NEWS

@@ -1,11 +1,5 @@
 systemd System and Service Manager
 
-CHANGES WITH 246 in spe:
-        * The fs.suid_dumpable sysctl is set to 2 / "suidsafe". This allows
-          systemd-coredump to save core files for suid processes. When saving
-          the core file, systemd-coredump will use the effective uid and gid of
-          the process that faulted.
-
 CHANGES WITH 245:
 
         * A new tool "systemd-repart" has been added, that operates as an

hwdb.d/60-sensor.hwdb

@@ -469,12 +469,6 @@ sensor:modalias:acpi:KIOX010A*:dmi:*:svnMEDION:pnE*:*
 sensor:modalias:acpi:KIOX010A*:dmi:*:svnMEDION:pnMEDION*:*
  ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
 
-#########################################
-# MPMAN
-#########################################
-sensor:modalias:acpi:BMA250E*:dmi:*:svnMPMAN:pnMPWIN8900CL:*
- ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
-
 #########################################
 # MSI
 #########################################

man/rules/meson.build

@@ -140,12 +140,7 @@ manpages = [
   ''],
  ['sd_bus_attach_event', '3', ['sd_bus_detach_event', 'sd_bus_get_event'], ''],
  ['sd_bus_call', '3', ['sd_bus_call_async'], ''],
- ['sd_bus_call_method',
-  '3',
-  ['sd_bus_call_method_async',
-   'sd_bus_call_method_asyncv',
-   'sd_bus_call_methodv'],
-  ''],
+ ['sd_bus_call_method', '3', ['sd_bus_call_method_async'], ''],
  ['sd_bus_close', '3', ['sd_bus_default_flush_close', 'sd_bus_flush'], ''],
  ['sd_bus_creds_get_pid',
   '3',
@@ -330,11 +325,9 @@ manpages = [
   '3',
   ['sd_bus_reply_method_errno',
    'sd_bus_reply_method_errnof',
-   'sd_bus_reply_method_errnofv',
-   'sd_bus_reply_method_errorf',
-   'sd_bus_reply_method_errorfv'],
+   'sd_bus_reply_method_errorf'],
   ''],
- ['sd_bus_reply_method_return', '3', ['sd_bus_reply_method_returnv'], ''],
+ ['sd_bus_reply_method_return', '3', [], ''],
  ['sd_bus_request_name',
   '3',
   ['sd_bus_release_name',

man/sd_bus_message_dump.xml

@@ -65,7 +65,7 @@
 
     <para>Output for a signal message (with <constant>SD_BUS_MESSAGE_DUMP_WITH_HEADER</constant>):
     <programlisting>
-‣ Type=signal  Endian=l  Flags=1  Version=1  Cookie=22
+‣ Type=signal  Endian=l  Flags=1  Version=1  Priority=0 Cookie=22
   Path=/value/a  Interface=org.freedesktop.DBus.Properties  Member=PropertiesChanged
   MESSAGE "sa{sv}as" {
           STRING "org.freedesktop.systemd.ValueTest";

man/systemd.special.xml

@@ -106,7 +106,7 @@
   </refsect1>
 
   <refsect1>
-    <title>Units managed by the system service manager</title>
+    <title>Units managed by the system's service manager</title>
 
     <refsect2>
       <title>Special System Units</title>
@@ -1058,7 +1058,7 @@
   </refsect1>
 
   <refsect1>
-    <title>Units managed by the user service manager</title>
+    <title>Units managed by the user's service manager</title>
 
