NEWS revision 3058e017fced6d5c8712e10c8c1477421bc1e960
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
3219
3220
3221
3222
3223
3224
3225
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
3255
3256
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
3411
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
3430
3431
3432
3433
3434
3435
3436
3437
3438
3439
3440
3441
3442
3443
3444
3445
3446
3447
3448
3449
3450
3451
3452
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462
3463
3464
3465
3466
3467
3468
3469
3470
3471
3472
3473
3474
3475
3476
3477
3478
3479
3480
3481
3482
3483
3484
3485
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512
3513
3514
3515
3516
3517
3518
3519
3520
3521
3522
3523
3524
3525
3526
3527
3528
3529
3530
3531
3532
3533
3534
3535
3536
3537
3538
3539
3540
3541
3542
3543
3544
3545
3546
3547
3548
3549
3550
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
3577
3578
3579
3580
3581
3582
3583
3584
3585
3586
3587
3588
3589
3590
3591
3592
3593
3594
3595
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
3612
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
3720
3721
3722
3723
3724
3725
3726
3727
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740
3741
3742
3743
3744
3745
3746
3747
3748
3749
3750
3751
3752
3753
3754
3755
3756
3757
3758
3759
d657c51f14601d0235434ffb78cf6ac0f27cc83cLennart Poetteringsystemd System and Service Manager
3dff3e00e044e2d53c76fa842b9a4759d4a50e69Kay SieversCHANGES WITH 215:
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A new tool systemd-sysusers has been added. This tool
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering creates system users and groups in /etc/passwd and
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering /etc/group, based on static declarative system user/group
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering definitions in /usr/lib/sysusers.d/. This is useful to
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering enable factory resets and volatile systems that boot up with
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering an empty /etc directory, and thus need system users and
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering groups created during early boot. systemd now also ships
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering with two default sysusers.d/ files for the most basic
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering users and groups systemd and the core operating system
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A new tmpfiles snippet has been added that rebuilds the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering essential files in /etc on boot, should they be missing.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A directive for ensuring automatic clean-up of
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering /var/cache/man/ has been removed from the default
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering configuration. This line should now be shipped by the man
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering implementation. The necessary change has been made to the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering man-db implementation. Note that you need to update your man
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering implementation to one that ships this line, otherwise no
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering automatic clean-up of /var/cache/man will take place.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A new condition ConditionNeedsUpdate= has been added that
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering may conditionalize services to only run when /etc or /var
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering are "older" than the vendor operating system resources in
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering /usr. This is useful for reconstructing or updating /etc
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering after an offline update of /usr or a factory reset, on the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering next reboot. Services that want to run once after such an
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering update or reset should use this condition and order
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering themselves before the new systemd-update-done.service, which
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering will mark the two directories as fully updated. A number of
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering service files have been added making use of this, to rebuild
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering the udev hardware database, the journald message catalog and
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering dynamic loader cache (ldconfig). The systemd-sysusers tool
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering described above also makes use of this now. With this in
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering place it is now possible to start up a minimal operating
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering system with /etc empty cleanly. Fore more information on the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering concepts involved see this recent blog story:
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering http://0pointer.de/blog/projects/stateless.html
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A new system group "input" has been introduced, and all
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering input device nodes get this group assigned. This is useful
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering for system-level software to get access to input devices. It
3dff3e00e044e2d53c76fa842b9a4759d4a50e69Kay Sievers complements what is already done for "audio" and "video".
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * systemd-networkd learnt minimal DHCPv4 server support in
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering addition to the existing DHCPv4 client support. It also
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering learnt DHCPv6 client and IPv6 Router Solicitation client
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering support. The DHCPv4 client gained support for static routes
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering passed in from the server. Note that the [DHCPv4] section
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering known in older systemd-networkd versions has been renamed to
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering [DHCP] and is now also used by the DHCPv6 client. Existing
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering .network files using settings of this section need to be
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * networkd gained support for vxlan virtual networks.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * networkd gained support for automatic allocation of address
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering ranges for interfaces from a system-wide pool of
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering addresses. This is useful for dynamically managing a large
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering number of interfaces with a single network configuration
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering file. In particular this is useful to easily assign
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering appropriate IP addresses to the veth links of a large number
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering of nspawn instances.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * RPM macros for processing sysusers, sysctl and binfmt
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering drop-in snippets at package installation time have been
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * The /etc/os-release file should now be placed in
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering /usr/lib/os-release. The old location is automatically
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering created as symlink. /usr/lib is the more appropriate
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering location of this file, since it shall actually describe the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering vendor operating system shipped in /usr, and not the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering configuration stored in /etc.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * .mount units gained a new boolean SloppyOptions= setting
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering that maps to mount(8)'s -s option which enables permissive
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering parsing of unknown mount options.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * tmpfiles learnt a new "L+" directive which creates a symlink
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering but (unlike "L") deletes a pre-existing file first, should
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering it already exist and not already be the correct
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering symlink. Similar, "b+", "c+" and "p+" directives have been
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering added as well, which create block and character devices, as
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering well as fifos in the filesystem, possibly removing any
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering pre-existing files of different types.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * For tmpfiles' "L", "L+", "C" and "C+" directives the final
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering 'argument' field (which so far specified the source to
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering symlink/copy the files from) is now optional. If ommited the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering same file os copied from /usr/share/factory/ suffixed by the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering full destination path. This is useful for populating /etc
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering with essential files, by copying them from vendor defaults
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A new command "systemctl preset-all" has been added that
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering applies the service preset settings to all installed unit
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering files. A new switch --preset-mode= has been added that
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering controls whether only enable or only disable operations
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering shall be executed.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A new command "systemctl is-system-running" has been added
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering that allows checking the overall state of the system, for
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering example whether it is fully up an running.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * When the system boots up with an empty /etc, the equivalent
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering to "systemctl preset-all" is executed during early boot, to
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering make sure all default services are enabled after a factory
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * systemd now contains a minimal preset file that enables the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering most basic services systemd ships by default.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * Unit files' [Install] section gained a new DefaultInstance=
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering field for defining the default instance to create if a
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering template unit is enabled with no instance specified.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A new passive target cryptsetup-pre.target has been added
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering that may be used by services that need to make they run and
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering finish before the first LUKS cryptographic device is set up.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * The /dev/loop-control and /dev/btrfs-control device nodes
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering are now owned by the "disk" group by default, opening up
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering access to this group.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * systemd-coredump will now automatically generate a
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering stack trace of all core dumps taking place on the system,
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering based on elfutils' libdw library. This stack trace is logged
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering to the journal.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * systemd-coredump may now optionally store coredumps directly
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering on disk (in /var/lib/systemd/coredump, possibly compressed),
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering instead of storing them unconditionally in the journal. This
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering mode is the new default. A new configuration file
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering /etc/systemd/coredump.conf has been added to configure this
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering and other parameters of systemd-coredump.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * coredumpctl gained a new "info" verb to show details about a
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering specific coredump. A new switch "-1" has also been added
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering that makes sure to only show information about the most
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering recent entry instead of all entries. Also, as the tool is
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering generally useful now the "systemd-" prefix of the binary
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering name has been removed. Distributions that want to maintain
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering compatibility with the old name should add a symlink from
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering the old name to the new name.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * journald's SplitMode= now defaults to "uid". This makes sure
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering that unpriviliged users can access their own coredumps with
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering coredumpctl without restrictions.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * New kernel command line options "systemd.wants=" (for
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering pulling an additional unit during boot), "systemd.mask="
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering (for masking a specific unit for the boot), and
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering "systemd.debug-shell" (for enabling the debug shell on tty9)
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering have been added. This is implemented in the new generator
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering "systemd-debug-generator".
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * systemd-nspawn will now by default filter a couple of
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering syscalls for containers, among them those required for
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering kernel module loading, direct x86 IO port access, swap
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering management, and kexec. Most importantly though
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering open_by_handle_at() is now prohibited for containers,
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering closing a hole similar to a recently discussed vulnerability
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering in docker regarding access to files on file hierarchies the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering container should normally not have access to. Note that for
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering nspawn we generally make no security claims anyway (and
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering this is explicitly documented in the man page), so this is
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering just a fix for one of the most obvious problems.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A new man page file-hierarchy(7) has been added that
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering contains a minimized, modernized version of the file system
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering layout systemd expects, similar in style to the FHS
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering specification or hier(5).
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * Automatic time-based clean-up of $XDG_RUNTIME_DIR is no
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering longer done. Since the directory now has a per-user size
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering limit, and is cleaned on logout this appears unnecessary,
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering in particular since this now brings the lifecycle of this
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering directory closer in line with how IPC objects are handled.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * systemd.pc now exports a number of additional directories,
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering including $libdir (which is useful to identify the library
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering path for the primary architecture of the system), and a
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering couple of drop-in directories.
3058e017fced6d5c8712e10c8c1477421bc1e960Thadeu Lima de Souza Cascardo * udev's predictable network interface names now use the dev_port
3058e017fced6d5c8712e10c8c1477421bc1e960Thadeu Lima de Souza Cascardo sysfs attribute, introduced in linux 3.15 instead of dev_id to
3058e017fced6d5c8712e10c8c1477421bc1e960Thadeu Lima de Souza Cascardo distinguish between ports of the same PCI function. dev_id should
3058e017fced6d5c8712e10c8c1477421bc1e960Thadeu Lima de Souza Cascardo only be used for ports using the same HW address, hence the need
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay SieversCHANGES WITH 214:
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers * As an experimental feature, udev now tries to lock the
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers disk device node (flock(LOCK_SH|LOCK_NB)) while it
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers executes events for the disk or any of its partitions.
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers Applications like partitioning programs can lock the
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers disk device node (flock(LOCK_EX)) and claim temporary
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers device ownership that way; udev will entirely skip all event
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers handling for this disk and its partitions. If the disk
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers was opened for writing, the close will trigger a partition
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers table rescan in udev's "watch" facility, and if needed
71449cafa1f3aecad6fc755ae5e571eddf0bbd02Kay Sievers synthesize "change" events for the disk and all its partitions.
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt This is now unconditionally enabled, and if it turns out to
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers cause major problems, we might turn it on only for specific
45df8656ebb1b0559a75993d1508fc61c2d39829Jan Engelhardt devices, or might need to disable it entirely. Device Mapper
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers devices are excluded from this logic.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * We temporarily dropped the "-l" switch for fsck invocations,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering since they collide with the flock() logic above. util-linux
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering upstream has been changed already to avoid this conflict,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering and we will readd "-l" as soon as util-linux with this
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering change has been released.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The dependency on libattr has been removed. Since a long
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt time, the extended attribute calls have moved to glibc, and
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering libattr is thus unnecessary.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Virtualization detection works without priviliges now. This
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering means the systemd-detect-virt binary no longer requires
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering CAP_SYS_PTRACE file capabilities, and our daemons can run
71449cafa1f3aecad6fc755ae5e571eddf0bbd02Kay Sievers with fewer privileges.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * systemd-networkd now runs under its own "systemd-network"
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering user. It retains the CAP_NET_ADMIN, CAP_NET_BIND_SERVICE,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering CAP_NET_BROADCAST, CAP_NET_RAW capabilities though, but
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering loses the ability to write to files owned by root this way.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Similar, systemd-resolved now runs under its own
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering "systemd-resolve" user with no capabilities remaining.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Similar, systemd-bus-proxyd now runs under its own
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering "systemd-bus-proxy" user with only CAP_IPC_OWNER remaining.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * systemd-networkd gained support for setting up "veth"
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering virtual ethernet devices for container connectivity, as well
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering as GRE and VTI tunnels.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * systemd-networkd will no longer automatically attempt to
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering manually load kernel modules necessary for certain tunnel
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt transports. Instead, it is assumed the kernel loads them
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering automatically when required. This only works correctly on
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering very new kernels. On older kernels, please consider adding
c54bed5d515771c21250b8e0c052cb6600e21d37Mantas Mikulėnas the kernel modules to /etc/modules-load.d/ as a work-around.
cd14eda3212f9109c98a77cd5fee4168010d80daLennart Poettering * The resolv.conf file systemd-resolved generates has been
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt moved to /run/systemd/resolve/. If you have a symlink from
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt /etc/resolv.conf, it might be necessary to correct it.
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt * Two new service settings, ProtectedHome= and ProtectedSystem=,
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt have been added. When enabled, they will make the user data
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering (such as /home) inaccessible or read-only and the system
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering (such as /usr) read-only, for specific services. This allows
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering very light-weight per-service sandboxing to avoid
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering modifications of user data or system files from
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering services. These two new switches have been enabled for all
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering of systemd's long-running services, where appropriate.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Socket units gained new SocketUser= and SocketGroup=
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering settings to set the owner user and group of AF_UNIX sockets
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering and FIFOs in the file system.
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt * Socket units gained a new RemoveOnStop= setting. If enabled,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering all FIFOS and sockets in the file system will be removed
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering when the specific socket unit is stopped.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Socket units gained a new Symlinks= setting. It takes a list
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering of symlinks to create to file system sockets or FIFOs
45df8656ebb1b0559a75993d1508fc61c2d39829Jan Engelhardt created by the specific Unix sockets. This is useful to
71449cafa1f3aecad6fc755ae5e571eddf0bbd02Kay Sievers manage symlinks to socket nodes with the same life-cycle as
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering the socket itself.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The /dev/log socket and /dev/initctl FIFO have been moved to
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering /run, and have been replaced by symlinks. This allows
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering connecting to these facilities even if PrivateDevices=yes is
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering used for a service (which makes /dev/log itself unavailable,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering but /run is left). This also has the benefit of ensuring
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering that /dev only contains device nodes, directories and
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering symlinks, and nothing else.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * sd-daemon gained two new calls sd_pid_notify() and
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering sd_pid_notifyf(). They are similar to sd_notify() and
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering sd_notifyf(), but allow overriding of the source PID of
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering notification messages if permissions permit this. This is
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering useful to send notify messages on behalf of a different
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering process (for example, the parent process). The
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering systemd-notify tool has been updated to make use of this
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering when sending messages (so that notification messages now
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering originate from the shell script invoking systemd-notify and
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering not the systemd-notify process itself. This should minimize
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering a race where systemd fails to associate notification
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering messages to services when the originating process already
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * A new "on-abnormal" setting for Restart= has been added. If
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt set, it will result in automatic restarts on all "abnormal"
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering reasons for a process to exit, which includes unclean
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering signals, core dumps, timeouts and watchdog timeouts, but
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering does not include clean and unclean exit codes or clean
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering signals. Restart=on-abnormal is an alternative for
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Restart=on-failure for services that shall be able to
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering terminate and avoid restarts on certain errors, by
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering indicating so with an unclean exit code. Restart=on-failure
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering or Restart=on-abnormal is now the recommended setting for
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering all long-running services.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * If the InaccessibleDirectories= service setting points to a
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering mount point (or if there are any submounts contained within
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering it), it is now attempted to completely unmount it, to make
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering the file systems truly unavailable for the respective
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The ReadOnlyDirectories= service setting and
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering systemd-nspawn's --read-only parameter are now recursively
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering applied to all submounts, too.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Mount units may now be created transiently via the bus APIs.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The support for SysV and LSB init scripts has been removed
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering from the systemd daemon itself. Instead, it is now
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering implemented as a generator that creates native systemd units
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering from these scripts when needed. This enables us to remove a
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering substantial amount of legacy code from PID 1, following the
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering fact that many distributions only ship a very small number
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering of LSB/SysV init scripts nowadays.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Priviliged Xen (dom0) domains are not considered
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering virtualization anymore by the virtualization detection
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering logic. After all, they generally have unrestricted access to
71449cafa1f3aecad6fc755ae5e571eddf0bbd02Kay Sievers the hardware and usually are used to manage the unprivileged
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering (domU) domains.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * systemd-tmpfiles gained a new "C" line type, for copying
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering files or entire directories.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * systemd-tmpfiles "m" lines are now fully equivalent to "z"
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt lines. So far, they have been non-globbing versions of the
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt latter, and have thus been redundant. In future, it is
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt recommended to only use "z". "m" has hence been removed
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering from the documentation, even though it stays supported.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * A tmpfiles snippet to recreate the most basic structure in
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering /var has been added. This is enough to create the /var/run →
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering /run symlink and create a couple of structural
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering directories. This allows systems to boot up with an empty or
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt volatile /var. Of course, while with this change, the core OS
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt now is capable with dealing with a volatile /var, not all
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering user services are ready for it. However, we hope that sooner
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt or later, many service daemons will be changed upstream so
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering that they are able to automatically create their necessary
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering directories in /var at boot, should they be missing. This is
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering the first step to allow state-less systems that only require
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering the vendor image for /usr to boot.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * systemd-nspawn has gained a new --tmpfs= switch to mount an
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering empty tmpfs instance to a specific directory. This is
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering particularly useful for making use of the automatic
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering reconstruction of /var (see above), by passing --tmpfs=/var.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Access modes specified in tmpfiles snippets may now be
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering prefixed with "~", which indicates that they shall be masked
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering by whether the existing file or directly is currently
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt writable, readable or executable at all. Also, if specified,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering the sgid/suid/sticky bits will be masked for all
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering non-directories.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * A new passive target unit "network-pre.target" has been
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering added which is useful for services that shall run before any
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering network is configured, for example firewall scripts.
4c0d13bdd5ef971a3003899064af1717c8960beeLennart Poettering * The "floppy" group that previously owned the /dev/fd*
4c0d13bdd5ef971a3003899064af1717c8960beeLennart Poettering devices is no longer used. The "disk" group is now used
4c0d13bdd5ef971a3003899064af1717c8960beeLennart Poettering instead. Distributions should probably deprecate usage of
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Contributions from: Camilo Aguilar, Christian Hesse, Colin Ian
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering King, Cristian Rodríguez, Daniel Buch, Dave Reisner, David
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Strauss, Denis Tikhomirov, John, Jonathan Liu, Kay Sievers,
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Lennart Poettering, Mantas Mikulėnas, Mark Eichin, Ronny
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Chevalier, Susant Sahani, Thomas Blume, Thomas Hindoe Paaboel
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Andersen, Tom Gundersen, Umut Tezduyar Lindskog, Zbigniew
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Jędrzejewski-Szmek
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering -- Berlin, 2014-06-11
6936cd8926b6935364874b3701e86fe823e8c4ceLennart PoetteringCHANGES WITH 213:
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * A new "systemd-timesyncd" daemon has been added for
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers synchronizing the system clock across the network. It
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering implements an SNTP client. In contrast to NTP
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt implementations such as chrony or the NTP reference server,
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering this only implements a client side, and does not bother with
c9679c652b3c31f2510e8805d81630680ebc7e95Lennart Poettering the full NTP complexity, focusing only on querying time from
c9679c652b3c31f2510e8805d81630680ebc7e95Lennart Poettering one remote server and synchronizing the local clock to
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering it. Unless you intend to serve NTP to networked clients or
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt want to connect to local hardware clocks, this simple NTP
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering client should be more than appropriate for most
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering installations. The daemon runs with minimal privileges, and
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering has been hooked up with networkd to only operate when
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering network connectivity is available. The daemon saves the
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering current clock to disk every time a new NTP sync has been
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering acquired, and uses this to possibly correct the system clock
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers early at bootup, in order to accommodate for systems that
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering lack an RTC such as the Raspberry Pi and embedded devices,
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt and to make sure that time monotonically progresses on these
c9679c652b3c31f2510e8805d81630680ebc7e95Lennart Poettering systems, even if it is not always correct. To make use of
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt this daemon, a new system user and group "systemd-timesync"
c9679c652b3c31f2510e8805d81630680ebc7e95Lennart Poettering needs to be created on installation of systemd.
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers * The queue "seqnum" interface of libudev has been disabled, as
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers it was generally incompatible with device namespacing as
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering sequence numbers of devices go "missing" if the devices are
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering part of a different namespace.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * "systemctl list-timers" and "systemctl list-sockets" gained
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering a --recursive switch for showing units of these types also
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek for all local containers, similar in style to the already
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek supported --recursive switch for "systemctl list-units".
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * A new RebootArgument= setting has been added for service
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering units, which may be used to specify a kernel reboot argument
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek to use when triggering reboots with StartLimitAction=.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * A new FailureAction= setting has been added for service
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering units which may be used to specify an operation to trigger
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek when a service fails. This works similarly to
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt StartLimitAction=, but unlike it, controls what is done
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering immediately rather than only after several attempts to
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering restart the service in question.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * hostnamed got updated to also expose the kernel name,
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek release, and version on the bus. This is useful for
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek executing commands like hostnamectl with the -H switch.
