docs/ENVIRONMENT.md

@@ -353,13 +353,12 @@ All tools:
   default is not appropriate for a given system. Defaults to `5`, accepts
   positive integers.
 
-* `$SYSTEMD_DEFAULT_MOUNT_RATE_LIMIT_INTERVAL_SEC` — can be set to override the
+* `$SYSTEMD_DEFAULT_MOUNT_RATE_LIMIT_INTERVAL_SEC` — can be set to override the mount
-  mount units interval rate limit for parsing `/proc/self/mountinfo`. Similar
+  units interval rate limit for parsing `/proc/self/mountinfo`. Similar to
-  to `$SYSTEMD_DEFAULT_MOUNT_RATE_LIMIT_BURST`, the interval limit maybe
+  `$SYSTEMD_DEFAULT_MOUNT_RATE_LIMIT_BURST`, the interval limit maybe adjusted when
-  adjusted when the default is not appropriate for a given system. The default
+  the default is not appropriate for a given system. The default value is 1 and the
-  value is 1, the default application time unit is second, and the time unit
+  default application time unit is second, and the time unit can beoverriden as usual
-  can be overridden as usual by specifying it explicitly, see the
+  by specifying it explicitly, see the systemd.time(7) man page.
-  systemd.time(7) man page.
 
 `systemd-remount-fs`:
 

man/loader.conf.xml

@@ -21,50 +21,47 @@
   </refnamediv>
 
   <refsynopsisdiv>
-    <para><filename><replaceable>ESP</replaceable>/loader/loader.conf</filename></para>
+    <para><filename><replaceable>ESP</replaceable>/loader/loader.conf</filename>,
+    <filename><replaceable>ESP</replaceable>/loader/entries/*.conf</filename>
+    <filename><replaceable>XBOOTLDR</replaceable>/loader/entries/*.conf</filename>
+    </para>
   </refsynopsisdiv>
 
   <refsect1>
     <title>Description</title>
 
     <para>
-    <citerefentry><refentrytitle>systemd-boot</refentrytitle><manvolnum>7</manvolnum></citerefentry> reads
+    <citerefentry><refentrytitle>systemd-boot</refentrytitle><manvolnum>7</manvolnum></citerefentry> will
-    <filename><replaceable>ESP</replaceable>/loader/loader.conf</filename>. This file configures whether the
+    read <filename><replaceable>ESP</replaceable>/loader/loader.conf</filename>, and any files with the
-    menu is shown and for how long, the font, audible beep, types of menu entries to show, the default
+    <literal>.conf</literal> extension under
-    choice, and some aspects of Secure Boot enrollment and firmware handling. See the list of available
+    <filename><replaceable>ESP</replaceable>/loader/entries/</filename> on the EFI system partition (ESP),
-    options below.</para>
+    and <filename><replaceable>XBOOTLDR</replaceable>/loader/entries/</filename> on the extended boot loader
-
+    partition (XBOOTLDR) as defined by <ulink url="https://uapi-group.org/specifications/specs/boot_loader_specification">Boot Loader
-    <para>The file uses UTF-8 encoding and consists of series of lines separated by "line feed" (i.e. ASCII
+    Specification</ulink>.
-    code 10). Lines that are empty or start with the comment sign (<literal>#</literal>) are ignored. Other
-    lines consist of an option name, followed by whitespace, and the option value.
     </para>
 
