From b73785bcd839c8b4a4e0bc31e73db5b091e077e4 Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Fri, 5 Jul 2024 10:35:21 +0200
Subject: [PATCH 01/17] slices: add initial version of systemd and friends.

Currently systemd is not working as it's lacking the catalog update functionality, blocked by maybe lack of features in Starlark/Chisel
---
 slices/libargon2-1.yaml        |  15 +
 slices/libcryptsetup12.yaml    |  21 ++
 slices/libdevmapper1.02.1.yaml |  17 +
 slices/libfdisk1.yaml          |  17 +
 slices/libjson-c5.yaml         |  15 +
 slices/libkmod2.yaml           |  18 +
 slices/libmount1.yaml          |  17 +
 slices/libseccomp2.yaml        |  15 +
 slices/libsmartcols1.yaml      |  15 +
 slices/libsystemd-shared.yaml  |  32 ++
 slices/mount.yaml              |  23 ++
 slices/systemd.yaml            | 638 +++++++++++++++++++++++++++++++++
 12 files changed, 843 insertions(+)
 create mode 100644 slices/libargon2-1.yaml
 create mode 100644 slices/libcryptsetup12.yaml
 create mode 100644 slices/libdevmapper1.02.1.yaml
 create mode 100644 slices/libfdisk1.yaml
 create mode 100644 slices/libjson-c5.yaml
 create mode 100644 slices/libkmod2.yaml
 create mode 100644 slices/libmount1.yaml
 create mode 100644 slices/libseccomp2.yaml
 create mode 100644 slices/libsmartcols1.yaml
 create mode 100644 slices/libsystemd-shared.yaml
 create mode 100644 slices/mount.yaml
 create mode 100644 slices/systemd.yaml

