2026-03-15 09:34:47 +01:00
75 changed files with 362 additions and 954 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@ -18,8 +18,6 @@ body:
        If a distro build is used, please just paste the package version, e.g. `systemd-257.3-7.fc42.x86_64`.
        See https://github.com/systemd/systemd-stable/tags for the list of most recent releases.
        For older version please use distribution trackers (see https://systemd.io/CONTRIBUTING#filing-issues).
        A repository with packages built from latest main for the major distributions and architectures is available from our
        [OBS project for testing purposes.](https://software.opensuse.org//download.html?project=system%3Asystemd&package=systemd)
      placeholder: '257.x'
    validations:
      required: true
--- a/docs/API_FILE_SYSTEMS.md
+++ b/docs/API_FILE_SYSTEMS.md
@ -55,9 +55,9 @@ systemctl mask dev-hugepages.mount
 ```
 This has the effect that the huge memory page API FS is not mounted by default, starting with the next boot.
-See [Three Levels of Off](https://0pointer.de/blog/projects/three-levels-of-off.html) for more information on masking.
+See [Three Levels of Off](http://0pointer.de/blog/projects/three-levels-of-off.html) for more information on masking.
-The systemd service [systemd-remount-fs.service](https://www.freedesktop.org/software/systemd/man/latest/systemd-remount-fs.service.html)
+The systemd service [systemd-remount-fs.service](http://www.freedesktop.org/software/systemd/man/systemd-remount-fs.service.html)
 is responsible for applying mount parameters from `/etc/fstab` to the actual mounts.
 ## Why are you telling me all this? I just want to get rid of the tmpfs backed /tmp!
--- a/docs/ARCHITECTURE.md
+++ b/docs/ARCHITECTURE.md
@ -42,7 +42,7 @@ Thus code that is used by "higher-level" components (e.g. our binaries which are
 would go to a subdirectory specific to that component if it is only used there.
 If the code is to be shared between components, it'd go to `src/shared/`.
 Shared code that is used by multiple components that do not link to `libsystemd-shared-<nnn>.so` may live either in `src/libsystemd/`, `src/basic/`, or `src/fundamental/`.
-Any code that is used only for EFI goes under `src/boot/efi/`, and in `src/fundamental/` if it is shared with non-EFI components.
+Any code that is used only for EFI goes under `src/boot/efi/`, and `src/fundamental/` if is shared with non-EFI components.
 To summarize:
@ -121,7 +121,7 @@ Names of meson tests include the input file name and output looks awkward if the
 Fuzzers are invoked primarily in three ways:
 firstly, each fuzzer is compiled as a normal executable and executed for each of the input samples under `test/fuzz/` as part of the test suite.
 Secondly, fuzzers may be instrumented with sanitizers and invoked as part of the test suite (if `-Dfuzz-tests=true` is configured).
-Thirdly, fuzzers are executed through fuzzing engines that try to find new "interesting" inputs through coverage feedback and massive parallelization; see the links for oss-fuzz in [Code quality](/CODE_QUALITY).
+Thirdly, fuzzers are executed through fuzzing engines that tryto find new "interesting" inputs through coverage feedback and massive parallelization; see the links for oss-fuzz in [Code quality](/CODE_QUALITY).
 For testing and debugging, fuzzers can be executed as any other program, including under `valgrind` or `gdb`.
 ## Integration Tests
--- a/docs/AUTOMATIC_BOOT_ASSESSMENT.md
+++ b/docs/AUTOMATIC_BOOT_ASSESSMENT.md
@ -21,12 +21,12 @@ other boot loaders or take actions outside of the boot loader.
 Here's a brief overview of the complete set of components:
 * The
-  [`kernel-install(8)`](https://www.freedesktop.org/software/systemd/man/latest/kernel-install.html)
+  [`kernel-install(8)`](https://www.freedesktop.org/software/systemd/man/kernel-install.html)
  script can optionally create boot loader entries that carry an initial boot
  counter (the initial counter is configurable in `/etc/kernel/tries`).
 * The
-  [`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-boot.html)
+  [`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)
  boot loader optionally maintains a per-boot-loader-entry counter described by
  the [UAPI.1 Boot Loader Specification](https://uapi-group.org/specifications/specs/boot_loader_specification/#boot-counting)
  that is decreased by one on each attempt to boot the entry, prioritizing
@ -34,27 +34,27 @@ Here's a brief overview of the complete set of components:
  counter of zero when choosing the entry to boot.
 * The `boot-complete.target` target unit (see
-  [`systemd.special(7)`](https://www.freedesktop.org/software/systemd/man/latest/systemd.special.html))
+  [`systemd.special(7)`](https://www.freedesktop.org/software/systemd/man/systemd.special.html))
  serves as a generic extension point both for units that are necessary to
  consider a boot successful (e.g. `systemd-boot-check-no-failures.service`
  described below), and units that want to act only if the boot is
  successful (e.g. `systemd-bless-boot.service` described below).
 * The
-  [`systemd-boot-check-no-failures.service(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-boot-check-no-failures.service.html)
+  [`systemd-boot-check-no-failures.service(8)`](https://www.freedesktop.org/software/systemd/man/systemd-boot-check-no-failures.service.html)
  service is a simple service health check tool. When enabled it becomes an
  indirect dependency of `systemd-bless-boot.service` (by means of
  `boot-complete.target`, see below), ensuring that the boot will not be
  considered successful if there are any failed services.
 * The
-  [`systemd-bless-boot.service(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-bless-boot.service.html)
+  [`systemd-bless-boot.service(8)`](https://www.freedesktop.org/software/systemd/man/systemd-bless-boot.service.html)
  service automatically marks a boot loader entry, for which boot counting as
  mentioned above is enabled, as "good" when a boot has been determined to be
  successful, thus turning off boot counting for it.
 * The
-  [`systemd-bless-boot-generator(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-bless-boot-generator.html)
+  [`systemd-bless-boot-generator(8)`](https://www.freedesktop.org/software/systemd/man/systemd-bless-boot-generator.html)
  generator automatically pulls in `systemd-bless-boot.service` when use of
  `systemd-boot` with boot counting enabled is detected.
@ -189,7 +189,7 @@ are a couple of recommendations.
   Depending on the setup, it may be most convenient to pull in such units
   through normal enablement symlinks, or during early boot using a
-   [`generator`](https://www.freedesktop.org/software/systemd/man/latest/systemd.generator.html),
+   [`generator`](https://www.freedesktop.org/software/systemd/man/systemd.generator.html),
   or even during later boot. In the last case, care must be taken to ensure
   that the start job is created before `boot-complete.target` has been
   reached.
@ -199,9 +199,9 @@ are a couple of recommendations.
   in.
   Such unit would be typically wanted (or required) by one of the
-   [`bootup`](https://www.freedesktop.org/software/systemd/man/latest/bootup.html) targets,
+   [`bootup`](https://www.freedesktop.org/software/systemd/man/bootup.html) targets,
   for example, `multi-user.target`. To avoid potential loops due to conflicting
-   [default dependencies](https://www.freedesktop.org/software/systemd/man/latest/systemd.unit.html#Default%20Dependencies)
+   [default dependencies](https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Default%20Dependencies)
   ordering, it is recommended to also add an explicit dependency (e.g.
   `After=multi-user.target`) to the unit. This overrides the implicit ordering
   and allows `boot-complete.target` to start after the given bootup target.
--- a/docs/BLOCK_DEVICE_LOCKING.md
+++ b/docs/BLOCK_DEVICE_LOCKING.md
@ -88,7 +88,7 @@ during normal operation, i.e. while file systems on it are mounted for
 application use.
 The [`udevadm
-lock`](https://www.freedesktop.org/software/systemd/man/latest/udevadm.html) command
+lock`](https://www.freedesktop.org/software/systemd/man/udevadm.html) command
 is provided to lock block devices following this scheme from the command line,
 for the use in scripts and similar. (Note though that it's typically preferable
 to use native support for block device locking in tools where that's
--- a/docs/BOOT_LOADER_INTERFACE.md
+++ b/docs/BOOT_LOADER_INTERFACE.md
@ -107,14 +107,14 @@ Variables will be listed below using the Linux efivarfs naming,
  * `1 << 5` → The boot loader supports looking for boot menu entries in the Extended Boot Loader Partition.
  * `1 << 6` → The boot loader supports passing a random seed to the OS.
  * `1 << 7` → The boot loader supports loading of drop-in drivers from the `/EFI/systemd/drivers/` directory on the ESP,
-               see [`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-boot.html).
+               see [`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html).
  * `1 << 8` → The boot loader supports the `sort-key` field defined by the
               [Boot Loader Specification](https://uapi-group.org/specifications/specs/boot_loader_specification).
  * `1 << 9` → The boot loader supports the `@saved` pseudo-entry
  * `1 << 10` → The boot loader supports the `devicetree` field defined by the
                [Boot Loader Specification](https://uapi-group.org/specifications/specs/boot_loader_specification).
  * `1 << 11` → The boot loader support automatic enrollment of SecureBoot keys,
-                see [`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-boot.html).
+                see [`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html).
  * `1 << 12` → The boot loader will set EFI variable `ShimRetainProtocol-605dab50-e046-4300-abb6-3dd810dd8b23`
                for `shim` to make its protocol available to the booted binary.
  * `1 << 13` → The boot loader honours `menu-disabled` option when set.
@ -166,7 +166,7 @@ variables.
 ## Boot Loader Entry Identifiers
 While boot loader entries may be named relatively freely,
-it's highly recommended to follow these rules when picking identifiers for the entries,
+it's highly recommended to follow the following rules when picking identifiers for the entries,
 so that programs (and users) can derive basic context and meaning from the identifiers
 as passed in `LoaderEntries`, `LoaderEntryDefault`, `LoaderEntryOneShot`, `LoaderEntrySelected`,
 and possibly show nicely localized names for them in UIs.
@ -206,6 +206,6 @@ and possibly show nicely localized names for them in UIs.
 [UAPI.1 Boot Loader Specification](https://uapi-group.org/specifications/specs/boot_loader_specification)<br>
 [UAPI.2 Discoverable Partitions Specification](https://uapi-group.org/specifications/specs/discoverable_partitions_specification)<br>
-[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-boot.html)<br>
+[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
-[`bootctl(1)`](https://www.freedesktop.org/software/systemd/man/latest/bootctl.html)<br>
+[`bootctl(1)`](https://www.freedesktop.org/software/systemd/man/bootctl.html)<br>
-[`systemd-gpt-auto-generator(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-gpt-auto-generator.html)
+[`systemd-gpt-auto-generator(8)`](https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html)
--- a/docs/BUILDING_IMAGES.md
+++ b/docs/BUILDING_IMAGES.md
@ -26,7 +26,7 @@ Typically the same OS image shall be deployable in multiple instances, and each
 instance should automatically acquire its own identifying credentials on first
 boot. For that it's essential to:
-1. Remove the [`/etc/machine-id`](https://www.freedesktop.org/software/systemd/man/latest/machine-id.html)
+1. Remove the [`/etc/machine-id`](https://www.freedesktop.org/software/systemd/man/machine-id.html)
   file or write the string `uninitialized\n` into it.
   This file is supposed to carry a 128-bit identifier unique to the system.
   Only when it is reset it will be auto-generated on first boot and thus be truly unique.
@ -36,27 +36,27 @@ boot. For that it's essential to:
   for example, IPv6 addresses or transient MAC addresses.
 2. Remove the `/var/lib/systemd/random-seed` file(see
-   [`systemd-random-seed(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-random-seed.service.html)),
+   [`systemd-random-seed(8)`](https://www.freedesktop.org/software/systemd/man/systemd-random-seed.service.html)),
   which is used to seed the kernel's random pool on boot.
   If this file is shipped pre-initialized, every instance will seed its random pool with the
   same random data that is included in the image, and thus possibly generate
   random data that is more similar to other instances booted off the same image than advisable.
 3. Remove the `/loader/random-seed` file (see
-   [`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-boot.html))
+   [`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html))
   from the UEFI System Partition (ESP), in case the `systemd-boot` boot loader is used in the image.
 4. It might also make sense to remove
-   [`/etc/hostname`](https://www.freedesktop.org/software/systemd/man/latest/hostname.html)
+   [`/etc/hostname`](https://www.freedesktop.org/software/systemd/man/hostname.html)
   and
-   [`/etc/machine-info`](https://www.freedesktop.org/software/systemd/man/latest/machine-info.html)
+   [`/etc/machine-info`](https://www.freedesktop.org/software/systemd/man/machine-info.html)
   which carry additional identifying information about the OS image.
 5. Remove `/var/lib/systemd/credential.secret` which is used for protecting
   service credentials, see
-   [`systemd.exec(5)`](https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#Credentials)
+   [`systemd.exec(5)`](https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Credentials)
   and
-   [`systemd-creds(1)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-creds.html)
+   [`systemd-creds(1)`](https://www.freedesktop.org/software/systemd/man/systemd-creds.html)
   for details. Note that by removing this file access to previously encrypted
   credentials from this image is lost. The file is automatically generated if
   a new credential is encrypted and the file does not exist yet.
@ -64,7 +64,7 @@ boot. For that it's essential to:
 ## Boot Menu Entry Identifiers
 The
-[`kernel-install(8)`](https://www.freedesktop.org/software/systemd/man/latest/kernel-install.html)
+[`kernel-install(8)`](https://www.freedesktop.org/software/systemd/man/kernel-install.html)
 logic used to generate
 [UAPI.1 Boot Loader Specification Type #1](https://uapi-group.org/specifications/specs/boot_loader_specification/#type-1-boot-loader-specification-entries)
 entries by default uses the machine ID as stored in `/etc/machine-id` for
@ -84,7 +84,7 @@ If not configured explicitly it defaults to the machineID.
 The file `/etc/kernel/entry-token` may be used to configure this string explicitly.
 Thus, golden image builders should write a suitable identifier into
 this file, for example, the `IMAGE_ID=` or `ID=` field from
-[`/etc/os-release`](https://www.freedesktop.org/software/systemd/man/latest/os-release.html)
+[`/etc/os-release`](https://www.freedesktop.org/software/systemd/man/os-release.html)
 (also see below).
 It is recommended to do this before the `kernel-install` functionality is invoked (i.e. before the package manager is used to install
 packages into the OS tree being prepared), so that the selected string is
@ -111,17 +111,17 @@ Specifically, the following mechanisms are in place:
   (see above).
 3. The
-   [`nss-systemd(8)`](https://www.freedesktop.org/software/systemd/man/latest/nss-systemd.html)
+   [`nss-systemd(8)`](https://www.freedesktop.org/software/systemd/man/nss-systemd.html)
   glibc NSS module ensures the `root` and `nobody` users and groups remain
   resolvable, even without `/etc/passwd` and `/etc/group` around.
 4. The
-   [`systemd-sysusers(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-sysusers.service.html)
+   [`systemd-sysusers(8)`](https://www.freedesktop.org/software/systemd/man/systemd-sysusers.service.html)
   component will automatically populate `/etc/passwd` and `/etc/group` on
   first boot with further necessary system users.
 5. The
-   [`systemd-tmpfiles(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-tmpfiles-setup.service.html)
+   [`systemd-tmpfiles(8)`](https://www.freedesktop.org/software/systemd/man/systemd-tmpfiles-setup.service.html)
   component ensures that various files and directories below `/etc/`, `/var/`
   and other places are created automatically at boot if missing. Unlike the
   directories/symlinks created by the `switch-root` logic above this logic is
@ -131,7 +131,7 @@ Specifically, the following mechanisms are in place:
   unconditionally accessible through `/etc/os-release`.
 6. The
-   [`nss-myhostname(8)`](https://www.freedesktop.org/software/systemd/man/latest/nss-myhostname.html)
+   [`nss-myhostname(8)`](https://www.freedesktop.org/software/systemd/man/nss-myhostname.html)
   glibc NSS module will ensure the local host name as well as `localhost`
   remains resolvable, even without `/etc/hosts` around.
@ -193,7 +193,7 @@ it, then format it.
 `systemd` provides multiple tools to implement the above logic:
 1. The
-   [`systemd-repart(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-repart.service.html)
+   [`systemd-repart(8)`](https://www.freedesktop.org/software/systemd/man/systemd-repart.service.html)
   component may manipulate GPT partition tables automatically on boot, growing
   partitions or adding in partitions taking the backing storage size into account.
   It can also encrypt partitions automatically it creates (even bind
@ -202,7 +202,7 @@ it, then format it.
   incompletely set up partitions around.
 2. The
-   [`systemd-growfs@(8).service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-growfs.html)
+   [`systemd-growfs@(8).service`](https://www.freedesktop.org/software/systemd/man/systemd-growfs.html)
   tool can automatically grow a file system to the partition it is contained
   in. The `x-systemd.growfs` mount option in `/etc/fstab` is sufficient to
   enable this logic for specific mounts. Alternatively appropriately set up
@ -221,7 +221,7 @@ While a lot of work has gone into ensuring `systemd` systems can safely boot
 with unpopulated `/etc/` trees, it sometimes is desirable to set a couple of
 basic settings *after* `dd`-ing the image to disk, but *before* first boot.
 For this the tool
-[`systemd-firstboot(1)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-firstboot.html)
+[`systemd-firstboot(1)`](https://www.freedesktop.org/software/systemd/man/systemd-firstboot.html)
 can be useful, with its `--image=` switch. It may be used to set very basic
 settings, such as the root password or hostname on an OS disk image or
 installed block device.
@ -232,7 +232,7 @@ For various purposes it's useful to be able to distinguish the first boot-up of
 the system from later boot-ups (for example, to set up TPM hardware specifically, or register a system somewhere).
 `systemd` provides mechanisms to implement that.
 Specifically, the `ConditionFirstBoot=` and `AssertFirstBoot=` settings may be used to conditionalize units to only run on first boot.
-See [`systemd.unit(5)`](https://www.freedesktop.org/software/systemd/man/latest/systemd.unit.html#ConditionFirstBoot=)
+See [`systemd.unit(5)`](https://www.freedesktop.org/software/systemd/man/systemd.unit.html#ConditionFirstBoot=)
 for details.
 A special target unit `first-boot-complete.target` may be used as milestone to
@ -247,14 +247,14 @@ Whether a system will come up in first boot state or not is derived from the
 initialization status of `/etc/machine-id`:
 if the file already carries a valid ID the system is already past the first boot.
 If it is not initialized yet it is still considered in the first boot state.
-For details see [`machine-id(5)`](https://www.freedesktop.org/software/systemd/man/latest/machine-id.html).
+For details see [`machine-id(5)`](https://www.freedesktop.org/software/systemd/man/machine-id.html).
 ## Image Metadata
 Typically, when operating with golden disk images it is useful to be able to
 identify them and their version.
 For this the two fields `IMAGE_ID=` and `IMAGE_VERSION=` have been defined in
-[`os-release(5)`](https://www.freedesktop.org/software/systemd/man/latest/os-release.html).
+[`os-release(5)`](https://www.freedesktop.org/software/systemd/man/os-release.html).
 These fields may be accessed from unit files and similar via the `%M` and `%A` specifiers.
 Depending on how the images are put together it might make sense to leave the
@ -265,12 +265,12 @@ fields.
 ## Links
-[`machine-id(5)`](https://www.freedesktop.org/software/systemd/man/latest/machine-id.html)<br>
+[`machine-id(5)`](https://www.freedesktop.org/software/systemd/man/machine-id.html)<br>
-[`systemd-random-seed(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-random-seed.service.html)<br>
+[`systemd-random-seed(8)`](https://www.freedesktop.org/software/systemd/man/systemd-random-seed.service.html)<br>
-[`os-release(5)`](https://www.freedesktop.org/software/systemd/man/latest/os-release.html)<br>
+[`os-release(5)`](https://www.freedesktop.org/software/systemd/man/os-release.html)<br>
 [UAPI.1 Boot Loader Specification](https://uapi-group.org/specifications/specs/boot_loader_specification)<br>
 [UAPI.2 Discoverable Partitions Specification](https://uapi-group.org/specifications/specs/discoverable_partitions_specification)<br>
 [`mkosi`](https://github.com/systemd/mkosi)<br>
-[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-boot.html)<br>
+[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
-[`systemd-repart(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-repart.service.html)<br>
+[`systemd-repart(8)`](https://www.freedesktop.org/software/systemd/man/systemd-repart.service.html)<br>
-[`systemd-growfs@(8).service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-growfs.html)<br>
+[`systemd-growfs@(8).service`](https://www.freedesktop.org/software/systemd/man/systemd-growfs.html)<br>
--- a/docs/CATALOG.md
+++ b/docs/CATALOG.md
@ -21,7 +21,7 @@ The message catalog has a number of purposes:
 ## Format
 Message catalog source files are simple text files that follow an RFC822 inspired format.
-To get an understanding of the format [here's an example file](https://github.com/systemd/systemd/blob/main/catalog/systemd.catalog.in), which includes entries for many important messages systemd itself generates.
+To get an understanding of the format [here's an example file](http://cgit.freedesktop.org/systemd/systemd/plain/catalog/systemd.catalog), which includes entries for many important messages systemd itself generates.
 On installation of a package that includes message catalogs all installed message catalog source files get compiled into a binary index, which is then used to look up catalog data.
 journalctl's `-x` command line parameter may be used to augment on display journal log messages with message catalog data when browsing.
@ -36,8 +36,9 @@ Here's an example how a single catalog entry looks like in the text source forma
 -- fc2e22bc6ee647b6b90729ab34a250b1
 Subject: Process @COREDUMP_PID@ (@COREDUMP_COMM@) dumped core
 Defined-By: systemd
-Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
+Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
 Documentation: man:core(5)
 Documentation: http://www.freedesktop.org/wiki/Software/systemd/catalog/@MESSAGE_ID@
 Process @COREDUMP_PID@ (@COREDUMP_COMM@) crashed and dumped core.
@ -79,16 +80,16 @@ The text format of the .catalog files is as follows:
 * When a catalog entry is printed on screen for a specific log entry simple variable replacements are applied.
 Journal field names enclosed in @ will be replaced by their values, if such a field is available in an entry.
 If such a field is not defined in an entry the enclosing @ will be dropped but the variable name is kept.
-See [systemd's own message catalog](https://github.com/systemd/systemd/blob/main/catalog/systemd.catalog.in) for a complete example for a catalog file.
+See [systemd's own message catalog](http://cgit.freedesktop.org/systemd/systemd/plain/catalog/systemd.catalog) for a complete example for a catalog file.
