec), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("Persistent", "b", bus_property_get_bool, offsetof(Timer, persistent), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("WakeSystem", "b", bus_property_get_bool, offsetof(Timer, wake_system), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_VTABLE_END
@@ -285,7 +285,7 @@ static int bus_timer_set_transient_property(
                 return 1;
-        } else if (streq(name, "RandomUSec")) {
+        } else if (streq(name, "RandomizedDelayUSec")) {
                 usec_t u = 0;
                 r = sd_bus_message_read(message, "t", &u);
@@ -296,7 +296,7 @@ static int bus_timer_set_transient_property(
                         char time[FORMAT_TIMESPAN_MAX];
                         t->random_usec = u;
-                        unit_write_drop_in_private_format(UNIT(t), mode, name, "RandomSec=%s\n", format_timespan(time, sizeof(time), u, USEC_PER_MSEC));
+                        unit_write_drop_in_private_format(UNIT(t), mode, name, "RandomizedDelaySec=%s\n", format_timespan(time, sizeof(time), u, USEC_PER_MSEC));
                 }
                 return 1;
diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4
index 5106a98..85d9797 100644
--- a/src/core/load-fragment-gperf.gperf.m4
+++ b/src/core/load-fragment-gperf.gperf.m4
@@ -336,7 +336,7 @@ Timer.OnUnitInactiveSec,         config_parse_timer,                 0,
 Timer.Persistent,                config_parse_bool,                  0,                             offsetof(Timer, persistent)
 Timer.WakeSystem,                config_parse_bool,                  0,                             offsetof(Timer, wake_system)
 Timer.AccuracySec,               config_parse_sec,                   0,                             offsetof(Timer, accuracy_usec)
-Timer.RandomSec,                 config_parse_sec,                   0,                             offsetof(Timer, random_usec)
+Timer.RandomizedDelaySec,        config_parse_sec,                   0,                             offsetof(Timer, random_usec)
 Timer.Unit,                      config_parse_trigger_unit,          0,                             0
 m4_dnl
 Path.PathExists,                 config_parse_path_spec,             0,                             0
diff --git a/src/libsystemd/sd-bus/bus-util.c b/src/libsystemd/sd-bus/bus-util.c
index 5ecb3be..3a91836 100644
--- a/src/libsystemd/sd-bus/bus-util.c
+++ b/src/libsystemd/sd-bus/bus-util.c
@@ -1364,14 +1364,14 @@ int bus_append_unit_property_assignment(sd_bus_message *m, const char *assignmen
                         return bus_log_create_error(r);
                 return 0;
-        } else if (streq(field, "RandomSec")) {
+        } else if (streq(field, "RandomizedDelaySec")) {
                 usec_t t;
                 r = parse_sec(eq, &t);
                 if (r < 0)
-                        return log_error_errno(r, "Failed to parse RandomSec= parameter: %s", eq);
+                        return log_error_errno(r, "Failed to parse RandomizedDelaySec= parameter: %s", eq);
-                r = sd_bus_message_append_basic(m, SD_BUS_TYPE_STRING, "RandomUSec");
+                r = sd_bus_message_append_basic(m, SD_BUS_TYPE_STRING, "RandomizedDelayUSec");
                 if (r < 0)
                         return bus_log_create_error(r);
SOURCES/0307-journal-remote-change-owner-of-var-log-journal-remot.patch
New file
@@ -0,0 +1,26 @@
From 1c6075b30786cefc73e41b2f1f5459006f37b616 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Fri, 15 Jan 2016 15:19:52 +0900
Subject: [PATCH] journal-remote: change owner of /var/log/journal/remote and
 create /var/lib/systemd/journal-upload
Cherry-picked from: dcdd4411407067fa1e464dc26ab85ae598fcad7d
Resolves: #1327303
---
 tmpfiles.d/systemd-remote.conf | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/tmpfiles.d/systemd-remote.conf b/tmpfiles.d/systemd-remote.conf
index 1b8973a..e19230f 100644
--- a/tmpfiles.d/systemd-remote.conf
+++ b/tmpfiles.d/systemd-remote.conf
@@ -7,5 +7,7 @@
 # See tmpfiles.d(5) for details
-z /var/log/journal/remote 2755 root systemd-journal-remote - -
-z /run/log/journal/remote 2755 root systemd-journal-remote - -
+d /var/lib/systemd/journal-upload 0755 systemd-journal-upload systemd-journal-upload - -
+
+z /var/log/journal/remote 2755 systemd-journal-remote systemd-journal-remote - -
+z /run/log/journal/remote 2755 systemd-journal-remote systemd-journal-remote - -
SOURCES/0308-Add-Seal-option-in-the-configuration-file-for-journa.patch
New file
@@ -0,0 +1,57 @@
From f6a8db04fb20d142e514d805c613a1b3e70c454d Mon Sep 17 00:00:00 2001
From: Michael Scherer <misc@redhat.com>
Date: Sun, 20 Dec 2015 13:23:33 +0100
Subject: [PATCH] Add Seal option in the configuration file for journald-remote
While journal received remotely can be sealed, it can only be done
on the command line using --seal, so for consistency, we will
also permit to set it in the configuration file.
Cherry-picked from: 9d3737f13e9b38f88ed7acc800db66c2f025fac9
Resolves: #1329233
---
 man/journal-remote.conf.xml               | 7 +++++++
 src/journal-remote/journal-remote.c       | 1 +
 src/journal-remote/journal-remote.conf.in | 1 +
 3 files changed, 9 insertions(+)
diff --git a/man/journal-remote.conf.xml b/man/journal-remote.conf.xml
index a7b2227..9a385c7 100644
--- a/man/journal-remote.conf.xml
+++ b/man/journal-remote.conf.xml
@@ -72,6 +72,13 @@
     <literal>[Remote]</literal> section:</para>
     <variablelist>
+      <varlistentry>
+        <term><varname>Seal=</varname></term>
+
+        <listitem><para>Periodically sign the data in the journal using Forward Secure Sealing.
