Accepting request 239780 from Base:System

- Add upstream patch
  0001-machine-don-t-return-uninitialized-variable.patch
- Port and add upstream patch
  0002-vconsole-setup-run-setfont-before-loadkeys.patch

- Rename
  0001-udev-net_setup_link-add-a-bit-more-logging.patch
  to
  1048-udev-net_setup_link-add-a-bit-more-logging.patch 

- Port and add upstream patches
  0001-udev-net_setup_link-add-a-bit-more-logging.patch
  0003-namespace-make-sure-tmp-var-tmp-and-dev-are-writable.patch
  0002-namespace-fix-uninitialized-memory-access.patch

- Add upstream patches
  0001-architecture-Add-tilegx.patch
  0002-architecture-Add-cris.patch
  0003-arch-add-crisv32-to-uname-check.patch
  0004-architecture-remove-cris-from-uname-list.patch

- Add upstream patches
  0006-hwdb-update.patch
  0007-hwdb-Update-database-of-Bluetooth-company-identifier.patch

- Add upstream patches
  0001-parse_uid-return-ENXIO-for-1-uids.patch
  0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch
  0003-localed-consider-an-unset-model-as-a-wildcard.patch
  0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch

OBS-URL: https://build.opensuse.org/request/show/239780
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/systemd?expand=0&rev=191

0001-architecture-Add-tilegx.patch

@@ -0,0 +1,56 @@
+From 46eea341c36f0caf0bdd5b2274a1ef7cb4e83e97 Mon Sep 17 00:00:00 2001
+From: Henrik Grindal Bakken <hgb@ifi.uio.no>
+Date: Thu, 27 Feb 2014 21:19:13 +0100
+Subject: [PATCH] architecture: Add tilegx
+
+Add Tilera's TILE-GX processor family support.
+---
+ src/shared/architecture.c |    3 +++
+ src/shared/architecture.h |    3 +++
+ 2 files changed, 6 insertions(+)
+
+diff --git src/shared/architecture.c src/shared/architecture.c
+index ceba492..fcdb3d5 100644
+--- src/shared/architecture.c
++++ src/shared/architecture.c
+@@ -112,6 +112,8 @@ Architecture uname_architecture(void) {
+                 { "sh",         ARCHITECTURE_SH       },
+ #elif defined(__m68k__)
+                 { "m68k",       ARCHITECTURE_M68K     },
++#elif defined(__tilegx__)
++                { "tilegx",     ARCHITECTURE_TILEGX   },
+ #else
+ #error "Please register your architecture here!"
+ #endif
+@@ -158,6 +160,7 @@ static const char *const architecture_table[_ARCHITECTURE_MAX] = {
+         [ARCHITECTURE_SH] = "sh",
+         [ARCHITECTURE_SH64] = "sh64",
+         [ARCHITECTURE_M68K] = "m68k",
++        [ARCHITECTURE_TILEGX] = "tilegx",
+ };
+ 
+ DEFINE_STRING_TABLE_LOOKUP(architecture, Architecture);
+diff --git src/shared/architecture.h src/shared/architecture.h
+index 3183645..e589a91 100644
+--- src/shared/architecture.h
++++ src/shared/architecture.h
+@@ -47,6 +47,7 @@ typedef enum Architecture {
+         ARCHITECTURE_SH,
+         ARCHITECTURE_SH64,
+         ARCHITECTURE_M68K,
++        ARCHITECTURE_TILEGX,
+         _ARCHITECTURE_MAX,
+         _ARCHITECTURE_INVALID = -1
+ } Architecture;
+@@ -107,6 +108,8 @@ Architecture uname_architecture(void);
+ #  define native_architecture() ARCHITECTURE_SH
+ #elif defined(__m68k__)
+ #  define native_architecture() ARCHITECTURE_M68K
++#elif defined(__tilegx__)
++#  define native_architecture() ARCHITECTURE_TILEGX
+ #else
+ #error "Please register your architecture here!"
+ #endif
+-- 
+1.7.9.2
+

0001-core-close-socket-fds-asynchronously.patch

@@ -5,9 +5,9 @@ Subject: [PATCH] core: close socket fds asynchronously
 
 http://lists.freedesktop.org/archives/systemd-devel/2014-April/018928.html
 ---
- src/core/async.c   |   22 ++++++++++++++++++++++
+ src/core/async.c   |   24 ++++++++++++++++++++++++
  src/core/service.c |    5 +++--
- 2 files changed, 25 insertions(+), 2 deletions(-)
+ 2 files changed, 27 insertions(+), 2 deletions(-)
 
 --- src/core/service.c
 +++ src/core/service.c	2014-05-16 11:41:50.150735247 +0000
@@ -47,13 +47,15 @@ http://lists.freedesktop.org/archives/systemd-devel/2014-April/018928.html
  
  int asynchronous_job(void* (*func)(void *p), void *arg) {
          pthread_attr_t a;
-@@ -70,3 +71,24 @@ int asynchronous_sync(void) {
+@@ -70,3 +71,26 @@ int asynchronous_sync(void) {
  
          return asynchronous_job(sync_thread, NULL);
  }
 +
 +static void *close_thread(void *p) {
-+        close_nointr_nofail(PTR_TO_INT(p));
++        int fd = PTR_TO_INT(p);
++        if (fd >= 0)
++               close_nointr_nofail(fd);
 +        return NULL;
 +}
 +
@@ -67,7 +69,7 @@ http://lists.freedesktop.org/archives/systemd-devel/2014-April/018928.html
 +         * far away as we can. */
 +
 +        r = asynchronous_job(close_thread, INT_TO_PTR(fd));
-+        if (r < 0)
++        if (r < 0 && fd >= 0)
 +                close_nointr_nofail(fd);
 +
 +        return -1;

0001-machine-don-t-return-uninitialized-variable.patch

@@ -0,0 +1,26 @@
+From f14aa1f1b2e4e99ee20393871b5f64f1378ed6c3 Mon Sep 17 00:00:00 2001
+From: Tom Gundersen <teg@jklm.no>
+Date: Sun, 6 Jul 2014 14:12:28 +0200
+Subject: [PATCH] machine: don't return uninitialized variable
+
+Repotred by Ronny Chevalier
+---
+ src/machine/machine.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git src/machine/machine.c src/machine/machine.c
+index c0fa1b2..cf38e3f 100644
+--- src/machine/machine.c
++++ src/machine/machine.c
+@@ -371,7 +371,7 @@ static int machine_stop_scope(Machine *m) {
+         free(m->scope_job);
+         m->scope_job = job;
+ 
+-        return r;
++        return 0;
+ }
+ 
+ int machine_stop(Machine *m) {
+-- 
+1.7.9.2
+

0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch

@@ -0,0 +1,26 @@
+Based on 1f97091d3cb0887c264176b47b0a86c269acf0b5 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Fri, 27 Jun 2014 18:34:37 +0200
+Subject: [PATCH] main: uid_to_name() might fail due to OOM, protect against
+ that
+
+---
+ src/core/main.c |    7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+--- src/core/main.c
++++ src/core/main.c	2014-07-01 12:25:17.906235000 +0000
+@@ -1525,9 +1525,10 @@ int main(int argc, char *argv[]) {
+                         log_info("Running in initial RAM disk.");
+ 
+         } else {
+-                _cleanup_free_ char *t = uid_to_name(getuid());
+-                log_debug(PACKAGE_STRING " running in user mode for user "UID_FMT"/%s. (" SYSTEMD_FEATURES ")",
+-                          getuid(), t);
++                _cleanup_free_ char *t;
++		    
++                t = uid_to_name(getuid());
++                log_debug(PACKAGE_STRING " running in user mode for user "UID_FMT"/%s. (" SYSTEMD_FEATURES ")", getuid(), strna(t));
+         }
+ 
+         if (arg_running_as == SYSTEMD_SYSTEM && !skip_setup) {

0001-parse_uid-return-ENXIO-for-1-uids.patch

@@ -0,0 +1,45 @@
+From f841a154efbb3162d2a732936f031ac7a6b0d4cf Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay@vrfy.org>
+Date: Tue, 1 Jul 2014 16:00:05 +0200
+Subject: [PATCH] parse_uid: return -ENXIO for -1 uids
+
+---
+ src/shared/audit.c |    3 ---
+ src/shared/util.c  |    4 ++--
+ 2 files changed, 2 insertions(+), 5 deletions(-)
+
+diff --git src/shared/audit.c src/shared/audit.c
+index 5466447..f101050 100644
+--- src/shared/audit.c
++++ src/shared/audit.c
+@@ -77,9 +77,6 @@ int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
+         if (r < 0)
+                 return r;
+ 
+-        if (u == (uid_t) -1)
+-                return -ENXIO;
+-
+         *uid = (uid_t) u;
+         return 0;
+ }
+diff --git src/shared/util.c src/shared/util.c
+index e75f6c9..9b5a47a 100644
+--- src/shared/util.c
++++ src/shared/util.c
+@@ -282,11 +282,11 @@ int parse_uid(const char *s, uid_t* ret_uid) {
+ 
+         /* Some libc APIs use (uid_t) -1 as special placeholder */
+         if (uid == (uid_t) 0xFFFFFFFF)
+-                return -EINVAL;
++                return -ENXIO;
+ 
+         /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
+         if (uid == (uid_t) 0xFFFF)
+-                return -EINVAL;
++                return -ENXIO;
+ 
+         *ret_uid = uid;
+         return 0;
+-- 
+1.7.9.2
+

