NEWS revision 51c61cda1a542c9e999bfdc6aab4a029c0ae7f5a
d657c51f14601d0235434ffb78cf6ac0f27cc83cLennart Poetteringsystemd System and Service Manager
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay SieversCHANGES WITH 212:
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers * When restoring the screen brightness at boot, stay away from
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers the darkest setting or from the lowest 5% of the available
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers range, depending on which is the larger value of both. This
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers should effectively protect the user from rebooting into a
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers black screen, should the brightness have been set to minimum
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers by accident.
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers * sd-login gained a new sd_machine_get_class() call to
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers determine the class ("vm" or "container") of a machine
71449cafa1f3aecad6fc755ae5e571eddf0bbd02Kay Sievers registered with machined.
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers * sd-login gained new calls
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers sd_peer_get_{session,owner_uid,unit,user_unit,slice,machine_name}(),
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers to query the identity of the peer of a local AF_UNIX
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers connection. They operate similar to their sd_pid_get_xyz()
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * PID 1 will now maintain a system-wide system state engine
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering with the states "starting", "running", "degraded",
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering "maintenance", "stopping". These states are bound to system
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering startup, normal runtime, runtime with at least one failed
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering service, rescue/emergency mode and system shutdown. This
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering state is shown in the "systemctl status" output when no unit
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering name is passed. It is useful to determine system state, in
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering particularly when doing so for many systems or containers at
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * A new command "list-machines" has been added to "systemctl"
71449cafa1f3aecad6fc755ae5e571eddf0bbd02Kay Sievers that lists all local OS containers and shows their system
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering state (see above), if systemd runs inside of them.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * systemctl gained a new "-r" switch to recursively enumerate
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering units on all local containers, when used with the
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering "list-unit" command (which is the default one that is
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering executed when no parameters are specified).
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The GPT automatic partition discovery logic will now honour
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering two GPT partition flags: one may be set on a partition to
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering cause it to be mounted read-only, and the other may be set
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering on a partition to ignore it during automatic discovery.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Two new GPT type UUIDs have been added for automatic root
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering partition discovery, for 32bit and 64bit ARM. This is not
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering particularly useful for discovering the root directory on
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering these architectures during bare-metal boots (since UEFI is
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering not common there), but still very useful to allow booting of
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering ARM disk images in nspawn with the -i option.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * MAC addresses of interfaces created with nspawn's
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering --network-interface= switch will now be generated from the
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering machine name, and thus be stable between multiple invocations
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering of the container.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * logind will now automatically remove all IPC objects owned
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering by a user if she or he fully logs out. This makes sure that
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering users who are logged out cannot continue to consume IPC
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering resources. This covers SysV memory, semaphores and message
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering queues as well as POSIX shared memory and message
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering queues. Traditionally SysV and POSIX IPC had no life-cycle
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering limits, with this functionality this is corrected. This may
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering be turned off using the RemoveIPC= switch of logind.conf.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The systemd-machine-id-setup and tmpfiles tools gained a
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering --root= switch to operate on a specific root directory,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * journald can now forward logged messages to the TTYs of all
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering logged in users ("wall"). This is the default for all
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering emergency messages now.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * A new tool systemd-journal-remote has been added to stream
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering journal log messages across the network.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * /sys/fs/cgroup/ is now mounted read-only after all cgroup
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering controller trees are mounted into it. Note that the
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering directories mounted beneath it are not read-only. This is a
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering security measure and is particularly useful because glibc
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering actually includes a search logic to pick any tmpfs it can
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering find to implement shm_open() if /dev/shm is not available
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering (which it might very well be in namespaced setups).
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * machinectl gained a new "poweroff" command to cleanly power
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering down a local OS container.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The PrivateDevices= unit file setting will now also drop the
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering CAP_MKNOD capability from the capability bound set, and
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering imply DevicePolicy=closed.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * PrivateDevices=, PrivateNetwork= and PrivateTmp= is now used
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering comprehensively on all long-running systemd services where
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering this is appropriate.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * systemd-udevd will now run in a disassociated mount
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering namespace. To mount directories from udev rules make sure to
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering pull in mount units via SYSTEMD_WANTS properties.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The kdbus support gained support for uploading policy into
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering the kernel. sd-bus gained support for creating "monitoring"
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering connections that can eavesdrop into all bus communication
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering for debugging purposes.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Timestamps may now be specified in seconds since the UNIX
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering epoch Jan 1st, 1970 by specifying "@" followed by the value
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Native tcpwrap support in systemd has been removed. tcpwrap
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering is old code, not really maintained anymore and has serious
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering shortcomings, and better options such as firewalls
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering exist. For setups that require tcpwrap usage, please
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering consider invoking your socket-activated service via tcpd,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering like on traditional inetd.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * A new system.conf configuration option
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering DefaultTimerAccuracySec= has been added that controls the
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering default AccuracySec= setting of .timer units.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Timer units gained a new WakeSystem= switch. If enabled
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering timers configured this way will cause the system to resume
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering from system suspend (if the system supports that, which most
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering do these days).
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Timer units gained a new Persistent= switch. If enabled
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering timers configured this way will save to disk when they have
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering been last triggered. This information is then used on next
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering reboot to possible execute overdue timer events, that
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering couldn't take place because the system was powered off. This
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering enables simple anacron-like behaviour for timer units.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * systemctl's "list-timers" will now also list the time a
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering timer unit was last triggered in addition to the next time
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering it will be triggered.
