From 2bdae7e39e4fb37dfea78da0096678b8706394b8 Mon Sep 17 00:00:00 2001
From: Michael Marineau <michael.marineau@coreos.com>
Date: Sat, 14 Jun 2014 21:07:51 -0700
Subject: [PATCH 1/4] chore(sys-apps/systemd): Roll back to systemd 212

Versions 213 and 214 are not currently usable on GCE:

 - networkd aborts with "Assertion 'link->manager->rtnl' failed"
   https://bugs.freedesktop.org/show_bug.cgi?id=79789

 - persistent naming for virtio devices was removed,
   network devices have returned to the old eth0, eth1, etc. names:
   https://github.com/systemd/systemd/commit/bf81e792f3c0aed54edf004c1c95cc6f6d81d0ee
   This re-breaks our copy of the GCE address_manager agent:
   https://github.com/coreos/coreos-overlay/blob/a24dfc97a91262de07c3da127388c23faaab334d/app-emulation/google-compute-daemon/files/0001-hack-address_manager-use-CoreOS-names-and-locations.patch

This reverts commit da3226051f and f179df3449.
---
 .../sys-apps/systemd/files/211-tmpfiles.patch |  12 +
 .../212-0001-sd-rtnl-fix-off-by-one.patch     |  32 ++
 ...g-jobs-to-run-queue-in-unit_coldplug.patch |  35 ++
 ...aiting-jobs-to-run-queue-during-cold.patch |  39 ++
 ...sure-to-serialize-jobs-for-all-units.patch | 118 ++++
 ...ntly-ignore-sections-starting-with-X.patch |  73 +++
 .../sys-apps/systemd/systemd-212-r8.ebuild    | 504 ++++++++++++++++++
 .../sys-apps/systemd/systemd-213-r2.ebuild    |   2 +-
 8 files changed, 814 insertions(+), 1 deletion(-)
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/211-tmpfiles.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0001-sd-rtnl-fix-off-by-one.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0002-job-add-waiting-jobs-to-run-queue-in-unit_coldplug.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0003-job-always-add-waiting-jobs-to-run-queue-during-cold.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0004-core-make-sure-to-serialize-jobs-for-all-units.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0005-conf-parser-silently-ignore-sections-starting-with-X.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-212-r8.ebuild

diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/211-tmpfiles.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/211-tmpfiles.patch
new file mode 100644
index 0000000000..888fa572a7
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/211-tmpfiles.patch
@@ -0,0 +1,12 @@
+diff --git a/tmpfiles.d/systemd.conf b/tmpfiles.d/systemd.conf
+index 7c6d6b9099b9..1aeb5e40f1ee 100644
+--- a/tmpfiles.d/systemd.conf
++++ b/tmpfiles.d/systemd.conf
+@@ -24,5 +24,7 @@ d /run/systemd/shutdown 0755 root root -
+ 
+ m /var/log/journal 2755 root systemd-journal - -
+ m /var/log/journal/%m 2755 root systemd-journal - -
++m /var/log/journal/%m/system.journal 2755 root systemd-journal - -
+ m /run/log/journal 2755 root systemd-journal - -
+ m /run/log/journal/%m 2755 root systemd-journal - -
++m /run/log/journal/%m/system.journal 2755 root systemd-journal - -
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0001-sd-rtnl-fix-off-by-one.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0001-sd-rtnl-fix-off-by-one.patch
new file mode 100644
index 0000000000..780a171850
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0001-sd-rtnl-fix-off-by-one.patch
@@ -0,0 +1,32 @@
+From ef1a79119cc9cdeef03af17795e6a05459a0f3af Mon Sep 17 00:00:00 2001
+From: Steven Siloti <ssiloti@gmail.com>
+Date: Sun, 30 Mar 2014 21:20:26 -0700
+Subject: [PATCH] sd-rtnl: fix off-by-one
+To: systemd-devel@lists.freedesktop.org
+
+Also fix type parameter passed to new0
+---
+ src/libsystemd/sd-rtnl/rtnl-message.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/libsystemd/sd-rtnl/rtnl-message.c b/src/libsystemd/sd-rtnl/rtnl-message.c
+index 84a8ffa..97ace2a 100644
+--- a/src/libsystemd/sd-rtnl/rtnl-message.c
++++ b/src/libsystemd/sd-rtnl/rtnl-message.c
+@@ -1073,11 +1073,11 @@ int rtnl_message_parse(sd_rtnl_message *m,
+         unsigned short type;
+         size_t *tb;
+ 
+-        tb = (size_t *) new0(size_t *, max);
++        tb = new0(size_t, max + 1);
+         if(!tb)
+                 return -ENOMEM;
+ 
+-        *rta_tb_size = max;
++        *rta_tb_size = max + 1;
+ 
+         for (; RTA_OK(rta, rt_len); rta = RTA_NEXT(rta, rt_len)) {
+                 type = rta->rta_type;
+-- 
+1.9.1
+
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0002-job-add-waiting-jobs-to-run-queue-in-unit_coldplug.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0002-job-add-waiting-jobs-to-run-queue-in-unit_coldplug.patch
new file mode 100644
index 0000000000..04307bffdc
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0002-job-add-waiting-jobs-to-run-queue-in-unit_coldplug.patch
@@ -0,0 +1,35 @@
+From ff790a30ceae4e64249544f9719f78c385308f67 Mon Sep 17 00:00:00 2001
+From: Brandon Philips <brandon@ifup.co>
+Date: Fri, 25 Apr 2014 09:31:59 -0600
+Subject: [PATCH 2/4] job: add waiting jobs to run queue in unit_coldplug
+
+When we have job installed and added to run queue for service which is
+still in dead state and systemd initiates reload then after reload we
+never add deserialized job to the run queue again. This is caused by
+check in service_coldplug() where we check if deserialized state is
+something else than dead state, which is not the case thus we never call
+service_set_state() and finally unit_notify() where we would have added
+job to the run queue.
+
+Thanks to Michal Sekletar <msekleta@redhat.com> for the original patch.
+---
+ src/core/job.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/core/job.c b/src/core/job.c
+index 35a9de6..835cfe1 100644
+--- a/src/core/job.c
++++ b/src/core/job.c
+@@ -1066,6 +1066,9 @@ int job_coldplug(Job *j) {
+         if (j->timer_event_source)
+                 j->timer_event_source = sd_event_source_unref(j->timer_event_source);
+ 
++        if (j->state == JOB_WAITING)
++                job_add_to_run_queue(j);
++
+         r = sd_event_add_time(
+                         j->manager->event,
+                         &j->timer_event_source,
+-- 
+1.8.5.5
+
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0003-job-always-add-waiting-jobs-to-run-queue-during-cold.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0003-job-always-add-waiting-jobs-to-run-queue-during-cold.patch
new file mode 100644
index 0000000000..ea0e62f488
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0003-job-always-add-waiting-jobs-to-run-queue-during-cold.patch
@@ -0,0 +1,39 @@
+From 05728416aba07cf66e6933e65c5c076643a1d62b Mon Sep 17 00:00:00 2001
+From: Michael Marineau <michael.marineau@coreos.com>
+Date: Mon, 12 May 2014 09:26:16 +0200
+Subject: [PATCH 3/4] job: always add waiting jobs to run queue during coldplug
+
+commit 20a83d7bf was not equivalent to the original bug fix proposed by
+Michal Sekletar <msekleta@redhat.com>. The committed version only added
+the job to the run queue if the job had a timeout, which most jobs do
+not have. Just re-ordering the code gets us the intended functionality
+---
+ src/core/job.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/core/job.c b/src/core/job.c
+index 835cfe1..dc4f441 100644
+--- a/src/core/job.c
++++ b/src/core/job.c
+@@ -1060,15 +1060,15 @@ int job_coldplug(Job *j) {
+         if (r < 0)
+                 return r;
+ 
++        if (j->state == JOB_WAITING)
++                job_add_to_run_queue(j);
++
+         if (j->begin_usec == 0 || j->unit->job_timeout == 0)
+                 return 0;
+ 
+         if (j->timer_event_source)
+                 j->timer_event_source = sd_event_source_unref(j->timer_event_source);
+ 
+-        if (j->state == JOB_WAITING)
+-                job_add_to_run_queue(j);
+-
+         r = sd_event_add_time(
+                         j->manager->event,
+                         &j->timer_event_source,
+-- 
+1.8.5.5
+
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0004-core-make-sure-to-serialize-jobs-for-all-units.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0004-core-make-sure-to-serialize-jobs-for-all-units.patch
new file mode 100644
index 0000000000..33c7215853
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0004-core-make-sure-to-serialize-jobs-for-all-units.patch
@@ -0,0 +1,118 @@
+From fb7fe351e092bb591a6fc24c76fd4a8effec644d Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Fri, 16 May 2014 01:15:03 +0200
+Subject: [PATCH 4/4] core: make sure to serialize jobs for all units
+
+Previously we wouldn't serialize jobs for units that themselves have
+nothing to serialize.
+
+http://lists.freedesktop.org/archives/systemd-devel/2014-May/019051.html
+---
+ src/core/manager.c |  3 ---
+ src/core/unit.c    | 43 +++++++++++++++++++++----------------------
+ 2 files changed, 21 insertions(+), 25 deletions(-)
+
+diff --git a/src/core/manager.c b/src/core/manager.c
+index 224106c..0b91db3 100644
+--- a/src/core/manager.c
++++ b/src/core/manager.c
+@@ -2129,9 +2129,6 @@ int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root) {
+                 if (u->id != t)
+                         continue;
+ 
+-                if (!unit_can_serialize(u))
+-                        continue;
+-
+                 /* Start marker */
+                 fputs(u->id, f);
+                 fputc('\n', f);
+diff --git a/src/core/unit.c b/src/core/unit.c
+index 153b79b..9147686 100644
+--- a/src/core/unit.c
++++ b/src/core/unit.c
+@@ -2287,25 +2287,25 @@ bool unit_can_serialize(Unit *u) {
+ }
+ 
+ int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
+-        ExecRuntime *rt;
+         int r;
+ 
+         assert(u);
+         assert(f);
+         assert(fds);
+ 
+-        if (!unit_can_serialize(u))
+-                return 0;
+-
+-        r = UNIT_VTABLE(u)->serialize(u, f, fds);
+-        if (r < 0)
+-                return r;
++        if (unit_can_serialize(u)) {
++                ExecRuntime *rt;
+ 
+-        rt = unit_get_exec_runtime(u);
+-        if (rt) {
+-                r = exec_runtime_serialize(rt, u, f, fds);
++                r = UNIT_VTABLE(u)->serialize(u, f, fds);
+                 if (r < 0)
+                         return r;
++
++                rt = unit_get_exec_runtime(u);
++                if (rt) {
++                        r = exec_runtime_serialize(rt, u, f, fds);
++                        if (r < 0)
++                                return r;
++                }
+         }
+ 
+         dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
+@@ -2367,17 +2367,14 @@ void unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
+ }
+ 
+ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
+-        size_t offset;
+         ExecRuntime **rt = NULL;
++        size_t offset;
+         int r;
+ 
+         assert(u);
+         assert(f);
+         assert(fds);
+ 
+-        if (!unit_can_serialize(u))
+-                return 0;
+-
+         offset = UNIT_VTABLE(u)->exec_runtime_offset;
+         if (offset > 0)
+                 rt = (ExecRuntime**) ((uint8_t*) u + offset);
+@@ -2494,17 +2491,19 @@ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
+                         continue;
+                 }
+ 
+-                if (rt) {
+-                        r = exec_runtime_deserialize_item(rt, u, l, v, fds);
++                if (unit_can_serialize(u)) {
++                        if (rt) {
++                                r = exec_runtime_deserialize_item(rt, u, l, v, fds);
++                                if (r < 0)
++                                        return r;
++                                if (r > 0)
++                                        continue;
++                        }
++
++                        r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
+                         if (r < 0)
+                                 return r;
+-                        if (r > 0)
+-                                continue;
+                 }
+-
