forked from systemd/systemd
-
Notifications
You must be signed in to change notification settings - Fork 0
/
NEWS
5999 lines (4842 loc) · 293 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
systemd System and Service Manager
CHANGES WITH 230 in spe:
* DNSSEC is now turned on by default in systemd-resolved (in
"allow-downgrade" mode), but may be turned off during compile time by
passing "--with-default-dnssec=no" to "configure" (and of course,
during runtime with DNSSEC= in resolved.conf). We recommend
downstreams to leave this on at least during development cycles and
report any issues with the DNSSEC logic upstream. We are very
interested in collecting feedback about the DNSSEC validator and its
limitations in the wild. Note however, that DNSSEC support is
probably nothing downstreams should turn on in stable distros just
yet, as it might create incompatibilities with a few DNS servers and
networks. We tried hard to make sure we downgrade to non-DNSSEC mode
automatically whenever we detect such incompatible setups, but there
might be systems we do not cover yet. Hence: please help us testing
the DNSSEC code, leave this on where you can, report back, but then
again don't consider turning this on in your stable, LTS or
production release just yet.
* Testing tool /usr/lib/systemd/systemd-activate is renamed to
systemd-socket-activate and installed into /usr/bin. It is now fully
supported.
CHANGES WITH 229:
* The systemd-resolved DNS resolver service has gained a substantial
set of new features, most prominently it may now act as a DNSSEC
validating stub resolver. DNSSEC mode is currently turned off by
default, but is expected to be turned on by default in one of the
next releases. For now, we invite everybody to test the DNSSEC logic
by setting DNSSEC=allow-downgrade in /etc/systemd/resolved.conf. The
service also gained a full set of D-Bus interfaces, including calls
to configure DNS and DNSSEC settings per link (for use by external
network management software). systemd-resolved and systemd-networkd
now distinguish between "search" and "routing" domains. The former
are used to qualify single-label names, the latter are used purely
for routing lookups within certain domains to specific links.
resolved now also synthesizes RRs for all entries from /etc/hosts.
* The systemd-resolve tool (which is a client utility for
systemd-resolved) has been improved considerably and is now fully
supported and documented. Hence it has moved from /usr/lib/systemd to
/usr/bin.
* /dev/disk/by-path/ symlink support has been (re-)added for virtio
devices.
* The coredump collection logic has been reworked: when a coredump is
collected it is now written to disk, compressed and processed
(including stacktrace extraction) from a new instantiated service
[email protected], instead of directly from the
/proc/sys/kernel/core_pattern hook we provide. This is beneficial as
processing large coredumps can take up a substantial amount of
resources and time, and this previously happened entirely outside of
systemd's service supervision. With the new logic the core_pattern
hook only does minimal metadata collection before passing off control
to the new instantiated service, which is configured with a time
limit, a nice level and other settings to minimize negative impact on
the rest of the system. Also note that the new logic will honour the
RLIMIT_CORE setting of the crashed process, which now allows users
and processes to turn off coredumping for their processes by setting
this limit.
* The RLIMIT_CORE resource limit now defaults to "unlimited" for PID 1
and all forked processes by default. Previously, PID 1 would leave
the setting at "0" for all processes, as set by the kernel. Note that
the resource limit traditionally has no effect on the generated
coredumps on the system if the /proc/sys/kernel/core_pattern hook
logic is used. Since the limit is now honoured (see above) its
default has been changed so that the coredumping logic is enabled by
default for all processes, while allowing specific opt-out.
* When the stacktrace is extracted from processes of system users, this
is now done as "systemd-coredump" user, in order to sandbox this
potentially security sensitive parsing operation. (Note that when
processing coredumps of normal users this is done under the user ID
of process that crashed, as before.) Packagers should take notice
that it is now necessary to create the "systemd-coredump" system user
and group at package installation time.
* The systemd-activate socket activation testing tool gained support
for SOCK_DGRAM and SOCK_SEQPACKET sockets using the new --datagram
and --seqpacket switches. It also has been extended to support both
new-style and inetd-style file descriptor passing. Use the new
--inetd switch to request inetd-style file descriptor passing.
* Most systemd tools now honor a new $SYSTEMD_COLORS environment
variable, which takes a boolean value. If set to false, ANSI color
output is disabled in the tools even when run on a terminal that
supports it.
* The VXLAN support in networkd now supports two new settings
DestinationPort= and PortRange=.
* A new systemd.machine_id= kernel command line switch has been added,
that may be used to set the machine ID in /etc/machine-id if it is
not initialized yet. This command line option has no effect if the
file is already initialized.
* systemd-nspawn gained a new --as-pid2 switch that invokes any
specified command line as PID 2 rather than PID 1 in the
container. In this mode PID 1 is a minimal stub init process that
implements the special POSIX and Linux semantics of PID 1 regarding
signal and child process management. Note that this stub init process
is implemented in nspawn itself and requires no support from the
container image. This new logic is useful to support running
arbitrary commands in the container, as normal processes are
generally not prepared to run as PID 1.
* systemd-nspawn gained a new --chdir= switch for setting the current
working directory for the process started in the container.
* "journalctl /dev/sda" will now output all kernel log messages for
specified device from the current boot, in addition to all devices
that are parents of it. This should make log output about devices
pretty useful, as long as kernel drivers attach enough metadata to
the log messages. (The usual SATA drivers do.)
