Adding upstream version 256.upstream/256

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 8 insertions, 2 deletions

diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
index 37eeabc..4404af9 100644
--- a/units/systemd-journald.service.in
+++ b/units/systemd-journald.service.in
@@ -17,7 +17,10 @@ Before=sysinit.target
 
 # To avoid journald SIGKILLed during soft-reboot and corrupting journals.
 # See https://github.com/systemd/systemd/issues/30195
-Before=soft-reboot.target
+# Note, typically soft-reboot.target will be never reached,
+# and systemd-soft-reboot.service will trigger soft-reboot.
+# Hence, this must be stopped before systemd-soft-reboot.service.
+Before=soft-reboot.target systemd-soft-reboot.service
 Conflicts=soft-reboot.target
 
 # Mount and swap units need the journal socket units. If they were removed by
@@ -29,6 +32,9 @@ IgnoreOnIsolate=yes
 DeviceAllow=char-* rw
 ExecStart={{LIBEXECDIR}}/systemd-journald
 FileDescriptorStoreMax=4224
+# Ensure services using StandardOutput=journal do not break when journald is stopped
+FileDescriptorStorePreserve=yes
+ImportCredential=journal.*
 IPAddressDeny=any
 LockPersonality=yes
 MemoryDenyWriteExecute=yes
@@ -37,7 +43,7 @@ OOMScoreAdjust=-250
 ProtectClock=yes
 Restart=always
 RestartSec=0
-RestrictAddressFamilies=AF_UNIX AF_NETLINK
+RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_VSOCK AF_INET AF_INET6
 RestrictNamespaces=yes
 RestrictRealtime=yes
 RestrictSUIDSGID=yes