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek systemd-analyze makes use of this to properly display
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek details when running non-locally.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * The bootchart tool can now show cgroup information in the
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering graphs it generates.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * The CFS CPU quota cgroup attribute is now exposed for
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering services. The new CPUQuota= switch has been added for this
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering which takes a percentage value. Setting this will have the
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering result that a service may never get more CPU time than the
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering specified percentage, even if the machine is otherwise idle.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * systemd-networkd learned IPIP and SIT tunnel support.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * LSB init scripts exposing a dependency on $network will now
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering get a dependency on network-online.target rather than simply
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering network.target. This should bring LSB handling closer to
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering what it was on SysV systems.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * A new fsck.repair= kernel option has been added to control
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering how fsck shall deal with unclean file systems at boot.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * The (.ini) configuration file parser will now silently
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering ignore sections whose name begins with "X-". This may be
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering used to maintain application-specific extension sections in unit
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * machined gained a new API to query the IP addresses of
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering registered containers. "machinectl status" has been updated
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering to show these addresses in its output.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * A new call sd_uid_get_display() has been added to the
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering sd-login APIs for querying the "primary" session of a
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering user. The "primary" session of the user is elected from the
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering user's sessions and generally a graphical session is
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering preferred over a text one.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * A minimal systemd-resolved daemon has been added. It
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering currently simply acts as a companion to systemd-networkd and
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering manages resolv.conf based on per-interface DNS
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering configuration, possibly supplied via DHCP. In the long run
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering we hope to extend this into a local DNSSEC enabled DNS and
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen * The systemd-networkd-wait-online tool is now enabled by
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen default. It will delay network-online.target until a network
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen connection has been configured. The tool primarily integrates
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen with networkd, but will also make a best effort to make sense
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen of network configuration performed in some other way.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * Two new service options StartupCPUShares= and
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek StartupBlockIOWeight= have been added that work similarly to
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering CPUShares= and BlockIOWeight= however only apply during
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers system startup. This is useful to prioritize certain services
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering differently during bootup than during normal runtime.
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering * hostnamed has been changed to prefer the statically
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering configured hostname in /etc/hostname (unless set to
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering 'localhost' or empty) over any dynamic one supplied by
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt dhcp. With this change, the rules for picking the hostname
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering match more closely the rules of other configuration settings
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering where the local administrator's configuration in /etc always
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering overrides any other settings.
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering Contributions fron: Ali H. Caliskan, Alison Chaiken, Bas van
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering den Berg, Brandon Philips, Cristian Rodríguez, Daniel Buch,
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Dan Kilman, Dave Reisner, David Härdeman, David Herrmann,
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering David Strauss, Dimitris Spingos, Djalal Harouni, Eelco
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Dolstra, Evan Nemerson, Florian Albrechtskirchinger, Greg
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Kroah-Hartman, Harald Hoyer, Holger Hans Peter Freyther, Jan
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Engelhardt, Jani Nikula, Jason St. John, Jeffrey Clark,
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Jonathan Boulle, Kay Sievers, Lennart Poettering, Lukas
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Nykryn, Lukasz Skalski, Łukasz Stelmach, Mantas Mikulėnas,
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering Marcel Holtmann, Martin Pitt, Matthew Monaco, Michael
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering Marineau, Michael Olbrich, Michal Sekletar, Mike Gilbert, Nis
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering Martensen, Patrik Flykt, Philip Lorenz, poma, Ray Strode,
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering Reyad Attiyat, Robert Milasan, Scott Thrasher, Stef Walter,
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering Steven Siloti, Susant Sahani, Tanu Kaskinen, Thomas Bächler,
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering Lindskog, WaLyong Cho, Will Woods, Zbigniew
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Jędrzejewski-Szmek
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering -- Beijing, 2014-05-28
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart PoetteringCHANGES WITH 212:
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * When restoring the screen brightness at boot, stay away from
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering the darkest setting or from the lowest 5% of the available
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering range, depending on which is the larger value of both. This
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering should effectively protect the user from rebooting into a
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering black screen, should the brightness have been set to minimum
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * sd-login gained a new sd_machine_get_class() call to
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering determine the class ("vm" or "container") of a machine
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering registered with machined.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * sd-login gained new calls
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering sd_peer_get_{session,owner_uid,unit,user_unit,slice,machine_name}(),
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering to query the identity of the peer of a local AF_UNIX
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek connection. They operate similarly to their sd_pid_get_xyz()
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * PID 1 will now maintain a system-wide system state engine
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering with the states "starting", "running", "degraded",
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering "maintenance", "stopping". These states are bound to system
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering startup, normal runtime, runtime with at least one failed
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering service, rescue/emergency mode and system shutdown. This
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering state is shown in the "systemctl status" output when no unit
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering name is passed. It is useful to determine system state, in
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering particularly when doing so for many systems or containers at
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * A new command "list-machines" has been added to "systemctl"
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering that lists all local OS containers and shows their system
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering state (see above), if systemd runs inside of them.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * systemctl gained a new "-r" switch to recursively enumerate
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering units on all local containers, when used with the
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering "list-unit" command (which is the default one that is
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering executed when no parameters are specified).
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * The GPT automatic partition discovery logic will now honour
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering two GPT partition flags: one may be set on a partition to
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering cause it to be mounted read-only, and the other may be set
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering on a partition to ignore it during automatic discovery.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * Two new GPT type UUIDs have been added for automatic root
70a44afee385c4afadaab9a002b3f9dd44aedf4aJan Engelhardt partition discovery, for 32-bit and 64-bit ARM. This is not
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering particularly useful for discovering the root directory on
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering these architectures during bare-metal boots (since UEFI is
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering not common there), but still very useful to allow booting of
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering ARM disk images in nspawn with the -i option.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * MAC addresses of interfaces created with nspawn's
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering --network-interface= switch will now be generated from the
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering machine name, and thus be stable between multiple invocations
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering of the container.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * logind will now automatically remove all IPC objects owned
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering by a user if she or he fully logs out. This makes sure that
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering users who are logged out cannot continue to consume IPC
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering resources. This covers SysV memory, semaphores and message
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering queues as well as POSIX shared memory and message
b8bde11658366290521e3d03316378b482600323Jan Engelhardt queues. Traditionally, SysV and POSIX IPC had no life-cycle
b8bde11658366290521e3d03316378b482600323Jan Engelhardt limits. With this functionality, that is corrected. This may
b8bde11658366290521e3d03316378b482600323Jan Engelhardt be turned off by using the RemoveIPC= switch of logind.conf.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * The systemd-machine-id-setup and tmpfiles tools gained a
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering --root= switch to operate on a specific root directory,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * journald can now forward logged messages to the TTYs of all
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering logged in users ("wall"). This is the default for all
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering emergency messages now.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * A new tool systemd-journal-remote has been added to stream
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering journal log messages across the network.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * /sys/fs/cgroup/ is now mounted read-only after all cgroup
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering controller trees are mounted into it. Note that the
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering directories mounted beneath it are not read-only. This is a
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering security measure and is particularly useful because glibc
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering actually includes a search logic to pick any tmpfs it can
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering find to implement shm_open() if /dev/shm is not available
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering (which it might very well be in namespaced setups).
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * machinectl gained a new "poweroff" command to cleanly power
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering down a local OS container.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * The PrivateDevices= unit file setting will now also drop the
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering CAP_MKNOD capability from the capability bound set, and
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering imply DevicePolicy=closed.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * PrivateDevices=, PrivateNetwork= and PrivateTmp= is now used
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering comprehensively on all long-running systemd services where
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering this is appropriate.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * systemd-udevd will now run in a disassociated mount
b8bde11658366290521e3d03316378b482600323Jan Engelhardt namespace. To mount directories from udev rules, make sure to
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering pull in mount units via SYSTEMD_WANTS properties.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * The kdbus support gained support for uploading policy into
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering the kernel. sd-bus gained support for creating "monitoring"
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering connections that can eavesdrop into all bus communication
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering for debugging purposes.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * Timestamps may now be specified in seconds since the UNIX
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering epoch Jan 1st, 1970 by specifying "@" followed by the value
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * Native tcpwrap support in systemd has been removed. tcpwrap
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering is old code, not really maintained anymore and has serious
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering shortcomings, and better options such as firewalls
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering exist. For setups that require tcpwrap usage, please
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering consider invoking your socket-activated service via tcpd,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering like on traditional inetd.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * A new system.conf configuration option
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering DefaultTimerAccuracySec= has been added that controls the
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering default AccuracySec= setting of .timer units.
b8bde11658366290521e3d03316378b482600323Jan Engelhardt * Timer units gained a new WakeSystem= switch. If enabled,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering timers configured this way will cause the system to resume
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering from system suspend (if the system supports that, which most
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering do these days).
b8bde11658366290521e3d03316378b482600323Jan Engelhardt * Timer units gained a new Persistent= switch. If enabled,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering timers configured this way will save to disk when they have
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering been last triggered. This information is then used on next
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering reboot to possible execute overdue timer events, that
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt could not take place because the system was powered off.
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt This enables simple anacron-like behaviour for timer units.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * systemctl's "list-timers" will now also list the time a
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering timer unit was last triggered in addition to the next time
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering it will be triggered.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * systemd-networkd will now assign predictable IPv4LL
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering addresses to its local interfaces.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Contributions from: Brandon Philips, Daniel Buch, Daniel Mack,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Dave Reisner, David Herrmann, Gerd Hoffmann, Greg
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Kroah-Hartman, Hendrik Brueckner, Jason St. John, Josh
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Triplett, Kay Sievers, Lennart Poettering, Marc-Antoine
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Perennou, Michael Marineau, Michael Olbrich, Miklos Vajna,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Patrik Flykt, poma, Sebastian Thorarensen, Thomas Bächler,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Thomas Hindoe Paaboel Andersen, Tomasz Torcz, Tom Gundersen,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Umut Tezduyar Lindskog, Wieland Hoffmann, Zbigniew
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Jędrzejewski-Szmek
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering -- Berlin, 2014-03-25
699b6b3491dc265ead79602404ad67ccdacae302Lennart PoetteringCHANGES WITH 211:
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * A new unit file setting RestrictAddressFamilies= has been
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering added to restrict which socket address families unit
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering processes gain access to. This takes address family names
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering like "AF_INET" or "AF_UNIX", and is useful to minimize the
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering attack surface of services via exotic protocol stacks. This
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering is built on seccomp system call filters.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * Two new unit file settings RuntimeDirectory= and
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering RuntimeDirectoryMode= have been added that may be used to
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering manage a per-daemon runtime directories below /run. This is
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering an alternative for setting up directory permissions with
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering tmpfiles snippets, and has the advantage that the runtime
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering directory's lifetime is bound to the daemon runtime and that
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering the daemon starts up with an empty directory each time. This
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering is particularly useful when writing services that drop
f1721625e7145977ba705e169580f2eb0002600cNis Martensen privileges using the User= or Group= setting.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * The DeviceAllow= unit setting now supports globbing for
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering matching against device group names.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * The systemd configuration file system.conf gained new
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering settings DefaultCPUAccounting=, DefaultBlockIOAccounting=,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering DefaultMemoryAccounting= to globally turn on/off accounting
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering for specific resources (cgroups) for all units. These
22e7062d749c69d7edfcd52ef7cc6ec005e862d5David Herrmann settings may still be overridden individually in each unit
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * systemd-gpt-auto-generator is now able to discover /srv and
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering root partitions in addition to /home and swap partitions. It
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering also supports LUKS-encrypted partitions now. With this in
b8bde11658366290521e3d03316378b482600323Jan Engelhardt place, automatic discovery of partitions to mount following
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering the Discoverable Partitions Specification
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering (http://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec)
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering is now a lot more complete. This allows booting without
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering /etc/fstab and without root= on the kernel command line on
b8bde11658366290521e3d03316378b482600323Jan Engelhardt systems prepared appropriately.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * systemd-nspawn gained a new --image= switch which allows
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering booting up disk images and Linux installations on any block
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering device that follow the Discoverable Partitions Specification
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering (see above). This means that installations made with
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering appropriately updated installers may now be started and
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering deployed using container managers, completely
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering unmodified. (We hope that libvirt-lxc will add support for
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering this feature soon, too.)
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * systemd-nspawn gained a new --network-macvlan= setting to
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering set up a private macvlan interface for the
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek container. Similarly, systemd-networkd gained a new
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Kind=macvlan setting in .netdev files.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * systemd-networkd now supports configuring local addresses
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * A new tool systemd-network-wait-online has been added to
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering synchronously wait for network connectivity using
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering systemd-networkd.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * The sd-bus.h bus API gained a new sd_bus_track object for
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering tracking the life-cycle of bus peers. Note that sd-bus.h is
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering still not a public API though (unless you specify
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering --enable-kdbus on the configure command line, which however
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering voids your warranty and you get no API stability guarantee).
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * The $XDG_RUNTIME_DIR runtime directories for each user are
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering now individual tmpfs instances, which has the benefit of
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering introducing separate pools for each user, with individual
4ef6e535e30c67d4ff34b2ca785e555dbaeac14eKay Sievers size limits, and thus making sure that unprivileged clients
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering can no longer negatively impact the system or other users by
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering filling up their $XDG_RUNTIME_DIR. A new logind.conf setting
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering RuntimeDirectorySize= has been introduced that allows
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering controlling the default size limit for all users. It
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering defaults to 10% of the available physical memory. This is no
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering replacement for quotas on tmpfs though (which the kernel
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering still does not support), as /dev/shm and /tmp are still
4ef6e535e30c67d4ff34b2ca785e555dbaeac14eKay Sievers shared resources used by both the system and unprivileged
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * logind will now automatically turn off automatic suspending
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering on laptop lid close when more than one display is
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering connected. This was previously expected to be implemented
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering individually in desktop environments (such as GNOME),
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering however has been added to logind now, in order to fix a
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering boot-time race where a desktop environment might not have
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering been started yet and thus not been able to take an inhibitor
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering lock at the time where logind already suspends the system
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering due to a closed lid.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * logind will now wait at least 30s after each system
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering suspend/resume cycle, and 3min after system boot before
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering suspending the system due to a closed laptop lid. This
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering should give USB docking stations and similar enough time to
4ef6e535e30c67d4ff34b2ca785e555dbaeac14eKay Sievers be probed and configured after system resume and boot in
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering order to then act as suspend blocker.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * systemd-run gained a new --property= setting which allows
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering initialization of resource control properties (and others)
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering for the created scope or service unit. Example: "systemd-run
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering --property=BlockIOWeight=10 updatedb" may be used to run
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering updatedb at a low block IO scheduling weight.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * systemd-run's --uid=, --gid=, --setenv=, --setenv= switches
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering now also work in --scope mode.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * When systemd is compiled with kdbus support, basic support
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering for enforced policies is now in place. (Note that enabling
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering kdbus still voids your warranty and no API compatibility
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering promises are made.)
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Contributions from: Andrey Borzenkov, Ansgar Burchardt, Armin
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering K., Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Harald Hoyer, Henrik Grindal Bakken, Jasper St. Pierre, Kay
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Sievers, Kieran Clancy, Lennart Poettering, Lukas Nykryn,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Mantas Mikulėnas, Marcel Holtmann, Mark Oteiza, Martin Pitt,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Mike Gilbert, Peter Rajnoha, poma, Samuli Suominen, Stef
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Walter, Susant Sahani, Tero Roponen, Thomas Andersen, Thomas
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Bächler, Thomas Hindoe Paaboel Andersen, Tomasz Torcz, Tom
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Gundersen, Umut Tezduyar Lindskog, Uoti Urpala, Zachary Cook,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Zbigniew Jędrzejewski-Szmek
13b28d822462e9a0a7130ad40bed08cb380082f0Lennart Poettering -- Berlin, 2014-03-12
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart PoetteringCHANGES WITH 210:
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * systemd will now relabel /dev after loading the SMACK policy
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering according to SMACK rules.
67dd87c51b1ba254dc6a0eeae41762aace40addaLennart Poettering * A new unit file option AppArmorProfile= has been added to
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering set the AppArmor profile for the processes of a unit.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * A new condition check ConditionArchitecture= has been added
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering to conditionalize units based on the system architecture, as
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering reported by uname()'s "machine" field.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * systemd-networkd now supports matching on the system
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering virtualization, architecture, kernel command line, host name
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering and machine ID.
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers * logind is now a lot more aggressive when suspending the
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering machine due to a closed laptop lid. Instead of acting only
b8bde11658366290521e3d03316378b482600323Jan Engelhardt on the lid close action, it will continuously watch the lid
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering status and act on it. This is useful for laptops where the
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering power button is on the outside of the chassis so that it can
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers be reached without opening the lid (such as the Lenovo
b8bde11658366290521e3d03316378b482600323Jan Engelhardt Yoga). On those machines, logind will now immediately
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers re-suspend the machine if the power button has been
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering accidentally pressed while the laptop was suspended and in a
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering backpack or similar.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * logind will now watch SW_DOCK switches and inhibit reaction
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering to the lid switch if it is pressed. This means that logind
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering will not suspend the machine anymore if the lid is closed
949138ccc3417748b0978980e4a1c67955dd4ba4Ansgar Burchardt and the system is docked, if the laptop supports SW_DOCK
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering notifications via the input layer. Note that ACPI docking
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering stations do not generate this currently. Also note that this
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering logic is usually not fully sufficient and Desktop
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Environments should take a lid switch inhibitor lock when an
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering external display is connected, as systemd will not watch
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering this on its own.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * nspawn will now make use of the devices cgroup controller by
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering default, and only permit creation of and access to the usual
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering API device nodes like /dev/null or /dev/random, as well as
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering access to (but not creation of) the pty devices.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * We will now ship a default .network file for
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering systemd-networkd that automatically configures DHCP for
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering network interfaces created by nspawn's --network-veth or
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering --network-bridge= switches.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * systemd will now understand the usual M, K, G, T suffixes
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering according to SI conventions (i.e. to the base 1000) when
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering referring to throughput and hardware metrics. It will stay
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering with IEC conventions (i.e. to the base 1024) for software
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering metrics, according to what is customary according to
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Wikipedia. We explicitly document which base applies for
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering each configuration option.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * The DeviceAllow= setting in unit files now supports a syntax
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers to whitelist an entire group of devices node majors at once,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering based on the /proc/devices listing. For example, with the
b8bde11658366290521e3d03316378b482600323Jan Engelhardt string "char-pts", it is now possible to whitelist all
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering current and future pseudo-TTYs at once.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * sd-event learned a new "post" event source. Event sources of
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering this type are triggered by the dispatching of any event
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering source of a type that is not "post". This is useful for
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering implementing clean-up and check event sources that are
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering triggered by other work being done in the program.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * systemd-networkd is no longer statically enabled, but uses
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering the usual [Install] sections so that it can be
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering enabled/disabled using systemctl. It still is enabled by
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering default however.
b8bde11658366290521e3d03316378b482600323Jan Engelhardt * When creating a veth interface pair with systemd-nspawn, the
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering host side will now be prefixed with "vb-" if
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering --network-bridge= is used, and with "ve-" if --network-veth
b8bde11658366290521e3d03316378b482600323Jan Engelhardt is used. This way, it is easy to distinguish these cases on
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering the host, for example to apply different configuration to
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering them with systemd-networkd.
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering * The compatibility libraries for libsystemd-journal.so,
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering libsystem-id128.so, libsystemd-login.so and
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering libsystemd-daemon.so do not make use of IFUNC
b8bde11658366290521e3d03316378b482600323Jan Engelhardt anymore. Instead, we now build libsystemd.so multiple times
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering under these alternative names. This means that the footprint
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering is drastically increased, but given that these are
b8bde11658366290521e3d03316378b482600323Jan Engelhardt transitional compatibility libraries, this should not matter
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering much. This change has been made necessary to support the ARM
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering platform for these compatibility libraries, as the ARM
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt toolchain is not really at the same level as the toolchain
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers for other architectures like x86 and does not support
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering IFUNC. Please make sure to use --enable-compat-libs only
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering during a transitional period!
