[systemd] Update to v234

author: Simon Rettberg 2018-08-31 09:50:01 +0200
committer: Your Name 2018-08-31 09:50:01 +0200
commit: bbd2be66727c5c07b6b29994f1fa73e7b5c60370 (patch)
tree: 53e1ea4b89dd8bb9908925c6cd70ddc378f0b139 /core/modules/systemd
parent: [dnbd3-proxy-mode] fix copies instead of links in dnbd3-proxy.target.requires (diff)
download: mltk-bbd2be66727c5c07b6b29994f1fa73e7b5c60370.tar.gz
mltk-bbd2be66727c5c07b6b29994f1fa73e7b5c60370.tar.xz
mltk-bbd2be66727c5c07b6b29994f1fa73e7b5c60370.zip
54 files changed, 547 insertions, 87 deletions
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/busnames.target b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target
new file mode 100644
index 00000000..5e866b40
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target
@@ -0,0 +1,10 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Bus Names
+Documentation=man:systemd.special(7)
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.login1.busname b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.login1.busname
new file mode 120000
index 00000000..9d1bd813
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.login1.busname
@@ -0,0 +1 @@
+../org.freedesktop.login1.busname
+\ No newline at end of file
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.machine1.busname b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.machine1.busname
new file mode 120000
index 00000000..068b1676
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.machine1.busname
@@ -0,0 +1 @@
+../org.freedesktop.machine1.busname
+\ No newline at end of file
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.network1.busname b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.network1.busname
new file mode 120000
index 00000000..13f4a8a7
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.network1.busname
@@ -0,0 +1 @@
+../org.freedesktop.network1.busname
+\ No newline at end of file
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.resolve1.busname b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.resolve1.busname
new file mode 120000
index 00000000..1ede82df
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.resolve1.busname
@@ -0,0 +1 @@
+../org.freedesktop.resolve1.busname
+\ No newline at end of file
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.systemd1.busname b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.systemd1.busname
new file mode 120000
index 00000000..bf976b87
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.systemd1.busname
@@ -0,0 +1 @@
+../org.freedesktop.systemd1.busname
+\ No newline at end of file
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/dbus-org.freedesktop.machine1.service b/core/modules/systemd/data/usr/lib/systemd/system/dbus-org.freedesktop.machine1.service
new file mode 120000
index 00000000..22692cce
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/dbus-org.freedesktop.machine1.service
@@ -0,0 +1 @@
+systemd-machined.service
+\ No newline at end of file
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/exit.target b/core/modules/systemd/data/usr/lib/systemd/system/exit.target
new file mode 100644
index 00000000..f5f953d1
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/exit.target
@@ -0,0 +1,17 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Exit the container
+Documentation=man:systemd.special(7)
+DefaultDependencies=no
+Requires=systemd-exit.service
+After=systemd-exit.service
+AllowIsolate=yes
+
+[Install]
+Alias=ctrl-alt-del.target
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/kmod-static-nodes.service b/core/modules/systemd/data/usr/lib/systemd/system/kmod-static-nodes.service
new file mode 100644
index 00000000..49c5d9bc
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/kmod-static-nodes.service
@@ -0,0 +1,18 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Create list of required static device nodes for the current kernel
+DefaultDependencies=no
+Before=sysinit.target systemd-tmpfiles-setup-dev.service
+ConditionCapability=CAP_SYS_MODULE
+ConditionFileNotEmpty=/lib/modules/%v/modules.devname
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/bin/kmod static-nodes --format=tmpfiles --output=/run/tmpfiles.d/kmod.conf
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/machine.slice b/core/modules/systemd/data/usr/lib/systemd/system/machine.slice
new file mode 100644
index 00000000..3d40dfd7
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/machine.slice
@@ -0,0 +1,11 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Virtual Machine and Container Slice
+Documentation=man:systemd.special(7)
+Before=slices.target
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/machines.target b/core/modules/systemd/data/usr/lib/systemd/system/machines.target
new file mode 100644
index 00000000..99618a19
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/machines.target
@@ -0,0 +1,17 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Containers
+Documentation=man:systemd.special(7)
+Requires=basic.target
+Conflicts=rescue.service rescue.target
+After=basic.target rescue.service rescue.target
+Before=multi-user.target
+
+[Install]
+WantedBy=multi-user.target
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/machines.target.wants/var-lib-machines.mount b/core/modules/systemd/data/usr/lib/systemd/system/machines.target.wants/var-lib-machines.mount
new file mode 120000
index 00000000..94338197
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/machines.target.wants/var-lib-machines.mount
@@ -0,0 +1 @@
+../var-lib-machines.mount