+-                r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
+-                if (r < 0)
+-                        return r;
+         }
+ }
+ 
+-- 
+1.8.5.5
+
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0005-conf-parser-silently-ignore-sections-starting-with-X.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0005-conf-parser-silently-ignore-sections-starting-with-X.patch
new file mode 100644
index 0000000000..c2d877e1e8
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0005-conf-parser-silently-ignore-sections-starting-with-X.patch
@@ -0,0 +1,73 @@
+From 92b626e34454aa14b51a9b21a1e885806c10d2fb Mon Sep 17 00:00:00 2001
+From: Michael Marineau <michael.marineau@coreos.com>
+Date: Fri, 16 May 2014 16:03:38 -0700
+Subject: [PATCH 5/5] conf-parser: silently ignore sections starting with "X-"
+
+This allows external tools to keep additional unit information in a
+separate section without scaring users with a big warning.
+---
+ src/shared/conf-parser.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c
+index d27b1b7..062b15b 100644
+--- a/src/shared/conf-parser.c
++++ b/src/shared/conf-parser.c
+@@ -204,6 +204,7 @@ static int parse_line(const char* unit,
+                       bool allow_include,
+                       char **section,
+                       unsigned *section_line,
++                      bool *section_ignored,
+                       char *l,
+                       void *userdata) {
+ 
+@@ -266,7 +267,7 @@ static int parse_line(const char* unit,
+ 
+                 if (sections && !nulstr_contains(sections, n)) {
+ 
+-                        if (!relaxed)
++                        if (!relaxed && !startswith(n, "X-"))
+                                 log_syntax(unit, LOG_WARNING, filename, line, EINVAL,
+                                            "Unknown section '%s'. Ignoring.", n);
+ 
+@@ -274,10 +275,12 @@ static int parse_line(const char* unit,
+                         free(*section);
+                         *section = NULL;
+                         *section_line = 0;
++                        *section_ignored = true;
+                 } else {
+                         free(*section);
+                         *section = n;
+                         *section_line = line;
++                        *section_ignored = false;
+                 }
+ 
+                 return 0;
+@@ -285,7 +288,7 @@ static int parse_line(const char* unit,
+ 
+         if (sections && !*section) {
+ 
+-                if (!relaxed)
++                if (!relaxed && !*section_ignored)
+                         log_syntax(unit, LOG_WARNING, filename, line, EINVAL,
+                                    "Assignment outside of section. Ignoring.");
+ 
+@@ -328,6 +331,7 @@ int config_parse(const char *unit,
+         _cleanup_free_ char *section = NULL, *continuation = NULL;
+         _cleanup_fclose_ FILE *ours = NULL;
+         unsigned line = 0, section_line = 0;
++        bool section_ignored = false;
+         int r;
+ 
+         assert(filename);
+@@ -399,6 +403,7 @@ int config_parse(const char *unit,
+                                allow_include,
+                                &section,
+                                &section_line,
++                               &section_ignored,
+                                p,
+                                userdata);
+                 free(c);
+-- 
+1.8.5.5
+
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-212-r8.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-212-r8.ebuild
new file mode 100644
index 0000000000..8bf6cc6da6
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-212-r8.ebuild
@@ -0,0 +1,504 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/systemd/systemd-9999.ebuild,v 1.103 2014/03/31 19:01:25 floppym Exp $
+
+EAPI=5
+
+if [[ ${PV} == 9999 ]]; then
+AUTOTOOLS_AUTORECONF=yes
+EGIT_REPO_URI="git://anongit.freedesktop.org/${PN}/${PN}
+	http://cgit.freedesktop.org/${PN}/${PN}/"
+
+inherit git-r3
+
+elif [[ ${PV} == *9999 ]]; then
+AUTOTOOLS_AUTORECONF=yes
+EGIT_REPO_URI="git://anongit.freedesktop.org/${PN}/${PN}-stable
+	http://cgit.freedesktop.org/${PN}/${PN}-stable/"
+EGIT_BRANCH=v${PV%%.*}-stable
+
+inherit git-r3
+fi
+
+AUTOTOOLS_PRUNE_LIBTOOL_FILES=all
+PYTHON_COMPAT=( python{2_7,3_2,3_3} )
+inherit autotools-utils bash-completion-r1 fcaps linux-info multilib \
+	multilib-minimal pam python-single-r1 systemd toolchain-funcs udev \
+	user
+
+DESCRIPTION="System and service manager for Linux"
+HOMEPAGE="http://www.freedesktop.org/wiki/Software/systemd"
+SRC_URI="http://www.freedesktop.org/software/systemd/${P}.tar.xz"
+
+LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
+SLOT="0/2"
+KEYWORDS="~alpha amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+IUSE="acl audit cryptsetup doc +firmware-loader gcrypt gudev http introspection
+	kdbus +kmod lzma pam policykit python qrcode +seccomp selinux ssl
+	test vanilla xattr openrc"
+
+MINKV="3.0"
+
+COMMON_DEPEND=">=sys-apps/util-linux-2.20:0=
+	sys-libs/libcap:0=
+	acl? ( sys-apps/acl:0= )
+	audit? ( >=sys-process/audit-2:0= )
+	cryptsetup? ( >=sys-fs/cryptsetup-1.6:0= )
+	gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0= )
+	gudev? ( dev-libs/glib:2=[${MULTILIB_USEDEP}] )
+	http? ( >=net-libs/libmicrohttpd-0.9.33:0= )
+	introspection? ( >=dev-libs/gobject-introspection-1.31.1:0= )
+	kmod? ( >=sys-apps/kmod-15:0= )
+	lzma? ( app-arch/xz-utils:0=[${MULTILIB_USEDEP}] )
+	pam? ( virtual/pam:= )
+	python? ( ${PYTHON_DEPS} )
+	qrcode? ( media-gfx/qrencode:0= )
+	seccomp? ( >=sys-libs/libseccomp-2.1:0= )
+	selinux? ( sys-libs/libselinux:0= )
+	ssl? ( >=net-libs/gnutls-3.1.4:0= )
+	xattr? ( sys-apps/attr:0= )
+	abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20130224-r9
+		!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] )"
+
+# baselayout-2.2 has /run
+RDEPEND="${COMMON_DEPEND}
+	>=sys-apps/baselayout-2.2
+	|| (
+		>=sys-apps/util-linux-2.22
+		<sys-apps/sysvinit-2.88-r4
+	)
+	!sys-auth/nss-myhostname
+	!<sys-libs/glibc-2.14
+	!sys-fs/udev"
+
+# sys-apps/daemon: the daemon only (+ build-time lib dep for tests)
+PDEPEND=">=sys-apps/dbus-1.6.8-r1:0
+	>=sys-apps/hwids-20130717-r1[udev]
+	openrc? ( >=sys-fs/udev-init-scripts-25 )
+	policykit? ( sys-auth/polkit )
+	!vanilla? ( sys-apps/gentoo-systemd-integration )"
+
+# Newer linux-headers needed by ia64, bug #480218
+DEPEND="${COMMON_DEPEND}
+	app-arch/xz-utils:0
+	dev-util/gperf
+	>=dev-util/intltool-0.50
+	>=sys-devel/binutils-2.23.1
+	>=sys-devel/gcc-4.6
+	>=sys-kernel/linux-headers-${MINKV}
+	ia64? ( >=sys-kernel/linux-headers-3.9 )
+	virtual/pkgconfig
+	doc? ( >=dev-util/gtk-doc-1.18 )
+	python? ( dev-python/lxml[${PYTHON_USEDEP}] )
+	test? ( >=sys-apps/dbus-1.6.8-r1:0 )"
+
+if [[ ${PV} == *9999 ]]; then
+DEPEND="${DEPEND}
+	app-text/docbook-xml-dtd:4.2
+	app-text/docbook-xml-dtd:4.5
+	app-text/docbook-xsl-stylesheets
+	dev-libs/libxslt:0
+	dev-libs/gobject-introspection
+	>=dev-libs/libgcrypt-1.4.5:0"
+
+SRC_URI=
+KEYWORDS=
+fi
+
+src_prepare() {
+if [[ ${PV} == *9999 ]]; then
+	if use doc; then
+		gtkdocize --docdir docs/ || die
+	else
+		echo 'EXTRA_DIST =' > docs/gtk-doc.make
+	fi
+fi
+	# fix networkd crash, https://bugs.gentoo.org/show_bug.cgi?id=507044
+	epatch "${FILESDIR}"/212-0001-sd-rtnl-fix-off-by-one.patch
+
+	# fix stuck jobs after daemon-reload
+	epatch "${FILESDIR}"/212-0002-job-add-waiting-jobs-to-run-queue-in-unit_coldplug.patch
+	epatch "${FILESDIR}"/212-0003-job-always-add-waiting-jobs-to-run-queue-during-cold.patch
+
+	# fix broken device dependencies after daemon-reload
+	epatch "${FILESDIR}"/212-0004-core-make-sure-to-serialize-jobs-for-all-units.patch
+
+	# stop scaring all our users with warnings about "X-Fleet"
+	epatch "${FILESDIR}"/212-0005-conf-parser-silently-ignore-sections-starting-with-X.patch
+
+	# patch to make journald work at first boot
+	epatch "${FILESDIR}"/211-tmpfiles.patch
+
+	# Bug 463376
+	sed -i -e 's/GROUP="dialout"/GROUP="uucp"/' rules/*.rules || die
+
+	autotools-utils_src_prepare
+}
+
+pkg_pretend() {
+	local CONFIG_CHECK="~AUTOFS4_FS ~BLK_DEV_BSG ~CGROUPS ~DEVTMPFS ~DMIID
+		~EPOLL ~FANOTIFY ~FHANDLE ~INOTIFY_USER ~IPV6 ~NET ~NET_NS ~PROC_FS
+		~SECCOMP ~SIGNALFD ~SYSFS ~TIMERFD
+		~!IDE ~!SYSFS_DEPRECATED ~!SYSFS_DEPRECATED_V2
+		~!GRKERNSEC_PROC"
+
+	use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL"
+	use pam && CONFIG_CHECK+=" ~AUDITSYSCALL"
+	use xattr && CONFIG_CHECK+=" ~TMPFS_XATTR"
+	kernel_is -lt 3 7 && CONFIG_CHECK+=" ~HOTPLUG"
+	use firmware-loader || CONFIG_CHECK+=" ~!FW_LOADER_USER_HELPER"
+
+	if linux_config_exists; then
+		local uevent_helper_path=$(linux_chkconfig_string UEVENT_HELPER_PATH)
+			if [ -n "${uevent_helper_path}" ] && [ "${uevent_helper_path}" != '""' ]; then
+				ewarn "It's recommended to set an empty value to the following kernel config option:"
+				ewarn "CONFIG_UEVENT_HELPER_PATH=${uevent_helper_path}"
+			fi
+	fi
+
+	if [[ ${MERGE_TYPE} != binary ]]; then
+		if [[ $(gcc-major-version) -lt 4
+			|| ( $(gcc-major-version) -eq 4 && $(gcc-minor-version) -lt 6 ) ]]
+		then
+			eerror "systemd requires at least gcc 4.6 to build. Please switch the active"
+			eerror "gcc version using gcc-config."
+			die "systemd requires at least gcc 4.6"
+		fi
+	fi
+
+	if [[ ${MERGE_TYPE} != buildonly ]]; then
+		if kernel_is -lt ${MINKV//./ }; then
+			ewarn "Kernel version at least ${MINKV} required"
+		fi
+
+		if ! use firmware-loader && kernel_is -lt 3 8; then
+			ewarn "You seem to be using kernel older than 3.8. Those kernel versions"
+			ewarn "require systemd with USE=firmware-loader to support loading"
+			ewarn "firmware. Missing this flag may cause some hardware not to work."
+		fi
+
+		check_extra_config
+	fi
+}
+
+pkg_setup() {
+	use python && python-single-r1_pkg_setup
+}
