.lgtm.yml

@@ -9,6 +9,16 @@ extraction:
         - libfdisk-dev
         - libp11-kit-dev
         - libssl-dev
+    before_index:
+      # /tmp has `noexec` set in the LGTM infra which breaks meson's
+      # compilation checks. Let's temporarily override TMPDIR to /var/tmp which
+      # should work as expected
+      # See: https://discuss.lgtm.com/t/meson-fails-to-determine-sizes-of-basic-data-types/2639
+      - export TMPDIR=/var/tmp
+    index:
+      build_command:
+        - meson build
+        - ninja -C build
   python:
     python_setup:
       version: 3

.mkosi/mkosi.fedora

@@ -10,6 +10,7 @@ Release=31
 [Output]
 Format=gpt_ext4
 Bootable=yes
+KernelCommandLine=printk.devkmsg=on
 
 [Partitions]
 RootSize=3G
@@ -26,7 +27,6 @@ BuildPackages=
         gcc
         gettext
         git
-        glibc-minimal-langpack
         gnu-efi
         gnu-efi-devel
         gnutls-devel

docs/PORTABILITY_AND_STABILITY.md

@@ -96,8 +96,6 @@ And now, here's the list of (hopefully) all APIs that we have introduced with sy
 | [$NOTIFY_SOCKET Daemon Notifications](https://www.freedesktop.org/software/systemd/man/sd_notify.html) | Environment | yes | yes | a few, including udev | yes | - | no |
 | [argv[0][0]='@' Logic](https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons) | `/proc` marking | yes | yes | mdadm | yes | - | no |
 | [Unit file format](https://www.freedesktop.org/software/systemd/man/systemd.unit.html) | File format | yes | yes | numerous | no | - | no |
-| [Network](https://www.freedesktop.org/software/systemd/man/systemd.network.html) & [Netdev file format](https://www.freedesktop.org/software/systemd/man/systemd.netdev.html) | File format | yes | yes | no | no | - | no |
-| [Link file format](https://www.freedesktop.org/software/systemd/man/systemd.link.html) | File format | yes | yes | no | no | - | no |
 | [Journal File Format](https://www.freedesktop.org/wiki/Software/systemd/journal-files) | File format | yes | yes | - | maybe | - | no |
 | [Journal Export Format](https://www.freedesktop.org/wiki/Software/systemd/export) | File format | yes | yes | - | yes | - | no |
 | [Cooperation in cgroup tree](https://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups) | Treaty | yes | yes | libvirt | yes | libvirt | no |

hwdb.d/60-keyboard.hwdb

@@ -1200,19 +1200,6 @@ evdev:name:MSI Laptop hotkeys:dmi:bvn*:bvr*:bd*:svn*:pnM[iI][cC][rR][oO]-S[tT][a
  KEYBOARD_KEY_0213=f22
  KEYBOARD_KEY_0214=f23
 
-###########################################################
-# Olimex
-###########################################################
-
-# Teres-I
-evdev:input:b0003v15BAp003C*
- KEYBOARD_KEY_70066=sleep                               # Fn+F1
- KEYBOARD_KEY_700f6=wlan                                # Fn+F2
- KEYBOARD_KEY_700c7=f21                                 # Fn+F3 touchpad toggle
- KEYBOARD_KEY_7006f=brightnessdown                      # Fn+F7
- KEYBOARD_KEY_70070=brightnessup                        # Fn+F8
- KEYBOARD_KEY_7006e=switchvideomode                     # Fn+F9
-
 ###########################################################
 # OLPC
 ###########################################################

hwdb.d/60-sensor.hwdb

@@ -41,15 +41,11 @@
 #
 # Allowed properties are:
 #    ACCEL_MOUNT_MATRIX=<matrix>
-#    PROXIMITY_NEAR_LEVEL=<value>
 #
 # where <matrix> is a mount-matrix in the format specified in the IIO
 # subsystem[1]. The default, when unset, is equivalent to:
 #   ACCEL_MOUNT_MATRIX=1, 0, 0; 0, 1, 0; 0, 0, 1
 # eg. the identity matrix.
-# and <value> is an integer value above which an object is considered
-# close by a proximity sensor:
-#   PROXIMITY_NEAR_LEVEL=100
 #
 # [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfc57732ad38f93ae6232a3b4e64fd077383a0f1
 #

hwdb.d/parse_hwdb.py

@@ -128,7 +128,6 @@ def property_grammar():
              ('KEYBOARD_LED_CAPSLOCK', Literal('0')),
              ('ACCEL_MOUNT_MATRIX', mount_matrix),
              ('ACCEL_LOCATION', Or(('display', 'base'))),
-             ('PROXIMITY_NEAR_LEVEL', INTEGER),
             )
     fixed_props = [Literal(name)('NAME') - Suppress('=') - val('VALUE')
                    for name, val in props]

man/journald.conf.xml

@@ -350,9 +350,9 @@
         <varname>TTYPath=</varname>, described below.</para>
 
         <para>When forwarding to the kernel log buffer (kmsg), make sure to select a suitably large size for
-        the log buffer, for example by adding <literal>log_buf_len=8M</literal> to the kernel command line.
+        the log buffer, and ensure the kernel's rate-limiting applied to userspace processes is turned
-        <command>systemd</command> will automatically disable kernel's rate-limiting applied to userspace
+        off. Specifically, add <literal>log_buf_len=8M</literal> and <literal>printk.devkmsg=on</literal> (or
-        processes (equivalent to setting <literal>printk.devkmsg=on</literal>).</para></listitem>
+        similar) to the kernel command line.</para></listitem>
       </varlistentry>
 
       <varlistentry>

man/portablectl.xml

@@ -135,8 +135,7 @@
         the service manager are seen by it.</para>
 
         <para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are
-        immediately started (blocking operation unless <option>--no-block</option> is passed) and/or enabled after
+        immediately started and/or enabled after attaching the image.</para>
-        attaching the image.</para>
         </listitem>
       </varlistentry>
 
@@ -151,8 +150,8 @@
         <command>detach</command>.</para></listitem>
 
         <para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are
-        immediately stopped (blocking operation) and/or disabled before detaching the image. Prefix(es) are also accepted,
+        immediately started and/or enabled before detaching the image. Prefix(es) are also accepted, to be used in
-        to be used in case the unit names do not match the image name as described in the <command>attach</command>.</para>
+        case the unit names do not match the image name as described in the <command>attach</command>.</para>
       </varlistentry>
 
       <varlistentry>
@@ -331,12 +330,6 @@
         <listitem><para>Immediately start/stop the portable service after attaching/before detaching.</para></listitem>
       </varlistentry>
 