+        </para></listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><varname>SplitMode=</varname></term>
diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c
index b7cc6d7..9c515f9 100644
--- a/src/journal-remote/journal-remote.c
+++ b/src/journal-remote/journal-remote.c
@@ -1174,6 +1174,7 @@ static DEFINE_CONFIG_PARSE_ENUM(config_parse_write_split_mode,
 static int parse_config(void) {
         const ConfigTableItem items[] = {
+                { "Remote",  "Seal",                   config_parse_bool,             0, &arg_seal       },
                 { "Remote",  "SplitMode",              config_parse_write_split_mode, 0, &arg_split_mode },
                 { "Remote",  "ServerKeyFile",          config_parse_path,             0, &arg_key        },
                 { "Remote",  "ServerCertificateFile",  config_parse_path,             0, &arg_cert       },
diff --git a/src/journal-remote/journal-remote.conf.in b/src/journal-remote/journal-remote.conf.in
index 3e32f34..7122d63 100644
--- a/src/journal-remote/journal-remote.conf.in
+++ b/src/journal-remote/journal-remote.conf.in
@@ -1,4 +1,5 @@
 [Remote]
+# Seal=false
 # SplitMode=host
 # ServerKeyFile=@CERTIFICATEROOT@/private/journal-remote.pem
 # ServerCertificateFile=@CERTIFICATEROOT@/certs/journal-remote.pem
SOURCES/0309-tests-fix-make-check-failure.patch
New file
@@ -0,0 +1,26 @@
From 44eb30c33deb46f92d2c67e78a5fb7aa6b21d145 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 28 Apr 2016 16:04:52 +0200
Subject: [PATCH] tests: fix make check failure
Don't call abort() on success. Actually rm_rf_dangerous() returns 0 if
all went well.
Related: #1159308
---
 src/test/test-install-root.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/test/test-install-root.c b/src/test/test-install-root.c
index 89d91d3..667c374 100644
--- a/src/test/test-install-root.c
+++ b/src/test/test-install-root.c
@@ -657,7 +657,7 @@ int main(int argc, char *argv[]) {
         test_indirect(root);
         test_preset_and_list(root);
-        assert_se(rm_rf_dangerous(root, false, true, false));
+        assert_se(rm_rf_dangerous(root, false, true, false) == 0);
         return 0;
 }
SOURCES/0310-device-make-sure-to-not-ignore-re-plugged-device.patch
New file
@@ -0,0 +1,65 @@
From 45ff3d79f079c73c73209940cf6eaa0ea0a95708 Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Fri, 22 Jan 2016 07:18:19 +0100
Subject: [PATCH] device: make sure to not ignore re-plugged device
systemd automatically mounts device unless 'noauto' is part of the
mount options. This can happen during boot if the device is plugged at
that time or later when the system is already running (the latter case
is not documented AFAICS).
After the systemd booted, I plugged my USB device which had an entry
in /etc/fstab with the default options and systemd automatically
mounted it.
However I noticed that if I unplugged and re-plugged the device the
automatic mounting of the device didn't work anymore: systemd didn't
notice that the device was re-plugged.
This was due to the device unit which was not recycled by the GC
during the unplug event because in the case of automounting, the mount
unit still referenced it. When the device was re-plugged, the old
device unit was reused but it still had the old sysfs path (amongst
other useful information).
Systemd was confused by the stalled sysfs path and decided to ignore
the plug event.
This patch fixes this issue by simply not doing the sanity checking on
the sysfs path if the device is in unplugged state.
Cherry-picked from: ac9d396b2abbae4e7ab84f7b556f70681b66236b
Resolves: #1332606
---
 src/core/device.c | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/src/core/device.c b/src/core/device.c
index 1995e3c..fc73e26 100644
--- a/src/core/device.c
+++ b/src/core/device.c
@@ -314,11 +314,19 @@ static int device_setup_unit(Manager *m, struct udev_device *dev, const char *pa
         u = manager_get_unit(m, e);
-        if (u &&
-            DEVICE(u)->sysfs &&
-            !path_equal(DEVICE(u)->sysfs, sysfs)) {
-                log_unit_debug(u->id, "Device %s appeared twice with different sysfs paths %s and %s", e, DEVICE(u)->sysfs, sysfs);
-                return -EEXIST;
+        /* The device unit can still be present even if the device was
+         * unplugged: a mount unit can reference it hence preventing
+         * the GC to have garbaged it. That's desired since the device
+         * unit may have a dependency on the mount unit which was
+         * added during the loading of the later. */
+        if (u && DEVICE(u)->state == DEVICE_PLUGGED) {
+                /* This unit is in plugged state: we're sure it's
+                 * attached to a device. */
+                if (!path_equal(DEVICE(u)->sysfs, sysfs)) {
+                        log_unit_debug(u->id, "Dev %s appeared twice with different sysfs paths %s and %s",
+                                       e, DEVICE(u)->sysfs, sysfs);
+                        return -EEXIST;
+                }
         }
         if (!u) {
SOURCES/0311-device-Ensure-we-have-sysfs-path-before-comparing.patch
New file
@@ -0,0 +1,33 @@
From ce046ce7f8545d174dc8ecb45b27c2049d96f935 Mon Sep 17 00:00:00 2001
From: Colin Guthrie <colin@mageia.org>
Date: Mon, 14 Mar 2016 09:42:07 +0000
Subject: [PATCH] device: Ensure we have sysfs path before comparing.