+
+multilib_src_configure() {
+	local myeconfargs=(
+		# disable -flto since it is an optimization flag
+		# and makes distcc less effective
+		cc_cv_CFLAGS__flto=no
+
+		--with-pamconfdir=/usr/share/pam.d
+		--with-dbuspolicydir=/usr/share/dbus-1/system.d
+		--disable-maintainer-mode
+		--localstatedir=/var
+		--with-pamlibdir=$(getpam_mod_dir)
+		# avoid bash-completion dep
+		--with-bashcompletiondir="$(get_bashcompdir)"
+		# make sure we get /bin:/sbin in $PATH
+		--enable-split-usr
+		# disable sysv compatibility
+		--with-sysvinit-path=
+		--with-sysvrcnd-path=
+		# no deps
+		--enable-efi
+		--enable-ima
+		# optional components/dependencies
+		$(use_enable acl)
+		$(use_enable audit)
+		$(use_enable cryptsetup libcryptsetup)
+		$(use_enable doc gtk-doc)
+		$(use_enable gcrypt)
+		$(use_enable gudev)
+		$(use_enable http microhttpd)
+		$(use_enable introspection)
+		$(use_enable kdbus)
+		$(use_enable kmod)
+		$(use_enable lzma xz)
+		$(use_enable pam)
+		$(use_enable policykit polkit)
+		$(use_with python)
+		$(use_enable python python-devel)
+		$(use_enable qrcode qrencode)
+		$(use_enable seccomp)
+		$(use_enable selinux)
+		$(use_enable ssl gnutls)
+		$(use_enable test tests)
+		$(use_enable xattr)
+
+		# not supported (avoid automagic deps in the future)
+		--disable-chkconfig
+
+		# hardcode a few paths to spare some deps
+		QUOTAON=/usr/sbin/quotaon
+		QUOTACHECK=/usr/sbin/quotacheck
+	)
+
+	# Keep using the one where the rules were installed.
+	MY_UDEVDIR=$(get_udevdir)
+
+	if use firmware-loader; then
+		myeconfargs+=(
+			--with-firmware-path="/lib/firmware/updates:/lib/firmware"
+		)
+	fi
+
+	# Added for testing; this is UNSUPPORTED by the Gentoo systemd team!
+	if [[ -n ${ROOTPREFIX+set} ]]; then
+		myeconfargs+=(
+			--with-rootprefix="${ROOTPREFIX}"
+			--with-rootlibdir="${ROOTPREFIX}/$(get_libdir)"
+		)
+	fi
+
+	if ! multilib_is_native_abi; then
+		myeconfargs+=(
+			ac_cv_search_cap_init=
+			ac_cv_header_sys_capability_h=yes
+			DBUS_CFLAGS=' '
+			DBUS_LIBS=' '
+
+			--disable-acl
+			--disable-audit
+			--disable-gcrypt
+			--disable-gnutls
+			--disable-gtk-doc
+			--disable-introspection
+			--disable-kmod
+			--disable-libcryptsetup
+			--disable-microhttpd
+			--disable-networkd
+			--disable-pam
+			--disable-polkit
+			--disable-qrencode
+			--disable-seccomp
+			--disable-selinux
+			--disable-tests
+			--disable-xattr
+			--disable-xz
+			--disable-python-devel
+		)
+	fi
+
+	# Work around bug 463846.
+	tc-export CC
+
+	autotools-utils_src_configure
+}
+
+multilib_src_compile() {
+	local mymakeopts=(
+		udevlibexecdir="${MY_UDEVDIR}"
+	)
+
+	if multilib_is_native_abi; then
+		emake "${mymakeopts[@]}"
+	else
+		# prerequisites for gudev
+		use gudev && emake src/gudev/gudev{enumtypes,marshal}.{c,h}
+
+		echo 'gentoo: $(BUILT_SOURCES)' | \
+		emake "${mymakeopts[@]}" -f Makefile -f - gentoo
+		echo 'gentoo: $(lib_LTLIBRARIES) $(pkgconfiglib_DATA)' | \
+		emake "${mymakeopts[@]}" -f Makefile -f - gentoo
+	fi
+}
+
+multilib_src_test() {
+	multilib_is_native_abi || continue
+
+	default
+}
+
+multilib_src_install() {
+	local mymakeopts=(
+		# automake fails with parallel libtool relinking
+		# https://bugs.gentoo.org/show_bug.cgi?id=491398
+		-j1
+
+		udevlibexecdir="${MY_UDEVDIR}"
+		dist_udevhwdb_DATA=
+		DESTDIR="${D}"
+	)
+
+	if multilib_is_native_abi; then
+		emake "${mymakeopts[@]}" install
+	else
+		mymakeopts+=(
+			install-libLTLIBRARIES
+			install-pkgconfiglibDATA
+			install-includeHEADERS
+			# safe to call unconditionally, 'installs' empty list
+			install-libgudev_includeHEADERS
+			install-pkgincludeHEADERS
+		)
+
+		emake "${mymakeopts[@]}"
+	fi
+
+	# install compat pkg-config files
+	local pcfiles=( src/compat-libs/libsystemd-{daemon,id128,journal,login}.pc )
+	emake "${mymakeopts[@]}" install-pkgconfiglibDATA \
+		pkgconfiglib_DATA="${pcfiles[*]}"
+}
+
+multilib_src_install_all() {
+	prune_libtool_files --modules
+	einstalldocs
+
+	# we just keep sysvinit tools, so no need for the mans
+	rm "${D}"/usr/share/man/man8/{halt,poweroff,reboot,runlevel,shutdown,telinit}.8 \
+		|| die
+	rm "${D}"/usr/share/man/man1/init.1 || die
+
+	# Disable storing coredumps in journald, bug #433457
+	mv "${D}"/usr/lib/sysctl.d/50-coredump.conf{,.disabled} || die
+
+	systemd_dotmpfilesd "${FILESDIR}"/systemd-coreos.conf
+
+	# Don't default to graphical.target
+	rm "${D}"/usr/lib/systemd/system/default.target || die
+	dosym multi-user.target /usr/lib/systemd/system/default.target
+
+	# Move a few services enabled in /etc to /usr
+	rm "${D}"/etc/systemd/system/getty.target.wants/getty@tty1.service || die
+	rmdir "${D}"/etc/systemd/system/getty.target.wants || die
+	dosym ../getty@.service /usr/lib/systemd/system/getty.target.wants/getty@tty1.service
+
+	rm "${D}"/etc/systemd/system/multi-user.target.wants/remote-fs.target \
+		"${D}"/etc/systemd/system/multi-user.target.wants/systemd-networkd.service \
+		|| die
+	rmdir "${D}"/etc/systemd/system/multi-user.target.wants || die
+	systemd_enable_service multi-user.target remote-fs.target
+	systemd_enable_service multi-user.target systemd-networkd.service
+}
+
+migrate_locale() {
+	local envd_locale_def="${EROOT%/}/etc/env.d/02locale"
+	local envd_locale=( "${EROOT%/}"/etc/env.d/??locale )
+	local locale_conf="${EROOT%/}/etc/locale.conf"
+
+	if [[ ! -L ${locale_conf} && ! -e ${locale_conf} ]]; then
+		# If locale.conf does not exist...
+		if [[ -e ${envd_locale} ]]; then
+			# ...either copy env.d/??locale if there's one
+			ebegin "Moving ${envd_locale} to ${locale_conf}"
+			mv "${envd_locale}" "${locale_conf}"
+			eend ${?} || FAIL=1
+		else
+			# ...or create a dummy default
+			ebegin "Creating ${locale_conf}"
+			cat > "${locale_conf}" <<-EOF
+				# This file has been created by the sys-apps/systemd ebuild.
+				# See locale.conf(5) and localectl(1).
+
+				# LANG=${LANG}
+			EOF
+			eend ${?} || FAIL=1
+		fi
+	fi
+
+	if [[ ! -L ${envd_locale} ]]; then
+		# now, if env.d/??locale is not a symlink (to locale.conf)...
+		if [[ -e ${envd_locale} ]]; then
+			# ...warn the user that he has duplicate locale settings
+			ewarn
+			ewarn "To ensure consistent behavior, you should replace ${envd_locale}"
+			ewarn "with a symlink to ${locale_conf}. Please migrate your settings"
+			ewarn "and create the symlink with the following command:"
+			ewarn "ln -s -n -f ../locale.conf ${envd_locale}"
+			ewarn
+		else
+			# ...or just create the symlink if there's nothing here
+			ebegin "Creating ${envd_locale_def} -> ../locale.conf symlink"
+			ln -n -s ../locale.conf "${envd_locale_def}"
+			eend ${?} || FAIL=1
+		fi
+	fi
+}
+
+migrate_net_name_slot() {
+	# If user has disabled 80-net-name-slot.rules using a empty file or a symlink to /dev/null,
+	# do the same for 80-net-setup-link.rules to keep the old behavior
+	local net_move=no
+	local net_name_slot_sym=no
+	local net_rules_path="${EROOT%/}"/etc/udev/rules.d
+	local net_name_slot="${net_rules_path}"/80-net-name-slot.rules
+	local net_setup_link="${net_rules_path}"/80-net-setup-link.rules
+	if [[ -e ${net_setup_link} ]]; then
+		net_move=no
+	elif [[ -f ${net_name_slot} && $(sed -e "/^#/d" -e "/^\W*$/d" ${net_name_slot} | wc -l) == 0 ]]; then
+		net_move=yes
+	elif [[ -L ${net_name_slot} && $(readlink ${net_name_slot}) == /dev/null ]]; then
+		net_move=yes
+		net_name_slot_sym=yes
+	fi
+	if [[ ${net_move} == yes ]]; then
+		ebegin "Copying ${net_name_slot} to ${net_setup_link}"
+
+		if [[ ${net_name_slot_sym} == yes ]]; then
+			ln -nfs /dev/null "${net_setup_link}"
+		else
+			cp "${net_name_slot}" "${net_setup_link}"
+		fi
+		eend $? || FAIL=1
+	fi
+}
+
+pkg_postinst() {
+	enewgroup systemd-journal
+	if use http; then
+		enewgroup systemd-journal-gateway
+		enewuser systemd-journal-gateway -1 -1 -1 systemd-journal-gateway
+	fi
+	systemd_update_catalog
+
+	# Keep this here in case the database format changes so it gets updated
+	# when required. Despite that this file is owned by sys-apps/hwids.
+	if has_version "sys-apps/hwids[udev]"; then
+		udevadm hwdb --update --root="${ROOT%/}"
+	fi
+
+	udev_reload || FAIL=1
+
+	# Bug 468876
+	fcaps cap_dac_override,cap_sys_ptrace=ep usr/bin/systemd-detect-virt
+
+	# Bug 465468, make sure locales are respect, and ensure consistency
+	# between OpenRC & systemd
+	migrate_locale
+
+	# Migrate 80-net-name-slot.rules -> 80-net-setup-link.rules
+	migrate_net_name_slot
+
+	if [[ ${FAIL} ]]; then
+		eerror "One of the postinst commands failed. Please check the postinst output"
+		eerror "for errors. You may need to clean up your system and/or try installing"
+		eerror "systemd again."
+		eerror
+	fi
+
+	if [[ ! -L "${ROOT}"/etc/mtab ]]; then
+		ewarn "Upstream mandates the /etc/mtab file should be a symlink to /proc/mounts."
+		ewarn "Not having it is not supported by upstream and will cause tools like 'df'"
+		ewarn "and 'mount' to not work properly. Please run:"
+		ewarn "	# ln -sf '${ROOT}proc/self/mounts' '${ROOT}etc/mtab'"
+		ewarn
+	fi
+
+	if ! has_version sys-apps/systemd-ui; then
+		elog "To get additional features, a number of optional runtime dependencies may"
+		elog "be installed:"
+		elog "- sys-apps/systemd-ui: for GTK+ systemadm UI and gnome-ask-password-agent"
+	fi
+}
+
+pkg_prerm() {
+	# If removing systemd completely, remove the catalog database.
+	if [[ ! ${REPLACED_BY_VERSION} ]]; then
+		rm -f -v "${EROOT}"/var/lib/systemd/catalog/database
+	fi
+}
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-213-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-213-r2.ebuild
index 19842a3433..efaa1e1913 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-213-r2.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-213-r2.ebuild
@@ -32,7 +32,7 @@ SRC_URI="http://www.freedesktop.org/software/systemd/${P}.tar.xz"
 
 LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
 SLOT="0/2"
-KEYWORDS="~alpha amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86"
 IUSE="acl audit cryptsetup doc +firmware-loader gcrypt gudev http introspection
 	kdbus +kmod lzma pam policykit python qrcode +seccomp selinux ssl
 	test xattr"

From 061d36aa8da9f22e8ee6d3757499917b994926a8 Mon Sep 17 00:00:00 2001
From: Michael Marineau <michael.marineau@coreos.com>
Date: Sat, 14 Jun 2014 21:33:26 -0700
Subject: [PATCH 2/4] fix(sys-apps/systemd): Add resolv.conf, remove
 gentoo-integration

This backports commits 18e58b3e9b and 8577b6480b1 from 213 to 212.
---
 .../{systemd-212-r8.ebuild => systemd-212-r9.ebuild}       | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)
 rename sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/{systemd-212-r8.ebuild => systemd-212-r9.ebuild} (98%)

diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-212-r8.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-212-r9.ebuild
similarity index 98%
rename from sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-212-r8.ebuild
rename to sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-212-r9.ebuild
index 8bf6cc6da6..9b013b9153 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-212-r8.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-212-r9.ebuild
@@ -35,7 +35,7 @@ SLOT="0/2"
 KEYWORDS="~alpha amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86"
 IUSE="acl audit cryptsetup doc +firmware-loader gcrypt gudev http introspection
 	kdbus +kmod lzma pam policykit python qrcode +seccomp selinux ssl
-	test vanilla xattr openrc"
+	test xattr"
 
 MINKV="3.0"
 
@@ -74,9 +74,7 @@ RDEPEND="${COMMON_DEPEND}
 # sys-apps/daemon: the daemon only (+ build-time lib dep for tests)
 PDEPEND=">=sys-apps/dbus-1.6.8-r1:0
 	>=sys-apps/hwids-20130717-r1[udev]
-	openrc? ( >=sys-fs/udev-init-scripts-25 )
-	policykit? ( sys-auth/polkit )
-	!vanilla? ( sys-apps/gentoo-systemd-integration )"
+	policykit? ( sys-auth/polkit )"
 
 # Newer linux-headers needed by ia64, bug #480218
 DEPEND="${COMMON_DEPEND}
@@ -358,6 +356,7 @@ multilib_src_install_all() {
 	mv "${D}"/usr/lib/sysctl.d/50-coredump.conf{,.disabled} || die
 
 	systemd_dotmpfilesd "${FILESDIR}"/systemd-coreos.conf
+	systemd_newtmpfilesd "${FILESDIR}"/213-systemd-resolv.conf systemd-resolv.conf
 
 	# Don't default to graphical.target
 	rm "${D}"/usr/lib/systemd/system/default.target || die

From 9b73b29eafd557c22bccbef21575578c92bd7a9e Mon Sep 17 00:00:00 2001
From: Michael Marineau <michael.marineau@coreos.com>
Date: Sat, 14 Jun 2014 15:23:38 -0700
Subject: [PATCH 3/4] chore(sys-apps/systemd): Sync live ebuild with upstream
 changes.

Only important thing here is that xattr support is now enabled by
default and the libattr dependency is gone. Previously CoreOS didn't
have the feature enabled.
---
 .../sys-apps/systemd/systemd-9999.ebuild      | 29 +++++++++----------
 1 file changed, 14 insertions(+), 15 deletions(-)

diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-9999.ebuild
index a63b3a0005..822555791b 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-9999.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-9999.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/systemd/systemd-9999.ebuild,v 1.114 2014/06/11 15:13:06 floppym Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/systemd/systemd-9999.ebuild,v 1.115 2014/06/14 16:33:20 floppym Exp $
 
 EAPI=5
 
@@ -35,7 +35,7 @@ SLOT="0/2"
 KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86"
 IUSE="acl audit cryptsetup doc +firmware-loader gcrypt gudev http introspection
 	kdbus +kmod lzma pam policykit python qrcode +seccomp selinux ssl
-	test xattr"
+	test"
 
 MINKV="3.10"
 
@@ -58,7 +58,6 @@ COMMON_DEPEND=">=sys-apps/util-linux-2.20:0=
 	qrcode? ( media-gfx/qrencode:0= )
 	seccomp? ( >=sys-libs/libseccomp-2.1:0= )
 	selinux? ( sys-libs/libselinux:0= )
-	xattr? ( sys-apps/attr:0= )
 	abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20130224-r9
 		!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] )"
 
@@ -121,12 +120,11 @@ fi
 pkg_pretend() {
 	local CONFIG_CHECK="~AUTOFS4_FS ~BLK_DEV_BSG ~CGROUPS ~DEVTMPFS ~DMIID
 		~EPOLL ~FANOTIFY ~FHANDLE ~INOTIFY_USER ~IPV6 ~NET ~NET_NS ~PROC_FS
-		~SECCOMP ~SIGNALFD ~SYSFS ~TIMERFD
+		~SECCOMP ~SIGNALFD ~SYSFS ~TIMERFD ~TMPFS_XATTR
 		~!IDE ~!SYSFS_DEPRECATED ~!SYSFS_DEPRECATED_V2
 		~!GRKERNSEC_PROC"
 
 	use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL"
-	use xattr && CONFIG_CHECK+=" ~TMPFS_XATTR"
 	kernel_is -lt 3 7 && CONFIG_CHECK+=" ~HOTPLUG"
 	use firmware-loader || CONFIG_CHECK+=" ~!FW_LOADER_USER_HELPER"
 
@@ -217,7 +215,6 @@ multilib_src_configure() {
 		$(use_enable seccomp)
 		$(use_enable selinux)
 		$(use_enable test tests)
-		$(use_enable xattr)
 
 		# not supported (avoid automagic deps in the future)
 		--disable-chkconfig
@@ -273,7 +270,6 @@ multilib_src_configure() {
 			--disable-selinux
 			--disable-timesyncd
 			--disable-tests
-			--disable-xattr
 			--disable-xz
 			--disable-python-devel
 		)
@@ -452,15 +448,18 @@ migrate_net_name_slot() {
 }
 
 pkg_postinst() {
+	newusergroup() {
+		enewgroup "$1"
+		enewuser "$1" -1 -1 -1 "$1"
+	}
+
 	enewgroup systemd-journal
-	enewgroup systemd-network
-	enewuser systemd-network -1 -1 -1 systemd-network
-	enewgroup systemd-timesync
-	enewuser systemd-timesync -1 -1 -1 systemd-timesync
-	if use http; then
-		enewgroup systemd-journal-gateway
-		enewuser systemd-journal-gateway -1 -1 -1 systemd-journal-gateway
-	fi
+	newusergroup systemd-bus-proxy
+	newusergroup systemd-network
+	newusergroup systemd-resolve
+	newusergroup systemd-timesync
+	use http && newusergroup systemd-journal-gateway
+
 	systemd_update_catalog
 
 	# Keep this here in case the database format changes so it gets updated

From 61f61d6479dcd2b13e63f0da3b97e424d4a9e8bb Mon Sep 17 00:00:00 2001
From: Michael Marineau <michael.marineau@coreos.com>
Date: Sat, 14 Jun 2014 15:35:51 -0700
Subject: [PATCH 4/4] bump(sys-apps/systemd): Add version 214 for testing

Features the same issues that currently block using 213 but here for
testing purposes.
---
 ...ching-for-configs-in-alternate-roots.patch | 169 ++++++
 .../sys-apps/systemd/systemd-214.ebuild       | 512 ++++++++++++++++++
 2 files changed, 681 insertions(+)
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/214-0001-shared-fix-searching-for-configs-in-alternate-roots.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-214.ebuild

diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/214-0001-shared-fix-searching-for-configs-in-alternate-roots.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/214-0001-shared-fix-searching-for-configs-in-alternate-roots.patch
new file mode 100644
index 0000000000..710e991688
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/214-0001-shared-fix-searching-for-configs-in-alternate-roots.patch
@@ -0,0 +1,169 @@
+From 7171a436771c02a75b6dd74b4ff9473d4d831e70 Mon Sep 17 00:00:00 2001
+From: Michael Marineau <michael.marineau@coreos.com>
+Date: Thu, 29 May 2014 10:59:42 -0700
+Subject: [PATCH] shared: fix searching for configs in alternate roots
+
+Commit 12ed81d9 changed path_strv_canonicalize_absolute's behavior to
+return a directory list without the root prefix if one was given but did
+not update other users of the function to the new behavior. This broke
+the --root option in systemd-tmpfiles, a regression in v213.
+
+To better reflect that path_strv_canonicalize_absolute does not return
+fully resolved paths any more as canonicalize may imply it is now simply
+called path_strv_cleanup.
+---
+ src/shared/conf-files.c  | 18 +++++++++++++-----
+ src/shared/path-lookup.c |  6 +++---
+ src/shared/path-util.c   |  6 +++---
+ src/shared/path-util.h   |  4 ++--
+ src/shared/util.c        |  7 +++++--
+ 5 files changed, 26 insertions(+), 15 deletions(-)
+
+diff --git a/src/shared/conf-files.c b/src/shared/conf-files.c
+index 5201782..6f1dc7f 100644
+--- a/src/shared/conf-files.c
++++ b/src/shared/conf-files.c
+@@ -37,10 +37,18 @@
+ #include "hashmap.h"
+ #include "conf-files.h"
+ 
+-static int files_add(Hashmap *h, const char *dirpath, const char *suffix) {
++static int files_add(Hashmap *h, const char *dirpath, const char *suffix, const char *root) {
+         _cleanup_closedir_ DIR *dir = NULL;
++        _cleanup_free_ char *fullpath = NULL;
+ 
+-        dir = opendir(dirpath);
++        if (root)
++                fullpath = strappend(root, dirpath);
++        else
++                fullpath = strdup(dirpath);
++        if (!fullpath)
++                return -ENOMEM;
++
++        dir = opendir(fullpath);
+         if (!dir) {
+                 if (errno == ENOENT)
+                         return 0;
+@@ -63,7 +71,7 @@ static int files_add(Hashmap *h, const char *dirpath, const char *suffix) {
+                 if (!dirent_is_file_with_suffix(de, suffix))
+                         continue;
+ 
+-                p = strjoin(dirpath, "/", de->d_name, NULL);
++                p = strjoin(fullpath, "/", de->d_name, NULL);
+                 if (!p)
+                         return -ENOMEM;
+ 
+@@ -100,7 +108,7 @@ static int conf_files_list_strv_internal(char ***strv, const char *suffix, const
+         assert(suffix);
+ 
+         /* This alters the dirs string array */
+-        if (!path_strv_canonicalize_absolute_uniq(dirs, root))
++        if (!path_strv_cleanup_uniq(dirs, root))
+                 return -ENOMEM;
+ 
+         fh = hashmap_new(string_hash_func, string_compare_func);
+@@ -108,7 +116,7 @@ static int conf_files_list_strv_internal(char ***strv, const char *suffix, const
+                 return -ENOMEM;
+ 
+         STRV_FOREACH(p, dirs) {
+-                r = files_add(fh, *p, suffix);
++                r = files_add(fh, *p, suffix, root);
+                 if (r == -ENOMEM) {
+                         hashmap_free_free(fh);
+                         return r;
+diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c
+index e072fd6..1a497f9 100644
+--- a/src/shared/path-lookup.c
++++ b/src/shared/path-lookup.c
+@@ -284,7 +284,7 @@ int lookup_paths_init(
+                 }
+         }
+ 
+-        if (!path_strv_canonicalize_absolute_uniq(p->unit_path, root_dir))
++        if (!path_strv_cleanup_uniq(p->unit_path, root_dir))
+                 return -ENOMEM;
+ 
+         if (!strv_isempty(p->unit_path)) {
+@@ -338,10 +338,10 @@ int lookup_paths_init(
+                                 return -ENOMEM;
+                 }
+ 
+-                if (!path_strv_canonicalize_absolute_uniq(p->sysvinit_path, root_dir))
++                if (!path_strv_cleanup_uniq(p->sysvinit_path, root_dir))
+                         return -ENOMEM;
+ 
+-                if (!path_strv_canonicalize_absolute_uniq(p->sysvrcnd_path, root_dir))
++                if (!path_strv_cleanup_uniq(p->sysvrcnd_path, root_dir))
+                         return -ENOMEM;
+ 
+                 if (!strv_isempty(p->sysvinit_path)) {
+diff --git a/src/shared/path-util.c b/src/shared/path-util.c
+index 5863429..37490be 100644
+--- a/src/shared/path-util.c
++++ b/src/shared/path-util.c
+@@ -238,7 +238,7 @@ char **path_strv_make_absolute_cwd(char **l) {
+         return l;
+ }
+ 
+-char **path_strv_canonicalize_absolute(char **l, const char *prefix) {
++char **path_strv_cleanup(char **l, const char *prefix) {
+         char **s;
+         unsigned k = 0;
+         bool enomem = false;
+@@ -323,12 +323,12 @@ char **path_strv_canonicalize_absolute(char **l, const char *prefix) {
+         return l;
+ }
+ 
+-char **path_strv_canonicalize_absolute_uniq(char **l, const char *prefix) {
++char **path_strv_cleanup_uniq(char **l, const char *prefix) {
+ 
+         if (strv_isempty(l))
+                 return l;
+ 
+-        if (!path_strv_canonicalize_absolute(l, prefix))
++        if (!path_strv_cleanup(l, prefix))
+                 return NULL;
+ 
+         return strv_uniq(l);
+diff --git a/src/shared/path-util.h b/src/shared/path-util.h
+index 6882d78..b523bcc 100644
+--- a/src/shared/path-util.h
++++ b/src/shared/path-util.h
+@@ -47,8 +47,8 @@ char* path_startswith(const char *path, const char *prefix) _pure_;
+ bool path_equal(const char *a, const char *b) _pure_;
+ 
+ char** path_strv_make_absolute_cwd(char **l);
+-char** path_strv_canonicalize_absolute(char **l, const char *prefix);
+-char** path_strv_canonicalize_absolute_uniq(char **l, const char *prefix);
++char** path_strv_cleanup(char **l, const char *prefix);
++char** path_strv_cleanup_uniq(char **l, const char *prefix);
+ 
+ int path_is_mount_point(const char *path, bool allow_symlink);
+ int path_is_read_only_fs(const char *path);
+diff --git a/src/shared/util.c b/src/shared/util.c
+index 91cbf20..429a775 100644
+--- a/src/shared/util.c
++++ b/src/shared/util.c
+@@ -5691,14 +5691,17 @@ static int search_and_fopen_internal(const char *path, const char *mode, const c
+         assert(mode);
+         assert(_f);
+ 
+-        if (!path_strv_canonicalize_absolute_uniq(search, root))
++        if (!path_strv_cleanup_uniq(search, root))
+                 return -ENOMEM;
+ 
+         STRV_FOREACH(i, search) {
+                 _cleanup_free_ char *p = NULL;
+                 FILE *f;
+ 
+-                p = strjoin(*i, "/", path, NULL);
++                if (root)
++                        p = strjoin(root, *i, "/", path, NULL);
++                else
++                        p = strjoin(*i, "/", path, NULL);
+                 if (!p)
+                         return -ENOMEM;
+ 
+-- 
+1.8.5.5
+
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-214.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-214.ebuild
new file mode 100644
index 0000000000..7155f5c9a8
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-214.ebuild
@@ -0,0 +1,512 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/systemd/systemd-9999.ebuild,v 1.115 2014/06/14 16:33:20 floppym Exp $
+
+EAPI=5
+
+if [[ ${PV} == 9999 ]]; then
+AUTOTOOLS_AUTORECONF=yes
+EGIT_REPO_URI="git://anongit.freedesktop.org/${PN}/${PN}
+	http://cgit.freedesktop.org/${PN}/${PN}/"
+
+inherit git-r3
+
