Fixes systemd#12454.

gcc was complaining that the link->ifname argument is NULL. Adding
assert(link->ifname) right before the call has no effect. It seems that
gcc is confused by the fact that log_link_warning_errno() internally
calls log_object(), with link->ifname passed as the object. log_object()
is also a macro and is does a check whether the passed object is NULL.
So we have a check if something is NULL right next an unconditional use
of it where it cannot be NULL. I think it's a bug in gcc.

Anyway, we don't need to use link->ifname here. log_object() already prepends
the object name to the message.

(cherry picked from commit c98b354)
(cherry picked from commit 298d13d)

We noticed in our tests that occasionally SystemCallFilter= would
fail to set and the service would run with no syscall filtering.
Most of the time the same tests would apply the filter and fail
the service as expected. While it's not totally clear why this happens,
we noticed seccomp_load() in the systemd code base would fail open for
all errors except EPERM and EACCES.

ENOMEM, EINVAL, and EFAULT seem like reasonable values to add to the
error set based on what I gather from libseccomp code and man pages:

-ENOMEM: out of memory, failed to allocate space for a libseccomp structure, or would exceed a defined constant
-EINVAL: kernel isn't configured to support the operations, args are invalid (to seccomp_load(), seccomp(), or prctl())
-EFAULT: addresses passed as args are invalid
(cherry picked from commit 7bc5e0b)
(cherry picked from commit c461125)

(cherry picked from commit 39e445c)
(cherry picked from commit 10ed877)

nspawn should associate the specified nspawn container apifs object label instead of the nspawn container process label with the volatile tmpfs

(cherry picked from commit 8f1ed04)
(cherry picked from commit 12023b0)

As described in systemd#12291, final assignments and assignments are clearing both command types.

(cherry picked from commit 967de8f)
(cherry picked from commit 87c70a9)

As described in systemd#12291

(cherry picked from commit 5a1ee07)
(cherry picked from commit b0be318)

…OTSUPP

So apparently there are two reasons why accept() can return EOPNOTSUPP:
because the socket is not a listening stream socket (or similar), or
because the incoming TCP connection for some reason wasn't acceptable to
the host. THe latter should be a transient error, as suggested on
accept(2). The former however should be considered fatal for
flush_accept(). Let's fix this by explicitly checking whether the socket
is a listening socket beforehand.

(cherry picked from commit f3d7536)
(cherry picked from commit 03cb255)

Fixes: systemd#12335
(cherry picked from commit 5b116c3)
(cherry picked from commit c098e30)

The main testsuite service timeouts sporadically when waiting for
other testsuite-* units. As the test timeout is handled by
the "test executor" (test.sh), let's disable it for the service.

This should (hopefully) fix the test flakiness.

(cherry picked from commit 772f15c)
(cherry picked from commit 007c257)

…dMount=

systemd#7153 (comment)

Apparently this is still confusing for people.

Longer-term, I think we should just make BindMount= automatically "upgrade"
(or "downgrade", depending on how you look at this), any InaccessiblePath=
mountpoints to "tmpfs". I don't see much point in forcing users to remember
this interaction. But let's at least document the status quo, we can always
update the docs if the code changes.

(cherry picked from commit db8d154)
(cherry picked from commit 9483eab)

In 856ad2a sd_bus_add_object_vtable() and
sd_bus_add_fallback_vtable() were changed to take an updated sd_bus_vtable[]
array with additional 'features' and 'names' fields in the union.

The commit tried to check whether the old or the new table format is used, by
looking at the vtable[0].x.start.element_size field, on the assumption that the
added fields caused the structure size to grow. Unfortunately, this assumption
was false, and on arm32 (at least), the structure size is unchanged.