-      <varlistentry>
-        <term><option>--no-block</option></term>
-
-        <listitem><para>Don't block waiting for attach --now to complete.</para></listitem>
-      </varlistentry>
-
       <xi:include href="user-system-options.xml" xpointer="host" />
       <xi:include href="user-system-options.xml" xpointer="machine" />
 

man/systemd-nspawn.xml

@@ -1,8 +1,8 @@
 <?xml version='1.0'?>
 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
   "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
-<!ENTITY fedora_latest_version "31">
+<!ENTITY fedora_latest_version "30">
-<!ENTITY fedora_cloud_release "1.9">
+<!ENTITY fedora_cloud_release "1.2">
 ]>
 <!-- SPDX-License-Identifier: LGPL-2.1+ -->
 
@@ -1378,7 +1378,7 @@
 
       <programlisting># dnf -y --releasever=&fedora_latest_version; --installroot=/var/lib/machines/f&fedora_latest_version; \
       --disablerepo='*' --enablerepo=fedora --enablerepo=updates install \
-      systemd passwd dnf fedora-release vim-minimal glibc-minimal-langpack
+      systemd passwd dnf fedora-release vim-minimal
 # systemd-nspawn -bD /var/lib/machines/f&fedora_latest_version;</programlisting>
 
       <para>This installs a minimal Fedora distribution into the

man/systemd.link.xml

@@ -26,11 +26,8 @@
   <refsect1>
     <title>Description</title>
 
-    <para>A plain ini-style text file that encodes configuration for matching network devices, used by
+    <para>Network link configuration is performed by the
-    <citerefentry><refentrytitle>systemd-udev</refentrytitle><manvolnum>8</manvolnum></citerefentry> and in
+    <command>net_setup_link</command> udev builtin.</para>
-    particular its <command>net_setup_link</command> builtin. See
-    <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry> for a
-    general description of the syntax.</para>
 
     <para>The link files are read from the files located in the system
     network directory <filename>/usr/lib/systemd/network</filename>,

man/systemd.netdev.xml

@@ -27,10 +27,9 @@
   <refsect1>
     <title>Description</title>
 
-    <para>A plain ini-style text file that encodes configuration about a virtual network device, used by
+    <para>Network setup is performed by
     <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
-    See <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+    </para>
-    for a general description of the syntax.</para>
 
     <para>The main Virtual Network Device file must have the extension <filename>.netdev</filename>;
     other extensions are ignored. Virtual network devices are created as soon as networkd is

man/systemd.network.xml

@@ -28,11 +28,9 @@
   <refsect1>
     <title>Description</title>
 
-    <para>A plain ini-style text file that encodes network configuration for matching network interfaces,
+    <para>Network setup is performed by
-    used by
     <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
-    See <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+    </para>
-    for a general description of the syntax.</para>
 
     <para>The main network file must have the extension <filename>.network</filename>; other
     extensions are ignored. Networks are applied to links whenever the links appear.</para>
@@ -516,14 +514,13 @@
         <varlistentry>
           <term><varname>Domains=</varname></term>
           <listitem>
-            <para>A whitespace-separated list of domains which should be resolved using the DNS servers on
+            <para>A list of domains which should be resolved using the DNS servers on this link. Each item in the list
-            this link. Each item in the list should be a domain name, optionally prefixed with a tilde
+            should be a domain name, optionally prefixed with a tilde (<literal>~</literal>). The domains with the
-            (<literal>~</literal>). The domains with the prefix are called "routing-only domains". The
+            prefix are called "routing-only domains". The domains without the prefix are called "search domains" and
-            domains without the prefix are called "search domains" and are first used as search suffixes for
+            are first used as search suffixes for extending single-label host names (host names containing no dots) to
-            extending single-label host names (host names containing no dots) to become fully qualified
+            become fully qualified domain names (FQDNs). If a single-label host name is resolved on this interface,
-            domain names (FQDNs). If a single-label host name is resolved on this interface, each of the
+            each of the specified search domains are appended to it in turn, converting it into a fully qualified
-            specified search domains are appended to it in turn, converting it into a fully qualified domain
+            domain name, until one of them may be successfully resolved.</para>
-            name, until one of them may be successfully resolved.</para>
 
             <para>Both "search" and "routing-only" domains are used for routing of DNS queries: look-ups for host names
             ending in those domains (hence also single label names, if any "search domains" are listed), are routed to
@@ -616,12 +613,10 @@
         </varlistentry>
         <varlistentry>
           <term><varname>IPv6AcceptRA=</varname></term>
-          <listitem><para>Takes a boolean. Controls IPv6 Router Advertisement (RA) reception support for the
+          <listitem><para>Takes a boolean. Controls IPv6 Router Advertisement (RA) reception support
-          interface. If true, RAs are accepted; if false, RAs are ignored. When RAs are accepted, they may
+          for the interface. If true, RAs are accepted; if false, RAs are ignored, independently of the
-          trigger the start of the DHCPv6 client if the relevant flags are set in the RA data, or if no
+          local forwarding state. When RAs are accepted, they may trigger the start of the DHCPv6
-          routers are found on the link. The default is to disable RA reception for bridge devices or when IP
+          client if the relevant flags are set in the RA data, or if no routers are found on the link.</para>
-          forwarding is enabled, and to enable it otherwise. Cannot be enabled on bond devices and when link
-          local adressing is disabled.</para>
 
           <para>Further settings for the IPv6 RA support may be configured in the
           <literal>[IPv6AcceptRA]</literal> section, see below.</para>

man/systemd.syntax.xml

@@ -46,15 +46,6 @@
       <citerefentry><refentrytitle>systemd.nspawn</refentrytitle><manvolnum>5</manvolnum></citerefentry>
       </para></listitem>
 
-      <listitem><para>link files, see
-      <citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-      </para></listitem>
-
-      <listitem><para>netdev and network files, see
-      <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-      <citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-      </para></listitem>
-
       <listitem><para>daemon config files, see
       <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>systemd-user.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,

po/ru.po

@@ -1,24 +1,22 @@
 # SPDX-License-Identifier: LGPL-2.1+
 #
 # translation of ru.po to Rissian
-#
 # Julia Dronova <juliette.tux@gmail.com>, 2013.
 # Sergey Ptashnick <0comffdiz@inbox.ru>, 2013-2018.
-# Vladimir Yerilov <openmindead@gmail.com>, 2020.
+#
 msgid ""
 msgstr ""
 "Project-Id-Version: systemd\n"
-"Report-Msgid-Bugs-To: \n"
+"Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n"
-"POT-Creation-Date: 2020-03-03 00:56+1000\n"
+"POT-Creation-Date: 2015-11-22 16:37+0100\n"
-"PO-Revision-Date: 2020-03-03 16:05+1000\n"
+"PO-Revision-Date: 2018-09-01 18:46+0300\n"
-"Last-Translator: Vladimir Yerilov <openmindead@gmail.com>\n"
+"Last-Translator: Sergey Ptashnick <0comffdiz@inbox.ru>\n"
 "Language: ru\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
-"=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n"
+"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n"
-"X-Generator: Lokalize 19.12.2\n"
 
 #: src/core/org.freedesktop.systemd1.policy.in:22
 msgid "Send passphrase back to system"
@@ -71,68 +69,6 @@ msgstr ""
 "Чтобы заставить systemd перечитать конфигурацию, необходимо пройти "
 "аутентификацию."
 
