.mkosi/mkosi.fedora

@@ -5,7 +5,7 @@
 
 [Distribution]
 Distribution=fedora
-Release=32
+Release=31
 
 [Output]
 Format=gpt_ext4

NEWS

@@ -357,11 +357,6 @@ CHANGES WITH 246 in spe:
           The optional positional argument to "systemctl reboot" is now
           being deprecated in favor of this option.
 
-        * Support for the .include syntax in unit files has been removed. The
-          concept has been obsolete for 6 years and we started warning about
-          its pending removal 2 years ago (also see NEWS file below). It's
-          finally gone now.
-
 CHANGES WITH 245:
 
         * A new tool "systemd-repart" has been added, that operates as an

man/systemd-nspawn.xml

@@ -1,8 +1,8 @@
 <?xml version='1.0'?>
 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
   "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
-<!ENTITY fedora_latest_version "32">
+<!ENTITY fedora_latest_version "31">
-<!ENTITY fedora_cloud_release "1.6">
+<!ENTITY fedora_cloud_release "1.9">
 ]>
 <!-- SPDX-License-Identifier: LGPL-2.1+ -->
 

man/systemd.special.xml

@@ -228,25 +228,22 @@
           <term><filename>emergency.target</filename></term>
           <listitem>
             <para>A special target unit that starts an emergency shell on the main console. This
-            target does not pull in other services or mounts. It is the most minimal version of
+            target does not pull in any services or mounts. It is the most minimal version of
             starting the system in order to acquire an interactive shell; the only processes running
-            are usually just the system manager (PID 1) and the shell process. This unit may be used
+            are usually just the system manager (PID 1) and the shell process. This unit is supposed
-            by specifying <varname>emergency</varname> on the kernel command line; it is
+            to be used with the kernel command line option <varname>systemd.unit=</varname>; it is
-            also used when a file system check on a required file system fails and boot-up cannot
+            also used when a file system check on a required file system fails, and boot-up cannot
             continue. Compare with <filename>rescue.target</filename>, which serves a similar
             purpose, but also starts the most basic services and mounts all file systems.</para>
 
+            <para>Use the <literal>systemd.unit=emergency.target</literal> kernel command line
+            option to boot into this mode. A short alias for this kernel command line option is
+            <literal>emergency</literal>, for compatibility with SysV.</para>
+
             <para>In many ways booting into <filename>emergency.target</filename> is similar to the
             effect of booting with <literal>init=/bin/sh</literal> on the kernel command line,
             except that emergency mode provides you with the full system and service manager, and
             allows starting individual units in order to continue the boot process in steps.</para>
-
-            <para>Note that depending on how <filename>emergency.target</filename> is reached, the root file
-            system might be mounted read-only or read-write (no remounting is done specially for this
-            target). For example, the system may boot with root mounted read-only when <varname>ro</varname>
-            is used on the kernel command line and remain this way for <filename>emergency.target</filename>,
-            or the system may transition to <filename>emergency.target</filename> after the system has been
-            partially booted and disks have already been remounted read-write.</para>
           </listitem>
         </varlistentry>
         <varlistentry>

man/systemd.unit.xml

@@ -226,6 +226,9 @@
     <filename>foo-.service.d/10-override.conf</filename> would override
     <filename>service.d/10-override.conf</filename>.</para>
 
+    <!-- Note that we do not document .include here, as we consider it mostly obsolete, and want
+         people to use .d/ drop-ins instead. -->
+
     <para>Note that while systemd offers a flexible dependency system
     between units it is recommended to use this functionality only
     sparingly and instead rely on techniques such as bus-based or

src/core/load-fragment.c

@@ -4864,7 +4864,7 @@ int unit_load_fragment(Unit *u) {
                         r = config_parse(u->id, fragment, f,
                                          UNIT_VTABLE(u)->sections,
                                          config_item_perf_lookup, load_fragment_gperf_lookup,
-                                         0,
+                                         CONFIG_PARSE_ALLOW_INCLUDE,
                                          u,
                                          NULL);
                         if (r == -ENOEXEC)

src/fuzz/fuzz-unit-file.c

@@ -74,7 +74,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
                         name, name, f,
                         UNIT_VTABLE(u)->sections,
                         config_item_perf_lookup, load_fragment_gperf_lookup,
-                        0,
+                        CONFIG_PARSE_ALLOW_INCLUDE,
                         u,
                         NULL);
 

src/libsystemd-network/network-internal.c

@@ -192,34 +192,30 @@ bool net_match_config(Set *match_mac,
                       Set *match_permanent_mac,
                       char * const *match_paths,
                       char * const *match_drivers,
-                      char * const *match_iftypes,
+                      char * const *match_types,
                       char * const *match_names,
                       char * const *match_property,
                       char * const *match_wifi_iftype,
                       char * const *match_ssid,
                       Set *match_bssid,
+                      unsigned short iftype,
                       sd_device *device,
                       const struct ether_addr *dev_mac,
                       const struct ether_addr *dev_permanent_mac,
-                      const char *dev_driver,
-                      unsigned short dev_iftype,
                       const char *dev_name,
                       char * const *alternative_names,
-                      enum nl80211_iftype dev_wifi_iftype,
+                      enum nl80211_iftype wifi_iftype,
-                      const char *dev_ssid,
+                      const char *ssid,
-                      const struct ether_addr *dev_bssid) {
+                      const struct ether_addr *bssid) {
 
-        _cleanup_free_ char *dev_iftype_str;
+        const char *dev_path = NULL, *dev_driver = NULL, *mac_str;
-        const char *dev_path = NULL;
+        _cleanup_free_ char *dev_type;
 
-        dev_iftype_str = link_get_type_string(dev_iftype, device);
+        dev_type = link_get_type_string(iftype, device);
 
         if (device) {
-                const char *mac_str;
-
                 (void) sd_device_get_property_value(device, "ID_PATH", &dev_path);
-                if (!dev_driver)
+                (void) sd_device_get_property_value(device, "ID_NET_DRIVER", &dev_driver);
-                        (void) sd_device_get_property_value(device, "ID_NET_DRIVER", &dev_driver);
                 if (!dev_name)
                         (void) sd_device_get_sysname(device, &dev_name);
                 if (!dev_mac &&
@@ -242,7 +238,7 @@ bool net_match_config(Set *match_mac,
         if (!net_condition_test_strv(match_drivers, dev_driver))
                 return false;
 
-        if (!net_condition_test_strv(match_iftypes, dev_iftype_str))
+        if (!net_condition_test_strv(match_types, dev_type))
                 return false;
 
         if (!net_condition_test_ifname(match_names, dev_name, alternative_names))
@@ -251,13 +247,13 @@ bool net_match_config(Set *match_mac,
         if (!net_condition_test_property(match_property, device))
                 return false;
 
-        if (!net_condition_test_strv(match_wifi_iftype, wifi_iftype_to_string(dev_wifi_iftype)))
+        if (!net_condition_test_strv(match_wifi_iftype, wifi_iftype_to_string(wifi_iftype)))
                 return false;
 
-        if (!net_condition_test_strv(match_ssid, dev_ssid))
+        if (!net_condition_test_strv(match_ssid, ssid))
                 return false;
 
-        if (match_bssid && (!dev_bssid || !set_contains(match_bssid, dev_bssid)))
+        if (match_bssid && (!bssid || !set_contains(match_bssid, bssid)))
                 return false;
 
         return true;

src/libsystemd-network/network-internal.h

@@ -17,24 +17,23 @@
 char *link_get_type_string(unsigned short iftype, sd_device *device);
 bool net_match_config(Set *match_mac,
                       Set *match_permanent_mac,
-                      char * const *match_paths,
+                      char * const *match_path,
-                      char * const *match_drivers,
+                      char * const *match_driver,
-                      char * const *match_iftypes,
+                      char * const *match_type,
-                      char * const *match_names,
+                      char * const *match_name,
                       char * const *match_property,
                       char * const *match_wifi_iftype,
                       char * const *match_ssid,
                       Set *match_bssid,
+                      unsigned short iftype,
                       sd_device *device,
                       const struct ether_addr *dev_mac,
                       const struct ether_addr *dev_permanent_mac,
-                      const char *dev_driver,
-                      unsigned short dev_iftype,
                       const char *dev_name,
                       char * const *alternative_names,
-                      enum nl80211_iftype dev_wifi_iftype,
+                      enum nl80211_iftype wifi_iftype,
-                      const char *dev_ssid,
+                      const char *ssid,
-                      const struct ether_addr *dev_bssid);
+                      const struct ether_addr *bssid);
 
 CONFIG_PARSER_PROTOTYPE(config_parse_net_condition);
 CONFIG_PARSER_PROTOTYPE(config_parse_hwaddr);

src/network/networkd-link.c

@@ -618,14 +618,10 @@ static int link_new(Manager *manager, sd_netlink_message *message, Link **ret) {
         if (r < 0)
                 log_link_debug_errno(link, r, "MAC address not found for new device, continuing without");
 
-        r = ethtool_get_permanent_macaddr(&manager->ethtool_fd, link->ifname, &link->permanent_mac);
+        r = ethtool_get_permanent_macaddr(NULL, link->ifname, &link->permanent_mac);
         if (r < 0)
                 log_link_debug_errno(link, r, "Permanent MAC address not found for new device, continuing without: %m");
 
-        r = ethtool_get_driver(&manager->ethtool_fd, link->ifname, &link->driver);
-        if (r < 0)
-                log_link_debug_errno(link, r, "Failed to get driver, continuing without: %m");
-
         r = sd_netlink_message_read_strv(message, IFLA_PROP_LIST, IFLA_ALT_IFNAME, &link->alternative_names);
         if (r < 0 && r != -ENODATA)
                 return r;
@@ -729,7 +725,6 @@ static Link *link_free(Link *link) {
         strv_free(link->alternative_names);
         free(link->kind);
         free(link->ssid);
-        free(link->driver);
 
         (void) unlink(link->state_file);
         free(link->state_file);
@@ -3144,10 +3139,8 @@ static int link_reconfigure_internal(Link *link, sd_netlink_message *m, bool for
                 strv_free_and_replace(link->alternative_names, s);
         }
 
-        r = network_get(link->manager, link->iftype, link->sd_device,
+        r = network_get(link->manager, link->iftype, link->sd_device, link->ifname, link->alternative_names,
-                        link->ifname, link->alternative_names, link->driver,
+                        &link->mac, &link->permanent_mac, link->wlan_iftype, link->ssid, &link->bssid, &network);
-                        &link->mac, &link->permanent_mac,
-                        link->wlan_iftype, link->ssid, &link->bssid, &network);
         if (r == -ENOENT) {
                 link_enter_unmanaged(link);
                 return 0;
@@ -3282,10 +3275,8 @@ static int link_initialized_and_synced(Link *link) {
                 if (r < 0)
                         return r;
 
-                r = network_get(link->manager, link->iftype, link->sd_device,
+                r = network_get(link->manager, link->iftype, link->sd_device, link->ifname, link->alternative_names,
-                                link->ifname, link->alternative_names, link->driver,
+                                &link->mac, &link->permanent_mac, link->wlan_iftype, link->ssid, &link->bssid, &network);
-                                &link->mac, &link->permanent_mac,
-                                link->wlan_iftype, link->ssid, &link->bssid, &network);
                 if (r == -ENOENT) {
                         link_enter_unmanaged(link);
                         return 0;

src/network/networkd-link.h

@@ -66,7 +66,6 @@ typedef struct Link {
         struct in6_addr ipv6ll_address;
         uint32_t mtu;
         sd_device *sd_device;
-        char *driver;
 
         /* wlan */
         enum nl80211_iftype wlan_iftype;

src/network/networkd-manager.c

@@ -1790,7 +1790,6 @@ int manager_new(Manager **ret) {
         *m = (Manager) {
                 .speed_meter_interval_usec = SPEED_METER_DEFAULT_TIME_INTERVAL,
                 .manage_foreign_routes = true,
-                .ethtool_fd = -1,
         };
 
         m->state_file = strdup("/run/systemd/netif/state");
@@ -1901,8 +1900,6 @@ void manager_free(Manager *m) {
         free(m->dynamic_timezone);
         free(m->dynamic_hostname);
 
-        safe_close(m->ethtool_fd);
-
         free(m);
 }
 

src/network/networkd-manager.h

@@ -26,7 +26,6 @@ struct Manager {
         sd_bus *bus;
         sd_device_monitor *device_monitor;
         Hashmap *polkit_registry;
-        int ethtool_fd;
 
         bool enumerating:1;
         bool dirty:1;

src/network/networkd-network.c

@@ -776,8 +776,8 @@ int network_get_by_name(Manager *manager, const char *name, Network **ret) {
 }
 
 int network_get(Manager *manager, unsigned short iftype, sd_device *device,
-                const char *ifname, char * const *alternative_names, const char *driver,
+                const char *ifname, char * const *alternative_names,
-                const struct ether_addr *mac, const struct ether_addr *permanent_mac,
+                const struct ether_addr *address, const struct ether_addr *permanent_address,
                 enum nl80211_iftype wlan_iftype, const char *ssid, const struct ether_addr *bssid,
                 Network **ret) {
         Network *network;
@@ -791,7 +791,7 @@ int network_get(Manager *manager, unsigned short iftype, sd_device *device,
                                      network->match_path, network->match_driver,
                                      network->match_type, network->match_name, network->match_property,
                                      network->match_wlan_iftype, network->match_ssid, network->match_bssid,
-                                     device, mac, permanent_mac, driver, iftype,
+                                     iftype, device, address, permanent_address,
                                      ifname, alternative_names, wlan_iftype, ssid, bssid)) {
                         if (network->match_name && device) {
                                 const char *attr;

src/network/networkd-network.h

@@ -346,11 +346,10 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
 int network_verify(Network *network);
 
 int network_get_by_name(Manager *manager, const char *name, Network **ret);
-int network_get(Manager *manager, unsigned short iftype, sd_device *device,
+int network_get(Manager *manager, unsigned short iftype, sd_device *device, const char *ifname, char * const *alternative_names,
-                const char *ifname, char * const *alternative_names, const char *driver,
                 const struct ether_addr *mac, const struct ether_addr *permanent_mac,
-                enum nl80211_iftype wlan_iftype, const char *ssid, const struct ether_addr *bssid,
+                enum nl80211_iftype wlan_iftype, const char *ssid,
-                Network **ret);
+                const struct ether_addr *bssid, Network **ret);
 int network_apply(Network *network, Link *link);
 void network_apply_anonymize_if_set(Network *network);
 

src/network/test-network.c

@@ -126,7 +126,7 @@ static void test_network_get(Manager *manager, sd_device *loopback) {
 
         /* Let's hope that the test machine does not have a .network file that applies to loopback device…
          * But it is still possible, so let's allow that case too. */
-        r = network_get(manager, 0, loopback, "lo", NULL, NULL, &mac, &mac, 0, NULL, NULL, &network);
+        r = network_get(manager, 0, loopback, "lo", NULL, &mac, &mac, 0, NULL, NULL, &network);
         if (r == -ENOENT)
                 /* The expected case */
                 assert_se(!network);

src/shared/conf-parser.c

@@ -159,7 +159,7 @@ static int parse_line(
                 char *l,
                 void *userdata) {
 
-        char *e;
+        char *e, *include;
 
         assert(filename);
         assert(line > 0);
@@ -173,6 +173,35 @@ static int parse_line(
         if (*l == '\n')
                 return 0;
 
+        include = first_word(l, ".include");
+        if (include) {
+                _cleanup_free_ char *fn = NULL;
+
+                /* .includes are a bad idea, we only support them here
+                 * for historical reasons. They create cyclic include
+                 * problems and make it difficult to detect
+                 * configuration file changes with an easy
+                 * stat(). Better approaches, such as .d/ drop-in
+                 * snippets exist.
+                 *
+                 * Support for them should be eventually removed. */
+
+                if (!(flags & CONFIG_PARSE_ALLOW_INCLUDE)) {
+                        log_syntax(unit, LOG_ERR, filename, line, 0, ".include not allowed here. Ignoring.");
+                        return 0;
+                }
+
+                log_syntax(unit, LOG_WARNING, filename, line, 0,
+                           ".include directives are deprecated, and support for them will be removed in a future version of systemd. "
+                           "Please use drop-in files instead.");
+
+                fn = file_in_same_dir(filename, strstrip(include));
+                if (!fn)
+                        return -ENOMEM;
+
+                return config_parse(unit, fn, NULL, sections, lookup, table, flags, userdata, NULL);
+        }
+
         if (!utf8_is_valid(l))
                 return log_syntax_invalid_utf8(unit, LOG_WARNING, filename, line, l);
 

src/shared/conf-parser.h

@@ -16,7 +16,8 @@
 
 typedef enum ConfigParseFlags {
         CONFIG_PARSE_RELAXED       = 1 << 0, /* Do not warn about unknown non-extension fields */
-        CONFIG_PARSE_WARN          = 1 << 1, /* Emit non-debug messages */
+        CONFIG_PARSE_ALLOW_INCLUDE = 1 << 1, /* Allow the deprecated .include stanza */
+        CONFIG_PARSE_WARN          = 1 << 2, /* Emit non-debug messages */
 } ConfigParseFlags;
 
 /* Argument list for parsers of specific configuration settings. */

src/shared/install.c

@@ -1304,7 +1304,7 @@ static int unit_file_load(
                          "-Target\0"
                          "-Timer\0",
                          config_item_table_lookup, items,
-                         0, info,
+                         CONFIG_PARSE_ALLOW_INCLUDE, info,
                          NULL);
         if (r < 0)
                 return log_debug_errno(r, "Failed to parse %s: %m", info->name);

src/shared/seccomp-util.c

@@ -2002,22 +2002,6 @@ static int seccomp_restrict_sxid(scmp_filter_ctx seccomp, mode_t m) {
         else
                 any = true;
 
-#if defined(__SNR_openat2)
-        /* The new openat2() system call can't be filtered sensibly, since it moves the flags parameter into
-         * an indirect structure. Let's block it entirely for now. That should be a reasonably OK thing to do
-         * for now, since openat2() is very new and code generally needs fallback logic anyway to be
-         * compatible with kernels that are not absolutely recent. */
-        r = seccomp_rule_add_exact(
-                        seccomp,
-                        SCMP_ACT_ERRNO(EPERM),
-                        SCMP_SYS(openat2),
-                        0);
-        if (r < 0)
-                log_debug_errno(r, "Failed to add filter for openat2: %m");
-        else
-                any = true;
-#endif
-
         r = seccomp_rule_add_exact(
                         seccomp,
                         SCMP_ACT_ERRNO(EPERM),

src/udev/net/link-config.c

@@ -270,7 +270,7 @@ int link_config_get(link_config_ctx *ctx, sd_device *device, link_config **ret)
         LIST_FOREACH(links, link, ctx->links) {
                 if (net_match_config(link->match_mac, link->match_permanent_mac, link->match_path, link->match_driver,
                                      link->match_type, link->match_name, link->match_property, NULL, NULL, NULL,
-                                     device, NULL, &permanent_mac, NULL, iftype, NULL, NULL, 0, NULL, NULL)) {
+                                     iftype, device, NULL, &permanent_mac, NULL, NULL, 0, NULL, NULL)) {
                         if (link->match_name && !strv_contains(link->match_name, "*")) {
                                 unsigned name_assign_type = NET_NAME_UNKNOWN;
 

units/systemd-udevd.service.in

@@ -8,7 +8,7 @@
 #  (at your option) any later version.
 
 [Unit]
-Description=Rule-based Manager for Device Events and Files
+Description=Rule-based manager for device events and files
 Documentation=man:systemd-udevd.service(8) man:udev(7)
 DefaultDependencies=no
 After=systemd-sysusers.service systemd-hwdb-update.service