diff --git a/slices/libargon2-1.yaml b/slices/libargon2-1.yaml
new file mode 100644
index 000000000..0c28328e1
--- /dev/null
+++ b/slices/libargon2-1.yaml
@@ -0,0 +1,15 @@
+package: libargon2-1
+
+essential:
+  - libargon2-1_copyright
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+    contents:
+      /usr/lib/*-linux-*/libargon2.so.1*:
+
+  copyright:
+    contents:
+      /usr/share/doc/libargon2-1/copyright:
diff --git a/slices/libcryptsetup12.yaml b/slices/libcryptsetup12.yaml
new file mode 100644
index 000000000..6e1aa832a
--- /dev/null
+++ b/slices/libcryptsetup12.yaml
@@ -0,0 +1,21 @@
+package: libcryptsetup12
+
+essential:
+  - libcryptsetup12_copyright
+
+slices:
+  libs:
+    essential:
+      - libargon2-1_libs
+      - libblkid1_libs
+      - libc6_libs
+      - libdevmapper1.02.1_libs
+      - libjson-c5_libs
+      - libssl3t64_libs
+      - libuuid1_libs
+    contents:
+      /lib/*-linux-*/libcryptsetup.so.12*:
+
+  copyright:
+    contents:
+      /usr/share/doc/libcryptsetup12/copyright:
diff --git a/slices/libdevmapper1.02.1.yaml b/slices/libdevmapper1.02.1.yaml
new file mode 100644
index 000000000..61f3065a2
--- /dev/null
+++ b/slices/libdevmapper1.02.1.yaml
@@ -0,0 +1,17 @@
+package: libdevmapper1.02.1
+
+essential:
+  - libdevmapper1.02.1_copyright
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+      - libselinux1_libs
+      - libudev1_libs
+    contents:
+      /usr/lib/*-linux-*/libdevmapper.so.1*:
+
+  copyright:
+    contents:
+      /usr/share/doc/libdevmapper1.02.1/copyright:
diff --git a/slices/libfdisk1.yaml b/slices/libfdisk1.yaml
new file mode 100644
index 000000000..91d23cf8c
--- /dev/null
+++ b/slices/libfdisk1.yaml
@@ -0,0 +1,17 @@
+package: libfdisk1
+
+essential:
+  - libfdisk1_copyright
+
+slices:
+  libs:
+    essential:
+      - libblkid1_libs
+      - libc6_libs
+      - libuuid1_libs
+    contents:
+      /usr/lib/*-linux-*/libfdisk.so.1*:
+
+  copyright:
+    contents:
+      /usr/share/doc/libfdisk1/copyright:
diff --git a/slices/libjson-c5.yaml b/slices/libjson-c5.yaml
new file mode 100644
index 000000000..d8f64cb8e
--- /dev/null
+++ b/slices/libjson-c5.yaml
@@ -0,0 +1,15 @@
+package: libjson-c5
+
+essential:
+  - libjson-c5_copyright
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+    contents:
+      /usr/lib/*-linux-*/libjson-c.so.5*:
+
+  copyright:
+    contents:
+      /usr/share/doc/libjson-c5/copyright:
diff --git a/slices/libkmod2.yaml b/slices/libkmod2.yaml
new file mode 100644
index 000000000..583c790f2
--- /dev/null
+++ b/slices/libkmod2.yaml
@@ -0,0 +1,18 @@
+package: libkmod2
+
+essential:
+  - libkmod2_copyright
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+      - liblzma5_libs
+      - libssl3t64_libs
+      - libzstd1_libs
+    contents:
+      /usr/lib/*-linux-*/libkmod.so.2*:
+
+  copyright:
+    contents:
+      /usr/share/doc/libkmod2/copyright:
diff --git a/slices/libmount1.yaml b/slices/libmount1.yaml
new file mode 100644
index 000000000..4d890885e
--- /dev/null
+++ b/slices/libmount1.yaml
@@ -0,0 +1,17 @@
+package: libmount1
+
+essential:
+  - libseccomp2_copyright
+
+slices:
+  libs:
+    essential:
+      - libblkid1_libs
+      - libc6_libs
+      - libselinux1_libs
+    contents:
+      /usr/lib/*-linux-*/libmount.so.1*:
+
+  copyright:
+    contents:
+      /usr/share/doc/libmount1/copyright:
diff --git a/slices/libseccomp2.yaml b/slices/libseccomp2.yaml
new file mode 100644
index 000000000..f2420e7d0
--- /dev/null
+++ b/slices/libseccomp2.yaml
@@ -0,0 +1,15 @@
+package: libseccomp2
+
+essential:
+  - libseccomp2_copyright
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+    contents:
+      /usr/lib/*-linux-*/libseccomp.so.2*:
+
+  copyright:
+    contents:
+      /usr/share/doc/libseccomp2/copyright:
diff --git a/slices/libsmartcols1.yaml b/slices/libsmartcols1.yaml
new file mode 100644
index 000000000..2ab90186f
--- /dev/null
+++ b/slices/libsmartcols1.yaml
@@ -0,0 +1,15 @@
+package: libsmartcols1
+
+essential:
+  - libsmartcols1_copyright
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+    contents:
+      /usr/lib/*-linux-*/libsmartcols.so.1*:
+
+  copyright:
+    contents:
+      /usr/share/doc/libsmartcols1/copyright:
diff --git a/slices/libsystemd-shared.yaml b/slices/libsystemd-shared.yaml
new file mode 100644
index 000000000..bc54a95fc
--- /dev/null
+++ b/slices/libsystemd-shared.yaml
@@ -0,0 +1,32 @@
+package: libsystemd-shared
+
+essential:
+  - libsystemd-shared_copyright
+
+slices:
+  libs:
+    essential:
+      - libacl1_libs
+      - libapparmor1_libs
+      - libaudit1_libs
+      - libblkid1_libs
+      - libc6_libs
+      - libcap2_libs
+      - libcrypt1_libs
+      - libgcrypt20_libs
+      - libkmod2_libs
+      - liblz4-1_libs
+      - liblzma5_libs
+      - libmount1_libs
+      - libpam0g_libs
+      - libseccomp2_libs
+      - libselinux1_libs
+      - libssl3t64_libs
+      - libzstd1_libs
+    contents:
+      /usr/lib/*-linux-*/systemd/libsystemd-core-*.so:
+      /usr/lib/*-linux-*/systemd/libsystemd-shared-*.so:
+
+  copyright:
+    contents:
+      /usr/share/doc/libsystemd-shared/copyright:
diff --git a/slices/mount.yaml b/slices/mount.yaml
new file mode 100644
index 000000000..88fa1994a
--- /dev/null
+++ b/slices/mount.yaml
@@ -0,0 +1,23 @@
+package: mount
+
+essential:
+  - mount_copyright
+
+slices:
+  bins:
+    essential:
+      - libblkid1_libs
+      - libc6_libs
+      - libmount1_libs
+      - libselinux1_libs
+      - libsmartcols1_libs
+    contents:
+      /usr/bin/mount:
+      /usr/bin/umount:
+      /usr/sbin/losetup:
+      /usr/sbin/swapoff:
+      /usr/sbin/swapon:
+
+  copyright:
+    contents:
+      /usr/share/doc/mount/copyright:
diff --git a/slices/systemd.yaml b/slices/systemd.yaml
new file mode 100644
index 000000000..3bb7b69d5
--- /dev/null
+++ b/slices/systemd.yaml
@@ -0,0 +1,638 @@
+package: systemd
+
+essential:
+  - systemd_copyright
+
+slices:
+  bins:
+    essential:
+      - libblkid1_libs
+      - libc6_libs
+      - libcap2_libs
+      - libgcrypt20_libs
+      - liblz4-1_libs
+      - liblzma5_libs
+      - libmount1_libs
+      - libselinux1_libs
+      - libssl3t64_libs
+      - libzstd1_libs
+      - libacl1_libs
+      - libapparmor1_libs
+      - libaudit1_libs
+      - libcryptsetup12_libs
+      - libfdisk1_libs
+      - libkmod2_libs
+      - libpam0g_libs
+      - libseccomp2_libs
+      - libsystemd-shared_libs
+      - libsystemd0_libs
+      - mount_bins
+      - systemd_libs
+      - systemd_config
+    contents:
+      /usr/bin/busctl:
+      /usr/bin/hostnamectl:
+      /usr/bin/journalctl:
+      /usr/bin/kernel-install:
+      /usr/bin/localectl:
+      /usr/bin/loginctl:
+      /usr/bin/networkctl:
+      /usr/bin/systemctl:
+      /usr/bin/systemd:
+      /usr/bin/systemd-ac-power:
+      /usr/bin/systemd-analyze:
+      /usr/bin/systemd-ask-password:
+      /usr/bin/systemd-cat:
+      /usr/bin/systemd-cgls:
+      /usr/bin/systemd-cgtop:
+      /usr/bin/systemd-confext:
+      /usr/bin/systemd-creds:
+      /usr/bin/systemd-cryptenroll:
+      /usr/bin/systemd-cryptsetup:
+      /usr/bin/systemd-delta:
+      /usr/bin/systemd-detect-virt:
+      /usr/bin/systemd-escape:
+      /usr/bin/systemd-firstboot:
+      /usr/bin/systemd-id128:
+      /usr/bin/systemd-inhibit:
+      /usr/bin/systemd-machine-id-setup:
+      /usr/bin/systemd-mount:
+      /usr/bin/systemd-notify:
+      /usr/bin/systemd-path:
+      /usr/bin/systemd-repart:
+      /usr/bin/systemd-run:
+      /usr/bin/systemd-socket-activate:
+      /usr/bin/systemd-stdio-bridge:
+      /usr/bin/systemd-sysext:
+      /usr/bin/systemd-sysusers:
+      /usr/bin/systemd-tmpfiles:
+      /usr/bin/systemd-tty-ask-password-agent:
+      /usr/bin/systemd-umount:
+      /usr/bin/timedatectl:
+      /usr/bin/varlinkctl:
+      /usr/lib/systemd/systemd:
+      /usr/lib/systemd/systemd-backlight:
+      /usr/lib/systemd/systemd-battery-check:
+      /usr/lib/systemd/systemd-binfmt:
+      /usr/lib/systemd/systemd-boot-check-no-failures:
+      /usr/lib/systemd/systemd-bsod:
+      /usr/lib/systemd/systemd-cgroups-agent:
+      /usr/lib/systemd/systemd-cryptsetup:
+      /usr/lib/systemd/systemd-executor:
+      /usr/lib/systemd/systemd-fsck:
+      /usr/lib/systemd/systemd-fsckd:
+      /usr/lib/systemd/systemd-growfs:
+      /usr/lib/systemd/systemd-hibernate-resume:
+      /usr/lib/systemd/systemd-hostnamed:
+      /usr/lib/systemd/systemd-initctl:
+      /usr/lib/systemd/systemd-integritysetup:
+      /usr/lib/systemd/systemd-journald:
+      /usr/lib/systemd/systemd-localed:
+      /usr/lib/systemd/systemd-logind:
+      /usr/lib/systemd/systemd-makefs:
+      /usr/lib/systemd/systemd-measure:
+      /usr/lib/systemd/systemd-modules-load:
+      /usr/lib/systemd/systemd-network-generator:
+      /usr/lib/systemd/systemd-networkd:
+      /usr/lib/systemd/systemd-networkd-wait-online:
+      /usr/lib/systemd/systemd-pcrextend:
+      /usr/lib/systemd/systemd-pcrlock:
+      /usr/lib/systemd/systemd-pstore:
+      /usr/lib/systemd/systemd-quotacheck:
+      /usr/lib/systemd/systemd-random-seed:
+      /usr/lib/systemd/systemd-remount-fs:
+      /usr/lib/systemd/systemd-reply-password:
+      /usr/lib/systemd/systemd-rfkill:
+      /usr/lib/systemd/systemd-shutdown:
+      /usr/lib/systemd/systemd-sleep:
+      /usr/lib/systemd/systemd-socket-proxyd:
+      /usr/lib/systemd/systemd-storagetm:
+      /usr/lib/systemd/systemd-sulogin-shell:
+      /usr/lib/systemd/systemd-sysctl:
+      /usr/lib/systemd/systemd-sysroot-fstab-check:
+      /usr/lib/systemd/systemd-sysupdate:
+      /usr/lib/systemd/systemd-sysv-install:
+      /usr/lib/systemd/systemd-time-wait-sync:
+      /usr/lib/systemd/systemd-timedated:
+      /usr/lib/systemd/systemd-tpm2-setup:
+      /usr/lib/systemd/systemd-update-done:
+      /usr/lib/systemd/systemd-update-utmp:
+      /usr/lib/systemd/systemd-user-runtime-dir:
+      /usr/lib/systemd/systemd-user-sessions:
+      /usr/lib/systemd/systemd-veritysetup:
+      /usr/lib/systemd/systemd-volatile-root:
+      /usr/lib/systemd/systemd-xdg-autostart-condition:
+  
+  libs:
+    contents:
+      /usr/lib/*-linux-*/cryptsetup/libcryptsetup-token-systemd-fido2.so:
+      /usr/lib/*-linux-*/cryptsetup/libcryptsetup-token-systemd-pkcs11.so:
+      /usr/lib/*-linux-*/cryptsetup/libcryptsetup-token-systemd-tpm2.so:
+  
+  config:
+    contents:
+      /usr/lib/sysusers.d/basic.conf:
+      /usr/lib/sysusers.d/systemd-journal.conf:
+      /usr/lib/sysusers.d/systemd-network.conf:
+      /usr/lib/tmpfiles.d/credstore.conf:
+      /usr/lib/tmpfiles.d/debian.conf:
+      /usr/lib/tmpfiles.d/home.conf:
+      /usr/lib/tmpfiles.d/journal-nocow.conf:
+      /usr/lib/tmpfiles.d/legacy.conf:
+      /usr/lib/tmpfiles.d/provision.conf:
+      /usr/lib/tmpfiles.d/systemd-network.conf:
+      /usr/lib/tmpfiles.d/systemd-nologin.conf:
+      /usr/lib/tmpfiles.d/systemd-pstore.conf:
+      /usr/lib/tmpfiles.d/systemd-tmp.conf:
+      /usr/lib/tmpfiles.d/systemd.conf:
+      /usr/lib/tmpfiles.d/tmp.conf:
+      /usr/lib/tmpfiles.d/var.conf:
+      /usr/lib/tmpfiles.d/x11.conf:
+      /usr/lib/systemd/resolv.conf:
+      /usr/lib/systemd/catalog/systemd.be.catalog:
+      /usr/lib/systemd/catalog/systemd.be@latin.catalog:
+      /usr/lib/systemd/catalog/systemd.bg.catalog:
+      /usr/lib/systemd/catalog/systemd.catalog:
+      /usr/lib/systemd/catalog/systemd.da.catalog:
+      /usr/lib/systemd/catalog/systemd.de.catalog:
+      /usr/lib/systemd/catalog/systemd.fr.catalog:
+      /usr/lib/systemd/catalog/systemd.hr.catalog:
+      /usr/lib/systemd/catalog/systemd.hu.catalog:
+      /usr/lib/systemd/catalog/systemd.it.catalog:
+      /usr/lib/systemd/catalog/systemd.ko.catalog:
+      /usr/lib/systemd/catalog/systemd.pl.catalog:
+      /usr/lib/systemd/catalog/systemd.pt_BR.catalog:
+      /usr/lib/systemd/catalog/systemd.ru.catalog:
+      /usr/lib/systemd/catalog/systemd.sr.catalog:
+      /usr/lib/systemd/catalog/systemd.zh_CN.catalog:
+      /usr/lib/systemd/catalog/systemd.zh_TW.catalog:
+      /usr/lib/systemd/journald.conf.d/syslog.conf:
+      /usr/lib/systemd/network/80-6rd-tunnel.network:
+      /usr/lib/systemd/network/80-container-host0.network:
+      /usr/lib/systemd/network/80-container-vb.network:
+      /usr/lib/systemd/network/80-container-ve.network:
+      /usr/lib/systemd/network/80-container-vz.network:
+      /usr/lib/systemd/network/80-vm-vt.network:
+      /usr/lib/systemd/network/80-wifi-adhoc.network:
+      /usr/lib/systemd/repart/definitions/confext.repart.d/10-root.conf:
+      /usr/lib/systemd/repart/definitions/confext.repart.d/20-root-verity.conf:
+      /usr/lib/systemd/repart/definitions/confext.repart.d/30-root-verity-sig.conf:
+      /usr/lib/systemd/repart/definitions/portable.repart.d/10-root.conf:
+      /usr/lib/systemd/repart/definitions/portable.repart.d/20-root-verity.conf:
+      /usr/lib/systemd/repart/definitions/portable.repart.d/30-root-verity-sig.conf:
+      /usr/lib/systemd/repart/definitions/sysext.repart.d/10-root.conf:
+      /usr/lib/systemd/repart/definitions/sysext.repart.d/20-root-verity.conf:
+      /usr/lib/systemd/repart/definitions/sysext.repart.d/30-root-verity-sig.conf:
+      /usr/lib/systemd/system-preset/90-systemd.preset:
+      /usr/lib/systemd/system/autovt@.service:
+      /usr/lib/systemd/system/basic.target:
+      /usr/lib/systemd/system/blockdev@.target:
+      /usr/lib/systemd/system/bluetooth.target:
+      /usr/lib/systemd/system/boot-complete.target:
+      /usr/lib/systemd/system/console-getty.service:
+      /usr/lib/systemd/system/container-getty@.service:
+      /usr/lib/systemd/system/cryptdisks-early.service:
+      /usr/lib/systemd/system/cryptdisks.service:
+      /usr/lib/systemd/system/cryptsetup-pre.target:
+      /usr/lib/systemd/system/cryptsetup.target:
+      /usr/lib/systemd/system/ctrl-alt-del.target:
+      /usr/lib/systemd/system/dbus-org.freedesktop.hostname1.service:
+      /usr/lib/systemd/system/dbus-org.freedesktop.locale1.service:
+      /usr/lib/systemd/system/dbus-org.freedesktop.login1.service:
+      /usr/lib/systemd/system/dbus-org.freedesktop.timedate1.service:
+      /usr/lib/systemd/system/debug-shell.service:
+      /usr/lib/systemd/system/default.target:
+      /usr/lib/systemd/system/dev-hugepages.mount:
+      /usr/lib/systemd/system/dev-mqueue.mount:
+      /usr/lib/systemd/system/emergency.service:
+      /usr/lib/systemd/system/emergency.target:
+      /usr/lib/systemd/system/exit.target:
+      /usr/lib/systemd/system/factory-reset.target:
+      /usr/lib/systemd/system/final.target:
+      /usr/lib/systemd/system/first-boot-complete.target:
+      /usr/lib/systemd/system/getty-pre.target:
+      /usr/lib/systemd/system/getty-static.service:
+      /usr/lib/systemd/system/getty.target:
+      /usr/lib/systemd/system/getty.target.wants/getty-static.service:
+      /usr/lib/systemd/system/getty@.service:
+      /usr/lib/systemd/system/graphical.target:
+      /usr/lib/systemd/system/graphical.target.wants/systemd-update-utmp-runlevel.service:
+      /usr/lib/systemd/system/halt.target:
+      /usr/lib/systemd/system/hibernate.target:
+      /usr/lib/systemd/system/hwclock.service:
+      /usr/lib/systemd/system/hybrid-sleep.target:
+      /usr/lib/systemd/system/initrd-cleanup.service:
+      /usr/lib/systemd/system/initrd-fs.target:
+      /usr/lib/systemd/system/initrd-parse-etc.service:
+      /usr/lib/systemd/system/initrd-root-device.target:
+      /usr/lib/systemd/system/initrd-root-device.target.wants/remote-cryptsetup.target:
+      /usr/lib/systemd/system/initrd-root-device.target.wants/remote-veritysetup.target:
+      /usr/lib/systemd/system/initrd-root-fs.target:
+      /usr/lib/systemd/system/initrd-root-fs.target.wants/systemd-repart.service:
+      /usr/lib/systemd/system/initrd-switch-root.service:
+      /usr/lib/systemd/system/initrd-switch-root.target:
+      /usr/lib/systemd/system/initrd-udevadm-cleanup-db.service:
+      /usr/lib/systemd/system/initrd-usr-fs.target:
+      /usr/lib/systemd/system/initrd.target:
+      /usr/lib/systemd/system/initrd.target.wants/systemd-battery-check.service:
+      /usr/lib/systemd/system/initrd.target.wants/systemd-bsod.service:
+      /usr/lib/systemd/system/initrd.target.wants/systemd-pcrphase-initrd.service:
+      /usr/lib/systemd/system/integritysetup-pre.target:
+      /usr/lib/systemd/system/integritysetup.target:
+      /usr/lib/systemd/system/kexec.target:
+      /usr/lib/systemd/system/kmod-static-nodes.service:
+      /usr/lib/systemd/system/kmod.service:
+      /usr/lib/systemd/system/ldconfig.service:
+      /usr/lib/systemd/system/local-fs-pre.target:
+      /usr/lib/systemd/system/local-fs.target:
+      /usr/lib/systemd/system/machine.slice:
+      /usr/lib/systemd/system/modprobe@.service:
+      /usr/lib/systemd/system/multi-user.target:
+      /usr/lib/systemd/system/multi-user.target.wants/getty.target:
+      /usr/lib/systemd/system/multi-user.target.wants/systemd-ask-password-wall.path:
+      /usr/lib/systemd/system/multi-user.target.wants/systemd-logind.service:
+      /usr/lib/systemd/system/multi-user.target.wants/systemd-update-utmp-runlevel.service:
+      /usr/lib/systemd/system/multi-user.target.wants/systemd-user-sessions.service:
+      /usr/lib/systemd/system/network-online.target:
+      /usr/lib/systemd/system/network-pre.target:
+      /usr/lib/systemd/system/network.target:
+      /usr/lib/systemd/system/nss-lookup.target:
+      /usr/lib/systemd/system/nss-user-lookup.target:
+      /usr/lib/systemd/system/paths.target:
+      /usr/lib/systemd/system/poweroff.target:
+      /usr/lib/systemd/system/printer.target:
+      /usr/lib/systemd/system/proc-sys-fs-binfmt_misc.automount:
+      /usr/lib/systemd/system/proc-sys-fs-binfmt_misc.mount:
+      /usr/lib/systemd/system/procps.service:
+      /usr/lib/systemd/system/quotaon.service:
+      /usr/lib/systemd/system/rc-local.service:
+      /usr/lib/systemd/system/rc-local.service.d/debian.conf:
+      /usr/lib/systemd/system/reboot.target:
+      /usr/lib/systemd/system/remote-cryptsetup.target:
+      /usr/lib/systemd/system/remote-fs-pre.target:
+      /usr/lib/systemd/system/remote-fs.target:
+      /usr/lib/systemd/system/remote-veritysetup.target:
+      /usr/lib/systemd/system/rescue.service:
+      /usr/lib/systemd/system/rescue.target:
+      /usr/lib/systemd/system/rescue.target.wants/systemd-update-utmp-runlevel.service:
+      /usr/lib/systemd/system/rpcbind.target:
+      /usr/lib/systemd/system/runlevel0.target:
+      /usr/lib/systemd/system/runlevel1.target:
+      /usr/lib/systemd/system/runlevel2.target:
+      /usr/lib/systemd/system/runlevel3.target:
+      /usr/lib/systemd/system/runlevel4.target:
+      /usr/lib/systemd/system/runlevel5.target:
+      /usr/lib/systemd/system/runlevel6.target:
+      /usr/lib/systemd/system/serial-getty@.service:
+      /usr/lib/systemd/system/shutdown.target:
+      /usr/lib/systemd/system/sigpwr.target:
+      /usr/lib/systemd/system/sleep.target:
+      /usr/lib/systemd/system/slices.target:
+      /usr/lib/systemd/system/smartcard.target:
+      /usr/lib/systemd/system/sockets.target:
+      /usr/lib/systemd/system/sockets.target.wants/systemd-initctl.socket:
+      /usr/lib/systemd/system/sockets.target.wants/systemd-journald-dev-log.socket:
+      /usr/lib/systemd/system/sockets.target.wants/systemd-journald.socket:
+      /usr/lib/systemd/system/sockets.target.wants/systemd-pcrextend.socket:
+      /usr/lib/systemd/system/sockets.target.wants/systemd-sysext.socket:
+      /usr/lib/systemd/system/soft-reboot.target:
+      /usr/lib/systemd/system/sound.target:
+      /usr/lib/systemd/system/storage-target-mode.target:
+      /usr/lib/systemd/system/suspend-then-hibernate.target:
+      /usr/lib/systemd/system/suspend.target:
+      /usr/lib/systemd/system/swap.target:
+      /usr/lib/systemd/system/sys-fs-fuse-connections.mount:
+      /usr/lib/systemd/system/sys-kernel-config.mount:
+      /usr/lib/systemd/system/sys-kernel-debug.mount:
+      /usr/lib/systemd/system/sys-kernel-tracing.mount:
+      /usr/lib/systemd/system/sysinit.target:
+      /usr/lib/systemd/system/sysinit.target.wants/cryptsetup.target:
+      /usr/lib/systemd/system/sysinit.target.wants/dev-hugepages.mount:
+      /usr/lib/systemd/system/sysinit.target.wants/dev-mqueue.mount:
+      /usr/lib/systemd/system/sysinit.target.wants/integritysetup.target:
+      /usr/lib/systemd/system/sysinit.target.wants/kmod-static-nodes.service:
+      /usr/lib/systemd/system/sysinit.target.wants/ldconfig.service:
+      /usr/lib/systemd/system/sysinit.target.wants/proc-sys-fs-binfmt_misc.automount:
+      /usr/lib/systemd/system/sysinit.target.wants/sys-fs-fuse-connections.mount:
+      /usr/lib/systemd/system/sysinit.target.wants/sys-kernel-config.mount:
+      /usr/lib/systemd/system/sysinit.target.wants/sys-kernel-debug.mount:
+      /usr/lib/systemd/system/sysinit.target.wants/sys-kernel-tracing.mount:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-ask-password-console.path:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-binfmt.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-firstboot.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-journal-catalog-update.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-journal-flush.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-journald.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-machine-id-commit.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-modules-load.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-pcrmachine.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-pcrphase-sysinit.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-pcrphase.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-random-seed.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-repart.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-sysctl.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-sysusers.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev-early.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-tpm2-setup-early.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-tpm2-setup.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-update-done.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-update-utmp.service:
+      /usr/lib/systemd/system/sysinit.target.wants/veritysetup.target:
+      /usr/lib/systemd/system/syslog.socket:
+      /usr/lib/systemd/system/system-systemd\x2dcryptsetup.slice:
+      /usr/lib/systemd/system/system-systemd\x2dveritysetup.slice:
+      /usr/lib/systemd/system/system-update-cleanup.service:
+      /usr/lib/systemd/system/system-update-pre.target:
+      /usr/lib/systemd/system/system-update.target:
+      /usr/lib/systemd/system/systemd-ask-password-console.path:
+      /usr/lib/systemd/system/systemd-ask-password-console.service:
+      /usr/lib/systemd/system/systemd-ask-password-wall.path:
+      /usr/lib/systemd/system/systemd-ask-password-wall.service:
+      /usr/lib/systemd/system/systemd-backlight@.service:
+      /usr/lib/systemd/system/systemd-battery-check.service:
+      /usr/lib/systemd/system/systemd-binfmt.service:
+      /usr/lib/systemd/system/systemd-boot-check-no-failures.service:
+      /usr/lib/systemd/system/systemd-bsod.service:
+      /usr/lib/systemd/system/systemd-confext.service:
+      /usr/lib/systemd/system/systemd-exit.service:
+      /usr/lib/systemd/system/systemd-firstboot.service:
+      /usr/lib/systemd/system/systemd-fsck-root.service:
+      /usr/lib/systemd/system/systemd-fsck@.service:
+      /usr/lib/systemd/system/systemd-fsckd.service:
+      /usr/lib/systemd/system/systemd-fsckd.socket:
+      /usr/lib/systemd/system/systemd-growfs-root.service:
+      /usr/lib/systemd/system/systemd-growfs@.service:
+      /usr/lib/systemd/system/systemd-halt.service:
+      /usr/lib/systemd/system/systemd-hibernate-resume.service:
+      /usr/lib/systemd/system/systemd-hibernate.service:
+      /usr/lib/systemd/system/systemd-hostnamed.service:
+      /usr/lib/systemd/system/systemd-hybrid-sleep.service:
+      /usr/lib/systemd/system/systemd-initctl.service:
+      /usr/lib/systemd/system/systemd-initctl.socket:
+      /usr/lib/systemd/system/systemd-journal-catalog-update.service:
+      /usr/lib/systemd/system/systemd-journal-flush.service:
+      /usr/lib/systemd/system/systemd-journald-audit.socket:
+      /usr/lib/systemd/system/systemd-journald-dev-log.socket:
+      /usr/lib/systemd/system/systemd-journald-varlink@.socket:
+      /usr/lib/systemd/system/systemd-journald.service:
+      /usr/lib/systemd/system/systemd-journald.socket:
+      /usr/lib/systemd/system/systemd-journald@.service:
+      /usr/lib/systemd/system/systemd-journald@.socket:
+      /usr/lib/systemd/system/systemd-kexec.service:
+      /usr/lib/systemd/system/systemd-localed.service:
+      /usr/lib/systemd/system/systemd-localed.service.d/x11-keyboard.conf:
+      /usr/lib/systemd/system/systemd-logind.service:
+      /usr/lib/systemd/system/systemd-logind.service.d/dbus.conf:
+      /usr/lib/systemd/system/systemd-logind.service.d/nice.conf:
+      /usr/lib/systemd/system/systemd-machine-id-commit.service:
+      /usr/lib/systemd/system/systemd-modules-load.service:
+      /usr/lib/systemd/system/systemd-network-generator.service:
+      /usr/lib/systemd/system/systemd-networkd-wait-online.service:
+      /usr/lib/systemd/system/systemd-networkd-wait-online@.service:
+      /usr/lib/systemd/system/systemd-networkd.service:
+      /usr/lib/systemd/system/systemd-networkd.socket:
+      /usr/lib/systemd/system/systemd-pcrextend.socket:
+      /usr/lib/systemd/system/systemd-pcrextend@.service:
+      /usr/lib/systemd/system/systemd-pcrfs-root.service:
+      /usr/lib/systemd/system/systemd-pcrfs@.service:
+      /usr/lib/systemd/system/systemd-pcrlock-file-system.service:
+      /usr/lib/systemd/system/systemd-pcrlock-firmware-code.service:
+      /usr/lib/systemd/system/systemd-pcrlock-firmware-config.service:
+      /usr/lib/systemd/system/systemd-pcrlock-machine-id.service:
+      /usr/lib/systemd/system/systemd-pcrlock-make-policy.service:
+      /usr/lib/systemd/system/systemd-pcrlock-secureboot-authority.service:
+      /usr/lib/systemd/system/systemd-pcrlock-secureboot-policy.service:
+      /usr/lib/systemd/system/systemd-pcrmachine.service:
+      /usr/lib/systemd/system/systemd-pcrphase-initrd.service:
+      /usr/lib/systemd/system/systemd-pcrphase-sysinit.service:
+      /usr/lib/systemd/system/systemd-pcrphase.service:
+      /usr/lib/systemd/system/systemd-poweroff.service:
+      /usr/lib/systemd/system/systemd-pstore.service:
+      /usr/lib/systemd/system/systemd-quotacheck.service:
+      /usr/lib/systemd/system/systemd-random-seed.service:
+      /usr/lib/systemd/system/systemd-reboot.service:
+      /usr/lib/systemd/system/systemd-remount-fs.service:
+      /usr/lib/systemd/system/systemd-repart.service:
+      /usr/lib/systemd/system/systemd-rfkill.service:
+      /usr/lib/systemd/system/systemd-rfkill.socket:
+      /usr/lib/systemd/system/systemd-soft-reboot.service:
+      /usr/lib/systemd/system/systemd-storagetm.service:
+      /usr/lib/systemd/system/systemd-suspend-then-hibernate.service:
+      /usr/lib/systemd/system/systemd-suspend.service:
+      /usr/lib/systemd/system/systemd-sysctl.service:
+      /usr/lib/systemd/system/systemd-sysext.service:
+      /usr/lib/systemd/system/systemd-sysext.socket:
+      /usr/lib/systemd/system/systemd-sysext@.service:
+      /usr/lib/systemd/system/systemd-sysupdate-reboot.service:
+      /usr/lib/systemd/system/systemd-sysupdate-reboot.timer:
+      /usr/lib/systemd/system/systemd-sysupdate.service:
+      /usr/lib/systemd/system/systemd-sysupdate.timer:
+      /usr/lib/systemd/system/systemd-sysusers.service:
+      /usr/lib/systemd/system/systemd-time-wait-sync.service:
+      /usr/lib/systemd/system/systemd-timedated.service:
+      /usr/lib/systemd/system/systemd-tmpfiles-clean.service:
+      /usr/lib/systemd/system/systemd-tmpfiles-clean.timer:
+      /usr/lib/systemd/system/systemd-tmpfiles-setup-dev-early.service:
+      /usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service:
+      /usr/lib/systemd/system/systemd-tmpfiles-setup.service:
+      /usr/lib/systemd/system/systemd-tpm2-setup-early.service:
+      /usr/lib/systemd/system/systemd-tpm2-setup.service:
+      /usr/lib/systemd/system/systemd-update-done.service:
+      /usr/lib/systemd/system/systemd-update-utmp-runlevel.service:
+      /usr/lib/systemd/system/systemd-update-utmp.service:
+      /usr/lib/systemd/system/systemd-user-sessions.service:
+      /usr/lib/systemd/system/systemd-volatile-root.service:
+      /usr/lib/systemd/system/time-set.target:
+      /usr/lib/systemd/system/time-sync.target:
+      /usr/lib/systemd/system/timers.target:
+      /usr/lib/systemd/system/timers.target.wants/systemd-tmpfiles-clean.timer:
+      /usr/lib/systemd/system/umount.target:
+      /usr/lib/systemd/system/usb-gadget.target:
+      /usr/lib/systemd/system/user-.slice.d/10-defaults.conf:
+      /usr/lib/systemd/system/user-runtime-dir@.service:
+      /usr/lib/systemd/system/user.slice:
+      /usr/lib/systemd/system/user@.service:
+      /usr/lib/systemd/system/user@.service.d/10-login-barrier.conf:
+      /usr/lib/systemd/system/user@.service.d/timeout.conf:
+      /usr/lib/systemd/system/user@0.service.d/10-login-barrier.conf:
+      /usr/lib/systemd/system/veritysetup-pre.target:
+      /usr/lib/systemd/system/veritysetup.target:
+      /usr/lib/systemd/system/x11-common.service:
+      /usr/lib/systemd/user-environment-generators/30-systemd-environment-d-generator:
+      /usr/lib/systemd/user-generators/systemd-xdg-autostart-generator:
+      /usr/lib/systemd/user-preset/90-systemd.preset:
+      /usr/lib/systemd/user/app.slice:
+      /usr/lib/systemd/user/background.slice:
+      /usr/lib/systemd/user/basic.target:
+      /usr/lib/systemd/user/bluetooth.target:
+      /usr/lib/systemd/user/default.target:
+      /usr/lib/systemd/user/exit.target:
+      /usr/lib/systemd/user/graphical-session-pre.target:
+      /usr/lib/systemd/user/graphical-session.target:
+      /usr/lib/systemd/user/paths.target:
+      /usr/lib/systemd/user/printer.target:
+      /usr/lib/systemd/user/session.slice:
+      /usr/lib/systemd/user/shutdown.target:
+      /usr/lib/systemd/user/smartcard.target:
+      /usr/lib/systemd/user/sockets.target:
+      /usr/lib/systemd/user/sound.target:
+      /usr/lib/systemd/user/systemd-exit.service:
+      /usr/lib/systemd/user/systemd-tmpfiles-clean.service:
+      /usr/lib/systemd/user/systemd-tmpfiles-clean.timer:
+      /usr/lib/systemd/user/systemd-tmpfiles-setup.service:
+      /usr/lib/systemd/user/timers.target:
+      /usr/lib/systemd/user/xdg-desktop-autostart.target:
+      /usr/lib/systemd/system-generators/systemd-cryptsetup-generator:
+      /usr/lib/systemd/system-generators/systemd-debug-generator:
+      /usr/lib/systemd/system-generators/systemd-fstab-generator:
+      /usr/lib/systemd/system-generators/systemd-getty-generator:
+      /usr/lib/systemd/system-generators/systemd-gpt-auto-generator:
+      /usr/lib/systemd/system-generators/systemd-hibernate-resume-generator:
+      /usr/lib/systemd/system-generators/systemd-integritysetup-generator:
+      /usr/lib/systemd/system-generators/systemd-rc-local-generator:
+      /usr/lib/systemd/system-generators/systemd-run-generator:
+      /usr/lib/systemd/system-generators/systemd-system-update-generator:
+      /usr/lib/systemd/system-generators/systemd-sysv-generator:
+      /usr/lib/systemd/system-generators/systemd-veritysetup-generator:
+      /etc/systemd/system-generators/systemd-gpt-auto-generator:
+      /usr/lib/pam.d/systemd-user:
+      /usr/lib/modprobe.d/systemd.conf:
+      /usr/lib/sysctl.d/50-pid-max.conf:
+      /usr/lib/environment.d/99-environment.conf:
+      /usr/lib/kernel/install.conf:
+      /usr/lib/kernel/install.d/50-depmod.install:
+      /usr/lib/kernel/install.d/55-initrd.install:
+      /usr/lib/kernel/install.d/90-loaderentry.install:
+      /usr/lib/kernel/install.d/90-uki-copy.install:
+      /usr/lib/lsb/init-functions.d/40-systemd:
+      /usr/lib/pcrlock.d/350-action-efi-application.pcrlock:
+      /usr/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/300-0x00000000.pcrlock:
+      /usr/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/600-0xffffffff.pcrlock:
+      /usr/lib/pcrlock.d/500-separator.pcrlock.d/300-0x00000000.pcrlock:
+      /usr/lib/pcrlock.d/500-separator.pcrlock.d/600-0xffffffff.pcrlock:
+      /usr/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d/300-present.pcrlock:
+      /usr/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d/600-absent.pcrlock:
+      /usr/lib/pcrlock.d/750-enter-initrd.pcrlock:
+      /usr/lib/pcrlock.d/800-leave-initrd.pcrlock:
+      /usr/lib/pcrlock.d/850-sysinit.pcrlock:
+      /usr/lib/pcrlock.d/900-ready.pcrlock:
+      /usr/lib/pcrlock.d/950-shutdown.pcrlock:
+      /usr/lib/pcrlock.d/990-final.pcrlock:
+      /usr/share/systemd/kbd-model-map:
+      /usr/share/systemd/language-fallback-map:
+      /usr/share/systemd/tmp.mount:
+      /etc/modules-load.d/modules.conf:
+      /etc/sysctl.d/99-sysctl.conf:
+      /etc/systemd/journald.conf:
+      /etc/systemd/logind.conf:
+      /etc/systemd/networkd.conf:
+      /etc/systemd/pstore.conf:
+      /etc/systemd/sleep.conf:
+      /etc/systemd/system.conf:
+      /etc/systemd/user.conf:
+      /etc/xdg/systemd/user:
+
+  # generated config slice is to emulate symlinks or initial state
+  # config generated by systemd upon install
+  generated-config:
+    contents:
+      /etc/systemd/system/getty.target.wants/getty@tty1.service: {symlink: /usr/lib/systemd/system/getty@.service}
+      /etc/systemd/system/multi-user.target.wants/remote-fs.target: {symlink: /usr/lib/systemd/system/remote-fs.target}
+      /etc/systemd/system/sysinit.target.wants/systemd-pstore.service: {symlink: /usr/lib/systemd/system/systemd-pstore.service}
+      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-machine-id.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-machine-id.service}
+      /etc/systemd/system/timers.target.wants/systemd-sysupdate-reboot.timer: {symlink: /usr/lib/systemd/system/systemd-sysupdate-reboot.timer}
+      /etc/systemd/system/sysinit.target.wants/systemd-confext.service: {symlink: /usr/lib/systemd/system/systemd-confext.service}
+      /etc/systemd/system/sysinit.target.wants/systemd-sysext.service: {symlink: /usr/lib/systemd/system/systemd-sysext.service}
+      /etc/systemd/system/multi-user.target.wants/remote-veritysetup.target: {symlink: /usr/lib/systemd/system/remote-veritysetup.target}
+      /etc/systemd/system/dbus-org.freedesktop.network1.service: {symlink: /usr/lib/systemd/system/systemd-networkd.service}
+      /etc/systemd/system/multi-user.target.wants/systemd-networkd.service: {symlink: /usr/lib/systemd/system/systemd-networkd.service}
+      /etc/systemd/system/sockets.target.wants/systemd-networkd.socket: {symlink: /usr/lib/systemd/system/systemd-networkd.socket}
+      /etc/systemd/system/sysinit.target.wants/systemd-network-generator.service: {symlink: /usr/lib/systemd/system/systemd-network-generator.service}
+      /etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service: {symlink: /usr/lib/systemd/system/systemd-networkd-wait-online.service}
+      /etc/systemd/system/sockets.target.wants/systemd-journald-audit.socket: {symlink: /usr/lib/systemd/system/systemd-journald-audit.socket}
+      /etc/systemd/system/systemd-journald.service.wants/systemd-journald-audit.socket: {symlink: /usr/lib/systemd/system/systemd-journald-audit.socket}
+      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-firmware-code.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-firmware-code.service}
+      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-firmware-config.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-firmware-config.service}
+      /etc/systemd/system/sockets.target.wants/systemd-pcrextend.socket: {symlink: /usr/lib/systemd/system/systemd-pcrextend.socket}
+      /etc/systemd/system/multi-user.target.wants/remote-cryptsetup.target: {symlink: /usr/lib/systemd/system/remote-cryptsetup.target}
+      /etc/systemd/system/timers.target.wants/systemd-sysupdate.timer: {symlink: /usr/lib/systemd/system/systemd-sysupdate.timer}
+      /etc/systemd/system/ctrl-alt-del.target: {symlink: /usr/lib/systemd/system/reboot.target}
+      /etc/systemd/system/sockets.target.wants/systemd-sysext.socket: {symlink: /usr/lib/systemd/system/systemd-sysext.socket}
+      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-secureboot-policy.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-secureboot-policy.service}
+      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-make-policy.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-make-policy.service}
+      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-file-system.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-file-system.service}
+      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-secureboot-authority.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-secureboot-authority.service}
+      /var/log/journal/: {make: true}
+      /var/lib/systemd/catalog/database: {mutable: true}
+    mutate: |
+      catalog_files = content.list("/usr/lib/systemd/catalog/")
+      catalog_map = {}
+      for cf in catalog_files:
+        # determine language from the file name
+        nt = cf.split(".")
+        lang = ""
+        if len(nt) > 2:
+          lang = nt[1]
+        
+        # now read the contents and start to parse for language
+        catalog = content.read(cf)
+        lines = catalog.splitlines()
+        payload = ""
+        found_id = False
+        for li in lines:
+          if li.startswith("#"):
+            continue
+          if li.startswith("-- ") and len(li) >= 35:
+            nli = cf.split()
+            id = nli[1]
+            if found_id:
+              catalog_map[id+lang] = payload
+              payload = ""
+            if len(nli) == 3 and lang == "":
+              lang = nli[2]
+            found_id = True
+            continue
+          if not found_id:
+            continue
+          payload += li + "\n"
+          
+
+
+
+
+  dbus-config:
+    contents:
+      /usr/lib/udev/rules.d/70-uaccess.rules:
+      /usr/lib/udev/rules.d/71-seat.rules:
+      /usr/lib/udev/rules.d/73-seat-late.rules:
+      /usr/lib/udev/rules.d/99-systemd.rules:
+      /usr/share/dbus-1/services/org.freedesktop.systemd1.service:
+      /usr/share/dbus-1/system-services/org.freedesktop.hostname1.service:
+      /usr/share/dbus-1/system-services/org.freedesktop.locale1.service:
+      /usr/share/dbus-1/system-services/org.freedesktop.login1.service:
+      /usr/share/dbus-1/system-services/org.freedesktop.network1.service:
+      /usr/share/dbus-1/system-services/org.freedesktop.systemd1.service:
+      /usr/share/dbus-1/system-services/org.freedesktop.timedate1.service:
+      /usr/share/dbus-1/system.d/org.freedesktop.hostname1.conf:
+      /usr/share/dbus-1/system.d/org.freedesktop.locale1.conf:
+      /usr/share/dbus-1/system.d/org.freedesktop.login1.conf:
+      /usr/share/dbus-1/system.d/org.freedesktop.network1.conf:
+      /usr/share/dbus-1/system.d/org.freedesktop.systemd1.conf:
+      /usr/share/dbus-1/system.d/org.freedesktop.timedate1.conf:
+
+  polkit-config:
+    contents:
+      /usr/share/polkit-1/actions/org.freedesktop.hostname1.policy:
+      /usr/share/polkit-1/actions/org.freedesktop.locale1.policy:
+      /usr/share/polkit-1/actions/org.freedesktop.login1.policy:
+      /usr/share/polkit-1/actions/org.freedesktop.network1.policy:
+      /usr/share/polkit-1/actions/org.freedesktop.systemd1.policy:
+      /usr/share/polkit-1/actions/org.freedesktop.timedate1.policy:
+      /usr/share/polkit-1/actions/org.freedesktop.timesync1.policy:
+      /usr/share/polkit-1/rules.d/systemd-networkd.rules:
+
+  copyright:
+    contents:
+      /usr/share/doc/systemd/copyright:

