Merge pull request #13423 from pwithnall/12035-session-time-limits

Add `RuntimeMaxSec=` support to scope units (time-limited login sessions)

docs/TRANSIENT-SETTINGS.md

@@ -370,6 +370,7 @@ Scope units are fully supported as transient units (in fact they only exist as
 such).
 
 ```
+✓ RuntimeMaxSec=
 ✓ TimeoutStopSec=
 ```
 

man/pam_systemd.xml

@@ -263,6 +263,12 @@
 
         <listitem><para>Sets unit <varname>IOWeight=</varname>.</para></listitem>
       </varlistentry>
+
+      <varlistentry>
+        <term><varname>systemd.runtime_max_sec</varname></term>
+
+        <listitem><para>Sets unit <varname>RuntimeMaxSec=</varname>.</para></listitem>
+      </varlistentry>
     </variablelist>
 
     <para>Example data as can be provided from an another PAM module:
@@ -271,6 +277,7 @@ pam_set_data(handle, "systemd.memory_max", (void *)"200M", cleanup);
 pam_set_data(handle, "systemd.tasks_max",  (void *)"50",   cleanup);
 pam_set_data(handle, "systemd.cpu_weight", (void *)"100",  cleanup);
 pam_set_data(handle, "systemd.io_weight",  (void *)"340",  cleanup);
+pam_set_data(handle, "systemd.runtime_max_sec", (void *)"3600", cleanup);
       </programlisting>
     </para>
 

man/systemd.scope.xml

@@ -77,6 +77,31 @@
     </refsect2>
   </refsect1>
 
+  <refsect1>
+    <title>Options</title>
+
+    <para>Scope files may include a <literal>[Scope]</literal>
+    section, which carries information about the scope and the
+    units it contains. A number of options that may be used in
+    this section are shared with other unit types. These options are
+    documented in
+    <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+    and
+    <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+    The options specific to the <literal>[Scope]</literal> section
+    of scope units are the following:</para>
+
+    <variablelist class='unit-directives'>
+      <varlistentry>
+        <term><varname>RuntimeMaxSec=</varname></term>
+
+        <listitem><para>Configures a maximum time for the scope to run. If this is used and the scope has been
+        active for longer than the specified time it is terminated and put into a failure state. Pass
+        <literal>infinity</literal> (the default) to configure no runtime limit.</para></listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
   <refsect1>
     <title>See Also</title>
     <para>

man/systemd.unit.xml

@@ -137,10 +137,10 @@
     a symlink, so when <command>systemd</command> is asked through D-Bus to load
     <filename>dbus-org.freedesktop.network1.service</filename>, it'll load
     <filename>systemd-networkd.service</filename>. Alias names may be used in commands like
-    <command>enable</command>, <command>disable</command>, <command>start</command>, <command>stop</command>,
-    <command>status</command>, and similar, and in all unit dependency directives, including
-    <varname>Wants=</varname>, <varname>Requires=</varname>, <varname>Before=</varname>,
-    <varname>After=</varname>. Aliases cannot be used with the <command>preset</command> command.</para>
+    <command>disable</command>, <command>start</command>, <command>stop</command>, <command>status</command>,
+    and similar, and in all unit dependency directives, including <varname>Wants=</varname>,
+    <varname>Requires=</varname>, <varname>Before=</varname>, <varname>After=</varname>. Aliases cannot be
+    used with the <command>preset</command> command.</para>
 
     <para>Unit files may specify aliases through the <varname>Alias=</varname> directive in the [Install]
     section. When the unit is enabled, symlinks will be created for those names, and removed when the unit is

src/core/automount.c

@@ -152,6 +152,10 @@ static int automount_add_default_dependencies(Automount *a) {
         if (!MANAGER_IS_SYSTEM(UNIT(a)->manager))
                 return 0;
 
