!764 backport 253 -> 249

From: @zhang-yao-2022 
Reviewed-by: @xujing99 
Signed-off-by: @xujing99

backport-README-explicitly-note-that-util-linux-s-mount-swap-.patch

@@ -0,0 +1,40 @@
+From 59c2b054cf3ea900915902e921f9fe4bdf1c039c Mon Sep 17 00:00:00 2001
+From: Luca Boccassi <bluca@debian.org>
+Date: Fri, 10 Feb 2023 11:58:20 +0000
+Subject: [PATCH] README: explicitly note that util-linux's mount/swap are
+ required
+
+These are the most visible and hard requirements, as we use options that
+busybox does not provide, so list them explicitly to avoid surprises
+
+(cherry picked from commit 164070e497f36b6d8055e4338e07188dd975f6f2)
+(cherry picked from commit 0dc9f7335d37be2a90f34e20f04573331bf3e4d3)
+(cherry picked from commit facb134183d72c31636f09bcae080cf9337a6877)
+(cherry picked from commit 3271bc9bec20345edc09c7209852c90bafde874a)
+
+Reference: https://github.com/systemd/systemd-stable/pull/259/commits/59c2b054cf3ea900915902e921f9fe4bdf1c039c
+
+Signed-off-by: zhaoxiaohu <zhaoxiaohu@kuaishou.com>
+Signed-off-by: yuwang <yuwang@kuaishou.com>
+---
+ README | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/README b/README
+index 0e5c326..a7ecbbd 100644
+--- a/README
++++ b/README
+@@ -202,7 +202,9 @@ REQUIREMENTS:
+         During runtime, you need the following additional
+         dependencies:
+ 
+-        util-linux >= v2.27.1 required
++        util-linux >= v2.27.1 required (including but not limited to: mount,
++                                        umount, swapon, swapoff, sulogin,
++                                        agetty, fsck)
+         dbus >= 1.4.0 (strictly speaking optional, but recommended)
+                 NOTE: If using dbus < 1.9.18, you should override the default
+                 policy directory (--with-dbuspolicydir=/etc/dbus-1/system.d).
+-- 
+2.33.0
+

backport-docs-remove-dev-tty-confusion.patch

@@ -0,0 +1,42 @@
+From 1e1a2538219e9db49062ba104b459a8ced33694a Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Fri, 23 Dec 2022 18:39:54 +0100
+Subject: [PATCH] docs: remove /dev/tty* confusion
+
+The text said /dev/tty* as a whole was the VT subsystem and that VT is
+not supported in containers.
+
+But that's not accurate as /dev/tty* will match /dev/tty too and that
+one device node is special and is not related to VT: it always points to
+the current process own controlling tty, regardless what that is.
+
+hence, rewrite /dev/tty* as /dev/tty[0-9]*.
+
+Reference: https://github.com/systemd/systemd/pull/25851/commits/7b3a5e26911c675970f045406161f412cee0ab84
+
+Signed-off-by: zhaoxiaohu <zhaoxiaohu@kuaishou.com>
+Signed-off-by: yuwang <yuwang@kuaishou.com>
+---
+ docs/CONTAINER_INTERFACE.md | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/docs/CONTAINER_INTERFACE.md b/docs/CONTAINER_INTERFACE.md
+index ff458bd..41632b8 100644
+--- a/docs/CONTAINER_INTERFACE.md
++++ b/docs/CONTAINER_INTERFACE.md
+@@ -292,9 +292,9 @@ care should be taken to avoid naming conflicts. `systemd` (and in particular
+    you cannot link them to each other.
+ 
+ 4. Do not pretend that the real VTs are available in the container. The VT
+-   subsystem consists of all the devices `/dev/tty*`, `/dev/vcs*`, `/dev/vcsa*`
+-   plus their `sysfs` counterparts. They speak specific `ioctl()`s and
+-   understand specific escape sequences, that other ptys don't understand.
++   subsystem consists of all the devices `/dev/tty[0-9]*`, `/dev/vcs*`,
++   `/dev/vcsa*` plus their `sysfs` counterparts. They speak specific `ioctl()`s
++   and understand specific escape sequences, that other ptys don't understand.
+    Hence, it is explicitly not OK to mount a pty to `/dev/tty1`, `/dev/tty2`,
+    `/dev/tty3`. This is explicitly not supported.
+ 
+-- 
+2.33.0
+

backport-importd-Always-specify-file-unpacked-by-tar.patch

@@ -0,0 +1,42 @@
+From 3a609cf64f74f78697ef1ad05d85f9c0ef07f87c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Arsen=20Arsenovi=C4=87?= <arsen@gentoo.org>
+Date: Sat, 28 Jan 2023 22:32:41 +0100
+Subject: [PATCH] importd: Always specify file unpacked by tar
+
+Despite popular belief, the default file extracted by GNU tar is not stdin.  It
+is the value of the TAPE environment variable, falling back on a compile-time
+constant.  On my system, the default value is /dev/full, which causes tar to
+just spin forever due to --ignore-zeros.  Always specifying this flag is the
+safe thing to do.
+
+  ~$ tar --show-defaults
+  --format=gnu -f/dev/full -b20 --quoting-style=escape
+  --rmt-command=/usr/sbin/grmt
+
+See also: ``(tar)defaults'', available via Info viewers, and in HTML form at:
+https://www.gnu.org/s/tar/manual/html_node/defaults.html
+
+Reference: https://github.com/systemd/systemd/pull/26243/commits/f28d94106d6ed01420079f1034e332193c12d6dd
+
+Signed-off-by: zhaoxiaohu <zhaoxiaohu@kuaishou.com>
+Signed-off-by: yuwang <yuwang@kuaishou.com>
+---
+ src/import/import-common.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/import/import-common.c b/src/import/import-common.c
+index f77564c..70a0a73 100644
+--- a/src/import/import-common.c
++++ b/src/import/import-common.c
+@@ -97,6 +97,8 @@ int import_fork_tar_x(const char *path, pid_t *ret) {
+                        "--numeric-owner",
+                        "-C", path,
+                        "-px",
++                       "-pxf",
++                       "-",
+                        "--xattrs",
+                        "--xattrs-include=*",
+                        use_selinux ? "--selinux" : "--no-selinux",
+-- 
+2.33.0
+

backport-man-fix-section-number.patch

@@ -0,0 +1,27 @@
+From 4c73ddaddb8d7bee8409148f86c67f09f9b2107b Mon Sep 17 00:00:00 2001
+From: zhaoxiaohu <zhaoxiaohu@kuaishou.com>
+Date: Tue, 27 Aug 2024 21:10:42 +0800
+Subject: [PATCH] man: fix section number
+
+Signed-off-by: zhaoxiaohu <zhaoxiaohu@kuaishou.com>
+Signed-off-by: yuwang <yuwang@kuaishou.com>
+---
+ man/tmpfiles.d.xml | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml
+index 261de59..8844443 100644
+--- a/man/tmpfiles.d.xml
++++ b/man/tmpfiles.d.xml
+@@ -90,7 +90,7 @@ A+    /path-or-glob/to/append/acls/recursively -    -    -     -           POSIX
+ 
+     <para><command>systemd-tmpfiles</command> uses this configuration to create volatile files and
+     directories during boot and to do periodic cleanup afterwards. See
+-    <citerefentry><refentrytitle>systemd-tmpfiles</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
++    <citerefentry><refentrytitle>systemd-tmpfiles</refentrytitle><manvolnum>8</manvolnum></citerefentry> for
+     the description of <filename>systemd-tmpfiles-setup.service</filename>,
+     <filename>systemd-tmpfiles-clean.service</filename>, and associated units.</para>
+ 
+-- 
+2.33.0
+

backport-repart-fix-invalid-errno-in-log.patch

@@ -0,0 +1,34 @@
+From 1a1c880e6f5d907a2e8361ca9b3d486450293581 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
+Date: Mon, 6 Feb 2023 10:00:50 +0100
+Subject: [PATCH] repart: fix invalid errno in log
+
+(cherry picked from commit 375ffdba43f6dac5f4b1222d4e345f7cdf868f8c)
+(cherry picked from commit 31b7785814fa9e82a1d48e4b5a6b1f6df1110b03)
+(cherry picked from commit 828e73a7bb17cf8ec4a0f90004a878fcc839add5)
+(cherry picked from commit 53be27c44b0e5f6a763ac60108325e5a41864857)
+
+Reference: https://github.com/systemd/systemd-stable/pull/259/commits/1a1c880e6f5d907a2e8361ca9b3d486450293581
+
+Signed-off-by: zhaoxiaohu <zhaoxiaohu@kuaishou.com>
+Signed-off-by: yuwang <yuwang@kuaishou.com>
+---
+ src/partition/repart.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/partition/repart.c b/src/partition/repart.c
+index 9f0fe9e..36865ac 100644
+--- a/src/partition/repart.c
++++ b/src/partition/repart.c
+@@ -3901,7 +3901,7 @@ static int resolve_copy_blocks_auto(
+                                 continue;
+                         }
+                         if (major(sl) == 0) {
+-                                log_debug_errno(r, "Device backing %s is special, ignoring: %m", q);
++                                log_debug("Device backing %s is special, ignoring.", q);
+                                 continue;
+                         }
+ 
+-- 
+2.33.0
+

backport-sysusers-insist-that-root-group-is-0.patch

@@ -0,0 +1,57 @@
+From 5f9fdbbeeb15fda7b69e3dfd027f556178431202 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
+Date: Tue, 31 Jan 2023 17:04:10 +0100
+Subject: [PATCH] sysusers: insist that root group is 0
+
+In https://bugzilla.redhat.com/show_bug.cgi?id=2156900 sysusers was reporting a
+conflict between the following lines:
+  u root 0:0 "Super User" /root /bin/bash
+  u root    0     "Super User" /root
+
+The problem is that those configurations are indeed not equivalent. If group 0
+exists with a different name, the first line would just create the user, but the
+second line would create a 'root' group with a different GID. The second
+behaviour seems definitely wrong. (Or at least more confusing in practice than
+the first one. The system is in a strange shape, but the second approach takes
+an additional step than is worse than doing nothing.)
+
+When this line was initially added, we didn't have the uid:gid functionality for
+'u', so we didn't think about this too much. But now we do, so we should use it.
+
+$ build/systemd-sysusers --root=/var/tmp/inst7 --inline 'g foobar 0'
+Creating group 'foobar' with GID 0.
+
+$ build/systemd-sysusers --root=/var/tmp/inst7 --inline 'u root 0 "Zuper zuper"'
+src/sysusers/sysusers.c:1365: Creating group 'root' with GID 999.
+src/sysusers/sysusers.c:1115: Suggested user ID 0 for root already used.
+src/sysusers/sysusers.c:1183: Creating user 'root' (Zuper zuper) with UID 999 and GID 999.
+
+vs.
+
+$ build/systemd-sysusers --root=/var/tmp/inst7 --inline 'u root 0:0 "Zuper zuper"'
+src/sysusers/sysusers.c:1183: Creating user 'root' (Zuper zuper) with UID 0 and GID 0.
+
+https://github.com/systemd/systemd/pull/26270/commits/a5cca2983e5bbbe3b0582412f4b3962c585b59a1
+
+Signed-off-by: zhaoxiaohu <zhaoxiaohu@kuaishou.com>
+Signed-off-by: yuwang <yuwang@kuaishou.com>
+---
+ sysusers.d/basic.conf.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in
+index 8cc1a7c..bf274b6 100644
+--- a/sysusers.d/basic.conf.in
++++ b/sysusers.d/basic.conf.in
+@@ -6,7 +6,7 @@
+ #  (at your option) any later version.
+ 
+ # The superuser
+-u root    0     "Super User" /root
++u root    0:0     "Super User" /root
+ 
+ # The nobody user for NFS file systems
+ u {{NOBODY_USER_NAME}}  65534 "Nobody"     -
+-- 
+2.33.0
+

backport-userdb-Use-json_dispatch_user_group_name-to-parse-Ge.patch

@@ -0,0 +1,37 @@
+From 98ca2c0b2736794408caac1bf3a9dbfedf7da4c7 Mon Sep 17 00:00:00 2001
+From: Samuel Cabrero <scabrero@suse.de>
+Date: Fri, 10 Feb 2023 14:04:27 +0100
+Subject: [PATCH] userdb: Use json_dispatch_user_group_name() to parse
+ GetMembership fields
+
+It allows to relax the checks and allow characters like '\', used by
+windows to split the domain name and user name.
+
+For reference, discussion in the systemd-devel mailing list:
+https://lists.freedesktop.org/archives/systemd-devel/2023-February/048804.html
+https://github.com/systemd/systemd-stable/pull/259/commits/98ca2c0b2736794408caac1bf3a9dbfedf7da4c7
+
+Signed-off-by: Samuel Cabrero <scabrero@suse.de>
+Signed-off-by: yuwang <yuwang@kuaishou.com>
+---
+ src/shared/userdb.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/shared/userdb.c b/src/shared/userdb.c
+index 91ac7c3..738da2b 100644
+--- a/src/shared/userdb.c
++++ b/src/shared/userdb.c
+@@ -296,8 +296,8 @@ static int userdb_on_query_reply(
+                 } membership_data = {};
+ 
+                 static const JsonDispatch dispatch_table[] = {
+-                        { "userName",  JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(struct membership_data, user_name),  JSON_SAFE },
+-                        { "groupName", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(struct membership_data, group_name), JSON_SAFE },
++                        { "userName",  JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(struct membership_data, user_name),  JSON_RELAX },
++                        { "groupName", JSON_VARIANT_STRING, json_dispatch_const_string, offsetof(struct membership_data, group_name), JSON_RELAX },
+                         {}
+                 };
+ 
+-- 
+2.33.0
+

systemd.spec

@@ -25,7 +25,7 @@
 Name:           systemd
 Url:            https://systemd.io/
 Version:        249
-Release:        90
+Release:        91
 License:        MIT and LGPLv2+ and GPLv2+
 Summary:        System and Service Manager
 
@@ -687,6 +687,13 @@ Patch6634:	    backport-man-fix-directory-for-user-home-bind-mounts.patch
 Patch6635:	    backport-nspawn-fix-directory-in-logged-error.patch
 Patch6636:	    backport-test-boot-timestamp-Handle-ERANGE-error.patch
 Patch6637:	    backport-core-when-isolating-to-a-unit-also-keep-units-runnin.patch
+Patch6638:      backport-userdb-Use-json_dispatch_user_group_name-to-parse-Ge.patch
+Patch6639:      backport-README-explicitly-note-that-util-linux-s-mount-swap-.patch
+Patch6640:      backport-man-fix-section-number.patch
+Patch6641:      backport-repart-fix-invalid-errno-in-log.patch
+Patch6642:      backport-sysusers-insist-that-root-group-is-0.patch
+Patch6643:      backport-importd-Always-specify-file-unpacked-by-tar.patch
+Patch6644:      backport-docs-remove-dev-tty-confusion.patch
 
 Patch9001:      update-rtc-with-system-clock-when-shutdown.patch
 Patch9002:      udev-add-actions-while-rename-netif-failed.patch
@@ -2201,6 +2208,15 @@ grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null &&
 /usr/bin/systemd-cryptenroll
 
 %changelog
+* Wed Dec 04 2024 zhangyao <zhangyao108@huawei.com> - 249-91
+- add backport-userdb-Use-json_dispatch_user_group_name-to-parse-Ge.patch
+      backport-README-explicitly-note-that-util-linux-s-mount-swap-.patch
+      backport-man-fix-section-number.patch
+      backport-repart-fix-invalid-errno-in-log.patch
+      backport-sysusers-insist-that-root-group-is-0.patch
+      backport-importd-Always-specify-file-unpacked-by-tar.patch
+      backport-docs-remove-dev-tty-confusion.patch
+
 * Wed Dec 04 2024 zhangyao <zhangyao108@huawei.com> - 249-90
 - add backport-core-when-isolating-to-a-unit-also-keep-units-runnin.patch