In some cases we do not have a udev device when setting up a unit
(certainly the code gracefully handles this). However, we do
then go on to compare the path via path_equal which will assert
if a null value is passed in.
See https://bugs.mageia.org/show_bug.cgi?id=17766
Not sure if this is the correct fix, but it avoids the crash
Cherry-picked from: 5e1558f4a09e596561c9168384f2258e7c0718a1
Resolves: #1332606
---
 src/core/device.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/device.c b/src/core/device.c
index fc73e26..bdc8466 100644
--- a/src/core/device.c
+++ b/src/core/device.c
@@ -319,7 +319,7 @@ static int device_setup_unit(Manager *m, struct udev_device *dev, const char *pa
          * the GC to have garbaged it. That's desired since the device
          * unit may have a dependency on the mount unit which was
          * added during the loading of the later. */
-        if (u && DEVICE(u)->state == DEVICE_PLUGGED) {
+        if (sysfs && u && DEVICE(u)->state == DEVICE_PLUGGED) {
                 /* This unit is in plugged state: we're sure it's
                  * attached to a device. */
                 if (!path_equal(DEVICE(u)->sysfs, sysfs)) {
SOURCES/0312-core-fix-memory-leak-on-set-default-enable-disable-e.patch
New file
@@ -0,0 +1,23 @@
From 805365980feaec626e80c6514b46a6e4de319b77 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Fri, 29 Apr 2016 09:40:23 +0200
Subject: [PATCH] core: fix memory leak on set-default, enable, disable etc
Cherry-picked from: 24f412ca4150b490648ab8de45c6eda5bd697fd8
Related: #1331667
---
 src/core/dbus-manager.c | 1 +
 1 file changed, 1 insertion(+)
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index faa124d..1a5525e 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -1621,6 +1621,7 @@ static int reply_unit_file_changes_and_free(
         if (r < 0)
                 goto fail;
+        unit_file_changes_free(changes, n_changes);
         return sd_bus_send(bus, reply, NULL);
 fail:
SOURCES/0313-nspawn-fix-minor-memory-leak.patch
New file
@@ -0,0 +1,26 @@
From 94f823629031f8849c8dc001d56a2c057531f0f2 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 28 Oct 2015 18:22:23 +0100
Subject: [PATCH] nspawn: fix minor memory leak
When rebooting nspawn containers about 400 times we'd otherwise hit the
fd limit and refuse further reboots.
Cherry-picked from: 3c747da38ca2f0642b4811812f6e2e2e1449a622
Related: #1331667
---
 src/shared/ptyfwd.c | 1 +
 1 file changed, 1 insertion(+)
diff --git a/src/shared/ptyfwd.c b/src/shared/ptyfwd.c
index 31274a1..88b3f4e 100644
--- a/src/shared/ptyfwd.c
+++ b/src/shared/ptyfwd.c
@@ -388,6 +388,7 @@ PTYForward *pty_forward_free(PTYForward *f) {
                 sd_event_source_unref(f->stdin_event_source);
                 sd_event_source_unref(f->stdout_event_source);
                 sd_event_source_unref(f->master_event_source);
+                sd_event_source_unref(f->sigwinch_event_source);
                 sd_event_unref(f->event);
                 if (f->saved_stdout)
SOURCES/0314-basic-fix-error-memleak-in-socket-util.patch
New file
@@ -0,0 +1,28 @@
From 605a35e6e8dcb2518a1fa8f92fb5fb00a0419345 Mon Sep 17 00:00:00 2001
From: David Herrmann <dh.herrmann@gmail.com>
Date: Fri, 29 Apr 2016 12:13:06 +0200
Subject: [PATCH] basic: fix error/memleak in socket-util
Probably a typo, checking 'ret' instead of the return value 'p'. This
might cause the function to return failure, even though it succeeded.
Furthermore, it might leak resources.
Cherry-picked from: 0810bc568ace619b16e440805e93256730d45541
Related: #1331667
---
 src/shared/socket-util.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/shared/socket-util.c b/src/shared/socket-util.c
index a4e26b1..407d0af 100644
--- a/src/shared/socket-util.c
+++ b/src/shared/socket-util.c
@@ -544,7 +544,7 @@ int sockaddr_pretty(const struct sockaddr *_sa, socklen_t salen, bool translate_
                 } else {
                         p = strndup(sa->un.sun_path, sizeof(sa->un.sun_path));
-                        if (!ret)
+                        if (!p)
                                 return -ENOMEM;
                 }
SOURCES/0315-core-fix-memory-leak-in-manager_run_generators.patch
New file
@@ -0,0 +1,52 @@
From fa5a3a16e94773baf1dce3881d5cfab556b87113 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= <crrodriguez@opensuse.org>
Date: Mon, 11 May 2015 23:30:38 -0300
Subject: [PATCH] core: fix memory leak in manager_run_generators()
If systemd is built with GCC address sanitizer or leak sanitizer
the following memory leak ocurs:
May 12 02:02:46 linux.site systemd[326]: =================================================================
May 12 02:02:46 linux.site systemd[326]: ==326==ERROR: LeakSanitizer: detected memory leaks
May 12 02:02:46 linux.site systemd[326]: Direct leak of 101 byte(s) in 3 object(s) allocated from:
May 12 02:02:46 linux.site systemd[326]: #0 0x7fd1f504993f in strdup (/usr/lib64/libasan.so.2+0x6293f)
May 12 02:02:46 linux.site systemd[326]: #1 0x55d6ffac5336 in strv_new_ap src/shared/strv.c:163
May 12 02:02:46 linux.site systemd[326]: #2 0x55d6ffac56a9 in strv_new src/shared/strv.c:185
May 12 02:02:46 linux.site systemd[326]: #3 0x55d6ffa80272 in generator_paths src/shared/path-lookup.c:223
May 12 02:02:46 linux.site systemd[326]: #4 0x55d6ff9bdb0f in manager_run_generators src/core/manager.c:2828
May 12 02:02:46 linux.site systemd[326]: #5 0x55d6ff9b1a10 in manager_startup src/core/manager.c:1121
May 12 02:02:46 linux.site systemd[326]: #6 0x55d6ff9a78e3 in main src/core/main.c:1667