 ## Adding Message Catalog Support to Your Program
 Note that the message catalog is only available for messages generated with the MESSAGE\_ID= journal meta data field, as this is need to find the right entry for a message.
-For more information on the MESSAGE\_ID= journal entry field see [systemd.journal-fields(7)](https://www.freedesktop.org/software/systemd/man/latest/systemd.journal-fields.html).
+For more information on the MESSAGE\_ID= journal entry field see [systemd.journal-fields(7)](http://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html).
-To add message catalog entries for log messages your application generates, please follow these guidelines:
+To add message catalog entries for log messages your application generates, please follow the following guidelines:
-* Use the [native Journal logging APIs](https://0pointer.de/blog/projects/journal-submit.html)
+* Use the [native Journal logging APIs](http://0pointer.de/blog/projects/journal-submit.html)
  to generate your messages, and define message IDs for all messages you want to add catalog entries for.
  You may use `journalctl --new-id128` to allocate new message IDs.
 * Write a catalog entry file for your messages and ship them in your package and install them to `/usr/lib/systemd/catalog/`
--- a/docs/CODE_QUALITY.md
+++ b/docs/CODE_QUALITY.md
@ -27,7 +27,7 @@ available functionality:
   using `systemd-nspawn` and `qemu`. Requires root.
 3. Use `./coccinelle/run-coccinelle.sh` to run all
-   [Coccinelle](https://coccinelle.gitlabpages.inria.fr/website/) semantic patch scripts we ship. The
+   [Coccinelle](http://coccinelle.lip6.fr/) semantic patch scripts we ship. The
   output will show false positives, hence take it with a pinch of salt.
 4. Use `./tools/find-double-newline.sh recdiff` to find double newlines. Use
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@ -7,7 +7,7 @@ SPDX-License-Identifier: LGPL-2.1-or-later
 # Contributing
-We welcome contributions from everyone. However, please follow these guidelines when posting a GitHub Pull Request or filing a GitHub Issue on the systemd project:
+We welcome contributions from everyone. However, please follow the following guidelines when posting a GitHub Pull Request or filing a GitHub Issue on the systemd project:
 ## Filing Issues
--- a/docs/CONTROL_GROUP_INTERFACE.md
+++ b/docs/CONTROL_GROUP_INTERFACE.md
@ -58,9 +58,9 @@ On systemd systems use the systemd APIs as described below. At this time we are
 Systemd provides three unit types that are useful for the purpose of resource control:
- [_Services_](https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html) encapsulate a number of processes that are started and stopped by systemd based on configuration. Services are named in the style of `quux.service`.
+- [_Services_](http://www.freedesktop.org/software/systemd/man/systemd.service.html) encapsulate a number of processes that are started and stopped by systemd based on configuration. Services are named in the style of `quux.service`.
- [_Scopes_](https://www.freedesktop.org/software/systemd/man/latest/systemd.scope.html) encapsulate a number of processes that are started and stopped by arbitrary processes via fork(), and then registered at runtime with PID1. Scopes are named in the style of `wuff.scope`.
+- [_Scopes_](http://www.freedesktop.org/software/systemd/man/systemd.scope.html) encapsulate a number of processes that are started and stopped by arbitrary processes via fork(), and then registered at runtime with PID1. Scopes are named in the style of `wuff.scope`.
- [_Slices_](https://www.freedesktop.org/software/systemd/man/latest/systemd.slice.html) may be used to group a number of services and scopes together in a hierarchial tree. Slices do not contain processes themselves, but the services and scopes contained in them do. Slices are named in the style of `foobar-waldo.slice`, where the path to the location of the slice in the tree is encoded in the name with "-" as separator for the path components (`foobar-waldo.slice` is hence a subslice of `foobar.slice`). There's one special slices defined, `-.slice`, which is the root slice of all slices (`foobar.slice` is hence subslice of `-.slice`). This is similar how in regular file paths, "/" denotes the root directory.
+- [_Slices_](http://www.freedesktop.org/software/systemd/man/systemd.slice.html) may be used to group a number of services and scopes together in a hierarchial tree. Slices do not contain processes themselves, but the services and scopes contained in them do. Slices are named in the style of `foobar-waldo.slice`, where the path to the location of the slice in the tree is encoded in the name with "-" as separator for the path components (`foobar-waldo.slice` is hence a subslice of `foobar.slice`). There's one special slices defined, `-.slice`, which is the root slice of all slices (`foobar.slice` is hence subslice of `-.slice`). This is similar how in regular file paths, "/" denotes the root directory.
 Service, scope and slice units directly map to objects in the cgroup tree. When these units are activated they each map to directly (modulo some character escaping) to cgroup paths built from the unit names. For example, a service `quux.service` in a slice `foobar-waldo.slice` is found in the cgroup `foobar.slice/foobar-waldo.slice/quux.service/`.
@ -179,7 +179,7 @@ Resource limits may be set on services, scopes and slices the same way. All acti
 Service and slice units may be configured via unit files on disk, or alternatively be created dynamically at runtime via API calls to PID 1. Scope units may only be created at runtime via API calls to PID 1, but not from unit files on disk. Units that are created dynamically at runtime via API calls are called _transient_ units. Transient units exist only during runtime and are released automatically as soon as they finished/got deactivated or the system is rebooted.
-If a service/slice is configured via unit files on disk the resource controls may be configured with the settings documented in [systemd.resource-control(5)](https://www.freedesktop.org/software/systemd/man/latest/systemd.resource-control.html). While the unit is started it may be reconfigured for services/slices/scopes (with changes applying instantly) with a command line such as:
+If a service/slice is configured via unit files on disk the resource controls may be configured with the settings documented in [systemd.resource-control(5)](http://www.freedesktop.org/software/systemd/man/systemd.resource-control.html). While the unit are started they may be reconfigured for services/slices/scopes (with changes applying instantly) with the a command line such as:
 ```
 # systemctl set-property httpd.service CPUShares=500 MemoryLimit=500M
@ -205,11 +205,11 @@ The properties array of `StartTransientUnit()` may take many of the settings tha
 To alter resource control properties at runtime use the `SetUnitProperty()` call on the `Manager` object or `SetProperty()` on the individual Unit objects. This also takes an array of properties to set, in the same format as `StartTransientUnit()` takes. Note again that this is not a dictionary, and allows properties to be set multiple times with a single invocation. THis is useful for array properties: if a property is assigned the empty array it will be reset to the empty array itself, however if it is assigned a non-empty array then this array is appended to the previous array. This mimics behaviour of array settings in unit files. Note that most settings may only be set during creation of units with `StartTransientUnit()`, and may not be altered later on. The exception here are the resource control settings, more specifically `CPUAccounting`, `CPUShares`, `BlockIOAccounting`, `BlockIOWeight`, `BlockIOReadBandwidth`, `BlockIOWriteBandwidth`, `BlockIODeviceWeight`, `MemoryAccounting`, `MemoryLimit`, `DevicePolicy`, `DeviceAllow` for services/scopes/slices. Note that the standard D-Bus `org.freedesktop.DBus.Properties.Set()` call is currently not supported by any of the unit objects to set these properties, but might eventually (note however, that it is substantially less useful as it only allows setting a single property at a time, resulting in races).
-The [`systemctl set-property`](https://www.freedesktop.org/software/systemd/man/latest/systemctl.html) command internally is little more than a wrapper around `SetUnitProperty()`. The [`systemd-run`](https://www.freedesktop.org/software/systemd/man/latest/systemd-run.html) tool is a wrapper around `StartTransientUnit()`. It may be used to either run a process as a transient service in the background, where it is invoked from PID 1, or alternatively as a scope unit in the foreground, where it is run from the `systemd-run` process itself.
+The [`systemctl set-property`](http://www.freedesktop.org/software/systemd/man/systemctl.html) command internally is little more than a wrapper around `SetUnitProperty()`. The [`systemd-run`](http://www.freedesktop.org/software/systemd/man/systemd-run.html) tool is a wrapper around `StartTransientUnit()`. It may be used to either run a process as a transient service in the background, where it is invoked from PID 1, or alternatively as a scope unit in the foreground, where it is run from the `systemd-run` process itself.
 ### Enumeration
-To acquire a list of currently running units, use the `ListUnits()` call on the Manager bus object. To determine the scope/service unit and slice unit a process is running in use [`sd_pid_get_unit()`](https://www.freedesktop.org/software/systemd/man/latest/sd_pid_get_unit.html) and `sd_pid_get_slice()`. These two calls are implemented in `libsystemd-login.so`. These call bypass the system bus (which they can because they are passive and do not require privileges) and are hence very efficient to invoke.
+To acquire a list of currently running units, use the `ListUnits()` call on the Manager bus object. To determine the scope/service unit and slice unit a process is running in use [`sd_pid_get_unit()`](http://www.freedesktop.org/software/systemd/man/sd_pid_get_unit.html) and `sd_pid_get_slice()`. These two calls are implemented in `libsystemd-login.so`. These call bypass the system bus (which they can because they are passive and do not require privileges) and are hence very efficient to invoke.
 ### VM and Container Managers
--- a/docs/CONVERTING_TO_HOMED.md
+++ b/docs/CONVERTING_TO_HOMED.md
@ -10,7 +10,7 @@ SPDX-License-Identifier: LGPL-2.1-or-later
 Traditionally on most Linux distributions, regular (human) users are managed
 via entries in `/etc/passwd`, `/etc/shadow`, `/etc/group` and `/etc/gshadow`.
 With the advent of
-[`systemd-homed`](https://www.freedesktop.org/software/systemd/man/latest/systemd-homed.service.html)
+[`systemd-homed`](https://www.freedesktop.org/software/systemd/man/systemd-homed.service.html)
 it might be desirable to convert an existing, traditional user account to a
 `systemd-homed` managed one.
 Below is a brief guide how to do that.
@ -100,7 +100,7 @@ Here's the step-by-step guide:
   group as new primary group, but will have it as auxiliary group.
   Consider reading through the
-   [homectl(1)](https://www.freedesktop.org/software/systemd/man/latest/homectl.html)
+   [homectl(1)](https://www.freedesktop.org/software/systemd/man/homectl.html)
   manual page at this point, maybe there are a couple of other settings you want to set for your new account.
   In particular, look at `--storage=` and `--disk-size=`, in order to change how your home directory shall be stored
   (the default `luks` storage is recommended).
--- a/docs/COREDUMP.md
+++ b/docs/COREDUMP.md
@ -52,7 +52,7 @@ are required to collect and process a coredump successfully.
 ## `systemd-coredump` Handler
 The systemd suite provides a coredump handler
-[`systemd-coredump`](https://www.freedesktop.org/software/systemd/man/latest/systemd-coredump.html)
+[`systemd-coredump`](https://www.freedesktop.org/software/systemd/man/systemd-coredump.html)
 which can be enabled at build-time. It is activated during boot via the
 `/usr/lib/sysctl.d/50-coredump.conf` drop-in file for
 `systemd-sysctl.service`. It registers the `systemd-coredump` tool as
@ -71,13 +71,13 @@ The `systemd-coredump` handler will extract a backtrace and
 [ELF packaging metadata](/PACKAGE_METADATA_FOR_EXECUTABLE_FILES)
 from any coredumps it receives and log both.
 The information about coredumps stored in the journal can be enumerated and queried with the
-[`coredumpctl`](https://www.freedesktop.org/software/systemd/man/latest/coredumpctl.html)
+[`coredumpctl`](https://www.freedesktop.org/software/systemd/man/coredumpctl.html)
 tool, for example for directly invoking a debugger such as `gdb` on a collected
 coredump.
 The handler writes coredump files to `/var/lib/systemd/coredump/`.
 Old files are cleaned up periodically by
-[`systemd-tmpfiles(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-tmpfiles.html).
+[`systemd-tmpfiles(8)`](https://www.freedesktop.org/software/systemd/man/systemd-tmpfiles.html).
 ## User Experience
--- a/docs/CREDENTIALS.md
+++ b/docs/CREDENTIALS.md
@ -96,7 +96,7 @@ for inclusion in a filename) in the unit file, under which the invoked service
 code can then retrieve it. Each name should only be specified once.
 For details about these settings [see the man
-page](https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#Credentials).
+page](https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Credentials).
 It is a good idea to also enable mount namespacing for services that process
 credentials configured this way. If so, the runtime credential directory of the
@ -159,7 +159,7 @@ activation, so that service code only receives plaintext credentials.
 ## Programming Interface from Generator Code
-[Generators](https://www.freedesktop.org/software/systemd/man/latest/systemd.generator.html)
+[Generators](https://www.freedesktop.org/software/systemd/man/systemd.generator.html)
 may generate native unit files from external configuration or system
 parameters, such as system credentials. Note that they run outside of service
 context, and hence will not receive encrypted credentials in plaintext
@ -169,7 +169,7 @@ be placed as they are in a directory referenced by the
 plaintext form will be placed in `$CREDENTIALS_DIRECTORY`. Use a command such
 as `systemd-creds --system cat …` to access both forms of credentials, and
 decrypt them if needed (see
-[systemd-creds(1)](https://www.freedesktop.org/software/systemd/man/latest/systemd-creds.html)
+[systemd-creds(1)](https://www.freedesktop.org/software/systemd/man/systemd-creds.html)
 for details.
 Note that generators typically run very early during boot (similar to initrd
@ -184,7 +184,7 @@ For further details about encrypted credentials, see below.
 ## Tools
 The
-[`systemd-creds`](https://www.freedesktop.org/software/systemd/man/latest/systemd-creds.html)
+[`systemd-creds`](https://www.freedesktop.org/software/systemd/man/systemd-creds.html)
 tool is provided to work with system and service credentials. It may be used to
 access and enumerate system and service credentials, or to encrypt/decrypt credentials
 (for details about the latter, see below).
@ -286,7 +286,7 @@ services where they are ultimately consumed.
 1. A container manager may set the `$CREDENTIALS_DIRECTORY` environment
   variable for systemd running as PID 1 in the container, the same way as
   systemd would set it for a service it invokes.
-   [`systemd-nspawn(1)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-nspawn.html#Credentials)'s
+   [`systemd-nspawn(1)`](https://www.freedesktop.org/software/systemd/man/systemd-nspawn.html#Credentials)'s
   `--set-credential=` and `--load-credential=` switches implement this, in
   order to pass arbitrary credentials from host to container payload. Also see
   the [Container Interface](/CONTAINER_INTERFACE) documentation.
@ -311,7 +311,7 @@ services where they are ultimately consumed.
 4. Credentials may also be passed from the UEFI environment to userspace, if
   the
-   [`systemd-stub`](https://www.freedesktop.org/software/systemd/man/latest/systemd-stub.html)
+   [`systemd-stub`](https://www.freedesktop.org/software/systemd/man/systemd-stub.html)
   UEFI kernel stub is used.
   This allows placing encrypted credentials in the EFI System Partition, which are then picked up by `systemd-stub` and passed to the kernel and ultimately userspace where systemd receives them.
   This is useful to implement secure parameterization of vendor-built and signed
@ -370,7 +370,7 @@ systemd-run -p ImportCredential=mycred -P --wait systemd-creds cat mycred
 Various services shipped with `systemd` consume credentials for tweaking behaviour:
-* [`systemd(1)`](https://www.freedesktop.org/software/systemd/man/latest/systemd.html)
+* [`systemd(1)`](https://www.freedesktop.org/software/systemd/man/systemd.html)
  (I.E.: PID1, the system manager) will look for the credential `vmm.notify_socket`
  and will use it to send a `READY=1` datagram when the system has finished
  booting.
@ -380,24 +380,24 @@ Various services shipped with `systemd` consume credentials for tweaking behavio
  The credential payload should be in the form: `vsock:<CID>:<PORT>`.
  Also note that this requires support for VSOCK to be built in both the guest and the host kernels, and the kernel modules to be loaded.
-* [`systemd-sysusers(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-sysusers.html)
+* [`systemd-sysusers(8)`](https://www.freedesktop.org/software/systemd/man/systemd-sysusers.html)
  will look for the credentials `passwd.hashed-password.<username>`,
  `passwd.plaintext-password.<username>` and `passwd.shell.<username>` to
  configure the password (either in UNIX hashed form, or plaintext) or shell of
  system users created.
  Replace `<username>` with the system user of your choice, for example, `root`.
-* [`systemd-firstboot(1)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-firstboot.html)
+* [`systemd-firstboot(1)`](https://www.freedesktop.org/software/systemd/man/systemd-firstboot.html)
  will look for the credentials `firstboot.locale`, `firstboot.locale-messages`,
  `firstboot.keymap`, `firstboot.timezone`, that configure locale, keymap or
  timezone settings in case the data is not yet set in `/etc/`.
-* [`tmpfiles.d(5)`](https://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html)
+* [`tmpfiles.d(5)`](https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html)
  will look for the credentials `tmpfiles.extra` with arbitrary tmpfiles.d lines.
  Can be encoded in base64 to allow easily passing it on the command line.
 * Further well-known credentials are documented in
-  [`systemd.system-credentials(7)`](https://www.freedesktop.org/software/systemd/man/latest/systemd.system-credentials.html).
+  [`systemd.system-credentials(7)`](https://www.freedesktop.org/software/systemd/man/systemd.system-credentials.html).
 In future more services are likely to gain support for consuming credentials.
--- a/docs/DEBUGGING.md
+++ b/docs/DEBUGGING.md
@ -35,7 +35,7 @@ you will need to do additional steps to get debugging information out of the mac
 * Try CTRL+ALT+DEL to reboot.
  * If it does not reboot, mention it in your bugreport. Meanwhile force the reboot with
-  [SysRq](https://fedoraproject.org/wiki/QA/Sysrq)
+  [SysRq](http://fedoraproject.org/wiki/QA/Sysrq)
  or hard reset.
 * When booting the next time, you will have to add some kernel command line arguments depending on which of the debugging strategies you choose from the following options.
--- a/docs/DESKTOP_ENVIRONMENTS.md
+++ b/docs/DESKTOP_ENVIRONMENTS.md
@ -26,7 +26,7 @@ Currently nothing like this is supported or even planned.
 ## Pre-defined systemd units
-[`systemd.special(7)`](https://www.freedesktop.org/software/systemd/man/latest/systemd.special.html)
+[`systemd.special(7)`](https://www.freedesktop.org/software/systemd/man/systemd.special.html)
 defines the `graphical-session.target` and `graphical-session-pre.target` to
 allow cross-desktop integration. Furthermore, systemd defines the three base
 slices `background`, `app` and `session`.
--- a/docs/DISTRO_PORTING.md
+++ b/docs/DISTRO_PORTING.md
@ -53,7 +53,7 @@ If you prefer to use leap second steps, please register your own
 vendor pool at ntp.org and make it the built-in default by
 passing `-Dntp-servers=` to meson.
 Registering vendor pools is
-[free](https://www.pool.ntp.org/en/vendors.html).
+[free](http://www.pool.ntp.org/en/vendors.html).
 Use `-Dntp-servers=` to direct systemd-timesyncd to different fallback
 NTP servers.
--- a/docs/FAQ.md
+++ b/docs/FAQ.md
@ -62,8 +62,8 @@ A: Simply instantiate a new getty service for the port of your choice (internall
 # systemctl start serial-getty@ttyS2.service
 ```
-Note that gettys on the virtual console are started on demand. You can control how many you get via the NAutoVTs= setting in [logind.conf(7)](https://www.freedesktop.org/software/systemd/man/latest/systemd-logind.service.html).
+Note that gettys on the virtual console are started on demand. You can control how many you get via the NAutoVTs= setting in [logind.conf(7)](http://www.freedesktop.org/software/systemd/man/systemd-logind.service).
-Also see [this blog story](https://0pointer.de/blog/projects/serial-console.html).
+Also see [this blog story](http://0pointer.de/blog/projects/serial-console.html).
 **Q: How to I figure out which service a process belongs to?**
@ -75,7 +75,7 @@ $ psc
 ...
 ```
-Or you can even check /proc/$PID/cgroup directly. Also see [this blog story](https://0pointer.de/blog/projects/systemd-for-admins-2.html).
+Or you can even check /proc/$PID/cgroup directly. Also see [this blog story](http://0pointer.de/blog/projects/systemd-for-admins-2.html).
 **Q: Why don't you use inotify to reload the unit files automatically on change?**
--- a/docs/FILE_DESCRIPTOR_STORE.md
+++ b/docs/FILE_DESCRIPTOR_STORE.md
@ -17,7 +17,7 @@ mechanism: the service manager creates and listens on some sockets (and similar
 UNIX file descriptors) on behalf of a service, and then passes them to the
 service during activation of the service via UNIX file descriptor (short: *fd*)
 passing over `execve()`. This is primarily exposed in the
-[.socket](https://www.freedesktop.org/software/systemd/man/latest/systemd.socket.html)
+[.socket](https://www.freedesktop.org/software/systemd/man/systemd.socket.html)
 unit type.
 The *file* *descriptor* *store* (short: *fdstore*) extends this concept, and
@ -50,14 +50,14 @@ passed over.
 ## Basic Mechanism
 The fdstore is enabled per-service via the
-[`FileDescriptorStoreMax=`](https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#FileDescriptorStoreMax=)
+[`FileDescriptorStoreMax=`](https://www.freedesktop.org/software/systemd/man/systemd.service.html#FileDescriptorStoreMax=)
 service setting. It defaults to zero (which means the fdstore logic is turned
 off), but can take an unsigned integer value that controls how many fds to
 permit the service to upload to the service manager to keep simultaneously.
 If set to values > 0, the fdstore is enabled. When invoked the service may now
 (asynchronously) upload file descriptors to the fdstore via the
-[`sd_pid_notify_with_fds()`](https://www.freedesktop.org/software/systemd/man/latest/sd_pid_notify_with_fds.html)
+[`sd_pid_notify_with_fds()`](https://www.freedesktop.org/software/systemd/man/sd_pid_notify_with_fds.html)
 API call (or an equivalent re-implementation). When uploading the fds it is
 necessary to set the `FDSTORE=1` field in the message, to indicate what the fd
 is intended for. It's recommended to also set the `FDNAME=…` field to any
@ -68,7 +68,7 @@ new instance following the same protocol as for socket activation fds. i.e. the
 `$LISTEN_FDS`, `$LISTEN_PID`, `$LISTEN_PIDFDID`, and `$LISTEN_FDNAMES`
 environment variables will be set (the latter will be populated from the
 `FDNAME=…` field mentioned above). See
-[`sd_listen_fds()`](https://www.freedesktop.org/software/systemd/man/latest/sd_listen_fds.html)
+[`sd_listen_fds()`](https://www.freedesktop.org/software/systemd/man/sd_listen_fds.html)
 for details on receiving such fds in a service. (Note that the name set in
 `FDNAME=…` does not need to be unique, which is useful when operating with
 multiple fully equivalent sockets or similar, for example for a service that
@ -120,7 +120,7 @@ service will leave the fdstore intact, but a separate stop and start job for
 it — executed synchronously one after the other — will likely not.