0002-architecture-Add-cris.patch

@@ -0,0 +1,55 @@
+From 86bafac9540ba9e111ccba2fdf4161fe3a67cd3b Mon Sep 17 00:00:00 2001
+From: Umut Tezduyar Lindskog <umut.tezduyar@axis.com>
+Date: Tue, 4 Mar 2014 13:58:35 +0100
+Subject: [PATCH] architecture: Add cris
+
+---
+ src/shared/architecture.c |    3 +++
+ src/shared/architecture.h |    3 +++
+ 2 files changed, 6 insertions(+)
+
+diff --git src/shared/architecture.c src/shared/architecture.c
+index fcdb3d5..9e0c3ef 100644
+--- src/shared/architecture.c
++++ src/shared/architecture.c
+@@ -114,6 +114,8 @@ Architecture uname_architecture(void) {
+                 { "m68k",       ARCHITECTURE_M68K     },
+ #elif defined(__tilegx__)
+                 { "tilegx",     ARCHITECTURE_TILEGX   },
++#elif defined(__cris__)
++                { "cris",       ARCHITECTURE_CRIS     },
+ #else
+ #error "Please register your architecture here!"
+ #endif
+@@ -161,6 +163,7 @@ static const char *const architecture_table[_ARCHITECTURE_MAX] = {
+         [ARCHITECTURE_SH64] = "sh64",
+         [ARCHITECTURE_M68K] = "m68k",
+         [ARCHITECTURE_TILEGX] = "tilegx",
++        [ARCHITECTURE_CRIS] = "cris",
+ };
+ 
+ DEFINE_STRING_TABLE_LOOKUP(architecture, Architecture);
+diff --git src/shared/architecture.h src/shared/architecture.h
+index e589a91..20e848b 100644
+--- src/shared/architecture.h
++++ src/shared/architecture.h
+@@ -48,6 +48,7 @@ typedef enum Architecture {
+         ARCHITECTURE_SH64,
+         ARCHITECTURE_M68K,
+         ARCHITECTURE_TILEGX,
++        ARCHITECTURE_CRIS,
+         _ARCHITECTURE_MAX,
+         _ARCHITECTURE_INVALID = -1
+ } Architecture;
+@@ -110,6 +111,8 @@ Architecture uname_architecture(void);
+ #  define native_architecture() ARCHITECTURE_M68K
+ #elif defined(__tilegx__)
+ #  define native_architecture() ARCHITECTURE_TILEGX
++#elif defined(__cris__)
++#  define native_architecture() ARCHITECTURE_CRIS
+ #else
+ #error "Please register your architecture here!"
+ #endif
+-- 
+1.7.9.2
+

0002-journald-make-MaxFileSec-really-default-to-1month.patch

@@ -0,0 +1,30 @@
+Based on e150e82097211f09b911c7784a89ef9efed713ca Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Micha=C5=82=20Bartoszkiewicz?= <mbartoszkiewicz@gmail.com>
+Date: Thu, 26 Jun 2014 22:11:35 +0200
+Subject: [PATCH] journald: make MaxFileSec really default to 1month
+
+journald.conf(5) states that the default for MaxFileSec is one month,
+but the code didn't respect that.
+---
+ src/journal/journald-server.c |    3 +++
+ 1 file changed, 3 insertions(+)
+
+--- src/journal/journald-server.c
++++ src/journal/journald-server.c	2014-07-01 12:28:25.506735287 +0000
+@@ -68,6 +68,7 @@
+ #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
+ #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
+ #define DEFAULT_RATE_LIMIT_BURST 1000
++#define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
+ 
+ #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
+ 
+@@ -1496,6 +1497,8 @@ int server_init(Server *s) {
+ 
+         s->forward_to_syslog = true;
+ 
++        s->max_file_usec = DEFAULT_MAX_FILE_USEC;
++
+         s->max_level_store = LOG_DEBUG;
+         s->max_level_syslog = LOG_DEBUG;
+         s->max_level_kmsg = LOG_NOTICE;

0002-namespace-fix-uninitialized-memory-access.patch

@@ -0,0 +1,28 @@
+Based on 002b226843e77630128da580225f9c3ef8474db2 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Thu, 3 Jul 2014 16:27:53 +0200
+Subject: [PATCH] namespace: fix uninitialized memory access
+
+---
+ src/core/namespace.c |    3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- src/core/namespace.c
++++ src/core/namespace.c	2014-07-04 00:00:00.000000000 +0000
+@@ -68,6 +68,7 @@ static int append_mounts(BindMount **p,
+         STRV_FOREACH(i, strv) {
+ 
+                 (*p)->ignore = false;
++                (*p)->done = false;
+ 
+                 if ((mode == INACCESSIBLE || mode == READONLY) && (*i)[0] == '-') {
+                         (*p)->ignore = true;
+@@ -298,7 +299,7 @@ int setup_namespace(
+                 private_dev;
+ 
+         if (n > 0) {
+-                m = mounts = (BindMount *) alloca(n * sizeof(BindMount));
++                m = mounts = (BindMount *) alloca0(n * sizeof(BindMount));
+                 r = append_mounts(&m, read_write_dirs, READWRITE);
+                 if (r < 0)
+                         return r;

0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch

@@ -0,0 +1,74 @@
+Based on e0a33e7ba619eb44f732aaf23cb249fa43d0ce8d Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Wed, 2 Jul 2014 13:42:25 +0200
+Subject: [PATCH] util: when unescaping strings, don't allow smuggling in of
+ additional NUL bytes
+
+Better safe than sorry.
+---
+ src/shared/util.c    |   12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git src/shared/util.c src/shared/util.c
+index ceafa01..4ad3f20 100644
+--- src/shared/util.c
++++ src/shared/util.c
+@@ -1256,7 +1256,7 @@ char *cunescape_length_with_prefix(const char *s, size_t length, const char *pre
+                         a = unhexchar(f[1]);
+                         b = unhexchar(f[2]);
+ 
+-                        if (a < 0 || b < 0) {
++                        if (a < 0 || b < 0 || (a == 0 && b == 0)) {
+                                 /* Invalid escape code, let's take it literal then */
+                                 *(t++) = '\\';
+                                 *(t++) = 'x';
+@@ -1283,7 +1283,7 @@ char *cunescape_length_with_prefix(const char *s, size_t length, const char *pre
+                         b = unoctchar(f[1]);
+                         c = unoctchar(f[2]);
+ 
+-                        if (a < 0 || b < 0 || c < 0) {
++                        if (a < 0 || b < 0 || c < 0 || (a == 0 && b == 0 && c == 0)) {
+                                 /* Invalid escape code, let's take it literal then */
+                                 *(t++) = '\\';
+                                 *(t++) = f[0];
+@@ -1566,8 +1566,7 @@ int chvt(int vt) {
+ 
+ int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) {
+         struct termios old_termios, new_termios;
+-        char c;
+-        char line[LINE_MAX];
++        char c, line[LINE_MAX];
+ 
+         assert(f);
+         assert(ret);
+@@ -1604,9 +1603,10 @@ int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) {
+                 }
+         }
+ 
+-        if (t != (usec_t) -1)
++        if (t != (usec_t) -1) {
+                 if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0)
+                         return -ETIMEDOUT;
++        }
+ 
+         if (!fgets(line, sizeof(line), f))
+                 return -EIO;
+@@ -1624,6 +1624,7 @@ int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) {
+ }
+ 
+ int ask(char *ret, const char *replies, const char *text, ...) {
++        int r;
+ 
+         assert(ret);
+         assert(replies);
+@@ -1632,7 +1633,6 @@ int ask(char *ret, const char *replies, const char *text, ...) {
+         for (;;) {
+                 va_list ap;
+                 char c;
+-                int r;
+                 bool need_nl = true;
+ 
+                 if (on_tty())
+-- 
+1.7.9.2
+

