Merge commit '58a6dd15582c038a25bd7059435833943e2e4617' into notsystemd/premove

# Conflicts:
#	Makefile.am
#	src/boot/bootctl.c
#	system-preset/90-systemd.preset

32 files changed, 661 insertions, 300 deletions

diff --git a/man/bootctl.xml b/man/bootctl.xml
index 6e835c037f..e2575a4751 100644
--- a/man/bootctl.xml
+++ b/man/bootctl.xml
@@ -47,16 +47,16 @@
 
   <refsynopsisdiv>
     <cmdsynopsis>
-      <command>bootctl <arg choice="opt" rep="repeat">OPTIONS</arg>status</command>
+      <command>bootctl <arg choice="opt" rep="repeat">OPTIONS</arg> status</command>
     </cmdsynopsis>
     <cmdsynopsis>
-      <command>bootctl <arg choice="opt" rep="repeat">OPTIONS</arg>update</command>
+      <command>bootctl <arg choice="opt" rep="repeat">OPTIONS</arg> update</command>
     </cmdsynopsis>
     <cmdsynopsis>
-      <command>bootctl <arg choice="opt" rep="repeat">OPTIONS</arg>install</command>
+      <command>bootctl <arg choice="opt" rep="repeat">OPTIONS</arg> install</command>
     </cmdsynopsis>
     <cmdsynopsis>
-      <command>bootctl <arg choice="opt" rep="repeat">OPTIONS</arg>remove</command>
+      <command>bootctl <arg choice="opt" rep="repeat">OPTIONS</arg> remove</command>
     </cmdsynopsis>
   </refsynopsisdiv>
 
@@ -71,19 +71,14 @@
     currently installed versions of the boot loader binaries and
     all current EFI boot variables.</para>
 
-    <para><command>bootctl update</command> updates all installed
-    versions of systemd-boot, if the current version is newer than the
-    version installed in the EFI system partition. This also includes
-    the EFI default/fallback loader at /EFI/BOOT/BOOT*.EFI. A
-    systemd-boot entry in the EFI boot variables is created if there
-    is no current entry. The created entry will be added to the end of
-    the boot order list.</para>
+    <para><command>bootctl update</command> updates all installed versions of systemd-boot, if the current version is
+    newer than the version installed in the EFI system partition. This also includes the EFI default/fallback loader at
+    <filename>/EFI/BOOT/BOOT*.EFI</filename>. A systemd-boot entry in the EFI boot variables is created if there is no
+    current entry. The created entry will be added to the end of the boot order list.</para>
 
-    <para><command>bootctl install</command> installs systemd-boot into
-    the EFI system partition. A copy of systemd-boot will be stored as
-    the EFI default/fallback loader at /EFI/BOOT/BOOT*.EFI. A systemd-boot
-    entry in the EFI boot variables is created and added to the top
-    of the boot order list.</para>
+    <para><command>bootctl install</command> installs systemd-boot into the EFI system partition. A copy of
+    systemd-boot will be stored as the EFI default/fallback loader at <filename>/EFI/BOOT/BOOT*.EFI</filename>. A
+    systemd-boot entry in the EFI boot variables is created and added to the top of the boot order list.</para>
 
     <para><command>bootctl remove</command> removes all installed
     versions of systemd-boot from the EFI system partition, and removes
@@ -101,8 +96,10 @@
       <xi:include href="standard-options.xml" xpointer="help" />
       <xi:include href="standard-options.xml" xpointer="version" />
       <varlistentry>
-        <term><option>--path</option></term>
-        <listitem><para>Path to the EFI system partition. The default is /boot.</para></listitem>
+        <term><option>--path=</option></term>
+        <listitem><para>Path to the EFI System Partition (ESP). If not specified, <filename>/efi</filename>,
+        <filename>/boot</filename>, and <filename>/boot/efi</filename> are checked in turn.  It is recommended to mount
+        the ESP to <filename>/boot</filename>, if possible.</para></listitem>
       </varlistentry>
 
       <varlistentry>
diff --git a/man/journalctl.xml b/man/journalctl.xml
index e77621d7b3..c448a29a51 100644
--- a/man/journalctl.xml
+++ b/man/journalctl.xml
@@ -250,6 +250,18 @@
 
             <varlistentry>
               <term>
+                <option>short-full</option>
+              </term>
+              <listitem>
+                <para>is very similar, but shows timestamps in the format the <option>--since=</option> and
+                <option>--until=</option> options accept. Unlike the timestamp information shown in
+                <option>short</option> output mode this mode includes weekday, year and timezone information in the
+                output, and is locale-independent.</para>
+              </listitem>
+            </varlistentry>
+
+            <varlistentry>
+              <term>
                 <option>short-iso</option>
               </term>
               <listitem>
@@ -572,24 +584,17 @@
         <term><option>-U</option></term>
         <term><option>--until=</option></term>
 
-        <listitem><para>Start showing entries on or newer than the
-        specified date, or on or older than the specified date,
-        respectively. Date specifications should be of the format
-        <literal>2012-10-30 18:17:16</literal>.  If the time part is
-        omitted, <literal>00:00:00</literal> is assumed.  If only the
-        seconds component is omitted, <literal>:00</literal> is
-        assumed. If the date component is omitted, the current day is
-        assumed. Alternatively the strings
-        <literal>yesterday</literal>, <literal>today</literal>,
-        <literal>tomorrow</literal> are understood, which refer to
-        00:00:00 of the day before the current day, the current day,
-        or the day after the current day,
-        respectively. <literal>now</literal> refers to the current
-        time. Finally, relative times may be specified, prefixed with
-        <literal>-</literal> or <literal>+</literal>, referring to
-        times before or after the current time, respectively. For complete
-        time and date specification, see
-        <citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
+        <listitem><para>Start showing entries on or newer than the specified date, or on or older than the specified
+        date, respectively. Date specifications should be of the format <literal>2012-10-30 18:17:16</literal>.  If the
+        time part is omitted, <literal>00:00:00</literal> is assumed.  If only the seconds component is omitted,
+        <literal>:00</literal> is assumed. If the date component is omitted, the current day is assumed. Alternatively
+        the strings <literal>yesterday</literal>, <literal>today</literal>, <literal>tomorrow</literal> are understood,
+        which refer to 00:00:00 of the day before the current day, the current day, or the day after the current day,
+        respectively. <literal>now</literal> refers to the current time. Finally, relative times may be specified,
+        prefixed with <literal>-</literal> or <literal>+</literal>, referring to times before or after the current
+        time, respectively. For complete time and date specification, see
+        <citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry>. Note that
+        <option>--output=short-full</option> prints timestamps that follow precisely this format.
         </para>
         </listitem>
       </varlistentry>
diff --git a/man/journald.conf.xml b/man/journald.conf.xml
index fef4fde898..a9562c121a 100644
--- a/man/journald.conf.xml
+++ b/man/journald.conf.xml
@@ -129,23 +129,15 @@
       <varlistentry>
         <term><varname>SplitMode=</varname></term>
 
-        <listitem><para>Controls whether to split up journal files per user. Split-up journal files are primarily
-        useful for access control: on UNIX/Linux access control is managed per file, and the journal daemon will assign
-        users read access to their journal files. This setting takes one of <literal>uid</literal>,
-        <literal>login</literal> or <literal>none</literal>. If <literal>uid</literal>, all regular users will get each
-        their own journal files regardless of whether their processes possess login sessions or not, however system
-        users will log into the system journal. If <literal>login</literal>, actually logged-in users will get each
-        their own journal files, but users without login session and system users will log into the system
-        journal. Note that in this mode, user code running outside of any login session will log into the system log
-        instead of the split-out user logs. Most importantly, this means that information about core dumps of user
-        processes collected via the
-        <citerefentry><refentrytitle>systemd-coredump</refentrytitle><manvolnum>8</manvolnum></citerefentry> subsystem
-        will end up in the system logs instead of the user logs, and thus not be accessible to the owning users. If
-        <literal>none</literal>, journal files are not split up by user and all messages are instead stored in the
-        single system journal. In this mode unprivileged users generally do not have access to their own log data. Note
-        that splitting up journal files by user is only available for journals stored persistently. If journals are
-        stored on volatile storage (see above), only a single journal file for all user IDs is kept. Defaults to
-        <literal>uid</literal>.</para></listitem>
+        <listitem><para>Controls whether to split up journal files per user, either <literal>uid</literal> or
+        <literal>none</literal>. Split journal files are primarily useful for access control: on UNIX/Linux access
+        control is managed per file, and the journal daemon will assign users read access to their journal files. If
+        <literal>uid</literal>, all regular users will each get their own journal files, and system users will log to
+        the system journal. If <literal>none</literal>, journal files are not split up by user and all messages are
+        instead stored in the single system journal. In this mode unprivileged users generally do not have access to
+        their own log data. Note that splitting up journal files by user is only available for journals stored
+        persistently. If journals are stored on volatile storage (see <varname>Storage=</varname> above), only a single
+        journal file is used. Defaults to <literal>uid</literal>.</para></listitem>
       </varlistentry>
 
       <varlistentry>
diff --git a/man/kernel-command-line.xml b/man/kernel-command-line.xml
index 3ecc969c10..1fa31a14b7 100644
--- a/man/kernel-command-line.xml
+++ b/man/kernel-command-line.xml
@@ -224,15 +224,14 @@
 