From 047ed63e0f3a8c73256bb4cf8c3c6fe2c3aca4ee Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Fri, 5 Jul 2024 10:46:57 +0200
Subject: [PATCH 02/17] slices/systemd: rely on initialization services upon
 first boot of systemd

---
 slices/systemd.yaml | 70 ++++++---------------------------------------
 1 file changed, 9 insertions(+), 61 deletions(-)

diff --git a/slices/systemd.yaml b/slices/systemd.yaml
index 3bb7b69d5..5796aad36 100644
--- a/slices/systemd.yaml
+++ b/slices/systemd.yaml
@@ -29,6 +29,7 @@ slices:
       - mount_bins
       - systemd_libs
       - systemd_config
+      - systemd_generated-config
     contents:
       /usr/bin/busctl:
       /usr/bin/hostnamectl:
@@ -534,73 +535,20 @@ slices:
       /etc/systemd/user.conf:
       /etc/xdg/systemd/user:
 
-  # generated config slice is to emulate symlinks or initial state
-  # config generated by systemd upon install
+  # Generated config slice is to emulate symlinks or initial state
+  # config generated by systemd upon install.
+  # Systemd performs a lot of initialization upon install, however since systemd
+  # does actually not rely on these install actions (since all of these are run as
+  # a part of the first install / early setup upon first boot), a lot of this is
+  # left out. It's done like that because systemd needs to be usable after install
+  # on a running system, but this is not the case here.
+  # These are the few that seems to be not emulated
   generated-config:
     contents:
       /etc/systemd/system/getty.target.wants/getty@tty1.service: {symlink: /usr/lib/systemd/system/getty@.service}
       /etc/systemd/system/multi-user.target.wants/remote-fs.target: {symlink: /usr/lib/systemd/system/remote-fs.target}
       /etc/systemd/system/sysinit.target.wants/systemd-pstore.service: {symlink: /usr/lib/systemd/system/systemd-pstore.service}
-      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-machine-id.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-machine-id.service}
-      /etc/systemd/system/timers.target.wants/systemd-sysupdate-reboot.timer: {symlink: /usr/lib/systemd/system/systemd-sysupdate-reboot.timer}
-      /etc/systemd/system/sysinit.target.wants/systemd-confext.service: {symlink: /usr/lib/systemd/system/systemd-confext.service}
-      /etc/systemd/system/sysinit.target.wants/systemd-sysext.service: {symlink: /usr/lib/systemd/system/systemd-sysext.service}
-      /etc/systemd/system/multi-user.target.wants/remote-veritysetup.target: {symlink: /usr/lib/systemd/system/remote-veritysetup.target}
-      /etc/systemd/system/dbus-org.freedesktop.network1.service: {symlink: /usr/lib/systemd/system/systemd-networkd.service}
-      /etc/systemd/system/multi-user.target.wants/systemd-networkd.service: {symlink: /usr/lib/systemd/system/systemd-networkd.service}
-      /etc/systemd/system/sockets.target.wants/systemd-networkd.socket: {symlink: /usr/lib/systemd/system/systemd-networkd.socket}
-      /etc/systemd/system/sysinit.target.wants/systemd-network-generator.service: {symlink: /usr/lib/systemd/system/systemd-network-generator.service}
-      /etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service: {symlink: /usr/lib/systemd/system/systemd-networkd-wait-online.service}
-      /etc/systemd/system/sockets.target.wants/systemd-journald-audit.socket: {symlink: /usr/lib/systemd/system/systemd-journald-audit.socket}
-      /etc/systemd/system/systemd-journald.service.wants/systemd-journald-audit.socket: {symlink: /usr/lib/systemd/system/systemd-journald-audit.socket}
-      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-firmware-code.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-firmware-code.service}
-      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-firmware-config.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-firmware-config.service}
-      /etc/systemd/system/sockets.target.wants/systemd-pcrextend.socket: {symlink: /usr/lib/systemd/system/systemd-pcrextend.socket}
-      /etc/systemd/system/multi-user.target.wants/remote-cryptsetup.target: {symlink: /usr/lib/systemd/system/remote-cryptsetup.target}
-      /etc/systemd/system/timers.target.wants/systemd-sysupdate.timer: {symlink: /usr/lib/systemd/system/systemd-sysupdate.timer}
-      /etc/systemd/system/ctrl-alt-del.target: {symlink: /usr/lib/systemd/system/reboot.target}
-      /etc/systemd/system/sockets.target.wants/systemd-sysext.socket: {symlink: /usr/lib/systemd/system/systemd-sysext.socket}
-      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-secureboot-policy.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-secureboot-policy.service}
-      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-make-policy.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-make-policy.service}
-      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-file-system.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-file-system.service}
-      /etc/systemd/system/sysinit.target.wants/systemd-pcrlock-secureboot-authority.service: {symlink: /usr/lib/systemd/system/systemd-pcrlock-secureboot-authority.service}
       /var/log/journal/: {make: true}
-      /var/lib/systemd/catalog/database: {mutable: true}
-    mutate: |
-      catalog_files = content.list("/usr/lib/systemd/catalog/")
-      catalog_map = {}
-      for cf in catalog_files:
-        # determine language from the file name
-        nt = cf.split(".")
-        lang = ""
-        if len(nt) > 2:
-          lang = nt[1]
-        
-        # now read the contents and start to parse for language
-        catalog = content.read(cf)
-        lines = catalog.splitlines()
-        payload = ""
-        found_id = False
-        for li in lines:
-          if li.startswith("#"):
-            continue
-          if li.startswith("-- ") and len(li) >= 35:
-            nli = cf.split()
-            id = nli[1]
-            if found_id:
-              catalog_map[id+lang] = payload
-              payload = ""
-            if len(nli) == 3 and lang == "":
-              lang = nli[2]
-            found_id = True
-            continue
-          if not found_id:
-            continue
-          payload += li + "\n"
-          
-
-
-
 
   dbus-config:
     contents:

From b87fe89d2d2b2d3780022f6a8c9dd6e0709c0e5a Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Fri, 5 Jul 2024 10:58:12 +0200
Subject: [PATCH 03/17] slices: add systemd dbus  interfaces

---
 slices/systemd-dev.yaml | 53 +++++++++++++++++++++++++++++++++++++++++
 slices/systemd.yaml     |  1 +
 2 files changed, 54 insertions(+)
 create mode 100644 slices/systemd-dev.yaml

diff --git a/slices/systemd-dev.yaml b/slices/systemd-dev.yaml
new file mode 100644
index 000000000..3c08f18dd
--- /dev/null
+++ b/slices/systemd-dev.yaml
@@ -0,0 +1,53 @@
+package: systemd-dev
+
+essential:
+  - systemd-dev_copyright
+
+slices:
+  dbus-interfaces:
+    contents:
+      /usr/share/dbus-1/interfaces/org.freedesktop.LogControl1.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.home1.Home.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.home1.Manager.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.hostname1.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.import1.Manager.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.import1.Transfer.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.locale1.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.login1.Manager.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.login1.Seat.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.login1.Session.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.login1.User.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.machine1.Image.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.machine1.Machine.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.machine1.Manager.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.network1.DHCPServer.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.network1.DHCPv4Client.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.network1.DHCPv6Client.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.network1.Link.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.network1.Manager.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.network1.Network.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.oom1.Manager.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.portable1.Image.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.portable1.Manager.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.resolve1.DnssdService.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.resolve1.Link.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.resolve1.Manager.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Automount.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Device.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Job.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Manager.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Mount.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Path.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Scope.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Service.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Slice.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Socket.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Swap.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Target.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Timer.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.systemd1.Unit.xml:
+      /usr/share/dbus-1/interfaces/org.freedesktop.timedate1.xml:
+
+  copyright:
+    contents:
+      /usr/share/doc/systemd-dev/copyright:
diff --git a/slices/systemd.yaml b/slices/systemd.yaml
index 5796aad36..b2d40c4bd 100644
--- a/slices/systemd.yaml
+++ b/slices/systemd.yaml
@@ -27,6 +27,7 @@ slices:
       - libsystemd-shared_libs
       - libsystemd0_libs
       - mount_bins
+      - systemd-dev_dbus-interfaces
       - systemd_libs
       - systemd_config
       - systemd_generated-config

From c76d0c8be603690777fe90baa0efd5216a1f3b6c Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Fri, 5 Jul 2024 11:00:51 +0200
Subject: [PATCH 04/17] slices/systemd: fix linting issues and build issues on
 non-amd64 platforms