 This behavior can be modified via the
-[`FileDescriptorStorePreserve=`](https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#FileDescriptorStorePreserve=)
+[`FileDescriptorStorePreserve=`](https://www.freedesktop.org/software/systemd/man/systemd.service.html#FileDescriptorStorePreserve=)
 setting in service unit files. If set to `yes` the fdstore will be kept as long
 as the service definition is loaded into memory by the service manager, i.e. as
 long as at least one other loaded unit has a reference to it.
@ -138,7 +138,7 @@ to be unique, as mentioned, in which case *all* matching fds are
 closed). Generally it's a good idea to send such messages to the service
 manager during initialization of the service whenever an unrecognized fd is
 received, to make the service robust for code updates: if an old version
-uploaded an fd that the new version doesn't recognize anymore it's a good idea to
+uploaded an fd that the new version doesn't recognize anymore it's good idea to
 close it both in the service and in the fdstore.
 Note that storing a duplicate of an fd in the fdstore means the resource pinned
@ -154,7 +154,7 @@ Access to the fds in the file descriptor store is generally restricted to the
 service code itself. Pushing fds into or removing fds from the fdstore is
 subject to the access control restrictions of any other `sd_notify()` message,
 which is controlled via
-[`NotifyAccess=`](https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#NotifyAccess=).
+[`NotifyAccess=`](https://www.freedesktop.org/software/systemd/man/systemd.service.html#NotifyAccess=).
 By default only the main service process hence can push/remove fds, but by
 setting `NotifyAccess=all` this may be relaxed to allow arbitrary service
@ -163,7 +163,7 @@ child processes to do the same.
 ## Soft Reboot
 The fdstore is particularly interesting in [soft
-reboot](https://www.freedesktop.org/software/systemd/man/latest/systemd-soft-reboot.service.html)
+reboot](https://www.freedesktop.org/software/systemd/man/systemd-soft-reboot.service.html)
 scenarios, as per `systemctl soft-reboot` (which restarts userspace like in a
 real reboot, but leaves the kernel running). File descriptor stores that remain
 loaded at the very end of the system cycle — just before the soft-reboot – are
@ -179,7 +179,7 @@ or by setting `FileDescriptorStorePreserve=yes` (and referencing the unit
 continuously).
 For further details see [Resource
-Pass-Through](https://www.freedesktop.org/software/systemd/man/latest/systemd-soft-reboot.service.html#Resource%20Pass-Through).
+Pass-Through](https://www.freedesktop.org/software/systemd/man/systemd-soft-reboot.service.html#Resource%20Pass-Through).
 ## Initrd Transitions
@ -201,12 +201,12 @@ recommended to use the fdstore if pinned resources shall be passed over.
 ## Debugging
 The
-[`systemd-analyze`](https://www.freedesktop.org/software/systemd/man/latest/systemd-analyze.html#systemd-analyze%20fdstore%20%5BUNIT...%5D)
+[`systemd-analyze`](https://www.freedesktop.org/software/systemd/man/systemd-analyze.html#systemd-analyze%20fdstore%20%5BUNIT...%5D)
 tool may be used to list the current contents of the fdstore of any running
 service.
 The
-[`systemd-run`](https://www.freedesktop.org/software/systemd/man/latest/systemd-run.html)
+[`systemd-run`](https://www.freedesktop.org/software/systemd/man/systemd-run.html)
 tool may be used to quickly start a testing binary or similar as a service. Use
 `-p FileDescriptorStoreMax=4711` to enable the fdstore from `systemd-run`'s
 command line. By using the `-t` switch you can even interactively communicate
--- a/docs/HOME_DIRECTORY.md
+++ b/docs/HOME_DIRECTORY.md
@ -7,7 +7,7 @@ SPDX-License-Identifier: LGPL-2.1-or-later
 # Home Directories
-[`systemd-homed.service(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-homed.service.html)
+[`systemd-homed.service(8)`](https://www.freedesktop.org/software/systemd/man/systemd-homed.service.html)
 manages home directories of regular ("human") users.
 Each directory it manages encapsulates both the data store and the user record of the user,
 so that it comprehensively describes the user account, and is thus naturally portable
@ -34,7 +34,7 @@ the signature section itself.
 If the plain directory or `btrfs` subvolume storage mechanism of
 `systemd-homed` is used (i.e. `--storage=directory` or `--storage=subvolume` on
 the
-[`homectl(1)`](https://www.freedesktop.org/software/systemd/man/latest/homectl.html)
+[`homectl(1)`](https://www.freedesktop.org/software/systemd/man/homectl.html)
 command line) the home directory requires no special setup besides including
 the user record in the `~/.identity` file.
--- a/docs/INCOMPATIBILITIES.md
+++ b/docs/INCOMPATIBILITIES.md
@ -21,7 +21,7 @@ Many of the incompatibilities are specific to distribution-specific extensions o
 * LSB header dependency information matters. The SysV implementations on many distributions did not use the dependency information encoded in LSB init script headers, or used them only in very limited ways. Due to that they are often incorrect or incomplete. systemd however fully interprets these headers and follows them closely at runtime (and not at installation time like some implementations).
 * Timeouts apply to all init script operations in systemd. While on SysV systems a hanging init script could freeze the system on systemd all init script operations are subject to a timeout of 5min.
 * Services are executed in completely clean execution contexts, no context of the invoking user session is inherited. Not even $HOME or similar are set. Init scripts depending on these will not work correctly.
-* Services cannot read from stdin, as this will be connected to /dev/null. That means interactive init scripts are not supported (i.e. Debian's X-Interactive in the LSB header is not supported either.) Thankfully most distributions do not support interaction in init scripts anyway. If you need interaction to ask disk or SSL passphrases please consider using the minimal password querying framework systemd supports. ([details](/PASSWORD_AGENTS), [manual page](https://0pointer.de/public/systemd-man/systemd-ask-password.html))
+* Services cannot read from stdin, as this will be connected to /dev/null. That means interactive init scripts are not supported (i.e. Debian's X-Interactive in the LSB header is not supported either.) Thankfully most distributions do not support interaction in init scripts anyway. If you need interaction to ask disk or SSL passphrases please consider using the minimal password querying framework systemd supports. ([details](/PASSWORD_AGENTS), [manual page](http://0pointer.de/public/systemd-man/systemd-ask-password.html))
 * Additional verbs for init scripts are not supported. If your init script traditionally supported additional verbs for your init script simply move them to an auxiliary script.
 * Additional parameters to the standard verbs (i.e. to "start", "stop" and "status") are not supported. This was an extension of SysV that never was standardized officially, and is not supported in systemd.
 * Overriding the "restart" verb is not supported. This verb is always implemented by systemd itself, and consists of a "stop" followed by a "start".
--- a/docs/INHIBITOR_LOCKS.md
+++ b/docs/INHIBITOR_LOCKS.md
@ -7,7 +7,7 @@ SPDX-License-Identifier: LGPL-2.1-or-later
 # Inhibitor Locks
-systemd 183 and newer include a logic to inhibit system shutdowns and sleep states. This is implemented as part of [systemd-logind.daemon(8)](https://www.freedesktop.org/software/systemd/man/latest/systemd-logind.service.html) There are a couple of different use cases for this:
+systemd 183 and newer include a logic to inhibit system shutdowns and sleep states. This is implemented as part of [systemd-logind.daemon(8)](http://www.freedesktop.org/software/systemd/man/systemd-logind.service.html) There are a couple of different use cases for this:
 - A CD burning application wants to ensure that the system is not turned off or suspended while the burn process is in progress.
@ -39,7 +39,7 @@ Two different modes of locks are supported:
 If such a lock is taken the operation will fail (but still may be overridden if the user possesses the necessary privileges).
 2. _delay_ inhibits operations only temporarily, either until the lock is released or up to a certain amount of time.
-The InhibitDelayMaxSec= setting in [logind.conf(5)](https://www.freedesktop.org/software/systemd/man/latest/logind.conf.html) controls the timeout for this. This is intended to be used by applications which need a synchronous way to execute actions before system suspend but shall not be allowed to block suspend indefinitely.
+The InhibitDelayMaxSec= setting in [logind.conf(5)](http://www.freedesktop.org/software/systemd/man/logind.conf.html) controls the timeout for this. This is intended to be used by applications which need a synchronous way to execute actions before system suspend but shall not be allowed to block suspend indefinitely.
 This mode is only available for _sleep_ and _shutdown_ locks.
 3. _block-weak_ is identical to _block_, but has no effect on operations
@ -110,7 +110,7 @@ Note that this will only be sent out for suspend/resume cycles done via logind,
 The **BlockInhibited** and **DelayInhibited** properties encode what types of locks are currently taken. These fields are a colon separated list of `shutdown`, `sleep`, `idle`, `handle-power-key`, `handle-suspend-key`, `handle-hibernate-key`, `handle-lid-switch`. The list is basically the union of the What fields of all currently active locks of the specific mode.
-**InhibitDelayMaxUSec** contains the delay timeout value as configured in [logind.conf(5)](https://www.freedesktop.org/software/systemd/man/latest/logind.conf.html).
+**InhibitDelayMaxUSec** contains the delay timeout value as configured in [logind.conf(5)](http://www.freedesktop.org/software/systemd/man/logind.conf.html).
 The **PreparingForShutdown** and **PreparingForSleep** boolean properties are true between the two PrepareForShutdown() resp PrepareForSleep() signals that are sent out.
 Note that these properties do not trigger PropertyChanged signals.
@ -202,9 +202,9 @@ This can be quite detrimental for the battery.
 If an application finds a lock denied it should not consider this much of an error and just continue its operation without the protecting lock.
-The tool [systemd-inhibit(1)](https://www.freedesktop.org/software/systemd/man/latest/systemd-inhibit.html) may be used to take locks or list active locks from the command line.
+The tool [systemd-inhibit(1)](http://www.freedesktop.org/software/systemd/man/systemd-inhibit.html) may be used to take locks or list active locks from the command line.
-Note that gnome-session also provides an [inhibitor API](https://gnome.pages.gitlab.gnome.org/gnome-session/re06.html), which is very similar to the one of systemd.
+Note that gnome-session also provides an [inhibitor API](http://people.gnome.org/~mccann/gnome-session/docs/gnome-session.html#org.gnome.SessionManager.Inhibit), which is very similar to the one of systemd.
 Internally, locks taken on gnome-session's interface will be forwarded to logind, hence both APIs are supported.
 While both offer similar functionality they do differ in some regards.
--- a/docs/JOURNAL_EXPORT_FORMATS.md
+++ b/docs/JOURNAL_EXPORT_FORMATS.md
@ -13,7 +13,7 @@ _Note that this document describes the binary serialization format of journals o
 For interfacing with web technologies there's the Journal JSON Format, described below.
 The binary format on disk is documented as the [Journal File Format](/JOURNAL_FILE_FORMAT)._
-_Before reading on, please make sure you are aware of the [basic properties of journal entries](https://www.freedesktop.org/software/systemd/man/latest/systemd.journal-fields.html), in particular realize that they may include binary non-text data (though usually don't), and the same field might have multiple values assigned within the same entry (though usually hasn't)._
+_Before reading on, please make sure you are aware of the [basic properties of journal entries](https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html), in particular realize that they may include binary non-text data (though usually don't), and the same field might have multiple values assigned within the same entry (though usually hasn't)._
 When exporting journal data for other uses or transferring it via the network/local IPC the _journal export format_ is used.
 It's a simple serialization of journal entries, that is easy to read without any special tools, but still binary safe where necessary.
@ -138,7 +138,7 @@ _Note that this section describes the JSON serialization format of the journal o
 For binary transfer of journal data across the network there's the Journal Export Format described above.
 The binary format on disk is documented as [Journal File Format](/JOURNAL_FILE_FORMAT)._
-_Before reading on, please make sure you are aware of the [basic properties of journal entries](https://www.freedesktop.org/software/systemd/man/latest/systemd.journal-fields.html), in particular realize that they may include binary non-text data (though usually don't), and the same field might have multiple values assigned within the same entry (though usually hasn't)._
+_Before reading on, please make sure you are aware of the [basic properties of journal entries](https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html), in particular realize that they may include binary non-text data (though usually don't), and the same field might have multiple values assigned within the same entry (though usually hasn't)._
 In most cases the Journal JSON serialization is the obvious mapping of the entry field names (as JSON strings) to the entry field values (also as JSON strings) encapsulated in one JSON object. However, there are a few special cases to handle:
--- a/docs/JOURNAL_FILE_FORMAT.md
+++ b/docs/JOURNAL_FILE_FORMAT.md
@ -30,7 +30,7 @@ so if this document and the code disagree, the code is right.
 That said we'll of course try hard to keep this document up-to-date and accurate.
 Instead of implementing your own reader or writer for journal files we ask you to use the
-[Journal's native CAPI](https://www.freedesktop.org/software/systemd/man/latest/sd-journal.html)
+[Journal's native CAPI](https://www.freedesktop.org/software/systemd/man/sd-journal.html)
 to access these files.
 It provides you with full access to the files, and will not withhold any data.
 If you find a limitation, please ping us and we might add some additional interfaces for you.
@ -42,7 +42,7 @@ The export format is much simpler to parse, but complete and accurate.
 Due to its stream-based nature it is not indexed.
 _Or, to put this in other words: this low-level document is probably not what you want to use as base of your project.
-You want our [C API](https://www.freedesktop.org/software/systemd/man/latest/sd-journal.html) instead!
+You want our [C API](https://www.freedesktop.org/software/systemd/man/sd-journal.html) instead!
 And if you really don't want the C API, then you want the
 [Journal Export Format or Journal JSON Format](/JOURNAL_EXPORT_FORMATS) instead!
 This document is primarily for your entertainment and education.
@ -51,7 +51,7 @@ Thank you!_
 This document assumes you have a basic understanding of the journal concepts, the properties of a journal entry and so on.
 If not, please go and read up, then come back!
 This is a good opportunity to read about the
-[basic properties of journal entries](https://www.freedesktop.org/software/systemd/man/latest/systemd.journal-fields.html),
+[basic properties of journal entries](https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html),
 in particular realize that they may include binary non-text data (though usually don't),
 and the same field might have multiple values assigned within the same entry.
@ -587,7 +587,7 @@ If the hash table fill level is increasing over a certain fill level (Learning
 from Java's Hashtable for example: > 75%), the writer should rotate the file
 and create a new one.
-The DATA_HASH_TABLE should be sized taking into account the maximum size the
+The DATA_HASH_TABLE should be sized taking into account to the maximum size the
 file is expected to grow, as configured by the administrator or disk space
 considerations. The FIELD_HASH_TABLE should be sized to a fixed size; the
 number of fields should be pretty static as it depends only on developers'
--- a/docs/JOURNAL_NATIVE_PROTOCOL.md
+++ b/docs/JOURNAL_NATIVE_PROTOCOL.md
@ -18,7 +18,7 @@ SPDX-License-Identifier: LGPL-2.1-or-later
 The latter is what this document is about: if you are developing a program and
 want to pass structured log data to `journald`, it's the Journal's native
 protocol that you want to use. The systemd project provides the
-[`sd_journal_print(3)`](https://www.freedesktop.org/software/systemd/man/latest/sd_journal_print.html)
+[`sd_journal_print(3)`](https://www.freedesktop.org/software/systemd/man/sd_journal_print.html)
 API that implements the client side of this protocol. This document explains
 what this interface does behind the scenes, in case you'd like to implement a
 client for it yourself, without linking to `libsystemd` — for example because
@ -96,7 +96,7 @@ actual log message text. Other relevant keys a client should send in most cases
 are `PRIORITY=`, `CODE_FILE=`, `CODE_LINE=`, `CODE_FUNC=`, `ERRNO=`. It's
 recommended to generate these fields implicitly on the client side. For further
 information see the [relevant documentation of these
-fields](https://www.freedesktop.org/software/systemd/man/latest/systemd.journal-fields.html).
+fields](https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html).
 The order in which the fields are serialized within one datagram is undefined
 and may be freely chosen by the client. The server side might or might not
--- a/docs/MEMORY_PRESSURE.md
+++ b/docs/MEMORY_PRESSURE.md
@ -71,7 +71,7 @@ service manager, and typically consumed by the service:
  service's cgroup. In order to make debugging easier, and allow later
  extension it is recommended for applications to also allow this path to refer
  to an `AF_UNIX` stream socket in the file system or a FIFO inode in the file
-  system. Regardless of which of the three types of inodes this absolute path
+  system. Regardless which of the three types of inodes this absolute path
  refers to, all three are `poll()`-able for memory pressure events. The
  variable can also be set to the literal string `/dev/null`. If so the service
  code should take this as indication that memory pressure monitoring is not
@ -165,7 +165,7 @@ The service manager provides two per-service settings that control the memory
 pressure handling:
 * The
-  [`MemoryPressureWatch=`](https://www.freedesktop.org/software/systemd/man/latest/systemd.resource-control.html#MemoryPressureWatch=)
+  [`MemoryPressureWatch=`](https://www.freedesktop.org/software/systemd/man/systemd.resource-control.html#MemoryPressureWatch=)
  setting controls whether to enable the memory pressure protocol for the
  service in question.
@ -197,12 +197,12 @@ When memory pressure monitoring is enabled for a service via
 ## Memory Pressure Events in `sd-event`
 The
-[`sd-event`](https://www.freedesktop.org/software/systemd/man/latest/sd-event.html)
+[`sd-event`](https://www.freedesktop.org/software/systemd/man/sd-event.html)
 event loop library provides two API calls that encapsulate the
 functionality described above:
 * The
-  [`sd_event_add_memory_pressure()`](https://www.freedesktop.org/software/systemd/man/latest/sd_event_add_memory_pressure.html)
+  [`sd_event_add_memory_pressure()`](https://www.freedesktop.org/software/systemd/man/sd_event_add_memory_pressure.html)
  call implements the service-side of the memory pressure protocol and
  integrates it with an `sd-event` event loop. It reads the two environment
  variables, connects/opens the specified file, writes the specified data to it,
--- a/docs/MY_SERVICE_CANT_GET_REALTIME.md
+++ b/docs/MY_SERVICE_CANT_GET_REALTIME.md
@ -43,7 +43,7 @@ This overrides the default logic for this one service only,
 and places all its processes back in the root cgroup of the "cpu" hierarchy, which has the full RT budget assigned.
 * A third option is to simply assign your service a realtime budget.
 For that use `ControlGroupAttribute=cpu.rt_runtime_us 500000` in its `[Service]` or suchlike.
-See [the kernel documentation](https://www.kernel.org/doc/Documentation/scheduler/sched-design-CFS.txt) for details.
+See [the kernel documentation](http://www.kernel.org/doc/Documentation/scheduler/sched-design-CFS.txt) for details.
 The latter two options are not available for System V services.
 A possible solution is to write a small wrapper service file that simply calls the SysV script's start verb in `ExecStart=` and the stop verb in `ExecStop=`.
 (It also needs to set `RemainAfterExit=1` and `Type=forking`!)
--- a/docs/NETWORK_ONLINE.md
+++ b/docs/NETWORK_ONLINE.md
@ -67,14 +67,14 @@ before any routable network interface is up). Its primary purpose is network
 client software that cannot operate without network.
 For more details about those targets, see the
-[systemd.special(7)](https://www.freedesktop.org/software/systemd/man/latest/systemd.special.html)
+[systemd.special(7)](https://www.freedesktop.org/software/systemd/man/systemd.special.html)
 man page.
 # Discussion
 LSB defines a `$network` dependency for legacy init scripts.
 However, it is defined [only very
-unprecisely](https://refspecs.linuxbase.org/LSB_3.1.1/LSB-Core-generic/LSB-Core-generic/facilname.html)
+unprecisely](http://refspecs.linuxbase.org/LSB_3.1.1/LSB-Core-generic/LSB-Core-generic/facilname.html)
 and people tend to have different ideas what it is supposed to mean. Here are a
 couple of ideas people came up with so far:
@ -93,7 +93,7 @@ couple of ideas people came up with so far:
 * And so on and so on.
 All these are valid approaches to the question "When is the network up?", but
-none of them would be good as a generic default.
+none of them would be useful to be good as generic default.
 Modern networking tends to be highly dynamic: machines are moved between
 networks, network configuration changes, hardware is added and removed, virtual
@ -205,7 +205,7 @@ Here are a couple of possible approaches:
   actually (yet or ever) configured locally. This also makes your code robust
   towards network configuration changes. This is provided as `FreeBind=`
   for systemd services, see
-   [systemd.socket(5)](https://www.freedesktop.org/software/systemd/man/latest/systemd.socket.html).
+   [systemd.socket(5)](https://www.freedesktop.org/software/systemd/man/systemd.socket.html).
 An exception to the above recommendations is services which require network
 connectivity, but do not delay system startup. An example may be a service
@ -228,13 +228,13 @@ specific to those services.
 For example, `systemd-networkd-wait-online.service` will wait until all
 interfaces that are present and managed by
-[systemd-networkd.service(8)](https://www.freedesktop.org/software/systemd/man/latest/systemd-networkd.service.html).
+[systemd-networkd.service(8)](https://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html).
 are fully configured or failed and at least one link is online; see
-[systemd-networkd-wait-online.service(8)](https://www.freedesktop.org/software/systemd/man/latest/systemd-networkd-wait-online.service.html)
+[systemd-networkd-wait-online.service(8)](https://www.freedesktop.org/software/systemd/man/systemd-networkd-wait-online.service.html)
 for details. Those conditions are affected by the presence of configuration
 that matches various links, but also by settings like
 `Unmanaged=`, `RequiredForOnline=`, `RequiredFamilyForOnline=`; see
-[systemd.network(5)](https://www.freedesktop.org/software/systemd/man/latest/systemd.network.html).
+[systemd.network(5)](https://www.freedesktop.org/software/systemd/man/systemd.network.html).