+    <para>Each of these configuration files must consist of series of newline (i.e. ASCII code 10) separated
+    lines, each consisting of an option name, followed by whitespace, and the option
+    value. <literal>#</literal> may be used to start a comment line. Empty and comment lines are ignored. The
+    files use UTF-8 encoding.</para>
+
     <para>Boolean arguments may be written as
-    <literal>yes</literal>/<literal>y</literal>/<literal>true</literal>/<literal>t</literal>/<literal>on</literal>/<literal>1</literal>
+    <literal>yes</literal>/<literal>y</literal>/<literal>true</literal>/<literal>t</literal>/<literal>on</literal>/<literal>1</literal> or
-    or
     <literal>no</literal>/<literal>n</literal>/<literal>false</literal>/<literal>f</literal>/<literal>off</literal>/<literal>0</literal>.
     </para>
-
-    <para>Note: <command>systemd-boot</command> will also read boot loader entry files,
-    type #1 (<filename><replaceable>ESP</replaceable>/loader/entries/*.conf</filename> and
-    <filename><replaceable>XBOOTLDR</replaceable>/loader/entries/*.conf</filename>)
-    and type #2 (<filename><replaceable>ESP</replaceable>/EFI/Linux/*.uki</filename>
-    and <filename><replaceable>XBOOTLDR</replaceable>/EFI/Linux/*.uki</filename>).
-    Those files are described by the
-    <ulink url="https://uapi-group.org/specifications/specs/boot_loader_specification">Boot Loader
-    Specification</ulink>.</para>
-
-    <para>Note: the behaviour of <command>systemd-boot</command> is also influenced by EFI variables. Some of
-    the settings specified in this file can be overridden by those, for example the default boot menu entry
-    or the menu timeouts. See
-    <citerefentry><refentrytitle>systemd-boot</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
-    details.</para>
   </refsect1>
 
   <refsect1>
     <title>Options</title>
 
-    <para>The following configuration are supported in <filename>loader.conf</filename>:</para>
+    <para>The configuration options supported by
+    <filename><replaceable>ESP</replaceable>/loader/entries/*.conf</filename> and
+    <filename><replaceable>XBOOTLDR</replaceable>/loader/entries/*.conf</filename> files are defined as part
+    of the <ulink url="https://uapi-group.org/specifications/specs/boot_loader_specification">Boot Loader
+    Specification</ulink>.</para>
+
+    <para>The following configuration are supported by the <filename>loader.conf</filename> configuration
+    file:</para>
 
     <variablelist>
       <varlistentry>
@@ -257,9 +254,8 @@
       <varlistentry>
         <term>beep</term>
 
-        <listitem><para>Takes a boolean argument. If timeout enabled beep every second, otherwise beep n
+        <listitem><para>Takes a boolean argument. If timeout enabled beep every second, otherwise beep n times when n-th entry in boot menu is selected (default disabled).
-        times when n-th entry in boot menu is selected (default disabled). Currently, only x86 is supported,
+        Currently, only x86 is supported, where it uses the PC speaker.</para>
-        where it uses the PC speaker.</para>
 
         <xi:include href="version-info.xml" xpointer="v251"/></listitem>
       </varlistentry>
@@ -406,8 +402,8 @@ sbvarsign --attr "${attr}" --key KEK.key --cert KEK.pem --output db.auth db db.e
         <listitem><para>Caveat: This feature is experimental, and is likely to be changed (or removed in its
         current form) in a future version of systemd.</para>
 
-        <para>Work around BitLocker requiring a recovery key when the boot loader was updated (disabled by
+        <para>Work around BitLocker requiring a recovery key when the boot loader was
-        default).</para>
+        updated (disabled by default).</para>
 
         <para>Try to detect BitLocker encrypted drives along with an active TPM. If both are found and
         Windows Boot Manager is selected in the boot menu, set the <literal>BootNext</literal> EFI variable
@@ -446,11 +442,8 @@ sbvarsign --attr "${attr}" --key KEK.key --cert KEK.pem --output db.auth db db.e
           <varlistentry>
             <term><option>auto</option></term>
             <listitem>
-            <para>Perform the reboot if and only if boot counting is enabled for this entry and the tries
+            <para>Perform the reboot if and only if boot counting is enabled for this entry and the tries left counter wasn't already at 0.</para>
-            left counter wasn't already at 0.</para>
+            <para>This is the default, as it is typically a safe option, that ensures a clean measurement log on each boot attempt, but also does not risk an unbounded reboot loop.</para>
-
-            <para>This is the default, as it is typically a safe option, that ensures a clean measurement log
-            on each boot attempt, but also does not risk an unbounded reboot loop.</para>
             </listitem>
           </varlistentry>
 

man/systemd-boot.xml

@@ -149,8 +149,6 @@
         <term><keycap>d</keycap></term>
         <listitem><para>Make selected entry the default</para>
 
-        <para>An EFI variable is set to allow this setting to persist.</para>
-
         <xi:include href="version-info.xml" xpointer="v239"/></listitem>
       </varlistentry>
 
