#global commit c4b843473a75fb38ed5bf54e9d3cfb1cb3719efa %{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})} %global dist .hs+fb.el9 %global facebook 1 %if 0%{?facebook} %global hs_commit 29312dc9281668410f092c6f43234cb31a37e9bb %else %global hs_commit f98cd058e4e973ca9db22551f1332ce0855fe3cf %endif # We ship a .pc file but don't want to have a dep on pkg-config. We # strip the automatically generated dep here and instead co-own the # directory. %global __requires_exclude pkg-config %global pkgdir %{_prefix}/lib/systemd %global system_unit_dir %{pkgdir}/system %global user_unit_dir %{pkgdir}/user %if 0%{?__isa_bits} == 64 %global elf_bits (64bit) %global elf_suffix ()%{elf_bits} %endif # Bootstrap may be needed to break circular dependencies with cryptsetup, # e.g. when re-building cryptsetup on a json-c SONAME-bump. %bcond_with bootstrap %bcond_without tests %bcond_without lto # Support for quick builds with rpmbuild --build-in-place. # See README.build-in-place. %bcond_with inplace Name: systemd Url: https://pagure.io/centos-sig-hyperscale/systemd %if %{without inplace} Version: 253 %else # determine the build information from local checkout Version: %(tools/meson-vcs-tag.sh . error | sed -r 's/-([0-9])/.^\1/; s/-g/_g/') %endif Release: 1.20230704121225411958.pr28239.3277.g5a9a5b7a41%{?dist} %global stable %(c="%version"; [ "$c" = "${c#*.*}" ]; echo $?) # For a breakdown of the licensing, see README License: LGPL-2.1-or-later AND MIT AND GPL-2.0-or-later Summary: System and Service Manager # download tarballs with "spectool -g systemd.spec" Source0: systemd-253.tar.gz # This file must be available before %%prep. # It is generated during systemd build and can be found in build/src/core/. Source1: triggers.systemd Source2: split-files.py Source3: purge-nobody-user # Prevent accidental removal of the systemd package Source4: yum-protect-systemd.conf Source5: inittab Source6: sysctl.conf.README Source7: systemd-journal-remote.xml Source8: systemd-journal-gatewayd.xml Source9: 20-yama-ptrace.conf Source10: systemd-udev-trigger-no-reload.conf Source13: libsystemd-shared.abignore Source14: 10-oomd-defaults.conf Source15: 10-oomd-per-slice-defaults.conf Source16: 10-timeout-abort.conf Source17: 10-map-count.conf Source21: macros.sysusers Source22: sysusers.attr Source23: sysusers.prov Source24: sysusers.generate-pre.sh Source25: 98-default-mac-none.link # Needed for selinux subpackage Source100: Makefile.selinux Source101: systemd_hs.te Source102: systemd_hs.if Source103: systemd_hs.fc %if 0 GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v235..v235-stable i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done|xclip GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[67]* hwdb/parse_hwdb.py >hwdb.patch %endif # Backports of patches from upstream (0000–0499) # # Any patches which are "in preparation" upstream should be listed here, rather # than in the next section. Packit CI will drop any patches in this range before # applying upstream pull requests. # https://github.com/systemd/systemd/issues/26488 # https://bugzilla.redhat.com/show_bug.cgi?id=2164404 # Those are downstream-only patches, but we don't want them in packit builds: # https://bugzilla.redhat.com/show_bug.cgi?id=1738828 # Adjust upstream config to use our shared stack %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 %endif BuildRequires: gcc BuildRequires: gcc-c++ BuildRequires: clang BuildRequires: coreutils BuildRequires: libcap-devel BuildRequires: libmount-devel BuildRequires: libfdisk-devel BuildRequires: libpwquality-devel BuildRequires: pam-devel BuildRequires: libselinux-devel BuildRequires: audit-libs-devel %if %{without bootstrap} BuildRequires: cryptsetup-devel %endif BuildRequires: dbus-devel BuildRequires: /usr/sbin/sfdisk # /usr/bin/getfacl is needed by test-acl-util BuildRequires: /usr/bin/getfacl BuildRequires: libacl-devel BuildRequires: gobject-introspection-devel BuildRequires: libblkid-devel BuildRequires: xz-devel BuildRequires: xz BuildRequires: lz4-devel BuildRequires: lz4 BuildRequires: bzip2-devel BuildRequires: libzstd-devel BuildRequires: libidn2-devel BuildRequires: libcurl-devel BuildRequires: kmod-devel BuildRequires: elfutils-devel BuildRequires: openssl-devel BuildRequires: gnutls-devel %if %{undefined rhel} BuildRequires: qrencode-devel %endif BuildRequires: libmicrohttpd-devel BuildRequires: libxkbcommon-devel BuildRequires: iptables-devel BuildRequires: pkgconfig(libfido2) BuildRequires: pkgconfig(tss2-esys) BuildRequires: pkgconfig(tss2-rc) BuildRequires: pkgconfig(tss2-mu) BuildRequires: pkgconfig(libbpf) BuildRequires: systemtap-sdt-devel BuildRequires: libxslt BuildRequires: docbook-style-xsl BuildRequires: pkgconfig BuildRequires: gperf BuildRequires: gawk BuildRequires: tree BuildRequires: hostname BuildRequires: python3 BuildRequires: python3-devel BuildRequires: python3dist(jinja2) BuildRequires: python3dist(lxml) BuildRequires: python3dist(pefile) %if %{undefined rhel} BuildRequires: python3dist(pillow) BuildRequires: python3dist(pytest-flakes) %endif BuildRequires: python3dist(pytest) %if %{undefined rhel} BuildRequires: python3dist(zstd) %endif # gzip and lzma are provided by the stdlib BuildRequires: firewalld-filesystem BuildRequires: libseccomp-devel %if 0%{?el8} BuildRequires: meson >= 0.57 %else BuildRequires: meson >= 0.43 %endif BuildRequires: gettext # We use RUNNING_ON_VALGRIND in tests, so the headers need to be available BuildRequires: valgrind-devel BuildRequires: pkgconfig(bash-completion) BuildRequires: perl BuildRequires: perl(IPC::SysV) %ifnarch %ix86 # bpftool is not built for i368 BuildRequires: bpftool %global have_bpf 1 %endif %if 0%{?fedora} %ifarch x86_64 aarch64 # That package is only built for those two architectures BuildRequires: xen-devel %endif %endif Requires(post): coreutils Requires(post): grep # systemd-machine-id-setup requires libssl Requires(post): openssl-libs Requires: dbus >= 1.9.18 Requires: %{name}-pam = %{version}-%{release} Requires: (%{name}-rpm-macros = %{version}-%{release} if rpm-build) Requires: %{name}-libs = %{version}-%{release} %{?fedora:Recommends: %{name}-networkd = %{version}-%{release}} %{?fedora:Recommends: %{name}-resolved = %{version}-%{release}} Recommends: diffutils Requires: (util-linux-core or util-linux) Recommends: libxkbcommon%{_isa} Provides: /bin/systemctl Provides: /sbin/shutdown Provides: syslog Provides: systemd-units = %{version}-%{release} Obsoletes: system-setup-keyboard < 0.9 Provides: system-setup-keyboard = 0.9 # systemd-sysv-convert was removed in f20: https://fedorahosted.org/fpc/ticket/308 Obsoletes: systemd-sysv < 206 # self-obsoletes so that dnf will install new subpackages on upgrade (#1260394) %if 0%{?facebook} == 0 Obsoletes: %{name} < 249~~ Conflicts: initscripts < 9.56.1 %endif Provides: systemd-sysv = 206 %if 0%{?fedora} Conflicts: fedora-release < 23-0.12 %endif Obsoletes: timedatex < 0.6-3 Provides: timedatex = 0.6-3 Conflicts: %{name}-standalone-repart < %{version}-%{release}^ Provides: %{name}-repart = %{version}-%{release} Conflicts: %{name}-standalone-tmpfiles < %{version}-%{release}^ Provides: %{name}-tmpfiles = %{version}-%{release} Conflicts: %{name}-standalone-sysusers < %{version}-%{release}^ Provides: %{name}-sysusers = %{version}-%{release} Conflicts: %{name}-standalone-shutdown < %{version}-%{release}^ Provides: %{name}-shutdown = %{version}-%{release} # Recommends to replace normal Requires deps for stuff that is dlopen()ed Recommends: libidn2.so.0%{?elf_suffix} Recommends: libidn2.so.0(IDN2_0.0.0)%{?elf_bits} Recommends: libpcre2-8.so.0%{?elf_suffix} Recommends: libpwquality.so.1%{?elf_suffix} Recommends: libpwquality.so.1(LIBPWQUALITY_1.0)%{?elf_bits} %if %{undefined rhel} Recommends: libqrencode.so.4%{?elf_suffix} %endif Recommends: libbpf.so.0%{?elf_suffix} Recommends: libbpf.so.0(LIBBPF_0.4.0)%{?elf_bits} Requires: (%{name}-selinux = %{version}-%{release} if selinux-policy) Recommends: libbpf.so.0%{?elf_suffix} Recommends: libbpf.so.0(LIBBPF_0.4.0)%{?elf_bits} # used by systemd-coredump and systemd-analyze Recommends: libdw.so.1%{?elf_suffix} Recommends: libdw.so.1(ELFUTILS_0.186)%{?elf_bits} Recommends: libelf.so.1%{?elf_suffix} Recommends: libelf.so.1(ELFUTILS_1.7)%{?elf_bits} # used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home Recommends: libcryptsetup.so.12%{?elf_suffix} Recommends: libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits} %description systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts of this package are a logging daemon, utilities to control basic system configuration like the hostname, date, locale, maintain a list of logged-in users, system accounts, runtime directories and settings, and a logging daemons. %if 0%{?stable} This package was built from the %(c=%version; echo "v${c%.*}-stable") branch of systemd. %endif %package libs Summary: systemd libraries License: LGPL-2.1-or-later AND MIT Obsoletes: libudev < 183 Obsoletes: systemd < 185-4 Conflicts: systemd < 185-4 Obsoletes: systemd-compat-libs < 230 Obsoletes: nss-myhostname < 0.4 Provides: nss-myhostname = 0.4 Provides: nss-myhostname%{_isa} = 0.4 %description libs Libraries for systemd and udev. %package pam Summary: systemd PAM module Requires: %{name} = %{version}-%{release} %description pam Systemd PAM module registers the session with systemd-logind. %package rpm-macros Summary: Macros that define paths and scriptlets related to systemd BuildArch: noarch # Make sure we obsolete the existing version and any possible future versions # of epel-rpm-macros-systemd in c8s and c9s. Conflicts: epel-rpm-macros-systemd < 10-0 Obsoletes: epel-rpm-macros-systemd < 10-0 Provides: epel-rpm-macros-systemd = 10-0 %description rpm-macros Just the definitions of rpm macros. See https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_systemd for information how to use those macros. %package devel Summary: Development headers for systemd License: LGPL-2.1-or-later AND MIT Requires: %{name}-libs%{_isa} = %{version}-%{release} Requires: (%{name}-rpm-macros = %{version}-%{release} if rpm-build) Provides: libudev-devel = %{version} Provides: libudev-devel%{_isa} = %{version} Obsoletes: libudev-devel < 183 %description devel Development headers and auxiliary files for developing applications linking to libudev or libsystemd. %package udev Summary: Rule-based device node and kernel event manager License: LGPL-2.1-or-later Requires: systemd%{_isa} = %{version}-%{release} Requires(post): systemd Requires(preun): systemd Requires(postun): systemd Requires(post): grep Requires: kmod >= 18-4 %if 0%{?facebook} == 0 # https://bodhi.fedoraproject.org/updates/FEDORA-2020-dd43dd05b1 Obsoletes: systemd < 245.6-1 %endif Provides: udev = %{version} Provides: udev%{_isa} = %{version} Obsoletes: udev < 183 Conflicts: systemd-timesyncd < %{version}-%{release} Obsoletes: systemd-timesyncd < %{version}-%{release} Provides: systemd-timesyncd = %{version}-%{release} # Recommends to replace normal Requires deps for stuff that is dlopen()ed # used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home Recommends: libcryptsetup.so.12%{?elf_suffix} Recommends: libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits} # used by systemd-coredump and systemd-analyze Recommends: libdw.so.1%{?elf_suffix} Recommends: libdw.so.1(ELFUTILS_0.186)%{?elf_bits} Recommends: libelf.so.1%{?elf_suffix} Recommends: libelf.so.1(ELFUTILS_1.7)%{?elf_bits} # used by home, cryptsetup, cryptenroll, logind Recommends: libfido2.so.1%{?elf_suffix} Recommends: libp11-kit.so.0%{?elf_suffix} Recommends: libtss2-esys.so.0%{?elf_suffix} Recommends: libtss2-mu.so.0%{?elf_suffix} Recommends: libtss2-rc.so.0%{?elf_suffix} # https://bugzilla.redhat.com/show_bug.cgi?id=1377733#c9 Suggests: systemd-bootchart # https://bugzilla.redhat.com/show_bug.cgi?id=1408878 Requires: kbd # https://bugzilla.redhat.com/show_bug.cgi?id=1753381 Provides: u2f-hidraw-policy = 1.0.2-40 Obsoletes: u2f-hidraw-policy < 1.0.2-40 %description udev This package contains systemd-udev and the rules and hardware database needed to manage device nodes. This package is necessary on physical machines and in virtual machines, but not in containers. This package also provides systemd-timesyncd, a network time protocol daemon. It also contains tools to manage encrypted home areas and secrets bound to the machine, and to create or grow partitions and make file systems automatically. %if 0%{?have_gnu_efi} %package ukify Summary: Tool to build Unified Kernel Images Requires: %{name} = %{version}-%{release} # We prefer llvm-objcopy over objcopy. Requires: (llvm or binutils) Recommends: llvm Requires: python3dist(pefile) %if %{undefined rhel} Requires: python3dist(zstd) %endif Recommends: python3dist(pillow) BuildArch: noarch %description ukify This package provides ukify, a script that combines a kernel image, an initrd, with a command line, and possibly PCR measurements and other metadata, into a Unified Kernel Image (UKI). %package boot-unsigned Summary: UEFI boot manager (unsigned version) Provides: systemd-boot-unsigned-%{efi_arch} = %version-%release Provides: systemd-boot = %version-%release Provides: systemd-boot%{_isa} = %version-%release # A provides with just the version, no release or dist, used to build systemd-boot Provides: version(systemd-boot-unsigned) = %version Provides: version(systemd-boot-unsigned)%{_isa} = %version # self-obsoletes to install both packages after split of systemd-boot Obsoletes: systemd-udev < 252.2^ %description boot-unsigned systemd-boot (short: sd-boot) is a simple UEFI boot manager. It provides a graphical menu to select the entry to boot and an editor for the kernel command line. systemd-boot supports systems with UEFI firmware only. This package contains the unsigned version. Install systemd-boot instead to get the version that works with Secure Boot. %endif %package container # Name is the same as in Debian Summary: Tools for containers and VMs Requires: %{name}%{_isa} = %{version}-%{release} Requires(post): systemd Requires(preun): systemd Requires(postun): systemd # obsolete parent package so that dnf will install new subpackage on upgrade (#1260394) Obsoletes: %{name} < 229-5 # Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040) Suggests: libcurl-minimal License: LGPL-2.1-or-later %description container Systemd tools to spawn and manage containers and virtual machines. This package contains systemd-nspawn, machinectl, systemd-machined, and systemd-importd. %package journal-remote # Name is the same as in Debian Summary: Tools to send journal events over the network Requires: %{name}%{_isa} = %{version}-%{release} License: LGPL-2.1-or-later Requires: firewalld-filesystem Provides: %{name}-journal-gateway = %{version}-%{release} Provides: %{name}-journal-gateway%{_isa} = %{version}-%{release} Obsoletes: %{name}-journal-gateway < 227-7 # Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040) Suggests: libcurl-minimal %description journal-remote Programs to forward journal entries over the network, using encrypted HTTP, and to write journal files from serialized journal contents. This package contains systemd-journal-gatewayd, systemd-journal-remote, and systemd-journal-upload. %package networkd Summary: System daemon that manages network configurations Requires: %{name}%{_isa} = %{version}-%{release} License: LGPL-2.1-or-later %if 0%{?facebook} == 0 # https://src.fedoraproject.org/rpms/systemd/pull-request/34 Obsoletes: systemd < 246.6-2 %endif %description networkd systemd-networkd is a system service that manages networks. It detects and configures network devices as they appear, as well as creating virtual network devices. %package resolved Summary: Network Name Resolution manager Requires: %{name}%{_isa} = %{version}-%{release} %if 0%{?facebook} == 0 Obsoletes: %{name} < 249~~ %endif Requires: libidn2.so.0%{?elf_suffix} Requires: libidn2.so.0(IDN2_0.0.0)%{?elf_bits} Requires(posttrans): grep %description resolved systemd-resolved is a system service that provides network name resolution to local applications. It implements a caching and validating DNS/DNSSEC stub resolver, as well as an LLMNR and MulticastDNS resolver and responder. %package oomd-defaults Summary: Configuration files for systemd-oomd Requires: %{name} = %{version}-%{release} License: LGPL-2.1-or-later BuildArch: noarch %description oomd-defaults A set of drop-in files for systemd units to enable action from systemd-oomd, a userspace out-of-memory (OOM) killer. %package tests Summary: Internal unit tests for systemd Requires: %{name}%{_isa} = %{version}-%{release} License: LGPL-2.1-or-later %description tests "Installed tests" that are usually run as part of the build system. They can be useful to test systemd internals. %package standalone-repart Summary: Standalone systemd-repart binary for use on systems without systemd Provides: %{name}-repart = %{version}-%{release} RemovePathPostfixes: .standalone %description standalone-repart Standalone systemd-repart binary with no dependencies on the systemd-shared library or other libraries from systemd-libs. This package conflicts with the main systemd package and is meant for use on systems without systemd. %package standalone-tmpfiles Summary: Standalone systemd-tmpfiles binary for use on systems without systemd Provides: %{name}-tmpfiles = %{version}-%{release} RemovePathPostfixes: .standalone %description standalone-tmpfiles Standalone systemd-tmpfiles binary with no dependencies on the systemd-shared library or other libraries from systemd-libs. This package conflicts with the main systemd package and is meant for use on systems without systemd. %package standalone-sysusers Summary: Standalone systemd-sysusers binary for use on systems without systemd Provides: %{name}-sysusers = %{version}-%{release} RemovePathPostfixes: .standalone %description standalone-sysusers Standalone systemd-sysusers binary with no dependencies on the systemd-shared library or other libraries from systemd-libs. This package conflicts with the main systemd package and is meant for use on systems without systemd. %package standalone-shutdown Summary: Standalone systemd-shutdown binary for use on systems without systemd Provides: %{name}-shutdown = %{version}-%{release} RemovePathPostfixes: .standalone %description standalone-shutdown Standalone systemd-shutdown binary with no dependencies on the systemd-shared library or other libraries from systemd-libs. This package conflicts with the main systemd package and is meant for use in exitrds. %package selinux Summary: SELinux module for systemd BuildArch: noarch BuildRequires: bzip2 BuildRequires: make BuildRequires: selinux-policy BuildRequires: selinux-policy-devel Requires(post): selinux-policy-base >= %{_selinux_policy_version} Requires(post): policycoreutils Requires(pre): libselinux-utils Requires(post): libselinux-utils %description selinux This package provides the SELinux policy module to ensure systemd runs properly under an environment with SELinux enabled. %prep # pagure strips the '+' from 'hs+fb' for the top directory in the tar archive so # the top directory is hsfb-250.3 instead of hs+fb-250.3. %autosetup -n systemd-253 -p1 # We want to update sd-boot from packaging scriptlets after package update. # Let's disable the service. sed -r -i '/^enable systemd-boot-update.service/d' presets/90-systemd.preset sed -r 's|/system/|/user/|g' %{SOURCE16} >10-timeout-abort.conf.user mkdir selinux cp %SOURCE100 %SOURCE101 %SOURCE102 %SOURCE103 selinux %generate_buildrequires %if 0%{?have_gnu_efi} if grep -q gnu-efi meson_options.txt; then echo 'gnu-efi' echo 'gnu-efi-devel' else echo 'python3dist(pyelftools)' fi %endif %build %global ntpvendor %(source /etc/os-release; echo ${ID}) %{!?ntpvendor: echo 'NTP vendor zone is not set!'; exit 1} CONFIGURE_OPTS=( --werror -Dmode=release -Dsysvinit-path=/etc/rc.d/init.d -Drc-local=/etc/rc.d/rc.local -Dntp-servers='0.%{ntpvendor}.pool.ntp.org 1.%{ntpvendor}.pool.ntp.org 2.%{ntpvendor}.pool.ntp.org 3.%{ntpvendor}.pool.ntp.org' -Ddns-servers= -Duser-path=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin -Dservice-watchdog= -Ddev-kvm-mode=0666 -Dkmod=true -Dxkbcommon=true -Dblkid=true -Dfdisk=true -Dseccomp=true -Dima=true -Dselinux=true %if 0%{?have_bpf} -Dbpf-framework=true %else -Dbpf-framework=false %endif -Dapparmor=false -Dpolkit=true -Dxz=true -Dzlib=true -Dbzip2=true -Dlz4=true -Dzstd=true -Dpam=true -Dacl=true -Dsmack=true -Dopenssl=true -Dcryptolib=openssl -Dp11kit=true -Dgcrypt=false -Daudit=true -Delfutils=true %if %{with bootstrap} -Dlibcryptsetup=false %else -Dlibcryptsetup=true %endif -Delfutils=true -Dpwquality=true -Dqrencode=%[%{defined rhel}?"false":"true"] -Dgnutls=true -Dmicrohttpd=true -Dlibidn2=true -Dlibiptc=false -Dlibcurl=true -Dlibfido2=true -Defi=true -Dtpm=true -Dtpm2=true -Dhwdb=true -Dsysusers=true -Dstandalone-binaries=true -Ddefault-kill-user-processes=false -Dfirst-boot-full-preset=true -Dtests=unsafe -Dinstall-tests=true -Dtty-gid=5 -Dusers-gid=100 -Dnobody-user=nobody -Dnobody-group=nobody -Dcompat-mutable-uid-boundaries=true -Dsplit-usr=false -Dsplit-bin=true %if %{with lto} -Db_lto=true %else -Db_lto=false %endif -Db_ndebug=false -Dman=true # there is stuff that relies on the "v" prefix -Dversion-tag=v%{version}-%{release} # https://bugzilla.redhat.com/show_bug.cgi?id=1906010 -Dshared-lib-tag=%{version}-%{release} -Dfallback-hostname="localhost" -Ddefault-dnssec=no -Ddefault-dns-over-tls=no # https://bugzilla.redhat.com/show_bug.cgi?id=1867830 -Ddefault-mdns=no -Ddefault-llmnr=resolve # https://bugzilla.redhat.com/show_bug.cgi?id=2028169 -Dstatus-unit-format-default=combined # https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer -Ddefault-timeout-sec=45 -Ddefault-user-timeout-sec=45 -Doomd=true -Dadm-gid=4 -Daudio-gid=63 -Dcdrom-gid=11 -Ddialout-gid=18 -Ddisk-gid=6 -Dinput-gid=104 -Dkmem-gid=9 -Dkvm-gid=36 -Dlp-gid=7 -Drender-gid=105 -Dsgx-gid=106 -Dtape-gid=33 -Dtty-gid=5 -Dusers-gid=100 -Dutmp-gid=22 -Dvideo-gid=39 -Dwheel-gid=10 -Dsystemd-journal-gid=190 -Dsystemd-network-uid=192 -Dsystemd-resolve-uid=193 # -Dsystemd-timesync-uid=, not set yet # Need to set this for CentOS build -Ddocdir=%{_pkgdocdir} ) %if 0%{?facebook} CONFIGURE_OPTS+=( -Dntp-servers='1.ntp.vip.facebook.com 2.ntp.vip.facebook.com 3.ntp.vip.facebook.com 4.ntp.vip.facebook.com' -Ddns-servers='10.127.255.51 10.191.255.51 2401:db00:eef0:a53:: 2401:db00:eef0:b53::' -Dsupport-url='https://www.facebook.com/groups/systemd.and.friends' -Dcontainer-uid-base-min=10485760 ) %endif if grep gnu-efi meson_options.txt; then CONFIGURE_OPTS+=( -Dgnu-efi=%[%{?have_gnu_efi}?"true":"false"] ) else # For now, let's build the bootloader in the same places where we # built with gnu-efi. Later on, we might want to extend coverage, but # considering that that support is untested, let's not do this now. CONFIGURE_OPTS+=( -Dbootloader=%[%{?have_gnu_efi}?"true":"false"] ) fi %if %{without lto} %global _lto_cflags %nil %endif # Do configuration. If doing an inplace build, try to do # reconfiguration to pick up new options. %if %{with inplace} command -v ccache 2>/dev/null && { CC="${CC:-ccache %__cc}"; CXX="${CXX:-ccache %__cxx}"; } [ -e %{_vpath_builddir}/build.ninja ] && %__meson configure %{_vpath_builddir} "${CONFIGURE_OPTS[@]}" || %endif { %meson "${CONFIGURE_OPTS[@]}"; } %meson_build new_triggers=%{_vpath_builddir}/src/rpm/triggers.systemd.sh if ! diff -u %{SOURCE1} ${new_triggers}; then echo -e "\n\n\nWARNING: triggers.systemd in Source1 is different!" echo -e " cp $PWD/${new_triggers} %{SOURCE1}\n\n\n" sleep 5 fi cd selinux %{__make} -f Makefile.selinux SHARE="%{_datadir}" TARGETS="systemd_hs" %install %meson_install # udev links mkdir -p %{buildroot}/%{_sbindir} ln -sf ../bin/udevadm %{buildroot}%{_sbindir}/udevadm # Compatiblity and documentation files touch %{buildroot}/etc/crypttab chmod 600 %{buildroot}/etc/crypttab # /etc/initab install -Dm0644 -t %{buildroot}/etc/ %{SOURCE5} # /etc/sysctl.conf compat install -Dm0644 %{SOURCE6} %{buildroot}/etc/sysctl.conf ln -s ../sysctl.conf %{buildroot}/etc/sysctl.d/99-sysctl.conf # Make sure these directories are properly owned mkdir -p %{buildroot}%{system_unit_dir}/basic.target.wants mkdir -p %{buildroot}%{system_unit_dir}/default.target.wants mkdir -p %{buildroot}%{system_unit_dir}/dbus.target.wants mkdir -p %{buildroot}%{system_unit_dir}/syslog.target.wants mkdir -p %{buildroot}/run mkdir -p %{buildroot}%{_localstatedir}/log touch %{buildroot}%{_localstatedir}/log/lastlog chmod 0664 %{buildroot}%{_localstatedir}/log/lastlog touch %{buildroot}/run/utmp touch %{buildroot}%{_localstatedir}/log/{w,b}tmp # Make sure the user generators dir exists too mkdir -p %{buildroot}%{pkgdir}/system-generators mkdir -p %{buildroot}%{pkgdir}/user-generators # Create new-style configuration files so that we can ghost-own them touch %{buildroot}%{_sysconfdir}/hostname touch %{buildroot}%{_sysconfdir}/vconsole.conf touch %{buildroot}%{_sysconfdir}/locale.conf touch %{buildroot}%{_sysconfdir}/machine-id touch %{buildroot}%{_sysconfdir}/machine-info touch %{buildroot}%{_sysconfdir}/localtime mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d touch %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/00-keyboard.conf # Make sure the shutdown/sleep drop-in dirs exist mkdir -p %{buildroot}%{pkgdir}/system-shutdown/ mkdir -p %{buildroot}%{pkgdir}/system-sleep/ # Make sure directories in /var exist mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/coredump mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/catalog mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/backlight mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/rfkill mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/linger mkdir -p %{buildroot}%{_localstatedir}/lib/private mkdir -p %{buildroot}%{_localstatedir}/log/private mkdir -p %{buildroot}%{_localstatedir}/cache/private mkdir -p %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/timesync ln -s ../private/systemd/journal-upload %{buildroot}%{_localstatedir}/lib/systemd/journal-upload mkdir -p %{buildroot}%{_localstatedir}/log/journal touch %{buildroot}%{_localstatedir}/lib/systemd/catalog/database touch %{buildroot}%{_sysconfdir}/udev/hwdb.bin touch %{buildroot}%{_localstatedir}/lib/systemd/random-seed touch %{buildroot}%{_localstatedir}/lib/systemd/timesync/clock touch %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload/state # Install yum protection fragment install -Dm0644 %{SOURCE4} %{buildroot}/etc/dnf/protected.d/systemd.conf install -Dm0644 -t %{buildroot}/usr/lib/firewalld/services/ %{SOURCE7} %{SOURCE8} # Install additional docs # https://bugzilla.redhat.com/show_bug.cgi?id=1234951 install -Dm0644 -t %{buildroot}%{_pkgdocdir}/ %{SOURCE9} # https://bugzilla.redhat.com/show_bug.cgi?id=1378974 install -Dm0644 -t %{buildroot}%{system_unit_dir}/systemd-udev-trigger.service.d/ %{SOURCE10} install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/ %{SOURCE13} install -D -t %{buildroot}/usr/lib/systemd/ %{SOURCE3} # systemd-oomd default configuration install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/oomd.conf.d/ %{SOURCE14} install -Dm0644 -t %{buildroot}%{system_unit_dir}/system.slice.d/ %{SOURCE15} install -Dm0644 -t %{buildroot}%{user_unit_dir}/slice.d/ %{SOURCE15} # https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer install -Dm0644 -t %{buildroot}%{system_unit_dir}/service.d/ %{SOURCE16} install -Dm0644 10-timeout-abort.conf.user %{buildroot}%{user_unit_dir}/service.d/10-timeout-abort.conf # https://fedoraproject.org/wiki/Changes/IncreaseVmMaxMapCount install -Dm0644 -t %{buildroot}%{_prefix}/lib/sysctl.d/ %{SOURCE17} sed -i 's|#!/usr/bin/env python3|#!%{__python3}|' %{buildroot}/usr/lib/systemd/tests/run-unit-tests.py install -m 0644 -D -t %{buildroot}%{_rpmconfigdir}/macros.d/ %{SOURCE21} install -m 0644 -D -t %{buildroot}%{_rpmconfigdir}/fileattrs/ %{SOURCE22} install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE23} install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE24} # https://bugzilla.redhat.com/show_bug.cgi?id=2107754 install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/network/ %{SOURCE25} %find_lang %{name} # Split files in build root into rpms. See split-files.py for the # rules towards the end, anything which is an exception needs a line # here. python3 %{SOURCE2} %buildroot "%{rhel}" </dev/null || : # FIXME: move to %postun. We want to restart systemd *after* removing # files from the old rpm. Right now we may still have bits the old # setup if the files are not present in the new version. But before # implement restarting of *other* services after the transaction, moving # this would make things worse, increasing the number of warnings we get # about needed daemon-reload. oomd_state=$(systemctl is-active systemd-oomd 2>/dev/null || :) # Work-around for #1931034. Remove after F34 is released. if [ "$oomd_state" == "active" ]; then systemctl stop -q systemd-oomd 2>/dev/null || : fi systemctl daemon-reexec &>/dev/null || { # systemd v239 had bug #9553 in D-Bus authentication of the private socket, # which was later fixed in v240 by #9625. # # The end result is that a `systemctl daemon-reexec` call as root will fail # when upgrading from systemd v239, which means the system will not start # running the new version of systemd after this post install script runs. # # To work around this issue, let's fall back to using a `kill -TERM 1` to # re-execute the daemon when the `systemctl daemon-reexec` call fails. # # In order to prevent issues when the reason why the daemon-reexec failed is # not the aforementioned bug, let's only use this fallback when: # - we're upgrading this RPM package; and # - we confirm that systemd is running as PID1 on this system. if [ $1 -gt 1 ] && [ -d /run/systemd/system ] ; then kill -TERM 1 &>/dev/null || : fi } if [ "$oomd_state" == "active" ]; then systemctl start -q systemd-oomd 2>/dev/null || : fi [ $1 -eq 1 ] || exit 0 # create /var/log/journal only on initial installation, # and only if it's writable (it won't be in rpm-ostree). [ -w %{_localstatedir} ] && mkdir -p %{_localstatedir}/log/journal [ -w %{_localstatedir} ] && journalctl --update-catalog || : systemd-sysusers || : systemd-tmpfiles --create &>/dev/null || : # We reset the enablement of all services upon initial installation # https://bugzilla.redhat.com/show_bug.cgi?id=1118740#c23 # This will fix up enablement of any preset services that got installed # before systemd due to rpm ordering problems: # https://bugzilla.redhat.com/show_bug.cgi?id=1647172. # We also do this for user units, see # https://fedoraproject.org/wiki/Changes/Systemd_presets_for_user_units. systemctl preset-all &>/dev/null || : systemctl --global preset-all &>/dev/null || : %postun if [ $1 -eq 1 ]; then [ -w %{_localstatedir} ] && journalctl --update-catalog || : systemd-tmpfiles --create &>/dev/null || : fi %systemd_postun_with_restart systemd-timedated.service systemd-portabled.service systemd-homed.service systemd-hostnamed.service systemd-journald.service systemd-localed.service systemd-userdbd.service systemd-oomd.service # FIXME: systemd-logind.service is excluded (https://github.com/systemd/systemd/pull/17558) # FIXME: user@*.service needs to be restarted, but using systemctl --user daemon-reexec %triggerun resolved -- systemd < 246.1-1 # This is for upgrades from previous versions before systemd-resolved became the default. systemctl --no-reload preset systemd-resolved.service &>/dev/null || : if systemctl -q is-enabled systemd-resolved.service &>/dev/null; then systemctl -q is-enabled NetworkManager.service 2>/dev/null && \ ! test -L /etc/resolv.conf 2>/dev/null && \ ! mountpoint /etc/resolv.conf &>/dev/null && \ grep -q 'Generated by NetworkManager' /etc/resolv.conf 2>/dev/null && \ echo -e '/etc/resolv.conf was generated by NetworkManager.\nRemoving it to let systemd-resolved manage this file.' && \ mv -v /etc/resolv.conf /etc/resolv.conf.orig-with-nm && \ ln -sv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf 2>/dev/null || : systemctl start systemd-resolved.service &>/dev/null || : fi %triggerun -- systemd < 247.3-2 # This is for upgrades from previous versions before oomd-defaults is available. systemctl --no-reload preset systemd-oomd.service &>/dev/null || : %triggerpostun -- systemd < 253~rc1-2 # This is for upgrades from previous versions where systemd-journald-audit.socket # had a static enablement symlink. # We use %%triggerpostun here because rpm doesn't allow a second %%triggerun with # a different package version. systemctl --no-reload preset systemd-journald-audit.socket &>/dev/null || : %global udev_services systemd-udev{d,-settle,-trigger}.service systemd-udevd-{control,kernel}.socket systemd-timesyncd.service %{?have_gnu_efi:systemd-boot-update.service} %post udev # Move old stuff around in /var/lib mv %{_localstatedir}/lib/random-seed %{_localstatedir}/lib/systemd/random-seed &>/dev/null mv %{_localstatedir}/lib/backlight %{_localstatedir}/lib/systemd/backlight &>/dev/null if [ -L %{_localstatedir}/lib/systemd/timesync ]; then rm %{_localstatedir}/lib/systemd/timesync mv %{_localstatedir}/lib/private/systemd/timesync %{_localstatedir}/lib/systemd/timesync fi if [ -f %{_localstatedir}/lib/systemd/clock ] ; then mkdir -p %{_localstatedir}/lib/systemd/timesync mv %{_localstatedir}/lib/systemd/clock %{_localstatedir}/lib/systemd/timesync/. fi udevadm hwdb --update &>/dev/null %systemd_post %udev_services # Try to save the random seed, but don't complain if /dev/urandom is unavailable /usr/lib/systemd/systemd-random-seed save 2>&1 | \ grep -v 'Failed to open /dev/urandom' || : # Replace obsolete keymaps # https://bugzilla.redhat.com/show_bug.cgi?id=1151958 grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null && sed -i.rpm.bak -r 's/^KEYMAP="?fi-latin[19]"?/KEYMAP="fi"/' /etc/vconsole.conf || : %preun udev %systemd_preun %udev_services %postun udev # Restart some services. # Others are either oneshot services, or sockets, and restarting them causes issues (#1378974) %systemd_postun_with_restart systemd-udevd.service systemd-timesyncd.service %global journal_remote_units_restart systemd-journal-gatewayd.service systemd-journal-remote.service systemd-journal-upload.service %global journal_remote_units_norestart systemd-journal-gatewayd.socket systemd-journal-remote.socket %post journal-remote %systemd_post %journal_remote_units_restart %journal_remote_units_norestart %firewalld_reload %preun journal-remote %systemd_preun %journal_remote_units_restart %journal_remote_units_norestart if [ $1 -eq 1 ] ; then if [ -f %{_localstatedir}/lib/systemd/journal-upload/state -a ! -L %{_localstatedir}/lib/systemd/journal-upload ] ; then mkdir -p %{_localstatedir}/lib/private/systemd/journal-upload mv %{_localstatedir}/lib/systemd/journal-upload/state %{_localstatedir}/lib/private/systemd/journal-upload/. rmdir %{_localstatedir}/lib/systemd/journal-upload || : fi fi %postun journal-remote %systemd_postun_with_restart %journal_remote_units_restart %firewalld_reload %post networkd # systemd-networkd was split out in systemd-246.6-2. # Ideally, we would have a trigger scriptlet to record enablement # state when upgrading from systemd <= systemd-246.6-1. But, AFAICS, # rpm doesn't allow us to trigger on another package, short of # querying the rpm database ourselves, which seems risky. For rpm, # systemd and systemd-networkd are completely unrelated. So let's use # a hack to detect if an old systemd version is currently present in # the file system. # https://bugzilla.redhat.com/show_bug.cgi?id=1943263 if [ $1 -eq 1 ] && ls /usr/lib/systemd/libsystemd-shared-24[0-6].so &>/dev/null; then echo "Skipping presets for systemd-networkd.service, seems we are upgrading from old systemd." else %systemd_post systemd-networkd.service systemd-networkd-wait-online.service fi %preun networkd %systemd_preun systemd-networkd.service systemd-networkd-wait-online.service %preun resolved if [ $1 -eq 0 ] ; then systemctl disable --quiet \ systemd-resolved.service \ >/dev/null || : if [ -L /etc/resolv.conf ] && \ realpath /etc/resolv.conf | grep ^/run/systemd/resolve/; then rm -f /etc/resolv.conf # no longer useful # if network manager is enabled, move to it instead [ -f /run/NetworkManager/resolv.conf ] && \ systemctl -q is-enabled NetworkManager.service &>/dev/null && \ ln -fsv ../run/NetworkManager/resolv.conf /etc/resolv.conf fi fi %post resolved [ $1 -eq 1 ] || exit 0 # Initial installation touch %{_localstatedir}/lib/rpm-state/systemd-resolved.initial-installation # Related to https://bugzilla.redhat.com/show_bug.cgi?id=1943263 if ls /usr/lib/systemd/libsystemd-shared-24[0-8].so &>/dev/null; then echo "Skipping presets for systemd-resolved.service, seems we are upgrading from old systemd." exit 0 fi %systemd_post systemd-resolved.service %posttrans resolved [ -e %{_localstatedir}/lib/rpm-state/systemd-resolved.initial-installation ] || exit 0 rm %{_localstatedir}/lib/rpm-state/systemd-resolved.initial-installation # Initial installation # Create /etc/resolv.conf symlink. # (https://bugzilla.redhat.com/show_bug.cgi?id=1873856) # # We would also create it using tmpfiles, but let's do this here too # before NetworkManager gets a chance. (systemd-tmpfiles invocation # above does not do this, because the line is marked with ! and # tmpfiles is invoked without --boot in the scriptlet.) # # *Create* the symlink if nothing is present yet. # (https://bugzilla.redhat.com/show_bug.cgi?id=2032085) # # *Override* the symlink if systemd is running. Don't do it if systemd # is not running, because that will immediately break DNS resolution, # since systemd-resolved is also not running # (https://bugzilla.redhat.com/show_bug.cgi?id=1891847). # # Also don't create the symlink to the stub when the stub is disabled (#1891847 again). if systemctl -q is-enabled systemd-resolved.service &>/dev/null && ! systemd-analyze cat-config systemd/resolved.conf 2>/dev/null | grep -iqE '^DNSStubListener\s*=\s*(no?|false|0|off)\s*$'; then if ! test -e /etc/resolv.conf && ! test -L /etc/resolv.conf; then ln -sv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf || : elif test -d /run/systemd/system/ && ! mountpoint /etc/resolv.conf &>/dev/null; then ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf || : fi fi %pre selinux %selinux_relabel_pre %post selinux %selinux_modules_install %{_datadir}/selinux/packages/systemd_hs.pp.bz2 %selinux_relabel_post %posttrans selinux %selinux_relabel_post %postun selinux %selinux_modules_uninstall systemd_hs if [ $1 -eq 0 ]; then %selinux_relabel_post fi %global _docdir_fmt %{name} %files -f %{name}.lang -f .file-list-main %doc %{_pkgdocdir} %exclude %{_pkgdocdir}/LICENSE* # Only the licenses texts for the licenses in License line are included. %license LICENSE.GPL2 LICENSE.LGPL2.1 %license LICENSES/MIT.txt %ghost %dir %attr(0755,-,-) /etc/systemd/system/basic.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/bluetooth.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/default.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/getty.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/graphical.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/local-fs.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/machines.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/multi-user.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/network-online.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/printer.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/remote-fs.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/sockets.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/sysinit.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/system-update.