Prep v226: Sync build files with upstream

7 files changed, 218 insertions, 72 deletions

diff --git a/.gitignore b/.gitignore
index 197100349..c54f556eb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -290,3 +290,4 @@ stamp-*
 /src/libelogind/libelogind.pc
 /elogind-inhibit
 /check_tree.sh
+/get_build_file_diff.sh
diff --git a/CODING_STYLE b/CODING_STYLE
index a96ddd359..f13f9becb 100644
--- a/CODING_STYLE
+++ b/CODING_STYLE
@@ -295,25 +295,15 @@
   EXIT_FAILURE and EXIT_SUCCESS as defined by libc.
 
 - The order in which header files are included doesn't matter too
-  much. However, please try to include the headers of external
-  libraries first (these are all headers enclosed in <>), followed by
-  the headers of our own public headers (these are all headers
-  starting with "sd-"), internal utility libraries from src/shared/,
-  followed by the headers of the specific component. Or in other
-  words:
-
-          #include <stdio.h>
-          #include "sd-daemon.h"
-          #include "util.h"
-          #include "frobnicator.h"
-
-  Where stdio.h is a public glibc API, sd-daemon.h is a public API of
-  our own, util.h is a utility library header from src/shared, and
-  frobnicator.h is an placeholder name for any systemd component. The
-  benefit of following this ordering is that more local definitions
-  are always defined after more global ones. Thus, our local
-  definitions will never "leak" into the global header files, possibly
-  altering their effect due to #ifdeffery.
+  much. systemd-internal headers must not rely on an include order, so
+  it is safe to include them in any order possible.
+  However, to not clutter global includes, and to make sure internal
+  definitions will not affect global headers, please always include the
+  headers of external components first (these are all headers enclosed
+  in <>), followed by our own exported headers (usually everything
+  that's prefixed by "sd-"), and then followed by internal headers.
+  Furthermore, in all three groups, order all includes alphabetically
+  so duplicate includes can easily be detected.
 
 - To implement an endless loop, use "for (;;)" rather than "while
   (1)". The latter is a bit ugly anyway, since you probably really
diff --git a/Makefile.am b/Makefile.am
index 741804814..8992f4a69 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -38,9 +38,9 @@ SUBDIRS = . po
 # Keep the test-suite.log
 .PRECIOUS: $(TEST_SUITE_LOG) Makefile
 
-LIBELOGIND_CURRENT=10
-LIBELOGIND_REVISION=2
-LIBELOGIND_AGE=10
+LIBELOGIND_CURRENT=11
+LIBELOGIND_REVISION=0
+LIBELOGIND_AGE=11
 
 # Dirs of external packages
 dbuspolicydir=@dbuspolicydir@
diff --git a/NEWS b/NEWS
index 1baa9aa11..6803c6588 100644
--- a/NEWS
+++ b/NEWS
@@ -1,27 +1,195 @@
 systemd System and Service Manager
 