     <refsect2>
       <title>Special User Units</title>

src/busctl/busctl.c

@@ -1200,6 +1200,7 @@ static int message_json(sd_bus_message *m, FILE *f) {
                                        JSON_BUILD_PAIR("endian", JSON_BUILD_STRING(e)),
                                        JSON_BUILD_PAIR("flags", JSON_BUILD_INTEGER(m->header->flags)),
                                        JSON_BUILD_PAIR("version", JSON_BUILD_INTEGER(m->header->version)),
+                                       JSON_BUILD_PAIR_CONDITION(m->priority != 0, "priority", JSON_BUILD_INTEGER(m->priority)),
                                        JSON_BUILD_PAIR("cookie", JSON_BUILD_INTEGER(BUS_MESSAGE_COOKIE(m))),
                                        JSON_BUILD_PAIR_CONDITION(m->reply_cookie != 0, "reply_cookie", JSON_BUILD_INTEGER(m->reply_cookie)),
                                        JSON_BUILD_PAIR_CONDITION(m->sender, "sender", JSON_BUILD_STRING(m->sender)),

src/core/manager.c

@@ -4247,11 +4247,6 @@ ManagerState manager_state(Manager *m) {
 
         assert(m);
 
-        /* Is the special shutdown target active or queued? If so, we are in shutdown state */
-        u = manager_get_unit(m, SPECIAL_SHUTDOWN_TARGET);
-        if (u && unit_active_or_pending(u))
-                return MANAGER_STOPPING;
-
         /* Did we ever finish booting? If not then we are still starting up */
         if (!MANAGER_IS_FINISHED(m)) {
 
@@ -4262,6 +4257,11 @@ ManagerState manager_state(Manager *m) {
                 return MANAGER_STARTING;
         }
 
+        /* Is the special shutdown target active or queued? If so, we are in shutdown state */
+        u = manager_get_unit(m, SPECIAL_SHUTDOWN_TARGET);
+        if (u && unit_active_or_pending(u))
+                return MANAGER_STOPPING;
+
         if (MANAGER_IS_SYSTEM(m)) {
                 /* Are the rescue or emergency targets active or queued? If so we are in maintenance state */
                 u = manager_get_unit(m, SPECIAL_RESCUE_TARGET);

src/libsystemd/sd-bus/bus-dump.c

@@ -56,7 +56,7 @@ _public_ int sd_bus_message_dump(sd_bus_message *m, FILE *f, uint64_t flags) {
 
         if (flags & SD_BUS_MESSAGE_DUMP_WITH_HEADER) {
                 fprintf(f,
-                        "%s%s%s Type=%s%s%s  Endian=%c  Flags=%u  Version=%u",
+                        "%s%s%s Type=%s%s%s  Endian=%c  Flags=%u  Version=%u  Priority=%"PRIi64,
                         m->header->type == SD_BUS_MESSAGE_METHOD_ERROR ? ansi_highlight_red() :
                         m->header->type == SD_BUS_MESSAGE_METHOD_RETURN ? ansi_highlight_green() :
                         m->header->type != SD_BUS_MESSAGE_SIGNAL ? ansi_highlight() : "",
@@ -69,7 +69,8 @@ _public_ int sd_bus_message_dump(sd_bus_message *m, FILE *f, uint64_t flags) {
 
                         m->header->endian,
                         m->header->flags,
-                        m->header->version);
+                        m->header->version,
+                        m->priority);
 
                 /* Display synthetic message serial number in a more readable
                  * format than (uint32_t) -1 */

src/libsystemd/sd-bus/bus-message.c

@@ -5924,31 +5924,18 @@ int bus_message_remarshal(sd_bus *bus, sd_bus_message **m) {
 }
 
 _public_ int sd_bus_message_get_priority(sd_bus_message *m, int64_t *priority) {
-        static bool warned = false;
-
         assert_return(m, -EINVAL);
         assert_return(priority, -EINVAL);
 
-        if (!warned) {
-                log_debug("sd_bus_message_get_priority() is deprecated and always returns 0.");
-                warned = true;
-        }
-
-        *priority = 0;
+        *priority = m->priority;
         return 0;
 }
 
 _public_ int sd_bus_message_set_priority(sd_bus_message *m, int64_t priority) {
-        static bool warned = false;
-
         assert_return(m, -EINVAL);
         assert_return(!m->sealed, -EPERM);
 
-        if (!warned) {
-                log_debug("sd_bus_message_set_priority() is deprecated and does nothing.");
-                warned = true;
-        }
-
+        m->priority = priority;
         return 0;
 }
 

src/libsystemd/sd-bus/bus-message.h

@@ -76,6 +76,7 @@ struct sd_bus_message {
         usec_t monotonic;
         usec_t realtime;
         uint64_t seqnum;
+        int64_t priority;
         uint64_t verify_destination_id;
 
         bool sealed:1;

sysctl.d/50-coredump.conf.in

@@ -5,23 +5,8 @@
 #  the Free Software Foundation; either version 2.1 of the License, or
 #  (at your option) any later version.
 
-# See sysctl.d(5) for the description of the files in this directory.
+# See sysctl.d(5) for the description of the files in this directory,
+# and systemd-coredump(8) and core(5) for the explanation of the
+# setting below.
 
-# Pipe the core file to systemd-coredump. The systemd-coredump process spawned
-# by the kernel will start a second copy of itself as the
-# systemd-coredump@.service, which will do the actual processing and storing of
-# the core dump.
-#
-# See systemd-coredump(8) and core(5).
 kernel.core_pattern=|@rootlibexecdir@/systemd-coredump %P %u %g %s %t %c %h
-
-# Also dump processes executing a set-user-ID/set-group-ID program that is
-# owned by a user/group other than the real user/group ID of the process, or
-# a program that has file capabilities. ("2" is called "suidsafe" in core(5)).
-#
-# systemd-coredump will store the core file owned by the effective uid and gid
-# of the running process (and not the filesystem-user-ID which the kernel uses
-# when saving a core dump).
-#
-# See proc(5), setuid(2), capabilities(7).
-fs.suid_dumpable=2

units/systemd-journal-remote.service.in

@@ -21,7 +21,6 @@ NoNewPrivileges=yes
 PrivateDevices=yes
 PrivateNetwork=yes
 PrivateTmp=yes
-ProtectClock=yes
 ProtectControlGroups=yes
 ProtectHome=yes
 ProtectHostname=yes

units/systemd-journald.service.in

@@ -25,7 +25,6 @@ LockPersonality=yes
 MemoryDenyWriteExecute=yes
 NoNewPrivileges=yes
 OOMScoreAdjust=-250
-ProtectClock=yes
 Restart=always
 RestartSec=0
 RestrictAddressFamilies=AF_UNIX AF_NETLINK

units/systemd-logind.service.in

@@ -36,7 +36,6 @@ LockPersonality=yes
 MemoryDenyWriteExecute=yes
 NoNewPrivileges=yes
 PrivateTmp=yes
-ProtectClock=yes
 ProtectControlGroups=yes
 ProtectHome=yes
 ProtectHostname=yes

units/systemd-networkd.service.in

@@ -26,7 +26,6 @@ ExecStart=!!@rootlibexecdir@/systemd-networkd
 LockPersonality=yes
 MemoryDenyWriteExecute=yes
 NoNewPrivileges=yes
-ProtectClock=yes
 ProtectControlGroups=yes
 ProtectHome=yes
 ProtectKernelModules=yes

units/systemd-resolved.service.in

@@ -28,7 +28,6 @@ MemoryDenyWriteExecute=yes
 NoNewPrivileges=yes
 PrivateDevices=yes
 PrivateTmp=yes
-ProtectClock=yes
 ProtectControlGroups=yes
 ProtectHome=yes
 ProtectKernelModules=yes

units/systemd-udevd.service.in

@@ -16,8 +16,6 @@ Before=sysinit.target
 ConditionPathIsReadWrite=/sys
 
 [Service]
-DeviceAllow=block-* rwm
-DeviceAllow=char-* rwm
 Type=notify
 # Note that udev also adjusts the OOM score internally and will reset the value internally for its workers
 OOMScoreAdjust=-1000
@@ -29,7 +27,6 @@ ExecReload=udevadm control --reload --timeout 0
 KillMode=mixed
 TasksMax=infinity
 PrivateMounts=yes
-ProtectClock=yes
 ProtectHostname=yes
 MemoryDenyWriteExecute=yes
 RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6