-#: src/home/org.freedesktop.home1.policy:13
-msgid "Create a home area"
-msgstr "Создать домашнее пространство"
-
-#: src/home/org.freedesktop.home1.policy:14
-msgid "Authentication is required to create a user's home area."
-msgstr ""
-"Чтобы создать домашнее пространство пользователя, необходимо пройти"
-" аутентификацию."
-
-#: src/home/org.freedesktop.home1.policy:23
-msgid "Remove a home area"
-msgstr "Удалить домашнее пространство"
-
-#: src/home/org.freedesktop.home1.policy:24
-msgid "Authentication is required to remove a user's home area."
-msgstr ""
-"Чтобы удалить домашнее пространство пользователя, необходимо пройти"
-" аутентификацию."
-
-#: src/home/org.freedesktop.home1.policy:33
-msgid "Check credentials of a home area"
-msgstr "Проверить учётные данные домашнего пространства"
-
-#: src/home/org.freedesktop.home1.policy:34
-msgid ""
-"Authentication is required to check credentials against a user's home area."
-msgstr ""
-"Чтобы проверить учётные данные для домашнего пространства пользователя,"
-" необходимо пройти аутентификацию."
-
-#: src/home/org.freedesktop.home1.policy:43
-msgid "Update a home area"
-msgstr "Обновить домашнее пространство"
-
-#: src/home/org.freedesktop.home1.policy:44
-msgid "Authentication is required to update a user's home area."
-msgstr ""
-"Чтобы обновить домашнее пространство пользователя, необходимо пройти"
-" аутентификацию."
-
-#: src/home/org.freedesktop.home1.policy:53
-msgid "Resize a home area"
-msgstr "Изменить размер домашнего пространства"
-
-#: src/home/org.freedesktop.home1.policy:54
-msgid "Authentication is required to resize a user's home area."
-msgstr ""
-"Чтобы изменить размер домашнего пространства пользователя, необходимо пройти"
-" аутентификацию."
-
-#: src/home/org.freedesktop.home1.policy:63
-msgid "Change password of a home area"
-msgstr "Изменить пароль для домашнего пространства"
-
-#: src/home/org.freedesktop.home1.policy:64
-msgid ""
-"Authentication is required to change the password of a user's home area."
-msgstr ""
-"Чтобы изменить пароль для домашнего пространства пользователя, необходимо"
-" пройти аутентификацию."
-
 #: src/hostname/org.freedesktop.hostname1.policy:20
 msgid "Set host name"
 msgstr "Настроить имя компьютера"
@@ -330,7 +266,8 @@ msgstr ""
 
 #: src/login/org.freedesktop.login1.policy:117
 msgid "Allow non-logged-in user to run programs"
-msgstr "Разрешить работу программ в фоновом режиме после завершения сеанса"
+msgstr ""
+"Разрешить работу программ в фоновом режиме после завершения сеанса"
 
 #: src/login/org.freedesktop.login1.policy:118
 msgid "Explicit request is required to run programs as a non-logged-in user."
@@ -365,7 +302,8 @@ msgid "Flush device to seat attachments"
 msgstr "Сбросить привязки устройств к рабочим местам"
 
 #: src/login/org.freedesktop.login1.policy:149
-msgid "Authentication is required to reset how devices are attached to seats."
+msgid ""
+"Authentication is required to reset how devices are attached to seats."
 msgstr ""
 "Чтобы сбросить привязки устройств к рабочим местам, необходимо пройти "
 "аутентификацию."
@@ -399,8 +337,8 @@ msgstr ""
 
 #: src/login/org.freedesktop.login1.policy:181
 msgid ""
-"Authentication is required to power off the system while an application is "
+"Authentication is required to power off the system while an application "
-"inhibiting this."
+"is inhibiting this."
 msgstr ""
 "Чтобы выключить систему, несмотря на то, что приложение запросило блокировку "
 "выключения, необходимо пройти аутентификацию."
@@ -420,8 +358,8 @@ msgstr ""
 
 #: src/login/org.freedesktop.login1.policy:203
 msgid ""
-"Authentication is required to reboot the system while other users are logged "
+"Authentication is required to reboot the system while other users are "
-"in."
+"logged in."
 msgstr ""
 "Чтобы перезагрузить систему, несмотря на то, что в ней работают другие "
 "пользователи, необходимо пройти аутентификацию."
@@ -434,8 +372,8 @@ msgstr ""
 
 #: src/login/org.freedesktop.login1.policy:214
 msgid ""
-"Authentication is required to reboot the system while an application is "
+"Authentication is required to reboot the system while an application "
-"inhibiting this."
+"is inhibiting this."
 msgstr ""
 "Чтобы перезагрузить систему, несмотря на то, что приложение запросило "
 "блокировку выключения, необходимо пройти аутентификацию."
@@ -455,8 +393,8 @@ msgstr ""
 
 #: src/login/org.freedesktop.login1.policy:236
 msgid ""
-"Authentication is required to halt the system while other users are logged "
+"Authentication is required to halt the system while other users are "
-"in."
+"logged in."
 msgstr ""
 "Чтобы остановить систему, несмотря на то, что в ней работают другие "
 "пользователи, необходимо пройти аутентификацию."
@@ -464,16 +402,16 @@ msgstr ""
 #: src/login/org.freedesktop.login1.policy:246
 msgid "Halt the system while an application is inhibiting this"
 msgstr ""
-"Остановить систему несмотря на то, что приложение запросило блокировку "
+"Остановить систему, несмотря на то, что приложение запросило блокировку "
 "выключения"
 
 #: src/login/org.freedesktop.login1.policy:247
 msgid ""
-"Authentication is required to halt the system while an application is "
+"Authentication is required to halt the system while an application asked "
-"inhibiting this."
+"to inhibit it."
 msgstr ""
-"Чтобы остановить систему несмотря на то, что приложение запросило блокировку"
+"Чтобы остановить систему, несмотря на то, что приложение запросило "
-" выключения, необходимо пройти аутентификацию."
+"блокировку выключения, необходимо пройти аутентификацию."
 