+\ No newline at end of file
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/network-pre.target b/core/modules/systemd/data/usr/lib/systemd/system/network-pre.target
new file mode 100644
index 00000000..0d54a4cf
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/network-pre.target
@@ -0,0 +1,12 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Network (Pre)
+Documentation=man:systemd.special(7)
+Documentation=https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget
+RefuseManualStart=yes
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.login1.busname b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.login1.busname
new file mode 100644
index 00000000..b169720f
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.login1.busname
@@ -0,0 +1,16 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Login Service Bus Name
+Documentation=man:systemd-logind.service(8) man:logind.conf(5)
+Documentation=https://www.freedesktop.org/wiki/Software/systemd/logind
+Documentation=https://www.freedesktop.org/wiki/Software/systemd/multiseat
+
+[BusName]
+Service=systemd-logind.service
+AllowWorld=talk
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.machine1.busname b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.machine1.busname
new file mode 100644
index 00000000..a1f01547
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.machine1.busname
@@ -0,0 +1,15 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Virtual Machine and Container Registration Service Bus Name
+Documentation=man:systemd-machined.service(8)
+Documentation=https://www.freedesktop.org/wiki/Software/systemd/machined
+
+[BusName]
+Service=systemd-machined.service
+AllowWorld=talk
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.network1.busname b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.network1.busname
new file mode 100644
index 00000000..3a0e1189
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.network1.busname
@@ -0,0 +1,20 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Network Service Bus Name
+Documentation=man:systemd-networkd.service(8)
+
+# This is pulled in by systemd-networkd.service, since it cannot run
+# without its policy set. However, let's conditionalize this unit on
+# non-kdbus system.
+ConditionPathExists=/sys/fs/kdbus/0-system/
+
+[BusName]
+Service=systemd-networkd.service
+AllowWorld=talk
+AllowUser=systemd-network own
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.resolve1.busname b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.resolve1.busname
new file mode 100644
index 00000000..28c8f970
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.resolve1.busname
@@ -0,0 +1,21 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Network Name Resolution Service Bus Name
+Documentation=man:systemd-resolved.service(8)
+Documentation=https://www.freedesktop.org/wiki/Software/systemd/resolved
+
+# This is pulled in by systemd-resolved.service, since it cannot run
+# without its policy set. However, let's conditionalize this unit on
+# non-kdbus system.
+ConditionPathExists=/sys/fs/kdbus/0-system/
+
+[BusName]
+Service=systemd-resolved.service
+AllowWorld=talk
+AllowUser=systemd-resolve own
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.systemd1.busname b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.systemd1.busname
new file mode 100644
index 00000000..f9f41cba
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.systemd1.busname
@@ -0,0 +1,15 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=System and Service Manager Bus Name
+Documentation=man:systemd(1)
+Documentation=https://www.freedesktop.org/wiki/Software/systemd
+
+[BusName]
+Activating=no
+AllowWorld=talk
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/remote-fs-pre.target b/core/modules/systemd/data/usr/lib/systemd/system/remote-fs-pre.target
new file mode 100644
index 00000000..36a196cf
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/remote-fs-pre.target
@@ -0,0 +1,11 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Remote File Systems (Pre)
+Documentation=man:systemd.special(7)
+RefuseManualStart=yes
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/remote-fs.target.wants/var-lib-machines.mount b/core/modules/systemd/data/usr/lib/systemd/system/remote-fs.target.wants/var-lib-machines.mount
new file mode 120000
index 00000000..94338197
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/remote-fs.target.wants/var-lib-machines.mount
@@ -0,0 +1 @@
+../var-lib-machines.mount
+\ No newline at end of file
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/slices.target b/core/modules/systemd/data/usr/lib/systemd/system/slices.target
new file mode 100644
index 00000000..a29310c0
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/slices.target
@@ -0,0 +1,12 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Slices
+Documentation=man:systemd.special(7)
+Wants=-.slice system.slice
+After=-.slice system.slice
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/syslog.socket b/core/modules/systemd/data/usr/lib/systemd/system/syslog.socket
index e6e9cf85..d3987cb9 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/syslog.socket
+++ b/core/modules/systemd/data/usr/lib/systemd/system/syslog.socket
@@ -8,7 +8,7 @@
 [Unit]
 Description=Syslog Socket
 Documentation=man:systemd.special(7)
-Documentation=http://www.freedesktop.org/wiki/Software/systemd/syslog
+Documentation=https://www.freedesktop.org/wiki/Software/systemd/syslog
 DefaultDependencies=no
 Before=sockets.target shutdown.target
 