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/timers.target.wants %ghost %dir %attr(0700,-,-) /var/lib/portables %ghost %dir %attr(0755,-,-) /var/lib/rpm-state/systemd %files libs -f .file-list-libs %license LICENSE.LGPL2.1 %files pam -f .file-list-pam %files rpm-macros -f .file-list-rpm-macros %files resolved -f .file-list-resolve %files devel -f .file-list-devel %files udev -f .file-list-udev %if 0%{?have_gnu_efi} %files ukify -f .file-list-ukify %files boot-unsigned -f .file-list-boot %endif %files container -f .file-list-container %ghost %dir %attr(0700,-,-) /var/lib/machines %files journal-remote -f .file-list-remote %files networkd -f .file-list-networkd %files oomd-defaults -f .file-list-oomd-defaults %files tests -f .file-list-tests %files standalone-repart -f .file-list-standalone-repart %files standalone-tmpfiles -f .file-list-standalone-tmpfiles %files standalone-sysusers -f .file-list-standalone-sysusers %files standalone-shutdown -f .file-list-standalone-shutdown %files selinux %{_datadir}/selinux/devel/include/contrib/systemd_hs.if %{_datadir}/selinux/packages/systemd_hs.pp.bz2 %changelog * Tue Jul 04 2023 Packit - 253-1.20230704121225411958.pr28239.3277.g5a9a5b7a41.hs+fb.el9 - packit: Add CentOS Hyperscale builds (Daan De Meyer) - NEWS/--help: correct/be clearer on bootclt -R vs. -RR (Lennart Poettering) - hibernate-resume-generator: downgrade 'noresume' log message (Lennart Poettering) - homework-luks: Work around gcc warning false positive (Daan De Meyer) - systemctl: implement a new "whoami" verb, that just returns unit of caller/PID (Lennart Poettering) - test: wait for the interface to become routable after reconfiguring (Frantisek Sumsal) - test-network: add test for an invalid captive portal uri (Ronan Pigott) - dhcp6: relax data assert in dhcp6_option_parse_string (Ronan Pigott) - loginctl,machinectl: use same ansi formatting in --help texts as in systemctl (Lennart Poettering) - units: skip systemd-battery-check in environments where it doesn't make sense (Lennart Poettering) - core/service: show correct restart usec for services in SERVICE_AUTO_RESTART_QUEUED (Mike Yuan) - test: add test case for recent OnSuccess=/OnFailure= state machine changes (Lennart Poettering) - core: introduce a new job mode JOB_RESTART_DEPENDENCIES (Lennart Poettering) - service: re-linebreak some comments matching current coding style (Lennart Poettering) - ndisc: reject malformed captive portal URI with EBADMSG (Ronan Pigott) - update TODO (Lennart Poettering) - ndisc: clear ndisc captive portal value on bogus zero-len option (Ronan Pigott) - test-network: add test for static route with preferred source (Yu Watanabe) - test-network: check route more strictly (Yu Watanabe) - network: delay to configure address until it is removed on reconfigure (Yu Watanabe) - network: constify several functions (Yu Watanabe) - hwdb: Add override for headset form-factors (Bastien Nocera) - tree-wide: explicitly ignore return value in a couple more places (Frantisek Sumsal) - unit: drop an unused assignment (Frantisek Sumsal) - virt: drop an unused assignment (Frantisek Sumsal) - tree-wide: "bit" → "-bit" (Zbigniew Jędrzejewski-Szmek) - test: drop an unused assignment (Frantisek Sumsal) - test-network: add tests for captive portal dhcp options (Ronan Pigott) - networkctl: show captive portal configuration in link status (Ronan Pigott) - networkd: include captive portal information in link json description (Ronan Pigott) - network: Introduce UseCaptivePortal IPv6RA option (Ronan Pigott) - network: Introduce UseCaptivePortal DHCPv6 option (Ronan Pigott) - network: Introduce UseCaptivePortal DHCPv4 option (Ronan Pigott) - ndisc: parse RFC8910 captive portal ipv6ra option (Ronan Pigott) - NEWS: reword/fix/extend the entries for v254 (Zbigniew Jędrzejewski-Szmek) - NEWS: drop doubled space after period (Zbigniew Jędrzejewski-Szmek) - build(deps): bump github/codeql-action from 2.3.5 to 2.20.1 (dependabot[bot]) - build(deps): bump actions/labeler from 4.0.4 to 4.2.0 (dependabot[bot]) - build(deps): bump actions/checkout from 3.5.2 to 3.5.3 (dependabot[bot]) - build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 (dependabot[bot]) - mount: make unit_start() mount ratelimiting check generic (Lennart Poettering) - oom: don't encode whether unit types can do oomd hookup a second time (Lennart Poettering) - pid1: also encode whether to send plymouth notifications in UnitVTable (Lennart Poettering) - unit: don't encode literally which unit types to generate audit events for (Lennart Poettering) - dbus-cgroup: Make sure we overwrite cpuset properties in drop-in (Daan De Meyer) - battery-check: rework unit (Lennart Poettering) - test: fix test_vxlan with the latest iproute2 (Frantisek Sumsal) - README: strenghten wording regarding static libs (Lennart Poettering) - boot: measure .sbat section (Luca Boccassi) - ukify: merge .sbat sections from stub and kernel (Luca Boccassi) - stat-util: Make sure we trigger automounts when looking for ESP/XBOOTLDR (Daan De Meyer) - dhcp6-client: parse RFC8910 captive portal dhcp6 option (Ronan Pigott) - dhcp-client: parse RFC8910 captive portal dhcp option (Ronan Pigott) - core: reorder systemd arguments on reexec (Frantisek Sumsal) - udev-builtin-net_id: align VF representor names with VF names (Ivan Vecera) - mount-util: tweak flags decoding in mount_verbose_full() (Lennart Poettering) - man: add brief smbios-type-11 man page (Lennart Poettering) - man: document vmm.notify_socket credential in systemd(1) man page (Lennart Poettering) - test: add test for trailing invalid byte at the end (Yu Watanabe) - sd-dhcp6-lease: ignore invalid byte(s) at the end of the packet (Philipp Kern) - test-network: add test for global IPv6PrivacyExtensions= setting (Yu Watanabe) - network: add global setting for IPv6PrivacyExtensions= (Yu Watanabe) - network: introduce IPV6_PRIVACY_EXTENSIONS_KERNEL enum value (Yu Watanabe) - NEWS: various fixes (Joerg Behrmann) - mkosi: Enable Incremental= mode by default (Daan De Meyer) - test: use correct path for systemd-battery-check (Frantisek Sumsal) - update TODO (Lennart Poettering) - network: Add `IgnoreDdontFragment=` option for Fragmentation control (#28131) (Yuxiang Zhu) - man: Extend journalctl color information (Alexander Krabler) - battery-check: several follow-ups (Yu Watanabe) - meson: first try dependency(), then fallback to find_library() (Yu Watanabe) - NEWS: various fixes/additions (Lennart Poettering) - tmpfiles: teach tmpfiles the new XDG_STATE_HOME variable too (Lennart Poettering) - man: properly close XML tags (Lennart Poettering) - man: rebreak lines in file-hierarchy(7) a bit (Lennart Poettering) - man: mention the newly-added XDG_STATE_HOME (Franklin Yu) - test: add test for new XDG_STATE_HOME handling (Lennart Poettering) - execute: don't bother with chowning StateDirectory= and friends in user mode (Lennart Poettering) - execute: shorten code by making use of laccess() return code properly (Lennart Poettering) - execute: shorten some code by using RET_NERRNO() (Lennart Poettering) - execute: associate logs from setup_exec_directory() with the unit name (Lennart Poettering) - execute: add support for XDG_STATE_HOME for placing service state data in --user mode (Lennart Poettering) - execute: when recursively chowning StateDirectory= when spawning services, follow initial symlink (Lennart Poettering) - execute: remove redundant assignment (Lennart Poettering) - execude: include RuntimeScope field in ExecParameters (Lennart Poettering) - path tool: add some basic ansi highlighing (Lennart Poettering) - sd-path: bring spacing in sd-path.h and systemd-path tool in sync (Lennart Poettering) - sd-path: add support for XDG_STATE_HOME (Lennart Poettering) - update TODO (Lennart Poettering) - test: enable LSan for certain wrapped binaries (Frantisek Sumsal) - test: add a couple of tests for nss-mymachines (Frantisek Sumsal) - update NEWS (Lennart Poettering) - NEWS: add pcrs verb (Lennart Poettering) - analyze: add new "pcrs" verb (Lennart Poettering) - pwquality: remove old built-in cracklib dictionary workaround (Dmitry V. Levin) - NEWS: typos (Luca Boccassi) - PID1: detect battery level in initrd and if low refuse continuing to boot, print message and shut down. (OMOJOLA JOSHUA) - NEWS: mention that sd_event_trim_memory can be overridden (Luca Boccassi) - NEWS: mention addon.efi.stub (Luca Boccassi) - NEWS: do not make specific promises about future development, keep it vague (Luca Boccassi) - NEWS: move PrivateUsers= change at the top, as it changes behaviour (Luca Boccassi) - NEWS: more updates for future v254 (Lennart Poettering) - Remove battery level check at early boot from TODO (OMOJOLA JOSHUA) - sysv-generator: deprecate even more (Lennart Poettering) - test: add a couple of tests for nss-myhostname (Frantisek Sumsal) - mute the memory recursiveprot log if version of kernel is low. (cunshunxia) - meson: drop doubled empty line (Yu Watanabe) - string-util: pass ANSI sequences through unchanged (Zbigniew Jędrzejewski-Szmek) - NEWS: add comment about SysV script deprecation (Lennart Poettering) - sysv-generator: make sysv deprecation message a bit "louder" (Lennart Poettering) - journalctl: read env vars that override compiled catalog database and source files (Lennart Poettering) - catalog,po: update Polish translation (Piotr Drąg) - tpm2: make PcrIndex an anonymous enum (Lennart Poettering) - hwdb: fix volume control keys on Lenovo IdeaPad Flex 5 (14ARE05) (Hoe Hao Cheng) - repart: Fix HAVE_LIBCRYPTSETUP check (Daan De Meyer) - env-file: when resolving env vars in command lines, collect list of unset/invalid ones (Lennart Poettering) - env-util: make strv_env_get() a static inline wrapper around strv_env_get_n() (Lennart Poettering) - env-util: introduce proper flags type ReplaceEnvFlags for replace_env() (Lennart Poettering) - env-util: add explicit size check before strndupa() in strv_env_get_n() (Lennart Poettering) - env-util: modernize env_name_is_valid_n() a bit (Lennart Poettering) - string-util: add strextendn() helper (Lennart Poettering) - NEWS: copy deprecation notices for cgroup v1 and unmerged-usr/split-usr (Luca Boccassi) - NEWS: fix typos (Luca Boccassi) - start updating NEWS for 254 (Lennart Poettering) - replace basename() with path_extract_filename() in resolved-resolv-conf.c (#28114) (Steven Luo) - mount-util: use inode_type_to_string() in mode_to_inaccessible_inode() (Lennart Poettering) - firstboot: fix typo (Antonio Alvarez Feijoo) - sleep: refuse hibernation if there's no possible way to resume (Mike Yuan) - test: fix test service unit description (Frantisek Sumsal) - mkosi: Update to latest (Daan De Meyer) - man: rework BPFForeign= documentation a bit (Lennart Poettering) - bpf-foreign: add an explicit, explanatory message when reference BPF program is not loaded yet (Lennart Poettering) - bpf-foreign: if one program fails, still load the next (Lennart Poettering) - bpf-foreign: remove duplicate various occasions of duplicate logging (Lennart Poettering) - test: skip if ldd command not found (Yu Watanabe) - po: Translated using Weblate (Korean) (김인수) - test: bump the test container size to 64 MiB (Frantisek Sumsal) - test: show the subtest name together with the failing code (Frantisek Sumsal) - test: don't assume yum is a script (François Rigault) - TEST-55-OOMD: use swap file instead of partition (Luca Boccassi) - TEST-55-OOMD: use 'stress' to create high pressure (Luca Boccassi) - test: drop timeout when running portablectl (Frantisek Sumsal) - test: test the /boot endpoint under nspawn as well (Frantisek Sumsal) - test-gunicode: add new test to show that unichar_iswide() is borked (Zbigniew Jędrzejewski-Szmek) - basic/utf8: make utf8_encoded_to_unichar() return length of the codepoint (Zbigniew Jędrzejewski-Szmek) - execute: don't honour PrivateNetwork() if we lack CAP_NET_ADMIN (Lennart Poettering) - test: ensure ProtectProc=invisible retains host submounts (Lennart Poettering) - namespace: when mounting new proc instance, bind mount submounts of source over (Lennart Poettering) - mount-util: add helper that can bind mount submounts of one dir to another (Lennart Poettering) - mount-util: don't claim maybe-uninitialized was false that is valid (Lennart Poettering) - tmpfile-util: drop spurious double newline (Lennart Poettering) - journal-remote: fix syntax in error message (Zbigniew Jędrzejewski-Szmek) - hibernate-resume: support resuming through efivar HibernateLocation (Mike Yuan) - sleep: write hibernate location to efivar HibernateLocation (Mike Yuan) - hibernate-resume: rework to follow the logic of sleep.c and use main-func.h (Mike Yuan) - bootctl: log correct error about device_path_make_canonical() (Mike Yuan) - sleep: always write resume_offset if possible (Mike Yuan) - man: fix references to gethostname/sethostname (Antonio Alvarez Feijoo) - update TODO (Lennart Poettering) - tree-wide: use https for the 0pointer.de doc links (Frantisek Sumsal) - resolved: if ipv6 is off patch hostname→address query with unspec family to ipv4 (Lennart Poettering) - test: test transactions with cycles (Frantisek Sumsal) - test: make sure we get PID1's stack trace on ASan/UBSan errors (Frantisek Sumsal) - elf-util: check for overflow when computing end of core's PT_LOAD segments (Romain Geissler) - basic: drop unused include (Lennart Poettering) - process-util: add simple wrapper around PR_SET_CHILD_SUBREAPER (Lennart Poettering) - docs: document threading situation in coding style (Lennart Poettering) - async: use FORK_DETACH for asynchronous syncs (Lennart Poettering) - async: add explanatory comment (Lennart Poettering) - async: drop the now unused asynchronous_job() (Lennart Poettering) - async: add generic implementation of asynchronous_rm_rf() (Lennart Poettering) - shared: move async.[ch] from src/basic/ → src/shared/ (Lennart Poettering) - process-util: add FORK_DETACH flag for forking of detached child (Lennart Poettering) - automont: rework expiry to use subprocess rather than thread (Lennart Poettering) - basic: add comments about raw_clone() calls not supporting threads/malloc in child (Lennart Poettering) - async: stop using threads for asynchronous_close() (Lennart Poettering) - process-util: add clone_with_nested_stack() helper (Lennart Poettering) - process-util: add helper that detects if we are a reaper process (Lennart Poettering) - man: correct and extend JournalSizeMax= (Lennart Poettering) - coredump: clamp JournalSizeMax= to maximum journald would accept (Lennart Poettering) - coredump: use loop_read() for reading coredump into memory (Lennart Poettering) - tpm2-util: look for tpm2-pcr-signature.json directly in /.extra/ (Lennart Poettering) - copy: propagate error in fd_copy_directory() (Yu Watanabe) - copy: fix fd leak (Yu Watanabe) - copy: add one more assertions about copy_flags (Yu Watanabe) - tree-wide: getpid() → getpid_cached() (Lennart Poettering) - userdbd: when we hit a flood of requests to start more workers, don't exit (Lennart Poettering) - userdbd: prefix parameters with their names more (Lennart Poettering) - userdbd: drastically raise ratelimit we apply on requests for more worker processes (Lennart Poettering) - meson: merge two similar loops for unit files (Yu Watanabe) - docs: describe $TESTFUNCS briefly (Lennart Poettering) - tests: teach tests boilerplate to run selected tests only (Lennart Poettering) - hwdb: Don't generate hwdb if no hwdb files are found (Daan De Meyer) - core: restrict ImportCredential= globbing (Lennart Poettering) - pid1: use FORK_DEATHSIG where appropriate (Lennart Poettering) - man: correct reference to sd_id128_get_boot_app_specific (Jan Luebbe) - units: Use built-in halt and kexec features instead of systemctl (Daan De Meyer) - core: Add halt and kexec emergency actions (Daan De Meyer) - sleep-util: mention that offset is in memory pages (Lennart Poettering) - rpm: fix lua trigger priority for sysusers (Franck Bui) - time-util: introduce usleep_safe() (Yu Watanabe) - test: check size detections by meson (Yu Watanabe) - meson: sort types (Yu Watanabe) - meson: fix test dependency (Yu Watanabe) - meson: shorten code a bit (Yu Watanabe) - meson: drop wrong and redundant assignment (Yu Watanabe) - meson: also build symbol tests for static-libsystemd=no-pic (Yu Watanabe) - meson: add dependency for udev runner to test (Yu Watanabe) - sd-journal: verify journal file header in more detail (Yu Watanabe) - pam: add macro wrapper to make code shorter (Zbigniew Jędrzejewski-Szmek) - systemd-analyze: allow --quiet for condition checks (Ronan Pigott) - elf-util: discard PT_LOAD segment early based on the start address. (Romain Geissler) - test: cover a couple of missed code paths in journalctl/journald (Frantisek Sumsal) - test: Add RootEphemeral= integration test (Daan De Meyer) - test: Add touch into minimal verity test image (Daan De Meyer) - core: Add RootEphemeral= setting (Daan De Meyer) - journal-remote: fix typo in an error message (Frantisek Sumsal) - meson: update man rules (Zbigniew Jędrzejewski-Szmek) - stat-util: add missing S_IFLNK entry in inode_type_to_string() (Lennart Poettering) - analyze: also check for version string validity (Lennart Poettering) - string-util: move version_is_valid() into generic code (Lennart Poettering) - path-util: split filename_is_valid() in two (Lennart Poettering) - hwdb: add support for Jun Tab2/Dere T11 to 60-sensor.hwdb (#28092) (Juno Computers) - hostnamectl: show age of firmware as time span, too (Lennart Poettering) - test: add a couple of tests for systemd-journal-{remote,upload} (Frantisek Sumsal) - tmpfiles: Add note to man page about guaranteed cleanup for files/directories (Daan De Meyer) - tmpfiles: Don't log about harmless errors when trying to lock file (Daan De Meyer) - tmpfiles: Fix BSD lock logging messages (Daan De Meyer) - dissect-image: Log if verity signature partition is too large (Daan De Meyer) - namespace: Load sidecar verity settings in apply_mount_namespace() (Daan De Meyer) - hostnamed: when parsing day/month of firmware date, force decimal parsing (Lennart Poettering) - rules: drop weird spaces (Lennart Poettering) - hostnamed: don't read DMI data within a container (Lennart Poettering) - rules: split out DMI related rules from udev-default.rules (Lennart Poettering) - update TODO (Lennart Poettering) - sleep: rename sleep-config.[ch] → sleep-util.[ch] (Lennart Poettering) - sleep-config: reduce scope of DMI object path a bit (Lennart Poettering) - btrfs-util: Add BTRFS_SNAPSHOT_LOCK_BSD (Daan De Meyer) - sleep-config: rename .device field to .path (Lennart Poettering) - sleep-config: don't use 'device_id' moniker for a dev_t entity (Lennart Poettering) - sleep-config: pin swap device while operating via O_PATH (Lennart Poettering) - sleep-config: replace SwapEntry's .type field with a proper enum (Lennart Poettering) - sleep-config: check if we operate on regular file in swap_device_to_device_id() in swap file code path (Lennart Poettering) - sleep-config: replace useless fstat() by useful fd_verify_regular() (Lennart Poettering) - sleep-config: rename can_sleep_state() parameter (Lennart Poettering) - transaction: drop bus error arg from transaction_add_propagate_reload_jobs() (Lennart Poettering) - transaction: rebreak comments to match current coding style (Lennart Poettering) - transaction: use more verbose dbus error data in log message where available (Lennart Poettering) - transaction: turn four bool parameters into a proper flags parameters (Lennart Poettering) - gpt-auto: expand the loader partition UUID check to include XBOOTLDR (Mike Yuan) - NEWS: note the incompatible change of EnvironmentFile (licunlong) - basic/env-file: also change to state PRE_KEY if we see NEWLINE in state COMMENT_ESCAPE (licunlong) - Fix quoting (cvlc12) - sysusers.d: create the user for systemd-journal-upload.service (Frantisek Sumsal) - journal-upload: capitalize all error messages (Frantisek Sumsal) - journal-remote: capitalize all error messages (Frantisek Sumsal) - journal-remote: sync TrustedCertificateFile= parsing with journal-upload (Frantisek Sumsal) - journal-remote: make MHD_OPTION_EXTERNAL_LOGGER the first option (Frantisek Sumsal) - journal-remote: minor cleanups (Frantisek Sumsal) - journal-remote: simplify error handling a bit (Frantisek Sumsal) - test: cover systemd-journal-remote --url=... (Frantisek Sumsal) - Revert "core/service: when resetting PID also reset known flag" (msizanoen) - Add docs, improve log comments. (cvlc12) - man: place options in a some limited form of subsections (Lennart Poettering) - machinectl: fix message (Zbigniew Jędrzejewski-Szmek) - shared: improve messages about switch root operations (Zbigniew Jędrzejewski-Szmek) - man/systemd-nspawn: fix indentation and parenthesis location (Zbigniew Jędrzejewski-Szmek) - docs/CREDENTIALS: fix confusion of i.e. and e.g. (Zbigniew Jędrzejewski-Szmek) - man: missing/misplaced periods (Zbigniew Jędrzejewski-Szmek) - Resource control manpage fixup (#28046) (Sam Morris) - bus-polkit: put function params to a single line (David Tardon) - bus-polkit: drop unnecessary else (David Tardon) - bus-polkit: merge variable declarations (David Tardon) - bus-polkit: decrease indentation (David Tardon) - bus-polkit: extract creation of polkit call to a function (David Tardon) - bus-polkit: move verification to a separate function (David Tardon) - homework: resize to maximum disk space if disk size is not specified (Gibeom Gwon) - update TODO (Lennart Poettering) - mkosi: Update to latest (Daan De Meyer) - test: wrap curl when running with ASan (Frantisek Sumsal) - journal-gatewayd: handle SIGTERM (Frantisek Sumsal) - core/dbus-manager: also show DefaultIOAccounting and DefaultIPAccounting (licunlong) - test: extend the DynamicUser=yes coverage workaround to a couple more services (Frantisek Sumsal) - Define 'microcode' type of initrd for the kernel-install staging area. (cvlc12) - journal: avoid infinite recursion when closing bad journal FD (Luca Boccassi) - boot: Improve device_path_to_str_internal() (Jan Janssen) - boot: Split log_hexdump() (Jan Janssen) - boot: Move custom device path string creating into its own function (Jan Janssen) - TEST-55-OOMD: improve ephemeral configuration readability (Luca Boccassi) - TEST-55-OOMD: use /run/ for configuration instead of /etc/ (Luca Boccassi) - socket-activate: make a copy of the command name and arguments (Frantisek Sumsal) - test: add a couple of tests for systemd-journal-gatewayd (Frantisek Sumsal) - resolved: Initialize until_valid while storing negative/NXDOMAIN response in the cache (Kiran Vemula) - journal-gatewayd: make MHD_OPTION_EXTERNAL_LOGGER the first option (Frantisek Sumsal) - portablectl: fix using --force when no --extension is passed (Luca Boccassi) - portable: fix silly typo in D-Bus interface name (Luca Boccassi) - resolved: added serve stale feature implementation of RFC 8767 (Kiran Vemula) - bus-polkit: return NULL from _free function (David Tardon) - bus-polkit: add an assert (David Tardon) - test: clean up the new test case a bit (Frantisek Sumsal) - journalctl: add --truncate-newline option (zhmylove) - networkd-test.py: disable global DNS= setting (Yu Watanabe) - networkd-test.py: do not query IPv6 address (Yu Watanabe) - networkd-test.py: replace deprecated option IPv6AcceptRouterAdvertisements= (Yu Watanabe) - networkd-test.py: show more debugging logs on failure (Yu Watanabe) - ci: drop the "find" kludge (Evgeny Vereshchagin) - meson: bump required version to 0.60.0 (Yu Watanabe) - meson: bump required version to 0.59.0 (Yu Watanabe) - ci: bump debian release bullseye -> bookworm (Yu Watanabe) - mkosi: install HyperScale repository for CentOS 8 (Yu Watanabe) - meson: drop non-existent test directories (Yu Watanabe) - meson: drop redundant spaces (Yu Watanabe) - core/unit: increase the NameOwnerChanged/GetNameOwner timeout to the unit's start timeout (licunlong) - core/unit: add get_timeout_start_usec in UnitVTable and define it for service (licunlong) - find-esp: fix XBOOTLDR stx_dev_major=0 and not btrfs fix (наб) - core: fix post-fork memory leak (Luca Boccassi) - udev: use timestamp_is_set() in one more place (Frantisek Sumsal) - audit-util,varlink: use IOVEC_MAKE() in a couple more places (Frantisek Sumsal) - tree-wide: fix a couple of typos (Frantisek Sumsal) - Update badge on README to refer new scorecard viewer (#28050) (Joyce) - copy: Add COPY_LOCK_BSD (Daan De Meyer) - lock-util: Add LOCK_NONE (Daan De Meyer) - test: set $PATH to something predictable in the ASan wrapper (Frantisek Sumsal) - systemctl: let's emphasize a bit that halt/poweroff/reboot/shutdown are compat commands (Lennart Poettering) - update TODO (Lennart Poettering) - execute: fix the condition of private mounts for user namespacing (Haochen Tong) - sd-bus: make bus_add_match_full accept timeout (licunlong) - kernel-install: skip to read /etc/machine-info in test (Yu Watanabe) - network: make degraded-carrier bond/bridge as routable (#27776) (Henrik Holst) - Squashed commit of the following: (Joyce Brum) - activate: rename to socket-activate (Frantisek Sumsal) - test: split TEST-04 into smaller chunks (Frantisek Sumsal) - test: exit on first failing subtest (Frantisek Sumsal) - mkfs-util: Hide /proc/self/mounts before running mkfs (Daan De Meyer) - resolvectl: fix double free issue (Lennart Poettering) - bootctl: warn if the ESP random seed is stored on a world-readable dir (Lennart Poettering) - coverage: fix build with g++ (Frantisek Sumsal) - meson: Use build_tgt.name() (Jan Janssen) - meson: Use fs module in more places (Jan Janssen) - sleep-config: add comment about security (Christoph Anton Mitterer) - ukify: make the certficate validity configurable (Zbigniew Jędrzejewski-Szmek) - man/ukify: add structure to describe verbs, document genkey (Zbigniew Jędrzejewski-Szmek) - test_ukify: skip test requiring cryptography (Zbigniew Jędrzejewski-Szmek) - man: add example how to configure automatic signing (Zbigniew Jędrzejewski-Szmek) - test_ukify: cleanups suggested by pylint (Zbigniew Jędrzejewski-Szmek) - ukify: add 'genkey' verb (Zbigniew Jędrzejewski-Szmek) - bootctl: fix docs/--help to say that "bootctl random-seed" not just initializes but also refreshes ESP random seeds (Lennart Poettering) - tree-wide: when in doubt use greek small letter mu rather than micro symbol (Lennart Poettering) - time-util,socket: accept both kinds of unicode µ symbols (Lennart Poettering) - Fix scorecard version comment format (#28027) (Joyce) - po: Translated using Weblate (Korean) (김인수) - udev-node: optimize device node symlink creation (Yu Watanabe) - it.po: minor updates (Daniele Medri) - man: document "s" is default --vacuum-time= suffix (Anatoli Babenia) - rm-rf: Fix assertion (Daan De Meyer) - fd-util: Add extra shortcut to path_is_root_at() (Daan De Meyer) - btrfs-util: Drop redundant parentheses (Daan De Meyer) - repart: Store dm_name in DecryptedPartitionTarget (Daan De Meyer) - mkosi: Remove explicit /testok check (Daan De Meyer) - mkosi: Update to latest (Daan De Meyer) - mkosi: Make sure we build custom kernels with EROFS support (Daan De Meyer) - mkosi: Add bpftool to final image (Daan De Meyer) - mkosi: Add socat to the final image (Daan De Meyer) - udevadm-control: fix error message (David Tardon) - sd-daemon: Add vsock fallback to SOCK_STREAM (Daan De Meyer) - sd-daemon: Use socket type from vsock address if set (Daan De Meyer) - socket-util: Allow specifying socket type in vsock address (Daan De Meyer) - socket: bump listen() backlog to INT_MAX everywhere (Lennart Poettering) - portable: make sure to fsync after extracting/copying (Luca Boccassi) - test: re-enable TEST-02 on ppc64le (Frantisek Sumsal) - test: make sure ping works for unprivileged users (Frantisek Sumsal) - test: copy file xattrs (if any) as well (Frantisek Sumsal) - test: merge TEST-61-UNITTESTS-QEMU with TEST-02-UNITTESTS (Frantisek Sumsal) - proc-cmdline: parse the whole /proc/cmdline (Frantisek Sumsal) - tree-wide: start properly syncing at various places we so far didn't (Lennart Poettering) - coredump: port over code to new LINK_TMPFILE_SYNC flag (Lennart Poettering) - tmpfile-util: add new LINK_TMPFILE_SYNC flag for syncing properly before/after linking in the file (Lennart Poettering) - tmpfile-util: turn last parameter of link_tmpfile() into a proper flags (Lennart Poettering) - portable: do not extract empty unit files (Luca Boccassi) - update TODO (Lennart Poettering) - resolvectl: add resolvectl command for dumping cache contents (Lennart Poettering) - resolved: add DNS_RESOURCE_KEY_TO_STRING() macro helper (Lennart Poettering) - resolved: add dns_resource_key_from_json() helper (Lennart Poettering) - resolved: add DumpCache varlink call for acquiring a complete dump of all of resolved's RR caches (Lennart Poettering) - boot: Unify protocol opening (Jan Janssen) - json: add json_dispatch_variant_noref() helper (Lennart Poettering) - man: explain timesyncd epoch mtime touch files in a bit more detail (Lennart Poettering) - bus-util: add bus_property_get_string_set() helper (Lennart Poettering) - bus-util: add bus_message_append_string_set() helper (Lennart Poettering) - ukify: move verb mangling to finalize_options() (Zbigniew Jędrzejewski-Szmek) - ukify: split out iteration over phase path groups and keys (Zbigniew Jędrzejewski-Szmek) - man,test: root or hardware is not needed for ukify (Zbigniew Jędrzejewski-Szmek) - ukify: fix synopsis in --help (Zbigniew Jędrzejewski-Szmek) - ukify: use pager for --help (Zbigniew Jędrzejewski-Szmek) - meson: bump required version to 0.56.0 (Yu Watanabe) - meson: bump required version to 0.55.0 (Yu Watanabe) - meson: bump required version to 0.54.0 (Yu Watanabe) - meson: define _GNU_SOURCE as '1' (Zbigniew Jędrzejewski-Szmek) - test: drop test for IFLA_NUM_RX_QUEUES (Yu Watanabe) - meson: add systemd.pc and udev.pc to 'devel' target/tag (Luca Boccassi) - test: make coverage runs happy again (Frantisek Sumsal) - execute: fix minor type confusion (Lennart Poettering) - hwdb: fix arrow keys on HP Elite Dragonfly G3 (Benjamin Raison) - battery-util: debug log when we're unsure about the battery level (Mike Yuan) - man: 'flag' parameter in portable1 spec is now used (Luca Boccassi) - tree-wide: fix typos of "boottime"/"BOOTTIME" (Nick Rosbrook) - serialize: add deserialize_strv helper (Luca Boccassi) - test-execute: add unit tests for *DirectorySymlink= (Luca Boccassi) - xdg-autostart-generator: extend start timeout (Lennart Poettering) - boot: Fix memory leak (Jan Janssen) - integritysetup: support mode=(journal|bitmap|direct) (Alfred Klomp) - man/os-release: Add VENDOR_NAME= and VENDOR_URL= keys to os-release (Philip Withnall) - man: document that "systemctl mask" doesn't work for units whose file is in /etc (Lennart Poettering) - ac-power: fix a typo (Mike Yuan) - man: reference naming of triggered services of timer unit (Lennart Poettering) - units: Use ImportCredential= where applicable (Daan De Meyer) - creds: Add ImportCredential= (Daan De Meyer) - tpm2: add tpm2_get_legacy_template() and tpm2_get_srk_template() (Dan Streetman) - tpm2: add tpm2_read_public() (Dan Streetman) - tpm2: add tpm2_get_capability_handle(), tpm2_esys_handle_from_tpm_handle() (Dan Streetman) - execute: Make credential_search_path() more flexible (Daan De Meyer) - core: do not GC units/jobs that are in the D-Bus queue (Lennart Poettering) - unit: don't gc unit in oom queue (Lennart Poettering) - man: document how calendar times catch up after system suspend/hibernation (Lennart Poettering) - update TODO (Lennart Poettering) - man: document that journalctl --user requires Storage=persistent (Lennart Poettering) - sd-journal: when SD_JOURNAL_CURRENT_USER is set, and called from system UID, imply SD_JOURNAL_SYSTEM (Lennart Poettering) - journald: move uid_for_system_journal() to uid-alloc-range.h (Lennart Poettering) - shared: move uid-alloc-range.[ch] from src/shared/ → src/basic/ (Lennart Poettering) - man: suffix --unit with an equal sign, since it expects an argument (Lennart Poettering) - tpm2: replace _cleanup_tpm2_* macros with _cleanup_() (Dan Streetman) - man: drop documentation of internal lookup flags (Lennart Poettering) - pam_systemd_home: suppress LOG_DEBUG msgs if debugging is off (David Tardon) - preset: enable systemd-networkd-wait-online.service by default (Lennart Poettering) - test: wrap agetty & getfacl when running with sanitizers (Frantisek Sumsal) - meson: stop using nested lists for sources (Zbigniew Jędrzejewski-Szmek) - mkosi: Update to latest (Daan De Meyer) - test: drop $SKIP_INITRD (Frantisek Sumsal) - test: rebuild the ldconfig cache after changing its configuration (Frantisek Sumsal) - man: mention that OnCalendar= combines well with systemd-time-wait-sync.service (Lennart Poettering) - Fix zsh completion for "localectl set-locale" (Cyril Roelandt) - kbd-model-map: change the order of Hungarian keymaps (Balló György) - resolved: add comment clarifying why we decompress DNS names when parsing SRV (Lennart Poettering) - man: document which IP ports resolved listens on, and what for (Lennart Poettering) - pam: add call to pam_umask (Michal Sekletar) - meson: use "cpp -E -dM" to process header file (Zbigniew Jędrzejewski-Szmek) - sd-login: add sd_session_get_leader interface (Thorsten Kukuk) - units: change TimeoutSec=0 to TimeoutSec=infinity (Lennart Poettering) - ukify: add 'build' verb (Zbigniew Jędrzejewski-Szmek) - test_ukify: pass through path to addon stub (Zbigniew Jędrzejewski-Szmek) - test_ukify: no stinky root needed for signing (Zbigniew Jędrzejewski-Szmek) - ukify: simplify creation of parser (Zbigniew Jędrzejewski-Szmek) - repart: Do online encryption when loop devices are available (Daan De Meyer) - btrfs-util: Add btrfs_subvol_snapshot_at() (Daan De Meyer) - chattr-util: Make chattr_full() an openat() style function (Daan De Meyer) - btrfs-util: Add btrfs_subvol_set_read_only_at() (Daan De Meyer) - rm-rf: Add rm_rf_at() (Daan De Meyer) - btrfs-util: Add btrfs_subvol_remove_at() (Daan De Meyer) - test-chase: Add one more test for chase_and_openat() (Daan De Meyer) - chase: Allow passing NULL as the empty path to chaseat() (Daan De Meyer) - test-chase: Fix comment (Daan De Meyer) - fd-util: Add path_is_root_at() (Daan De Meyer) - btrfs-util: Add btrfs_is_subvol_at() (Daan De Meyer) - stat-util: Add is_fs_type_at() (Daan De Meyer) - stat-util: Follow coding style in xstatfsat() (Daan De Meyer) - fs-util: Allow passing NULL path to xopenat() (Daan De Meyer) - copy: Merge copy_directory() and copy_directory_fd() into copy_directory_at() (Daan De Meyer) - generators: change TimeoutSec=0 to TimeoutSec=infinity (Lennart Poettering) - man: document OnSuccessJobMode= (Frantisek Sumsal) - tests: fix shellcheck warnings (Luca Boccassi) - tpm2: verify symmetric parms in tpm2_context_new() (Dan Streetman) - tpm2: add tpm2_get_capability(), tpm2_cache_capabilities(), tpm2_capability_pcrs() (Dan Streetman) - test: a couple of assorted cleanups (Frantisek Sumsal) - test: load the SELinux module outside of the VM (Frantisek Sumsal) - test: add a reasoning why we don't use the SELinux-provided units (Frantisek Sumsal) - cgls/cgtop: spell field/column "CGroup" rather than "Control Group" (Lennart Poettering) - 99-systemd.rules.in: guard systemd-backlight udev rules by ENABLE_BACKLIGHT (Simon Braunschmidt) - test: make sure we unmount /var late during shutdown (Frantisek Sumsal) - test: add a couple more tests for systemd-cryptsetup (Frantisek Sumsal) - test: make check_result_*() `set -e` friendly (Frantisek Sumsal) - test: use check_result_common() (Frantisek Sumsal) - cryptsetup: avoid calling strv_find() on a NULL pointer (Frantisek Sumsal) - test: clean up the test cleanup a bit (Frantisek Sumsal) - test: minor cleanup (Frantisek Sumsal) - test: make the data partition larger for the cryptsetup test (Frantisek Sumsal) - test: make the root/data partition size configurable per test (Frantisek Sumsal) - test: introduce test_require_bin() and use it (Frantisek Sumsal) - test: fix indentation (Frantisek Sumsal) - test: move TPM2-related setup stuff into test-functions (Frantisek Sumsal) - ukify: make code pylint clean (Zbigniew Jędrzejewski-Szmek) - test: allow running only specified subtests/testcases (Frantisek Sumsal) - test: Test --offline= in TEST-58-REPART (Daan De Meyer) - man: parition → partition typo fix (Lennart Poettering) - repart: Add --offline argument (Daan De Meyer) - ac-power: add --low switch to systemd-ac-power tool (Lennart Poettering) - battery-util: be more careful when determining whether we are in a low battery state (Lennart Poettering) - battery-util: move battery_is_discharging_and_low() to battery-util.[ch] (Lennart Poettering) - battery-util: split out code that checks AC power state into its own .c/.h pair (Lennart Poettering) - add support for KSM (Stefan Roesch) - chase: fix triggering assertion (Yu Watanabe) - chase: handle root path more carefully in chase_and_open() (Yu Watanabe) - test: move intro() near DEFINE_TEST_MAIN_WITH_INTRO() (Yu Watanabe) - test: add more test cases about path_startswith() (Yu Watanabe) - ci: Report results from CIFuzz using SARIF (jonathanmetzman) - test-kernel-install: add tests for --entry-token= (Yu Watanabe) - kernel-install: introduce --entry-token= option (Yu Watanabe) - test-kernel-install: add tests for --make-entry-directory= (Yu Watanabe) - kernel-install: introduce --make-entry-directory= option (Yu Watanabe) - kernel-install: add --esp-path= and --boot-path= options (Yu Watanabe) - kernel-install: also parse KERNEL_INSTALL_LAYOUT from /etc/machine-info (Yu Watanabe) - kernel-install: make inspect command optionally take kernel image (Yu Watanabe) - kernel-install: rewrite in C (Yu Watanabe) - path-util: fix typo in comment (Gaël PORTAY) - udev: downgrade log level about style issues (Yu Watanabe) - test: drop unnecessary copy of expected output (Yu Watanabe) - udev-rules: terminate log messages with period (Yu Watanabe) - po: Translated using Weblate (Korean) (김인수) - po: Translated using Weblate (Basque) (Asier Sarasua Garmendia) - umount: /usr/ should never be unmounted regardless of HAVE_SPLIT_USR or not (Lennart Poettering) - test: drop the --recursive=no test (Frantisek Sumsal) - test: ignore missing coverage in TEST-82-SOFTREBOOT (Frantisek Sumsal) - sysupdate.d: Add way to drop binaries into $BOOT (Adrian Vovk) - update TODO (Lennart Poettering) - test: add integration test for soft reboots incl. fdstore passing (Lennart Poettering) - test: disable SoftReboot() in dfuzzer test for now (Lennart Poettering) - man: document the soft reboot operation (Lennart Poettering) - fstab-util: consider /run/nextroot/ among extrinsic mounts (Lennart Poettering) - mount-setup: exclude /run/nextroot/ from relabelling (Lennart Poettering) - switch-root: automatically make target switch root dir a mount point (Lennart Poettering) - mount-util: add fd_make_mount_point() helper (Lennart Poettering) - mkosi: Enable more options (Daan De Meyer) - test: probe a couple more paths in systemd-run (Frantisek Sumsal) - switch-root: disable sync() again when we switch root during shutdown (Lennart Poettering) - switch-root: introduce SwitchRootFlags flags parameter to switch_root() (Lennart Poettering) - switch-root: always use MS_BIND to move api vfs over (Lennart Poettering) - systemctl: add "systemctl soft-reboot" command (Lennart Poettering) - logind: add support for 'soft-reboot' reboots (Lennart Poettering) - pid1: add "soft-reboot" reboot method (Lennart Poettering) - tree-wide: port various pieces of code over to ROUND_UP() (Lennart Poettering) - test-macro: add ROUND_UP() macro for rounding up to next multiple (Lennart Poettering) - coverage: add a wrapper for execvpe() (Frantisek Sumsal) - shutdown: tone down failure messages a bit (Lennart Poettering) - detach-loopback: also don't bother detaching loopback block device /usr/ is running off (Lennart Poettering) - detach-md: similar to the DM case, also don't try to detach MD device backing /usr/ (Lennart Poettering) - shutdown: don't attempt to detach DM volume backing /usr/ (Lennart Poettering) - detach-loopback: also decouple from umount.h (Lennart Poettering) - detach-md: also decouple structures from umount.h (Lennart Poettering) - detach-dm: decouple from umount.[ch] (Lennart Poettering) - detach-swap: decouple from umount.h (Lennart Poettering) - umount: split out swap detachment code too (Lennart Poettering) - umount: split out loopback detach code (Lennart Poettering) - umount: similar as previous commit, split out DM detaching (Lennart Poettering) - umount: split out MD detaching code from umount.c (Lennart Poettering) - dissect-image: fix partition label version compare (Lennart Poettering) - mkosi: Only lower device timeout instead of all timeouts (Daan De Meyer) - core: Add systemd.default_device_timeout_sec= cmdline option (Daan De Meyer) - mkosi: Sign expected PCRs (Daan De Meyer) - mkosi: Remove file blacklisting erofs module in opensuse initrd (Daan De Meyer) - mkosi: Enable set -e in postinst script (Daan De Meyer) - mkosi: Move python3-pytest-flakes to build packages on opensuse (Daan De Meyer) - mkosi: Add missing tss2 dependencies (Daan De Meyer) - meson: Add missing tss2-tcti-device dependency (Daan De Meyer) - mkosi: Update to latest (Daan De Meyer) - fstab-generator: if we mount via roothash=/usrhash= let's imply "ro" mount option (Lennart Poettering) - test: sync with the fake binary before killing it (Frantisek Sumsal) - test: clean up our mess after the pstore test (Frantisek Sumsal) - test: add a couple of tests for systemd-run (Frantisek Sumsal) - socket: avoid memory leak on incomplete SocketPort object (Frantisek Sumsal) - man: fix sd_journal_*_with_location's func argument (Hannu Lounento) - dbus-util: let's take it down a notch when converting file mode to string (Frantisek Sumsal) - test: make the multiple-file test more thorough (Frantisek Sumsal) - veritysetup: remove double escaping of data device + hash device spec (Lennart Poettering) - veritysetup: minor renaming of functions (Lennart Poettering) - {crypt|verity}setup: mention volume name in some error messages (Lennart Poettering) - {crypt|verity}setup: replace dep on systemd-tmpfiles-setup-dev.service by modprobe@loop.service (Lennart Poettering) - veritysetup-generator: only generate one set of deps on systemd-tmpfiles-setup-dev.service (Lennart Poettering) - veritysetup-generator: imply x-initrd.attach for "usr" and "root" volumes (Lennart Poettering) - cryptsetup-generator: imply x-initrd.attach for "usr" and "root" volumes (Lennart Poettering) - units: don't stop blockdev@.target unit at shutdown (Lennart Poettering) - units: set DefaultDependencies=no for veritysetup slice (Lennart Poettering) - veritysetup-generator: use generic veritysetup writers at one more place (Lennart Poettering) - cryptsetup: fix whitespace issue (Lennart Poettering) - fstab-util: drop redundant check (Lennart Poettering) - sd-journal: fix assignment of tail entry offset (Yu Watanabe) - build(deps): bump github/codeql-action from 2.2.9 to 2.3.5 (dependabot[bot]) - build(deps): bump meson from 1.1.0 to 1.1.1 in /.github/workflows (dependabot[bot]) - test: make TEST-04 stable once again (Frantisek Sumsal) - test-sizeof: let's be a tiny bit more careful when using glibc internal types (Lennart Poettering) - build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler (dependabot[bot]) - build(deps): bump actions/labeler from 4.0.3 to 4.0.4 (dependabot[bot]) - build(deps): bump redhat-plumbers-in-action/differential-shellcheck (dependabot[bot]) - repart: Use COPY_TRUNCATE (Daan De Meyer) - copy: Add COPY_TRUNCATE (Daan De Meyer) - test-bus-server: simplify return value handling (Zbigniew Jędrzejewski-Szmek) - various: remove typo/unusual spelling (Zbigniew Jędrzejewski-Szmek) - networkd/dhcpserver: Save and expose the client hostname sent when requesting a DHCP lease. (Rene Hollander) - tree-wide: use memstream-util (Yu Watanabe) - util: introduce memstream-util (Yu Watanabe) - calendarspec: rename arguments (Yu Watanabe) - elf-util: rename stack_context_destroy() -> stack_context_done() (Yu Watanabe) - sd-bus: rename introspect_free() -> introspect_done (Yu Watanabe) - tree-wide: use _cleanup_set_free_ and friends (Yu Watanabe) - oomd: drop unused key (Yu Watanabe) - core/cgroup: fix setting SocketBindAllow=/SocketBindDeny= through DBus (Yu Watanabe) - core/transaction: drop job that has unfulfilled required (Requires, BindsTo) dependencies (Michal Sekletar) - man: vconsole.conf: replace the hardcoded keymap with build-time default (Mike Yuan) - test: skip the test early if we're built without systemd-homed (Frantisek Sumsal) - wait-online: request that at least one managed online interface exists (Yu Watanabe) - hwdb: add support for Elgato Stream Deck mini (gen 2) (Times-Z) - units: pull in local-fs-pre.target from systemd-tmpfiles-setup-dev.service (Zbigniew Jędrzejewski-Szmek) - tpm2: sort tpm2 symbol list (Dan Streetman) - tpm2: remove all extern tpm2-tss symbols (Dan Streetman) - tpm: remove external calls to dlopen_tpm2() (Dan Streetman) - bootctl: also print efi files not owned by systemd in status (Arian van Putten) - mkosi: Check for failures by mounting again (Daan De Meyer) - mkosi: Don't fail on systemd-vconsole-setup.service failure for now (Daan De Meyer) - mkosi: Disable cmdline addon test for now (Daan De Meyer) - mkosi: Use proper check to detect whether we're in a VM (Daan De Meyer) - mkosi: Blacklist vmw_vmci to avoid issues with vsock in Github Actions (Daan De Meyer) - mkosi: Enforce usage of vsock with qemu in CI (Daan De Meyer) - mkosi: Update to latest (Daan De Meyer) - sd-daemon: Add debug logging (Daan De Meyer) - sd-daemon: Introduce pid_notify_with_fds_internal() (Daan De Meyer) - sysv-generator-test: Bump log level to info (Daan De Meyer) - repart: Add --architecture option (Daan De Meyer) - gpt: Add gpt_partition_type_override_architecture() (Daan De Meyer) - gpt: Use FOREACH_ARRAY (Daan De Meyer) - fs-util: Add XOpenFlags with XO_LABEL flag to have xopenat() MAC label files/dirs (Daan De Meyer) - label: Introduce LabelOps to do pre/post labelling operations (Daan De Meyer) - test-fstab-generator: fix test on systemd with systemd-boot (Zbigniew Jędrzejewski-Szmek) - test-loopback: run test in network + user namespace (Lennart Poettering) - loopback-setup: clean up logging (Lennart Poettering) - loopback-setup: set IFA_F_NOPREFIXROUTE when configuring 'lo' ipv6 address (Lennart Poettering) - find-esp: drop some redundant 'else' (Lennart Poettering) - find-esp: change "unprivileged_mode" parameter to be tristate (Lennart Poettering) - tmpfiles: use same credstore perms everywhere (Lennart Poettering) - sd-network: use structured initialization (Frantisek Sumsal) - journal-remote: use structured initialization (Frantisek Sumsal) - bootctl: Print version number of detected binaries (Arian van Putten) - core,shared: add a couple of asserts (Frantisek Sumsal) - ci: add gcc-13, drop gcc-12 (Frantisek Sumsal) - test-dlopen: allow loading of multiple libraries (Zbigniew Jędrzejewski-Szmek) - shared/loop-util: add comment (Zbigniew Jędrzejewski-Szmek) - tests: drop unnecessary redirection of stderr (Zbigniew Jędrzejewski-Szmek) - dissect: use pager for --help (Zbigniew Jędrzejewski-Szmek) - basic/user-util: attach pointer symbol to return type, not function (Zbigniew Jędrzejewski-Szmek) - label: Rename to label-util.h (Daan De Meyer) - test-udev: Skip running in container (Daan De Meyer) - oom: Make sure temporary test file is in /tmp (Daan De Meyer) - kmod-setup: Load virtio-vsock kernel module early (Daan De Meyer) - gpt: Fix copy paste error (Daan De Meyer) - repart: Allow target directory excludes (Daan De Meyer) - shared/loop-util: use longer delay when waiting for loop device (Zbigniew Jędrzejewski-Szmek) - man: extend description of .target a bit (Zbigniew Jędrzejewski-Szmek) - man/systemd-gpt-auto-generator: mention that swap may be on luks too (Zbigniew Jędrzejewski-Szmek) - man/systemctl: say that kexec loads the kernel, mention --force (Zbigniew Jędrzejewski-Szmek) - man/repart: document partition creation order (Zbigniew Jędrzejewski-Szmek) - man: generate link mode list dynamically (Zbigniew Jędrzejewski-Szmek) - shared/ethtool-util: autogenerate table of link mode names (Zbigniew Jędrzejewski-Szmek) - Fix failing test (Richard Phibel) - network: do not request dynamic addressing protocols finished when at least one static address is configured (Yu Watanabe) - network: require DHCP protocol to be finished when an address of delegated prefix is assigned (Yu Watanabe) - meson: use -Werror=strict-flex-arrays (Frantisek Sumsal) - boot: make Event a standard-conforming flexible array (Frantisek Sumsal) - man: mention that udevadm verify also checks for udev rules style issues (Dmitry V. Levin) - man/analyze: drop paths from output examples (Zbigniew Jędrzejewski-Szmek) - man/analyze: reword description of malloc and fix link (Zbigniew Jędrzejewski-Szmek) - TEST-58: remove whitespace between redirection operator and its argument (Zbigniew Jędrzejewski-Szmek) - TEST-58: add echo calls to print what is happening (Zbigniew Jędrzejewski-Szmek) - TEST-58: create config files as root (Zbigniew Jędrzejewski-Szmek) - test/README: fix advice for testsuite debugging (Zbigniew Jędrzejewski-Szmek) - Support no-journal for dm-integrity devices. (Russell Harmon) - network: rewrite dynamic addressing protocol checkers in link_check_ready() (Yu Watanabe) - bpf: test with GCC BPF compiler on opensuse (James Hilliard) - home: move the assert back to the intended place (Frantisek Sumsal) - bpf: stabilize GCC BPF support (James Hilliard) - dissect: implement the same logic as gpt-auto-generator (Zbigniew Jędrzejewski-Szmek) - gpt-auto-generator: rework/simplify logic for picking /efi or /boot (Zbigniew Jędrzejewski-Szmek) - core: Handle cgroup pruning in on_cgroup_empty_event (Richard Phibel) - core: Don't GC unit if it is in cgroup_empty_queue (Richard Phibel) - man/tmpfiles: add more man page citerefs (Zbigniew Jędrzejewski-Szmek) - resolvectl: drop extra colon (David Tardon) - basic/syscall: update syscall list (Yu Watanabe) - gpt/DPS: add more aliases for python's machine (Luca Boccassi) - journalctl: fix --follow with non-matching filter (Yu Watanabe) - sd-journal: introduce sd_journal_step_one() (Yu Watanabe) - test: add testcase for 'journalctl --follow --cursor-file=' (Yu Watanabe) - journalctl: also update cursor with --follow (Yu Watanabe) - journalctl: replace ppoll() loop with sd_event_loop() (Yu Watanabe) - journalctl: split out show() (Yu Watanabe) - journalctl: split out update_cursor() (Yu Watanabe) - journalctl: split out action_list_fields() (Yu Watanabe) - journalctl: fix --no-tail handling (Yu Watanabe) - journalctl: use correct variable to check if --since is specified (Yu Watanabe) - journalctl: always initialize global variables (Yu Watanabe) - po: add a false positive to POTFILES.skip (Piotr Drąg) - tree-wide: Downgrade a few more noisy log messages to trace (Daan De Meyer) - boot/measure: replace TPM PolicyPCR session with calculation (Dan Streetman) - Add DHCPServer information to JSON output. (Rene Hollander) - Revert "test: add test case for systemd-update-utmp vs daemon-reexec" (Frantisek Sumsal) - journalctl: split get_boots() into three (Yu Watanabe) - logs-show: introduce add_match_boot_id() helper function (Yu Watanabe) - gpt/DPS: alias amd64 to x86-64 and aarch64 to arm64 (Luca Boccassi) - test-gpt: verify that alias entries are identical to the primary ones (Lennart Poettering) - tpm2: add tpm2_calculate_sealing_policy() (Dan Streetman) - tpm2: use tpm2_policy_authorize() (Dan Streetman) - tpm2: add tpm2_policy_authorize() (Dan Streetman) - tpm2: add tpm2_policy_auth_value() (Dan Streetman) - tpm2: add tpm2_policy_pcr() (Dan Streetman) - tpm2: rename pcr_values_size vars to n_pcr_values (Dan Streetman) - tpm2: add tpm2_get_name() (Dan Streetman) - tpm2: add tpm2_set_auth() (Dan Streetman) - tpm2: replace hash_pin() with tpm2_digest_*() functions (Dan Streetman) - tpm2: add tpm2_digest_*() functions (Dan Streetman) - man: fix UKI filename suffix in 'tries' description (Vitaly Kuznetsov) - mount-util: Downgrade another noisy debug log to trace level (Daan De Meyer) - nspawn: restore cross-architecture booting (Luca Boccassi) - udev: introduce .PART_SUFFIX internal property (Yu Watanabe) - sd-network: avoid leaking DHCPLease (Frantisek Sumsal) - sd-journal: log about errors from ordered_hashmap_*() (Frantisek Sumsal) - journal-remote: bump the refcount right after creating the writer object (Frantisek Sumsal) - various: fix error message for bus_wait_for_jobs_new() (Zbigniew Jędrzejewski-Szmek) - units: order systemd-firstboot after systemd-tmpfiles-setup (Zbigniew Jędrzejewski-Szmek) - firstboot: synchronously wait for systemd-vconsole-setup.service/restart job (Zbigniew Jędrzejewski-Szmek) - fstab-generator: use correct swap name var (Frantisek Sumsal) - core: change 'basename' to 'path_extract_filename' (Jordan Rome) - core/unit: update bidirectional dependency simultaneously (Yu Watanabe) - core/unit: search shared namespace in transitive relation of JoinsNamespaceOf= (Yu Watanabe) - loginctl: use FORMAT_TIMESTAMP_RELATIVE_MONOTONIC (Mike Yuan) - loginctl: realign bus_properties_map (Mike Yuan) - systemctl: list-units: use TABLE_TIMESTAMP_RELATIVE_MONOTONIC (Mike Yuan) - time-util,format-table: add relative_monotonic variant for timestamp (Mike Yuan) - tmpfiles: Allow C escapes (Will Fancher) - tmpfiles: Test C-style escape sequences (Will Fancher) - test: split the ASan wrapper into smaller blocks and tidy it up a bit (Frantisek Sumsal) - core/unit: make JoinsNamespaceOf= implies the inverse dependency (Yu Watanabe) - core/unit: drop doubled empty line (Yu Watanabe) - test: add tests for JoinsNamespaceOf= (Yu Watanabe) - units: Shut down networkd and resolved on switch-root (Daan De Meyer) - rules: add rule for accel devices (Stanislaw Gruszka) - gpt-auto-generator: also honor systemd.swap=no (David Tardon) - man: add trailing = (David Tardon) - meson: Create credstore directories (Daan De Meyer) - resolved-dns-rr: use automatic cleanup (David Tardon) - update TODO (Lennart Poettering) - mount-util: Downgrade log message to trace (Daan De Meyer) - mkosi: Bump default timeout to 180s (Daan De Meyer) - tree-wide: check memstream buffer after closing the handle (Frantisek Sumsal) - system-update-generator: drop pointless goto (David Tardon) - loginctl: also show idle hint in session-status (Mike Yuan) - loginctl: list-users: use bus_map_all_properties (Mike Yuan) - loginctl: list-sessions: fix timestamp for idle hint (Mike Yuan) - loginctl: some modernizations (Mike Yuan) - ukify: fix handling signed kernel as file (Malte Poll) - sd-journal: propagate errors from ordered_hashmap_*() (Frantisek Sumsal) - timer: use dual_timestamp_is_set() at one more place (David Tardon) - tree-wide: use timestamp_is_set() at more places (David Tardon) - TODO: remove fixed item (Luca Boccassi) - stub: allow loading and verifying cmdline addons (Luca Boccassi) - core: drop UnitNotifyFlags (Mike Yuan) - core: get rid of unused Service.will_auto_restart logic (Mike Yuan) - journal-upload: use mfree() (David Tardon) - tree-wide: use free_and_str*dup() more (David Tardon) - tree-wide: use free_and_replace() more (David Tardon) - env-file: use free_and_replace() (Frantisek Sumsal) - specifier: avoid leaking memory on allocation error (Frantisek Sumsal) - resolve: avoid memory leak from a partially processed RR (Frantisek Sumsal) - sd-journal: use TAKE_PTR() a bit more (Frantisek Sumsal) - sd-journal: avoid double-free (Frantisek Sumsal) - test: add test case for systemd-update-utmp vs daemon-reexec (Yu Watanabe) - test: drop a workaround (Yu Watanabe) - update-utmp: reconnect after sleep when PID1 is reexecuting (Yu Watanabe) - update-utmp: update log message (Yu Watanabe) - update-utmp: downgrade log level of ignored failure (Yu Watanabe) - update-utmp: swap q <-> r (Yu Watanabe) - update-utmp: modernize get_startup_monotonic_time() (Yu Watanabe) - update-utmp: rebreak comments (Yu Watanabe) - update-utmp: use verbs (Yu Watanabe) - ukify: add default .sbat section for addons (Luca Boccassi) - ukify: use empty stub for addons (Luca Boccassi) - elf2efi: ensure minimum gap between .text and other sections (Luca Boccassi) - elf2efi: add parameter to increase reserved space for headers (Luca Boccassi) - stub/measure: document and measure .uname UKI section (Luca Boccassi) - timer: Use dual_timestamp_is_set() in one more place (Daan De Meyer) - efi: set EFIVAR to stop Shim from uninstalling its protocol (Luca Boccassi) - execute: add missing NULL handling (Lennart Poettering) - mount: check right before invoking /bin/umount if it makes sense (Lennart Poettering) - sd-event: add an explicit API for leaving the ratelimit state (Lennart Poettering) - core: split out default network dep generation into own function (Lennart Poettering) - core: suppress various defaults deps for credentials mounts (Lennart Poettering) - unit: add ordering dep relative to credentials dir (Lennart Poettering) - core/timer: Always use inactive_exit_timestamp if it is set (Daan De Meyer) - loginctl: show session idle status in list-sessions (David Tardon) - test: rotate journal before storing coredumps (Yu Watanabe) - oomctl: convert a oom1.Manager call to BusLocator (David Tardon) - bus-locator: sort the list (David Tardon) - bus-locator: declare bus locator for oom1 and timesync1 (David Tardon) - hostnamectl: convert more hostname1 calls to BusLocator (David Tardon) - tree-wide: convert more resolve1.Manager calls to BusLocator (David Tardon) - journalctl: convert a machine1.Manager call to BusLocator (David Tardon) - sleep: convert a home1.Manager call to BusLocator (David Tardon) - login: use NULL to denote arg-less method call (David Tardon) - tree-wide: convert more login1.Manager calls to BusLocator (David Tardon) - tree-wide: convert more system1.Manager calls to BusLocator (David Tardon) - test-network: add tests for vlan QoS mapping (Yu Watanabe) - network/vlan: paranoia about type safety (Yu Watanabe) - network/vlan: drop unnecessary restriction for QoS mapping (Yu Watanabe) - core/slice: shorten code a bit (Yu Watanabe) - test: add test cases for defining mount and swap units from kernel cmdline (Yu Watanabe) - fstab-generator: support defining mount units through kernel command line (Yu Watanabe) - fstab-generator: fix error code propagation in run_generator() (Yu Watanabe) - fstab-generator: refuse invalid mount point path in fstab earlier (Yu Watanabe) - fstab-generator: refuse to add swap earlier if disabled (Yu Watanabe) - fstab-generator: call add_swap() earlier (Yu Watanabe) - fstab-generator: split out several functions from parse_fstab() (Yu Watanabe) - test-fstab-generator: add tests for mount options (Yu Watanabe) - test-fstab-generator: also check file contents (Yu Watanabe) - efi: support passing empty cmdline to mangle_stub_cmdline() (Luca Boccassi) - efi: move get_dropin_dir to util.c (Luca Boccassi) - stub: measure SMBIOS kernel-cmdline-extra in PCR12 (Luca Boccassi) - elf2efi: Do not emit an empty relocation section (Jan Janssen) - core: Do not check child freezability when thawing slice (msizanoen1) - sd-boot,sd-stub: also print version after the address (Zbigniew Jędrzejewski-Szmek) - mkfs-util: Silence noisy warning from mkfs.btrfs (Daan De Meyer) - test: test O_CLOEXEC filtering of fdset fill logic (Lennart Poettering) - fdset: minor modernizations (Lennart Poettering) - tree-wide: Fix false positives on newer gcc (Daan De Meyer) - json: correctly handle magic strings when parsing variant strv (Frantisek Sumsal) - pid1: when taking possession of passed fds check O_CLOEXEC state first (Lennart Poettering) - log: propagate max log level into glibc's setlogmask() (Lennart Poettering) - udevadm: improve debug logging when triggering/watching events (Lennart Poettering) - localed: simplify method call (Zbigniew Jędrzejewski-Szmek) - firstboot: reload manager after writing /etc/locale.conf (Zbigniew Jędrzejewski-Szmek) - firstboot: do vconsole setup after configuring keymap (Zbigniew Jędrzejewski-Szmek) - firstboot: process the root account after sysusers created it (Zbigniew Jędrzejewski-Szmek) - shared/condition: add envvar override for the check for first-boot (Zbigniew Jędrzejewski-Szmek) - sysusers: fix argument confusion in error message (Zbigniew Jędrzejewski-Szmek) - sysusers: add usual "ret_" prefix, fix messages (Zbigniew Jędrzejewski-Szmek) - units: create /dev with --graceful first, allow sysusers to run later (Zbigniew Jędrzejewski-Szmek) - man: extend description of --boot (Zbigniew Jędrzejewski-Szmek) - repart: do not require /var/tmp if not used (Zbigniew Jędrzejewski-Szmek) - tmpfiles: add --graceful (Zbigniew Jędrzejewski-Szmek) - basic/user-util: return -ESRCH if passwd/group are missing (Zbigniew Jędrzejewski-Szmek) - sd-bus: refuse to send messages with an invalid string (Yu Watanabe) - tmpfiles: align table (Zbigniew Jędrzejewski-Szmek) - firstboot: clarify that machine-id options are only offline, add missing docs (Zbigniew Jędrzejewski-Szmek) - units: make sure proc-sys-binfmt_misc.automount is actually stopped (Zbigniew Jędrzejewski-Szmek) - units/systemd-repart: stop pretending that root config is executed in the initrd (Zbigniew Jędrzejewski-Szmek) - shared/generator: apply similar config reordering of generated units (Zbigniew Jędrzejewski-Szmek) - units: do more reordering of ordering config (Zbigniew Jędrzejewski-Szmek) - update TODO (Lennart Poettering) - loginctl: use bus_map_all_properties (David Tardon) - loginctl: shorten variable name (David Tardon) - networkctl: fix a potential memory leak (Frantisek Sumsal) - test: extend test for loginctl list-* (David Tardon) - core/service: when resetting PID also reset known flag (Michal Sekletar) - mkosi: Make sure persistent journal storage is enabled (Daan De Meyer) - repart: Default to vfat for ESP/XBOOTLDR partitions (Daan De Meyer) - login: add test for SetIdleHint (David Tardon) - login: do not hardcode tty used in TEST-35-LOGIN (David Tardon) - man: use setlogmask in LogControl1 example (Luca Boccassi) - test: use run_testcases() in a few more places (Frantisek Sumsal) - test: add a missing session activation (Frantisek Sumsal) - test: prefix "internal" stuff with an underscore (Frantisek Sumsal) - test: abstract the test case logic into a shared function (Frantisek Sumsal) - zsh: amend completion for networkctl edit (Ronan Pigott) - test: fix a typo in the cleanup stuff (Frantisek Sumsal) - test: avoid memleak when allocation fails (Frantisek Sumsal) - shared: correctly propagate possible allocation errors (Frantisek Sumsal) - wait-online: downgrade log level of failure that interface is removed or unmanaged during processing it (Yu Watanabe) - boot: Read files in small chunks on broken firmware (Jan Janssen) - man: AllowedIPs= can be specified multiple times (Yu Watanabe) - network/wireguard: make AllowedIPs= cleared by specifying an empty string (Yu Watanabe) - test: install test specific modules in test_append_files() (Yu Watanabe) - Revert "Revert "journal: Make sd_journal_previous/next() return 0 at HEAD/TAIL"" (Chen Qi) - sd-journal: save correct location specifier (Yu Watanabe) - test-journal-interleaving: extend tests to clarify the issue in sd_journal_next() or friends (Yu Watanabe) - udevadm-verify: introduce --no-summary option (Dmitry V. Levin) - test: add tests for networkctl edit/cat (Mike Yuan) - networkctl: add verb edit and cat to operate on network configs (Mike Yuan) - conf-parser: move config_get_dropin_files to conf-files (Mike Yuan) - networkctl: mark some verbs as online only (Mike Yuan) - networkctl: fix a typo in log message (Mike Yuan) - networkctl: add missing asserts (Mike Yuan) - networkctl: check netns only if networkd is running (Mike Yuan) - sd-event: check the allocation before calling expand_to_usable() (Frantisek Sumsal) - fuzz: avoid a couple of NULL pointer dereferences (Frantisek Sumsal) - README: drop the CentOS CI SELinux job (Frantisek Sumsal) - udev: add USB revision in ID_PATH (Yu Watanabe) - udev-builtin-path_id: split out add_id_tag() (Yu Watanabe) - udev: check existence of property before use (Yu Watanabe) - cryptenroll: update log messages (Yu Watanabe) - cryptenroll: drop unmet condition (Yu Watanabe) - test: replace Makefile for several tests with symlink to the one for TEST-01-BASIC (Yu Watanabe) - test: check if we correctly handle locales with leading spaces (Frantisek Sumsal) - tests: run all functions with testcase_ prefix automagically (Frantisek Sumsal) - test: check if we correctly handle invalid UTF-8 in mount stuff (Frantisek Sumsal) - test: assorted TEST-13-NSPAWN tweaks (Frantisek Sumsal) - test: check if we can use --merge with --follow (Frantisek Sumsal) - units: order sysinit.target, debug-shell.service after systemd-vconsole-setup (Zbigniew Jędrzejewski-Szmek) - rules: start systemd-vconsole-setup via unit (Zbigniew Jędrzejewski-Szmek) - pid1: order units using TTYVHangup= after vconsole setup (Zbigniew Jędrzejewski-Szmek) - namespace-util: use inode_same_at() instead of FORMAT_PROC_FD_PATH() (Lennart Poettering) - stat-util: rename files_same() → inode_same() (Lennart Poettering) - switch-root: check if old and new root fs is same via files_same_at() (Lennart Poettering) - stat-util: add _at() variant for files_same() (Lennart Poettering) - journalctl: make --follow work with --merge again (Frantisek Sumsal) - manager: restrict Dump*() to privileged callers or ratelimit (Luca Boccassi) - ratelimit: add ratelimit_left helper (Luca Boccassi) - units: order getty units after getty-pre.target unconditionally (Zbigniew Jędrzejewski-Szmek) - vconsole-setup: reduce variable scope, shorten things (Zbigniew Jędrzejewski-Szmek) - switch-root: sync() before MNT_DETACH unmounting all old mounts (Lennart Poettering) - tree-wide: remove (void) cast around sync() (Lennart Poettering) - update TODO (Lennart Poettering) - test: build the SELinux test module on the host (Frantisek Sumsal) - test: drop generated stuff from the final coverage report (Frantisek Sumsal) - test: make the stress test slightly less stressful on slower machines (Frantisek Sumsal) - core/device: downgrade error when units specified in SYSTEMD_WANTS= not found (Yu Watanabe) - unit: add conditions and deps to make oomd.socket and .service consistent (Yu Watanabe) - hwdb: fix Positivo CG15D key toggle touchpad and programmable keys (#27689) (Edson Juliano Drosdeck) - udevadm-verify: add support for directory arguments (Dmitry V. Levin) - udev-rules: avoid issuing redundant diagnostics in verify mode (Dmitry V. Levin) - integration test: pass 'noresume' to qemu (Luca Boccassi) - testsuite-17.11.sh: fix assert_1() (Dmitry V. Levin) - test: wrap setfacl when running with ASan (Frantisek Sumsal) - oomd: shorten message (Zbigniew Jędrzejewski-Szmek) - sd-bus,sd-event: allow querying of description even after fork (Zbigniew Jędrzejewski-Szmek) - sd-bus: do not assert if bus description is not set (Zbigniew Jędrzejewski-Szmek) - meson: rename "dist-check" suite to "dist" (Zbigniew Jędrzejewski-Szmek) - meson: rename "fuzzers" suite to "fuzz" (Zbigniew Jędrzejewski-Szmek) - test: don't mount /sys & /proc if already mounted (Frantisek Sumsal) - nspawn: make the error message less confusing (Frantisek Sumsal) - test: add a couple of tests for nspawn config files (Frantisek Sumsal) - nspawn: correctly parse a list of interfaces (Frantisek Sumsal) - test: create nspawn config files when collecting coverage (Frantisek Sumsal) - test: cover --bind-user= (Frantisek Sumsal) - test: add a couple of sanity tests for --port= (Frantisek Sumsal) - test: drop "check" from test case names (Frantisek Sumsal) - test: exercise a couple of error paths in nspawn's OCI code as well (Frantisek Sumsal) - nspawn: clean up & unify cleanup handlers (Frantisek Sumsal) - fuzz: rename long samples (Zbigniew Jędrzejewski-Szmek) - mkosi: use wildcard to shorten things (Zbigniew Jędrzejewski-Szmek) - Revert "resolved: address DVE-2018-0001" (Dimitri John Ledkov) - nspawn: use ASSERT_PTR() more (Frantisek Sumsal) - nss-resolve: report EAI_NODATA (Mateusz Poliwczak) - busctl: Add space before "tree" paths for copying (Matt Johnston) - README: drop busybox requirement (Yu Watanabe) - Revert (partially) "man: Clarify when OnFailure= activates after restarts (#7646)" (Mike Yuan) - test: explicitly use bash (Frantisek Sumsal) - test: get rid of the busybox stuff (Frantisek Sumsal) - bus-unit-util: add missing RestartSteps and RestartMaxDelaySec to bus_append_service_property (Mike Yuan) - core: rename RestartSecMax to RestartMaxDelaySec (Mike Yuan) - test: mangle the machine ID only for the QEMU test part (Frantisek Sumsal) - man: fixes for assorted issues reported by the manpage-l10n project (Zbigniew Jędrzejewski-Szmek) - man/tmpfiles: fix off-by-one in example (Zbigniew Jędrzejewski-Szmek) - man: explain allowed values for /sys/power/{disk,state} (Zbigniew Jędrzejewski-Szmek) - man: say that ProtectClock= also affects reads (Zbigniew Jędrzejewski-Szmek) - switch-root: when switching root via MS_MOVE unmount all remaining mounts first (Lennart Poettering) - test: add test for umount_recursive() (Lennart Poettering) - mount-util: make "prefix" parameter optional for umount_recursive() (Lennart Poettering) - mount-util: extend umount_recursive() to optionally take list of dirs to exclude from the unmounting (Lennart Poettering) - mount-util: keep fd to /proc/self/mountinfo continously open in umount_recursive() (Lennart Poettering) - test: move runas() to the shared utility library (Frantisek Sumsal) - test: make shellcheck happy again (Frantisek Sumsal) - test: merge TEST-48-START-STOP-NO-RELOAD into TEST-23-UNIT-FILE (Frantisek Sumsal) - test: merge TEST-49-RUNTIME-BIND-PATHS into TEST-23-UNIT-FILE (Frantisek Sumsal) - test: clean up test artifacts (Frantisek Sumsal) - test: merge TEST-28-PERCENTJ-WANTEDBY into TEST-23-UNIT-FILE (Frantisek Sumsal) - test: merge TEST-56-EXIT-TYPE into TEST-19-CGROUP (Frantisek Sumsal) - test: rename TEST-19-DELEGATE to TEST-19-CGROUP (Frantisek Sumsal) - test: introduce get_cgroup_hierarchy() (Frantisek Sumsal) - test: rename assert.sh to util.sh (Frantisek Sumsal) - test: merge TEST-33-CLEAN-UNIT into TEST-23-UNIT-FILE (Frantisek Sumsal) - test: merge TEST-27-STDOUTFILE into TEST-23-UNIT-FILE (Frantisek Sumsal) - test: merge TEST-14-MACHINE-ID into TEST-74-AUX-UTILS (Frantisek Sumsal) - man/systemd-sysext: correct explanation of confexts directories (Antonio Alvarez Feijoo) - switch-root: add a comment regarding the safety limits of rm_rf_children() (Lennart Poettering) - man: indicate that the JOB parameter to "systemctl cancel" is optional (Lennart Poettering) - test: add test for state in loginctl list-{users,sessions} (Mike Yuan) - loginctl: list-sessions: also show state (Mike Yuan) - loginctl: list-sessions: minor modernization (Mike Yuan) - loginctl: list-users: also show state (Mike Yuan) - busctl: set a description for the bus connection (Lennart Poettering) - pid1: debug log client comm/description strings if available for incoming connections (Lennart Poettering) - test: add testcase for the new sockaddr metainfo logic (Lennart Poettering) - sd-bus: use the new information in the client's sockaddr in the creds structure (Lennart Poettering) - test: add basic test for memfd_set_sealed() and memfd_get_sealed() (Yu Watanabe) - memfd-util: set F_SEAL_EXEC flag if supported (Yu Watanabe) - memfd-util: memfd may also have F_SEAL_EXEC flag (Yu Watanabe) - missing: add more F_SEAL_XYZ flags (Yu Watanabe) - base-filesystem: mention why we don't carry an entry for /tmp/ for now (Lennart Poettering) - nspawn: make sure the device type survives when setting device mode (Frantisek Sumsal) - base-filesystem: also set up /run/ mount point if missing (Lennart Poettering) - test: add tests for renaming network interface (Yu Watanabe) - fuzz: update the base JSON for fuzz-nspawn-oci (Frantisek Sumsal) - test: add a couple of tests for nspawn's OCI stuff (Frantisek Sumsal) - nspawn: fix a global-buffer-overflow (Frantisek Sumsal) - nspawn: fix inverted condition (Frantisek Sumsal) - nspawn: call json_dispatch() with a correct pointer (Frantisek Sumsal) - nspawn: all hooks should be arrays of objects, not just objects (Frantisek Sumsal) - nspawn: use the just returned errno in the log message (Frantisek Sumsal) - nspawn: disableOOMKiller should be boolean, not int (Frantisek Sumsal) - nspawn: modernize the cleanup functions a bit (Frantisek Sumsal) - nspawn: avoid NULL pointer dereference (Frantisek Sumsal) - sd-bus: bind outgoing AF_UNIX sockets to abstract addresses conveying client comm + bus description string (Lennart Poettering) - test-bus-server: minor modernizations (Lennart Poettering) - test-bus-chat: modernize a few things (Lennart Poettering) - mount-setup: minor modernization (Lennart Poettering) - mount-setup: minor log improvement (Lennart Poettering) - mount-setup: port to logging about mount attempts via mount_*follow_verbose() (Lennart Poettering) - udev/net: assign alternative names only on add uevent (Yu Watanabe) - sd-netlink: make rtnl_set_link_name() optionally append alternative names (Yu Watanabe) - udev/net: generate new network interface name only on add uevent (Yu Watanabe) - udev/net: verify ID_NET_XYZ before trying to assign it as an alternative name (Yu Watanabe) - udev: make udev_builtin_run() take UdevEvent* (Yu Watanabe) - udev: use SYNTHETIC_ERRNO() at one more place (Yu Watanabe) - dissect-image: port mount_image_privately_interactively() to use /run/systemd/mount-rootfs/ too (Lennart Poettering) - pid1: port unit namespacing to new /run/systemd/mount-rootfs dir (Lennart Poettering) - namespace: introduce a common dir in /run/ that we can use to see new root fs up on (Lennart Poettering) - mount-util: add umount_and_free() helper (Lennart Poettering) - docs: list all public headers in stability promise (Zbigniew Jędrzejewski-Szmek) - README: describe how our libraries are linked (Zbigniew Jędrzejewski-Szmek) - meson: fix description for link-udev-shared option (Yu Watanabe) - man: use correct name for --bank option (nikstur) - hwdb: fix keyboard entry for IdeapadFlex5 (#27643) (saikat0511) - man: add libsystemd(3) (Zbigniew Jędrzejewski-Szmek) - meson: add sd_pid_notify_barrier link (Zbigniew Jędrzejewski-Szmek) - watchdog: always disarm watchdog properly before closing it (Lennart Poettering) - Revert "units: Add missing dependencies on initrd-switch-root.target" (Daan De Meyer) - mkosi: Always pull in network-online.target (Daan De Meyer) - mkosi: Drop squashfs dropin (Daan De Meyer) - nspawn: file system namespace -> mount namespace (Frantisek Sumsal) - nspawn: fix a typo in an error message (Frantisek Sumsal) - portable, meson: allow statically linked build (Robert Scheck) - mkosi: Install tmux in the final image (Daan De Meyer) - test: make $BUILD_DIR writable when rootfs is mounted read-only (Frantisek Sumsal) - test: pass $BUILD_DIR as $COVERAGE_BUILD_DIR to the system manager (Frantisek Sumsal) - test: add tests for UpheldBy= in [Install] section (Mike Yuan) - unit-file: support UpheldBy= in [Install] settings (adding Upholds= deps from .upholds/) (Mike Yuan) - test: update nspawn's basic config file used for fuzzing (Frantisek Sumsal) - machine-id-setup: Do not overwrite if /etc/machine-id contains uninitialized (Daan De Meyer) - test: rename TEST-13-NSPAWN-SMOKE to TEST-13-NSPAWN (Frantisek Sumsal) - test: slightly extend the systemd-nspawn tests (Frantisek Sumsal) - test: wait after sending a signal if necessary (Frantisek Sumsal) - nspawn: simplify error handling (Frantisek Sumsal) - test: install the overlayfs/loop modules unconditionally (Frantisek Sumsal) - test: create merged-usr containers (Frantisek Sumsal) - test: bind mount the $BUILD_DIR into nspawn containers (Frantisek Sumsal) - test: use dropins to override system configuration (Frantisek Sumsal) - vimrc: use 109ch text width for shell scripts as well (Frantisek Sumsal) - po: Translated using Weblate (Belarusian) (Maksim Kliazovich) - sd-dhcp-server: also send DNS servers or friends on DHCPOFFER (Yu Watanabe) - mkosi: Package a erofs usr partition with signed verity (Daan De Meyer) - mkosi: Store /etc under /usr/share/factory/mkosi (Daan De Meyer) - mkosi: Do not enable ACL usage by default (Daan De Meyer) - sulogin: Read SYSTEMD_SULOGIN_FORCE from kernel cmdline (Daan De Meyer) - machine,portable: fix a typo in an info message (Frantisek Sumsal) - test: merge machinectl edit/cat tests into TEST-13 (Frantisek Sumsal) - test: always install the script utility (Frantisek Sumsal) - test: add a couple of tests for machinectl (Frantisek Sumsal) - units: Add missing dependencies on initrd-switch-root.target (Daan De Meyer) - Fix Positivo CF40CM-V2 key toggle touchpad (drosdeck) - machine: fix a memory leak when showing multiple machines (Frantisek Sumsal) - machine: fix a memory leak when showing multiple images (Frantisek Sumsal) - test: clean up the nspawn tests a bit (Frantisek Sumsal) - repart: Make sure we look up dropin files in the root directory (Daan De Meyer) - conf-parser: Add root argument to config_parse_many() (Daan De Meyer) - core: fix memory leak during deserialization (Frantisek Sumsal) - repart: Make sure r is declared last (Daan De Meyer) - repart: Read arguments directly instead of passing them in (Daan De Meyer) - mkosi: Use zstd compression on non-centos distros (Daan De Meyer) - mkosi: Update .gitignore to account for changed output locations (Daan De Meyer) - mkosi: Only build initrd if Bootable= is enabled or set to "auto" (Daan De Meyer) - mkosi: Use initrd symlink without format/compression (Daan De Meyer) - mkosi: Update to latest (Daan De Meyer) - Revert "core/manager: export manager_dbus_is_running" and partially "core: refuse dbus activation if dbus is not running" (Mike Yuan) - core: only refuse Type=dbus service enqueuing if dbus has stop job (Mike Yuan) - core: Try to initialize TERM from systemd.tty.term.console as well (Daan De Meyer) - mkfs-util: Add quiet argument to make_filesystem() (Daan De Meyer) - core: Check if any init exists before switching root (Daan De Meyer) - core: Make sure systemctl exit works outside of a container (Daan De Meyer) - test-network: add tests for static lease matching with chaddr (Yu Watanabe) - fstab-generator: Fix log message (Daan De Meyer) - fstab-generator: Unset kernel cmdline options if empty value is given (Daan De Meyer) - fstab-generator: Take systemd.verity= into account (Daan De Meyer) - cryptenroll: actually allow using multiple "special" strings when wiping (Frantisek Sumsal) - core/mount: escape invalid UTF8 char in dbus reply (Yu Watanabe) - Revert "core/mount: replace invalid UTF-8 code points in "what" and "options"" (Yu Watanabe) - mkosi: Install apt in Debian/Ubuntu images (Daan De Meyer) - mkosi: Run in debug mode (Daan De Meyer) - mkosi: Disable pamconfdir (Daan De Meyer) - mkosi: Add back accidentally removed .gdbinit file (Daan De Meyer) - mkosi: Enable systemd-timesyncd by default (Daan De Meyer) - mkosi: Disable auditd in the preset instead of masking it (Daan De Meyer) - mkosi: Disable dnf-makecache.service by default (Daan De Meyer) - mkosi: Make sure we use systemd-networkd-wait-online (Daan De Meyer) - mkosi: Replace root password setting with a credential (Daan De Meyer) - mkosi: Disable create-log-dirs option (Daan De Meyer) - mkosi: Stop creating test users in prepare scripts (Daan De Meyer) - mkosi: Don't run slow tests by default (Daan De Meyer) - build(deps): bump actions/checkout from 3.3.0 to 3.5.2 (dependabot[bot]) - build(deps): bump meson from 1.0.1 to 1.1.0 in /.github/workflows (dependabot[bot]) - build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2 (dependabot[bot]) - build(deps): bump github/super-linter from 4.10.1 to 5.0.0 (dependabot[bot]) - build(deps): bump actions/github-script from 6.4.0 to 6.4.1 (dependabot[bot]) - test: abstract the common test parts into a utility script (Frantisek Sumsal) - test: merge TEST-20-MAINPIDGAMES into TEST-07-PID1 (Frantisek Sumsal) - test: merge TEST-51-ISSUE-16115 into TEST-07-PID1 (Frantisek Sumsal) - test: merge TEST-47-ISSUE-14566 into TEST-07-PID1 (Frantisek Sumsal) - test: move TEST-23's units into a dedicated subfolder (Frantisek Sumsal) - test: merge TEST-12-ISSUE-3171 into TEST-07-PID1 (Frantisek Sumsal) - tmpfiles: Add merge support for copy files action (Daan De Meyer) - repart: Fix deny list logic (Daan De Meyer) - src/ukify/test/test_ukify: fix skipped tests (Emanuele Giuseppe Esposito) - src/ukify/test/test_ukify: add pesign unit test (Emanuele Giuseppe Esposito) - ukify: support pesign as alternative to sbsign (Emanuele Giuseppe Esposito) - ukify: typo in doc and print when package is missing (Emanuele Giuseppe Esposito) - test: merge TEST-11-ISSUE-3166 into TEST-07-PID1 (Frantisek Sumsal) - test: merge TEST-10-ISSUE-2467 with TEST-07-PID1 (Frantisek Sumsal) - test: merge TEST-09-ISSUE-2691 into TEST-07-PID1 (Frantisek Sumsal) - test: merge TEST-08-ISSUE-2730 into TEST-07-PID1 (Frantisek Sumsal) - udev: do not set ID_PATH and by-path symlink for nvmf disks (Yu Watanabe) - test: rename TEST-07-ISSUE-1981 to TEST-07-PID1 (Frantisek Sumsal) - core: replace hashmap_get() with hashmap_contains() where appropriate (Yu Watanabe) - core: drop unused argument (Yu Watanabe) - core: several cleanups for job_get_timeout() (Yu Watanabe) - tree-wide: drop _pure_ attribute from non-pure functions (Yu Watanabe) - dirent: conditionalize dirent assert based on dirent64 existence (Sam James) - network/tc: rename settings in log messages too (Mike Yuan) - sd-bus: bus_message_type_from_string is not pure (Xi Ruoyao) - core/mount: replace invalid UTF-8 code points in "what" and "options" (Michal Sekletar) - test: slightly extend systemd-cryptenroll coverage (Frantisek Sumsal) - cryptenroll: fix an assertion with weak passwords (Frantisek Sumsal) - test: TEST-70-TPM2 cleanup (Frantisek Sumsal) - test: add coverage for #27533 (Frantisek Sumsal) - test: discard kill's output (Frantisek Sumsal) - test: merge unit file related tests into TEST-23-UNIT-FILE (Frantisek Sumsal) - units: Add CAP_NET_ADMIN condition to systemd-networkd-wait-online@.service as well (Daan De Meyer) - sd-dhcp-client: client ID always has non-zero data (Yu Watanabe) - static-destruct: introduce STATIC_ARRAY_DESTRUCTOR_REGISTER() (Yu Watanabe) - static-destruct: several cleanups (Yu Watanabe) - memory-util: make ArrayCleanup passed to array_cleanup() const (Yu Watanabe) - mkosi,ci: do not install perl (Zbigniew Jędrzejewski-Szmek) - test: use sed and grep instead of perl (Zbigniew Jędrzejewski-Szmek) - tools/oss-fuzz: s/perl/awk/ (Zbigniew Jędrzejewski-Szmek) - test-execute: use bash instead of perl (Zbigniew Jędrzejewski-Szmek) - test-udev: skip test on python3.6 (Zbigniew Jędrzejewski-Szmek) - README: require python >= 3.7, clean up module descriptions (Zbigniew Jędrzejewski-Szmek) - tools/check-includes: compat with Python 3.7 (Zbigniew Jędrzejewski-Szmek) - test/run-unit-tests, TEST-02: skip tests where the interpeter is not installed (Zbigniew Jędrzejewski-Szmek) - test: rework how udev-test is invoked (Zbigniew Jędrzejewski-Szmek) - test: drop udev-test.pl (Zbigniew Jędrzejewski-Szmek) - test: rewrite udev-test.pl in Python (Zbigniew Jędrzejewski-Szmek) - check-includes: print path relative to project root (Zbigniew Jędrzejewski-Szmek) - meson: fix indentation (Zbigniew Jędrzejewski-Szmek) - meson: add check-includes test to the test suite (Zbigniew Jędrzejewski-Szmek) - meson: include .cc files in tags too (Zbigniew Jędrzejewski-Szmek) - Rewrite check-includes.pl in python (Zbigniew Jędrzejewski-Szmek) - pid1: drop duplicate include (Zbigniew Jędrzejewski-Szmek) - test_ukify: print message when skipping whole test file (Zbigniew Jędrzejewski-Szmek) - test-udev: add an optional timeout argument (Zbigniew Jędrzejewski-Szmek) - bus-util: drop unnecessary continue (Yu Watanabe) - units: add/fix Documentation= about bus interface (Yu Watanabe) - test-journal-verify: Use a more thorough machine ID check (Daan De Meyer) - core/service: fix error cause in the log (Yu Watanabe) - core: refuse dbus activation if dbus is not running (Mike Yuan) - core/manager: export manager_dbus_is_running (Mike Yuan) - test-specifier: Ignore -ENOPKG from specifier_printf() (Daan De Meyer) - shell completion: add timesync-status and show-timesync to zsh completion file (#27574) (Marko Korhonen) - sd-dhcp-client: do not use implicit cast to boolean (Yu Watanabe) - sd-dhcp-client: make return arguments for sd_dhcp_client_get_client_id() optional (Yu Watanabe) - sd-dhcp-client: drop redundant condition (Yu Watanabe) - nulstr-util: make ret_size in strv_make_nulstr() optional (Yu Watanabe) - doc: remove legacy DefaultControlGroup from dbus properties (Miao Wang) - mkosi.build: print important build commands (Zbigniew Jędrzejewski-Szmek) - mkosi/fedora: silence warning about sysusers config mismatch (Zbigniew Jędrzejewski-Szmek) - mkosi.build: use bash, use array for configuration options, shellcheckify (Zbigniew Jędrzejewski-Szmek) - core/unit: check the validity of unit type with activation_details_vtable (Yu Watanabe) - parse-util: make parse_fd() return -EBADF (Yu Watanabe) - zsh: add service-log-{level,target} completions for systemctl (Ronan Pigott) - hwdb: add landscape IdeaPad Miix 310 sensor orientation (#27555) (Janne Sirén) - crypttab: Support for VeraCrypt PIM and detached headers for TrueCrypt/VeraCrypt (#27548) (Klaus Zipfel) - sd-journal: split out generic_array_bisect_one() from generic_array_bisect() (Yu Watanabe) - sd-journal: re-read entry array object (Yu Watanabe) - sd-journal: drop unnecessary initialization (Yu Watanabe) - sd-journal: rebreak comments (Yu Watanabe) - sd-journal: fix comment (Yu Watanabe) - hwdb: do not include '#' in modalias (Yu Watanabe) - tpm2: move policy building out of policy session creation (Dan Streetman) - tpm2: add tpm2_is_encryption_session() (Dan Streetman) - zsh: remove usage of PREFIX in _systemctl (Ronan Pigott) - test: add a test case for #27521 (Frantisek Sumsal) - core: check the unit type more thoroughly when deserializing (Frantisek Sumsal) - shared: refuse fd == INT_MAX (Frantisek Sumsal) - core: use extract_first_word() instead of sscanf() (Frantisek Sumsal) - basic/audit-util: make a test request before enabling use of audit (Nick Rosbrook) - test_ukify: add test for combining config and cmdline (Zbigniew Jędrzejewski-Szmek) - man: describe all the changes to ukify (Zbigniew Jędrzejewski-Szmek) - ci: install pytest-flakes (Zbigniew Jędrzejewski-Szmek) - test_ukify: rework how --flakes argument is appended (Zbigniew Jędrzejewski-Szmek) - test_ukify: propagate failure (Zbigniew Jędrzejewski-Szmek) - ukify: appease mypy (Zbigniew Jędrzejewski-Szmek) - TODO: remove two entries (Zbigniew Jędrzejewski-Szmek) - test/60-ukify: override stub location in tests (Zbigniew Jędrzejewski-Szmek) - test-kernel-install: test 60-ukify.install and 90-uki-copy.install (Zbigniew Jędrzejewski-Szmek) - 60-ukify: kernel-install plugin that calls ukify to create a UKI (Zbigniew Jędrzejewski-Szmek) - test_ukify: add tests for the new functionality (Zbigniew Jędrzejewski-Szmek) - ukify: PeError → PEError (Zbigniew Jędrzejewski-Szmek) - ukify: rework option parsing to support a config file (Zbigniew Jędrzejewski-Szmek) - main: improve log message (David Tardon) - tpm2 PCRs: fix unchecked attempt to set PCR[24] (OMOJOLA) - tree-wide: use parse_fd() (David Tardon) - test: add a test for parse_fd() (David Tardon) - fd-util: introduce parse_fd() (David Tardon) - main: add missing return (David Tardon) - man: small fixes to systemd.time Calendar Events (Christopher Gurnee) - mkosi: Disable a bunch of useless configs when building a kernel (Daan De Meyer) - mkosi: Look for mkosi.kernel/ in the top level directory (Daan De Meyer) - execute: remove credentials dir again when empty (Lennart Poettering) - execute: suppress credentials mount if empty (Lennart Poettering) - run: change sd_bus_call_method to bus_call_method (#27518) (Arthur Shau) - core: fix use of uninitialized value (Yu Watanabe) - cryptsetup: downgrade a bunch of log messages that to LOG_WARNING (Lennart Poettering) - mount-util: simplify mount_switch_root() a bit (Lennart Poettering) - mkosi: Use kernel-kvmsmall package on opensuse (Daan De Meyer) - test: clean up the test script even further (Frantisek Sumsal) - core: minor coding style modernization in mount.c (Lennart Poettering) - sd-daemon: add sd_pid_notify_barrier() call and use it in systemd-notify (Lennart Poettering) - notify: don't send EXIT_STATUS= notify message from systemd-notify (Lennart Poettering) - update TODO (Lennart Poettering) - base-filesystem: unify common parts of base_filesystem_create_fd() branches (Lennart Poettering) - base-filesystem: add new helper base_filesystem_create_fd() that operates on an fd, instead of a path (Lennart Poettering) - switch-root: don't require /mnt/ when switching root into host OS (Lennart Poettering) - test: vacuum the journal after the "stress test" (Frantisek Sumsal) - test: slightly extend checks on corrupted journals (Frantisek Sumsal) - test: further extend our collection of corrupted journals (Frantisek Sumsal) - manager: add debug logging about BARRIER=1 messages (Lennart Poettering) - manager: simplify manager_process_barrier_fd() a bit (Lennart Poettering) - test_ukify: fix two failing tests (Zbigniew Jędrzejewski-Szmek) - test_ukify: fix loop iteration (Zbigniew Jędrzejewski-Szmek) - meson: allow building .standalone on demand (Zbigniew Jędrzejewski-Szmek) - meson: avoid building executables that won't be installed (Zbigniew Jędrzejewski-Szmek) - ukify: add missing header (Zbigniew Jędrzejewski-Szmek) - ukify: use UPPERCASE for parameter names (Zbigniew Jędrzejewski-Szmek) - 90-loaderentry: make sure that variables are set (Zbigniew Jędrzejewski-Szmek) - shared: reject empty attachment path (Frantisek Sumsal) - shared: ignore invalid valink socket fd when deserializing (Frantisek Sumsal) - core: fix NULL pointer dereference during deserialization (Frantisek Sumsal) - test: add a simple fuzzer for manager serialization (Frantisek Sumsal) - Revert "sd-journal: introduce simple loop detection for entry array objects" (Yu Watanabe) - sd-journal: check .next_entry_array_offset earlier (Yu Watanabe) - boot: Use correct memory type for allocations (Jan Janssen) - core: check for SERVICE_RELOAD_NOTIFY in manager_dbus_is_running (msizanoen1) - journal: handle EADDRNOTAVAIL