efi: Skip parsing SystemdOptions if there's an error getting it.

The original logic was logging an "ignored" debug message, but it was still
going ahead and calling proc_cmdline_parse_given() on the NULL line. Fix that
to skip that explicitly when the EFI variable wasn't really read.

man/crypttab.xml

@@ -60,13 +60,15 @@
     device or file, or a specification of a block device via
     <literal>UUID=</literal> followed by the UUID.</para>
 
-    <para>The third field specifies an absolute path to a file to read the encryption key from. If the field
-    is not present or set to <literal>none</literal> or <literal>-</literal>, a key file named after the
-    volume to unlock (i.e. the first column of the line), suffixed with <filename>.key</filename> is
-    automatically loaded from the <filename>/etc/cryptsetup-keys.d/</filename> and
-    <filename>/run/cryptsetup-keys.d/</filename> directories, if present. Otherwise, the password has to be
-    manually entered during system boot. For swap encryption, <filename>/dev/urandom</filename> may be used
-    as key file.</para>
+    <para>The third field specifies an absolute path to a file to read the encryption key from. Optionally,
+    the path may be followed by <literal>:</literal> and an fstab device specification (e.g. starting with
+    <literal>LABEL=</literal> or similar); in which case, the path is relative to the device file system
+    root. If the field is not present or set to <literal>none</literal> or <literal>-</literal>, a key file
+    named after the volume to unlock (i.e. the first column of the line), suffixed with
+    <filename>.key</filename> is automatically loaded from the <filename>/etc/cryptsetup-keys.d/</filename>
+    and <filename>/run/cryptsetup-keys.d/</filename> directories, if present. Otherwise, the password has to
+    be manually entered during system boot. For swap encryption, <filename>/dev/urandom</filename> may be
+    used as key file.</para>
 
     <para>The fourth field, if present, is a comma-delimited list of
     options. The following options are recognized:</para>

src/basic/proc-cmdline.c

@@ -121,14 +121,16 @@ int proc_cmdline_parse(proc_cmdline_parse_t parse_item, void *data, ProcCmdlineF
 
         if (!FLAGS_SET(flags, PROC_CMDLINE_IGNORE_EFI_OPTIONS)) {
                 r = systemd_efi_options_variable(&line);
-                if (r < 0 && r != -ENODATA)
-                        log_debug_errno(r, "Failed to get SystemdOptions EFI variable, ignoring: %m");
+                if (r < 0) {
+                        if (r != -ENODATA)
+                                log_debug_errno(r, "Failed to get SystemdOptions EFI variable, ignoring: %m");
+                } else {
+                        r = proc_cmdline_parse_given(line, parse_item, data, flags);
+                        if (r < 0)
+                                return r;
 
-                r = proc_cmdline_parse_given(line, parse_item, data, flags);
-                if (r < 0)
-                        return r;
-
-                line = mfree(line);
+                        line = mfree(line);
+                }
         }
 
         r = proc_cmdline(&line);

src/network/networkd-network.c

@@ -166,7 +166,8 @@ int network_verify(Network *network) {
         if (set_isempty(network->match_mac) && set_isempty(network->match_permanent_mac) &&
             strv_isempty(network->match_path) && strv_isempty(network->match_driver) &&
             strv_isempty(network->match_type) && strv_isempty(network->match_name) &&
-            strv_isempty(network->match_property) && strv_isempty(network->match_ssid) && !network->conditions)
+            strv_isempty(network->match_property) && strv_isempty(network->match_wlan_iftype) &&
+            strv_isempty(network->match_ssid) && !network->conditions)
                 return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
                                          "%s: No valid settings found in the [Match] section, ignoring file. "
                                          "To match all interfaces, add Name=* in the [Match] section.",

src/resolve/resolved-dns-server.c

@@ -422,6 +422,7 @@ DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s) {
                 s->possible_feature_level = s->verified_feature_level;
         else {
                 DnsServerFeatureLevel p = s->possible_feature_level;
+                int log_level = LOG_WARNING;
 
                 if (s->n_failed_tcp >= DNS_SERVER_FEATURE_RETRY_ATTEMPTS &&
                     s->possible_feature_level == DNS_SERVER_FEATURE_LEVEL_TCP) {
@@ -449,6 +450,10 @@ DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s) {
                         log_debug("Server doesn't support EDNS(0) properly, downgrading feature level...");
                         s->possible_feature_level = DNS_SERVER_FEATURE_LEVEL_UDP;
 
+                        /* Users often don't control the DNS server they use so let's not complain too loudly
+                         * when we can't use EDNS because the DNS server doesn't support it. */
+                        log_level = LOG_NOTICE;
+
                 } else if (s->packet_rrsig_missing &&
                            s->possible_feature_level >= DNS_SERVER_FEATURE_LEVEL_DO) {
 
@@ -493,9 +498,9 @@ DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s) {
                         /* We changed the feature level, reset the counting */
                         dns_server_reset_counters(s);
 
-                        log_warning("Using degraded feature set (%s) for DNS server %s.",
-                                    dns_server_feature_level_to_string(s->possible_feature_level),
-                                    dns_server_string(s));
+                        log_full(log_level, "Using degraded feature set %s instead of %s for DNS server %s.",
+                                 dns_server_feature_level_to_string(s->possible_feature_level),
+                                 dns_server_feature_level_to_string(p), dns_server_string(s));
                 }
         }
 

src/systemctl/systemctl.c

@@ -9053,6 +9053,7 @@ static int logind_schedule_shutdown(void) {
         _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
         char date[FORMAT_TIMESTAMP_MAX];
         const char *action;
+        const char *log_action;
         sd_bus *bus;
         int r;
 
@@ -9063,19 +9064,24 @@ static int logind_schedule_shutdown(void) {
         switch (arg_action) {
         case ACTION_HALT:
                 action = "halt";
+                log_action = "Shutdown";
                 break;
         case ACTION_POWEROFF:
                 action = "poweroff";
+                log_action = "Shutdown";
                 break;
         case ACTION_KEXEC:
                 action = "kexec";
+                log_action = "Reboot via kexec";
                 break;
         case ACTION_EXIT:
                 action = "exit";
+                log_action = "Shutdown";
                 break;
         case ACTION_REBOOT:
         default:
                 action = "reboot";
+                log_action = "Reboot";
                 break;
         }
 
@@ -9089,7 +9095,7 @@ static int logind_schedule_shutdown(void) {
                 return log_warning_errno(r, "Failed to call ScheduleShutdown in logind, proceeding with immediate shutdown: %s", bus_error_message(&error, r));
 
         if (!arg_quiet)
-                log_info("Shutdown scheduled for %s, use 'shutdown -c' to cancel.", format_timestamp(date, sizeof(date), arg_when));
+                log_info("%s scheduled for %s, use 'shutdown -c' to cancel.", log_action, format_timestamp(date, sizeof(date), arg_when));
         return 0;
 #else
         return log_error_errno(SYNTHETIC_ERRNO(ENOSYS),