@@ -37,4 +37,4 @@ ReceiveBuffer=8M
 # [Install]
 # Alias=syslog.service
 #
-# See http://www.freedesktop.org/wiki/Software/systemd/syslog for details.
+# See https://www.freedesktop.org/wiki/Software/systemd/syslog for details.
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/system-update.target b/core/modules/systemd/data/usr/lib/systemd/system/system-update.target
index b6008c8f..35428797 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/system-update.target
+++ b/core/modules/systemd/data/usr/lib/systemd/system/system-update.target
@@ -6,11 +6,12 @@
 #  (at your option) any later version.
 
 [Unit]
-Description=System Update
-Documentation=http://freedesktop.org/wiki/Software/systemd/SystemUpdates
+Description=Offline System Update
+Documentation=man:systemd.offline-updates(7)
 Documentation=man:systemd.special(7) man:systemd-system-update-generator(8)
 Requires=sysinit.target
-Conflicts=shutdown.target 
+Conflicts=shutdown.target
 After=sysinit.target
 Before=shutdown.target
 AllowIsolate=yes
+Wants=system-update-cleanup.service
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/system.slice b/core/modules/systemd/data/usr/lib/systemd/system/system.slice
new file mode 100644
index 00000000..841f049b
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/system.slice
@@ -0,0 +1,14 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=System Slice
+Documentation=man:systemd.special(7)
+DefaultDependencies=no
+Before=slices.target
+Requires=-.slice
+After=-.slice
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-binfmt.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-binfmt.service
index 897cf4e5..b47d89af 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-binfmt.service
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-binfmt.service
@@ -11,7 +11,7 @@ Documentation=man:systemd-binfmt.service(8) man:binfmt.d(5)
 Documentation=https://www.kernel.org/doc/Documentation/binfmt_misc.txt
 DefaultDependencies=no
 Conflicts=shutdown.target
-After= proc-sys-fs-binfmt_misc.automount
+After=proc-sys-fs-binfmt_misc.automount
 Before=sysinit.target shutdown.target
 ConditionPathIsReadWrite=/proc/sys/
 ConditionDirectoryNotEmpty=|/lib/binfmt.d
@@ -24,3 +24,4 @@ ConditionDirectoryNotEmpty=|/run/binfmt.d
 Type=oneshot
 RemainAfterExit=yes
 ExecStart=/usr/lib/systemd/systemd-binfmt
+TimeoutSec=90s
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-exit.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-exit.service
new file mode 100644
index 00000000..22bb6fbe
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-exit.service
@@ -0,0 +1,17 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Exit the Session
+Documentation=man:systemd.special(7)
+DefaultDependencies=no
+Requires=shutdown.target
+After=shutdown.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/systemctl --force exit
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-shutdownd.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-initctl.service
index 38c663de..7a600a62 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-shutdownd.service
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-initctl.service
@@ -6,10 +6,11 @@
 #  (at your option) any later version.
 
 [Unit]
-Description=Delayed Shutdown Service
-Documentation=man:systemd-shutdownd.service(8)
+Description=/dev/initctl Compatibility Daemon
+Documentation=man:systemd-initctl.service(8)
 DefaultDependencies=no
 
 [Service]
-ExecStart=/usr/lib/systemd/systemd-shutdownd
 NotifyAccess=all
+ExecStart=/usr/lib/systemd/systemd-initctl
+SystemCallArchitectures=native
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-shutdownd.socket b/core/modules/systemd/data/usr/lib/systemd/system/systemd-initctl.socket
index 9421ce8a..f628c2e8 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-shutdownd.socket
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-initctl.socket
@@ -6,13 +6,12 @@
 #  (at your option) any later version.
 
 [Unit]
-Description=Delayed Shutdown Socket
-Documentation=man:systemd-shutdownd.service(8)
+Description=/dev/initctl Compatibility Named Pipe
+Documentation=man:systemd-initctl.service(8)
 DefaultDependencies=no
 Before=sockets.target
 
 [Socket]
-ListenDatagram=/run/systemd/shutdownd
+ListenFIFO=/run/systemd/initctl/fifo
+Symlinks=/dev/initctl
 SocketMode=0600
-PassCredentials=yes
-PassSecurity=yes
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.service
index 77b4bfe9..38ee6d44 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.service
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.service
@@ -10,17 +10,28 @@ Description=Journal Service
 Documentation=man:systemd-journald.service(8) man:journald.conf(5)
 DefaultDependencies=no
 Requires=systemd-journald.socket
-After=systemd-journald.socket syslog.socket
+After=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-audit.socket syslog.socket
 Before=sysinit.target
 
 [Service]
+Type=notify
+Sockets=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-audit.socket
 ExecStart=/usr/lib/systemd/systemd-journald
 Restart=always
 RestartSec=0
-NotifyAccess=all
 StandardOutput=null
-CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID
+WatchdogSec=3min
+FileDescriptorStoreMax=1024
+CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE
+MemoryDenyWriteExecute=yes
+RestrictRealtime=yes
+RestrictNamespaces=yes
+RestrictAddressFamilies=AF_UNIX AF_NETLINK
+SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @swap
+SystemCallArchitectures=native
 
