man/custom-html.xsl

@@ -158,8 +158,6 @@
   <xsl:param name="keyNode"/>
   <!-- suggested value for generatedID output, a contextually meaningful ID string -->
   <xsl:param name="templateID"/>
-  <!-- Strip leading and trailing whitespaces, and replace repeating whitespaces with a single space -->
-  <xsl:variable name="normalizedID" select="normalize-space($templateID)"/>
   <xsl:variable name="conflictSource" select="preceding::refsect1/title|preceding::refsect1/info/title|
 					      preceding::refsect2/title|preceding::refsect2/info/title|
 					      preceding::varlistentry/term[1]"/>
@@ -167,10 +165,10 @@
   <xsl:choose>
     <!-- special case conflictCount = 0 to preserve compatibility with URLs generated by previous versions of this XSL stylesheet where possible -->
     <xsl:when test="$conflictCount = 0">
-      <xsl:value-of select="$normalizedID"/>
+      <xsl:value-of select="$templateID"/>
     </xsl:when>
     <xsl:otherwise>
-      <xsl:value-of select="concat($normalizedID, $conflictCount)"/>
+      <xsl:value-of select="concat($templateID, $conflictCount)"/>
     </xsl:otherwise>
   </xsl:choose>
 </xsl:template>

man/systemctl.xml

@@ -375,10 +375,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
         </varlistentry>
 
         <varlistentry>
-          <term>
+          <term><command>list-dependencies</command> <optional><replaceable>UNIT</replaceable>…</optional></term>
-            <command>list-dependencies</command>
-            <optional><replaceable>UNIT</replaceable>...</optional>
-          </term>
 
           <listitem>
             <para>Shows units required and wanted by the specified
@@ -694,12 +691,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
         </varlistentry>
 
         <varlistentry>
-          <term>
+          <term><command>bind</command> <replaceable>UNIT</replaceable> <replaceable>PATH</replaceable> [<replaceable>PATH</replaceable>]</term>
-            <command>bind</command>
-            <replaceable>UNIT</replaceable>
-            <replaceable>PATH</replaceable>
-            [<replaceable>PATH</replaceable>]
-          </term>
 
           <listitem><para>Bind-mounts a file or directory from the host into the specified unit's mount
           namespace. The first path argument is the source file or directory on the host, the second path
@@ -726,13 +718,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
         </varlistentry>
 
         <varlistentry>
-          <term>
+          <term><command>mount-image</command> <replaceable>UNIT</replaceable> <replaceable>IMAGE</replaceable> [<replaceable>PATH</replaceable> [<replaceable>PARTITION_NAME</replaceable>:<replaceable>MOUNT_OPTIONS</replaceable>]]</term>
-            <command>mount-image</command>
-            <replaceable>UNIT</replaceable>
-            <replaceable>IMAGE</replaceable>
-            [<replaceable>PATH</replaceable>
-            [<replaceable>PARTITION_NAME</replaceable>:<replaceable>MOUNT_OPTIONS</replaceable>]]
-          </term>
 
           <listitem><para>Mounts an image from the host into the specified unit's mount namespace. The first
           path argument is the source image on the host, the second path argument is the destination
@@ -1215,10 +1201,8 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
         </varlistentry>
 
         <varlistentry>
-          <term><command>add-wants <replaceable>TARGET</replaceable>
+          <term><command>add-wants <replaceable>TARGET</replaceable> <replaceable>UNIT</replaceable>…</command></term>
-          <replaceable>UNIT</replaceable>…</command></term>
+          <term><command>add-requires <replaceable>TARGET</replaceable> <replaceable>UNIT</replaceable>…</command></term>
-          <term><command>add-requires <replaceable>TARGET</replaceable>
-          <replaceable>UNIT</replaceable>…</command></term>
 
           <listitem>
             <para>Adds <literal>Wants=</literal> or <literal>Requires=</literal>
@@ -1444,10 +1428,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
           </listitem>
         </varlistentry>
         <varlistentry>
-          <term>
+          <term><command>import-environment</command> <replaceable>VARIABLE…</replaceable></term>
-            <command>import-environment</command>
-            <replaceable>VARIABLE…</replaceable>
-          </term>
 
           <listitem>
             <para>Import all, one or more environment variables set on the client into the systemd manager

src/basic/mkdir.c

@@ -237,19 +237,22 @@ int mkdir_p_root_full(const char *root, const char *p, uid_t uid, gid_t gid, mod
         if (r < 0)
                 return r;
 