@@ -166,8 +164,6 @@
         <term><keycap>t</keycap></term>
         <listitem><para>Increase the timeout before default entry is booted</para>
 
-        <para>An EFI variable is set to allow this setting to persist.</para>
-
         <xi:include href="version-info.xml" xpointer="v239"/></listitem>
       </varlistentry>
 
@@ -176,8 +172,6 @@
         <term><keycap>T</keycap></term>
         <listitem><para>Decrease the timeout</para>
 
-        <para>An EFI variable is set to allow this setting to persist.</para>
-
         <xi:include href="version-info.xml" xpointer="v239"/></listitem>
       </varlistentry>
 
@@ -185,8 +179,6 @@
         <term><keycap>r</keycap></term>
         <listitem><para>Change screen resolution, skipping any unsupported modes.</para>
 
-        <para>An EFI variable is set to allow this setting to persist.</para>
-
         <xi:include href="version-info.xml" xpointer="v250"/></listitem>
       </varlistentry>
 
@@ -194,8 +186,6 @@
         <term><keycap>R</keycap></term>
         <listitem><para>Reset screen resolution to firmware or configuration file default.</para>
 
-        <para>An EFI variable is set to allow this setting to persist.</para>
-
         <xi:include href="version-info.xml" xpointer="v250"/></listitem>
       </varlistentry>
 
@@ -290,15 +280,15 @@
     </variablelist>
 
     <para>The boot menu is shown when a non-zero menu timeout has been configured. If the menu timeout has
-    been set to zero, hold down a key (<keycap>space</keycap> is recommended) before the boot loader
+    been set to zero, it is sufficient to press any key — before the boot loader initializes — to bring up
-    initializes to bring up the boot menu. Note that depending on the firmware implementation the time window
+    the boot menu, except for the keys listed immediately above as they directly boot into the selected boot
-    where key presses are accepted before the boot loader initializes might be short. If the window is
+    menu item. Note that depending on the firmware implementation the time window where key presses are
-    missed, reboot and try again, possibly repeatedly pressing a suitable key; on most systems it should be
+    accepted before the boot loader initializes might be short. If the window is missed, reboot and try
-    possible to hit the time window after a few attempts. Keys other than the space bar may be used, except
+    again, possibly pressing a suitable key (e.g. the space bar) continuously; on most systems it should be
-    for the keys listed above. If showing the menu on demand doesn't work well, consider setting a non-zero
+    possible to hit the time window after a few attempts. To avoid this problem, consider setting a non-zero
-    timeout to show the boot menu unconditionally. Some desktop environments might offer an option to boot
+    timeout, thus showing the boot menu unconditionally. Some desktop environments might offer an option to
-    directly into the boot menu, which also avoids the problem altogether. Alternatively, use the command
+    directly boot into the boot menu, to avoid the problem altogether. Alternatively, use the command line
-    line <command>systemctl reboot --boot-loader-menu=</command> with a non-zero value from the shell.</para>
+    <command>systemctl reboot --boot-loader-menu=0</command> from the shell.</para>
 
     <para>In the editor, most keys simply insert themselves, but the following keys
     may be used to perform additional actions:</para>
@@ -399,16 +389,16 @@
   <refsect1>
     <title>EFI Variables</title>
 
-    <para>The following EFI variables are defined, and may be set or read by <command>systemd-boot</command>
+    <para>The following EFI variables are defined, set and read by <command>systemd-boot</command>, under the
-    for communication between the boot loader and the OS. The vendor UUID
+    vendor UUID <literal>4a67b082-0a4c-41cf-b6c7-440b29bb8c4f</literal>, for communication between the boot
-    <literal>4a67b082-0a4c-41cf-b6c7-440b29bb8c4f</literal> is used in all cases.</para>
+    loader and the OS:</para>
 
     <variablelist class='efi-variables'>
       <varlistentry>
         <term><varname>LoaderBootCountPath</varname></term>
-        <listitem><para>If boot counting is enabled, contains the path to the file in whose name the boot
+        <listitem><para>If boot counting is enabled, contains the path to the file in whose name the boot counters are
-        counters are encoded. Set by the boot loader.
+        encoded. Set by the boot
-        <citerefentry><refentrytitle>systemd-bless-boot.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        loader. <citerefentry><refentrytitle>systemd-bless-boot.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
         uses this information to mark a boot as successful as determined by the successful activation of the
         <filename>boot-complete.target</filename> target unit.</para>
 