13b28d822462e9a0a7130ad40bed08cb380082f0Lennart Poettering Contributions from: Andreas Fuchs, Armin K., Colin Walters,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Holger Schurig, Jason A. Donenfeld, Jason St. John, Jasper
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering St. Pierre, Kay Sievers, Lennart Poettering, Łukasz Stelmach,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Marcel Holtmann, Michael Scherer, Michal Sekletar, Mike
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Gilbert, Samuli Suominen, Thomas Bächler, Thomas Hindoe
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Paaboel Andersen, Tom Gundersen, Umut Tezduyar Lindskog,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Zbigniew Jędrzejewski-Szmek
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering -- Berlin, 2014-02-24
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart PoetteringCHANGES WITH 209:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new component "systemd-networkd" has been added that can
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering be used to configure local network interfaces statically or
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John via DHCP. It is capable of bringing up bridges, VLANs, and
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John bonding. Currently, no hook-ups for interactive network
4670e9d5f23fc39360c086fb58eadf8b157ee205Jan Engelhardt configuration are provided. Use this for your initrd,
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John container, embedded, or server setup if you need a simple,
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John yet powerful, network configuration solution. This
4670e9d5f23fc39360c086fb58eadf8b157ee205Jan Engelhardt configuration subsystem is quite nifty, as it allows wildcard
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek hotplug matching in interfaces. For example, with a single
4670e9d5f23fc39360c086fb58eadf8b157ee205Jan Engelhardt configuration snippet, you can configure that all Ethernet
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek interfaces showing up are automatically added to a bridge,
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek or similar. It supports link-sensing and more.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new tool "systemd-socket-proxyd" has been added which can
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt act as a bidirectional proxy for TCP sockets. This is
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering useful for adding socket activation support to services that
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering do not actually support socket activation, including virtual
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt machines and the like.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Add a new tool to save/restore rfkill state on
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * Save/restore state of keyboard backlights in addition to
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John display backlights on shutdown/boot.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * udev learned a new SECLABEL{} construct to label device
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering nodes with a specific security label when they appear. For
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt now, only SECLABEL{selinux} is supported, but the syntax is
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering prepared for additional security frameworks.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * udev gained a new scheme to configure link-level attributes
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering from files in /etc/systemd/network/*.link. These files can
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John match against MAC address, device path, driver name and type,
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt and will apply attributes like the naming policy, link speed,
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John MTU, duplex settings, Wake-on-LAN settings, MAC address, MAC
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering address assignment policy (randomized, ...).
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek * The configuration of network interface naming rules for
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek "permanent interface names" has changed: a new NamePolicy=
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek setting in the [Link] section of .link files determines the
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek priority of possible naming schemes (onboard, slot, mac,
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek path). The default value of this setting is determined by
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek /usr/lib/net/links/99-default.link. Old
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek 80-net-name-slot.rules udev configuration file has been
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek removed, so local configuration overriding this file should
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek be adapated to override 99-default.link instead.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * When the User= switch is used in a unit file, also
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt initialize $SHELL= based on the user database entry.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd no longer depends on libdbus. All communication is
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering now done with sd-bus, systemd's low-level bus library
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering implementation.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * kdbus support has been added to PID 1 itself. When kdbus is
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt enabled, this causes PID 1 to set up the system bus and
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering enable support for a new ".busname" unit type that
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering encapsulates bus name activation on kdbus. It works a little
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering bit like ".socket" units, except for bus names. A new
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering generator has been added that converts classic dbus1 service
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering activation files automatically into native systemd .busname
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering and .service units.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * sd-bus: add a light-weight vtable implementation that allows
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering defining objects on the bus with a simple static const
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering vtable array of its methods, signals and properties.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * systemd will not generate or install static dbus
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering introspection data anymore to /usr/share/dbus-1/interfaces,
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek as the precise format of these files is unclear, and
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering nothing makes use of it.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A proxy daemon is now provided to proxy clients connecting
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering via classic D-Bus AF_UNIX sockets to kdbus, to provide full
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering compatibility with classic D-Bus.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A bus driver implementation has been added that supports the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering classic D-Bus bus driver calls on kdbus, also for
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering compatibility purposes.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new API "sd-event.h" has been added that implements a
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering minimal event loop API built around epoll. It provides a
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering couple of features that direct epoll usage is lacking:
b97610038a122ff30e60b1996369ca4b979d8b19Kay Sievers prioritization of events, scales to large numbers of timer
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering events, per-event timer slack (accuracy), system-wide
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering coalescing of timer events, exit handlers, watchdog
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering supervision support using systemd's sd_notify() API, child
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering process handling.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new API "sd-rntl.h" has been added that provides an API
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering around the route netlink interface of the kernel, similar in
7e95eda5b36f4a5259e1e86989b5aee824d83d03Patrik Flykt * A new API "sd-dhcp-client.h" has been added that provides a
7e95eda5b36f4a5259e1e86989b5aee824d83d03Patrik Flykt small DHCPv4 client-side implementation. This is used by
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering "systemd-networkd".
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * There is a new kernel command line option
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John "systemd.restore_state=0|1". When set to "0", none of the
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John systemd tools will restore saved runtime state to hardware
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John devices. More specifically, the rfkill and backlight states
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John are not restored.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The FsckPassNo= compatibility option in mount/service units
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering has been removed. The fstab generator will now add the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering necessary dependencies automatically, and does not require
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering PID1's support for that anymore.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * journalctl gained a new switch, --list-boots, that lists
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering recent boots with their times and boot IDs.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The various tools like systemctl, loginctl, timedatectl,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering busctl, systemd-run, ... have gained a new switch "-M" to
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering connect to a specific, local OS container (as direct
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering connection, without requiring SSH). This works on any
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering container that is registered with machined, such as those
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering created by libvirt-lxc or nspawn.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-run and systemd-analyze also gained support for "-H"
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt to connect to remote hosts via SSH. This is particularly
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John useful for systemd-run because it enables queuing of jobs
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John onto remote systems.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * machinectl gained a new command "login" to open a getty
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering login in any local container. This works with any container
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering that is registered with machined (such as those created by
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering libvirt-lxc or nspawn), and which runs systemd inside.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * machinectl gained a new "reboot" command that may be used to
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering trigger a reboot on a specific container that is registered
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering with machined. This works on any container that runs an init
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering system of some kind.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemctl gained a new "list-timers" command to print a nice
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering listing of installed timer units with the times they elapse
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Alternative reboot() parameters may now be specified on the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering "systemctl reboot" command line and are passed to the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering reboot() system call.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemctl gained a new --job-mode= switch to configure the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering mode to queue a job with. This is a more generic version of
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John --fail, --irreversible, and --ignore-dependencies, which are
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering still available but not advertised anymore.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * /etc/systemd/system.conf gained new settings to configure
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering various default timeouts of units, as well as the default
b97610038a122ff30e60b1996369ca4b979d8b19Kay Sievers start limit interval and burst. These may still be overridden
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering within each Unit.
270f1624022039b370b9db311f9d33492833ad24Lennart Poettering * PID1 will now export on the bus profile data of the security
270f1624022039b370b9db311f9d33492833ad24Lennart Poettering policy upload process (such as the SELinux policy upload to
4670e9d5f23fc39360c086fb58eadf8b157ee205Jan Engelhardt * journald: when forwarding logs to the console, include
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek timestamps (following the setting in
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek /sys/module/printk/parameters/time).
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * OnCalendar= in timer units now understands the special
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering strings "yearly" and "annually". (Both are equivalent)
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The accuracy of timer units is now configurable with the new
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering AccuracySec= setting. It defaults to 1min.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new dependency type JoinsNamespaceOf= has been added that
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering allows running two services within the same /tmp and network
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering namespace, if PrivateNetwork= or PrivateTmp= are used.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new command "cat" has been added to systemctl. It outputs
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the original unit file of a unit, and concatenates the
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek contents of additional "drop-in" unit file snippets, so that
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek the full configuration is shown.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemctl now supports globbing on the various "list-xyz"
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering commands, like "list-units" or "list-sockets", as well as on
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek those commands which take multiple unit names.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * journalctl's --unit= switch gained support for globbing.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * All systemd daemons now make use of the watchdog logic so
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering that systemd automatically notices when they hang.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * If the $container_ttys environment variable is set,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering getty-generator will automatically spawn a getty for each
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering listed tty. This is useful for container managers to request
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering login gettys to be spawned on as many ttys as needed.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * %h, %s, %U specifier support is not available anymore when
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering used in unit files for PID 1. This is because NSS calls are
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering not safe from PID 1. They stay available for --user
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering instances of systemd, and as special case for the root user.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * loginctl gained a new "--no-legend" switch to turn off output
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering of the legend text.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The "sd-login.h" API gained three new calls:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering sd_session_is_remote(), sd_session_get_remote_user(),
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering sd_session_get_remote_host() to query information about
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering remote sessions.
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering * The udev hardware database now also carries vendor/product
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering information of SDIO devices.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The "sd-daemon.h" API gained a new sd_watchdog_enabled() to
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering determine whether watchdog notifications are requested by
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the system manager.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * Socket-activated per-connection services now include a
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering short description of the connection parameters in the
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * tmpfiles gained a new "--boot" option. When this is not used,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering only lines where the command character is not suffixed with
4670e9d5f23fc39360c086fb58eadf8b157ee205Jan Engelhardt "!" are executed. When this option is specified, those
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek options are executed too. This partitions tmpfiles
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek directives into those that can be safely executed at any
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek time, and those which should be run only at boot (for
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek example, a line that creates /run/nologin).
c0c5af00bec95567435bdfb818c69b2b669adfedDaniel Buch * A new API "sd-resolve.h" has been added which provides a simple
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt asynchronous wrapper around glibc NSS host name resolution
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering calls, such as getaddrinfo(). In contrast to glibc's
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt getaddrinfo_a(), it does not use signals. In contrast to most
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt other asynchronous name resolution libraries, this one does
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt not reimplement DNS, but reuses NSS, so that alternate
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering host name resolution systems continue to work, such as mDNS,
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John LDAP, etc. This API is based on libasyncns, but it has been
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering cleaned up for inclusion in systemd.
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering * The APIs "sd-journal.h", "sd-login.h", "sd-id128.h",
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering "sd-daemon.h" are no longer found in individual libraries
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering libsystemd-journal.so, libsystemd-login.so,
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering libsystemd-id128.so, libsystemd-daemon.so. Instead, we have
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John merged them into a single library, libsystemd.so, which
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John provides all symbols. The reason for this is cyclic
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering dependencies, as these libraries tend to use each other's
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt symbols. So far, we have managed to workaround that by linking
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering a copy of a good part of our code into each of these
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering libraries again and again, which, however, makes certain
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering things hard to do, like sharing static variables. Also, it
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering substantially increases footprint. With this change, there
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering is only one library for the basic APIs systemd
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering provides. Also, "sd-bus.h", "sd-memfd.h", "sd-event.h",
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering "sd-rtnl.h", "sd-resolve.h", "sd-utf8.h" are found in this
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering library as well, however are subject to the --enable-kdbus
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering switch (see below). Note that "sd-dhcp-client.h" is not part
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering of this library (this is because it only consumes, never
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering provides, services of/to other APIs). To make the transition
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John easy from the separate libraries to the unified one, we
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt provide the --enable-compat-libs compile-time switch which
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering will generate stub libraries that are compatible with the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering old ones but redirect all calls to the new one.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * All of the kdbus logic and the new APIs "sd-bus.h",
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering "sd-memfd.h", "sd-event.h", "sd-rtnl.h", "sd-resolve.h",
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John and "sd-utf8.h" are compile-time optional via the
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John "--enable-kdbus" switch, and they are not compiled in by
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John default. To make use of kdbus, you have to explicitly enable
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt the switch. Note however, that neither the kernel nor the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering userspace API for all of this is considered stable yet. We
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering want to maintain the freedom to still change the APIs for
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt now. By specifying this build-time switch, you acknowledge
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering that you are aware of the instability of the current
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers * Also, note that while kdbus is pretty much complete,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering it lacks one thing: proper policy support. This means you
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John can build a fully working system with all features; however,
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt it will be highly insecure. Policy support will be added in
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt one of the next releases, at the same time that we will
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt declare the APIs stable.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * When the kernel command-line argument "kdbus" is specified,
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers systemd will automatically load the kdbus.ko kernel module. At
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John this stage of development, it is only useful for testing kdbus
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers and should not be used in production. Note: if "--enable-kdbus"
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John is specified, and the kdbus.ko kernel module is available, and
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers "kdbus" is added to the kernel command line, the entire system
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers runs with kdbus instead of dbus-daemon, with the above mentioned
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers problem of missing the system policy enforcement. Also a future
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers version of kdbus.ko or a newer systemd will not be compatible with
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers each other, and will unlikely be able to boot the machine if only
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers one of them is updated.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemctl gained a new "import-environment" command which
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt uploads the caller's environment (or parts thereof) into the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering service manager so that it is inherited by services started
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering by the manager. This is useful to upload variables like
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering $DISPLAY into the user service manager.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new PrivateDevices= switch has been added to service units
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering which allows running a service with a namespaced /dev
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering directory that does not contain any device nodes for
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt physical devices. More specifically, it only includes devices
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John such as /dev/null, /dev/urandom, and /dev/zero which are API
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * logind has been extended to support behaviour like VT
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering switching on seats that do not support a VT. This makes
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering multi-session available on seats that are not the first seat
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering (seat0), and on systems where kernel support for VTs has
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John been disabled at compile-time.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * If a process holds a delay lock for system sleep or shutdown
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek and fails to release it in time, we will now log its
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering identity. This makes it easier to identify processes that
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering cause slow suspends or power-offs.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * When parsing /etc/crypttab, support for a new key-slot=
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek option as supported by Debian is added. It allows indicating
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek which LUKS slot to use on disk, speeding up key loading.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * The sd_journald_sendv() API call has been checked and
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek officially declared to be async-signal-safe so that it may
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek be invoked from signal handlers for logging purposes.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Boot-time status output is now enabled automatically after a
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering short timeout if boot does not progress, in order to give
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering the user an indication what she or he is waiting for.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * The boot-time output has been improved to show how much time
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek remains until jobs expire.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The KillMode= switch in service units gained a new possible
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John value "mixed". If set, and the unit is shut down, then the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering initial SIGTERM signal is sent only to the main daemon
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering process, while the following SIGKILL signal is sent to
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering all remaining processes of the service.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * When a scope unit is registered, a new property "Controller"
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt may be set. If set to a valid bus name, systemd will send a
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering RequestStop() signal to this name when it would like to shut
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering down the scope. This may be used to hook manager logic into
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the shutdown logic of scope units. Also, scope units may now
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John be put in a special "abandoned" state, in which case the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering manager process which created them takes no further
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering responsibilities for it.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * When reading unit files, systemd will now verify
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the access mode of these files, and warn about certain
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering suspicious combinations. This has been added to make it
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering easier to track down packaging bugs where unit files are
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering marked executable or world-writable.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new "--setenv=" switch to set
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John container-wide environment variables. The similar option in
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek systemd-activate was renamed from "--environment=" to
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek "--setenv=" for consistency.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn has been updated to create a new kdbus domain
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering for each container that is invoked, thus allowing each
b97610038a122ff30e60b1996369ca4b979d8b19Kay Sievers container to have its own set of system and user buses,
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John independent of the host.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --drop-capability= switch to run
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the container with less capabilities than the default. Both
b97610038a122ff30e60b1996369ca4b979d8b19Kay Sievers --drop-capability= and --capability= now take the special
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering string "all" for dropping or keeping all capabilities.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained new switches for executing containers
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering with specific SELinux labels set.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --quiet switch to not generate
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering any additional output but the container's own console
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --share-system switch to run a
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering container without PID namespacing enabled.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --register= switch to control
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek whether the container is registered with systemd-machined or
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering not. This is useful for containers that do not run full
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering OS images, but only specific apps.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --keep-unit which may be used
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John when invoked as the only program from a service unit, and
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering results in registration of the unit service itself in
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek systemd-machined, instead of a newly opened scope unit.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --network-interface= switch for
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering moving arbitrary interfaces to the container. The new
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt --network-veth switch creates a virtual Ethernet connection
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John between host and container. The new --network-bridge=
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John switch then allows assigning the host side of this virtual
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John Ethernet connection to a bridge device.
6afc95b73605833e6e966af1c466b5c08feb953fLennart Poettering * systemd-nspawn gained a new --personality= switch for
6afc95b73605833e6e966af1c466b5c08feb953fLennart Poettering setting the kernel personality for the container. This is
70a44afee385c4afadaab9a002b3f9dd44aedf4aJan Engelhardt useful when running a 32-bit container on a 64-bit host. A
b8bde11658366290521e3d03316378b482600323Jan Engelhardt similar option Personality= is now also available for service
b8bde11658366290521e3d03316378b482600323Jan Engelhardt units to use.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * logind will now also track a "Desktop" identifier for each
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering session which encodes the desktop environment of it. This is
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering useful for desktop environments that want to identify
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering multiple running sessions of itself easily.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new SELinuxContext= setting for service units has been
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering added that allows setting a specific SELinux execution
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering context for a service.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Most systemd client tools will now honour $SYSTEMD_LESS for
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering settings of the "less" pager. By default, these tools will
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John override $LESS to allow certain operations to work, such as
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John jump-to-the-end. With $SYSTEMD_LESS, it is possible to
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering influence this logic.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd's "seccomp" hook-up has been changed to make use of
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the libseccomp library instead of using its own
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering implementation. This has benefits for portability among
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * For usage together with SystemCallFilter=, a new
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John SystemCallErrorNumber= setting has been introduced that
b8bde11658366290521e3d03316378b482600323Jan Engelhardt allows configuration of a system error number to be returned
b8bde11658366290521e3d03316378b482600323Jan Engelhardt on filtered system calls, instead of immediately killing the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering process. Also, SystemCallArchitectures= has been added to
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering limit access to system calls of a particular architecture
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering (in order to turn off support for unused secondary
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt architectures). There is also a global
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John SystemCallArchitectures= setting in system.conf now to turn
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering off support for non-native system calls system-wide.
210054d76cf4d294533aa09256d375e33b52569fKay Sievers * systemd requires a kernel with a working name_to_handle_at(),
210054d76cf4d294533aa09256d375e33b52569fKay Sievers please see the kernel config requirements in the README file.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Contributions from: Adam Williamson, Alex Jia, Anatol Pomozov,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Ansgar Burchardt, AppleBloom, Auke Kok, Bastien Nocera,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Chengwei Yang, Christian Seiler, Colin Guthrie, Colin Walters,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Cristian Rodríguez, Daniel Buch, Daniele Medri, Daniel J
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Walsh, Daniel Mack, Dan McGee, Dave Reisner, David Coppa,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering David Herrmann, David Strauss, Djalal Harouni, Dmitry Pisklov,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Elia Pinto, Florian Weimer, George McCollister, Goffredo
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Baroncelli, Greg Kroah-Hartman, Hendrik Brueckner, Igor
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Zhbanov, Jan Engelhardt, Jan Janssen, Jason A. Donenfeld,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Jason St. John, Jasper St. Pierre, Jóhann B. Guðmundsson, Jose
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Ignacio Naranjo, Karel Zak, Kay Sievers, Kristian Høgsberg,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Lennart Poettering, Lubomir Rintel, Lukas Nykryn, Lukasz
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Skalski, Łukasz Stelmach, Luke Shumaker, Mantas Mikulėnas,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Marc-Antoine Perennou, Marcel Holtmann, Marcos Felipe Rasia de
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Mello, Marko Myllynen, Martin Pitt, Matthew Monaco, Michael
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Marineau, Michael Scherer, Michał Górny, Michal Sekletar,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Michele Curti, Oleksii Shevchuk, Olivier Brunel, Patrik Flykt,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Pavel Holica, Raudi, Richard Marko, Ronny Chevalier, Sébastien
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Luttringer, Sergey Ptashnick, Shawn Landden, Simon Peeters,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Stefan Beller, Susant Sahani, Sylvain Plantefeve, Sylvia Else,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Tero Roponen, Thomas Bächler, Thomas Hindoe Paaboel Andersen,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Tom Gundersen, Umut Tezduyar Lindskog, Unai Uribarri, Václav
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Pavlín, Vincent Batts, WaLyong Cho, William Giokas, Yang
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Zhiyong, Yin Kangkai, Yuxuan Shui, Zbigniew Jędrzejewski-Szmek
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering -- Berlin, 2014-02-20
cd4010b37349413db1e553e213e62e654ca28113Lennart PoetteringCHANGES WITH 208:
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * logind has gained support for facilitating privileged input
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering and drm device access for unprivileged clients. This work is
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering useful to allow Wayland display servers (and similar
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering programs, such as kmscon) to run under the user's ID and
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering access input and drm devices which are normally
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering protected. When this is used (and the kernel is new enough)
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering logind will "mute" IO on the file descriptors passed to
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering Wayland as long as it is in the background and "unmute" it
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering if it returns into the foreground. This allows secure
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering session switching without allowing background sessions to
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering eavesdrop on input and display data. This also introduces
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering session switching support if VT support is turned off in the
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering kernel, and on seats that are not seat0.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * A new kernel command line option luks.options= is understood
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering now which allows specifiying LUKS options for usage for LUKS
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering encrypted partitions specified with luks.uuid=.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * tmpfiles.d(5) snippets may now use specifier expansion in
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering path names. More specifically %m, %b, %H, %v, are now
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering replaced by the local machine id, boot id, hostname, and
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering kernel version number.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * A new tmpfiles.d(5) command "m" has been introduced which
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering may be used to change the owner/group/access mode of a file
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt or directory if it exists, but do nothing if it does not.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * This release removes high-level support for the
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering MemorySoftLimit= cgroup setting. The underlying kernel
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering cgroup attribute memory.soft_limit= is currently badly
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering designed and likely to be removed from the kernel API in its
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt current form, hence we should not expose it for now.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * The memory.use_hierarchy cgroup attribute is now enabled for
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering all cgroups systemd creates in the memory cgroup
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering hierarchy. This option is likely to be come the built-in
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering default in the kernel anyway, and the non-hierarchial mode
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering never made much sense in the intrinsically hierarchial
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering cgroup system.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * A new field _SYSTEMD_SLICE= is logged along with all journal
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering messages containing the slice a message was generated
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering from. This is useful to allow easy per-customer filtering of
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering logs among other things.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * systemd-journald will no longer adjust the group of journal
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering files it creates to the "systemd-journal" group. Instead we
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering rely on the journal directory to be owned by the
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering "systemd-journal" group, and its setgid bit set, so that the
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering kernel file system layer will automatically enforce that
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering journal files inherit this group assignment. The reason for
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering this change is that we cannot allow NSS look-ups from
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering journald which would be necessary to resolve
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering "systemd-journal" to a numeric GID, because this might
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering create deadlocks if NSS involves synchronous queries to
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering other daemons (such as nscd, or sssd) which in turn are
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering logging clients of journald and might block on it, which
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering would then dead lock. A tmpfiles.d(5) snippet included in
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering systemd will make sure the setgid bit and group are
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering properly set on the journal directory if it exists on every
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering boot. However, we recommend adjusting it manually after
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering upgrades too (or from RPM scriptlets), so that the change is
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering not delayed until next reboot.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * Backlight and random seed files in /var/lib/ have moved into
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering the /var/lib/systemd/ directory, in order to centralize all
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering systemd generated files in one directory.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * Boot time performance measurements (as displayed by
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering "systemd-analyze" for example) will now read ACPI 5.0 FPDT
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering performance information if that's available to determine how
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering much time BIOS and boot loader initialization required. With
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering a sufficiently new BIOS you hence no longer need to boot
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering with Gummiboot to get access to such information.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering Contributions from: Andrey Borzenkov, Chen Jie, Colin Walters,
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering Cristian Rodríguez, Dave Reisner, David Herrmann, David
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering Mackey, David Strauss, Eelco Dolstra, Evan Callicoat, Gao
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering feng, Harald Hoyer, Jimmie Tauriainen, Kay Sievers, Lennart
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering Poettering, Lukas Nykryn, Mantas Mikulėnas, Martin Pitt,
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering Michael Scherer, Michał Górny, Mike Gilbert, Patrick McCarty,
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering Sebastian Ott, Tom Gundersen, Zbigniew Jędrzejewski-Szmek
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering -- Berlin, 2013-10-02
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart PoetteringCHANGES WITH 207:
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * The Restart= option for services now understands a new
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay Sievers on-watchdog setting, which will restart the service
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering automatically if the service stops sending out watchdog keep
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering alive messages (as configured with WatchdogSec=).
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * The getty generator (which is responsible for bringing up a
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering getty on configured serial consoles) will no longer only
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering start a getty on the primary kernel console but on all
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering others, too. This makes the order in which console= is
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering specified on the kernel command line less important.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * libsystemd-logind gained a new sd_session_get_vt() call to
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering retrieve the VT number of a session.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * If the option "tries=0" is set for an entry of /etc/crypttab
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering its passphrase is queried indefinitely instead of any
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering maximum number of tries.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * If a service with a configure PID file terminates its PID
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering file will now be removed automatically if it still exists
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering afterwards. This should put an end to stale PID files.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * systemd-run will now also take relative binary path names
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering for execution and no longer insists on absolute paths.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * InaccessibleDirectories= and ReadOnlyDirectories= now take
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering paths that are optionally prefixed with "-" to indicate that
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt it should not be considered a failure if they do not exist.
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay Sievers * journalctl -o (and similar commands) now understands a new
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay Sievers output mode "short-precise", it is similar to "short" but
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering shows timestamps with usec accuracy.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * The option "discard" (as known from Debian) is now
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering synonymous to "allow-discards" in /etc/crypttab. In fact,
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering "discard" is preferred now (since it is easier to remember
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay Sievers * Some licensing clean-ups were made, so that more code is now
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering LGPL-2.1 licensed than before.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * A minimal tool to save/restore the display backlight
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering brightness across reboots has been added. It will store the
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay Sievers backlight setting as late as possible at shutdown, and
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering restore it as early as possible during reboot.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * A logic to automatically discover and enable home and swap
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering partitions on GPT disks has been added. With this in place
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering /etc/fstab becomes optional for many setups as systemd can
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering discover certain partitions located on the root disk
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering automatically. Home partitions are recognized under their
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering GPT type ID 933ac7e12eb44f13b8440e14e2aef915. Swap
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering partitions are recognized under their GPT type ID
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering 0657fd6da4ab43c484e50933c84b4f4f.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * systemd will no longer pass any environment from the kernel
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering or initrd to system services. If you want to set an
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering environment for all services, do so via the kernel command
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering line systemd.setenv= assignment.
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering * The systemd-sysctl tool no longer natively reads the file
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering /etc/sysctl.conf. If desired, the file should be symlinked
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering from /etc/sysctl.d/99-sysctl.conf. Apart from providing
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering legacy support by a symlink rather than built-in code, it
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering also makes the otherwise hidden order of application of the
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering different files visible. (Note that this partly reverts to a
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering pre-198 application order of sysctl knobs!)
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * The "systemctl set-log-level" and "systemctl dump" commands
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering have been moved to systemd-analyze.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * systemd-run learned the new --remain-after-exit switch,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering which causes the scope unit not to be cleaned up
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering automatically after the process terminated.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * tmpfiles learned a new --exclude-prefix= switch to exclude
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering certain paths from operation.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * journald will now automatically flush all messages to disk
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering as soon as a message of the log priorities CRIT, ALERT or
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering EMERG is received.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Contributions from: Andrew Cook, Brandon Philips, Christian
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Hesse, Christoph Junghans, Colin Walters, Daniel Schaal,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Daniel Wallace, Dave Reisner, David Herrmann, Gao feng, George
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering McCollister, Giovanni Campagna, Hannes Reinecke, Harald Hoyer,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Herczeg Zsolt, Holger Hans Peter Freyther, Jan Engelhardt,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Jesper Larsen, Kay Sievers, Khem Raj, Lennart Poettering,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Lukas Nykryn, Maciej Wereski, Mantas Mikulėnas, Marcel
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Holtmann, Martin Pitt, Michael Biebl, Michael Marineau,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Michael Scherer, Michael Stapelberg, Michal Sekletar, Michał
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Górny, Olivier Brunel, Ondrej Balaz, Ronny Chevalier, Shawn
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Landden, Steven Hiscocks, Thomas Bächler, Thomas Hindoe
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Paaboel Andersen, Tom Gundersen, Umut Tezduyar, WANG Chao,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering William Giokas, Zbigniew Jędrzejewski-Szmek
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering -- Berlin, 2013-09-13
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart PoetteringCHANGES WITH 206:
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * The documentation has been updated to cover the various new
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering concepts introduced with 205.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * Unit files now understand the new %v specifier which
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering resolves to the kernel version string as returned by "uname
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * systemctl now supports filtering the unit list output by
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering load state, active state and sub state, using the new
33b521be152f67cd722695ba9a2966eda5ee6765Maciej Wereski --state= parameter.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * "systemctl status" will now show the results of the
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering condition checks (like ConditionPathExists= and similar) of
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering the last start attempts of the unit. They are also logged to
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * "journalctl -b" may now be used to look for boot output of a
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering specific boot. Try "journalctl -b -1" for the previous boot,
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering but the syntax is substantially more powerful.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * "journalctl --show-cursor" has been added which prints the
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering cursor string the last shown log line. This may then be used
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering with the new "journalctl --after-cursor=" switch to continue
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering browsing logs from that point on.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * "journalctl --force" may now be used to force regeneration
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering of an FSS key.
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * Creation of "dead" device nodes has been moved from udev
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering into kmod and tmpfiles. Previously, udev would read the kmod
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering databases to pre-generate dead device nodes based on meta
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering information contained in kernel modules, so that these would
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering be auto-loaded on access rather then at boot. As this
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt does not really have much to do with the exposing actual
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering kernel devices to userspace this has always been slightly
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering alien in the udev codebase. Following the new scheme kmod
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering will now generate a runtime snippet for tmpfiles from the
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering module meta information and it now is tmpfiles' job to the
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering create the nodes. This also allows overriding access and
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering other parameters for the nodes using the usual tmpfiles
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering facilities. As side effect this allows us to remove the
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering CAP_SYS_MKNOD capability bit from udevd entirely.
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * logind's device ACLs may now be applied to these "dead"
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering devices nodes too, thus finally allowing managed access to
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering devices such as /dev/snd/sequencer whithout loading the
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering backing module right-away.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * A new RPM macro has been added that may be used to apply
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering tmpfiles configuration during package installation.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * systemd-detect-virt and ConditionVirtualization= now can
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering detect User-Mode-Linux machines (UML).
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * journald will now implicitly log the effective capabilities
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering set of processes in the message metadata.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * systemd-cryptsetup has gained support for TrueCrypt volumes.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * The initrd interface has been simplified (more specifically,
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering support for passing performance data via environment
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering variables and fsck results via files in /run has been
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering removed). These features were non-essential, and are
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering nowadays available in a much nicer way by having systemd in
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering the initrd serialize its state and have the hosts systemd
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering deserialize it again.
28f5c779e5513ab1301ac103471009711b0961e0Kay Sievers * The udev "keymap" data files and tools to apply keyboard
28f5c779e5513ab1301ac103471009711b0961e0Kay Sievers specific mappings of scan to key codes, and force-release
28f5c779e5513ab1301ac103471009711b0961e0Kay Sievers scan code lists have been entirely replaced by a udev
28f5c779e5513ab1301ac103471009711b0961e0Kay Sievers "keyboard" builtin and a hwdb data file.
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * systemd will now honour the kernel's "quiet" command line
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering argument also during late shutdown, resulting in a
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering completely silent shutdown when used.
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * There's now an option to control the SO_REUSEPORT socket
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering option in .socket units.
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * Instance units will now automatically get a per-template
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering subslice of system.slice unless something else is explicitly
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering configured. For example, instances of sshd@.service will now
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering implicitly be placed in system-sshd.slice rather than
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * Test coverage support may now be enabled at build time.
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Contributions from: Dave Reisner, Frederic Crozat, Harald
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Hoyer, Holger Hans Peter Freyther, Jan Engelhardt, Jan
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Janssen, Jason St. John, Jesper Larsen, Kay Sievers, Lennart
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Poettering, Lukas Nykryn, Maciej Wereski, Martin Pitt, Michael
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Olbrich, Ramkumar Ramachandra, Ross Lagerwall, Shawn Landden,
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Thomas H.P. Andersen, Tom Gundersen, Tomasz Torcz, William
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Giokas, Zbigniew Jędrzejewski-Szmek
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering -- Berlin, 2013-07-23
00aa832b948a27507c33e2157e46963852cffc85Lennart PoetteringCHANGES WITH 205:
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * Two new unit types have been introduced:
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Scope units are very similar to service units, however, are
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering created out of pre-existing processes -- instead of PID 1
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering forking off the processes. By using scope units it is
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering possible for system services and applications to group their
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering own child processes (worker processes) in a powerful way
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering which then maybe used to organize them, or kill them
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering together, or apply resource limits on them.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Slice units may be used to partition system resources in an
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering hierarchial fashion and then assign other units to them. By
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering default there are now three slices: system.slice (for all
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering system services), user.slice (for all user sessions),
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering machine.slice (for VMs and containers).
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Slices and scopes have been introduced primarily in
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering context of the work to move cgroup handling to a
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering single-writer scheme, where only PID 1
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * There's a new concept of "transient" units. In contrast to
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering normal units these units are created via an API at runtime,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering not from configuration from disk. More specifically this
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering means it is now possible to run arbitrary programs as
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering independent services, with all execution parameters passed
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering in via bus APIs rather than read from disk. Transient units
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering make systemd substantially more dynamic then it ever was,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering and useful as a general batch manager.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * logind has been updated to make use of scope and slice units
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering for managing user sessions. As a user logs in he will get
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering his own private slice unit, to which all sessions are added
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering as scope units. We also added support for automatically
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering adding an instance of user@.service for the user into the
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering slice. Effectively logind will no longer create cgroup
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering hierarchies on its own now, it will defer entirely to PID 1
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering for this by means of scope, service and slice units. Since
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering user sessions this way become entities managed by PID 1
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering the output of "systemctl" is now a lot more comprehensive.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * A new mini-daemon "systemd-machined" has been added which
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering may be used by virtualization managers to register local
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering VMs/containers. nspawn has been updated accordingly, and
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering libvirt will be updated shortly. machined will collect a bit
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering of meta information about the VMs/containers, and assign
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering them their own scope unit (see above). The collected
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering meta-data is then made available via the "machinectl" tool,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering and exposed in "ps" and similar tools. machined/machinectl
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering is compile-time optional.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * As discussed earlier, the low-level cgroup configuration
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering options ControlGroup=, ControlGroupModify=,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering ControlGroupPersistent=, ControlGroupAttribute= have been
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering removed. Please use high-level attribute settings instead as
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering well as slice units.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * A new bus call SetUnitProperties() has been added to alter
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering various runtime parameters of a unit. This is primarily
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering useful to alter cgroup parameters dynamically in a nice way,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering but will be extended later on to make more properties
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering modifiable at runtime. systemctl gained a new set-properties
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering command that wraps this call.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * A new tool "systemd-run" has been added which can be used to
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering run arbitrary command lines as transient services or scopes,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering while configuring a number of settings via the command
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering line. This tool is currently very basic, however already
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering very useful. We plan to extend this tool to even allow
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering queuing of execution jobs with time triggers from the
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering command line, similar in fashion to "at".
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * nspawn will now inform the user explicitly that kernels with
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering audit enabled break containers, and suggest the user to turn
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * Support for detecting the IMA and AppArmor security
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering frameworks with ConditionSecurity= has been added.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * journalctl gained a new "-k" switch for showing only kernel
1fda0ab5fc9cf7454c8da32941e433dc38ba9991Zbigniew Jędrzejewski-Szmek messages, mimicking dmesg output; in addition to "--user"
1fda0ab5fc9cf7454c8da32941e433dc38ba9991Zbigniew Jędrzejewski-Szmek and "--system" switches for showing only user's own logs
1fda0ab5fc9cf7454c8da32941e433dc38ba9991Zbigniew Jędrzejewski-Szmek and system logs.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * systemd-delta can now show information about drop-in
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering snippets extending unit files.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * libsystemd-bus has been substantially updated but is still
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering not available as public API.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * systemd will now look for the "debug" argument on the kernel
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek command line and enable debug logging, similar to what
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering "systemd.log_level=debug" already did before.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * "systemctl set-default", "systemctl get-default" has been
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering added to configure the default.target symlink, which
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering controls what to boot into by default.
1fda0ab5fc9cf7454c8da32941e433dc38ba9991Zbigniew Jędrzejewski-Szmek * "systemctl set-log-level" has been added as a convenient
1fda0ab5fc9cf7454c8da32941e433dc38ba9991Zbigniew Jędrzejewski-Szmek way to raise and lower systemd logging threshold.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * "systemd-analyze plot" will now show the time the various
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering generators needed for execution, as well as information
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering about the unit file loading.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * libsystemd-journal gained a new sd_journal_open_files() call
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering for opening specific journal files. journactl also gained a
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering new switch to expose this new functionality. Previously we
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering only supported opening all files from a directory, or all
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering files from the system, as opening individual files only is
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering racy due to journal file rotation.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * systemd gained the new DefaultEnvironment= setting in
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering /etc/systemd/system.conf to set environment variables for
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * If a privileged process logs a journal message with the
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering OBJECT_PID= field set, then journald will automatically
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering augment this with additional OBJECT_UID=, OBJECT_GID=,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering OBJECT_COMM=, OBJECT_EXE=, ... fields. This is useful if
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering system services want to log events about specific client
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering processes. journactl/systemctl has been updated to make use
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering of this information if all log messages regarding a specific
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering unit is requested.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Contributions from: Auke Kok, Chengwei Yang, Colin Walters,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Cristian Rodríguez, Daniel Albers, Daniel Wallace, Dave
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Reisner, David Coppa, David King, David Strauss, Eelco
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Dolstra, Gabriel de Perthuis, Harald Hoyer, Jan Alexander
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Steffens, Jan Engelhardt, Jan Janssen, Jason St. John, Johan
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Heikkilä, Karel Zak, Karol Lewandowski, Kay Sievers, Lennart
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Poettering, Lukas Nykryn, Mantas Mikulėnas, Marius Vollmer,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Martin Pitt, Michael Biebl, Michael Olbrich, Michael Tremer,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Michal Schmidt, Michał Bartoszkiewicz, Nirbheek Chauhan,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Pierre Neidhardt, Ross Burton, Ross Lagerwall, Sean McGovern,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Václav Pavlín, Zachary Cook, Zbigniew Jędrzejewski-Szmek,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Łukasz Stelmach, 장동준
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart PoetteringCHANGES WITH 204:
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering * The Python bindings gained some minimal support for the APIs
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering exposed by libsystemd-logind.
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering * ConditionSecurity= gained support for detecting SMACK. Since
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering this condition already supports SELinux and AppArmor we only
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering miss IMA for this. Patches welcome!
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering Contributions from: Karol Lewandowski, Lennart Poettering,
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering Zbigniew Jędrzejewski-Szmek
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart PoetteringCHANGES WITH 203:
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * systemd-nspawn will now create /etc/resolv.conf if
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering necessary, before bind-mounting the host's file onto it.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * systemd-nspawn will now store meta information about a
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering container on the container's cgroup as extended attribute
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering fields, including the root directory.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * The cgroup hierarchy has been reworked in many ways. All
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering objects any of the components systemd creates in the cgroup
b82eed9af95668ab38cac33c7996e4d665f8709aLennart Poettering tree are now suffixed. More specifically, user sessions are
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering now placed in cgroups suffixed with ".session", users in
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering cgroups suffixed with ".user", and nspawn containers in
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering cgroups suffixed with ".nspawn". Furthermore, all cgroup
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering names are now escaped in a simple scheme to avoid collision
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering of userspace object names with kernel filenames. This work
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering is preparation for making these objects relocatable in the
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering cgroup tree, in order to allow easy resource partitioning of
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering these objects without causing naming conflicts.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * systemctl list-dependencies gained the new switches
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering --plain, --reverse, --after and --before.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * systemd-inhibit now shows the process name of processes that
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering have taken an inhibitor lock.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * nss-myhostname will now also resolve "localhost"
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering implicitly. This makes /etc/hosts an optional file and
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering nicely handles that on IPv6 ::1 maps to both "localhost" and
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering the local hostname.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * libsystemd-logind.so gained a new call
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering sd_get_machine_names() to enumerate running containers and
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering VMs (currently only supported by very new libvirt and
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering nspawn). sd_login_monitor can now be used to watch
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering VMs/containers coming and going.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * .include is not allowed recursively anymore, and only in
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering unit files. Usually it is better to use drop-in snippets in
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering .d/*.conf anyway, as introduced with systemd 198.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * systemd-analyze gained a new "critical-chain" command that
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering determines the slowest chain of units run during system
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering boot-up. It is very useful for tracking down where
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering optimizing boot time is the most beneficial.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * systemd will no longer allow manipulating service paths in
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering the name=systemd:/system cgroup tree using ControlGroup= in
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering units. (But is still fine with it in all other dirs.)