       <varlistentry>
         <term><varname>vconsole.keymap=</varname></term>
-        <term><varname>vconsole.keymap.toggle=</varname></term>
+        <term><varname>vconsole.keymap_toggle=</varname></term>
         <term><varname>vconsole.font=</varname></term>
-        <term><varname>vconsole.font.map=</varname></term>
-        <term><varname>vconsole.font.unimap=</varname></term>
+        <term><varname>vconsole.font_map=</varname></term>
+        <term><varname>vconsole.font_unimap=</varname></term>
 
         <listitem>
-          <para>Parameters understood by the virtual console setup
-          logic. For details, see
-          <citerefentry><refentrytitle>systemd-vconsole-setup.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+          <para>Parameters understood by the virtual console setup logic. For details, see
+          <citerefentry><refentrytitle>vconsole.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
         </listitem>
       </varlistentry>
 
diff --git a/man/localectl.xml b/man/localectl.xml
index 8d2becb5d9..31238272f3 100644
--- a/man/localectl.xml
+++ b/man/localectl.xml
@@ -223,7 +223,7 @@
       <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>systemd-localed.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>systemd-firstboot</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-      <citerefentry><refentrytitle>mkinitrd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+      <citerefentry project='die-net'><refentrytitle>mkinitrd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
     </para>
   </refsect1>
 
diff --git a/man/networkd.conf.xml b/man/networkd.conf.xml
index 4bfc4f773a..57e647a31b 100644
--- a/man/networkd.conf.xml
+++ b/man/networkd.conf.xml
@@ -120,7 +120,7 @@
 
         <para>The DUID value specified here overrides the DUID that systemd-networkd generates using the machine-id
         from the <filename>/etc/machine-id</filename> file. To configure DUID per-network, see
-        <citerefentry><refentrytitle>systemd.network </refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+        <citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
         The configured DHCP DUID should conform to the specification in
         <ulink url="http://tools.ietf.org/html/rfc3315#section-9">RFC 3315</ulink>,
         <ulink url="http://tools.ietf.org/html/rfc6355">RFC 6355</ulink>. To configure IAID, see
diff --git a/man/nss-myhostname.xml b/man/nss-myhostname.xml
index a920ec334f..b1daaba02b 100644
--- a/man/nss-myhostname.xml
+++ b/man/nss-myhostname.xml
@@ -106,8 +106,8 @@
     <para>Here is an example <filename>/etc/nsswitch.conf</filename> file that enables
     <command>nss-myhostname</command> correctly:</para>
 
-<programlisting>passwd:         compat mymachines
-group:          compat mymachines
+<programlisting>passwd:         compat mymachines systemd
+group:          compat mymachines systemd
 shadow:         compat
 
 hosts:          files mymachines resolve <command>myhostname</command>
@@ -138,6 +138,7 @@ netgroup:       nis</programlisting>
     <title>See Also</title>
     <para>
       <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>nss-systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>nss-mymachines</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
       <citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
diff --git a/man/nss-mymachines.xml b/man/nss-mymachines.xml
index ec047449bf..a70119e256 100644
--- a/man/nss-mymachines.xml
+++ b/man/nss-mymachines.xml
@@ -82,8 +82,8 @@
     <para>Here is an example <filename>/etc/nsswitch.conf</filename> file that enables
     <command>nss-mymachines</command> correctly:</para>
 
-    <programlisting>passwd:         compat <command>mymachines</command>
-group:          compat <command>mymachines</command>
+    <programlisting>passwd:         compat <command>mymachines</command> systemd
+group:          compat <command>mymachines</command> systemd
 shadow:         compat
 
 hosts:          files <command>mymachines</command> resolve myhostname
@@ -103,6 +103,7 @@ netgroup:       nis</programlisting>
     <para>
       <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>systemd-machined.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>nss-systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
       <citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
diff --git a/man/nss-resolve.xml b/man/nss-resolve.xml
index d9e56453e8..e6cc1d982a 100644
--- a/man/nss-resolve.xml
+++ b/man/nss-resolve.xml
@@ -81,8 +81,8 @@
     <para>Here is an example <filename>/etc/nsswitch.conf</filename> file that enables <command>nss-resolve</command>
     correctly:</para>
 
-<programlisting>passwd:         compat mymachines
-group:          compat mymachines
+<programlisting>passwd:         compat mymachines systemd
+group:          compat mymachines systemd
 shadow:         compat
 
 hosts:          files mymachines <command>resolve</command> myhostname
@@ -102,8 +102,9 @@ netgroup:       nis</programlisting>
     <para>
       <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-      <citerefentry><refentrytitle>nss-mymachines</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>nss-systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>nss-mymachines</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
       <citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
     </para>
   </refsect1>
diff --git a/man/nss-systemd.xml b/man/nss-systemd.xml
new file mode 100644
index 0000000000..56d26e7d1f
--- /dev/null
+++ b/man/nss-systemd.xml
@@ -0,0 +1,111 @@
+<?xml version='1.0'?> <!--*-nxml-*-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+
+<!--
+  This file is part of systemd.
+
+  Copyright 2016 Lennart Poettering
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+-->
+
+<refentry id="nss-systemd">
+
+  <refentryinfo>
+    <title>nss-systemd</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Lennart</firstname>
+        <surname>Poettering</surname>
+        <email>lennart@poettering.net</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>nss-systemd</refentrytitle>
+    <manvolnum>8</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>nss-systemd</refname>
+    <refname>libnss_systemd.so.2</refname>
+    <refpurpose>Provide UNIX user and group name resolution for dynamic users and groups.</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <para><filename>libnss_systemd.so.2</filename></para>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para><command>nss-systemd</command> is a plug-in module for the GNU Name Service Switch (NSS) functionality of the
+    GNU C Library (<command>glibc</command>), providing UNIX user and group name resolution for dynamic users and
+    groups allocated through the <varname>DynamicUser=</varname> option in systemd unit files. See
+    <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details on
+    this option.</para>
+
+    <para>This module also ensures that the root and nobody users and groups (i.e. the users/groups with the UIDs/GIDs
+    0 and 65534) remain resolvable at all times, even if they aren't listed in <filename>/etc/passwd</filename> or
+    <filename>/etc/group</filename>, or if these files are missing.</para>
+
+    <para>To activate the NSS module, add <literal>systemd</literal> to the lines starting with
+    <literal>passwd:</literal> and <literal>group:</literal> in <filename>/etc/nsswitch.conf</filename>.</para>
+
+    <para>It is recommended to place <literal>systemd</literal> after the <literal>files</literal> or
+    <literal>compat</literal> entry of the <filename>/etc/nsswitch.conf</filename> lines so that
+    <filename>/etc/passwd</filename> and <filename>/etc/group</filename> based mappings take precedence.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>Example</title>
+
+    <para>Here is an example <filename>/etc/nsswitch.conf</filename> file that enables
+    <command>nss-systemd</command> correctly:</para>
+
+    <programlisting>passwd:         compat mymachines <command>systemd</command>
+group:          compat mymachines <command>systemd</command>
+shadow:         compat
+
+hosts:          files mymachines resolve myhostname
+networks:       files
+
+protocols:      db files
+services:       db files
+ethers:         db files
+rpc:            db files
+
+netgroup:       nis</programlisting>
+
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <para>
+      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>nss-mymachines</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+      <citerefentry project='man-pages'><refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+    </para>
+  </refsect1>
+
+</refentry>
diff --git a/man/sd-journal.xml b/man/sd-journal.xml
index 09747a480c..936a83acf7 100644
--- a/man/sd-journal.xml
+++ b/man/sd-journal.xml
@@ -77,7 +77,6 @@
     <citerefentry><refentrytitle>sd_journal_get_realtime_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
     <citerefentry><refentrytitle>sd_journal_add_match</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
     <citerefentry><refentrytitle>sd_journal_seek_head</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
-    <citerefentry><refentrytitle>sd_journal_query_enumerate</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
     <citerefentry><refentrytitle>sd_journal_enumerate_fields</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
     <citerefentry><refentrytitle>sd_journal_get_cursor</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
     <citerefentry><refentrytitle>sd_journal_get_cutoff_realtime_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
@@ -113,7 +112,6 @@
       <citerefentry><refentrytitle>sd_journal_get_realtime_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>sd_journal_add_match</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>sd_journal_seek_head</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
-      <citerefentry><refentrytitle>sd_journal_query_enumerate</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>sd_journal_enumerate_fields</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>sd_journal_get_cursor</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>sd_journal_get_cutoff_realtime_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
diff --git a/man/systemctl.xml b/man/systemctl.xml
index e7880d24f7..78607c9ba3 100644
--- a/man/systemctl.xml
+++ b/man/systemctl.xml
@@ -156,6 +156,10 @@
 
           <para>To list all units installed in the file system, use the
           <command>list-unit-files</command> command instead.</para>
+
+          <para>When listing units with <command>list-dependencies</command>, recursively show
+          dependencies of all dependent units (by default only dependencies of target units are
+          shown).</para>
         </listitem>
       </varlistentry>
 
@@ -1088,7 +1092,8 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service
             enabled and disabled, or only enabled, or only disabled.</para>
 
             <para>If the unit carries no install information, it will be silently ignored
-            by this command.</para>
+            by this command. <replaceable>NAME</replaceable> must be the real unit name,
+            any alias names are ignored silently.</para>
 