-        _cleanup_close_ int nfd = xopenat_full(
+        if (path_strv_contains(subvolumes, p))
-                                dfd, bn,
+                r = btrfs_subvol_make_fallback(dfd, bn, m);
-                                O_DIRECTORY|O_CREAT|O_EXCL|O_NOFOLLOW|O_CLOEXEC,
+        else
-                                path_strv_contains(subvolumes, p) ? XO_SUBVOLUME : 0,
+                r = RET_NERRNO(mkdirat(dfd, bn, m));
-                                m);
+        if (r == -EEXIST)
-        if (nfd == -EEXIST)
                 return 0;
-        if (nfd < 0)
+        if (r < 0)
-                return nfd;
+                return r;
 
         if (ts == USEC_INFINITY && !uid_is_valid(uid) && !gid_is_valid(gid))
                 return 1;
 
+        _cleanup_close_ int nfd = openat(dfd, bn, O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW);
+        if (nfd < 0)
+                return -errno;
+
         if (ts != USEC_INFINITY) {
                 struct timespec tspec;
                 timespec_store(&tspec, ts);

src/login/logind-session.c

@@ -409,46 +409,6 @@ static int session_load_devices(Session *s, const char *devices) {
         return r;
 }
 
-static int session_load_leader(Session *s, uint64_t pidfdid) {
-        _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
-        int r;
-
-        assert(s);
-        assert(pid_is_valid(s->deserialized_pid));
-        assert(!pidref_is_set(&s->leader));
-
-        if (pidfdid == 0 && s->leader_fd_saved)
-                /* We have no pidfd id for stable reference, but the pidfd has been submitted to fdstore.
-                 * manager_enumerate_fds() will dispatch the leader fd for us later. */
-                return 0;
-
-        r = pidref_set_pid(&pidref, s->deserialized_pid);
-        if (r < 0)
-                return log_error_errno(r, "Failed to deserialize leader PID for session '%s': %m", s->id);
-        if (pidref.fd < 0)
-                return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
-                                       "Failed to acquire pidfd for session leader '" PID_FMT "', refusing.",
-                                       pidref.pid);
-
-        if (pidfdid > 0) {
-                r = pidref_acquire_pidfd_id(&pidref);
-                if (r < 0)
-                        return log_error_errno(r, "Failed to acquire pidfd id of deserialized leader '" PID_FMT "': %m",
-                                               pidref.pid);
-
-                if (pidref.fd_id != pidfdid)
-                        return log_error_errno(SYNTHETIC_ERRNO(ESRCH),
-                                               "Deserialized pidfd id for process " PID_FMT " (%" PRIu64 ") doesn't match with the current one (%" PRIu64 "), refusing.",
-                                               pidref.pid, pidfdid, pidref.fd_id);
-        }
-
-        r = session_set_leader_consume(s, TAKE_PIDREF(pidref));
-        if (r < 0)
-                return log_error_errno(r, "Failed to set leader PID for session '%s': %m", s->id);
-
-        return 1;
-}
-
 int session_load(Session *s) {
         _cleanup_free_ char *remote = NULL,
                 *seat = NULL,
@@ -458,7 +418,6 @@ int session_load(Session *s) {
                 *position = NULL,
                 *leader_pid = NULL,
                 *leader_fd_saved = NULL,
-                *leader_pidfdid = NULL,
                 *type = NULL,
                 *original_type = NULL,
                 *class = NULL,
@@ -493,7 +452,6 @@ int session_load(Session *s) {
                            "POSITION",        &position,
                            "LEADER",          &leader_pid,
                            "LEADER_FD_SAVED", &leader_fd_saved,
-                           "LEADER_PIDFDID",  &leader_pidfdid,
                            "TYPE",            &type,
                            "ORIGINAL_TYPE",   &original_type,
                            "CLASS",           &class,
@@ -636,6 +594,8 @@ int session_load(Session *s) {
         }
 
         if (leader_pid) {
+                assert(!pidref_is_set(&s->leader));
+
                 r = parse_pid(leader_pid, &s->deserialized_pid);
                 if (r < 0)
                         return log_error_errno(r, "Failed to parse LEADER=%s: %m", leader_pid);
@@ -645,19 +605,25 @@ int session_load(Session *s) {
                         if (r < 0)
                                 return log_error_errno(r, "Failed to parse LEADER_FD_SAVED=%s: %m", leader_fd_saved);
                         s->leader_fd_saved = r > 0;
+
+                        if (s->leader_fd_saved)
+                                /* The leader fd will be acquired from fdstore later */
+                                return 0;
                 }
 
-                uint64_t pidfdid;
+                _cleanup_(pidref_done) PidRef p = PIDREF_NULL;
-                if (leader_pidfdid) {
-                        r = safe_atou64(leader_pidfdid, &pidfdid);
-                        if (r < 0)
-                                return log_error_errno(r, "Failed to parse LEADER_PIDFDID=%s: %m", leader_pidfdid);
-                } else
-                        pidfdid = 0;
 
-                r = session_load_leader(s, pidfdid);
+                r = pidref_set_pid(&p, s->deserialized_pid);
                 if (r < 0)
-                        return r;
+                        return log_error_errno(r, "Failed to deserialize leader PID for session '%s': %m", s->id);
+                if (p.fd < 0)
+                        return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
+                                               "Failed to acquire pidfd for session leader '" PID_FMT "', refusing.",
+                                               p.pid);
+
+                r = session_set_leader_consume(s, TAKE_PIDREF(p));
+                if (r < 0)
+                        return log_error_errno(r, "Failed to set leader PID for session '%s': %m", s->id);
         }
 
         return 0;

src/login/logind.c

@@ -40,7 +40,6 @@
 #include "process-util.h"
 #include "service-util.h"
 #include "signal-util.h"
-#include "stat-util.h"
 #include "strv.h"
 #include "terminal-util.h"
 #include "udev-util.h"
@@ -449,28 +448,19 @@ static int deliver_session_leader_fd_consume(Session *s, const char *fdname, int
         assert(fdname);
         assert(fd >= 0);
 
-        /* Already deserialized via pidfd id? */
+        if (!pid_is_valid(s->deserialized_pid)) {
-        if (pidref_is_set(&s->leader)) {
-                assert(s->leader.pid == s->deserialized_pid);
-                assert(s->leader.fd >= 0);
-
-                r = fd_inode_same(fd, s->leader.fd);
-                if (r < 0)
-                        return log_warning_errno(r, "Failed to compare pidfd with deserialized leader for session '%s': %m",
-                                                 s->id);
-                if (r > 0)
-                        return 0;
-
-                log_warning("Got leader pidfd for session '%s' which mismatches with the deserialized process, resetting with pidfd.",
-                            s->id);
-
-        } else if (!pid_is_valid(s->deserialized_pid)) {
                 r = log_warning_errno(SYNTHETIC_ERRNO(EOWNERDEAD),
                                       "Got leader pidfd for session '%s', but LEADER= is not set, refusing.",
                                       s->id);
                 goto fail_close;
         }
 
+        if (!s->leader_fd_saved)
+                log_warning("Got leader pidfd for session '%s', but not recorded in session state, proceeding anyway.",
+                            s->id);
+        else
+                assert(!pidref_is_set(&s->leader));
+
         r = pidref_set_pidfd_take(&leader_fdstore, fd);
         if (r < 0) {
                 if (r == -ESRCH)

src/udev/udev-watch.c

@@ -191,7 +191,7 @@ static int synthesize_change(Manager *manager, sd_device *dev) {
         _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
         r = pidref_safe_fork(
                         "(udev-synth)",
-                        FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_REOPEN_LOG,
+                        FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE,
                         &pidref);
         if (r < 0)
                 return r;

test/units/TEST-35-LOGIN.sh

@@ -32,15 +32,13 @@ Environment=SYSTEMD_LOG_LEVEL=debug
 EOF
 
     # We test "coldplug" (completely stop and start logind) here. So we need to preserve
-    # the fdstore, which might contain session leader pidfds, but only if pidfd id isn't
+    # the fdstore, which might contain session leader pidfds. This is extremely rare use case
-    # a thing. This is extremely rare use case and shall not be considered fully supported.
+    # and shall not be considered fully supported.
     # See also: https://github.com/systemd/systemd/pull/30610#discussion_r1440507850
-    if systemd-analyze compare-versions "$(uname -r)" lt 6.9; then
     systemctl edit --runtime --stdin systemd-logind.service --drop-in=fdstore-preserve.conf <<EOF
 [Service]
 FileDescriptorStorePreserve=yes
 EOF
-    fi
 
     systemctl restart systemd-logind.service
 }