-CHANGES WITH 225:
+CHANGES WITH 226:
+
+        * The DHCP implementation of systemd-networkd gained a set of
+          new features:
+
+          - The DHCP server now supports emitting DNS and NTP
+            information. It may be enabled and configured via
+            EmitDNS=, DNS=, EmitNTP=, and NTP=. If transmission of DNS
+            and NTP information is enabled, but no servers are
+            configured, the corresponding uplink information (if there
+            is any) is propagated.
+
+          - Server and client now support transmission and reception
+            of timezone information. It can be configured via the
+            newly introduced network options UseTimezone=,
+            EmitTimezone=, and Timezone=.  Transmission of timezone
+            information is enabled between host and containers by
+            default now: the container will change its local timezone
+            to what the host has set.
+
+          - Lease timeouts can now be configured via
+            MaxLeaseTimeSec= and DefaultLeaseTimeSec=.
+
+          - The DHCP server improved on the stability of
+            leases. Clients are more likely to get the same lease
+            information back, even if the server loses state.
+
+          - The DHCP server supports two new configuration options to
+            control the lease address pool metrics, PoolOffset= and
+            PoolSize=.
+
+        * The encapsulation limit of tunnels in systemd-networkd may
+          now be configured via 'EncapsulationLimit='. It allows
+          modifying the maximum additional levels of encapsulation
+          that are permitted to be prepended to a packet.
+
+        * systemd now supports the concept of user buses replacing
+          session buses, if used with dbus-1.10 (and enabled via dbus
+          --enable-user-session). It previously only supported this on
+          kdbus-enabled systems, and this release expands this to
+          'dbus-daemon' systems.
+
+        * systemd-networkd now supports predictable interface names
+          for virtio devices.
+
+        * systemd now optionally supports the new Linux kernel
+          "unified" control group hierarchy. If enabled via the kernel
+          command-line option 'systemd.unified_cgroup_hierarchy=1',
+          systemd will try to mount the unified cgroup hierarchy
+          directly on /sys/fs/cgroup. If not enabled, or not
+          available, systemd will fall back to the legacy cgroup
+          hierarchy setup, as before. Host system and containers can
+          mix and match legacy and unified hierarchies as they
+          wish. nspawn understands the $UNIFIED_CROUP_HIERARCHY
+          environment variable to individually select the hierarchy to
+          use for executed containers. By default, nspawn will use the
+          unified hierarchy for the containers if the host uses the
+          unified hierarchy, and the legacy hierarchy otherwise.
+          Please note that at this point the unified hierarchy is an
+          experimental kernel feature and is likely to change in one
+          of the next kernel releases.  Therefore, it should not be
+          enabled by default in downstream distributions yet. The
+          minimum required kernel version for the unified hierarchy to
+          work is 4.2. Note that when the unified hierarchy is used
+          for the first time delegated access to controllers is
+          safe. Because of this systemd-nspawn containers will get
+          access to controllers now, as will systemd user
+          sessions. This means containers and user sessions may now
+          manage their own resources, partitioning up what the system
+          grants them.
+
+        * A new special scope unit "init.scope" has been introduced
+          that encapsulates PID 1 of the system. It may be used to
+          determine resource usage and enforce resource limits on PID
+          1 itself. PID 1 hence moved out of the root of the control
+          group tree.
+
+        * The cgtop tool gained support for filtering out kernel
+          threads when counting tasks in a control group. Also, the
+          count of processes is now recursively summed up by
+          default. Two options -k and --recursive= have been added to
+          revert to old behaviour. The tool has also been updated to
+          work correctly in containers now.
+
+        * systemd-nspawn's --bind= and --bind-ro= options have been
+          extended to allow creation of non-recursive bind mounts.
+
+        * libsystemd gained two new calls sd_pid_get_cgroup() and
+          sd_peer_get_cgroup() which return the control group path of
+          a process or peer of a connected AF_UNIX socket. This
+          function call is particularly useful when implementing
+          delegated subtrees support in the control group hierarchy.
+
+        * The "sd-event" event loop API of libsystemd now supports
+          correct dequeuing of real-time signals, without losing
+          signal events.
+
+        * When systemd requests a PolicyKit decision when managing
+          units it will now add additional fields to the request,
+          including unit name and desired operation. This enables more
+          powerful PolicyKit policies, that make decisions depending
+          on these parameters.
+
+        * nspawn learnt support for .nspawn settings files, that may
+          accompany the image files or directories of containers, and
+          may contain additional settings for the container. This is
+          an alternative to configuring container parameters via the
+          nspawn command line.
+
+        Contributions from: Cristian Rodríguez, Daniel Mack, David
+        Herrmann, Eugene Yakubovich, Evgeny Vereshchagin, Filipe
+        Brandenburger, Hans de Goede, Jan Alexander Steffens, Jan
+        Synacek, Kay Sievers, Lennart Poettering, Mangix, Marcel
+        Holtmann, Martin Pitt, Michael Biebl, Michael Chapman, Michal
+        Sekletar, Peter Hutterer, Piotr Drąg, reverendhomer, Robin
+        Hack, Susant Sahani, Sylvain Pasche, Thomas Hindoe Paaboel
+        Andersen, Tom Gundersen, Torstein Husebø
+
+        -- Berlin, 2015-09-08
 