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * There's a new systemd-nspawn@.service service file that may
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering be used to easily run nspawn containers as system
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering services. With the container's root directory in
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering /var/lib/container/foobar it is now sufficient to run
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering "systemctl start systemd-nspawn@foobar.service" to boot it.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * systemd-cgls gained a new parameter "--machine" to list only
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering the processes within a certain container.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * ConditionSecurity= now can check for "apparmor". We still
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering are lacking checks for SMACK and IMA for this condition
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering check though. Patches welcome!
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * A new configuration file /etc/systemd/sleep.conf has been
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering added that may be used to configure which kernel operation
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering systemd is supposed to execute when "suspend", "hibernate"
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering or "hybrid-sleep" is requested. This makes the new kernel
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering "freeze" state accessible to the user.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * ENV{SYSTEMD_WANTS} in udev rules will now implicitly escape
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering the passed argument if applicable.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering Contributions from: Auke Kok, Colin Guthrie, Colin Walters,
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering Cristian Rodríguez, Daniel Buch, Daniel Wallace, Dave Reisner,
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering Evangelos Foutras, Greg Kroah-Hartman, Harald Hoyer, Josh
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering Triplett, Kay Sievers, Lennart Poettering, Lukas Nykryn,
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering MUNEDA Takahiro, Mantas Mikulėnas, Mirco Tischler, Nathaniel
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering Chen, Nirbheek Chauhan, Ronny Chevalier, Ross Lagerwall, Tom
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering Gundersen, Umut Tezduyar, Ville Skyttä, Zbigniew
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering Jędrzejewski-Szmek
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart PoetteringCHANGES WITH 202:
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * The output of 'systemctl list-jobs' got some polishing. The
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering '--type=' argument may now be passed more than once. A new
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering command 'systemctl list-sockets' has been added which shows
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering a list of kernel sockets systemd is listening on with the
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering socket units they belong to, plus the units these socket
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering units activate.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * The experimental libsystemd-bus library got substantial
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering updates to work in conjunction with the (also experimental)
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering kdbus kernel project. It works well enough to exchange
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering messages with some sophistication. Note that kdbus is not
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering ready yet, and the library is mostly an elaborate test case
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering for now, and not installable.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * systemd gained a new unit 'systemd-static-nodes.service'
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering that generates static device nodes earlier during boot, and
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering can run in conjunction with udev.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * libsystemd-login gained a new call sd_pid_get_user_unit()
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering to retrieve the user systemd unit a process is running
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering in. This is useful for systems where systemd is used as
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering session manager.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * systemd-nspawn now places all containers in the new /machine
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering top-level cgroup directory in the name=systemd
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering hierarchy. libvirt will soon do the same, so that we get a
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering uniform separation of /system, /user and /machine for system
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering services, user processes and containers/virtual
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering machines. This new cgroup hierarchy is also useful to stick
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering stable names to specific container instances, which can be
7c04ad2da1cf08ebf53b9aa9671c8c1dc9577135Lennart Poettering recognized later this way (this name may be controlled
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering via systemd-nspawn's new -M switch). libsystemd-login also
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering gained a new call sd_pid_get_machine_name() to retrieve the
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering name of the container/VM a specific process belongs to.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * bootchart can now store its data in the journal.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * libsystemd-journal gained a new call
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering sd_journal_add_conjunction() for AND expressions to the
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering matching logic. This can be used to express more complex
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering logical expressions.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * journactl can now take multiple --unit= and --user-unit=
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * The cryptsetup logic now understands the "luks.key=" kernel
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering command line switch for specifying a file to read the
7c04ad2da1cf08ebf53b9aa9671c8c1dc9577135Lennart Poettering decryption key from. Also, if a configured key file is not
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering found the tool will now automatically fall back to prompting
cbeabcfbc5a5fa27385e5794780e8f034e090606Zbigniew Jędrzejewski-Szmek * Python systemd.journal module was updated to wrap recently
cbeabcfbc5a5fa27385e5794780e8f034e090606Zbigniew Jędrzejewski-Szmek added functions from libsystemd-journal. The interface was
cbeabcfbc5a5fa27385e5794780e8f034e090606Zbigniew Jędrzejewski-Szmek changed to bring the low level interface in s.j._Reader
cbeabcfbc5a5fa27385e5794780e8f034e090606Zbigniew Jędrzejewski-Szmek closer to the C API, and the high level interface in
cbeabcfbc5a5fa27385e5794780e8f034e090606Zbigniew Jędrzejewski-Szmek s.j.Reader was updated to wrap and convert all data about
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering Contributions from: Anatol Pomozov, Auke Kok, Harald Hoyer,
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering Henrik Grindal Bakken, Josh Triplett, Kay Sievers, Lennart
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering Poettering, Lukas Nykryn, Mantas Mikulėnas Marius Vollmer,
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering Martin Jansa, Martin Pitt, Michael Biebl, Michal Schmidt,
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering Mirco Tischler, Pali Rohar, Simon Peeters, Steven Hiscocks,
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering Tom Gundersen, Zbigniew Jędrzejewski-Szmek
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart PoetteringCHANGES WITH 201:
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * journalctl --update-catalog now understands a new --root=
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering option to operate on catalogs found in a different root
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * During shutdown after systemd has terminated all running
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering services a final killing loop kills all remaining left-over
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering processes. We will now print the name of these processes
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering when we send SIGKILL to them, since this usually indicates a
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * If /etc/crypttab refers to password files stored on
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering configured mount points automatic dependencies will now be
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering generated to ensure the specific mount is established first
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering before the key file is attempted to be read.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * 'systemctl status' will now show information about the
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering network sockets a socket unit is listening on.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * 'systemctl status' will also shown information about any
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering drop-in configuration file for units. (Drop-In configuration
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering files in this context are files such as
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering /etc/systemd/systemd/foobar.service.d/*.conf)
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * systemd-cgtop now optionally shows summed up CPU times of
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering cgroups. Press '%' while running cgtop to switch between
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering percentage and absolute mode. This is useful to determine
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering which cgroups use up the most CPU time over the entire
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering runtime of the system. systemd-cgtop has also been updated
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering to be 'pipeable' for processing with further shell tools.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * 'hostnamectl set-hostname' will now allow setting of FQDN
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * The formatting and parsing of time span values has been
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering changed. The parser now understands fractional expressions
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering such as "5.5h". The formatter will now output fractional
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering expressions for all time spans under 1min, i.e. "5.123456s"
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering rather than "5s 123ms 456us". For time spans under 1s
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering millisecond values are shown, for those under 1ms
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering microsecond values are shown. This should greatly improve
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering all time-related output of systemd.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * libsystemd-login and libsystemd-journal gained new
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering functions for querying the poll() events mask and poll()
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering timeout value for integration into arbitrary event
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * localectl gained the ability to list available X11 keymaps
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering (models, layouts, variants, options).
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * 'systemd-analyze dot' gained the ability to filter for
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering specific units via shell-style globs, to create smaller,
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt more useful graphs. I.e. it is now possible to create simple
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering graphs of all the dependencies between only target units, or
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering of all units that Avahi has dependencies with.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering Contributions from: Cristian Rodríguez, Dr. Tilmann Bubeck,
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering Harald Hoyer, Holger Hans Peter Freyther, Kay Sievers, Kelly
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering Anderson, Koen Kooi, Lennart Poettering, Maksim Melnikau,
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering Marc-Antoine Perennou, Marius Vollmer, Martin Pitt, Michal
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering Schmidt, Oleksii Shevchuk, Ronny Chevalier, Simon McVittie,
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering Steven Hiscocks, Thomas Weißschuh, Umut Tezduyar, Václav
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering Pavlín, Zbigniew Jędrzejewski-Szmek, Łukasz Stelmach
9ca3c17f207121b3c19a44217558b056a7585944Lennart PoetteringCHANGES WITH 200:
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering * The boot-time readahead implementation for rotating media
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering will now read the read-ahead data in multiple passes which
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering consist of all read requests made in equidistant time
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering intervals. This means instead of strictly reading read-ahead
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering data in its physical order on disk we now try to find a
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering middle ground between physical and access time order.
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering * /etc/os-release files gained a new BUILD_ID= field for usage
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering on operating systems that provide continuous builds of OS
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering Contributions from: Auke Kok, Eelco Dolstra, Kay Sievers,
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering Lennart Poettering, Lukas Nykryn, Martin Pitt, Václav Pavlín
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering William Douglas, Zbigniew Jędrzejewski-Szmek
35911459410714a0e9108b35da78f96919b65ee7Lennart PoetteringCHANGES WITH 199:
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * systemd-python gained an API exposing libsystemd-daemon.
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * The SMACK setup logic gained support for uploading CIPSO
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering security policy.
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * Behaviour of PrivateTmp=, ReadWriteDirectories=,
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering ReadOnlyDirectories= and InaccessibleDirectories= has
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering changed. The private /tmp and /var/tmp directories are now
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering shared by all processes of a service (which means
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering ExecStartPre= may now leave data in /tmp that ExecStart= of
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering the same service can still access). When a service is
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering stopped its temporary directories are immediately deleted
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek (normal clean-up with tmpfiles is still done in addition to
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * By default, systemd will now set a couple of sysctl
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering variables in the kernel: the safe sysrq options are turned
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering on, IP route verification is turned on, and source routing
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering disabled. The recently added hardlink and softlink
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering protection of the kernel is turned on. These settings should
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering be reasonably safe, and good defaults for all new systems.
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * The predictable network naming logic may now be turned off
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek with a new kernel command line switch: net.ifnames=0.
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * A new libsystemd-bus module has been added that implements a
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering pretty complete D-Bus client library. For details see:
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering http://lists.freedesktop.org/archives/systemd-devel/2013-March/009797.html
c20d8298029a39cc3e9602b30a4d23b951e11df8Kay Sievers * journald will now explicitly flush the journal files to disk
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek at the latest 5min after each write. The file will then also
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek be marked offline until the next write. This should increase
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek reliability in case of a crash. The synchronization delay
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek can be configured via SyncIntervalSec= in journald.conf.
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * There's a new remote-fs-setup.target unit that can be used
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering to pull in specific services when at least one remote file
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering system is to be mounted.
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * There are new targets timers.target and paths.target as
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering canonical targets to pull user timer and path units in
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering from. This complements sockets.target with a similar
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering purpose for socket units.
6a7d3d68bf1ae9bcdaa3a17bc76f72bb7b988ec4Lennart Poettering * libudev gained a new call udev_device_set_attribute_value()
6a7d3d68bf1ae9bcdaa3a17bc76f72bb7b988ec4Lennart Poettering to set sysfs attributes of a device.
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek * The udev daemon now sets the default number of worker
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek processes executed in parallel based on the number of available
c20d8298029a39cc3e9602b30a4d23b951e11df8Kay Sievers CPUs instead of the amount of available RAM. This is supposed
ab06eef8101866dd1337c4759002f7360a9db416Anatol Pomozov to provide a more reliable default and limit a too aggressive
c20d8298029a39cc3e9602b30a4d23b951e11df8Kay Sievers paralellism for setups with 1000s of devices connected.
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Contributions from: Auke Kok, Colin Walters, Cristian
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Rodríguez, Daniel Buch, Dave Reisner, Frederic Crozat, Hannes
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Reinecke, Harald Hoyer, Jan Alexander Steffens, Jan
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Engelhardt, Josh Triplett, Kay Sievers, Lennart Poettering,
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Mantas Mikulėnas, Martin Pitt, Mathieu Bridon, Michael Biebl,
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Michal Schmidt, Michal Sekletar, Miklos Vajna, Nathaniel Chen,
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Oleksii Shevchuk, Ozan Çağlayan, Thomas Hindoe Paaboel
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Andersen, Tollef Fog Heen, Tom Gundersen, Umut Tezduyar,
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Zbigniew Jędrzejewski-Szmek
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart PoetteringCHANGES WITH 198:
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * Configuration of unit files may now be extended via drop-in
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering files without having to edit/override the unit files
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering themselves. More specifically, if the administrator wants to
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering change one value for a service file foobar.service he can
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering now do so by dropping in a configuration snippet into
ad88e758d1b08a21d25971b074e119c167757109Zbigniew Jędrzejewski-Szmek /etc/systemd/system/foobar.service.d/*.conf. The unit logic
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering will load all these snippets and apply them on top of the
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering main unit configuration file, possibly extending or
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering overriding its settings. Using these drop-in snippets is
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers generally nicer than the two earlier options for changing
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers unit files locally: copying the files from
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering /usr/lib/systemd/system/ to /etc/systemd/system/ and editing
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering them there; or creating a new file in /etc/systemd/system/
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering that incorporates the original one via ".include". Drop-in
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering snippets into these .d/ directories can be placed in any
fd86897568f7a1aed7ffe4c54ace6c158ddbdf7dKay Sievers directory systemd looks for units in, and the usual
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering overriding semantics between /usr/lib, /etc and /run apply
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * Most unit file settings which take lists of items can now be
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering reset by assigning the empty string to them. For example,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering normally, settings such as Environment=FOO=BAR append a new
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering environment variable assignment to the environment block,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering each time they are used. By assigning Environment= the empty
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering string the environment block can be reset to empty. This is
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering particularly useful with the .d/*.conf drop-in snippets
156f7d09add8fc93cae8a3f13adcb2564931fee4Kay Sievers mentioned above, since this adds the ability to reset list
156f7d09add8fc93cae8a3f13adcb2564931fee4Kay Sievers settings from vendor unit files via these drop-ins.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * systemctl gained a new "list-dependencies" command for
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering listing the dependencies of a unit recursively.
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers * Inhibitors are now honored and listed by "systemctl
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering suspend", "systemctl poweroff" (and similar) too, not only
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering GNOME. These commands will also list active sessions by
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * Resource limits (as exposed by the various control group
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering controllers) can now be controlled dynamically at runtime
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering for all units. More specifically, you can now use a command
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering like "systemctl set-cgroup-attr foobar.service cpu.shares
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering 2000" to alter the CPU shares a specific service gets. These
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering settings are stored persistently on disk, and thus allow the
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering administrator to easily adjust the resource usage of
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering services with a few simple commands. This dynamic resource
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering management logic is also available to other programs via the
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering bus. Almost any kernel cgroup attribute and controller is
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * systemd-vconsole-setup will now copy all font settings to
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering all allocated VTs, where it previously applied them only to
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering the foreground VT.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * libsystemd-login gained the new sd_session_get_tty() API
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering * This release drops support for a few legacy or
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering distribution-specific LSB facility names when parsing init
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering scripts: $x-display-manager, $mail-transfer-agent,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering $mail-transport-agent, $mail-transfer-agent, $smtp,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering $null. Also, the mail-transfer-agent.target unit backing
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering this has been removed. Distributions which want to retain
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering compatibility with this should carry the burden for
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering supporting this themselves and patch support for these back
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering in, if they really need to. Also, the facilities $syslog and
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering $local_fs are now ignored, since systemd does not support
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering early-boot LSB init scripts anymore, and these facilities
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering are implied anyway for normal services. syslog.target has
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering also been removed.
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers * There are new bus calls on PID1's Manager object for
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering cancelling jobs, and removing snapshot units. Previously,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering both calls were only available on the Job and Snapshot
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering objects themselves.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * systemd-journal-gatewayd gained SSL support.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * The various "environment" files, such as /etc/locale.conf
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering now support continuation lines with a backslash ("\") as
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek last character in the line, similarly in style (but different)
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering to how this is supported in shells.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * For normal user processes the _SYSTEMD_USER_UNIT= field is
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering now implicitly appended to every log entry logged. systemctl
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering has been updated to filter by this field when operating on a
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering user systemd instance.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * nspawn will now implicitly add the CAP_AUDIT_WRITE and
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering CAP_AUDIT_CONTROL capabilities to the capabilities set for
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering the container. This makes it easier to boot unmodified
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Fedora systems in a container, which however still requires
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering audit=0 to be passed on the kernel command line. Auditing in
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering kernel and userspace is unfortunately still too broken in
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering context of containers, hence we recommend compiling it out
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering of the kernel or using audit=0. Hopefully this will be fixed
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering one day for good in the kernel.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * nspawn gained the new --bind= and --bind-ro= parameters to
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering bind mount specific directories from the host into the
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers * nspawn will now mount its own devpts file system instance
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering into the container, in order not to leak pty devices from
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering the host into the container.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * systemd will now read the firmware boot time performance
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering information from the EFI variables, if the used boot loader
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering supports this, and takes it into account for boot performance
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering analysis via "systemd-analyze". This is currently supported
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering only in conjunction with Gummiboot, but could be supported
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering by other boot loaders too. For details see:
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering http://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * A new generator has been added that automatically mounts the
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering EFI System Partition (ESP) to /boot, if that directory
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering exists, is empty, and no other file system has been
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering configured to be mounted there.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * logind will now send out PrepareForSleep(false) out
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering unconditionally, after coming back from suspend. This may be
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering used by applications as asynchronous notification for
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering system resume events.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * "systemctl unlock-sessions" has been added, that allows
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering unlocking the screens of all user sessions at once, similar
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek to how "systemctl lock-sessions" already locked all users
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers sessions. This is backed by a new D-Bus call UnlockSessions().
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * "loginctl seat-status" will now show the master device of a
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering seat. (i.e. the device of a seat that needs to be around for
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering the seat to be considered available, usually the graphics
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * tmpfiles gained a new "X" line type, that allows
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering configuration of files and directories (with wildcards) that
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering shall be excluded from automatic cleanup ("aging").
bf9335608821264163058a8b036a00775a8ffbe4Kay Sievers * udev default rules set the device node permissions now only
bf9335608821264163058a8b036a00775a8ffbe4Kay Sievers at "add" events, and do not change them any longer with a
bf9335608821264163058a8b036a00775a8ffbe4Kay Sievers later "change" event.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * The log messages for lid events and power/sleep keypresses
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering now carry a message ID.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * We now have a substantially larger unit test suite, but this
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering continues to be work in progress.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * udevadm hwdb gained a new --root= parameter to change the
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering root directory to operate relative to.
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers * logind will now issue a background sync() request to the kernel
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers early at shutdown, so that dirty buffers are flushed to disk early
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering instead of at the last moment, in order to optimize shutdown
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering times a little.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * A new bootctl tool has been added that is an interface for
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering certain boot loader operations. This is currently a preview
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering and is likely to be extended into a small mechanism daemon
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering like timedated, localed, hostnamed, and can be used by
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering graphical UIs to enumerate available boot options, and
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering request boot into firmware operations.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * systemd-bootchart has been relicensed to LGPLv2.1+ to match
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering the rest of the package. It also has been updated to work
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering correctly in initrds.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * Policykit previously has been runtime optional, and is now
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering also compile time optional via a configure switch.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * systemd-analyze has been reimplemented in C. Also "systemctl
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering dot" has moved into systemd-analyze.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * "systemctl status" with no further parameters will now print
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering the status of all active or failed units.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * Operations such as "systemctl start" can now be executed
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering with a new mode "--irreversible" which may be used to queue
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering operations that cannot accidentally be reversed by a later
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering job queuing. This is by default used to make shutdown
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering requests more robust.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * The Python API of systemd now gained a new module for
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering reading journal files.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * A new tool kernel-install has been added that can install
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering kernel images according to the Boot Loader Specification:
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * Boot time console output has been improved to provide
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering animated boot time output for hanging jobs.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * A new tool systemd-activate has been added which can be used
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering to test socket activation with, directly from the command
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering line. This should make it much easier to test and debug
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering socket activation in daemons.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * journalctl gained a new "--reverse" (or -r) option to show
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering journal output in reverse order (i.e. newest line first).
43447fb72693d62363a1a271dacc70d400ed685bLennart Poettering * journalctl gained a new "--pager-end" (or -e) option to jump
43447fb72693d62363a1a271dacc70d400ed685bLennart Poettering to immediately jump to the end of the journal in the
43447fb72693d62363a1a271dacc70d400ed685bLennart Poettering pager. This is only supported in conjunction with "less".
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * journalctl gained a new "--user-unit=" option, that works
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek similarly to "--unit=" but filters for user units rather than
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * A number of unit files to ease adoption of systemd in
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering initrds has been added. This moves some minimal logic from
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering the various initrd implementations into systemd proper.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * The journal files are now owned by a new group
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering "systemd-journal", which exists specifically to allow access
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering to the journal, and nothing else. Previously, we used the
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering "adm" group for that, which however possibly covers more
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering than just journal/log file access. This new group is now
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering already used by systemd-journal-gatewayd to ensure this
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering daemon gets access to the journal files and as little else
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering as possible. Note that "make install" will also set FS ACLs
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering up for /var/log/journal to give "adm" and "wheel" read
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering access to it, in addition to "systemd-journal" which owns
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering the journal files. We recommend that packaging scripts also
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering add read access to "adm" + "wheel" to /var/log/journal, and
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering all existing/future journal files. To normal users and
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering administrators little changes, however packagers need to
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering ensure to create the "systemd-journal" system group at
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering package installation time.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * The systemd-journal-gatewayd now runs as unprivileged user
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering systemd-journal-gateway:systemd-journal-gateway. Packaging
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering scripts need to create these system user/group at
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering installation time.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * timedated now exposes a new boolean property CanNTP that
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering indicates whether a local NTP service is available or not.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * systemd-detect-virt will now also detect xen PVs
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers * The pstore file system is now mounted by default, if it is
1aed45907715ad4dce7dbc84a957cd5de8cca36eLennart Poettering * In addition to the SELinux and IMA policies we will now also
1aed45907715ad4dce7dbc84a957cd5de8cca36eLennart Poettering load SMACK policies at early boot.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Contributions from: Adel Gadllah, Aleksander Morgado, Auke
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Kok, Ayan George, Bastien Nocera, Colin Walters, Daniel Buch,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Daniel Wallace, Dave Reisner, David Herrmann, David Strauss,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Eelco Dolstra, Enrico Scholz, Frederic Crozat, Harald Hoyer,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Jan Janssen, Jonathan Callen, Kay Sievers, Lennart Poettering,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Lukas Nykryn, Mantas Mikulėnas, Marc-Antoine Perennou, Martin
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Pitt, Mauro Dreissig, Max F. Albrecht, Michael Biebl, Michael
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Olbrich, Michal Schmidt, Michal Sekletar, Michal Vyskocil,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Michał Bartoszkiewicz, Mirco Tischler, Nathaniel Chen, Nestor
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Ovroy, Oleksii Shevchuk, Paul W. Frields, Piotr Drąg, Rob
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Clark, Ryan Lortie, Simon McVittie, Simon Peeters, Steven
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Hiscocks, Thomas Hindoe Paaboel Andersen, Tollef Fog Heen, Tom
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Gundersen, Umut Tezduyar, William Giokas, Zbigniew
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Jędrzejewski-Szmek, Zeeshan Ali (Khattak)
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart PoetteringCHANGES WITH 197:
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * Timer units now support calendar time events in addition to
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering monotonic time events. That means you can now trigger a unit
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering based on a calendar time specification such as "Thu,Fri
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering 2013-*-1,5 11:12:13" which refers to 11:12:13 of the first
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering or fifth day of any month of the year 2013, given that it is
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering a thursday or friday. This brings timer event support
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering considerably closer to cron's capabilities. For details on
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering the supported calendar time specification language see
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * udev now supports a number of different naming policies for
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering network interfaces for predictable names, and a combination
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering of these policies is now the default. Please see this wiki
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering document for details:
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * Auke Kok's bootchart implementation has been added to the
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt systemd tree. It is an optional component that can graph the
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt boot in quite some detail. It is one of the best bootchart
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering implementations around and minimal in its code and
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * nss-myhostname has been integrated into the systemd source
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering tree. nss-myhostname guarantees that the local hostname
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering always stays resolvable via NSS. It has been a weak
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering requirement of systemd-hostnamed since a long time, and
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering since its code is actually trivial we decided to just
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering include it in systemd's source tree. It can be turned off
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering with a configure switch.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * The read-ahead logic is now capable of properly detecting
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering whether a btrfs file system is on SSD or rotating media, in
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering order to optimize the read-ahead scheme. Previously, it was
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering only capable of detecting this on traditional file systems
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * In udev, additional device properties are now read from the
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering IAB in addition to the OUI database. Also, Bluetooth company
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering identities are attached to the devices as well.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * In service files %U may be used as specifier that is
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering replaced by the configured user name of the service.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * nspawn may now be invoked without a controlling TTY. This
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering makes it suitable for invocation as its own service. This
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering may be used to set up a simple containerized server system
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering using only core OS tools.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * systemd and nspawn can now accept socket file descriptors
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering when they are started for socket activation. This enables
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering implementation of socket activated nspawn
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering containers. i.e. think about autospawning an entire OS image
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering when the first SSH or HTTP connection is received. We expect
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering that similar functionality will also be added to libvirt-lxc
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * journalctl will now suppress ANSI color codes when
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering presenting log data.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * systemctl will no longer show control group information for
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering a unit if a the control group is empty anyway.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * logind can now automatically suspend/hibernate/shutdown the
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering system on idle.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * /etc/machine-info and hostnamed now also expose the chassis
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering type of the system. This can be used to determine whether
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering the local system is a laptop, desktop, handset or
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering tablet. This information may either be configured by the
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering user/vendor or is automatically determined from ACPI and DMI
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering information if possible.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * A number of PolicyKit actions are now bound together with
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering "imply" rules. This should simplify creating UIs because
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering many actions will now authenticate similar ones as well.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * Unit files learnt a new condition ConditionACPower= which
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering may be used to conditionalize a unit depending on whether an
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering AC power source is connected or not, of whether the system
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering is running on battery power.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * systemctl gained a new "is-failed" verb that may be used in
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering shell scripts and suchlike to check whether a specific unit
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering is in the "failed" state.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * The EnvironmentFile= setting in unit files now supports file
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering globbing, and can hence be used to easily read a number of
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering environment files at once.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * systemd will no longer detect and recognize specific
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering distributions. All distribution-specific #ifdeffery has been
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering removed, systemd is now fully generic and
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering distribution-agnostic. Effectively, not too much is lost as
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering a lot of the code is still accessible via explicit configure
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering switches. However, support for some distribution specific
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering legacy configuration file formats has been dropped. We
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering recommend distributions to simply adopt the configuration
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering files everybody else uses now and convert the old
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering configuration from packaging scripts. Most distributions
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering already did that. If that's not possible or desirable,
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering distributions are welcome to forward port the specific
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering pieces of code locally from the git history.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * When logging a message about a unit systemd will now always
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering log the unit name in the message meta data.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * localectl will now also discover system locale data that is
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering not stored in locale archives, but directly unpacked.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * logind will no longer unconditionally use framebuffer
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering devices as seat masters, i.e. as devices that are required
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering to be existing before a seat is considered preset. Instead,
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering it will now look for all devices that are tagged as
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering "seat-master" in udev. By default framebuffer devices will
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering be marked as such, but depending on local systems other
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering devices might be marked as well. This may be used to
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering integrate graphics cards using closed source drivers (such
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering as NVidia ones) more nicely into logind. Note however, that
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering we recommend using the open source NVidia drivers instead,
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering and no udev rules for the closed-source drivers will be
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering shipped from us upstream.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Contributions from: Adam Williamson, Alessandro Crismani, Auke
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Kok, Colin Walters, Daniel Wallace, Dave Reisner, David
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Herrmann, David Strauss, Dimitrios Apostolou, Eelco Dolstra,
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Eric Benoit, Giovanni Campagna, Hannes Reinecke, Henrik
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Grindal Bakken, Hermann Gausterer, Kay Sievers, Lennart
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Poettering, Lukas Nykryn, Mantas Mikulėnas, Marcel Holtmann,
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Martin Pitt, Matthew Monaco, Michael Biebl, Michael Terry,
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Michal Schmidt, Michal Sekletar, Michał Bartoszkiewicz, Oleg
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Samarin, Pekka Lundstrom, Philip Nilsson, Ramkumar
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Ramachandra, Richard Yao, Robert Millan, Sami Kerola, Shawn
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Landden, Thomas Hindoe Paaboel Andersen, Thomas Jarosch,
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Tollef Fog Heen, Tom Gundersen, Umut Tezduyar, Zbigniew
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Jędrzejewski-Szmek
0428ddb729d12563b827510e04663de9cb4056f3Lennart PoetteringCHANGES WITH 196:
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * udev gained support for loading additional device properties
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering from an indexed database that is keyed by vendor/product IDs
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering and similar device identifiers. For the beginning this
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering "hwdb" is populated with data from the well-known PCI and
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering USB database, but also includes PNP, ACPI and OID data. In
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering the longer run this indexed database shall grow into
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering becoming the one central database for non-essential
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering userspace device metadata. Previously, data from the PCI/USB
96ec33c079caacdf9c7cdfb2cad2f1bc48dfca65Lennart Poettering database was only attached to select devices, since the
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering lookup was a relatively expensive operation due to O(n) time
96ec33c079caacdf9c7cdfb2cad2f1bc48dfca65Lennart Poettering complexity (with n being the number of entries in the
96ec33c079caacdf9c7cdfb2cad2f1bc48dfca65Lennart Poettering database). Since this is now O(1), we decided to add in this
96ec33c079caacdf9c7cdfb2cad2f1bc48dfca65Lennart Poettering data for all devices where this is available, by
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering default. Note that the indexed database needs to be rebuilt
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering when new data files are installed. To achieve this you need
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering to update your packaging scripts to invoke "udevadm hwdb
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering --update" after installation of hwdb data files. For
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering RPM-based distributions we introduced the new
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering %udev_hwdb_update macro for this purpose.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * The Journal gained support for the "Message Catalog", an
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering indexed database to link up additional information with
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering journal entries. For further details please check:
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering http://www.freedesktop.org/wiki/Software/systemd/catalog
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering The indexed message catalog database also needs to be
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering rebuilt after installation of message catalog files. Use
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering "journalctl --update-catalog" for this. For RPM-based
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering distributions we introduced the %journal_catalog_update
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering macro for this purpose.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * The Python Journal bindings gained support for the standard
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering Python logging framework.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * The Journal API gained new functions for checking whether
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering the underlying file system of a journal file is capable of
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering properly reporting file change notifications, or whether
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering applications that want to reflect journal changes "live"
ab06eef8101866dd1337c4759002f7360a9db416Anatol Pomozov need to recheck journal files continuously in appropriate
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering time intervals.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * It is now possible to set the "age" field for tmpfiles
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering entries to 0, indicating that files matching this entry
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering shall always be removed when the directories are cleaned up.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * coredumpctl gained a new "gdb" verb which invokes gdb
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering right-away on the selected coredump.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * There's now support for "hybrid sleep" on kernels that
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering support this, in addition to "suspend" and "hibernate". Use
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering "systemctl hybrid-sleep" to make use of this.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * logind's HandleSuspendKey= setting (and related settings)
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering now gained support for a new "lock" setting to simply
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering request the screen lock on all local sessions, instead of
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering actually executing a suspend or hibernation.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * systemd will now mount the EFI variables file system by
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * Socket units now gained support for configuration of the
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering SMACK security label.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * timedatectl will now output the time of the last and next
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering daylight saving change.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * We dropped support for various legacy and distro-specific
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering concepts, such as insserv, early-boot SysV services
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering (i.e. those for non-standard runlevels such as 'b' or 'S')
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering or ArchLinux /etc/rc.conf support. We recommend the
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering distributions who still need support this to either continue
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering to maintain the necessary patches downstream, or find a
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering different solution. (Talk to us if you have questions!)
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * Various systemd components will now bypass PolicyKit checks
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering for root and otherwise handle properly if PolicyKit is not
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering found to be around. This should fix most issues for
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering PolicyKit-less systems. Quite frankly this should have been
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering this way since day one. It is absolutely our intention to
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering make systemd work fine on PolicyKit-less systems, and we
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt consider it a bug if something does not work as it should if
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering PolicyKit is not around.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * For embedded systems it is now possible to build udev and
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering systemd without blkid and/or kmod support.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * "systemctl switch-root" is now capable of switching root
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering more than once. I.e. in addition to transitions from the
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering initrd to the host OS it is now possible to transition to
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering further OS images from the host. This is useful to implement
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering offline updating tools.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * Various other additions have been made to the RPM macros
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering shipped with systemd. Use %udev_rules_update() after
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering installing new udev rules files. %_udevhwdbdir,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering %_udevrulesdir, %_journalcatalogdir, %_tmpfilesdir,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering %_sysctldir are now available which resolve to the right
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering directories for packages to place various data files in.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * journalctl gained the new --full switch (in addition to
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering --all, to disable ellipsation for long messages.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering Contributions from: Anders Olofsson, Auke Kok, Ben Boeckel,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering Colin Walters, Cosimo Cecchi, Daniel Wallace, Dave Reisner,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering Eelco Dolstra, Holger Hans Peter Freyther, Kay Sievers,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering Chun-Yi Lee, Lekensteyn, Lennart Poettering, Mantas Mikulėnas,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering Marti Raudsepp, Martin Pitt, Mauro Dreissig, Michael Biebl,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering Michal Schmidt, Michal Sekletar, Miklos Vajna, Nis Martensen,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering Oleksii Shevchuk, Olivier Brunel, Ramkumar Ramachandra, Thomas
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering Bächler, Thomas Hindoe Paaboel Andersen, Tom Gundersen, Tony
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering Camuso, Umut Tezduyar, Zbigniew Jędrzejewski-Szmek
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart PoetteringCHANGES WITH 195:
6827101ab4df4730a22062f4b3a8f8c2bae5be28Zbigniew Jędrzejewski-Szmek * journalctl gained new --since= and --until= switches to
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering filter by time. It also now supports nice filtering for
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering units via --unit=/-u.
6827101ab4df4730a22062f4b3a8f8c2bae5be28Zbigniew Jędrzejewski-Szmek * Type=oneshot services may use ExecReload= and do the
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * The journal daemon now supports time-based rotation and
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering vacuuming, in addition to the usual disk-space based
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * The journal will now index the available field values for
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering each field name. This enables clients to show pretty drop
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering downs of available match values when filtering. The bash
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering completion of journalctl has been updated
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering accordingly. journalctl gained a new switch -F to list all
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering values a certain field takes in the journal database.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * More service events are now written as structured messages
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering to the journal, and made recognizable via message IDs.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * The timedated, localed and hostnamed mini-services which
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering previously only provided support for changing time, locale
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering and hostname settings from graphical DEs such as GNOME now
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering also have a minimal (but very useful) text-based client
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering utility each. This is probably the nicest way to changing
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering these settings from the command line now, especially since
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering it lists available options and is fully integrated with bash
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * There's now a new tool "systemd-coredumpctl" to list and
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering extract coredumps from the journal.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * We now install a README each in /var/log/ and
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering /etc/rc.d/init.d explaining where the system logs and init
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering scripts went. This hopefully should help folks who go to
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering that dirs and look into the otherwise now empty void and
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering scratch their heads.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * When user-services are invoked (by systemd --user) the
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering $MANAGERPID env var is set to the PID of systemd.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * SIGRTMIN+24 when sent to a --user instance will now result
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering in immediate termination of systemd.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * gatewayd received numerous feature additions such as a
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering "follow" mode, for live syncing and filtering.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * browse.html now allows filtering and showing detailed
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering information on specific entries. Keyboard navigation and
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering mouse screen support has been added.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * gatewayd/journalctl now supports HTML5/JSON
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering Server-Sent-Events as output.
1cb88f2c61f590083847d65cd5a518e834da87d3Lennart Poettering * The SysV init script compatibility logic will now
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering heuristically determine whether a script supports the
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering "reload" verb, and only then make this available as
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering "systemctl reload".
15f47220ab59f480ddedc422cad435091778fc95Ben Boeckel * "systemctl status --follow" has been removed, use "journalctl
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * journald.conf's RuntimeMinSize=, PersistentMinSize= settings
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering have been removed since they are hardly useful to be
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * And I'd like to take the opportunity to specifically mention
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering Zbigniew for his great contributions. Zbigniew, you rock!
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering Contributions from: Andrew Eikum, Christian Hesse, Colin
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering Guthrie, Daniel J Walsh, Dave Reisner, Eelco Dolstra, Ferenc
4d92e078e9d7e9a9d346065ea5e4afbafbdadb48Lennart Poettering Wágner, Kay Sievers, Lennart Poettering, Lukas Nykryn, Mantas
4d92e078e9d7e9a9d346065ea5e4afbafbdadb48Lennart Poettering Mikulėnas, Martin Mikkelsen, Martin Pitt, Michael Olbrich,
4d92e078e9d7e9a9d346065ea5e4afbafbdadb48Lennart Poettering Michael Stapelberg, Michal Schmidt, Sebastian Ott, Thomas
4d92e078e9d7e9a9d346065ea5e4afbafbdadb48Lennart Poettering Bächler, Umut Tezduyar, Will Woods, Wulf C. Krueger, Zbigniew
4d92e078e9d7e9a9d346065ea5e4afbafbdadb48Lennart Poettering Jędrzejewski-Szmek, Сковорода Никита Андреевич
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart PoetteringCHANGES WITH 194:
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering * If /etc/vconsole.conf is non-existent or empty we will no
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering longer load any console font or key map at boot by
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering default. Instead the kernel defaults will be left
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering intact. This is definitely the right thing to do, as no
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering configuration should mean no configuration, and hard-coding
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering font names that are different on all archs is probably a bad
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering idea. Also, the kernel default key map and font should be
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering good enough for most cases anyway, and mostly identical to
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering the userspace fonts/key maps we previously overloaded them
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering with. If distributions want to continue to default to a
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering non-kernel font or key map they should ship a default
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering /etc/vconsole.conf with the appropriate contents.
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering Contributions from: Colin Walters, Daniel J Walsh, Dave
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering Reisner, Kay Sievers, Lennart Poettering, Lukas Nykryn, Tollef
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering Fog Heen, Tom Gundersen, Zbigniew Jędrzejewski-Szmek
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart PoetteringCHANGES WITH 193:
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering * journalctl gained a new --cursor= switch to show entries
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering starting from the specified location in the journal.
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering * We now enforce a size limit on journal entry fields exported
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering with "-o json" in journalctl. Fields larger than 4K will be
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering assigned null. This can be turned off with --all.
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering * An (optional) journal gateway daemon is now available as
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering "systemd-journal-gatewayd.service". This service provides
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering access to the journal via HTTP and JSON. This functionality
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering will be used to implement live log synchronization in both
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering pull and push modes, but has various other users too, such
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering as easy log access for debugging of embedded devices. Right
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering now it is already useful to retrieve the journal via HTTP:
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering # systemctl start systemd-journal-gatewayd.service
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering This will download the journal contents in a
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering /var/log/messages compatible format. The same as JSON:
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering # curl -H"Accept: application/json" http://localhost:19531/entries
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering This service is also accessible via a web browser where a
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering single static HTML5 app is served that uses the JSON logic
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering to enable the user to do some basic browsing of the
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering journal. This will be extended later on. Here's an example
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering screenshot of this app in its current state:
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering http://0pointer.de/public/journal-gatewayd
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering Contributions from: Kay Sievers, Lennart Poettering, Robert
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering Milasan, Tom Gundersen
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart PoetteringCHANGES WITH 192:
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering * The bash completion logic is now available for journalctl
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * We do not mount the "cpuset" controller anymore together with
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering "cpu" and "cpuacct", as "cpuset" groups generally cannot be
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering started if no parameters are assigned to it. "cpuset" hence
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering broke code that assumed it it could create "cpu" groups and
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering just start them.
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering * journalctl -f will now subscribe to terminal size changes,
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering and line break accordingly.
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering Contributions from: Dave Reisner, Kay Sievers, Lennart
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering Poettering, Lukas Nykrynm, Mirco Tischler, Václav Pavlín
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart PoetteringCHANGES WITH 191:
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * nspawn will now create a symlink /etc/localtime in the
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering container environment, copying the host's timezone
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering setting. Previously this has been done via a bind mount, but
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering since symlinks cannot be bind mounted this has now been
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering changed to create/update the appropriate symlink.