in two more cases gracefully (Lennart Poettering) - generators: skip private tmpfs if /tmp does not exist (Luca Boccassi) - tree-wide: Handle EADDRNOTAVAIL as journal corruption (Daan De Meyer) - mount-setup: use size_t when iterating through array indexes (Lennart Poettering) - base-filesystem: create /proc, /sys, /dev mount points as 0555 (Lennart Poettering) - generate-sym-test: only look in .c and .h files (Lennart Poettering) - generate-sym-test: search for missing symbols (Lennart Poettering) - docs: add correct `pacman` command (#27486) (Klaus) - test: replace sleep with timeout (Yu Watanabe) - test-network: add workaround for bug in iproute2 v6.2.0 (Yu Watanabe) - stub: Relocate kernels below 4G for EFI handover (Jan Janssen) - boot: Fix EFI_SIZE_TO_PAGES macro (Jan Janssen) - mkosi: Switch to use mkosi presets with prebuilt initrds (Daan De Meyer) - meson: Search for find program (Daan De Meyer) - meson: Search for diff program (Daan De Meyer) - test: test journalctl with corrupted journals (Frantisek Sumsal) - test: clean up the test script a bit (Frantisek Sumsal) - sd-journal: introduce simple loop detection for entry array objects (Yu Watanabe) - test: also test all _public_ functions are listed in .sym files (Yu Watanabe) - sd-journal: tighten variable scope (Yu Watanabe) - sd-journal: read entry array object again (Yu Watanabe) - sd-journal: check validity of object type more strictly (Yu Watanabe) - sd-journal: add _OBJECT_TYPE_INVALID as usual (Yu Watanabe) - sd-journal: align table (Yu Watanabe) - sd-journal: check that the journal file is not stored in .newest_by_boot_id on free (Yu Watanabe) - sd-journal: unset prioq index on failure (Yu Watanabe) - sd-journal: fix use-after-free (Yu Watanabe) - tpm2: move openssl-required ifdef code out of policy-building function (Dan Streetman) - hwdb: add hardware rfkill key for Dell Latitude E6* models (#27462) (don bright) - man: clarify RoutingPolicyRule.TypeOfService docs (Brad Fitzpatrick) - coredumpctl: add --file/--root/--image to bash completion (Luca Boccassi) - coredumpctl: fix bash completion matching (Luca Boccassi) - test: make sure the test units have a `test-` prefix (Frantisek Sumsal) - test: match all messages with the FILE field (Frantisek Sumsal) - libsystemd: add missing _public_ attributes (Yu Watanabe) - libsystemd: drop _public_ attribute for non-exported functions (Yu Watanabe) - missing_fs: also define struct file_clone_range (Yu Watanabe) - test: add tests for "systemctl stop" vs triggering by path unit (Yu Watanabe) - test: create temporary units under /run (Yu Watanabe) - core/path: do not enqueue new job in .trigger_notify callback (Yu Watanabe) - core/path: align table (Yu Watanabe) - pid1: unify implemenation of /run/ disk space safety check a bit (Lennart Poettering) - core/systemctl: when switching root default to /sysroot/ (Lennart Poettering) - libsystemd: Add missing memory pressure functions to public symbols (Daan De Meyer) - systemctl: rework 'if' to 'switch' statement (Lennart Poettering) - copy: shortcut reflink_range() to reflink() in some cases (Lennart Poettering) - copy: don't call clone ioctls twice (Lennart Poettering) - test: add a couple of tests for systemd-pstore (Frantisek Sumsal) - pstore: avoid opening the dmesg.txt file if not requested (Frantisek Sumsal) - network-generator: shorten code a bit (Yu Watanabe) - pstore: explicitly set the base when converting record ID (Frantisek Sumsal) - logind-session-dbus: use _cleanup_ (David Tardon) - logind-session-device: modernize session_device_free() (David Tardon) - homed-manager-bus: use _cleanup_ (David Tardon) - transaction: make transaction_free() static (David Tardon) - manager: use _cleanup_ in manager_propagate_reload() (David Tardon) - manager: use _cleanup_ in manager_add_job() (David Tardon) - transaction: introduce transaction_abort_and_free() (David Tardon) - missing_fs: mention commit hash and version of ioctl commands introduced (Yu Watanabe) - copy: rename reflink_full() -> reflink_range() (Yu Watanabe) - xdg-autostart-service: handle gnome autostart phase better on other desktops (David Edmundson) - copy: Introduce reflink() and reflink_full() (Daan De Meyer) - transaction: modernize transaction_free() (David Tardon) - initctl: use _cleanup_ (David Tardon) - initctl: add assert (David Tardon) - specifier: use _cleanup_ (David Tardon) - path-util: use _cleanup_ (David Tardon) - logind: rename function to avoid confusion (David Tardon) - logind-core: drop unneeded check for NULL (David Tardon) - logind-core: modernize button_free() (David Tardon) - env-util: use more _cleanup_ in replace_env_argv() (David Tardon) - env-util: use _cleanup_ in replace_env_argv() (David Tardon) - env-util: rename variable (David Tardon) - env-util: use _cleanup_ in strv_env_delete() (David Tardon) - shutdown: paranoia – close all fds we might get passed in (Lennart Poettering) - pam-systemd: disconnect bus connection when leaving session hook, even on error (Lennart Poettering) - pam-util: include PID in PAM data field id (Lennart Poettering) - test: dont use anchor char '$' to match a part of a string (Franck Bui) - test: extend test 19 to also verify DelegateSubgroup= works (Lennart Poettering) - nspawn: port over to /supervisor/ subcgroup being delegated to nspawn (Lennart Poettering) - udev: port to DelegateSubgroup= (Lennart Poettering) - units: make system service manager create init.scope subcgroup for user service manager (Lennart Poettering) - core: change ownership of subcgroup we create recursively, it shall be owned by the user delegated to (Lennart Poettering) - execute: don't apply journal + oomd xattrs to subcgroup (Lennart Poettering) - core: add DelegateSubgroup= setting (Lennart Poettering) - cgroup: rework how we validate/escape cgroups (Lennart Poettering) - test: tmpfiles: add tests on conditionalized execute bit (Mike Yuan) - tmpfiles: add conditionalized execute bit (X) support (Mike Yuan) - units: restrict hugepages fs a bit (Lennart Poettering) - core/service: make service_add_fd_store() always consume provided fd (Yu Watanabe) - image-policy: split out code that "extends" underspecified partition policy flags (Lennart Poettering) - man: use ukify more in systemd-measure examples (Zbigniew Jędrzejewski-Szmek) - image-policy: correct two comments (Lennart Poettering) - update TODO (Lennart Poettering) - core/job: use new job ID when we failed to deserialize job ID (Yu Watanabe) - core/job: handle job ID overflow or conflict more sanely (Yu Watanabe) - core/job: fix indentation (Yu Watanabe) - core/job: add one more assertion (Yu Watanabe) - core/transaction: use hashmap_remove_value() to make not remove job with same ID (Yu Watanabe) - test: add coverage for CoredumpFilter=all (Luca Boccassi) - coredump filter: add mask for 'all' using UINT32_MAX, not UINT64_MAX (Luca Boccassi) - ukify: allow building PE addon (Luca Boccassi) - coredump filter: fix stack overflow with =all (Luca Boccassi) - test: tell dfuzzer to skip Reexecute() (Frantisek Sumsal) - repart: Add Minimize= support for verity hash partitions (Daan De Meyer) - repart: Extend error logging for format_verity_hash/sig() (Daan De Meyer) - sd-journal: make journal_file_copy_entry() return earlier (Yu Watanabe) - sd-journal: copy boot ID (Yu Watanabe) - sd-journal: tighten variable scope (Yu Watanabe) - journal: Don't try to write garbage if journal entry is corrupted (Daan De Meyer) - repart: Allow passing target to format_verity_hash() (Daan De Meyer) - repart: Move partition_defer() out of format_verity_hash/sig() (Daan De Meyer) - repart: Turn condition into assert (Daan De Meyer) - locale: when no xvariant match select the entry with an empty xvariant (Franck Bui) - udev/iocost: invert DEVTYPE match (Yu Watanabe) - udev/iocost: use ID_MODEL_FROM_DATABASE if exists (Yu Watanabe) - udev/iocost: fix log message (Yu Watanabe) - udev/iocost: query_named_solution() provides non-NULL model and qos on success (Yu Watanabe) - udev/iocost: call get_known_solutions() in apply_solution_for_path() (Yu Watanabe) - udev: use version() (Yu Watanabe) - udev/iocost: merge get_known_solutions() and choose_solution() (Yu Watanabe) - udev/iocost: drop unnecessary initializations (Yu Watanabe) - udev/iocost: arg_target_solution is always non-NULL (Yu Watanabe) - udev/iocost: set default target in parse_config() (Yu Watanabe) - test: add test case of negative match for SYMLINK and TAG (Yu Watanabe) - udev-rules: fix negative match rule for SYMLINK and TAG (Yu Watanabe) - portablectl: add --extension to bash completion (Luca Boccassi) - test: add a couple of sanity tests for systemd-creds (Frantisek Sumsal) - creds: make --pretty behave in a slightly more expected manner (Frantisek Sumsal) - test: cover missed stuff from securebits-util.h (Frantisek Sumsal) - resolved: adjust message about credentials (Zbigniew Jędrzejewski-Szmek) - shared/creds-util: return 0 for missing creds in read_credential_strings_many (Zbigniew Jędrzejewski-Szmek) - Support /etc/system-update for OSTree systems (Eric Curtin) - mount-util: split remount_idmap() in two (Lennart Poettering) - sd-daemon: add sd_pid_notifyf_with_fds() (Lennart Poettering) - pam: do not attempt to close sd-bus after fork in pam_end() (Luca Boccassi) - man: /usr/lib/systemd/random-seed -> /usr/lib/systemd/systemd-random-seed (Vitaly Kuznetsov) - logind: always use 64bit session IDs (Lennart Poettering) - docs: fix LoadCredentialEncrypted example (#27387) (Lawrence Thorpe) - sd-login: add SetTTY session object #26611 (Thorsten Kukuk) - doc: say in CODING_STYLE that AT_EMPTY_PATH should be implied on openat() style APIs (and NULL path is OK) (Lennart Poettering) - user-record-nss: make return values optional (Lennart Poettering) - mountpoint-util: make path_get_mnt_id_at() work with a NULL path (Lennart Poettering) - sd-event: store and compare per-module static origin id (Luca Boccassi) - sd-journal: store and compare per-module static origin id (Luca Boccassi) - sd-bus: store and compare per-module static origin id (Luca Boccassi) - macro: add helper for module origin id (Luca Boccassi) - fs-util: make sure open_mkdir_at() does something roughly sensible when invoked with '/' (Lennart Poettering) - mkosi: Update fedora to release 38 (Daan De Meyer) - Drop log level of header limits log message (Daan De Meyer) - cryptsetup-fido2: Depend on libcryptsetup (Wolfgang Müller) - sd-bus: check for pid change before closing (Luca Boccassi) - homed: rename make_userns() to avoid name conflict with mount-util.[ch] (Lennart Poettering) - test: use idiomatic bash loop iteration (Zbigniew Jędrzejewski-Szmek) - testsuite-54: drop unnecessary pipe (Zbigniew Jędrzejewski-Szmek) - testsuite-70: drop unnecessary env (Zbigniew Jędrzejewski-Szmek) - test: drop uses of "&& { echo 'unexpected success'; exit 1; }" (Zbigniew Jędrzejewski-Szmek) - parse-util: allow parse_pid() to work with NULL return parameter (Lennart Poettering) - test-hashmap-plain: use _cleanup_ (David Tardon) - test-set: use _cleanup_ (David Tardon) - loop-util: port some code over to ASSERT_FD() (Lennart Poettering) - fd-util: add ASSERT_FD() that is similar to ASSERT_PTR() but for fds (Lennart Poettering) - test-calendarspec: use _cleanup_ (David Tardon) - mkosi: Update to latest (Daan De Meyer) - locale: convert generated vconsole keymap to x11 layout automatically (Franck Bui) - nspawn: Don't follow /etc/resolv.conf symlinks (Daan De Meyer) - pid1: simplify bpf meson import (Lennart Poettering) - meson: move bpf hookup into main meson build file (Lennart Poettering) - man: fix LogControl1 manpage example (Luca Boccassi) - pam: cache sd-bus separately per module (Luca Boccassi) - pam_systemd_home: clean up sd-bus when called about something else's user (Luca Boccassi) - localed-util: make use of strdupcspn() (Franck Bui) - stub: add comment on measurement of io.systemd.stub.kernel-cmdline-extra (Luca Boccassi) - mkosi: add tmpfiles to create debian/ubuntu /etc/default/locale link (Luca Boccassi) - mkosi: move debian/ubuntu ignore preset to config directory (Luca Boccassi) - mkosi: move debian/ubuntu common conf under common directory (Luca Boccassi) - mkosi: delete /etc/resolv.conf to let tmpfiles handle it (Luca Boccassi) - mkosi: Update to latest (Daan De Meyer) - testsuite-04: remove unnecessary conditional (Zbigniew Jędrzejewski-Szmek) - testsuite-04: remove redirection, drop whitespace after redirection op (Zbigniew Jędrzejewski-Szmek) - run: expand variables also with --scope (Zbigniew Jędrzejewski-Szmek) - man/systemd-run: add examples explaining how variable expansion is performed (Zbigniew Jędrzejewski-Szmek) - run: add --expand-environment=no to disable server-side envvar expansion (Zbigniew Jędrzejewski-Szmek) - run: split out creation of unit creation messages (Zbigniew Jędrzejewski-Szmek) - run: simplify returning of status (Zbigniew Jędrzejewski-Szmek) - core: fix writing of ExecStartEx and friends (Zbigniew Jędrzejewski-Szmek) - core/unit: add UNIT_ESCAPE_EXEC_SYNTAX (Zbigniew Jędrzejewski-Szmek) - core/unit: rename UNIT_ESCAPE_EXEC_SYNTAX → *_ENV (Zbigniew Jędrzejewski-Szmek) - core/unit: fix shell-escaping of strings (Zbigniew Jędrzejewski-Szmek) - basic/logarithm: add popcount() wrapper (Zbigniew Jędrzejewski-Szmek) - a colloquial abbreviation 'btw' in TEMPORARY_DIRECTORIES.md (#27365) (07416) - man: clarify sd_bus_default (Luca Boccassi) - man: add working example to LogControl1 manpage (Luca Boccassi) - sulogin-shell: Start initrd.target on exit in the initrd (Daan De Meyer) - test: use _cleanup_ for temp. files (David Tardon) - test-fdset: use _cleanup_ (David Tardon) - test: shorten a bit (David Tardon) - mkosi: Use authselect minimal if authselect is installed (Daan De Meyer) - mkosi: remove ?priority(required) from debian pkg list (Luca Boccassi) - tre-wide: use FORMAT_DEVNUM() a bit more (Lennart Poettering) - tree-wide: convert more cases do DEVNUM_FORMAT_STR()/DEVNUM_FORMAT_VAL() (Lennart Poettering) - README: add a Weblate badge (Frantisek Sumsal) - tree-wide: code spelling fixes (Frantisek Sumsal) - detect-virt: add message at debug level (Zbigniew Jędrzejewski-Szmek) - Apply known iocost solutions to block devices (Gustavo Noronha Silva) - kmod-setup: Add early loading for virtio_console (Daan De Meyer) - core: Parse logging environment earlier (Daan De Meyer) - kmod-setup: Introduce match_modalias_recurse_dir_cb() (Daan De Meyer) - string-util: Add startswith_strv() (Daan De Meyer) - mkosi: Disable kmsg ratelimiting (Daan De Meyer) - log: Log when kmsg is being ratelimited (Daan De Meyer) - log: Add knob to disable kmsg ratelimiting (Daan De Meyer) - dissect: let's check for crypto_LUKS before fstype allowlist check (Lennart Poettering) - ratelimit: handle counter overflows somewhat sanely (Lennart Poettering) - man: try to make clearer that /var/ is generally not available in /usr/lib/systemd/system-shutdown/ callouts (Lennart Poettering) - dissect-image: issue BLKFLSBUF before probing an fs at block device offset != 0 (Lennart Poettering) - networkd: fallback to chaddr for static lease lookup when not found (Robert Meijers) - core/device: rewrite how device unit is removed from Manager.devices_by_sysfs (Yu Watanabe) - list: fix double evaluation (Yu Watanabe) - hwdb: disable entry for Logitech USB receiver used by G502 X (Yu Watanabe) - core: add one missing assertion for release_resource_queue (Yu Watanabe) - dissect-image: fix log level in dissect_log_error (Quintin Hill) - mkosi: Update to latest (Daan De Meyer) - test: add regression tests for find_esp() and friend (Yu Watanabe) - chase: replace path_prefix_root_cwd() with chaseat_prefix_root() (Yu Watanabe) - fd-util: skip to check mount ID if kernel is too old and /proc is not mounted (Yu Watanabe) - mountpoint-util: check /proc is mounted on failure (Yu Watanabe) - chase: prefix with the root directory only when it is not "/" (Yu Watanabe) - chase: drop repeated call of empty_to_root() (Yu Watanabe) - chase: update outdated comment about result path (Yu Watanabe) - chase: make the result absolute when a symlink is absolute (Yu Watanabe) - chase: make chaseat() provides absolute path also when dir_fd points to the root directory (Yu Watanabe) - test: prefix the transient unit with test- to make coverage runs happy (Frantisek Sumsal) - gpt-auto-generator: "translate" errno codes into proper messages (Zbigniew Jędrzejewski-Szmek) - fstab-generator: add missing phrase in comment (Zbigniew Jędrzejewski-Szmek) - hwdb: Fix rotation for BMAX Y13 (Paolo Velati) - kmod-setup: bypass heavy virtio-rng check if we are not running in a VM anyway (Lennart Poettering) - kmod-setup: use STARTSWITH_SET() where appropriate (Lennart Poettering) - Revert "getty-generator: Use device hotplug to instantiate virtualizer consoles" (Lennart Poettering) - gpt-auto: do not fail when no suitable partitions found (Yu Watanabe) - getty-generator: Use device hotplug to instantiate virtualizer consoles (Daan De Meyer) - lsm-util: move detection of support of LSMs into a new lsm-util.[ch] helper (Lennart Poettering) - bpf-firewall: give a name to maps used (Dominique Martinet) - process-util: be more careful with pidfd_get_pid() special cases (Lennart Poettering) - fsck: use execv_p_ and execl_p_ (Florian Klink) - creds: make available to all ExecStartPre= and ExecStart= processes (Luca Boccassi) - user-util:remove duplicate includes (jcg) - virt: Further improve detection of EC2 metal instances (Benjamin Herrenschmidt) - mkosi: Use kernel-core for Fedora and CentOS images (Daan De Meyer) - hwdb: add accelerometer mount matrix for Lenovo Yoga Tablet 2 851F/L (Hans de Goede) - process-util: make safe_fork() unset $NOTIFY_SOCKET (Yu Watanabe) - docs: add a missing $ sign (Frantisek Sumsal) - test: modernize test-async a bit (Frantisek Sumsal) - mkosi: default to Fedora 38 (Zbigniew Jędrzejewski-Szmek) - exec-util: make execute_strv() optionally take root directory (Yu Watanabe) - test: add a couple of tests with invalid UTF-8 characters (Frantisek Sumsal) - test: add a simple test for getenv_path_list() (Frantisek Sumsal) - test: add a couple of basic sanity tests for the security verb (Frantisek Sumsal) - test: add a couple of basic sanity tests for timedatectl (Frantisek Sumsal) - test: add a simple test for secure-bits stuff (Frantisek Sumsal) - shared: add a missing include (Frantisek Sumsal) - test: add tests for uuid/uint64 specifiers (Frantisek Sumsal) - tree-wide: also use CMSG_TYPED_DATA() on writing message header (Yu Watanabe) - sd-dhcp-server: use CMSG_FIND_DATA() at one more place (Yu Watanabe) - tree-wide: copy timestamp data from cmsg (Yu Watanabe) - socket-util: introduce CMSG_FIND_AND_COPY_DATA() (Yu Watanabe) - test: add a test case for table_dup_cell() (Frantisek Sumsal) - mkosi: Always disable sshd, dnsmasq and isc-dhcp-server (Daan De Meyer) - docs: a couple of typo fixes & formatting tweaks (Frantisek Sumsal) - mkosi: Update to latest (Daan De Meyer) - fsck: look for fsck binary not just in /sbin (Florian Klink) - preset: Add ignore directive (Daan De Meyer) - test: stop the test unit when it's not needed anymore (Frantisek Sumsal) - test: check the colored --version output (Frantisek Sumsal) - po: Translated using Weblate (Galician) (Fran Diéguez) - man/systemd-cryptenroll: update list of PCRs, link to uapi docs (Zbigniew Jędrzejewski-Szmek) - test: add a couple of tests for run-generator (Frantisek Sumsal) - string-util: add strstrafter() (Lennart Poettering) - test: add a couple of tests for system-update-generator (Frantisek Sumsal) - test: properly distinguish between generator phases (Frantisek Sumsal) - test: add a couple of tests for getty-generator (Frantisek Sumsal) - mountpoint-util: use memcmp_nn() where appropriate (Lennart Poettering) - mountpoint-util: fix hosed overflow check (Lennart Poettering) - mountpoint-util: pass AT_STATX_DONT_SYNC to statx() when looking for mnt_id/mountpoints (Lennart Poettering) - test: allow overriding PID1's environment for test purposes (Frantisek Sumsal) - test: add a couple of test for fstab-related kernel cmdline args (Frantisek Sumsal) - test: check if x-systemd.automount is ignored for rootfs (Frantisek Sumsal) - test: run the generators with debug log level (Frantisek Sumsal) - install: use FOREACH_ARRAY (David Tardon) - tree-wide: rename cleanup function (David Tardon) - install: fix memory leak if GREEDY_REALLOC() fails (David Tardon) - tree-wide: add some asserts (David Tardon) - tree-wide: use TAKE_STRUCT (David Tardon) - chase: CHASE_MKDIR_0755 requires CHASE_NONEXISTENT and/or CHASE_PARENT (Yu Watanabe) - chase: use FLAGS_SET() macro (Yu Watanabe) - tree-wide: replace __alignof__() with alignof() (Yu Watanabe) - socket-util: add one missing paren (Yu Watanabe) - timesync: drop unnecessary initialization (Yu Watanabe) - user units: implicitly enable PrivateUsers= when sandboxing options are set (Luca Boccassi) - Synposis and description of networkctl man page reflecting only part of its functionality (#27264) (ZjYwMj) - core/main: fix a typo for --log-target (Mike Yuan) - test: add some tests for RuntimeMaxSec (Nick Rosbrook) - scope: do not disable timer event source when state is SCOPE_RUNNING (Nick Rosbrook) - systemd-confext: mount confexts as noexec and nosuid (Luca Boccassi) - boot: Use CPUID to detect TSC frequency (Jan Janssen) - boot: Rework timer frquency reading (Jan Janssen) - boot: Use compiler intrinsic for TSC (Jan Janssen) - mkosi: Update to latest (Daan De Meyer) - Uphold/StopWhenUnneeded/BindsTo: requeue when job finishes (Luca Boccassi) - systemd-cryptenroll: add string aliases for tpm2 PCRs Fixes #26697. RFE. (OMOJOLA JOSHUA DAMILOLA) - test: add several assertions (Yu Watanabe) - image-policy: introduce parse_image_policy_argument() helper (Yu Watanabe) - repart: Discard from/to first/last usable lba (Sjoerd Simons) - udev,sd-device: use CMSG_FIND_DATA() more (Lennart Poettering) - tree-wide: port more code over to CMSG_TYPED_DATA() (Lennart Poettering) - socket-util: tighten aignment check for CMSG_TYPED_DATA() (Lennart Poettering) - repart: always take BSD lock when whole block device is opened (Yu Watanabe) - test: validate that fdstore pinning works (Lennart Poettering) - pid1: add some debug logging when stashing ds into the fdstore (Lennart Poettering) - service: rename service_close_socket_fd() → service_release_socket_fd() (Lennart Poettering) - core: move runtime directory removal into release_resource handler (Lennart Poettering) - service: close fdstore asynchronously (Lennart Poettering) - service: allow freeing the fdstore via cleaning (Lennart Poettering) - service: add ability to pin fd store (Lennart Poettering) - service: rework how we release resources (Lennart Poettering) - service: release resources from a seperate queue, not unit_check_gc() (Lennart Poettering) - core: fix property getter method for NFileDescriptorStore bus property (Lennart Poettering) - veritysetup: add support for fec options (Gaël PORTAY) - Fix cross-reference of manual for LogsDirectory (Franklin Yu) - veritysetup: add support for superblock and underlying options (Gaël PORTAY) - veritysetup: add support for hash-offset option (Gaël PORTAY) - pid1: fix coredump_filter setting (David Schroeder) - Uphold/StopWhenUnneeded/BindsTo: add retry timer on rate limit (Luca Boccassi) - man: add util-linux to the package list for Fedora container (Michal Sekletar) - man: link to Fedora 37 (Zbigniew Jędrzejewski-Szmek) - test: also test client-side operation if applicable (David Tardon) - systemctl: fix a memory leak (David Tardon) - install: rename function (David Tardon) - install: drop unused function (David Tardon) - test: use _cleanup_ for UnitFileList hash (David Tardon) - systemctl-list-unit-files: drop workaround for Coverity (David Tardon) - systemctl: drop stray assignment (David Tardon) - systemctl: use _cleanup_ for UnitFileList hash (David Tardon) - varlink: honour "sensitive" flag of json variant objects all the way into the socket (Lennart Poettering) - test: add varlink fd passing test (Lennart Poettering) - varlink: implement file descriptor passing (Lennart Poettering) - varlink: add helper that clears the currently processed incoming message JSON object (Lennart Poettering) - varlink: get rid of "reply" field (Lennart Poettering) - varlink: add some comments explaining what by various errors are defined (Lennart Poettering) - core: Send ERRNO= via notify socket on exit (Daan De Meyer) - core: Propagate exit status via notify socket when running in VM (Daan De Meyer) - notify: Add EXIT_STATUS field (Daan De Meyer) - sysext: define a default image dissection policy for confext images (Lennart Poettering) - discover-image: bring discover path list up-to-date. (Lennart Poettering) - Fix compilation error (Daan De Meyer) - nspawn: container network interface naming (Thierry Martin) - boot-entry: introduce boot_entry_token_ensure_at() (Yu Watanabe) - man: rebreak all of sd_notify(3) (Lennart Poettering) - service: tell service processes that the fdstore is available via an env var (Lennart Poettering) - systemctl: reduce variable scope (David Tardon) - tree-wide: drop unneeded output params (David Tardon) - boot-entry: use chase_and_fopen_unlocked() to open /etc/kernel/entry-token (Yu Watanabe) - udev-test: add more testcases for SYMLINK (Yu Watanabe) - test: drop binary stripping stuff (Frantisek Sumsal) - sd-device: absolute devlink must start with /dev/ (Yu Watanabe) - boot-entry: prioritize machine ID only when it is not randomly generated (Yu Watanabe) - Modified to use STRV_MAKE() in strv_env_name_is_valid() function listed in env-util.c (Tanishka) - systemctl: suppress error for try-* if unit is masked (Mike Yuan) - boot: Fix alignment of long long inside structs on x86 (Jan Janssen) - ci: drop checkout from release workflow (Jan Macku) - ci: don't run release wf on `systemd-security` (Jan Macku) - portabled-image-bus: use CLEANUP_ARRAY (David Tardon) - portabled-image-bus: use CLEANUP_ARRAY (David Tardon) - portabled-image-bus: use CLEANUP_ARRAY (David Tardon) - portabled-bus: use CLEANUP_ARRAY (David Tardon) - sd-bus: use _cleanup_ (David Tardon) - sd-bus: use CLEANUP_ARRAY (David Tardon) - execute: use CLEANUP_ARRAY (David Tardon) - execute: use more automatic cleanup (David Tardon) - hwdb: add matrix for Asus BR1100F (#27197) (Bill Peterson) - execute: use CLEANUP_ARRAY (David Tardon) - systemctl-set-default: use CLEANUP_ARRAY (David Tardon) - systemctl-preset-all: shorten code a tiny bit (David Tardon) - systemctl-preset-all: use CLEANUP_ARRAY (David Tardon) - systemctl-enable: use CLEANUP_ARRAY (David Tardon) - systemctl-add-dependency: shorten code a tiny bit (David Tardon) - systemctl-add-dependency: use CLEANUP_ARRAY (David Tardon) - portablectl: use CLEANUP_ARRAY (David Tardon) - machinectl: do not repeat the same comparison (David Tardon) - machinectl: drop unneeded else (David Tardon) - machinectl: use CLEANUP_ARRAY (David Tardon) - dbus-manager: use CLEANUP_ARRAY (David Tardon) - firstboot: Use root directory file descriptor for everything (Daan De Meyer) - user-util: Add default_root_shell_at() (Daan De Meyer) - dbus-manager: use CLEANUP_ARRAY (David Tardon) - hwdb: fix ambiguous glob pattern for Lenovo machines (Yu Watanabe) - os-util: introduce several _at() variants of os-release parsers (Yu Watanabe) - os-util: make $SYSTEMD_OS_RELEASE prefixed with the root directory (Yu Watanabe) - os-util: merge parse_{extension,os}_release() (Yu Watanabe) - os-util: invert order of arguments in extension release parser (Yu Watanabe) - os-util: shorten temporal variable names (Yu Watanabe) - os-util: log one more error cause (Yu Watanabe) - os-util: do not use 'r' for storing loop status (Yu Watanabe) - os-util: return earlier when unsupported image class is specified (Yu Watanabe) - os-util: return earlier when extension release file is found (Yu Watanabe) - os-util: split-out open_os_release() from open_extension_release() (Yu Watanabe) - os-util: fix fd leak on failure (Yu Watanabe) - os-util: make open_extension_release() return O_PATH fd (Yu Watanabe) - os-util: drop fopen_extension_release() (Yu Watanabe) - compress: replace compress_blob() with compress_blob_explicit() (Yu Watanabe) - chase: drop redundant call of delete_trailing_chars() (Yu Watanabe) - tree-wide: A few more uses of "unmet" for conditions (Colin Walters) - env-file: introduce parse_env_file_fdv() (Yu Watanabe) - shell-completion: add --xml-interface option of busctl to the rules (Masatake YAMATO) - busctl: add --xml-interface to the help message (Masatake YAMATO) - find-esp: use path_prefix_root_cwd() (Yu Watanabe) - path-util: introduce path_prefix_root_cwd() (Yu Watanabe) - test: update description (Yu Watanabe) - udev/scsi_id: rename positional arguments (Yu Watanabe) - device-nodes: rename argument (Yu Watanabe) - os-util: drop redundant declaration of load_os_release_pairs() (Yu Watanabe) - os-util: use _IMAGE_CLASS_INVALID (Yu Watanabe) - os-util: move declaration of string table lookup for image class (Yu Watanabe) - portable: always reopen fd of release file (Yu Watanabe) - copy: make copy_bytes() support O_PATH fds (Yu Watanabe) - network-generator: rewrite unit if it already exists and its content changed (Antonio Alvarez Feijoo) - generator: add generator_open_unit_file_full to allow creating temporary units (Antonio Alvarez Feijoo) - ci: add permissions to make a release (Дамјан Георгиевски) - fd-util: slightly optimize dir_fd_is_root() (Yu Watanabe) - chase: use dir_fd_is_root() to check if fd points to the root directory (Yu Watanabe) - chase: use stat_inode_same() at one more place (Yu Watanabe) - test: add tests about iterator position for path_find_{first,last}_component() (Yu Watanabe) - path-util: make iterator for path_find_last_component() always finish with the beginning of the buffer (Yu Watanabe) - chase: extend comment about CHASE_PARENT (Yu Watanabe) - chase: drop one redundant call of fstat() (Yu Watanabe) - chase: make struct stat always sync with the opened fd (Yu Watanabe) - chase: drop unnecessary conditions for buffer (Yu Watanabe) - test: add another regression test (Yu Watanabe) - test: systemd-analyze blame should succeed now (Yu Watanabe) - analyze: make blame command work even the default target not reached (Yu Watanabe) - kernel-image: make inspect_kernel() optionally take directory fd (Yu Watanabe) - fileio: introduce read_one_line_file_at() (Yu Watanabe) - fileio: introduce xfopenat_full() (Yu Watanabe) - fileio: use take_fdopen() and friends (Yu Watanabe) - test: check if we skip the full setup on daemon-reexec (again) (Frantisek Sumsal) - test-64: add tests for compat devlinks for NVMe drive (Yu Watanabe) - test: add tests for conf_files_list_at() and friends (Yu Watanabe) - conf-files: introduce _at() variants of conf_files_list() or friends (Yu Watanabe) - conf-files: split out logic of copy and sort filenames from hashmap (Yu Watanabe) - conf-files: use path_compare_filename() (Yu Watanabe) - path-util: introduce path_compare_filename() (Yu Watanabe) - conf-files: drop redundant call of chase() (Yu Watanabe) - rules: drop doubled space (Yu Watanabe) - udev: restore compat symlink for nvme devices (Zbigniew Jędrzejewski-Szmek) - sd-device: manage cached sysattr values with path_hash_ops (Yu Watanabe) - sd-device,udev: tag must be a valid filename (Yu Watanabe) - test: handle one more error gracefully (Yu Watanabe) - sd-device,udev: refuse invalid devlink and store in normalized form (Yu Watanabe) - udev-rules: replace ingrowing word extractor with extract_first_word() (Yu Watanabe) - udev-rules: rename variable "filename" -> "path" (Yu Watanabe) - udev-rules: add/update comments (Yu Watanabe) - udev-rules: add missing paren (Yu Watanabe) - localed: fix invalid free after shifting pointers using strstrip (Olivier Gayot) - test: bump the timeout for non-qemu runs to 90s (Frantisek Sumsal) - test: enable the systemd-resolved unit in TEST-75 (Frantisek Sumsal) - man/systemd-mount: Clearify documentation about --bind-device (Uwe Kleine-König) - mkosi: Update to latest (Daan De Meyer) - hwdb: Add support for "Passion Model P612F" (Dmitrii Fomchenkov) - bootctl: Gracefully handle missing bootloader directory (Daan De Meyer) - bootctl: show report state and type in json output (Ludwig Nussel) - edit-util: improve log messages (Mike Yuan) - edit-util: introduce overwrite_with_origin switch (Mike Yuan) - edit-util: make original_path and comment_paths work together (Mike Yuan) - edit-util: add DROPIN_MARKER_{START,END} (Mike Yuan) - resolve: change DNS_PACKET_UNICAST_SIZE_LARGE_MAX to 1232 (#27171) (Cristian Rodríguez) - man: netdev: Clarify wireguard IPv6 endpoint format (Sorah Fukumori) - mkosi: Update to latest (Daan De Meyer) - test: check if we skip the full setup on daemon-reexec (Frantisek Sumsal) - test: add test case that journal file is created with the requested compression algorithm (Yu Watanabe) - systemd-sysext/confext.service: Refresh on start/reload (Kai Lueke) - man/systemd-dissect.xml: Remove old sysext path, add confext path (Kai Lueke) - test: introduce TEST-81-GENERATORS (Frantisek Sumsal) - test: add a couple of tests for systemd-modules-load (Frantisek Sumsal) - fstab-generator: don't propagate ignored errno (Frantisek Sumsal) - repart: Add more logging (Daan De Meyer) - confext: shell completion for systemd-confext (maanyagoenka) - confext: documentation and man page updates for confext (maanyagoenka) - test-os-util: add tests for sysext and confext release files (maanyagoenka) - confext: add tests for systemd-confext (maanyagoenka) - confext: add the systemd-confext.service file (maanyagoenka) - confext: add multi call functionality to sysext (maanyagoenka) - extension-release: establish compatibility between host file and extension-release file (maanyagoenka) - os-util: add a new confext image type and the ability to parse their release files (maanyagoenka) - test: use kbd-mode-map we ship in TEST-73-LOCALE (Franck Bui) - update TODO (Lennart Poettering) - man: document image policy syntax and semantics, and the hooks in the various components (Lennart Poettering) - test: add integration test for image policy (Lennart Poettering) - sysext: default to a stricter image policy when reading /.extra/sysext/ DDIs (Lennart Poettering) - discover-image: automaticaly pick up sysext images from /.extra/sysext (Lennart Poettering) - analyze: add 'image-policy' tool for analyzing image dissection policies (Lennart Poettering) - dissect: update error code comment a bit (Lennart Poettering) - dissect: disallow empty partition tables (Lennart Poettering) - dissect: add new --validate command (Lennart Poettering) - dissect: make returning of DissectedImage object optional (Lennart Poettering) - dissect: add dissect_image_file_and_warn() (Lennart Poettering) - dissect: actually enforce policy (Lennart Poettering) - tree-wide: hook up image dissection policy logic everywhere (Lennart Poettering) - dissect: add image dissection policy framework (Lennart Poettering) - test: add tests for dir_fd_is_root_or_cwd() (Yu Watanabe) - mkosi: Update bundled kconfig (Daan De Meyer) - mkosi: Make sure we always boot our built from source kernel (Daan De Meyer) - resolve: refuse mdns scope for ipv4 broadcast addresses (Ronan Pigott) - Revert "mkosi: Drop python-docutils" (Daan De Meyer) - service: use newdup() where appropriate (Lennart Poettering) - various: simplify calls to parse_boolean_argument() (Zbigniew Jędrzejewski-Szmek) - ci: do one build with no tpm/p11kit/fido2 (Luca Boccassi) - cryptsetup: fix build without TPM2 (Luca Boccassi) - tpm2: fix nits from PR #26185 (William Roberts) - test/test-functions: fix typo in install_suse_systemd() (Thomas Blume) - update TODO (Lennart Poettering) - update TODO (Lennart Poettering) - execute: add one more assert() (Lennart Poettering) - test-core-unit: add new test file for unit_escape_setting() and friends (Zbigniew Jędrzejewski-Szmek) - meson: redo grouping of tests under src/test/ (Zbigniew Jędrzejewski-Szmek) - man: mention -o option for systemd-journal-remote (Yu Watanabe) - machine-id-setup: do not read host's machine ID when root directory is specified (Yu Watanabe) - machine-id-setup: use id128_get_machine() at one more place (Yu Watanabe) - discover-image: use id128_get_machine() at one more place (Yu Watanabe) - specifier: always convert missing machine-id file to EUNATCH (Yu Watanabe) - nspawn: ignore NULL machine ID in the container (Yu Watanabe) - repart: use id128_get_machine() (Yu Watanabe) - test: add tests for id128_get_machine() and _at() (Yu Watanabe) - sd-id128: introduce id128_get_machine() and id128_get_machine_at() (Yu Watanabe) - fd-util: introduce dir_fd_is_root_or_cwd() (Yu Watanabe) - test: add tests for ID128_REFUSE_NULL (Yu Watanabe) - sd-id128: introduce ID128_REFUSE_NULL flag (Yu Watanabe) - service: minor modernizations (Lennart Poettering) - manager: remove transient unit directory during startup (Zbigniew Jędrzejewski-Szmek) - sd-bus: use macros for standard bus error names consistently (Zbigniew Jędrzejewski-Szmek) - core: a more informative error when SetProperties/StartTransientUnit fails (Zbigniew Jędrzejewski-Szmek) - man/sd_bus_message_open_container: mention two common errors (Zbigniew Jędrzejewski-Szmek) - man/systemd.service: add example for char prefixes (Zbigniew Jędrzejewski-Szmek) - man: move description of command line substitution out of ExecStart= (Zbigniew Jędrzejewski-Szmek) - core: unify two similar paths, avoid formatting of unused string (Zbigniew Jędrzejewski-Szmek) - core: simplify unit_escape_setting() (Zbigniew Jędrzejewski-Szmek) - core: typos in comments (Zbigniew Jędrzejewski-Szmek) - update TODO (Lennart Poettering) - sd-journal: allow to specify compression algorithm through env (Yu Watanabe) - sd-journal: always use the compression algorithm specified in the header (Yu Watanabe) - compress: introduce compression_supported() helper function (Yu Watanabe) - sd-journal: cache results of parsing environment variables (Yu Watanabe) - journald: fix log message (Yu Watanabe) - service: dump fdstore contents also in free-form debug dump (Lennart Poettering) - chase: fix error handling (Yu Watanabe) - test: add tests for id128_{read,write}_at() (Yu Watanabe) - sd-id128: introduce id128_write_at() (Yu Watanabe) - sd-id128: introduce id128_read_at() (Yu Watanabe) - sd-id128: rename Id128FormatFlag -> Id128Flag (Yu Watanabe) - sd-id128: rename argument and add missing assertion (Yu Watanabe) - Revert "sd-id128: make id128_read() optionally take root directory" (Yu Watanabe) - src: changed usage of basename() to path_extract_filename(). TODO. (OMOJOLA JOSHUA DAMILOLA) - pid1: drop two spurious empty line (Lennart Poettering) - core/main: also check the argument terminator (Mike Yuan) - udev-rules: check tokens order (Dmitry V. Levin) - shared/exec-util: reduce scope of iterator variables (Zbigniew Jędrzejewski-Szmek) - core/service: inline one variable (Zbigniew Jędrzejewski-Szmek) - basic/fs-util: typo fix (Zbigniew Jędrzejewski-Szmek) - man/systemd-sysext: minor grammar optimizations (Zbigniew Jędrzejewski-Szmek) - basic/mkdir: simplify error handling (Zbigniew Jędrzejewski-Szmek) - tpm2: add support for a trusted SRK (William Roberts) - user-sessions: do not remove /etc/nologin (Zbigniew Jędrzejewski-Szmek) - update 60-sensor.hwdb with toshiba tablet (#27103) (dmkUK) - core: do early setup check for arguments with '=' too (Mike Yuan) - Added unit test for strv_env_name_is_valid() function listed in env-util.c (#27100) (taniishkaaa) - po: Translated using Weblate (Russian) (Andrei Stepanov) - build(deps): bump github/codeql-action from 2.2.5 to 2.2.9 (dependabot[bot]) - build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 (dependabot[bot]) - build(deps): bump actions/labeler from 4.0.2 to 4.0.3 (dependabot[bot]) - build(deps): bump github/super-linter from 4.9.7 to 4.10.1 (dependabot[bot]) - man: restore description of ConditionControlGroupController=v1|v2 (Zbigniew Jędrzejewski-Szmek) - networkctl: use sd_bus_get_property (Mike Yuan) - networkctl: style improvements (Mike Yuan) - networkctl: use FOREACH_ARRAY more (Mike Yuan) - ukify: Strip symbol/string table for old stubs (Jan Janssen) - find-esp: Add openat() like helpers that operate on fds (Daan De Meyer) - stat-util: Add xstatfsat() (Daan De Meyer) - find-esp: Drop explicit automount trigger (Daan De Meyer) - btrfs-util: Add btrfs_get_block_device_at() (Daan De Meyer) - networkctl: acquire bus only when necessary (Mike Yuan) - test: shed some light into the whole coverage situation (Frantisek Sumsal) - firstboot: Add --reset option (Daan De Meyer) - firstboot: Do not dereference symlinks (Daan De Meyer) - add a github workflow action to make a release from tags (Дамјан Георгиевски) - Trim TODO a bit (Daan De Meyer) - treewide: fix unnecessary $ on arithmetic variables (Dmitry V. Levin) - test: set ReadWritePaths= for test-.services when built w/ coverage (Frantisek Sumsal) - core: skip deps on oomd if v2 or memory unavailable (Zbigniew Jędrzejewski-Szmek) - test: fixed negative checks in TEST-70-TPM2. Use in-line error handling rather than redirections. Follow up on #27020 (OMOJOLA JOSHUA DAMILOLA) - test: use setpriv instead of su for user switch from root (Thomas Blume) - TODO: drop items regarding swap-for-hibernate-only-use (Lennart Poettering) - docs: fix coredump legacy example (Ludwig Nussel) - Revert "Revert "test: add more testcases for rm_rf()"" (Yu Watanabe) - rm-rf: also chmod() directory if it cannot be opened (Yu Watanabe) - core: always calculate the next restart interval (Mike Yuan) - bootctl: clean up handling of files with no version information (Zbigniew Jędrzejewski-Szmek) - test: make make_addresses() actually return the addresses (Frantisek Sumsal) - coverage: add a wrapper for execveat() (Frantisek Sumsal) - man: add example for sd_bus_call_method (Luca Boccassi) - man: further shorten print-unit-path example (Luca Boccassi) - man: link up new online coredump docs from man page (Lennart Poettering) - Revert "rm-rf: also chmod() directory if it cannot be opened" (Luca Boccassi) - Revert "test: add more testcases for rm_rf()" (Luca Boccassi) - pid1: fully disable coredumping to $PWD (Zbigniew Jędrzejewski-Szmek) - docs: add a document with an overview over systemd's coredump handling (Lennart Poettering) - basic: update the Arch tuples for LoongArch (Xiaotian Wu) - sysext: validate that they do not contain os-release (Luca Boccassi) - sysext: stop storing under /usr/lib[/local]/extensions/ (Luca Boccassi) - rename extension-release.[c|h] -> extension-util.[c|h] (Luca Boccassi) - tmpfiles: Try to take a BSD lock on files as well (Daan De Meyer) - chase: add CHASE_AT_RESOLVE_IN_ROOT only when it is necessary (Yu Watanabe) - chase: drop CHASE_AT_RESOLVE_IN_ROOT when AT_FDCWD or root dir fd is specified (Yu Watanabe) - test-kernel-install: several cleanups (Yu Watanabe) - man: drop trailing space and mention uki_generator at one more place (Yu Watanabe) - chase: Simplify chase_and_open() and chase_and_openat() (Daan De Meyer) - fs-util: Strip O_NOFOLLOW in xopenat() when calling fd_reopen() (Daan De Meyer) - chase: Fix error code check (Daan De Meyer) - chase: Fix formatting (Daan De Meyer) - service: drop redundant unit_ref_unset() call (Lennart Poettering) - chase: fix indentation (Yu Watanabe) - chase: fix comment (Yu Watanabe) - test: split-out tests for chase() and friends to test-chase.c (Yu Watanabe) - test: rename test-chase -> test-chase-manual (Yu Watanabe) - fd-util: make fd_get_path() support AT_FDCWD (Yu Watanabe) - test: add tests for fd_get_path() (Yu Watanabe) - units: let's establish the coredump socket before writting core_pattern sysctl (Lennart Poettering) - update TODO (Lennart Poettering) - test: add test case for fdstore dumping logic, and systemd-notify --fd= (Lennart Poettering) - notify: add support for sending fds with notification messages (Lennart Poettering) - fdset: add new fdset_consume() helper (Lennart Poettering) - fdset: add new helper to convert an fdset to an array (Lennart Poettering) - fdset: minor modernizations (Lennart Poettering) - analyze: add new fdstore verb (Lennart Poettering) - pid1: add DumpFileDescriptorStore() bus call that returns fdstore content info (Lennart Poettering) - format-table: add new cell type for displaying major/minor devnums (Lennart Poettering) - format-table: add inode type cell type (Lennart Poettering) - fd-util: add helper for converting O_RDONLY/WRONLY/RDWR to strings (Lennart Poettering) - devnum-util: add new devnum_is_zero() helper (Lennart Poettering) - stat-util: add inode_type_to_string() helper for showing mode_t inode type as string (Lennart Poettering) - firstboot: Refactor should_configure() (Daan De Meyer) - firstboot: Check for errors returned by dir_fd_is_root() (Daan De Meyer) - user-util: Rename ETC_PASSWD_LOCK_NAME to ETC_PASSWD_LOCK_FILENAME (Daan De Meyer) - pid1: add debug log about selected restart interval (Lennart Poettering) - pid1: introduce new SERVICE_{DEAD|FAILED}_BEFORE_AUTO_RESTART service substates (Lennart Poettering) - mkosi: Drop python-docutils (Daan De Meyer) - mkosi: Update to latest (Daan De Meyer) - test: Install systemd-networkd-tests.py when install_tests is enabled (Daan De Meyer) - mkosi: Update to latest (Daan De Meyer) - udev_rules_parse_file: do not ignore ENOENT when invoked by udevadm verify (Dmitry V. Levin) - firstboot: Modernize path handling (Daan De Meyer) - user-util: Add ETC_PASSWD_LOCK_NAME (Daan De Meyer) - log: Add LOG_SET_PREFIX() macro (Daan De Meyer) - TEST-80: synchronize explicitly instead of by time (Lennart Poettering) - test: do not remove state directory on failure (Luca Boccassi) - proc-cmdline: filter PID1 arguments when we are running in a container (Yu Watanabe) - tree-wide: reset optind to 0 when GNU extensions in optstring are used (Yu Watanabe) - condition: use proc_cmdline_strv() (Yu Watanabe) - proc-cmdline: introduce proc_cmdline_strv() (Yu Watanabe) - proc-cmdline: split commandline earlier in proc_cmdline_parse() and friend (Yu Watanabe) - test: fix shellcheck warnings in test-sysusers.sh (Luca Boccassi) - man: fix shellcheck warning for html.in (Luca Boccassi) - added more test cases (OMOJOLA JOSHUA DAMILOLA) - man: correct/tweak text about unit name syntax (Lennart Poettering) - test: fix regexp in testsuite-74.mount.sh (Franck Bui) - test: don't go through all time zones if slow tests are disabled (Frantisek Sumsal) - test: drop extraneous bracket in testsuite-74.mount.sh (Franck Bui) - shared/exec-util: null_or_empty_path() does not return boolean (Zbigniew Jędrzejewski-Szmek) - basic/stat-util: remove unused null_or_empty_fd() (Zbigniew Jędrzejewski-Szmek) - Revert "udev_rules_parse_file: do not skip ENOENT" (Zbigniew Jędrzejewski-Szmek) - ukify: Add workarounds for older stubs (Daan De Meyer) - process-util: introduce get_process_cmdline_strv() (Yu Watanabe) - dbus-manager: use _cleanup_ for UnitFileList hash (David Tardon) - install: define hash_ops for UnitFileList (David Tardon) - Revert "ukify: Weaken file alignment assertions" (Daan De Meyer) - os-release: add 'SYSEXT_' fields for version/id (Luca Boccassi) - portablectl: display sysext-specific fields (Luca Boccassi) - portable: add PORTABLE_NAME_AND_VERSION= and other metadata to LogsExtraFields= (Luca Boccassi) - busctl: also assume --full if not writing to terminal (Zbigniew Jędrzejewski-Szmek) - portable: include base and extension images in log fields (Luca Boccassi) - portable: use parse_env_file_fd to keep FD valid (Luca Boccassi) - strv: add helper to find value in key/value pairs from list of keys (Luca Boccassi) - env: add load_env_file_pairs_fd() (Luca Boccassi) - busctl: use size_t for set size (Zbigniew Jędrzejewski-Szmek) - busctl: do not truncate property values when --full (Zbigniew Jędrzejewski-Szmek) - cryptenroll: fix a memory leak (Frantisek Sumsal) - systemctl: show service status string in other color (Lennart Poettering) - systemctl: show fd store info in status output (Lennart Poettering) - systemctl: dont's how memory limits that aren't available via D-Bus props (Lennart Poettering) - hwdb: Move MSI touchpad-toggle mapping to generic MSI section (Hans de Goede) - env-util: introduce strv_env_assign_many() (Yu Watanabe) - ukify: Weaken file alignment assertions (Daan De Meyer) - journal-remote: make specified output file absolute (Yu Watanabe) - journal-remote: add missing log message for failure in journal_remote_get_writer() (Yu Watanabe) - journal-remote: make writer_new() return negative errno on failure (Yu Watanabe) - test: don't export $TOOLS_DIR (Franck Bui) - test: clean up $STATEDIR too (Franck Bui) - test: $STATEDIR should not point to /usr/lib/systemd/tests when NO_BUILD=1 (Franck Bui) - locale: Add missing libxkbcommon dependency to tests (Daan De Meyer) - compare-operator:unit test (OMOJOLA JOSHUA DAMILOLA) - update TODO (Lennart Poettering) - core: Move DynamicCreds into ExecRuntime (Daan De Meyer) - core: Introduce unit private exec runtime (Daan De Meyer) - execute: Do not pass destroy as a boolean argument to unref() (Daan De Meyer) - execute: Rename ExecRuntime to ExecSharedRuntime (Daan De Meyer) - mkosi: Narrow glob used to install python packages (Daan De Meyer) - core/dbus-service: add RestartUSecCurrent property (Mike Yuan) - core: add RestartSteps= and RestartSecMax= for exponentially increasing interval between restarts (Mike Yuan) - userdb: rename the destructor to follow our coding style (Frantisek Sumsal) - userdb: fix a memory leak (Frantisek Sumsal) - test: explicitly pull in systemd-userdbd.socket (Frantisek Sumsal) - update TODO (Lennart Poettering) - test-fd-util: use stat_inode_same() where appropriate (Lennart Poettering) - fd-util: cover some corner cases with fd_reopen() on symlinks (Lennart Poettering) - udev-rules: fix grammar in diagnostics about lines that have no effect (Dmitry V. Levin) - test: verify the journal with and without a sealing key (Frantisek Sumsal) - udev-rules: extend the check for conflicting expressions (Dmitry V. Levin) - udev-rules: check token delimiters (Dmitry V. Levin) - udev-rules: move udev_check_rule_line() invocation (Dmitry V. Levin) - udev-rules: move udev_rules_parse_file() after udev_check_rule_line() (Dmitry V. Levin) - testsuite-17.11.sh: add commas between tokens (Dmitry V. Levin) - rules: add whitespace after comma before the line continuation (Dmitry V. Levin) - rules: remove stray whitespace before comma between tokens (Dmitry V. Levin) - sd-id128: make id128_read() optionally take root directory (Yu Watanabe) - journalctl: fix when --grep is used with --follow (Mike Yuan) - oomd: add inline comments with param names (Zbigniew Jędrzejewski-Szmek) - bootctl: split-out entry token related definitions into boot-entry.[ch] (Yu Watanabe) - chase-symlinks: Add chase_and_open_parent() + at() variant (Daan De Meyer) - Define $KERNEL_INSTALL_UKI_GENERATOR (Gertalitec) - hwdb: Fixed thumb buttons reversed on CHERRY MW 2310 (#26992) (taniishkaaa) - hwdb: drop redundant entry (Yu Watanabe) - test: install symlinks with valid targets on SUSE and Debian (Franck Bui) - core/main: restore the correct assert about array position (Zbigniew Jędrzejewski-Szmek) - test: filter the merged coverage report instead (Frantisek Sumsal) - test: add a couple of tests for userdbctl (Frantisek Sumsal) - test: do an initial coverage capture (Frantisek Sumsal) - test: drop unnecessary return (Frantisek Sumsal) - test: don't touch the /failed marker in the subtest scripts (Frantisek Sumsal) - test: don't expand the subshell expression prematurely (Frantisek Sumsal) - hwdb: Fix incorrect touchpad dimensions on Thinkpad L14 Gen1 (#26937) (taniishkaaa) - test: add test for invalid keymap setting (Yu Watanabe) - locale: also verify keymaps loaded from config file and converted keymaps (Yu Watanabe) - locale: introduce x11_context_verify() (Yu Watanabe) - locale: split out xkbcommon related functions to xkbcommon-util.c (Yu Watanabe) - locale: split out checking existence of keymap (Yu Watanabe) - locale: move x11_convert_to_vconsole() near the relevant functions (Yu Watanabe) - xdg-autostart-generator: do not warn about unknown fields (Zbigniew Jędrzejewski-Szmek) - bootctl: enable colored logging (Yu Watanabe) - test: add more testcases for rm_rf() (Yu Watanabe) - rm-rf: also chmod() directory if it cannot be opened (Yu Watanabe) - rm-rf: mask file mode with 07777 when passed to chmod() (Yu Watanabe) - rm-rf: fix errno handling (Yu Watanabe) - core/main: fix setting of arguments for shutdown (Zbigniew Jędrzejewski-Szmek) - tools: add dump-auxv.py (Zbigniew Jędrzejewski-Szmek) - hwdb: drop boilerplate about match patterns in two more cases (Zbigniew Jędrzejewski-Szmek) - import: use truncate_nl() where appropriate (Lennart Poettering) - tree-wide: port various places to find_line_startswith() (Lennart Poettering) - string-util: add new helper for finding line starting with specific string in a text buffer (Lennart Poettering) - userdbctl: flush stdout before running the chain command (Frantisek Sumsal) - docs: s/authorized_key/authorized_keys/ (Frantisek Sumsal) - man: s/io.systemd.Dropin/io.systemd.DropIn/ (Frantisek Sumsal) - userdbctl: don't show legend when dumping JSON with services (Frantisek Sumsal) - fs-util: fix typo in comment (Antonio Alvarez Feijoo) - man: update syscal filter group list (Lennart Poettering) - test: on openSUSE install the collection of unit test binaries in the target only for TEST-02-UNITTESTS (Franck Bui) - meson: make sure the unit test scripts find testdata/ even if they are not installed in the same directory (Franck Bui) - meson: define testdata_dir globally (Franck Bui) - test: install unit tests in a dedicated subdirectory below '$testsdir' (Franck Bui) - chase-symlinks: Allow optional path with CHASE_EXTRACT_FILENAME (Daan De Meyer) - chase-symlinks: Rename chase_symlinks() to chase() (Daan De Meyer) - ukify: Add riscv32 and loongarch support (Jan Janssen) - ukify: Use pefile to add sections to EFI stub (Jan Janssen) - analyze: don't claim "@known" was an unlisted syscall (Lennart Poettering) - seccomp-util: enforce group ordering (Lennart Poettering) - seccomp-util: add some newer syscalls to existing groups (Lennart Poettering) - seccomp-util: add new @sandbox syscall group with landlock/seccomp (Lennart Poettering) - test: add a couple of tests for systemd-coredump (Frantisek Sumsal) - process-util: drop trailing NUls before parsing the nulstr (Yu Watanabe) - test: add tests from strv_parse_nulstr_full() (Yu Watanabe) - nulstr-util: introduce strv_parse_nulstr_full() that optionally drop trailing empty strings (Yu Watanabe) - test-proc-cmdline: test proc_cmdline_get_key() actually parses EFI options (Yu Watanabe) - proc-cmdline: make proc_cmdline_parse_given() static (Yu Watanabe) - proc-cmdline: use proc_cmdline_key_string() when we search for key (Yu Watanabe) - proc-cmdline: rename variable (Yu Watanabe) - proc-cmdline: insert an empty line between variable declaration and assertion (Yu Watanabe) - core/main: make positional arguments followed by '=', then by value (Yu Watanabe) - core/main: fix maximum number of arguments for shutdown command (Yu Watanabe) - vconsole: introduce context_get_config() helper function (Yu Watanabe) - vconsole: introduce Context and its helper functions (Yu Watanabe) - chase-symlinks: Use xopenat() instead of open_mkdir_at() (Daan De Meyer) - fileio: add new helper fdopen_independent() (Lennart Poettering) - pid1: allowlist all tpm devices for a unit when encrypted creds are needed (Lennart Poettering) - core: move encrypted credential check to execute.c (Lennart Poettering) - test-coredump-util: also test parse_auxv() with unaligned data (Zbigniew Jędrzejewski-Szmek) - test-coredump-util: add tests for parse_aux() (Zbigniew Jędrzejewski-Szmek) - coredump: split out parse_auxv() to src/shared/ (Zbigniew Jędrzejewski-Szmek) - loop-util: Add loop_device_make_by_path_at() (Daan De Meyer) - fs-util: Allow xopenat() to reopen existing file descriptors (Daan De Meyer) - docs: Explicitly tell developers to enable mkosi required meson options (Daan De Meyer) - find-esp: don't silently error bootctl install if presumed XBOOTLDR part is stx_dev_major=0 but not btrfs (наб) - test-fileio: add test for return value of read_one_line_file() (Zbigniew Jędrzejewski-Szmek) - journal-vacuum: use CLEANUP_ARRAY (David Tardon) - journal-vacuum: rename function to match struct name (David Tardon) - journal-vacuum: count size of all journal files (David Tardon) - fs-util: Add xopenat_lock() (Daan De Meyer) - edit-util: alloc correct amount of memory (Mike Yuan) - coredump: use unaligned_read_ne{32,64}() to parse auxv (Yu Watanabe) - ukify: allow uncompressed kernel images for UNAME detection on aarch64 and riscv64 (#26929) (Tobias Powalowski) - core: Settle log target if we're going to be closing all fds (Daan De Meyer) - labeler: add journal label also for sd-journal stuff (David Tardon) - test: add tests for NOTIFYACCESS override through sd_notify (Mike Yuan) - stat-util: Add verify_regular_at() (Daan De Meyer) - bootctl: 'graceful' should ignore EFI variable failures (Kevin P. Fleming) - ci: limit permissions for `differential-shellcheck` (Jan Macku) - ci: trigger differential-shellcheck workflow on push (Jan Macku) - core: support overriding NOTIFYACCESS= through sd-notify during runtime (Mike Yuan) - copy: Add more at() helpers (Daan De Meyer) - copy: Move chattr arguments to full function signatures (Daan De Meyer) - fd-util: make sure fd_reopen() works with AT_FDCWD systematically (Lennart Poettering) - execute: Add kernel cmdline arguments for tty term, rows and columns (Daan De Meyer) - docs: Fix vscode debugging section in HACKING.md (Daan De Meyer) - chase-symlinks: Add more chase_symlinks_at() helpers (Daan De Meyer) - chase-symlinks: Return zero from access() and stat() helpers (Daan De Meyer) - chase-symlinks: Add CHASE_EXTRACT_FILENAME flag (Daan De Meyer) - udev-rules: fix nvme symlink creation on namespace changes (Thomas Blume) - tmpfile-util: Add open_tmpfile_linkable_at() and link_tmpfile_at() (Daan De Meyer) - fs-util: Add open_parent_at() (Daan De Meyer) - lock-util: Add make_lock_file_at() (Daan De Meyer) - unit: Add LOG_CONTEXT_PUSH_UNIT() (Daan De Meyer) - log: Add key/value support to the log context (Daan De Meyer) - log: Avoid pushing the same fields more than once on the log context (Daan De Meyer) - mkosi: Default to debug log level for udev as well (Daan De Meyer) - man/network-generator: replace dracut.kernel reference with dracut.cmdline (Antonio Alvarez Feijoo) - gpt-auto-generator: fix typo (Antonio Alvarez Feijoo) - util: rename uki-util.[ch] -> kernel-image.[ch] (Yu Watanabe) - uki-util: rename KernelType -> KernelImageType (Yu Watanabe) - uki-util: rename uki -> f (Yu Watanabe) - uki-util: update log messages (Yu Watanabe) - udev-rules: add another check for conflicting expressions (Dmitry V. Levin) - compare-operator: added unit tests (OMOJOLA JOSHUA DAMILOLA) - strv: introduce strv_print_full() (Yu Watanabe) - ci: drop clang-13, add clang-16 (Frantisek Sumsal) - bootctl: fix wrong type comparison (Yu Watanabe) - loop-util: add more debugging logs in loop_configure() (Yu Watanabe) - udev-rules: fix check for conflicting and duplicate expressions (Dmitry V. Levin) - Revert "udev: prepare memory for extra NUL termination for NULSTR" (Dmitry V. Levin) - udev-rules: fix matching of token types that support alternative patterns (Dmitry V. Levin) - hwdb: fix Wifi toggling for Haier 7G-Series/JWU (#25293) (#26878) (taniishkaaa) - docs: update unit name for sd-tmpfiles-setup (Mike Yuan) - unit: sysext: update unit name for sd-tmpfiles-setup (Mike Yuan) - test-systemd-tmpfiles.py: create global temporary directory (Yu Watanabe) - test-systemd-tmpfiles.py: use test_content() at one more place (Yu Watanabe) - tmpfiles: show file type in octal, instead of hex (Yu Watanabe) - tree-wide: simplify x ? x : y to x ?: y where applicable (Frantisek Sumsal) - coccinelle: add a transformation for GNU conditionals (Frantisek Sumsal) - coccinelle: respect spacing from the semantic patch (Frantisek Sumsal) - man: explicitly list three command syntax at the beginning (Yu Watanabe) - fuzz-journal-remote: fix potential fd-leak (Yu Watanabe) - fuzz-journal-remote: remove temporary files on exit (Yu Watanabe) - units: Order user@.service after systemd-oomd.service (Daan De Meyer) - core/transaction: do not log "(null)" (Yu Watanabe) - core/transaction: make merge_unit_ids() return non-NULL on success (Yu Watanabe) - core/transaction: make merge_unit_ids() always return NUL-terminated string (Yu Watanabe) - sleep: fix default values unmatched with manual (Mike Yuan) - po: Translated using Weblate (Bulgarian) (Velislav Ivanov) - systemctl: move printing of state to the printing func. (David Tardon) - kernel-install: check all entry candidates first, then check existence of $pref/loader/entries only once (Yu Watanabe) - Revert "kernel-install: also try to find $BOOT by partition GUID" (Yu Watanabe) - uki-util: move functions for inspecting kernel to uki-util.[ch] (Yu Watanabe) - bootctl: introduce inspect_kernel() (Yu Watanabe) - bootctl: introduce uki_read_pretty_name() (Yu Watanabe) - bootctl: find matching section in read_pe_section() (Yu Watanabe) - bootctl: return 0 instead of EXIT_SUCCESS (Yu Watanabe) - bootctl: move verb_kernel_identity() (Yu Watanabe) - os-util: add missing headers (Yu Watanabe) - exec-util: introduce EXEC_DIR_SKIP_REMAINING flag (Yu Watanabe) - exec-util: extract the core logic of execute_directories() as execute_strv() (Yu Watanabe) - exec-util: enumerate executables earlier (Yu Watanabe) - exec-util: drop meaningless casts (Yu Watanabe) - exec-util: tighten variable scope a bit (Yu Watanabe) - systemctl: drop stray empty line (David Tardon) - systemctl: always print circular deps. at the end (David Tardon) - boot: Add undefined sanitizer support (Jan Janssen) - meson: Share more C flags (Jan Janssen) - boot: Add support for -ftrapv (Jan Janssen) - boot: Add support for -fstack-protector (Jan Janssen) - boot: Detect nested assertions (Jan Janssen) - systemctl: fix formatting of circular dep. (David Tardon) - systemctl: fix indentation of circular deps (David Tardon) - test: add a testcase that dir_fd_is_root() is not confused by bind mount (Yu Watanabe) - mkosi: Enable some debugging options by default (Daan De Meyer) - man: fix misspelled executable name (#26858) (Addison Snelling) - repart: Report better errors if partition sizes are too small (Daan De Meyer) - repart: Zero full verity signature partition size (Daan De Meyer) - repart: Make sure we seek to beginning of partition target before copy (Daan De Meyer) - mkosi: Use default timeout of 10s (Daan De Meyer) - udev/ata_id: use unliagned helpers (Zbigniew Jędrzejewski-Szmek) - udev/v4l_id: use O_CLOEXEC|O_NOCTTY (Zbigniew Jędrzejewski-Szmek) - meson: add udev builtins to dist-check (Zbigniew Jędrzejewski-Szmek) - udev: implement --version in all builtins (Zbigniew Jędrzejewski-Szmek) - udev/cdrom_id: do not abort on unknown options (Zbigniew Jędrzejewski-Szmek) - udev/mtd_probe: convert to run() (Zbigniew Jędrzejewski-Szmek) - udev/mtd_probe: implement --help (Zbigniew Jędrzejewski-Szmek) - udev/fido_id: implement --help (Zbigniew Jędrzejewski-Szmek) - udev/ata_id: stop using errno, fix logic (Zbigniew Jędrzejewski-Szmek) - udev/ata_id: drop unused output parameter (Zbigniew Jędrzejewski-Szmek) - test: wrap mkfs.*/mksquashfs/mkswap binaries when running w/ ASan (Frantisek Sumsal) - journald-console: Add colors when forwarding to console (Daan De Meyer) - terminal-util: Don't assume terminal is dumb if connected to /dev/null (Daan De Meyer) - doc: update ELF_PACKAGE_METADATA to use linker flag instead of manual script (Luca Boccassi) - test: add tests for summary output of udevadm verify (Yu Watanabe) - test: reindent testsuite-17.11.sh (Yu Watanabe) - udevadm-verify: add a short summary (Yu Watanabe) - sd-journal: fix segfault (Yu Watanabe) - updated usage of SD_BUS_METHOD_WITH_NAMES macros to SD_BUS_METHOD_WIT… (#26840) (OMOJOLA JOSHUA) - github: update default and example in template (Yu Watanabe) - manager: fix scope for environment generators (Ludwig Nussel) - test: fix testsuite-17.10.sh (Dmitry V. Levin) - udev-rules: check for conflicting and duplicate expressions (Dmitry V. Levin) - Update github issue template to include systemd-dissect (Cornelius Hoffmann) - userdbd: make static const what we can make so (Lennart Poettering) - userdbd: rework to use sd_event_add_child() instead of manual SIGCHLD (Lennart Poettering) - userdbd: make use of FORK_CLOSE_ALL_FDS + FORK_REOPEN_LOG where we can (Lennart Poettering) - userdbd: modernize signal handling (Lennart Poettering) - fs-util: Drop unlink_noerrno() (Daan De Meyer) - test: add testsuite-74.machinectl (Mike Yuan) - machinectl: add verb edit and cat to operate on .nspawn files (Mike Yuan) - edit-util: log unexpected errors if we fail to remove the parent dir (Mike Yuan) - edit-util: use path_equal (Mike Yuan) - chase-symlinks: Add more assertions (Daan De Meyer) - chase-symlinks: Rework open() functions and some chase flags (Daan De Meyer) - Add rebrands of Medion Akoya notebooks/tablets (bri) - fd-util: Add dir_fd_is_root() (Daan De Meyer) - mountpoint-util: Add path_get_mnt_id_at() (Daan De Meyer) - udev/ata_id: convert to run() (Zbigniew Jędrzejewski-Szmek) - udev/ata_id: split out parse_argv() (Zbigniew Jędrzejewski-Szmek) - core: fix "(null)" in output (Zbigniew Jędrzejewski-Szmek) - core: reduce scope of variable (Zbigniew Jędrzejewski-Szmek) - core: make the memory pressure cgroup path writable when ProtectControlGroups=yes (Luca Boccassi) - test: assume run-unit-tests.py and unit tests are installed in the same directory (Franck Bui) - treewide: memfd_create: use exec flags (Thomas Weißschuh) - memfd-util: add wrapper for memfd_create (Thomas Weißschuh) - missing: add memfd exec flags (Thomas Weißschuh) - stub: Remove overlapping PE section warning (Jan Janssen) - mkfs-util: Redirect mksquashfs output to /dev/null (Daan De Meyer) - src: changed instances of sd_bus_call_method() to bus_call_method() (#26819) (OMOJOLA JOSHUA) - update TODO (Lennart Poettering) - dissect: make all paths we operation on absolute (Lennart Poettering) - core: fix mount flag help output, it only takes one argument (Lennart Poettering) - dissect: mark UID/GIDs that are surprising in DDIs with colors (Lennart Poettering) - cgls: add -x and -c options (Zbigniew Jędrzejewski-Szmek) - cgls: stop showing cgroup ids and xattrs by default (Zbigniew Jędrzejewski-Szmek) - cgtop: drop counterproductive bitfields (Zbigniew Jędrzejewski-Szmek) - cgtop: split out the main loop into a separate function (Zbigniew Jędrzejewski-Szmek) - core: append LogExtraFields= values to log_unit* messages (Luca Boccassi) - log: add iov helpers for log_context (Luca Boccassi) - chase-symlinks: Remove unused ret_fd arguments (Daan De Meyer) - manager: in dump, show no controllers as "(none)" (Zbigniew Jędrzejewski-Szmek) - man: document "Delegate=" a bit more (Zbigniew Jędrzejewski-Szmek) - test-time-util: add test cases to invalidate "show" and "cancel" (Mike Yuan) - systemctl: add option --when for scheduled shutdown (Mike Yuan) - systemctl: logind: make logind_schedule_shutdown accept action as param (Mike Yuan) - systemctl: logind: add missing asserts (Mike Yuan) - test-50-dissect: add test for long reference name (Yu Watanabe) - udev: mention that the kernel silently truncates lo_file_name if too long (Yu Watanabe) - tests: don't use absolute paths when installing binaries in TEST-58-REPART (Franck Bui) - tests: fix inverted condition in testsuite-58.sh (Franck Bui) - chase-symlinks: Fix memory leak (Daan De Meyer) - fs-util: Add xopenat() (Daan De Meyer) - hwdb: 60-keyboard.hwdb: Fix modalias for Thinkpad X200 Tablet (#26795) (EinBaum) - test-process-util: port to detach_mount_namespace() (Lennart Poettering) - po: Translated using Weblate (Punjabi) (A S Alam) - namespace-util: set mounts back to MS_SHARED in detach_mount_namespace() (Lennart Poettering) - core: rename "mount_flags" → "mount_propagation_flag" internally where appropriate (Lennart Poettering) - namespace: use ERRNO_IS_PRIVILEGE()/ERRNO_IS_NOT_SUPPORTED() where appropriate (Lennart Poettering) - test: testsuite-26: remove duplicate source (Mike Yuan) - userbd: manager doesn't actually use varlink, only workers do (Lennart Poettering) - man: add missing tags in udevadm(8) (Yu Watanabe) - execute: use prctl(PR_SET_MDWE) for MemoryDenyWriteExecute=yes (Topi Miettinen) - conf: replace config_parse_many_nulstr() with config_parse_config_file() (Franck Bui) - hwdb: update 70-mouse.hwdb (#26782) (tofylion) - udev/v4l_id: convert to run() and add error messages (Zbigniew Jędrzejewski-Szmek) - network: ipv4acd: update MAC address on change (#26753) (Brett Holman) - man: Fix user generator output paths (Daan De Meyer) - udevadm-verify: fix indentation of help message (Yu Watanabe) - udevadm: enable colorized logging (Yu Watanabe) - udev-rules: inline rule_line_append_token() (Yu Watanabe) - udev-rules: modernize free functions (Yu Watanabe) - udev-rules: do not set 'issues' tag when applying rules to event device (Yu Watanabe) - udev-rules: introduce log_event_truncated() helper function (Yu Watanabe) - udev-rule: rework logging about udev rules (Yu Watanabe) - namespace: Modernize shareable namespace functions (Daan De Meyer) - dynamic-user: Revert back to using POSIX locks (Daan De Meyer) - lock-util: Add posix_lock() (Daan De Meyer) - execute: Use log_unit_error_errno() instead of log_error_errno() (Daan De Meyer) - systemctl: refuse to acquire dbus connection with --global (Yu Watanabe) - test: add a couple of tests for systemd-path (Frantisek Sumsal) - added a unit test for a function in "argv-utils.c" (#26760) (OMOJOLA JOSHUA) - test-time-util: do not fail on DST change (Yu Watanabe) - time-util: add note about on DST change (Yu Watanabe) - test: add more testcases for formatting/parsing timestamp (Yu Watanabe) - time-util: make USEC_TIMESTAMP_FORMATTABLE_MAX for 32bit system off by one day (Yu Watanabe) - edit-util: include the correct header (Mike Yuan) - edit-util: rename trim_edit_marker to strip_edit_temp_file (Mike Yuan) - edit-util: always create temp file (Mike Yuan) - edit-util: minor cleanups (Mike Yuan) - mkfs-util: Redirect mkfs.vfat stdout to /dev/null (Daan De Meyer) - mkfs-util: Don't explicitly enable has_journal for ext3/ext4 (Daan De Meyer) - mkfs-util: Always use "default" usage type for ext filesystems (Daan De Meyer) - sd-boot: fix incompatible type (Yu Watanabe) - edit-util: unlink temporary file on failure (Yu Watanabe) - edit-util: fix potentical crash when no edit markers (Yu Watanabe) - edit-util: make create_edit_temp_file() take EditFile as the argument (Yu Watanabe) - edit-util: make EditFile take reference of EditFileContext (Yu Watanabe) - systemctl-edit: invert one error check (Yu Watanabe) - systemctl-edit: shorten code a bit (Yu Watanabe) - mkosi: Update to latest (Daan De Meyer) - man: Fix pcrphase.service manvolnum from 1 to 8 (Morten Linderud) - src: Fixup copy-paste error for terminal_urlify_man (Morten Linderud) - generator: fix comment (Yu Watanabe) - edit-util: several cleanups for run_editor (Mike Yuan) - systemctl: edit: several cleanups (Mike Yuan) - edit-util: introduce EditFileContext (Mike Yuan) - edit-util: several cleanups to create_edit_temp_file (Mike Yuan) - shared: extract edit-util from systemctl-edit (Mike Yuan) - udev_rules_parse_file: issue diagnostics about duplicate LABEL tokens (Dmitry V. Levin) - mount: Include After=local-fs-pre.target by default in initrd (Will Fancher) - testsuite-17.11.sh: check udevadm verify --root (Dmitry V. Levin) - udevadm verify: introduce --root option (Dmitry V. Levin) - udevadm verify: load all rules from the system if no rules were given (Dmitry V. Levin) - testsuite-17.11.sh: prepare to test udevadm verify --root (Dmitry V. Levin) - testsuite-17.11.sh: create all files in a temporary directory (Dmitry V. Levin) - testsuite-17.11.sh: robustify unknown user/group checks (Dmitry V. Levin) - test: run script from /tmp, not /run (Luca Boccassi) - lock-util: Use unposix_lock() in make_lock_file() and release_lock_file() (Daan De Meyer) - user-util: Use unposix_lock() in take_etc_passwd_lock() (Daan De Meyer) - lock-util: Move to src/basic (Daan De Meyer) - lock-util: Add CLEANUP_UNPOSIX_UNLOCK() (Daan De Meyer) - lock-util: Add unposix_lock() (Daan De Meyer) - meson: Use static library for EFI tests (Jan Janssen) - boot: Fix unused function warning (Jan Janssen) - ci: Adjust for new EFI build (Jan Janssen) - boot: Add RISCV32 and LoongArch support (Jan Janssen) - boot: Fix debug experience (Jan Janssen) - boot: Bring back bootloader builds (Jan Janssen) - tree-wide: Drop gnu-efi (Jan Janssen) - meson: Introduce userspace dep (Jan Janssen) - dissect: use a switch statements where appropriate (Lennart Poettering) - dissect: share dissected_image_decrypt_interactively() invocation between actions (Lennart Poettering) - lockfile-util: Rename to lock-util (Daan De Meyer) - lockfile-util: Drop flock() fallback (Daan De Meyer) - runtime-scope: add helper that turns RuntimeScope enum into --system/--user string (Lennart Poettering) - basic: add RuntimeScope enum (Lennart Poettering) - socket-util: fix socket_get_family() (Lennart Poettering) - repart: Add support for reading mkfs options from environment (Daan De Meyer) - load-fragment: add user credential specifiers to user.conf (Ronan Pigott) - data-fd-util: use fd_reopen() a bit more (Lennart Poettering) - fd-util: move ACQUIRE_NO_XYZ flags to the header the function using them is in (Lennart Poettering) - mempress: change default PSI window duration to 2s (Lennart Poettering) - update TODO (Lennart Poettering) - test: test new systemd-dissect --attach/--detach/--loop-ref= and /dev/loop/* symlinks (Lennart Poettering) - mountpoint-util: add comment explaining why fstype_can_discard() can't use mount_option_supported() (Lennart Poettering) - mountpoint-util: add new fstype_can_umask() helper (Lennart Poettering) - mountpoint-util: move 'norecovery' detection into its own helper call (Lennart Poettering) - mountpoint-util: use mount_option_supported() to detect if 'discard' is support for an fs (Lennart Poettering) - mountpoint-util: generalize mount_option_supported() (Lennart Poettering) - gpt-auto-generator: port to partition_pick_mount_options() too (Lennart Poettering) - dissect-image: set MS_NOSYMFOLLOW for ESP/XBOOTLDR (Lennart Poettering) - tpm2: add tpm2_pcr_read() (Dan Streetman) - test/test-tpm2: add tests for pcr selection functions (Dan Streetman) - tpm2: add/rename functions to manage pcr selections (Dan Streetman) - tpm2: add TPM2_PCR_VALID() (Dan Streetman) - tpm2: add tpm2_get_policy_digest() (Dan Streetman) - test/test-bitfield: add tests for bitfield macros (Dan Streetman) - udev: add /dev/loop/ symlinks (Lennart Poettering) - dissect: shorten code a bit (Lennart Poettering) - dissect: allow setting "lo_file_name" field of loopback block devices (Lennart Poettering) - dissect: add commands for attaching/detaching loopback devices (Lennart Poettering) - loop-util: add API for selecting "lo_file_name" field for a loopback device (Lennart Poettering) - loop-util: add call for setting the autoclear flag at arbitrary times (Lennart Poettering) - loop-util: keep track of inode/devnum of backing file (Lennart Poettering) - udev-builtin-blkid: pick up info of backing file (Lennart Poettering) - udev: add new udev_builtin_add_propertyf() helper (Lennart Poettering) - test: exercise JSON transformations in busctl (Frantisek Sumsal) - dissect: add new helper dissected_partition_fstype() (Lennart Poettering) - mountpoint-util: add helper that checks if MS_NOSYMFOLLOW is supported (Lennart Poettering) - missing: add more defines to fsopen() definitions (Lennart Poettering) - missing: add fsmount() syscall fallback definition (Lennart Poettering) - basic/bitfield: add bitfield operations (Dan Streetman) - system.conf: add default for memory pressure settings (Yu Watanabe) - core: add missing MemoryPressureWatch= and MemoryPressureThresholdSec= setting (Yu Watanabe) - test: fall back to /sys/fs/cgroup/systemd if necessary (Frantisek Sumsal) - man: fix typo in ukify page (Jeidnx) - test: force mkfs.btrfs to overwrite any existing file systems (Frantisek Sumsal) - memfd-util: Add memfd_new_and_seal() (Daan De Meyer) - manager: in dump, show controllers in "Delegate:" (Zbigniew Jędrzejewski-Szmek) - journalctl: fix when --since, --until and --lines are used altogether (Mike Yuan) - tests: merge test-tmpfiles.c into test-tmpfile-util.c (Zbigniew Jędrzejewski-Szmek) - test: don't fail if we can't remove the scsi_debug module (Frantisek Sumsal) - test: bump the D-Bus related timeouts to 120s (Frantisek Sumsal) - test/test-macro: add tests for FOREACH_VA_ARGS() (Dan Streetman) - basic/macro: add macro to iterate variadic args (Dan Streetman) - test: ignore `busctl tree` fails (Frantisek Sumsal) - macro: support the case that the number of elements has const qualifier (Yu Watanabe) - localed: print a custom message if libxkbcommon.so is unvailable (Zbigniew Jędrzejewski-Szmek) - CODING_STYLE: note that 'unsigned' form is preferred over 'unsigned int' (Dmitry V. Levin) - udev_rules_parse_file: issue diagnostics about line continuation at EOF (Dmitry V. Levin) - test: check udevadm verify diagnostics of unused labels (Dmitry V. Levin) - udevadm-verify: check for unused labels (Dmitry V. Levin) - test: add a test for udevadm verify (Dmitry V. Levin) - meson.build: check udev rules using udevadm verify (Dmitry V. Levin) - rules: do not use blkid builtin if built without blkid support (Dmitry V. Levin) - udevadm: introduce new 'verify' command (Dmitry V. Levin) - udev_rules_parse_file: mark logged issues (Dmitry V. Levin) - core: log message when reloading finishes (Luca Boccassi) - test: add a couple of tests for systemd-id128 (Frantisek Sumsal) - test: add a couple of tests for systemd-escape (Frantisek Sumsal) - random-seed: drop extraneous "we" (Frantisek Sumsal) - man: use more references (Zbigniew Jędrzejewski-Szmek) - man: add mention that libsystemd uses getenv() (Zbigniew Jędrzejewski-Szmek) - timesync: stop re-sync on network configuration change when no link servers are configured (#26708) (Chitoku) - localed: skip verification when libxkbcommon is not installed (Zbigniew Jędrzejewski-Szmek) - test: add a couple of tests for busctl (Frantisek Sumsal) - man: adjust description of CPUAccounting= (Zbigniew Jędrzejewski-Szmek) - man: add a note about session autogrouping (Zbigniew Jędrzejewski-Szmek) - man: tweak details in descriptions of pids and cpu configuration (Zbigniew Jędrzejewski-Szmek) - man: describe how cgroup controllers are turned on (Zbigniew Jędrzejewski-Szmek) - man: explain route-only domains a bit more (Zbigniew Jędrzejewski-Szmek) - mkosi: Fix locations of mkosi-check-and-shutdown files (Daan De Meyer) - mkosi: Drop debug logging (Daan De Meyer) - mkosi: Drop kernel command line masking in CI (Daan De Meyer) - mkosi: Update to latest (Daan De Meyer) - doc: correct wrong use "'s" contractions (Jan Engelhardt) - doc: replace wrong idiom in homed comment (Jan Engelhardt) - doc: replace wrong á preposition by à (Jan Engelhardt) - conf-files: fix potential memleak in conf_files_list_strv_internal() on failure (Yu Watanabe) - kernel-install: handle uki installs automatically (Gerd Hoffmann) - kernel-install: remove math slang from man page (Gerd Hoffmann) - 90-uki-copy.install: create $BOOT/EFI/Linux directory if needed (Gerd Hoffmann) - bootctl: tweak DOS header magic check (Gerd Hoffmann) - systemctl: port FOREACH_ARRAY() to systemctl-list-units.c (Yu Watanabe) - macro: introduce FOREACH_ARRAY() macro (Yu Watanabe) - udev: Don't mark as tablet if device has relative coordinates (Joshua Goins) - man: document /sbin/mount.ddi (Lennart Poettering) - test: add test for new /sbin/mount.ddi helper (Lennart Poettering) - dissect: implement external helper plugin interface for /bin/mount (Lennart Poettering) - network: geneve: add InheritInnerProtocol flag (Josef Miegl) - base-filesystem: Support Arch-style multilib (Adrian Vovk) - time-util: drop redundant call of tzset() (Yu Watanabe) - gpt-auto: Check for /boot before putting ESP there (Adrian Vovk) - mkosi: Update to latest (Daan De Meyer) - TODO (Lennart Poettering) - chase-symlinks: Add chase_symlinks_at_and_open() (Daan De Meyer) - chase-symlinks: Add CHASE_MKDIR_0755 (Daan De Meyer) - chase-symlinks: Add CHASE_PARENT (Daan De Meyer) - chase-symlinks: Return "." as path from chase_symlinks_at() instead of NULL (Daan De Meyer) - chase-symlinks: Skip shortcuts if CHASE_PROHIBIT_SYMLINKS is set (Daan De Meyer) - udev_rules_parse_file: do not skip ENOENT (Dmitry V. Levin) - test: add header build tests for newer C and C++ standards (Yu Watanabe) - Include if possible to get thread_local definition (Cristian Rodríguez) - tree-wide: replace IOVEC_INIT with IOVEC_MAKE (Yu Watanabe) - sd-journal: wrap long line (Yu Watanabe) - man: mention systemd-growfs-root.service (Yu Watanabe) - man: mention systemd-fsck-usr.service (Yu Watanabe) - meson: adjust for removal of gnu-efi compat (Zbigniew Jędrzejewski-Szmek) - Revert "hwdb: fix swapped buttons for Logitech Lift left" (Yu Watanabe) - journalctl: fix output when --since is used with --lines (Mike Yuan) - mkosi: Install dnf on centos and fedora (Daan De Meyer) - journalctl: fix output when --until is used with --lines (Mike Yuan) - man: add an example to (re-)apply new settings to a network interface (Yu Watanabe) - man: sync the default .link file in example (Yu Watanabe) - test-execute: add test for NetworkNamespacePath= (Yu Watanabe) - test-execute: simplify the tests for PrivateNetwork= (Yu Watanabe) - README: update CentOS CI URLs to the new instance (Frantisek Sumsal) - systemctl: explicitly cast the constants to uint64_t (Frantisek Sumsal) - test: trigger new events after all currently queued events are processed (Yu Watanabe) - man: fix doubled word (Yu Watanabe) - man: fix typo (#26655) (наб) - test: add tests for error code propagation from mkdir_xyz() (Yu Watanabe) - mkdir: fix error code on failure (Yu Watanabe) - hwdb: port to flink_tmpfile() (Lennart Poettering) - tmpfile-util: teach link_tmpfile() to optionally replace files (Lennart Poettering) - time-util: refuse non-zero gmtoff with non-UTC timezone (Yu Watanabe) - time-util: extend comment a bit (Yu Watanabe) - time-util: rename len -> tz_offset (Yu Watanabe) - time-util: fix typo (Yu Watanabe) - meson: extend timeout for test-time-util (Yu Watanabe) - test: test parse_timestamp() in various timezone (Yu Watanabe) - meson: show options about tests in the summary (Yu Watanabe) - nspawn: disable propagation for selected host API bind mounts (Lennart Poettering) - nspawn: disconnect mounts propagation from host on our container dir (Lennart Poettering) - tools: explicitly specify "setup" subcommand (Yu Watanabe) - meson: rename conflicting target names (Yu Watanabe) - tools: fix the file name that "meson setup" generates (Yu Watanabe) - kernel-install: also try to find $BOOT by partition GUID (Luca Boccassi) - test: generate debugging logs for udevd after restart (Yu Watanabe) - test: clear tzname[] after timezone is changed (Yu Watanabe) - test: use get_timezones() to iterate all known timezones (Yu Watanabe) - meson: add missing man rules for new sd-login functions (Yu Watanabe) - kernel-install: use log_verbose everywhere (Luca Boccassi) - nspawn: drop unused arg (Lennart Poettering) - meson: Copy files with git only in true git repository (Michal Koutný) - escape: add missing non-NULL parameter assertions (msizanoen1) - test-escape: Add tests for escaping bogus UTF-8 sequences (msizanoen1) - escape: Ensure that output is always valid UTF-8 (msizanoen1) - update TODO (Lennart Poettering) - test: add test for journals without RTC (Lennart Poettering) - journal: use boot-id/timestamp info for odering entries (Lennart Poettering) - sd-journal: track newest open journal file per boot ID (Lennart Poettering) - journal-file: journal-file: extend journal header to always carry offset of most recent entry (Lennart Poettering) - tree-wide: error handling modernizations (Lennart Poettering) - test: a couple of format-related tweaks (Frantisek Sumsal) - test: skip the hwdb update related tests w/ sanitizers and w/o accel (Frantisek Sumsal) - virt: correctly detect QEMU emulated pSeries guests (Frantisek Sumsal) - nspawn: fix DDI arch → personality() propagation (Lennart Poettering) - dissect: show intended architecture of a disk image (Lennart Poettering) - build(deps): bump systemd/mkosi (dependabot[bot]) - build(deps): bump github/codeql-action from 2.1.29 to 2.2.5 (dependabot[bot]) - build(deps): bump actions/labeler from 4.0.1 to 4.0.2 (dependabot[bot]) - build(deps): bump meson from 1.0.0 to 1.0.1 in /.github/workflows (dependabot[bot]) - build(deps): bump actions/checkout from 3.2.0 to 3.3.0 (dependabot[bot]) - update TODO (Lennart Poettering) - doc: add document explaining memory pressure handling (Lennart Poettering) - test: add test for the new memory pressure unit file settings, and that they work (Lennart Poettering) - units: let systemd --user manage its own memory pressure handling (Lennart Poettering) - pid1: add unit file settings to control memory pressure logic (Lennart Poettering) - pid1: also process memory pressure events (and SIGRTMIN+18) (Lennart Poettering) - userdbd: hook up memory pressure and sigrtmin18 (Lennart Poettering) - nspawn: hook up memory pressure + sigrtmin+18 (Lennart Poettering) - portabled: hook up SIGRTMIN+18 and memory pressure (Lennart Poettering) - networkd: hook up SIGRTMIN+18 and memory pressure (Lennart Poettering) - importd: hook up memory pressure, SIGRTMIN-18 (and in fact SIGINT + SIGTERM) (Lennart Poettering) - timesyncd: hook up memory pressure + sigrtmin18 (Lennart Poettering) - logind: hook up memory pressure + SIGRTMIN+18 (Lennart Poettering) - homed: hook up memory pressure/SIGRTMIN+18 handling (Lennart Poettering) - udevd: enable memory pressure/SIGRTMIN+18 logic (Lennart Poettering) - machined: add support for memory pressure + SIGRTMIN+18 (Lennart Poettering) - journald: hook up journald with the memory pressure and SIGRTMIN+18 logic (Lennart Poettering) - resolved: flush caches on memory pressure and support SIGRTMIN+18 (Lennart Poettering) - shared: add a common SIGRTMIN-18 handler (Lennart Poettering) - update NEWS (Lennart Poettering) - test: test setting ambient caps via pam_systemd.so (Lennart Poettering) - pam_systemd: process the two new capabilities user records fields in pam_systemd (Lennart Poettering) - homectl: make the new caps field configurable via homectl (Lennart