 #: src/login/org.freedesktop.login1.policy:257
 msgid "Suspend the system"
@@ -506,8 +444,8 @@ msgstr ""
 
 #: src/login/org.freedesktop.login1.policy:279
 msgid ""
-"Authentication is required to suspend the system while an application is "
+"Authentication is required to suspend the system while an application "
-"inhibiting this."
+"is inhibiting this."
 msgstr ""
 "Чтобы перевести систему в ждущий режим, несмотря на то, что приложение "
 "запросило блокировку, необходимо пройти аутентификацию."
@@ -543,8 +481,8 @@ msgstr ""
 
 #: src/login/org.freedesktop.login1.policy:311
 msgid ""
-"Authentication is required to hibernate the system while an application is "
+"Authentication is required to hibernate the system while an application "
-"inhibiting this."
+"is inhibiting this."
 msgstr ""
 "Чтобы перевести систему в спящий режим, несмотря на то, что приложение "
 "запросило блокировку, необходимо пройти аутентификацию."
@@ -554,7 +492,8 @@ msgid "Manage active sessions, users and seats"
 msgstr "Управление текущими сеансами, пользователями и рабочими местами"
 
 #: src/login/org.freedesktop.login1.policy:322
-msgid "Authentication is required to manage active sessions, users and seats."
+msgid ""
+"Authentication is required to manage active sessions, users and seats."
 msgstr ""
 "Для управления текущими сеансами, пользователями и рабочими местами, "
 "необходимо пройти аутентификацию."
@@ -570,68 +509,26 @@ msgstr ""
 "аутентификацию."
 
 #: src/login/org.freedesktop.login1.policy:341
-msgid "Set the reboot \"reason\" in the kernel"
+msgid "Allow indication to the firmware to boot to setup interface"
-msgstr "Установить \"причину\" перезагрузки"
+msgstr "Разрешить загрузку в режиме настройки прошивки материнской платы"
 
 #: src/login/org.freedesktop.login1.policy:342
-msgid "Authentication is required to set the reboot \"reason\" in the kernel."
-msgstr ""
-"Чтобы установить \"причину\" перезагрузки, необходимо пройти аутентификацию."
-
-#: src/login/org.freedesktop.login1.policy:352
-msgid "Indicate to the firmware to boot to setup interface"
-msgstr ""
-"Запустить режим настройки прошивки материнской платы при следующей загрузке"
-
-#: src/login/org.freedesktop.login1.policy:353
 msgid ""
 "Authentication is required to indicate to the firmware to boot to setup "
 "interface."
 msgstr ""
-"Чтобы запустить режим настройки прошивки материнской платы, "
+"Чтобы разрешить загрузку в режиме настройки прошивки материнской платы, "
 "необходимо пройти аутентификацию."
 
-#: src/login/org.freedesktop.login1.policy:363
+#: src/login/org.freedesktop.login1.policy:351
-msgid "Indicate to the boot loader to boot to the boot loader menu"
-msgstr "Отобразить меню загрузчика при следующей загрузке"
-
-#: src/login/org.freedesktop.login1.policy:364
-msgid ""
-"Authentication is required to indicate to the boot loader to boot to the "
-"boot loader menu."
-msgstr ""
-"Чтобы отобразить меню загрузчика при следующей загрузке, "
-"необходимо пройти аутентификацию."
-
-#: src/login/org.freedesktop.login1.policy:374
-msgid "Indicate to the boot loader to boot a specific entry"
-msgstr "Выбрать определённую загрузочную запись при следующем запуске"
-
-#: src/login/org.freedesktop.login1.policy:375
-msgid ""
-"Authentication is required to indicate to the boot loader to boot into a "
-"specific boot loader entry."
-msgstr ""
-"Чтобы установить определённую загрузочную запись для загрузки, "
-"необходимо пройти аутентификацию."
-
-#: src/login/org.freedesktop.login1.policy:385
 msgid "Set a wall message"
 msgstr "Отправить сообщение на все терминалы"
 
-#: src/login/org.freedesktop.login1.policy:386
+#: src/login/org.freedesktop.login1.policy:352
 msgid "Authentication is required to set a wall message"
 msgstr ""
 "Чтобы отправить сообщение на все терминалы, необходимо пройти аутентификацию."
 
-#: src/login/org.freedesktop.login1.policy:395
-msgid "Change Session"
-msgstr "Сменить сессию"
-
-#: src/login/org.freedesktop.login1.policy:396
-msgid "Authentication is required to change the virtual terminal."
-msgstr "Чтобы сменить виртуальный терминал, необходимо пройти аутентификацию."
-
 #: src/machine/org.freedesktop.machine1.policy:22
 msgid "Log into a local container"
 msgstr "Зайти в локальный контейнер"
@@ -712,151 +609,14 @@ msgstr ""
 "Для управления образами виртуальных машин и контейнеров, необходимо пройти "
 "аутентификацию."
 
-#: src/network/org.freedesktop.network1.policy:22
-msgid "Set NTP servers"
-msgstr "Задать NTP-серверы"
-
-#: src/network/org.freedesktop.network1.policy:23
-msgid "Authentication is required to set NTP servers."
-msgstr "Чтобы задать NTP-серверы, необходимо пройти аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:33
-#: src/resolve/org.freedesktop.resolve1.policy:44
-msgid "Set DNS servers"
-msgstr "Задать DNS-серверы"
-
-#: src/network/org.freedesktop.network1.policy:34
-#: src/resolve/org.freedesktop.resolve1.policy:45
-msgid "Authentication is required to set DNS servers."
-msgstr "Чтобы задать DNS-серверы, необходимо пройти аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:44
-#: src/resolve/org.freedesktop.resolve1.policy:55
-msgid "Set domains"
-msgstr "Задать домены"
-
-#: src/network/org.freedesktop.network1.policy:45
-#: src/resolve/org.freedesktop.resolve1.policy:56
-msgid "Authentication is required to set domains."
-msgstr "Чтобы задать домены, необходимо пройти аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:55
-#: src/resolve/org.freedesktop.resolve1.policy:66
-msgid "Set default route"
-msgstr "Задать маршрут по умолчанию"
-
-#: src/network/org.freedesktop.network1.policy:56
-#: src/resolve/org.freedesktop.resolve1.policy:67
-msgid "Authentication is required to set default route."
-msgstr "Чтобы задать маршрут по умолчанию, необходимо пройти аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:66
-#: src/resolve/org.freedesktop.resolve1.policy:77
-msgid "Enable/disable LLMNR"
-msgstr "Включить/отключить LLMNR"
-
-#: src/network/org.freedesktop.network1.policy:67
-#: src/resolve/org.freedesktop.resolve1.policy:78
-msgid "Authentication is required to enable or disable LLMNR."
-msgstr "Чтобы включить или отключить LLMNR, необходимо пройти аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:77
-#: src/resolve/org.freedesktop.resolve1.policy:88
-msgid "Enable/disable multicast DNS"
-msgstr "Включить/отключить multicast DNS"
-
-#: src/network/org.freedesktop.network1.policy:78
-#: src/resolve/org.freedesktop.resolve1.policy:89
-msgid "Authentication is required to enable or disable multicast DNS."
-msgstr ""
-"Чтобы включить или отключить multicast DNS, необходимо пройти аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:88
-#: src/resolve/org.freedesktop.resolve1.policy:99
-msgid "Enable/disable DNS over TLS"
-msgstr "Включить/отключить DNS поверх TLS"
-
-#: src/network/org.freedesktop.network1.policy:89
-#: src/resolve/org.freedesktop.resolve1.policy:100
-msgid "Authentication is required to enable or disable DNS over TLS."
-msgstr ""
-"Чтобы включить или отключить DNS поверх TLS, необходимо пройти аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:99
-#: src/resolve/org.freedesktop.resolve1.policy:110
-msgid "Enable/disable DNSSEC"
-msgstr "Включить/отключить DNSSEC"
-
-#: src/network/org.freedesktop.network1.policy:100
-#: src/resolve/org.freedesktop.resolve1.policy:111
-msgid "Authentication is required to enable or disable DNSSEC."
-msgstr "Чтобы включить или отключить DNSSEC, необходимо пройти аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:110
-#: src/resolve/org.freedesktop.resolve1.policy:121
-msgid "Set DNSSEC Negative Trust Anchors"
-msgstr "Задать DNSSEC Negative Trust Anchors"
-
-#: src/network/org.freedesktop.network1.policy:111
-#: src/resolve/org.freedesktop.resolve1.policy:122
-msgid "Authentication is required to set DNSSEC Negative Trust Anchors."
-msgstr ""
-"Чтобы задать DNSSEC Negative Trust Anchors, необходимо пройти аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:121
-msgid "Revert NTP settings"
-msgstr "Восстановить настройки NTP по умолчанию"
-
-#: src/network/org.freedesktop.network1.policy:122
-msgid "Authentication is required to reset NTP settings."
-msgstr ""
-"Чтобы сбросить локальные настройки NTP, необходимо пройти аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:132
-msgid "Revert DNS settings"
-msgstr "Восстановить настройки DNS по умолчанию"
-
-#: src/network/org.freedesktop.network1.policy:133
-msgid "Authentication is required to reset DNS settings."
-msgstr ""
-"Чтобы сбросить локальные настройки DNS, необходимо пройти аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:143
-msgid "Renew dynamic addresses"
-msgstr "Обновить динамические адреса"
-
-#: src/network/org.freedesktop.network1.policy:144
-msgid "Authentication is required to renew dynamic addresses."
-msgstr "Чтобы обновить динамические адреса, необходимо пройти аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:154
-msgid "Reload network settings"
-msgstr "Перечитать настройки сети"
-
-#: src/network/org.freedesktop.network1.policy:155
-msgid "Authentication is required to reload network settings."
-msgstr ""
-"Чтобы заставить systemd перечитать настройки сети, необходимо пройти "
-"аутентификацию."
-
-#: src/network/org.freedesktop.network1.policy:165
-msgid "Reconfigure network interface"
-msgstr "Изменить конфигурацию сетевого интерфейса"
-
-#: src/network/org.freedesktop.network1.policy:166
-msgid "Authentication is required to reconfigure network interface."
-msgstr ""
-"Чтобы изменить конфигурацию сетевого интерфейса, необходимо пройти"
-" аутентификацию."
-
 #: src/portable/org.freedesktop.portable1.policy:13
 msgid "Inspect a portable service image"
 msgstr "Прочитать образ переносимой службы"
 
 #: src/portable/org.freedesktop.portable1.policy:14
 msgid "Authentication is required to inspect a portable service image."
-msgstr ""
+msgstr "Чтобы прочитать образ переносимой службы, необходимо пройти "
-"Чтобы прочитать образ переносимой службы, необходимо пройти аутентификацию."
+"аутентификацию."
 
 #: src/portable/org.freedesktop.portable1.policy:23
 msgid "Attach or detach a portable service image"
@@ -865,9 +625,8 @@ msgstr "Подключить или отключить образ перенос
 #: src/portable/org.freedesktop.portable1.policy:24
 msgid ""
 "Authentication is required to attach or detach a portable service image."
-msgstr ""
+msgstr "Чтобы подключить или отключить образ переносимой службы, необходимо "
-"Чтобы подключить или отключить образ переносимой службы, необходимо пройти "
+"пройти аутентификацию."
-"аутентификацию."
 
 #: src/portable/org.freedesktop.portable1.policy:34
 msgid "Delete or modify portable service image"
@@ -886,8 +645,8 @@ msgstr "Зарегистрировать службу в DNS-SD"
 
 #: src/resolve/org.freedesktop.resolve1.policy:23
 msgid "Authentication is required to register a DNS-SD service"
-msgstr ""
+msgstr "Чтобы зарегистрировать службу в DNS-SD, необходимо пройти "
-"Чтобы зарегистрировать службу в DNS-SD, необходимо пройти аутентификацию."
+"аутентификацию."
 
 #: src/resolve/org.freedesktop.resolve1.policy:33
 msgid "Unregister a DNS-SD service"
@@ -897,15 +656,6 @@ msgstr "Удалить службу из DNS-SD"
 msgid "Authentication is required to unregister a DNS-SD service"
 msgstr "Чтобы удалить службу из DNS-SD, необходимо пройти аутентификацию."
 
-#: src/resolve/org.freedesktop.resolve1.policy:132
-msgid "Revert name resolution settings"
-msgstr "Вернуть настройки разрешения имён по умолчанию"
-
-#: src/resolve/org.freedesktop.resolve1.policy:133
-msgid "Authentication is required to reset name resolution settings."
-msgstr ""
-"Чтобы сбросить настройки разрешения имён, необходимо пройти аутентификацию."
-
 #: src/timedate/org.freedesktop.timedate1.policy:22
 msgid "Set system time"
 msgstr "Настроить системное время"
@@ -946,47 +696,49 @@ msgstr ""
 "Чтобы включить или выключить синхронизацию времени по сети, необходимо "
 "пройти аутентификацию."
 
-#: src/core/dbus-unit.c:356
+#: src/core/dbus-unit.c:326
 msgid "Authentication is required to start '$(unit)'."
 msgstr "Чтобы запустить «$(unit)», необходимо пройти аутентификацию."
 
-#: src/core/dbus-unit.c:357
+#: src/core/dbus-unit.c:327
 msgid "Authentication is required to stop '$(unit)'."
 msgstr "Чтобы остановить «$(unit)», необходимо пройти аутентификацию."
 
-#: src/core/dbus-unit.c:358
+#: src/core/dbus-unit.c:328
 msgid "Authentication is required to reload '$(unit)'."
 msgstr ""
 "Чтобы заставить «$(unit)» перечитать конфигурацию, необходимо пройти "
 "аутентификацию."
 
-#: src/core/dbus-unit.c:359 src/core/dbus-unit.c:360
+#: src/core/dbus-unit.c:329 src/core/dbus-unit.c:330
 msgid "Authentication is required to restart '$(unit)'."
 msgstr "Чтобы перезапустить «$(unit)», необходимо пройти аутентификацию."
 
-#: src/core/dbus-unit.c:532
+#: src/core/dbus-unit.c:437
-msgid ""
+msgid "Authentication is required to kill '$(unit)'."
-"Authentication is required to send a UNIX signal to the processes of "
+msgstr "Чтобы убить юнит «$(unit)», необходимо пройти аутентификацию."
-"'$(unit)'."
-msgstr ""
-"Чтобы отправить сигнал UNIX процессам юнита «$(unit)», необходимо пройти"
-" аутентификацию."
 
-#: src/core/dbus-unit.c:563
+#: src/core/dbus-unit.c:468
 msgid "Authentication is required to reset the \"failed\" state of '$(unit)'."
 msgstr ""
 "Чтобы сбросить состояние «failed» у юнита «$(unit)», необходимо пройти "
 "аутентификацию."
 
-#: src/core/dbus-unit.c:596
+#: src/core/dbus-unit.c:501
 msgid "Authentication is required to set properties on '$(unit)'."
-msgstr ""
+msgstr "Чтобы изменить параметры юнита «$(unit)», необходимо пройти "
-"Чтобы изменить параметры юнита «$(unit)», необходимо пройти аутентификацию."
+"аутентификацию."
 
-#: src/core/dbus-unit.c:705
+#~ msgid "Press Ctrl+C to cancel all filesystem checks in progress"
-msgid ""
+#~ msgstr ""
-"Authentication is required to delete files and directories associated with "
+#~ "Чтобы прервать все запущенные проверки файловых систем, нажмите Ctrl+C"
-"'$(unit)'."
+
-msgstr ""
+# There is no difference between "на 2 дисках" (plural==1) and "на 5 дисках" (plural==2)
-"Чтобы удалить файлы и директории, относящиеся к юниту «$(unit)», необходимо"
+#~ msgid "Checking in progress on %d disk (%3.1f%% complete)"
-" пройти аутентификацию."
+#~ msgid_plural "Checking in progress on %d disks (%3.1f%% complete)"
+#~ msgstr[0] ""
+#~ "Проверяется целостность файловой системы на %d диске (выполнено %3.1f%%)"
+#~ msgstr[1] ""
+#~ "Проверяется целостность файловых систем на %d дисках (выполнено %3.1f%%)"
+#~ msgstr[2] ""
+#~ "Проверяется целостность файловых систем на %d дисках (выполнено %3.1f%%)"

src/basic/fs-util.c

@@ -272,52 +272,6 @@ int fchmod_and_chown(int fd, mode_t mode, uid_t uid, gid_t gid) {
         return do_chown || do_chmod;
 }
 
-int chmod_and_chown_unsafe(const char *path, mode_t mode, uid_t uid, gid_t gid) {
-        bool do_chown, do_chmod;
-        struct stat st;
-
-        assert(path);
-
-        /* Change ownership and access mode of the specified path, see description of fchmod_and_chown().
-         * Should only be used on trusted paths. */
-
-        if (lstat(path, &st) < 0)
-                return -errno;
-
-        do_chown =
-                (uid != UID_INVALID && st.st_uid != uid) ||
-                (gid != GID_INVALID && st.st_gid != gid);
-
-        do_chmod =
-                !S_ISLNK(st.st_mode) && /* chmod is not defined on symlinks */
-                ((mode != MODE_INVALID && ((st.st_mode ^ mode) & 07777) != 0) ||
-                 do_chown); /* If we change ownership, make sure we reset the mode afterwards, since chown()
-                             * modifies the access mode too */
-
-        if (mode == MODE_INVALID)
-                mode = st.st_mode; /* If we only shall do a chown(), save original mode, since chown() might break it. */
-        else if ((mode & S_IFMT) != 0 && ((mode ^ st.st_mode) & S_IFMT) != 0)
-                return -EINVAL; /* insist on the right file type if it was specified */
-
-        if (do_chown && do_chmod) {
-                mode_t minimal = st.st_mode & mode; /* the subset of the old and the new mask */
-
-                if (((minimal ^ st.st_mode) & 07777) != 0)
-                        if (chmod(path, minimal & 07777) < 0)
-                                return -errno;
-        }
-
-        if (do_chown)
-                if (lchown(path, uid, gid) < 0)
-                        return -errno;
-
-        if (do_chmod)
-                if (chmod(path, mode & 07777) < 0)
-                        return -errno;
-
-        return do_chown || do_chmod;
-}
-
 int fchmod_umask(int fd, mode_t m) {
         mode_t u;
         int r;

src/basic/fs-util.h

@@ -34,7 +34,6 @@ int readlink_and_make_absolute(const char *p, char **r);
 
 int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid);
 int fchmod_and_chown(int fd, mode_t mode, uid_t uid, gid_t gid);
-int chmod_and_chown_unsafe(const char *path, mode_t mode, uid_t uid, gid_t gid);
 
 int fchmod_umask(int fd, mode_t mode);
 int fchmod_opath(int fd, mode_t m);

src/basic/selinux-util.c

@@ -233,9 +233,6 @@ int mac_selinux_get_create_label_from_exe(const char *exe, char **label) {
                 return -errno;
 
         sclass = string_to_security_class("process");
-        if (sclass == 0)
-                return -ENOSYS;
-
         r = security_compute_create_raw(mycon, fcon, sclass, label);
         if (r < 0)
                 return -errno;
@@ -315,9 +312,6 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *
                 return -ENOMEM;
 
         sclass = string_to_security_class("process");
-        if (sclass == 0)
-                return -ENOSYS;
-
         r = security_compute_create_raw(mycon, fcon, sclass, label);
         if (r < 0)
                 return -errno;

src/core/dbus-util.h

@@ -127,8 +127,7 @@ int bus_property_get_triggered_unit(sd_bus *bus, const char *path, const char *i
                 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {                    \
                         *p = (cast_type) v;                             \
                         unit_write_settingf(u, flags, name,             \
-                                            "%s=%s",                    \
+                                            "%s=%s", name, s);          \
-                                            name, strempty(s));         \
                 }                                                       \
                                                                         \
                 return 1;                                               \

src/core/execute.c

@@ -4881,7 +4881,7 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) {
                 r = namespace_flags_to_string(c->restrict_namespaces, &s);
                 if (r >= 0)
                         fprintf(f, "%sRestrictNamespaces: %s\n",
-                                prefix, strna(s));
+                                prefix, s);
         }
 
         if (c->network_namespace_path)

src/portable/portablectl.c

@@ -9,7 +9,6 @@
 #include "bus-error.h"
 #include "bus-unit-util.h"
 #include "bus-util.h"
-#include "bus-wait-for-jobs.h"
 #include "def.h"
 #include "dirent-util.h"
 #include "env-file.h"
@@ -43,7 +42,6 @@ static BusTransport arg_transport = BUS_TRANSPORT_LOCAL;
 static const char *arg_host = NULL;
 static bool arg_enable = false;
 static bool arg_now = false;
-static bool arg_no_block = false;
 
 static int determine_image(const char *image, bool permit_non_existing, char **ret) {
         int r;
@@ -447,7 +445,7 @@ static int maybe_enable_disable(sd_bus *bus, const char *path, bool enable) {
         return 0;
 }
 
-static int maybe_start_stop(sd_bus *bus, const char *path, bool start, BusWaitForJobs *wait) {
+static int maybe_start_stop(sd_bus *bus, const char *path, bool start) {
         _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
         _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
         char *name = (char *)basename(path), *job = NULL;
@@ -478,29 +476,15 @@ static int maybe_start_stop(sd_bus *bus, const char *path, bool start, BusWaitFo
         if (!arg_quiet)
                 log_info("Queued %s to %s portable service %s.", job, start ? "start" : "stop", name);
 
-        if (wait) {
-                r = bus_wait_for_jobs_add(wait, job);
-                if (r < 0)
-                        return log_error_errno(r, "Failed to watch %s job for %s %s: %m",
-                                               job, start ? "starting" : "stopping", name);
-        }
-
         return 0;
 }
 
 static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) {
-        _cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *wait = NULL;
         int r;
 
         if (!arg_enable && !arg_now)
                 return 0;
 
-        if (!arg_no_block) {
-                r = bus_wait_for_jobs_new(bus, &wait);
-                if (r < 0)
-                        return log_error_errno(r, "Could not watch jobs: %m");
-        }
-
         r = sd_bus_message_rewind(reply, true);
         if (r < 0)
                 return r;
@@ -519,7 +503,7 @@ static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) {
 
                 if (STR_IN_SET(type, "symlink", "copy") && ENDSWITH_SET(path, ".service", ".target", ".socket")) {
                         (void) maybe_enable_disable(bus, path, true);
-                        (void) maybe_start_stop(bus, path, true, wait);
+                        (void) maybe_start_stop(bus, path, true);
                 }
         }
 
@@ -527,17 +511,10 @@ static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) {
         if (r < 0)
                 return r;
 
-        if (!arg_no_block) {
-                r = bus_wait_for_jobs(wait, arg_quiet, NULL);
-                if (r < 0)
-                        return r;
-        }
-
         return 0;
 }
 
 static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
-        _cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *wait = NULL;
         _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL;
         _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
         _cleanup_strv_free_ char **matches = NULL;
@@ -550,10 +527,6 @@ static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
         if (r < 0)
                 return r;
 
-        r = bus_wait_for_jobs_new(bus, &wait);
-        if (r < 0)
-                return log_error_errno(r, "Could not watch jobs: %m");
-
         r = sd_bus_message_new_method_call(
                                 bus,
                                 &m,
@@ -605,7 +578,7 @@ static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
                 if (r < 0)
                         return bus_log_parse_error(r);
 
-                (void) maybe_start_stop(bus, name, false, wait);
+                (void) maybe_start_stop(bus, name, false);
                 (void) maybe_enable_disable(bus, name, false);
         }
 
@@ -613,11 +586,6 @@ static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
         if (r < 0)
                 return bus_log_parse_error(r);
 
-        /* Stopping must always block or the detach will fail if the unit is still running */
-        r = bus_wait_for_jobs(wait, arg_quiet, NULL);
-        if (r < 0)
-                return r;
-
         return 0;
 }
 
@@ -1029,7 +997,6 @@ static int help(int argc, char *argv[], void *userdata) {
                "                              after attach/detach\n"
                "     --now                    Immediately start/stop the portable service after\n"
                "                              attach/before detach\n"
-               "     --no-block               Don't block waiting for attach --now to complete\n"
                "\nSee the %s for details.\n"
                , program_invocation_short_name
                , ansi_highlight()
@@ -1053,7 +1020,6 @@ static int parse_argv(int argc, char *argv[]) {
                 ARG_CAT,
                 ARG_ENABLE,
                 ARG_NOW,
-                ARG_NO_BLOCK,
         };
 
         static const struct option options[] = {
@@ -1072,7 +1038,6 @@ static int parse_argv(int argc, char *argv[]) {
                 { "cat",             no_argument,       NULL, ARG_CAT             },
                 { "enable",          no_argument,       NULL, ARG_ENABLE          },
                 { "now",             no_argument,       NULL, ARG_NOW             },
-                { "no-block",        no_argument,       NULL, ARG_NO_BLOCK        },
                 {}
         };
 
@@ -1167,10 +1132,6 @@ static int parse_argv(int argc, char *argv[]) {
                         arg_now = true;
                         break;
 
-                case ARG_NO_BLOCK:
-                        arg_no_block = true;
-                        break;
-
                 case '?':
                         return -EINVAL;
 

src/shared/bus-util.c

@@ -406,7 +406,7 @@ static int bus_print_property(const char *name, const char *expected_value, sd_b
                                 if (r < 0)
                                         return r;
 
-                                result = strempty(s);
+                                result = s;
                         }
 
                         bus_print_property_value(name, expected_value, value, result);

src/shared/nsflags.c

@@ -65,6 +65,12 @@ int namespace_flags_to_string(unsigned long flags, char **ret) {
                         return -ENOMEM;
         }
 
+        if (!s) {
+                s = strdup("");
+                if (!s)
+                        return -ENOMEM;
+        }
+
         *ret = TAKE_PTR(s);
 
         return 0;

src/sysusers/sysusers.c

@@ -94,12 +94,6 @@ STATIC_DESTRUCTOR_REGISTER(database_groups, set_free_freep);
 STATIC_DESTRUCTOR_REGISTER(uid_range, freep);
 STATIC_DESTRUCTOR_REGISTER(arg_root, freep);
 
-static int errno_is_not_exists(int code) {
-        /* See getpwnam(3) and getgrnam(3): those codes and others can be returned if the user or group are
-         * not found. */
-        return IN_SET(code, 0, ENOENT, ESRCH, EBADF, EPERM);
-}
-
 static int load_user_database(void) {
         _cleanup_fclose_ FILE *f = NULL;
         const char *passwd_path;
@@ -199,7 +193,7 @@ static int load_group_database(void) {
 static int make_backup(const char *target, const char *x) {
         _cleanup_close_ int src = -1;
         _cleanup_fclose_ FILE *dst = NULL;
-        _cleanup_free_ char *dst_tmp = NULL;
+        _cleanup_free_ char *temp = NULL;
         char *backup;
         struct timespec ts[2];
         struct stat st;
@@ -216,7 +210,7 @@ static int make_backup(const char *target, const char *x) {
         if (fstat(src, &st) < 0)
                 return -errno;
 
-        r = fopen_temporary_label(target, x, &dst, &dst_tmp);
+        r = fopen_temporary_label(target, x, &dst, &temp);
         if (r < 0)
                 return r;
 
@@ -230,7 +224,7 @@ static int make_backup(const char *target, const char *x) {
         backup = strjoina(x, "-");
 
         /* Copy over the access mask */
-        r = chmod_and_chown_unsafe(dst_tmp, st.st_mode & 07777, st.st_uid, st.st_gid);
+        r = fchmod_and_chown(fileno(dst), st.st_mode & 07777, st.st_uid, st.st_gid);
         if (r < 0)
                 log_warning_errno(r, "Failed to change access mode or ownership of %s: %m", backup);
 
@@ -243,7 +237,7 @@ static int make_backup(const char *target, const char *x) {
         if (r < 0)
                 goto fail;
 
-        if (rename(dst_tmp, backup) < 0) {
+        if (rename(temp, backup) < 0) {
                 r = -errno;
                 goto fail;
         }
@@ -251,7 +245,7 @@ static int make_backup(const char *target, const char *x) {
         return 0;
 
 fail:
-        (void) unlink(dst_tmp);
+        (void) unlink(temp);
         return r;
 }
 
@@ -345,13 +339,13 @@ static int putsgent_with_members(const struct sgrp *sg, FILE *gshadow) {
 }
 #endif
 
-static int sync_rights(FILE *from, const char *to) {
+static int sync_rights(FILE *from, FILE *to) {
         struct stat st;
 
         if (fstat(fileno(from), &st) < 0)
                 return -errno;
 
-        return chmod_and_chown_unsafe(to, st.st_mode & 07777, st.st_uid, st.st_gid);
+        return fchmod_and_chown(fileno(to), st.st_mode & 07777, st.st_uid, st.st_gid);
 }
 
 static int rename_and_apply_smack(const char *temp_path, const char *dest_path) {
@@ -389,7 +383,7 @@ static int write_temporary_passwd(const char *passwd_path, FILE **tmpfile, char
         original = fopen(passwd_path, "re");
         if (original) {
 
-                r = sync_rights(original, passwd_tmp);
+                r = sync_rights(original, passwd);
                 if (r < 0)
                         return r;
 
@@ -491,7 +485,7 @@ static int write_temporary_shadow(const char *shadow_path, FILE **tmpfile, char
         original = fopen(shadow_path, "re");
         if (original) {
 
-                r = sync_rights(original, shadow_tmp);
+                r = sync_rights(original, shadow);
                 if (r < 0)
                         return r;
 
@@ -588,7 +582,7 @@ static int write_temporary_group(const char *group_path, FILE **tmpfile, char **
         original = fopen(group_path, "re");
         if (original) {
 
-                r = sync_rights(original, group_tmp);
+                r = sync_rights(original, group);
                 if (r < 0)
                         return r;
 
@@ -687,7 +681,7 @@ static int write_temporary_gshadow(const char * gshadow_path, FILE **tmpfile, ch
         if (original) {
                 struct sgrp *sg;
 
-                r = sync_rights(original, gshadow_tmp);
+                r = sync_rights(original, gshadow);
                 if (r < 0)
                         return r;
 
@@ -977,7 +971,7 @@ static int add_user(Item *i) {
 
                         return 0;
                 }
-                if (!errno_is_not_exists(errno))
+                if (!IN_SET(errno, 0, ENOENT))
                         return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name);
         }
 
@@ -1114,7 +1108,7 @@ static int get_gid_by_name(const char *name, gid_t *gid) {
                         *gid = g->gr_gid;
                         return 0;
                 }
-                if (!errno_is_not_exists(errno))
+                if (!IN_SET(errno, 0, ENOENT))
                         return log_error_errno(errno, "Failed to check if group %s already exists: %m", name);
         }
 

src/test/test-fs-util.c

@@ -802,50 +802,6 @@ static void test_chmod_and_chown(void) {
         assert_se(S_ISLNK(st.st_mode));
 }
 
-static void test_chmod_and_chown_unsafe(void) {
-        _cleanup_(rm_rf_physical_and_freep) char *d = NULL;
-        _unused_ _cleanup_umask_ mode_t u = umask(0000);
-        struct stat st;
-        const char *p;
-
-        if (geteuid() != 0)
-                return;
-
-        log_info("/* %s */", __func__);
-
-        assert_se(mkdtemp_malloc(NULL, &d) >= 0);
-
-        p = strjoina(d, "/reg");
-        assert_se(mknod(p, S_IFREG | 0123, 0) >= 0);
-
-        assert_se(chmod_and_chown_unsafe(p, S_IFREG | 0321, 1, 2) >= 0);
-        assert_se(chmod_and_chown_unsafe(p, S_IFDIR | 0555, 3, 4) == -EINVAL);
-
-        assert_se(lstat(p, &st) >= 0);
-        assert_se(S_ISREG(st.st_mode));
-        assert_se((st.st_mode & 07777) == 0321);
-
-        p = strjoina(d, "/dir");
-        assert_se(mkdir(p, 0123) >= 0);
-
-        assert_se(chmod_and_chown_unsafe(p, S_IFDIR | 0321, 1, 2) >= 0);
-        assert_se(chmod_and_chown_unsafe(p, S_IFREG | 0555, 3, 4) == -EINVAL);
-
-        assert_se(lstat(p, &st) >= 0);
-        assert_se(S_ISDIR(st.st_mode));
-        assert_se((st.st_mode & 07777) == 0321);
-
-        p = strjoina(d, "/lnk");
-        assert_se(symlink("idontexist", p) >= 0);
-
-        assert_se(chmod_and_chown_unsafe(p, S_IFLNK | 0321, 1, 2) >= 0);
-        assert_se(chmod_and_chown_unsafe(p, S_IFREG | 0555, 3, 4) == -EINVAL);
-        assert_se(chmod_and_chown_unsafe(p, S_IFDIR | 0555, 3, 4) == -EINVAL);
-
-        assert_se(lstat(p, &st) >= 0);
-        assert_se(S_ISLNK(st.st_mode));
-}
-
 int main(int argc, char *argv[]) {
         test_setup_logging(LOG_INFO);
 
@@ -863,7 +819,6 @@ int main(int argc, char *argv[]) {
         test_fsync_directory_of_file();
         test_rename_noreplace();
         test_chmod_and_chown();
-        test_chmod_and_chown_unsafe();
 
         return 0;
 }

src/test/test-seccomp.c

@@ -190,7 +190,7 @@ static void test_restrict_namespace(void) {
 
         log_info("/* %s */", __func__);
 
-        assert_se(namespace_flags_to_string(0, &s) == 0 && isempty(s));
+        assert_se(namespace_flags_to_string(0, &s) == 0 && streq(s, ""));
         s = mfree(s);
         assert_se(namespace_flags_to_string(CLONE_NEWNS, &s) == 0 && streq(s, "mnt"));
         s = mfree(s);

test/mkosi.default.networkd-test

@@ -10,6 +10,7 @@ Release=29
 [Output]
 Format=raw_btrfs
 Bootable=yes
+KernelCommandLine=printk.devkmsg=on
 OutputDirectory=../mkosi.output
 Output=networkd-test.raw
 

test/test-functions

@@ -212,6 +212,7 @@ loglevel=2 \
 init=$PATH_TO_INIT \
 console=$CONSOLE \
 selinux=0 \
+printk.devkmsg=on \
 $_cgroup_args \
 $KERNEL_APPEND \
 "