src/build-essential/changes.md

@@ -1,5 +1,2 @@
-# 2
-Added missing sed package as a dependency
-
 # 1
 First version

src/build-essential/pkg.sh

@@ -1,7 +1,7 @@
 # general info
 NAME="build-essential"
 DESC="Essential packages to build MatterLinux packages"
-VERSION="2"
+VERSION="1"
 
 # required files
 FILES=()
@@ -9,14 +9,14 @@ HASHES=()
 
 # install and build depends
 DEPENDS=(
-  "glibc" "gcc" "make" "python3" "perl" "sed"
+  "glibc" "gcc" "make" "python3" "perl"
-  "pypa-packaging" "pypi-flit-core" "pypa-setuptools"
   "pypa-wheel" "pypa-installer" "pypa-build"
+  "pypa-packaging" "pypi-flit-core" "pypa-setuptools"
 )
 BUILD=()
 
 PACKAGE(){
   echo This is just a wrapper package, nothing to do
   install -dm755 "${ROOTDIR}/var/lib/wrapper_packages"
-  echo "${VERSION}" > "${ROOTDIR}/var/lib/wrapper_packages/${NAME}"
+  touch "${ROOTDIR}/var/lib/wrapper_packages/${NAME}"
 }

src/docbook-xml/changes.md

@@ -1,5 +1,2 @@
-# 4.5m1
-Updated the package description
-
 # 4.5
 First version

src/docbook-xml/pkg.sh

@@ -1,8 +1,8 @@
 NAME="docbook-xml"
-DESC="Standard XML documentation system for software and systems"
+DESC="Contains document type definitions for verification of XML data files against the DocBook rule set"
-VERSION="4.5m1"
+VERSION="4.5"
 
-FILES=("https://www.docbook.org/xml/${VERSION%m*}/docbook-xml-${VERSION%m*}.zip")
+FILES=("https://www.docbook.org/xml/${VERSION}/docbook-xml-${VERSION}.zip")
 HASHES=("03083e288e87a7e829e437358da7ef9e")
 
 DEPENDS=("libxml2")
@@ -10,16 +10,16 @@ BUILD=("sgml-common")
 
 PACKAGE() {
 	mkdir "${NAME}"
-  mv "${NAME}-${VERSION%m*}.zip" "${NAME}"
+  mv "${NAME}-${VERSION}.zip" "${NAME}"
 
   cd "${NAME}"
-  unzip "${NAME}-${VERSION%m*}.zip"
+  unzip "${NAME}-${VERSION}.zip"
 
-  install -v -d -m755 "${ROOTDIR}/usr/share/xml/docbook/xml-dtd-${VERSION%m*}"
+  install -v -d -m755 "${ROOTDIR}/usr/share/xml/docbook/xml-dtd-${VERSION}"
   install -v -d -m755 "${ROOTDIR}/etc/xml"
 
   cp -v -af --no-preserve=ownership docbook.cat *.dtd ent/ *.mod \
-    "${ROOTDIR}/usr/share/xml/docbook/xml-dtd-${VERSION%m*}"
+    "${ROOTDIR}/usr/share/xml/docbook/xml-dtd-${VERSION}"
 
   cd .. && rm -rf "${NAME}"
 }

src/docbook-xsl-nons/changes.md

@@ -1,5 +1,2 @@
-# 1.79.2m1
-Updated the package description
-
 # 1.79.2
 First version

src/docbook-xsl-nons/pkg.sh

@@ -1,10 +1,10 @@
 NAME="docbook-xsl-nons"
-DESC="XSLT 1.0 Stylesheets for DocBook"
+DESC="Contains XSL stylesheets"
-VERSION="1.79.2m1"
+VERSION="1.79.2"
 FILES=(
-  "https://github.com/docbook/xslt10-stylesheets/releases/download/release/${VERSION%m*}/docbook-xsl-nons-${VERSION%m*}.tar.bz2"
+  "https://github.com/docbook/xslt10-stylesheets/releases/download/release/${VERSION}/docbook-xsl-nons-${VERSION}.tar.bz2"
-  "https://github.com/docbook/xslt10-stylesheets/releases/download/release/${VERSION%m*}/docbook-xsl-doc-${VERSION%m*}.tar.bz2"
+  "https://github.com/docbook/xslt10-stylesheets/releases/download/release/${VERSION}/docbook-xsl-doc-${VERSION}.tar.bz2"
-  "docbook-xsl-nons-${VERSION%m*}-stack_fix-1.patch"
+  "docbook-xsl-nons-${VERSION}-stack_fix-1.patch"
 )
 HASHES=(
   "2666d1488d6ced1551d15f31d7ed8c38"
@@ -14,26 +14,26 @@ HASHES=(
 DEPENDS=("libxml2" "docbook-xml")
 