 It is also possible to plug in additional checks for network state. For
 example, to delay `network-online.target` until a specific host is
--- a/docs/OPTIMIZATIONS.md
+++ b/docs/OPTIMIZATIONS.md
@ -96,7 +96,7 @@ This requires introduction of a new kernel interface to get notifications for cg
 19. Make use of EXT4_IOC_MOVE_EXT in systemd's readahead implementation.
 This allows reordering/defragmentation of the files needed for boot.
-According to the data from [https://e4rat.sourceforge.net/](https://e4rat.sourceforge.net/) this might shorten the boot time to 40%.
+According to the data from [http://e4rat.sourceforge.net/](http://e4rat.sourceforge.net/) this might shorten the boot time to 40%.
 Implementation is not trivial, but given that we already support btrfs defragmentation and example code for this exists (e4rat as linked) should be fairly straightforward.
 20. Compress readahead pack files with XZ or so.Since boot these days tends to be clearly IO bound (and not CPU bound) it might make sense to reduce the IO load for the pack file by compressing it. Since we already have a dependency on XZ we'd recommend using XZ for this.
--- a/docs/PAX_CONTROL_GROUPS.md
+++ b/docs/PAX_CONTROL_GROUPS.md
@ -85,7 +85,7 @@ You should consider these recommendations if you are you working on one of the f
  Ignore EEXIST on mkdir.
 - Avoid renaming cgroups or similar fancier file operations.
 - Expect that other programs might readjust the attributes on your cgroups dynamically during runtime.
- When creating a cgroup pick a descriptive name that is guessable and no surprise to the admin.
+- When creating a cgroup pick a nice a descriptive name that is guessable and no surprise to the admin.
  The admin will thank you for this if he has to read the output of "ps -eo pid,args,cgroups"
 - /sys/fs/cgroup is a tmpfs. If you create your own private named hierarchy then you are welcome to mount it into a subdirectory of this directory.
  This minimizes surprises for the user.
--- a/docs/PORTABILITY_AND_STABILITY.md
+++ b/docs/PORTABILITY_AND_STABILITY.md
@ -21,10 +21,10 @@ The stable interfaces are:
  Example: the output of `systemctl status` is not stable, but that of `systemctl show` is, because the former is intended to be human-readable and the latter computer readable, and this is documented in the man page.
 * **The protocol spoken on the socket referred to by `$NOTIFY_SOCKET`**, as documented in
-  [sd_notify(3)](https://www.freedesktop.org/software/systemd/man/latest/sd_notify.html). Note that, although using
+  [sd_notify(3)](https://www.freedesktop.org/software/systemd/man/sd_notify.html). Note that, although using
  libsystemd is a good choice, this protocol can also be reimplemented without external dependencies, as
  demonstrated in the example listed in
-  [sd_notify(3)](https://www.freedesktop.org/software/systemd/man/latest/sd_notify.html#Notes)
+  [sd_notify(3)](https://www.freedesktop.org/software/systemd/man/devel/sd_notify.html#Notes)
 * Some of the **"special" unit names** and their semantics.
  To be precise the ones that are necessary for normal services, and not those required only for early boot and late shutdown, with very few exceptions.
@ -116,54 +116,55 @@ And now, here's the list of (hopefully) all APIs that we have introduced with sy
 | API  | Type | Covered by Interface Stability Promise | Fully documented | Known External Consumers | Reimplementable Independently | Known Other Implementations | systemd Implementation portable to other OSes or non-systemd distributions |
 | ---  | ---- | ----------------------------------------------------------------------------------------- | ---------------- | ------------------------ | ----------------------------- | --------------------------- | -------------------------------------------------------------------------- |
-| [hostnamed](https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.hostname1.html) | D-Bus | yes | yes | GNOME | yes | [Ubuntu](https://launchpad.net/ubuntu/+source/ubuntu-system-service), [Gentoo](https://www.gentoo.org/proj/en/desktop/gnome/openrc-settingsd.xml), [BSD](http://uglyman.kremlin.cc/gitweb/gitweb.cgi?p=systembsd.git;a=summary) | partially |
+| [hostnamed](https://www.freedesktop.org/software/systemd/man/org.freedesktop.hostname1.html) | D-Bus | yes | yes | GNOME | yes | [Ubuntu](https://launchpad.net/ubuntu/+source/ubuntu-system-service), [Gentoo](http://www.gentoo.org/proj/en/desktop/gnome/openrc-settingsd.xml), [BSD](http://uglyman.kremlin.cc/gitweb/gitweb.cgi?p=systembsd.git;a=summary) | partially |
-| [localed](https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.locale1.html) | D-Bus | yes | yes | GNOME | yes | [Ubuntu](https://launchpad.net/ubuntu/+source/ubuntu-system-service), [Gentoo](https://www.gentoo.org/proj/en/desktop/gnome/openrc-settingsd.xml), [BSD](http://uglyman.kremlin.cc/gitweb/gitweb.cgi?p=systembsd.git;a=summary) | partially |
+| [localed](https://www.freedesktop.org/software/systemd/man/org.freedesktop.locale1.html) | D-Bus | yes | yes | GNOME | yes | [Ubuntu](https://launchpad.net/ubuntu/+source/ubuntu-system-service), [Gentoo](http://www.gentoo.org/proj/en/desktop/gnome/openrc-settingsd.xml), [BSD](http://uglyman.kremlin.cc/gitweb/gitweb.cgi?p=systembsd.git;a=summary) | partially |
-| [timedated](https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.timedate1.html) | D-Bus | yes | yes | GNOME | yes | [Gentoo](https://www.gentoo.org/proj/en/desktop/gnome/openrc-settingsd.xml), [BSD](http://uglyman.kremlin.cc/gitweb/gitweb.cgi?p=systembsd.git;a=summary) | partially |
+| [timedated](https://www.freedesktop.org/software/systemd/man/org.freedesktop.timedate1.html) | D-Bus | yes | yes | GNOME | yes | [Gentoo](http://www.gentoo.org/proj/en/desktop/gnome/openrc-settingsd.xml), [BSD](http://uglyman.kremlin.cc/gitweb/gitweb.cgi?p=systembsd.git;a=summary) | partially |
 | [initrd interface](/INITRD_INTERFACE) | Environment, flag files | yes | yes | mkosi, dracut, ArchLinux | yes | ArchLinux | no |
 | [Container interface](/CONTAINER_INTERFACE) | Environment, Mounts | yes | yes | libvirt/LXC | yes | - | no |
 | [Boot Loader interface](/BOOT_LOADER_INTERFACE) | EFI variables | yes | yes | gummiboot | yes | - | no |
-| [Service bus API](https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.systemd1.html) | D-Bus | yes | yes | system-config-services | no | - | no |
+| [Service bus API](https://www.freedesktop.org/software/systemd/man/org.freedesktop.systemd1.html) | D-Bus | yes | yes | system-config-services | no | - | no |
-| [logind](https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.login1.html) | D-Bus | yes | yes | GNOME | no | - | no |
+| [logind](https://www.freedesktop.org/software/systemd/man/org.freedesktop.login1.html) | D-Bus | yes | yes | GNOME | no | - | no |
-| [sd-bus.h API](https://www.freedesktop.org/software/systemd/man/latest/sd-bus.html) | C Library | yes | yes | - | maybe | - | maybe |
+| [sd-bus.h API](https://www.freedesktop.org/software/systemd/man/sd-bus.html) | C Library | yes | yes | - | maybe | - | maybe |
-| [sd-daemon.h API](https://www.freedesktop.org/software/systemd/man/latest/sd-daemon.html) | C Library or Drop-in | yes | yes | numerous | yes | - | yes |
+| [sd-daemon.h API](https://www.freedesktop.org/software/systemd/man/sd-daemon.html) | C Library or Drop-in | yes | yes | numerous | yes | - | yes |
-| [sd-device.h API](https://www.freedesktop.org/software/systemd/man/latest/sd-device.html) | C Library | yes | no | numerous | yes | - | yes |
+| [sd-device.h API](https://www.freedesktop.org/software/systemd/man/sd-device.html) | C Library | yes | no | numerous | yes | - | yes |
-| [sd-event.h API](https://www.freedesktop.org/software/systemd/man/latest/sd-event.html) | C Library | yes | yes | - | maybe | - | maybe |
+| [sd-event.h API](https://www.freedesktop.org/software/systemd/man/sd-event.html) | C Library | yes | yes | - | maybe | - | maybe |
-| [sd-gpt.h API](https://www.freedesktop.org/software/systemd/man/latest/libsystemd.html) | Header Library | yes | no | - | yes | - | yes |
+| [sd-gpt.h API](https://www.freedesktop.org/software/systemd/man/sd-gpt.html) | Header Library | yes | no | - | yes | - | yes |
-| [sd-hwdb.h API](https://www.freedesktop.org/software/systemd/man/latest/sd-hwdb.html) | C Library | yes | yes | - | maybe | - | yes |
+| [sd-hwdb.h API](https://www.freedesktop.org/software/systemd/man/sd-hwdb.html) | C Library | yes | yes | - | maybe | - | yes |
-| [sd-id128.h API](https://www.freedesktop.org/software/systemd/man/latest/sd-id128.html) | C Library | yes | yes | - | yes | - | yes |
+| [sd-id128.h API](https://www.freedesktop.org/software/systemd/man/sd-id128.html) | C Library | yes | yes | - | yes | - | yes |
-| [sd-journal.h API](https://www.freedesktop.org/software/systemd/man/latest/sd-journal.html) | C Library | yes | yes | - | maybe | - | no |
+| [sd-journal.h API](https://www.freedesktop.org/software/systemd/man/sd-journal.html) | C Library | yes | yes | - | maybe | - | no |
-| [sd-login.h API](https://www.freedesktop.org/software/systemd/man/latest/sd-login.html) | C Library | yes | yes | GNOME, polkit, ... | no | - | no |
+| [sd-login.h API](https://www.freedesktop.org/software/systemd/man/sd-login.html) | C Library | yes | yes | GNOME, polkit, ... | no | - | no |
-| [sd-messages.h API](https://www.freedesktop.org/software/systemd/man/latest/libsystemd.html) | Header Library | yes | yes | - | yes | python-systemd | yes |
+| [sd-messages.h API](https://www.freedesktop.org/software/systemd/man/sd-messages.html) | Header Library | yes | yes | - | yes | python-systemd | yes |
-| [sd-path.h API](https://www.freedesktop.org/software/systemd/man/latest/sd-path.html) | C Library | yes | no | - | maybe | - | maybe |
+| [sd-path.h API](https://www.freedesktop.org/software/systemd/man/sd-path.html) | C Library | yes | no | - | maybe | - | maybe |
 | [$XDG_RUNTIME_DIR](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html) | Environment | yes | yes | glib, GNOME | yes | - | no |
-| [$LISTEN_FDS $LISTEN_PID FD Passing](https://www.freedesktop.org/software/systemd/man/latest/sd_listen_fds.html) | Environment | yes | yes | numerous (via sd-daemon.h) | yes | - | no |
+| [$LISTEN_FDS $LISTEN_PID FD Passing](https://www.freedesktop.org/software/systemd/man/sd_listen_fds.html) | Environment | yes | yes | numerous (via sd-daemon.h) | yes | - | no |
-| [$NOTIFY_SOCKET Daemon Notifications](https://www.freedesktop.org/software/systemd/man/latest/sd_notify.html) | Environment | yes | yes | a few, including udev | yes | - | no |
+| [$NOTIFY_SOCKET Daemon Notifications](https://www.freedesktop.org/software/systemd/man/sd_notify.html) | Environment | yes | yes | a few, including udev | yes | - | no |
 | [argv&#91;0&#93;&#91;0&#93;='@' Logic](/ROOT_STORAGE_DAEMONS) | `/proc` marking | yes | yes | mdadm | yes | - | no |
-| [Unit file format](https://www.freedesktop.org/software/systemd/man/latest/systemd.unit.html) | File format | yes | yes | numerous | no | - | no |
+| [Unit file format](https://www.freedesktop.org/software/systemd/man/systemd.unit.html) | File format | yes | yes | numerous | no | - | no |
-| [Network](https://www.freedesktop.org/software/systemd/man/latest/systemd.network.html) & [Netdev file format](https://www.freedesktop.org/software/systemd/man/latest/systemd.netdev.html) | File format | yes | yes | no | no | - | no |
+| [Network](https://www.freedesktop.org/software/systemd/man/systemd.network.html) & [Netdev file format](https://www.freedesktop.org/software/systemd/man/systemd.netdev.html) | File format | yes | yes | no | no | - | no |
-| [Link file format](https://www.freedesktop.org/software/systemd/man/latest/systemd.link.html) | File format | yes | yes | no | no | - | no |
+| [Link file format](https://www.freedesktop.org/software/systemd/man/systemd.link.html) | File format | yes | yes | no | no | - | no |
 | [Journal File Format](/JOURNAL_FILE_FORMAT) | File format | yes | yes | - | maybe | - | no |
 | [Journal Export Format](JOURNAL_EXPORT_FORMATS#journal-export-format) | File format | yes | yes | - | yes | - | no |
 | [Journal JSON Format](JOURNAL_EXPORT_FORMATS#journal-json-format) | File format | yes | yes | - | yes | - | no |
 | [Password Agents](/PASSWORD_AGENTS) | Socket+Files | yes | yes | - | yes | - | no |
-| [udev multi-seat properties](https://www.freedesktop.org/software/systemd/man/latest/sd-login.html) | udev Property | yes | yes | X11, gdm | no | - | no |
+| [udev multi-seat properties](https://www.freedesktop.org/software/systemd/man/sd-login.html) | udev Property | yes | yes | X11, gdm | no | - | no |
 | udev session switch ACL properties | udev Property | no | no | - | no | - | no |
-| [CLI of systemctl,...](https://www.freedesktop.org/software/systemd/man/latest/systemctl.html) | CLI | yes | yes | numerous | no | - | no |
+| [CLI of systemctl,...](https://www.freedesktop.org/software/systemd/man/systemctl.html) | CLI | yes | yes | numerous | no | - | no |
-| [tmpfiles.d](https://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html) | File format | yes | yes | numerous | yes | ArchLinux | partially |
+| [tmpfiles.d](https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html) | File format | yes | yes | numerous | yes | ArchLinux | partially |
-| [sysusers.d](https://www.freedesktop.org/software/systemd/man/latest/sysusers.d.html) | File format | yes | yes | unknown | yes | | partially |
+| [sysusers.d](https://www.freedesktop.org/software/systemd/man/sysusers.d.html) | File format | yes | yes | unknown | yes | | partially |
-| [/etc/machine-id](https://www.freedesktop.org/software/systemd/man/latest/machine-id.html) | File format | yes | yes | D-Bus | yes | - | no |
+| [/etc/machine-id](https://www.freedesktop.org/software/systemd/man/machine-id.html) | File format | yes | yes | D-Bus | yes | - | no |
-| [binfmt.d](https://www.freedesktop.org/software/systemd/man/latest/binfmt.d.html) | File format | yes | yes | numerous | yes | - | partially |
+| [binfmt.d](https://www.freedesktop.org/software/systemd/man/binfmt.d.html) | File format | yes | yes | numerous | yes | - | partially |
-| [/etc/hostname](https://www.freedesktop.org/software/systemd/man/latest/hostname.html) | File format | yes | yes | numerous (it's a Debian thing) | yes | Debian, ArchLinux | no |
+| [/etc/hostname](https://www.freedesktop.org/software/systemd/man/hostname.html) | File format | yes | yes | numerous (it's a Debian thing) | yes | Debian, ArchLinux | no |
-| [/etc/locale.conf](https://www.freedesktop.org/software/systemd/man/latest/locale.conf.html) | File format | yes | yes | - | yes | ArchLinux | partially |
+| [/etc/locale.conf](https://www.freedesktop.org/software/systemd/man/locale.conf.html) | File format | yes | yes | - | yes | ArchLinux | partially |
-| [/etc/machine-info](https://www.freedesktop.org/software/systemd/man/latest/machine-info.html) | File format | yes | yes | - | yes | - | partially |
+| [/etc/machine-info](https://www.freedesktop.org/software/systemd/man/machine-info.html) | File format | yes | yes | - | yes | - | partially |
-| [modules-load.d](https://www.freedesktop.org/software/systemd/man/latest/modules-load.d.html) | File format | yes | yes | numerous | yes | - | partially |
+| [modules-load.d](https://www.freedesktop.org/software/systemd/man/modules-load.d.html) | File format | yes | yes | numerous | yes | - | partially |
-| [/usr/lib/os-release](https://www.freedesktop.org/software/systemd/man/latest/os-release.html) | File format | yes | yes | some | yes | Fedora, OpenSUSE, ArchLinux, Angstrom, Frugalware, others... | no |
+| [/usr/lib/os-release](https://www.freedesktop.org/software/systemd/man/os-release.html) | File format | yes | yes | some | yes | Fedora, OpenSUSE, ArchLinux, Angstrom, Frugalware, others... | no |
-| [sysctl.d](https://www.freedesktop.org/software/systemd/man/latest/sysctl.d.html) | File format | yes | yes | some (it's a Debian thing) | yes | procps/Debian, ArchLinux | partially |
+| [sysctl.d](https://www.freedesktop.org/software/systemd/man/sysctl.d.html) | File format | yes | yes | some (it's a Debian thing) | yes | procps/Debian, ArchLinux | partially |
-| [/etc/vconsole.conf](https://www.freedesktop.org/software/systemd/man/latest/vconsole.conf.html) | File format | yes | yes | - | yes | ArchLinux | partially |
+| [/etc/timezone](https://www.freedesktop.org/software/systemd/man/timezone.html) | File format | yes | yes | numerous (it's a Debian thing) | yes | Debian | partially |
 | [/etc/vconsole.conf](https://www.freedesktop.org/software/systemd/man/vconsole.conf.html) | File format | yes | yes | - | yes | ArchLinux | partially |
 | `/run` | File hierarchy change | yes | yes | numerous | yes | OpenSUSE, Debian, ArchLinux | no |
-| [Generators](https://www.freedesktop.org/software/systemd/man/latest/systemd.generator.html) | Subprocess | yes | yes | - | no | - | no |
+| [Generators](https://www.freedesktop.org/software/systemd/man/systemd.generator.html) | Subprocess | yes | yes | - | no | - | no |
-| [System Updates](https://www.freedesktop.org/software/systemd/man/latest/systemd.offline-updates.html) | System Mode | yes | yes | - | no | - | no |
+| [System Updates](https://www.freedesktop.org/software/systemd/man/systemd.offline-updates.html) | System Mode | yes | yes | - | no | - | no |
-| [Presets](https://www.freedesktop.org/software/systemd/man/latest/systemd.preset.html) | File format | yes | yes | - | no | - | no |
+| [Presets](https://www.freedesktop.org/software/systemd/man/systemd.preset.html) | File format | yes | yes | - | no | - | no |
 | Udev rules | File format | yes | yes | numerous | no | no | partially |
--- a/docs/PORTABLE_SERVICES.md
+++ b/docs/PORTABLE_SERVICES.md
@ -132,7 +132,7 @@ And that's already it.
 Note that the images need to stay around (and in the same location) as long as the
 portable service is attached.
-If an image is moved, the `RootImage=` line written to the unit drop-in would point to a non-existent path, and break access to the image.
+If an image is moved, the `RootImage=` line written to the unit drop-in would point to an non-existent path, and break access to the image.
 The `portablectl detach` command executes the reverse operation:
 it looks for the drop-ins and the unit files associated with the image, and removes them.
@ -240,7 +240,7 @@ image.
 As mentioned, `mkosi -b` takes care of all of that for you, but any other image generator should work too.
 The
-[os-release(5)](https://www.freedesktop.org/software/systemd/man/latest/os-release.html)
+[os-release(5)](https://www.freedesktop.org/software/systemd/man/os-release.html)
 file may optionally be extended with a `PORTABLE_PREFIXES=` field listing all
 supported portable service prefixes for the image (see above).
 This is useful for informational purposes (as it allows recognizing portable service images
@ -251,7 +251,7 @@ validated against the (authenticated) image contents.
 If the field is not specified the image will work fine, but is not necessarily recognizable as
 portable service image, and any set of units included in the image may be attached, there are no restrictions enforced.
-The [os-release(5)](https://www.freedesktop.org/software/systemd/man/latest/os-release.html) may
+The [os-release(5)](https://www.freedesktop.org/software/systemd/man/os-release.html) may
 optionally be extended with a `PORTABLE_SCOPE=` field listing the scope in which the portable
 service may be used. This field may be set to either `system`, in which case the portable service
 can only be attached to the system instance of `systemd-portabled`, `user` in which case the portable
@ -370,7 +370,7 @@ PORTABLE_EXTENSION_NAME_AND_VERSION=app_1
 ## Links
-[`portablectl(1)`](https://www.freedesktop.org/software/systemd/man/latest/portablectl.html)<br>
+[`portablectl(1)`](https://www.freedesktop.org/software/systemd/man/portablectl.html)<br>
-[`systemd-portabled.service(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-portabled.service.html)<br>
+[`systemd-portabled.service(8)`](https://www.freedesktop.org/software/systemd/man/systemd-portabled.service.html)<br>
 [Walkthrough for Portable Services](https://0pointer.net/blog/walkthrough-for-portable-services.html)<br>
 [Repo with examples](https://github.com/systemd/portable-walkthrough)
--- a/docs/PREDICTABLE_INTERFACE_NAMES.md
+++ b/docs/PREDICTABLE_INTERFACE_NAMES.md
@ -81,10 +81,10 @@ With this new scheme in place, an administrator now has to check first what the
 You basically have three options:
 1. You disable the assignment of fixed names, so that the unpredictable kernel names are used again. For this, simply mask udev's .link file for the default policy: `ln -s /dev/null /etc/systemd/network/99-default.link`
-1. You create your own manual naming scheme, for example by naming your interfaces `internet0`, `dmz0` or `lan0`. For that create your own `.link` files in `/etc/systemd/network/`, that choose an explicit name or a better naming scheme for one, some, or all of your interfaces. See [systemd.link(5)](https://www.freedesktop.org/software/systemd/man/latest/systemd.link.html) for more information.
+1. You create your own manual naming scheme, for example by naming your interfaces `internet0`, `dmz0` or `lan0`. For that create your own `.link` files in `/etc/systemd/network/`, that choose an explicit name or a better naming scheme for one, some, or all of your interfaces. See [systemd.link(5)](https://www.freedesktop.org/software/systemd/man/systemd.link.html) for more information.