 # Increase the default a bit in order to allow many simultaneous
-# services being run since we keep one fd open per service.
+# services being run since we keep one fd open per service. Also, when
+# flushing journal files to disk, we might need a lot of fds when many
+# journal files are combined.
 LimitNOFILE=16384
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.socket b/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.socket
index 4f0619d2..71737014 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.socket
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.socket
@@ -12,15 +12,15 @@ DefaultDependencies=no
 Before=sockets.target
 
 # Mount and swap units need this. If this socket unit is removed by an
-# isolate request the mount and and swap units would be removed too,
+# isolate request the mount and swap units would be removed too,
 # hence let's exclude this from isolate requests.
 IgnoreOnIsolate=yes
 
 [Socket]
 ListenStream=/run/systemd/journal/stdout
 ListenDatagram=/run/systemd/journal/socket
-ListenDatagram=/dev/log
 SocketMode=0666
 PassCredentials=yes
 PassSecurity=yes
 ReceiveBuffer=8M
+Service=systemd-journald.service
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-logind.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-logind.service
index 71971e44..1cd60b9c 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-logind.service
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-logind.service
@@ -8,15 +8,30 @@
 [Unit]
 Description=Login Service
 Documentation=man:systemd-logind.service(8) man:logind.conf(5)
-Documentation=http://www.freedesktop.org/wiki/Software/systemd/multiseat
-After= 
+Documentation=https://www.freedesktop.org/wiki/Software/systemd/logind
+Documentation=https://www.freedesktop.org/wiki/Software/systemd/multiseat
+Wants=user.slice
+After=nss-user-lookup.target user.slice
+
+# Ask for the dbus socket. If running over kdbus, the socket will
+# not be actually used.
+Wants=dbus.socket
+After=dbus.socket
 
 [Service]
 ExecStart=/usr/lib/systemd/systemd-logind
 Restart=always
 RestartSec=0
 BusName=org.freedesktop.login1
-CapabilityBoundingSet=CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG
+WatchdogSec=3min
+CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG
+MemoryDenyWriteExecute=yes
+RestrictRealtime=yes
+RestrictNamespaces=yes
+RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
+SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @obsolete @raw-io @reboot @swap
+SystemCallArchitectures=native
+FileDescriptorStoreMax=512
 
 # Increase the default a bit in order to allow many simultaneous
 # logins since we keep one fd open per session.
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-machine-id-commit.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-machine-id-commit.service
new file mode 100644
index 00000000..58e7239b
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-machine-id-commit.service
@@ -0,0 +1,22 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Commit a transient machine-id on disk
+Documentation=man:systemd-machine-id-commit.service(8)
+DefaultDependencies=no
+Conflicts=shutdown.target
+Before=sysinit.target shutdown.target
+After=local-fs.target
+ConditionPathIsReadWrite=/etc
+ConditionPathIsMountPoint=/etc/machine-id
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/bin/systemd-machine-id-setup --commit
+TimeoutSec=30s
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-machined.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-machined.service
new file mode 100644
index 00000000..ea30d064
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-machined.service
@@ -0,0 +1,29 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Virtual Machine and Container Registration Service
+Documentation=man:systemd-machined.service(8)
+Documentation=https://www.freedesktop.org/wiki/Software/systemd/machined
+Wants=machine.slice
+After=machine.slice
+RequiresMountsFor=/var/lib/machines
+
+[Service]
+ExecStart=/usr/lib/systemd/systemd-machined
+BusName=org.freedesktop.machine1
+WatchdogSec=3min
+CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD
+MemoryDenyWriteExecute=yes
+RestrictRealtime=yes
+RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
+SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @obsolete @raw-io @reboot @swap
+SystemCallArchitectures=native
+
+# Note that machined cannot be placed in a mount namespace, since it
+# needs access to the host's mount namespace in order to implement the
+# "machinectl bind" operation.
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-nspawn@.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-nspawn@.service
index f9f9aa65..d0dfe700 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-nspawn@.service
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-nspawn@.service
@@ -8,11 +8,30 @@
 [Unit]
 Description=Container %i
 Documentation=man:systemd-nspawn(1)
+PartOf=machines.target
+Before=machines.target
+After=network.target systemd-resolved.service
+RequiresMountsFor=/var/lib/machines
 
 [Service]
-ExecStart=/usr/bin/systemd-nspawn -bjD /var/lib/container/%i
-ControlGroup=%R/machine/%i.nspawn cpu:/
+ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth -U --settings=override --machine=%i
+KillMode=mixed
 Type=notify
+RestartForceExitStatus=133
+SuccessExitStatus=133
+Slice=machine.slice
+Delegate=yes
+TasksMax=16384
+
+DevicePolicy=closed
+DeviceAllow=/dev/net/tun rwm
+DeviceAllow=char-pts rw
+
+# nspawn itself needs access to /dev/loop-control and /dev/loop, to
+# implement the --image= option. Add these here, too.
+DeviceAllow=/dev/loop-control rw
+DeviceAllow=block-loop rw
+DeviceAllow=block-blkext rw
 