0002-vconsole-setup-run-setfont-before-loadkeys.patch

@@ -0,0 +1,166 @@
+Based on abee28c56d523e55751b0c007d0bf812cc285c00 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
+Date: Tue, 1 Jul 2014 22:20:11 -0400
+Subject: [PATCH] vconsole-setup: run setfont before loadkeys
+
+https://bugs.freedesktop.org/show_bug.cgi?id=80685
+
+For SUSE please note that this had been ported on top of the patches
+  * handle-disable_caplock-and-compose_table-and-kbd_rate.patch
+  * handle-numlock-value-in-etc-sysconfig-keyboard.patch
+that is that now set_kbd_rate() will be called first before font_load().
+Then font_load() is followed by load_compose_table() and afterwards as
+in the original commit the keymap_load() follows.
+
+---
+ src/vconsole/vconsole-setup.c |   93 +++++++++++++++++++++---------------------
+ 1 file changed, 47 insertions(+), 46 deletions(-)
+
+--- src/vconsole/vconsole-setup.c
++++ src/vconsole/vconsole-setup.c	2014-07-07 12:30:27.390235226 +0000
+@@ -340,23 +340,20 @@ static int set_kbd_rate(const char *vc,
+ 
+ int main(int argc, char **argv) {
+         const char *vc;
+-        char *vc_keymap = NULL;
+-        char *vc_keymap_toggle = NULL;
+-        char *vc_font = NULL;
+-        char *vc_font_map = NULL;
+-        char *vc_font_unimap = NULL;
++        _cleanup_free_ char
++                *vc_keymap = NULL, *vc_keymap_toggle = NULL,
++                *vc_font = NULL, *vc_font_map = NULL, *vc_font_unimap = NULL;
++        _cleanup_close_ int fd = -1;
+ #ifdef HAVE_SYSV_COMPAT
+-        char *vc_kbd_delay = NULL;
+-        char *vc_kbd_rate = NULL;
+-        char *vc_kbd_disable_caps_lock = NULL;
+-        char *vc_kbd_numlock = NULL;
+-        char *vc_compose_table = NULL;
++        _cleanup_free_ char
++                *vc_kbd_numlock = NULL, *vc_kbd_delay = NULL,
++                *vc_kbd_rate = NULL, * vc_kbd_disable_caps_lock = NULL,
++                *vc_compose_table = NULL;
+         pid_t kbd_rate_pid = 0, compose_table_pid = 0;
++        bool numlock = false;
+ #endif
+-        int fd = -1;
+         bool utf8;
+         bool disable_capslock = false;
+-        bool numlock = false;
+         pid_t font_pid = 0, keymap_pid = 0;
+         bool font_copy = false;
+         int r = EXIT_FAILURE;
+@@ -377,12 +374,12 @@ int main(int argc, char **argv) {
+         fd = open_terminal(vc, O_RDWR|O_CLOEXEC);
+         if (fd < 0) {
+                 log_error("Failed to open %s: %m", vc);
+-                goto finish;
++                return EXIT_FAILURE;
+         }
+ 
+         if (!is_vconsole(fd)) {
+                 log_error("Device %s is not a virtual console.", vc);
+-                goto finish;
++                return EXIT_FAILURE;
+         }
+ 
+         utf8 = is_locale_utf8();
+@@ -464,61 +461,65 @@ int main(int argc, char **argv) {
+                 } else
+ #endif
+                         numlock = vc_kbd_numlock && strcaseeq(vc_kbd_numlock, "yes");
+-
+ #endif
+         }
+ 
++#ifdef HAVE_SYSV_COMPAT
++finish:
++        r = set_kbd_rate(vc, vc_kbd_rate, vc_kbd_delay, &kbd_rate_pid);
++        if (r < 0) {
++                log_error("Failed to start /bin/kbdrate: %s", strerror(-r));
++                return EXIT_FAILURE;
++        }
++#endif
++
+         if (utf8)
+                 enable_utf8(fd);
+         else
+                 disable_utf8(fd);
+ 
+-        r = EXIT_FAILURE;
++        r = font_load(vc, vc_font, vc_font_map, vc_font_unimap, &font_pid);
++        if (r < 0) {
++                log_error("Failed to start " KBD_SETFONT ": %s", strerror(-r));
++                return EXIT_FAILURE;
++        }
++
++        if (font_pid > 0)
++                wait_for_terminate_and_warn(KBD_SETFONT, font_pid);
+ 
+-        if (keymap_load(vc, vc_keymap, vc_keymap_toggle, utf8, disable_capslock, &keymap_pid) >= 0 &&
+ #ifdef HAVE_SYSV_COMPAT
+-            load_compose_table(vc, vc_compose_table, &compose_table_pid) >= 0 &&
+-            set_kbd_rate(vc, vc_kbd_rate, vc_kbd_delay, &kbd_rate_pid) >= 0 &&
++        r = load_compose_table(vc, vc_compose_table, &compose_table_pid);
++        if (r < 0) {
++                log_error("Failed to start " KBD_SETFONT ": %s", strerror(-r));
++                return EXIT_FAILURE;
++        }
++
++        if (compose_table_pid > 0)
++                wait_for_terminate_and_warn(KBD_LOADKEYS, compose_table_pid);
+ #endif
+-            font_load(vc, vc_font, vc_font_map, vc_font_unimap, &font_pid) >= 0)
+-                r = EXIT_SUCCESS;
+ 
+-finish:
++        r = keymap_load(vc, vc_keymap, vc_keymap_toggle, utf8, disable_capslock, &keymap_pid);
++        if (r < 0) {
++                log_error("Failed to start " KBD_LOADKEYS ": %s", strerror(-r));
++                return EXIT_FAILURE;
++        }
++
+         if (keymap_pid > 0)
+                 wait_for_terminate_and_warn(KBD_LOADKEYS, keymap_pid);
++
++#ifdef HAVE_SYSV_COMPAT
+         if (numlock)
+                 touch("/run/numlock-on");
+         else
+                 unlink("/run/numlock-on");
+ 
+-#ifdef HAVE_SYSV_COMPAT
+-        if (compose_table_pid > 0)
+-                wait_for_terminate_and_warn(KBD_LOADKEYS, compose_table_pid);
+-
+         if (kbd_rate_pid > 0)
+                 wait_for_terminate_and_warn("/bin/kbdrate", kbd_rate_pid);
+ #endif
+ 
+-        if (font_pid > 0) {
+-                wait_for_terminate_and_warn(KBD_SETFONT, font_pid);
+-                if (font_copy)
+-                        font_copy_to_all_vcs(fd);
+-        }
+-
+-        free(vc_keymap);
+-        free(vc_font);
+-        free(vc_font_map);
+-        free(vc_font_unimap);
+-        free(vc_kbd_numlock);
+-#ifdef HAVE_SYSV_COMPAT
+-        free(vc_kbd_delay);
+-        free(vc_kbd_rate);
+-        free(vc_kbd_disable_caps_lock);
+-        free(vc_compose_table);
+-#endif
+-
+-        if (fd >= 0)
+-                close_nointr_nofail(fd);
++        /* Only copy the font when we started setfont successfully */
++        if (font_copy && font_pid > 0)
++                font_copy_to_all_vcs(fd);
+ 
+         return r;
+ }

0003-arch-add-crisv32-to-uname-check.patch

@@ -0,0 +1,24 @@
+From 9b3a0ba3e9e28382a1072bf0e2c07a3661432743 Mon Sep 17 00:00:00 2001
+From: Umut Tezduyar Lindskog <umut.tezduyar@axis.com>
+Date: Thu, 3 Jul 2014 09:54:45 +0200
+Subject: [PATCH] arch: add crisv32 to uname check
+
+---
+ src/shared/architecture.c |    1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git src/shared/architecture.c src/shared/architecture.c
+index 9e0c3ef..7dd049a 100644
+--- src/shared/architecture.c
++++ src/shared/architecture.c
+@@ -116,6 +116,7 @@ Architecture uname_architecture(void) {
+                 { "tilegx",     ARCHITECTURE_TILEGX   },
+ #elif defined(__cris__)
+                 { "cris",       ARCHITECTURE_CRIS     },
++                { "crisv32",    ARCHITECTURE_CRIS     },
+ #else
+ #error "Please register your architecture here!"
+ #endif
+-- 
+1.7.9.2
+

0003-localed-consider-an-unset-model-as-a-wildcard.patch

@@ -0,0 +1,39 @@
+From 387066c2e5bda159201896b194711965b52f34a9 Mon Sep 17 00:00:00 2001
+From: Michal Sekletar <msekleta@redhat.com>
+Date: Fri, 30 May 2014 18:20:16 +0200
+Subject: [PATCH] localed: consider an unset model as a wildcard
+
+---
+ src/locale/localed.c |   13 +++++++------
+ 1 file changed, 7 insertions(+), 6 deletions(-)
+
+diff --git src/locale/localed.c src/locale/localed.c
+index e3061c8..358f6c2 100644
+--- src/locale/localed.c
++++ src/locale/localed.c
+@@ -712,15 +712,16 @@ static int find_legacy_keymap(Context *c, char **new_keymap) {
+                         }
+                 }
+ 
+-                if (matching > 0 &&
+-                    streq_ptr(c->x11_model, a[2])) {
+-                        matching++;
+-
+-                        if (streq_ptr(c->x11_variant, a[3])) {
++                if (matching > 0) {
++                        if (isempty(c->x11_model) || streq_ptr(c->x11_model, a[2])) {
+                                 matching++;
+ 
+-                                if (streq_ptr(c->x11_options, a[4]))
++                                if (streq_ptr(c->x11_variant, a[3])) {
+                                         matching++;
++
++                                        if (streq_ptr(c->x11_options, a[4]))
++                                                matching++;
++                                }
+                         }
+                 }
+ 
+-- 
+1.7.9.2
+

0003-namespace-make-sure-tmp-var-tmp-and-dev-are-writable.patch

@@ -0,0 +1,34 @@
+Based on 664064d60c36e1f62c7e9177e4c7498035467e07 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Thu, 3 Jul 2014 16:27:57 +0200
+Subject: [PATCH] namespace: make sure /tmp, /var/tmp and /dev are writable in
+ namespaces we set up
+
+---
+ src/core/namespace.c |   11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+--- src/core/namespace.c
++++ src/core/namespace.c	2014-07-04 09:55:21.582234949 +0000
+@@ -263,14 +263,17 @@ static int make_read_only(BindMount *m)
+ 
+         assert(m);
+ 
+-        if (m->mode != INACCESSIBLE && m->mode != READONLY)
+-                return 0;
++        if (IN_SET(m->mode, INACCESSIBLE, READONLY))
++                r = mount(NULL, m->path, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY|MS_REC, NULL);
++        else if (IN_SET(m->mode, READWRITE, PRIVATE_TMP, PRIVATE_VAR_TMP, PRIVATE_DEV))
++                r = mount(NULL, m->path, NULL, MS_BIND|MS_REMOUNT|MS_REC, NULL);
++        else
++                r = 0;
+ 
+-        r = mount(NULL, m->path, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY|MS_REC, NULL);
+         if (r < 0 && !(m->ignore && errno == ENOENT))
+                 return -errno;
+ 
+-        return 0;
++        return r;
+ }
+ 
+ int setup_namespace(

0003-units-remove-RefuseManualStart-from-units-which-are-.patch

@@ -0,0 +1,65 @@
+Based on 0fdeb6e011dfdb17636c81e2d7e0d632186359ce Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
+Date: Sat, 28 Jun 2014 00:06:30 -0400
+Subject: [PATCH] units: remove RefuseManualStart from units which are always
+ around
+
+In a normal running system, non-passive targets and units used during
+early bootup are always started. So refusing "manual start" for them
+doesn't make any difference, because a "start" command doesn't cause
+any action.
+
+In early boot however, the administrator might want to start on
+of those targets or services by hand. We shouldn't interfere with that.
+
+Note: in case of systemd-tmpfiles-setup.service, really running the
+unit after system is up would break the system. So e.g. restarting
+should not be allowed. The unit has "RefuseManualStop=yes", which
+prevents restart too.
+---
+ units/basic.target                      |    1 -
+ units/sysinit.target                    |    1 -
+ units/systemd-tmpfiles-setup.service.in |    1 -
+ units/user/basic.target                 |    1 -
+ 4 files changed, 4 deletions(-)
+
+diff --git units/basic.target units/basic.target
+index d7c68f4..b890d48 100644
+--- units/basic.target
++++ units/basic.target
+@@ -11,4 +11,3 @@ Documentation=man:systemd.special(7)
+ Requires=sysinit.target
+ Wants=sockets.target timers.target paths.target slices.target
+ After=sysinit.target sockets.target timers.target paths.target slices.target
+-RefuseManualStart=yes
+diff --git units/sysinit.target units/sysinit.target
+index 8f4fb8f..ec33503 100644
+--- units/sysinit.target
++++ units/sysinit.target
+@@ -11,4 +11,3 @@ Documentation=man:systemd.special(7)
+ Conflicts=emergency.service emergency.target
+ Wants=local-fs.target swap.target
+ After=local-fs.target swap.target emergency.service emergency.target
+-RefuseManualStart=yes
+--- units/systemd-tmpfiles-setup.service.in
++++ units/systemd-tmpfiles-setup.service.in	2014-07-01 12:17:48.154235348 +0000
+@@ -18,7 +18,6 @@ ConditionDirectoryNotEmpty=|/lib/tmpfile
+ ConditionDirectoryNotEmpty=|/usr/local/lib/tmpfiles.d
+ ConditionDirectoryNotEmpty=|/etc/tmpfiles.d
+ ConditionDirectoryNotEmpty=|/run/tmpfiles.d
+-RefuseManualStart=yes
+ RefuseManualStop=yes
+ 
+ [Service]
+diff --git units/user/basic.target units/user/basic.target
+index b74d13c..afc6e93 100644
+--- units/user/basic.target
++++ units/user/basic.target
+@@ -10,4 +10,3 @@ Description=Basic System
+ Documentation=man:systemd.special(7)
+ Wants=sockets.target timers.target paths.target
+ After=sockets.target timers.target paths.target
+-RefuseManualStart=yes
+-- 
+1.7.9.2
+