 1. You pass the `net.ifnames=0` on the kernel command line
 ## How does the new naming scheme look like, precisely?
-That's documented in detail the [systemd.net-naming-scheme(7)](https://www.freedesktop.org/software/systemd/man/latest/systemd.net-naming-scheme.html) man page.
+That's documented in detail the [systemd.net-naming-scheme(7)](https://www.freedesktop.org/software/systemd/man/systemd.net-naming-scheme.html) man page.
 Please refer to this in case you are wondering how to decode the new interface names.
--- a/docs/PRESET.md
+++ b/docs/PRESET.md
@ -40,11 +40,11 @@ Preset files allow clean separation of enablement mechanism (inside the package
 ## Documentation
-Documentation for the preset policy file format is available here: [https://www.freedesktop.org/software/systemd/man/latest/systemd.preset.html](https://www.freedesktop.org/software/systemd/man/latest/systemd.preset.html)
+Documentation for the preset policy file format is available here: [http://www.freedesktop.org/software/systemd/man/systemd.preset.html](http://www.freedesktop.org/software/systemd/man/systemd.preset.html)
-Documentation for "systemctl preset" you find here: [https://www.freedesktop.org/software/systemd/man/latest/systemctl.html](https://www.freedesktop.org/software/systemd/man/latest/systemctl.html)
+Documentation for "systemctl preset" you find here: [http://www.freedesktop.org/software/systemd/man/systemctl.html](http://www.freedesktop.org/software/systemd/man/systemctl.html)
-Documentation for the recommended package scriptlets you find here: [https://www.freedesktop.org/software/systemd/man/latest/daemon.html](https://www.freedesktop.org/software/systemd/man/latest/daemon.html)
+Documentation for the recommended package scriptlets you find here: [http://www.freedesktop.org/software/systemd/man/daemon.html](http://www.freedesktop.org/software/systemd/man/daemon.html)
 ## How To
--- a/docs/RANDOM_SEEDS.md
+++ b/docs/RANDOM_SEEDS.md
@ -153,7 +153,7 @@ boot, in order to ensure the entropy pool is filled up quickly.
   provides virtualized RNG hardware (and VM environments really should!).
 2. The
-   [`systemd-random-seed.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-random-seed.service.html)
+   [`systemd-random-seed.service`](https://www.freedesktop.org/software/systemd/man/systemd-random-seed.service.html)
   system service will load a random seed from `/var/lib/systemd/random-seed`
   into the kernel entropy pool.
   By default it does not credit entropy for it though, since the seed is — more often than not — not reset when 'golden' master images of an OS are created, and thus replicated into every installation.
@ -167,12 +167,12 @@ boot, in order to ensure the entropy pool is filled up quickly.
   require an initialized entropy pool to operate correctly.
 3. The
-   [`systemd-boot`](https://www.freedesktop.org/software/systemd/man/latest/systemd-boot.html)
+   [`systemd-boot`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)
   EFI boot loader included in systemd is able to maintain and provide a random
   seed stored in the EFI System Partition (ESP) to the booted OS, which allows
   booting up with a fully initialized entropy pool from earliest boot on.
   During installation of the boot loader (or when invoking
-   [`bootctlrandom-seed`](https://www.freedesktop.org/software/systemd/man/latest/bootctl.html#random-seed))
+   [`bootctlrandom-seed`](https://www.freedesktop.org/software/systemd/man/bootctl.html#random-seed))
   a seed file with an initial seed is placed in a file `/loader/random-seed` in the ESP.
   In addition, an identically sized randomized EFI variable called the 'system token' is set, which is written to the machine's firmware NVRAM.
@ -301,8 +301,8 @@ This primarily leaves two kind of systems in the cold:
 5. *Why don't you use
   [`rngd`](https://github.com/nhorman/rng-tools),
-   [`haveged`](https://www.issihosts.com/haveged/),
+   [`haveged`](http://www.issihosts.com/haveged/),
-   [`egd`](https://egd.sourceforge.net/)?
+   [`egd`](http://egd.sourceforge.net/)?
   That's all you need!*
   Like `uuidd` above these are system services, hence come too late for our use-case.
@ -362,7 +362,7 @@ This primarily leaves two kind of systems in the cold:
    loader random seeds too!*
    Well, consider just switching to `systemd-boot`, it's worth it. See
-    [systemd-boot(7)](https://www.freedesktop.org/software/systemd/man/latest/systemd-boot.html)
+    [systemd-boot(7)](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)
    for an introduction why. That said, any boot loader can re-implement the
    logic described above, and can pass a random seed that systemd as PID 1
    will then upload into the kernel's entropy pool. For details see the
--- a/docs/RESOLVED-VPNS.md
+++ b/docs/RESOLVED-VPNS.md
@ -14,7 +14,7 @@ interfaces.
 For a verbose explanation of `systemd-resolved.service`'s domain routing logic,
 see its [man
-page](https://www.freedesktop.org/software/systemd/man/latest/systemd-resolved.service.html). This
+page](https://www.freedesktop.org/software/systemd/man/systemd-resolved.service.html). This
 document is supposed to provide examples to use the concepts for the specific
 purpose of managing VPN DNS configuration.
@ -184,14 +184,14 @@ the configuration to `systemd-resolved.service`? There are three relevant
 interfaces:
 1. Ideally, you use D-Bus and talk to [`systemd-resolved.service`'s D-Bus
-   API](https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.resolve1.html)
+   API](https://www.freedesktop.org/software/systemd/man/org.freedesktop.resolve1.html)
   directly. Use `SetLinkDomains()` to set the per-interface search and routing
   domains on the interfaces you manage, and `SetLinkDefaultRoute()` to manage
   the `default-route` boolean, all on the `org.freedesktop.resolve1.Manager`
   interface of the `/org/freedesktop/resolve1` object.
 2. If that's not in the cards, you may shell out to
-   [`resolvectl`](https://www.freedesktop.org/software/systemd/man/latest/resolvectl.html),
+   [`resolvectl`](https://www.freedesktop.org/software/systemd/man/resolvectl.html),
   which is a thin wrapper around the D-Bus interface mentioned above. Use
   `resolvectl domain <iface> …` to set the search/routing domains and
   `resolvectl default-route <iface> …` to set the `default-route` boolean.
--- a/docs/ROOTFS_DISCOVERY.md
+++ b/docs/ROOTFS_DISCOVERY.md
@ -101,7 +101,7 @@ auxiliary resources:
 > [!NOTE]
 > Depending on the execution environment the first component (the boot loader)
 > might be dispensable. Specifically, on disk images intended solely for use in
-> VMs, it might make sense to tell the firmware to directly boot a UKI,
+> VMs, it might be make sense to tell the firmware to directly boot a UKI,
 > letting the VMM's image selection functionality play the role of the boot loader.
 > [!NOTE]
--- a/docs/SYSLOG.md
+++ b/docs/SYSLOG.md
@ -21,7 +21,7 @@ On a systemd system it is no longer OK to listen on /dev/log directly, and your
 If you do that then you will lose logging from STDOUT/STDERR of services (as well as other stuff).
 Your BSD compatible logging service should alias `syslog.service` to itself (i.e. symlink) when it is _enabled_.
-That way [syslog.socket](https://github.com/systemd/systemd/blob/main/units/syslog.socket) will activate your service when things are logged.
+That way [syslog.socket](http://cgit.freedesktop.org/systemd/systemd/plain/units/syslog.socket) will activate your service when things are logged.
 Of course, only one implementation of BSD syslog can own that symlink, and hence only one implementation can be enabled at a time, but that's intended as there can only be one process listening on that socket.
 (see below for details how to manage this symlink.)
--- a/docs/TEMPORARY_DIRECTORIES.md
+++ b/docs/TEMPORARY_DIRECTORIES.md
@ -22,7 +22,7 @@ If the `$TMPDIR` environment variable is set, use that path, and neither use
 `/tmp/` nor `/var/tmp/` directly.
 See
-[file-hierarchy(7)](https://www.freedesktop.org/software/systemd/man/latest/file-hierarchy.html)
+[file-hierarchy(7)](https://www.freedesktop.org/software/systemd/man/file-hierarchy.html)
 for details about these two (and most other) directories of a Linux system.
 ## Common Namespace
--- a/docs/THE_CASE_FOR_THE_USR_MERGE.md
+++ b/docs/THE_CASE_FOR_THE_USR_MERGE.md
@ -41,9 +41,9 @@ A unified filesystem layout (as it results from the /usr merge) is more compatib
 - /usr/bin/foo may be called by other tools either via /usr/bin/foo or /bin/foo, both paths become fully equivalent through the /usr merge. The operating system ends up executing exactly the same file, simply because the symlink /bin just redirects the invocation to /usr/bin.
-The historical justification for a /bin, /sbin and /lib separate from /usr no longer applies today. ([More on the historical justification for the split](https://lists.busybox.net/pipermail/busybox/2010-December/074114.html), by Rob Landley) They were split off to have selected tools on a faster hard disk (which was small, because it was more expensive) and to contain all the tools necessary to mount the slower /usr partition. Today, a separate /usr partition already must be mounted by the initramfs during early boot, thus making the justification for a split-off moot. In addition a lot of tools in /bin and /sbin in the status quo already lost the ability to run without a pre-mounted /usr. There is no valid reason anymore to have the operating system spread over multiple hierarchies, it lost its purpose.
+The historical justification for a /bin, /sbin and /lib separate from /usr no longer applies today. ([More on the historical justification for the split](http://lists.busybox.net/pipermail/busybox/2010-December/074114.html), by Rob Landley) They were split off to have selected tools on a faster hard disk (which was small, because it was more expensive) and to contain all the tools necessary to mount the slower /usr partition. Today, a separate /usr partition already must be mounted by the initramfs during early boot, thus making the justification for a split-off moot. In addition a lot of tools in /bin and /sbin in the status quo already lost the ability to run without a pre-mounted /usr. There is no valid reason anymore to have the operating system spread over multiple hierarchies, it lost its purpose.
-Solaris implemented the core part of the /usr merge 15 years ago already, and completed it with the introduction of Solaris 11. Solaris has /bin and /sbin only as symlinks in the root file system, the same way as you will have after the /usr merge: [Transitioning From Oracle Solaris 10 to Oracle Solaris 11 - User Environment Feature Changes](https://docs.oracle.com/cd/E23824_01/html/E24456/userenv-1.html).
+Solaris implemented the core part of the /usr merge 15 years ago already, and completed it with the introduction of Solaris 11. Solaris has /bin and /sbin only as symlinks in the root file system, the same way as you will have after the /usr merge: [Transitioning From Oracle Solaris 10 to Oracle Solaris 11 - User Environment Feature Changes](http://docs.oracle.com/cd/E23824_01/html/E24456/userenv-1.html).
 Not implementing the /usr merge in your distribution will isolate it from upstream development. It will make porting of packages needlessly difficult, because packagers need to split up installed files into multiple directories and hard code different locations for tools; both will cause unnecessary incompatibilities. Several Linux distributions are agreeing with the benefits of the /usr merge and are already in the process to implement the /usr merge. This means that upstream projects will adapt quickly to the change, those making portability to your distribution harder.
@ -112,4 +112,4 @@ _With all vendor-supplied OS resources in a single directory /usr they may be sh
 ---
-If this page didn't answer your questions you may continue reading [on the Fedora feature page](https://fedoraproject.org/wiki/Features/UsrMove).
+If this page didn't answer your questions you may continue reading [on the Fedora feature page](https://fedoraproject.org/wiki/Features/UsrMove) and this [mail from Lennart](http://thread.gmane.org/gmane.linux.redhat.fedora.devel/155511/focus=155792).
--- a/docs/TPM2_PCR_MEASUREMENTS.md
+++ b/docs/TPM2_PCR_MEASUREMENTS.md
@ -25,10 +25,10 @@ systemd will measure to PCRs 5 (`boot-loader-config`), 11 (`kernel-boot`),
 Currently, four components will issue TPM2 PCR measurements:
-* The [`systemd-boot`](https://www.freedesktop.org/software/systemd/man/latest/systemd-boot.html) boot menu (UEFI)
+* The [`systemd-boot`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html) boot menu (UEFI)
-* The [`systemd-stub`](https://www.freedesktop.org/software/systemd/man/latest/systemd-stub.html) boot stub (UEFI)
+* The [`systemd-stub`](https://www.freedesktop.org/software/systemd/man/systemd-stub.html) boot stub (UEFI)
-* The [`systemd-pcrextend`](https://www.freedesktop.org/software/systemd/man/latest/systemd-pcrphase.service.html) measurement tool (userspace)
+* The [`systemd-pcrextend`](https://www.freedesktop.org/software/systemd/man/systemd-pcrphase.service.html) measurement tool (userspace)
-* The [`systemd-cryptsetup`](https://www.freedesktop.org/software/systemd/man/latest/systemd-cryptsetup@.service.html) disk encryption tool (userspace)
+* The [`systemd-cryptsetup`](https://www.freedesktop.org/software/systemd/man/systemd-cryptsetup@.service.html) disk encryption tool (userspace)
 A userspace measurement event log in a format close to TCG CEL-JSON is
 maintained in `/run/log/systemd/tpm2-measure.log`.
--- a/docs/UIDS-GIDS.md
+++ b/docs/UIDS-GIDS.md
@ -93,7 +93,7 @@ possible.
 `systemd` defines a number of special UID ranges:
 1. 60001…60513 → UIDs for home directories managed by
-   [`systemd-homed.service(8)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-homed.service.html).
+   [`systemd-homed.service(8)`](https://www.freedesktop.org/software/systemd/man/systemd-homed.service.html).
   UIDs from this range are automatically assigned to any home directory discovered,
   and persisted locally on first login.
   On different systems the same user might get different UIDs assigned in case of conflict, though it is
@ -113,7 +113,7 @@ possible.
 3. 61184…65519 → UIDs for dynamic users are allocated from this range (see the
   `DynamicUser=` documentation in
-   [`systemd.exec(5)`](https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html)).
+   [`systemd.exec(5)`](https://www.freedesktop.org/software/systemd/man/systemd.exec.html)).
   This range has been chosen so that it is below the 16-bit boundary
   (i.e. below 65535), in order to provide compatibility with container environments that
   assign a 64K range of UIDs to containers using user namespacing.
--- a/docs/USERDB_AND_DESKTOPS.md
+++ b/docs/USERDB_AND_DESKTOPS.md
@ -8,7 +8,7 @@ SPDX-License-Identifier: LGPL-2.1-or-later
 # `systemd-homed` and JSON User/Group Record Support in Desktop Environments
 Starting with version 245, systemd supports a new subsystem
-[`systemd-homed.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-homed.service.html)
+[`systemd-homed.service`](https://www.freedesktop.org/software/systemd/man/systemd-homed.service.html)
 for managing regular ("human") users and their home directories.
 Along with it a new concept `userdb` got merged that brings rich, extensible JSON user/group
 records, extending the classic UNIX/glibc NSS `struct passwd`/`struct group` structures.
@ -60,7 +60,7 @@ A display manager which supports this kind of out-of-context screen lock
 operation needs to inform systemd-homed about this so that systemd-homed knows
 that it is safe to suspend the user's home directory on suspend.
 This is done via the `suspend=` argument to the
-[`pam_systemd_home`](https://www.freedesktop.org/software/systemd/man/latest/pam_systemd_home.html)
+[`pam_systemd_home`](https://www.freedesktop.org/software/systemd/man/pam_systemd_home.html)
 PAM module.
 A display manager should hence change its PAM stack configurationto set this parameter to on.
 `systemd-homed` will not suspend home directories if there's at least one active session of the user that does not support
--- a/docs/USER_GROUP_API.md
+++ b/docs/USER_GROUP_API.md
@ -23,7 +23,7 @@ The concepts described here define an IPC interface.
 Alternatively, user/group records may be dropped in number of drop-in directories as files where they are
 picked up in addition to the users/groups defined by this IPC logic.
 See
-[`nss-systemd(8)`](https://www.freedesktop.org/software/systemd/man/latest/nss-systemd.html)
+[`nss-systemd(8)`](https://www.freedesktop.org/software/systemd/man/nss-systemd.html)
 for details.
 This simple API only exposes only three method calls, and requires only a small
@ -150,7 +150,7 @@ synthesize NSS records for users/groups natively defined via a Varlink API.
 Special care is taken to avoid recursion between these two compatibility mechanisms.
 Subsystems that shall provide user/group records to the system may choose
-between offering them via an NSS module or via this Varlink API, either way
+between offering them via an NSS module or via a this Varlink API, either way
 all records are accessible via both APIs, due to the bidirectional forwarding.
 It is also possible to provide the same records via both APIs
 directly, but in that case the compatibility logic must be turned off.
--- a/docs/USER_NAMES.md
+++ b/docs/USER_NAMES.md
@ -73,9 +73,9 @@ below implements a deny list of what's not allowed and permits everything else.
 Strict user/group name syntax is enforced whenever a systemd component is used
 to register a user or group in the system, for example a system user/group
 using
-[`systemd-sysusers.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-sysusers.html)
+[`systemd-sysusers.service`](https://www.freedesktop.org/software/systemd/man/systemd-sysusers.html)
 or a regular user with
-[`systemd-homed.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-homed.html).
+[`systemd-homed.service`](https://www.freedesktop.org/software/systemd/man/systemd-homed.html).
 In strict mode, only uppercase and lowercase characters are allowed, as well as
 digits, underscores and hyphens.
@ -98,7 +98,7 @@ Written as regular expression the above is: `^[a-zA-Z_][a-zA-Z0-9_-]{0,30}$`
 Relaxed user/group name syntax is enforced whenever a systemd component accepts
 and makes use of user/group names registered by other (non-systemd)
 components of the system, for example in
-[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-logind.service.html).
+[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/systemd-logind.html).
 Relaxed syntax is also enforced by the `User=` setting in service unit files,
 i.e. for system services used for running services.
--- a/docs/USER_RECORD.md
+++ b/docs/USER_RECORD.md
@ -13,22 +13,22 @@ pairs, encoded as JSON.
 Specifically:
-1. [`systemd-homed.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-homed.service.html)
+1. [`systemd-homed.service`](https://www.freedesktop.org/software/systemd/man/systemd-homed.service.html)
   manages `human` user home directories and embeds these JSON records
   directly in the home directory images
   (see [Home Directories](/HOME_DIRECTORY) for details).
-2. [`pam_systemd`](https://www.freedesktop.org/software/systemd/man/latest/pam_systemd.html)
+2. [`pam_systemd`](https://www.freedesktop.org/software/systemd/man/pam_systemd.html)
   processes these JSON records for users that log in, and applies various
   settings to the activated session, including environment variables, nice
   levels and more.
-3. [`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-logind.service.html)
+3. [`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/systemd-logind.service.html)
   processes these JSON records of users that log in, and applies various
   resource management settings to the per-user slice units it manages.
   This allows setting global limits on resource consumption by a specific user.
-4. [`nss-systemd`](https://www.freedesktop.org/software/systemd/man/latest/nss-systemd.html)
+4. [`nss-systemd`](https://www.freedesktop.org/software/systemd/man/nss-systemd.html)
   is a glibc NSS module that synthesizes classic NSS records from these JSON
   records, providing full backwards compatibility with the classic UNIX APIs
   both for look-up and enumeration.
@ -37,7 +37,7 @@ Specifically:
   effect of `DynamicUser=` in service unit files) as these advanced JSON
   records, making them discoverable to the rest of the system.
-6. [`systemd-userdbd.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-userdbd.service.html)
+6. [`systemd-userdbd.service`](https://www.freedesktop.org/software/systemd/man/systemd-userdbd.service.html)
   is a small service that can translate UNIX/glibc NSS records to these JSON user records.
   It also provides a unified [Varlink](https://varlink.org/) API for querying and enumerating records of this type,
   optionally acquiring them from various other services.
@ -82,7 +82,7 @@ JSON User Records may be transferred or written to disk in various protocols
 and formats. To inquire about such records defined on the local system use the
 [User/Group Lookup API via Varlink](/USER_GROUP_API). User/group records may
 also be dropped in number of drop-in directories as files. See
-[`nss-systemd(8)`](https://www.freedesktop.org/software/systemd/man/latest/nss-systemd.html)
+[`nss-systemd(8)`](https://www.freedesktop.org/software/systemd/man/nss-systemd.html)
 for details.
 ## Why JSON?
@ -260,7 +260,7 @@ This field must not contain control characters (such as `\n`) or colons (`:`), s
 as record separators in classic `/etc/passwd` files and similar formats.
 `emailAddress` → The email address of the user, formatted as string.
-[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/latest/pam_systemd.html)
+[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/pam_systemd.html)
 initializes the `$EMAIL` environment variable from this value for all login
 sessions.
@ -310,19 +310,19 @@ Takes an integer. Note that usually on UNIX the umask is noted in octal, but JSO
 integers are generally written in decimal, hence in this context we denote it umask in decimal too.
 The specified value should be in the valid range for umasks, i.e. 0000…0777 (in octal as typical in UNIX), or 0…511 (in decimal, how
 it actually appears in the JSON record).
-This `umask` is automatically set by [`pam_systemd`](https://www.freedesktop.org/software/systemd/man/latest/pam_systemd.html)
+This `umask` is automatically set by [`pam_systemd`](https://www.freedesktop.org/software/systemd/man/pam_systemd.html)
 for all login sessions of the user.
 `environment` → An array of strings, each containing an environment variable
 and its value to set for the user's login session, in a format compatible with
 [`putenv()`](https://man7.org/linux/man-pages/man3/putenv.3.html). Any
 environment variable listed here is automatically set by
-[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/latest/pam_systemd.html)
+[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/pam_systemd.html)
 for all login sessions of the user.
 `timeZone` → A string indicating a preferred timezone to use for the user. When
 logging in
-[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/latest/pam_systemd.html)
+[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/pam_systemd.html)
 will automatically initialize the `$TZ` environment variable from this
 string.
 The string should be a `tzdata` compatible location string, for example: `Europe/Berlin`.
@ -340,13 +340,13 @@ specify all the languages that they know, so software lacking translations in th
 primary language can try another language that the user knows rather than falling back to
 the default English. All entries in this field must be valid locale names, compatible with
 the `$LANG` variable, for example: `de_DE.UTF-8`. When logging in
-[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/latest/pam_systemd.html)
+[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/pam_systemd.html)
 will prepend `preferredLanguage` (if set) to this list (if set), remove duplicates,
 and then automatically initialize the `$LANGUAGE` variable with the resulting list.