 [Install]
-Also=multi-user.target
+WantedBy=machines.target
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-poweroff.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-poweroff.service
index eede0eab..4749129d 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-poweroff.service
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-poweroff.service
@@ -9,8 +9,8 @@
 Description=Power-Off
 Documentation=man:systemd-halt.service(8)
 DefaultDependencies=no
-Requires=shutdown.target final.target
-After=shutdown.target final.target
+Requires=shutdown.target umount.target final.target
+After=shutdown.target umount.target final.target
 
 [Service]
 Type=oneshot
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-remount-fs.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-remount-fs.service
new file mode 100644
index 00000000..98222c6a
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-remount-fs.service
@@ -0,0 +1,22 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Remount Root and Kernel File Systems
+Documentation=man:systemd-remount-fs.service(8)
+Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
+DefaultDependencies=no
+Conflicts=shutdown.target
+After=systemd-fsck-root.service
+Before=local-fs-pre.target local-fs.target shutdown.target
+Wants=local-fs-pre.target
+ConditionPathExists=/etc/fstab
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/lib/systemd/systemd-remount-fs
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-sysusers.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-sysusers.service
new file mode 100644
index 00000000..1802b313
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-sysusers.service
@@ -0,0 +1,21 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Create System Users
+Documentation=man:sysusers.d(5) man:systemd-sysusers.service(8)
+DefaultDependencies=no
+Conflicts=shutdown.target
+After=systemd-remount-fs.service
+Before=sysinit.target shutdown.target systemd-update-done.service
+ConditionNeedsUpdate=/etc
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/bin/systemd-sysusers
+TimeoutSec=90s
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service
index da1ee1f8..761a4fc9 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service
@@ -6,12 +6,15 @@
 #  (at your option) any later version.
 
 [Unit]
-Description=Create static device nodes in /dev
+Description=Create Static Device Nodes in /dev
 Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8)
 DefaultDependencies=no
-Before=sysinit.target systemd-udevd.service
-ConditionCapability=CAP_MKNOD
+Conflicts=shutdown.target
+After=systemd-sysusers.service
+Before=sysinit.target local-fs-pre.target systemd-udevd.service shutdown.target
+ConditionCapability=CAP_SYS_MODULE
 
 [Service]
 Type=oneshot
-ExecStart=/usr/bin/systemd-tmpfiles --prefix=/dev --create
+RemainAfterExit=yes
+ExecStart=/usr/bin/systemd-tmpfiles --prefix=/dev --create --boot
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup.service
index 157a7451..fce1c42f 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup.service
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup.service
@@ -6,18 +6,15 @@
 #  (at your option) any later version.
 
 [Unit]
-Description=Recreate Volatile Files and Directories
+Description=Create Volatile Files and Directories
 Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8)
 DefaultDependencies=no
-Wants= 
-After= 
+Conflicts=shutdown.target
+After=local-fs.target systemd-sysusers.service
 Before=sysinit.target shutdown.target
-ConditionDirectoryNotEmpty=|/usr/lib/tmpfiles.d
-ConditionDirectoryNotEmpty=|/usr/local/lib/tmpfiles.d
-ConditionDirectoryNotEmpty=|/etc/tmpfiles.d
-ConditionDirectoryNotEmpty=|/run/tmpfiles.d
+RefuseManualStop=yes
 
 [Service]
 Type=oneshot
 RemainAfterExit=yes
-ExecStart=/usr/bin/systemd-tmpfiles --create --remove
+ExecStart=/usr/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-settle.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-settle.service
index 146c6499..20a89228 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-settle.service
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-settle.service
@@ -16,16 +16,10 @@ DefaultDependencies=no
 Wants=systemd-udevd.service
 After=systemd-udev-trigger.service
 Before=sysinit.target
-ConditionCapability=CAP_MKNOD
+ConditionPathIsReadWrite=/sys
 
 [Service]
 Type=oneshot
 TimeoutSec=180
 RemainAfterExit=yes
-# Don't ask...
-ExecStart=/opt/openslx/bin/usleep 100000
-ExecStart=/usr/bin/udevadm settle --timeout=3
-ExecStart=/opt/openslx/bin/usleep 20000
-ExecStart=/usr/bin/udevadm settle --timeout=3
-ExecStart=/opt/openslx/bin/usleep 20000
-ExecStart=/usr/bin/udevadm settle --timeout=3
+ExecStart=/usr/bin/udevadm settle
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-trigger.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-trigger.service
index 6b19c75d..fbc52694 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-trigger.service
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-trigger.service
@@ -9,10 +9,10 @@
 Description=udev Coldplug all Devices
 Documentation=man:udev(7) man:systemd-udevd.service(8)
 DefaultDependencies=no
-Wants=systemd-udevd.service systemd-udev-settle.service
-After=systemd-udevd-kernel.socket systemd-udevd-control.socket
-Before=sysinit.target systemd-udev-settle.service
-ConditionCapability=CAP_MKNOD
+Wants=systemd-udevd.service
+After=systemd-udevd-kernel.socket systemd-udevd-control.socket systemd-hwdb-update.service
+Before=sysinit.target
+ConditionPathIsReadWrite=/sys
 