---
 slices/systemd.yaml | 241 ++++++++++++++++++++++++++------------------
 1 file changed, 145 insertions(+), 96 deletions(-)

diff --git a/slices/systemd.yaml b/slices/systemd.yaml
index b2d40c4bd..b05825643 100644
--- a/slices/systemd.yaml
+++ b/slices/systemd.yaml
@@ -6,31 +6,31 @@ essential:
 slices:
   bins:
     essential:
+      - libacl1_libs
+      - libapparmor1_libs
+      - libaudit1_libs
       - libblkid1_libs
       - libc6_libs
       - libcap2_libs
+      - libcryptsetup12_libs
+      - libfdisk1_libs
       - libgcrypt20_libs
+      - libkmod2_libs
       - liblz4-1_libs
       - liblzma5_libs
       - libmount1_libs
-      - libselinux1_libs
-      - libssl3t64_libs
-      - libzstd1_libs
-      - libacl1_libs
-      - libapparmor1_libs
-      - libaudit1_libs
-      - libcryptsetup12_libs
-      - libfdisk1_libs
-      - libkmod2_libs
       - libpam0g_libs
       - libseccomp2_libs
+      - libselinux1_libs
+      - libssl3t64_libs
       - libsystemd-shared_libs
       - libsystemd0_libs
+      - libzstd1_libs
       - mount_bins
       - systemd-dev_dbus-interfaces
-      - systemd_libs
       - systemd_config
       - systemd_generated-config
+      - systemd_libs
     contents:
       /usr/bin/busctl:
       /usr/bin/hostnamectl:
@@ -78,6 +78,7 @@ slices:
       /usr/lib/systemd/systemd-binfmt:
       /usr/lib/systemd/systemd-boot-check-no-failures:
       /usr/lib/systemd/systemd-bsod:
+        arch: [amd64, arm64, riscv64, ppc64el, armhf, s390x]
       /usr/lib/systemd/systemd-cgroups-agent:
       /usr/lib/systemd/systemd-cryptsetup:
       /usr/lib/systemd/systemd-executor:
@@ -93,12 +94,15 @@ slices:
       /usr/lib/systemd/systemd-logind:
       /usr/lib/systemd/systemd-makefs:
       /usr/lib/systemd/systemd-measure:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/systemd-modules-load:
       /usr/lib/systemd/systemd-network-generator:
       /usr/lib/systemd/systemd-networkd:
       /usr/lib/systemd/systemd-networkd-wait-online:
       /usr/lib/systemd/systemd-pcrextend:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/systemd-pcrlock:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/systemd-pstore:
       /usr/lib/systemd/systemd-quotacheck:
       /usr/lib/systemd/systemd-random-seed:
@@ -117,6 +121,7 @@ slices:
       /usr/lib/systemd/systemd-time-wait-sync:
       /usr/lib/systemd/systemd-timedated:
       /usr/lib/systemd/systemd-tpm2-setup:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/systemd-update-done:
       /usr/lib/systemd/systemd-update-utmp:
       /usr/lib/systemd/systemd-user-runtime-dir:
@@ -124,33 +129,57 @@ slices:
       /usr/lib/systemd/systemd-veritysetup:
       /usr/lib/systemd/systemd-volatile-root:
       /usr/lib/systemd/systemd-xdg-autostart-condition:
-  
-  libs:
-    contents:
-      /usr/lib/*-linux-*/cryptsetup/libcryptsetup-token-systemd-fido2.so:
-      /usr/lib/*-linux-*/cryptsetup/libcryptsetup-token-systemd-pkcs11.so:
-      /usr/lib/*-linux-*/cryptsetup/libcryptsetup-token-systemd-tpm2.so:
-  
+
   config:
     contents:
-      /usr/lib/sysusers.d/basic.conf:
-      /usr/lib/sysusers.d/systemd-journal.conf:
-      /usr/lib/sysusers.d/systemd-network.conf:
-      /usr/lib/tmpfiles.d/credstore.conf:
-      /usr/lib/tmpfiles.d/debian.conf:
-      /usr/lib/tmpfiles.d/home.conf:
-      /usr/lib/tmpfiles.d/journal-nocow.conf:
-      /usr/lib/tmpfiles.d/legacy.conf:
-      /usr/lib/tmpfiles.d/provision.conf:
-      /usr/lib/tmpfiles.d/systemd-network.conf:
-      /usr/lib/tmpfiles.d/systemd-nologin.conf:
-      /usr/lib/tmpfiles.d/systemd-pstore.conf:
-      /usr/lib/tmpfiles.d/systemd-tmp.conf:
-      /usr/lib/tmpfiles.d/systemd.conf:
-      /usr/lib/tmpfiles.d/tmp.conf:
-      /usr/lib/tmpfiles.d/var.conf:
-      /usr/lib/tmpfiles.d/x11.conf:
-      /usr/lib/systemd/resolv.conf:
+      /etc/modules-load.d/modules.conf:
+      /etc/sysctl.d/99-sysctl.conf:
+      /etc/systemd/journald.conf:
+      /etc/systemd/logind.conf:
+      /etc/systemd/networkd.conf:
+      /etc/systemd/pstore.conf:
+      /etc/systemd/sleep.conf:
+      /etc/systemd/system-generators/systemd-gpt-auto-generator:
+      /etc/systemd/system.conf:
+      /etc/systemd/user.conf:
+      /etc/xdg/systemd/user:
+      /usr/lib/environment.d/99-environment.conf:
+      /usr/lib/kernel/install.conf:
+      /usr/lib/kernel/install.d/50-depmod.install:
+      /usr/lib/kernel/install.d/55-initrd.install:
+      /usr/lib/kernel/install.d/90-loaderentry.install:
+      /usr/lib/kernel/install.d/90-uki-copy.install:
+      /usr/lib/lsb/init-functions.d/40-systemd:
+      /usr/lib/modprobe.d/systemd.conf:
+      /usr/lib/pam.d/systemd-user:
+      /usr/lib/pcrlock.d/350-action-efi-application.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/300-0x00000000.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/600-0xffffffff.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/500-separator.pcrlock.d/300-0x00000000.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/500-separator.pcrlock.d/600-0xffffffff.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d/300-present.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d/600-absent.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/750-enter-initrd.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/800-leave-initrd.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/850-sysinit.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/900-ready.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/950-shutdown.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/990-final.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/sysctl.d/50-pid-max.conf:
+        arch: [amd64, arm64, riscv64, s390x, ppc64el]
       /usr/lib/systemd/catalog/systemd.be.catalog:
       /usr/lib/systemd/catalog/systemd.be@latin.catalog:
       /usr/lib/systemd/catalog/systemd.bg.catalog:
@@ -185,6 +214,19 @@ slices:
       /usr/lib/systemd/repart/definitions/sysext.repart.d/10-root.conf:
       /usr/lib/systemd/repart/definitions/sysext.repart.d/20-root-verity.conf:
       /usr/lib/systemd/repart/definitions/sysext.repart.d/30-root-verity-sig.conf:
+      /usr/lib/systemd/resolv.conf:
+      /usr/lib/systemd/system-generators/systemd-cryptsetup-generator:
+      /usr/lib/systemd/system-generators/systemd-debug-generator:
+      /usr/lib/systemd/system-generators/systemd-fstab-generator:
+      /usr/lib/systemd/system-generators/systemd-getty-generator:
+      /usr/lib/systemd/system-generators/systemd-gpt-auto-generator:
+      /usr/lib/systemd/system-generators/systemd-hibernate-resume-generator:
+      /usr/lib/systemd/system-generators/systemd-integritysetup-generator:
+      /usr/lib/systemd/system-generators/systemd-rc-local-generator:
+      /usr/lib/systemd/system-generators/systemd-run-generator:
+      /usr/lib/systemd/system-generators/systemd-system-update-generator:
+      /usr/lib/systemd/system-generators/systemd-sysv-generator:
+      /usr/lib/systemd/system-generators/systemd-veritysetup-generator:
       /usr/lib/systemd/system-preset/90-systemd.preset:
       /usr/lib/systemd/system/autovt@.service:
       /usr/lib/systemd/system/basic.target:
@@ -238,7 +280,9 @@ slices:
       /usr/lib/systemd/system/initrd.target:
       /usr/lib/systemd/system/initrd.target.wants/systemd-battery-check.service:
       /usr/lib/systemd/system/initrd.target.wants/systemd-bsod.service:
+        arch: [amd64, arm64, riscv64, ppc64el, armhf, s390x]
       /usr/lib/systemd/system/initrd.target.wants/systemd-pcrphase-initrd.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/integritysetup-pre.target:
       /usr/lib/systemd/system/integritysetup.target:
       /usr/lib/systemd/system/kexec.target:
@@ -296,6 +340,7 @@ slices:
       /usr/lib/systemd/system/sockets.target.wants/systemd-journald-dev-log.socket:
       /usr/lib/systemd/system/sockets.target.wants/systemd-journald.socket:
       /usr/lib/systemd/system/sockets.target.wants/systemd-pcrextend.socket:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/sockets.target.wants/systemd-sysext.socket:
       /usr/lib/systemd/system/soft-reboot.target:
       /usr/lib/systemd/system/sound.target:
@@ -328,8 +373,11 @@ slices:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-machine-id-commit.service:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-modules-load.service:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-pcrmachine.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/sysinit.target.wants/systemd-pcrphase-sysinit.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/sysinit.target.wants/systemd-pcrphase.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/sysinit.target.wants/systemd-random-seed.service:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-repart.service:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-sysctl.service:
@@ -338,7 +386,9 @@ slices:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev.service:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup.service:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-tpm2-setup-early.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/sysinit.target.wants/systemd-tpm2-setup.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/sysinit.target.wants/systemd-update-done.service:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-update-utmp.service:
       /usr/lib/systemd/system/sysinit.target.wants/veritysetup.target:
@@ -357,6 +407,7 @@ slices:
       /usr/lib/systemd/system/systemd-binfmt.service:
       /usr/lib/systemd/system/systemd-boot-check-no-failures.service:
       /usr/lib/systemd/system/systemd-bsod.service:
+        arch: [amd64, arm64, riscv64, ppc64el, armhf, s390x]
       /usr/lib/systemd/system/systemd-confext.service:
       /usr/lib/systemd/system/systemd-exit.service:
       /usr/lib/systemd/system/systemd-firstboot.service:
@@ -396,20 +447,35 @@ slices:
       /usr/lib/systemd/system/systemd-networkd.service:
       /usr/lib/systemd/system/systemd-networkd.socket:
       /usr/lib/systemd/system/systemd-pcrextend.socket:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrextend@.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrfs-root.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrfs@.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrlock-file-system.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrlock-firmware-code.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrlock-firmware-config.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrlock-machine-id.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrlock-make-policy.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrlock-secureboot-authority.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrlock-secureboot-policy.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrmachine.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrphase-initrd.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrphase-sysinit.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-pcrphase.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-poweroff.service:
       /usr/lib/systemd/system/systemd-pstore.service:
       /usr/lib/systemd/system/systemd-quotacheck.service:
@@ -440,7 +506,9 @@ slices:
       /usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service:
       /usr/lib/systemd/system/systemd-tmpfiles-setup.service:
       /usr/lib/systemd/system/systemd-tpm2-setup-early.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-tpm2-setup.service:
+        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-update-done.service:
       /usr/lib/systemd/system/systemd-update-utmp-runlevel.service:
       /usr/lib/systemd/system/systemd-update-utmp.service:
@@ -486,70 +554,26 @@ slices:
       /usr/lib/systemd/user/systemd-tmpfiles-setup.service:
       /usr/lib/systemd/user/timers.target:
       /usr/lib/systemd/user/xdg-desktop-autostart.target:
-      /usr/lib/systemd/system-generators/systemd-cryptsetup-generator:
-      /usr/lib/systemd/system-generators/systemd-debug-generator:
-      /usr/lib/systemd/system-generators/systemd-fstab-generator:
-      /usr/lib/systemd/system-generators/systemd-getty-generator:
-      /usr/lib/systemd/system-generators/systemd-gpt-auto-generator:
-      /usr/lib/systemd/system-generators/systemd-hibernate-resume-generator:
-      /usr/lib/systemd/system-generators/systemd-integritysetup-generator:
-      /usr/lib/systemd/system-generators/systemd-rc-local-generator:
-      /usr/lib/systemd/system-generators/systemd-run-generator:
-      /usr/lib/systemd/system-generators/systemd-system-update-generator:
-      /usr/lib/systemd/system-generators/systemd-sysv-generator:
-      /usr/lib/systemd/system-generators/systemd-veritysetup-generator:
-      /etc/systemd/system-generators/systemd-gpt-auto-generator:
-      /usr/lib/pam.d/systemd-user:
-      /usr/lib/modprobe.d/systemd.conf:
-      /usr/lib/sysctl.d/50-pid-max.conf:
-      /usr/lib/environment.d/99-environment.conf:
-      /usr/lib/kernel/install.conf:
-      /usr/lib/kernel/install.d/50-depmod.install:
-      /usr/lib/kernel/install.d/55-initrd.install:
-      /usr/lib/kernel/install.d/90-loaderentry.install:
-      /usr/lib/kernel/install.d/90-uki-copy.install:
-      /usr/lib/lsb/init-functions.d/40-systemd:
-      /usr/lib/pcrlock.d/350-action-efi-application.pcrlock:
-      /usr/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/300-0x00000000.pcrlock:
-      /usr/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/600-0xffffffff.pcrlock:
-      /usr/lib/pcrlock.d/500-separator.pcrlock.d/300-0x00000000.pcrlock:
-      /usr/lib/pcrlock.d/500-separator.pcrlock.d/600-0xffffffff.pcrlock:
-      /usr/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d/300-present.pcrlock:
-      /usr/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d/600-absent.pcrlock:
-      /usr/lib/pcrlock.d/750-enter-initrd.pcrlock:
-      /usr/lib/pcrlock.d/800-leave-initrd.pcrlock:
-      /usr/lib/pcrlock.d/850-sysinit.pcrlock:
-      /usr/lib/pcrlock.d/900-ready.pcrlock:
-      /usr/lib/pcrlock.d/950-shutdown.pcrlock:
-      /usr/lib/pcrlock.d/990-final.pcrlock:
+      /usr/lib/sysusers.d/basic.conf:
+      /usr/lib/sysusers.d/systemd-journal.conf:
+      /usr/lib/sysusers.d/systemd-network.conf:
+      /usr/lib/tmpfiles.d/credstore.conf:
+      /usr/lib/tmpfiles.d/debian.conf:
+      /usr/lib/tmpfiles.d/home.conf:
+      /usr/lib/tmpfiles.d/journal-nocow.conf:
+      /usr/lib/tmpfiles.d/legacy.conf:
+      /usr/lib/tmpfiles.d/provision.conf:
+      /usr/lib/tmpfiles.d/systemd-network.conf:
+      /usr/lib/tmpfiles.d/systemd-nologin.conf:
+      /usr/lib/tmpfiles.d/systemd-pstore.conf:
+      /usr/lib/tmpfiles.d/systemd-tmp.conf:
+      /usr/lib/tmpfiles.d/systemd.conf:
+      /usr/lib/tmpfiles.d/tmp.conf:
+      /usr/lib/tmpfiles.d/var.conf:
+      /usr/lib/tmpfiles.d/x11.conf:
       /usr/share/systemd/kbd-model-map:
       /usr/share/systemd/language-fallback-map:
       /usr/share/systemd/tmp.mount:
-      /etc/modules-load.d/modules.conf:
-      /etc/sysctl.d/99-sysctl.conf:
-      /etc/systemd/journald.conf:
-      /etc/systemd/logind.conf:
-      /etc/systemd/networkd.conf:
-      /etc/systemd/pstore.conf:
-      /etc/systemd/sleep.conf:
-      /etc/systemd/system.conf:
-      /etc/systemd/user.conf:
-      /etc/xdg/systemd/user:
-
-  # Generated config slice is to emulate symlinks or initial state
-  # config generated by systemd upon install.
-  # Systemd performs a lot of initialization upon install, however since systemd
-  # does actually not rely on these install actions (since all of these are run as
-  # a part of the first install / early setup upon first boot), a lot of this is
-  # left out. It's done like that because systemd needs to be usable after install
-  # on a running system, but this is not the case here.
-  # These are the few that seems to be not emulated
-  generated-config:
-    contents:
-      /etc/systemd/system/getty.target.wants/getty@tty1.service: {symlink: /usr/lib/systemd/system/getty@.service}
-      /etc/systemd/system/multi-user.target.wants/remote-fs.target: {symlink: /usr/lib/systemd/system/remote-fs.target}
-      /etc/systemd/system/sysinit.target.wants/systemd-pstore.service: {symlink: /usr/lib/systemd/system/systemd-pstore.service}
-      /var/log/journal/: {make: true}
 
   dbus-config:
     contents:
@@ -571,6 +595,31 @@ slices:
       /usr/share/dbus-1/system.d/org.freedesktop.systemd1.conf:
       /usr/share/dbus-1/system.d/org.freedesktop.timedate1.conf:
 