 PACKAGE() {
-  tar xf "${NAME}-${VERSION%m*}.tar.bz2"
+  tar xf "${NAME}-${VERSION}.tar.bz2"
-  cd "${NAME}-${VERSION%m*}"
+  cd "${NAME}-${VERSION}"
 
-  patch -Np1 -i "../docbook-xsl-nons-${VERSION%m*}-stack_fix-1.patch"
+  patch -Np1 -i "../docbook-xsl-nons-${VERSION}-stack_fix-1.patch"
-  tar -xf "../docbook-xsl-doc-${VERSION%m*}.tar.bz2" --strip-components=1
+  tar -xf "../docbook-xsl-doc-${VERSION}.tar.bz2" --strip-components=1
 
-  install -v -m755 -d "${ROOTDIR}/usr/share/xml/docbook/xsl-stylesheets-nons-${VERSION%m*}"
+  install -v -m755 -d "${ROOTDIR}/usr/share/xml/docbook/xsl-stylesheets-nons-${VERSION}"
   cp -v -R VERSION assembly common eclipse epub epub3 extensions fo      \
          highlighting html htmlhelp images javahelp lib manpages params  \
          profiling roundtrip slides template tests tools webhelp website \
          xhtml xhtml-1_1 xhtml5                                          \
-         "${ROOTDIR}/usr/share/xml/docbook/xsl-stylesheets-nons-${VERSION%m*}"
+         "${ROOTDIR}/usr/share/xml/docbook/xsl-stylesheets-nons-${VERSION}"
-  ln -s VERSION "${ROOTDIR}/usr/share/xml/docbook/xsl-stylesheets-nons-${VERSION%m*}/VERSION.xsl"
+  ln -s VERSION "${ROOTDIR}/usr/share/xml/docbook/xsl-stylesheets-nons-${VERSION}/VERSION.xsl"
   install -v -m644 -D README \
-                      "${ROOTDIR}/usr/share/doc/docbook-xsl-nons-${VERSION%m*}/README.txt"
+                      "${ROOTDIR}/usr/share/doc/docbook-xsl-nons-${VERSION}/README.txt"
   install -v -m644 RELEASE-NOTES* NEWS* \
-                   "${ROOTDIR}/usr/share/doc/docbook-xsl-nons-${VERSION%m*}"
+                   "${ROOTDIR}/usr/share/doc/docbook-xsl-nons-${VERSION}"
-  cp -v -R doc/* "${ROOTDIR}/usr/share/doc/docbook-xsl-nons-${VERSION%m*}"
+  cp -v -R doc/* "${ROOTDIR}/usr/share/doc/docbook-xsl-nons-${VERSION}"
 
-  cd .. && rm -rf "${NAME}-${VERSION%m*}"
+  cd .. && rm -rf "${NAME}-${VERSION}"
 }
 
 INSTALL(){

src/expat/changes.md

@@ -1,5 +1,2 @@
-# 2.6.2
-Updated to the latest upstream release
-
 # 2.6.0
 First version

src/fakeroot/changes.md

@@ -1,5 +1,2 @@
-# 1.35.1
-Updated to the latest upstream release
-
 # 1.35
 First version

src/fakeroot/pkg.sh

@@ -24,13 +24,10 @@ PACKAGE(){
   tar xf "${NAME}_${VERSION}.orig.tar.gz"
   cd "${NAME}-${VERSION}"
 
-  export CFLAGS+=" -std=gnu89 "
-
   ./configure --prefix=/usr       \
     --libdir=/usr/lib/libfakeroot \
     --disable-static              \
     --with-ipc=sysv
-
   make
   make DESTDIR="${ROOTDIR}" install
 