* The sd-journal API gained two new calls
sd_journal_has_runtime_files() and sd_journal_has_persistent_files()
that report whether log data from /run or /var has been found.
* journalctl gained a new switch "--fields" that prints all journal
record field names currently in use in the journal. This is backed
by two new sd-journal API calls sd_journal_enumerate_fields() and
sd_journal_restart_fields().
* Most configurable timeouts in systemd now expect an argument of
"infinity" to turn them off, instead of "0" as before. The semantics
from now on is that a timeout of "0" means "now", and "infinity"
means "never". To maintain backwards compatibility, "0" continues to
turn off previously existing timeout settings.
* "systemctl reload-or-try-restart" has been renamed to "systemctl
try-reload-or-restart" to clarify what it actually does: the "try"
logic applies to both reloading and restarting, not just restarting.
The old name continues to be accepted for compatibility.
* On boot-up, when PID 1 detects that the system clock is behind the
release date of the systemd version in use, the clock is now set
to the latter. Previously, this was already done in timesyncd, in order
to avoid running with clocks set to the various clock epochs such as
1902, 1938 or 1970. With this change the logic is now done in PID 1
in addition to timesyncd during early boot-up, so that it is enforced
before the first process is spawned by systemd. Note that the logic
in timesyncd remains, as it is more comprehensive and ensures
clock monotonicity by maintaining a persistent timestamp file in
/var. Since /var is generally not available in earliest boot or the
initrd, this part of the logic remains in timesyncd, and is not done
by PID 1.
* Support for tweaking details in net_cls.class_id through the
NetClass= configuration directive has been removed, as the kernel
people have decided to deprecate that controller in cgroup v2.
Userspace tools such as nftables are moving over to setting rules
that are specific to the full cgroup path of a task, which obsoletes
these controllers anyway. The NetClass= directive is kept around for
legacy compatibility reasons. For a more in-depth description of the
kernel change, please refer to the respective upstream commit:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bd1060a1d671
* A new service setting RuntimeMaxSec= has been added that may be used
to specify a maximum runtime for a service. If the timeout is hit, the
service is terminated and put into a failure state.
* A new service setting AmbientCapabilities= has been added. It allows
configuration of additional Linux process capabilities that are
passed to the activated processes. This is only available on very
recent kernels.
* The process resource limit settings in service units may now be used
to configure hard and soft limits individually.
* The various libsystemd APIs such as sd-bus or sd-event now publicly
expose support for gcc's __attribute__((cleanup())) C extension.
Specifically, for many object destructor functions alternative
versions have been added that have names suffixed with "p" and take a
pointer to a pointer to the object to destroy, instead of just a
pointer to the object itself. This is useful because these destructor
functions may be used directly as parameters to the cleanup
construct. Internally, systemd has been a heavy user of this GCC
extension for a long time, and with this change similar support is
now available to consumers of the library outside of systemd. Note
that by using this extension in your sources compatibility with old
and strictly ANSI compatible C compilers is lost. However, all gcc or
LLVM versions of recent years support this extension.
* Timer units gained support for a new setting RandomizedDelaySec= that
allows configuring some additional randomized delay to the configured
time. This is useful to spread out timer events to avoid load peaks in
clusters or larger setups.
* Calendar time specifications now support sub-second accuracy.
* Socket units now support listening on SCTP and UDP-lite protocol
sockets.
* The sd-event API now comes with a full set of man pages.
* Older versions of systemd contained experimental support for
compressing journal files and coredumps with the LZ4 compressor that
was not compatible with the lz4 binary (due to API limitations of the
lz4 library). This support has been removed; only support for files
compatible with the lz4 binary remains. This LZ4 logic is now
officially supported and no longer considered experimental.
* The dkr image import logic has been removed again from importd. dkr's
micro-services focus doesn't fit into the machine image focus of
importd, and quickly got out of date with the upstream dkr API.
* Creation of the /run/lock/lockdev/ directory was dropped from
tmpfiles.d/legacy.conf. Better locking mechanisms like flock() have
been available for many years. If you still need this, you need to
create your own tmpfiles.d config file with:
d /run/lock/lockdev 0775 root lock -
Contributions from: Abdo Roig-Maranges, Alban Crequy, Aleksander
Adamowski, Alexander Kuleshov, Andreas Pokorny, Andrei Borzenkov,
Andrew Wilcox, Arthur Clement, Beniamino Galvani, Casey Schaufler,
Chris Atkinson, Chris Mayo, Christian Hesse, Damjan Georgievski, Dan
Dedrick, Daniele Medri, Daniel J Walsh, Daniel Korostil, Daniel Mack,
David Herrmann, Dimitri John Ledkov, Dominik Hannen, Douglas Christman,
Evgeny Vereshchagin, Filipe Brandenburger, Franck Bui, Gabor Kelemen,
Harald Hoyer, Hayden Walles, Helmut Grohne, Henrik Kaare Poulsen,
Hristo Venev, Hui Wang, Indrajit Raychaudhuri, Ismo Puustinen, Jakub
Wilk, Jan Alexander Steffens (heftig), Jan Engelhardt, Jan Synacek,
Joost Bremmer, Jorgen Schaefer, Karel Zak, Klearchos Chaloulos,
lc85446, Lennart Poettering, Lukas Nykryn, Mantas Mikulėnas, Marcel
Holtmann, Martin Pitt, Michael Biebl, Michael Olbrich, Michael Scherer,
Michał Górny, Michal Sekletar, Nicolas Cornu, Nicolas Iooss, Nils
Carlson, nmartensen, nnz1024, Patrick Ohly, Peter Hutterer, Phillip Sz,
Ronny Chevalier, Samu Kallio, Shawn Landden, Stef Walter, Susant
Sahani, Sylvain Plantefève, Tadej Janež, Thomas Hindoe Paaboel
Andersen, Tom Gundersen, Torstein Husebø, Umut Tezduyar Lindskog, Vito
Caputo, WaLyong Cho, Yu Watanabe, Zbigniew Jędrzejewski-Szmek
-- Berlin, 2016-02-11
CHANGES WITH 228:
* A number of properties previously only settable in unit
files are now also available as properties to set when
creating transient units programmatically via the bus, as it
is exposed with systemd-run's --property=
setting. Specifically, these are: SyslogIdentifier=,
SyslogLevelPrefix=, TimerSlackNSec=, OOMScoreAdjust=,
EnvironmentFile=, ReadWriteDirectories=,
ReadOnlyDirectories=, InaccessibleDirectories=,
ProtectSystem=, ProtectHome=, RuntimeDirectory=.