71449cafa1f3aecad6fc755ae5e571eddf0bbd02Kay Sievers * systemd-networkd will now assign predictable IPv4LL
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering addresses to its local interfaces.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Contributions from: Brandon Philips, Daniel Buch, Daniel Mack,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Dave Reisner, David Herrmann, Gerd Hoffmann, Greg
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Kroah-Hartman, Hendrik Brueckner, Jason St. John, Josh
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Triplett, Kay Sievers, Lennart Poettering, Marc-Antoine
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Perennou, Michael Marineau, Michael Olbrich, Miklos Vajna,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Patrik Flykt, poma, Sebastian Thorarensen, Thomas Bächler,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Thomas Hindoe Paaboel Andersen, Tomasz Torcz, Tom Gundersen,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Umut Tezduyar Lindskog, Wieland Hoffmann, Zbigniew
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Jędrzejewski-Szmek
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering -- Berlin, 2014-03-25
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart PoetteringCHANGES WITH 211:
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * A new unit file setting RestrictAddressFamilies= has been
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering added to restrict which socket address families unit
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering processes gain access to. This takes address family names
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering like "AF_INET" or "AF_UNIX", and is useful to minimize the
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering attack surface of services via exotic protocol stacks. This
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering is built on seccomp system call filters.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Two new unit file settings RuntimeDirectory= and
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering RuntimeDirectoryMode= have been added that may be used to
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering manage a per-daemon runtime directories below /run. This is
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering an alternative for setting up directory permissions with
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering tmpfiles snippets, and has the advantage that the runtime
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering directory's lifetime is bound to the daemon runtime and that
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering the daemon starts up with an empty directory each time. This
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering is particularly useful when writing services that drop
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering priviliges using the User= or Group= setting.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The DeviceAllow= unit setting now supports globbing for
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering matching against device group names.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The systemd configuration file system.conf gained new
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering settings DefaultCPUAccounting=, DefaultBlockIOAccounting=,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering DefaultMemoryAccounting= to globally turn on/off accounting
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering for specific resources (cgroups) for all units. These
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering settings may still be overridden individually in each unit
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers * systemd-gpt-auto-generator is now able to discover /srv and
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering root partitions in addition to /home and swap partitions. It
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering also supports LUKS-encrypted partitions now. With this in
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering place automatic discovery of partitions to mount following
c9679c652b3c31f2510e8805d81630680ebc7e95Lennart Poettering the Discoverable Partitions Specification
c9679c652b3c31f2510e8805d81630680ebc7e95Lennart Poettering (http://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec)
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering is now a lot more complete. This allows booting without
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering /etc/fstab and without root= on the kernel command line on
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering appropriately prepared systems.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * systemd-nspawn gained a new --image= switch which allows
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering booting up disk images and Linux installations on any block
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering device that follow the Discoverable Partitions Specification
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering (see above). This means that installations made with
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers appropriately updated installers may now be started and
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering deployed using container managers, completely
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering unmodified. (We hope that libvirt-lxc will add support for
c9679c652b3c31f2510e8805d81630680ebc7e95Lennart Poettering this feature soon, too.)
c9679c652b3c31f2510e8805d81630680ebc7e95Lennart Poettering * systemd-nspawn gained a new --network-macvlan= setting to
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering set up a private macvlan interface for the
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers container. Similar, systemd-networkd gained a new
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers Kind=macvlan setting in .netdev files.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * systemd-networkd now supports configuring local addresses
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * A new tool systemd-network-wait-online has been added to
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek synchronously wait for network connectivity using
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek systemd-networkd.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * The sd-bus.h bus API gained a new sd_bus_track object for
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering tracking the life-cycle of bus peers. Note that sd-bus.h is
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek still not a public API though (unless you specify
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering --enable-kdbus on the configure command line, which however
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering voids your warranty and you get no API stability guarantee).
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek * The $XDG_RUNTIME_DIR runtime directories for each user are
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering now individual tmpfs instances, which has the benefit of
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering introducing separate pools for each user, with individual
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering size limits, and thus making sure that unprivileged clients
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering can no longer negatively impact the system or other users by
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering filling up their $XDG_RUNTIME_DIR. A new logind.conf setting
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek RuntimeDirectorySize= has been introduced that allows
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek controlling the default size limit for all users. It
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek defaults to 10% of the available physical memory. This is no
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek replacement for quotas on tmpfs though (which the kernel
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering still does not support), as /dev/shm and /tmp are still
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering shared resources used by both the system and unprivileged
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * logind will now automatically turn off automatic suspending
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering on laptop lid close when more than one display is
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering connected. This was previously expected to be implemented
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering individually in desktop environments (such as GNOME),
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering however has been added to logind now, in order to fix a
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering boot-time race where a desktop environment might not have
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering been started yet and thus not been able to take an inhibitor
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering lock at the time where logind already suspends the system
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering due to a closed lid.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * logind will now wait at least 30s after each system
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering suspend/resume cycle, and 3min after system boot before
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering suspending the system due to a closed laptop lid. This
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering should give USB docking stations and similar enough time to
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering be probed and configured after system resume and boot in
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering order to then act as suspend blocker.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * systemd-run gained a new --property= setting which allows
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering initialization of resource control properties (and others)
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering for the created scope or service unit. Example: "systemd-run
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering --property=BlockIOWeight=10 updatedb" may be used to run
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering updatedb at a low block IO scheduling weight.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * systemd-run's --uid=, --gid=, --setenv=, --setenv= switches
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering now also work in --scope mode.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * When systemd is compiled with kdbus support, basic support
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering for enforced policies is now in place. (Note that enabling
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering kdbus still voids your warranty and no API compatibility
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering promises are made.)