Poettering) - user-record: extend user records with an ambient and bounding caps set field (Lennart Poettering) - mkosi: add some really basic tools to default mkosi image (Lennart Poettering) - man: fix typo in systemd.generator (Antonio Alvarez Feijoo) - boot: Provide div0 handlers for ARM (Jan Janssen) - boot: Fix data model detection for ARM (Jan Janssen) - psi-util: fix error handling (Lennart Poettering) - sd-event: handle kernels that set CONFIG_PSI_DEFAULT_DISABLED more gracefully (Lennart Poettering) - journald: remove triplicate logging about failure to write log lines (Lennart Poettering) - journald: always pass error code to logging function, even if we don't use it with %m (Lennart Poettering) - journald: upgrade log message about missing mmap() support to LOG_ERR (Lennart Poettering) - journald: downgrade various log messages from LOG_WARNING to LOG_INFO (Lennart Poettering) - journald: start log message uppercase, like every other one around (Lennart Poettering) - journald: make sure shall_try_append_again() logs about all return codes passed in, not just some (Lennart Poettering) - systemctl: print better message if default target is masked (David Tardon) - tests: temporarily disable time-util failing tests (Luca Boccassi) - Revert "dissect-image: don't probe swap partitions needlessly" (Lennart Poettering) - update TODO (Lennart Poettering) - test: add coverage test for udevadm (David Tardon) - rules: remove redundant duplicate comparisons (Dmitry V. Levin) - sd-login: document that result is in microseconds (Thorsten Kukuk) - sd-login: add sd_uid_get_login_time interface #26574 (Thorsten Kukuk) - tpm2-util: use compound initialization when allocating tpm2 objects (Lennart Poettering) - tree-wide: Use correct SPDX license identifier (Jan Janssen) - man: add two missing commands to synopsys (Lennart Poettering) - update TODO (Lennart Poettering) - mempool: fix tile alignment check (Lennart Poettering) - libsystemd: sd_journal_get_seqnum() must be tagged with 254 symver, not 253 (Lennart Poettering) - man: document REMOTE_ADDR/REMOTE_PORT along with the other env vars (Lennart Poettering) - manager: be more careful with env var clean-up (Lennart Poettering) - test: add tests for format_timestamp() and parse_timestamp() with various timezone (Yu Watanabe) - time-util: make parse_timestamp() use the RFC-822/ISO 8601 standard timezone spec (Yu Watanabe) - time-util: drop unnecessary assignment of timezone name (Yu Watanabe) - time-util: rename variables (Yu Watanabe) - time-util: shorten code a bit (Yu Watanabe) - time-util: use usec_add() and usec_sub_unsigned() (Yu Watanabe) - time-util: use result from startswith_no_case() (Yu Watanabe) - time-util: do not use strdupa() (Yu Watanabe) - time-util: drop redundant else (Yu Watanabe) - time-util: add assertions (Yu Watanabe) - time-util: rename variables (Yu Watanabe) - time-util: align string table (Yu Watanabe) - time-util: use DEFINE_STRING_TABLE_LOOKUP_TO_STRING() macro (Yu Watanabe) - time-util: drop redundant space (Yu Watanabe) - time-util: drop unused definition of FORMAT_TIMESTAMP_WIDTH (Yu Watanabe) - man,catalog: fix typo (Yu Watanabe) - shared: move cg_set_access() declaration to right header file (Lennart Poettering) - journal-file: Improve debug messages (Daan De Meyer) - journal-file: Fix return value in bump_entry_array() (Daan De Meyer) - systemctl: use bus_message_hash_ops (Yu Watanabe) - man: link up sd_event_add_memory_pressure() more (Lennart Poettering) - analyze: add 'malloc' verb to dump malloc_info() (Luca Boccassi) - sd-login: add sd_session_get_start_time (Mike Yuan) - sd-login: add sd_session_get_username (Mike Yuan) - manager: add GetMallocInfo() hidden/debug method (Luca Boccassi) - core/dbus-socket: check the socket path is absolute (Yu Watanabe) - execute: pass ambient caps from PAM through to invoked service (Lennart Poettering) - systemctl: cleanups for list-paths (Yu Watanabe) - systemctl: cleanups for list-automounts (Yu Watanabe) - systemctl: cleanups for list-timers (Yu Watanabe) - systemctl: cleanups for list-sockets (Yu Watanabe) - vmm: Modernize get_smbios_table() (Daan De Meyer) - stub: Read extra kernel command line items from SMBIOS (Daan De Meyer) - bootctl: drop unneeded initialization (David Tardon) - vmm: Add smbios_find_oem_string() (Daan De Meyer) - vmm: Add more const (Daan De Meyer) - efi-string: Add efi_memchr() (Daan De Meyer) - tree-wide: initialize fds with -EBADF (David Tardon) - sd-event: fix error handling (Yu Watanabe) - systemctl-list-units: drop unused return value (Yu Watanabe) - systemctl-list-units: fix memleak on error (Yu Watanabe) - sd-journal: fix memleak and freeing invalid pointers (Yu Watanabe) - io-util: drop double evaluation in IOVEC_INIT_STRING() (Yu Watanabe) - io-util: introduce IOVEC_NULL (Yu Watanabe) - io-util: introduce iovec_array_free() (Lennart Poettering) - test-execute: add test for PrivateNetwork= with/without mount namespacing (Yu Watanabe) - core/namespace: mount new sysfs when new network namespace is requested (Yu Watanabe) - core/namespace: introduce a new namespace mount mode PRIVATE_SYSFS (Yu Watanabe) - core/namespace: rename SYSFS -> BIND_SYSFS (Yu Watanabe) - mount-util: introduce remount_sysfs() (Yu Watanabe) - core/execute: make PrivateMounts= tristate (Yu Watanabe) - core/dbus-util: introduce bus_set_transient_tristate() (Yu Watanabe) - bus-util: introduce bus_property_get_tristate() (Yu Watanabe) - core/execute: introduce exec_needs_ipc_namespace() helper function (Yu Watanabe) - core/execute: introduce exec_needs_network_namespace() helper function (Yu Watanabe) - core/namespace: drop unused field in NamespaceInfo (Yu Watanabe) - tree-wide: port various things over to CLEANUP_ARRAY() (Lennart Poettering) - memory-util: add a concept for gcc cleanup attribute based array destruction (Lennart Poettering) - sd-event: fix error handling (Yu Watanabe) - sd-event: fix use of uninitialized variable (Yu Watanabe) - sd-event: always initialize sd_event.perturb (Yu Watanabe) - execute: modernizations (Lennart Poettering) - tree-wide: use unlink_and_freep() moreover (Lennart Poettering) - capability-util: add new capability_get_ambient() helper (Lennart Poettering) - cap-list: add capability_set_to_string_negative() (Lennart Poettering) - cap-list: add capability_set_to_strv() (Lennart Poettering) - systemctl: make list-timers not say "left" in "LEFT" column (Zbigniew Jędrzejewski-Szmek) - shared/format-table: optionally print timestamps without "left" (Zbigniew Jędrzejewski-Szmek) - sd-journal: fix build with older glibc (Frantisek Sumsal) - boot: Take advantage of packed device paths (Jan Janssen) - boot: Add GUID format helper macro (Jan Janssen) - boot: Move more device path helpers to device-path-util.c (Jan Janssen) - boot: Remove some device path helper macros (Jan Janssen) - boot: Split out device path functions (Jan Janssen) - boot: Move disk_get_part_uuid into part-discovery.c (Jan Janssen) - test: add coverage for #24177 (Frantisek Sumsal) - smack-util: Fix compilation error when smack is disabled (Daan De Meyer) - systemctl: read 64bit integers into uint64_t (Lennart Poettering) - systemctl: suppress timeout display if unset in list-automounts (Lennart Poettering) - systemctl: right-align left/passed columns in list-timers (Lennart Poettering) - efi-string: Add startswith8() (Daan De Meyer) - efi-string: Fix strchr() null byte handling (Daan De Meyer) - systemctl: warn if units disabled in user scope are still enabled globally (Mike Yuan) - systemctl: show "Until:" field only for service and scope units (Yu Watanabe) - man: document the new sd_event_add_memory_pressure() API (Lennart Poettering) - test: add test for new memory pressure logic (Lennart Poettering) - sd-event: add high-level sd_event_add_memory_pressure() event source (Lennart Poettering) - repart: Exclude APIVFS mountpoint directories (Daan De Meyer) - copy: Support both inode exclusion and contents exclusion (Daan De Meyer) - repart: Refactor make_copy_files_denylist() a bit (Daan De Meyer) - test-set: inline two iterator declarations (Zbigniew Jędrzejewski-Szmek) - sd-journal: use a dynamic check for valgrind (Zbigniew Jędrzejewski-Szmek) - meson: merge our two valgrind configuration conditions into one (Zbigniew Jędrzejewski-Szmek) - test-set: drop left-over valgrind check (Zbigniew Jędrzejewski-Szmek) - hwdb: fix swapped buttons for Logitech Lift left (Vít Zikmund) - test: add another stress test for devlink creation (Yu Watanabe) - tree-wide: fix typo (Yu Watanabe) - po: Translated using Weblate (Lithuanian) (mooo) - socket-proxyd: support Type=notify (Дамјан Георгиевски) - pam-systemd: split up weight helper funcs (Lennart Poettering) - journal: move journal_file_compare_locations() from journal-file.c → sd-journal.c (Lennart Poettering) - boot: Drop _harder suffix (Jan Janssen) - boot: Do not use errno.h/inttypes.h (Jan Janssen) - fundamental: Drop some unnecessary ifdefs (Jan Janssen) - Enable TPM by default with SetCredentialEncrypted (Aidan Dang) - stub: Fix unaligned read (Jan Janssen) - efi: drop executable-stack bit from .elf file (Zbigniew Jędrzejewski-Szmek) - logind-session: make stopping of idle session visible to admins (David Tardon) - sleep: check if we're on AC power before checking battery capacity (Mike Yuan) - test: add coverage for #26483 (Frantisek Sumsal) - test: add coverage for #26467 (Frantisek Sumsal) - install: fail early if specifier expansion failed (David Tardon) - test: add a minimal test for list-paths (David Tardon) - shell-completion: add systemctl list-paths (David Tardon) - man: document systemctl list-paths (David Tardon) - systemctl: add list-paths verb (David Tardon) - bootctl: add new --print-root-device option (Lennart Poettering) - systemctl: prepend machine ID to unit ID in list-sockets (David Tardon) - systemctl: extract common code to a function (David Tardon) - systemctl: use table_add_triggered (David Tardon) - systemctl: extract code to a helper function (David Tardon) - mkosi: Reduce postinst script indentation (Daan De Meyer) - mkosi: Simplify BUILDDIR/SRCDIR handling a bit (Daan De Meyer) - mkosi: Move more logic to the postinst script (Daan De Meyer) - meson: Use dicts for fuzzer definitions (Jan Janssen) - meson: Add simple_fuzzers list (Jan Janssen) - meson: Use dicts for test definitions (Jan Janssen) - meson: Add simple_tests list (Jan Janssen) - mkosi: Remove preset workaround (Daan De Meyer) - mkosi: Add more debugging (Daan De Meyer) - boot: Provide our own EFI API headers (Jan Janssen) - boot: Query EFI var size before fetching them (Jan Janssen) - boot: Use C escape sequence for control chars (Jan Janssen) - boot: Drop use of efigpt.h (Jan Janssen) - mkosi: Use 4 space indentation for scripts (Daan De Meyer) - tmpfiles.d: drop misleading comment (Zbigniew Jędrzejewski-Szmek) - homectl: add missing break (Lennart Poettering) - mkosi: Drop opensuse workaround (Daan De Meyer) - mkosi: Drop bootctl workaround in postinst script (Daan De Meyer) - mkosi: Drop locale workaround (Daan De Meyer) - mkosi: Drop ld workaround (Daan De Meyer) - mkosi: Update to latest (Daan De Meyer) - core/manager: falling back to execute generators without sandboxing (Yu Watanabe) - docs: document the new HEADER_COMPATIBLE_TAIL_ENTRY_BOOT_ID flag (Lennart Poettering) - journal-file: drop checking if files are from the future at time of open (Lennart Poettering) - journal-file: allow opening journal files for write when machine ID is not initialized (Lennart Poettering) - journal-file: lazily fill in machine ID into journal header, if needed (Lennart Poettering) - journal-file: write machine ID when create the file, not when we open it for writing (Lennart Poettering) - journal-file: don't update boot_id in journal header on open (Lennart Poettering) - update TODO (Lennart Poettering) - tree-wide: use FORK_REARRANGE_STDIO and FORK_CLOSE_ALL_FDS (Yu Watanabe) - process-util: rename FORK_NULL_STDIO -> FORK_REARRANGE_STDIO (Yu Watanabe) - man: add DefaultStartupMemoryLow= as term in term list (Steve Ramage) - meson: adjust whitespace handling in jinja2 rendering (Zbigniew Jędrzejewski-Szmek) - ukify: Set fast_load option when parsing PE files (Daan De Meyer) - capability-util: use UINT32_MAX as shortcut where appropriatea (Lennart Poettering) - capability-util: add macro for largest cap we're willing to accept (Lennart Poettering) - capability-util: add CAP_MASK_ALL + CAP_MASK_UNSET macros (Lennart Poettering) - cap-list: make sure never to accidentally return more than 63 caps (Lennart Poettering) - cap-list: rework capability_set_to_string() (Lennart Poettering) - cap-list: add CAPABILITY_TO_STRING() macro using compound initialization to allocate fallback buffer (Lennart Poettering) - cap-list: refuse parsing numeric capability 63 (Lennart Poettering) - cap-list: modernize capability_set_from_string() a bit (Lennart Poettering) - cap-list: rename capability_set_to_string_alloc() → capability_set_to_string() (Lennart Poettering) - TODO: add entry for time-based glob cleanup (Zbigniew Jędrzejewski-Szmek) - man/tmpfiles.d: adjust the table in synopsis, improve spelling (Zbigniew Jędrzejewski-Szmek) - shared/hwdb-util: drop "variable" with a single use (Zbigniew Jędrzejewski-Szmek) - man: document DefaultStartupMemoryLow= (Luca Boccassi) - repart: Add ExcludeFiles= option (Daan De Meyer) - efi/measure: adjust formatting (Zbigniew Jędrzejewski-Szmek) - measure: wrap long lines and avoid one cast (Zbigniew Jędrzejewski-Szmek) - sleep: use shared constant for freeze timeout (Zbigniew Jędrzejewski-Szmek) - smack-util: Add renameat_and_apply_smack_floor_label() (Daan De Meyer) - tmpfile-util-label: Add fopen_temporary_at_label() (Daan De Meyer) - copy: Add copy_file_at() (Daan De Meyer) - env-file: Add write_env_file_at() (Daan De Meyer) - udev-node: make stack_directory_read_one() accept NULL for devnode (Yu Watanabe) - udev-node: drop unnecessary initialization (Yu Watanabe) - test: ignore missing coverage in TEST-78 (Frantisek Sumsal) - test: disable pipefail when testing interactive firstboot (Frantisek Sumsal) - core: permit sending augmented enable/disable methods (Ronan Pigott) - exec-util: use TAKE_FD() (Yu Watanabe) - exec-util: propagate error in wait_for_terminate_and_check() (Yu Watanabe) - process-util: show requested process name in the log (Yu Watanabe) - systemctl: edit: fix double free of instanced name (Ronan Pigott) - journalctl: fix output when --lines is used with --grep (Mike Yuan) - loop-util: fix error condition and return value (Yu Watanabe) - shared: move psi-util.[ch] to basic/ so that we can use it in sd-event (Lennart Poettering) - util: move mallinfo compat glue from selinux code into generic code (Lennart Poettering) - hashmap: fix build with valgrind (Yu Watanabe) - Correct journal misspell (Winterhuman) - tests: add test for mempool logic (Lennart Poettering) - mempool: rework mempool_cleanup() to only release freed tiles (Lennart Poettering) - mempool: make mempool_free_tile() return NULL (Lennart Poettering) - mempool: introduce new helper pool_ptr() (Lennart Poettering) - tpm2: simplify tpm2_seal() blob creation (Dan Streetman) - mempool: rename local variable to match current coding style (Lennart Poettering) - mempool: use size_t for all memory object sizes and counts (Lennart Poettering) - hashmap: expose helper for releasing memory pools independently of valgrind (Lennart Poettering) - dissect-image: Return mount point fd if requested (Daan De Meyer) - process-util: add helper get_process_threads() (Lennart Poettering) - sync-util: port fsync_directory_of_file() to fd_is_opath() (Lennart Poettering) - socket-util: make connect_unix_path() work with a NULL path (Lennart Poettering) - sd-event: allocate event source objects with the actually needed size (Lennart Poettering) - macro: add macro for determining size of struct with trailing union (Lennart Poettering) - test: add test for new "systemctl --kill-value=" functionality (Lennart Poettering) - man: document new --exec switch for systemd-notify (Lennart Poettering) - notify: add new --exec switch for chaining other commands to systemd-notify (Lennart Poettering) - strv: add strv_copy_n() helper for copying part of a n strv (Lennart Poettering) - man: document new --kill-value= switch to systemctl (Lennart Poettering) - systemctl: add --kill-value= argument to systemctl (Lennart Poettering) - pid1: add a new D-Bus method for enquing POSIX signals with values to unit processes (Lennart Poettering) - test-execute: also mount tmpfs on /dev/shm (Yu Watanabe) - cryptsetup: check the existence of salt by salt_size > 0 (Yu Watanabe) - test: add tests for xsetxattr() (Yu Watanabe) - test: use mkdtemp_open() (Yu Watanabe) - activate: use _cleanup_close_ attribute (Yu Watanabe) - activate: use log_set_open_when_needed() (Yu Watanabe) - activate: fix typo (Yu Watanabe) - activate: use DEFINE_MAIN_FUNC() macro (Yu Watanabe) - journalctl: fix fd leak (Yu Watanabe) - journalctl: use DEFINE_MAIN_FUNCTION() macro (Yu Watanabe) - xattr-util: check if fd has O_PATH and do not try setxattr() twice (Yu Watanabe) - fd-util: introduce a simple helper to check a file descriptor has O_PATH (Yu Watanabe) - test: avoid matching other fields than __SEQNUM= (Frantisek Sumsal) - boot: Fix assertion failure (Jan Janssen) - Drop mkosi + clang section from HACKING (Daan De Meyer) - Update HACKING for latest mkosi (Daan De Meyer) - bootctl: Fix debug messages (Samanta Navarro) - log: add common helper log_set_target_and_open() (Lennart Poettering) - core/mount: fix default target for /sysusr/usr and its child (Yu Watanabe) - man: Fix spelling mistake (Paul Barker) - update TODO (Lennart Poettering) - sulogin: fix control lost of the current terminal when default.target is rescue.target (HATAYAMA Daisuke) - repart: Make config_parse_copy_files() more generic (Daan De Meyer) - execute: drop spurious empty line (Lennart Poettering) - pid1: generate compat warning for SystemCallArchitectures= if seccomp is off (Lennart Poettering) - mkosi: configure multiarch libdir in debian/ubuntu builds (Luca Boccassi) - tpm2: fix build failure without openssl (Dan Streetman) - mkosi: Enable debug logging in CI (Daan De Meyer) - journalctl: actually run the static destructors (Frantisek Sumsal) - resolved: Fall back to TCP if UDP is blocked (Joan Bruguera) - core: add support for Startup memory limits (Luca Boccassi) - vconsole: allow setting default keymap through build option (Mike Yuan) - journal: cat: set JOURNAL_STREAM before exec-ing (Mike Yuan) - sulogin: use DEFINE_MAIN_FUNCTION() (HATAYAMA Daisuke) - test-execute: add basic tests for LoadCredential= and SetCredential= (Yu Watanabe) - test-execute: drop capabilities when testing with user manager (Yu Watanabe) - repart: Remove outdated comment (Daan De Meyer) - mount-setup: Fix typo (Daan De Meyer) - repart: Initialize root directory metadata correctly (Daan De Meyer) - repart: Create temporary root directory using var_tmp_dir() (Daan De Meyer) - copy: Copy symlink xattrs (Daan De Meyer) - copy: Make copy_xattr() more generic (Daan De Meyer) - xattr-util: Add xsetxattr() (Daan De Meyer) - test: add basic seqnum test (Lennart Poettering) - man: document __SEQNUM=/__SEQNUM_ID= journal pseudo fields (Lennart Poettering) - man: document the new sd_journal_get_seqnum() call (Lennart Poettering) - journald: maintain entry seqnum counter in mmap()ed file in /run/ (Lennart Poettering) - logs-show: show seqnum info in export+json output mode (Lennart Poettering) - sd-journal: add high-level API for querying seqnum for journal entries, along with seqnum id (Lennart Poettering) - bus-map-properties: Use bus_log_parse_error_debug() (Daan De Meyer) - bus-util: Add bus_log_parse_error_debug() (Daan De Meyer) - chase-symlinks: Always open a dirfd to the root directory (Daan De Meyer) - chase-symlinks: chase_symlinks_at() AT_FDCWD fixes (Daan De Meyer) - test: add fstab file support for fstab-generator tests (Lily Foster) - fstab-generator: add SYSTEMD_SYSFS_CHECK env var (Lily Foster) - fstab-generator: use correct targets when /sysroot is specificied in fstab only (Lily Foster) * Mon Jul 3 2023 Daan De Meyer - 253.5-1.1 - Condition out python3-zstd until it is added to EPEL * Fri Jun 23 2023 Anita Zhang - 253.5-1.1 - Sync from Fedora rawhide 5982ae9504c8f2697a839c6ce2a82287a60c1043 * Thu May 25 2023 Daan De Meyer - 252.4-598.13 - Backport https://github.com/systemd/systemd/pull/25385 * Tue May 23 2023 Daan De Meyer - 252.4-598.12 - Remove selinux bcond in favor of boolean dependency on selinux-policy so that systemd-selinux is only installed if selinux-policy is installed - Add selinux file contexts for /efi - Remove policycoreutils-python-utils dependency from systemd-selinux * Mon May 15 2023 Daan De Meyer - 252.4-598.11 - Backport fixes for journald crashes and bad behavior when dealing with corrupted journals. - Fix changelog date * Thu Apr 13 2023 Daan De Meyer - 252.4-598.10 - Revert cpu controller delegation to user@.service commit for FB builds * Fri Feb 17 2023 Daan De Meyer - 252.4-598.9 - Fix selinux unsupported directive on centos stream 8 * Fri Feb 17 2023 Daan De Meyer - 252.4-598.8 - Fix changelog * Fri Feb 17 2023 Daan De Meyer - 252.4-598.7 - Backport udev rules fix - Fix selinux module * Wed Jan 04 2023 Daan De Meyer - 252.4-598.6 - Bump release for 252.4 - Sync from rawhide - Build with libqrencode - Build with libfido2 - Build with homed/userdb - Drop pam config directory override - Use python3dist() where applicable - Drop llvm-toolset in favor of having systemd use bpftool gen object - Add back standalone binary packages * Wed Aug 31 2022 Anita Zhang - 251.4-1.3 - Fix split-files.py regex for networkd files on non-C8 * Fri Aug 19 2022 Neal Gompa - 251.4-53 - Set compile-time fallback hostname to "localhost" https://fedoraproject.org/wiki/Changes/FallbackHostname * Thu Aug 18 2022 Kalev Lember - 251.4-52 - Avoid requiring systemd-pam from -devel subpackage * Thu Aug 18 2022 Anita Zhang - 251.4-1.2 - Revert 32-bit offsets journal commit from hs+fb build * Tue Aug 16 2022 Anita Zhang - 251.4-1.1 - Bump release for 251.4 * Tue Aug 09 2022 Zbigniew Jędrzejewski-Szmek - 251.4-51 - Manually bump release version for rpmautospec * Tue Aug 09 2022 Luca BRUNO - 251.4-26 - Align sysusers-generated shell value with upstream systemd default * Tue Aug 09 2022 Zbigniew Jędrzejewski-Szmek - 251.4-2 - Backport patches and do a full preset on first boot (#2114065, https://fedoraproject.org/wiki/Changes/Preset_All_Systemd_Units_on_First_Boot) * Mon Aug 08 2022 Zbigniew Jędrzejewski-Szmek - 251.4-1 - Version 251.4 (fixes rhbz#2112551) - A bunch of fixes to documentation, crashes in systemd-resolved, systemd-networkd, systemd itself, and other smaller fixes. * Sat Jul 23 2022 Fedora Release Engineering - 251.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Jul 21 2022 Anita Zhang - 251.3-1.1 - Sync changes from Fedora for new release * Wed Jul 13 2022 Zbigniew Jędrzejewski-Szmek - 251.3-1 - Update to latest bugfix release - Drop forgotten "temporary" workaround for #1663040 * Wed Jun 29 2022 Zbigniew Jędrzejewski-Szmek - 251.2-2 - Drop forward-secure-sealing code from sd-journal and tools * Thu Jun 2 2022 Zbigniew Jędrzejewski-Szmek - 251.2-1 - A bunch of man page fixes, a few memory-access correctness fixes, remove excessive messages to utmp sessions, suppress messages about bpf setup in the user manager (#2084955) * Wed May 25 2022 Zbigniew Jędrzejewski-Szmek - 251.1-2 - Supress errors from useradd/groupadd (#2090129) - Drop "v" from the version tag, add tilde back - The tag for shared-libraries is reintroduced (#1906010) * Tue May 24 2022 Zbigniew Jędrzejewski-Szmek - 251.1-1 - First bugfix release for 250 - Two fixes for kernel-install and a revert for #2087225, #2088788. * Sat May 21 2022 Zbigniew Jędrzejewski-Szmek - 251-1 - Latest upstream release, for details see https://raw.githubusercontent.com/systemd/systemd/v251/NEWS. - Fixes for #2071034, #2084955, #2086166. * Mon May 16 2022 Zbigniew Jędrzejewski-Szmek - 251~rc3-1 - Update to latest upstream prerelease (just various bugfixes) - Udev rule processing should be now fixed (#2076459) - Run sysusers and hwdb and catalog updates also if systemd is not running (#2085481) * Wed May 11 2022 Adam Williamson - 251~rc2-2 - Backport #23352 to fix RHBZ #2083374 * Thu May 5 2022 Zbigniew Jędrzejewski-Szmek - 251~rc2-1 - New upstream prerelease, for details see https://raw.githubusercontent.com/systemd/systemd/v251-rc2/NEWS. * Wed May 4 2022 Daan De Meyer - 250.3-6.7 - Backported https://github.com/systemd/systemd/pull/23254 and https://github.com/systemd/systemd/pull/23205 - Move more files to the networkd package * Wed Apr 13 2022 Daan De Meyer - 250.3-6.6 - Fixed bug in networkd changes to split-files.py that caused the /etc/systemd/network to get moved to the networkd package (which we don't want because that's where link files for udev are also stored). * Tue Apr 12 2022 Zbigniew Jędrzejewski-Szmek - 251~rc1-3 - Do not touch /etc/resolv.conf on upgrades (#2074122) - Add bugfix patch and revert one patch which might be causing problems with the compose * Wed Apr 6 2022 Daan De Meyer - 250.3-6.5 - Backport systemd-analyze verify regression fix * Mon Apr 4 2022 Zbigniew Jędrzejewski-Szmek - 251~rc1-2 - Merge libsystemd-core back into individual binaries and drop the private shared library suffix (this should server as a work-around for rhbz#2071069) * Mon Apr 4 2022 Daan De Meyer - 250.3-6.4 - Make sure our packages override the corresponding backports from EPEL. - Modify the networkd fix from the previous release so that it can be merged into the c9s branch. * Fri Apr 1 2022 Daan De Meyer - 250.3-6.3 - Move systemd-network-generator and networkd man pages to networkd package to avoid conflicts with systemd-extras from EPEL * Tue Mar 29 2022 Zbigniew Jędrzejewski-Szmek - 251~rc1-1 - First release candidate in the new cycle - Fixes rhbz#1449751, rhbz#1906010 * Fri Mar 18 2022 Zbigniew Jędrzejewski-Szmek - 250.4-2 - Fix the wrong file assignment done in previous version * Thu Mar 17 2022 Zbigniew Jędrzejewski-Szmek - 250.4-1 - Move libcryptsetup plugins to -udev (#2031873) - Move systemd-cryptenroll to -udev (David Tardon) - Disable default DNS over TLS (#1889901) (Michael Catanzaro) * Wed Mar 16 2022 Daan De Meyer - 250.3-6.2 - Backport PR #22757: BPF error logging improvements * Mon Feb 28 2022 Daan De Meyer - 250.3-6.1 - New release for v250 - Sync latest changes from Fedora rawhide - Use source archives from https://pagure.io/centos-sig-hyperscale/systemd instead of github. All Hyperscale patches have moved to pagure - Added llvm-toolset to BuildRequires (for llvm-strip) to make build succeed - Enable p11kit and pwquality options in the systemd build * Thu Feb 24 2022 Zbigniew Jędrzejewski-Szmek - 250.3-6 - Avoid trying to create the symlink if there's a dangling symlink already in place (#2058388) * Thu Feb 24 2022 Daan De Meyer - 249-2.13 - Move to dist-git layout used by Fedora (no more SOURCES/ and SPECS/) - Switch to .gitignore from commit 46a40810 from the Fedora RPM repo - Add back removed files from commit 46a40810 from the Fedora RPM repo * Wed Feb 23 2022 Zbigniew Jędrzejewski-Szmek - 250.3-5 - Move part of %%post scriptlet for resolved to %%posttrans (#2018913) - Specify owner of utmp/wtmp/btmp/lastlog as root in the rpm listing * Wed Feb 16 2022 Zbigniew Jędrzejewski-Szmek - 250.3-4 - Drop scriptlet for handling nobody user upgrades from Fedora <28 - Specify owner of /var/log/journal as root in the rpm listing (#2018913) * Thu Feb 10 2022 Zbigniew Jędrzejewski-Szmek - 250.3-3 - Add pam_namespace to systemd-user pam config (rhbz#2053098) - Drop 20-grubby.install plugin for kernel-install (rhbz#2033646) * Wed Feb 09 2022 Anita Zhang - 249.4-2.12 - Backport PR #20695: Sync if_arp.h with Linux 5.14 - FB-only backport PR #22426: MemoryZSwapMax= to configure memory.zswap.max * Sat Jan 22 2022 Fedora Release Engineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Tue Jan 18 2022 Zbigniew Jędrzejewski-Szmek - 250.3-2 - Take ghost ownership of /var/log/lastlog (#1798685) * Tue Jan 18 2022 Zbigniew Jędrzejewski-Szmek - 250.3-1 - Third stable release after v250: fixes for sd-boot on fringe hardware (e.g. VirtualBox), various man page updates, sd-journal file verification is now stricter, systemd-networkd by default will not add routes for wireguard AllowedIPs= systemd nss modules shouldn't try to read kernel command line - Don't do sd-boot updates when not installed (#2038289) - xdg-autostart-service will ignore ExecCondition= when the helper binary is missing - kernel-install does cleanup better (#2016630) * Fri Jan 7 2022 Zbigniew Jędrzejewski-Szmek - 250.2-1 - Second stable release after v250: various bugfixes (systemd-resolved, systemd-journald, userdbctl, homed). - The manager should now gracefully handle the case where BPF LSM cannot be initialized (#2036145). The BPF filters are enabled again on all architectures, so *other* filter should also work on the affected architectures. - kernel-install now checks paths used by grub2 before sd-boot paths again (#2036199) - fstab-generator now ignores root-on-nfs/cifs/iscsi and live (#2037233) - CVE-2021-3997, #2024639: systemd-tmpfiles would exhaust the stack and crash during excessive recursion on a very deeply nested directory structure. * Tue Jan 4 2022 Zbigniew Jędrzejewski-Szmek - 250.1-1 - First stable version after v250: various bugfixes, in particular for sd-boot, systemd-networkd, and various build issues. - Fixes #2036517, #2035608, #2036217. * Thu Dec 30 2021 Zbigniew Jędrzejewski-Szmek - 250-3 - Disable bpf filters on arm64 (#2036145) * Sat Dec 25 2021 Zbigniew Jędrzejewski-Szmek - 250-2 - Fix warning about systemd-boot-update.service not existing on non-uefi architectures - Enable all bpf features (#2035608) * Thu Dec 23 2021 Zbigniew Jędrzejewski-Szmek - 250-1 - Version 250, only some very small changes since -rc3. - Switch unit status name format to 'combined' (#2028169) * Mon Dec 20 2021 Zbigniew Jędrzejewski-Szmek - 250~rc3-1 - Latest prerelease, see https://raw.githubusercontent.com/systemd/systemd/v250-rc3/NEWS for details. - Fixes rhbz#2006761, rhbz#2027627, rhbz#1926323, rhbz#1919538. * Sun Dec 12 2021 Zbigniew Jędrzejewski-Szmek - 250~rc1-4 - Move systemd-boot-update.service to -udev subpackage and add it the the installation scriptlets (#2031400) - Move libcryptsetup-token-systemd plugins to -udev (#2031873) - Create /etc/resolv.conf symlink if nothing is present yet (#2032085) * Fri Dec 10 2021 Pavel Březina - 250~rc1-3 - Remove nsswitch.conf scriptlets (#2023743) * Thu Dec 9 2021 Zbigniew Jędrzejewski-Szmek - 250~rc1-1 - Version 250-rc1, see https://raw.githubusercontent.com/systemd/systemd/v250-rc1/NEWS for details. * Tue Nov 30 2021 Anita Zhang - 249.4-2.11 - Backport PR #21241: fix bpf-foreign cgroup controller realization * Tue Nov 30 2021 Anita Zhang - 249.4-2.10 - Re-enable fdisk and repart since util-linux-2.32.1-26 in C8s has the fix it needs for tests to pass. * Wed Nov 24 2021 Davide Cavalca - 249.4-2.9 - Disable legacy iptables support * Fri Nov 19 2021 Davide Cavalca - 249.7-3 - Disable legacy iptables support * Mon Nov 15 2021 Zbigniew Jędrzejewski-Szmek - 249.7-2 - Supress errors from update-helper when selinux is enabled (see #2023332) * Sun Nov 14 2021 Zbigniew Jędrzejewski-Szmek - 249.7-1 - Latest bugfix release (better erofs detection, sd-event memory corruption bugfix, logind, documentation) - Really fix helper to restart user units with older systemd (#2020415) * Sun Nov 14 2021 Petr Menšík - 249.7-1 - Switch /etc/resolv.conf over to NM when systemd-resolved is uninstalled * Thu Nov 11 2021 Anita Zhang - 249.4-2.8 - Remove revert_d219a2b07cc5dc8ffd5010f08561fab2780d8616.patch and replace with proper fix (PR #21221) * Wed Nov 10 2021 Kir Kolyshkin - 249.7-1 - Fix scope activation from a user instance (#2022041) * Wed Nov 10 2021 Anita Zhang - 249.4-2.7 - Add meson >= 0.57 for el8 builds. This version uses python 3.8. * Mon Nov 8 2021 Zbigniew Jędrzejewski-Szmek - 249.6-3 - Fix helper to restart user units with older systemd (#2020415) * Thu Nov 4 2021 Zbigniew Jędrzejewski-Szmek - 249.6-2 - Latest bugfix release (networkd, coredumpctl, varlink, udev, systemctl, systemd itself, better detection of Hyper-V and Virtualbox virtualization, documentation updates) - Fix helper to restart user units * Fri Oct 29 2021 Adam Williamson - 249.5-2 - Backport PR #133 to fix boot * Wed Oct 20 2021 Anita Zhang - 249.4-2.6 - Revert d219a2b because it creates non-determinisitic Slice= assignments * Tue Oct 12 2021 Zbigniew Jędrzejewski-Szmek - 249.5-1 - Latest bugfix release (various fixes in systemd-networkd, -timesyncd, -journald, -udev, homed, -resolved, -repart, -oomd, -coredump, systemd itself, seccomp filters, TPM2 handling, -documentation, sd-event, sd-journal, journalctl, and nss-systemd). - Fixes #1976445. * Mon Oct 11 2021 Anita Zhang - 249.4-2.5 - Remove duplicate Address= properties in network configs (part of PR #20892) - Serialize bpf device programs across reloads/reexecs (PR #20978) - Don't rewrite sysctls that are already set (PR #20676) * Wed Oct 06 2021 Davide Cavalca - 249.4-2.4 - Drop qrencode-devel from BuildRequires as it's not actually used * Wed Sep 29 2021 Anita Zhang - 249.4-2.3 - Fix to allow verifying hidden (dot) files again (PR #20875) * Fri Sep 24 2021 Anita Zhang - 249.4-2.2 - Backport more feature support for systemd-networkd (#20450, #20541, #20729, #20828) * Wed Sep 22 2021 Anita Zhang - 249.4-2.1 - Sync changes from Fedora - Backport one more feature for systemd-networkd (#20489) * Mon Sep 20 2021 Anita Zhang - 249.4-1.1 - New stable point release - Backport optimization for read_virtual_file() (#20743) - Backport new features for systemd-networkd (#20743, #20472, #20477, #20484) * Tue Sep 14 2021 Sahana Prasad - Rebuilt with OpenSSL 3.0.0 * Tue Aug 24 2021 Zbigniew Jędrzejewski-Szmek - 249.4-1 - Latest bugfix release: various fixes for systemd-networkd, systemd-resolved, systemd, systemd-boot. - Backport of macros to restart systemd user units (#1993244) * Fri Aug 6 2021 Zbigniew Jędrzejewski-Szmek - 249.3-1 - Latest bugfix release: improved compatibility with latest glibc, various small documentation fixes, and fixes for systemd-networkd bridging, other minor fixes. - systemctl set-property accepts glob patterns now (#1986258) * Thu Jul 29 2021 Anita Zhang - 249.2-1.2 - Remove Obsoletes lines on systemd-resolved and systemd-networkd since we don't want to install these by default. * Wed Jul 28 2021 Anita Zhang - 249.2-1.1 - New release for 249 - Drop merged patches - Split networkd and resolved into their own subpackages. * Tue Jul 27 2021 Davide Cavalca - 248.5-1.3 - Add missing SELinux rules for the GNOME and KDE LiveDVD spins (https://pagure.io/centos-sig-hyperscale/package-bugs/issue/7) * Fri Jul 23 2021 Zbigniew Jędrzejewski-Szmek - 249.2-1 - Latest bugfix release (a minor hwdb regression bugfix, and correction to kernel commandline handling when reexecuting PID 1 in a container) * Fri Jul 23 2021 Michael Catanzaro - 249.2-1 - Build with -Ddefault-dns-over-tls=opportunistic (https://fedoraproject.org/wiki/Changes/DNS_Over_TLS, #1889901) * Wed Jul 21 2021 Davide Cavalca - 248.5-1.2 - Add missing SELinux rules for 248 (https://pagure.io/centos-sig-hyperscale/package-bugs/issue/1) * Wed Jul 21 2021 Anita Zhang - 248.5-1.1 - Update to systemd-stable 248.5 (includes fix for CVE-2021-33910) * Tue Jul 20 2021 Zbigniew Jędrzejewski-Szmek - 249.1-1 - Various minor documentation and correctness fixes. - CVE-2021-33910, #1984020: an unchecked stack allocation could be used to crash systemd and cause the system to reboot by creating a very long fuse mountpoint path. * Mon Jul 12 2021 Zbigniew Jędrzejewski-Szmek - 248.4-1 - Assorted fixes (some systemd-resolved crashes, invalid systemd-tmpfiles assertion, etc.) - systemd-networkd workaround for TALOS-2020-1142, CVE-2020-13529. - A big update of hardware descriptions. * Wed Jul 7 2021 Neal Gompa - 249-2 - Use correct NEWS URLs for systemd 249 releases in changelog entries * Wed Jul 7 2021 Zbigniew Jędrzejewski-Szmek - 249-1 - Latest upstream release with minor bugfixes, see https://github.com/systemd/systemd/blob/v249/NEWS. - systemd-oomd cpu usage is reduced (#1944646) * Thu Jul 1 2021 Zbigniew Jędrzejewski-Szmek - 249~rc3-1 - Latest upstream prerelease with various bugfixes, see https://github.com/systemd/systemd/blob/v249-rc3/NEWS. * Fri Jun 25 2021 Zbigniew Jędrzejewski-Szmek - 249~rc2-1 - Latest upstream prerelease with various bugfixes, see https://github.com/systemd/systemd/blob/v249-rc2/NEWS. - Ignore FORCERENEW DHCP packets (TALOS-2020-1142, CVE-2020-13529, #1959398) * Thu Jun 17 2021 Adam Williamson - 249~rc1-2 - Stop systemd providing systemd-resolved, now the subpackage exists (#1973462) * Wed Jun 16 2021 Zbigniew Jędrzejewski-Szmek - 249~rc1-1 - Latest upstream prerelease, see https://github.com/systemd/systemd/blob/v249-rc1/NEWS. Fixes #1963428. - Use systemd-sysusers to create users (#1965815) - Move systemd-resolved into systemd-resolved subpackage (#1923727) [patch from Petr Menšík] * Mon Jun 14 2021 Anita Zhang - 248.2-1.5 - Remove backport PR #19811 since it's still buggy - Remove d586f642fd90e3bb378f7b6d3e3a64a753e51756 to fix rate limiting instead (at least until sd-event rate limiting is fixed in 249). * Thu Jun 10 2021 Anita Zhang - 248.2-1.4 - Backport PR #19811 to fix issues with mount sd-event rate limiting * Wed May 19 2021 Davide Cavalca - 248.2-1.3 - Add BuildRequires for python-jinja2 in preparation for 249 (see PR#19630) * Mon May 17 2021 Davide Cavalca - 248.2-1.2 - Add systemd-oomd-defaults subpackage from Fedora * Sat May 15 2021 Zbigniew Jędrzejewski-Szmek - 248.3-1 - A fix for resolved crashes (#1946386, #1960227, #1950241) - Some minor fixes for documentation, systemd-networkd, systemd-run, bootctl. * Mon May 10 2021 Anita Zhang - 248.2-1.1 - New release for 248 - Drop patches merged in 248.2 - FB only backport PR #13496 (Extend bpf cgroup program support) * Fri May 7 2021 Zbigniew Jędrzejewski-Szmek - 248.2-1 - Pull in some more patches from upstream (#1944646, #1885090, #1941340) - Adjust modes of some %%ghost files (#1956059) * Thu May 6 2021 Zbigniew Jędrzejewski-Szmek - 248.1-1 - Latest stable version: a long list of minor correctness fixes all around (#1955475, #911766, #1958167, #1952919) - Enable tpm2-tss dependency (#1949505) * Wed Apr 14 2021 Anita Zhang - 247.3-10 - Remove systemd-resolved enablement * Wed Apr 7 2021 Davide Cavalca - 247.3-9 - Reenable LTO now that binutils has been fixed - Update FB configure options * Tue Apr 06 2021 Adam Williamson - 248-2 - Re-enable resolved caching, we hope all major bugs are resolved now * Thu Apr 1 2021 Davide Cavalca - 247.3-8 - Backport https://github.com/SELinuxProject/refpolicy/pull/308 to fix systemd-hostnamed and systemd-localed when SELinux is enabled. * Thu Apr 1 2021 Anita Zhang - 247.3-7 - Downgrade sysv-generator warning even more (to debug) * Wed Mar 31 2021 Zbigniew Jędrzejewski-Szmek - 248-1 - Latest upstream release, see https://github.com/systemd/systemd/blob/v248/NEWS. - The changes since -rc4 are rather small, various fixes all over the place. A fix to how systemd-oomd selects a candidate to kill, and more debug logging to make this more transparent. * Wed Mar 31 2021 Anita Zhang - 247.3-6 - Backport PR#18621 (Ignore attempts at hidepid and subset for older kernels) - Downgrade sysv-generator warning about missing native systemd unit * Wed Mar 31 2021 Davide Cavalca - 247.3-5 - Add selinux subpackage * Tue Mar 30 2021 Anita Zhang - 248~rc4-6 - Increase oomd user memory pressure limit to 50% (#1941170) * Fri Mar 26 2021 Zbigniew Jędrzejewski-Szmek - 248~rc4-5 - Do not preset systemd-networkd.service and systemd-networkd-wait-online.service on upgrades from before systemd-networkd was split out (#1943263) - In nsswitch.conf, move nss-myhostname to the front, before nss-mdns4 (#1943199) * Wed Mar 24 2021 Zbigniew Jędrzejewski-Szmek - 248~rc4-4 - Revert patch that seems to cause problems with dns resolution (see comments on https://bodhi.fedoraproject.org/updates/FEDORA-2021-1c1a870ceb) * Mon Mar 22 2021 Zbigniew Jędrzejewski-Szmek - 248~rc4-3 - Fix hang when processing timers during DST switch in Europe/Dublin timezone (#1941335) - Fix returning combined IPv4/IPv6 responses from systemd-resolved cache (#1940715) (But note that the disablement of caching added previously is retained until we can do more testing.) - Minor fix to interface naming by udev - Fix for systemd-repart --size * Fri Mar 19 2021 Adam Williamson - 248~rc4-2 - Disable resolved cache via config snippet (#1940715) * Thu Mar 18 2021 Yu Watanabe - 248~rc4-1 - Latest upstream prerelease, see https://github.com/systemd/systemd/blob/v248-rc4/NEWS. - A bunch of documentation updates, and correctness fixes. * Wed Mar 17 2021 Anita Zhang - 247.3-4 - Backport PR #18955 (Fixes fstab parsing) - FB only backport PR #18886 (systemd-shutdown logs to /dev/console not stderr) - Reenable tests by disabling LTO (work around binutils bug) * Tue Mar 16 2021 Adam Williamson - 248~rc3-2 - Backport PR #19009 to fix CNAME redirect resolving some more (#1933433) * Thu Mar 11 2021 Zbigniew Jędrzejewski-Szmek - 248~rc3-1 - Latest upstream prerelease, see https://github.com/systemd/systemd/blob/v248-rc3/NEWS. - A bunch of documentation updates, correctness fixes, and systemd-networkd features. - Resolves #1933137, #1935084, #1933873, #1931181, #1933335, #1935062, #1927148. * Thu Mar 11 2021 Zbigniew Jędrzejewski-Szmek - 248~rc2-5 - Fix crash in pid1 during daemon-reexec (#1931034) * Fri Mar 05 2021 Adam Williamson - 248~rc2-3 - Fix stub resolver CNAME chain resolving (#1933433) * Mon Mar 01 2021 Josh Boyer - 248~rc2-2 - Don't set the fallback hostname to Fedora on non-Fedora OSes * Wed Feb 24 2021 Davide Cavalca - 247.3-3 - Remove careinversion usage to make the package usable on older mock versions * Tue Feb 23 2021 Zbigniew Jędrzejewski-Szmek - 248~rc2-1 - Latest upstream prelease, just a bunch of small fixes. - Fixes #1931957. * Tue Feb 23 2021 Zbigniew Jędrzejewski-Szmek - 248~rc1-2 - Rebuild with the newest scriptlets * Tue Feb 23 2021 Zbigniew Jędrzejewski-Szmek - 248~rc1-1 - Latest upstream prerelease, see https://github.com/systemd/systemd/blob/v248-rc1/NEWS. - Fixes #1614751 by only restarting services at the end of transcation. Various packages need to be rebuilt to have the updated macros. - Fixes #1879028, though probably not completely. - Fixes #1925805, #1928235. * Fri Feb 19 2021 Davide Cavalca - 247.3-2 - Disable some tests to workaround a binutils bug triggered by enabling audit - Refresh patches * Wed Feb 17 2021 Michel Alexandre Salim - 247.3-3 - Increase oomd user memory pressure limit to 10% (#1929856) * Wed Feb 17 2021 Anita Zhang - 247.3-1 - New release for 247 - Backport PR #18211 (Fixes ExecCondition= dependency bug) - Backport PR #17872 (Fixes PrivateUsers=yes with other sandboxing properties) - FB only backport PR #17495 (Fixes BPF pinning post-coldplug) - Reenable audit support * Sun Feb 7 2021 Davide Cavalca - 246.1-2 - Initial Hyperscale SIG package - Update release to use %%dist macro - Drop el7 logic - Explicitly default non-FB built to the legacy hierarchy - Drop no longer needed FB FusionIO patch - Temporarily disable audit support while debugging a link issue * Fri Feb 5 2021 Anita Zhang - 247.3-2 - Changes