             <para>For more information on the preset policy format, see
             <citerefentry><refentrytitle>systemd.preset</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
diff --git a/man/systemd-detect-virt.xml b/man/systemd-detect-virt.xml
index 2b7f4e69ab..61a5f8937f 100644
--- a/man/systemd-detect-virt.xml
+++ b/man/systemd-detect-virt.xml
@@ -88,7 +88,7 @@
         </thead>
         <tbody>
           <row>
-            <entry valign="top" morerows="9">VM</entry>
+            <entry valign="top" morerows="10">VM</entry>
             <entry><varname>qemu</varname></entry>
             <entry>QEMU software virtualization</entry>
           </row>
@@ -138,6 +138,11 @@
             <entry>Parallels Desktop, Parallels Server</entry>
           </row>
 
+           <row>
+            <entry><varname>bhyve</varname></entry>
+            <entry>bhyve, FreeBSD hypervisor</entry>
+          </row>
+
           <row>
             <entry valign="top" morerows="5">Container</entry>
             <entry><varname>openvz</varname></entry>
diff --git a/man/systemd-gpt-auto-generator.xml b/man/systemd-gpt-auto-generator.xml
index e890c4dce2..d26206710f 100644
--- a/man/systemd-gpt-auto-generator.xml
+++ b/man/systemd-gpt-auto-generator.xml
@@ -137,6 +137,11 @@
             <entry>Swap</entry>
             <entry>All swap partitions located on the disk the root partition is located on are enabled.</entry>
           </row>
+          <row>
+            <entry>c12a7328-f81f-11d2-ba4b-00a0c93ec93b</entry>
+            <entry>EFI System Partition (ESP)</entry>
+            <entry>The first ESP located on the disk the root partition is located on is mounted to <filename>/boot</filename> or <filename>/efi</filename>, see below.</entry>
+          </row>
         </tbody>
       </tgroup>
     </table>
@@ -150,16 +155,14 @@
     <filename>/etc/crypttab</filename> with a different device mapper
     device name.</para>
 
-    <para>Mount and automount units for the EFI System Partition (ESP),
-    mounting it to <filename>/boot</filename>, are generated on EFI
-    systems where the boot loader communicates the used ESP to the operating
-    system. Since this generator creates an automount unit, the mount will
-    only be activated on-demand, when accessed. On systems where
-    <filename>/boot</filename> is an explicitly configured mount
-    (for example, listed in
-    <citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>)
-    or where the <filename>/boot</filename> mount point is non-empty, no
-    mount units are generated.</para>
+    <para>Mount and automount units for the EFI System Partition (ESP) are generated on EFI systems. The ESP is mounted
+    to <filename>/boot</filename>, unless a mount point directory <filename>/efi</filename> exists, in which case it is
+    mounted there. Since this generator creates an automount unit, the mount will only be activated on-demand, when
+    accessed. On systems where <filename>/boot</filename> (or <filename>/efi</filename> if it exists) is an explicitly
+    configured mount (for example, listed in <citerefentry
+    project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>) or where the
+    <filename>/boot</filename> (or <filename>/efi</filename>) mount point is non-empty, no mount units are
+    generated.</para>
 
     <para>When using this generator in conjunction with btrfs file
     systems, make sure to set the correct default subvolumes on them,
diff --git a/man/systemd-journal-gatewayd.service.xml b/man/systemd-journal-gatewayd.service.xml
index 9ed85c3950..2cb114f6e3 100644
--- a/man/systemd-journal-gatewayd.service.xml
+++ b/man/systemd-journal-gatewayd.service.xml
@@ -100,6 +100,16 @@
         with <option>--cert=</option>.</para></listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><option>-D <replaceable>DIR</replaceable></option></term>
+        <term><option>--directory=<replaceable>DIR</replaceable></option></term>
+
+        <listitem><para>Takes a directory path as argument. If
+        specified, <command>systemd-journal-gatewayd</command> will serve the
+        specified journal directory <replaceable>DIR</replaceable> instead of
+        the default runtime and system journal paths.</para></listitem>
+      </varlistentry>
+
       <xi:include href="standard-options.xml" xpointer="help" />
       <xi:include href="standard-options.xml" xpointer="version" />
     </variablelist>
diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml
index 69d2f6ff7d..93f93880c3 100644
--- a/man/systemd-nspawn.xml
+++ b/man/systemd-nspawn.xml
@@ -274,8 +274,7 @@
         signals. It is recommended to use this mode to invoke arbitrary commands in containers, unless they have been
         modified to run correctly as PID 1. Or in other words: this switch should be used for pretty much all commands,
         except when the command refers to an init or shell implementation, as these are generally capable of running
-        correctly as PID 1. This option may not be combined with <option>--boot</option> or
-        <option>--share-system</option>.</para>
+        correctly as PID 1. This option may not be combined with <option>--boot</option>.</para>
         </listitem>
       </varlistentry>
 
@@ -285,8 +284,7 @@
 
         <listitem><para>Automatically search for an init binary and invoke it as PID 1, instead of a shell or a user
         supplied program. If this option is used, arguments specified on the command line are used as arguments for the
-        init binary. This option may not be combined with <option>--as-pid2</option> or
-        <option>--share-system</option>.</para>
+        init binary. This option may not be combined with <option>--as-pid2</option>.</para>
 
         <para>The following table explains the different modes of invocation and relationship to
         <option>--as-pid2</option> (see above):</para>
@@ -847,23 +845,6 @@
       </varlistentry>
 
       <varlistentry>
-        <term><option>--share-system</option></term>
-
-        <listitem><para>Allows the container to share certain system
-        facilities with the host. More specifically, this turns off
-        PID namespacing, UTS namespacing and IPC namespacing, and thus
-        allows the guest to see and interact more easily with
-        processes outside of the container. Note that using this
-        option makes it impossible to start up a full Operating System
-        in the container, as an init system cannot operate in this
-        mode. It is only useful to run specific programs or
-        applications this way, without involving an init system in the
-        container. This option implies <option>--register=no</option>.
-        This option may not be combined with
-        <option>--boot</option>.</para></listitem>
-      </varlistentry>
-
-      <varlistentry>
         <term><option>--register=</option></term>
 
         <listitem><para>Controls whether the container is registered
@@ -877,9 +858,7 @@
         and shown by tools such as
         <citerefentry project='man-pages'><refentrytitle>ps</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
         If the container does not run an init system, it is
-        recommended to set this option to <literal>no</literal>. Note
-        that <option>--share-system</option> implies
-        <option>--register=no</option>. </para></listitem>
+        recommended to set this option to <literal>no</literal>.</para></listitem>
       </varlistentry>
 
       <varlistentry>
diff --git a/man/systemd-resolved.service.xml b/man/systemd-resolved.service.xml
index aa1c2365e5..56f67960ce 100644
--- a/man/systemd-resolved.service.xml
+++ b/man/systemd-resolved.service.xml
@@ -68,12 +68,12 @@
       link-local networking).</para></listitem>
 
       <listitem><para>The glibc
-      <citerefentry><refentrytitle>getaddrinfo</refentrytitle><manvolnum>3</manvolnum></citerefentry> API as defined
+      <citerefentry project='man-pages'><refentrytitle>getaddrinfo</refentrytitle><manvolnum>3</manvolnum></citerefentry> API as defined
       by <ulink url="https://tools.ietf.org/html/rfc3493">RFC3493</ulink> and its related resolver functions,
-      including <citerefentry><refentrytitle>gethostbyname</refentrytitle><manvolnum>3</manvolnum></citerefentry>. This
+      including <citerefentry project='man-pages'><refentrytitle>gethostbyname</refentrytitle><manvolnum>3</manvolnum></citerefentry>. This
       API is widely supported, including beyond the Linux platform. In its current form it does not expose DNSSEC
       validation status information however, and is synchronous only. This API is backed by the glibc Name Service
-      Switch (<citerefentry><refentrytitle>nss</refentrytitle><manvolnum>5</manvolnum></citerefentry>). Usage of the
+      Switch (<citerefentry project='man-pages'><refentrytitle>nss</refentrytitle><manvolnum>5</manvolnum></citerefentry>). Usage of the
       glibc NSS module <citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry>
       is required in order to allow glibc's NSS resolver functions to resolve host names via
       <command>systemd-resolved</command>.</para></listitem>
@@ -164,7 +164,7 @@
     <title><filename>/etc/resolv.conf</filename></title>
 
     <para>Three modes of handling <filename>/etc/resolv.conf</filename> (see
-    <citerefentry><refentrytitle>resolv.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>) are
+    <citerefentry project='man-pages'><refentrytitle>resolv.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>) are
     supported:</para>
 
     <itemizedlist>
diff --git a/man/systemd-vconsole-setup.service.xml b/man/systemd-vconsole-setup.service.xml
index ff079761c1..e048258621 100644
--- a/man/systemd-vconsole-setup.service.xml
+++ b/man/systemd-vconsole-setup.service.xml
@@ -63,41 +63,7 @@
 