+  # Generated config slice is to emulate symlinks or initial state
+  # config generated by systemd upon install.
+  # Systemd performs a lot of initialization upon install, however since systemd
+  # does actually not rely on these install actions (since all of these are run as
+  # a part of the first install / early setup upon first boot), a lot of this is
+  # left out. It's done like that because systemd needs to be usable after install
+  # on a running system, but this is not the case here.
+  # These are the few that seems to be not emulated
+  generated-config:
+    contents:
+      /etc/systemd/system/getty.target.wants/getty@tty1.service:
+        symlink: /usr/lib/systemd/system/getty@.service
+      /etc/systemd/system/multi-user.target.wants/remote-fs.target:
+        symlink: /usr/lib/systemd/system/remote-fs.target
+      /etc/systemd/system/sysinit.target.wants/systemd-pstore.service:
+        symlink: /usr/lib/systemd/system/systemd-pstore.service
+      /var/log/journal/: {make: true}
+
+  libs:
+    contents:
+      /usr/lib/*-linux-*/cryptsetup/libcryptsetup-token-systemd-fido2.so:
+      /usr/lib/*-linux-*/cryptsetup/libcryptsetup-token-systemd-pkcs11.so:
+      /usr/lib/*-linux-*/cryptsetup/libcryptsetup-token-systemd-tpm2.so:
+        arch: [amd64, arm64, riscv64]
+
   polkit-config:
     contents:
       /usr/share/polkit-1/actions/org.freedesktop.hostname1.policy:

From 6c6f8ba2fbfb939d5ecec8cc2ca69a5ab3ba7148 Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Wed, 24 Jul 2024 10:35:06 +0200
Subject: [PATCH 05/17] slices/systemd: for some reason nice.conf does not
 exist anymore

---
 slices/systemd.yaml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/slices/systemd.yaml b/slices/systemd.yaml
index b05825643..72c62bd10 100644
--- a/slices/systemd.yaml
+++ b/slices/systemd.yaml
@@ -438,7 +438,6 @@ slices:
       /usr/lib/systemd/system/systemd-localed.service.d/x11-keyboard.conf:
       /usr/lib/systemd/system/systemd-logind.service:
       /usr/lib/systemd/system/systemd-logind.service.d/dbus.conf:
-      /usr/lib/systemd/system/systemd-logind.service.d/nice.conf:
       /usr/lib/systemd/system/systemd-machine-id-commit.service:
       /usr/lib/systemd/system/systemd-modules-load.service:
       /usr/lib/systemd/system/systemd-network-generator.service:

From a7a7308fbd67aef3e7c7c52d24b721f196c24d1d Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Thu, 1 Aug 2024 09:01:01 +0200
Subject: [PATCH 06/17] tests/spread/integration: add tests for systemd and
 mount

---
 spread.yaml                                |  3 ++-
 tests/spread/integration/mount/task.yaml   |  9 +++++++++
 tests/spread/integration/mount/test.sh     | 14 ++++++++++++++
 tests/spread/integration/systemd/task.yaml | 15 +++++++++++++++
 tests/spread/integration/systemd/test.sh   | 18 ++++++++++++++++++
 5 files changed, 58 insertions(+), 1 deletion(-)
 create mode 100644 tests/spread/integration/mount/task.yaml
 create mode 100755 tests/spread/integration/mount/test.sh
 create mode 100644 tests/spread/integration/systemd/task.yaml
 create mode 100755 tests/spread/integration/systemd/test.sh

diff --git a/spread.yaml b/spread.yaml
index b2bb3b951..0a6a6aff5 100644
--- a/spread.yaml
+++ b/spread.yaml
@@ -47,7 +47,8 @@ backends:
       echo "Allocating $SPREAD_SYSTEM..."
       docker_image=$(echo $SPREAD_SYSTEM | awk -F '-' '{print $1":"$2}')
       docker_arch=$(echo $SPREAD_SYSTEM | awk -F '-' '{print $NF}')
-      docker run --rm -e DEBIAN_FRONTEND=noninteractice \
+      docker run --cap-add SYS_ADMIN --security-opt apparmor=unconfined \
+        --rm -e DEBIAN_FRONTEND=noninteractice \
         -e usr=$SPREAD_SYSTEM_USERNAME -e pass=$SPREAD_SYSTEM_PASSWORD \
         --name $SPREAD_SYSTEM -d $docker_arch/$docker_image sh -c '
         set -x
diff --git a/tests/spread/integration/mount/task.yaml b/tests/spread/integration/mount/task.yaml
new file mode 100644
index 000000000..05d7c6918
--- /dev/null
+++ b/tests/spread/integration/mount/task.yaml
@@ -0,0 +1,9 @@
+summary: Integration tests for mount
+
+execute: |
+  # Chisel a minimum number of slices to give us a runnable system that we can
+  # test in.
+  rootfs="$(install-slices bash_bins coreutils_bins passwd_config base-files_base mount_bins)"
+  
+  cp test.sh "${rootfs}/"
+  chroot "${rootfs}/" /test.sh
diff --git a/tests/spread/integration/mount/test.sh b/tests/spread/integration/mount/test.sh
new file mode 100755
index 000000000..922ca1166
--- /dev/null
+++ b/tests/spread/integration/mount/test.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+# Run a smoke test for mount and umount to verify that
+# they are doing what we expect by testing on /proc
+mkdir /test-bin
+mount --bind /bin /test-bin
+count=$(ls /test-bin | wc -l)
+umount /test-bin
+
+if [ $count -eq 0 ]
+then
+    echo "no files in /test-bin, did mount not work?"
+    exit 1
+fi
diff --git a/tests/spread/integration/systemd/task.yaml b/tests/spread/integration/systemd/task.yaml
new file mode 100644
index 000000000..d77145ad9
--- /dev/null
+++ b/tests/spread/integration/systemd/task.yaml
@@ -0,0 +1,15 @@
+summary: Integration tests for systemd
+
+execute: |
+  # Chisel a minimum number of slices to give us a runnable system that we can
+  # test in.
+  rootfs="$(install-slices bash_bins coreutils_bins passwd_config base-files_base systemd_bins)"
+  
+  # systemd needs proc mounted
+  mkdir "${rootfs}"/proc
+  mount --bind /proc "${rootfs}"/proc
+
+  cp test.sh "${rootfs}/"
+  chroot "${rootfs}/" /test.sh
+
+  umount "${rootfs}"/proc
diff --git a/tests/spread/integration/systemd/test.sh b/tests/spread/integration/systemd/test.sh
new file mode 100755
index 000000000..4c5b137b2
--- /dev/null
+++ b/tests/spread/integration/systemd/test.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+# Run some smoke-tests by invoking a couple of commands
+# from systemd to verify it's doing exactly what we expect
+# it to
+systemctl disable getty@tty1.service
+! test -f "/etc/systemd/system/getty.target.wants/getty@tty1.service"
+
+systemctl enable getty@tty1.service
+test -f "/etc/systemd/system/getty.target.wants/getty@tty1.service"
+
+# run preset-all and test for one of the expected symlinks
+systemctl preset-all
+test -f "/etc/systemd/system/ctrl-alt-del.target"
+
+# Run some auxiliary commands to ensure they don't fail
+systemd --help
+journalctl --update-catalog

From 0c4a327c6acbb1e3edbb5ef8ac4ff1fad3bc03e3 Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Mon, 5 Aug 2024 12:02:18 +0200
Subject: [PATCH 07/17] tests: change tests to not require a priveliged
 container

---
 spread.yaml                                |  3 +--
 tests/spread/integration/mount/test.sh     | 25 ++++++++++++----------
 tests/spread/integration/systemd/task.yaml |  6 ------
 3 files changed, 15 insertions(+), 19 deletions(-)

diff --git a/spread.yaml b/spread.yaml
index 0a6a6aff5..b2bb3b951 100644
--- a/spread.yaml
+++ b/spread.yaml
@@ -47,8 +47,7 @@ backends:
       echo "Allocating $SPREAD_SYSTEM..."
       docker_image=$(echo $SPREAD_SYSTEM | awk -F '-' '{print $1":"$2}')
       docker_arch=$(echo $SPREAD_SYSTEM | awk -F '-' '{print $NF}')
-      docker run --cap-add SYS_ADMIN --security-opt apparmor=unconfined \
-        --rm -e DEBIAN_FRONTEND=noninteractice \
+      docker run --rm -e DEBIAN_FRONTEND=noninteractice \
         -e usr=$SPREAD_SYSTEM_USERNAME -e pass=$SPREAD_SYSTEM_PASSWORD \
         --name $SPREAD_SYSTEM -d $docker_arch/$docker_image sh -c '
         set -x
diff --git a/tests/spread/integration/mount/test.sh b/tests/spread/integration/mount/test.sh
index 922ca1166..2f0dd6f01 100755
--- a/tests/spread/integration/mount/test.sh
+++ b/tests/spread/integration/mount/test.sh
@@ -1,14 +1,17 @@
 #!/bin/bash
 
-# Run a smoke test for mount and umount to verify that
-# they are doing what we expect by testing on /proc
+# simple smoke test that it loads
+mount --help
+
+cat > /etc/fstab <<EOF
+# test on a chrooted env, but let us make sure it exists
+EOF
+
+# Do not do the actually mounting syscall as that will
+# be blocked inside the docker container. We do dry-runs
+# instead to ensure that the rest of the binary looks ok
 mkdir /test-bin
-mount --bind /bin /test-bin
-count=$(ls /test-bin | wc -l)
-umount /test-bin
-
-if [ $count -eq 0 ]
-then
-    echo "no files in /test-bin, did mount not work?"
-    exit 1
-fi
+mount --fake --bind /bin /test-bin
+
+# we cannot test the 'mount -l' without mounting /proc
+# as it is a symlink from /etc/mtab to ../proc/self/mounts
diff --git a/tests/spread/integration/systemd/task.yaml b/tests/spread/integration/systemd/task.yaml
index d77145ad9..3d5e8f030 100644
--- a/tests/spread/integration/systemd/task.yaml
+++ b/tests/spread/integration/systemd/task.yaml
@@ -5,11 +5,5 @@ execute: |
   # test in.
   rootfs="$(install-slices bash_bins coreutils_bins passwd_config base-files_base systemd_bins)"
   
-  # systemd needs proc mounted
-  mkdir "${rootfs}"/proc
-  mount --bind /proc "${rootfs}"/proc
-
   cp test.sh "${rootfs}/"
   chroot "${rootfs}/" /test.sh
-
-  umount "${rootfs}"/proc

From 3984cdedcf33e1815c7c3a78d94d9bd6f6ba65b9 Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Tue, 13 Aug 2024 13:51:54 +0200
Subject: [PATCH 08/17] slices: refactor systemd slices

---
 slices/libargon2-1.yaml        |   2 +-
 slices/libdevmapper1.02.1.yaml |   2 +-
 slices/systemd.yaml            | 268 ++++++++++++++++++++-------------
 3 files changed, 166 insertions(+), 106 deletions(-)

diff --git a/slices/libargon2-1.yaml b/slices/libargon2-1.yaml
index 0c28328e1..9ef51c485 100644
--- a/slices/libargon2-1.yaml
+++ b/slices/libargon2-1.yaml
@@ -8,7 +8,7 @@ slices:
     essential:
       - libc6_libs
     contents:
-      /usr/lib/*-linux-*/libargon2.so.1*:
+      /usr/lib/*-linux-*/libargon2.so.1:
 
   copyright:
     contents:
diff --git a/slices/libdevmapper1.02.1.yaml b/slices/libdevmapper1.02.1.yaml
index 61f3065a2..d97882bc2 100644
--- a/slices/libdevmapper1.02.1.yaml
+++ b/slices/libdevmapper1.02.1.yaml
@@ -10,7 +10,7 @@ slices:
       - libselinux1_libs
       - libudev1_libs
     contents:
-      /usr/lib/*-linux-*/libdevmapper.so.1*:
+      /usr/lib/*-linux-*/libdevmapper.so.1:
 
   copyright:
     contents:
diff --git a/slices/systemd.yaml b/slices/systemd.yaml
index 72c62bd10..7f487313f 100644
--- a/slices/systemd.yaml
+++ b/slices/systemd.yaml
@@ -27,10 +27,16 @@ slices:
       - libsystemd0_libs
       - libzstd1_libs
       - mount_bins
-      - systemd-dev_dbus-interfaces
       - systemd_config
-      - systemd_generated-config
+      - systemd_catalog
+      - systemd_network
+      - systemd_repart
+      - systemd_system-generators
+      - systemd_system-services
+      - systemd_user-services
+      - systemd_kernel-parameters
       - systemd_libs
+      - systemd_pcrlock
     contents:
       /usr/bin/busctl:
       /usr/bin/hostnamectl:
@@ -72,6 +78,7 @@ slices:
       /usr/bin/systemd-umount:
       /usr/bin/timedatectl:
       /usr/bin/varlinkctl:
+      /usr/lib/lsb/init-functions.d/40-systemd:
       /usr/lib/systemd/systemd:
       /usr/lib/systemd/systemd-backlight:
       /usr/lib/systemd/systemd-battery-check:
@@ -131,55 +138,27 @@ slices:
       /usr/lib/systemd/systemd-xdg-autostart-condition:
 