 It will also initialize `$LANG` variable with the first entry in the resulting list.
 `niceLevel` → An integer value in the range -20…19. When logging in
-[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/latest/pam_systemd.html)
+[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/pam_systemd.html)
 will automatically initialize the login process' nice level to this value with,
 which is then inherited by all the user's processes, see
 [`setpriority()`](https://man7.org/linux/man-pages/man2/setpriority.2.html) for
@ -356,7 +356,7 @@ more information.
 (such as `RLIMIT_NOFILE` and similar).
 Their values should be an object with two keys `cur` and `max` for the soft and hard resource limit.
 When logging in
-[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/latest/pam_systemd.html)
+[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/pam_systemd.html)
 will automatically initialize the login process' resource limits to these
 values, which is then inherited by all the user's processes, see
 [`setrlimit()`](https://man7.org/linux/man-pages/man2/setrlimit.2.html) for more
@ -408,7 +408,7 @@ access mask for the home directory when it is first created.
 tasks the user may start in parallel during system runtime.
 This counts all tasks (i.e. threads, where each process is at least one thread) the user starts or that are
 forked from these processes even if the user identity is changed (for example by setuid binaries/`su`/`sudo` and similar).
-[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-logind.service.html)
+[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/systemd-logind.service.html)
 enforces this by setting the `TasksMax` slice property for the user's slice
 `user-$UID.slice`.
@ -416,14 +416,14 @@ enforces this by setting the `TasksMax` slice property for the user's slice
 memory limits for all processes of the user (plus all processes forked off them
 that might have changed user identity),
 in bytes. Enforced by
-[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-logind.service.html),
+[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/systemd-logind.service.html),
 similar to `tasksMax`.
 `cpuWeight`/`ioWeight` → These take unsigned integers in the range 1…10000
 (defaults to 100) and configure the CPU and IO scheduling weights for the
 user's processes as a whole.
 Also enforced by
-[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-logind.service.html),
+[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/systemd-logind.service.html),
 similar to `tasksMax`, `memoryHigh` and `memoryMax`.
 `mountNoDevices`/`mountNoSuid`/`mountNoExecute` → Three booleans that control
@ -574,7 +574,7 @@ display manager to pre-select the correct environment to launch when the user lo
 `stopDelayUSec` → An unsigned 64-bit integer, indicating the time in µs the
 per-user service manager is kept around after the user fully logged out.  This
 value is honored by
-[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-logind.service.html). If
+[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/systemd-logind.service.html). If
 set to zero the per-user service manager is immediately terminated when the
 user logs out, and longer values optimize high-frequency log-ins as the
 necessary work to set up and tear down a log-in is reduced if the service manager stays running.
@ -582,7 +582,7 @@ necessary work to set up and tear down a log-in is reduced if the service manage
 `killProcesses` → A boolean.
 If true all processes of the user are automatically killed when the user logs out.
 This is enforced by
-[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/latest/systemd-logind.service.html).
+[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/systemd-logind.service.html).
 If false any processes left around when the user logs out are left running.
 `passwordChangeMinUSec`/`passwordChangeMaxUSec` → An unsigned 64-bit integer,
--- a/docs/WRITING_DESKTOP_ENVIRONMENTS.md
+++ b/docs/WRITING_DESKTOP_ENVIRONMENTS.md
@ -15,11 +15,11 @@ This provides a number of new features, but also requires updating of the Deskto
 This document should be read together with [Writing Display Managers](/WRITING_DISPLAY_MANAGERS) which focuses on the porting work necessary for display managers.
 If required it is possible to implement ConsoleKit and systemd-logind support in the same desktop environment code, detecting at runtime which interface is needed.
-The [sd_booted()](https://www.freedesktop.org/software/systemd/man/latest/sd_booted.html) call may be used to determine at runtime whether systemd is used.
+The [sd_booted()](http://www.freedesktop.org/software/systemd/man/sd_booted.html) call may be used to determine at runtime whether systemd is used.
 To a certain level ConsoleKit and systemd-logind may be used side-by-side, but a number of features are not available if ConsoleKit is used.
-Please have a look at the [Bus API of logind](https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.login1.html) and the C API as documented in [sd-login(7)](https://www.freedesktop.org/software/systemd/man/latest/sd-login.html). (Also see below)
+Please have a look at the [Bus API of logind](https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.login1.html) and the C API as documented in [sd-login(7)](http://www.freedesktop.org/software/systemd/man/sd-login.html). (Also see below)
 Here are the suggested changes:
@ -44,6 +44,6 @@ Here are the suggested changes:
  Use logind's ListInhibitors() call to get a list of these inhibitors. See [Inhibitor Locks](/INHIBITOR_LOCKS) for further details on this.
 - If your DE contains a process viewer of some kind ("system monitor") it's a good idea to show session, service and seat information for each process.
  Use sd_pid_get_session(), sd_pid_get_unit(), sd_session_get_seat() to determine these.
-  For details see [sd-login(7)](https://www.freedesktop.org/software/systemd/man/latest/sd-login.html).
+  For details see [sd-login(7)](http://www.freedesktop.org/software/systemd/man/sd-login.html).
 And that's all! Thank you!
--- a/docs/WRITING_DISPLAY_MANAGERS.md
+++ b/docs/WRITING_DISPLAY_MANAGERS.md
@ -16,11 +16,11 @@ true automatic multi-seat support, proper tracking of session processes, (option
 This document should be read together with [Writing Desktop Environments](/WRITING_DESKTOP_ENVIRONMENTS) which focuses on the porting work necessary for desktop environments.
 If required it is possible to implement ConsoleKit and systemd-logind support in the same display manager, detecting at runtime which interface is needed.
-The [sd_booted()](https://www.freedesktop.org/software/systemd/man/latest/sd_booted.html) call may be used to determine at runtime whether systemd is used.
+The [sd_booted()](http://www.freedesktop.org/software/systemd/man/sd_booted.html) call may be used to determine at runtime whether systemd is used.
 To a certain level ConsoleKit and systemd-logind may be used side-by-side, but a number of features are not available if ConsoleKit is used, for example automatic multi-seat support.
-Please have a look at the [Bus API of logind](https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.login1.html) and the C API as documented in [sd-login(7)](https://www.freedesktop.org/software/systemd/man/latest/sd-login.html).
+Please have a look at the [Bus API of logind](https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.login1.html) and the C API as documented in [sd-login(7)](http://www.freedesktop.org/software/systemd/man/sd-login.html).
 (Also see below)
 Minimal porting (without multi-seat) requires the following:
@ -51,7 +51,7 @@ In summary: porting a display manager from ConsoleKit to systemd primarily means
   And that's already it.
 While most information about seats, sessions and users is available on systemd-logind's D-Bus interface, this is not the only API.
-The synchronous [sd-login(7)](https://www.freedesktop.org/software/systemd/man/latest/sd-login.html) C interface is often easier to use and much faster too.
+The synchronous [sd-login(7)](http://www.freedesktop.org/software/systemd/man/sd-login.html) C interface is often easier to use and much faster too.
 In fact it is possible to implement the scheme above entirely without D-Bus relying only on this API.
 Note however, that this C API is purely passive, and if you want to execute an actually state changing operation you need to use the bus interface (for example, to switch sessions, or to kill sessions and suchlike).
 Also have a look at the [logind Bus API](https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.login1.html).
--- a/docs/_data/extra_pages.json
+++ b/docs/_data/extra_pages.json
@ -42,22 +42,22 @@
  {
    "category": "Manual Pages",
    "title": "Index",
-    "url": "https://www.freedesktop.org/software/systemd/man/latest/"
+    "url": "https://www.freedesktop.org/software/systemd/man/"
  },
  {
    "category": "Manual Pages",
    "title": "Directives",
-    "url": "https://www.freedesktop.org/software/systemd/man/latest/systemd.directives.html"
+    "url": "https://www.freedesktop.org/software/systemd/man/systemd.directives.html"
  },
  {
    "category": "Publications",
    "title": "Article in The H",
-    "url": "https://www.h-online.com/open/features/Control-Centre-The-systemd-Linux-init-system-1565543.html"
+    "url": "http://www.h-online.com/open/features/Control-Centre-The-systemd-Linux-init-system-1565543.html"
  },
  {
    "category": "Publications",
    "title": "Article in The H, Part 2",
-    "url": "https://www.h-online.com/open/features/Booting-up-Tools-and-tips-for-systemd-1570630.html"
+    "url": "http://www.h-online.com/open/features/Booting-up-Tools-and-tips-for-systemd-1570630.html"
  },
  {
    "category": "Publications",
@ -157,7 +157,7 @@
  {
    "category": "Videos for Users and Administrators",
    "title": "Presentation about systemd at linux.conf.au 2011",
-    "url": "https://www.youtube.com/watch?v=9XRj8ii91D0"
+    "url": "http://linuxconfau.blip.tv/file/4696791/"
  },
  {
    "category": "Videos for Users and Administrators",
@ -289,6 +289,11 @@
    "title": "A more complete Russian translation (PDF)",
    "url": "http://www2.kangran.su/~nnz/pub/s4a/s4a_latest.pdf"
  },
  {
    "category": "The systemd for Administrators Blog Series",
    "title": "A Vietnamese translation",
    "url": "https://archlinuxvn.org/doc/systemd/#lp"
  },
  {
    "category": "The systemd for Developers Series",
    "title": "#1: Socket Activation",
@ -402,12 +407,12 @@
  {
    "category": "Documentation for Developers - external links",
    "title": "The 30 Biggest Myths about systemd",
-    "url": "https://0pointer.de/blog/projects/the-biggest-myths.html"
+    "url": "http://0pointer.de/blog/projects/the-biggest-myths.html"
  },
  {
    "category": "Documentation for Developers - external links",
    "title": "Introduction to systemd in French",
-    "url": "https://lea-linux.org/documentations/Systemd"
+    "url": "http://lea-linux.org/documentations/Systemd"
  },
  {
    "category": "The various distributions",
@ -432,12 +437,12 @@
  {
    "category": "The various distributions",
    "title": "openSUSE instructions",
-    "url": "https://en.opensuse.org/SDB:Systemd"
+    "url": "http://en.opensuse.org/SDB:Systemd"
  },
  {
    "category": "The various distributions",
    "title": "openSUSE bugtracker",
-    "url": "https://bugzilla.opensuse.org/buglist.cgi?bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=NEEDINFO&bug_status=REOPENED&classification=openSUSE&field0-0-0=product&field0-0-1=component&field0-0-2=short_desc&field0-0-3=status_whiteboard&known_name=systemd&query_based_on=systemd&query_format=advanced&short_desc=systemd&short_desc_type=allwordssubstr&type0-0-0=substring&type0-0-1=substring&type0-0-2=substring&type0-0-3=substring&value0-0-0=systemd&value0-0-1=systemd&value0-0-2=systemd&value0-0-3=systemd"
+    "url": "https://bugzilla.novell.com/buglist.cgi?short_desc=systemd&field0-0-0=product&type0-0-1=substring&field0-0-1=component&classification=openSUSE&value0-0-2=systemd&query_based_on=systemd&query_format=advanced&type0-0-3=substring&field0-0-3=status_whiteboard&value0-0-3=systemd&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=NEEDINFO&bug_status=REOPENED&short_desc_type=allwordssubstr&field0-0-2=short_desc&value0-0-1=systemd&type0-0-0=substring&value0-0-0=systemd&type0-0-2=substring&known_name=systemd"
  },
  {
    "category": "The various distributions",
@ -457,17 +462,17 @@
  {
    "category": "The various distributions",
    "title": "Debian packages",
-    "url": "https://packages.debian.org/systemd"
+    "url": "http://packages.debian.org/systemd"
  },
  {
    "category": "The various distributions",
    "title": "Debian wiki",
-    "url": "https://wiki.debian.org/systemd"
+    "url": "http://wiki.debian.org/systemd"
  },
  {
    "category": "The various distributions",
    "title": "Debian bugtracker",
-    "url": "https://bugs.debian.org/cgi-bin/pkgreport.cgi?ordering=normal;archive=0;src=systemd"
+    "url": "http://bugs.debian.org/cgi-bin/pkgreport.cgi?ordering=normal;archive=0;src=systemd"
  },
  {
    "category": "The various distributions",
@ -481,8 +486,8 @@
  },
  {
    "category": "The various distributions",
-    "title": "Mageia wiki",
+    "title": "Mageia packages",
-    "url": "https://wiki.mageia.org/en/Features/Systemd"
+    "url": "http://svnweb.mageia.org/packages/cauldron/systemd/current/"
  },
  {
    "category": "The various distributions",
@ -492,12 +497,12 @@
  {
    "category": "The various distributions",
    "title": "Gentoo packages",
-    "url": "https://packages.gentoo.org/package/sys-apps/systemd"
+    "url": "http://packages.gentoo.org/package/sys-apps/systemd"
  },
  {
    "category": "The various distributions",
    "title": "Gentoo wiki",
-    "url": "https://wiki.gentoo.org/wiki/Systemd"
+    "url": "http://wiki.gentoo.org/wiki/Systemd"
  },
  {
    "category": "The various distributions",
--- a/docs/assets/systemd-logo.svg
+++ b/docs/assets/systemd-logo.svg
@ -1,4 +1,4 @@
-<svg xmlns="https://www.w3.org/2000/svg" width="202" height="26" viewBox="0 0 202 26" id="systemd-logo">
+<svg xmlns="http://www.w3.org/2000/svg" width="202" height="26" viewBox="0 0 202 26" id="systemd-logo">
    <!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
    <path d="M0 0v26h10v-4H4V4h6V0zm76 0v4h6v18h-6v4h10V0z" fill="currentColor"/>
    <path d="M113.498 14.926q-4.5-.96-4.5-3.878 0-1.079.609-1.981.621-.902 1.781-1.441 1.16-.54 2.707-.54 1.63 0 2.848.528 1.219.516 1.875 1.453.656.926.656 2.121h-3.539q0-.762-.457-1.183-.457-.434-1.394-.434-.774 0-1.243.363-.457.364-.457.938 0 .55.516.89.527.34 1.781.575 1.5.28 2.543.738 1.043.445 1.653 1.242.62.797.62 2.027 0 1.114-.667 2.004-.657.88-1.887 1.383-1.219.504-2.836.504-1.711 0-2.965-.621-1.242-.633-1.898-1.617-.645-.985-.645-2.051h3.34q.036.914.656 1.36.621.433 1.594.433.902 0 1.383-.34.492-.351.492-.937 0-.364-.223-.61-.21-.258-.773-.48-.55-.223-1.57-.446zm19.384-7.606l-5.086 14.58q-.293.831-.726 1.523-.434.703-1.266 1.195-.832.504-2.098.504-.457 0-.75-.048-.281-.046-.785-.176v-2.672q.176.02.527.02.95 0 1.418-.293.47-.293.715-.961l.352-.926-4.43-12.738h3.797l2.262 7.687 2.285-7.687zm5.884 7.606q-4.5-.96-4.5-3.878 0-1.079.61-1.981.62-.902 1.781-1.441 1.16-.54 2.707-.54 1.629 0 2.848.528 1.218.516 1.875 1.453.656.926.656 2.121h-3.539q0-.762-.457-1.183-.457-.434-1.395-.434-.773 0-1.242.363-.457.364-.457.938 0 .55.516.89.527.34 1.781.575 1.5.28 2.543.738 1.043.445 1.652 1.242.621.797.621 2.027 0 1.114-.668 2.004-.656.88-1.886 1.383-1.219.504-2.836.504-1.711 0-2.965-.621-1.242-.633-1.899-1.617-.644-.985-.644-2.051h3.34q.036.914.656 1.36.621.433 1.594.433.902 0 1.383-.34.492-.351.492-.937 0-.364-.223-.61-.21-.258-.773-.48-.551-.223-1.57-.446zm13.983 2.403q.574 0 .984-.082v2.66q-.914.328-2.086.328-3.727 0-3.727-3.797V9.899h-1.793V7.321h1.793v-3.14h3.54v3.14h2.132v2.578h-2.133v6.129q0 .75.293 1.031.293.27.997.27zm14.228-2.519h-8.016q.2 1.183.985 1.886.785.691 2.015.691.914 0 1.688-.34.785-.351 1.336-1.042l1.699 1.957q-.668.96-1.957 1.617-1.278.656-3 .656-1.946 0-3.387-.82-1.43-.82-2.203-2.227-.762-1.406-.762-3.105v-.446q0-1.898.715-3.386.715-1.489 2.063-2.32 1.347-.844 3.187-.844 1.793 0 3.059.761 1.265.762 1.922 2.168.656 1.395.656 3.293zm-3.469-2.65q-.024-1.03-.574-1.628-.54-.598-1.617-.598-1.008 0-1.582.668-.563.668-.739 1.84h4.512zm19.923-5.073q1.934 0 2.989 1.148 1.054 1.148 1.054 3.727v8.039h-3.539V11.95q0-.797-.21-1.23-.212-.446-.61-.61-.387-.164-.984-.164-.715 0-1.219.352-.504.34-.797.972.02.082.02.27V20h-3.54v-8.015q0-.797-.21-1.242-.211-.445-.61-.621-.386-.176-.996-.176-.68 0-1.183.304-.492.293-.797.844V20h-3.539V7.32h3.316l.118 1.419q.633-.797 1.547-1.22.926-.433 2.086-.433 1.172 0 2.016.48.855.47 1.312 1.442.633-.926 1.582-1.418.961-.504 2.203-.504zM201.398 2v18h-3.187l-.176-1.359q-1.243 1.594-3.212 1.594-1.535 0-2.66-.82-1.113-.832-1.699-2.285-.574-1.454-.574-3.317v-.246q0-1.934.574-3.398.586-1.465 1.7-2.274 1.124-.808 2.683-.808 1.805 0 3.012 1.37V2.001zm-5.672 15.376q1.488 0 2.133-1.266v-4.898q-.61-1.266-2.11-1.266-1.207 0-1.77.984-.55.985-.55 2.637v.246q0 1.629.54 2.602.55.96 1.757.96z" fill="currentColor"/>
--- a/docs/favicon.svg
+++ b/docs/favicon.svg
@ -1,4 +1,4 @@
-<svg xmlns="https://www.w3.org/2000/svg" width="16" height="16">
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16">
    <!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
    <g transform="translate(380 -506.52)">
        <rect ry="16.875" rx="16.875" y="2409.281" x="4128.568" height="90" width="90" fill="#201a26" transform="matrix(.17778 0 0 .17778 -1113.968 78.203)" stroke-width="5.625"/>
--- a/docs/rootfs-discovery-flow.svg
+++ b/docs/rootfs-discovery-flow.svg
--- a/hwdb.d/60-keyboard.hwdb
+++ b/hwdb.d/60-keyboard.hwdb
@ -667,11 +667,6 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pn*[tT][aA][bB][lL][eE][tT]*:*
 KEYBOARD_KEY_86=pageup
 KEYBOARD_KEY_87=pagedown
 # OmniBook Ultra Flip Laptop 14-fh0xxx
 evdev:atkbd:dmi:*:svnHP:pnHPOmniBookUltraFlipLaptop14-fh0xxx:*
 KEYBOARD_KEY_82=unknown                                # Mic mute, handled by hp-wmi
 KEYBOARD_KEY_ab=!unknown                               # Brightness Down and Up keys, handled by acpi-video
 # Pavilion
 evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pn*[pP][aA][vV][iI][lL][iI][oO][nN]*:*
 evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHP*:pn*[pP][aA][vV][iI][lL][iI][oO][nN]*:*
--- a/hwdb.d/70-hardware-wallets.hwdb
+++ b/hwdb.d/70-hardware-wallets.hwdb
@ -20,65 +20,6 @@
 # Allowed properties are:
 #   ID_HARDWARE_WALLET=0|1
 ################
 # Blockstream Jade Hardware Wallets
 ################
 # Jade UART (Silicon Labs)
 usb:v10C4pEA60*
 ID_HARDWARE_WALLET=1
 # Jade UART (WCH)
 usb:v1A86p55D4*
 ID_HARDWARE_WALLET=1
 ################
 # Coinkite Hardware Wallets
 ################
 # Coldcard
 usb:vD13EpCC10*
 ID_HARDWARE_WALLET=1
 ################
 # Digital Bitbox Hardware Wallets
 ################
 # Digital Bitbox (dbb)
 usb:v03EBp2402*
 ID_HARDWARE_WALLET=1
 # BitBox02
 usb:v03EBp2403*
 ID_HARDWARE_WALLET=1
 ################
 # KeepKey Hardware Wallets
 ################
 # KeepKey HID Firmware/Bootloader
 usb:v2B24p0001*
 ID_HARDWARE_WALLET=1
 # KeepKey WebUSB Firmware/Bootloader
 usb:v2B24p0002*
 ID_HARDWARE_WALLET=1
 ################
 # Ledger Hardware Wallets
 ################
 # Ledger HW.1 / Nano series
 usb:v2581p1B7C*
 usb:v2581p2B7C*
 usb:v2581p3B7C*
 usb:v2581p4B7C*
 ID_HARDWARE_WALLET=1
 # Ledger Nano S/X/Blue/Stax and related devices
 usb:v2C97*
 ID_HARDWARE_WALLET=1
 ################
 # Trezor Hardware Wallets
 ################
@ -89,5 +30,7 @@ usb:v534Cp0001*
 # Trezor v2
 usb:v1209p53C0*
 ID_HARDWARE_WALLET=1
 usb:v1209p53C1*
 ID_HARDWARE_WALLET=1
--- a/man/repart.d.xml
+++ b/man/repart.d.xml
@ -884,9 +884,7 @@
        </para>
        <para>Note that this setting is only taken into account when <option>--generate-crypttab=</option>
-        is specified on the <command>systemd-repart</command> command line. As the crypttab with the expected
+        is specified on the <command>systemd-repart</command> command line.</para>
        hashes can only be generated after LUKS volumes are formatted, the crypttab itself cannot be put to
        the generated volume.</para>
        <xi:include href="version-info.xml" xpointer="v256"/></listitem>
      </varlistentry>
--- a/man/systemd.unit.xml
+++ b/man/systemd.unit.xml
@ -957,11 +957,8 @@
        <literal>isolate</literal>,
        <literal>flush</literal>,
        <literal>ignore-dependencies</literal> or
-        <literal>ignore-requirements</literal>.
+        <literal>ignore-requirements</literal>. Defaults to
-        <literal>OnFailureJobMode=</literal> defaults to
+        <literal>replace</literal>. Specifies how the units listed in
        <literal>replace</literal>,
        <literal>OnSuccessJobMode=</literal> defaults to
        <literal>fail</literal>. Specifies how the units listed in
        <varname>OnSuccess=</varname>/<varname>OnFailure=</varname> will be enqueued. See
        <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
        <option>--job-mode=</option> option for details on the
--- a/src/machine/machined-dbus.c
+++ b/src/machine/machined-dbus.c
@ -1642,12 +1642,6 @@ int manager_unit_is_active(Manager *manager, const char *unit, sd_bus_error *ret
        assert(manager);
        assert(unit);
        r = sd_bus_is_ready(manager->api_bus);
        if (r < 0)
                return r;
        if (r == 0)
                return -ENOTCONN;
        path = unit_dbus_path_from_name(unit);
        if (!path)
                return -ENOMEM;
@ -1688,12 +1682,6 @@ int manager_job_is_active(Manager *manager, const char *path, sd_bus_error *rete
        assert(manager);
        assert(path);
        r = sd_bus_is_ready(manager->api_bus);
        if (r < 0)
                return r;
        if (r == 0)
                return -ENOTCONN;
        r = sd_bus_get_property(
                        manager->api_bus,
                        "org.freedesktop.systemd1",
--- a/src/network/networkd-dhcp-common.c
+++ b/src/network/networkd-dhcp-common.c
@ -18,7 +18,6 @@
 #include "hexdecoct.h"
 #include "in-addr-prefix-util.h"
 #include "networkd-dhcp-common.h"
 #include "networkd-dhcp-prefix-delegation.h"
 #include "networkd-link.h"
 #include "networkd-manager.h"
 #include "networkd-network.h"
@ -107,7 +106,6 @@ void network_adjust_dhcp(Network *network) {
        }
        network_adjust_dhcp4(network);
        network_adjust_dhcp_prefix_delegation(network);
 }
 static bool duid_needs_product_uuid(const DUID *duid) {
--- a/src/network/networkd-dhcp-prefix-delegation.c
+++ b/src/network/networkd-dhcp-prefix-delegation.c
@ -157,63 +157,6 @@ static int dhcp_pd_get_assigned_subnet_prefix(Link *link, const struct in6_addr
        return -ENOENT;
 }
 static void dhcp_pd_route_modify_nft_set(Route *route, Link *link, bool add) {
        int r;
        assert(route);
        assert(link);
        assert(link->manager);
        assert(link->network);
        if (!link->manager->nfnl)
                return;
        if (route->family != AF_INET6)
                return;
        if (route->source != NETWORK_CONFIG_SOURCE_DHCP_PD)
                return;
        /* When Assign=yes, address_modify_nft_set() manages the NFT set, not this function. */
        if (link->network->dhcp_pd_assign)
                return;
        NFTSetContext *nft_set_context = &link->network->dhcp_pd_nft_set_context;
        FOREACH_ARRAY(nft_set, nft_set_context->sets, nft_set_context->n_sets) {
                assert(nft_set);
                switch (nft_set->source) {
                case NFT_SET_SOURCE_ADDRESS:
                        /* Should be already warned in network_adjust_dhcp_prefix_delegation(). */
                        continue;
                case NFT_SET_SOURCE_PREFIX:
                        r = nft_set_element_modify_iprange(link->manager->nfnl, add, nft_set->nfproto, route->family, nft_set->table, nft_set->set,
                                                           &route->dst, route->dst_prefixlen);
                        break;
                case NFT_SET_SOURCE_IFINDEX: {
                        uint32_t ifindex = link->ifindex;
                        r = nft_set_element_modify_any(link->manager->nfnl, add, nft_set->nfproto, nft_set->table, nft_set->set,
                                                       &ifindex, sizeof(ifindex));
                        break;
                }
                default:
                        assert_not_reached();
                }
                if (r < 0)
                        log_warning_errno(r, "Failed to %s NFT set entry: family %s, table %s, set %s, IP prefix %s, ignoring: %m",
                                          add ? "add" : "delete",
                                          nfproto_to_string(nft_set->nfproto), nft_set->table, nft_set->set,
                                          IN_ADDR_PREFIX_TO_STRING(route->family, &route->dst, route->dst_prefixlen));
                else
                        log_debug("%s NFT set entry: family %s, table %s, set %s, IP prefix %s",
                                  add ? "Added" : "Deleted",
                                  nfproto_to_string(nft_set->nfproto), nft_set->table, nft_set->set,
                                  IN_ADDR_PREFIX_TO_STRING(route->family, &route->dst, route->dst_prefixlen));
        }
 }
 int dhcp_pd_remove(Link *link, bool only_marked) {
        int ret = 0;
@ -242,9 +185,6 @@ int dhcp_pd_remove(Link *link, bool only_marked) {
                        link_remove_dhcp_pd_subnet_prefix(link, &route->dst.in6);
                        /* Remove NFTSet entries before removing the route */
                        dhcp_pd_route_modify_nft_set(route, link, /* add= */ false);
                        RET_GATHER(ret, route_remove_and_cancel(route, link->manager));
                }
        } else {
@ -345,9 +285,6 @@ static int dhcp_pd_route_handler(sd_netlink *rtnl, sd_netlink_message *m, Reques
        if (r <= 0)
                return r;
        /* Update NFTSet entries when route is successfully configured */
        dhcp_pd_route_modify_nft_set(route, link, /* add= */ true);
        r = dhcp_pd_check_ready(link);
        if (r < 0)
                link_enter_failed(link);
@ -1396,27 +1333,6 @@ int link_drop_dhcp_pd_config(Link *link, Network *network) {
        return 0;
 }
 void network_adjust_dhcp_prefix_delegation(Network *network) {
        assert(network);
        if (!network->dhcp_pd)
                return;
        if (network->dhcp_pd_assign)
                return;
        /* If Assign=no, then DHCPv6 PD will create routes instead of addresses.
         * NFTSet=address:... is not supported in this case. */
        FOREACH_ARRAY(nft_set, network->dhcp_pd_nft_set_context.sets, network->dhcp_pd_nft_set_context.n_sets)
                if (nft_set->source == NFT_SET_SOURCE_ADDRESS) {
                        log_warning("%s: In [DHCPPrefixDelegation] section, when Assign= is disabled, "
                                    "NFTSet=address:... is not supported and will be ignored.",
                                    network->filename);
                        break;
                }
 }
 int config_parse_dhcp_pd_subnet_id(
                const char *unit,
                const char *filename,
--- a/src/network/networkd-dhcp-prefix-delegation.h
+++ b/src/network/networkd-dhcp-prefix-delegation.h
@ -14,7 +14,6 @@ int dhcp6_pd_prefix_acquired(Link *uplink);
 void dhcp4_pd_prefix_lost(Link *uplink);
 void dhcp6_pd_prefix_lost(Link *uplink);
 int dhcp_pd_reconfigure_address(Address *address, Link *link);
 void network_adjust_dhcp_prefix_delegation(Network *network);
 CONFIG_PARSER_PROTOTYPE(config_parse_dhcp_pd_subnet_id);
 CONFIG_PARSER_PROTOTYPE(config_parse_dhcp_pd_prefix_route_type);
--- a/src/network/networkd-route.c
+++ b/src/network/networkd-route.c
@ -1201,7 +1201,7 @@ static int process_route_one(
                        route_forget(manager, route, "Forgetting removed");
                else
                        log_route_debug(tmp,
-                                        manager->manage_foreign_routes ? "Kernel removed unknown" : "Ignoring removed",
+                                        manager->manage_foreign_routes ? "Kernel removed unknown" : "Ignoring received",
                                        manager);
                break;
--- a/src/network/networkd-sysctl.c
+++ b/src/network/networkd-sysctl.c
@ -545,11 +545,11 @@ int link_set_ipv6_mtu(Link *link, int log_level) {
        if (mtu == 0)
                return 0;
-        if (mtu > link->max_mtu) {
+        if (mtu > link->mtu) {
                log_link_full(link, log_level,
                              "Reducing requested IPv6 MTU %"PRIu32" to the interface's maximum MTU %"PRIu32".",
-                              mtu, link->max_mtu);
+                              mtu, link->mtu);
-                mtu = link->max_mtu;
+                mtu = link->mtu;
        }
        r = sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "mtu", mtu, manager_get_sysctl_shadow(link->manager));
--- a/src/repart/repart.c
+++ b/src/repart/repart.c
@ -8501,7 +8501,7 @@ static bool need_crypttab(Context *context) {
        return false;
 }
-static int context_crypttab(Context *context, bool late) {
+static int context_crypttab(Context *context) {
        _cleanup_(unlink_and_freep) char *t = NULL;
        _cleanup_fclose_ FILE *f = NULL;
        _cleanup_free_ char *path = NULL;
@ -8544,7 +8544,7 @@ static int context_crypttab(Context *context, bool late) {
                        strempty(p->encrypted_volume->options));
        }
-        r = flink_tmpfile(f, t, path, late ? LINK_TMPFILE_REPLACE : 0);
+        r = flink_tmpfile(f, t, path, 0);
        if (r < 0)
                return log_error_errno(r, "Failed to link temporary file to %s: %m", path);
@ -10755,14 +10755,6 @@ static int run(int argc, char *argv[]) {
        if (r < 0)
                return r;
        r = context_fstab(context);
        if (r < 0)
                return r;
        r = context_crypttab(context, /* late= */ false);
        if (r < 0)
                return r;
        r = context_update_verity_size(context);
        if (r < 0)
                return r;
@ -10818,7 +10810,11 @@ static int run(int argc, char *argv[]) {
        if (r < 0)
                return r;
-        r = context_crypttab(context, /* late= */ true);
+        r = context_fstab(context);
        if (r < 0)
                return r;
        r = context_crypttab(context);
        if (r < 0)
                return r;
--- a/src/shared/bus-unit-util.c
+++ b/src/shared/bus-unit-util.c
@ -160,7 +160,7 @@ static int bus_append_string(sd_bus_message *m, const char *field, const char *e
        return 1;
 }
-static int bus_append_strv_full(sd_bus_message *m, const char *field, const char *eq, const char *separators, ExtractFlags flags) {
+static int bus_append_strv_full(sd_bus_message *m, const char *field, const char *eq, ExtractFlags flags) {
        int r;
        assert(m);
@ -185,7 +185,7 @@ static int bus_append_strv_full(sd_bus_message *m, const char *field, const char
        for (const char *p = eq;;) {
                _cleanup_free_ char *word = NULL;
-                r = extract_first_word(&p, &word, separators, flags);
+                r = extract_first_word(&p, &word, /* separators= */ NULL, flags);
                if (r < 0)
                        return parse_log_error(r, field, eq);
                if (r == 0)
@ -212,16 +212,11 @@ static int bus_append_strv_full(sd_bus_message *m, const char *field, const char
 }
 static int bus_append_strv(sd_bus_message *m, const char *field, const char *eq) {
-        return bus_append_strv_full(m, field, eq, /* separators= */ NULL, EXTRACT_UNQUOTE);
+        return bus_append_strv_full(m, field, eq, EXTRACT_UNQUOTE);
 }
 static int bus_append_strv_cunescape(sd_bus_message *m, const char *field, const char *eq) {
-        return bus_append_strv_full(m, field, eq, /* separators= */ NULL, EXTRACT_UNQUOTE | EXTRACT_CUNESCAPE);
+        return bus_append_strv_full(m, field, eq, EXTRACT_UNQUOTE | EXTRACT_CUNESCAPE);
 }
 static int bus_append_strv_colon(sd_bus_message *m, const char *field, const char *eq) {
        /* This also accepts colon as the separator. */
        return bus_append_strv_full(m, field, eq, ":" WHITESPACE, EXTRACT_UNQUOTE);
 }
 static int bus_append_byte_array(sd_bus_message *m, const char *field, const void *buf, size_t n) {
@ -2470,7 +2465,7 @@ static const BusProperty execute_properties[] = {
        { "InaccessiblePaths",                     bus_append_strv                               },
        { "ExecPaths",                             bus_append_strv                               },
        { "NoExecPaths",                           bus_append_strv                               },
-        { "ExecSearchPath",                        bus_append_strv_colon                         },
+        { "ExecSearchPath",                        bus_append_strv                               },
        { "ExtensionDirectories",                  bus_append_strv                               },
        { "ConfigurationDirectory",                bus_append_strv                               },
        { "SupplementaryGroups",                   bus_append_strv                               },
--- a/src/shared/discover-image.c
+++ b/src/shared/discover-image.c
@ -408,8 +408,6 @@ static int image_make(
        /* We explicitly *do* follow symlinks here, since we want to allow symlinking trees, raw files and block
         * devices into /var/lib/machines/, and treat them normally.
         * Note that if the caller does not want to follow symlinks (and does not care about symlink races)
         * then the caller should pass in a resolved path and an fd.
         *
         * This function returns -ENOENT if we can't find the image after all, and -EMEDIUMTYPE if it's not a file we
         * recognize. */
@ -746,7 +744,10 @@ int image_find(RuntimeScope scope,
               const char *root,
               Image **ret) {
-        int r;
+        /* As mentioned above, we follow symlinks on this fstatat(), because we want to permit people to
         * symlink block devices into the search path. (For now, we disable that when operating relative to
         * some root directory.) */
        int open_flags = root ? O_NOFOLLOW : 0, r;
        assert(scope < _RUNTIME_SCOPE_MAX && scope != RUNTIME_SCOPE_GLOBAL);
        assert(class >= 0);
@ -761,47 +762,32 @@ int image_find(RuntimeScope scope,
        if (!names)
                return -ENOMEM;
        _cleanup_close_ int rfd = XAT_FDROOT; /* We only expect absolute paths */
        if (root) {
                rfd = open(root, O_CLOEXEC|O_DIRECTORY|O_PATH);
                if (rfd < 0)
                        return log_debug_errno(errno, "Failed to open root directory '%s': %m", root);
        }
        _cleanup_strv_free_ char **search = NULL;
        r = pick_image_search_path(scope, class, root, &search);
        if (r < 0)
                return r;
        STRV_FOREACH(s, search) {
                _cleanup_free_ char *resolved = NULL;
                _cleanup_closedir_ DIR *d = NULL;
                _cleanup_free_ char *search_path = NULL;
-                r = chase_and_opendirat(rfd, *s, CHASE_AT_RESOLVE_IN_ROOT, &search_path, &d);
+                r = chase_and_opendir(*s, root, CHASE_PREFIX_ROOT, &resolved, &d);
                if (r == -ENOENT)
                        continue;
                if (r < 0)
                        return r;
                STRV_FOREACH(n, names) {
                        _cleanup_free_ char *fname_buf = NULL;
                        const char *fname = *n;
                        _cleanup_free_ char *fname_path = NULL, *chased_path = NULL, *resolved_file = NULL;
                        _cleanup_close_ int fd = -EBADF;
-                        fname_path = path_join(search_path, fname);
+                        _cleanup_close_ int fd = openat(dirfd(d), fname, O_PATH|O_CLOEXEC|open_flags);
-                        if (!fname_path)
+                        if (fd < 0) {
-                                return -ENOMEM;
+                                if (errno != ENOENT)
                                        return -errno;
                        /* Follow symlinks only inside given root */
                        r = chaseat(rfd, fname_path, CHASE_AT_RESOLVE_IN_ROOT, &chased_path, &fd);
                        if (r == -ENOENT)
                                continue;
-                        if (r < 0)
+                        }
                                return r;
                        r = chaseat_prefix_root(chased_path, root, &resolved_file);
                        if (r < 0)
                                return r;
                        struct stat st;
                        if (fstat(fd, &st) < 0)
@ -827,6 +813,10 @@ int image_find(RuntimeScope scope,
                                *ASSERT_PTR(endswith(suffix, ".v")) = 0;
                                _cleanup_free_ char *vp = path_join(resolved, fname);
                                if (!vp)
                                        return -ENOMEM;
                                PickFilter filter = {
                                        .type_mask = endswith(suffix, ".raw") ? (UINT32_C(1) << DT_REG) | (UINT32_C(1) << DT_BLK) : (UINT32_C(1) << DT_DIR),
                                        .basename = name,
@ -836,44 +826,48 @@ int image_find(RuntimeScope scope,
                                _cleanup_(pick_result_done) PickResult result = PICK_RESULT_NULL;
                                r = path_pick(root,
-                                              rfd,
+                                              /* toplevel_fd= */ AT_FDCWD,
-                                              fname_path, /* This has to be the unresolved entry with the .v suffix */
+                                              vp,
                                              &filter,
                                              /* n_filters= */ 1,
-                                              PICK_ARCHITECTURE|PICK_TRIES|PICK_RESOLVE,
+                                              PICK_ARCHITECTURE|PICK_TRIES,
                                              &result);
                                if (r < 0) {
-                                        log_debug_errno(r, "Failed to pick versioned image on '%s%s', skipping: %m", empty_to_root(root), skip_leading_slash(fname_path));
+                                        log_debug_errno(r, "Failed to pick versioned image on '%s', skipping: %m", vp);
                                        continue;
                                }
                                if (!result.path) {
-                                        log_debug("Found versioned directory '%s%s', without matching entry, skipping.", empty_to_root(root), skip_leading_slash(fname_path));
+                                        log_debug("Found versioned directory '%s', without matching entry, skipping.", vp);
                                        continue;
                                }
                                /* Refresh the stat data for the discovered target */
                                st = result.st;
                                close_and_replace(fd, result.fd);
                                free(resolved_file);
                                resolved_file = path_join(root, result.path);
                                if (!resolved_file)
                                        return -ENOMEM;
-                                /* fname and fname_path are invalid now because they would need to be set
+                                _cleanup_free_ char *bn = NULL;
-                                 * from result.path by extracting the filename to set
+                                r = path_extract_filename(result.path, &bn);
-                                 * fname = path_join(fname, filename) and then
+                                if (r < 0) {
-                                 * fname_path = path_join(*s, fname) but since they are unused we don't do it */
+                                        log_debug_errno(r, "Failed to extract basename of image path '%s', skipping: %m", result.path);
-                                fname = NULL;
+                                        continue;
-                                fname_path = mfree(fname_path);
+                                }
                                fname_buf = path_join(fname, bn);
                                if (!fname_buf)
                                        return log_oom();
                                fname = fname_buf;
                        } else if (!S_ISDIR(st.st_mode) && !S_ISBLK(st.st_mode)) {
                                log_debug("Ignoring non-directory and non-block device file '%s' without suffix.", fname);
                                continue;
                        }
-                        /* Only put resolved paths into the image entry (incl. --root=).
+                        _cleanup_free_ char *path = path_join(resolved, fname);
-                         * Defending against symlink races is not done
+                        if (!path)
-                         * and would be a TODO. */
+                                return -ENOMEM;
-                        r = image_make(class, name, fd, resolved_file, &st, ret);
+
                        r = image_make(class, name, fd, path, &st, ret);
                        if (IN_SET(r, -ENOENT, -EMEDIUMTYPE))
                                continue;
                        if (r < 0)
@ -954,58 +948,46 @@ int image_discover(
                const char *root,
                Hashmap **images) {
-        int r;
+        /* As mentioned above, we follow symlinks on this fstatat(), because we want to permit people to
         * symlink block devices into the search path. (For now, we disable that when operating relative to
         * some root directory.) */
        int open_flags = root ? O_NOFOLLOW : 0, r;
        assert(scope < _RUNTIME_SCOPE_MAX && scope != RUNTIME_SCOPE_GLOBAL);
        assert(class >= 0);
        assert(class < _IMAGE_CLASS_MAX);
        assert(images);
        _cleanup_close_ int rfd = XAT_FDROOT;  /* We only expect absolute paths */
        if (root) {
                rfd = open(root, O_CLOEXEC|O_DIRECTORY|O_PATH);
                if (rfd < 0)
                        return log_debug_errno(errno, "Failed to open root directory '%s': %m", root);
        }
        _cleanup_strv_free_ char **search = NULL;
        r = pick_image_search_path(scope, class, root, &search);
        if (r < 0)
                return r;
        STRV_FOREACH(s, search) {
                _cleanup_free_ char *resolved = NULL;
                _cleanup_closedir_ DIR *d = NULL;
                _cleanup_free_ char *search_path = NULL;
-                r = chase_and_opendirat(rfd, *s, CHASE_AT_RESOLVE_IN_ROOT, &search_path, &d);
+                r = chase_and_opendir(*s, root, CHASE_PREFIX_ROOT, &resolved, &d);
                if (r == -ENOENT)
                        continue;
                if (r < 0)
                        return r;
                FOREACH_DIRENT_ALL(de, d, return -errno) {
-                        _cleanup_free_ char *pretty = NULL, *fname_path = NULL, *chased_path = NULL, *resolved_file = NULL;
+                        _cleanup_free_ char *pretty = NULL, *fname_buf = NULL;
                        _cleanup_(image_unrefp) Image *image = NULL;
                        const char *fname = de->d_name;
                        _cleanup_close_ int fd = -EBADF;
                        if (dot_or_dot_dot(fname))
                                continue;
-                        fname_path = path_join(search_path, fname);
+                        _cleanup_close_ int fd = openat(dirfd(d), fname, O_PATH|O_CLOEXEC|open_flags);
-                        if (!fname_path)
+                        if (fd < 0) {
-                                return -ENOMEM;
+                                if (errno != ENOENT)
                                        return -errno;
-                        /* Follow symlinks only inside given root */
+                                continue; /* Vanished while we were looking at it */
-                        r = chaseat(rfd, fname_path, CHASE_AT_RESOLVE_IN_ROOT, &chased_path, &fd);
+                        }
                        if (r == -ENOENT)
                                continue;
                        if (r < 0)
                                return r;
                        r = chaseat_prefix_root(chased_path, root, &resolved_file);
                        if (r < 0)
                                return r;
                        struct stat st;
                        if (fstat(fd, &st) < 0)
@ -1044,6 +1026,10 @@ int image_discover(
                                                continue;
                                        }
                                        _cleanup_free_ char *vp = path_join(resolved, fname);
                                        if (!vp)
                                                return -ENOMEM;
                                        PickFilter filter = {
                                                .type_mask = endswith(suffix, ".raw") ? (UINT32_C(1) << DT_REG) | (UINT32_C(1) << DT_BLK) : (UINT32_C(1) << DT_DIR),
                                                .basename = pretty,
@ -1053,36 +1039,38 @@ int image_discover(
                                        _cleanup_(pick_result_done) PickResult result = PICK_RESULT_NULL;
                                        r = path_pick(root,
-                                                      rfd,
+                                                      /* toplevel_fd= */ AT_FDCWD,
-                                                      fname_path, /* This has to be the unresolved entry with the .v suffix */
+                                                      vp,
                                                      &filter,
                                                      /* n_filters= */ 1,
-                                                      PICK_ARCHITECTURE|PICK_TRIES|PICK_RESOLVE,
+                                                      PICK_ARCHITECTURE|PICK_TRIES,
                                                      &result);
                                        if (r < 0) {
-                                                log_debug_errno(r, "Failed to pick versioned image on '%s%s', skipping: %m", empty_to_root(root), skip_leading_slash(fname_path));
+                                                log_debug_errno(r, "Failed to pick versioned image on '%s', skipping: %m", vp);
                                                continue;
                                        }
                                        if (!result.path) {
-                                                log_debug("Found versioned directory '%s%s', without matching entry, skipping.", empty_to_root(root), skip_leading_slash(fname_path));
+                                                log_debug("Found versioned directory '%s', without matching entry, skipping.", vp);
                                                continue;
                                        }
                                        /* Refresh the stat data for the discovered target */
                                        st = result.st;
                                        close_and_replace(fd, result.fd);
                                        free(resolved_file);
                                        resolved_file = path_join(root, result.path);
                                        if (!resolved_file)
                                                return -ENOMEM;
-                                        /* fname and fname_path are invalid now because they would need to
+                                        _cleanup_free_ char *bn = NULL;
-                                         * be set from result.path by extracting the filename to set
+                                        r = path_extract_filename(result.path, &bn);
-                                         * fname = path_join(fname, filename) and then
+                                        if (r < 0) {
-                                         * fname_path = path_join(*s, fname) but since they are unused we
+                                                log_debug_errno(r, "Failed to extract basename of image path '%s', skipping: %m", result.path);
-                                         * don't do it */
+                                                continue;
-                                         fname = NULL;
+                                        }
-                                         fname_path = mfree(fname_path);
+
                                        fname_buf = path_join(fname, bn);
                                        if (!fname_buf)
                                                return log_oom();
                                        fname = fname_buf;
                                } else {
                                        r = extract_image_basename(
                                                        fname,
@ -1115,10 +1103,11 @@ int image_discover(
                        if (hashmap_contains(*images, pretty))
                                continue;
-                        /* Only put resolved paths into the image entry.