@@ -475,13 +465,13 @@
         <term><varname>LoaderEntrySysFail</varname></term>
         <term><varname>LoaderEntryOneShot</varname></term>
 
-        <listitem><para>The identifier of the default boot loader entry. Can be set in the OS and the boot
+        <listitem><para>The identifier of the default boot loader entry. Set primarily by the OS and read by the boot
         loader. <varname>LoaderEntryOneShot</varname> sets the default entry for the next boot only, while
-        <varname>LoaderEntryDefault</varname> sets it persistently for all future boots.
+        <varname>LoaderEntryDefault</varname> sets it persistently for all future
-        <citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
+        boots. <citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
-        <option>set-default</option> and <option>set-oneshot</option> commands make use of these variables.
+        <option>set-default</option> and <option>set-oneshot</option> commands make use of these variables. The boot
-        The boot loader modifies <varname>LoaderEntryDefault</varname> on request, when the
+        loader modifies <varname>LoaderEntryDefault</varname> on request, when the <keycap>d</keycap> key is used, see
-        <keycap>d</keycap> key is used, see above.</para>
+        above.</para>
 
         <xi:include href="version-info.xml" xpointer="v240"/></listitem>
       </varlistentry>

src/bootctl/bootctl-status.c

@@ -83,17 +83,6 @@ static int status_entries(
                 printf(", %s$BOOT%s", ansi_green(), ansi_normal());
         printf(")");
 
-        if (config->loader_conf_status != 0) {
-                assert(esp_path);
-                printf("\n       config: %s%s/%s%s",
-                       ansi_grey(), esp_path, ansi_normal(), "/loader/loader.conf");
-                if (config->loader_conf_status < 0)
-                        printf(": %s%s%s",
-                               config->loader_conf_status == -ENOENT ? ansi_grey() : ansi_highlight_yellow(),
-                               STRERROR(config->loader_conf_status),
-                               ansi_normal());
-        }
-
         if (xbootldr_path) {
                 printf("\n     XBOOTLDR: %s (", xbootldr_path);
                 if (!sd_id128_is_null(xbootldr_partition_uuid))

src/core/selinux-access.c

@@ -156,11 +156,12 @@ static int access_init(sd_bus_error *error) {
         if (avc_open(NULL, 0) != 0) {
                 r = -errno;  /* Save original errno for later */
 
-                r = log_selinux_enforcing_errno(r, "Failed to open the SELinux AVC: %m");
+                bool enforce = security_getenforce() != 0;
-                if (r == 0)
+                log_full_errno(enforce ? LOG_ERR : LOG_WARNING, r, "Failed to open the SELinux AVC: %m");
-                        /* log_selinux_enforcing_errno() can return 0 if the enforcement isn't on.
+
-                         * In this case don't do any AVC checks.
+                /* If enforcement isn't on, then let's suppress this error, and just don't do any AVC checks.
                  * The warning we printed is hence all the admin will see. */
+                if (!enforce)
                         return 0;
 
                 /* Return an access denied error based on the original errno, if we couldn't load the AVC but
@@ -346,15 +347,14 @@ int mac_selinux_access_check_varlink_internal(
 
         r = access_init(/* error= */ NULL);
         if (r <= 0)
-                /* access_init() does log_selinux_enforcing_errno() */
+                return log_debug_errno(r, "Failed to init SELinux: %m");
-                return r;
 
         /* delay call until we checked in `access_init()` if SELinux is actually enabled */
         bool enforce = mac_selinux_enforcing();
 
         int fd = sd_varlink_get_fd(link);
         if (fd < 0)
-                return log_selinux_enforcing_errno(fd, "Failed to get varlink peer fd: %m");
+                return log_debug_errno(fd, "Failed to get varlink peer fd: %m");
 