0004-architecture-remove-cris-from-uname-list.patch

@@ -0,0 +1,27 @@
+From bc4bc52bc3de56405045b0437e145a7067fb085d Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Thu, 3 Jul 2014 22:52:44 +0200
+Subject: [PATCH] architecture: remove "cris" from uname list
+
+the only correct name appears to be "crisv32"...
+
+http://lists.freedesktop.org/archives/systemd-devel/2014-July/020899.html
+---
+ src/shared/architecture.c |    1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git src/shared/architecture.c src/shared/architecture.c
+index 7dd049a..6cdca4e 100644
+--- src/shared/architecture.c
++++ src/shared/architecture.c
+@@ -115,7 +115,6 @@ Architecture uname_architecture(void) {
+ #elif defined(__tilegx__)
+                 { "tilegx",     ARCHITECTURE_TILEGX   },
+ #elif defined(__cris__)
+-                { "cris",       ARCHITECTURE_CRIS     },
+                 { "crisv32",    ARCHITECTURE_CRIS     },
+ #else
+ #error "Please register your architecture here!"
+-- 
+1.7.9.2
+

0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch

@@ -0,0 +1,27 @@
+From 7bb4d371af5ec6b8c50b71d2a80c2866d8134d9a Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Wed, 2 Jul 2014 17:36:47 +0200
+Subject: [PATCH] sd-bus: when an event loop terminates, explicitly close the
+ bus
+
+This makes sure we actually release the bus and all the messages it
+references.
+---
+ src/libsystemd/sd-bus/sd-bus.c |    1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git src/libsystemd/sd-bus/sd-bus.c src/libsystemd/sd-bus/sd-bus.c
+index d52afe8..eb267d4 100644
+--- src/libsystemd/sd-bus/sd-bus.c
++++ src/libsystemd/sd-bus/sd-bus.c
+@@ -2940,6 +2940,7 @@ static int quit_callback(sd_event_source *event, void *userdata) {
+         assert(event);
+ 
+         sd_bus_flush(bus);
++        sd_bus_close(bus);
+ 
+         return 1;
+ }
+-- 
+1.7.9.2
+

0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch

@@ -0,0 +1,31 @@
+From 306a55c86360a7ae7b2509771d5ea6ab0d166d85 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Sun, 29 Jun 2014 22:15:33 +0200
+Subject: [PATCH] util: refuse considering UID 0xFFFF and 0xFFFFFFFF valid
+
+---
+ src/shared/util.c |    8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git src/shared/util.c src/shared/util.c
+index e7ff0f8..1709bb7 100644
+--- src/shared/util.c
++++ src/shared/util.c
+@@ -280,6 +280,14 @@ int parse_uid(const char *s, uid_t* ret_uid) {
+         if ((unsigned long) uid != ul)
+                 return -ERANGE;
+ 
++        /* Some libc APIs use (uid_t) -1 as special placeholder */
++        if (uid == (uid_t) 0xFFFFFFFF)
++                return -EINVAL;
++
++        /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
++        if (uid == (uid_t) 0xFFFF)
++                return -EINVAL;
++
+         *ret_uid = uid;
+         return 0;
+ }
+-- 
+1.7.9.2
+

0005-bus-close-a-bus-that-failed-to-connect.patch

@@ -0,0 +1,28 @@
+From db9bb83fa5ec72da38eb5bd0c259ef8c76a71858 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Thu, 3 Jul 2014 01:19:21 +0200
+Subject: [PATCH] bus: close a bus that failed to connect
+
+---
+ src/libsystemd/sd-bus/sd-bus.c |    4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git src/libsystemd/sd-bus/sd-bus.c src/libsystemd/sd-bus/sd-bus.c
+index c25375c..28fc19e 100644
+--- src/libsystemd/sd-bus/sd-bus.c
++++ src/libsystemd/sd-bus/sd-bus.c
+@@ -1033,8 +1033,10 @@ _public_ int sd_bus_start(sd_bus *bus) {
+         else
+                 return -EINVAL;
+ 
+-        if (r < 0)
++        if (r < 0) {
++                sd_bus_close(bus);
+                 return r;
++        }
+ 
+         return bus_send_hello(bus);
+ }
+-- 
+1.7.9.2
+

0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch

@@ -0,0 +1,94 @@
+From 28650077f36466d9c5ee27ef2006fae3171a2430 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Mon, 30 Jun 2014 16:22:12 +0200
+Subject: [PATCH] nspawn: block open_by_handle_at() and others via seccomp
+
+Let's protect ourselves against the recently reported docker security
+issue. Our man page makes clear that we do not make any security
+promises anyway, but well, this one is easy to mitigate, so let's do it.
+While we are at it block a couple of more syscalls that are no good in
+containers, too.
+---
+ src/nspawn/nspawn.c |   47 +++++++++++++++++++++++++++++++++++------------
+ 1 file changed, 35 insertions(+), 12 deletions(-)
+
+diff --git src/nspawn/nspawn.c src/nspawn/nspawn.c
+index fd61d07..656c1bf 100644
+--- src/nspawn/nspawn.c
++++ src/nspawn/nspawn.c
+@@ -1864,22 +1864,25 @@ static int setup_macvlan(pid_t pid) {
+         return 0;
+ }
+ 
+-static int audit_still_doesnt_work_in_containers(void) {
++static int setup_seccomp(void) {
+ 
+ #ifdef HAVE_SECCOMP
++        static const int blacklist[] = {
++                SCMP_SYS(kexec_load),
++                SCMP_SYS(open_by_handle_at),
++                SCMP_SYS(init_module),
++                SCMP_SYS(finit_module),
++                SCMP_SYS(delete_module),
++                SCMP_SYS(iopl),
++                SCMP_SYS(ioperm),
++                SCMP_SYS(swapon),
++                SCMP_SYS(swapoff),
++        };
++
+         scmp_filter_ctx seccomp;
++        unsigned i;
+         int r;
+ 
+-        /*
+-           Audit is broken in containers, much of the userspace audit
+-           hookup will fail if running inside a container. We don't
+-           care and just turn off creation of audit sockets.
+-
+-           This will make socket(AF_NETLINK, *, NETLINK_AUDIT) fail
+-           with EAFNOSUPPORT which audit userspace uses as indication
+-           that audit is disabled in the kernel.
+-         */
+-
+         seccomp = seccomp_init(SCMP_ACT_ALLOW);
+         if (!seccomp)
+                 return log_oom();
+@@ -1890,6 +1893,26 @@ static int audit_still_doesnt_work_in_containers(void) {
+                 goto finish;
+         }
+ 
++        for (i = 0; i < ELEMENTSOF(blacklist); i++) {
++                r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(EPERM), blacklist[i], 0);
++                if (r == -EFAULT)
++                        continue; /* unknown syscall */
++                if (r < 0) {
++                        log_error("Failed to block syscall: %s", strerror(-r));
++                        goto finish;
++                }
++        }
++
++        /*
++           Audit is broken in containers, much of the userspace audit
++           hookup will fail if running inside a container. We don't
++           care and just turn off creation of audit sockets.
++
++           This will make socket(AF_NETLINK, *, NETLINK_AUDIT) fail
++           with EAFNOSUPPORT which audit userspace uses as indication
++           that audit is disabled in the kernel.
++         */
++
+         r = seccomp_rule_add(
+                         seccomp,
+                         SCMP_ACT_ERRNO(EAFNOSUPPORT),
+@@ -3050,7 +3073,7 @@ int main(int argc, char *argv[]) {
+ 
+                         dev_setup(arg_directory);
+ 
+-                        if (audit_still_doesnt_work_in_containers() < 0)
++                        if (setup_seccomp() < 0)
+                                 goto child_fail;
+ 
+                         if (setup_dev_console(arg_directory, console) < 0)
+-- 
+1.7.9.2
+

0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch

@@ -0,0 +1,26 @@
+Based on 6fc27667950fe153033f0f49cb5b57e8954c3e54 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Mon, 30 Jun 2014 19:06:18 +0200
+Subject: [PATCH] tmpfiles: don't do automatic cleanup in $XDG_RUNTIME_DIR
+
+Now that logind will clean up all IPC resources of a user we should
+really consider $XDG_RUNTIME_DIR as just another kind of IPC with the
+same life-cycle logic as the other IPC resources. This should be safe
+now to do since every user gets his own $XDG_RUNTIME_DIR tmpfs instance
+with a fixed size limit, so that flooding of it will more effectively be
+averted.
+---
+ tmpfiles.d/systemd.conf |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- tmpfiles.d/systemd.conf
++++ tmpfiles.d/systemd.conf	2014-07-01 12:31:01.858735866 +0000
+@@ -7,7 +7,7 @@
+ 
+ # See tmpfiles.d(5) for details
+ 
+-d /run/user 0755 root root ~10d
++d /run/user 0755 root root -
+ F! /run/utmp 0664 root utmp -
+ 
+ f /var/log/wtmp 0664 root utmp -