-        * machinectl gained a new verb 'shell' which opens a fresh shell on the
-          target machine. It is similar to 'login', but spawns the shell
-          directly. The pseudo machine '.host' now refers to the local host and
-          is used by default. Hence, 'machinectl shell' can be used as
-          replacement for 'su' which spawns the session as a fresh systemd
-          unit.
+CHANGES WITH 225:
 
-        * systemd-networkd learned to cope with private-zone DHCP options and
-          allows other programs to query the values.
+        * machinectl gained a new verb 'shell' which opens a fresh
+          shell on the target container or the host. It is similar to
+          the existing 'login' command of machinectl, but spawns the
+          shell directly without prompting for username or
+          password. The pseudo machine '.host' now refers to the local
+          host and is used by default. Hence, 'machinectl shell' can
+          be used as replacement for 'su -' which spawns a session as
+          a fresh systemd unit in a way that is fully isolated from
+          the originating session.
+
+        * systemd-networkd learned to cope with private-zone DHCP
+          options and allows other programs to query the values.
+
+        * SELinux access control when enabling/disabling units is no
+          longer enforced with this release. The previous
+          implementation was incorrect, and a new corrected
+          implementation is not yet available. As unit file operations
+          are still protected via PolicyKit and D-Bus policy this is
+          not a security problem. Yet, distributions which care about
+          optimal SELinux support should probably not stabilize on
+          this release.
+
+        * sd-bus gained support for matches of type "arg0has=", that
+          test for membership of strings in string arrays sent in bus
+          messages.
 
-        Contributions from: Alastair Hughes, Alex Crawford, Daniel Mack, David
-        Herrmann, Dimitri John Ledkov, Eric Kostrowski, Evgeny Vereshchagin,
-        Felipe Sateler, HATAYAMA Daisuke, Jan Pokorný, Jan Synacek, Johnny
-        Robeson, Karel Zak, Kay Sievers, Kefeng Wang, Lennart Poettering, Major
-        Hayden, Marcel Holtmann, Markus Elfring, Martin Mikkelsen, Martin Pitt,
-        Matt Turner, Maxim Mikityanskiy, Michael Biebl, Namhyung Kim, Nicolas
-        Cornu, Owen W. Taylor, Patrik Flykt, Peter Hutterer, reverendhomer,
-        Richard Maw, Ronny Chevalier, Seth Jennings, Stef Walter, Susant Sahani,
-        Thomas Blume, Thomas Hindoe Paaboel Andersen, Thomas Meyer, Tom
-        Gundersen, Vincent Batts, WaLyong Cho, Zbigniew Jędrzejewski-Szmek
+        * systemd-resolved now dumps the contents of its DNS and LLMNR
+          caches to the logs on reception of the SIGUSR1 signal. This
+          is useful to debug DNS behaviour.
+
+        * The coredumpctl tool gained a new --directory= option to
+          operate on journal files in a specific directory.
+
+        * "systemctl reboot" and related commands gained a new
+          "--message=" option which may be used to set a free-text
+          wall message when shutting down or rebooting the
+          system. This message is also logged, which is useful for
+          figuring out the reason for a reboot or shutdown a
+          posteriori.
+
+        * The "systemd-resolve-host" tool's -i switch now takes
+          network interface numbers as alternative to interface names.
+
+        * A new unit file setting for services has been introduced:
+          UtmpMode= allows configuration of how precisely systemd
+          handles utmp and wtmp entries for the service if this is
+          enabled. This allows writing services that appear similar to
+          user sessions in the output of the "w", "who", "last" and
+          "lastlog" tools.
+
+        * systemd-resolved will now locally synthesize DNS resource
+          records for the "localhost" and "gateway" domains as well as
+          the local hostname. This should ensure that clients querying
+          RRs via resolved will get similar results as those going via
+          NSS, if nss-myhostname is enabled.
+
+        Contributions from: Alastair Hughes, Alex Crawford, Daniel
+        Mack, David Herrmann, Dimitri John Ledkov, Eric Kostrowski,
+        Evgeny Vereshchagin, Felipe Sateler, HATAYAMA Daisuke, Jan
+        Pokorný, Jan Synacek, Johnny Robeson, Karel Zak, Kay Sievers,
+        Kefeng Wang, Lennart Poettering, Major Hayden, Marcel
+        Holtmann, Markus Elfring, Martin Mikkelsen, Martin Pitt, Matt
+        Turner, Maxim Mikityanskiy, Michael Biebl, Namhyung Kim,
+        Nicolas Cornu, Owen W. Taylor, Patrik Flykt, Peter Hutterer,
+        reverendhomer, Richard Maw, Ronny Chevalier, Seth Jennings,
+        Stef Walter, Susant Sahani, Thomas Blume, Thomas Hindoe
+        Paaboel Andersen, Thomas Meyer, Tom Gundersen, Vincent Batts,
+        WaLyong Cho, Zbigniew Jędrzejewski-Szmek
 