May 12 02:02:46 linux.site systemd[326]: #7 0x7fd1f394e8c4 in __libc_start_main (/lib64/libc.so.6+0x208c4)
May 12 02:02:46 linux.site systemd[326]: Direct leak of 29 byte(s) in 1 object(s) allocated from:
May 12 02:02:46 linux.site systemd[326]: #0 0x7fd1f504993f in strdup (/usr/lib64/libasan.so.2+0x6293f)
May 12 02:02:46 linux.site systemd[326]: #1 0x55d6ffac5288 in strv_new_ap src/shared/strv.c:152
May 12 02:02:46 linux.site systemd[326]: #2 0x55d6ffac56a9 in strv_new src/shared/strv.c:185
May 12 02:02:46 linux.site systemd[326]: #3 0x55d6ffa80272 in generator_paths src/shared/path-lookup.c:223
May 12 02:02:46 linux.site systemd[326]: #4 0x55d6ff9bdb0f in manager_run_generators src/core/manager.c:2828
May 12 02:02:46 linux.site systemd[326]: #5 0x55d6ff9b1a10 in manager_startup src/core/manager.c:1121
May 12 02:02:46 linux.site systemd[326]: #6 0x55d6ff9a78e3 in main src/core/main.c:1667
May 12 02:02:46 linux.site systemd[326]: #7 0x7fd1f394e8c4 in __libc_start_main (/lib64/libc.so.6+0x208c4)
May 12 02:02:46 linux.site systemd[326]: SUMMARY: AddressSanitizer: 130 byte(s) leaked in 4 allocation(s).
There is a leak due to the the use of cleanup_free instead
_cleanup_strv_free_
Cherry-picked from: f42348ace7feb2311593b8cf6c876856eecf256a
Related: #1331667
---
 src/core/manager.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index bb50503..a1504bf 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -2827,7 +2827,7 @@ static void trim_generator_dir(Manager *m, char **generator) {
 }
 static int manager_run_generators(Manager *m) {
-        _cleanup_free_ char **paths = NULL;
+        _cleanup_strv_free_ char **paths = NULL;
         const char *argv[5];
         char **path;
         int r;
SOURCES/0316-modules-load-fix-memory-leak.patch
New file
@@ -0,0 +1,41 @@
From 3c3d3e3e040d980186fec05506018db2d24faa83 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= <crrodriguez@opensuse.org>
Date: Mon, 11 May 2015 15:37:47 -0300
Subject: [PATCH] modules-load: fix memory leak
=================================================================
==64281==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x7f623c961c4a in malloc (/usr/lib64/libasan.so.2+0x96c4a)
    #1 0x5651f79ad34e in malloc_multiply (/home/crrodriguez/scm/systemd/systemd-modules-load+0x2134e)
    #2 0x5651f79b02d6 in strjoin (/home/crrodriguez/scm/systemd/systemd-modules-load+0x242d6)
    #3 0x5651f79be1f5 in files_add (/home/crrodriguez/scm/systemd/systemd-modules-load+0x321f5)
    #4 0x5651f79be6a3 in conf_files_list_strv_internal (/home/crrodriguez/scm/systemd/systemd-modules-load+0x326a3)
    #5 0x5651f79bea24 in conf_files_list_nulstr (/home/crrodriguez/scm/systemd/systemd-modules-load+0x32a24)
    #6 0x5651f79ad01a in main (/home/crrodriguez/scm/systemd/systemd-modules-load+0x2101a)
    #7 0x7f623c11586f in __libc_start_main (/lib64/libc.so.6+0x2086f)
SUMMARY: AddressSanitizer: 32 byte(s) leaked in 1 allocation(s).
This happens due to the wrong cleanup attribute is used (free vs strv_free)
Cherry-picked from: 4df3277881cffcd3bc9a5238203d6af7e1fd960f
Related: #1331667
---
 src/modules-load/modules-load.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/modules-load/modules-load.c b/src/modules-load/modules-load.c
index 5f67878..bab9246 100644
--- a/src/modules-load/modules-load.c
+++ b/src/modules-load/modules-load.c
@@ -256,7 +256,7 @@ int main(int argc, char *argv[]) {
                 }
         } else {
-                _cleanup_free_ char **files = NULL;
+                _cleanup_strv_free_ char **files = NULL;
                 char **fn, **i;
                 STRV_FOREACH(i, arg_proc_cmdline_modules) {
SOURCES/0317-core-fix-memory-leak-on-failed-preset-all.patch
New file
@@ -0,0 +1,66 @@
From 9d00fbb87c43e129e1ab29298afc86b7e8eed25c Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Mon, 18 Jan 2016 06:10:33 +0000
Subject: [PATCH] core: fix memory leak on failed preset-all
How to reproduce
$ systemctl set-default multi-user # https://github.com/systemd/systemd/issues/2298
$ systemctl preset-all
Failed to execute operation: Too many levels of symbolic links
$ systemctl poweroff
Fixes:
==1==
==1== HEAP SUMMARY:
==1==     in use at exit: 65,645 bytes in 7 blocks
==1==   total heap usage: 40,539 allocs, 40,532 frees, 30,147,547 bytes allocated
==1==
==1== 109 (24 direct, 85 indirect) bytes in 1 blocks are definitely lost in loss record 2 of 7
==1==    at 0x4C2BBCF: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1==    by 0x4C2DE2F: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1==    by 0x23DA71: unit_file_changes_add (install.c:233)
==1==    by 0x23E45D: remove_marked_symlinks_fd (install.c:453)
==1==    by 0x23E267: remove_marked_symlinks_fd (install.c:405)
==1==    by 0x23E641: remove_marked_symlinks (install.c:494)
==1==    by 0x243A91: execute_preset (install.c:2190)
==1==    by 0x244343: unit_file_preset_all (install.c:2351)
==1==    by 0x18AAA2: method_preset_all_unit_files (dbus-manager.c:1846)
==1==    by 0x1D8157: method_callbacks_run (bus-objects.c:420)
==1==    by 0x1DA9E9: object_find_and_run (bus-objects.c:1257)
==1==    by 0x1DB02B: bus_process_object (bus-objects.c:1373)
==1==
==1== LEAK SUMMARY:
==1==    definitely lost: 24 bytes in 1 blocks
==1==    indirectly lost: 85 bytes in 1 blocks
==1==      possibly lost: 0 bytes in 0 blocks
==1==    still reachable: 65,536 bytes in 5 blocks
==1==         suppressed: 0 bytes in 0 blocks
==1== Reachable blocks (those to which a pointer was found) are not shown.