 [Service]
 Type=oneshot
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd-control.socket b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd-control.socket
index ca17102d..46f704ed 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd-control.socket
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd-control.socket
@@ -10,10 +10,11 @@ Description=udev Control Socket
 Documentation=man:systemd-udevd.service(8) man:udev(7)
 DefaultDependencies=no
 Before=sockets.target
-ConditionCapability=CAP_MKNOD
+ConditionPathIsReadWrite=/sys
 
 [Socket]
 Service=systemd-udevd.service
 ListenSequentialPacket=/run/udev/control
 SocketMode=0600
 PassCredentials=yes
+RemoveOnStop=yes
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd.service
index 2c33ce53..17534c34 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd.service
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd.service
@@ -10,9 +10,9 @@ Description=udev Kernel Device Manager
 Documentation=man:systemd-udevd.service(8) man:udev(7)
 DefaultDependencies=no
 Wants=systemd-udevd-control.socket systemd-udevd-kernel.socket
-After=systemd-udevd-control.socket systemd-udevd-kernel.socket
-Before=sysinit.target 
-ConditionCapability=CAP_MKNOD
+After=systemd-udevd-control.socket systemd-udevd-kernel.socket systemd-sysusers.service
+Before=sysinit.target
+ConditionPathIsReadWrite=/sys
 
 [Service]
 Type=notify
@@ -21,3 +21,11 @@ Sockets=systemd-udevd-control.socket systemd-udevd-kernel.socket
 Restart=always
 RestartSec=0
 ExecStart=/usr/lib/systemd/systemd-udevd
+KillMode=mixed
+WatchdogSec=3min
+TasksMax=infinity
+MountFlags=slave
+MemoryDenyWriteExecute=yes
+RestrictRealtime=yes
+RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
+SystemCallArchitectures=native
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp-runlevel.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp-runlevel.service
new file mode 100644
index 00000000..511f6679
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp-runlevel.service
@@ -0,0 +1,21 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Update UTMP about System Runlevel Changes
+Documentation=man:systemd-update-utmp.service(8) man:utmp(5)
+DefaultDependencies=no
+RequiresMountsFor=/var/log/wtmp
+Conflicts=shutdown.target
+Requisite=systemd-update-utmp.service
+After=systemd-update-utmp.service
+After=runlevel1.target runlevel2.target runlevel3.target runlevel4.target runlevel5.target
+Before=shutdown.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/lib/systemd/systemd-update-utmp runlevel
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp.service
new file mode 100644
index 00000000..b3651c64
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp.service
@@ -0,0 +1,21 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Update UTMP about System Boot/Shutdown
+Documentation=man:systemd-update-utmp.service(8) man:utmp(5)
+DefaultDependencies=no
+RequiresMountsFor=/var/log/wtmp
+Conflicts=shutdown.target
+After=systemd-remount-fs.service systemd-tmpfiles-setup.service auditd.service
+Before=sysinit.target shutdown.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/lib/systemd/systemd-update-utmp reboot
+ExecStop=/usr/lib/systemd/systemd-update-utmp shutdown
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-volatile-root.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-volatile-root.service
new file mode 100644
index 00000000..e7997791
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-volatile-root.service
@@ -0,0 +1,21 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Enforce Volatile Root File Systems
+Documentation=man:systemd-volatile-root.service(8)
+DefaultDependencies=no
+Conflicts=shutdown.target
+After=sysroot.mount
+Before=initrd-root-fs.target shutdown.target
+Conflicts=shutdown.target
+AssertPathExists=/etc/initrd-release
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/lib/systemd/systemd-volatile-root yes /sysroot
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/time-sync.target b/core/modules/systemd/data/usr/lib/systemd/system/time-sync.target
index 54078069..debee741 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/time-sync.target
+++ b/core/modules/systemd/data/usr/lib/systemd/system/time-sync.target
@@ -5,9 +5,6 @@
 #  the Free Software Foundation; either version 2.1 of the License, or
 #  (at your option) any later version.
 