@@ -41,5 +38,5 @@ PACKAGE(){
 }
 
 INSTALL(){
-  ldconfig -r .
+  usr/bin/ldconfig -r .
 }

src/icu/changes.md

@@ -1,2 +1,2 @@
-# 74-2
+# 74.2
 First version

src/libmp/changes.md

@@ -1,15 +1,3 @@
-# 24.09
-Updated to the latest upstream release
-
-# 24.08
-Updated to the latest upstream release
-
-# 24.07
-Updated to the latest upstream release
-
-# 24.06
-Updated to the latest upstream release
-
 # 24.05
 Updated to new upstream release
 

src/libmp/pkg.sh

@@ -1,11 +1,11 @@
 # general info
 NAME="libmp"
 DESC="MatterLinux package management library"
-VERSION="24.09"
+VERSION="24.05"
 
 # required files
 FILES=("https://git.matterlinux.xyz/Matter/libmp/archive/${VERSION}.tar.gz")
-HASHES=("7bf33d41a3dc3e9d35ed68fb6211e06362b6c4a9163a4daa1219936b32928626")
+HASHES=("582b7694e00d2ea18ac7da4888e3e71dbdbb84bbbd04a89e134bc2c531c38a47")
 
 # install and build depends
 DEPENDS=(

src/libndp/changes.md

@@ -1,5 +1,2 @@
-# 1.9
-Updated to the latest upstream release
-
 # 1.8
 First version

src/libtirpc/changes.md

@@ -1,2 +1,2 @@
-# 1.3.4
+# 1.3.5
 First version

src/libxml2/changes.md

@@ -1,5 +1,2 @@
-# 2.13.3
-Updated to the latest upstream release
-
 # 2.13.2
 First version

src/lynx/.gitignore

@@ -1,3 +0,0 @@
-.cache/
-dist/
-root/

src/lynx/changes.md

@@ -1,5 +0,0 @@
-# 2.9.2
-Updated to the latest upstream release
-
-# 2.8.9rel.1
-First version

src/lynx/pkg.sh

@@ -1,39 +0,0 @@
-# general info
-NAME="lynx"
-DESC="The text web browser"
-VERSION="2.9.2"
-
-# required files
-FILES=("https://invisible-mirror.net/archives/lynx/tarballs/lynx${VERSION}.tar.bz2")
-HASHES=("7374b89936d991669e101f4e97f2c9592036e1e8cdaa7bafc259a77ab6fb07ce")
-
-# install and build depends
-DEPENDS=(
-  "brotli" "bzip2" "glibc"
-  "libidn2" "ncurses" "openssl"
-  "zlib"
-)
-BUILD=()
-
-PACKAGE(){
-  tar xf "${NAME}${VERSION}.tar.bz2"
-  cd "${NAME}${VERSION}"
-
-  ./configure --prefix=/usr \
-		--sysconfdir=/etc       \
-		--with-ssl=/usr         \
-		--enable-externs        \
-		--enable-nls            \
-		--enable-ipv6           \
-		--mandir=/usr/share/man
-
-  make
-  make DESTDIR="${ROOTDIR}" install
-
-  sed -i -e "s|^HELPFILE.*$|HELPFILE:file:///usr/share/doc/lynx/lynx_help/lynx_help_main.html|" "${ROOTDIR}/etc/lynx.cfg"
-	install -d "${ROOTDIR}/usr/share/doc/lynx"
-	cp -rf lynx_help "${ROOTDIR}/usr/share/doc/lynx"
-
-  cd .. && rm -r "${NAME}${VERSION}"
-}
-

src/matt/changes.md

@@ -1,12 +1,3 @@
-# 24.04
-Updated to the latest upstream release
-
-# 24.03
-Updated to the latest upstream release
-
-# 24.02
-Updated to the latest upstream release
-
 # 24.01m5
 Fix the desktop pool URL in the default configuration
 

src/matt/pkg.sh

@@ -1,7 +1,7 @@
 # general info
 NAME="matt"
 DESC="The (new) MatterLinux package manager"
-VERSION="24.04"
+VERSION="24.01m5"
 