     <para>See
     <citerefentry><refentrytitle>vconsole.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-    for information about the configuration files understood by this
-    service.</para>
-
-
-  </refsect1>
-
-  <refsect1>
-    <title>Kernel Command Line</title>
-
-    <para>A few configuration parameters from
-    <filename>vconsole.conf</filename> may be overridden on the kernel
-    command line:</para>
-
-    <variablelist class='kernel-commandline-options'>
-      <varlistentry>
-        <term><varname>vconsole.keymap=</varname></term>
-        <term><varname>vconsole.keymap.toggle=</varname></term>
-
-        <listitem><para>Overrides the key mapping table for the
-        keyboard and the second toggle keymap.</para></listitem>
-      </varlistentry>
-      <varlistentry>
-
-        <term><varname>vconsole.font=</varname></term>
-        <term><varname>vconsole.font.map=</varname></term>
-        <term><varname>vconsole.font.unimap=</varname></term>
-
-        <listitem><para>Configures the console font, the console map,
-        and the unicode font map.</para></listitem>
-      </varlistentry>
-    </variablelist>
-
-    <para>See
-    <citerefentry><refentrytitle>vconsole.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-    for information about these settings.</para>
+    for information about the configuration files and kernel command line options understood by this program.</para>
   </refsect1>
 
   <refsect1>
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 41ae6e76de..bf82326096 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -107,46 +107,67 @@
       <varlistentry>
         <term><varname>WorkingDirectory=</varname></term>
 
-        <listitem><para>Takes a directory path relative to the service's root
-        directory specified by <varname>RootDirectory=</varname>, or the
-        special value <literal>~</literal>. Sets the working directory
-        for executed processes. If set to <literal>~</literal>, the
-        home directory of the user specified in
-        <varname>User=</varname> is used. If not set, defaults to the
-        root directory when systemd is running as a system instance
-        and the respective user's home directory if run as user. If
-        the setting is prefixed with the <literal>-</literal>
-        character, a missing working directory is not considered
-        fatal. If <varname>RootDirectory=</varname> is not set, then
-        <varname>WorkingDirectory=</varname> is relative to the root of
-        the system running the service manager.
-        Note that setting this parameter might result in
-        additional dependencies to be added to the unit (see
-        above).</para></listitem>
+        <listitem><para>Takes a directory path relative to the service's root directory specified by
+        <varname>RootDirectory=</varname>, or the special value <literal>~</literal>. Sets the working directory for
+        executed processes. If set to <literal>~</literal>, the home directory of the user specified in
+        <varname>User=</varname> is used. If not set, defaults to the root directory when systemd is running as a
+        system instance and the respective user's home directory if run as user. If the setting is prefixed with the
+        <literal>-</literal> character, a missing working directory is not considered fatal. If
+        <varname>RootDirectory=</varname> is not set, then <varname>WorkingDirectory=</varname> is relative to the root
+        of the system running the service manager.  Note that setting this parameter might result in additional
+        dependencies to be added to the unit (see above).</para></listitem>
       </varlistentry>
 
       <varlistentry>
         <term><varname>RootDirectory=</varname></term>
 
-        <listitem><para>Takes a directory path relative to the host's root directory
-        (i.e. the root of the system running the service manager). Sets the
-        root directory for executed processes, with the <citerefentry
-        project='man-pages'><refentrytitle>chroot</refentrytitle><manvolnum>2</manvolnum></citerefentry>
-        system call. If this is used, it must be ensured that the
-        process binary and all its auxiliary files are available in
-        the <function>chroot()</function> jail. Note that setting this
-        parameter might result in additional dependencies to be added
-        to the unit (see above).</para></listitem>
+        <listitem><para>Takes a directory path relative to the host's root directory (i.e. the root of the system
+        running the service manager). Sets the root directory for executed processes, with the <citerefentry
+        project='man-pages'><refentrytitle>chroot</refentrytitle><manvolnum>2</manvolnum></citerefentry> system
+        call. If this is used, it must be ensured that the process binary and all its auxiliary files are available in
+        the <function>chroot()</function> jail. Note that setting this parameter might result in additional
+        dependencies to be added to the unit (see above).</para>
+
+        <para>The <varname>PrivateUsers=</varname> setting is particularly useful in conjunction with
+        <varname>RootDirectory=</varname>. For details, see below.</para></listitem>
       </varlistentry>
 
       <varlistentry>
         <term><varname>User=</varname></term>
         <term><varname>Group=</varname></term>
 
-        <listitem><para>Sets the Unix user or group that the processes
-        are executed as, respectively. Takes a single user or group
-        name or ID as argument. If no group is set, the default group
-        of the user is chosen. These do not affect commands prefixed with <literal>+</literal>.</para></listitem>
+        <listitem><para>Set the UNIX user or group that the processes are executed as, respectively. Takes a single
+        user or group name, or numeric ID as argument. If no group is set, the default group of the user is used. This
+        setting does not affect commands whose command line is prefixed with <literal>+</literal>.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>DynamicUser=</varname></term>
+
+        <listitem><para>Takes a boolean parameter. If set, a UNIX user and group pair is allocated dynamically when the
+        unit is started, and released as soon as it is stopped. The user and group will not be added to
+        <filename>/etc/passwd</filename> or <filename>/etc/group</filename>, but are managed transiently during
+        runtime. The <citerefentry><refentrytitle>nss-systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        glibc NSS module provides integration of these dynamic users/groups into the system's user and group
+        databases. The user and group name to use may be configured via <varname>User=</varname> and
+        <varname>Group=</varname> (see above). If these options are not used and dynamic user/group allocation is
+        enabled for a unit, the name of the dynamic user/group is implicitly derived from the unit name. If the unit
+        name without the type suffix qualifies as valid user name it is used directly, otherwise a name incorporating a
+        hash of it is used. If a statically allocated user or group of the configured name already exists, it is used
+        and no dynamic user/group is allocated. Dynamic users/groups are allocated from the UID/GID range
+        61184…65519. It is recommended to avoid this range for regular system or login users.  At any point in time
+        each UID/GID from this range is only assigned to zero or one dynamically allocated users/groups in
+        use. However, UID/GIDs are recycled after a unit is terminated. Care should be taken that any processes running
+        as part of a unit for which dynamic users/groups are enabled do not leave files or directories owned by these
+        users/groups around, as a different unit might get the same UID/GID assigned later on, and thus gain access to
+        these files or directories. If <varname>DynamicUser=</varname> is enabled, <varname>PrivateTmp=</varname> is
+        implied. This ensures that the lifetime of temporary files created by the executed processes is bound to the
+        runtime of the service, and hence the lifetime of the dynamic user/group. Since <filename>/tmp</filename> and
+        <filename>/var/tmp</filename> are usually the only world-writable directories on a system this ensures that a
+        unit making use of dynamic user/group allocation cannot leave files around after unit termination. Use
+        <varname>RuntimeDirectory=</varname> (see below) in order to assign a writable runtime directory to a service,
+        owned by the dynamic user/group and removed automatically when the unit is terminated. Defaults to
+        off.</para></listitem>
       </varlistentry>
 
       <varlistentry>
@@ -971,6 +992,28 @@
       </varlistentry>
 
       <varlistentry>
+        <term><varname>PrivateUsers=</varname></term>
+
+        <listitem><para>Takes a boolean argument. If true, sets up a new user namespace for the executed processes and
+        configures a minimal user and group mapping, that maps the <literal>root</literal> user and group as well as
+        the unit's own user and group to themselves and everything else to the <literal>nobody</literal> user and
+        group. This is useful to securely detach the user and group databases used by the unit from the rest of the
+        system, and thus to create an effective sandbox environment. All files, directories, processes, IPC objects and
+        other resources owned by users/groups not equalling <literal>root</literal> or the unit's own will stay visible
+        from within the unit but appear owned by the <literal>nobody</literal> user and group. If this mode is enabled,
+        all unit processes are run without privileges in the host user namespace (regardless if the unit's own
+        user/group is <literal>root</literal> or not). Specifically this means that the process will have zero process
+        capabilities on the host's user namespace, but full capabilities within the service's user namespace. Settings
+        such as <varname>CapabilityBoundingSet=</varname> will affect only the latter, and there's no way to acquire
+        additional capabilities in the host's user namespace. Defaults to off.</para>
+
+        <para>This setting is particularly useful in conjunction with <varname>RootDirectory=</varname>, as the need to
+        synchronize the user and group databases in the root directory and on the host is reduced, as the only users
+        and groups who need to be matched are <literal>root</literal>, <literal>nobody</literal> and the unit's own
+        user and group.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
         <term><varname>ProtectSystem=</varname></term>
 