         -- Berlin, 2015-08-27
 
@@ -30,9 +198,9 @@ CHANGES WITH 224:
         * The systemd-efi-boot-generator functionality was merged into
           systemd-gpt-auto-generator.
 
-        * systemd-networkd now supports Group Policy for vxlan devices. It can
-          be enabled via the new boolean configuration option called
-          'GroupPolicyExtension='.
+        * systemd-networkd now supports Group Policy for vxlan
+          devices. It can be enabled via the new boolean configuration
+          option called 'GroupPolicyExtension='.
 
         Contributions from: Andreas Kempf, Christian Hesse, Daniel Mack, David
         Herrmann, Herman Fries, Johannes Nixdorf, Kay Sievers, Lennart
diff --git a/README b/README
index d84bf8ea6..27cc9a016 100644
--- a/README
+++ b/README
@@ -36,8 +36,8 @@ LICENSE:
         - except src/udev/* which is (currently still) GPLv2, GPLv2+
 
 REQUIREMENTS:
-        Linux kernel >= 3.7
-        Linux kernel >= 3.8 for Smack support
+        Linux kernel >= 3.11
+        Linux kernel >= 4.2 for unified cgroup hierarchy support
 
         Kernel Config Options:
           CONFIG_DEVTMPFS
diff --git a/TODO b/TODO
index ce50f1655..4fdecebd0 100644
--- a/TODO
+++ b/TODO
@@ -26,16 +26,14 @@ External:
 
 Features:
 
+* sd-event: maybe add support for inotify events
+
 * PID 1 should send out sd_notify("WATCHDOG=1") messages (for usage in the --user mode, and when run via nspawn)
 
 * nspawn should send out sd_notify("WATCHDOG=1") messages
 
 * nspawn should optionally support receiving WATCHDOG=1 messages from its payload PID 1...
 
-* introduce "machinectl shell" that is like systemd-run -M foo /bin/bash -t but also adds PAMName=login
-
-* allow loging into host with "machinectl login".
-
 * consider throwing a warning if a service declares it wants to be "Before=" a .device unit.
 
 * "systemctl edit" should know a mode to create a new unit file
@@ -65,10 +63,6 @@ Features:
 
 * logind: follow PropertiesChanged state more closely, to deal with quick logouts and relogins
 
-* change to KillMode=mixed by default
-
-* introduce argv0contains=
-
 * invent a better systemd-run scheme for naming scopes, that works with remoting
 
 * add journalctl -H that talks via ssh to a remote peer and passes through binary logs data
@@ -209,8 +203,6 @@ Features:
 
 * "machinectl list-images" should show os-release data, as well as machine-info data (including deployment level)
 
-* nspawn: when start a container "foobar" look for its configuration in a file "foobar.nspawn" in /etc/systemd/nspawn/ as well as next to the actualy directory or image to boot
-
 * Port various tools to make use of verbs.[ch], where applicable
 