+                        _cleanup_free_ char *path = path_join(resolved, fname);
-                         * Defending against symlink races is not done
+                        if (!path)
-                         * and would be a TODO. */
+                                return -ENOMEM;
-                        r = image_make(class, pretty, fd, resolved_file, &st, &image);
+
                        r = image_make(class, pretty, fd, path, &st, &image);
                        if (IN_SET(r, -ENOENT, -EMEDIUMTYPE))
                                continue;
                        if (r < 0)
@ -2159,11 +2148,6 @@ int image_read_metadata(Image *i, const char *root, const ImagePolicy *image_pol
                if (r < 0)
                        return log_debug_errno(r, "Failed to decrypt image '%s': %m", i->path);
                /* Do not use the image name derived from the backing file of the loop device */
                r = free_and_strdup(&m->image_name, i->name);
                if (r < 0)
                        return r;
                r = dissected_image_acquire_metadata(
                                m,
                                /* userns_fd= */ -EBADF,
--- a/src/shared/vpick.c
+++ b/src/shared/vpick.c
@ -193,7 +193,7 @@ static int pin_choice(
        _cleanup_free_ char *resolved_path = NULL;
        int r;
-        assert(toplevel_fd >= 0 || IN_SET(toplevel_fd, AT_FDCWD, XAT_FDROOT));
+        assert(toplevel_fd >= 0 || toplevel_fd == AT_FDCWD);
        assert(inode_path);
        assert(filter);
        assert(ret);
@ -324,7 +324,7 @@ static int make_choice(
        _cleanup_close_ int inode_fd = TAKE_FD(_inode_fd);
        int r;
-        assert(toplevel_fd >= 0 || IN_SET(toplevel_fd, AT_FDCWD, XAT_FDROOT));
+        assert(toplevel_fd >= 0 || toplevel_fd == AT_FDCWD);
        assert(inode_path);
        assert(filter);
        assert(ret);
@ -516,7 +516,7 @@ static int path_pick_one(
        uint32_t filter_type_mask;
        int r;
-        assert(toplevel_fd >= 0 || IN_SET(toplevel_fd, AT_FDCWD, XAT_FDROOT));
+        assert(toplevel_fd >= 0 || toplevel_fd == AT_FDCWD);
        assert(path);
        assert(filter);
        assert(ret);
@ -663,7 +663,7 @@ int path_pick(const char *toplevel_path,
        _cleanup_(pick_result_done) PickResult best = PICK_RESULT_NULL;
        int r;
-        assert(toplevel_fd >= 0 || IN_SET(toplevel_fd, AT_FDCWD, XAT_FDROOT));
+        assert(toplevel_fd >= 0 || toplevel_fd == AT_FDCWD);
        assert(path);
        assert(filters || n_filters == 0);
        assert(ret);
--- a/src/sysext/sysext.c
+++ b/src/sysext/sysext.c
@ -1911,11 +1911,6 @@ static int merge_subprocess(
                        if (r < 0)
                                return r;
                        /* Do not use the image name derived from the backing file of the loop device */
                        r = free_and_strdup(&m->image_name, img->name);
                        if (r < 0)
                                return r;
                        r = dissected_image_load_verity_sig_partition(
                                        m,
                                        d->fd,
--- a/test/units/TEST-04-JOURNAL.journal.sh
+++ b/test/units/TEST-04-JOURNAL.journal.sh
@ -69,12 +69,12 @@ journalctl -b -t "$ID" --truncate-newline | grep -v TAIL >/dev/null
 journalctl -b -1 -b all -m >/dev/null
 # -b always behaves like -b0
-journalctl -q -b-1 -b0 -n+1 >/tmp/expected
+journalctl -q -b-1 -b0 | head -1 >/tmp/expected
-journalctl -q -b-1 -b -n+1 >/tmp/output
+journalctl -q -b-1 -b | head -1 >/tmp/output
 diff /tmp/expected /tmp/output
 # ... even when another option follows (both of these should fail due to -m)
-{ journalctl -ball -b0 -n+1 -m 2>&1 || :; } >/tmp/expected
+{ journalctl -ball -b0 -m 2>&1 || :; } | head -1 >/tmp/expected
-{ journalctl -ball -b  -n+1 -m 2>&1 || :; } >/tmp/output
+{ journalctl -ball -b  -m 2>&1 || :; } | head -1 >/tmp/output
 diff /tmp/expected /tmp/output
 # https://github.com/systemd/systemd/issues/13708
--- a/test/units/TEST-50-DISSECT.sysext.sh
+++ b/test/units/TEST-50-DISSECT.sysext.sh
@ -1307,286 +1307,6 @@ run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 )
 # A couple of symlink tests follow below
 ( init_trap
 : "Check if following a relative extension directory symlink works with and without --root="
 fake_root=${roots_dir:+"$roots_dir/follow-relative-dir-symlink"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image "$fake_root" "$hierarchy"
 mv -T "$fake_root/var/lib/extensions/test-extension" "$fake_root/var/othername-extension"
 ln -s "../../othername-extension" "$fake_root/var/lib/extensions/test-extension"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/othername-extension"
 )
 ( init_trap
 : "Check if following an absolute extension directory symlink works with and without --root="
 fake_root=${roots_dir:+"$roots_dir/follow-absolute-dir-symlink"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image "$fake_root" "$hierarchy"
 mv -T "$fake_root/var/lib/extensions/test-extension" "$fake_root/var/othername-extension"
 ln -s "/var/othername-extension" "$fake_root/var/lib/extensions/test-extension"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/othername-extension"
 )
 ( init_trap
 : "Check if following a relative extension image symlink works with and without --root="
 fake_root=${roots_dir:+"$roots_dir/follow-relative-image-symlink"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image_raw "$fake_root" "$hierarchy"
 mv "$fake_root/var/lib/extensions/test-extension.raw" "$fake_root/var/othername-extension.raw"
 ln -s "../../othername-extension.raw" "$fake_root/var/lib/extensions/test-extension.raw"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/othername-extension.raw"
 )
 ( init_trap
 : "Check if following an absolute extension image symlink works with and without --root="
 fake_root=${roots_dir:+"$roots_dir/follow-absolute-image-symlink"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image_raw "$fake_root" "$hierarchy"
 mv "$fake_root/var/lib/extensions/test-extension.raw" "$fake_root/var/othername-extension.raw"
 ln -s "/var/othername-extension.raw" "$fake_root/var/lib/extensions/test-extension.raw"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/othername-extension.raw"
 )
 # And now a couple of vpick tests, including following symlinks
 ( init_trap
 : "Check if vpick works for directory extensions"
 fake_root=${roots_dir:+"$roots_dir/vpick-dir"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image "$fake_root" "$hierarchy"
 mkdir -p "$fake_root/var/lib/extensions/test-extension.v"
 mv -T "$fake_root/var/lib/extensions/test-extension" "$fake_root/var/lib/extensions/test-extension.v/test-extension_1.0"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/lib/extensions/test-extension.v"
 )
 ( init_trap
 : "Check if vpick works for image extensions"
 fake_root=${roots_dir:+"$roots_dir/vpick-image"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image_raw "$fake_root" "$hierarchy"
 mkdir -p "$fake_root/var/lib/extensions/test-extension.raw.v"
 mv "$fake_root/var/lib/extensions/test-extension.raw" "$fake_root/var/lib/extensions/test-extension.raw.v/test-extension_1.0.raw"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/lib/extensions/test-extension.raw.v"
 )
 ( init_trap
 : "Check if vpick works for directory extensions if .v is a relative symlink"
 fake_root=${roots_dir:+"$roots_dir/vpick-dir-relative-symlink"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image "$fake_root" "$hierarchy"
 mkdir -p "$fake_root/var/test-extension-vpick"
 mv -T "$fake_root/var/lib/extensions/test-extension" "$fake_root/var/test-extension-vpick/test-extension_1.0"
 ln -s "../../test-extension-vpick" "$fake_root/var/lib/extensions/test-extension.v"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/lib/extensions/test-extension.v" "$fake_root/var/test-extension-vpick"
 )
 ( init_trap
 : "Check if vpick works for directory extensions if .v is an absolute symlink"
 fake_root=${roots_dir:+"$roots_dir/vpick-dir-absolute-symlink"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image "$fake_root" "$hierarchy"
 mkdir -p "$fake_root/var/test-extension-vpick"
 mv -T "$fake_root/var/lib/extensions/test-extension" "$fake_root/var/test-extension-vpick/test-extension_1.0"
 ln -s "/var/test-extension-vpick" "$fake_root/var/lib/extensions/test-extension.v"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/lib/extensions/test-extension.v" "$fake_root/var/test-extension-vpick"
 )
 ( init_trap
 : "Check if vpick works for image extensions if .v is a relative symlink"
 fake_root=${roots_dir:+"$roots_dir/vpick-image-relative-symlink"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image_raw "$fake_root" "$hierarchy"
 mkdir -p "$fake_root/var/test-extension-vpick"
 mv "$fake_root/var/lib/extensions/test-extension.raw" "$fake_root/var/test-extension-vpick/test-extension_1.0.raw"
 ln -s "../../test-extension-vpick" "$fake_root/var/lib/extensions/test-extension.raw.v"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/lib/extensions/test-extension.raw.v" "$fake_root/var/test-extension-vpick"
 )
 ( init_trap
 : "Check if vpick works for image extensions if .v is an absolute symlink"
 fake_root=${roots_dir:+"$roots_dir/vpick-image-absolute-symlink"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image_raw "$fake_root" "$hierarchy"
 mkdir -p "$fake_root/var/test-extension-vpick"
 mv "$fake_root/var/lib/extensions/test-extension.raw" "$fake_root/var/test-extension-vpick/test-extension_1.0.raw"
 ln -s "/var/test-extension-vpick" "$fake_root/var/lib/extensions/test-extension.raw.v"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/lib/extensions/test-extension.raw.v" "$fake_root/var/test-extension-vpick"
 )
 ( init_trap
 : "Check if vpick works for directory extensions if inside a .v there is a relative symlink"
 fake_root=${roots_dir:+"$roots_dir/vpick-dir-relative-symlink-inside"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image "$fake_root" "$hierarchy"
 mv -T "$fake_root/var/lib/extensions/test-extension" "$fake_root/var/othername-extension"
 mkdir -p "$fake_root/var/lib/extensions/test-extension.v"
 ln -s "../../../othername-extension" "$fake_root/var/lib/extensions/test-extension.v/test-extension_1.0"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/lib/extensions/test-extension.v" "$fake_root/var/othername-extension"
 )
 ( init_trap
 : "Check if vpick works for directory extensions if inside a .v there is an absolute symlink"
 fake_root=${roots_dir:+"$roots_dir/vpick-dir-absolute-symlink-inside"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image "$fake_root" "$hierarchy"
 mv -T "$fake_root/var/lib/extensions/test-extension" "$fake_root/var/othername-extension"
 mkdir -p "$fake_root/var/lib/extensions/test-extension.v"
 ln -s "/var/othername-extension" "$fake_root/var/lib/extensions/test-extension.v/test-extension_1.0"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/lib/extensions/test-extension.v" "$fake_root/var/othername-extension"
 )
 ( init_trap
 : "Check if vpick works for image extensions if inside a .v there is a relative symlink"
 fake_root=${roots_dir:+"$roots_dir/vpick-image-relative-symlink-inside"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image_raw "$fake_root" "$hierarchy"
 mv "$fake_root/var/lib/extensions/test-extension.raw" "$fake_root/var/othername-extension.raw"
 mkdir -p "$fake_root/var/lib/extensions/test-extension.raw.v"
 ln -s "../../../othername-extension.raw" "$fake_root/var/lib/extensions/test-extension.raw.v/test-extension_1.0.raw"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/lib/extensions/test-extension.raw.v" "$fake_root/var/othername-extension.raw"
 )
 ( init_trap
 : "Check if vpick works for image extensions if inside a .v there is an absolute symlink"
 fake_root=${roots_dir:+"$roots_dir/vpick-image-absolute-symlink-inside"}
 hierarchy=/opt
 prepare_root "$fake_root" "$hierarchy"
 prepare_extension_image_raw "$fake_root" "$hierarchy"
 mv "$fake_root/var/lib/extensions/test-extension.raw" "$fake_root/var/othername-extension.raw"
 mkdir -p "$fake_root/var/lib/extensions/test-extension.raw.v"
 ln -s "/var/othername-extension.raw" "$fake_root/var/lib/extensions/test-extension.raw.v/test-extension_1.0.raw"
 prepare_read_only_hierarchy "$fake_root" "$hierarchy"
 run_systemd_sysext "$fake_root" merge
 extension_verify_after_merge "$fake_root" "$hierarchy" -e -h
 run_systemd_sysext "$fake_root" unmerge
 extension_verify_after_unmerge "$fake_root" "$hierarchy" -h
 rm -rf "$fake_root/var/lib/extensions/test-extension.raw.v" "$fake_root/var/othername-extension.raw"
 )
 # Done with the above vpick symlink tests for --root= and without
 } # End of run_sysext_tests
--- a/test/units/TEST-53-TIMER.RandomizedDelaySec-reload.sh
+++ b/test/units/TEST-53-TIMER.RandomizedDelaySec-reload.sh
@ -84,7 +84,7 @@ check_elapse_timestamp
 # elapse timestamp (this goes through a slightly different codepath that actually contained the original
 # issue).
 : "Next elapse timestamp after time jump"
-date --set="tomorrow 00:10"
+date -s "tomorrow 00:10"
 check_elapse_timestamp
 : "Next elapse timestamp after daemon-reload"
--- a/test/units/TEST-53-TIMER.issue-16347.sh
+++ b/test/units/TEST-53-TIMER.issue-16347.sh
@ -4,8 +4,8 @@ set -eux
 set -o pipefail
 # Reset host date to current time, 3 days in the past.
-date --set="-3 days"
+date -s "-3 days"
-trap 'date --set="+3 days"' EXIT
+trap 'date -s "+3 days"' EXIT
 # Run a timer for every 15 minutes.
 systemd-run --unit test-timer --on-calendar "*:0/15:0" true
--- a/test/units/TEST-53-TIMER.restart-trigger.sh
+++ b/test/units/TEST-53-TIMER.restart-trigger.sh
@ -37,8 +37,8 @@ JOURNAL_TS="$(date "+%s")"
 systemctl restart "$UNIT_NAME.timer"
 systemctl status "$UNIT_NAME.timer"
-date --set='+2 hours'
+date -s '+2 hours'
-trap 'date --set="-2 hours"' EXIT
+trap 'date -s "-2 hours"' EXIT
 sleep 1
 systemctl status "$UNIT_NAME.timer"
 assert_eq "$(journalctl -q -p info --since="@$JOURNAL_TS" --unit="$UNIT_NAME" --grep="$TEST_MESSAGE" | wc -l)" "1"
--- a/test/units/TEST-58-REPART.sh
+++ b/test/units/TEST-58-REPART.sh
@ -1997,68 +1997,6 @@ EOF
    losetup -d "$loop"
 }
 testcase_fstab_crypttab_in_repart() {
    local defs imgs root volume
    defs="$(mktemp --directory "/tmp/test-repart.defs.XXXXXXXXXX")"
    imgs="$(mktemp --directory "/var/tmp/test-repart.imgs.XXXXXXXXXX")"
    root="$(mktemp --directory "/var/test-repart.root.XXXXXXXXXX")"
    # shellcheck disable=SC2064
    trap "rm -rf '$defs' '$imgs' '$root'" RETURN
    chmod 0755 "$defs"
    echo "*** testcase for including fstab/crypttab into repart created volume ***"
    volume="test-repart-fstab-crypttab-$RANDOM"
    mkdir -p "$root/etc"
    tee "$defs/root.conf" <<EOF
 [Partition]
 Type=linux-generic
 Format=ext4
 CopyFiles=/etc
 Encrypt=key-file
 EncryptedVolume=$volume
 MountPoint=/mnt/volume
 EOF
    systemd-repart --pretty=yes \
                   --definitions "$defs" \
                   --empty=create \
                   --size=100M \
                   --seed="$seed" \
                   --dry-run=no \
                   --offline="$OFFLINE" \
                   --generate-fstab="/etc/fstab" \
                   --generate-crypttab="/etc/crypttab" \
                   --root="$root" \
                   "$imgs/fstabcrypttabrepart.img"
    loop="$(losetup -P --show --find "$imgs/fstabcrypttabrepart.img")"
    udevadm wait --timeout=60 --settle "${loop:?}p1"
    touch "$imgs/empty-password"
    mkdir -p "$imgs/mount"
    systemd-cryptsetup attach "$volume" "${loop}p1" "$imgs/empty-password"
    mount -t ext4 "/dev/mapper/$volume" "$imgs/mount"
    echo "Testing /etc/fstab presence"
    test -f "$imgs/mount/etc/fstab"
    grep -q "/mnt/volume" "$imgs/mount/etc/fstab"
    echo "Testing /etc/crypttab presence"
    test -f "$imgs/mount/etc/crypttab"
    grep -q "$volume" "$imgs/mount/etc/crypttab"
    umount "$imgs/mount"
    systemd-cryptsetup detach "$volume"
    losetup -d "$loop"
 }
 OFFLINE="yes"
 run_testcases
--- a/test/units/TEST-75-RESOLVED.sh
+++ b/test/units/TEST-75-RESOLVED.sh
@ -60,7 +60,6 @@ monitor_check_rr() (
    # displayed. We turn off pipefail for this, since we don't care about the
    # lhs of this pipe expression, we only care about the rhs' result to be
    # clean
    set +o pipefail
    timeout -v 30s journalctl -u resolvectl-monitor.service --since "$since" -f --full | grep -m1 "$match"
 )
--- a/tools/check-docs-urls.sh
+++ b/tools/check-docs-urls.sh
@ -1,58 +0,0 @@
 #!/usr/bin/env bash
 # SPDX-License-Identifier: LGPL-2.1-or-later
 set -euo pipefail
 # check-docs-urls.sh
 # Extract external URLs from docs/ using git grep, clean them, de-duplicate,
 # and check HTTP status codes with curl. Writes results to a status file.
 OUT_LIST=${1:-/tmp/docs-urls.txt}
 OUT_STATUS=${2:-/tmp/docs-url-status.txt}
 usage() {
    cat <<EOF
 Usage: $0 [URL_LIST_OUT] [STATUS_OUT]
 Extract external URLs from docs/, dedupe and clean them, then check each URL
 with curl. Defaults:
  URL_LIST_OUT = /tmp/docs-urls.txt
  STATUS_OUT   = /tmp/docs-url-status.txt
 Examples:
  $0
  $0 /tmp/my-urls.txt /tmp/my-status.txt
 EOF
 }
 if [[ "${1:-}" == "-h" || "${1:-}" == "--help" ]]; then
    usage
    exit 0
 fi
 command -v curl >/dev/null 2>&1 || { echo "ERROR: curl not found in PATH" >&2; exit 2; }
 # Extract likely URLs. Pattern stops at whitespace, angle bracket or quote/paren to avoid trailing HTML tags.
 # Then strip trailing punctuation like ,.;:)\"' and any accidental trailing angle brackets.
 git grep 'https*://' docs \
    | sed -e 's|^.*http|http|; s/["`'"'"')< ].*$//' \
    | sort -u > "$OUT_LIST"
 echo "Found $(wc -l < "$OUT_LIST") unique urls (written to $OUT_LIST)"
 # Check each URL with curl (follows redirects). Output: HTTP_CODE URL
 : > "$OUT_STATUS"
 while read -r url; do
    [[ -z "$url" ]] && continue
    # Use a reasonable timeout and follow redirects
    code=$(curl -sS -L -o /dev/null -w "%{http_code}" --max-time 3 "$url" || echo "000")
    printf "%s %s\n" "$code" "$url" >> "$OUT_STATUS"
 done < "$OUT_LIST"
 echo "Wrote status results to $OUT_STATUS"
 # Show non-2xx/3xx entries
 echo "Non-OK results (not 2xx/3xx):"
 grep -E "^[^23]" "$OUT_STATUS" || true
 exit 0