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Contributions from: Andrey Borzenkov, Ansgar Burchardt, Armin
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering K., Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Harald Hoyer, Henrik Grindal Bakken, Jasper St. Pierre, Kay
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Sievers, Kieran Clancy, Lennart Poettering, Lukas Nykryn,
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Mantas Mikulėnas, Marcel Holtmann, Mark Oteiza, Martin Pitt,
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Mike Gilbert, Peter Rajnoha, poma, Samuli Suominen, Stef
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Walter, Susant Sahani, Tero Roponen, Thomas Andersen, Thomas
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen Bächler, Thomas Hindoe Paaboel Andersen, Tomasz Torcz, Tom
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen Gundersen, Umut Tezduyar Lindskog, Uoti Urpala, Zachary Cook,
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen Zbigniew Jędrzejewski-Szmek
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen -- Berlin, 2014-03-12
6936cd8926b6935364874b3701e86fe823e8c4ceLennart PoetteringCHANGES WITH 210:
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * systemd will now relabel /dev after loading the SMACK policy
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers according to SMACK rules.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * A new unit file option AppArmorProfile= has been added to
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering set the AppArmor profile for the processes of a unit.
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering * A new condition check ConditionArchitecture= has been added
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering to conditionalize units based on the system architecture, as
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering reported by uname()'s "machine" field.
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering * systemd-networkd now supports matching on the system
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering virtualization, architecture, kernel command line, host name
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering and machine ID.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * logind is now a lot more aggressive when suspending the
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering machine due to a closed laptop lid. Instead of acting only
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering on the lid close action it will continuously watch the lid
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering status and act on it. This is useful for laptops where the
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering power button is on the outside of the chassis so that it can
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering be reached without opening the lid (such as the Lenovo
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Yoga). On those machines logind will now immediately
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering re-suspend the machine if the power button has been
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering accidentally pressed while the laptop was suspended and in a
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering backpack or similar.
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering * logind will now watch SW_DOCK switches and inhibit reaction
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering to the lid switch if it is pressed. This means that logind
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering will not suspend the machine anymore if the lid is closed
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering and the system is docked, if the laptop supports SW_DOCK
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering notifications via the input layer. Note that ACPI docking
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering stations do not generate this currently. Also note that this
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering logic is usually not fully sufficient and Desktop
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Environments should take a lid switch inhibitor lock when an
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering external display is connected, as systemd will not watch
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering this on its own.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * nspawn will now make use of the devices cgroup controller by
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering default, and only permit creation of and access to the usual
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering API device nodes like /dev/null or /dev/random, as well as
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering access to (but not creation of) the pty devices.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * We will now ship a default .network file for
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering systemd-networkd that automatically configures DHCP for
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering network interfaces created by nspawn's --network-veth or
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering --network-bridge= switches.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * systemd will now understand the usual M, K, G, T suffixes
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering according to SI conventions (i.e. to the base 1000) when
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek referring to throughput and hardware metrics. It will stay
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering with IEC conventions (i.e. to the base 1024) for software
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering metrics, according to what is customary according to
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Wikipedia. We explicitly document which base applies for
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering each configuration option.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * The DeviceAllow= setting in unit files now supports a syntax
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering to whitelist an entire group of devices node majors at once,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering based on the /proc/devices listing. For example, with the
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering string "char-pts" it is now possible to whitelist all
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering current and future pseudo-TTYs at once.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * sd-event learned a new "post" event source. Event sources of
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering this type are triggered by the dispatching of any event
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering source of a type that is not "post". This is useful for
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering implementing clean-up and check event sources that are
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering triggered by other work being done in the program.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * systemd-networkd is no longer statically enabled, but uses
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering the usual [Install] sections so that it can be
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering enabled/disabled using systemctl. It still is enabled by
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering default however.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * When creating a veth interface pair with systemd-nspawn the
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering host side will now be prefixed with "vb-" if
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering --network-bridge= is used, and with "ve-" if --network-veth
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering is used. This way it is easy to distinguish these cases on
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering the host, for example to apply different configuration to
70a44afee385c4afadaab9a002b3f9dd44aedf4aJan Engelhardt them with systemd-networkd.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * The compatibility libraries for libsystemd-journal.so,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering libsystem-id128.so, libsystemd-login.so and
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering libsystemd-daemon.so do not make use of IFUNC
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering anymore. Instead we now build libsystemd.so multiple times
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering under these alternative names. This means that the footprint
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering is drastically increased, but given that these are
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering transitional compatibility libraries this shouldn't matter
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering much. This change has been made necessary to support the ARM
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering platform for these compatibility libraries, as the ARM
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering toolchain isn't really at the same level as the toolchain
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering for other architectures like x86 and does not support
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering IFUNC. Please make sure to use --enable-compat-libs only
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering during a transitional period!