* When creating transient services via the bus API it is now
possible to pass in a set of file descriptors to use as
STDIN/STDOUT/STDERR for the invoked process.
* Slice units may now be created transiently via the bus APIs,
similar to the way service and scope units may already be
created transiently.
* Wherever systemd expects a calendar timestamp specification
(like in journalctl's --since= and --until= switches) UTC
timestamps are now supported. Timestamps suffixed with "UTC"
are now considered to be in Universal Time Coordinated
instead of the local timezone. Also, timestamps may now
optionally be specified with sub-second accuracy. Both of
these additions also apply to recurring calendar event
specification, such as OnCalendar= in timer units.
* journalctl gained a new "--sync" switch that asks the
journal daemon to write all so far unwritten log messages to
disk and sync the files, before returning.
* systemd-tmpfiles learned two new line types "q" and "Q" that
operate like "v", but also set up a basic btrfs quota
hierarchy when used on a btrfs file system with quota
enabled.
* tmpfiles' "v", "q" and "Q" will now create a plain directory
instead of a subvolume (even on a btrfs file system) if the
root directory is a plain directory, and not a
subvolume. This should simplify things with certain chroot()
environments which are not aware of the concept of btrfs
subvolumes.
* systemd-detect-virt gained a new --chroot switch to detect
whether execution takes place in a chroot() environment.
* CPUAffinity= now takes CPU index ranges in addition to
individual indexes.
* The various memory-related resource limit settings (such as
LimitAS=) now understand the usual K, M, G, ... suffixes to
the base of 1024 (IEC). Similar, the time-related resource
limit settings understand the usual min, h, day, ...
suffixes now.
* There's a new system.conf setting DefaultTasksMax= to
control the default TasksMax= setting for services and
scopes running on the system. (TasksMax= is the primary
setting that exposes the "pids" cgroup controller on systemd
and was introduced in the previous systemd release.) The
setting now defaults to 512, which means services that are
not explicitly configured otherwise will only be able to
create 512 processes or threads at maximum, from this
version on. Note that this means that thread- or
process-heavy services might need to be reconfigured to set
TasksMax= to a higher value. It is sufficient to set
TasksMax= in these specific unit files to a higher value, or
even "infinity". Similar, there's now a logind.conf setting
UserTasksMax= that defaults to 4096 and limits the total
number of processes or tasks each user may own
concurrently. nspawn containers also have the TasksMax=
value set by default now, to 8192. Note that all of this
only has an effect if the "pids" cgroup controller is
enabled in the kernel. The general benefit of these changes
should be a more robust and safer system, that provides a
certain amount of per-service fork() bomb protection.
* systemd-nspawn gained the new --network-veth-extra= switch
to define additional and arbitrarily-named virtual Ethernet
links between the host and the container.
* A new service execution setting PassEnvironment= has been
added that allows importing select environment variables
from PID1's environment block into the environment block of
the service.
* Timer units gained support for a new RemainAfterElapse=
setting which takes a boolean argument. It defaults on on,
exposing behaviour unchanged to previous releases. If set to
off, timer units are unloaded after they elapsed if they
cannot elapse again. This is particularly useful for
transient timer units, which shall not stay around longer
than until they first elapse.
* systemd will now bump the net.unix.max_dgram_qlen to 512 by
default now (the kernel default is 16). This is beneficial
for avoiding blocking on AF_UNIX/SOCK_DGRAM sockets since it
allows substantially larger numbers of queued
datagrams. This should increase the capability of systemd to
parallelize boot-up, as logging and sd_notify() are unlikely
to stall execution anymore. If you need to change the value
from the new defaults, use the usual sysctl.d/ snippets.
* The compression framing format used by the journal or
coredump processing has changed to be in line with what the
official LZ4 tools generate. LZ4 compression support in
systemd was considered unsupported previously, as the format
was not compatible with the normal tools. With this release
this has changed now, and it is hence safe for downstream
distributions to turn it on. While not compressing as well
as the XZ, LZ4 is substantially faster, which makes
it a good default choice for the compression logic in the
journal and in coredump handling.
* Any reference to /etc/mtab has been dropped from
systemd. The file has been obsolete since a while, but
systemd refused to work on systems where it was incorrectly
set up (it should be a symlink or non-existent). Please make
sure to update to util-linux 2.27.1 or newer in conjunction
with this systemd release, which also drops any reference to
/etc/mtab. If you maintain a distribution make sure that no
software you package still references it, as this is a
likely source of bugs. There's also a glibc bug pending,
asking for removal of any reference to this obsolete file:
https://sourceware.org/bugzilla/show_bug.cgi?id=19108
* Support for the ".snapshot" unit type has been removed. This
feature turned out to be little useful and little used, and
has now been removed from the core and from systemctl.
* The dependency types RequiresOverridable= and
RequisiteOverridable= have been removed from systemd. They
have been used only very sparingly to our knowledge and
other options that provide a similar effect (such as
systemctl --mode=ignore-dependencies) are much more useful
and commonly used. Moreover, they were only half-way
implemented as the option to control behaviour regarding
these dependencies was never added to systemctl. By removing
these dependency types the execution engine becomes a bit
simpler. Unit files that use these dependencies should be
changed to use the non-Overridable dependency types
instead. In fact, when parsing unit files with these
options, that's what systemd will automatically convert them
too, but it will also warn, asking users to fix the unit
files accordingly. Removal of these dependency types should
only affect a negligible number of unit files in the wild.
* Behaviour of networkd's IPForward= option changed
(again). It will no longer maintain a per-interface setting,
but propagate one way from interfaces where this is enabled
to the global kernel setting. The global setting will be
enabled when requested by a network that is set up, but
never be disabled again. This change was made to make sure
IPv4 and IPv6 behaviour regarding packet forwarding is
similar (as the Linux IPv6 stack does not support
per-interface control of this setting) and to minimize
surprises.
* In unit files the behaviour of %u, %U, %h, %s has
changed. These specifiers will now unconditionally resolve
to the various user database fields of the user that the
systemd instance is running as, instead of the user
configured in the specific unit via User=. Note that this
effectively doesn't change much, as resolving of these
specifiers was already turned off in the --system instance
of systemd, as we cannot do NSS lookups from PID 1. In the
--user instance of systemd these specifiers where correctly
resolved, but hardly made any sense, since the user instance
lacks privileges to do user switches anyway, and User= is
hence useless. Morever, even in the --user instance of
systemd behaviour was awkward as it would only take settings
from User= assignment placed before the specifier into
account. In order to unify and simplify the logic around
this the specifiers will now always resolve to the
credentials of the user invoking the manager (which in case
of PID 1 is the root user).
Contributions from: Andrew Jones, Beniamino Galvani, Boyuan
Yang, Daniel Machon, Daniel Mack, David Herrmann, David
Reynolds, David Strauss, Dongsu Park, Evgeny Vereshchagin,
Felipe Sateler, Filipe Brandenburger, Franck Bui, Hristo
Venev, Iago López Galeiras, Jan Engelhardt, Jan Janssen, Jan
Synacek, Jesus Ornelas Aguayo, Karel Zak, kayrus, Kay Sievers,
Lennart Poettering, Liu Yuan Yuan, Mantas Mikulėnas, Marcel
Holtmann, Marcin Bachry, Marcos Alano, Marcos Mello, Mark
Theunissen, Martin Pitt, Michael Marineau, Michael Olbrich,
Michal Schmidt, Michal Sekletar, Mirco Tischler, Nick Owens,
Nicolas Cornu, Patrik Flykt, Peter Hutterer, reverendhomer,
Ronny Chevalier, Sangjung Woo, Seong-ho Cho, Shawn Landden,
Susant Sahani, Thomas Haller, Thomas Hindoe Paaboel Andersen,
Tom Gundersen, Torstein Husebø, Vito Caputo, Zbigniew
Jędrzejewski-Szmek
-- Berlin, 2015-11-18
CHANGES WITH 227:
* systemd now depends on util-linux v2.27. More specifically,
the newly added mount monitor feature in libmount now
replaces systemd's former own implementation.
* libmount mandates /etc/mtab not to be regular file, and
systemd now enforces this condition at early boot.
/etc/mtab has been deprecated and warned about for a very
long time, so systems running systemd should already have
stopped having this file around as anything else than a
symlink to /proc/self/mounts.
* Support for the "pids" cgroup controller has been added. It
allows accounting the number of tasks in a cgroup and
enforcing limits on it. This adds two new setting
TasksAccounting= and TasksMax= to each unit, as well as a
global option DefaultTasksAccounting=.
* Support for the "net_cls" cgroup controller has been added.
It allows assigning a net class ID to each task in the
cgroup, which can then be used in firewall rules and traffic
shaping configurations. Note that the kernel netfilter net
class code does not currently work reliably for ingress
packets on unestablished sockets.
This adds a new config directive called NetClass= to CGroup
enabled units. Allowed values are positive numbers for fixed
assignments and "auto" for picking a free value
automatically.
* 'systemctl is-system-running' now returns 'offline' if the
system is not booted with systemd. This command can now be
used as a substitute for 'systemd-notify --booted'.
* Watchdog timeouts have been increased to 3 minutes for all
in-tree service files. Apparently, disk IO issues are more
frequent than we hoped, and user reported >1 minute waiting
for disk IO.
* 'machine-id-commit' functionality has been merged into
'machine-id-setup --commit'. The separate binary has been
removed.
* The WorkingDirectory= directive in unit files may now be set
to the special value '~'. In this case, the working
directory is set to the home directory of the user
configured in User=.
* "machinectl shell" will now open the shell in the home
directory of the selected user by default.
* The CrashChVT= configuration file setting is renamed to
CrashChangeVT=, following our usual logic of not
abbreviating unnecessarily. The old directive is still
supported for compat reasons. Also, this directive now takes
an integer value between 1 and 63, or a boolean value. The
formerly supported '-1' value for disabling stays around for
compat reasons.
* The PrivateTmp=, PrivateDevices=, PrivateNetwork=,
NoNewPrivileges=, TTYPath=, WorkingDirectory= and
RootDirectory= properties can now be set for transient
units.
* The systemd-analyze tool gained a new "set-log-target" verb
to change the logging target the system manager logs to
dynamically during runtime. This is similar to how
"systemd-analyze set-log-level" already changes the log
level.
* In nspawn /sys is now mounted as tmpfs, with only a selected
set of subdirectories mounted in from the real sysfs. This
enhances security slightly, and is useful for ensuring user
namespaces work correctly.
* Support for USB FunctionFS activation has been added. This
allows implementation of USB gadget services that are
activated as soon as they are requested, so that they don't
have to run continously, similar to classic socket
activation.
* The "systemctl exit" command now optionally takes an
additional parameter that sets the exit code to return from
the systemd manager when exiting. This is only relevant when
running the systemd user instance, or when running the
system instance in a container.
* sd-bus gained the new API calls sd_bus_path_encode_many()
and sd_bus_path_decode_many() that allow easy encoding and
decoding of multiple identifier strings inside a D-Bus
object path. Another new call sd_bus_default_flush_close()
has been added to flush and close per-thread default
connections.
* systemd-cgtop gained support for a -M/--machine= switch to
show the control groups within a certain container only.
* "systemctl kill" gained support for an optional --fail
switch. If specified the requested operation will fail of no
processes have been killed, because the unit had no
processes attached, or similar.
* A new systemd.crash_reboot=1 kernel command line option has
been added that triggers a reboot after crashing. This can
also be set through CrashReboot= in systemd.conf.
* The RuntimeDirectory= setting now understands unit
specifiers like %i or %f.
* A new (still internal) libary API sd-ipv4acd has been added,
that implements address conflict detection for IPv4. It's
based on code from sd-ipv4ll, and will be useful for
detecting DHCP address conflicts.
* File descriptors passed during socket activation may now be
named. A new API sd_listen_fds_with_names() is added to
access the names. The default names may be overridden,
either in the .socket file using the FileDescriptorName=
parameter, or by passing FDNAME= when storing the file
descriptors using sd_notify().
* systemd-networkd gained support for:
- Setting the IPv6 Router Advertisment settings via
IPv6AcceptRouterAdvertisements= in .network files.
- Configuring the HelloTimeSec=, MaxAgeSec= and
ForwardDelaySec= bridge parameters in .netdev files.
- Configuring PreferredSource= for static routes in
.network files.
* The "ask-password" framework used to query for LUKS harddisk
passwords or SSL passwords during boot gained support for
caching passwords in the kernel keyring, if it is
available. This makes sure that the user only has to type in
a passphrase once if there are multiple objects to unlock
with the same one. Previously, such password caching was
available only when Plymouth was used; this moves the
caching logic into the systemd codebase itself. The
"systemd-ask-password" utility gained a new --keyname=
switch to control which kernel keyring key to use for
caching a password in. This functionality is also useful for
enabling display managers such as gdm to automatically
unlock the user's GNOME keyring if its passphrase, the
user's password and the harddisk password are the same, if
gdm-autologin is used.
* When downloading tar or raw images using "machinectl
pull-tar" or "machinectl pull-raw", a matching ".nspawn"
file is now also downloaded, if it is available and stored
next to the image file.
* Units of type ".socket" gained a new boolean setting
Writable= which is only useful in conjunction with
ListenSpecial=. If true, enables opening the specified
special file in O_RDWR mode rather than O_RDONLY mode.
* systemd-rfkill has been reworked to become a singleton
service that is activated through /dev/rfkill on each rfkill
state change and saves the settings to disk. This way,
systemd-rfkill is now compatible with devices that exist
only intermittendly, and even restores state if the previous
system shutdown was abrupt rather than clean.
* The journal daemon gained support for vacuuming old journal
files controlled by the number of files that shall remain,
in addition to the already existing control by size and by
date. This is useful as journal interleaving performance
degrades with too many seperate journal files, and allows
putting an effective limit on them. The new setting defaults
to 100, but this may be changed by setting SystemMaxFiles=
and RuntimeMaxFiles= in journald.conf. Also, the
"journalctl" tool gained the new --vacuum-files= switch to
manually vacuum journal files to leave only the specified
number of files in place.
* udev will now create /dev/disk/by-path links for ATA devices
on kernels where that is supported.
* Galician, Serbian, Turkish and Korean translations were added.
Contributions from: Aaro Koskinen, Alban Crequy, Beniamino
Galvani, Benjamin Robin, Branislav Blaskovic, Chen-Han Hsiao
(Stanley), Daniel Buch, Daniel Machon, Daniel Mack, David
Herrmann, David Milburn, doubleodoug, Evgeny Vereshchagin,
Felipe Franciosi, Filipe Brandenburger, Fran Dieguez, Gabriel
de Perthuis, Georg Müller, Hans de Goede, Hendrik Brueckner,
Ivan Shapovalov, Jacob Keller, Jan Engelhardt, Jan Janssen,
Jan Synacek, Jens Kuske, Karel Zak, Kay Sievers, Krzesimir
Nowak, Krzysztof Kotlenga, Lars Uebernickel, Lennart
Poettering, Lukas Nykryn, Łukasz Stelmach, Maciej Wereski,
Marcel Holtmann, Marius Thesing, Martin Pitt, Michael Biebl,
Michael Gebetsroither, Michal Schmidt, Michal Sekletar, Mike
Gilbert, Muhammet Kara, nazgul77, Nicolas Cornu, NoXPhasma,
Olof Johansson, Patrik Flykt, Pawel Szewczyk, reverendhomer,
Ronny Chevalier, Sangjung Woo, Seong-ho Cho, Susant Sahani,
Sylvain Plantefève, Thomas Haller, Thomas Hindoe Paaboel
Andersen, Tom Gundersen, Tom Lyon, Viktar Vauchkevich,
Zbigniew Jędrzejewski-Szmek, Марко М. Костић
-- Berlin, 2015-10-07
CHANGES WITH 226:
* The DHCP implementation of systemd-networkd gained a set of
new features:
- The DHCP server now supports emitting DNS and NTP
information. It may be enabled and configured via
EmitDNS=, DNS=, EmitNTP=, and NTP=. If transmission of DNS
and NTP information is enabled, but no servers are
configured, the corresponding uplink information (if there
is any) is propagated.
- Server and client now support transmission and reception
of timezone information. It can be configured via the
newly introduced network options UseTimezone=,
EmitTimezone=, and Timezone=. Transmission of timezone
information is enabled between host and containers by
default now: the container will change its local timezone
to what the host has set.
- Lease timeouts can now be configured via
MaxLeaseTimeSec= and DefaultLeaseTimeSec=.
- The DHCP server improved on the stability of
leases. Clients are more likely to get the same lease
information back, even if the server loses state.
- The DHCP server supports two new configuration options to
control the lease address pool metrics, PoolOffset= and
PoolSize=.
* The encapsulation limit of tunnels in systemd-networkd may
now be configured via 'EncapsulationLimit='. It allows
modifying the maximum additional levels of encapsulation
that are permitted to be prepended to a packet.
* systemd now supports the concept of user buses replacing
session buses, if used with dbus-1.10 (and enabled via dbus
--enable-user-session). It previously only supported this on
kdbus-enabled systems, and this release expands this to
'dbus-daemon' systems.
* systemd-networkd now supports predictable interface names
for virtio devices.
* systemd now optionally supports the new Linux kernel
"unified" control group hierarchy. If enabled via the kernel
command-line option 'systemd.unified_cgroup_hierarchy=1',
systemd will try to mount the unified cgroup hierarchy
directly on /sys/fs/cgroup. If not enabled, or not
available, systemd will fall back to the legacy cgroup
hierarchy setup, as before. Host system and containers can
mix and match legacy and unified hierarchies as they
wish. nspawn understands the $UNIFIED_CROUP_HIERARCHY
environment variable to individually select the hierarchy to
use for executed containers. By default, nspawn will use the
unified hierarchy for the containers if the host uses the
unified hierarchy, and the legacy hierarchy otherwise.
Please note that at this point the unified hierarchy is an
experimental kernel feature and is likely to change in one
of the next kernel releases. Therefore, it should not be
enabled by default in downstream distributions yet. The
minimum required kernel version for the unified hierarchy to
work is 4.2. Note that when the unified hierarchy is used
for the first time delegated access to controllers is
safe. Because of this systemd-nspawn containers will get
access to controllers now, as will systemd user
sessions. This means containers and user sessions may now
manage their own resources, partitioning up what the system
grants them.
* A new special scope unit "init.scope" has been introduced
that encapsulates PID 1 of the system. It may be used to
determine resource usage and enforce resource limits on PID
1 itself. PID 1 hence moved out of the root of the control
group tree.
* The cgtop tool gained support for filtering out kernel
threads when counting tasks in a control group. Also, the
count of processes is now recursively summed up by
default. Two options -k and --recursive= have been added to
revert to old behaviour. The tool has also been updated to
work correctly in containers now.
* systemd-nspawn's --bind= and --bind-ro= options have been
extended to allow creation of non-recursive bind mounts.
* libsystemd gained two new calls sd_pid_get_cgroup() and
sd_peer_get_cgroup() which return the control group path of
a process or peer of a connected AF_UNIX socket. This
function call is particularly useful when implementing
delegated subtrees support in the control group hierarchy.
* The "sd-event" event loop API of libsystemd now supports
correct dequeuing of real-time signals, without losing
signal events.
* When systemd requests a PolicyKit decision when managing
units it will now add additional fields to the request,
including unit name and desired operation. This enables more
powerful PolicyKit policies, that make decisions depending
on these parameters.
* nspawn learnt support for .nspawn settings files, that may
accompany the image files or directories of containers, and
may contain additional settings for the container. This is
an alternative to configuring container parameters via the
nspawn command line.
Contributions from: Cristian Rodríguez, Daniel Mack, David
Herrmann, Eugene Yakubovich, Evgeny Vereshchagin, Filipe
Brandenburger, Hans de Goede, Jan Alexander Steffens, Jan
Synacek, Kay Sievers, Lennart Poettering, Mangix, Marcel
Holtmann, Martin Pitt, Michael Biebl, Michael Chapman, Michal
Sekletar, Peter Hutterer, Piotr Drąg, reverendhomer, Robin
Hack, Susant Sahani, Sylvain Pasche, Thomas Hindoe Paaboel
Andersen, Tom Gundersen, Torstein Husebø
-- Berlin, 2015-09-08
CHANGES WITH 225:
* machinectl gained a new verb 'shell' which opens a fresh
shell on the target container or the host. It is similar to
the existing 'login' command of machinectl, but spawns the
shell directly without prompting for username or
password. The pseudo machine '.host' now refers to the local
host and is used by default. Hence, 'machinectl shell' can
be used as replacement for 'su -' which spawns a session as
a fresh systemd unit in a way that is fully isolated from
the originating session.
* systemd-networkd learned to cope with private-zone DHCP
options and allows other programs to query the values.
* SELinux access control when enabling/disabling units is no
longer enforced with this release. The previous
implementation was incorrect, and a new corrected
implementation is not yet available. As unit file operations
are still protected via PolicyKit and D-Bus policy this is
not a security problem. Yet, distributions which care about
optimal SELinux support should probably not stabilize on
this release.
* sd-bus gained support for matches of type "arg0has=", that
test for membership of strings in string arrays sent in bus
messages.
* systemd-resolved now dumps the contents of its DNS and LLMNR
caches to the logs on reception of the SIGUSR1 signal. This
is useful to debug DNS behaviour.
* The coredumpctl tool gained a new --directory= option to
operate on journal files in a specific directory.
* "systemctl reboot" and related commands gained a new
"--message=" option which may be used to set a free-text
wall message when shutting down or rebooting the
system. This message is also logged, which is useful for
figuring out the reason for a reboot or shutdown a
posteriori.
* The "systemd-resolve-host" tool's -i switch now takes
network interface numbers as alternative to interface names.
* A new unit file setting for services has been introduced:
UtmpMode= allows configuration of how precisely systemd
handles utmp and wtmp entries for the service if this is
enabled. This allows writing services that appear similar to
user sessions in the output of the "w", "who", "last" and
"lastlog" tools.
* systemd-resolved will now locally synthesize DNS resource
records for the "localhost" and "gateway" domains as well as
the local hostname. This should ensure that clients querying
RRs via resolved will get similar results as those going via
NSS, if nss-myhostname is enabled.
Contributions from: Alastair Hughes, Alex Crawford, Daniel
Mack, David Herrmann, Dimitri John Ledkov, Eric Kostrowski,
Evgeny Vereshchagin, Felipe Sateler, HATAYAMA Daisuke, Jan
Pokorný, Jan Synacek, Johnny Robeson, Karel Zak, Kay Sievers,
Kefeng Wang, Lennart Poettering, Major Hayden, Marcel
Holtmann, Markus Elfring, Martin Mikkelsen, Martin Pitt, Matt
Turner, Maxim Mikityanskiy, Michael Biebl, Namhyung Kim,
Nicolas Cornu, Owen W. Taylor, Patrik Flykt, Peter Hutterer,
reverendhomer, Richard Maw, Ronny Chevalier, Seth Jennings,
Stef Walter, Susant Sahani, Thomas Blume, Thomas Hindoe
Paaboel Andersen, Thomas Meyer, Tom Gundersen, Vincent Batts,
WaLyong Cho, Zbigniew Jędrzejewski-Szmek
-- Berlin, 2015-08-27
CHANGES WITH 224:
* The systemd-efi-boot-generator functionality was merged into
systemd-gpt-auto-generator.
* systemd-networkd now supports Group Policy for vxlan
devices. It can be enabled via the new boolean configuration
option called 'GroupPolicyExtension='.
Contributions from: Andreas Kempf, Christian Hesse, Daniel Mack, David
Herrmann, Herman Fries, Johannes Nixdorf, Kay Sievers, Lennart
Poettering, Peter Hutterer, Susant Sahani, Tom Gundersen
-- Berlin, 2015-07-31
CHANGES WITH 223:
* The python-systemd code has been removed from the systemd repository.
A new repository has been created which accommodates the code from
now on, and we kindly ask distributions to create a separate package
for this: https://github.com/systemd/python-systemd
* The systemd daemon will now reload its main configuration
(/etc/systemd/system.conf) on daemon-reload.
* sd-dhcp now exposes vendor specific extensions via
sd_dhcp_lease_get_vendor_specific().
* systemd-networkd gained a number of new configuration options.
- A new boolean configuration option for TAP devices called
'VNetHeader='. If set, the IFF_VNET_HDR flag is set for the
device, thus allowing to send and receive GSO packets.
- A new tunnel configuration option called 'CopyDSCP='.
If enabled, the DSCP field of ip6 tunnels is copied into the
decapsulated packet.
- A set of boolean bridge configuration options were added.
'UseBPDU=', 'HairPin=', 'FastLeave=', 'AllowPortToBeRoot=',
and 'UnicastFlood=' are now parsed by networkd and applied to the
respective bridge link device via the respective IFLA_BRPORT_*
netlink attribute.
- A new string configuration option to override the hostname sent
to a DHCP server, called 'Hostname='. If set and 'SendHostname='
is true, networkd will use the configured hostname instead of the
system hostname when sending DHCP requests.
- A new tunnel configuration option called 'IPv6FlowLabel='. If set,
networkd will configure the IPv6 flow-label of the tunnel device
according to RFC2460.
- The 'macvtap' virtual network devices are now supported, similar to
the already supported 'macvlan' devices.
* systemd-resolved now implements RFC5452 to improve resilience against
cache poisoning. Additionally, source port randomization is enabled
by default to further protect against DNS spoofing attacks.
* nss-mymachines now supports translating UIDs and GIDs of running
containers with user-namespaces enabled. If a container 'foo'
translates a host uid 'UID' to the container uid 'TUID', then
nss-mymachines will also map uid 'UID' to/from username 'vu-foo-TUID'
(with 'foo' and 'TUID' replaced accordingly). Similarly, groups are
mapped as 'vg-foo-TGID'.
Contributions from: Beniamino Galvani, cee1, Christian Hesse, Daniel
Buch, Daniel Mack, daurnimator, David Herrmann, Dimitri John Ledkov,
HATAYAMA Daisuke, Ivan Shapovalov, Jan Alexander Steffens (heftig),
Johan Ouwerkerk, Jose Carlos Venegas Munoz, Karel Zak, Kay Sievers,
Lennart Poettering, Lidong Zhong, Martin Pitt, Michael Biebl, Michael
Olbrich, Michal Schmidt, Michal Sekletar, Mike Gilbert, Namhyung Kim,
Nick Owens, Peter Hutterer, Richard Maw, Steven Allen, Sungbae Yoo,
Susant Sahani, Thomas Blume, Thomas Hindoe Paaboel Andersen, Tom
Gundersen, Torstein Husebø, Umut Tezduyar Lindskog, Vito Caputo,
Vivenzio Pagliari, Zbigniew Jędrzejewski-Szmek
-- Berlin, 2015-07-29
CHANGES WITH 222:
* udev does not longer support the WAIT_FOR_SYSFS= key in udev rules.
There are no known issues with current sysfs, and udev does not need
or should be used to work around such bugs.
* udev does no longer enable USB HID power management. Several reports
indicate, that some devices cannot handle that setting.
* The udev accelerometer helper was removed. The functionality
is now fully included in iio-sensor-proxy. But this means,
older iio-sensor-proxy versions will no longer provide
accelerometer/orientation data with this systemd version.
Please upgrade iio-sensor-proxy to version 1.0.
* networkd gained a new configuration option IPv6PrivacyExtensions=
which enables IPv6 privacy extensions (RFC 4941, "Privacy Extensions
for Stateless Address") on selected networks.
* For the sake of fewer build-time dependencies and less code in the
main repository, the python bindings are about to be removed in the
next release. A new repository has been created which accommodates
the code from now on, and we kindly ask distributions to create a
separate package for this. The removal will take place in v223.
https://github.com/systemd/python-systemd
Contributions from: Abdo Roig-Maranges, Andrew Eikum, Bastien Nocera,
Cédric Delmas, Christian Hesse, Christos Trochalakis, Daniel Mack,
daurnimator, David Herrmann, Dimitri John Ledkov, Eric Biggers, Eric
Cook, Felipe Sateler, Geert Jansen, Gerd Hoffmann, Gianpaolo Macario,
Greg Kroah-Hartman, Iago López Galeiras, Jan Alexander Steffens
(heftig), Jan Engelhardt, Jay Strict, Kay Sievers, Lennart Poettering,
Markus Knetschke, Martin Pitt, Michael Biebl, Michael Marineau, Michal
Sekletar, Miguel Bernal Marin, Peter Hutterer, Richard Maw, rinrinne,
Susant Sahani, Thomas Hindoe Paaboel Andersen, Tom Gundersen, Torstein
Husebø, Vedran Miletić, WaLyong Cho, Zbigniew Jędrzejewski-Szmek
-- Berlin, 2015-07-07
CHANGES WITH 221:
* The sd-bus.h and sd-event.h APIs have now been declared
stable and have been added to the official interface of
libsystemd.so. sd-bus implements an alternative D-Bus client
library, that is relatively easy to use, very efficient and
supports both classic D-Bus as well as kdbus as transport
backend. sd-event is a generic event loop abstraction that
is built around Linux epoll, but adds features such as event
prioritization or efficient timer handling. Both APIs are good
choices for C programs looking for a bus and/or event loop
implementation that is minimal and does not have to be
portable to other kernels.
* kdbus support is no longer compile-time optional. It is now
always built-in. However, it can still be disabled at
runtime using the kdbus=0 kernel command line setting, and
that setting may be changed to default to off, by specifying
--disable-kdbus at build-time. Note though that the kernel
command line setting has no effect if the kdbus.ko kernel
module is not installed, in which case kdbus is (obviously)
also disabled. We encourage all downstream distributions to
begin testing kdbus by adding it to the kernel images in the
development distributions, and leaving kdbus support in
systemd enabled.
* The minimal required util-linux version has been bumped to
2.26.
* Support for chkconfig (--enable-chkconfig) was removed in
favor of calling an abstraction tool
/lib/systemd/systemd-sysv-install. This needs to be
implemented for your distribution. See "SYSV INIT.D SCRIPTS"
in README for details.
* If there's a systemd unit and a SysV init script for the
same service name, and the user executes "systemctl enable"
for it (or a related call), then this will now enable both
(or execute the related operation on both), not just the
unit.
* The libudev API documentation has been converted from gtkdoc
into man pages.