         <listitem><para>Takes a boolean argument or
@@ -1421,7 +1464,7 @@
         <listitem><para>Takes a boolean argument. If set, any attempts to enable realtime scheduling in a process of
         the unit are refused. This restricts access to realtime task scheduling policies such as
         <constant>SCHED_FIFO</constant>, <constant>SCHED_RR</constant> or <constant>SCHED_DEADLINE</constant>. See
-        <citerefentry><refentrytitle>sched</refentrytitle><manvolnum>7</manvolnum></citerefentry> for details about
+        <citerefentry project='man-pages'><refentrytitle>sched</refentrytitle><manvolnum>7</manvolnum></citerefentry> for details about
         these scheduling policies. Realtime scheduling policies may be used to monopolize CPU time for longer periods
         of time, and may hence be used to lock up or otherwise trigger Denial-of-Service situations on the system. It
         is hence recommended to restrict access to realtime scheduling to the few programs that actually require
@@ -1574,6 +1617,118 @@
         functions) if their standard output or standard error output is connected to the journal anyway, thus enabling
         delivery of structured metadata along with logged messages.</para></listitem>
       </varlistentry>
+
+      <varlistentry>
+        <term><varname>$SERVICE_RESULT</varname></term>
+
+        <listitem><para>Only defined for the service unit type, this environment variable is passed to all
+        <varname>ExecStop=</varname> and <varname>ExecStopPost=</varname> processes, and encodes the service
+        "result". Currently, the following values are defined: <literal>timeout</literal> (in case of an operation
+        timeout), <literal>exit-code</literal> (if a service process exited with a non-zero exit code; see
+        <varname>$EXIT_STATUS</varname> below for the actual exit status returned), <literal>signal</literal> (if a
+        service process was terminated abnormally by a signal; see <varname>$EXIT_STATUS</varname> below for the actual
+        signal used for the termination), <literal>core-dump</literal> (if a service process terminated abnormally and
+        dumped core), <literal>watchdog</literal> (if the watchdog keep-alive ping was enabled for the service but it
+        missed the deadline), or <literal>resources</literal> (a catch-all condition in case a system operation
+        failed).</para>
+
+        <para>This environment variable is useful to monitor failure or successful termination of a service. Even
+        though this variable is available in both <varname>ExecStop=</varname> and <varname>ExecStopPost=</varname>, it
+        is usually a better choice to place monitoring tools in the latter, as the former is only invoked for services
+        that managed to start up correctly, and the latter covers both services that failed during their start-up and
+        those which failed during their runtime.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>$EXIT_CODE</varname></term>
+        <term><varname>$EXIT_STATUS</varname></term>
+
+        <listitem><para>Only defined for the service unit type, these environment variables are passed to all
+        <varname>ExecStop=</varname>, <varname>ExecStopPost=</varname> processes and contain exit status/code
+        information of the main process of the service. For the precise definition of the exit code and status, see
+        <citerefentry><refentrytitle>wait</refentrytitle><manvolnum>2</manvolnum></citerefentry>. <varname>$EXIT_CODE</varname>
+        is one of <literal>exited</literal>, <literal>killed</literal>,
+        <literal>dumped</literal>. <varname>$EXIT_STATUS</varname> contains the numeric exit code formatted as string
+        if <varname>$EXIT_CODE</varname> is <literal>exited</literal>, and the signal name in all other cases. Note
+        that these environment variables are only set if the service manager succeeded to start and identify the main
+        process of the service.</para>
+
+        <table>
+          <title>Summary of possible service result variable values</title>
+          <tgroup cols='3'>
+            <colspec colname='result' />
+            <colspec colname='status' />
+            <colspec colname='code' />
+            <thead>
+              <row>
+                <entry><varname>$SERVICE_RESULT</varname></entry>
+                <entry><varname>$EXIT_STATUS</varname></entry>
+                <entry><varname>$EXIT_CODE</varname></entry>
+              </row>
+            </thead>
+
+            <tbody>
+              <row>
+                <entry morerows="1" valign="top"><literal>timeout</literal></entry>
+                <entry valign="top"><literal>killed</literal></entry>
+                <entry><literal>TERM</literal><sbr/><literal>KILL</literal></entry>
+              </row>
+
+              <row>
+                <entry valign="top"><literal>exited</literal></entry>
+                <entry><literal>0</literal><sbr/><literal>1</literal><sbr/><literal>2</literal><sbr/><literal
+                >3</literal><sbr/>…<sbr/><literal>255</literal></entry>
+              </row>
+
+              <row>
+                <entry valign="top"><literal>exit-code</literal></entry>
+                <entry valign="top"><literal>exited</literal></entry>
+                <entry><literal>0</literal><sbr/><literal>1</literal><sbr/><literal>2</literal><sbr/><literal
+                >3</literal><sbr/>…<sbr/><literal>255</literal></entry>
+              </row>
+
+              <row>
+                <entry valign="top"><literal>signal</literal></entry>
+                <entry valign="top"><literal>killed</literal></entry>
+                <entry><literal>HUP</literal><sbr/><literal>INT</literal><sbr/><literal>KILL</literal><sbr/>…</entry>
+              </row>
+
+              <row>
+                <entry valign="top"><literal>core-dump</literal></entry>
+                <entry valign="top"><literal>dumped</literal></entry>
+                <entry><literal>ABRT</literal><sbr/><literal>SEGV</literal><sbr/><literal>QUIT</literal><sbr/>…</entry>
+              </row>
+
+              <row>
+                <entry morerows="2" valign="top"><literal>watchdog</literal></entry>
+                <entry><literal>dumped</literal></entry>
+                <entry><literal>ABRT</literal></entry>
+              </row>
+              <row>
+                <entry><literal>killed</literal></entry>
+                <entry><literal>TERM</literal><sbr/><literal>KILL</literal></entry>
+              </row>
+              <row>
+                <entry><literal>exited</literal></entry>
+                <entry><literal>0</literal><sbr/><literal>1</literal><sbr/><literal>2</literal><sbr/><literal
+                >3</literal><sbr/>…<sbr/><literal>255</literal></entry>
+              </row>
+
+              <row>
+                <entry><literal>resources</literal></entry>
+                <entry>any of the above</entry>
+                <entry>any of the above</entry>
+              </row>
+
+              <row>
+                <entry namest="results" nameend="code">Note: the process may be also terminated by a signal not sent by systemd. In particular the process may send an arbitrary signal to itself in a handler for any of the non-maskable signals. Nevertheless, in the <literal>timeout</literal> and <literal>watchdog</literal> rows above only the signals that systemd sends have been included.</entry>
+              </row>
+            </tbody>
+          </tgroup>
+        </table>
+
+        </listitem>
+      </varlistentry>
     </variablelist>
 
     <para>Additional variables may be configured by the following
@@ -1609,4 +1764,5 @@
       </para>
   </refsect1>
 
+
 </refentry>
diff --git a/man/systemd.mount.xml b/man/systemd.mount.xml
index 66cddd72e0..a38165f9b9 100644
--- a/man/systemd.mount.xml
+++ b/man/systemd.mount.xml
@@ -160,7 +160,7 @@
     for details about the conversion.</para>
 
     <para>The NFS mount option <option>bg</option> for NFS background mounts
-    as documented in <citerefentry><refentrytitle>nfs</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+    as documented in <citerefentry project='man-pages'><refentrytitle>nfs</refentrytitle><manvolnum>5</manvolnum></citerefentry>
     is not supported in <filename>/etc/fstab</filename> entries. The systemd mount option <option>nofail</option>
     provides similar functionality and should be used instead.</para>
 
diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml
index a5c6f0fa40..e56708a648 100644
--- a/man/systemd.netdev.xml
+++ b/man/systemd.netdev.xml
@@ -343,8 +343,15 @@
             </para>
           </listitem>
         </varlistentry>
+          <varlistentry>
+          <term><varname>STP=</varname></term>
+          <listitem>
+            <para>A boolean. This enables the bridge's Spanning Tree Protocol (STP). When unset,
+            the kernel's default setting applies.
+            </para>
+          </listitem>
+        </varlistentry>
       </variablelist>
-
   </refsect1>
 
   <refsect1>
diff --git a/man/systemd.network.xml b/man/systemd.network.xml
index 4541a55490..c332cd7bdc 100644
--- a/man/systemd.network.xml
+++ b/man/systemd.network.xml
@@ -212,6 +212,17 @@
           below 1280 (the minimum MTU for IPv6) it will automatically be increased to this value.</para>
         </listitem>
       </varlistentry>
+      <varlistentry>
+        <term><varname>ARP=</varname></term>
+        <listitem>
+          <para> A boolean. Enables or disables the ARP (low-level Address Resolution Protocol)
+          for this interface. Defaults to unset, which means that the kernel default will be used.</para>
+          <para> For example, disabling ARP is useful when creating multiple MACVLAN or VLAN virtual
+          interfaces atop a single lower-level physical interface, which will then only serve as a
+          link/"bridge" device aggregating traffic to the same physical link and not participate in
+          the network otherwise.</para>
+        </listitem>
+      </varlistentry>
     </variablelist>
   </refsect1>
 
diff --git a/man/systemd.offline-updates.xml b/man/systemd.offline-updates.xml
index ae53b8552d..f404c8d72f 100644
--- a/man/systemd.offline-updates.xml
+++ b/man/systemd.offline-updates.xml
@@ -77,7 +77,7 @@
 
       <listitem>
         <para>Very early in the new boot
-        <citerefentry><refentrytitle>systemd-update-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        <citerefentry><refentrytitle>systemd-system-update-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
         checks whether <filename>/system-update</filename> exists. If so, it (temporarily and for
         this boot only) redirects (i.e. symlinks) <filename>default.target</filename> to
         <filename>system-update.target</filename>, a special target that is pulls in the base system
@@ -162,8 +162,8 @@
       <ulink url="http://www.freedesktop.org/wiki/Software/systemd/SystemUpdates/">Implementing Offline System Updates</ulink>,
       <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>systemd.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
-      <citerefentry><refentrytitle>systemd-update-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-      <citerefentry><refentrytitle>dnf.plugin.system-upgrade</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+      <citerefentry><refentrytitle>systemd-system-update-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry project='mankier'><refentrytitle>dnf.plugin.system-upgrade</refentrytitle><manvolnum>8</manvolnum></citerefentry>
     </para>
   </refsect1>
 </refentry>
diff --git a/man/systemd.preset.xml b/man/systemd.preset.xml
index b7164014f0..d09167baaf 100644
--- a/man/systemd.preset.xml
+++ b/man/systemd.preset.xml
@@ -98,6 +98,10 @@
     Empty lines and lines whose first non-whitespace character is # or
     ; are ignored.</para>
 