b8bde11658366290521e3d03316378b482600323Jan Engelhardt Contributions from: Andreas Fuchs, Armin K., Colin Walters,
b8bde11658366290521e3d03316378b482600323Jan Engelhardt Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
b8bde11658366290521e3d03316378b482600323Jan Engelhardt Holger Schurig, Jason A. Donenfeld, Jason St. John, Jasper
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering St. Pierre, Kay Sievers, Lennart Poettering, Łukasz Stelmach,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Marcel Holtmann, Michael Scherer, Michal Sekletar, Mike
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Gilbert, Samuli Suominen, Thomas Bächler, Thomas Hindoe
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Paaboel Andersen, Tom Gundersen, Umut Tezduyar Lindskog,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Zbigniew Jędrzejewski-Szmek
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering -- Berlin, 2014-02-24
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart PoetteringCHANGES WITH 209:
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * A new component "systemd-networkd" has been added that can
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering be used to configure local network interfaces statically or
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering via DHCP. It is capable of bringing up bridges, VLANs, and
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering bonding. Currently, no hook-ups for interactive network
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering configuration are provided. Use this for your initrd,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering container, embedded, or server setup if you need a simple,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering yet powerful, network configuration solution. This
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering configuration subsystem is quite nifty, as it allows wildcard
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering hotplug matching in interfaces. For example, with a single
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering configuration snippet, you can configure that all Ethernet
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering interfaces showing up are automatically added to a bridge,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering or similar. It supports link-sensing and more.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * A new tool "systemd-socket-proxyd" has been added which can
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering act as a bidirectional proxy for TCP sockets. This is
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering useful for adding socket activation support to services that
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering do not actually support socket activation, including virtual
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering machines and the like.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * Add a new tool to save/restore rfkill state on
b8bde11658366290521e3d03316378b482600323Jan Engelhardt * Save/restore state of keyboard backlights in addition to
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering display backlights on shutdown/boot.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * udev learned a new SECLABEL{} construct to label device
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering nodes with a specific security label when they appear. For
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering now, only SECLABEL{selinux} is supported, but the syntax is
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering prepared for additional security frameworks.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * udev gained a new scheme to configure link-level attributes
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering from files in /etc/systemd/network/*.link. These files can
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering match against MAC address, device path, driver name and type,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering and will apply attributes like the naming policy, link speed,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering MTU, duplex settings, Wake-on-LAN settings, MAC address, MAC
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering address assignment policy (randomized, ...).
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * The configuration of network interface naming rules for
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering "permanent interface names" has changed: a new NamePolicy=
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering setting in the [Link] section of .link files determines the
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering priority of possible naming schemes (onboard, slot, mac,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering path). The default value of this setting is determined by
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering 80-net-name-slot.rules udev configuration file has been
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering removed, so local configuration overriding this file should
b8bde11658366290521e3d03316378b482600323Jan Engelhardt be adapated to override 99-default.link instead.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * When the User= switch is used in a unit file, also
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering initialize $SHELL= based on the user database entry.
b8bde11658366290521e3d03316378b482600323Jan Engelhardt * systemd no longer depends on libdbus. All communication is
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering now done with sd-bus, systemd's low-level bus library
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering implementation.
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * kdbus support has been added to PID 1 itself. When kdbus is
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt enabled, this causes PID 1 to set up the system bus and
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering enable support for a new ".busname" unit type that
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering encapsulates bus name activation on kdbus. It works a little
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering bit like ".socket" units, except for bus names. A new
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering generator has been added that converts classic dbus1 service
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering activation files automatically into native systemd .busname
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering and .service units.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * sd-bus: add a light-weight vtable implementation that allows
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering defining objects on the bus with a simple static const
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering vtable array of its methods, signals and properties.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * systemd will not generate or install static dbus
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering introspection data anymore to /usr/share/dbus-1/interfaces,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering as the precise format of these files is unclear, and
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering nothing makes use of it.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * A proxy daemon is now provided to proxy clients connecting
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering via classic D-Bus AF_UNIX sockets to kdbus, to provide full
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering compatibility with classic D-Bus.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * A bus driver implementation has been added that supports the
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering classic D-Bus bus driver calls on kdbus, also for
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering compatibility purposes.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * A new API "sd-event.h" has been added that implements a
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering minimal event loop API built around epoll. It provides a
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering couple of features that direct epoll usage is lacking:
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering prioritization of events, scales to large numbers of timer
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering events, per-event timer slack (accuracy), system-wide
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering coalescing of timer events, exit handlers, watchdog
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering supervision support using systemd's sd_notify() API, child
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering process handling.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * A new API "sd-rntl.h" has been added that provides an API
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering around the route netlink interface of the kernel, similar in
f1721625e7145977ba705e169580f2eb0002600cNis Martensen * A new API "sd-dhcp-client.h" has been added that provides a
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering small DHCPv4 client-side implementation. This is used by
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering "systemd-networkd".
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * There is a new kernel command line option
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering "systemd.restore_state=0|1". When set to "0", none of the
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering systemd tools will restore saved runtime state to hardware
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering devices. More specifically, the rfkill and backlight states
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering are not restored.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * The FsckPassNo= compatibility option in mount/service units
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering has been removed. The fstab generator will now add the
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering necessary dependencies automatically, and does not require
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering PID1's support for that anymore.
b8bde11658366290521e3d03316378b482600323Jan Engelhardt * journalctl gained a new switch, --list-boots, that lists
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering recent boots with their times and boot IDs.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * The various tools like systemctl, loginctl, timedatectl,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering busctl, systemd-run, ... have gained a new switch "-M" to
b8bde11658366290521e3d03316378b482600323Jan Engelhardt connect to a specific, local OS container (as direct
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering connection, without requiring SSH). This works on any
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering container that is registered with machined, such as those
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering created by libvirt-lxc or nspawn.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * systemd-run and systemd-analyze also gained support for "-H"
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering to connect to remote hosts via SSH. This is particularly
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering useful for systemd-run because it enables queuing of jobs
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering onto remote systems.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * machinectl gained a new command "login" to open a getty
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering login in any local container. This works with any container
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering that is registered with machined (such as those created by
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek libvirt-lxc or nspawn), and which runs systemd inside.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * machinectl gained a new "reboot" command that may be used to
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering trigger a reboot on a specific container that is registered
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering with machined. This works on any container that runs an init
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering system of some kind.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * systemctl gained a new "list-timers" command to print a nice
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering listing of installed timer units with the times they elapse
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * Alternative reboot() parameters may now be specified on the
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering "systemctl reboot" command line and are passed to the
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering reboot() system call.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * systemctl gained a new --job-mode= switch to configure the
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering mode to queue a job with. This is a more generic version of
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering --fail, --irreversible, and --ignore-dependencies, which are
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering still available but not advertised anymore.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * /etc/systemd/system.conf gained new settings to configure
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering various default timeouts of units, as well as the default
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering start limit interval and burst. These may still be overridden
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering within each Unit.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * PID1 will now export on the bus profile data of the security
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering policy upload process (such as the SELinux policy upload to
4ef6e535e30c67d4ff34b2ca785e555dbaeac14eKay Sievers the kernel).
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * journald: when forwarding logs to the console, include
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering timestamps (following the setting in
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * OnCalendar= in timer units now understands the special
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering strings "yearly" and "annually". (Both are equivalent)
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * The accuracy of timer units is now configurable with the new
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering AccuracySec= setting. It defaults to 1min.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * A new dependency type JoinsNamespaceOf= has been added that
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering allows running two services within the same /tmp and network
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering namespace, if PrivateNetwork= or PrivateTmp= are used.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * A new command "cat" has been added to systemctl. It outputs
4ef6e535e30c67d4ff34b2ca785e555dbaeac14eKay Sievers the original unit file of a unit, and concatenates the
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering contents of additional "drop-in" unit file snippets, so that
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering the full configuration is shown.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * systemctl now supports globbing on the various "list-xyz"
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering commands, like "list-units" or "list-sockets", as well as on
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering those commands which take multiple unit names.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * journalctl's --unit= switch gained support for globbing.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * All systemd daemons now make use of the watchdog logic so
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering that systemd automatically notices when they hang.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * If the $container_ttys environment variable is set,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering getty-generator will automatically spawn a getty for each
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering listed tty. This is useful for container managers to request
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering login gettys to be spawned on as many ttys as needed.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * %h, %s, %U specifier support is not available anymore when
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering used in unit files for PID 1. This is because NSS calls are
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering not safe from PID 1. They stay available for --user
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering instances of systemd, and as special case for the root user.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * loginctl gained a new "--no-legend" switch to turn off output
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering of the legend text.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * The "sd-login.h" API gained three new calls:
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering sd_session_is_remote(), sd_session_get_remote_user(),
13b28d822462e9a0a7130ad40bed08cb380082f0Lennart Poettering sd_session_get_remote_host() to query information about
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering remote sessions.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * The udev hardware database now also carries vendor/product
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering information of SDIO devices.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * The "sd-daemon.h" API gained a new sd_watchdog_enabled() to
67dd87c51b1ba254dc6a0eeae41762aace40addaLennart Poettering determine whether watchdog notifications are requested by
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering the system manager.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * Socket-activated per-connection services now include a
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering short description of the connection parameters in the
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * tmpfiles gained a new "--boot" option. When this is not used,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering only lines where the command character is not suffixed with
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering "!" are executed. When this option is specified, those
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering options are executed too. This partitions tmpfiles
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers directives into those that can be safely executed at any
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering time, and those which should be run only at boot (for
b8bde11658366290521e3d03316378b482600323Jan Engelhardt example, a line that creates /run/nologin).
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * A new API "sd-resolve.h" has been added which provides a simple
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers asynchronous wrapper around glibc NSS host name resolution
b8bde11658366290521e3d03316378b482600323Jan Engelhardt calls, such as getaddrinfo(). In contrast to glibc's
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers getaddrinfo_a(), it does not use signals. In contrast to most
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering other asynchronous name resolution libraries, this one does
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering not reimplement DNS, but reuses NSS, so that alternate
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering host name resolution systems continue to work, such as mDNS,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering LDAP, etc. This API is based on libasyncns, but it has been
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering cleaned up for inclusion in systemd.
949138ccc3417748b0978980e4a1c67955dd4ba4Ansgar Burchardt * The APIs "sd-journal.h", "sd-login.h", "sd-id128.h",
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering "sd-daemon.h" are no longer found in individual libraries
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering libsystemd-journal.so, libsystemd-login.so,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering libsystemd-id128.so, libsystemd-daemon.so. Instead, we have
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering merged them into a single library, libsystemd.so, which
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering provides all symbols. The reason for this is cyclic
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering dependencies, as these libraries tend to use each other's
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering symbols. So far, we've managed to workaround that by linking
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering a copy of a good part of our code into each of these
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering libraries again and again, which, however, makes certain
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering things hard to do, like sharing static variables. Also, it
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering substantially increases footprint. With this change, there
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering is only one library for the basic APIs systemd
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering provides. Also, "sd-bus.h", "sd-memfd.h", "sd-event.h",
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering "sd-rtnl.h", "sd-resolve.h", "sd-utf8.h" are found in this
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering library as well, however are subject to the --enable-kdbus
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering switch (see below). Note that "sd-dhcp-client.h" is not part
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering of this library (this is because it only consumes, never
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering provides, services of/to other APIs). To make the transition
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering easy from the separate libraries to the unified one, we
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering provide the --enable-compat-libs compile-time switch which
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering will generate stub libraries that are compatible with the
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering old ones but redirect all calls to the new one.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * All of the kdbus logic and the new APIs "sd-bus.h",
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering "sd-memfd.h", "sd-event.h", "sd-rtnl.h", "sd-resolve.h",
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering and "sd-utf8.h" are compile-time optional via the
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers "--enable-kdbus" switch, and they are not compiled in by
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering default. To make use of kdbus, you have to explicitly enable
b8bde11658366290521e3d03316378b482600323Jan Engelhardt the switch. Note however, that neither the kernel nor the
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering userspace API for all of this is considered stable yet. We
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering want to maintain the freedom to still change the APIs for
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering now. By specifying this build-time switch, you acknowledge
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering that you are aware of the instability of the current
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * Also, note that while kdbus is pretty much complete,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering it lacks one thing: proper policy support. This means you
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering can build a fully working system with all features; however,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering it will be highly insecure. Policy support will be added in
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering one of the next releases, at the same time that we will
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering declare the APIs stable.
b8bde11658366290521e3d03316378b482600323Jan Engelhardt * When the kernel command-line argument "kdbus" is specified,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering systemd will automatically load the kdbus.ko kernel module. At
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering this stage of development, it is only useful for testing kdbus
b8bde11658366290521e3d03316378b482600323Jan Engelhardt and should not be used in production. Note: if "--enable-kdbus"
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering is specified, and the kdbus.ko kernel module is available, and
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering "kdbus" is added to the kernel command line, the entire system
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering runs with kdbus instead of dbus-daemon, with the above mentioned
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering problem of missing the system policy enforcement. Also a future
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering version of kdbus.ko or a newer systemd will not be compatible with
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering each other, and will unlikely be able to boot the machine if only
b8bde11658366290521e3d03316378b482600323Jan Engelhardt one of them is updated.
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering * systemctl gained a new "import-environment" command which
b8bde11658366290521e3d03316378b482600323Jan Engelhardt uploads the caller's environment (or parts thereof) into the
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering service manager so that it is inherited by services started
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering by the manager. This is useful to upload variables like
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt $DISPLAY into the user service manager.
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering * A new PrivateDevices= switch has been added to service units
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering which allows running a service with a namespaced /dev
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering directory that does not contain any device nodes for
13b28d822462e9a0a7130ad40bed08cb380082f0Lennart Poettering physical devices. More specifically, it only includes devices
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering such as /dev/null, /dev/urandom, and /dev/zero which are API
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * logind has been extended to support behaviour like VT
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering switching on seats that do not support a VT. This makes
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering multi-session available on seats that are not the first seat
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering (seat0), and on systems where kernel support for VTs has
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering been disabled at compile-time.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * If a process holds a delay lock for system sleep or shutdown
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering and fails to release it in time, we will now log its
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering identity. This makes it easier to identify processes that
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering cause slow suspends or power-offs.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * When parsing /etc/crypttab, support for a new key-slot=
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John option as supported by Debian is added. It allows indicating
4670e9d5f23fc39360c086fb58eadf8b157ee205Jan Engelhardt which LUKS slot to use on disk, speeding up key loading.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * The sd_journald_sendv() API call has been checked and
4670e9d5f23fc39360c086fb58eadf8b157ee205Jan Engelhardt officially declared to be async-signal-safe so that it may
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek be invoked from signal handlers for logging purposes.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * Boot-time status output is now enabled automatically after a
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek short timeout if boot does not progress, in order to give
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the user an indication what she or he is waiting for.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * The boot-time output has been improved to show how much time
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering remains until jobs expire.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * The KillMode= switch in service units gained a new possible
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering value "mixed". If set, and the unit is shut down, then the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering initial SIGTERM signal is sent only to the main daemon
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering process, while the following SIGKILL signal is sent to
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering all remaining processes of the service.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * When a scope unit is registered, a new property "Controller"
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering may be set. If set to a valid bus name, systemd will send a
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering RequestStop() signal to this name when it would like to shut
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering down the scope. This may be used to hook manager logic into
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt the shutdown logic of scope units. Also, scope units may now
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering be put in a special "abandoned" state, in which case the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering manager process which created them takes no further
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering responsibilities for it.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * When reading unit files, systemd will now verify
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt the access mode of these files, and warn about certain
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John suspicious combinations. This has been added to make it
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering easier to track down packaging bugs where unit files are
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering marked executable or world-writable.
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek * systemd-nspawn gained a new "--setenv=" switch to set
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek container-wide environment variables. The similar option in
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek systemd-activate was renamed from "--environment=" to
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek "--setenv=" for consistency.
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek * systemd-nspawn has been updated to create a new kdbus domain
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek for each container that is invoked, thus allowing each
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek container to have its own set of system and user buses,
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek independent of the host.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * systemd-nspawn gained a new --drop-capability= switch to run
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the container with less capabilities than the default. Both
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering --drop-capability= and --capability= now take the special
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering string "all" for dropping or keeping all capabilities.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained new switches for executing containers
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering with specific SELinux labels set.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --quiet switch to not generate
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering any additional output but the container's own console
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --share-system switch to run a
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering container without PID namespacing enabled.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --register= switch to control
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering whether the container is registered with systemd-machined or
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering not. This is useful for containers that do not run full
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering OS images, but only specific apps.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --keep-unit which may be used
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek when invoked as the only program from a service unit, and
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering results in registration of the unit service itself in
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering systemd-machined, instead of a newly opened scope unit.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --network-interface= switch for
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering moving arbitrary interfaces to the container. The new
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering --network-veth switch creates a virtual Ethernet connection
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering between host and container. The new --network-bridge=
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering switch then allows assigning the host side of this virtual
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Ethernet connection to a bridge device.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --personality= switch for
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering setting the kernel personality for the container. This is
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering useful when running a 32bit container on a 64bit host. A
b97610038a122ff30e60b1996369ca4b979d8b19Kay Sievers similar option Personality= is now also available in service
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * logind will now also track a "Desktop" identifier for each
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering session which encodes the desktop environment of it. This is
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering useful for desktop environments that want to identify
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering multiple running sessions of itself easily.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new SELinuxContext= setting for service units has been
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering added that allows setting a specific SELinux execution
7e95eda5b36f4a5259e1e86989b5aee824d83d03Patrik Flykt context for a service.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Most systemd client tools will now honour $SYSTEMD_LESS for
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering settings of the "less" pager. By default, these tools will
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt override $LESS to allow certain operations to work, such as
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John jump-to-the-end. With $SYSTEMD_LESS, it is possible to
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John influence this logic.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * systemd's "seccomp" hook-up has been changed to make use of
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the libseccomp library instead of using its own
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering implementation. This has benefits for portability among
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * For usage together with SystemCallFilter=, a new
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering SystemCallErrorNumber= setting has been introduced that
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John allows configuration of a system error number to return on
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering filtered system calls, instead of immediately killing the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering process. Also, SystemCallArchitectures= has been added to
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering limit access to system calls of a particular architecture
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering (in order to turn off support for unused secondary
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering architectures). There is also a global
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering SystemCallArchitectures= setting in system.conf now to turn
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering off support for non-native system calls system-wide.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd requires a kernel with a working name_to_handle_at(),
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering please see the kernel config requirements in the README file.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John Contributions from: Adam Williamson, Alex Jia, Anatol Pomozov,
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John Ansgar Burchardt, AppleBloom, Auke Kok, Bastien Nocera,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Chengwei Yang, Christian Seiler, Colin Guthrie, Colin Walters,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Cristian Rodríguez, Daniel Buch, Daniele Medri, Daniel J
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Walsh, Daniel Mack, Dan McGee, Dave Reisner, David Coppa,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering David Herrmann, David Strauss, Djalal Harouni, Dmitry Pisklov,
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering Elia Pinto, Florian Weimer, George McCollister, Goffredo
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Baroncelli, Greg Kroah-Hartman, Hendrik Brueckner, Igor
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Zhbanov, Jan Engelhardt, Jan Janssen, Jason A. Donenfeld,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Jason St. John, Jasper St. Pierre, Jóhann B. Guðmundsson, Jose
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Ignacio Naranjo, Karel Zak, Kay Sievers, Kristian Høgsberg,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Lennart Poettering, Lubomir Rintel, Lukas Nykryn, Lukasz
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Skalski, Łukasz Stelmach, Luke Shumaker, Mantas Mikulėnas,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Marc-Antoine Perennou, Marcel Holtmann, Marcos Felipe Rasia de
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Mello, Marko Myllynen, Martin Pitt, Matthew Monaco, Michael
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Marineau, Michael Scherer, Michał Górny, Michal Sekletar,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Michele Curti, Oleksii Shevchuk, Olivier Brunel, Patrik Flykt,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Pavel Holica, Raudi, Richard Marko, Ronny Chevalier, Sébastien
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Luttringer, Sergey Ptashnick, Shawn Landden, Simon Peeters,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Stefan Beller, Susant Sahani, Sylvain Plantefeve, Sylvia Else,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Tero Roponen, Thomas Bächler, Thomas Hindoe Paaboel Andersen,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Tom Gundersen, Umut Tezduyar Lindskog, Unai Uribarri, Václav
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Pavlín, Vincent Batts, WaLyong Cho, William Giokas, Yang
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John Zhiyong, Yin Kangkai, Yuxuan Shui, Zbigniew Jędrzejewski-Szmek
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering -- Berlin, 2014-02-20
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart PoetteringCHANGES WITH 208:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * logind has gained support for facilitating privileged input
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering and drm device access for unprivileged clients. This work is
270f1624022039b370b9db311f9d33492833ad24Lennart Poettering useful to allow Wayland display servers (and similar
270f1624022039b370b9db311f9d33492833ad24Lennart Poettering programs, such as kmscon) to run under the user's ID and
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering access input and drm devices which are normally
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering protected. When this is used (and the kernel is new enough)
4670e9d5f23fc39360c086fb58eadf8b157ee205Jan Engelhardt logind will "mute" IO on the file descriptors passed to
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek Wayland as long as it is in the background and "unmute" it
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek if it returns into the foreground. This allows secure
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering session switching without allowing background sessions to
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering eavesdrop on input and display data. This also introduces
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering session switching support if VT support is turned off in the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering kernel, and on seats that are not seat0.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new kernel command line option luks.options= is understood
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering now which allows specifiying LUKS options for usage for LUKS
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering encrypted partitions specified with luks.uuid=.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * tmpfiles.d(5) snippets may now use specifier expansion in
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering path names. More specifically %m, %b, %H, %v, are now
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering replaced by the local machine id, boot id, hostname, and
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering kernel version number.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * A new tmpfiles.d(5) command "m" has been introduced which
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering may be used to change the owner/group/access mode of a file
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering or directory if it exists, but do nothing if it doesn't.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * This release removes high-level support for the
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek MemorySoftLimit= cgroup setting. The underlying kernel
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek cgroup attribute memory.soft_limit= is currently badly
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering designed and likely to be removed from the kernel API in its
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering current form, hence we shouldn't expose it for now.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The memory.use_hierarchy cgroup attribute is now enabled for
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt all cgroups systemd creates in the memory cgroup
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering hierarchy. This option is likely to be come the built-in
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering default in the kernel anyway, and the non-hierarchial mode
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering never made much sense in the intrinsically hierarchial
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering cgroup system.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new field _SYSTEMD_SLICE= is logged along with all journal
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering messages containing the slice a message was generated
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering from. This is useful to allow easy per-customer filtering of
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering logs among other things.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-journald will no longer adjust the group of journal
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering files it creates to the "systemd-journal" group. Instead we
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering rely on the journal directory to be owned by the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering "systemd-journal" group, and its setgid bit set, so that the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering kernel file system layer will automatically enforce that
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering journal files inherit this group assignment. The reason for
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering this change is that we cannot allow NSS look-ups from
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering journald which would be necessary to resolve
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering "systemd-journal" to a numeric GID, because this might
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering create deadlocks if NSS involves synchronous queries to
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering other daemons (such as nscd, or sssd) which in turn are
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering logging clients of journald and might block on it, which
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering would then dead lock. A tmpfiles.d(5) snippet included in
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering systemd will make sure the setgid bit and group are
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek properly set on the journal directory if it exists on every
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering boot. However, we recommend adjusting it manually after
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering upgrades too (or from RPM scriptlets), so that the change is
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering not delayed until next reboot.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Backlight and random seed files in /var/lib/ have moved into
4670e9d5f23fc39360c086fb58eadf8b157ee205Jan Engelhardt the /var/lib/systemd/ directory, in order to centralize all
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek systemd generated files in one directory.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * Boot time performance measurements (as displayed by
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek "systemd-analyze" for example) will now read ACPI 5.0 FPDT
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering performance information if that's available to determine how
c0c5af00bec95567435bdfb818c69b2b669adfedDaniel Buch much time BIOS and boot loader initialization required. With
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt a sufficiently new BIOS you hence no longer need to boot
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering with Gummiboot to get access to such information.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt Contributions from: Andrey Borzenkov, Chen Jie, Colin Walters,
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt Cristian Rodríguez, Dave Reisner, David Herrmann, David
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Mackey, David Strauss, Eelco Dolstra, Evan Callicoat, Gao
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John feng, Harald Hoyer, Jimmie Tauriainen, Kay Sievers, Lennart
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Poettering, Lukas Nykryn, Mantas Mikulėnas, Martin Pitt,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Michael Scherer, Michał Górny, Mike Gilbert, Patrick McCarty,
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering Sebastian Ott, Tom Gundersen, Zbigniew Jędrzejewski-Szmek
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering -- Berlin, 2013-10-02
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. JohnCHANGES WITH 207:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The Restart= option for services now understands a new
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt on-watchdog setting, which will restart the service
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering automatically if the service stops sending out watchdog keep
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering alive messages (as configured with WatchdogSec=).
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering * The getty generator (which is responsible for bringing up a
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering getty on configured serial consoles) will no longer only
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering start a getty on the primary kernel console but on all
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering others, too. This makes the order in which console= is
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering specified on the kernel command line less important.
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering * libsystemd-logind gained a new sd_session_get_vt() call to
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering retrieve the VT number of a session.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * If the option "tries=0" is set for an entry of /etc/crypttab
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering its passphrase is queried indefinitely instead of any
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering maximum number of tries.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * If a service with a configure PID file terminates its PID
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering file will now be removed automatically if it still exists
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John afterwards. This should put an end to stale PID files.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * systemd-run will now also take relative binary path names
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt for execution and no longer insists on absolute paths.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * InaccessibleDirectories= and ReadOnlyDirectories= now take
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt paths that are optionally prefixed with "-" to indicate that
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering it should not be considered a failure if they don't exist.
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers * journalctl -o (and similar commands) now understands a new
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers output mode "short-precise", it is similar to "short" but
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering shows timestamps with usec accuracy.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * The option "discard" (as known from Debian) is now
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt synonymous to "allow-discards" in /etc/crypttab. In fact,
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt "discard" is preferred now (since it is easier to remember
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers * Some licensing clean-ups were made, so that more code is now
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John LGPL-2.1 licensed than before.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * A minimal tool to save/restore the display backlight
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers brightness across reboots has been added. It will store the
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers backlight setting as late as possible at shutdown, and
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers restore it as early as possible during reboot.
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers * A logic to automatically discover and enable home and swap
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers partitions on GPT disks has been added. With this in place
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers /etc/fstab becomes optional for many setups as systemd can
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering discover certain partitions located on the root disk
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt automatically. Home partitions are recognized under their
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering GPT type ID 933ac7e12eb44f13b8440e14e2aef915. Swap
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering partitions are recognized under their GPT type ID
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering 0657fd6da4ab43c484e50933c84b4f4f.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd will no longer pass any environment from the kernel
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering or initrd to system services. If you want to set an
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering environment for all services, do so via the kernel command
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt line systemd.setenv= assignment.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The systemd-sysctl tool no longer natively reads the file
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering /etc/sysctl.conf. If desired, the file should be symlinked
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering from /etc/sysctl.d/99-sysctl.conf. Apart from providing
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering legacy support by a symlink rather than built-in code, it
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering also makes the otherwise hidden order of application of the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering different files visible. (Note that this partly reverts to a
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John pre-198 application order of sysctl knobs!)
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The "systemctl set-log-level" and "systemctl dump" commands
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek have been moved to systemd-analyze.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-run learned the new --remain-after-exit switch,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering which causes the scope unit not to be cleaned up
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek automatically after the process terminated.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * tmpfiles learned a new --exclude-prefix= switch to exclude
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering certain paths from operation.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * journald will now automatically flush all messages to disk
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek as soon as a message of the log priorities CRIT, ALERT or
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering EMERG is received.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Contributions from: Andrew Cook, Brandon Philips, Christian
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering Hesse, Christoph Junghans, Colin Walters, Daniel Schaal,
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek Daniel Wallace, Dave Reisner, David Herrmann, Gao feng, George
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek McCollister, Giovanni Campagna, Hannes Reinecke, Harald Hoyer,
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek Herczeg Zsolt, Holger Hans Peter Freyther, Jan Engelhardt,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Jesper Larsen, Kay Sievers, Khem Raj, Lennart Poettering,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Lukas Nykryn, Maciej Wereski, Mantas Mikulėnas, Marcel
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John Holtmann, Martin Pitt, Michael Biebl, Michael Marineau,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Michael Scherer, Michael Stapelberg, Michal Sekletar, Michał
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering Górny, Olivier Brunel, Ondrej Balaz, Ronny Chevalier, Shawn
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Landden, Steven Hiscocks, Thomas Bächler, Thomas Hindoe
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Paaboel Andersen, Tom Gundersen, Umut Tezduyar, WANG Chao,
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt William Giokas, Zbigniew Jędrzejewski-Szmek
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering -- