Merge 18c36b1e24 into 2e5b0412f9

Follow-up for 2b07a3211b.

Fixes the failure found in
https://autopkgtest.ubuntu.com/results/autopkgtest-noble-upstream-systemd-ci-systemd-ci/noble/amd64/s/systemd-upstream/20241115_182040_92382@/log.gz
. Relevant logs:
```
Nov 16 02:48:36 systemd-networkd[2706]: veth99: Reconfiguring with /run/systemd/network/25-dhcp-client-ipv6-only.network.
Nov 16 02:48:36 systemd-networkd[2706]: veth99: NDISC: Started IPv6 Router Solicitation client
Nov 16 02:48:36 systemd-networkd[2706]: veth99: IPv6 Router Discovery is configured and started.
Nov 16 02:48:36 systemd-networkd[2706]: veth99: NDISC: Sent Router Solicitation, next solicitation in 3s
Nov 16 02:48:36 systemd-networkd[2706]: veth99: NDISC: Received Router Advertisement from fe80::1034:56ff:fe78:9abd: flags=0xc0(managed, other), preference=medium, lifetime=30min
Nov 16 02:48:36 systemd-networkd[2706]: veth99: NDISC: Invoking callback for 'router' event.
Nov 16 02:48:36 systemd-networkd[2706]: veth99: link_check_ready(): dynamic addressing protocols are enabled but none of them finished yet.
Nov 16 02:48:36 systemd-networkd[2706]: veth99: DHCPv6 client: Starting in Solicit mode
Nov 16 02:48:36 systemd-networkd[2706]: veth99: DHCPv6 client: State changed: stopped -> solicitation
Nov 16 02:48:36 systemd-networkd[2706]: veth99: Acquiring DHCPv6 lease on NDisc request
Nov 16 02:48:36 systemd-networkd[2706]: veth99: DHCPv6 client: Sent Solicit
Nov 16 02:48:36 systemd-networkd[2706]: veth99: DHCPv6 client: Next retransmission in 1s
Nov 16 02:48:37 systemd-networkd[2706]: veth99: DHCPv6 client: Sent Solicit
Nov 16 02:48:37 systemd-networkd[2706]: veth99: DHCPv6 client: Next retransmission in 1s
Nov 16 02:48:39 systemd-networkd[2706]: veth99: NDISC: Received Neighbor Advertisement from fe80::1034:56ff:fe78:9abd: Router=yes, Solicited=yes, Override=no
Nov 16 02:48:39 systemd-networkd[2706]: veth99: NDISC: Invoking callback for 'neighbor' event.
Nov 16 02:48:39 systemd-networkd[2706]: veth99: DHCPv6 client: Processed Reply message
Nov 16 02:48:39 systemd-networkd[2706]: veth99: DHCPv6 client: T1 expires in 50s
Nov 16 02:48:39 systemd-networkd[2706]: veth99: DHCPv6 client: T2 expires in 55s
Nov 16 02:48:39 systemd-networkd[2706]: veth99: DHCPv6 client: Valid lifetime expires in 2min
Nov 16 02:48:39 systemd-networkd[2706]: veth99: DHCPv6 client: State changed: solicitation -> bound
Nov 16 02:48:39 systemd-networkd[2706]: veth99: DHCPv6 address 2600::15/128 (valid for 1min 59s, preferred for 1min 59s)
Nov 16 02:48:41 systemd-networkd[2706]: veth99: Received updated DHCPv6 address (configured): 2600::15/128 (valid for 1min 58s, preferred for 1min 58s), flags: no-prefixroute, scope: global
Nov 16 02:48:41 systemd-networkd[2706]: veth99: DHCPv6 addresses and routes set.
Nov 16 02:48:41 systemd-networkd[2706]: veth99: link_check_ready(): IPv4LL:no DHCPv4:no DHCPv6:yes DHCP-PD:no NDisc:no
Nov 16 02:48:41 systemd-networkd[2706]: veth99: State changed: configuring -> configured
```
The interface veth99 entered the configured state after 5 seconds, but
at the same time, the `wait_online()` in the test script considered the
test failed.
The function `wait_online()` first invokes
`systemd-networkd-wait-online` with `--timeout=20`, then check setup
states of interfaces with 5 seconds timeout. So, the failure suggests
that `systemd-networkd-wait-online` finishes immediately, as the state
file was not updated when it is invoked, and thus it handles the
interface veth99 already in the configured state.