==1== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==1==
==1== For counts of detected and suppressed errors, rerun with: -v
==1== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Cherry-picked from: c292c3af38c8c23e183f3e63ef492926cea64bab
Related: #1331667
---
 src/core/dbus-manager.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index 1a5525e..9eef290 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -1875,8 +1875,10 @@ static int method_preset_all_unit_files(sd_bus *bus, sd_bus_message *message, vo
         scope = m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER;
         r = unit_file_preset_all(scope, runtime, NULL, mm, force, &changes, &n_changes);
-        if (r < 0)
+        if (r < 0) {
+                unit_file_changes_free(changes, n_changes);
                 return r;
+        }
         return reply_unit_file_changes_and_free(m, bus, message, -1, changes, n_changes);
 }
SOURCES/0318-sd-bus-fix-memory-leak-in-test-bus-chat.patch
New file
@@ -0,0 +1,37 @@
From 68550741351080ab8458d54a6900b2b6ea1ef511 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= <crrodriguez@opensuse.org>
Date: Sat, 9 May 2015 22:14:09 -0300
Subject: [PATCH] sd-bus: fix memory leak in test-bus-chat
Building with address sanitizer enabled on GCC 5.1.x a memory leak
is reported because we never close the bus, fix it by using
cleanup variable attribute.
Cherry-picked from: 2f50a2d55bf0a8b5959a6864ae1b39e7e9e0ce08
Related: #1331667
---
 src/libsystemd/sd-bus/test-bus-chat.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/src/libsystemd/sd-bus/test-bus-chat.c b/src/libsystemd/sd-bus/test-bus-chat.c
index 8625ee6..a80aaae 100644
--- a/src/libsystemd/sd-bus/test-bus-chat.c
+++ b/src/libsystemd/sd-bus/test-bus-chat.c
@@ -264,7 +264,7 @@ fail:
 static void* client1(void*p) {
         _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
-        sd_bus *bus = NULL;
+        _cleanup_bus_close_unref_ sd_bus *bus = NULL;
         sd_bus_error error = SD_BUS_ERROR_NULL;
         const char *hello;
         int r;
@@ -347,8 +347,6 @@ finish:
                 else
                         sd_bus_send(bus, q, NULL);
-                sd_bus_flush(bus);
-                sd_bus_unref(bus);
         }
         sd_bus_error_free(&error);
SOURCES/0319-core-fix-memory-leak-in-transient-units.patch
New file
@@ -0,0 +1,55 @@
From c7d030b3f2b5969751872673e9082d0c10c031b5 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Fri, 15 Jan 2016 02:41:27 +0000
Subject: [PATCH] core: fix memory leak in transient units
Fixes:
==1== HEAP SUMMARY:
==1==     in use at exit: 67,182 bytes in 91 blocks
==1==   total heap usage: 70,485 allocs, 70,394 frees, 42,184,635 bytes
allocated
==1==
==1== 5,742 (696 direct, 5,046 indirect) bytes in 29 blocks are
definitely lost in loss record 4 of 7
==1==    at 0x4C2DD9F: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1==    by 0x21ADDD: realloc_multiply (alloc-util.h:67)
==1==    by 0x21BFB0: strv_push (strv.c:448)
==1==    by 0x21C245: strv_consume (strv.c:520)
==1==    by 0x21C33C: strv_extend (strv.c:559)
==1==    by 0x278AD7: unit_write_drop_in (unit.c:3352)
==1==    by 0x278EEB: unit_write_drop_in_private (unit.c:3403)
==1==    by 0x190C21: bus_service_set_transient_property
(dbus-service.c:254)
==1==    by 0x190DBC: bus_service_set_property (dbus-service.c:284)
==1==    by 0x18F00E: bus_unit_set_properties (dbus-unit.c:1226)
==1==    by 0x186F6A: transient_unit_from_message (dbus-manager.c:683)
==1==    by 0x1872B7: method_start_transient_unit (dbus-manager.c:763)
==1==
==1== LEAK SUMMARY:
==1==    definitely lost: 696 bytes in 29 blocks
==1==    indirectly lost: 5,046 bytes in 58 blocks
==1==      possibly lost: 0 bytes in 0 blocks
==1==    still reachable: 61,440 bytes in 4 blocks
==1==         suppressed: 0 bytes in 0 blocks
Cherry-picked from: af4fbf3c1fdd4196f7a325602daaa846fe5f3012
Related: #1331667
---
 src/core/load-dropin.c | 3 +++
 1 file changed, 3 insertions(+)
diff --git a/src/core/load-dropin.c b/src/core/load-dropin.c
index 8be1900..42cf005 100644
--- a/src/core/load-dropin.c
+++ b/src/core/load-dropin.c
@@ -68,6 +68,9 @@ int unit_load_dropin(Unit *u) {
                 }
         }
+        strv_free(u->dropin_paths);
+        u->dropin_paths = NULL;
+
         r = unit_find_dropin_paths(u, &u->dropin_paths);
         if (r <= 0)
                 return 0;
SOURCES/0320-bus-fix-leak-in-error-path.patch
New file
@@ -0,0 +1,52 @@
From 69aaf3c41923fafd9616b1bbec51fa6bcb23b886 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sat, 7 Mar 2015 15:05:50 -0500
Subject: [PATCH] bus: fix leak in error path
CID #1271349.