 # required files
 FILES=(
@@ -9,7 +9,7 @@ FILES=(
   "config.ini"
 )
 HASHES=(
-  "e0b8f705a8b1d6a843ebcd8d9e0ac3512578fae5f6818f7a753733471225c282"
+  "69c6f046c336b0490bc923225114fda592738556dba002bc1657b1d6e0218b48"
   "1d916fe98811f11fe1f20aea78c29b3fdb37c08d3c5428dfdb774bd9953d3176"
 )
 KEEP=("etc/matt/config.ini")

src/mtsc/changes.md

@@ -1,12 +1,3 @@
-# 24.09
-Updated to the latest upstream release
-
-# 24.08
-Updated to the latest upstream release
-
-# 24.07
-Updated to the latest upstream release
-
 # 24.06
 Updated to the latest upstream release
 

src/mtsc/pkg.sh

@@ -1,11 +1,11 @@
 # general info
 NAME="mtsc"
 DESC="MatterLinux tools and scripts collection"
-VERSION="24.09"
+VERSION="24.06"
 
 # required files
 FILES=("https://git.matterlinux.xyz/Matter/mtsc/archive/${VERSION%m*}.tar.gz")
-HASHES=("3f18fd47f17e8749bf6ffc2f6f226721a018cc956088c5cb233c2e1ec00d996d")
+HASHES=("6aa1766e1572809555fd2ecb40f0033155f507c08ba36117cc960178fc3d5774")
 
 # install and build depends
 DEPENDS=(

src/pkgconf/changes.md

@@ -1,5 +1,2 @@
-# 2.2.0
-Updated to a newer upstream release
-
 # 2.1.1
 First version

src/pkgconf/pkg.sh

@@ -4,7 +4,7 @@ DESC="Package compiler and linker metadata toolkit"
 VERSION="2.2.0"
 
 # required files
-FILES=("https://github.com/pkgconf/pkgconf/archive/refs/tags/pkgconf-${VERSION}.tar.gz")
+FILES=("https://github.com/pkgconf/pkgconf/archive/refs/tags/pkgconf-2.2.0.tar.gz")
 HASHES=("2c72cbf37b2d42a9fbf7ed8f0e5432a0b0925481f67995a21ecf77962a6000bc")
 
 # install and build depends

src/pypa-setuptools/changes.md

@@ -1,5 +1,2 @@
-# 72.2.0 
-Updated to a newer upstream release
-
 # 69.5.1
 First version

src/sgml-common/changes.md

@@ -1,5 +1,2 @@
-# 0.6.3m1
-Updated the package description
-
 # 0.6.3
 First version

src/sgml-common/pkg.sh

@@ -1,10 +1,10 @@
 NAME="sgml-common"
-DESC="Collection of all the free software tools you need to work on and format DocBook documents"
+DESC="Contains install-catalog which is useful for creating and maintaining centralized SGML catalogs"
-VERSION="0.6.3m1"
+VERSION="0.6.3"
 
 FILES=(
-  "https://sourceware.org/ftp/docbook-tools/new-trials/SOURCES/sgml-common-${VERSION%m*}.tgz"
+  "https://sourceware.org/ftp/docbook-tools/new-trials/SOURCES/sgml-common-${VERSION}.tgz"
-  "sgml-common-${VERSION%m*}-manpage-1.patch"
+  "sgml-common-${VERSION}-manpage-1.patch"
 )
 HASHES=(
   "103c9828f24820df86e55e7862e28974"
@@ -14,10 +14,10 @@ HASHES=(
 DEPENDS=("bash")
 
 PACKAGE() {
-  tar xf "${NAME}-${VERSION%m*}.tgz"
+  tar xf "${NAME}-${VERSION}.tgz"
-  cd "${NAME}-${VERSION%m*}"
+  cd "${NAME}-${VERSION}"
 
-  patch -Np1 -i "../sgml-common-${VERSION%m*}-manpage-1.patch"
+  patch -Np1 -i "../sgml-common-${VERSION}-manpage-1.patch" 
   autoreconf -f -i
 
   ./configure --prefix=/usr --sysconfdir=/etc
@@ -25,7 +25,7 @@ PACKAGE() {
   make DESTDIR="${ROOTDIR}" install
   make DESTDIR="${ROOTDIR}" docdir="/usr/share/doc" install
 