for https://fedoraproject.org/wiki/Changes/EnableSystemdOomd. - Backports consist primarily of PR #18361, #18444, and #18401 (plus some additional ones to handle merge conflicts). - Create systemd-oomd-defaults subpackage to install unit drop-ins that will configure systemd-oomd to monitor and act. * Tue Feb 2 2021 Zbigniew Jędrzejewski-Szmek - 247.3-1 - Minor stable release - Fixes #1895937, #1813219, #1903106. * Wed Jan 27 2021 Fedora Release Engineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Mon Jan 25 2021 Anita Zhang - 246.1-1.fb6 - Backport PR #16803 to fix ConditionEnvironment= * Wed Jan 13 2021 Zbigniew Jędrzejewski-Szmek - 247.2-2 - Fix bfq patch again (#1813219) * Wed Dec 23 2020 Jonathan Underwood - 247.2-2 - Add patch to enable crypttab to support disabling of luks read and write workqueues (corresponding to https://github.com/systemd/systemd/pull/18062/). * Wed Dec 16 2020 Zbigniew Jędrzejewski-Szmek - 247.2-1 - Minor stable release - Fixes #1908071. * Tue Dec 8 2020 Zbigniew Jędrzejewski-Szmek - 247.1-3 - Rebuild with fallback hostname change reverted. * Fri Dec 04 2020 Bastien Nocera - 247.1-2 - Unset fallback-hostname as plenty of applications expected localhost to mean "default hostname" without ever standardising it (#1892235) * Tue Dec 1 2020 Zbigniew Jędrzejewski-Szmek - 247.1-1 - Latest stable release - Fixes #1902819. - Files to configure networking with systemd-networkd in a VM or container are moved to systemd-networkd subpackage. (They were previously in the -container subpackage, which is for container/VM management.) * Thu Nov 26 2020 Zbigniew Jędrzejewski-Szmek - 247-1 - Update to the latest version - #1900878 should be fixed * Thu Nov 19 2020 Chris Down - 246.1-1.fb5 - Updated version of PR #17495 to fix program leak * Thu Nov 19 2020 Chris Down - 246.1-1.fb4 - Backport PR #17495 to fix BPF program lifecycle - Backport PR #17422 to clean up cgroups more reliably after exit - Backport PR #17497 to add FixedRandomDelay= support * Tue Oct 20 2020 Zbigniew Jędrzejewski-Szmek - 247~rc2 - New upstream pre-release. See https://github.com/systemd/systemd/blob/v247-rc1/NEWS. Many smaller and bigger improvements and features are introduced. (#1885101, #1890632, #1879216) A backwards-incompatible change affects PCI network devices which are connected through a bridge which is itself associated with a slot. When more than one device was associated with the same slot, one of the devices would pseudo-randomly get named after the slot. That name is now not generated at all. This changed behaviour is causes the net naming scheme to be changed to "v247". To restore previous behaviour, specify net.naming-scheme=v245. systemd-oomd is built, but should not be considered "production ready" at this point. Testing and bug reports are welcome. * Wed Sep 30 2020 Dusty Mabe - 246.6-3 - Try to make files in subpackages (especially the networkd subpackage) more appropriate. * Thu Sep 24 2020 Filipe Brandenburger - 246.6-2 - Build a package with standalone binaries for non-systemd systems. For now, only systemd-sysusers is included. * Thu Sep 24 2020 Christian Glombek - 246.6-2 - Split out networkd sub-package and add to main package as recommended dependency * Sun Sep 20 2020 Zbigniew Jędrzejewski-Szmek - 246.6-1 - Update to latest stable release (various minor fixes: manager, networking, bootct, kernel-install, systemd-dissect, systemd-homed, fstab-generator, documentation) (#1876905) - Do not fail in test because of kernel bug (#1803070) * Fri Sep 18 2020 Anita Zhang - 246.1-1.fb3 - Backport PR #16838 and #16857 to improve $PATH handling - Backport PR #16940 to fix ECONN handling in sockets - Backport PR #17031 to fix rate limiting on units in restart loop - Backport PR #17082 to get nspawn TTY tweaks * Sun Sep 13 2020 Zbigniew Jędrzejewski-Szmek - 246.5-1 - Update to latest stable release (a bunch of small network-related fixes in systemd-networkd and socket handling, documentation updates, a bunch of fixes for error handling). - Also remove existing file when creating /etc/resolv.conf symlink upon installation (#1873856 again) * Wed Sep 2 2020 Zbigniew Jędrzejewski-Szmek - 246.4-1 - Update to latest stable version: a rework of how the unit cache mtime works (hopefully #1872068, #1871327, #1867930), plus various fixes to systemd-resolved, systemd-dissect, systemd-analyze, systemd-ask-password-agent, systemd-networkd, systemd-homed, systemd-machine-id-setup, presets for instantiated units, documentation and shell completions. - Create /etc/resolv.conf symlink upon installation (#1873856) - Move nss-mdns before nss-resolve in /etc/nsswitch.conf and disable mdns by default in systemd-resolved (#1867830) * Wed Aug 26 2020 Zbigniew Jędrzejewski-Szmek - 246.3-1 - Update to bugfix version (some networkd fixes, minor documentation fixes, relax handling of various error conditions, other fixlets for bugs without bugzilla numbers). * Tue Aug 18 2020 Anita Zhang - 246.1-1.fb2 - Gate "Obsoletes: systemd < 245.6-1" out due to dependency issues on Facebook systems * Mon Aug 17 2020 Anita Zhang - 246.1-1.fb1 - Facebook rebuild - Don't compile in systemd-repart (needs libfdisk >= 2.33 and C8 has 2.32) - Remove unused systemd-journal-remote.xml and systemd-journal-gatewayd.xml files since we never used firewalld * Mon Aug 17 2020 Zbigniew Jędrzejewski-Szmek - 246.2-1 - A few minor bugfixes - Adjust seccomp filter for kernel 5.8 and glibc 2.32 (#1869030) - Create /etc/resolv.conf symlink on upgrade (#1867865) * Fri Aug 7 2020 Zbigniew Jędrzejewski-Szmek - 246.1-1 - A few minor bugfixes - Remove /etc/resolv.conf on upgrades (if managed by NetworkManager), so that systemd-resolved can take over the management of the symlink. * Thu Jul 30 2020 Zbigniew Jędrzejewski-Szmek - 246-1 - Update to released version. Only some minor bugfixes since the pre-release. * Sun Jul 26 2020 Zbigniew Jędrzejewski-Szmek - 246~rc2-2 - Make /tmp be 50% of RAM again (#1856514) - Re-run 'systemctl preset systemd-resolved' on upgrades. /etc/resolv.conf is not modified, by a hint is emitted if it is managed by NetworkManager. * Fri Jul 24 2020 Zbigniew Jędrzejewski-Szmek - 246~rc2-1 - New pre-release with incremental fixes (#1856037, #1858845, #1856122, #1857783) - Enable systemd-resolved (with DNSSEC disabled by default, and LLMNR and mDNS support in resolve-only mode by default). See https://fedoraproject.org/wiki/Changes/systemd-resolved. * Thu Jul 9 2020 Zbigniew Jędrzejewski-Szmek - 246~rc1-1 - New upstream release, see https://raw.githubusercontent.com/systemd/systemd/v246-rc1/NEWS. This release includes many new unit settings, related inter alia to cgroupsv2 freezer support and cpu affinity, encryption and verification. systemd-networkd has a ton of new functionality and many other tools gained smaller enhancements. systemd-homed gained FIDO2 support. Documentation has been significantly improved: sd-bus and sd-hwdb libraries are now fully documented; man pages have been added for the D-BUS APIs of systemd daemons and various new interfaces. Closes #1392925, #1790972, #1197886, #1525593. * Wed Jun 24 2020 Bastien Nocera - 245.6-3 - Set fallback-hostname to fedora so that unset hostnames are still recognisable (#1392925) * Fri Jun 5 2020 Anita Zhang - 245.5-2.fb3 - Backport 156a5fd to mitigate CVE-2020-13776 * Thu Jun 4 2020 Anita Zhang - 245.5-2.fb2 - Revert c7d26ac which is causing SMI count to go up leading to increased microstalls during Chef runs * Tue Jun 2 2020 Zbigniew Jędrzejewski-Szmek - 245.6-2 - Add self-obsoletes to fix upgrades from F31 * Sun May 31 2020 Zbigniew Jędrzejewski-Szmek - 245.6-1 - Update to latest stable version (some documentation updates, minor memory correctness issues) (#1815605, #1827467, #1842067) * Thu Apr 30 2020 Anita Zhang - 245.5-2.fb1 - Facebook rebuild - Don't compile in systemd-homed, systemd-userdb, and p11kit - Backport PR #15544 and #15551 (drops FB rlimit_memlock patch) * Tue Apr 21 2020 Björn Esser - 245.5-2 - Add explicit BuildRequires: acl - Bootstrapping for json-c SONAME bump * Fri Apr 17 2020 Zbigniew Jędrzejewski-Szmek - 245.5-1 - Update to latest stable version (#1819313, #1815412, #1800875) * Thu Apr 16 2020 Björn Esser - 245.4-2 - Add bootstrap option to break circular deps on cryptsetup * Wed Apr 1 2020 Zbigniew Jędrzejewski-Szmek - 245.4-1 - Update to latest stable version (#1814454) * Thu Mar 26 2020 Zbigniew Jędrzejewski-Szmek - 245.3-1 - Update to latest stable version (no issue that got reported in bugzilla) * Wed Mar 18 2020 Zbigniew Jędrzejewski-Szmek - 245.2-1 - Update to latest stable version (a few bug fixes for random things) (#1798776) * Wed Mar 18 2020 Andrew Gallagher - 244-2.fb4 - Bump HIGH_RLIMIT_MEMLOCK to 512M * Fri Mar 6 2020 Zbigniew Jędrzejewski-Szmek - 245-1 - Update to latest version (#1807485) * Wed Feb 26 2020 Zbigniew Jędrzejewski-Szmek - 245~rc2-1 - Modify the downstream udev rule to use bfq to only apply to disks (#1803500) - "Upgrade" dependency on kbd package from Recommends to Requires (#1408878) - Move systemd-bless-boot.service and systemd-boot-system-token.service to systemd-udev subpackage (#1807462) - Move a bunch of other services to systemd-udev: systemd-pstore.service, all fsck-related functionality, systemd-volatile-root.service, systemd-verity-setup.service, and a few other related files. - Fix daemon-reload rule to not kill non-systemd pid1 (#1803240) - Fix namespace-related failure when starting systemd-homed (#1807465) and group lookup failure in nss_systemd (#1809147) - Drop autogenerated BOOT_IMAGE= parameter from stored kernel command lines (#1716164) - Don't require /proc to be mounted for systemd-sysusers to work (#1807768) * Fri Feb 21 2020 Filipe Brandenburger - 245~rc1-4 - Update daemon-reexec fallback to check whether the system is booted with systemd as PID 1 and check whether we're upgrading before using kill -TERM on PID 1 (#1803240) * Thu Feb 20 2020 Filipe Brandenburger - 244-2.fb3 - Only kill -TERM 1 when systemd is actually running. * Tue Feb 18 2020 Adam Williamson - 245~rc1-3 - Revert 097537f0 to fix plymouth etc. running when they shouldn't (#1803293) * Fri Feb 7 2020 Zbigniew Jędrzejewski-Szmek - 245~rc1-2 - Add default 'disable *' preset for user units (#1792474, #1468501), see https://fedoraproject.org/wiki/Changes/Systemd_presets_for_user_units. - Add macro to generate "compat" scriptlets based off sysusers.d format and autogenerate user() and group() virtual provides (#1792462), see https://fedoraproject.org/wiki/Changes/Adopting_sysusers.d_format. - Revert patch to udev rules causing regression with usb hubs (#1800820). * Thu Feb 6 2020 Anita Zhang - 244-2.fb2 - Backport PR#14815 (Permissive syscall filtering in dbus-execute) * Wed Feb 5 2020 Zbigniew Jędrzejewski-Szmek - 245~rc1-1 - New upstream release, see https://raw.githubusercontent.com/systemd/systemd/v245-rc1/NEWS. This release includes completely new functionality: systemd-repart, systemd-homed, user reconds in json, and multi-instantiable journald, and a partial rework of internal communcation to use varlink, and bunch of more incremental changes. The "predictable" interface name naming scheme is changed, net.naming-scheme= can be used to undo the change. The change applies to container interface names on the host. - Fixes #1774242, #1787089, #1798414/CVE-2020-1712. * Fri Jan 31 2020 Fedora Release Engineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Thu Jan 9 2020 Anita Zhang - 244-2.fb1 - Facebook rebuild - Backport PR#13823 (PrivateUsers=true for unprivileged user managers) - Backport PR#14441 (Fix type.d drop-in ordering) * Sat Dec 21 2019 - 244.1-2 - Disable service watchdogs (for systemd units) * Sun Dec 15 2019 - 244.1-1 - Update to latest stable batch (systemd-networkd fixups, better support for seccomp on s390x, minor cleanups to documentation). - Drop patch to revert addition of NoNewPrivileges to systemd units * Fri Nov 29 2019 Zbigniew Jędrzejewski-Szmek - 244-1 - Update to latest version. Just minor bugs fixed since the pre-release. * Fri Nov 22 2019 Zbigniew Jędrzejewski-Szmek - 244~rc1-1 - Update to latest pre-release version, see https://github.com/systemd/systemd/blob/master/NEWS#L3. Biggest items: cgroups v2 cpuset controller, fido_id builtin in udev, systemd-networkd does not create a default route for link local addressing, systemd-networkd supports dynamic reconfiguration and a bunch of new settings. Network files support matching on WLAN SSID and BSSID. - Better error messages when preset/enable/disable are used with a glob (#1763488) - u2f-hidraw-policy package is obsoleted (#1753381) * Tue Nov 19 2019 Zbigniew Jędrzejewski-Szmek - 243.4 - Latest bugfix release. Systemd-stable snapshots will now be numbered. - Fix broken PrivateDevices filter on big-endian, s390x in particular (#1769148) - systemd-modules-load.service should only warn, not fail, on error (#1254340) - Fix incorrect certificate validation with DNS over TLS (#1771725, #1771726, CVE-2018-21029) - Fix regression with crypttab keys with colons - Various memleaks and minor memory access issues, warning adjustments * Thu Oct 31 2019 Davide Cavalca - 243-2.fb3 - Backport PR#13754 (allow restart for oneshot units) - Misc specfiles fixes to support building on el8 as well - Default el8 builds to the unified hierarchy * Fri Oct 18 2019 Adam Williamson - 243-4.gitef67743 - Backport PR #13792 to fix nomodeset+BIOS CanGraphical bug (#1728240) * Thu Oct 10 2019 Zbigniew Jędrzejewski-Szmek - 243-3.gitef67743 - Various minor documentation and error message cleanups - Do not use cgroup v1 hierarchy in nspawn on groups v2 (#1756143) * Wed Oct 2 2019 Davide Cavalca - 243-2.fb2 - Backport PR#13689 (a bunch of protection-related fixes) * Fri Sep 27 2019 Davide Cavalca - 243-2.fb1 - Facebook rebuild - drop "use bfq as the default scheduler" patch - backport PR#13369 (ExecXYZEx= bus hook ups) - disable udev-test.pl for now due to flakiness * Sat Sep 21 2019 Zbigniew Jędrzejewski-Szmek - 243-2.gitfab6f01 - Backport a bunch of patches (memory access issues, improvements to error reporting and handling in networkd, some misleading man page contents #1751363) - Fix permissions on static nodes (#1740664) - Make systemd-networks follow the RFC for DHPCv6 and radv timeouts - Fix one crash in systemd-resolved (#1703598) - Make journal catalog creation reproducible (avoid unordered hashmap use) - Mark the accelerometer in HP laptops as part of the laptop base - Fix relabeling of directories with relabel-extra.d/ - Fix potential stuck noop jobs in pid1 - Obsolete timedatex package (#1735584) * Tue Sep 3 2019 Zbigniew Jędrzejewski-Szmek - 243-1 - Update to latest release - Emission of Session property-changed notifications from logind is fixed (this was breaking the switching of sessions to and from gnome). - Security issue: unprivileged users were allowed to change DNS servers configured in systemd-resolved. Now proper polkit authorization is required. * Mon Aug 26 2019 Adam Williamson - 243~rc2-2 - Backport PR #13406 to solve PATH ordering issue (#1744059) * Thu Aug 22 2019 Zbigniew Jędrzejewski-Szmek - 243~rc2-1 - Update to latest pre-release. Fixes #1740113, #1717712. - The default scheduler for disks is set to BFQ (1738828) - The default cgroup hierarchy is set to unified (cgroups v2) (#1732114). Use systemd.unified-cgroup-hierarchy=0 on the kernel command line to revert. See https://fedoraproject.org/wiki/Changes/CGroupsV2. * Wed Aug 07 2019 Adam Williamson - 243~rc1-2 - Backport PR #1737362 so we own /etc/systemd/system again (#1737362) * Wed Aug 7 2019 Anita Zhang - 242-2.fb4 - Backport PR#12933 (core: ExecCondition= for services) - Backport PR#13096 (Preparatory work for the unit loading rework) - Backport PR#13119 (Rework unit loading to take into account all aliases) * Tue Jul 30 2019 Zbigniew Jędrzejewski-Szmek - 243~rc1-1 - Update to latest version (#1715699, #1696373, #1711065, #1718192) * Sat Jul 27 2019 Fedora Release Engineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Sat Jul 20 2019 Zbigniew Jędrzejewski-Szmek - 242-6.git9d34e79 - Ignore bad rdrand output on AMD CPUs (#1729268) - A bunch of backported patches from upstream: documentation, memory access fixups, command output tweaks (#1708996) * Thu Jul 18 2019 Anita Zhang - 242-2.fb3 - Backport PR#12346 (make sure accept_flush() doesn't hang on EOPNOTSUPP) - Backport PR#12979 (add SystemCallErrorNumber=EPERM to systemd-portabled.service) * Tue Jun 25 2019 Björn Esser - 242-5.git7a6d834 - Rebuilt (libqrencode.so.4) * Tue Jun 25 2019 Miro Hrončok - 242-4.git7a6d834 - Rebuilt for iptables update (libip4tc.so.2) * Thu Jun 20 2019 Anita Zhang - 242-2.fb2 - Backport PR#11778 (ExecStartXYZEx= dbus support) - Backport PR#12729 (nspawn: don't hard fail when setting capabilities) - Backport PR#12745 (IPAddressXYZ="any" for users with CAP_NET_ADMIN) * Fri Apr 26 2019 Zbigniew Jędrzejewski-Szmek - 242-3.git7a6d834 - Add symbol to mark vtable format changes (anything using sd_add_object_vtable or sd_add_fallback_vtable needs to be rebuilt) - Fix wireguard ListenPort handling in systemd-networkd - Fix hang in flush_accept (#1702358) - Fix handling of RUN keys in udevd - Some documentation and shell completion updates and minor fixes * Thu Apr 25 2019 Davide Cavalca - 242-2.fb1 - Facebook rebuild - Backport PR#12336 (support DisableControllers= for transient units) * Tue Apr 16 2019 Adam Williamson - 242-2 - Rebuild with Meson fix for #1699099 * Thu Apr 11 2019 Zbigniew Jędrzejewski-Szmek - 242-1 - Update to latest release - Make scriptlet failure non-fatal * Tue Apr 9 2019 Zbigniew Jędrzejewski-Szmek - 242~rc4-1 - Update to latest prerelease * Thu Apr 4 2019 Zbigniew Jędrzejewski-Szmek - 242~rc3-1 - Update to latest prerelease * Wed Apr 3 2019 Zbigniew Jędrzejewski-Szmek - 242~rc2-1 - Update to the latest prerelease. - The bug reported on latest update that systemd-resolved and systemd-networkd are re-enabled after upgrade is fixed. * Fri Mar 29 2019 Zbigniew Jędrzejewski-Szmek - 241-4.gitcbf14c9 - Backport various patches from the v241..v242 range: kernel-install will not create the boot loader entry automatically (#1648907), various bash completion improvements (#1183769), memory leaks and such (#1685286). * Fri Mar 22 2019 Davide Cavalca - 241-1.fb2 - Backport PR#11754 (sd-bus fixes for CVE-2019-6454) - Backport PR#12078 (nspawn fix) * Thu Mar 14 2019 Zbigniew Jędrzejewski-Szmek - 241-3.gitc1f8ff8 - Declare hyperv and framebuffer devices master-of-seat again (#1683197) * Wed Feb 27 2019 Davide Cavalca - 241-1.fb1 - Facebook rebuild - Rebase fio udev patch (this will likely be dropped in the next release) - Drop the mock testing patches, not needed anymore - Ignore errors for Python bytecompiling due to run-unit-tests.py - Fix the run-unit-tests.py shebang to use python36 - Backport PR#11831 (missing include) and PR#11836 (test-chown-rec fix) * Wed Feb 20 2019 Zbigniew Jędrzejewski-Szmek - 241-2.gita09c170 - Prevent buffer overread in systemd-udevd - Properly validate dbus paths received over dbus (#1678394, CVE-2019-6454) * Sat Feb 9 2019 Zbigniew Jędrzejewski-Szmek - 241~rc2-2 - Turn LTO back on * Tue Feb 5 2019 Zbigniew Jędrzejewski-Szmek - 241~rc2-1 - Update to latest release -rc2 * Sun Feb 03 2019 Fedora Release Engineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Sun Jan 27 2019 Yu Watanabe - 241~rc1-2 - Backport a patch for kernel-install * Sat Jan 26 2019 Zbigniew Jędrzejewski-Szmek - 241~rc1-1 - Update to latest release -rc1 * Tue Jan 15 2019 Zbigniew Jędrzejewski-Szmek - 240-6.gitf02b547 - Add a work-around for #1663040 * Mon Jan 14 2019 Björn Esser - Rebuilt for libcrypt.so.2 (#1666033) * Fri Jan 11 2019 Zbigniew Jędrzejewski-Szmek - 240-4.gitf02b547 - Add a work-around for selinux issue on live images (#1663040) * Fri Jan 11 2019 Zbigniew Jędrzejewski-Szmek - 240-3.gitf02b547 - systemd-journald and systemd-journal-remote reject entries which contain too many fields (CVE-2018-16865, #1664973) and set limits on the process' command line length (CVE-2018-16864, #1664972) - $DBUS_SESSION_BUS_ADDRESS is again exported by pam_systemd (#1662857) - A fix for systemd-udevd crash (#1662303) * Sat Dec 22 2018 Zbigniew Jędrzejewski-Szmek - 240-2 - Add two more patches that revert recent udev changes * Fri Dec 21 2018 Zbigniew Jędrzejewski-Szmek - 240-1 - Update to latest release See https://github.com/systemd/systemd/blob/master/NEWS for the list of changes. * Mon Dec 17 2018 Zbigniew Jędrzejewski-Szmek - 239-10.git9f3aed1 - Hibernation checks for resume= are rescinded (#1645870) - Various patches: - memory issues in logind, networkd, journald (#1653068), sd-device, etc. - Adaptations for newer meson, lz4, kernel - Fixes for misleading bugs in documentation - net.ipv4.conf.all.rp_filter is changed from 1 to 2 * Mon Dec 10 2018 Davide Cavalca - 239-1.fb6 - Backport PR#10411 and PR#10493 (systemd-analyze timespan command) - Rebase our PR#10507 and PR#10567 backports onto the version merged upstream - Backport PR#10757 (cgroup2 BPF devices fixes) - Backport PR#10876 (cgroup_subtree_mask propagation fix) * Thu Nov 29 2018 Zbigniew Jędrzejewski-Szmek - Adjust scriptlets to modify /etc/authselect/user-nsswitch.conf (see https://github.com/pbrezina/authselect/issues/77) - Drop old scriptlets for nsswitch.conf modifications for nss-mymachines and nss-resolve * Sun Nov 18 2018 Alejandro Domínguez Muñoz - Remove link creation for rsyslog.service * Thu Nov 8 2018 Adam Williamson - 239-9.git9f3aed1 - Go back to using systemctl preset-all in %%post (#1647172, #1118740) * Mon Nov 5 2018 Adam Williamson - 239-8.git9f3aed1 - Requires(post) openssl-libs to fix live image build machine-id issue See: https://pagure.io/dusty/failed-composes/issue/960 * Mon Nov 5 2018 Yu Watanabe - Set proper attributes to private directories * Fri Nov 2 2018 Davide Cavalca - 239-1.fb5 - Backport PR#10507 (don't require CPU controller for CPU accounting) - Backport PR#10567 (DisableControllers= directive) * Fri Nov 2 2018 Zbigniew Jędrzejewski-Szmek - 239-7.git9f3aed1 - Split out the rpm macros into systemd-rpm-macros subpackage (#1645298) * Sun Oct 28 2018 Zbigniew Jędrzejewski-Szmek - 239-6.git9f3aed1 - Fix a local vulnerability from a race condition in chown-recursive (CVE-2018-15687, #1639076) - Fix a local vulnerability from invalid handling of long lines in state deserialization (CVE-2018-15686, #1639071) - Fix a remote vulnerability in DHCPv6 in systemd-networkd (CVE-2018-15688, #1639067) - The DHCP server is started only when link is UP - DHCPv6 prefix delegation is improved - Downgrade logging of various messages and add loging in other places - Many many fixes in error handling and minor memory leaks and such - Fix typos and omissions in documentation - Typo in %%_environmnentdir rpm macro is fixed (with backwards compatiblity preserved) - Matching by MACAddress= in systemd-networkd is fixed - Creation of user runtime directories is improved, and the user manager is only stopped after 10 s after the user logs out (#1642460 and other bugs) - systemd units systemd-timesyncd, systemd-resolved, systemd-networkd are switched back to use DynamicUser=0 - Aliases are now resolved when loading modules from pid1. This is a (redundant) fix for a brief kernel regression. - "systemctl --wait start" exits immediately if no valid units are named - zram devices are not considered as candidates for hibernation - ECN is not requested for both in- and out-going connections (the sysctl overide for net.ipv4.tcp_ecn is removed) - Various smaller improvements to unit ordering and dependencies - generators are now called with the manager's environment - Handling of invalid (intentionally corrupt) dbus messages is improved, fixing potential local DOS avenues - The target of symlinks links in .wants/ and .requires/ is now ignored. This fixes an issue where the unit file would sometimes be loaded from such a symlink, leading to non-deterministic unit contents. - Filtering of kernel threads is improved. This fixes an issues with newer kernels where hybrid kernel/user threads are used by bpfilter. - "noresume" can be used on the kernel command line to force normal boot even if a hibernation images is present - Hibernation is not advertised if resume= is not present on the kernenl command line - Hibernation/Suspend/... modes can be disabled using AllowSuspend=, AllowHibernation=, AllowSuspendThenHibernate=, AllowHybridSleep= - LOGO= and DOCUMENTATION_URL= are documented for the os-release file - The hashmap mempool is now only used internally in systemd, and is disabled for external users of the systemd libraries - Additional state is serialized/deserialized when logind is restarted, fixing the handling of user objects - Catalog entries for the journal are improved (#1639482) - If suspend fails, the post-suspend hooks are still called. - Various build issues on less-common architectures are fixed * Fri Oct 12 2018 Davide Cavalca - 239-1.fb4 - Backport PR#10062 (cgroup2 BPF device controller support) - Backport PR#10203, PR#10363 (tests fixes for supplementary groups) - Backport PR#10368 (%g, %G specifiers support) - Add hostname to BuildRequires (it's needed by test-execute) - Reenable test-execute now that it's finally working * Wed Oct 3 2018 Jan Synáček - 239-5 - Fix meson using -Ddebug, which results in FTBFS - Fix line_begins() to accept word matching full string (#1631840) * Mon Sep 10 2018 Zbigniew Jędrzejewski-Szmek - 239-4 - Move /etc/yum/protected.d/systemd.conf to /etc/dnf/ (#1626969) * Fri Aug 24 2018 Davide Cavalca - 239-1.fb3 - backport new version of guro's cgroup2 BPF device controller patch * Wed Jul 18 2018 Terje Rosten - 239-3 - Ignore return value from systemd-binfmt in scriptlet (#1565425) * Sun Jul 15 2018 Filipe Brandenburger - Override systemd-user PAM config in install and not prep * Sat Jul 14 2018 Fedora Release Engineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Jul 4 2018 Davide Cavalca - 239-1.fb2 - backport PR#9460 (followup to PR#9410) - backport PR#9500 (support for StandardOutput=append:) - revert c58fd46 (part of PR#8403) to workaround a FB-specific build issue * Mon Jun 25 2018 Zbigniew Jędrzejewski-Szmek - Rebuild for Python 3.7 again * Mon Jun 25 2018 Davide Cavalca - 239-1.fb1 - Facebook rebuild - backport PR#9244 and PR#9247 (new cgroup2 features) - backport PR#9410 (gnutls detection, fix for #9403) * Fri Jun 22 2018 Zbigniew Jędrzejewski-Szmek - 239-1 - Update to latest version, mostly bug fixes and new functionality, very little breaking changes. See https://github.com/systemd/systemd/blob/v239/NEWS for details. * Tue Jun 19 2018 Miro Hrončok - Rebuilt for Python 3.7 * Thu May 31 2018 Davide Cavalca - 238-7.fb3 - Update cgroup2 BPF device controller patches - Backport PR#9148 to mitigate pid watching issue on git * Tue May 15 2018 Davide Cavalca - 238-7.fb2 - Backport htejun's io.latency patch - Backport guro's cgroup2 BPF device controller patch * Fri May 11 2018 Zbigniew Jędrzejewski-Szmek - 238-8.git0e0aa59 - Backport a number of patches (documentation, hwdb updates) - Fixes for tmpfiles 'e' entries - systemd-networkd crashes - XEN virtualization detection on hyper-v - Avoid relabelling /sys/fs/cgroup if not needed (#1576240) * Wed Apr 18 2018 Zbigniew Jędrzejewski-Szmek - 238-7.fc28.1 - Allow fake Delegate= setting on slices (#1568594) * Thu Apr 5 2018 Davide Cavalca - 238-7.fb1 - Facebook rebuild - Reenable tests (except test-execute which is still broken) * Wed Mar 28 2018 Zbigniew Jędrzejewski-Szmek - 238-7 - Move udev transfiletriggers to the right package, fix quoting * Tue Mar 27 2018 Colin Walters - 238-6 - Use shell for triggers; see https://github.com/systemd/systemd/pull/8550 This fixes compatibility with rpm-ostree. * Tue Mar 20 2018 Zbigniew Jędrzejewski-Szmek - 238-5 - Backport patch to revert inadvertent change of "predictable" interface name (#1558027) * Fri Mar 16 2018 Zbigniew Jędrzejewski-Szmek - 238-4 - Do not close dbus connection during dbus reload call (#1554578) * Wed Mar 7 2018 Zbigniew Jędrzejewski-Szmek - 238-3 - Revert the patches for GRUB BootLoaderSpec support - Add patch for /etc/machine-id creation (#1552843) * Tue Mar 6 2018 Yu Watanabe - 238-2 - Fix transfiletrigger script (#1551793) * Mon Mar 5 2018 Zbigniew Jędrzejewski-Szmek - 238-1 - Update to latest version - This fixes a hard-to-trigger potential vulnerability (CVE-2018-6954) - New transfiletriggers are installed for udev hwdb and rules, the journal catalog, sysctl.d, binfmt.d, sysusers.d, tmpfiles.d. * Tue Feb 27 2018 Javier Martinez Canillas - 237-7.git84c8da5 - Add patch to install kernel images for GRUB BootLoaderSpec support * Mon Feb 26 2018 Davide Cavalca - 237-1.fb3 - Backport PR#8115 to properly fix GH#8194 * Sat Feb 24 2018 Zbigniew Jędrzejewski-Szmek - 237-6.git84c8da5 - Create /etc/systemd in %%post libs if necessary (#1548607) * Fri Feb 23 2018 Adam Williamson - 237-5.git84c8da5 - Use : not touch to create file in -libs %%post * Thu Feb 22 2018 Davide Cavalca - 237-1.fb2 - Add workaround for an issue with systemd-nspawn -u affecting mock (GH#8194) * Thu Feb 22 2018 Patrick Uiterwijk - 237-4.git84c8da5 - Add coreutils dep for systemd-libs %%post - Add patch to typecast USB IDs to avoid compile failure * Wed Feb 21 2018 Zbigniew Jędrzejewski-Szmek - 237-3.git84c8da5 - Update some patches for test skipping that were updated upstream before merging - Add /usr/lib/systemd/purge-nobody-user — a script to check if nobody is defined correctly and possibly replace existing mappings * Tue Feb 20 2018 Zbigniew Jędrzejewski-Szmek - 237-2.gitdff4849 - Backport a bunch of patches, most notably for the journal and various memory issues. Some minor build fixes. - Switch to new ldconfig macros that do nothing in F28+ - /etc/systemd/dont-synthesize-nobody is created in %%post if nfsnobody or nobody users are defined (#1537262) * Mon Feb 12 2018 Davide Cavalca - 237-1.fb1 - Facebook rebuild - Backport configurable docdir patch from master (PR#8068) - Ensure split-files.py is run with python36 - Set nfs/nfsnobody as nobody users - Add pcre2-devel dependecy for journalctl --grep - Disable tests for now as they're failing randomly when building in mock - Use 10485760 as container base for Facebook to avoid conflicting with LDAP - Backport PID file symlink chain checks fix from master (PR#8133) * Fri Feb 9 2018 Zbigniew Jędrzejeweski-Szmek - 237-1.git78bd769 - Update to first stable snapshot (various minor memory leaks and misaccesses, some documentation bugs, build fixes). * Sun Jan 28 2018 Zbigniew Jędrzejewski-Szmek - 237-1 - Update to latest version * Sun Jan 21 2018 Björn Esser - 236-4.git3e14c4c - Add patch to include if needed * Sat Jan 20 2018 Björn Esser - 236-3.git3e14c4c - Rebuilt for switch to libxcrypt * Thu Jan 11 2018 Zbigniew Jędrzejewski-Szmek - 236-2.git23e14c4 - Backport a bunch of bugfixes from upstream (#1531502, #1531381, #1526621 various memory corruptions in systemd-networkd) - /dev/kvm is marked as a static node which fixes permissions on s390x and ppc64 (#1532382) * Fri Dec 15 2017 Zbigniew Jędrzejewski-Szmek - 236-1 - Update to latest version * Mon Dec 11 2017 Zbigniew Jędrzejewski-Szmek - 235-5.git4a0e928 - Update to latest git snapshot, do not build for realz - Switch to libidn2 again (#1449145) * Tue Nov 07 2017 Zbigniew Jędrzejewski-Szmek - 235-4 - Rebuild for cryptsetup-2.0.0-0.2.fc28 * Wed Oct 25 2017 Zbigniew Jędrzejewski-Szmek - 235-3 - Backport a bunch of patches, including LP#172535 * Wed Oct 18 2017 Zbigniew Jędrzejewski-Szmek - 235-2 - Patches for cryptsetup _netdev * Mon Oct 9 2017 Davide Cavalca - 235-1.fb1 - Facebook rebuild * Fri Oct 6 2017 Zbigniew Jędrzejewski-Szmek - 235-1 - Update to latest version * Tue Sep 26 2017 Nathaniel McCallum - 234-8 - Backport /etc/crypttab _netdev feature from upstream * Thu Sep 21 2017 Michal Sekletar - 234-7 - Make sure to remove all device units sharing the same sysfs path (#1475570) * Mon Sep 18 2017 Zbigniew Jędrzejewski-Szmek - 234-6 - Bump xslt recursion limit for libxslt-1.30 * Mon Sep 18 2017 Davide Cavalca - 234-5.fb2 - backport build fix for O_TMPFILE from PR#6816 * Tue Aug 8 2017 Davide Cavalca - 234-5.fb1 - new upstream release - drop compat-libs patch in favor of separate systemd-compat-libs project - force locale to UTF-8 to make meson happy - disable broken test-execute - backport nsdelegate support from PR#6294 * Mon Jul 31 2017 Zbigniew Jędrzejewski-Szmek - 234-5 - Backport more patches (#1476005, hopefully #1462378) * Thu Jul 27 2017 Fedora Release Engineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Mon Jul 17 2017 Zbigniew Jędrzejewski-Szmek - 234-3 - Fix x-systemd.timeout=0 in /etc/fstab (#1462378) - Minor patches (memleaks, --help fixes, seccomp on arm64) * Thu Jul 13 2017 Zbigniew Jędrzejewski-Szmek - 234-2 - Create kvm group (#1431876) * Thu Jul 13 2017 Zbigniew Jędrzejewski-Szmek - 234-1 - Latest release * Sat Jul 1 2017 Zbigniew Jędrzejewski-Szmek - 233-7.git74d8f1c - Update to snapshot - Build with meson again * Tue Jun 27 2017 Zbigniew Jędrzejewski-Szmek - 233-6 - Fix an out-of-bounds write in systemd-resolved (CVE-2017-9445) * Sat Jun 17 2017 Peter Blair - 233-2.fb2 - Apply patch from CVE-2017-9445 * Fri Jun 16 2017 Zbigniew Jędrzejewski-Szmek - 233-5.gitec36d05 - Update to snapshot version, build with meson * Thu Jun 15 2017 Zbigniew Jędrzejewski-Szmek - 233-4 - Backport a bunch of small fixes (memleaks, wrong format strings, man page clarifications, shell completion) - Fix systemd-resolved crash on crafted DNS packet (CVE-2017-9217, #1455493) - Fix systemd-vconsole-setup.service error on systems with no VGA console (#1272686) - Drop soft-static uid for systemd-journal-gateway - Use ID from /etc/os-release as ntpvendor * Thu Apr 13 2017 Davide Cavalca - 233-2.fb1 - New upstream release - disable a couple of broken tests - default to legacy hierarchy for now * Wed Apr 12 2017 Davide Cavalca - 231-11.fb2 - fix lz4 depends to pick the right package * Mon Apr 3 2017 Davide Cavalca - 231-11.fb1 - use facebook macro to gate Facebook-specific settings - rebuild against new RPM backport - update patches * Thu Mar 16 2017 Michal Sekletar - 233-3 - Backport bugfixes from upstream - Don't return error when machinectl couldn't figure out container IP addresses (#1419501) * Tue Mar 14 2017 Patrick White - 231-2.fb4 - add poettering patch to fix hitting an assert (PR#4447) * Thu Mar 2 2017 Zbigniew Jędrzejewski-Szmek - 233-2 - Fix installation conflict with polkit * Thu Mar 2 2017 Zbigniew Jędrzejewski-Szmek - 233-1 - New upstream release (#1416201, #1405439, #1420753, many others) - New systemd-tests subpackage with "installed tests" * Thu Feb 16 2017 Zbigniew Jędrzejewski-Szmek - 232-15 - Add %%ghost %%dir entries for .wants dirs of our targets (#1422894) * Tue Feb 14 2017 Zbigniew Jędrzejewski-Szmek - 232-14 - Ignore the hwdb parser test * Tue Feb 14 2017 Jan Synáček - 232-14 - machinectl fails when virtual machine is running (#1419501) * Sat Feb 11 2017 Fedora Release Engineering - 232-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Tue Jan 31 2017 Zbigniew Jędrzejewski-Szmek - 232-12 - Backport patch for initrd-switch-root.service getting killed (#1414904) - Fix sd-journal-gatewayd -D, --trust, and COREDUMP_CONTAINER_CMDLINE extraction by sd-coredump. * Sun Jan 29 2017 zbyszek - 232-11 - Backport a number of patches (#1411299, #1413075, #1415745, ##1415358, #1416588, #1408884) - Fix various memleaks and unitialized variable access - Shell completion enhancements - Enable TPM logging by default (#1411156) - Update hwdb (#1270124) * Thu Jan 19 2017 Adam Williamson - 232-10 - Backport fix for boot failure in initrd-switch-root (#1414904) * Wed Jan 18 2017 Zbigniew Jędrzejewski-Szmek - 232-9 - Add fake dependency on systemd-pam to systemd-devel to ensure systemd-pam is available as multilib (#1414153) * Tue Jan 17 2017 Zbigniew Jędrzejewski-Szmek - 232-8 - Fix buildsystem to check for lz4 correctly (#1404406) * Wed Jan 11 2017 Zbigniew Jędrzejewski-Szmek - 232-7 - Various small tweaks to scriplets * Sat Jan 07 2017 Kevin Fenzi - 232-6 - Fix scriptlets to never fail in libs post * Fri Jan 06 2017 Kevin Fenzi - 232-5 - Add patch from Michal Schmidt to avoid process substitution (#1392236) * Sun Nov 6 2016 Zbigniew Jędrzejewski-Szmek - 232-4 - Rebuild (#1392236) * Fri Nov 4 2016 Zbigniew Jędrzejewski-Szmek - 232-3 - Make /etc/dbus-1/system.d directory non-%%ghost * Fri Nov 4 2016 Zbigniew Jędrzejewski-Szmek - 232-2 - Fix kernel-install (#1391829) - Restore previous systemd-user PAM config (#1391836) - Move journal-upload.conf.5 from systemd main to journal-remote subpackage (#1391833) - Fix permissions on /var/lib/systemd/journal-upload (#1262665) * Thu Nov 3 2016 Zbigniew Jędrzejewski-Szmek - 232-1 - Update to latest version (#998615, #1181922, #1374371, #1390704, #1384150, #1287161) - Add %%{_isa} to Provides on arch-full packages (#1387912) - Create systemd-coredump user in %%pre (#1309574) - Replace grubby patch with a short-circuiting install.d "plugin" - Enable nss-systemd in the passwd, group lines in nsswith.conf - Add [!UNAVAIL=return] fallback after nss-resolve in hosts line in nsswith.conf - Move systemd-nspawn man pages to the right subpackage (#1391703) * Tue Oct 18 2016 Jan Synáček - 231-11 - SPC - Cannot restart host operating from container (#1384523) * Sun Oct 9 2016 Zbigniew Jędrzejewski-Szmek - 231-10 - Do not recreate /var/log/journal on upgrades (#1383066) - Move nss-myhostname provides to systemd-libs (#1383271) * Fri Oct 7 2016 Zbigniew Jędrzejewski-Szmek - 231-9 - Fix systemctl set-default (#1374371) - Prevent systemd-udev-trigger.service from restarting (follow-up for #1378974) * Tue Oct 4 2016 Zbigniew Jędrzejewski-Szmek - 231-8 - Apply fix for #1378974 * Mon Oct 3 2016 Zbigniew Jędrzejewski-Szmek - 231-7 - Apply patches properly * Thu Sep 29 2016 Zbigniew Jędrzejewski-Szmek - 231-6 - Better fix for (#1380286) * Thu Sep 29 2016 Zbigniew Jędrzejewski-Szmek - 231-5 - Denial-of-service bug against pid1 (#1380286) * Thu Aug 25 2016 Zbigniew Jędrzejewski-Szmek - 231-4 - Fix preset-all (#1363858) - Fix issue with daemon-reload messing up graphics (#1367766) - A few other bugfixes * Wed Aug 10 2016 Davide Cavalca - 231-2.fb3 - add mpawlowski root filesystem namespace patch for #12621017 - add htejun patch for cgroup2 cpu controller (PR#3905) - update htejun logind patch from PR#3835 * Wed Aug 03 2016 Adam Williamson - 231-3 - Revert preset-all change, it broke stuff (#1363858) * Thu Jul 28 2016 Davide Cavalca - 231-2.fb2 - add /dev/fio patch from bwann for GH#3718 - import PR#3821 updates and rebase patches on github - add htejun logind patch for UserTasksMax (#12460186, PR#3835) * Wed Jul 27 2016 Davide Cavalca - 231-2.fb1 - Facebook rebuild - Fix test failures in mock (#7950934, PR#3821) - drop fsck on root patch now that we have the new dracut (see PR#3822) - Rework LTO disable patch to be conditional (#11565880, PR#3823) - update compat-libs and rebase onto public branch (https://github.com/davide125/systemd/tree/compat-libs) - add back python support now that we have python34-lxml - add back xkbcommon support as it's available in rolling os updates * Wed Jul 27 2016 Zbigniew Jędrzejewski-Szmek - 231-2 - Call preset-all on initial installation (#1118740) - Fix botched Recommends for libxkbcommon * Tue Jul 26 2016 Zbigniew Jędrzejewski-Szmek - 231-1 - Update to latest version * Tue Jul 19 2016 Davide Cavalca - 230-2.fb2 - fix fsck for root filesystem on firstboot after install (#11352467) * Wed Jun 8 2016 Zbigniew Jędrzejewski-Szmek - 230-3 - Update to latest git snapshot (fixes for systemctl set-default, polkit lingering policy, reversal of the framebuffer rules, unaligned access fixes, fix for StartupBlockIOWeight-over-dbus). Those changes are interspersed with other changes and new features (mostly in lldp, networkd, and nspawn). Some of those new features might not work, but I think that existing functionality should not be broken, so it seems worthwile to update to the snapshot. * Thu May 26 2016 Davide Cavalca - 230-2.fb1 - Facebook rebuild - backport htejun PRs for cgroup2 (#3337, #3329, #3315, #3417, #3418) - add back compat-libs * Sat May 21 2016 Zbigniew Jędrzejewski-Szmek - 230-2 - Remove systemd-compat-libs on upgrade * Sat May 21 2016 Zbigniew Jędrzejewski-Szmek - 230-1 - New version - Drop compat-libs - Require libxkbcommon explictly, since the automatic dependency will not be generated anymore * Thu May 12 2016 Tejun Heo - 229-1.fb6 - backport https://github.com/systemd/systemd/pull/3246 to fix slice overrides * Mon May 09 2016 Davide Cavalca - 229-1.fb5 - update Tejun Heo patches for cgroup2 io controller support * Fri Apr 29 2016 Davide Cavalca - 229-1.fb4 - add Tejun Heo test patch for cgroup2 IO controllers support (#10638181) * Tue Apr 26 2016 Zbigniew Jędrzejewski-Szmek - 229-15 - Remove duplicated entries in -container %%files (#1330395) * Fri Apr 22 2016 Zbigniew Jędrzejewski-Szmek - 229-14 - Move installation of udev services to udev subpackage (#1329023) * Mon Apr 18 2016 Zbigniew Jędrzejewski-Szmek - 229-13 - Split out systemd-pam subpackage (#1327402) * Mon Apr 18 2016 Harald Hoyer - 229-12 - move more binaries and services from the main package to subpackages * Mon Apr 18 2016 Harald Hoyer - 229-11 - move more binaries and services from the main package to subpackages * Mon Apr 18 2016 Harald Hoyer - 229-10 - move device dependant stuff to the udev subpackage * Thu Mar 24 2016 Davide Cavalca - 229-1.fb3 - add Tejun Heo patches for cgroups v2 support (#10268183) * Tue Mar 22 2016 Zbigniew Jędrzejewski-Szmek - 229-9 - Add myhostname to /etc/nsswitch.conf (#1318303) * Mon Mar 21 2016 Harald Hoyer - 229-8 - fixed kernel-install for copying files for grubby Resolves: rhbz#1299019 * Thu Mar 17 2016 Zbigniew Jędrzejewski-Szmek - 229-7 - Moar patches (#1316964, #1317928) - Move vconsole-setup and tmpfiles-setup-dev bits to systemd-udev - Protect systemd-udev from deinstallation * Fri Mar 11 2016 Zbigniew Jędrzejewski-Szmek - 229-6 - Create /etc/resolv.conf symlink from systemd-resolved (#1313085) * Fri Mar 4 2016 Zbigniew Jędrzejewski-Szmek - 229-5 - Split out systemd-container subpackage (#1163412) - Split out system-udev subpackage - Add various bugfix patches, incl. a tentative fix for #1308771 * Wed Mar 02 2016 Davide Cavalca - 229-1.fb2 - revert RPM trigger macros for #10119506 * Tue Mar 1 2016 Peter Robinson 229-4 - Power64 and s390(x) now have libseccomp support - aarch64 has gnu-efi * Tue Feb 23 2016 Jan Synáček - 229-3 - Fix build failures on ppc64 (#1310800) * Tue Feb 16 2016 Dennis Gilmore - 229-2 - revert: fixed kernel-install for copying files for grubby Resolves: rhbz#1299019 - this causes the dtb files to not get installed at all and the fdtdir - line in extlinux.conf to not get updated correctly * Tue Feb 16 2016 Davide Cavalca - 229-1.fb1 - Facebook rebuilt - disable LTO to fix a build segfault with LTO * Thu Feb 11 2016 Michal Sekletar - 229-1 - New upstream release * Thu Feb 11 2016 Harald Hoyer - 228-10.gite35a787 - fixed kernel-install for copying files for grubby Resolves: rhbz#1299019 * Fri Feb 05 2016 Fedora Release Engineering - 228-9.gite35a787 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Wed Jan 27 2016 Peter Robinson 228-8.gite35a787 - Rebuild for binutils on aarch64 fix * Fri Jan 08 2016 Dan Horák - 228-7.gite35a787 - apply the conflict with fedora-release only in Fedora * Thu Dec 10 2015 Jan Synáček - 228-6.gite35a787 - Fix rawhide build failures on ppc64 (#1286249) * Sun Nov 29 2015 Zbigniew