+        r = unit_add_dependency_by_name(UNIT(a), UNIT_AFTER, SPECIAL_LOCAL_FS_PRE_TARGET, true, UNIT_DEPENDENCY_DEFAULT);
+        if (r < 0)
+                return r;
+
         r = unit_add_two_dependencies_by_name(UNIT(a), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_UMOUNT_TARGET, true, UNIT_DEPENDENCY_DEFAULT);
         if (r < 0)
                 return r;

src/core/dbus-manager.c

@@ -1903,11 +1903,13 @@ static int install_error(
 
                 case -ELOOP:
                         r = sd_bus_error_setf(error, BUS_ERROR_UNIT_LINKED,
-                                              "Refusing to operate on linked unit file %s", changes[i].path);
+                                              "Refusing to operate on alias name or linked unit file: %s",
+                                              changes[i].path);
                         goto found;
 
                 case -ENOENT:
-                        r = sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit file %s does not exist.", changes[i].path);
+                        r = sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT,
+                                              "Unit file %s does not exist.", changes[i].path);
                         goto found;
 
                 default:

src/core/dbus-scope.c

@@ -47,6 +47,7 @@ const sd_bus_vtable bus_scope_vtable[] = {
         SD_BUS_PROPERTY("Controller", "s", NULL, offsetof(Scope, controller), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
         SD_BUS_PROPERTY("TimeoutStopUSec", "t", bus_property_get_usec, offsetof(Scope, timeout_stop_usec), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Scope, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
+        SD_BUS_PROPERTY("RuntimeMaxUSec", "t", bus_property_get_usec, offsetof(Scope, runtime_max_usec), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_SIGNAL("RequestStop", NULL, 0),
         SD_BUS_METHOD("Abandon", NULL, NULL, bus_scope_method_abandon, SD_BUS_VTABLE_UNPRIVILEGED),
         SD_BUS_VTABLE_END
@@ -59,6 +60,7 @@ static int bus_scope_set_transient_property(
                 UnitWriteFlags flags,
                 sd_bus_error *error) {
 
+        Unit *u = UNIT(s);
         int r;
 
         assert(s);
@@ -68,7 +70,10 @@ static int bus_scope_set_transient_property(
         flags |= UNIT_PRIVATE;
 
         if (streq(name, "TimeoutStopUSec"))
-                return bus_set_transient_usec(UNIT(s), name, &s->timeout_stop_usec, message, flags, error);
+                return bus_set_transient_usec(u, name, &s->timeout_stop_usec, message, flags, error);
+
+        if (streq(name, "RuntimeMaxUSec"))
+                return bus_set_transient_usec(u, name, &s->runtime_max_usec, message, flags, error);
 
         if (streq(name, "PIDs")) {
                 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
@@ -101,12 +106,12 @@ static int bus_scope_set_transient_property(
                         } else
                                 pid = (uid_t) upid;
 
-                        r = unit_pid_attachable(UNIT(s), pid, error);
+                        r = unit_pid_attachable(u, pid, error);
                         if (r < 0)
                                 return r;
 
                         if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
-                                r = unit_watch_pid(UNIT(s), pid, false);
+                                r = unit_watch_pid(u, pid, false);
                                 if (r < 0 && r != -EEXIST)
                                         return r;
                         }
@@ -128,7 +133,7 @@ static int bus_scope_set_transient_property(
 
                 /* We can't support direct connections with this, as direct connections know no service or unique name
                  * concept, but the Controller field stores exactly that. */
-                if (sd_bus_message_get_bus(message) != UNIT(s)->manager->api_bus)
+                if (sd_bus_message_get_bus(message) != u->manager->api_bus)
                         return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Sorry, Controller= logic only supported via the bus.");
 
                 r = sd_bus_message_read(message, "s", &controller);

src/core/load-fragment-gperf.gperf.m4

@@ -471,6 +471,7 @@ CGROUP_CONTEXT_CONFIG_ITEMS(Slice)m4_dnl
 m4_dnl
 CGROUP_CONTEXT_CONFIG_ITEMS(Scope)m4_dnl
 KILL_CONTEXT_CONFIG_ITEMS(Scope)m4_dnl
+Scope.RuntimeMaxSec,             config_parse_sec,                   0,                             offsetof(Scope, runtime_max_usec)
 Scope.TimeoutStopSec,            config_parse_sec,                   0,                             offsetof(Scope, timeout_stop_usec)
 m4_dnl The [Install] section is ignored here.
 Install.Alias,                   NULL,                               0,                             0

src/core/scope.c

@@ -34,6 +34,7 @@ static void scope_init(Unit *u) {
         assert(u);
         assert(u->load_state == UNIT_STUB);
 
+        s->runtime_max_usec = USEC_INFINITY;
         s->timeout_stop_usec = u->manager->default_timeout_stop_usec;
         u->ignore_on_isolate = true;
 }
@@ -203,6 +204,23 @@ static int scope_load(Unit *u) {
         return scope_verify(s);
 }
 
+static usec_t scope_coldplug_timeout(Scope *s) {
+        assert(s);
+
+        switch (s->deserialized_state) {
+
+        case SCOPE_RUNNING:
+                return usec_add(UNIT(s)->active_enter_timestamp.monotonic, s->runtime_max_usec);
+
+        case SCOPE_STOP_SIGKILL:
+        case SCOPE_STOP_SIGTERM:
+                return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_stop_usec);
+
+        default:
+                return USEC_INFINITY;
+        }
+}
+
 static int scope_coldplug(Unit *u) {
         Scope *s = SCOPE(u);
         int r;
@@ -213,11 +231,9 @@ static int scope_coldplug(Unit *u) {
         if (s->deserialized_state == s->state)
                 return 0;
 
-        if (IN_SET(s->deserialized_state, SCOPE_STOP_SIGKILL, SCOPE_STOP_SIGTERM)) {
-                r = scope_arm_timer(s, usec_add(u->state_change_timestamp.monotonic, s->timeout_stop_usec));
-                if (r < 0)
-                        return r;
-        }
+        r = scope_arm_timer(s, scope_coldplug_timeout(s));
+        if (r < 0)
+                return r;
 
         if (!IN_SET(s->deserialized_state, SCOPE_DEAD, SCOPE_FAILED))
                 (void) unit_enqueue_rewatch_pids(u);
@@ -230,15 +246,18 @@ static int scope_coldplug(Unit *u) {
 
 static void scope_dump(Unit *u, FILE *f, const char *prefix) {
         Scope *s = SCOPE(u);
+        char buf_runtime[FORMAT_TIMESPAN_MAX];
 
         assert(s);
         assert(f);
 
         fprintf(f,
                 "%sScope State: %s\n"
-                "%sResult: %s\n",
+                "%sResult: %s\n"
+                "%sRuntimeMaxSec: %s\n",
                 prefix, scope_state_to_string(s->state),
-                prefix, scope_result_to_string(s->result));
+                prefix, scope_result_to_string(s->result),
+                prefix, format_timespan(buf_runtime, sizeof(buf_runtime), s->runtime_max_usec, USEC_PER_SEC));
 
         cgroup_context_dump(UNIT(s), f, prefix);
         kill_context_dump(&s->kill_context, f, prefix);
@@ -351,6 +370,9 @@ static int scope_start(Unit *u) {
 
         scope_set_state(s, SCOPE_RUNNING);
 
+        /* Set the maximum runtime timeout. */
+        scope_arm_timer(s, usec_add(UNIT(s)->active_enter_timestamp.monotonic, s->runtime_max_usec));
+
         /* Start watching the PIDs currently in the scope */
         (void) unit_enqueue_rewatch_pids(u);
         return 1;
@@ -485,6 +507,11 @@ static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *user
 
         switch (s->state) {
 
+        case SCOPE_RUNNING:
+                log_unit_warning(UNIT(s), "Scope reached runtime time limit. Stopping.");
+                scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_TIMEOUT);
+                break;
+
         case SCOPE_STOP_SIGTERM:
                 if (s->kill_context.send_sigkill) {
                         log_unit_warning(UNIT(s), "Stopping timed out. Killing.");

src/core/scope.h

@@ -24,6 +24,7 @@ struct Scope {
         ScopeState state, deserialized_state;
         ScopeResult result;
 
+        usec_t runtime_max_usec;
         usec_t timeout_stop_usec;
 
         char *controller;

src/login/pam_systemd.c

@@ -279,6 +279,27 @@ static int append_session_memory_max(pam_handle_t *handle, sd_bus_message *m, co
         return 0;
 }
 
+static int append_session_runtime_max_sec(pam_handle_t *handle, sd_bus_message *m, const char *limit) {
+        usec_t val;
+        int r;
+
+        /* No need to parse "infinity" here, it will be set by default later in scope_init() */
+        if (isempty(limit) || streq(limit, "infinity"))
+                return 0;
+
+        r = parse_sec(limit, &val);
+        if (r >= 0) {
+                r = sd_bus_message_append(m, "(sv)", "RuntimeMaxUSec", "t", (uint64_t) val);
+                if (r < 0) {
+                        pam_syslog(handle, LOG_ERR, "Failed to append to bus message: %s", strerror_safe(r));
+                        return r;
+                }
+        } else
+                pam_syslog(handle, LOG_WARNING, "Failed to parse systemd.runtime_max_sec: %s, ignoring.", limit);
+
+        return 0;
+}
+
 static int append_session_tasks_max(pam_handle_t *handle, sd_bus_message *m, const char *limit) {
         uint64_t val;
         int r;
@@ -412,7 +433,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(
                 *seat = NULL,
                 *type = NULL, *class = NULL,
                 *class_pam = NULL, *type_pam = NULL, *cvtnr = NULL, *desktop = NULL, *desktop_pam = NULL,
-                *memory_max = NULL, *tasks_max = NULL, *cpu_weight = NULL, *io_weight = NULL;
+                *memory_max = NULL, *tasks_max = NULL, *cpu_weight = NULL, *io_weight = NULL, *runtime_max_sec = NULL;
         _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
         int session_fd = -1, existing, r;
         bool debug = false, remote;
@@ -545,6 +566,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(
         (void) pam_get_data(handle, "systemd.tasks_max",  (const void **)&tasks_max);
         (void) pam_get_data(handle, "systemd.cpu_weight", (const void **)&cpu_weight);
         (void) pam_get_data(handle, "systemd.io_weight",  (const void **)&io_weight);
+        (void) pam_get_data(handle, "systemd.runtime_max_sec", (const void **)&runtime_max_sec);
 
         /* Talk to logind over the message bus */
 
@@ -563,8 +585,8 @@ _public_ PAM_EXTERN int pam_sm_open_session(
                            strempty(seat), vtnr, strempty(tty), strempty(display),
                            yes_no(remote), strempty(remote_user), strempty(remote_host));
                 pam_syslog(handle, LOG_DEBUG, "Session limits: "
-                           "memory_max=%s tasks_max=%s cpu_weight=%s io_weight=%s",
-                           strna(memory_max), strna(tasks_max), strna(cpu_weight), strna(io_weight));
+                           "memory_max=%s tasks_max=%s cpu_weight=%s io_weight=%s runtime_max_sec=%s",
+                           strna(memory_max), strna(tasks_max), strna(cpu_weight), strna(io_weight), strna(runtime_max_sec));
         }
 
         r = sd_bus_message_new_method_call(
@@ -608,6 +630,10 @@ _public_ PAM_EXTERN int pam_sm_open_session(
         if (r < 0)
                 return PAM_SESSION_ERR;
 
+        r = append_session_runtime_max_sec(handle, m, runtime_max_sec);
+        if (r < 0)
+                return PAM_SESSION_ERR;
+
         r = append_session_tasks_max(handle, m, tasks_max);
         if (r < 0)
                 return PAM_SESSION_ERR;

src/modules-load/modules-load.c

@@ -96,6 +96,8 @@ static int apply_file(struct kmod_ctx *ctx, const char *path, bool ignore_enoent
                         continue;
 
                 k = module_load_and_warn(ctx, l, true);
+                if (k == -ENOENT)
+                        continue;
                 if (k < 0 && r >= 0)
                         r = k;
         }
@@ -124,7 +126,6 @@ static int help(void) {
 }
 
 static int parse_argv(int argc, char *argv[]) {
-
         enum {
                 ARG_VERSION = 0x100,
         };
@@ -141,7 +142,6 @@ static int parse_argv(int argc, char *argv[]) {
         assert(argv);
 
         while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0)
-
                 switch (c) {
 
                 case 'h':
@@ -202,6 +202,8 @@ static int run(int argc, char *argv[]) {
 
                 STRV_FOREACH(i, arg_proc_cmdline_modules) {
                         k = module_load_and_warn(ctx, *i, true);
+                        if (k == -ENOENT)
+                                continue;
                         if (k < 0 && r == 0)
                                 r = k;
                 }

src/resolve/resolved-bus.c

@@ -12,6 +12,8 @@
 #include "resolved-dnssd-bus.h"
 #include "resolved-dnssd.h"
 #include "resolved-link-bus.h"
+#include "stdio-util.h"
+#include "strv.h"
 #include "user-util.h"
 #include "utf8.h"
 
@@ -68,7 +70,7 @@ static int reply_query_state(DnsQuery *q) {
 
                         rc = dns_rcode_to_string(q->answer_rcode);
                         if (!rc) {
-                                sprintf(p, "%i", q->answer_rcode);
+                                xsprintf(p, "%i", q->answer_rcode);
                                 rc = p;
                         }
 
@@ -1273,13 +1275,12 @@ static int bus_property_get_dns_servers(
                         return r;
         }
 
-        HASHMAP_FOREACH(l, m->links, i) {
+        HASHMAP_FOREACH(l, m->links, i)
                 LIST_FOREACH(servers, s, l->dns_servers) {
                         r = bus_dns_server_append(reply, s, true);
                         if (r < 0)
                                 return r;
                 }
-        }
 
         return sd_bus_message_close_container(reply);
 }
@@ -1834,13 +1835,13 @@ static int bus_method_unregister_service(sd_bus_message *message, void *userdata
 
 static const sd_bus_vtable resolve_vtable[] = {
         SD_BUS_VTABLE_START(0),
-        SD_BUS_PROPERTY("LLMNRHostname", "s", NULL, offsetof(Manager, llmnr_hostname), 0),
+        SD_BUS_PROPERTY("LLMNRHostname", "s", NULL, offsetof(Manager, llmnr_hostname), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
         SD_BUS_PROPERTY("LLMNR", "s", bus_property_get_resolve_support, offsetof(Manager, llmnr_support), 0),
         SD_BUS_PROPERTY("MulticastDNS", "s", bus_property_get_resolve_support, offsetof(Manager, mdns_support), 0),
         SD_BUS_PROPERTY("DNSOverTLS", "s", bus_property_get_dns_over_tls_mode, 0, 0),
-        SD_BUS_PROPERTY("DNS", "a(iiay)", bus_property_get_dns_servers, 0, 0),
+        SD_BUS_PROPERTY("DNS", "a(iiay)", bus_property_get_dns_servers, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
         SD_BUS_PROPERTY("FallbackDNS", "a(iiay)", bus_property_get_fallback_dns_servers, offsetof(Manager, fallback_dns_servers), SD_BUS_VTABLE_PROPERTY_CONST),
-        SD_BUS_PROPERTY("CurrentDNSServer", "(iiay)", bus_property_get_current_dns_server, offsetof(Manager, current_dns_server), 0),
+        SD_BUS_PROPERTY("CurrentDNSServer", "(iiay)", bus_property_get_current_dns_server, offsetof(Manager, current_dns_server), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
         SD_BUS_PROPERTY("Domains", "a(isb)", bus_property_get_domains, 0, 0),
         SD_BUS_PROPERTY("TransactionStatistics", "(tt)", bus_property_get_transaction_statistics, 0, 0),
         SD_BUS_PROPERTY("CacheStatistics", "(ttt)", bus_property_get_cache_statistics, 0, 0),
@@ -1950,3 +1951,18 @@ int manager_connect_bus(Manager *m) {
 
         return 0;
 }
+
+int _manager_send_changed(Manager *manager, const char *property, ...) {
+        assert(manager);
+
+        char **l = strv_from_stdarg_alloca(property);
+
+        int r = sd_bus_emit_properties_changed_strv(
+                        manager->bus,
+                        "/org/freedesktop/resolve1",
+                        "org.freedesktop.resolve1.Manager",
+                        l);
+        if (r < 0)
+                log_notice_errno(r, "Failed to emit notification about changed property %s: %m", property);
+        return r;
+}

src/resolve/resolved-bus.h

@@ -4,6 +4,8 @@
 #include "resolved-manager.h"
 
 int manager_connect_bus(Manager *m);
+int _manager_send_changed(Manager *manager, const char *property, ...) _sentinel_;
+#define manager_send_changed(manager, ...) _manager_send_changed(manager, __VA_ARGS__, NULL)
 int bus_dns_server_append(sd_bus_message *reply, DnsServer *s, bool with_ifindex);
 int bus_property_get_resolve_support(sd_bus *bus, const char *path, const char *interface,
                                      const char *property, sd_bus_message *reply,

src/resolve/resolved-conf.c

@@ -23,7 +23,7 @@ static const char* const dns_stub_listener_mode_table[_DNS_STUB_LISTENER_MODE_MA
 };
 DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dns_stub_listener_mode, DnsStubListenerMode, DNS_STUB_LISTENER_YES);
 
-int manager_add_dns_server_by_string(Manager *m, DnsServerType type, const char *word) {
+static int manager_add_dns_server_by_string(Manager *m, DnsServerType type, const char *word) {
         union in_addr_union address;
         int family, r, ifindex = 0;
         DnsServer *s;
@@ -78,7 +78,7 @@ int manager_parse_dns_server_string_and_warn(Manager *m, DnsServerType type, con
         return 0;
 }
 
-int manager_add_search_domain_by_string(Manager *m, const char *domain) {
+static int manager_add_search_domain_by_string(Manager *m, const char *domain) {
         DnsSearchDomain *d;
         bool route_only;
         int r;

src/resolve/resolved-conf.h

@@ -19,10 +19,7 @@ enum DnsStubListenerMode {
 
 int manager_parse_config_file(Manager *m);
 
-int manager_add_search_domain_by_string(Manager *m, const char *domain);
 int manager_parse_search_domains_and_warn(Manager *m, const char *string);
-
-int manager_add_dns_server_by_string(Manager *m, DnsServerType type, const char *word);
 int manager_parse_dns_server_string_and_warn(Manager *m, DnsServerType type, const char *string);
 
 const struct ConfigPerfItem* resolved_gperf_lookup(const char *key, GPERF_LEN_TYPE length);

src/resolve/resolved-dns-server.c

@@ -3,6 +3,7 @@
 #include "sd-messages.h"
 
 #include "alloc-util.h"
+#include "resolved-bus.h"
 #include "resolved-dns-server.h"
 #include "resolved-dns-stub.h"
 #include "resolved-resolv-conf.h"
@@ -681,6 +682,8 @@ DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
         if (m->unicast_scope)
                 dns_cache_flush(&m->unicast_scope->cache);
 
+        (void) manager_send_changed(m, "CurrentDNSServer");
+
         return s;
 }
 

src/resolve/resolved-link-bus.c

@@ -12,6 +12,7 @@
 #include "resolved-bus.h"
 #include "resolved-link-bus.h"
 #include "resolved-resolv-conf.h"
+#include "stdio-util.h"
 #include "strv.h"
 #include "user-util.h"
 
@@ -295,6 +296,7 @@ int bus_link_method_set_dns_servers(sd_bus_message *message, void *userdata, sd_
 
         (void) link_save_user(l);
         (void) manager_write_resolv_conf(l->manager);
+        (void) manager_send_changed(l->manager, "DNS");
 
         return sd_bus_reply_method_return(message, NULL);
 
@@ -674,6 +676,7 @@ int bus_link_method_revert(sd_bus_message *message, void *userdata, sd_bus_error
 
         (void) link_save_user(l);
         (void) manager_write_resolv_conf(l->manager);
+        (void) manager_send_changed(l->manager, "DNS");
 
         return sd_bus_reply_method_return(message, NULL);
 }
@@ -735,15 +738,13 @@ int link_object_find(sd_bus *bus, const char *path, const char *interface, void
         return 1;
 }
 
-char *link_bus_path(Link *link) {
-        _cleanup_free_ char *ifindex = NULL;
-        char *p;
+char *link_bus_path(const Link *link) {
+        char *p, ifindex[DECIMAL_STR_MAX(link->ifindex)];
         int r;
 
         assert(link);
 
-        if (asprintf(&ifindex, "%i", link->ifindex) < 0)
-                return NULL;
+        xsprintf(ifindex, "%i", link->ifindex);
 
         r = sd_bus_path_encode("/org/freedesktop/resolve1/link", ifindex, &p);
         if (r < 0)

src/resolve/resolved-link-bus.h

@@ -8,7 +8,7 @@
 extern const sd_bus_vtable link_vtable[];
 
 int link_object_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error);
-char *link_bus_path(Link *link);
+char *link_bus_path(const Link *link);
 int link_node_enumerator(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error);
 
 int bus_link_method_set_dns_servers(sd_bus_message *message, void *userdata, sd_bus_error *error);

src/resolve/resolved-manager.c

@@ -282,6 +282,7 @@ static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *
         }
 
         (void) manager_write_resolv_conf(m);
+        (void) manager_send_changed(m, "DNS");
 
         return 0;
 }
@@ -437,6 +438,7 @@ static int make_fallback_hostnames(char **full_hostname, char **llmnr_hostname,
 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
         _cleanup_free_ char *full_hostname = NULL, *llmnr_hostname = NULL, *mdns_hostname = NULL;
         Manager *m = userdata;
+        bool llmnr_hostname_changed;
         int r;
 
         assert(m);
@@ -445,8 +447,9 @@ static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, voi
         if (r < 0)
                 return 0; /* ignore invalid hostnames */
 
+        llmnr_hostname_changed = !streq(llmnr_hostname, m->llmnr_hostname);
         if (streq(full_hostname, m->full_hostname) &&
-            streq(llmnr_hostname, m->llmnr_hostname) &&
+            !llmnr_hostname_changed &&
             streq(mdns_hostname, m->mdns_hostname))
                 return 0;
 
@@ -457,6 +460,7 @@ static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, voi
         free_and_replace(m->mdns_hostname, mdns_hostname);
 
         manager_refresh_rrs(m);
+        (void) manager_send_changed(m, "LLMNRHostname");
 
         return 0;
 }
@@ -1172,6 +1176,7 @@ int manager_next_hostname(Manager *m) {
         free_and_replace(m->mdns_hostname, k);
 
         manager_refresh_rrs(m);
+        (void) manager_send_changed(m, "LLMNRHostname");
 
         return 0;
 }

src/resolve/resolved-resolv-conf.c

@@ -334,7 +334,6 @@ static int write_stub_resolv_conf_contents(FILE *f, OrderedSet *dns, OrderedSet
 }
 
 int manager_write_resolv_conf(Manager *m) {
-
         _cleanup_ordered_set_free_ OrderedSet *dns = NULL, *domains = NULL;
         _cleanup_free_ char *temp_path_uplink = NULL, *temp_path_stub = NULL;
         _cleanup_fclose_ FILE *f_uplink = NULL, *f_stub = NULL;

src/shared/bus-unit-util.c

@@ -1381,6 +1381,18 @@ static int bus_append_path_property(sd_bus_message *m, const char *field, const
         return 0;
 }
 
+static int bus_append_scope_property(sd_bus_message *m, const char *field, const char *eq) {
+        if (streq(field, "RuntimeMaxSec"))
+
+                return bus_append_parse_sec_rename(m, field, eq);
+
+        if (streq(field, "TimeoutStopSec"))
+
+                return bus_append_parse_sec_rename(m, field, eq);
+
+        return 0;
+}
+
 static int bus_append_service_property(sd_bus_message *m, const char *field, const char *eq) {
         int r;
 
@@ -1747,15 +1759,15 @@ int bus_append_unit_property_assignment(sd_bus_message *m, UnitType t, const cha
                 break;
 
         case UNIT_SCOPE:
-
-                if (streq(field, "TimeoutStopSec"))
-                        return bus_append_parse_sec_rename(m, field, eq);
-
                 r = bus_append_cgroup_property(m, field, eq);
                 if (r != 0)
                         return r;
 
                 r = bus_append_kill_property(m, field, eq);
+                if (r != 0)
+                        return r;
+
+                r = bus_append_scope_property(m, field, eq);
                 if (r != 0)
                         return r;
                 break;

src/shared/install.c

@@ -1897,7 +1897,7 @@ static int install_context_apply(
 
                 q = install_info_traverse(scope, c, paths, i, flags, NULL);
                 if (q < 0) {
-                        unit_file_changes_add(changes, n_changes, r, i->name, NULL);
+                        unit_file_changes_add(changes, n_changes, q, i->name, NULL);
                         return q;
                 }
 

test/TEST-03-JOBS/test-jobs.sh

@@ -84,4 +84,14 @@ END_SEC=$(date -u '+%s')
 ELAPSED=$(($END_SEC-$START_SEC))
 [[ "$ELAPSED" -ge 5 ]] && [[ "$ELAPSED" -le 7 ]] || exit 1
 
+# Test time-limited scopes
+START_SEC=$(date -u '+%s')
+set +e
+systemd-run --scope --property=RuntimeMaxSec=3s sleep 10
+RESULT=$?
+END_SEC=$(date -u '+%s')
+ELAPSED=$(($END_SEC-$START_SEC))
+[[ "$ELAPSED" -ge 3 ]] && [[ "$ELAPSED" -le 5 ]] || exit 1
+[[ "$RESULT" -ne 0 ]] || exit 1
+
 touch /testok

test/fuzz/fuzz-unit-file/directives.scope

@@ -0,0 +1,2 @@
+scope
+RuntimeMaxSec=