-  cd .. && rm -rf "${NAME}-${VERSION%m*}"
+  cd .. && rm -rf ${NAME}-${VERSION}
 }
 
 INSTALL(){

src/systemd/changes.md

@@ -1,5 +1,2 @@
-# 256
-Updated to latest stable upstream release
-
 # 255
 First version

src/systemd/pkg.sh

@@ -1,11 +1,19 @@
 # general info
 NAME="systemd"
 DESC="System and service manager"
-VERSION="256"
+VERSION="255"
 
 # required files
-FILES=("https://github.com/systemd/systemd/archive/v${VERSION}/systemd-${VERSION}.tar.gz")
+FILES=(
-HASHES=("4825b82700e1acf02ba81885652406e75d0c674c129a1a7e488e5b5200a17998")
+  "https://github.com/systemd/systemd/archive/v${VERSION}/systemd-${VERSION}.tar.gz"
+  "https://anduin.linuxfromscratch.org/LFS/systemd-man-pages-${VERSION}.tar.xz"
+  "systemd-${VERSION}-upstream_fixes-1.patch"
+)
+HASHES=(
+  "521cda27409a9edf0370c128fae3e690"
+  "1ebe54d7a80f9abf8f2d14ddfeb2432d"
+  "8d9c1014445c463cf7c24c162b1e0686"
+)
 
 # install and build depends
 DEPENDS=(
@@ -16,7 +24,7 @@ DEPENDS=(
   "xz" "util-linux" "pcre2"
   "linux-pam"
 )
-BUILD=("shadow" "curl" "pypi-jinja2" "libxslt")
+BUILD=("shadow" "curl")
 
 PACKAGE(){
   tar xf "${NAME}-${VERSION}.tar.gz"
@@ -24,32 +32,31 @@ PACKAGE(){
 
   sed -i -e 's/GROUP="render"/GROUP="video"/' \
        -e 's/GROUP="sgx", //' rules.d/50-udev-default.rules.in
+  patch -Np1 -i "../systemd-${VERSION}-upstream_fixes-1.patch"
 
   mkdir -p build
   cd       build
 
-  meson setup                                      \
+  meson setup \
-      --prefix=/usr                                \
+      --prefix=/usr                 \
-      --buildtype=release                          \
+      --buildtype=release           \
-      -Ddefault-dnssec=no                          \
+      -Ddefault-dnssec=no           \
-      -Dfirstboot=false                            \
+      -Dfirstboot=false             \
-      -Dinstall-tests=false                        \
+      -Dinstall-tests=false         \
-      -Dldconfig=false                             \
+      -Dldconfig=false              \
-      -Dsysusers=false                             \
+      -Dsysusers=false              \
-      -Drpmmacrosdir=no                            \
+      -Drpmmacrosdir=no             \
-      -Dhomed=disabled                             \
+      -Dhomed=disabled              \
-      -Duserdb=false                               \
+      -Duserdb=false                \
-      -Dman=enabled                                \
+      -Dman=disabled                \
-      -Dmode=release                               \
+      -Dmode=release                \
-      -Dpamconfdir=no                              \
+      -Dpamconfdir=no               \
-      -Ddev-kvm-mode=0660                          \
+      -Ddev-kvm-mode=0660           \
-      -Dnobody-group=nogroup                       \
+      -Dnobody-group=nogroup        \
-      -Dsysupdate=disabled                         \
+      -Dsysupdate=disabled          \
-      -Dukify=disabled                             \
+      -Dukify=disabled              \
-      -Dsbat-distro='matter'                       \
+      -Ddns-servers="94.140.14.14#94.140.15.15" \
-      -Dsbat-distro-summary='MatterLinux'          \
+      -Ddocdir=/usr/share/doc/systemd-255       \
-      -Ddns-servers="94.140.14.14#94.140.15.15"    \
-      -Ddocdir="/usr/share/doc/systemd-${VERSION}" \
       ..
 
   ninja
@@ -58,6 +65,9 @@ PACKAGE(){
   install -dm755 "${ROOTDIR}/etc"
 
   DESTDIR="${ROOTDIR}" ninja install
+  tar -xf "../../systemd-man-pages-${VERSION}.tar.xz" \
+      --no-same-owner --strip-components=1            \
+      -C "${ROOTDIR}/usr/share/man"
 
   cd ../.. && rm -r "${NAME}-${VERSION}"
 }

src/systemd/systemd-255-upstream_fixes-1.patch

@@ -0,0 +1,204 @@
+Submitted By:            Xi Ruoyao <xry111 at xry111 dot site>
+Date:                    2024-02-10
+Initial Package Version: 255
+Origin:                  Upstream (PR 30549 and 30363)
+Upstream Status:         Applied
+Description:             Fixes CVE-2023-7008, a security vulnerability in
+                         DNSSEC verification allowing a MITM attack.  And
+                         Fix a bug breaking "systemd-analyze verify" an
+                         instantiated unit.
+
+From f56136eb9f7e1bb0f34cd1bace60c4c02a0ed6ea Mon Sep 17 00:00:00 2001
+From: Michal Sekletar <msekleta@redhat.com>
+Date: Wed, 20 Dec 2023 16:44:14 +0100
+Subject: [PATCH] resolved: actually check authenticated flag of SOA
+ transaction
+
+Fixes #25676
+---
+ src/resolve/resolved-dns-transaction.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c
+index 696fce532a41f..fe88e502e7c11 100644
+--- a/src/resolve/resolved-dns-transaction.c
++++ b/src/resolve/resolved-dns-transaction.c
+@@ -2808,7 +2808,7 @@ static int dns_transaction_requires_rrsig(DnsTransaction *t, DnsResourceRecord *
+                         if (r == 0)
+                                 continue;
+ 
+-                        return FLAGS_SET(t->answer_query_flags, SD_RESOLVED_AUTHENTICATED);
++                        return FLAGS_SET(dt->answer_query_flags, SD_RESOLVED_AUTHENTICATED);
+                 }
+ 
+                 return true;
+@@ -2835,7 +2835,7 @@ static int dns_transaction_requires_rrsig(DnsTransaction *t, DnsResourceRecord *
+                         /* We found the transaction that was supposed to find the SOA RR for us. It was
+                          * successful, but found no RR for us. This means we are not at a zone cut. In this
+                          * case, we require authentication if the SOA lookup was authenticated too. */
+-                        return FLAGS_SET(t->answer_query_flags, SD_RESOLVED_AUTHENTICATED);
++                        return FLAGS_SET(dt->answer_query_flags, SD_RESOLVED_AUTHENTICATED);
+                 }
+ 
+                 return true;
+
+From 6d9d55657946385916fa4db7149a9b389645ee73 Mon Sep 17 00:00:00 2001
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Thu, 7 Dec 2023 19:29:29 +0900
+Subject: [PATCH 1/2] analyze: also find template unit when a template instance
+ is specified
+
+Fixes a regression caused by 2f6181ad4d6c126e3ebf6880ba30b3b0059c6fc8.
+
+Fixes #30357.
+
+Co-authored-by: Jeff King <peff@peff.net>
+---
+ src/analyze/analyze-verify-util.c | 64 +++++++++++++++++++++++++------
+ 1 file changed, 53 insertions(+), 11 deletions(-)
+
+diff --git a/src/analyze/analyze-verify-util.c b/src/analyze/analyze-verify-util.c
+index 26d1130477123..6fbd6fa54c37d 100644
+--- a/src/analyze/analyze-verify-util.c
++++ b/src/analyze/analyze-verify-util.c
+@@ -72,6 +72,54 @@ int verify_prepare_filename(const char *filename, char **ret) {
+         return 0;
+ }
+ 
++static int find_unit_directory(const char *p, char **ret) {
++        _cleanup_free_ char *a = NULL, *u = NULL, *t = NULL, *d = NULL;
++        int r;
++
++        assert(p);
++        assert(ret);
++
++        r = path_make_absolute_cwd(p, &a);
++        if (r < 0)
++                return r;
++
++        if (access(a, F_OK) >= 0) {
++                r = path_extract_directory(a, &d);
++                if (r < 0)
++                        return r;
++
++                *ret = TAKE_PTR(d);
++                return 0;
++        }
++
++        r = path_extract_filename(a, &u);
++        if (r < 0)
++                return r;
++
++        if (!unit_name_is_valid(u, UNIT_NAME_INSTANCE))
++                return -ENOENT;
++
++        /* If the specified unit is an instance of a template unit, then let's try to find the template unit. */
++        r = unit_name_template(u, &t);
++        if (r < 0)
++                return r;
++
++        r = path_extract_directory(a, &d);
++        if (r < 0)
++                return r;
++
++        free(a);
++        a = path_join(d, t);
++        if (!a)
++                return -ENOMEM;
++
++        if (access(a, F_OK) < 0)
++                return -errno;
++
++        *ret = TAKE_PTR(d);
++        return 0;
++}
++
+ int verify_set_unit_path(char **filenames) {
+         _cleanup_strv_free_ char **ans = NULL;
+         _cleanup_free_ char *joined = NULL;
+@@ -79,21 +127,15 @@ int verify_set_unit_path(char **filenames) {
+         int r;
+ 
+         STRV_FOREACH(filename, filenames) {
+-                _cleanup_free_ char *a = NULL;
+-                char *t;
++                _cleanup_free_ char *t = NULL;
+ 
+-                r = path_make_absolute_cwd(*filename, &a);
+-                if (r < 0)
++                r = find_unit_directory(*filename, &t);
++                if (r == -ENOMEM)
+                         return r;
+-
+-                if (access(a, F_OK) < 0)
+-                        continue;
+-
+-                r = path_extract_directory(a, &t);
+                 if (r < 0)
+-                        return r;
++                        continue;
+ 
+-                r = strv_consume(&ans, t);
++                r = strv_consume(&ans, TAKE_PTR(t));
+                 if (r < 0)
+                         return r;
+         }
+
+From 9d51ab78300364c71a0e1f138e1d2cbc65771b93 Mon Sep 17 00:00:00 2001
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Fri, 8 Dec 2023 10:41:49 +0900
+Subject: [PATCH 2/2] test: add test cases for issue #30357
+
+---
+ test/units/testsuite-65.sh | 38 ++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 38 insertions(+)
+
+diff --git a/test/units/testsuite-65.sh b/test/units/testsuite-65.sh
+index 265a07f01d810..6c819dfe4a4ee 100755
+--- a/test/units/testsuite-65.sh
++++ b/test/units/testsuite-65.sh
+@@ -296,6 +296,44 @@ EOF
+ # Verifies that the --offline= option works with --root=
+ systemd-analyze security --threshold=90 --offline=true --root=/tmp/img/ testfile.service
+ 
++cat <<EOF >/tmp/foo@.service
++[Service]
++ExecStart=ls
++EOF
++
++cat <<EOF >/tmp/hoge@test.service
++[Service]
++ExecStart=ls
++EOF
++
++# issue #30357
++pushd /tmp
++systemd-analyze verify foo@bar.service
++systemd-analyze verify foo@.service
++systemd-analyze verify hoge@test.service
++(! systemd-analyze verify hoge@nonexist.service)
++(! systemd-analyze verify hoge@.service)
++popd
++pushd /
++systemd-analyze verify tmp/foo@bar.service
++systemd-analyze verify tmp/foo@.service
++systemd-analyze verify tmp/hoge@test.service
++(! systemd-analyze verify tmp/hoge@nonexist.service)
++(! systemd-analyze verify tmp/hoge@.service)
++popd
++pushd /usr
++systemd-analyze verify ../tmp/foo@bar.service
++systemd-analyze verify ../tmp/foo@.service
++systemd-analyze verify ../tmp/hoge@test.service
++(! systemd-analyze verify ../tmp/hoge@nonexist.service)
++(! systemd-analyze verify ../tmp/hoge@.service)
++popd
++systemd-analyze verify /tmp/foo@bar.service
++systemd-analyze verify /tmp/foo@.service
++systemd-analyze verify /tmp/hoge@test.service
++(! systemd-analyze verify /tmp/hoge@nonexist.service)
++(! systemd-analyze verify /tmp/hoge@.service)
++
+ # Added an additional "INVALID_ID" id to the .json to verify that nothing breaks when input is malformed
+ # The PrivateNetwork id description and weight was changed to verify that 'security' is actually reading in
+ # values from the .json file when required. The default weight for "PrivateNetwork" is 2500, and the new weight