Jędrzejewski-Szmek - 228-6.gite35a787 - Create /etc/systemd/network (#1286397) * Thu Nov 26 2015 Zbigniew Jędrzejewski-Szmek - 228-5.gite35a787 - Do not install nss modules by default * Tue Nov 24 2015 Zbigniew Jędrzejewski-Szmek - 228-4.gite35a787 - Update to latest upstream git: there is a bunch of fixes (nss-mymachines overflow bug, networkd fixes, more completions are properly installed), mixed with some new resolved features. - Rework file triggers so that they always run before daemons are restarted * Mon Nov 23 2015 Davide Cavalca - 228-3.fb1 - Facebook rebuilt - disable test-namespace - revert rpm file triggers as they don't work on el7 * Thu Nov 19 2015 Zbigniew Jędrzejewski-Szmek - 228-3 - Enable rpm file triggers for daemon-reload * Thu Nov 19 2015 Zbigniew Jędrzejewski-Szmek - 228-2 - Fix version number in obsoleted package name (#1283452) * Wed Nov 18 2015 Kay Sievers - 228-1 - New upstream release * Thu Nov 12 2015 Zbigniew Jędrzejewski-Szmek - 227-7 - Rename journal-gateway subpackage to journal-remote - Ignore the access mode on /var/log/journal (#1048424) - Do not assume fstab is present (#1281606) * Wed Nov 11 2015 Fedora Release Engineering - 227-6 - Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5 * Tue Nov 10 2015 Lukáš Nykrýn - 227-5 - Rebuild for libmicrohttpd soname bump * Fri Nov 06 2015 Robert Kuska - 227-4 - Rebuilt for Python3.5 rebuild * Wed Nov 4 2015 Zbigniew Jędrzejewski-Szmek - 227-3 - Fix syntax in kernel-install (#1277264) * Tue Nov 03 2015 Michal Schmidt - 227-2 - Rebuild for libmicrohttpd soname bump. * Fri Oct 09 2015 Davide Cavalca - 227-1.fb1 - disable tests broken on centos6 - fix build with centos7 curl - kernel-install: add fedora specific callouts to new-kernel-pkg * Wed Oct 7 2015 Kay Sievers - 227-1 - New upstream release * Fri Sep 18 2015 Jan Synáček - 226-3 - user systemd-journal-upload should be in systemd-journal group (#1262743) * Fri Sep 18 2015 Kay Sievers - 226-2 - Add selinux to system-user PAM config * Tue Sep 8 2015 Kay Sievers - 226-1 - New upstream release * Thu Aug 27 2015 Kay Sievers - 225-1 - New upstream release * Fri Jul 31 2015 Kay Sievers - 224-1 - New upstream release * Wed Jul 29 2015 Kay Sievers - 223-2 - update to git snapshot * Wed Jul 29 2015 Kay Sievers - 223-1 - New upstream release * Thu Jul 9 2015 Zbigniew Jędrzejewski-Szmek - 222-2 - Remove python subpackages (python-systemd in now standalone) * Tue Jul 7 2015 Kay Sievers - 222-1 - New upstream release * Mon Jul 6 2015 Kay Sievers - 221-5.git619b80a - update to git snapshot * Mon Jul 6 2015 Zbigniew Jędrzejewski-Szmek - 221-4.git604f02a - Add example file with yama config (#1234951) * Sun Jul 5 2015 Kay Sievers - 221-3.git604f02a - update to git snapshot * Mon Jun 22 2015 Kay Sievers - 221-2 - build systemd-boot EFI tools * Fri Jun 19 2015 Lennart Poettering - 221-1 - New upstream release - Undoes botched translation check, should be reinstated later? * Fri Jun 19 2015 Fedora Release Engineering - 220-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Thu Jun 11 2015 Peter Robinson 220-9 - The gold linker is now fixed on aarch64 * Tue Jun 9 2015 Zbigniew Jędrzejewski-Szmek - 220-8 - Remove gudev which is now provided as separate package (libgudev) - Fix for spurious selinux denials (#1224211) - Udev change events (#1225905) - Patches for some potential crashes - ProtectSystem=yes does not touch /home - Man page fixes, hwdb updates, shell completion updates - Restored persistent device symlinks for bcache, xen block devices - Tag all DRM cards as master-of-seat * Tue Jun 09 2015 Harald Hoyer 220-7 - fix udev block device watch * Tue Jun 09 2015 Harald Hoyer 220-6 - add support for network disk encryption * Sun Jun 7 2015 Peter Robinson 220-5 - Disable gold on aarch64 until it's fixed (tracked in rhbz #1225156) * Sat May 30 2015 Zbigniew Jędrzejewski-Szmek - 220-4 - systemd-devel should require systemd-libs, not the main package (#1226301) - Check for botched translations (#1226566) - Make /etc/udev/hwdb.d part of the rpm (#1226379) * Thu May 28 2015 Richard W.M. Jones - 220-3 - Add patch to fix udev --daemon not cleaning child processes (upstream commit 86c3bece38bcf5). * Wed May 27 2015 Richard W.M. Jones - 220-2 - Add patch to fix udev --daemon crash (upstream commit 040e689654ef08). * Thu May 21 2015 Lennart Poettering - 220-1 - New upstream release - Drop /etc/mtab hack, as that's apparently fixed in mock now (#1116158) - Remove ghosting for /etc/systemd/system/runlevel*.target, these targets are not configurable anymore in systemd upstream - Drop work-around for #1002806, since this is solved upstream now * Wed May 20 2015 Dennis Gilmore - 219-15 - fix up the conflicts version for fedora-release * Wed May 20 2015 Zbigniew Jędrzejewski-Szmek - 219-14 - Remove presets (#1221340) - Fix (potential) crash and memory leak in timedated, locking failure in systemd-nspawn, crash in resolved. - journalctl --list-boots should be faster - zsh completions are improved - various ommissions in docs are corrected (#1147651) - VARIANT and VARIANT_ID fields in os-release are documented - systemd-fsck-root.service is generated in the initramfs (#1201979, #1107818) - systemd-tmpfiles should behave better on read-only file systems (#1207083) * Wed Apr 29 2015 Zbigniew Jędrzejewski-Szmek - 219-13 - Patches for some outstanding annoyances - Small keyboard hwdb updates * Wed Apr 8 2015 Zbigniew Jędrzejewski-Szmek - 219-12 - Tighten requirements between subpackages (#1207381). * Sun Mar 22 2015 Zbigniew Jędrzejewski-Szmek - 219-11 - Move all parts systemd-journal-{remote,upload} to systemd-journal-gatewayd subpackage (#1193143). - Create /var/lib/systemd/journal-upload directory (#1193145). - Cut out lots of stupid messages at debug level which were obscuring more important stuff. - Apply "tentative" state for devices only when they are added, not removed. - Ignore invalid swap pri= settings (#1204336) - Fix SELinux check for timedated operations to enable/disable ntp (#1014315) - Fix comparing of filesystem paths (#1184016) * Sat Mar 14 2015 Zbigniew Jędrzejewski-Szmek - 219-10 - Fixes for bugs 1186018, 1195294, 1185604, 1196452. - Hardware database update. - Documentation fixes. - A fix for journalctl performance regression. - Fix detection of inability to open files in journalctl. - Detect SuperH architecture properly. - The first of duplicate lines in tmpfiles wins again. - Do vconsole setup after loading vconsole driver, not fbcon. - Fix problem where some units were restarted during systemd reexec. - Fix race in udevadm settle tripping up NetworkManager. - Downgrade various log messages. - Fix issue where journal-remote would process some messages with a delay. - GPT /srv partition autodiscovery is fixed. - Reconfigure old Finnish keymaps in post (#1151958) * Tue Mar 10 2015 Jan Synáček - 219-9 - Buttons on Lenovo X6* tablets broken (#1198939) * Tue Mar 3 2015 Zbigniew Jędrzejewski-Szmek - 219-8 - Reworked device handling (#1195761) - ACL handling fixes (with a script in %%post) - Various log messages downgraded (#1184712) - Allow PIE on s390 again (#1197721) * Wed Feb 25 2015 Michal Schmidt - 219-7 - arm: reenable lto. gcc-5.0.0-0.16 fixed the crash (#1193212) * Tue Feb 24 2015 Colin Walters - 219-6 - Revert patch that breaks Atomic/OSTree (#1195761) * Fri Feb 20 2015 Michal Schmidt - 219-5 - Undo the resolv.conf workaround, Aim for a proper fix in Rawhide. * Fri Feb 20 2015 Michal Schmidt - 219-4 - Revive fedora-disable-resolv.conf-symlink.patch to unbreak composes. * Wed Feb 18 2015 Michal Schmidt - 219-3 - arm: disabling gold did not help; disable lto instead (#1193212) * Tue Feb 17 2015 Peter Jones - 219-2 - Update 90-default.present for dbxtool. * Mon Feb 16 2015 Lennart Poettering - 219-1 - New upstream release - This removes the sysctl/bridge hack, a different solution needs to be found for this (see #634736) - This removes the /etc/resolv.conf hack, anaconda needs to fix their handling of /etc/resolv.conf as symlink - This enables "%%check" - disable gold on arm, as that is broken (see #1193212) * Mon Feb 16 2015 Peter Robinson 218-6 - aarch64 now has seccomp support * Thu Feb 05 2015 Michal Schmidt - 218-5 - Don't overwrite systemd.macros with unrelated Source file. * Thu Feb 5 2015 Jan Synáček - 218-4 - Add a touchpad hwdb (#1189319) * Thu Jan 15 2015 Zbigniew Jędrzejewski-Szmek - 218-4 - Enable xkbcommon dependency to allow checking of keymaps - Fix permissions of /var/log/journal (#1048424) - Enable timedatex in presets (#1187072) - Disable rpcbind in presets (#1099595) * Wed Jan 7 2015 Jan Synáček - 218-3 - RFE: journal: automatically rotate the file if it is unlinked (#1171719) * Mon Jan 05 2015 Zbigniew Jędrzejewski-Szmek - 218-3 - Add firewall description files (#1176626) * Thu Dec 18 2014 Jan Synáček - 218-2 - systemd-nspawn doesn't work on s390/s390x (#1175394) * Wed Dec 10 2014 Lennart Poettering - 218-1 - New upstream release - Enable "nss-mymachines" in /etc/nsswitch.conf * Thu Nov 06 2014 Zbigniew Jędrzejewski-Szmek - 217-4 - Change libgudev1 to only require systemd-libs (#727499), there's no need to require full systemd stack. - Fixes for bugs #1159448, #1152220, #1158035. - Bash completions updates to allow propose more units for start/restart, and completions for set-default,get-default. - Again allow systemctl enable of instances. - Hardware database update and fixes. - Udev crash on invalid options and kernel commandline timeout parsing are fixed. - Add "embedded" chassis type. - Sync before 'reboot -f'. - Fix restarting of timer units. * Wed Nov 05 2014 Michal Schmidt - 217-3 - Fix hanging journal flush (#1159641) * Fri Oct 31 2014 Michal Schmidt - 217-2 - Fix ordering cycles involving systemd-journal-flush.service and remote-fs.target (#1159117) * Tue Oct 28 2014 Lennart Poettering - 217-1 - New upstream release * Fri Oct 17 2014 Zbigniew Jędrzejewski-Szmek - 216-12 - Drop PackageKit.service from presets (#1154126) * Mon Oct 13 2014 Zbigniew Jędrzejewski-Szmek - 216-11 - Conflict with old versions of initscripts (#1152183) - Remove obsolete Finnish keymap (#1151958) * Fri Oct 10 2014 Zbigniew Jędrzejewski-Szmek - 216-10 - Fix a problem with voluntary daemon exits and some other bugs (#1150477, #1095962, #1150289) * Fri Oct 03 2014 Zbigniew Jędrzejewski-Szmek - 216-9 - Update to latest git, but without the readahead removal patch (#1114786, #634736) * Wed Oct 01 2014 Kay Sievers - 216-8 - revert "don't reset selinux context during CHANGE events" * Wed Oct 01 2014 Lukáš Nykrýn - 216-7 - add temporary workaround for #1147910 - don't reset selinux context during CHANGE events * Wed Sep 10 2014 Michal Schmidt - 216-6 - Update timesyncd with patches to avoid hitting NTP pool too often. * Tue Sep 09 2014 Michal Schmidt - 216-5 - Use common CONFIGURE_OPTS for build2 and build3. - Configure timesyncd with NTP servers from Fedora/RHEL vendor zone. * Wed Sep 03 2014 Zbigniew Jędrzejewski-Szmek - 216-4 - Move config files for sd-j-remote/upload to sd-journal-gateway subpackage (#1136580) * Thu Aug 28 2014 Peter Robinson 216-3 - Drop no LTO build option for aarch64/s390 now it's fixed in binutils (RHBZ 1091611) * Thu Aug 21 2014 Zbigniew Jędrzejewski-Szmek - 216-2 - Re-add patch to disable resolve.conf symlink (#1043119) * Wed Aug 20 2014 Lennart Poettering - 216-1 - New upstream release * Mon Aug 18 2014 Fedora Release Engineering - 215-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Wed Aug 13 2014 Dan Horák 215-11 - disable LTO also on s390(x) * Sat Aug 09 2014 Harald Hoyer 215-10 - fixed PPC64LE * Wed Aug 6 2014 Tom Callaway - 215-9 - fix license handling * Wed Jul 30 2014 Zbigniew Jędrzejewski-Szmek - 215-8 - Create systemd-journal-remote and systemd-journal-upload users (#1118907) * Thu Jul 24 2014 Zbigniew Jędrzejewski-Szmek - 215-7 - Split out systemd-compat-libs subpackage * Tue Jul 22 2014 Kalev Lember - 215-6 - Rebuilt for gobject-introspection 1.41.4 * Mon Jul 21 2014 Zbigniew Jędrzejewski-Szmek - 215-5 - Fix SELinux context of /etc/passwd-, /etc/group-, /etc/.updated (#1121806) - Add missing BR so gnutls and elfutils are used * Sat Jul 19 2014 Zbigniew Jędrzejewski-Szmek - 215-4 - Various man page updates - Static device node logic is conditionalized on CAP_SYS_MODULES instead of CAP_MKNOD for better behaviour in containers - Some small networkd link handling fixes - vconsole-setup runs setfont before loadkeys (https://bugs.freedesktop.org/show_bug.cgi?id=80685) - New systemd-escape tool - XZ compression settings are tweaked to greatly improve journald performance - "watch" is accepted as chassis type - Various sysusers fixes, most importantly correct selinux labels - systemd-timesyncd bug fix (https://bugs.freedesktop.org/show_bug.cgi?id=80932) - Shell completion improvements - New udev tag ID_SOFTWARE_RADIO can be used to instruct logind to allow user access - XEN and s390 virtualization is properly detected * Mon Jul 07 2014 Colin Walters - 215-3 - Add patch to disable resolve.conf symlink (#1043119) * Sun Jul 06 2014 Zbigniew Jędrzejewski-Szmek - 215-2 - Move systemd-journal-remote to systemd-journal-gateway package (#1114688) - Disable /etc/mtab handling temporarily (#1116158) * Thu Jul 03 2014 Lennart Poettering - 215-1 - New upstream release - Enable coredump logic (which abrt would normally override) * Sun Jun 29 2014 Peter Robinson 214-5 - On aarch64 disable LTO as it still has issues on that arch * Thu Jun 26 2014 Zbigniew Jędrzejewski-Szmek - 214-4 - Bugfixes (#996133, #1112908) * Mon Jun 23 2014 Zbigniew Jędrzejewski-Szmek - 214-3 - Actually create input group (#1054549) * Sun Jun 22 2014 Zbigniew Jędrzejewski-Szmek - 214-2 - Do not restart systemd-logind on upgrades (#1110697) - Add some patches (#1081429, #1054549, #1108568, #928962) * Wed Jun 11 2014 Lennart Poettering - 214-1 - New upstream release - Get rid of "floppy" group, since udev uses "disk" now - Reenable LTO * Sun Jun 08 2014 Fedora Release Engineering - 213-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed May 28 2014 Kay Sievers - 213-3 - fix systemd-timesync user creation * Wed May 28 2014 Michal Sekletar - 213-2 - Create temporary files after installation (#1101983) - Add sysstat-collect.timer, sysstat-summary.timer to preset policy (#1101621) * Wed May 28 2014 Kay Sievers - 213-1 - New upstream release * Tue May 27 2014 Kalev Lember - 212-6 - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 * Fri May 23 2014 Adam Williamson - 212-5 - revert change from 212-4, causes boot fail on single CPU boxes (RHBZ 1095891) * Wed May 07 2014 Kay Sievers - 212-4 - add netns udev workaround * Wed May 07 2014 Michal Sekletar - 212-3 - enable uuidd.socket by default (#1095353) * Sat Apr 26 2014 Peter Robinson 212-2 - Disable building with -flto for the moment due to gcc 4.9 issues (RHBZ 1091611) * Tue Mar 25 2014 Lennart Poettering - 212-1 - New upstream release * Mon Mar 17 2014 Peter Robinson 211-2 - Explicitly define which upstream platforms support libseccomp * Tue Mar 11 2014 Lennart Poettering - 211-1 - New upstream release * Mon Mar 10 2014 Zbigniew Jędrzejewski-Szmek - 210-8 - Fix logind unpriviledged reboot issue and a few other minor fixes - Limit generator execution time - Recognize buttonless joystick types * Fri Mar 07 2014 Karsten Hopp 210-7 - ppc64le needs link warnings disabled, too * Fri Mar 07 2014 Karsten Hopp 210-6 - move ifarch ppc64le to correct place (libseccomp req) * Fri Mar 07 2014 Zbigniew Jędrzejewski-Szmek - 210-5 - Bugfixes: #1047568, #1047039, #1071128, #1073402 - Bash completions for more systemd tools - Bluetooth database update - Manpage fixes * Thu Mar 06 2014 Zbigniew Jędrzejewski-Szmek - 210-4 - Apply work-around for ppc64le too (#1073647). * Sat Mar 01 2014 Zbigniew Jędrzejewski-Szmek - 210-3 - Backport a few patches, add completion for systemd-nspawn. * Fri Feb 28 2014 Zbigniew Jędrzejewski-Szmek - 210-3 - Apply work-arounds for ppc/ppc64 for bugs 1071278 and 1071284 * Mon Feb 24 2014 Lennart Poettering - 210-2 - Check more services against preset list and enable by default * Mon Feb 24 2014 Lennart Poettering - 210-1 - new upstream release * Sun Feb 23 2014 Zbigniew Jędrzejewski-Szmek - 209-2.gitf01de96 - Enable dnssec-triggerd.service by default (#1060754) * Sun Feb 23 2014 Kay Sievers - 209-2.gitf01de96 - git snapshot to sort out ARM build issues * Thu Feb 20 2014 Lennart Poettering - 209-1 - new upstream release * Tue Feb 18 2014 Zbigniew Jędrzejewski-Szmek - 208-15 - Make gpsd lazily activated (#1066421) * Mon Feb 17 2014 Zbigniew Jędrzejewski-Szmek - 208-14 - Back out patch which causes user manager to be destroyed when unneeded and spams logs (#1053315) * Sun Feb 16 2014 Zbigniew Jędrzejewski-Szmek - 208-13 - A different fix for #1023820 taken from Mageia - Backported fix for #997031 - Hardward database updates, man pages improvements, a few small memory leaks, utf-8 correctness and completion fixes - Support for key-slot option in crypttab * Sat Jan 25 2014 Ville Skyttä - 208-12 - Own the %%{_prefix}/lib/kernel(/*) and %%{_datadir}/zsh(/*) dirs. * Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-11 - Backport a few fixes, relevant documentation updates, and HWDB changes (#1051797, #1051768, #1047335, #1047304, #1047186, #1045849, #1043304, #1043212, #1039351, #1031325, #1023820, #1017509, #953077) - Flip journalctl to --full by default (#984758) * Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-9 - Apply two patches for #1026860 * Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-8 - Bump release to stay ahead of f20 * Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-7 - Backport patches (#1023041, #1036845, #1006386?) - HWDB update - Some small new features: nspawn --drop-capability=, running PID 1 under valgrind, "yearly" and "annually" in calendar specifications - Some small documentation and logging updates * Tue Nov 19 2013 Zbigniew Jędrzejewski-Szmek - 208-6 - Bump release to stay ahead of f20 * Tue Nov 19 2013 Zbigniew Jędrzejewski-Szmek - 208-5 - Use unit name in PrivateTmp= directories (#957439) - Update manual pages, completion scripts, and hardware database - Configurable Timeouts/Restarts default values - Support printing of timestamps on the console - Fix some corner cases in detecting when writing to the console is safe - Python API: convert keyword values to string, fix sd_is_booted() wrapper - Do not tread missing /sbin/fsck.btrfs as an error (#1015467) - Allow masking of fsck units - Advertise hibernation to swap files - Fix SO_REUSEPORT settings - Prefer converted xkb keymaps to legacy keymaps (#981805, #1026872) - Make use of newer kmod - Assorted bugfixes: #1017161, #967521, #988883, #1027478, #821723, #1014303 * Tue Oct 22 2013 Zbigniew Jędrzejewski-Szmek - 208-4 - Add temporary fix for #1002806 * Mon Oct 21 2013 Zbigniew Jędrzejewski-Szmek - 208-3 - Backport a bunch of fixes and hwdb updates * Wed Oct 2 2013 Lennart Poettering - 208-2 - Move old random seed and backlight files into the right place * Wed Oct 2 2013 Lennart Poettering - 208-1 - New upstream release * Thu Sep 26 2013 Zbigniew Jędrzejewski-Szmek 207-5 - Do not create /var/var/... dirs * Wed Sep 18 2013 Zbigniew Jędrzejewski-Szmek 207-4 - Fix policykit authentication - Resolves: rhbz#1006680 * Tue Sep 17 2013 Harald Hoyer 207-3 - fixed login - Resolves: rhbz#1005233 * Mon Sep 16 2013 Harald Hoyer 207-2 - add some upstream fixes for 207 - fixed swap activation - Resolves: rhbz#1008604 * Fri Sep 13 2013 Lennart Poettering - 207-1 - New upstream release * Fri Sep 06 2013 Harald Hoyer 206-11 - support "debug" kernel command line parameter - journald: fix fd leak in journal_file_empty - journald: fix vacuuming of archived journals - libudev: enumerate - do not try to match against an empty subsystem - cgtop: fixup the online help - libudev: fix memleak when enumerating childs * Wed Sep 04 2013 Harald Hoyer 206-10 - Do not require grubby, lorax now takes care of grubby - cherry-picked a lot of patches from upstream * Tue Aug 27 2013 Dennis Gilmore - 206-9 - Require grubby, Fedora installs require grubby, - kernel-install took over from new-kernel-pkg - without the Requires we are unable to compose Fedora - everyone else says that since kernel-install took over - it is responsible for ensuring that grubby is in place - this is really what we want for Fedora * Tue Aug 27 2013 Kay Sievers - 206-8 - Revert "Require grubby its needed by kernel-install" * Mon Aug 26 2013 Dennis Gilmore 206-7 - Require grubby its needed by kernel-install * Thu Aug 22 2013 Harald Hoyer 206-6 - kernel-install now understands kernel flavors like PAE * Tue Aug 20 2013 Rex Dieter - 206-5 - add sddm.service to preset file (#998978) * Fri Aug 16 2013 Zbigniew Jędrzejewski-Szmek - 206-4 - Filter out provides for private python modules. - Add requires on kmod >= 14 (#990994). * Sun Aug 11 2013 Zbigniew Jedrzejewski-Szmek - 206-3 - New systemd-python3 package (#976427). - Add ownership of a few directories that we create (#894202). * Sun Aug 04 2013 Fedora Release Engineering - 206-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Tue Jul 23 2013 Kay Sievers - 206-1 - New upstream release Resolves (#984152) * Wed Jul 3 2013 Lennart Poettering - 205-1 - New upstream release * Wed Jun 26 2013 Michal Schmidt 204-10 - Split systemd-journal-gateway subpackage (#908081). * Mon Jun 24 2013 Michal Schmidt 204-9 - Rename nm_dispatcher to NetworkManager-dispatcher in default preset (#977433) * Fri Jun 14 2013 Harald Hoyer 204-8 - fix, which helps to sucessfully browse journals with duplicated seqnums * Fri Jun 14 2013 Harald Hoyer 204-7 - fix duplicate message ID bug Resolves: rhbz#974132 * Thu Jun 06 2013 Harald Hoyer 204-6 - introduce 99-default-disable.preset * Thu Jun 6 2013 Lennart Poettering - 204-5 - Rename 90-display-manager.preset to 85-display-manager.preset so that it actually takes precedence over 90-default.preset's "disable *" line (#903690) * Tue May 28 2013 Harald Hoyer 204-4 - Fix kernel-install (#965897) * Wed May 22 2013 Kay Sievers - 204-3 - Fix kernel-install (#965897) * Thu May 9 2013 Lennart Poettering - 204-2 - New upstream release - disable isdn by default (#959793) * Tue May 07 2013 Harald Hoyer 203-2 - forward port kernel-install-grubby.patch * Tue May 7 2013 Lennart Poettering - 203-1 - New upstream release * Wed Apr 24 2013 Harald Hoyer 202-3 - fix ENOENT for getaddrinfo - Resolves: rhbz#954012 rhbz#956035 - crypt-setup-generator: correctly check return of strdup - logind-dbus: initialize result variable - prevent library underlinking * Fri Apr 19 2013 Harald Hoyer 202-2 - nspawn create empty /etc/resolv.conf if necessary - python wrapper: add sd_journal_add_conjunction() - fix s390 booting - Resolves: rhbz#953217 * Thu Apr 18 2013 Lennart Poettering - 202-1 - New upstream release * Tue Apr 09 2013 Michal Schmidt - 201-2 - Automatically discover whether to run autoreconf and add autotools and git BuildRequires based on the presence of patches to be applied. - Use find -delete. * Mon Apr 8 2013 Lennart Poettering - 201-1 - New upstream release * Mon Apr 8 2013 Lennart Poettering - 200-4 - Update preset file * Fri Mar 29 2013 Lennart Poettering - 200-3 - Remove NetworkManager-wait-online.service from presets file again, it should default to off * Fri Mar 29 2013 Lennart Poettering - 200-2 - New upstream release * Tue Mar 26 2013 Lennart Poettering - 199-2 - Add NetworkManager-wait-online.service to the presets file * Tue Mar 26 2013 Lennart Poettering - 199-1 - New upstream release * Mon Mar 18 2013 Michal Schmidt 198-7 - Drop /usr/s?bin/ prefixes. * Fri Mar 15 2013 Harald Hoyer 198-6 - run autogen to pickup all changes * Fri Mar 15 2013 Harald Hoyer 198-5 - do not mount anything, when not running as pid 1 - add initrd.target for systemd in the initrd * Wed Mar 13 2013 Harald Hoyer 198-4 - fix switch-root and local-fs.target problem - patch kernel-install to use grubby, if available * Fri Mar 08 2013 Harald Hoyer 198-3 - add Conflict with dracut < 026 because of the new switch-root isolate * Thu Mar 7 2013 Lennart Poettering - 198-2 - Create required users * Thu Mar 7 2013 Lennart Poettering - 198-1 - New release - Enable journal persistancy by default * Sun Feb 10 2013 Peter Robinson 197-3 - Bump for ARM * Fri Jan 18 2013 Michal Schmidt - 197-2 - Added qemu-guest-agent.service to presets (Lennart, #885406). - Add missing pygobject3-base to systemd-analyze deps (Lennart). - Do not require hwdata, it is all in the hwdb now (Kay). - Drop dependency on dbus-python. * Tue Jan 8 2013 Lennart Poettering - 197-1 - New upstream release * Mon Dec 10 2012 Michal Schmidt - 196-4 - Enable rngd.service by default (#857765). * Mon Dec 10 2012 Michal Schmidt - 196-3 - Disable hardening on s390(x) because PIE is broken there and produces text relocations with __thread (#868839). * Wed Dec 05 2012 Michal Schmidt - 196-2 - added spice-vdagentd.service to presets (Lennart, #876237) - BR cryptsetup-devel instead of the legacy cryptsetup-luks-devel provide name (requested by Milan Brož). - verbose make to see the actual build flags * Wed Nov 21 2012 Lennart Poettering - 196-1 - New upstream release * Tue Nov 20 2012 Lennart Poettering - 195-8 - https://bugzilla.redhat.com/show_bug.cgi?id=873459 - https://bugzilla.redhat.com/show_bug.cgi?id=878093 * Thu Nov 15 2012 Michal Schmidt - 195-7 - Revert udev killing cgroup patch for F18 Beta. - https://bugzilla.redhat.com/show_bug.cgi?id=873576 * Fri Nov 09 2012 Michal Schmidt - 195-6 - Fix cyclical dep between systemd and systemd-libs. - Avoid broken build of test-journal-syslog. - https://bugzilla.redhat.com/show_bug.cgi?id=873387 - https://bugzilla.redhat.com/show_bug.cgi?id=872638 * Thu Oct 25 2012 Kay Sievers - 195-5 - require 'sed', limit HOSTNAME= match * Wed Oct 24 2012 Michal Schmidt - 195-4 - add dmraid-activation.service to the default preset - add yum protected.d fragment - https://bugzilla.redhat.com/show_bug.cgi?id=869619 - https://bugzilla.redhat.com/show_bug.cgi?id=869717 * Wed Oct 24 2012 Kay Sievers - 195-3 - Migrate /etc/sysconfig/ i18n, keyboard, network files/variables to systemd native files * Tue Oct 23 2012 Lennart Poettering - 195-2 - Provide syslog because the journal is fine as a syslog implementation * Tue Oct 23 2012 Lennart Poettering - 195-1 - New upstream release - https://bugzilla.redhat.com/show_bug.cgi?id=831665 - https://bugzilla.redhat.com/show_bug.cgi?id=847720 - https://bugzilla.redhat.com/show_bug.cgi?id=858693 - https://bugzilla.redhat.com/show_bug.cgi?id=863481 - https://bugzilla.redhat.com/show_bug.cgi?id=864629 - https://bugzilla.redhat.com/show_bug.cgi?id=864672 - https://bugzilla.redhat.com/show_bug.cgi?id=864674 - https://bugzilla.redhat.com/show_bug.cgi?id=865128 - https://bugzilla.redhat.com/show_bug.cgi?id=866346 - https://bugzilla.redhat.com/show_bug.cgi?id=867407 - https://bugzilla.redhat.com/show_bug.cgi?id=868603 * Wed Oct 10 2012 Michal Schmidt - 194-2 - Add scriptlets for migration away from systemd-timedated-ntp.target * Wed Oct 3 2012 Lennart Poettering - 194-1 - New upstream release - https://bugzilla.redhat.com/show_bug.cgi?id=859614 - https://bugzilla.redhat.com/show_bug.cgi?id=859655 * Fri Sep 28 2012 Lennart Poettering - 193-1 - New upstream release * Tue Sep 25 2012 Lennart Poettering - 192-1 - New upstream release * Fri Sep 21 2012 Lennart Poettering - 191-2 - Fix journal mmap header prototype definition to fix compilation on 32bit * Fri Sep 21 2012 Lennart Poettering - 191-1 - New upstream release - Enable all display managers by default, as discussed with Adam Williamson * Thu Sep 20 2012 Lennart Poettering - 190-1 - New upstream release - Take possession of /etc/localtime, and remove /etc/sysconfig/clock - https://bugzilla.redhat.com/show_bug.cgi?id=858780 - https://bugzilla.redhat.com/show_bug.cgi?id=858787 - https://bugzilla.redhat.com/show_bug.cgi?id=858771 - https://bugzilla.redhat.com/show_bug.cgi?id=858754 - https://bugzilla.redhat.com/show_bug.cgi?id=858746 - https://bugzilla.redhat.com/show_bug.cgi?id=858266 - https://bugzilla.redhat.com/show_bug.cgi?id=858224 - https://bugzilla.redhat.com/show_bug.cgi?id=857670 - https://bugzilla.redhat.com/show_bug.cgi?id=856975 - https://bugzilla.redhat.com/show_bug.cgi?id=855863 - https://bugzilla.redhat.com/show_bug.cgi?id=851970 - https://bugzilla.redhat.com/show_bug.cgi?id=851275 - https://bugzilla.redhat.com/show_bug.cgi?id=851131 - https://bugzilla.redhat.com/show_bug.cgi?id=847472 - https://bugzilla.redhat.com/show_bug.cgi?id=847207 - https://bugzilla.redhat.com/show_bug.cgi?id=846483 - https://bugzilla.redhat.com/show_bug.cgi?id=846085 - https://bugzilla.redhat.com/show_bug.cgi?id=845973 - https://bugzilla.redhat.com/show_bug.cgi?id=845194 - https://bugzilla.redhat.com/show_bug.cgi?id=845028 - https://bugzilla.redhat.com/show_bug.cgi?id=844630 - https://bugzilla.redhat.com/show_bug.cgi?id=839736 - https://bugzilla.redhat.com/show_bug.cgi?id=835848 - https://bugzilla.redhat.com/show_bug.cgi?id=831740 - https://bugzilla.redhat.com/show_bug.cgi?id=823485 - https://bugzilla.redhat.com/show_bug.cgi?id=821813 - https://bugzilla.redhat.com/show_bug.cgi?id=807886 - https://bugzilla.redhat.com/show_bug.cgi?id=802198 - https://bugzilla.redhat.com/show_bug.cgi?id=767795 - https://bugzilla.redhat.com/show_bug.cgi?id=767561 - https://bugzilla.redhat.com/show_bug.cgi?id=752774 - https://bugzilla.redhat.com/show_bug.cgi?id=732874 - https://bugzilla.redhat.com/show_bug.cgi?id=858735 * Thu Sep 13 2012 Lennart Poettering - 189-4 - Don't pull in pkg-config as dep - https://bugzilla.redhat.com/show_bug.cgi?id=852828 * Wed Sep 12 2012 Lennart Poettering - 189-3 - Update preset policy - Rename preset policy file from 99-default.preset to 90-default.preset so that people can order their own stuff after the Fedora default policy if they wish * Thu Aug 23 2012 Lennart Poettering - 189-2 - Update preset policy - https://bugzilla.redhat.com/show_bug.cgi?id=850814 * Thu Aug 23 2012 Lennart Poettering - 189-1 - New upstream release * Thu Aug 16 2012 Ray Strode 188-4 - more scriptlet fixes (move dm migration logic to %%posttrans so the service files it's looking for are available at the time the logic is run) * Sat Aug 11 2012 Lennart Poettering - 188-3 - Remount file systems MS_PRIVATE before switching roots - https://bugzilla.redhat.com/show_bug.cgi?id=847418 * Wed Aug 08 2012 Rex Dieter - 188-2 - fix scriptlets * Wed Aug 8 2012 Lennart Poettering - 188-1 - New upstream release - Enable gdm and avahi by default via the preset file - Convert /etc/sysconfig/desktop to display-manager.service symlink - Enable hardened build * Mon Jul 30 2012 Kay Sievers - 187-3 - Obsolete: system-setup-keyboard * Wed Jul 25 2012 Kalev Lember - 187-2 - Run ldconfig for the new -libs subpackage * Thu Jul 19 2012 Lennart Poettering - 187-1 - New upstream release * Mon Jul 09 2012 Harald Hoyer 186-2 - fixed dracut conflict version * Tue Jul 3 2012 Lennart Poettering - 186-1 - New upstream release * Fri Jun 22 2012 Nils Philippsen - 185-7.gite7aee75 - add obsoletes/conflicts so multilib systemd -> systemd-libs updates work * Thu Jun 14 2012 Michal Schmidt - 185-6.gite7aee75 - Update to current git * Wed Jun 06 2012 Kay Sievers - 185-5.gita2368a3 - disable plymouth in configure, to drop the .wants/ symlinks * Wed Jun 06 2012 Michal Schmidt - 185-4.gita2368a3 - Update to current git snapshot - Add systemd-readahead-analyze - Drop upstream patch - Split systemd-libs - Drop duplicate doc files - Fixed License headers of subpackages * Wed Jun 06 2012 Ray Strode - 185-3 - Drop plymouth files - Conflict with old plymouth * Tue Jun 05 2012 Kay Sievers - 185-2 - selinux udev labeling fix - conflict with older dracut versions for new udev file names * Mon Jun 04 2012 Kay Sievers - 185-1 - New upstream release - udev selinux labeling fixes - new man pages - systemctl help * Thu May 31 2012 Lennart Poettering - 184-1 - New upstream release * Thu May 24 2012 Kay Sievers - 183-1 - New upstream release including udev merge. * Wed Mar 28 2012 Michal Schmidt - 44-4 - Add triggers from Bill Nottingham to correct the damage done by the obsoleted systemd-units's preun scriptlet (#807457). * Mon Mar 26 2012 Dennis Gilmore - 44-3 - apply patch from upstream so we can build systemd on arm and ppc - and likely the rest of the secondary arches * Tue Mar 20 2012 Michal Schmidt - 44-2 - Don't build the gtk parts anymore. They're moving into systemd-ui. - Remove a dead patch file. * Fri Mar 16 2012 Lennart Poettering - 44-1 - New upstream release - Closes #798760, #784921, #783134, #768523, #781735 * Mon Feb 27 2012 Dennis Gilmore - 43-2 - don't conflict with fedora-release systemd never actually provided - /etc/os-release so there is no actual conflict * Wed Feb 15 2012 Lennart Poettering - 43-1 - New upstream release - Closes #789758, #790260, #790522 * Sat Feb 11 2012 Lennart Poettering - 42-1 - New upstream release - Save a bit of entropy during system installation (#789407) - Don't own /etc/os-release anymore, leave that to fedora-release * Thu Feb 9 2012 Adam Williamson - 41-2 - rebuild for fixed binutils * Thu Feb 9 2012 Lennart Poettering - 41-1 - New upstream release * Tue Feb 7 2012 Lennart Poettering - 40-1 - New upstream release * Thu Jan 26 2012 Kay Sievers - 39-3 - provide /sbin/shutdown * Wed Jan 25 2012 Harald Hoyer 39-2 - increment release * Wed Jan 25 2012 Kay Sievers - 39-1.1 - install everything in /usr https://fedoraproject.org/wiki/Features/UsrMove * Wed Jan 25 2012 Lennart Poettering - 39-1 - New upstream release * Sun Jan 22 2012 Michal Schmidt - 38-6.git9fa2f41 - Update to a current git snapshot. - Resolves: #781657 * Sun Jan 22 2012 Michal Schmidt - 38-5 - Build against libgee06. Reenable gtk tools. - Delete unused patches. - Add easy building of git snapshots. - Remove legacy spec file elements. - Don't mention implicit BuildRequires. - Configure with --disable-static. - Merge -units into the main package. - Move section 3 manpages to -devel. - Fix unowned directory. - Run ldconfig in scriptlets. - Split systemd-analyze to a subpackage. * Sat Jan 21 2012 Dan Horák - 38-4 - fix build on big-endians * Wed Jan 11 2012 Lennart Poettering - 38-3 - Disable building of gtk tools for now * Wed Jan 11 2012 Lennart Poettering - 38-2 - Fix a few (build) dependencies * Wed Jan 11 2012 Lennart Poettering - 38-1 - New upstream release * Tue Nov 15 2011 Michal Schmidt - 37-4 - Run authconfig if /etc/pam.d/system-auth is not a symlink. - Resolves: #753160 * Wed Nov 02 2011 Michal Schmidt - 37-3 - Fix remote-fs-pre.target and its ordering. - Resolves: #749940 * Wed Oct 19 2011 Michal Schmidt - 37-2 - A couple of fixes from upstream: - Fix a regression in bash-completion reported in Bodhi. - Fix a crash in isolating. - Resolves: #717325 * Tue Oct 11 2011 Lennart Poettering - 37-1 - New upstream release - Resolves: #744726, #718464, #713567, #713707, #736756 * Thu Sep 29 2011 Michal Schmidt - 36-5 - Undo the workaround. Kay says it does not belong in systemd. - Unresolves: #741655 * Thu Sep 29 2011 Michal Schmidt - 36-4 - Workaround for the crypto-on-lvm-on-crypto disk layout - Resolves: #741655 * Sun Sep 25 2011 Michal Schmidt - 36-3 - Revert an upstream patch that caused ordering cycles - Resolves: #741078 * Fri Sep 23 2011 Lennart Poettering - 36-2 - Add /etc/timezone to ghosted files * Fri Sep 23 2011 Lennart Poettering - 36-1 - New upstream release - Resolves: #735013, #736360, #737047, #737509, #710487, #713384 * Thu Sep 1 2011 Lennart Poettering - 35-1 - New upstream release - Update post scripts - Resolves: #726683, #713384, #698198, #722803, #727315, #729997, #733706, #734611 * Thu Aug 25 2011 Lennart Poettering - 34-1 - New upstream release * Fri Aug 19 2011 Harald Hoyer 33-2 - fix ABRT on service file reloading - Resolves: rhbz#732020 * Wed Aug 3 2011 Lennart Poettering - 33-1 - New upstream release * Fri Jul 29 2011 Lennart Poettering - 32-1 - New upstream release * Wed Jul 27 2011 Lennart Poettering - 31-2 - Fix access mode of modprobe file, restart logind after upgrade * Wed Jul 27 2011 Lennart Poettering - 31-1 - New upstream release * Wed Jul 13 2011 Lennart Poettering - 30-1 - New upstream release * Thu Jun 16 2011 Lennart Poettering - 29-1 - New upstream release * Mon Jun 13 2011 Michal Schmidt - 28-4 - Apply patches from current upstream. - Fixes memory size detection on 32-bit with >4GB RAM (BZ712341) * Wed Jun 08 2011 Michal Schmidt - 28-3 - Apply patches from current upstream - https://bugzilla.redhat.com/show_bug.cgi?id=709909 - https://bugzilla.redhat.com/show_bug.cgi?id=710839 - https://bugzilla.redhat.com/show_bug.cgi?id=711015 * Sat May 28 2011 Lennart Poettering - 28-2 - Pull in nss-myhostname * Thu May 26 2011 Lennart Poettering - 28-1 - New upstream release * Wed May 25 2011 Lennart Poettering - 26-2 - Bugfix release - https://bugzilla.redhat.com/show_bug.cgi?id=707507 - https://bugzilla.redhat.com/show_bug.cgi?id=707483 - https://bugzilla.redhat.com/show_bug.cgi?id=705427 - https://bugzilla.redhat.com/show_bug.cgi?id=707577 * Sat Apr 30 2011 Lennart Poettering - 26-1 - New upstream release - https://bugzilla.redhat.com/show_bug.cgi?id=699394 - https://bugzilla.redhat.com/show_bug.cgi?id=698198 - https://bugzilla.redhat.com/show_bug.cgi?id=698674 - https://bugzilla.redhat.com/show_bug.cgi?id=699114 - https://bugzilla.redhat.com/show_bug.cgi?id=699128 * Thu Apr 21 2011 Lennart Poettering - 25-1 - New upstream release - https://bugzilla.redhat.com/show_bug.cgi?id=694788 - https://bugzilla.redhat.com/show_bug.cgi?id=694321 - https://bugzilla.redhat.com/show_bug.cgi?id=690253 - https://bugzilla.redhat.com/show_bug.cgi?id=688661 - https://bugzilla.redhat.com/show_bug.cgi?id=682662 - https://bugzilla.redhat.com/show_bug.cgi?id=678555 - https://bugzilla.redhat.com/show_bug.cgi?id=628004 * Wed Apr 6 2011 Lennart Poettering - 24-1 - New upstream release - https://bugzilla.redhat.com/show_bug.cgi?id=694079 - https://bugzilla.redhat.com/show_bug.cgi?id=693289 - https://bugzilla.redhat.com/show_bug.cgi?id=693274 - https://bugzilla.redhat.com/show_bug.cgi?id=693161 * Tue Apr 5 2011 Lennart Poettering - 23-1 - New upstream release - Include systemd-sysv-convert * Fri Apr 1 2011 Lennart Poettering - 22-1 - New upstream release * Wed Mar 30 2011 Lennart Poettering - 21-2 - The quota services are now pulled in by mount points, hence no need to enable them explicitly * Tue Mar 29 2011 Lennart Poettering - 21-1 - New upstream release * Mon Mar 28 2011 Matthias Clasen - 20-2 - Apply upstream patch to not send untranslated messages to plymouth * Tue Mar 8 2011 Lennart Poettering - 20-1 - New upstream release * Tue Mar 1 2011 Lennart Poettering - 19-1 - New upstream release * Wed Feb 16 2011 Lennart Poettering - 18-1 - New upstream release * Mon Feb 14 2011 Bill Nottingham - 17-6 - bump upstart obsoletes (#676815) * Wed Feb 9 2011 Tom Callaway - 17-5 - add macros.systemd file for %%{_unitdir} * Wed Feb 09 2011 Fedora Release Engineering - 17-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Wed Feb 9 2011 Lennart Poettering - 17-3 - Fix popen() of systemctl, #674916 * Mon Feb 7 2011 Bill Nottingham - 17-2 - add epoch to readahead obsolete * Sat Jan 22 2011 Lennart Poettering - 17-1 - New upstream release * Tue Jan 18 2011 Lennart Poettering - 16-2 - Drop console.conf again, since it is not shipped in pamtmp.conf * Sat Jan 8 2011 Lennart Poettering - 16-1 - New upstream release * Thu Nov 25 2010 Lennart Poettering - 15-1 - New upstream release * Thu Nov 25 2010 Lennart Poettering - 14-1 - Upstream update - Enable hwclock-load by default - Obsolete readahead - Enable /var/run and /var/lock on tmpfs * Fri Nov 19 2010 Lennart Poettering - 13-1 - new upstream release * Wed Nov 17 2010 Bill Nottingham 12-3 - Fix clash * Wed Nov 17 2010 Lennart Poettering - 12-2 - Don't clash with initscripts for now, so that we don't break the builders * Wed Nov 17 2010 Lennart Poettering - 12-1 - New upstream release * Fri Nov 12 2010 Matthias Clasen - 11-2 - Rebuild with newer vala, libnotify * Thu Oct 7 2010 Lennart Poettering - 11-1 - New upstream release * Wed Sep 29 2010 Jesse Keating - 10-6 - Rebuilt for gcc bug 634757 * Thu Sep 23 2010 Bill Nottingham - 10-5 - merge -sysvinit into main package * Mon Sep 20 2010 Bill Nottingham - 10-4 - obsolete upstart-sysvinit too * Fri Sep 17 2010 Bill Nottingham - 10-3 - Drop upstart requires * Tue Sep 14 2010 Lennart Poettering - 10-2 - Enable audit - https://bugzilla.redhat.com/show_bug.cgi?id=633771 * Tue Sep 14 2010 Lennart Poettering - 10-1 - New upstream release - https://bugzilla.redhat.com/show_bug.cgi?id=630401 - https://bugzilla.redhat.com/show_bug.cgi?id=630225 - https://bugzilla.redhat.com/show_bug.cgi?id=626966 - https://bugzilla.redhat.com/show_bug.cgi?id=623456 * Fri Sep 3 2010 Bill Nottingham - 9-3 - move fedora-specific units to initscripts; require newer version thereof * Fri Sep 3 2010 Lennart Poettering - 9-2 - Add missing tarball * Fri Sep 3 2010 Lennart Poettering - 9-1 - New upstream version - Closes 501720, 614619, 621290, 626443, 626477, 627014, 627785, 628913 * Fri Aug 27 2010 Lennart Poettering - 8-3 - Reexecute after installation, take ownership of /var/run/user - https://bugzilla.redhat.com/show_bug.cgi?id=627457 - https://bugzilla.redhat.com/show_bug.cgi?id=627634 * Thu Aug 26 2010 Lennart Poettering - 8-2 - Properly create default.target link * Wed Aug 25 2010 Lennart Poettering - 8-1 - New upstream release * Thu Aug 12 2010 Lennart Poettering - 7-3 - Fix https://bugzilla.redhat.com/show_bug.cgi?id=623561 * Thu Aug 12 2010 Lennart Poettering - 7-2 - Fix https://bugzilla.redhat.com/show_bug.cgi?id=623430 * Tue Aug 10 2010 Lennart Poettering - 7-1 - New upstream release * Fri Aug 6 2010 Lennart Poettering - 6-2 - properly hide output on package installation - pull in coreutils during package installtion * Fri Aug 6 2010 Lennart Poettering - 6-1 - New upstream release - Fixes #621200 * Wed Aug 4 2010 Lennart Poettering - 5-2 - Add tarball * Wed Aug 4 2010 Lennart Poettering - 5-1 - Prepare release 5 * Tue Jul 27 2010 Bill Nottingham - 4-4 - Add 'sysvinit-userspace' provide to -sysvinit package to fix upgrade/install (#618537) * Sat Jul 24 2010 Lennart Poettering - 4-3 - Add libselinux to build dependencies * Sat Jul 24 2010 Lennart Poettering - 4-2 - Use the right tarball * Sat Jul 24 2010 Lennart Poettering - 4-1 - New upstream release, and make default * Tue Jul 13 2010 Lennart Poettering - 3-3 - Used wrong tarball * Tue Jul 13 2010 Lennart Poettering - 3-2 - Own /cgroup jointly with libcgroup, since we don't dpend on it anymore * Tue Jul 13 2010 Lennart Poettering - 3-1 - New upstream release * Fri Jul 9 2010 Lennart Poettering - 2-0 - New upstream release * Wed Jul 7 2010 Lennart Poettering - 1-0 - First upstream release * Tue Jun 29 2010 Lennart Poettering - 0-0.7.20100629git4176e5 - New snapshot - Split off -units package where other packages can depend on without pulling in the whole of systemd * Tue Jun 22 2010 Lennart Poettering - 0-0.6.20100622gita3723b - Add missing libtool dependency. * Tue Jun 22 2010 Lennart Poettering - 0-0.5.20100622gita3723b - Update snapshot * Mon Jun 14 2010 Rahul Sundaram - 0-0.4.20100614git393024 - Pull the latest snapshot that fixes a segfault. Resolves rhbz#603231 * Fri Jun 11 2010 Rahul Sundaram - 0-0.3.20100610git2f198e - More minor fixes as per review * Thu Jun 10 2010 Rahul Sundaram - 0-0.2.20100610git2f198e - Spec improvements from David Hollis * Wed Jun 09 2010 Rahul Sundaram - 0-0.1.20090609git2f198e - Address review comments * Tue Jun 01 2010 Rahul Sundaram - 0-0.0.git2010-06-02 - Initial spec (adopted from Kay Sievers)