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * journalctl -n's line number argument is now optional, and
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering will default to 10 if omitted.
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * journald will now log the maximum size the journal files may
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering take up on disk. This is particularly useful if the default
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering built-in logic of determining this parameter from the file
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering system size is used. Use "systemctl status
6563b535a062055ae68f2e574018d9d04a864b65Lennart Poettering systemd-journald.service" to see this information.
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * The multi-seat X wrapper tool has been stripped down. As X
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering is now capable of enumerating graphics devices via udev in a
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering seat-aware way the wrapper is not strictly necessary
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering anymore. A stripped down temporary stop-gap is still shipped
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering until the upstream display managers have been updated to
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering fully support the new X logic. Expect this wrapper to be
6563b535a062055ae68f2e574018d9d04a864b65Lennart Poettering removed entirely in one of the next releases.
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * HandleSleepKey= in logind.conf has been split up into
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering HandleSuspendKey= and HandleHibernateKey=. The old setting
6563b535a062055ae68f2e574018d9d04a864b65Lennart Poettering is not available anymore. X11 and the kernel are
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering distuingishing between these keys and we should too. This
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering also means the inhibition lock for these keys has been split
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering Contributions from: Dave Airlie, Eelco Dolstra, Lennart
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering Poettering, Lukas Nykryn, Václav Pavlín
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart PoetteringCHANGES WITH 190:
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * Whenever a unit changes state we will now log this to the
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering journal and show along the unit's own log output in
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering "systemctl status".
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * ConditionPathIsMountPoint= can now properly detect bind
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering mount points too. (Previously, a bind mount of one file
8d0256b7eb119de92c748cf566257996b02fb506Lennart Poettering system to another place in the same file system could not be
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering detected as mount, since they shared struct stat's st_dev
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * We will now mount the cgroup controllers cpu, cpuacct,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering cpuset and the controllers net_cls, net_prio together by
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * nspawn containers will now have a virtualized boot
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering ID. (i.e. /proc/sys/kernel/random/boot_id is now mounted
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering over with a randomized ID at container initialization). This
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering has the effect of making "journalctl -b" do the right thing
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering in a container.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * The JSON output journal serialization has been updated not
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering to generate "endless" list objects anymore, but rather one
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering JSON object per line. This is more in line how most JSON
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering parsers expect JSON objects. The new output mode
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering "json-pretty" has been added to provide similar output, but
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering neatly aligned for readability by humans.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * We dropped all explicit sync() invocations in the shutdown
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering code. The kernel does this implicitly anyway in the kernel
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering reboot() syscall. halt(8)'s -n option is now a compatibility
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * We now support virtualized reboot() in containers, as
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering supported by newer kernels. We will fall back to exit() if
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering CAP_SYS_REBOOT is not available to the container. Also,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering nspawn makes use of this now and will actually reboot the
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering container if the containerized OS asks for that.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * journalctl will only show local log output by default
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering now. Use --merge (-m) to show remote log output, too.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * libsystemd-journal gained the new sd_journal_get_usage()
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering call to determine the current disk usage of all journal
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering files. This is exposed in the new "journalctl --disk-usage"
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * journald gained a new configuration setting SplitMode= in
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering journald.conf which may be used to control how user journals
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering are split off. See journald.conf(5) for details.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * A new condition type ConditionFileNotEmpty= has been added.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * tmpfiles' "w" lines now support file globbing, to write
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering multiple files at once.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * We added Python bindings for the journal submission
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering APIs. More Python APIs for a number of selected APIs will
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering likely follow. Note that we intend to add native bindings
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering only for the Python language, as we consider it common
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering enough to deserve bindings shipped within systemd. There are
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering various projects outside of systemd that provide bindings
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering for languages such as PHP or Lua.
a98d5d64720bdf32e3b5f72f896b583e23f730adLennart Poettering * Many conditions will now resolve specifiers such as %i. In
a98d5d64720bdf32e3b5f72f896b583e23f730adLennart Poettering addition, PathChanged= and related directives of .path units
a98d5d64720bdf32e3b5f72f896b583e23f730adLennart Poettering now support specifiers as well.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * There's now a new RPM macro definition for the system preset
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering dir: %_presetdir.
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * journald will now warn if it ca not forward a message to the
dca348bcbb462305864526c587495a14a76bfcdeJan Engelhardt syslog daemon because its socket is full.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * timedated will no longer write or process /etc/timezone,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering except on Debian. As we do not support late mounted /usr
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering anymore /etc/localtime always being a symlink is now safe,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering and hence the information in /etc/timezone is not necessary
aaccc32cdc44b2b972946e44792d63ae17c089c2Lennart Poettering * logind will now always reserve one VT for a text getty (VT6
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering by default). Previously if more than 6 X sessions where
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering started they took up all the VTs with auto-spawned gettys,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering so that no text gettys were available anymore.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * udev will now automatically inform the btrfs kernel logic
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering about btrfs RAID components showing up. This should make
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering simple hotplug based btrfs RAID assembly work.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * PID 1 will now increase its RLIMIT_NOFILE to 64K by default
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering (but not for its children which will stay at the kernel
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering default). This should allow setups with a lot more listening
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * systemd will now always pass the configured timezone to the
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering kernel at boot. timedated will do the same when the timezone
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * logind's inhibition logic has been updated. By default,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering logind will now handle the lid switch, the power and sleep
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering keys all the time, even in graphical sessions. If DEs want
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering to handle these events on their own they should take the new
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering handle-power-key, handle-sleep-key and handle-lid-switch
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering inhibitors during their runtime. A simple way to achiveve
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering that is to invoke the DE wrapped in an invocation of:
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering systemd-inhibit --what=handle-power-key:handle-sleep-key:handle-lid-switch ...
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * Access to unit operations is now checked via SELinux taking
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering the unit file label and client process label into account.
aad803af990f7c88e94427b9278d88afe3a12d38Lennart Poettering * systemd will now notify the administrator in the journal
aad803af990f7c88e94427b9278d88afe3a12d38Lennart Poettering when he over-mounts a non-empty directory.
aad803af990f7c88e94427b9278d88afe3a12d38Lennart Poettering * There are new specifiers that are resolved in unit files,
aad803af990f7c88e94427b9278d88afe3a12d38Lennart Poettering for the host name (%H), the machine ID (%m) and the boot ID
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering Contributions from: Allin Cottrell, Auke Kok, Brandon Philips,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering Colin Guthrie, Colin Walters, Daniel J Walsh, Dave Reisner,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering Eelco Dolstra, Jan Engelhardt, Kay Sievers, Lennart
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering Poettering, Lucas De Marchi, Lukas Nykryn, Mantas Mikulėnas,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering Martin Pitt, Matthias Clasen, Michael Olbrich, Pierre Schmitz,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering Shawn Landden, Thomas Hindoe Paaboel Andersen, Tom Gundersen,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering Václav Pavlín, Yin Kangkai, Zbigniew Jędrzejewski-Szmek
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart PoetteringCHANGES WITH 189:
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * Support for reading structured kernel messages from
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering /dev/kmsg has now been added and is enabled by default.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * Support for reading kernel messages from /proc/kmsg has now
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering been removed. If you want kernel messages in the journal
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering make sure to run a recent kernel (>= 3.5) that supports
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering reading structured messages from /dev/kmsg (see
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering above). /proc/kmsg is now exclusive property of classic
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering syslog daemons again.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * The libudev API gained the new
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering udev_device_new_from_device_id() call.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * The logic for file system namespace (ReadOnlyDirectory=,
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering ReadWriteDirectoy=, PrivateTmp=) has been reworked not to
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering require pivot_root() anymore. This means fewer temporary
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering directories are created below /tmp for this feature.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * nspawn containers will now see and receive all submounts
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering made on the host OS below the root file system of the
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * Forward Secure Sealing is now supported for Journal files,
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering which provide cryptographical sealing of journal files so
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering that attackers cannot alter log history anymore without this
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering being detectable. Lennart will soon post a blog story about
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering this explaining it in more detail.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * There are two new service settings RestartPreventExitStatus=
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering and SuccessExitStatus= which allow configuration of exit
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering status (exit code or signal) which will be excepted from the
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering restart logic, resp. consider successful.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * journalctl gained the new --verify switch that can be used
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering to check the integrity of the structure of journal files and
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering (if Forward Secure Sealing is enabled) the contents of
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering journal files.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * nspawn containers will now be run with /dev/stdin, /dev/fd/
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering and similar symlinks pre-created. This makes running shells
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering as container init process a lot more fun.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * The fstab support can now handle PARTUUID= and PARTLABEL=
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * A new ConditionHost= condition has been added to match
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering against the hostname (with globs) and machine ID. This is
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering useful for clusters where a single OS image is used to
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering provision a large number of hosts which shall run slightly
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering different sets of services.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * Services which hit the restart limit will now be placed in a
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering failure state.
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering Contributions from: Bertram Poettering, Dave Reisner, Huang
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering Hang, Kay Sievers, Lennart Poettering, Lukas Nykryn, Martin
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering Pitt, Simon Peeters, Zbigniew Jędrzejewski-Szmek
c269cec334f940d82146f70d69125b1caef08baaLennart PoetteringCHANGES WITH 188:
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * When running in --user mode systemd will now become a
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering subreaper (PR_SET_CHILD_SUBREAPER). This should make the ps
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering tree a lot more organized.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * A new PartOf= unit dependency type has been introduced that
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering may be used to group services in a natural way.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * "systemctl enable" may now be used to enable instances of
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * journalctl now prints error log levels in red, and
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering warning/notice log levels in bright white. It also supports
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering filtering by log level now.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * cgtop gained a new -n switch (similar to top), to configure
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering the maximum number of iterations to run for. It also gained
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering -b, to run in batch mode (accepting no input).
ab06eef8101866dd1337c4759002f7360a9db416Anatol Pomozov * The suffix ".service" may now be omitted on most systemctl
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering command lines involving service unit names.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * There's a new bus call in logind to lock all sessions, as
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering well as a loginctl verb for it "lock-sessions".
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * libsystemd-logind.so gained a new call sd_journal_perror()
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering that works similar to libc perror() but logs to the journal
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering and encodes structured information about the error number.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * /etc/crypttab entries now understand the new keyfile-size=
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * shutdown(8) now can send a (configurable) wall message when
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering a shutdown is cancelled.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * The mount propagation mode for the root file system will now
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering default to "shared", which is useful to make containers work
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering nicely out-of-the-box so that they receive new mounts from
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering the host. This can be undone locally by running "mount
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering --make-rprivate /" if needed.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * The prefdm.service file has been removed. Distributions
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering should maintain this unit downstream if they intend to keep
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering it around. However, we recommend writing normal unit files
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering for display managers instead.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * Since systemd is a crucial part of the OS we will now
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering default to a number of compiler switches that improve
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering security (hardening) such as read-only relocations, stack
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering protection, and suchlike.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * The TimeoutSec= setting for services is now split into
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering TimeoutStartSec= and TimeoutStopSec= to allow configuration
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering of individual time outs for the start and the stop phase of
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering Contributions from: Artur Zaprzala, Arvydas Sidorenko, Auke
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering Kok, Bryan Kadzban, Dave Reisner, David Strauss, Harald Hoyer,
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering Jim Meyering, Kay Sievers, Lennart Poettering, Mantas
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering Mikulėnas, Martin Pitt, Michal Schmidt, Michal Sekletar, Peter
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering Alfredsen, Shawn Landden, Simon Peeters, Terence Honles, Tom
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering Gundersen, Zbigniew Jędrzejewski-Szmek
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart PoetteringCHANGES WITH 187:
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * The journal and id128 C APIs are now fully documented as man
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * Extra safety checks have been added when transitioning from
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering the initial RAM disk to the main system to avoid accidental
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * /etc/crypttab entries now understand the new keyfile-offset=
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * systemctl -t can now be used to filter by unit load state.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * The journal C API gained the new sd_journal_wait() call to
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering make writing synchronous journal clients easier.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * journalctl gained the new -D switch to show journals from a
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering specific directory.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * journalctl now displays a special marker between log
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering messages of two different boots.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * The journal is now explicitly flushed to /var via a service
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering systemd-journal-flush.service, rather than implicitly simply
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering by seeing /var/log/journal to be writable.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * journalctl (and the journal C APIs) can now match for much
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering more complex expressions, with alternatives and
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * When transitioning from the initial RAM disk to the main
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering system we will now kill all processes in a killing spree to
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering ensure no processes stay around by accident.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * Three new specifiers may be used in unit files: %u, %h, %s
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering resolve to the user name, user home directory resp. user
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering shell. This is useful for running systemd user instances.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * We now automatically rotate journal files if their data
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering object hash table gets a fill level > 75%. We also size the
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering hash table based on the configured maximum file size. This
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering together should lower hash collisions drastically and thus
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering speed things up a bit.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * journalctl gained the new "--header" switch to introspect
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering header data of journal files.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * A new setting SystemCallFilters= has been added to services
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering which may be used to apply blacklists or whitelists to
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering system calls. This is based on SECCOMP Mode 2 of Linux 3.5.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * nspawn gained a new --link-journal= switch (and quicker: -j)
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering to link the container journal with the host. This makes it
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering very easy to centralize log viewing on the host for all
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering guests while still keeping the journal files separated.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * Many bugfixes and optimizations
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering Contributions from: Auke Kok, Eelco Dolstra, Harald Hoyer, Kay
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering Sievers, Lennart Poettering, Malte Starostik, Paul Menzel, Rex
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering Tsai, Shawn Landden, Tom Gundersen, Ville Skyttä, Zbigniew
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering Jędrzejewski-Szmek
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart PoetteringCHANGES WITH 186:
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Several tools now understand kernel command line arguments,
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering which are only read when run in an initial RAM disk. They
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering usually follow closely their normal counterparts, but are
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering prefixed with rd.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * There's a new tool to analyze the readahead files that are
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering automatically generated at boot. Use:
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering /usr/lib/systemd/systemd-readahead analyze /.readahead
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * We now provide an early debug shell on tty9 if this enabled. Use:
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * All plymouth related units have been moved into the Plymouth
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering package. Please make sure to upgrade your Plymouth version
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * systemd-tmpfiles now supports getting passed the basename of
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering a configuration file only, in which case it will look for it
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering in all appropriate directories automatically.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * udevadm info now takes a /dev or /sys path as argument, and
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering does the right thing. Example:
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * systemctl now prints a warning if a unit is stopped but a
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering unit that might trigger it continues to run. Example: a
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering service is stopped but the socket that activates it is left
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * "systemctl status" will now mention if the log output was
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering shortened due to rotation since a service has been started.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * The journal API now exposes functions to determine the
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering "cutoff" times due to rotation.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * journald now understands SIGUSR1 and SIGUSR2 for triggering
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering immediately flushing of runtime logs to /var if possible,
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering resp. for triggering immediate rotation of the journal
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * It is now considered an error if a service is attempted to
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering be stopped that is not loaded.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * XDG_RUNTIME_DIR now uses numeric UIDs instead of usernames.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * systemd-analyze now supports Python 3
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * tmpfiles now supports cleaning up directories via aging
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering where the first level dirs are always kept around but
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering directories beneath it automatically aged. This is enabled
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering by prefixing the age field with '~'.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Seat objects now expose CanGraphical, CanTTY properties
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering which is required to deal with very fast bootups where the
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering display manager might be running before the graphics drivers
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering completed initialization.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Seat objects now expose a State property.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * We now include RPM macros for service enabling/disabling
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering based on the preset logic. We recommend RPM based
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering distributions to make use of these macros if possible. This
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering makes it simpler to reuse RPM spec files across
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering distributions.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * We now make sure that the collected systemd unit name is
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering always valid when services log to the journal via
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * There's a new man page kernel-command-line(7) detailing all
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering command line options we understand.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * The fstab generator may now be disabled at boot by passing
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering fstab=0 on the kernel command line.
91ac74250149a29122b2291c5393dec4592430d4Kay Sievers * A new kernel command line option modules-load= is now understood
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering to load a specific kernel module statically, early at boot.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Unit names specified on the systemctl command line are now
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering automatically escaped as needed. Also, if file system or
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering device paths are specified they are automatically turned
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering into the appropriate mount or device unit names. Example:
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering systemctl status /home
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering systemctl status /dev/sda
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * The SysVConsole= configuration option has been removed from
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * The SysV search path is no longer exported on the D-Bus
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Manager object.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * The Names= option is been removed from unit file parsing.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * There's a new man page bootup(7) detailing the boot process.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Every unit and every generator we ship with systemd now
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering comes with full documentation. The self-explanatory boot is
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * A couple of services gained "systemd-" prefixes in their
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering name if they wrap systemd code, rather than only external
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering code. Among them fsck@.service which is now
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering systemd-fsck@.service.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * The HaveWatchdog property has been removed from the D-Bus
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Manager object.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * systemd.confirm_spawn= on the kernel command line should now
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering work sensibly.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * There's a new man page crypttab(5) which details all options
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering we actually understand.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * systemd-nspawn gained a new --capability= switch to pass
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering additional capabilities to the container.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * timedated will now read known NTP implementation unit names
5b00c0168be6e7b11db7b26fc1712cd6cda3c2e3Lennart Poettering from /usr/lib/systemd/ntp-units.d/*.list,
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering systemd-timedated-ntp.target has been removed.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * journalctl gained a new switch "-b" that lists log data of
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering the current boot only.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * The notify socket is in the abstract namespace again, in
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering order to support daemons which chroot() at start-up.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * There is a new Storage= configuration option for journald
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering which allows configuration of where log data should go. This
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering also provides a way to disable journal logging entirely, so
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering that data collected is only forwarded to the console, the
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering kernel log buffer or another syslog implementation.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * Many bugfixes and optimizations
2d938ac75d013f713c1225def78a53583af6a596Lennart Poettering Contributions from: Auke Kok, Colin Guthrie, Dave Reisner,
2d938ac75d013f713c1225def78a53583af6a596Lennart Poettering David Strauss, Eelco Dolstra, Kay Sievers, Lennart Poettering,
2d938ac75d013f713c1225def78a53583af6a596Lennart Poettering Lukas Nykryn, Michal Schmidt, Michal Sekletar, Paul Menzel,
2d938ac75d013f713c1225def78a53583af6a596Lennart Poettering Shawn Landden, Tom Gundersen
2d1972857b7bd19b4a74a8f80865749a8082f32aKay SieversCHANGES WITH 185:
2d1972857b7bd19b4a74a8f80865749a8082f32aKay Sievers * "systemctl help <unit>" now shows the man page if one is
2d1972857b7bd19b4a74a8f80865749a8082f32aKay Sievers * Several new man pages have been added.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * MaxLevelStore=, MaxLevelSyslog=, MaxLevelKMsg=,
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering MaxLevelConsole= can now be specified in
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering journald.conf. These options allow reducing the amount of
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering data stored on disk or forwarded by the log level.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * TimerSlackNSec= can now be specified in system.conf for
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering PID1. This allows system-wide power savings.
2d1972857b7bd19b4a74a8f80865749a8082f32aKay Sievers Contributions from: Dave Reisner, Kay Sievers, Lauri Kasanen,
2d1972857b7bd19b4a74a8f80865749a8082f32aKay Sievers Lennart Poettering, Malte Starostik, Marc-Antoine Perennou,
2d1972857b7bd19b4a74a8f80865749a8082f32aKay Sievers Matthias Clasen
4c8cd173305697f59adcebf980ad7babe751d38cLennart PoetteringCHANGES WITH 184:
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering * logind is now capable of (optionally) handling power and
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering sleep keys as well as the lid switch.
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering * journalctl now understands the syntax "journalctl
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering /usr/bin/avahi-daemon" to get all log output of a specific
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering * CapabilityBoundingSet= in system.conf now also influences
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering the capability bound set of usermode helpers of the kernel.
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering Contributions from: Daniel Drake, Daniel J. Walsh, Gert
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering Michael Kulyk, Harald Hoyer, Jean Delvare, Kay Sievers,
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering Lennart Poettering, Matthew Garrett, Matthias Clasen, Paul
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering Menzel, Shawn Landden, Tero Roponen, Tom Gundersen
ea5943d3862cc690daa76e2ad336737407ec711cLennart PoetteringCHANGES WITH 183:
187076d47907f7b3fcd61b2ef5eef9820915946aLennart Poettering * Note that we skipped 139 releases here in order to set the
187076d47907f7b3fcd61b2ef5eef9820915946aLennart Poettering new version to something that is greater than both udev's
187076d47907f7b3fcd61b2ef5eef9820915946aLennart Poettering and systemd's most recent version number.
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers * udev: all udev sources are merged into the systemd source tree now.
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers All future udev development will happen in the systemd tree. It
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers is still fully supported to use the udev daemon and tools without
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers systemd running, like in initramfs or other init systems. Building
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers udev though, will require the *build* of the systemd tree, but
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering udev can be properly *run* without systemd.
91cf7e5c37f97c6eb29966fac0afcbaa6662e05dTollef Fog Heen * udev: /lib/udev/devices/ are not read anymore; systemd-tmpfiles
f13b388f97bc3ba8db844bd3413d510e2466a0b6Kay Sievers should be used to create dead device nodes as workarounds for broken
2d13da8821b8197e62f819b5b996750800e910abKay Sievers * udev: RUN+="socket:..." and udev_monitor_new_from_socket() is
2d13da8821b8197e62f819b5b996750800e910abKay Sievers no longer supported. udev_monitor_new_from_netlink() needs to be
2d13da8821b8197e62f819b5b996750800e910abKay Sievers used to subscribe to events.
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers * udev: when udevd is started by systemd, processes which are left
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers behind by forking them off of udev rules, are unconditionally cleaned
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers up and killed now after the event handling has finished. Services or
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers daemons must be started as systemd services. Services can be
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering pulled-in by udev to get started, but they can no longer be directly
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers forked by udev rules.
f13b388f97bc3ba8db844bd3413d510e2466a0b6Kay Sievers * udev: the daemon binary is called systemd-udevd now and installed
f13b388f97bc3ba8db844bd3413d510e2466a0b6Kay Sievers in /usr/lib/systemd/. Standalone builds or non-systemd systems need
f13b388f97bc3ba8db844bd3413d510e2466a0b6Kay Sievers to adapt to that, create symlink, or rename the binary after building
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * libudev no longer provides these symbols:
c195956988799837b763ab1b9f078e5f0b7f26e6Kay Sievers udev_monitor_from_socket()
c195956988799837b763ab1b9f078e5f0b7f26e6Kay Sievers udev_queue_get_failed_list_entry()
c195956988799837b763ab1b9f078e5f0b7f26e6Kay Sievers udev_get_{dev,sys,run}_path()
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering The versions number was bumped and symbol versioning introduced.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * systemd-loginctl and systemd-journalctl have been renamed
9ae9afce6f53a872f4b01b9be13daa75833bd59eLennart Poettering to loginctl and journalctl to match systemctl.
18b754d345ecb0b15e369978aaffa72e9814b86aKay Sievers * The config files: /etc/systemd/systemd-logind.conf and
18b754d345ecb0b15e369978aaffa72e9814b86aKay Sievers /etc/systemd/systemd-journald.conf have been renamed to
18b754d345ecb0b15e369978aaffa72e9814b86aKay Sievers logind.conf and journald.conf. Package updates should rename
18b754d345ecb0b15e369978aaffa72e9814b86aKay Sievers the files to the new names on upgrade.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * For almost all files the license is now LGPL2.1+, changed
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering from the previous GPL2.0+. Exceptions are some minor stuff
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering of udev (which will be changed to LGPL2.1 eventually, too),
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering and the MIT licensed sd-daemon.[ch] library that is suitable
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering to be used as drop-in files.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * systemd and logind now handle system sleep states, in
49f43d5f91a99b23f745726aa351d8f159774357Ville Skyttä particular suspending and hibernating.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * logind now implements a sleep/shutdown/idle inhibiting logic
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering suitable for a variety of uses. Soonishly Lennart will blog
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering about this in more detail.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * var-run.mount and var-lock.mount are no longer provided
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering (which prevously bind mounted these directories to their new
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering places). Distributions which have not converted these
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering directories to symlinks should consider stealing these files
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering from git history and add them downstream.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * We introduced the Documentation= field for units and added
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering this to all our shipped units. This is useful to make it
3943231cfeb3d76dc4ec0b9f845c3f874593a9deLennart Poettering easier to explore the boot and the purpose of the various
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * All smaller setup units (such as
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering systemd-vconsole-setup.service) now detect properly if they
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering are run in a container and are skipped when
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering appropriate. This guarantees an entirely noise-free boot in
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering Linux container environments such as systemd-nspawn.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * A framework for implementing offline system updates is now
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering integrated, for details see:
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering http://freedesktop.org/wiki/Software/systemd/SystemUpdates
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * A new service type Type=idle is available now which helps us
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering avoiding ugly interleaving of getty output and boot status
439d6dfd12f58d7230bcae06d73b841eb3bc588aLennart Poettering * There's now a system-wide CapabilityBoundingSet= option to
439d6dfd12f58d7230bcae06d73b841eb3bc588aLennart Poettering globally reduce the set of capabilities for the
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering system. This is useful to drop CAP_SYS_MKNOD, CAP_SYS_RAWIO,
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering CAP_NET_RAW, CAP_SYS_MODULE, CAP_SYS_TIME, CAP_SYS_PTRACE or
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering even CAP_NET_ADMIN system-wide for secure systems.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * There are now system-wide DefaultLimitXXX= options to
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering globally change the defaults of the various resource limits
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering for all units started by PID 1.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Harald Hoyer's systemd test suite has been integrated into
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering systemd which allows easy testing of systemd builds in qemu
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering and nspawn. (This is really awesome! Ask us for details!)
3943231cfeb3d76dc4ec0b9f845c3f874593a9deLennart Poettering * The fstab parser is now implemented as generator, not inside
3943231cfeb3d76dc4ec0b9f845c3f874593a9deLennart Poettering of PID 1 anymore.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * systemctl will now warn you if .mount units generated from
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering /etc/fstab are out of date due to changes in fstab that
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt have not been read by systemd yet.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * systemd is now suitable for usage in initrds. Dracut has
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering already been updated to make use of this. With this in place
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering initrds get a slight bit faster but primarily are much
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering easier to introspect and debug since "systemctl status" in
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering the host system can be used to introspect initrd services,
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering and the journal from the initrd is kept around too.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * systemd-delta has been added, a tool to explore differences
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering between user/admin configuration and vendor defaults.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * PrivateTmp= now affects both /tmp and /var/tmp.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Boot time status messages are now much prettier and feature
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering proper english language. Booting up systemd has never been
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Read-ahead pack files now include the inode number of all
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering files to pre-cache. When the inode changes the pre-caching
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering is not attempted. This should be nicer to deal with updated
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering packages which might result in changes of read-ahead
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * We now temporaritly lower the kernel's read_ahead_kb variable
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering when collecting read-ahead data to ensure the kernel's
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering built-in read-ahead does not add noise to our measurements
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering of necessary blocks to pre-cache.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * There's now RequiresMountsFor= to add automatic dependencies
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering for all mounts necessary for a specific file system path.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * MountAuto= and SwapAuto= have been removed from
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering system.conf. Mounting file systems at boot has to take place
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering in systemd now.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * nspawn now learned a new switch --uuid= to set the machine
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering ID on the command line.
f8c0a2cb695e3b8140b51cb40637a09ba6eff48eLennart Poettering * nspawn now learned the -b switch to automatically search
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering for an init system.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * vt102 is now the default TERM for serial TTYs, upgraded from
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * systemd-logind now works on VT-less systems.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * The build tree has been reorganized. The individual
3943231cfeb3d76dc4ec0b9f845c3f874593a9deLennart Poettering components now have directories of their own.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * A new condition type ConditionPathIsReadWrite= is now available.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * nspawn learned the new -C switch to create cgroups for the
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering container in other hierarchies.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * We now have support for hardware watchdogs, configurable in
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * The scheduled shutdown logic now has a public API.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * We now mount /tmp as tmpfs by default, but this can be
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering masked and /etc/fstab can override it.
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * Since udisks does not make use of /media anymore we are not
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering mounting a tmpfs on it anymore.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * journalctl gained a new --local switch to only interleave
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering locally generated journal files.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * We can now load the IMA policy at boot automatically.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * The GTK tools have been split off into a systemd-ui.
79849bf9f47f9867c72c7eb76b981bb354d0e30eLennart Poettering Contributions from: Andreas Schwab, Auke Kok, Ayan George,
79849bf9f47f9867c72c7eb76b981bb354d0e30eLennart Poettering Colin Guthrie, Daniel Mack, Dave Reisner, David Ward, Elan
79849bf9f47f9867c72c7eb76b981bb354d0e30eLennart Poettering Ruusamäe, Frederic Crozat, Gergely Nagy, Guillermo Vidal,
79849bf9f47f9867c72c7eb76b981bb354d0e30eLennart Poettering Hannes Reinecke, Harald Hoyer, Javier Jardón, Kay Sievers,
79849bf9f47f9867c72c7eb76b981bb354d0e30eLennart Poettering Lennart Poettering, Lucas De Marchi, Léo Gillot-Lamure,
79849bf9f47f9867c72c7eb76b981bb354d0e30eLennart Poettering Marc-Antoine Perennou, Martin Pitt, Matthew Monaco, Maxim
79849bf9f47f9867c72c7eb76b981bb354d0e30eLennart Poettering A. Mikityanskiy, Michael Biebl, Michael Olbrich, Michal
79849bf9f47f9867c72c7eb76b981bb354d0e30eLennart Poettering Schmidt, Nis Martensen, Patrick McCarty, Roberto Sassu, Shawn
79849bf9f47f9867c72c7eb76b981bb354d0e30eLennart Poettering Landden, Sjoerd Simons, Sven Anders, Tollef Fog Heen, Tom
16f1239e1ece27257c0deedcf01aa39474f66241Lennart PoetteringCHANGES WITH 44:
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering * This is mostly a bugfix release
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering * Support optional initialization of the machine ID from the
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering KVM or container configured UUID.
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering * Support immediate reboots with "systemctl reboot -ff"
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering * Show /etc/os-release data in systemd-analyze output
ab06eef8101866dd1337c4759002f7360a9db416Anatol Pomozov * Many bugfixes for the journal, including endianness fixes and
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering ensuring that disk space enforcement works
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering * sd-login.h is C++ comptaible again
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering * Extend the /etc/os-release format on request of the Debian
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering * We now refuse non-UTF8 strings used in various configuration
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt and unit files. This is done to ensure we do not pass invalid
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering data over D-Bus or expose it elsewhere.
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering * Register Mimo USB Screens as suitable for automatic seat
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering * Read SELinux client context from journal clients in a race
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering * Reorder configuration file lookup order. /etc now always
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering overrides /run in order to allow the administrator to always
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering and unconditionally override vendor supplied or
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering automatically generated data.
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering * The various user visible bits of the journal now have man
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering pages. We still lack man pages for the journal API calls
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering * We now ship all man pages in HTML format again in the
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering Contributions from: Dave Reisner, Dirk Eibach, Frederic
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering Crozat, Harald Hoyer, Kay Sievers, Lennart Poettering, Marti
16f1239e1ece27257c0deedcf01aa39474f66241Lennart Poettering Raudsepp, Michal Schmidt, Shawn Landden, Tero Roponen, Thierry
437b7dee328738b7aca89a9c7527f228ff8f2d34Lennart PoetteringCHANGES WITH 43:
437b7dee328738b7aca89a9c7527f228ff8f2d34Lennart Poettering * This is mostly a bugfix release
437b7dee328738b7aca89a9c7527f228ff8f2d34Lennart Poettering * systems lacking /etc/os-release are no longer supported.
437b7dee328738b7aca89a9c7527f228ff8f2d34Lennart Poettering * Various functionality updates to libsystemd-login.so
437b7dee328738b7aca89a9c7527f228ff8f2d34Lennart Poettering * Track class of PAM logins to distuingish greeters from
437b7dee328738b7aca89a9c7527f228ff8f2d34Lennart Poettering normal user logins.
437b7dee328738b7aca89a9c7527f228ff8f2d34Lennart Poettering Contributions from: Kay Sievers, Lennart Poettering, Michael
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart PoetteringCHANGES WITH 42:
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering * This is an important bugfix release for v41.
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering * Building man pages is now optional which should be useful
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering for those building systemd from git but unwilling to install
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering * Watchdog support for supervising services is now usable. In
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering a future release support for hardware watchdogs
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering (i.e. /dev/watchdog) will be added building on this.
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering * Service start rate limiting is now configurable and can be
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering turned off per service. When a start rate limit is hit a
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering reboot can automatically be triggered.
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering * New CanReboot(), CanPowerOff() bus calls in systemd-logind.
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering Contributions from: Benjamin Franzke, Bill Nottingham,
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering Frederic Crozat, Lennart Poettering, Michael Olbrich, Michal
204fa33c82588c47ebeef3f8c4c0b7da750e37f7Lennart Poettering Schmidt, Michał Górny, Piotr Drąg
e0d25329b23a43332ea340f9907721873a316f4eKay SieversCHANGES WITH 41:
e0d25329b23a43332ea340f9907721873a316f4eKay Sievers * The systemd binary is installed /usr/lib/systemd/systemd now;
e0d25329b23a43332ea340f9907721873a316f4eKay Sievers An existing /sbin/init symlink needs to be adapted with the
e0d25329b23a43332ea340f9907721873a316f4eKay Sievers package update.
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering * The code that loads kernel modules has been ported to invoke
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering libkmod directly, instead of modprobe. This means we do not
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering support systems with module-init-tools anymore.
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering * Watchdog support is now already useful, but still not
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering * A new kernel command line option systemd.setenv= is
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering understood to set system wide environment variables
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering dynamically at boot.
e9c1ea9de87d4d508ac38ce87a2fa56e7529a91aJason St. John * We now limit the set of capabilities of systemd-journald.
353e12c2f4a9e96a47eb80b80d2ffb7bc1d44a1bLennart Poettering * We now set SIGPIPE to ignore by default, since it only is
353e12c2f4a9e96a47eb80b80d2ffb7bc1d44a1bLennart Poettering useful in shell pipelines, and has little use in general
353e12c2f4a9e96a47eb80b80d2ffb7bc1d44a1bLennart Poettering code. This can be disabled with IgnoreSIPIPE=no in unit
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering Contributions from: Benjamin Franzke, Kay Sievers, Lennart
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering Poettering, Michael Olbrich, Michal Schmidt, Tom Gundersen,
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering William Douglas
d26e4270409506cd398875216413b651d6ee7de6Lennart PoetteringCHANGES WITH 40:
d26e4270409506cd398875216413b651d6ee7de6Lennart Poettering * This is mostly a bugfix release
d26e4270409506cd398875216413b651d6ee7de6Lennart Poettering * We now expose the reason why a service failed in the
d26e4270409506cd398875216413b651d6ee7de6Lennart Poettering "Result" D-Bus property.
d26e4270409506cd398875216413b651d6ee7de6Lennart Poettering * Rudimentary service watchdog support (will be completed over
d26e4270409506cd398875216413b651d6ee7de6Lennart Poettering the next few releases.)
d26e4270409506cd398875216413b651d6ee7de6Lennart Poettering * When systemd forks off in order execute some service we will
d26e4270409506cd398875216413b651d6ee7de6Lennart Poettering now immediately changes its argv[0] to reflect which process
d26e4270409506cd398875216413b651d6ee7de6Lennart Poettering it will execute. This is useful to minimize the time window
d26e4270409506cd398875216413b651d6ee7de6Lennart Poettering with a generic argv[0], which makes bootcharts more useful
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering Contributions from: Alvaro Soliverez, Chris Paulson-Ellis, Kay
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering Sievers, Lennart Poettering, Michael Olbrich, Michal Schmidt,
b13df9644bc6d4823b5a84e8a6bbf3bbb2c207c2Lennart Poettering Mike Kazantsev, Ray Strode
220a21d38f675eb835f5758e3d23e896573aa5eaLennart PoetteringCHANGES WITH 39:
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * This is mostly a test release, but incorporates many
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * New systemd-cgtop tool to show control groups by their
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering resource usage.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Linking against libacl for ACLs is optional again. If
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering disabled, support tracking device access for active logins
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering goes becomes unavailable, and so does access to the user
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering journals by the respective users.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * If a group "adm" exists, journal files are automatically
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering owned by them, thus allow members of this group full access
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering to the system journal as well as all user journals.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * The journal now stores the SELinux context of the logging
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering client for all entries.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Add C++ inclusion guards to all public headers
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * New output mode "cat" in the journal to print only text
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering messages, without any meta data like date or time.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Include tiny X server wrapper as a temporary stop-gap to
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering teach XOrg udev display enumeration. This is used by display
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering managers such as gdm, and will go away as soon as XOrg
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering learned native udev hotplugging for display devices.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Add new systemd-cat tool for executing arbitrary programs
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering with STDERR/STDOUT connected to the journal. Can also act as
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering BSD logger replacement, and does so by default.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Optionally store all locally generated coredumps in the
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering journal along with meta data.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * systemd-tmpfiles learnt four new commands: n, L, c, b, for
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering writing short strings to files (for usage for /sys), and for
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering creating symlinks, character and block device nodes.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * New unit file option ControlGroupPersistent= to make cgroups
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering persistent, following the mechanisms outlined in
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering http://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Support multiple local RTCs in a sane way
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * No longer monopolize IO when replaying readahead data on
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering rotating disks, since we might starve non-file-system IO to
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering death, since fanotify() will not see accesses done by blkid,
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * Do not show kernel threads in systemd-cgls anymore, unless
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering requested with new -k switch.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering Contributions from: Dan Horák, Kay Sievers, Lennart
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering Poettering, Michal Schmidt
220a21d38f675eb835f5758e3d23e896573aa5eaLennart PoetteringCHANGES WITH 38:
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * This is mostly a test release, but incorporates many
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * The git repository moved to:
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering git://anongit.freedesktop.org/systemd/systemd
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering ssh://git.freedesktop.org/git/systemd/systemd
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * First release with the journal
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering http://0pointer.de/blog/projects/the-journal.html
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * The journal replaces both systemd-kmsg-syslogd and
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering systemd-stdout-bridge.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * New sd_pid_get_unit() API call in libsystemd-logind
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Many systemadm clean-ups
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Introduce remote-fs-pre.target which is ordered before all
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering remote mounts and may be used to start services before all
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering remote mounts.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Added Mageia support
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Add bash completion for systemd-loginctl
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Actively monitor PID file creation for daemons which exit in
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering the parent process before having finished writing the PID
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering file in the daemon process. Daemons which do this need to be
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering fixed (i.e. PID file creation must have finished before the
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering parent exits), but we now react a bit more gracefully to them.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Add colourful boot output, mimicking the well-known output
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering of existing distributions.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * New option PassCredentials= for socket units, for
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering compatibility with a recent kernel ABI breakage.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * /etc/rc.local is now hooked in via a generator binary, and
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering thus will no longer act as synchronization point during
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * systemctl list-unit-files now supports --root=.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * systemd-tmpfiles now understands two new commands: z, Z for
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering relabelling files according to the SELinux database. This is
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering useful to apply SELinux labels to specific files in /sys,
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering among other things.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Output of SysV services is now forwarded to both the console
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering and the journal by default, not only just the console.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * New man pages for all APIs from libsystemd-login.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * The build tree got reorganized and a the build system is a
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering lot more modular allowing embedded setups to specifically
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering select the components of systemd they are interested in.
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Support for Linux systems lacking the kernel VT subsystem is
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * configure's --with-rootdir= got renamed to
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering --with-rootprefix= to follow the naming used by udev and
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * Unless specified otherwise we will now install to /usr instead
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * Processes with '@' in argv[0][0] are now excluded from the
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering final shut-down killing spree, following the logic explained
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * All processes remaining in a service cgroup when we enter
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering the START or START_PRE states are now killed with
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering SIGKILL. That means it is no longer possible to spawn
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering background processes from ExecStart= lines (which was never
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering supported anyway, and bad style).
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering * New PropagateReloadTo=/PropagateReloadFrom= options to bind
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering reloading of units together.
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering Contributions from: Bill Nottingham, Daniel J. Walsh, Dave
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering Reisner, Dexter Morgan, Gregs Gregs, Jonathan Nieder, Kay
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering Sievers, Lennart Poettering, Michael Biebl, Michal Schmidt,
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering Michał Górny, Ran Benita, Thomas Jarosch, Tim Waugh, Tollef
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering Fog Heen, Tom Gundersen, Zbigniew Jędrzejewski-Szmek