In libsystemd we use symbol versioning and a major.minor.patch semantic
versioning of the library name (major equals the number in the so-name).  When
systemd-242 was released, the minor number was (correctly) bumped, but this is
not enough, because no new symbols were added or symbol versions changed. This
means that programs compiled with the new systemd headers and library could be
successfully linked to older versions of the library. For example rpm only
looks at the so-name and the list of versioned symbols, completely ignoring the
major.minor numbers in the library name. But the older library does not
understand the new vtable format, and would return -EINVAL after failing the
size check (on those architectures where the structure size did change, i.e.
all 64 bit architectures).

To force new libsystemd (with the functions that take the updated
sd_bus_vtable[] format) to be used, let's pull in a dummy symbol from the table
definition. This is a bit wasteful, because a dummy pointer has to be stored,
but the effect is negligible. In particular, the pointer doesn't even change
the size of the structure because if fits in an unused area in the union.

The number stored in the new unsigned integer is not checked anywhere. If the
symbol exists, we already know we have the new version of the library, so an
additional check would not tell us anything.

An alternative would be to make sd_bus_add_{object,fallback}_vtable() versioned
symbols, using .symver linker annotations. We would provide
sd_bus_add_{object,fallback}_vtable@LIBSYSTEMD_221 (for backwards
compatibility) and e.g. sd_bus_add_{object,fallback}_vtable@@LIBSYSTEMD_242
(the default) with the new implementation. This would work too, but is more
work. We would have to version at least those two functions. And it turns out
that the .symver linker instructions have to located in the same compilation
unit as the function being annotated. We first compile libsystemd.a, and then
link it into libsystemd.so and various other targets, including
libsystemd-shared.so, and the nss modules. If the .symver annotations were
placed next to the function definitions (in bus-object.c), they would influence
all targets that link libsystemd.a, and cause problems, because those functions
should not be exported there. To export them only in libsystemd.so, compilation
would have to be rearranged, so that the functions exported in libsystemd.so
would not be present in libsystemd.a, but a separate compilation unit containg
them and the .symver annotations would be linked solely into libsystemd.so.
This is certainly possible, but more work than the approach in this patch.

856ad2a has one more issue: it relies on the
undefined fields in sd_bus_vtable[] array to be zeros. But the structure
contains a union, and fields of the union do not have to be zero-initalized by
the compiler. This means that potentially, we could have garbarge values there,
for example when reading the old vtable format definition from the new function
implementation. In practice this should not be an issue at all, because vtable
definitions are static data and are placed in the ro-data section, which is
fully initalized, so we know that those undefined areas will be zero. Things
would be different if somebody defined the vtable array on the heap or on the
stack. Let's just document that they should zero-intialize the unused areas
in this case.

The symbol checking code had to be updated because otherwise gcc warns about a
cast from unsigned to a pointer.

(cherry picked from commit 8dd8a28)
(cherry picked from commit 77f7755)

Our travis CI still uses python3.5. I'm making this into a separate
commit to make it easy to revert later.

(cherry picked from commit 155dc16)
(cherry picked from commit cbfee3f)

…nitialized

The find function is externally provided, and we shouldn't trust that the
authors remember to set the output parameter in all cases.

(cherry picked from commit bf135d2)
(cherry picked from commit a36b0bf)

Fixes: systemd#12345
(cherry picked from commit 1fa3ba9)
(cherry picked from commit fbdf853)

Closes systemd#12098.

(cherry picked from commit 84ea567)
(cherry picked from commit 0f5caf8)

This fixes a bug introduced by f1368a3.

Fixes systemd#12377.

(cherry picked from commit a62b7bb)
(cherry picked from commit db466d8)

When systemd is started, it detects initrd by checking for that file
The usage of that file is not documented anywhere, so mention it early
in the most relevant man-page I could find.

(cherry picked from commit 6e9d246)
(cherry picked from commit 7a6d834)

When a uevent is received during the relevant interface is in
LINK_STATE_PENDING, then the interface may be initialized twice.
To prevent that, this introduces LINK_STATE_INITIALIZED.