-# This exists mostly for compatibility with SysV/LSB units, and
-# implementations lacking socket/bus activation.
-
 [Unit]
 Description=System Time Synchronized
 Documentation=man:systemd.special(7)
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/timers.target.wants/systemd-tmpfiles-clean.timer b/core/modules/systemd/data/usr/lib/systemd/system/timers.target.wants/systemd-tmpfiles-clean.timer
new file mode 120000
index 00000000..ea23a64d
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/timers.target.wants/systemd-tmpfiles-clean.timer
@@ -0,0 +1 @@
+../systemd-tmpfiles-clean.timer
+\ No newline at end of file
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/user.slice b/core/modules/systemd/data/usr/lib/systemd/system/user.slice
new file mode 100644
index 00000000..9fa6284c
--- /dev/null
+++ b/core/modules/systemd/data/usr/lib/systemd/system/user.slice
@@ -0,0 +1,11 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=User and Session Slice
+Documentation=man:systemd.special(7)
+Before=slices.target
diff --git a/core/modules/systemd/data/usr/lib/systemd/system/user@.service b/core/modules/systemd/data/usr/lib/systemd/system/user@.service
index 876c28c9..9966ae33 100644
--- a/core/modules/systemd/data/usr/lib/systemd/system/user@.service
+++ b/core/modules/systemd/data/usr/lib/systemd/system/user@.service
@@ -6,18 +6,16 @@
 #  (at your option) any later version.
 
 [Unit]
-Description=User Manager for %u
+Description=User Manager for UID %i
 After=systemd-user-sessions.service
 
 [Service]
-User=%I
-PAMName=systemd-shared
-# in order to allow MEM_CG features to work, add "memory:/" here
-ControlGroup=%R/user/%U.user/shared cpu:/
-ControlGroupModify=yes
+User=%i
+PAMName=systemd-user
 Type=notify
 ExecStart=-/usr/lib/systemd/systemd --user
-Environment=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/%U/dbus/user_bus_socket
-
-[Install]
-Alias=user@%i.service
+Slice=user-%i.slice
+KillMode=mixed
+Delegate=yes
+TasksMax=infinity
+TimeoutStopSec=120s
diff --git a/core/modules/systemd/module.build b/core/modules/systemd/module.build
index f433a7bd..5d634f0e 100644
--- a/core/modules/systemd/module.build
+++ b/core/modules/systemd/module.build
@@ -11,11 +11,11 @@ fetch_source () {
 	if [ "x$REQUIRED_XATTR_PATCH" = "xyes" ]; then
 		pinfo "Patching 'src/core/socket.c' ..."
 		# patch it
-		if [ -e "src/$REQUIRED_VERSION/src/core/socket.c" ]; then
-			sed -i 's/^#include <attr\/xattr.h>$/#include <sys\/xattr.h>\n#include <attr\/xattr.h>/g' "src/$REQUIRED_VERSION/src/core/socket.c" \
-				|| perror "Could not patch 'src/$REQUIRED_VERSION/src/core/socket.c'"
+		if [ -e "src/systemd-$REQUIRED_VERSION/src/core/socket.c" ]; then
+			sed -i 's/^#include <attr\/xattr.h>$/#include <sys\/xattr.h>\n#include <attr\/xattr.h>/g' "src/systemd-$REQUIRED_VERSION/src/core/socket.c" \
+				|| perror "Could not patch 'src/systemd-$REQUIRED_VERSION/src/core/socket.c'"
 		else
-			perror "'src/$REQUIRED_VERSION/src/core/socket.c' does not exist."
+			perror "'src/systemd-$REQUIRED_VERSION/src/core/socket.c' does not exist."
 		fi
 	fi
 	# now check if the old fix needs to be applied
@@ -51,11 +51,11 @@ fetch_source () {
 			fi
 		fi
 
-	elif  [ "x${REQUIRED_VERSION#systemd-}" = "x229" ]; then
-		patch -p0 src/systemd-*/src/basic/path-util.h < ${MODULE_DIR}/systemd-openslx-229.patch || perror "Failed to apply openslx systemd patch."
+	elif  [ -e "${MODULE_DIR}/systemd-openslx-${REQUIRED_VERSION#systemd-}.patch" ]; then
+		patch -p0 src/systemd-*/src/basic/path-util.h < "${MODULE_DIR}/systemd-openslx-${REQUIRED_VERSION#systemd-}.patch" || perror "Failed to apply openslx systemd patch."
 	else
 		# TODO use the above hint for setting environmenet through /etc/systemd/system.conf
-		pinfo "Missing..."
+		pwarning "OpenSLX patch for systemd missing..."
 	fi
 
 	# libkmod
@@ -73,8 +73,8 @@ build () {
 
 	#build systemd
 	pinfo "Building systemd"
-	cd "${MODULE_WORK_DIR}/src/$REQUIRED_VERSION"
-	pinfo "calling configure in ${MODULE_WORK_DIR}/src/$REQUIRED_VERSION"
+	cd "${MODULE_WORK_DIR}/src/systemd-$REQUIRED_VERSION"
+	pinfo "calling configure in ${MODULE_WORK_DIR}/src/systemd-$REQUIRED_VERSION"
 