src/basic/cgroup-util.c

@@ -28,6 +28,7 @@
 #include "mkdir.h"
 #include "parse-util.h"
 #include "path-util.h"
+#include "pidfd-util.h"
 #include "process-util.h"
 #include "set.h"
 #include "special.h"
@@ -72,6 +73,28 @@ int cg_cgroupid_open(int cgroupfs_fd, uint64_t id) {
         return fd;
 }
 
+int cg_path_from_cgroupid(int cgroupfs_fd, uint64_t id, char **ret) {
+        _cleanup_close_ int cgfd = -EBADF;
+        int r;
+
+        cgfd = cg_cgroupid_open(cgroupfs_fd, id);
+        if (cgfd < 0)
+                return cgfd;
+
+        _cleanup_free_ char *path = NULL;
+
+        r = fd_get_path(cgfd, &path);
+        if (r < 0)
+                return r;
+
+        if (isempty(path_startswith(path, "/sys/fs/cgroup/")))
+                return -EINVAL;
+
+        if (ret)
+                *ret = TAKE_PTR(path);
+        return 0;
+}
+
 static int cg_enumerate_items(const char *controller, const char *path, FILE **ret, const char *item) {
         _cleanup_free_ char *fs = NULL;
         FILE *f;
@@ -826,6 +849,16 @@ int cg_pidref_get_path(const char *controller, const PidRef *pidref, char **ret_
         if (!pidref_is_set(pidref))
                 return -ESRCH;
 
+        if (pidref->fd >= 0) {
+                uint64_t cgroup_id;
+
+                r = pidfd_get_cgroupid(pidref->fd, &cgroup_id);
+                if (r >= 0)
+                        return cg_path_from_cgroupid(/* cgroupfs_fd = */ -EBADF, cgroup_id, ret_path);
+                if (!ERRNO_IS_NEG_NOT_SUPPORTED(r))
+                        return r;
+        }
+
         r = cg_pid_get_path(controller, pidref->pid, &path);
         if (r < 0)
                 return r;

src/basic/cgroup-util.h

@@ -183,6 +183,8 @@ typedef enum CGroupUnified {
 int cg_path_open(const char *controller, const char *path);
 int cg_cgroupid_open(int fsfd, uint64_t id);
 
+int cg_path_from_cgroupid(int cgroupfs_fd, uint64_t id, char **ret);
+
 typedef enum CGroupFlags {
         CGROUP_SIGCONT            = 1 << 0,
         CGROUP_IGNORE_SELF        = 1 << 1,

src/basic/meson.build

@@ -72,6 +72,7 @@ basic_sources = files(
         'parse-util.c',
         'path-util.c',
         'percent-util.c',
+        'pidfd-util.c',
         'pidref.c',
         'prioq.c',
         'proc-cmdline.c',

src/basic/missing_pidfd.h

@@ -0,0 +1,43 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+#include <linux/types.h>
+
+#define PIDFS_IOCTL_MAGIC 0xFF
+
+#ifndef PIDFD_GET_CGROUP_NAMESPACE
+#  define PIDFD_GET_CGROUP_NAMESPACE              _IO(PIDFS_IOCTL_MAGIC, 1)
+#  define PIDFD_GET_IPC_NAMESPACE                 _IO(PIDFS_IOCTL_MAGIC, 2)
+#  define PIDFD_GET_MNT_NAMESPACE                 _IO(PIDFS_IOCTL_MAGIC, 3)
+#  define PIDFD_GET_NET_NAMESPACE                 _IO(PIDFS_IOCTL_MAGIC, 4)
+#  define PIDFD_GET_PID_NAMESPACE                 _IO(PIDFS_IOCTL_MAGIC, 5)
+#  define PIDFD_GET_PID_FOR_CHILDREN_NAMESPACE    _IO(PIDFS_IOCTL_MAGIC, 6)
+#  define PIDFD_GET_TIME_NAMESPACE                _IO(PIDFS_IOCTL_MAGIC, 7)
+#  define PIDFD_GET_TIME_FOR_CHILDREN_NAMESPACE   _IO(PIDFS_IOCTL_MAGIC, 8)
+#  define PIDFD_GET_USER_NAMESPACE                _IO(PIDFS_IOCTL_MAGIC, 9)
+#  define PIDFD_GET_UTS_NAMESPACE                 _IO(PIDFS_IOCTL_MAGIC, 10)
+#endif
+
+#ifndef PIDFD_GET_INFO
+struct pidfd_info {
+        __u64 mask;
+        __u64 cgroupid;
+        __u32 pid;
+        __u32 tgid;
+        __u32 ppid;
+        __u32 ruid;
+        __u32 rgid;
+        __u32 euid;
+        __u32 egid;
+        __u32 suid;
+        __u32 sgid;
+        __u32 fsuid;
+        __u32 fsgid;
+        __u32 spare0[1];
+};
+
+#define PIDFD_GET_INFO          _IOWR(PIDFS_IOCTL_MAGIC, 11, struct pidfd_info)
+#define PIDFD_INFO_PID          (1UL << 0)
+#define PIDFD_INFO_CREDS        (1UL << 1)
+#define PIDFD_INFO_CGROUPID     (1UL << 2)
+#endif

src/basic/pidfd-util.c

@@ -0,0 +1,161 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <sys/ioctl.h>
+#include <unistd.h>
+
+#include "errno-util.h"
+#include "fd-util.h"
+#include "fileio.h"
+#include "macro.h"
+#include "memory-util.h"
+#include "missing_magic.h"
+#include "missing_pidfd.h"
+#include "parse-util.h"
+#include "path-util.h"
+#include "pidfd-util.h"
+#include "stat-util.h"
+#include "string-util.h"
+
+static bool pidfd_get_info_supported = true;
+
+static bool ERRNO_IS_NEG_PIDFD_IOCTL_NOT_SUPPORTED(intmax_t r) {
+        return IN_SET(r, -ENOTTY, -EINVAL);
+}
+_DEFINE_ABS_WRAPPER(PIDFD_IOCTL_NOT_SUPPORTED);
+
+static int pidfd_get_pid_fdinfo(int fd, pid_t *ret) {
+        char path[STRLEN("/proc/self/fdinfo/") + DECIMAL_STR_MAX(int)];
+        _cleanup_free_ char *fdinfo = NULL;
+        int r;
+
+        assert(fd >= 0);
+
+        xsprintf(path, "/proc/self/fdinfo/%i", fd);
+
+        r = read_full_virtual_file(path, &fdinfo, NULL);
+        if (r == -ENOENT)
+                return proc_fd_enoent_errno();
+        if (r < 0)
+                return r;
+
+        char *p = find_line_startswith(fdinfo, "Pid:");
+        if (!p)
+                return -ENOTTY; /* not a pidfd? */
+
+        p = skip_leading_chars(p, /* bad = */ NULL);
+        p[strcspn(p, WHITESPACE)] = 0;
+
+        if (streq(p, "0"))
+                return -EREMOTE; /* PID is in foreign PID namespace? */
+        if (streq(p, "-1"))
+                return -ESRCH;   /* refers to reaped process? */
+
+        return parse_pid(p, ret);
+}
+
+static int pidfd_get_pid_ioctl(int fd, pid_t *ret) {
+        struct pidfd_info info = { .mask = PIDFD_INFO_PID };
+
+        assert(fd >= 0);
+
+        if (ioctl(fd, PIDFD_GET_INFO, &info) < 0)
+                return -errno;
+
+        assert(FLAGS_SET(info.mask, PIDFD_INFO_PID));
+
+        if (ret)
+                *ret = info.pid;
+        return 0;
+}
+
+int pidfd_get_pid(int fd, pid_t *ret) {
+        int r;
+
+        /* Converts a pidfd into a pid. We try ioctl(PIDFD_GET_INFO) (kernel 6.13+) first,
+         * /proc/self/fdinfo/ as fallback. Well known errors:
+         *
+         *    -EBADF   → fd invalid
+         *    -ESRCH   → fd valid, but process is already reaped
+         *
+         * pidfd_get_pid_fdinfo() might additionally fail for other reasons:
+         *
+         *    -ENOSYS  → /proc/ not mounted
+         *    -ENOTTY  → fd valid, but not a pidfd
+         *    -EREMOTE → fd valid, but pid is in another namespace we cannot translate to the local one
+         */
+
+        assert(fd >= 0);
+
+        if (pidfd_get_info_supported) {
+                r = pidfd_get_pid_ioctl(fd, ret);
+                if (!ERRNO_IS_NEG_PIDFD_IOCTL_NOT_SUPPORTED(r))
+                        return r;
+
+                pidfd_get_info_supported = false;
+        }
+
+        return pidfd_get_pid_fdinfo(fd, ret);
+}
+
+int pidfd_verify_pid(int pidfd, pid_t pid) {
+        pid_t current_pid;
+        int r;
+
+        assert(pidfd >= 0);
+        assert(pid > 0);
+
+        r = pidfd_get_pid(pidfd, &current_pid);
+        if (r < 0)
+                return r;
+
+        return current_pid != pid ? -ESRCH : 0;
+}
+
+int pidfd_get_cgroupid(int fd, uint64_t *ret) {
+        struct pidfd_info info = { .mask = PIDFD_INFO_CGROUP };
+
+        assert(fd >= 0);
+
+        if (!pidfd_get_info_supported)
+                return -EOPNOTSUPP;
+
+        if (ioctl(fd, PIDFD_GET_INFO, &info) < 0) {
+                if (ERRNO_IS_PIDFD_IOCTL_NOT_SUPPORTED(errno)) {
+                        pidfd_get_info_supported = false;
+                        return -EOPNOTSUPP;
+                }
+
+                return -errno;
+        }
+
+        if (!FLAGS_SET(info.mask, PIDFD_INFO_CGROUP))
+                return -ENODATA;
+
+        if (ret)
+                *ret = info.cgroupid;
+        return 0;
+}
+
+int pidfd_get_inode_id(int fd, uint64_t *ret) {
+        static int cached_supported = -1;
+        int r;
+
+        assert(fd >= 0);
+
+        if (cached_supported < 0) {
+                cached_supported = fd_is_fs_type(fd, PID_FS_MAGIC);
+                if (cached_supported < 0)
+                        return cached_supported;
+        }
+        if (cached_supported == 0)
+                return -EOPNOTSUPP;
+
+        struct stat st;
+
+        if (fstat(fd, &st) < 0)
+                return -errno;
+
+        if (ret)
+                *ret = (uint64_t) st.st_ino;
+        return 0;
+}

src/basic/pidfd-util.h

@@ -0,0 +1,15 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+#include <stdint.h>
+#if HAVE_PIDFD_OPEN
+#include <sys/pidfd.h>
+#endif
+#include <sys/types.h>
+
+int pidfd_get_pid(int fd, pid_t *ret);
+int pidfd_verify_pid(int pidfd, pid_t pid);
+
+int pidfd_get_cgroupid(int fd, uint64_t *ret);
+
+int pidfd_get_inode_id(int fd, uint64_t *ret);

src/basic/pidref.c

@@ -1,36 +1,14 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
-#if HAVE_PIDFD_OPEN
-#include <sys/pidfd.h>
-#endif
-
 #include "errno-util.h"
 #include "fd-util.h"
-#include "missing_magic.h"
 #include "missing_syscall.h"
 #include "missing_wait.h"
 #include "parse-util.h"
+#include "pidfd-util.h"
 #include "pidref.h"
 #include "process-util.h"
 #include "signal-util.h"
-#include "stat-util.h"
-
-static int pidfd_inode_ids_supported(void) {
-        static int cached = -1;
-
-        if (cached >= 0)
-                return cached;
-
-        _cleanup_close_ int fd = pidfd_open(getpid_cached(), 0);
-        if (fd < 0) {
-                if (ERRNO_IS_NOT_SUPPORTED(errno))
-                        return (cached = false);
-
-                return -errno;
-        }
-
-        return (cached = fd_is_fs_type(fd, PID_FS_MAGIC));
-}
 
 int pidref_acquire_pidfd_id(PidRef *pidref) {
         int r;
@@ -49,19 +27,14 @@ int pidref_acquire_pidfd_id(PidRef *pidref) {
         if (pidref->fd_id > 0)
                 return 0;
 
-        r = pidfd_inode_ids_supported();
+        r = pidfd_get_inode_id(pidref->fd, &pidref->fd_id);
-        if (r < 0)
+        if (r < 0) {
+                if (!ERRNO_IS_NEG_NOT_SUPPORTED(r))
+                        log_debug_errno(r, "Failed to get inode number of pidfd for pid " PID_FMT ": %m",
+                                        pidref->pid);
                 return r;
-        if (r == 0)
+        }
-                return -EOPNOTSUPP;
 
-        struct stat st;
-
-        if (fstat(pidref->fd, &st) < 0)
-                return log_debug_errno(errno, "Failed to get inode number of pidfd for pid " PID_FMT ": %m",
-                                       pidref->pid);
-
-        pidref->fd_id = (uint64_t) st.st_ino;
         return 0;
 }
 

src/basic/process-util.c

@@ -1874,59 +1874,6 @@ int get_oom_score_adjust(int *ret) {
         return 0;
 }
 
-int pidfd_get_pid(int fd, pid_t *ret) {
-        char path[STRLEN("/proc/self/fdinfo/") + DECIMAL_STR_MAX(int)];
-        _cleanup_free_ char *fdinfo = NULL;
-        int r;
-
-        /* Converts a pidfd into a pid. Well known errors:
-         *
-         *    -EBADF   → fd invalid
-         *    -ENOSYS  → /proc/ not mounted
-         *    -ENOTTY  → fd valid, but not a pidfd
-         *    -EREMOTE → fd valid, but pid is in another namespace we cannot translate to the local one
-         *    -ESRCH   → fd valid, but process is already reaped
-         */
-
-        assert(fd >= 0);
-
-        xsprintf(path, "/proc/self/fdinfo/%i", fd);
-
-        r = read_full_virtual_file(path, &fdinfo, NULL);
-        if (r == -ENOENT)
-                return proc_fd_enoent_errno();
-        if (r < 0)
-                return r;
-
-        char *p = find_line_startswith(fdinfo, "Pid:");
-        if (!p)
-                return -ENOTTY; /* not a pidfd? */
-
-        p = skip_leading_chars(p, /* bad = */ NULL);
-        p[strcspn(p, WHITESPACE)] = 0;
-
-        if (streq(p, "0"))
-                return -EREMOTE; /* PID is in foreign PID namespace? */
-        if (streq(p, "-1"))
-                return -ESRCH;   /* refers to reaped process? */
-
-        return parse_pid(p, ret);
-}
-
-int pidfd_verify_pid(int pidfd, pid_t pid) {
-        pid_t current_pid;
-        int r;
-
-        assert(pidfd >= 0);
-        assert(pid > 0);
-
-        r = pidfd_get_pid(pidfd, &current_pid);
-        if (r < 0)
-                return r;
-
-        return current_pid != pid ? -ESRCH : 0;
-}
-
 static int rlimit_to_nice(rlim_t limit) {
         if (limit <= 1)
                 return PRIO_MAX-1; /* i.e. 19 */

src/basic/process-util.h

@@ -251,9 +251,6 @@ assert_cc(TASKS_MAX <= (unsigned long) PID_T_MAX);
 /* Like TAKE_PTR() but for pid_t, resetting them to 0 */
 #define TAKE_PID(pid) TAKE_GENERIC(pid, pid_t, 0)
 
-int pidfd_get_pid(int fd, pid_t *ret);
-int pidfd_verify_pid(int pidfd, pid_t pid);
-
 int setpriority_closest(int priority);
 
 _noreturn_ void freeze(void);

src/libsystemd/sd-event/sd-event.c

@@ -1,9 +1,6 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
 #include <sys/epoll.h>
-#if HAVE_PIDFD_OPEN
-#include <sys/pidfd.h>
-#endif
 #include <sys/timerfd.h>
 #include <sys/wait.h>
 
@@ -31,6 +28,7 @@
 #include "origin-id.h"
 #include "path-util.h"
 #include "prioq.h"
+#include "pidfd-util.h"
 #include "process-util.h"
 #include "psi-util.h"
 #include "set.h"

src/libsystemd/sd-login/sd-login.c

@@ -22,6 +22,7 @@
 #include "macro.h"
 #include "parse-util.h"
 #include "path-util.h"
+#include "pidfd-util.h"
 #include "process-util.h"
 #include "socket-util.h"
 #include "stdio-util.h"

src/network/networkd-link.c

@@ -1443,6 +1443,7 @@ int link_reconfigure_impl(Link *link, LinkReconfigurationFlag flags) {
 }
 
 typedef struct LinkReconfigurationData {
+        Manager *manager;
         Link *link;
         LinkReconfigurationFlag flags;
         sd_bus_message *message;
@@ -1473,6 +1474,12 @@ static void link_reconfiguration_data_destroy_callback(LinkReconfigurationData *
                 }
 
                 if (!data->counter || *data->counter <= 0) {
+                        /* Update the state files before replying the bus method. Otherwise,
+                         * systemd-networkd-wait-online following networkctl reload/reconfigure may read an
+                         * outdated state file and wrongly handle an interface is already in the configured
+                         * state. */
+                        (void) manager_clean_all(data->manager);
+
                         r = sd_bus_reply_method_return(data->message, NULL);
                         if (r < 0)
                                 log_warning_errno(r, "Failed to reply for DBus method, ignoring: %m");
@@ -1521,6 +1528,7 @@ int link_reconfigure_full(Link *link, LinkReconfigurationFlag flags, sd_bus_mess
         }
 
         *data = (LinkReconfigurationData) {
+                .manager = link->manager,
                 .link = link_ref(link),
                 .flags = flags,
                 .message = sd_bus_message_ref(message), /* message may be NULL, but _ref() works fine. */

src/nsresourced/userns-registry.c

@@ -525,49 +525,20 @@ int userns_info_add_cgroup(UserNamespaceInfo *userns, uint64_t cgroup_id) {
 }
 
 static int userns_destroy_cgroup(uint64_t cgroup_id) {
-        _cleanup_close_ int cgroup_fd = -EBADF, parent_fd = -EBADF;
+        _cleanup_free_ char *path = NULL;
         int r;
 
-        cgroup_fd = cg_cgroupid_open(/* cgroupfsfd= */ -EBADF, cgroup_id);
+        r = cg_path_from_cgroupid(/* cgroupfs_fd = */ -EBADF, cgroup_id, &path);
-        if (cgroup_fd == -ESTALE) {
+        if (r == -ESTALE) {
-                log_debug_errno(cgroup_fd, "Control group %" PRIu64 " already gone, ignoring: %m", cgroup_id);
+                log_debug_errno(r, "Control group %" PRIu64 " already gone, ignoring.", cgroup_id);
                 return 0;
         }
-        if (cgroup_fd < 0)
-                return log_debug_errno(errno, "Failed to open cgroup %" PRIu64 ", ignoring: %m", cgroup_id);
-
-        _cleanup_free_ char *path = NULL;
-        r = fd_get_path(cgroup_fd, &path);
         if (r < 0)
                 return log_debug_errno(r, "Failed to get path of cgroup %" PRIu64 ", ignoring: %m", cgroup_id);
 
-        const char *e = path_startswith(path, "/sys/fs/cgroup/");
+        log_debug("Destroying cgroup %" PRIu64 " (%s)", cgroup_id, path);
-        if (!e)
-                return log_debug_errno(SYNTHETIC_ERRNO(EPERM), "Got cgroup path that doesn't start with /sys/fs/cgroup/, refusing: %s", path);
-        if (isempty(e))
-                return log_debug_errno(SYNTHETIC_ERRNO(EPERM), "Got root cgroup path, which can't be right, refusing.");
 
-        log_debug("Path of cgroup %" PRIu64 " is: %s", cgroup_id, path);
+        r = rm_rf(path, REMOVE_ROOT|REMOVE_ONLY_DIRECTORIES|REMOVE_CHMOD);
-
-        _cleanup_free_ char *fname = NULL;
-        r = path_extract_filename(path, &fname);
-        if (r < 0)
-                return log_debug_errno(r, "Failed to extract name of cgroup %" PRIu64 ", ignoring: %m", cgroup_id);
-
-        parent_fd = openat(cgroup_fd, "..", O_CLOEXEC|O_DIRECTORY);
-        if (parent_fd < 0)
-                return log_debug_errno(errno, "Failed to open parent cgroup of %" PRIu64 ", ignoring: %m", cgroup_id);
-
-        /* Safety check, never leave cgroupfs */
-        r = fd_is_fs_type(parent_fd, CGROUP2_SUPER_MAGIC);
-        if (r < 0)
-                return log_debug_errno(r, "Failed to determine if parent directory of cgroup %" PRIu64 " is still a cgroup, ignoring: %m", cgroup_id);
-        if (!r)
-                return log_debug_errno(SYNTHETIC_ERRNO(EPERM), "Parent directory of cgroup %" PRIu64 " is not a cgroup, refusing.", cgroup_id);
-
-        cgroup_fd = safe_close(cgroup_fd);
-
-        r = rm_rf_child(parent_fd, fname, REMOVE_ONLY_DIRECTORIES|REMOVE_PHYSICAL|REMOVE_CHMOD);
         if (r < 0)
                 log_debug_errno(r, "Failed to remove delegated cgroup %" PRIu64 ", ignoring: %m", cgroup_id);
 

test/test-network/systemd-networkd-tests.py

@@ -6406,11 +6406,11 @@ class NetworkdRATests(unittest.TestCase, Utilities):
 
         for i in [100, 200, 300, 512, 1024, 2048]:
             if i not in [metric_1, metric_2]:
-                self.assertNotIn(f'{i}', output)
+                self.assertNotIn(f'metric {i} ', output)
 
         for i in ['low', 'medium', 'high']:
             if i not in [preference_1, preference_2]:
-                self.assertNotIn(f'{i}', output)
+                self.assertNotIn(f'pref {i}', output)
 
     def test_router_preference(self):
         copy_network_unit('25-veth-client.netdev',