(cherry picked from commit bd08ce5)
(cherry picked from commit bdbda56)

- bridge or bonding master takes a reference of slave links.
- drop link from bridge or bonding master's slave list when slave link
  is removed.
- change type of Link::slaves to Set*,

Fixes systemd#12315.

(cherry picked from commit 5f707e1)
(cherry picked from commit 6502abb)

Fixes systemd#12285.

(cherry picked from commit aeafd03)
(cherry picked from commit db2e367)

(cherry picked from commit 8f8dfb9)
(cherry picked from commit 582de10)

(cherry picked from commit 5238e95)
(cherry picked from commit 0a26de5)

sushell was a Fedoraism, and has been removed since. Hence our upstream
unit files shouldn't reference it either.

(cherry picked from commit 6dc14d7)
(cherry picked from commit 5240972)

This reverts commit d4b604b.

When realloc() is called, the extra memory between the originally
requested size and the end of malloc_usable_size() isn't copied. (at
least with the version of glibc that currently ships on Arch Linux)
As a result, some elements get lost and use uninitialized memory, most
commonly 0, and can lead to crashes.

fixes systemd#12384

(cherry picked from commit fcc72fd)
(cherry picked from commit 84bab91)

…comp

Since nspawn-settings.h includes seccomp.h, any file that includes
nspawn-settings.h should depend on libseccomp so the correct header path where
seccomp.h lives is added to the header search paths.

It's especially important for distros such as openSUSE where seccomp.h is not
shipped in /usr/include but /usr/include/libseccomp.

This patch is similar to 8238423.

(cherry picked from commit 9f3f596)
(cherry picked from commit f30f1ad)

When the .automount unit file already existed for any reason in the
`normal-dir` passed to `systemd-fstab-generator`, but the normal .mount unit
file did not, `f` was closed (but _not_ set to NULL). The call to
`generator_open_unit_file(..., automount_name, &f)` then failed because the
.mount unit file already existed. Now `f` did not point to an open FILE and the
later cleanup from the `_cleanup_fclose_` attribute failed with a double free.
Reset `f` to NULL before reusing it.

(cherry picked from commit 8a7033a)
(cherry picked from commit 29d355e)

Lookup of a non-existing user using getpwnam() is not considered
an error, thus the `errno` is not set appropriately, causing
unexpected fails on systems, where 'nobody' user doesn't exist by
default

(cherry picked from commit 6ab6683)
(cherry picked from commit fe9271a)

…els"

This reverts commit e09dba9.

It's reported that the same rules for Acer cause false match and
unexpected response from certain keys on an old PackardBell laptop.

Bug: systemd#12178
(cherry picked from commit 3429cc4)
(cherry picked from commit 460f037)

Packard Bell and Gateway are different marketing names from Acer.
The same scan code E0 86 is fired for the airplane mode toggle key.
It was verified in commit d8d5132.

Signed-off-by: Chris Chiu <chiu@endlessm.com>
(cherry picked from commit 82b941c)
(cherry picked from commit 77cbde3)

Fillup IFLA_INET6_ADDR_GEN_MODE while we do link_up.

Fixes the following error:
```
dummy-test: Could not bring up interface: Invalid argument
```

After reading the kernel code when we do a link up
```
net/core/rtnetlink.c
IFLA_AF_SPEC
 af_ops->set_link_af(dev, af);
  inet6_set_link_af
   if (tb[IFLA_INET6_ADDR_GEN_MODE])
             Here it looks for IFLA_INET6_ADDR_GEN_MODE
```
Since link up we didn't filling up that it's failing.

Closes systemd#12504.

(cherry picked from commit 4eb086a)
(cherry picked from commit 8fbc72f)

Before this commit, empty lines cannot break continuation.
The bug was introduced by 9adbfeb.

Closes systemd#12883.

(cherry picked from commit 0ef6958)
(cherry picked from commit 9aa1edd)

(cherry picked from commit 3d5d346)
(cherry picked from commit 572385e)