0007-hwdb-Update-database-of-Bluetooth-company-identifier.patch

@@ -0,0 +1,49 @@
+From 063e36db8aed7b54100b33089deb6d2e86d516b9 Mon Sep 17 00:00:00 2001
+From: Marcel Holtmann <marcel@holtmann.org>
+Date: Thu, 3 Jul 2014 16:13:48 +0200
+Subject: [PATCH] hwdb: Update database of Bluetooth company identifiers
+
+---
+ hwdb/20-bluetooth-vendor-product.hwdb |   26 +++++++++++++++++++++++++-
+ 1 file changed, 25 insertions(+), 1 deletion(-)
+
+diff --git hwdb/20-bluetooth-vendor-product.hwdb hwdb/20-bluetooth-vendor-product.hwdb
+index 377748a..9f3136a 100644
+--- hwdb/20-bluetooth-vendor-product.hwdb
++++ hwdb/20-bluetooth-vendor-product.hwdb
+@@ -1045,7 +1045,31 @@ bluetooth:v0159*
+  ID_VENDOR_FROM_DATABASE=ChefSteps, Inc.
+ 
+ bluetooth:v015A*
+- ID_VENDOR_FROM_DATABASE=micus AG
++ ID_VENDOR_FROM_DATABASE=micas AG
+ 
+ bluetooth:v015B*
+  ID_VENDOR_FROM_DATABASE=Biomedical Research Ltd.
++
++bluetooth:v015C*
++ ID_VENDOR_FROM_DATABASE=Pitius Tec S.L.
++
++bluetooth:v015D*
++ ID_VENDOR_FROM_DATABASE=Estimote, Inc.
++
++bluetooth:v015E*
++ ID_VENDOR_FROM_DATABASE=Unikey Technologies, Inc.
++
++bluetooth:v015F*
++ ID_VENDOR_FROM_DATABASE=Timer Cap Co.
++
++bluetooth:v0160*
++ ID_VENDOR_FROM_DATABASE=AwoX
++
++bluetooth:v0161*
++ ID_VENDOR_FROM_DATABASE=yikes
++
++bluetooth:v0162*
++ ID_VENDOR_FROM_DATABASE=MADSGlobal NZ Ltd.
++
++bluetooth:v0163*
++ ID_VENDOR_FROM_DATABASE=PCH International
+-- 
+1.7.9.2
+

0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch

@@ -0,0 +1,26 @@
+From 8ebf02d6f382ce1ac7e0d44a713b8795a07b08cd Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Mon, 30 Jun 2014 21:44:05 +0200
+Subject: [PATCH] units: skip mounting /tmp if it is a symlink
+
+We shouldn't get confused if people have symlinked /tmp somewhere, so
+let's simply skip the mount then.
+---
+ units/tmp.mount |    1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git units/tmp.mount units/tmp.mount
+index 99a3ba3..00a0d28 100644
+--- units/tmp.mount
++++ units/tmp.mount
+@@ -9,6 +9,7 @@
+ Description=Temporary Directory
+ Documentation=man:hier(7)
+ Documentation=http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
++ConditionPathIsSymbolicLink=!/tmp
+ DefaultDependencies=no
+ Conflicts=umount.target
+ Before=local-fs.target umount.target
+-- 
+1.7.9.2
+

1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch

@@ -0,0 +1,25 @@
+From 45e60962b7965f32755a76b79a28126299aac149 Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay@vrfy.org>
+Date: Fri, 27 Jun 2014 14:20:17 +0200
+Subject: [PATCH] libudev: fix udev_queue_get_queue_is_empty() logic
+
+---
+ src/libudev/libudev-queue.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git src/libudev/libudev-queue.c src/libudev/libudev-queue.c
+index eb0e096..c32a7ef 100644
+--- src/libudev/libudev-queue.c
++++ src/libudev/libudev-queue.c
+@@ -175,7 +175,7 @@ _public_ int udev_queue_get_udev_is_active(struct udev_queue *udev_queue)
+  **/
+ _public_ int udev_queue_get_queue_is_empty(struct udev_queue *udev_queue)
+ {
+-        return access("/run/udev/queue", F_OK) >= 0;
++        return access("/run/udev/queue", F_OK) < 0;
+ }
+ 
+ /**
+-- 
+1.7.9.2
+

1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch

@@ -0,0 +1,248 @@
+Based on 14cb733684d3c3f50d088a3a370ddf8e8894dfa4 Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay@vrfy.org>
+Date: Fri, 27 Jun 2014 17:42:44 +0200
+Subject: [PATCH] libudev: queue provide file descriptor to watch busy event
+ queue
+
+---
+ docs/libudev/libudev-sections.txt |    2 ++
+ src/libudev/libudev-queue.c       |   46 +++++++++++++++++++++++++++++++++++
+ src/libudev/libudev.h             |    2 ++
+ src/libudev/libudev.sym           |    2 ++
+ src/udev/udevadm-settle.c         |   48 ++++++++++++++++---------------------
+ 5 files changed, 73 insertions(+), 27 deletions(-)
+
+diff --git docs/libudev/libudev-sections.txt docs/libudev/libudev-sections.txt
+index c154645..8a31ded 100644
+--- docs/libudev/libudev-sections.txt
++++ docs/libudev/libudev-sections.txt
+@@ -116,6 +116,8 @@ udev_queue_get_seqnum_sequence_is_finished
+ udev_queue_get_queued_list_entry
+ udev_queue_get_kernel_seqnum
+ udev_queue_get_udev_seqnum
++udev_queue_get_fd
++udev_queue_flush
+ </SECTION>
+ 
+ <SECTION>
+diff --git src/libudev/libudev-queue.c src/libudev/libudev-queue.c
+index c32a7ef..d4334b4 100644
+--- src/libudev/libudev-queue.c
++++ src/libudev/libudev-queue.c
+@@ -26,6 +26,7 @@
+ #include <string.h>
+ #include <limits.h>
+ #include <sys/stat.h>
++#include <sys/inotify.h>
+ 
+ #include "libudev.h"
+ #include "libudev-private.h"
+@@ -45,6 +46,7 @@
+ struct udev_queue {
+         struct udev *udev;
+         int refcount;
++        int fd;
+ };
+ 
+ /**
+@@ -69,6 +71,7 @@ _public_ struct udev_queue *udev_queue_new(struct udev *udev)
+ 
+         udev_queue->refcount = 1;
+         udev_queue->udev = udev;
++        udev_queue->fd = -1;
+         return udev_queue;
+ }
+ 
+@@ -107,6 +110,9 @@ _public_ struct udev_queue *udev_queue_unref(struct udev_queue *udev_queue)
+         if (udev_queue->refcount > 0)
+                 return NULL;
+ 
++        if (udev_queue->fd >= 0)
++               close_nointr_nofail(udev_queue->fd);
++
+         free(udev_queue);
+         return NULL;
+ }
+@@ -222,3 +228,44 @@ _public_ struct udev_list_entry *udev_queue_get_queued_list_entry(struct udev_qu
+ {
+         return NULL;
+ }
++
++/**
++ * udev_queue_get_fd:
++ * @udev_queue: udev queue context
++ *
++ * Returns: a file descriptor to watch for a queue to become empty.
++ */
++_public_ int udev_queue_get_fd(struct udev_queue *udev_queue) {
++        int fd;
++        int r;
++
++        if (udev_queue->fd >= 0)
++                return udev_queue->fd;
++
++        fd = inotify_init1(IN_CLOEXEC);
++        if (fd < 0)
++                return -errno;
++
++        r = inotify_add_watch(fd, "/run/udev/queue" , IN_DELETE);
++        if (r < 0) {
++                r = -errno;
++                close(fd);
++                return r;
++        }
++
++        udev_queue->fd = fd;
++        return fd;
++}
++
++/**
++ * udev_queue_flush:
++ * @udev_queue: udev queue context
++ *
++ * Returns: the result of clearing the watch for queue changes.
++ */
++_public_ int udev_queue_flush(struct udev_queue *udev_queue) {
++        if (udev_queue->fd < 0)
++                return -EINVAL;
++
++        return flush_fd(udev_queue->fd);
++}
+diff --git src/libudev/libudev.h src/libudev/libudev.h
+index ceb89bd..4f2f115 100644
+--- src/libudev/libudev.h
++++ src/libudev/libudev.h
+@@ -177,6 +177,8 @@ int udev_queue_get_queue_is_empty(struct udev_queue *udev_queue);
+ int udev_queue_get_seqnum_is_finished(struct udev_queue *udev_queue, unsigned long long int seqnum) __attribute__ ((deprecated));
+ int udev_queue_get_seqnum_sequence_is_finished(struct udev_queue *udev_queue,
+                                                unsigned long long int start, unsigned long long int end) __attribute__ ((deprecated));
++int udev_queue_get_fd(struct udev_queue *udev_queue);
++int udev_queue_flush(struct udev_queue *udev_queue);
+ struct udev_list_entry *udev_queue_get_queued_list_entry(struct udev_queue *udev_queue) __attribute__ ((deprecated));
+ 
+ /*
+diff --git src/libudev/libudev.sym src/libudev/libudev.sym
+index 1e6f885..95cd1c7 100644
+--- src/libudev/libudev.sym
++++ src/libudev/libudev.sym
+@@ -82,6 +82,8 @@ global:
+         udev_queue_get_udev;
+         udev_queue_get_udev_is_active;
+         udev_queue_get_udev_seqnum;
++        udev_queue_get_fd;
++        udev_queue_flush;
+         udev_queue_new;
+         udev_queue_ref;
+         udev_queue_unref;
+diff --git src/udev/udevadm-settle.c src/udev/udevadm-settle.c
+index 66fd843..79e8b59 100644
+--- src/udev/udevadm-settle.c
++++ src/udev/udevadm-settle.c
+@@ -29,7 +29,6 @@
+ #include <getopt.h>
+ #include <signal.h>
+ #include <time.h>
+-#include <sys/inotify.h>
+ #include <sys/poll.h>
+ #include <sys/stat.h>
+ #include <sys/types.h>
+@@ -59,7 +58,9 @@ static int adm_settle(struct udev *udev, int argc, char *argv[])
+         const char *exists = NULL;
+         unsigned int timeout = 120;
+         struct pollfd pfd[1] = { {.fd = -1}, };
+-        int rc = EXIT_FAILURE, c;
++        int c;
++        struct udev_queue *queue;
++        int rc = EXIT_FAILURE;
+ 
+         while ((c = getopt_long(argc, argv, "s:e:t:E:qh", options, NULL)) >= 0) {
+                 switch (c) {
+@@ -79,9 +80,9 @@ static int adm_settle(struct udev *udev, int argc, char *argv[])
+                         break;
+                 case 'h':
+                         help();
+-                        exit(EXIT_SUCCESS);
++                        return EXIT_SUCCESS;
+                 case '?':
+-                        exit(EXIT_FAILURE);
++                        return EXIT_FAILURE;
+                 default:
+                         assert_not_reached("Unknown argument");
+                 }
+@@ -89,7 +90,7 @@ static int adm_settle(struct udev *udev, int argc, char *argv[])
+ 
+         if (optind < argc) {
+                 fprintf(stderr, "Extraneous argument: '%s'\n", argv[optind]);
+-                exit(EXIT_FAILURE);
++                return EXIT_FAILURE;
+         }
+ 
+         /* guarantee that the udev daemon isn't pre-processing */
+@@ -101,26 +102,23 @@ static int adm_settle(struct udev *udev, int argc, char *argv[])
+                         if (udev_ctrl_send_ping(uctrl, timeout) < 0) {
+                                 log_debug("no connection to daemon");
+                                 udev_ctrl_unref(uctrl);
+-                                rc = EXIT_SUCCESS;
+-                                goto out;
++                                return EXIT_SUCCESS;
+                         }
+                         udev_ctrl_unref(uctrl);
+                 }
+         }
+ 
+-        pfd[0].events = POLLIN;
+-        pfd[0].fd = inotify_init1(IN_CLOEXEC);
+-        if (pfd[0].fd < 0) {
+-                log_error("inotify_init failed: %m");
+-                goto out;
++        queue = udev_queue_new(udev);
++        if (!queue) {
++                log_error("unable to get udev queue");
++                return EXIT_FAILURE;
+         }
+ 
+-        if (inotify_add_watch(pfd[0].fd, "/run/udev/queue" , IN_DELETE) < 0) {
+-                /* If it does not exist, we don't have to wait */
+-                if (errno == ENOENT)
+-                        rc = EXIT_SUCCESS;
+-                else
+-                        log_debug("watching /run/udev/queue failed");
++        pfd[0].events = POLLIN;
++        pfd[0].fd = udev_queue_get_fd(queue);
++        if (pfd[0].fd < 0) {
++                log_debug("queue is empty, nothing to watch");
++                rc = EXIT_SUCCESS;
+                 goto out;
+         }
+ 
+@@ -131,22 +129,18 @@ static int adm_settle(struct udev *udev, int argc, char *argv[])
+                 }
+ 
+                 /* exit if queue is empty */
+-                if (access("/run/udev/queue", F_OK) < 0) {
++                if (udev_queue_get_queue_is_empty(queue)) {
+                         rc = EXIT_SUCCESS;
+                         break;
+                 }
+ 
+-                /* wake up when "queue" file is deleted */
+-                if (poll(pfd, 1, 100) > 0 && pfd[0].revents & POLLIN) {
+-                        char buf[sizeof(struct inotify_event) + PATH_MAX];
+-
+-                        read(pfd[0].fd, buf, sizeof(buf));
+-                }
++                /* wake up when queue is empty */
++                if (poll(pfd, 1, 100) > 0 && pfd[0].revents & POLLIN)
++                        udev_queue_flush(queue);
+         }
+ 
+ out:
+-        if (pfd[0].fd >= 0)
+-                close(pfd[0].fd);
++        udev_queue_unref(queue);
+         return rc;
+ }
+ 
+-- 
+1.7.9.2
+