         /* We should call mac_selinux_get_peer_label() here similarly to get_our_contexts().
          * See the explanation there why not. */

src/core/selinux-access.h

@@ -16,4 +16,4 @@ int mac_selinux_access_check_varlink_internal(sd_varlink *link, const Unit *unit
         mac_selinux_access_check_varlink_internal((link), NULL, (permission), __func__)
 
 #define mac_selinux_unit_access_check_varlink(unit, link, permission) \
-        mac_selinux_access_check_varlink_internal((link), (unit), (permission), __func__)
+        mac_selinux_access_check_bus_internal((link), (unit), (permission), __func__)

src/shared/bootspec.c

@@ -533,7 +533,6 @@ static int boot_loader_read_conf_path(BootConfig *config, const char *root, cons
         assert(path);
 
         r = chase_and_fopen_unlocked(path, root, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, "re", &full, &f);
-        config->loader_conf_status = r < 0 ? r : true;
         if (r == -ENOENT)
                 return 0;
         if (r < 0)

src/shared/bootspec.h

@@ -67,8 +67,6 @@ typedef struct BootEntry {
         }
 
 typedef struct BootConfig {
-        int loader_conf_status;  /* 0 → before loading, 1 → loaded, negative → error. */
-
         char *default_pattern;
 
         char *entry_oneshot;

test/units/TEST-03-JOBS.sh

@@ -17,16 +17,25 @@ systemctl daemon-reexec
 
 systemctl start --no-block hello-after-sleep.target
 
-timeout 10 bash -c "until systemctl list-jobs | tee /root/list-jobs.txt | grep 'sleep\.service.*running'; do sleep .1; done"
+systemctl list-jobs >/root/list-jobs.txt
+until grep 'sleep\.service.*running' /root/list-jobs.txt; do
+    systemctl list-jobs >/root/list-jobs.txt
+done
+
 grep 'hello\.service.*waiting' /root/list-jobs.txt
 
 # This is supposed to finish quickly, not wait for sleep to finish.
-timeout 10 systemctl start --job-mode=ignore-dependencies hello
+START_SEC=$(date -u '+%s')
+systemctl start --job-mode=ignore-dependencies hello
+END_SEC=$(date -u '+%s')
+ELAPSED=$((END_SEC-START_SEC))
+
+test "$ELAPSED" -lt 3
 
 # sleep should still be running, hello not.
 systemctl list-jobs >/root/list-jobs.txt
 grep 'sleep\.service.*running' /root/list-jobs.txt
-(! grep 'hello\.service' /root/list-jobs.txt)
+grep 'hello\.service' /root/list-jobs.txt && exit 1
 systemctl stop sleep.service hello-after-sleep.target
 
 # Some basic testing that --show-transaction does something useful
@@ -53,13 +62,13 @@ ACTIVATING_ID_PRE=$(systemctl show -P InvocationID always-activating.service)
 systemctl -T start always-activating.socket # Wait for the socket to come up
 systemctl -T restart always-activating.socket
 ACTIVATING_ID_POST=$(systemctl show -P InvocationID always-activating.service)
-[[ "$ACTIVATING_ID_PRE" != "$ACTIVATING_ID_POST" ]]
+[ "$ACTIVATING_ID_PRE" != "$ACTIVATING_ID_POST" ] || exit 1
 
 # Test for irreversible jobs
 systemctl start unstoppable.service
 
 # This is expected to fail with 'job cancelled'
-(! systemctl stop unstoppable.service)
+systemctl stop unstoppable.service && exit 1
 # But this should succeed
 systemctl stop --job-mode=replace-irreversibly unstoppable.service
 
@@ -84,28 +93,27 @@ EOF
 
 # wait2 succeeds
 START_SEC=$(date -u '+%s')
-timeout 10 systemctl start --wait wait2.service
+systemctl start --wait wait2.service
 END_SEC=$(date -u '+%s')
 ELAPSED=$((END_SEC-START_SEC))
-[[ "$ELAPSED" -ge 2 ]]
+[[ "$ELAPSED" -ge 2 ]] && [[ "$ELAPSED" -le 4 ]] || exit 1
 