 * "machinectl history"
@@ -256,8 +248,6 @@ Features:
 
 * figure out when we can use the coarse timers
 
-* sd-resolve: drop res_query wrapping, people should call via the bus to resolved instead
-
 * add "systemctl start -v foobar.service" that shows logs of a service
   while the start command runs. This is non-trivial to do without
   races though, since we should flush out all journal messages before
@@ -322,26 +312,22 @@ Features:
   (throughout the codebase, not only PID1)
 
 * networkd:
-  - make DHCP server IP range configurable, including only with a single IP address
-  - dhcp server: try to assign stable IP addresses based on client's MAC address
   - add LLDP client side support
   - the DHCP lease data (such as NTP/DNS) is still made available when
     a carrier is lost on a link. It should be removed instantly.
   - expose in the API the following bits:
         - option 15, domain name and/or option 119, search list
         - option 12, host name and/or option 81, fqdn
-        - option 100, 101, timezone
         - option 123, 144, geolocation
         - option 252, configure http proxy (PAC/wpad)
-  - networkd's dhcp server should transparently pass on the DNS and
-    NTP server list it got from user configuration and its dhcp client
-    to clients. It should also pass on its own timezone information.
   - provide a way to define a per-network interface default metric value
     for all routes to it. possibly a second default for DHCP routes.
   - allow Name= to be specified repeatedly in the [Match] section. Maybe also
     support Name=foo*|bar*|baz ?
   - duplicate address check for static IPs (like ARPCHECK in network-scripts)
   - allow DUID/IAID to be customized, see issue #394.
+  - support configuration option for TSO (tcp segmentation offload)
+  - networkd: whenever uplink info changes, make DHCP server send out FORCERENEW
 
 * resolved:
   - put networkd events and rtnl events at a higher priority, so that
@@ -473,7 +459,6 @@ Features:
 
 * sd-bus:
   - EBADSLT handling
-  - change argv list matching logic
   - GetAllProperties() on a non-existing object does not result in a failure currently
   - kdbus: process fd=-1 for incoming msgs
   - port to sd-resolve for connecting to TCP dbus servers
@@ -895,7 +880,6 @@ Features:
 
 * dhcp:
    - figure out how much we can increase Maximum Message Size
-   - export timezone information
    - support RFC4702 (pass FQDN)
 
 * dhcp6:
diff --git a/configure.ac b/configure.ac
index 395d5a723..bcb3ae6ed 100644
--- a/configure.ac
+++ b/configure.ac
@@ -20,7 +20,7 @@
 AC_PREREQ([2.64])
 
 AC_INIT([elogind],
-        [225],
+        [226],
         [https://github.com/elogind/elogind/issues],
         [elogind],
         [https://github.com/elogind/elogind])
@@ -39,9 +39,14 @@ AM_SILENT_RULES([yes])
 AC_CANONICAL_HOST
 AC_DEFINE_UNQUOTED([CANONICAL_HOST], "$host", [Canonical host string.])
 
-AC_CHECK_TOOLS([AR], [gcc-ar ar], [:])
-AC_CHECK_TOOLS([NM], [gcc-nm nm], [:])
-AC_CHECK_TOOLS([RANLIB], [gcc-ranlib ranlib], [:])
+AC_PROG_CC_C99
+
+AX_COMPILER_VENDOR
+AS_IF([test "x$ax_cv_c_compiler_vendor" = "xgnu"], [
+      AC_CHECK_TOOLS([AR], [gcc-ar ar], [:])
+      AC_CHECK_TOOLS([NM], [gcc-nm nm], [:])
+      AC_CHECK_TOOLS([RANLIB], [gcc-ranlib ranlib], [:])
+])
 
 LT_PREREQ(2.2)
 LT_INIT([disable-static])
@@ -87,8 +92,6 @@ AC_PROG_SED
 AC_PROG_GREP
 AC_PROG_AWK
 
-AC_PROG_CC_C99
-
 AC_PATH_PROG([M4], [m4])
 AC_PATH_PROG([XSLTPROC], [xsltproc])