1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch

@@ -0,0 +1,40 @@
+From 8a7a0c19edd2d971d4aa9d635f7978af841e8278 Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay@vrfy.org>
+Date: Fri, 27 Jun 2014 19:54:45 +0200
+Subject: [PATCH] libudev: queue - watch entire directory to allow the re-use
+ of the watch descriptor
+
+---
+ src/libudev/libudev-queue.c |    2 +-
+ src/udev/udevadm-settle.c   |    2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git src/libudev/libudev-queue.c src/libudev/libudev-queue.c
+index d4334b4..8ef1f3d 100644
+--- src/libudev/libudev-queue.c
++++ src/libudev/libudev-queue.c
+@@ -245,7 +245,7 @@ _public_ int udev_queue_get_fd(struct udev_queue *udev_queue) {
+         if (fd < 0)
+                 return -errno;
+ 
+-        r = inotify_add_watch(fd, "/run/udev/queue" , IN_DELETE);
++        r = inotify_add_watch(fd, "/run/udev" , IN_DELETE);
+         if (r < 0) {
+                 r = -errno;
+                 close(fd);
+diff --git src/udev/udevadm-settle.c src/udev/udevadm-settle.c
+index 79e8b59..fa5b0c2 100644
+--- src/udev/udevadm-settle.c
++++ src/udev/udevadm-settle.c
+@@ -135,7 +135,7 @@ static int adm_settle(struct udev *udev, int argc, char *argv[])
+                 }
+ 
+                 /* wake up when queue is empty */
+-                if (poll(pfd, 1, 100) > 0 && pfd[0].revents & POLLIN)
++                if (poll(pfd, 1, MSEC_PER_SEC) > 0 && pfd[0].revents & POLLIN)
+                         udev_queue_flush(queue);
+         }
+ 
+-- 
+1.7.9.2
+

1044-rules-update-qemu-hid-rules.patch

@@ -0,0 +1,45 @@
+From cd31d1884f1ecf38e11bc6268f446d75dfafbc25 Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Mon, 24 Mar 2014 12:07:41 +0100
+Subject: [PATCH] rules: update qemu hid rules
+
+Update comment to be a bit more specific.
+
+Change match to blacklist the serial number of the broken devices
+instead of whitelisting the serial number of the fixed devices.
+This allows to do something useful with the serial number in the
+future.
+---
+ rules/42-usb-hid-pm.rules |   15 ++++++++-------
+ 1 file changed, 8 insertions(+), 7 deletions(-)
+
+diff --git rules/42-usb-hid-pm.rules rules/42-usb-hid-pm.rules
+index 3fd6e8a..c675b5b 100644
+--- rules/42-usb-hid-pm.rules
++++ rules/42-usb-hid-pm.rules
+@@ -2,14 +2,15 @@
+ #
+ # Enable autosuspend for qemu emulated usb hid devices
+ 
+-# Note that there are buggy qemu versions which advertise remote
+-# wakeup support but don't actually implement it correctly.  This
+-# is the reason why we need a match for the serial number here.
+-# The serial number "42" is used to tag the implementations where
++# Note that there are buggy qemu versions (0.13 & older) which
++# advertise remote wakeup support but don't actually implement
++# it correctly.  This is the reason why we need a match for the
++# serial number here.  Old, broken versions have serial "1".
++# It has been changed to "42" after fixing the bug to indicate
+ # remote wakeup is working.
+-ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Mouse", ATTR{serial}=="42", TEST=="power/control", ATTR{power/control}="auto"
+-ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Tablet", ATTR{serial}=="42", TEST=="power/control", ATTR{power/control}="auto"
+-ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Keyboard", ATTR{serial}=="42", TEST=="power/control", ATTR{power/control}="auto"
++ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Mouse", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
++ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Tablet", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
++ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Keyboard", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
+ 
+ # Catch-all for Avocent HID devices. Keyed off interface in order to only
+ # trigger on HID class devices.
+-- 
+1.7.9.2
+

1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch

@@ -0,0 +1,29 @@
+Based on 52fb538361053f8c4abce0e40cd0bae3d28ceb16 Mon Sep 17 00:00:00 2001
+From: Tom Hirst <tom.hirst@ipe-systems.co.uk>
+Date: Wed, 25 Jun 2014 11:57:11 +0000
+Subject: [PATCH] rules: don't enable usb pm for Avocent devices
+
+The Avocent KVM over IP devices doesn't work correctly with USB power
+management enabled.
+---
+ rules/42-usb-hid-pm.rules |    4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git rules/42-usb-hid-pm.rules rules/42-usb-hid-pm.rules
+index c675b5b..4c300da 100644
+--- rules/42-usb-hid-pm.rules
++++ rules/42-usb-hid-pm.rules
+@@ -12,10 +12,6 @@ ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Mouse", ATTR{serial}!=
+ ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Tablet", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
+ ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Keyboard", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
+ 
+-# Catch-all for Avocent HID devices. Keyed off interface in order to only
+-# trigger on HID class devices.
+-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="0624", ATTR{bInterfaceClass}=="03", TEST=="../power/control", ATTR{../power/control}="auto"
+-
+ # Dell DRAC 4
+ ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="413c", ATTR{idProduct}=="2500", TEST=="power/control", ATTR{power/control}="auto"
+ 
+-- 
+1.7.9.2
+

1046-fix-duplicated-rules-with-layer3-interfaces.patch

@@ -0,0 +1,16 @@
+Index: systemd-210/src/udev/rule_generator/write_net_rules
+===================================================================
+--- systemd-210.orig/src/udev/rule_generator/write_net_rules
++++ systemd-210/src/udev/rule_generator/write_net_rules
+@@ -101,6 +101,11 @@ if [ "$MATCHDEVID" ]; then
+ fi
+ 
+ if [ "$MATCHID" ]; then
++        ID="$(find_all_rules 'KERNELS==' "$MATCHID")"
++        if [ "$ID" == "$MATCHID" ]; then
++                unlock_rules_file
++                exit 0
++        fi
+         match="$match, KERNELS==\"$MATCHID\""
+ fi
+ 

1047-udev-net_setup_link-builtin-should-print-the-reason-.patch

@@ -0,0 +1,61 @@
+From 01d4590b775661ebc71c7b81b0c62ccd69395268 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Wed, 2 Jul 2014 15:13:29 +0200
+Subject: [PATCH] udev: net_setup_link builtin should print the reason why
+ something fails
+
+Let's tell users what is going wrong.
+---
+ src/udev/udev-builtin-net_setup_link.c |   12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git src/udev/udev-builtin-net_setup_link.c src/udev/udev-builtin-net_setup_link.c
+index 3cd384e..6207269 100644
+--- src/udev/udev-builtin-net_setup_link.c
++++ src/udev/udev-builtin-net_setup_link.c
+@@ -43,17 +43,17 @@ static int builtin_net_setup_link(struct udev_device *dev, int argc, char **argv
+         r = link_config_get(ctx, dev, &link);
+         if (r < 0) {
+                 if (r == -ENOENT) {
+-                        log_debug("No matching link configuration found");
++                        log_debug("No matching link configuration found.");
+                         return EXIT_SUCCESS;
+                 } else {
+-                        log_error("Could not get link config");
++                        log_error("Could not get link config: %s", strerror(-r));
+                         return EXIT_FAILURE;
+                 }
+         }
+ 
+         r = link_config_apply(ctx, link, dev, &name);
+         if (r < 0) {
+-                log_error("Could not apply link config to %s", udev_device_get_sysname(dev));
++                log_error("Could not apply link config to %s: %s", udev_device_get_sysname(dev), strerror(-r));
+                 return EXIT_FAILURE;
+         }
+ 
+@@ -77,18 +77,18 @@ static int builtin_net_setup_link_init(struct udev *udev) {
+         if (r < 0)
+                 return r;
+ 
+-        log_debug("Created link configuration context");
++        log_debug("Created link configuration context.");
+         return 0;
+ }
+ 
+ static void builtin_net_setup_link_exit(struct udev *udev) {
+         link_config_ctx_free(ctx);
+         ctx = NULL;
+-        log_debug("Unloaded link configuration context");
++        log_debug("Unloaded link configuration context.");
+ }
+ 
+ static bool builtin_net_setup_link_validate(struct udev *udev) {
+-        log_debug("Check if link configuration needs reloading");
++        log_debug("Check if link configuration needs reloading.");
+         if (!ctx)
+                 return false;
+ 
+-- 
+1.7.9.2
+

1048-udev-net_setup_link-add-a-bit-more-logging.patch

@@ -0,0 +1,39 @@
+From 866ee3682213789f85b877700457fdca05695a0e Mon Sep 17 00:00:00 2001
+From: Tom Gundersen <teg@jklm.no>
+Date: Thu, 3 Jul 2014 09:57:27 +0200
+Subject: [PATCH] udev: net_setup_link - add a bit more logging
+
+---
+ src/udev/net/link-config.c |   10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git src/udev/net/link-config.c src/udev/net/link-config.c
+index 7a9d01b..b8650a6 100644
+--- src/udev/net/link-config.c
++++ src/udev/net/link-config.c
+@@ -92,14 +92,20 @@ static int link_config_ctx_connect(link_config_ctx *ctx) {
+ 
+         if (ctx->ethtool_fd == -1) {
+                 r = ethtool_connect(&ctx->ethtool_fd);
+-                if (r < 0)
++                if (r < 0) {
++                        log_warning("link_config: could not connect to ethtool: %s",
++                                    strerror(-r));
+                         return r;
++                }
+         }
+ 
+         if (!ctx->rtnl) {
+                 r = sd_rtnl_open(&ctx->rtnl, 0);
+-                if (r < 0)
++                if (r < 0) {
++                        log_warning("link_config: could not connect to rtnl: %s",
++                                    strerror(-r));
+                         return r;
++                }
+         }
+ 
+         return 0;
+-- 
+1.7.9.2
+

systemd-mini.changes

@@ -1,3 +1,97 @@
+-------------------------------------------------------------------
+Mon Jul  7 13:06:35 UTC 2014 - werner@suse.de
+
+- Add upstream patch
+  0001-machine-don-t-return-uninitialized-variable.patch
+- Port and add upstream patch
+  0002-vconsole-setup-run-setfont-before-loadkeys.patch
+
+-------------------------------------------------------------------
+Mon Jul  7 13:04:00 UTC 2014 - rmilasan@suse.com
+
+- Rename
+  0001-udev-net_setup_link-add-a-bit-more-logging.patch
+  to
+  1048-udev-net_setup_link-add-a-bit-more-logging.patch 
+
+-------------------------------------------------------------------
+Fri Jul  4 10:01:07 UTC 2014 - werner@suse.de
+
+- Port and add upstream patches
+  0001-udev-net_setup_link-add-a-bit-more-logging.patch
+  0003-namespace-make-sure-tmp-var-tmp-and-dev-are-writable.patch
+  0002-namespace-fix-uninitialized-memory-access.patch
+
+-------------------------------------------------------------------
+Fri Jul  4 09:43:12 UTC 2014 - werner@suse.de
+
+- Add upstream patches
+  0001-architecture-Add-tilegx.patch
+  0002-architecture-Add-cris.patch
+  0003-arch-add-crisv32-to-uname-check.patch
+  0004-architecture-remove-cris-from-uname-list.patch
+
+-------------------------------------------------------------------
+Fri Jul  4 09:32:47 UTC 2014 - werner@suse.de
+
+- Add upstream patches
+  0006-hwdb-update.patch
+  0007-hwdb-Update-database-of-Bluetooth-company-identifier.patch
+
+-------------------------------------------------------------------
+Thu Jul  3 12:48:27 UTC 2014 - werner@suse.de
+
+- Add upstream patches
+  0001-parse_uid-return-ENXIO-for-1-uids.patch
+  0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch
+  0003-localed-consider-an-unset-model-as-a-wildcard.patch
+  0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch
+  0005-bus-close-a-bus-that-failed-to-connect.patch
+  1047-udev-net_setup_link-builtin-should-print-the-reason-.patch
+
+-------------------------------------------------------------------
+Wed Jul  2 18:06:32 UTC 2014 - rmilasan@suse.com
+
+- Fix duplicated rules when having layer3 interfaces (bnc#882714).
+  Add 1046-fix-duplicated-rules-with-layer3-interfaces.patch
+
+-------------------------------------------------------------------
+Tue Jul  1 14:53:44 UTC 2014 - werner@suse.de
+
+- Require correct pam-config version overall even for scriptlets (bnc#885288)
+
+-------------------------------------------------------------------
+Tue Jul  1 12:19:27 UTC 2014 - werner@suse.de
+
+- Add upstream patches
+  0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch
+  0002-journald-make-MaxFileSec-really-default-to-1month.patch
+  0003-units-remove-RefuseManualStart-from-units-which-are-.patch
+  0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch
+  0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch
+  0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch
+  0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch
+
+-------------------------------------------------------------------
+Tue Jul  1 09:58:04 UTC 2014 - werner@suse.de
+
+- Be aware that close_nointr_nofail() may fail whereas safe_close() not
+
+-------------------------------------------------------------------
+Tue Jul  1 08:56:48 UTC 2014 - werner@suse.de
+
+- Add upstream patches
+  1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
+  1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
+  1044-rules-update-qemu-hid-rules.patch
+  1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
+
+-------------------------------------------------------------------
+Fri Jun 27 12:46:12 UTC 2014 - werner@suse.de
+
+- Add upstream bug fix patch
+  1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch (bnc#882714)
+
 -------------------------------------------------------------------
 Fri Jun 27 08:17:47 UTC 2014 - werner@suse.de
 

systemd-mini.spec

@@ -145,7 +145,7 @@ Requires(post): coreutils
 Requires(post): findutils
 %endif
 %if ! 0%{?bootstrap}
-Requires(post): pam-config
+Requires(post): pam-config >= 0.79-5
 %endif
 Requires(pre):  /usr/bin/getent
 Requires(pre):  /usr/sbin/groupadd
@@ -609,6 +609,50 @@ Patch297:       0001-core-use-correct-format-string-for-UIDs.patch
 Patch298:       0002-core-transaction-fix-cycle-break-attempts-outside-tr.patch
 # PATCH-FIX-UPSTREAM added at 2014/06/26
 Patch299:       0003-fsck-consider-a-fsck-implementation-linked-to-bin-tr.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch300:       0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch301:       0002-journald-make-MaxFileSec-really-default-to-1month.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch302:       0003-units-remove-RefuseManualStart-from-units-which-are-.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch303:       0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch304:       0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch305:       0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch306:       0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/03
+Patch307:       0001-parse_uid-return-ENXIO-for-1-uids.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/03
+Patch308:       0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/03
+Patch309:       0003-localed-consider-an-unset-model-as-a-wildcard.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/03
+Patch310:       0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/03
+Patch311:       0005-bus-close-a-bus-that-failed-to-connect.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch312:       0006-hwdb-update.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch313:       0007-hwdb-Update-database-of-Bluetooth-company-identifier.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch314:       0001-architecture-Add-tilegx.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch315:       0002-architecture-Add-cris.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch316:       0003-arch-add-crisv32-to-uname-check.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch317:       0004-architecture-remove-cris-from-uname-list.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch318:       0003-namespace-make-sure-tmp-var-tmp-and-dev-are-writable.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch319:       0002-namespace-fix-uninitialized-memory-access.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/07
+Patch320:       0001-machine-don-t-return-uninitialized-variable.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/07
+Patch321:       0002-vconsole-setup-run-setfont-before-loadkeys.patch
 
 # UDEV PATCHES
 # ============
@@ -696,6 +740,22 @@ Patch1038:      1038-udev-fix-invalid-free-in-enable_name_policy.patch
 Patch1039:      1039-udevadm-settle-fixed-return-code-for-empty-queue.patch
 # PATCH-FIX-SUSE 1040-re-enable-dev_id-conditionally-in-persistent-rules.patch (bnc#884403 and bnc#882714)
 Patch1040:      1040-re-enable-dev_id-conditionally-in-persistent-rules.patch
+# PATCH-FIX-UPSTREAM 1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch
+Patch1041:      1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch
+# PATCH-FIX-UPSTREAM 1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
+Patch1042:      1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
+# PATCH-FIX-UPSTREAM 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
+Patch1043:      1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
+# PATCH-FIX-UPSTREAM 1044-rules-update-qemu-hid-rules.patch
+Patch1044:      1044-rules-update-qemu-hid-rules.patch
+# PATCH-FIX-UPSTREAM 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
+Patch1045:      1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
+# PATCH-FIX-SUSE 1046-fix-duplicated-rules-with-layer3-interfaces.patch (bnc#882714)
+Patch1046:      1046-fix-duplicated-rules-with-layer3-interfaces.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/03
+Patch1047:      1047-udev-net_setup_link-builtin-should-print-the-reason-.patch
+# PATCH-FIX-UPSTREAM 1048-udev-net_setup_link-add-a-bit-more-logging.patch
+Patch1048:      1048-udev-net_setup_link-add-a-bit-more-logging.patch
 
 %description
 Systemd is a system and service manager, compatible with SysV and LSB
@@ -1153,6 +1213,28 @@ cp %{SOURCE7} m4/
 %patch297 -p0
 %patch298 -p0
 %patch299 -p0
+%patch300 -p0
+%patch301 -p0
+%patch302 -p0
+%patch303 -p0
+%patch304 -p0
+%patch305 -p0
+%patch306 -p0
+%patch307 -p0
+%patch308 -p0
+%patch309 -p0
+%patch310 -p0
+%patch311 -p0
+%patch312 -p0
+%patch313 -p0
+%patch314 -p0
+%patch315 -p0
+%patch316 -p0
+%patch317 -p0
+%patch318 -p0
+%patch319 -p0
+%patch320 -p0
+%patch321 -p0
 
