The current arrangement of service and socket units is
sort of all over the place. Let's clean it up a little,
roughly following the principles below:
- socket units have implicit ordering deps (not to be confused
with default ones which are subject to DefaultDependencies=)
before associated service, so drop any explicit After=
- If socket can be enabled, remember to link to it in service
via Also= and Sockets= (the latter replaces Wants=).
If the service Requires= socket however, Sockets= is omitted.
- If socket is statically enabled, no need for service
to pull it in - machined
oomd only works well if we have swap, hence we should not start it
before swaps are up, in particular as we will print an annoying message
otherwise.
Fixes: #36704
These are all services that valid to be run in the initrd, so let's
make sure they have the appropriate dependencies on
initrd-switch-root.target so that they are stopped when we're about
to switch root.
Compared to PID1 where systemd-oomd has to be the client to PID1
because PID1 is a more privileged process than systemd-oomd, systemd-oomd
is the more privileged process compared to a user manager so we have
user managers be the client whereas systemd-oomd is now the server.
The same varlink protocol is used between user managers and systemd-oomd
to deliver ManagedOOM property updates. systemd-oomd now sets up a varlink
server that user managers connect to to send ManagedOOM property updates.
We also add extra validation to make sure that non-root senders don't
send updates for cgroups they don't own.
The integration test was extended to repeat the chill/bloat test using
a user manager instead of PID1.
We don't need two (and half) templating systems anymore, yay!
I'm keeping the changes minimal, to make the diff manageable. Some enhancements
due to a better templating system might be possible in the future.
For handling of '## ' — see the next commit.