 # wait5fail fails, so systemctl should fail
 START_SEC=$(date -u '+%s')
 (! systemctl start --wait wait2.service wait5fail.service)
 END_SEC=$(date -u '+%s')
 ELAPSED=$((END_SEC-START_SEC))
-[[ "$ELAPSED" -ge 5 ]]
+[[ "$ELAPSED" -ge 5 ]] && [[ "$ELAPSED" -le 7 ]] || exit 1
 
 # Test time-limited scopes
 START_SEC=$(date -u '+%s')
 set +e
-systemd-run --scope --property=RuntimeMaxSec=3s sleep 30
+systemd-run --scope --property=RuntimeMaxSec=3s sleep 10
 RESULT=$?
 END_SEC=$(date -u '+%s')
 ELAPSED=$((END_SEC-START_SEC))
-[[ "$ELAPSED" -ge 3 ]]
+[[ "$ELAPSED" -ge 3 ]] && [[ "$ELAPSED" -le 5 ]] || exit 1
-[[ "$ELAPSED" -le 10 ]]
+[[ "$RESULT" -ne 0 ]] || exit 1
-[[ "$RESULT" -ne 0 ]]
 
 # Test transactions with cycles
 # Provides coverage for issues like https://github.com/systemd/systemd/issues/26872

test/units/TEST-46-HOMED.sh

@@ -6,7 +6,7 @@ set -eux
 set -o pipefail
 
 # Check if homectl is installed, and if it isn't bail out early instead of failing
-if ! command -v homectl >/dev/null; then
+if ! test -x /usr/bin/homectl ; then
         echo "no homed" >/skipped
         exit 77
 fi
@@ -29,11 +29,19 @@ inspect() {
 }
 
 wait_for_exist() {
-    timeout 2m bash -c "until homectl inspect '${1:?}'; do sleep 2; done"
+    # 2min max
+    for i in {1..60}; do
+        (( i > 1 )) && sleep 2
+        homectl inspect "$1" && break
+    done
 }
 
 wait_for_state() {
-    timeout 2m bash -c "until homectl inspect '${1:?}' | grep -qF 'State: $2'; do sleep 2; done"
+    # 2min max
+    for i in {1..60}; do
+        (( i > 1 )) && sleep 2
+        homectl inspect "$1" | grep -qF "State: $2" && break
+    done
 }
 
 FSTYPE="$(stat --file-system --format "%T" /)"
@@ -632,7 +640,6 @@ EOF
         homedsshtest@localhost env
 
     wait_for_state homedsshtest inactive
-    homectl remove homedsshtest
 fi
 
 NEWPASSWORD=hunter4711 homectl create aliastest --storage=directory --alias=aliastest2 --alias=aliastest3 --realm=myrealm
@@ -658,8 +665,6 @@ getent passwd aliastest@myrealm
 getent passwd aliastest2@myrealm
 getent passwd aliastest3@myrealm
 
-homectl remove aliastest
-
 NEWPASSWORD=quux homectl create tmpfsquota --storage=subvolume --dev-shm-limit=50K --tmp-limit=50K -P
 for p in /dev/shm /tmp; do
     if findmnt -n -o options "$p" | grep -q usrquota; then

test/units/TEST-64-UDEV-STORAGE.sh

@@ -1186,12 +1186,6 @@ EOF
     helper_check_device_units
     # Cleanup
     mdadm -v --stop "$raid_dev"
-
-    # Clear superblocks to make the MD device will not be restarted even if the VM is restarted.
-    # This is a workaround for issue #38240.
-    mdadm -v --zero-superblock --force "${devices[@]}"
-    udevadm settle --timeout=30
-
     # Check if all expected symlinks were removed after the cleanup
     udevadm wait --settle --timeout=30 --removed "${expected_symlinks[@]}"
     helper_check_device_units
@@ -1249,12 +1243,6 @@ testcase_mdadm_lvm() {
     # Cleanup
     lvm vgchange -an "$vgroup"
     mdadm -v --stop "$raid_dev"
-
-    # Clear superblocks to make the MD device will not be restarted even if the VM is restarted.
-    # This is a workaround for issue #38240.
-    mdadm -v --zero-superblock --force "${devices[@]}"
-    udevadm settle --timeout=30
-
     # Check if all expected symlinks were removed after the cleanup
     udevadm wait --settle --timeout=30 --removed "${expected_symlinks[@]}"
     helper_check_device_units