+    <para>Presets must refer to the "real" unit file, and not to any aliases. See
+    <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+    for a description of unit aliasing.</para>
+
     <para>Two different directives are understood:
     <literal>enable</literal> may be used to enable units by default,
     <literal>disable</literal> to disable units by default.</para>
diff --git a/man/systemd.resource-control.xml b/man/systemd.resource-control.xml
index bf44a68345..0e98ca78b8 100644
--- a/man/systemd.resource-control.xml
+++ b/man/systemd.resource-control.xml
@@ -99,9 +99,10 @@
   <refsect1>
     <title>Unified and Legacy Control Group Hierarchies</title>
 
-    <para>The unified control group hierarchy is the new version of kernel control group interface. Depending on the
-    resource type, there are differences in resource control capabilities.  Also, because of interface changes, some
-    resource types have a separate set of options on the unified hierarchy.</para>
+    <para>The unified control group hierarchy is the new version of kernel control group interface, see <ulink
+    url="https://www.kernel.org/doc/Documentation/cgroup-v2.txt">cgroup-v2.txt</ulink>. Depending on the resource type,
+    there are differences in resource control capabilities.  Also, because of interface changes, some resource types
+    have separate set of options on the unified hierarchy.</para>
 
     <para>
       <variablelist>
@@ -126,6 +127,13 @@
     settings of a unit for a given resource type are for the other hierarchy type, the settings are translated and
     applied. If there are any valid settings for the hierarchy in use, all translations are disabled for the resource
     type. Mixing the two types of settings on a unit can lead to confusing results.</para>
+
+    <para>Legacy control group hierarchy (see <ulink
+    url="https://www.kernel.org/doc/Documentation/cgroup-v1/cgroups.txt">cgroups.txt</ulink>), also called cgroup-v1,
+    doesn't allow safe delegation of controllers to unprivileged processes. If the system uses the legacy control group
+    hierarchy, resource control is disabled for systemd user instance, see
+    <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
+    </para>
   </refsect1>
 
   <refsect1>
diff --git a/man/systemd.service.xml b/man/systemd.service.xml
index 875d368fcf..b58e887662 100644
--- a/man/systemd.service.xml
+++ b/man/systemd.service.xml
@@ -276,17 +276,12 @@
         below (see section "Command Lines" below).
         </para>
 
-        <para>When <varname>Type=</varname> is not
-        <option>oneshot</option>, only one command may and must be
-        given. When <varname>Type=oneshot</varname> is used, zero or
-        more commands may be specified. This can be specified by
-        providing multiple command lines in the same directive, or
-        alternatively, this directive may be specified more than once
-        with the same effect. If the empty string is assigned to this
-        option, the list of commands to start is reset, prior
-        assignments of this option will have no effect. If no
-        <varname>ExecStart=</varname> is specified, then the service
-        must have <varname>RemainAfterExit=yes</varname> set.</para>
+        <para>Unless <varname>Type=</varname> is <option>oneshot</option>, exactly one command must be given. When
+        <varname>Type=oneshot</varname> is used, zero or more commands may be specified. Commands may be specified by
+        providing multiple command lines in the same directive, or alternatively, this directive may be specified more
+        than once with the same effect. If the empty string is assigned to this option, the list of commands to start
+        is reset, prior assignments of this option will have no effect. If no <varname>ExecStart=</varname> is
+        specified, then the service must have <varname>RemainAfterExit=yes</varname> set.</para>
 
         <para>For each of the specified commands, the first argument must be an absolute path to an
         executable. Optionally, if this file name is prefixed with <literal>@</literal>, the second token will be
@@ -294,7 +289,7 @@
         the absolute filename is prefixed with <literal>-</literal>, an exit code of the command normally considered a
         failure (i.e. non-zero exit status or abnormal exit due to signal) is ignored and considered success.  If the
         absolute path is prefixed with <literal>+</literal> then it is executed with full
-        privileges. <literal>-</literal>, <literal>@</literal>, and <literal>+</literal> may be used together and they
+        privileges. <literal>@</literal>, <literal>-</literal>, and <literal>+</literal> may be used together and they
         can appear in any order.</para>
 
         <para>If more than one command is specified, the commands are
@@ -429,7 +424,13 @@
         service failed to start up correctly. Commands configured with this setting need to be able to operate even if
         the service failed starting up half-way and left incompletely initialized data around. As the service's
         processes have been terminated already when the commands specified with this setting are executed they should
-        not attempt to communicate with them.</para></listitem>
+        not attempt to communicate with them.</para>
+
+        <para>Note that all commands that are configured with this setting are invoked with the result code of the
+        service, as well as the main process' exit code and status, set in the <varname>$SERVICE_RESULT</varname>,
+        <varname>$EXIT_CODE</varname> and <varname>$EXIT_STATUS</varname> environment variables, see
+        <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
+        details.</para></listitem>
       </varlistentry>
 
       <varlistentry>
diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml
index 5bf54d8ef3..26e5d3ce7b 100644
--- a/man/systemd.socket.xml
+++ b/man/systemd.socket.xml
@@ -443,6 +443,14 @@
       </varlistentry>
 
       <varlistentry>
+        <term><varname>MaxConnectionsPerSource=</varname></term>
+        <listitem><para>The maximum number of connections for a service per source IP address.
+        This is is very similar to the <varname>MaxConnections=</varname> directive
+        above. Disabled by default.</para>
+        </listitem>
+      </varlistentry>
+
+       <varlistentry>
         <term><varname>KeepAlive=</varname></term>
         <listitem><para>Takes a boolean argument. If true, the TCP/IP
         stack will send a keep alive message after 2h (depending on
diff --git a/man/systemd.special.xml b/man/systemd.special.xml
index 18ad8f92e5..d977298cd8 100644
--- a/man/systemd.special.xml
+++ b/man/systemd.special.xml
@@ -879,6 +879,70 @@
   </refsect1>
 
   <refsect1>
+    <title>Special Passive User Units</title>
+
+    <refsect2>
+      <title>graphical-session.target</title>
+
+      <para>This target is active whenever any graphical session is running. It
+      is used to stop user services which only apply to a graphical (X,
+      Wayland, etc.) session when the session is terminated. Such services
+      should have <literal>PartOf=graphical-session.target</literal> in their
+      <literal>[Unit]</literal> section. A target for a particular session
+      (e. g.  <filename>gnome-session.target</filename>) starts and stops
+      <literal>graphical-session.target</literal> with
+      <literal>BindsTo=graphical-session.target</literal>.</para>
+
+      <para>Which services are started by a session target is determined by the
+      <literal>Wants=</literal> and <literal>Requires=</literal> dependencies.
+      For services that can be enabled independently, symlinks in
+      <literal>.wants/</literal> and <literal>.requires/</literal> should be
+      used, see
+      <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+      Those symlinks should either be shipped in packages, or should be added
+      dynamically after installation, for example using <literal>systemctl add-wants</literal>, see
+      <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
+      </para>
+
+      <example>
+        <title>Nautilus as part of a GNOME session</title>
+
+        <para><literal>gnome-session.target</literal> pulls in Nautilus as
+        top-level service:</para>
+
+        <programlisting>[Unit]
+Description=User systemd services for GNOME graphical session
+Wants=nautilus.service
+BindsTo=graphical-session.target
+        </programlisting>
+
+        <para><literal>nautilus.service</literal> gets stopped when the session stops:</para>
+
+        <programlisting>[Unit]
+Description=Render the desktop icons with Nautilus
+PartOf=graphical-session.target
+
+[Service]
+...
+        </programlisting>
+      </example>
+    </refsect2>
+
+    <refsect2>
+      <title>graphical-session-pre.target</title>
+
+      <para>This target contains services which set up the environment or
+      global configuration of a graphical session, such as SSH/GPG agents
+      (which need to export an environment variable into all desktop processes)
+      or migration of obsolete d-conf keys after an OS upgrade (which needs to
+      happen before starting any process that might use them). This target must
+      be started before starting a graphical session
+      like <filename>gnome-session.target</filename>.</para>
+    </refsect2>
+
+  </refsect1>
+
+  <refsect1>
     <title>Special Slice Units</title>
 
     <para>There are four <literal>.slice</literal> units which form
diff --git a/man/systemd.time.xml b/man/systemd.time.xml
index aae3accb6c..47229b4a4e 100644
--- a/man/systemd.time.xml
+++ b/man/systemd.time.xml
@@ -57,14 +57,13 @@
   <refsect1>
     <title>Displaying Time Spans</title>
 
-    <para>Time spans refer to time durations. On display, systemd will
-    present time spans as a space-separated series of time values each
-    suffixed by a time unit.</para>
+    <para>Time spans refer to time durations. On display, systemd will present time spans as a space-separated series
+    of time values each suffixed by a time unit. Example:</para>
 
     <programlisting>2h 30min</programlisting>
 
-    <para>All specified time values are meant to be added up. The
-    above hence refers to 150 minutes.</para>
+    <para>All specified time values are meant to be added up. The above hence refers to 150 minutes. Display is
+    locale-independent, only English names for the time units are used.</para>
   </refsect1>
 
   <refsect1>
@@ -83,13 +82,13 @@
       <listitem><para>days, day, d</para></listitem>
       <listitem><para>weeks, week, w</para></listitem>
       <listitem><para>months, month, M (defined as 30.44 days)</para></listitem>
-      <listitem><para>years, year, y (define as 365.25 days)</para></listitem>
+      <listitem><para>years, year, y (defined as 365.25 days)</para></listitem>
     </itemizedlist>
 
-    <para>If no time unit is specified, generally seconds are assumed,
-    but some exceptions exist and are marked as such. In a few cases
-    <literal>ns</literal>, <literal>nsec</literal> is accepted too,
-    where the granularity of the time span allows for this.</para>
+    <para>If no time unit is specified, generally seconds are assumed, but some exceptions exist and are marked as
+    such. In a few cases <literal>ns</literal>, <literal>nsec</literal> is accepted too, where the granularity of the
+    time span permits this. Parsing is generally locale-independent, non-English names for the time units are not
+    accepted.</para>
 
     <para>Examples for valid time span specifications:</para>
 
@@ -110,30 +109,29 @@
 
     <programlisting>Fri 2012-11-23 23:02:15 CET</programlisting>
 
-    <para>The weekday is printed according to the locale choice of the
-    user.</para>
+    <para>The weekday is printed in the abbreviated English language form. The formatting is locale-independent.</para>
+
+    <para>In some cases timestamps are shown in the UTC timezone instead of the local timezone, which is indicated via
+    the <literal>UTC</literal> timezone specifier in the output.</para>
+
+    <para>In some cases timestamps are shown with microsecond granularity. In this case the sub-second remainder is
+    separated by a full stop from the seconds component.</para>
   </refsect1>
 
   <refsect1>
     <title>Parsing Timestamps</title>
 
-    <para>When parsing, systemd will accept a similar syntax, but
-    expects no timezone specification, unless it is given as the
-    literal string "UTC". In this case, the time is considered in UTC,
-    otherwise in the local timezone. The weekday specification is
-    optional, but when the weekday is specified, it must either be in
-    the abbreviated (<literal>Wed</literal>) or non-abbreviated
-    (<literal>Wednesday</literal>) English language form (case does
-    not matter), and is not subject to the locale choice of the user.
-    Either the date, or the time part may be omitted, in which case
-    the current date or 00:00:00, respectively, is assumed. The seconds
-    component of the time may also be omitted, in which case ":00" is
-    assumed. Year numbers may be specified in full or may be
-    abbreviated (omitting the century).</para>
-
-    <para>A timestamp is considered invalid if a weekday is specified
-    and the date does not actually match the specified day of the
-    week.</para>
+    <para>When parsing, systemd will accept a similar syntax, but expects no timezone specification, unless it is given
+    as the literal string <literal>UTC</literal> (for the UTC timezone) or is specified to be the locally configured
+    timezone. Other timezones than the local and UTC are not supported. The weekday specification is optional, but when
+    the weekday is specified, it must either be in the abbreviated (<literal>Wed</literal>) or non-abbreviated
+    (<literal>Wednesday</literal>) English language form (case does not matter), and is not subject to the locale
+    choice of the user.  Either the date, or the time part may be omitted, in which case the current date or 00:00:00,
+    respectively, is assumed. The seconds component of the time may also be omitted, in which case ":00" is
+    assumed. Year numbers may be specified in full or may be abbreviated (omitting the century).</para>
+
+    <para>A timestamp is considered invalid if a weekday is specified and the date does not match the specified day of
+    the week.</para>
 
     <para>When parsing, systemd will also accept a few special
     placeholders instead of timestamps: <literal>now</literal> may be
@@ -167,8 +165,6 @@
              2012-11-23 → Fri 2012-11-23 00:00:00
                12-11-23 → Fri 2012-11-23 00:00:00
                11:12:13 → Fri 2012-11-23 11:12:13
-       11:12:13.9900009 → Fri 2012-11-23 11:12:13
-                          format_timestamp_us: Fri 2012-11-23 11:12:13.990000
                   11:12 → Fri 2012-11-23 11:12:00
                     now → Fri 2012-11-23 18:15:22
                   today → Fri 2012-11-23 00:00:00
@@ -176,28 +172,25 @@
               yesterday → Fri 2012-11-22 00:00:00
                tomorrow → Fri 2012-11-24 00:00:00
                +3h30min → Fri 2012-11-23 21:45:22
-           +3h30min UTC → -EINVAL
                     -5s → Fri 2012-11-23 18:15:17
               11min ago → Fri 2012-11-23 18:04:22
-          11min ago UTC → -EINVAL
             @1395716396 → Tue 2014-03-25 03:59:56</programlisting>
 
-    <para>Note that timestamps printed by systemd will not be parsed
-    correctly by systemd, as the timezone specification is not
-    accepted, and printing timestamps is subject to locale settings
-    for the weekday, while parsing only accepts English weekday
-    names.</para>
+    <para>Note that timestamps displayed by remote systems with a non-matching timezone are usually not parsable
+    locally, as the timezone component is not understood (unless it happens to be <literal>UTC</literal>).</para>
 
-    <para>In some cases, systemd will display a relative timestamp
-    (relative to the current time, or the time of invocation of the
-    command) instead or in addition to an absolute timestamp as
-    described above. A relative timestamp is formatted as
-    follows:</para>
+    <para>Timestamps may also be specified with microsecond granularity. The sub-second remainder is expected separated
+    by a full stop from the seconds component. Example:</para>
+
+    <programlisting>2014-03-25 03:59:56.654563</programlisting>
+
+    <para>In some cases, systemd will display a relative timestamp (relative to the current time, or the time of
+    invocation of the command) instead of or in addition to an absolute timestamp as described above. A relative
+    timestamp is formatted as follows:</para>
 
-    <para>2 months 5 days ago</para>
+    <programlisting>2 months 5 days ago</programlisting>
 
-    <para>Note that any relative timestamp will also parse correctly
-    where a timestamp is expected. (see above)</para>
+    <para>Note that a relative timestamp is also accepted where a timestamp is expected (see above).</para>
   </refsect1>
 
   <refsect1>
@@ -239,8 +232,9 @@
     second component is not specified, <literal>:00</literal> is
     assumed.</para>
 
-    <para>A timezone specification is not expected, unless it is given
-    as the literal string "UTC", similarly to timestamps.</para>
+    <para>A timezone specification is not expected, unless it is given as the literal string <literal>UTC</literal>, or
+    the local timezone, similar to the supported syntax of timestamps (see above). Non-local timezones except for UTC
+    are not supported.</para>
 
     <para>The special expressions
     <literal>minutely</literal>,
@@ -263,38 +257,38 @@
     <para>Examples for valid timestamps and their
     normalized form:</para>
 
-<programlisting>   Sat,Thu,Mon..Wed,Sat..Sun → Mon..Thu,Sat,Sun *-*-* 00:00:00
-     Mon,Sun 12-*-* 2,1:23 → Mon,Sun 2012-*-* 01,02:23:00
-                   Wed *-1 → Wed *-*-01 00:00:00
+<programlisting>  Sat,Thu,Mon..Wed,Sat..Sun → Mon..Thu,Sat,Sun *-*-* 00:00:00
+      Mon,Sun 12-*-* 2,1:23 → Mon,Sun 2012-*-* 01,02:23:00
+                    Wed *-1 → Wed *-*-01 00:00:00
            Wed..Wed,Wed *-1 → Wed *-*-01 00:00:00
-                Wed, 17:48 → Wed *-*-* 17:48:00
+                 Wed, 17:48 → Wed *-*-* 17:48:00
 Wed..Sat,Tue 12-10-15 1:2:3 → Tue..Sat 2012-10-15 01:02:03
-               *-*-7 0:0:0 → *-*-07 00:00:00
-                     10-15 → *-10-15 00:00:00
-       monday *-12-* 17:00 → Mon *-12-* 17:00:00
- Mon,Fri *-*-3,1,2 *:30:45 → Mon,Fri *-*-01,02,03 *:30:45
-      12,14,13,12:20,10,30 → *-*-* 12,13,14:10,20,30:00
-           12..14:10,20,30 → *-*-* 12,13,14:10,20,30:00
- mon,fri *-1/2-1,3 *:30:45 → Mon,Fri *-01/2-01,03 *:30:45
-            03-05 08:05:40 → *-03-05 08:05:40
-                  08:05:40 → *-*-* 08:05:40
-                     05:40 → *-*-* 05:40:00
-    Sat,Sun 12-05 08:05:40 → Sat,Sun *-12-05 08:05:40
-          Sat,Sun 08:05:40 → Sat,Sun *-*-* 08:05:40
-          2003-03-05 05:40 → 2003-03-05 05:40:00
-05:40:23.4200004/3.1700005 → 05:40:23.420000/3.170001
-            2003-02..04-05 → 2003-02,03,04-05 00:00:00
-      2003-03-05 05:40 UTC → 2003-03-05 05:40:00 UTC
-                2003-03-05 → 2003-03-05 00:00:00
-                     03-05 → *-03-05 00:00:00
-                    hourly → *-*-* *:00:00
-                     daily → *-*-* 00:00:00
-                 daily UTC → *-*-* 00:00:00 UTC
-                   monthly → *-*-01 00:00:00
-                    weekly → Mon *-*-* 00:00:00
-                    yearly → *-01-01 00:00:00
-                  annually → *-01-01 00:00:00
-                     *:2/3 → *-*-* *:02/3:00</programlisting>
+                *-*-7 0:0:0 → *-*-07 00:00:00
+                      10-15 → *-10-15 00:00:00
+        monday *-12-* 17:00 → Mon *-12-* 17:00:00
+  Mon,Fri *-*-3,1,2 *:30:45 → Mon,Fri *-*-01,02,03 *:30:45
+       12,14,13,12:20,10,30 → *-*-* 12,13,14:10,20,30:00
+            12..14:10,20,30 → *-*-* 12,13,14:10,20,30:00
+  mon,fri *-1/2-1,3 *:30:45 → Mon,Fri *-01/2-01,03 *:30:45
+             03-05 08:05:40 → *-03-05 08:05:40
+                   08:05:40 → *-*-* 08:05:40
+                      05:40 → *-*-* 05:40:00
+     Sat,Sun 12-05 08:05:40 → Sat,Sun *-12-05 08:05:40
+           Sat,Sun 08:05:40 → Sat,Sun *-*-* 08:05:40
+           2003-03-05 05:40 → 2003-03-05 05:40:00
+ 05:40:23.4200004/3.1700005 → 05:40:23.420000/3.170001
+             2003-02..04-05 → 2003-02,03,04-05 00:00:00
+       2003-03-05 05:40 UTC → 2003-03-05 05:40:00 UTC
+                 2003-03-05 → 2003-03-05 00:00:00
+                      03-05 → *-03-05 00:00:00
+                     hourly → *-*-* *:00:00
+                      daily → *-*-* 00:00:00
+                  daily UTC → *-*-* 00:00:00 UTC
+                    monthly → *-*-01 00:00:00
+                     weekly → Mon *-*-* 00:00:00
+                     yearly → *-01-01 00:00:00
+                   annually → *-01-01 00:00:00
+                      *:2/3 → *-*-* *:02/3:00</programlisting>
 
       <para>Calendar events are used by timer units, see
       <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry>
diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml
index 85a7b12d76..f818e772a9 100644
--- a/man/systemd.unit.xml
+++ b/man/systemd.unit.xml
@@ -144,21 +144,31 @@
     <option>false</option> and <option>off</option> are
     equivalent.</para>
 
-    <para>Time span values encoded in unit files can be written in
-    various formats. A stand-alone number specifies a time in seconds.
-    If suffixed with a time unit, the unit is honored. A concatenation
-    of multiple values with units is supported, in which case the
-    values are added up. Example: "50" refers to 50 seconds; "2min
-    200ms" refers to 2 minutes plus 200 milliseconds, i.e. 120200ms.
-    The following time units are understood: s, min, h, d, w, ms, us.
-    For details see
+    <para>Time span values encoded in unit files can be written in various formats. A stand-alone number specifies a
+    time in seconds.  If suffixed with a time unit, the unit is honored. A concatenation of multiple values with units
+    is supported, in which case the values are added up. Example: <literal>50</literal> refers to 50 seconds;
+    <literal>2min 200ms</literal> refers to 2 minutes and 200 milliseconds, i.e. 120200 ms.  The following time units
+    are understood: <literal>s</literal>, <literal>min</literal>, <literal>h</literal>, <literal>d</literal>,
+    <literal>w</literal>, <literal>ms</literal>, <literal>us</literal>.  For details see
     <citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
 
-    <para>Empty lines and lines starting with # or ; are
-    ignored. This may be used for commenting. Lines ending
-    in a backslash are concatenated with the following
-    line while reading and the backslash is replaced by a
-    space character. This may be used to wrap long lines.</para>
+    <para>Empty lines and lines starting with <literal>#</literal> or <literal>;</literal> are ignored. This may be
+    used for commenting. Lines ending in a backslash are concatenated with the following line while reading and the
+    backslash is replaced by a space character. This may be used to wrap long lines.</para>
+
+    <para>Units can be aliased (have an alternative name), by creating a symlink from the new name to the existing name
+    in one of the unit search paths. For example, <filename>systemd-networkd.service</filename> has the alias
+    <filename>dbus-org.freedesktop.network1.service</filename>, created during installation as the symlink
+    <filename>/usr/lib/systemd/system/dbus-org.freedesktop.network1.service</filename>. In addition, unit files may
+    specify aliases through the <varname>Alias=</varname> directive in the [Install] section; those aliases are only
+    effective when the unit is enabled. When the unit is enabled, symlinks will be created for those names, and removed
+    when the unit is disabled. For example, <filename>reboot.target</filename> specifies
+    <varname>Alias=ctrl-alt-del.target</varname>, so when enabled it will be invoked whenever CTRL+ALT+DEL is
+    pressed. Alias names may be used in commands like <command>enable</command>, <command>disable</command>,
+    <command>start</command>, <command>stop</command>, <command>status</command>, …, and in unit dependency directives
+    <varname>Wants=</varname>, <varname>Requires=</varname>, <varname>Before=</varname>, <varname>After=</varname>, …,
+    with the limitation that aliases specified through <varname>Alias=</varname> are only effective when the unit is
+    enabled. Aliases cannot be used with the <command>preset</command> command.</para>
 
     <para>Along with a unit file <filename>foo.service</filename>, the
     directory <filename>foo.service.wants/</filename> may exist. All
diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml
index 957475d2bd..75fb901102 100644
--- a/man/tmpfiles.d.xml
+++ b/man/tmpfiles.d.xml
@@ -626,7 +626,7 @@
     <example>
       <title>Create directories with specific mode and ownership</title>
       <para>
-      <citerefentry><refentrytitle>screen</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry project='die-net'><refentrytitle>screen</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
       needs two directories created at boot with specific modes and ownership:</para>
 
       <programlisting># /usr/lib/tmpfiles.d/screen.conf
@@ -652,7 +652,7 @@ t /run/cups - - - - security.SMACK64=printing user.attr-with-spaces="foo bar"
     <example>
       <title>Create a directory and prevent its contents from cleanup</title>
       <para>
-      <citerefentry><refentrytitle>abrt</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry project='die-net'><refentrytitle>abrt</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
       needs a directory created at boot with specific mode and ownership and its content
       should be preserved from the automatic cleanup applied to the contents of
       <filename>/var/tmp</filename>:</para>
diff --git a/man/vconsole.conf.xml b/man/vconsole.conf.xml
index 27196d44e9..fa30ca6569 100644
--- a/man/vconsole.conf.xml
+++ b/man/vconsole.conf.xml
@@ -55,8 +55,9 @@
 
     <para>The <filename>/etc/vconsole.conf</filename> file configures
     the virtual console, i.e. keyboard mapping and console font. It is
-    applied at boot by
-    <citerefentry><refentrytitle>systemd-vconsole-setup.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+    applied at boot by udev using <filename>90-vconsole.rules</filename> file.
+    You can safely mask this file if you want to avoid this kind of initialization.
+    </para>
 
     <para>The basic file format of the
     <filename>vconsole.conf</filename> is a newline-separated list of
@@ -68,10 +69,10 @@
 
     <para>Note that the kernel command line options
     <varname>vconsole.keymap=</varname>,
-    <varname>vconsole.keymap.toggle=</varname>,
+    <varname>vconsole.keymap_toggle=</varname>,
     <varname>vconsole.font=</varname>,
-    <varname>vconsole.font.map=</varname>,
-    <varname>vconsole.font.unimap=</varname> may be used
+    <varname>vconsole.font_map=</varname>,
+    <varname>vconsole.font_unimap=</varname> may be used
     to override the console settings at boot.</para>
 
     <para>Depending on the operating system other configuration files
@@ -90,12 +91,10 @@
         <term><varname>KEYMAP=</varname></term>
         <term><varname>KEYMAP_TOGGLE=</varname></term>
 
-        <listitem><para>Configures the key mapping table for the
-        keyboard. <varname>KEYMAP=</varname> defaults to
-        <literal>us</literal> if not set. The
-        <varname>KEYMAP_TOGGLE=</varname> can be used to configure a
-        second toggle keymap and is by default
-        unset.</para></listitem>
+        <listitem><para>Configures the key mapping table for the keyboard.
+        <varname>KEYMAP=</varname> defaults to <literal>us</literal> if not set. The
+        <varname>KEYMAP_TOGGLE=</varname> can be used to configure a second toggle keymap and is by
+        default unset.</para></listitem>
       </varlistentry>
 
       <varlistentry>
@@ -111,6 +110,32 @@
   </refsect1>
 
   <refsect1>
+    <title>Kernel Command Line</title>
+
+    <para>A few configuration parameters from <filename>vconsole.conf</filename> may be overridden
+    on the kernel command line:</para>
+
+    <variablelist class='kernel-commandline-options'>
+      <varlistentry>
+        <term><varname>vconsole.keymap=</varname></term>
+        <term><varname>vconsole.keymap_toggle=</varname></term>
+
+        <listitem><para>Overrides <varname>KEYMAP=</varname> and <varname>KEYMAP_TOGGLE=</varname>.
+        </para></listitem>
+      </varlistentry>
+      <varlistentry>
+
+        <term><varname>vconsole.font=</varname></term>
+        <term><varname>vconsole.font_map=</varname></term>
+        <term><varname>vconsole.font_unimap=</varname></term>
+
+        <listitem><para>Overrides <varname>FONT=</varname>, <varname>FONT_MAP=</varname>, and
+        <varname>FONT_UNIMAP=</varname>.</para></listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1>
     <title>Example</title>
 
     <example>