 	# Save potentially pre-used paths/flages
 	OLDLDFLAGS="$LDFLAGS"
@@ -103,6 +103,16 @@ build () {
 		--disable-localed \
 		--disable-coredump \
 		--disable-keymap \
+		--disable-hwdb \
+		--disable-ldconfig \
+		--disable-networkd \
+		--disable-resolved \
+		--disable-timesyncd \
+		--disable-importd \
+		--disable-rfkill \
+		--disable-backlight \
+		--disable-firstboot \
+		--disable-nss-systemd \
 		--without-python \
 		--enable-blkid \
 		--enable-acl \
@@ -116,6 +126,9 @@ build () {
 	pinfo "calling make install"
 	DESTDIR="${MODULE_BUILD_DIR}" make install || perror "make install failed."
 	cd - &> /dev/null
+	# Nonsense in our env
+	rm -f -- "${MODULE_BUILD_DIR}/usr/lib/tmpfiles.d/etc.conf"
+	rm -f -- "${MODULE_BUILD_DIR}/usr/lib/tmpfiles.d/systemd-remote.conf"
 
 	# Restore used flags/paths:
 	export LDFLAGS="$OLDLDFLAGS"
@@ -125,6 +138,7 @@ build () {
 }
 
 post_copy() {
-	:
+	add_user "kvm"
+	add_user "systemd-journal-upload"
 }
 
diff --git a/core/modules/systemd/module.conf b/core/modules/systemd/module.conf
index d0194c9b..4ee773b9 100644
--- a/core/modules/systemd/module.conf
+++ b/core/modules/systemd/module.conf
@@ -1,7 +1,7 @@
 #!/bin/bash
-REQUIRED_VERSION="systemd-204"
-REQUIRED_URL="http://www.freedesktop.org/software/systemd/${REQUIRED_VERSION}.tar.xz"
-REQUIRED_LIBKMOD_VERSION="kmod-14"
+REQUIRED_VERSION="234"
+REQUIRED_URL="https://github.com/systemd/systemd/archive/v${REQUIRED_VERSION}.tar.gz"
+REQUIRED_LIBKMOD_VERSION="kmod-15"
 REQUIRED_LIBKMOD_URL="http://www.kernel.org/pub/linux/utils/kernel/kmod/${REQUIRED_LIBKMOD_VERSION}.tar.gz"
 REQUIRED_BINARIES="
 	journalctl
@@ -31,16 +31,12 @@ REQUIRED_BINARIES="
 	systemd-journald
 	systemd-logind
 	systemd-modules-load
-	systemd-multi-seat-x
 	systemd-random-seed
-	systemd-readahead
 	systemd-remount-fs
 	systemd-reply-password
 	systemd-shutdown
-	systemd-shutdownd
 	systemd-sleep
 	systemd-sysctl
-	systemd-timestamp
 	systemd-udevd
 	systemd-update-utmp
 	systemd-user-sessions
@@ -49,7 +45,6 @@ REQUIRED_BINARIES="
 	systemd-getty-generator
 	systemd-rc-local-generator
 	systemd-system-update-generator
-	accelerometer
 	ata_id
 	cdrom_id
 	collect
@@ -64,4 +59,5 @@ REQUIRED_DIRECTORIES="
 	/usr/share/polkit-1
 	/usr/lib/udev
 	/usr/lib/tmpfiles.d
+	/usr/lib/systemd/user
 "
diff --git a/core/modules/systemd/module.conf.ubuntu b/core/modules/systemd/module.conf.ubuntu
index 09233f45..f742bb03 100644
--- a/core/modules/systemd/module.conf.ubuntu
+++ b/core/modules/systemd/module.conf.ubuntu
@@ -9,4 +9,5 @@ REQUIRED_INSTALLED_PACKAGES="
 			libblkid-dev
 			libacl1-dev
 			libpam-dev
+			libmount-dev
 "
diff --git a/core/modules/systemd/systemd-openslx-234.patch b/core/modules/systemd/systemd-openslx-234.patch
new file mode 120000
index 00000000..68290ecb
--- /dev/null
+++ b/core/modules/systemd/systemd-openslx-234.patch
@@ -0,0 +1 @@
+systemd-openslx-229.patch
+\ No newline at end of file
author	Simon Rettberg	2018-08-31 09:50:01 +0200
committer	Your Name	2018-08-31 09:50:01 +0200
commit	bbd2be66727c5c07b6b29994f1fa73e7b5c60370 (patch)
tree	53e1ea4b89dd8bb9908925c6cd70ddc378f0b139 /core/modules/systemd
parent	[dnbd3-proxy-mode] fix copies instead of links in dnbd3-proxy.target.requires (diff)
download	mltk-bbd2be66727c5c07b6b29994f1fa73e7b5c60370.tar.gz mltk-bbd2be66727c5c07b6b29994f1fa73e7b5c60370.tar.xz mltk-bbd2be66727c5c07b6b29994f1fa73e7b5c60370.zip