Cherry-picked from: bcf88fc3f14867f1cabc911c27b661d738281df0
Related: #1331667
---
 src/libsystemd/sd-bus/bus-message.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c
index 2959303..c8402a2 100644
--- a/src/libsystemd/sd-bus/bus-message.c
+++ b/src/libsystemd/sd-bus/bus-message.c
@@ -441,7 +441,7 @@ int bus_message_from_header(
                 size_t extra,
                 sd_bus_message **ret) {
-        sd_bus_message *m;
+        _cleanup_free_ sd_bus_message *m = NULL;
         struct bus_header *h;
         size_t a, label_sz;
@@ -460,15 +460,13 @@ int bus_message_from_header(
                 return -EBADMSG;
         h = header;
-        if (h->version != 1 &&
-            h->version != 2)
+        if (!IN_SET(h->version, 1, 2))
                 return -EBADMSG;
         if (h->type == _SD_BUS_MESSAGE_TYPE_INVALID)
                 return -EBADMSG;
-        if (h->endian != BUS_LITTLE_ENDIAN &&
-            h->endian != BUS_BIG_ENDIAN)
+        if (!IN_SET(h->endian, BUS_LITTLE_ENDIAN, BUS_BIG_ENDIAN))
                 return -EBADMSG;
         /* Note that we are happy with unknown flags in the flags header! */
@@ -557,6 +555,7 @@ int bus_message_from_header(
         m->bus = sd_bus_ref(bus);
         *ret = m;
+        m = NULL;
         return 0;
 }
SOURCES/0321-shared-logs-show-fix-memleak-in-add_matches_for_unit.patch
New file
@@ -0,0 +1,24 @@
From c95edddeb70a48202a0baf7b71450be87d2d921c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 12 Apr 2016 23:36:37 -0400
Subject: [PATCH] shared/logs-show: fix memleak in add_matches_for_unit
Cherry-picked from: 42fbdf45864b46f3eb62a3738b81e687685eb9bd
Related: #1331667
---
 src/shared/logs-show.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c
index c249505..8c37411 100644
--- a/src/shared/logs-show.c
+++ b/src/shared/logs-show.c
@@ -1060,7 +1060,7 @@ int add_matches_for_unit(sd_journal *j, const char *unit) {
         );
         if (r == 0 && endswith(unit, ".slice")) {
-                char *m5 = strappend("_SYSTEMD_SLICE=", unit);
+                const char *m5 = strjoina("_SYSTEMD_SLICE=", unit);
                 /* Show all messages belonging to a slice */
                 (void)(
SOURCES/0322-logind-introduce-LockedHint-and-SetLockedHint-3238.patch
New file
@@ -0,0 +1,164 @@
From 75131b469fa9e1e2e3cb623fa1f3d36cba36af78 Mon Sep 17 00:00:00 2001
From: Victor Toso <me@victortoso.com>
Date: Wed, 11 May 2016 19:34:13 +0200
Subject: [PATCH] logind: introduce LockedHint and SetLockedHint (#3238)
Desktop environments can keep this property up to date to allow
applications to easily track session's Lock status.
Cherry-picked from: 42d35e1301928d08dd32ec51f0205252ae658ba5
Resolves: #1335499
---
 src/login/logind-session-dbus.c       | 50 +++++++++++++++++++++++++++++++++++
 src/login/logind-session.c            | 17 ++++++++++++
 src/login/logind-session.h            |  4 +++
 src/login/org.freedesktop.login1.conf |  4 +++
 4 files changed, 75 insertions(+)
diff --git a/src/login/logind-session-dbus.c b/src/login/logind-session-dbus.c
index 4e7edef..75b7186 100644
--- a/src/login/logind-session-dbus.c
+++ b/src/login/logind-session-dbus.c
@@ -180,6 +180,24 @@ static int property_get_idle_since_hint(
         return sd_bus_message_append(reply, "t", u);
 }
+static int property_get_locked_hint(
+                sd_bus *bus,
+                const char *path,
+                const char *interface,
+                const char *property,
+                sd_bus_message *reply,
+                void *userdata,
+                sd_bus_error *error) {
+
+        Session *s = userdata;
+
+        assert(bus);
+        assert(reply);
+        assert(s);
+
+        return sd_bus_message_append(reply, "b", session_get_locked_hint(s) > 0);
+}
+
 static int method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
         Session *s = userdata;
         int r;
@@ -255,6 +273,36 @@ static int method_set_idle_hint(sd_bus *bus, sd_bus_message *message, void *user
         return sd_bus_reply_method_return(message, NULL);
 }
+static int method_set_locked_hint(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
+        _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
+        Session *s = userdata;
+        uid_t uid;
+        int r, b;
+
+        assert(bus);
+        assert(message);
+        assert(s);
+
+        r = sd_bus_message_read(message, "b", &b);
+        if (r < 0)
+                return r;
+
+        r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_EUID, &creds);
+        if (r < 0)
+                return r;
+
+        r = sd_bus_creds_get_euid(creds, &uid);
+        if (r < 0)
+                return r;
+
+        if (uid != 0 && uid != s->user->uid)
+                return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Only owner of session may set locked hint");
+
+        session_set_locked_hint(s, b);
+
+        return sd_bus_reply_method_return(message, NULL);
+}
+
 static int method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
         Session *s = userdata;
         const char *swho;
@@ -455,6 +503,7 @@ const sd_bus_vtable session_vtable[] = {
         SD_BUS_PROPERTY("IdleHint", "b", property_get_idle_hint, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
         SD_BUS_PROPERTY("IdleSinceHint", "t", property_get_idle_since_hint, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
         SD_BUS_PROPERTY("IdleSinceHintMonotonic", "t", property_get_idle_since_hint, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
+        SD_BUS_PROPERTY("LockedHint", "b", property_get_locked_hint, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
         SD_BUS_METHOD("Terminate", NULL, NULL, method_terminate, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
         SD_BUS_METHOD("Activate", NULL, NULL, method_activate, SD_BUS_VTABLE_UNPRIVILEGED),
@@ -462,6 +511,7 @@ const sd_bus_vtable session_vtable[] = {
         SD_BUS_METHOD("Unlock", NULL, NULL, method_lock, 0),
         SD_BUS_METHOD("SetIdleHint", "b", NULL, method_set_idle_hint, SD_BUS_VTABLE_UNPRIVILEGED),
         SD_BUS_METHOD("Kill", "si", NULL, method_kill, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
+        SD_BUS_METHOD("SetLockedHint", "b", NULL, method_set_locked_hint, SD_BUS_VTABLE_UNPRIVILEGED),
         SD_BUS_METHOD("TakeControl", "b", NULL, method_take_control, SD_BUS_VTABLE_UNPRIVILEGED),
         SD_BUS_METHOD("ReleaseControl", NULL, NULL, method_release_control, SD_BUS_VTABLE_UNPRIVILEGED),
         SD_BUS_METHOD("TakeDevice", "uu", "hb", method_take_device, SD_BUS_VTABLE_UNPRIVILEGED),
diff --git a/src/login/logind-session.c b/src/login/logind-session.c
index d2e7b40..dc24539 100644
--- a/src/login/logind-session.c
+++ b/src/login/logind-session.c
@@ -843,6 +843,23 @@ void session_set_idle_hint(Session *s, bool b) {
         manager_send_changed(s->manager, "IdleHint", "IdleSinceHint", "IdleSinceHintMonotonic", NULL);
 }
+int session_get_locked_hint(Session *s) {
+        assert(s);
+
+        return s->locked_hint;
+}
+
+void session_set_locked_hint(Session *s, bool b) {
+        assert(s);
+
+        if (s->locked_hint == b)
+                return;
+
+        s->locked_hint = b;
+
+        session_send_changed(s, "LockedHint", NULL);
+}
+
 static int session_dispatch_fifo(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
         Session *s = userdata;
diff --git a/src/login/logind-session.h b/src/login/logind-session.h
index a007fb5..5002b68 100644
--- a/src/login/logind-session.h
+++ b/src/login/logind-session.h
@@ -111,6 +111,8 @@ struct Session {
         bool idle_hint;
         dual_timestamp idle_hint_timestamp;
+        bool locked_hint;
+
         bool in_gc_queue:1;
         bool started:1;
         bool stopping:1;
@@ -137,6 +139,8 @@ int session_activate(Session *s);
 bool session_is_active(Session *s);
 int session_get_idle_hint(Session *s, dual_timestamp *t);
 void session_set_idle_hint(Session *s, bool b);
+int session_get_locked_hint(Session *s);
+void session_set_locked_hint(Session *s, bool b);
 int session_create_fifo(Session *s);
 int session_start(Session *s);
 int session_stop(Session *s, bool force);
diff --git a/src/login/org.freedesktop.login1.conf b/src/login/org.freedesktop.login1.conf
index 1318328..dc7e0be 100644
--- a/src/login/org.freedesktop.login1.conf
+++ b/src/login/org.freedesktop.login1.conf
@@ -162,6 +162,10 @@
                 <allow send_destination="org.freedesktop.login1"
                        send_interface="org.freedesktop.login1.Session"
+                       send_member="SetLockedHint"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.login1.Session"
                        send_member="TakeControl"/>
                 <allow send_destination="org.freedesktop.login1"
SOURCES/0323-import-use-the-old-curl-api.patch
New file
@@ -0,0 +1,40 @@
From 575f559bcd992d7fd2d7d46b695b7f42923b4463 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Wed, 6 Apr 2016 15:39:09 +0200
Subject: [PATCH] import: use the old curl api
libcurl in rhel does not have CURLOPT_XFERINFO* symbols, so lets use the
old interface.
RHEL-only
Resolves: #1284974
---
 src/import/import-job.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/import/import-job.c b/src/import/import-job.c
index 8094865..5f9cfd3 100644
--- a/src/import/import-job.c
+++ b/src/import/import-job.c
@@ -587,7 +587,7 @@ fail:
         return 0;
 }
-static int import_job_progress_callback(void *userdata, curl_off_t dltotal, curl_off_t dlnow, curl_off_t ultotal, curl_off_t ulnow) {
+static int import_job_progress_callback(void *userdata, double dltotal, double dlnow, double ultotal, double ulnow) {
         ImportJob *j = userdata;
         unsigned percent;
         usec_t n;
@@ -714,10 +714,10 @@ int import_job_begin(ImportJob *j) {
         if (curl_easy_setopt(j->curl, CURLOPT_HEADERDATA, j) != CURLE_OK)
                 return -EIO;
-        if (curl_easy_setopt(j->curl, CURLOPT_XFERINFOFUNCTION, import_job_progress_callback) != CURLE_OK)
+        if (curl_easy_setopt(j->curl, CURLOPT_PROGRESSFUNCTION, import_job_progress_callback) != CURLE_OK)
                 return -EIO;
-        if (curl_easy_setopt(j->curl, CURLOPT_XFERINFODATA, j) != CURLE_OK)
+        if (curl_easy_setopt(j->curl, CURLOPT_PROGRESSDATA, j) != CURLE_OK)
                 return -EIO;
         if (curl_easy_setopt(j->curl, CURLOPT_NOPROGRESS, 0) != CURLE_OK)
SOURCES/0324-importd-drop-dkr-support.patch
New file
@@ -0,0 +1,1694 @@
From b4bfb025f7ab0878e8e7e980dbad5b0a5bed1555 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 10 Dec 2015 12:40:04 +0100
Subject: [PATCH] importd: drop dkr support
The current code is not compatible with current dkr protocols anyway,
and dkr has a different focus ("microservices") than nspawn anyway
("whole machine containers"), hence drop support for it, we cannot
reasonably keep this up to date, and it creates the impression we'd
actually care for the microservices usecase.
Cherry-picked from: b43d75c
Related: #1284974
---
 Makefile.am                             |   2 -
 TODO                                    |   4 -
 configure.ac                            |   9 -
 man/machinectl.xml                      |  58 ---
 src/import/import-dkr.c                 | 891 --------------------------------
 src/import/import-dkr.h                 |  36 --
 src/import/importd.c                    | 111 +---
 src/import/org.freedesktop.import1.conf |   4 -
 src/import/pull.c                       | 119 +----
 src/machine/machinectl.c                |  90 +---
 src/shared/import-util.c                |  31 --
 src/shared/import-util.h                |   4 -
 12 files changed, 5 insertions(+), 1354 deletions(-)
 delete mode 100644 src/import/import-dkr.c
 delete mode 100644 src/import/import-dkr.h
diff --git a/Makefile.am b/Makefile.am
index 3a09e0a..b0a34b2 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -5369,8 +5369,6 @@ systemd_pull_SOURCES = \
     src/import/import-raw.h \
     src/import/import-tar.c \
     src/import/import-tar.h \
-    src/import/import-dkr.c \
-    src/import/import-dkr.h \
     src/import/import-job.c \
     src/import/import-job.h \
     src/import/import-common.c \
diff --git a/TODO b/TODO
index 90b2c4b..d96d2bf 100644
--- a/TODO
+++ b/TODO
@@ -126,10 +126,6 @@ Features:
 * rework journald sigbus stuff to use mutex
-* import-dkr: support tarsum checksum verification, if it becomes reality one day...
-
-* import-dkr: convert json bits to nspawn configuration
-
 * import: support import from local files, and export to local files
 * core/cgroup: support net_cls modules, and support automatically allocating class ids, then add support for making firewall changes depending on it, to implement a per-service firewall
diff --git a/configure.ac b/configure.ac
index 9103f9b..2734368 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1389,14 +1389,6 @@ AC_ARG_ENABLE([split-usr],
                 enable_split_usr=no
         ])])
-AC_ARG_WITH([dkr-index-url],
-        [AS_HELP_STRING([--dkr-index-url=URL], [Specify the default index URL to use for image downloads])],
-        [DEFAULT_DKR_INDEX_URL="\"$withval\""],
-        [DEFAULT_DKR_INDEX_URL="NULL"])
-
-AC_DEFINE_UNQUOTED(DEFAULT_DKR_INDEX_URL, [$DEFAULT_DKR_INDEX_URL], [Default index URL to use for image downloads])
-AC_SUBST(DEFAULT_DKR_INDEX_URL)
-
 AS_IF([test "x${enable_split_usr}" = "xyes"], [
         AC_DEFINE(HAVE_SPLIT_USR, 1, [Define if /bin, /sbin aren't symlinks into /usr])
 ])
@@ -1564,7 +1556,6 @@ AC_MSG_RESULT([
         Maximum System UID:      ${SYSTEM_UID_MAX}
         Maximum System GID:      ${SYSTEM_GID_MAX}
         Certificate root:        ${CERTIFICATEROOT}
-        Default dkr Index        ${DEFAULT_DKR_INDEX_URL}
         CFLAGS:                  ${OUR_CFLAGS} ${CFLAGS}
         CPPFLAGS:                ${OUR_CPPFLAGS} ${CPPFLAGS}
diff --git a/man/machinectl.xml b/man/machinectl.xml
index 640cb8b..b0a7f2a 100644
--- a/man/machinectl.xml
+++ b/man/machinectl.xml
@@ -204,16 +204,6 @@
         image.</para></listitem>
       </varlistentry>
-      <varlistentry>
-        <term><option>--dkr-index-url</option></term>
-
-        <listitem><para>Specifies the index server to use for
-        downloading <literal>dkr</literal> images with the
-        <command>pull-dkr</command>. Takes a
-        <literal>http://</literal>, <literal>https://</literal>
-        URL.</para></listitem>
-      </varlistentry>
-
       <xi:include href="user-system-options.xml" xpointer="host" />
       <xi:include href="user-system-options.xml" xpointer="machine" />
@@ -603,42 +593,6 @@
       </varlistentry>
       <varlistentry>
-        <term><command>pull-dkr</command> <replaceable>REMOTE</replaceable> [<replaceable>NAME</replaceable>]</term>