   config:
+    essential:
+      - systemd_modprobe-conf
+      - systemd_pam-profile
+      - systemd_sysusers-config
+      - systemd_tmpfiles
     contents:
-      /etc/modules-load.d/modules.conf:
-      /etc/sysctl.d/99-sysctl.conf:
       /etc/systemd/journald.conf:
       /etc/systemd/logind.conf:
       /etc/systemd/networkd.conf:
       /etc/systemd/pstore.conf:
       /etc/systemd/sleep.conf:
-      /etc/systemd/system-generators/systemd-gpt-auto-generator:
       /etc/systemd/system.conf:
       /etc/systemd/user.conf:
       /etc/xdg/systemd/user:
       /usr/lib/environment.d/99-environment.conf:
-      /usr/lib/kernel/install.conf:
-      /usr/lib/kernel/install.d/50-depmod.install:
-      /usr/lib/kernel/install.d/55-initrd.install:
-      /usr/lib/kernel/install.d/90-loaderentry.install:
-      /usr/lib/kernel/install.d/90-uki-copy.install:
-      /usr/lib/lsb/init-functions.d/40-systemd:
-      /usr/lib/modprobe.d/systemd.conf:
-      /usr/lib/pam.d/systemd-user:
-      /usr/lib/pcrlock.d/350-action-efi-application.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/300-0x00000000.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/600-0xffffffff.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/pcrlock.d/500-separator.pcrlock.d/300-0x00000000.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/pcrlock.d/500-separator.pcrlock.d/600-0xffffffff.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d/300-present.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d/600-absent.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/pcrlock.d/750-enter-initrd.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/pcrlock.d/800-leave-initrd.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/pcrlock.d/850-sysinit.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/pcrlock.d/900-ready.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/pcrlock.d/950-shutdown.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/pcrlock.d/990-final.pcrlock:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/sysctl.d/50-pid-max.conf:
-        arch: [amd64, arm64, riscv64, s390x, ppc64el]
+      /usr/lib/systemd/journald.conf.d/syslog.conf:
+      /usr/lib/systemd/resolv.conf:
+      /var/log/journal/: {make: true}
+
+  catalog:
+    contents:
       /usr/lib/systemd/catalog/systemd.be.catalog:
       /usr/lib/systemd/catalog/systemd.be@latin.catalog:
       /usr/lib/systemd/catalog/systemd.bg.catalog:
@@ -197,7 +176,9 @@ slices:
       /usr/lib/systemd/catalog/systemd.sr.catalog:
       /usr/lib/systemd/catalog/systemd.zh_CN.catalog:
       /usr/lib/systemd/catalog/systemd.zh_TW.catalog:
-      /usr/lib/systemd/journald.conf.d/syslog.conf:
+
+  network:
+    contents:
       /usr/lib/systemd/network/80-6rd-tunnel.network:
       /usr/lib/systemd/network/80-container-host0.network:
       /usr/lib/systemd/network/80-container-vb.network:
@@ -205,6 +186,9 @@ slices:
       /usr/lib/systemd/network/80-container-vz.network:
       /usr/lib/systemd/network/80-vm-vt.network:
       /usr/lib/systemd/network/80-wifi-adhoc.network:
+
+  repart:
+    contents:
       /usr/lib/systemd/repart/definitions/confext.repart.d/10-root.conf:
       /usr/lib/systemd/repart/definitions/confext.repart.d/20-root-verity.conf:
       /usr/lib/systemd/repart/definitions/confext.repart.d/30-root-verity-sig.conf:
@@ -214,7 +198,13 @@ slices:
       /usr/lib/systemd/repart/definitions/sysext.repart.d/10-root.conf:
       /usr/lib/systemd/repart/definitions/sysext.repart.d/20-root-verity.conf:
       /usr/lib/systemd/repart/definitions/sysext.repart.d/30-root-verity-sig.conf:
-      /usr/lib/systemd/resolv.conf:
+      /usr/lib/systemd/system/initrd-root-fs.target.wants/systemd-repart.service:
+      /usr/lib/systemd/system/sysinit.target.wants/systemd-repart.service:
+      /usr/lib/systemd/system/systemd-repart.service:
+
+  system-generators:
+    contents:
+      /etc/systemd/system-generators/systemd-gpt-auto-generator:
       /usr/lib/systemd/system-generators/systemd-cryptsetup-generator:
       /usr/lib/systemd/system-generators/systemd-debug-generator:
       /usr/lib/systemd/system-generators/systemd-fstab-generator:
@@ -227,6 +217,11 @@ slices:
       /usr/lib/systemd/system-generators/systemd-system-update-generator:
       /usr/lib/systemd/system-generators/systemd-sysv-generator:
       /usr/lib/systemd/system-generators/systemd-veritysetup-generator:
+
+  system-services:
+    essential:
+      - systemd_generated-services
+    contents:
       /usr/lib/systemd/system-preset/90-systemd.preset:
       /usr/lib/systemd/system/autovt@.service:
       /usr/lib/systemd/system/basic.target:
@@ -272,7 +267,6 @@ slices:
       /usr/lib/systemd/system/initrd-root-device.target.wants/remote-cryptsetup.target:
       /usr/lib/systemd/system/initrd-root-device.target.wants/remote-veritysetup.target:
       /usr/lib/systemd/system/initrd-root-fs.target:
-      /usr/lib/systemd/system/initrd-root-fs.target.wants/systemd-repart.service:
       /usr/lib/systemd/system/initrd-switch-root.service:
       /usr/lib/systemd/system/initrd-switch-root.target:
       /usr/lib/systemd/system/initrd-udevadm-cleanup-db.service:
@@ -379,7 +373,6 @@ slices:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-pcrphase.service:
         arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/sysinit.target.wants/systemd-random-seed.service:
-      /usr/lib/systemd/system/sysinit.target.wants/systemd-repart.service:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-sysctl.service:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-sysusers.service:
       /usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev-early.service:
@@ -445,43 +438,12 @@ slices:
       /usr/lib/systemd/system/systemd-networkd-wait-online@.service:
       /usr/lib/systemd/system/systemd-networkd.service:
       /usr/lib/systemd/system/systemd-networkd.socket:
-      /usr/lib/systemd/system/systemd-pcrextend.socket:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrextend@.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrfs-root.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrfs@.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrlock-file-system.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrlock-firmware-code.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrlock-firmware-config.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrlock-machine-id.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrlock-make-policy.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrlock-secureboot-authority.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrlock-secureboot-policy.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrmachine.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrphase-initrd.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrphase-sysinit.service:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/system/systemd-pcrphase.service:
-        arch: [amd64, arm64, riscv64]
       /usr/lib/systemd/system/systemd-poweroff.service:
       /usr/lib/systemd/system/systemd-pstore.service:
       /usr/lib/systemd/system/systemd-quotacheck.service:
       /usr/lib/systemd/system/systemd-random-seed.service:
       /usr/lib/systemd/system/systemd-reboot.service:
       /usr/lib/systemd/system/systemd-remount-fs.service:
-      /usr/lib/systemd/system/systemd-repart.service:
       /usr/lib/systemd/system/systemd-rfkill.service:
       /usr/lib/systemd/system/systemd-rfkill.socket:
       /usr/lib/systemd/system/systemd-soft-reboot.service:
@@ -529,6 +491,9 @@ slices:
       /usr/lib/systemd/system/veritysetup-pre.target:
       /usr/lib/systemd/system/veritysetup.target:
       /usr/lib/systemd/system/x11-common.service:
+
+  user-services:
+    contents:
       /usr/lib/systemd/user-environment-generators/30-systemd-environment-d-generator:
       /usr/lib/systemd/user-generators/systemd-xdg-autostart-generator:
       /usr/lib/systemd/user-preset/90-systemd.preset:
@@ -553,33 +518,11 @@ slices:
       /usr/lib/systemd/user/systemd-tmpfiles-setup.service:
       /usr/lib/systemd/user/timers.target:
       /usr/lib/systemd/user/xdg-desktop-autostart.target:
-      /usr/lib/sysusers.d/basic.conf:
-      /usr/lib/sysusers.d/systemd-journal.conf:
-      /usr/lib/sysusers.d/systemd-network.conf:
-      /usr/lib/tmpfiles.d/credstore.conf:
-      /usr/lib/tmpfiles.d/debian.conf:
-      /usr/lib/tmpfiles.d/home.conf:
-      /usr/lib/tmpfiles.d/journal-nocow.conf:
-      /usr/lib/tmpfiles.d/legacy.conf:
-      /usr/lib/tmpfiles.d/provision.conf:
-      /usr/lib/tmpfiles.d/systemd-network.conf:
-      /usr/lib/tmpfiles.d/systemd-nologin.conf:
-      /usr/lib/tmpfiles.d/systemd-pstore.conf:
-      /usr/lib/tmpfiles.d/systemd-tmp.conf:
-      /usr/lib/tmpfiles.d/systemd.conf:
-      /usr/lib/tmpfiles.d/tmp.conf:
-      /usr/lib/tmpfiles.d/var.conf:
-      /usr/lib/tmpfiles.d/x11.conf:
-      /usr/share/systemd/kbd-model-map:
-      /usr/share/systemd/language-fallback-map:
-      /usr/share/systemd/tmp.mount:
 
   dbus-config:
+    essential:
+      - systemd-dev_dbus-interfaces
     contents:
-      /usr/lib/udev/rules.d/70-uaccess.rules:
-      /usr/lib/udev/rules.d/71-seat.rules:
-      /usr/lib/udev/rules.d/73-seat-late.rules:
-      /usr/lib/udev/rules.d/99-systemd.rules:
       /usr/share/dbus-1/services/org.freedesktop.systemd1.service:
       /usr/share/dbus-1/system-services/org.freedesktop.hostname1.service:
       /usr/share/dbus-1/system-services/org.freedesktop.locale1.service:
@@ -594,7 +537,15 @@ slices:
       /usr/share/dbus-1/system.d/org.freedesktop.systemd1.conf:
       /usr/share/dbus-1/system.d/org.freedesktop.timedate1.conf:
 
-  # Generated config slice is to emulate symlinks or initial state
+  extras:
+    contents:
+      /etc/modules-load.d/modules.conf:
+      /etc/sysctl.d/99-sysctl.conf:
+      /usr/share/systemd/kbd-model-map:
+      /usr/share/systemd/language-fallback-map:
+      /usr/share/systemd/tmp.mount:
+
+  # Generated services slice is to emulate symlinks or initial state
   # config generated by systemd upon install.
   # Systemd performs a lot of initialization upon install, however since systemd
   # does actually not rely on these install actions (since all of these are run as
@@ -602,7 +553,7 @@ slices:
   # left out. It's done like that because systemd needs to be usable after install
   # on a running system, but this is not the case here.
   # These are the few that seems to be not emulated
-  generated-config:
+  generated-services:
     contents:
       /etc/systemd/system/getty.target.wants/getty@tty1.service:
         symlink: /usr/lib/systemd/system/getty@.service
@@ -610,7 +561,19 @@ slices:
         symlink: /usr/lib/systemd/system/remote-fs.target
       /etc/systemd/system/sysinit.target.wants/systemd-pstore.service:
         symlink: /usr/lib/systemd/system/systemd-pstore.service
-      /var/log/journal/: {make: true}
+
+  kernel-install:
+    contents:
+      /usr/lib/kernel/install.conf:
+      /usr/lib/kernel/install.d/50-depmod.install:
+      /usr/lib/kernel/install.d/55-initrd.install:
+      /usr/lib/kernel/install.d/90-loaderentry.install:
+      /usr/lib/kernel/install.d/90-uki-copy.install:
+
+  kernel-parameters:
+    contents:
+      /usr/lib/sysctl.d/50-pid-max.conf:
+        arch: [amd64, arm64, riscv64, s390x, ppc64el]
 
   libs:
     contents:
@@ -619,7 +582,74 @@ slices:
       /usr/lib/*-linux-*/cryptsetup/libcryptsetup-token-systemd-tpm2.so:
         arch: [amd64, arm64, riscv64]
 
-  polkit-config:
+  modprobe-conf:
+    contents:
+      /usr/lib/modprobe.d/systemd.conf:
+
+  pam-profile:
+    contents:
+      /usr/lib/pam.d/systemd-user:
+
+  pcrlock:
+    contents:
+      /usr/lib/pcrlock.d/350-action-efi-application.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/300-0x00000000.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/600-0xffffffff.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/500-separator.pcrlock.d/300-0x00000000.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/500-separator.pcrlock.d/600-0xffffffff.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d/300-present.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d/600-absent.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/750-enter-initrd.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/800-leave-initrd.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/850-sysinit.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/900-ready.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/950-shutdown.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/pcrlock.d/990-final.pcrlock:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrextend.socket:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrextend@.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrfs-root.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrfs@.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrlock-file-system.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrlock-firmware-code.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrlock-firmware-config.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrlock-machine-id.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrlock-make-policy.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrlock-secureboot-authority.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrlock-secureboot-policy.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrmachine.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrphase-initrd.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrphase-sysinit.service:
+        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/system/systemd-pcrphase.service:
+        arch: [amd64, arm64, riscv64]
+
+  polkit:
     contents:
       /usr/share/polkit-1/actions/org.freedesktop.hostname1.policy:
       /usr/share/polkit-1/actions/org.freedesktop.locale1.policy:
@@ -630,6 +660,36 @@ slices:
       /usr/share/polkit-1/actions/org.freedesktop.timesync1.policy:
       /usr/share/polkit-1/rules.d/systemd-networkd.rules:
 
+  sysusers-config:
+    contents:
+      /usr/lib/sysusers.d/basic.conf:
+      /usr/lib/sysusers.d/systemd-journal.conf:
+      /usr/lib/sysusers.d/systemd-network.conf:
+
+  tmpfiles:
+    contents:
+      /usr/lib/tmpfiles.d/credstore.conf:
+      /usr/lib/tmpfiles.d/debian.conf:
+      /usr/lib/tmpfiles.d/home.conf:
+      /usr/lib/tmpfiles.d/journal-nocow.conf:
+      /usr/lib/tmpfiles.d/legacy.conf:
+      /usr/lib/tmpfiles.d/provision.conf:
+      /usr/lib/tmpfiles.d/systemd-network.conf:
+      /usr/lib/tmpfiles.d/systemd-nologin.conf:
+      /usr/lib/tmpfiles.d/systemd-pstore.conf:
+      /usr/lib/tmpfiles.d/systemd-tmp.conf:
+      /usr/lib/tmpfiles.d/systemd.conf:
+      /usr/lib/tmpfiles.d/tmp.conf:
+      /usr/lib/tmpfiles.d/var.conf:
+      /usr/lib/tmpfiles.d/x11.conf:
+
+  udev-rules:
+    contents:
+      /usr/lib/udev/rules.d/70-uaccess.rules:
+      /usr/lib/udev/rules.d/71-seat.rules:
+      /usr/lib/udev/rules.d/73-seat-late.rules:
+      /usr/lib/udev/rules.d/99-systemd.rules:
+
   copyright:
     contents:
       /usr/share/doc/systemd/copyright:

From ac1f3b3ab8100ac44ab9e61c401f656c81b343d0 Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Tue, 13 Aug 2024 13:52:39 +0200
Subject: [PATCH 09/17] slices: add full version for libdevmapper