 # udev patches
 %patch1001 -p1
@@ -1177,11 +1259,9 @@ cp %{SOURCE7} m4/
 %patch1019 -p0
 %patch1020 -p0
 %patch1021 -p1
-%if 0%{?suse_version} > 1310
 %if %{with udevsettle}
 %patch1022 -p1
 %endif
-%endif
 %patch1023 -p0
 %patch1024 -p0
 %patch1025 -p1
@@ -1198,12 +1278,20 @@ cp %{SOURCE7} m4/
 %patch1036 -p1
 %patch1037 -p1
 %patch1038 -p0
-%if 0%{?suse_version} > 1310
 %if %{with udevsettle}
 %patch1039 -p0
 %endif
-%endif
 %patch1040 -p1
+%if %{with udevsettle}
+%patch1041 -p0
+%patch1042 -p0
+%patch1043 -p0
+%endif
+%patch1044 -p0
+%patch1045 -p0
+%patch1046 -p1
+%patch1047 -p0
+%patch1048 -p0
 
 # ensure generate files are removed
 rm -f units/emergency.service

systemd.changes

@@ -1,3 +1,97 @@
+-------------------------------------------------------------------
+Mon Jul  7 13:06:35 UTC 2014 - werner@suse.de
+
+- Add upstream patch
+  0001-machine-don-t-return-uninitialized-variable.patch
+- Port and add upstream patch
+  0002-vconsole-setup-run-setfont-before-loadkeys.patch
+
+-------------------------------------------------------------------
+Mon Jul  7 13:04:00 UTC 2014 - rmilasan@suse.com
+
+- Rename
+  0001-udev-net_setup_link-add-a-bit-more-logging.patch
+  to
+  1048-udev-net_setup_link-add-a-bit-more-logging.patch 
+
+-------------------------------------------------------------------
+Fri Jul  4 10:01:07 UTC 2014 - werner@suse.de
+
+- Port and add upstream patches
+  0001-udev-net_setup_link-add-a-bit-more-logging.patch
+  0003-namespace-make-sure-tmp-var-tmp-and-dev-are-writable.patch
+  0002-namespace-fix-uninitialized-memory-access.patch
+
+-------------------------------------------------------------------
+Fri Jul  4 09:43:12 UTC 2014 - werner@suse.de
+
+- Add upstream patches
+  0001-architecture-Add-tilegx.patch
+  0002-architecture-Add-cris.patch
+  0003-arch-add-crisv32-to-uname-check.patch
+  0004-architecture-remove-cris-from-uname-list.patch
+
+-------------------------------------------------------------------
+Fri Jul  4 09:32:47 UTC 2014 - werner@suse.de
+
+- Add upstream patches
+  0006-hwdb-update.patch
+  0007-hwdb-Update-database-of-Bluetooth-company-identifier.patch
+
+-------------------------------------------------------------------
+Thu Jul  3 12:48:27 UTC 2014 - werner@suse.de
+
+- Add upstream patches
+  0001-parse_uid-return-ENXIO-for-1-uids.patch
+  0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch
+  0003-localed-consider-an-unset-model-as-a-wildcard.patch
+  0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch
+  0005-bus-close-a-bus-that-failed-to-connect.patch
+  1047-udev-net_setup_link-builtin-should-print-the-reason-.patch
+
+-------------------------------------------------------------------
+Wed Jul  2 18:06:32 UTC 2014 - rmilasan@suse.com
+
+- Fix duplicated rules when having layer3 interfaces (bnc#882714).
+  Add 1046-fix-duplicated-rules-with-layer3-interfaces.patch
+
+-------------------------------------------------------------------
+Tue Jul  1 14:53:44 UTC 2014 - werner@suse.de
+
+- Require correct pam-config version overall even for scriptlets (bnc#885288)
+
+-------------------------------------------------------------------
+Tue Jul  1 12:19:27 UTC 2014 - werner@suse.de
+
+- Add upstream patches
+  0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch
+  0002-journald-make-MaxFileSec-really-default-to-1month.patch
+  0003-units-remove-RefuseManualStart-from-units-which-are-.patch
+  0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch
+  0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch
+  0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch
+  0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch
+
+-------------------------------------------------------------------
+Tue Jul  1 09:58:04 UTC 2014 - werner@suse.de
+
+- Be aware that close_nointr_nofail() may fail whereas safe_close() not
+
+-------------------------------------------------------------------
+Tue Jul  1 08:56:48 UTC 2014 - werner@suse.de
+
+- Add upstream patches
+  1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
+  1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
+  1044-rules-update-qemu-hid-rules.patch
+  1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
+
+-------------------------------------------------------------------
+Fri Jun 27 12:46:12 UTC 2014 - werner@suse.de
+
+- Add upstream bug fix patch
+  1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch (bnc#882714)
+
 -------------------------------------------------------------------
 Fri Jun 27 08:17:47 UTC 2014 - werner@suse.de
 

systemd.spec

@@ -140,7 +140,7 @@ Requires(post): coreutils
 Requires(post): findutils
 %endif
 %if ! 0%{?bootstrap}
-Requires(post): pam-config
+Requires(post): pam-config >= 0.79-5
 %endif
 Requires(pre):  /usr/bin/getent
 Requires(pre):  /usr/sbin/groupadd
@@ -604,6 +604,50 @@ Patch297:       0001-core-use-correct-format-string-for-UIDs.patch
 Patch298:       0002-core-transaction-fix-cycle-break-attempts-outside-tr.patch
 # PATCH-FIX-UPSTREAM added at 2014/06/26
 Patch299:       0003-fsck-consider-a-fsck-implementation-linked-to-bin-tr.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch300:       0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch301:       0002-journald-make-MaxFileSec-really-default-to-1month.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch302:       0003-units-remove-RefuseManualStart-from-units-which-are-.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch303:       0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch304:       0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch305:       0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/01
+Patch306:       0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/03
+Patch307:       0001-parse_uid-return-ENXIO-for-1-uids.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/03
+Patch308:       0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/03
+Patch309:       0003-localed-consider-an-unset-model-as-a-wildcard.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/03
+Patch310:       0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/03
+Patch311:       0005-bus-close-a-bus-that-failed-to-connect.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch312:       0006-hwdb-update.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch313:       0007-hwdb-Update-database-of-Bluetooth-company-identifier.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch314:       0001-architecture-Add-tilegx.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch315:       0002-architecture-Add-cris.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch316:       0003-arch-add-crisv32-to-uname-check.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch317:       0004-architecture-remove-cris-from-uname-list.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch318:       0003-namespace-make-sure-tmp-var-tmp-and-dev-are-writable.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/04
+Patch319:       0002-namespace-fix-uninitialized-memory-access.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/07
+Patch320:       0001-machine-don-t-return-uninitialized-variable.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/07
+Patch321:       0002-vconsole-setup-run-setfont-before-loadkeys.patch
 
 # UDEV PATCHES
 # ============
@@ -691,6 +735,22 @@ Patch1038:      1038-udev-fix-invalid-free-in-enable_name_policy.patch
 Patch1039:      1039-udevadm-settle-fixed-return-code-for-empty-queue.patch
 # PATCH-FIX-SUSE 1040-re-enable-dev_id-conditionally-in-persistent-rules.patch (bnc#884403 and bnc#882714)
 Patch1040:      1040-re-enable-dev_id-conditionally-in-persistent-rules.patch
+# PATCH-FIX-UPSTREAM 1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch
+Patch1041:      1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch
+# PATCH-FIX-UPSTREAM 1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
+Patch1042:      1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
+# PATCH-FIX-UPSTREAM 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
+Patch1043:      1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
+# PATCH-FIX-UPSTREAM 1044-rules-update-qemu-hid-rules.patch
+Patch1044:      1044-rules-update-qemu-hid-rules.patch
+# PATCH-FIX-UPSTREAM 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
+Patch1045:      1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
+# PATCH-FIX-SUSE 1046-fix-duplicated-rules-with-layer3-interfaces.patch (bnc#882714)
+Patch1046:      1046-fix-duplicated-rules-with-layer3-interfaces.patch
+# PATCH-FIX-UPSTREAM added at 2014/07/03
+Patch1047:      1047-udev-net_setup_link-builtin-should-print-the-reason-.patch
+# PATCH-FIX-UPSTREAM 1048-udev-net_setup_link-add-a-bit-more-logging.patch
+Patch1048:      1048-udev-net_setup_link-add-a-bit-more-logging.patch
 
 %description
 Systemd is a system and service manager, compatible with SysV and LSB
@@ -1148,6 +1208,28 @@ cp %{SOURCE7} m4/
 %patch297 -p0
 %patch298 -p0
 %patch299 -p0
+%patch300 -p0
+%patch301 -p0
+%patch302 -p0
+%patch303 -p0
+%patch304 -p0
+%patch305 -p0
+%patch306 -p0
+%patch307 -p0
+%patch308 -p0
+%patch309 -p0
+%patch310 -p0
+%patch311 -p0
+%patch312 -p0
+%patch313 -p0
+%patch314 -p0
+%patch315 -p0
+%patch316 -p0
+%patch317 -p0
+%patch318 -p0
+%patch319 -p0
+%patch320 -p0
+%patch321 -p0
 
 # udev patches
 %patch1001 -p1
@@ -1172,11 +1254,9 @@ cp %{SOURCE7} m4/
 %patch1019 -p0
 %patch1020 -p0
 %patch1021 -p1
-%if 0%{?suse_version} > 1310
 %if %{with udevsettle}
 %patch1022 -p1
 %endif
-%endif
 %patch1023 -p0
 %patch1024 -p0
 %patch1025 -p1
@@ -1193,12 +1273,20 @@ cp %{SOURCE7} m4/
 %patch1036 -p1
 %patch1037 -p1
 %patch1038 -p0
-%if 0%{?suse_version} > 1310
 %if %{with udevsettle}
 %patch1039 -p0
 %endif
-%endif
 %patch1040 -p1
+%if %{with udevsettle}
+%patch1041 -p0
+%patch1042 -p0
+%patch1043 -p0
+%endif
+%patch1044 -p0
+%patch1045 -p0
+%patch1046 -p1
+%patch1047 -p0
+%patch1048 -p0
 
 # ensure generate files are removed
 rm -f units/emergency.service