+elif [[ ${PV} == *9999 ]]; then
+AUTOTOOLS_AUTORECONF=yes
+EGIT_REPO_URI="git://anongit.freedesktop.org/${PN}/${PN}-stable
+	http://cgit.freedesktop.org/${PN}/${PN}-stable/"
+EGIT_BRANCH=v${PV%%.*}-stable
+
+inherit git-r3
+fi
+
+AUTOTOOLS_PRUNE_LIBTOOL_FILES=all
+PYTHON_COMPAT=( python{2_7,3_2,3_3} )
+inherit autotools-utils bash-completion-r1 fcaps linux-info multilib \
+	multilib-minimal pam python-single-r1 systemd toolchain-funcs udev \
+	user
+
+DESCRIPTION="System and service manager for Linux"
+HOMEPAGE="http://www.freedesktop.org/wiki/Software/systemd"
+SRC_URI="http://www.freedesktop.org/software/systemd/${P}.tar.xz"
+
+LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
+SLOT="0/2"
+KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+IUSE="acl audit cryptsetup doc +firmware-loader gcrypt gudev http introspection
+	kdbus +kmod lzma pam policykit python qrcode +seccomp selinux ssl
+	test"
+
+MINKV="3.10"
+
+COMMON_DEPEND=">=sys-apps/util-linux-2.20:0=
+	sys-libs/libcap:0=
+	acl? ( sys-apps/acl:0= )
+	audit? ( >=sys-process/audit-2:0= )
+	cryptsetup? ( >=sys-fs/cryptsetup-1.6:0= )
+	gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0= )
+	gudev? ( dev-libs/glib:2=[${MULTILIB_USEDEP}] )
+	http? (
+		>=net-libs/libmicrohttpd-0.9.33:0=
+		ssl? ( >=net-libs/gnutls-3.1.4:0= )
+	)
+	introspection? ( >=dev-libs/gobject-introspection-1.31.1:0= )
+	kmod? ( >=sys-apps/kmod-15:0= )
+	lzma? ( app-arch/xz-utils:0=[${MULTILIB_USEDEP}] )
+	pam? ( virtual/pam:= )
+	python? ( ${PYTHON_DEPS} )
+	qrcode? ( media-gfx/qrencode:0= )
+	seccomp? ( >=sys-libs/libseccomp-2.1:0= )
+	selinux? ( sys-libs/libselinux:0= )
+	abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20130224-r9
+		!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] )"
+
+# baselayout-2.2 has /run
+RDEPEND="${COMMON_DEPEND}
+	>=sys-apps/baselayout-2.2
+	|| (
+		>=sys-apps/util-linux-2.22
+		<sys-apps/sysvinit-2.88-r4
+	)
+	!sys-auth/nss-myhostname
+	!<sys-libs/glibc-2.14
+	!sys-fs/udev"
+
+# sys-apps/daemon: the daemon only (+ build-time lib dep for tests)
+PDEPEND=">=sys-apps/dbus-1.6.8-r1:0
+	>=sys-apps/hwids-20130717-r1[udev]
+	policykit? ( sys-auth/polkit )"
+
+DEPEND="${COMMON_DEPEND}
+	app-arch/xz-utils:0
+	dev-util/gperf
+	>=dev-util/intltool-0.50
+	>=sys-devel/binutils-2.23.1
+	>=sys-devel/gcc-4.6
+	>=sys-kernel/linux-headers-${MINKV}
+	virtual/pkgconfig
+	doc? ( >=dev-util/gtk-doc-1.18 )
+	python? ( dev-python/lxml[${PYTHON_USEDEP}] )
+	test? ( >=sys-apps/dbus-1.6.8-r1:0 )"
+
+if [[ ${PV} == *9999 ]]; then
+DEPEND="${DEPEND}
+	app-text/docbook-xml-dtd:4.2
+	app-text/docbook-xml-dtd:4.5
+	app-text/docbook-xsl-stylesheets
+	dev-libs/libxslt:0
+	dev-libs/gobject-introspection
+	>=dev-libs/libgcrypt-1.4.5:0"
+
+SRC_URI=
+KEYWORDS=
+fi
+
+src_prepare() {
+if [[ ${PV} == *9999 ]]; then
+	if use doc; then
+		gtkdocize --docdir docs/ || die
+	else
+		echo 'EXTRA_DIST =' > docs/gtk-doc.make
+	fi
+fi
+	# fix regression in systemd-tmpfiles
+	epatch "${FILESDIR}"/214-0001-shared-fix-searching-for-configs-in-alternate-roots.patch
+
+	# Bug 463376
+	sed -i -e 's/GROUP="dialout"/GROUP="uucp"/' rules/*.rules || die
+
+	autotools-utils_src_prepare
+}
+
+pkg_pretend() {
+	local CONFIG_CHECK="~AUTOFS4_FS ~BLK_DEV_BSG ~CGROUPS ~DEVTMPFS ~DMIID
+		~EPOLL ~FANOTIFY ~FHANDLE ~INOTIFY_USER ~IPV6 ~NET ~NET_NS ~PROC_FS
+		~SECCOMP ~SIGNALFD ~SYSFS ~TIMERFD ~TMPFS_XATTR
+		~!IDE ~!SYSFS_DEPRECATED ~!SYSFS_DEPRECATED_V2
+		~!GRKERNSEC_PROC"
+
+	use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL"
+	kernel_is -lt 3 7 && CONFIG_CHECK+=" ~HOTPLUG"
+	use firmware-loader || CONFIG_CHECK+=" ~!FW_LOADER_USER_HELPER"
+
+	if linux_config_exists; then
+		local uevent_helper_path=$(linux_chkconfig_string UEVENT_HELPER_PATH)
+			if [ -n "${uevent_helper_path}" ] && [ "${uevent_helper_path}" != '""' ]; then
+				ewarn "It's recommended to set an empty value to the following kernel config option:"
+				ewarn "CONFIG_UEVENT_HELPER_PATH=${uevent_helper_path}"
+			fi
+	fi
+
+	if [[ ${MERGE_TYPE} != binary ]]; then
+		if [[ $(gcc-major-version) -lt 4
+			|| ( $(gcc-major-version) -eq 4 && $(gcc-minor-version) -lt 6 ) ]]
+		then
+			eerror "systemd requires at least gcc 4.6 to build. Please switch the active"
+			eerror "gcc version using gcc-config."
+			die "systemd requires at least gcc 4.6"
+		fi
+	fi
+
+	if [[ ${MERGE_TYPE} != buildonly ]]; then
+		if kernel_is -lt ${MINKV//./ }; then
+			ewarn "Kernel version at least ${MINKV} required"
+		fi
+
+		if ! use firmware-loader && kernel_is -lt 3 8; then
+			ewarn "You seem to be using kernel older than 3.8. Those kernel versions"
+			ewarn "require systemd with USE=firmware-loader to support loading"
+			ewarn "firmware. Missing this flag may cause some hardware not to work."
+		fi
+
+		check_extra_config
+	fi
+}
+
+pkg_setup() {
+	use python && python-single-r1_pkg_setup
+}
+
+src_configure() {
+	# Keep using the one where the rules were installed.
+	MY_UDEVDIR=$(get_udevdir)
+	# Fix systems broken by bug #509454.
+	[[ ${MY_UDEVDIR} ]] || MY_UDEVDIR=/lib/udev
+
+	multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+	local myeconfargs=(
+		# disable -flto since it is an optimization flag
+		# and makes distcc less effective
+		cc_cv_CFLAGS__flto=no
+
+		--with-pamconfdir=/usr/share/pam.d
+		--disable-maintainer-mode
+		--localstatedir=/var
+		--with-pamlibdir=$(getpam_mod_dir)
+		# avoid bash-completion dep
+		--with-bashcompletiondir="$(get_bashcompdir)"
+		# make sure we get /bin:/sbin in $PATH
+		--enable-split-usr
+		# disable sysv compatibility
+		--with-sysvinit-path=
+		--with-sysvrcnd-path=
+		# no deps
+		--enable-efi
+		--enable-ima
+		# optional components/dependencies
+		$(use_enable acl)
+		$(use_enable audit)
+		$(use_enable cryptsetup libcryptsetup)
+		$(use_enable doc gtk-doc)
+		$(use_enable gcrypt)
+		$(use_enable gudev)
+		$(use_enable http microhttpd)
+		$(usex http $(use_enable ssl gnutls) --disable-gnutls)
+		$(use_enable introspection)
+		$(use_enable kdbus)
+		$(use_enable kmod)
+		$(use_enable lzma xz)
+		$(use_enable pam)
+		$(use_enable policykit polkit)
+		$(use_with python)
+		$(use_enable python python-devel)
+		$(use_enable qrcode qrencode)
+		$(use_enable seccomp)
+		$(use_enable selinux)
+		$(use_enable test tests)
+
+		# not supported (avoid automagic deps in the future)
+		--disable-chkconfig
+
+		# hardcode a few paths to spare some deps
+		QUOTAON=/usr/sbin/quotaon
+		QUOTACHECK=/usr/sbin/quotacheck
+
+		# dbus paths
+		--with-dbuspolicydir="${EPREFIX}/usr/share/dbus-1/system.d"
+		--with-dbussessionservicedir="${EPREFIX}/usr/share/dbus-1/services"
+		--with-dbussystemservicedir="${EPREFIX}/usr/share/dbus-1/system-services"
+		--with-dbusinterfacedir="${EPREFIX}/usr/share/dbus-1/interfaces"
+
+		--with-ntp-servers="0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org"
+	)
+
+	if use firmware-loader; then
+		myeconfargs+=(
+			--with-firmware-path="/lib/firmware/updates:/lib/firmware"
+		)
+	fi
+
+	# Added for testing; this is UNSUPPORTED by the Gentoo systemd team!
+	if [[ -n ${ROOTPREFIX+set} ]]; then
+		myeconfargs+=(
+			--with-rootprefix="${ROOTPREFIX}"
+			--with-rootlibdir="${ROOTPREFIX}/$(get_libdir)"
+		)
+	fi
+
+	if ! multilib_is_native_abi; then
+		myeconfargs+=(
+			ac_cv_search_cap_init=
+			ac_cv_header_sys_capability_h=yes
+			DBUS_CFLAGS=' '
+			DBUS_LIBS=' '
+
+			--disable-acl
+			--disable-audit
+			--disable-gcrypt
+			--disable-gnutls
+			--disable-gtk-doc
+			--disable-introspection
+			--disable-kmod
+			--disable-libcryptsetup
+			--disable-microhttpd
+			--disable-networkd
+			--disable-pam
+			--disable-polkit
+			--disable-qrencode
+			--disable-seccomp
+			--disable-selinux
+			--disable-timesyncd
+			--disable-tests
+			--disable-xz
+			--disable-python-devel
+		)
+	fi
+
+	# Work around bug 463846.
+	tc-export CC
+
+	autotools-utils_src_configure
+}
+
+multilib_src_compile() {
+	local mymakeopts=(
+		udevlibexecdir="${MY_UDEVDIR}"
+	)
+
+	if multilib_is_native_abi; then
+		emake "${mymakeopts[@]}"
+	else
+		# prerequisites for gudev
+		use gudev && emake src/gudev/gudev{enumtypes,marshal}.{c,h}
+
+		echo 'gentoo: $(BUILT_SOURCES)' | \
+		emake "${mymakeopts[@]}" -f Makefile -f - gentoo
+		echo 'gentoo: $(lib_LTLIBRARIES) $(pkgconfiglib_DATA)' | \
+		emake "${mymakeopts[@]}" -f Makefile -f - gentoo
+	fi
+}
+
+multilib_src_test() {
+	multilib_is_native_abi || continue
+
+	default
+}
+
+multilib_src_install() {
+	local mymakeopts=(
+		# automake fails with parallel libtool relinking
+		# https://bugs.gentoo.org/show_bug.cgi?id=491398
+		-j1
+
+		udevlibexecdir="${MY_UDEVDIR}"
+		dist_udevhwdb_DATA=
+		DESTDIR="${D}"
+	)
+
+	if multilib_is_native_abi; then
+		emake "${mymakeopts[@]}" install
+	else
+		mymakeopts+=(
+			install-libLTLIBRARIES
+			install-pkgconfiglibDATA
+			install-includeHEADERS
+			# safe to call unconditionally, 'installs' empty list
+			install-libgudev_includeHEADERS
+			install-pkgincludeHEADERS
+		)
+
+		emake "${mymakeopts[@]}"
+	fi
+
+	# install compat pkg-config files
+	local pcfiles=( src/compat-libs/libsystemd-{daemon,id128,journal,login}.pc )
+	emake "${mymakeopts[@]}" install-pkgconfiglibDATA \
+		pkgconfiglib_DATA="${pcfiles[*]}"
+}
+
+multilib_src_install_all() {
+	prune_libtool_files --modules
+	einstalldocs
+
+	# we just keep sysvinit tools, so no need for the mans
+	rm "${D}"/usr/share/man/man8/{halt,poweroff,reboot,runlevel,shutdown,telinit}.8 \
+		|| die
+	rm "${D}"/usr/share/man/man1/init.1 || die
+
+	# Disable storing coredumps in journald, bug #433457
+	mv "${D}"/usr/lib/sysctl.d/50-coredump.conf{,.disabled} || die
+
+	systemd_dotmpfilesd "${FILESDIR}"/systemd-coreos.conf
+	systemd_dotmpfilesd "${FILESDIR}"/systemd-resolv.conf
+
+	# Don't default to graphical.target
+	rm "${D}"/usr/lib/systemd/system/default.target || die
+	dosym multi-user.target /usr/lib/systemd/system/default.target
+
+	# Move a few services enabled in /etc to /usr
+	rm "${D}"/etc/systemd/system/getty.target.wants/getty@tty1.service || die
+	rmdir "${D}"/etc/systemd/system/getty.target.wants || die
+	dosym ../getty@.service /usr/lib/systemd/system/getty.target.wants/getty@tty1.service
+
+	rm "${D}"/etc/systemd/system/multi-user.target.wants/remote-fs.target \
+		"${D}"/etc/systemd/system/multi-user.target.wants/systemd-networkd.service \
+		"${D}"/etc/systemd/system/multi-user.target.wants/systemd-resolved.service \
+		"${D}"/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service \
+		|| die
+	rmdir "${D}"/etc/systemd/system/multi-user.target.wants \
+		"${D}"/etc/systemd/system/network-online.target.wants \
+		|| die
+	systemd_enable_service multi-user.target remote-fs.target
+	systemd_enable_service multi-user.target systemd-networkd.service
+	systemd_enable_service multi-user.target systemd-resolved.service
+	systemd_enable_service network-online.target systemd-networkd-wait-online.service
+}
+
+migrate_locale() {
+	local envd_locale_def="${EROOT%/}/etc/env.d/02locale"
+	local envd_locale=( "${EROOT%/}"/etc/env.d/??locale )
+	local locale_conf="${EROOT%/}/etc/locale.conf"
+
+	if [[ ! -L ${locale_conf} && ! -e ${locale_conf} ]]; then
+		# If locale.conf does not exist...
+		if [[ -e ${envd_locale} ]]; then
+			# ...either copy env.d/??locale if there's one
+			ebegin "Moving ${envd_locale} to ${locale_conf}"
+			mv "${envd_locale}" "${locale_conf}"
+			eend ${?} || FAIL=1
+		else
+			# ...or create a dummy default
+			ebegin "Creating ${locale_conf}"
+			cat > "${locale_conf}" <<-EOF
+				# This file has been created by the sys-apps/systemd ebuild.
+				# See locale.conf(5) and localectl(1).
+
+				# LANG=${LANG}
+			EOF
+			eend ${?} || FAIL=1
+		fi
+	fi
+
+	if [[ ! -L ${envd_locale} ]]; then
+		# now, if env.d/??locale is not a symlink (to locale.conf)...
+		if [[ -e ${envd_locale} ]]; then
+			# ...warn the user that he has duplicate locale settings
+			ewarn
+			ewarn "To ensure consistent behavior, you should replace ${envd_locale}"
+			ewarn "with a symlink to ${locale_conf}. Please migrate your settings"
+			ewarn "and create the symlink with the following command:"
+			ewarn "ln -s -n -f ../locale.conf ${envd_locale}"
+			ewarn
+		else
+			# ...or just create the symlink if there's nothing here
+			ebegin "Creating ${envd_locale_def} -> ../locale.conf symlink"
+			ln -n -s ../locale.conf "${envd_locale_def}"
+			eend ${?} || FAIL=1
+		fi
+	fi
+}
+
+migrate_net_name_slot() {
+	# If user has disabled 80-net-name-slot.rules using a empty file or a symlink to /dev/null,
+	# do the same for 80-net-setup-link.rules to keep the old behavior
+	local net_move=no
+	local net_name_slot_sym=no
+	local net_rules_path="${EROOT%/}"/etc/udev/rules.d
+	local net_name_slot="${net_rules_path}"/80-net-name-slot.rules
+	local net_setup_link="${net_rules_path}"/80-net-setup-link.rules
+	if [[ -e ${net_setup_link} ]]; then
+		net_move=no
+	elif [[ -f ${net_name_slot} && $(sed -e "/^#/d" -e "/^\W*$/d" ${net_name_slot} | wc -l) == 0 ]]; then
+		net_move=yes
+	elif [[ -L ${net_name_slot} && $(readlink ${net_name_slot}) == /dev/null ]]; then
+		net_move=yes
+		net_name_slot_sym=yes
+	fi
+	if [[ ${net_move} == yes ]]; then
+		ebegin "Copying ${net_name_slot} to ${net_setup_link}"
+
+		if [[ ${net_name_slot_sym} == yes ]]; then
+			ln -nfs /dev/null "${net_setup_link}"
+		else
+			cp "${net_name_slot}" "${net_setup_link}"
+		fi
+		eend $? || FAIL=1
+	fi
+}
+
+pkg_postinst() {
+	newusergroup() {
+		enewgroup "$1"
+		enewuser "$1" -1 -1 -1 "$1"
+	}
+
+	enewgroup systemd-journal
+	newusergroup systemd-bus-proxy
+	newusergroup systemd-network
+	newusergroup systemd-resolve
+	newusergroup systemd-timesync
+	use http && newusergroup systemd-journal-gateway
+
+	systemd_update_catalog
+
+	# Keep this here in case the database format changes so it gets updated
+	# when required. Despite that this file is owned by sys-apps/hwids.
+	if has_version "sys-apps/hwids[udev]"; then
+		udevadm hwdb --update --root="${ROOT%/}"
+	fi
+
+	udev_reload || FAIL=1
+
+	# Bug 468876
+	fcaps cap_dac_override,cap_sys_ptrace=ep usr/bin/systemd-detect-virt
+
+	# Bug 465468, make sure locales are respect, and ensure consistency
+	# between OpenRC & systemd
+	migrate_locale
+
+	# Migrate 80-net-name-slot.rules -> 80-net-setup-link.rules
+	migrate_net_name_slot
+
+	if [[ ${FAIL} ]]; then
+		eerror "One of the postinst commands failed. Please check the postinst output"
+		eerror "for errors. You may need to clean up your system and/or try installing"
+		eerror "systemd again."
+		eerror
+	fi
+
+	if [[ ! -L "${ROOT}"/etc/mtab ]]; then
+		ewarn "Upstream mandates the /etc/mtab file should be a symlink to /proc/mounts."
+		ewarn "Not having it is not supported by upstream and will cause tools like 'df'"
+		ewarn "and 'mount' to not work properly. Please run:"
+		ewarn "	# ln -sf '${ROOT}proc/self/mounts' '${ROOT}etc/mtab'"
+		ewarn
+	fi
+
+	if ! has_version sys-apps/systemd-ui; then
+		elog "To get additional features, a number of optional runtime dependencies may"
+		elog "be installed:"
+		elog "- sys-apps/systemd-ui: for GTK+ systemadm UI and gnome-ask-password-agent"
+	fi
+}
+
+pkg_prerm() {
+	# If removing systemd completely, remove the catalog database.
+	if [[ ! ${REPLACED_BY_VERSION} ]]; then
+		rm -f -v "${EROOT}"/var/lib/systemd/catalog/database
+	fi
+}