---
 slices/libdevmapper1.02.1.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/slices/libdevmapper1.02.1.yaml b/slices/libdevmapper1.02.1.yaml
index d97882bc2..daf7a888f 100644
--- a/slices/libdevmapper1.02.1.yaml
+++ b/slices/libdevmapper1.02.1.yaml
@@ -10,7 +10,7 @@ slices:
       - libselinux1_libs
       - libudev1_libs
     contents:
-      /usr/lib/*-linux-*/libdevmapper.so.1:
+      /usr/lib/*-linux-*/libdevmapper.so.1.02.1:
 
   copyright:
     contents:

From e95133e2df14e2ad4c91f42dcb2d9891b5a76c75 Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Tue, 13 Aug 2024 13:54:31 +0200
Subject: [PATCH 10/17] slices: move arch inline where we can

---
 slices/systemd.yaml | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/slices/systemd.yaml b/slices/systemd.yaml
index 7f487313f..dbc0c6b48 100644
--- a/slices/systemd.yaml
+++ b/slices/systemd.yaml
@@ -100,16 +100,13 @@ slices:
       /usr/lib/systemd/systemd-localed:
       /usr/lib/systemd/systemd-logind:
       /usr/lib/systemd/systemd-makefs:
-      /usr/lib/systemd/systemd-measure:
-        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/systemd-measure: {arch: [amd64, arm64, riscv64]}
       /usr/lib/systemd/systemd-modules-load:
       /usr/lib/systemd/systemd-network-generator:
       /usr/lib/systemd/systemd-networkd:
       /usr/lib/systemd/systemd-networkd-wait-online:
-      /usr/lib/systemd/systemd-pcrextend:
-        arch: [amd64, arm64, riscv64]
-      /usr/lib/systemd/systemd-pcrlock:
-        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/systemd-pcrextend: {arch: [amd64, arm64, riscv64]}
+      /usr/lib/systemd/systemd-pcrlock: {arch: [amd64, arm64, riscv64]}
       /usr/lib/systemd/systemd-pstore:
       /usr/lib/systemd/systemd-quotacheck:
       /usr/lib/systemd/systemd-random-seed:
@@ -127,8 +124,7 @@ slices:
       /usr/lib/systemd/systemd-sysv-install:
       /usr/lib/systemd/systemd-time-wait-sync:
       /usr/lib/systemd/systemd-timedated:
-      /usr/lib/systemd/systemd-tpm2-setup:
-        arch: [amd64, arm64, riscv64]
+      /usr/lib/systemd/systemd-tpm2-setup: {arch: [amd64, arm64, riscv64]}
       /usr/lib/systemd/systemd-update-done:
       /usr/lib/systemd/systemd-update-utmp:
       /usr/lib/systemd/systemd-user-runtime-dir:

From 407f969cefc2b883c485cea4750b552df9120ba8 Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Tue, 13 Aug 2024 13:58:13 +0200
Subject: [PATCH 11/17] slices: reorder essential in bins

---
 slices/systemd.yaml | 48 ++++++++++++++++++++++-----------------------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/slices/systemd.yaml b/slices/systemd.yaml
index dbc0c6b48..830dd9ca8 100644
--- a/slices/systemd.yaml
+++ b/slices/systemd.yaml
@@ -27,16 +27,16 @@ slices:
       - libsystemd0_libs
       - libzstd1_libs
       - mount_bins
-      - systemd_config
       - systemd_catalog
+      - systemd_config
+      - systemd_kernel-parameters
+      - systemd_libs
       - systemd_network
+      - systemd_pcrlock
       - systemd_repart
       - systemd_system-generators
       - systemd_system-services
       - systemd_user-services
-      - systemd_kernel-parameters
-      - systemd_libs
-      - systemd_pcrlock
     contents:
       /usr/bin/busctl:
       /usr/bin/hostnamectl:
@@ -133,26 +133,6 @@ slices:
       /usr/lib/systemd/systemd-volatile-root:
       /usr/lib/systemd/systemd-xdg-autostart-condition:
 
-  config:
-    essential:
-      - systemd_modprobe-conf
-      - systemd_pam-profile
-      - systemd_sysusers-config
-      - systemd_tmpfiles
-    contents:
-      /etc/systemd/journald.conf:
-      /etc/systemd/logind.conf:
-      /etc/systemd/networkd.conf:
-      /etc/systemd/pstore.conf:
-      /etc/systemd/sleep.conf:
-      /etc/systemd/system.conf:
-      /etc/systemd/user.conf:
-      /etc/xdg/systemd/user:
-      /usr/lib/environment.d/99-environment.conf:
-      /usr/lib/systemd/journald.conf.d/syslog.conf:
-      /usr/lib/systemd/resolv.conf:
-      /var/log/journal/: {make: true}
-
   catalog:
     contents:
       /usr/lib/systemd/catalog/systemd.be.catalog:
@@ -173,6 +153,26 @@ slices:
       /usr/lib/systemd/catalog/systemd.zh_CN.catalog:
       /usr/lib/systemd/catalog/systemd.zh_TW.catalog:
 
+  config:
+    essential:
+      - systemd_modprobe-conf
+      - systemd_pam-profile
+      - systemd_sysusers-config
+      - systemd_tmpfiles
+    contents:
+      /etc/systemd/journald.conf:
+      /etc/systemd/logind.conf:
+      /etc/systemd/networkd.conf:
+      /etc/systemd/pstore.conf:
+      /etc/systemd/sleep.conf:
+      /etc/systemd/system.conf:
+      /etc/systemd/user.conf:
+      /etc/xdg/systemd/user:
+      /usr/lib/environment.d/99-environment.conf:
+      /usr/lib/systemd/journald.conf.d/syslog.conf:
+      /usr/lib/systemd/resolv.conf:
+      /var/log/journal/: {make: true}
+
   network:
     contents:
       /usr/lib/systemd/network/80-6rd-tunnel.network:

From 9b09985d18d49d45ae995ed3d02d75423e0230dd Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Mon, 19 Aug 2024 12:13:26 +0200
Subject: [PATCH 12/17] slices/systemd: rename dbus slice

---
 slices/systemd.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/slices/systemd.yaml b/slices/systemd.yaml
index 830dd9ca8..46c812b8e 100644
--- a/slices/systemd.yaml
+++ b/slices/systemd.yaml
@@ -515,7 +515,7 @@ slices:
       /usr/lib/systemd/user/timers.target:
       /usr/lib/systemd/user/xdg-desktop-autostart.target:
 
-  dbus-config:
+  dbus-services:
     essential:
       - systemd-dev_dbus-interfaces
     contents:

From 8b61816b29779afd77a29916c595e28afc03c764 Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Fri, 23 Aug 2024 14:27:20 +0200
Subject: [PATCH 13/17] slices/systemd: update namings based on review feedback

---
 slices/systemd.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/slices/systemd.yaml b/slices/systemd.yaml
index 46c812b8e..b7aafb770 100644
--- a/slices/systemd.yaml
+++ b/slices/systemd.yaml
@@ -155,10 +155,10 @@ slices:
 
   config:
     essential:
-      - systemd_modprobe-conf
+      - systemd_modprobe-config
       - systemd_pam-profile
       - systemd_sysusers-config
-      - systemd_tmpfiles
+      - systemd_tmpfiles-config
     contents:
       /etc/systemd/journald.conf:
       /etc/systemd/logind.conf:
@@ -578,7 +578,7 @@ slices:
       /usr/lib/*-linux-*/cryptsetup/libcryptsetup-token-systemd-tpm2.so:
         arch: [amd64, arm64, riscv64]
 
-  modprobe-conf:
+  modprobe-config:
     contents:
       /usr/lib/modprobe.d/systemd.conf:
 
@@ -662,7 +662,7 @@ slices:
       /usr/lib/sysusers.d/systemd-journal.conf:
       /usr/lib/sysusers.d/systemd-network.conf:
 
-  tmpfiles:
+  tmpfiles-config:
     contents:
       /usr/lib/tmpfiles.d/credstore.conf:
       /usr/lib/tmpfiles.d/debian.conf:

From 541afc22d28986d824da1222197c2c1aa9edd213 Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Wed, 28 Aug 2024 10:18:08 +0200
Subject: [PATCH 14/17] Revert "tests: change tests to not require a priveliged
 container"

This reverts commit ce546ecfca24f2b7717c6cffda5ad6b87713ce0d.
---
 spread.yaml                                |  3 ++-
 tests/spread/integration/mount/test.sh     | 25 ++++++++++------------
 tests/spread/integration/systemd/task.yaml |  6 ++++++
 3 files changed, 19 insertions(+), 15 deletions(-)

diff --git a/spread.yaml b/spread.yaml
index b2bb3b951..0a6a6aff5 100644
--- a/spread.yaml
+++ b/spread.yaml
@@ -47,7 +47,8 @@ backends:
       echo "Allocating $SPREAD_SYSTEM..."
       docker_image=$(echo $SPREAD_SYSTEM | awk -F '-' '{print $1":"$2}')
       docker_arch=$(echo $SPREAD_SYSTEM | awk -F '-' '{print $NF}')
-      docker run --rm -e DEBIAN_FRONTEND=noninteractice \
+      docker run --cap-add SYS_ADMIN --security-opt apparmor=unconfined \
+        --rm -e DEBIAN_FRONTEND=noninteractice \
         -e usr=$SPREAD_SYSTEM_USERNAME -e pass=$SPREAD_SYSTEM_PASSWORD \
         --name $SPREAD_SYSTEM -d $docker_arch/$docker_image sh -c '
         set -x
diff --git a/tests/spread/integration/mount/test.sh b/tests/spread/integration/mount/test.sh
index 2f0dd6f01..922ca1166 100755
--- a/tests/spread/integration/mount/test.sh
+++ b/tests/spread/integration/mount/test.sh
@@ -1,17 +1,14 @@
 #!/bin/bash
 
-# simple smoke test that it loads
-mount --help
-
-cat > /etc/fstab <<EOF
-# test on a chrooted env, but let us make sure it exists
-EOF
-
-# Do not do the actually mounting syscall as that will
-# be blocked inside the docker container. We do dry-runs
-# instead to ensure that the rest of the binary looks ok
+# Run a smoke test for mount and umount to verify that
+# they are doing what we expect by testing on /proc
 mkdir /test-bin
-mount --fake --bind /bin /test-bin
-
-# we cannot test the 'mount -l' without mounting /proc
-# as it is a symlink from /etc/mtab to ../proc/self/mounts
+mount --bind /bin /test-bin
+count=$(ls /test-bin | wc -l)
+umount /test-bin
+
+if [ $count -eq 0 ]
+then
+    echo "no files in /test-bin, did mount not work?"
+    exit 1
+fi
diff --git a/tests/spread/integration/systemd/task.yaml b/tests/spread/integration/systemd/task.yaml
index 3d5e8f030..d77145ad9 100644
--- a/tests/spread/integration/systemd/task.yaml
+++ b/tests/spread/integration/systemd/task.yaml
@@ -5,5 +5,11 @@ execute: |
   # test in.
   rootfs="$(install-slices bash_bins coreutils_bins passwd_config base-files_base systemd_bins)"
   
+  # systemd needs proc mounted
+  mkdir "${rootfs}"/proc
+  mount --bind /proc "${rootfs}"/proc
+
   cp test.sh "${rootfs}/"
   chroot "${rootfs}/" /test.sh
+
+  umount "${rootfs}"/proc

From 7aab6574f5ce95a73b1c966d318d9f6f104d63d5 Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Wed, 28 Aug 2024 10:20:38 +0200
Subject: [PATCH 15/17] spread: remove docker changes

---
 spread.yaml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/spread.yaml b/spread.yaml
index 0a6a6aff5..b2bb3b951 100644
--- a/spread.yaml
+++ b/spread.yaml
@@ -47,8 +47,7 @@ backends:
       echo "Allocating $SPREAD_SYSTEM..."
       docker_image=$(echo $SPREAD_SYSTEM | awk -F '-' '{print $1":"$2}')
       docker_arch=$(echo $SPREAD_SYSTEM | awk -F '-' '{print $NF}')
-      docker run --cap-add SYS_ADMIN --security-opt apparmor=unconfined \
-        --rm -e DEBIAN_FRONTEND=noninteractice \
+      docker run --rm -e DEBIAN_FRONTEND=noninteractice \
         -e usr=$SPREAD_SYSTEM_USERNAME -e pass=$SPREAD_SYSTEM_PASSWORD \
         --name $SPREAD_SYSTEM -d $docker_arch/$docker_image sh -c '
         set -x

From 34029a96a3a49c8b7109ee9988f53d42b9e9e89a Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Wed, 28 Aug 2024 13:41:39 +0200
Subject: [PATCH 16/17] slices: add the missing nice.conf

---
 slices/systemd.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/slices/systemd.yaml b/slices/systemd.yaml
index b7aafb770..82664dd33 100644
--- a/slices/systemd.yaml
+++ b/slices/systemd.yaml
@@ -422,6 +422,7 @@ slices:
       /usr/lib/systemd/system/systemd-journald.socket:
       /usr/lib/systemd/system/systemd-journald@.service:
       /usr/lib/systemd/system/systemd-journald@.socket:
+      /usr/lib/systemd/system/systemd-journald.service.d/nice.conf:
       /usr/lib/systemd/system/systemd-kexec.service:
       /usr/lib/systemd/system/systemd-localed.service:
       /usr/lib/systemd/system/systemd-localed.service.d/x11-keyboard.conf:

From c0b09f3dfe2a54a7b280f2eaeebb28d754e3b27b Mon Sep 17 00:00:00 2001
From: Philip Meulengracht <philip.meulengracht@canonical.com>
Date: Wed, 28 Aug 2024 13:44:10 +0200
Subject: [PATCH 17/17] slices/systemd: sort correctly

---
 slices/systemd.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/slices/systemd.yaml b/slices/systemd.yaml
index 82664dd33..e20e2d79a 100644
--- a/slices/systemd.yaml
+++ b/slices/systemd.yaml
@@ -419,10 +419,10 @@ slices:
       /usr/lib/systemd/system/systemd-journald-dev-log.socket:
       /usr/lib/systemd/system/systemd-journald-varlink@.socket:
       /usr/lib/systemd/system/systemd-journald.service:
+      /usr/lib/systemd/system/systemd-journald.service.d/nice.conf:
       /usr/lib/systemd/system/systemd-journald.socket:
       /usr/lib/systemd/system/systemd-journald@.service:
       /usr/lib/systemd/system/systemd-journald@.socket:
-      /usr/lib/systemd/system/systemd-journald.service.d/nice.conf:
       /usr/lib/systemd/system/systemd-kexec.service:
       /usr/lib/systemd/system/systemd-localed.service:
       /usr/lib/systemd/system/systemd-localed.service.d/x11-keyboard.conf: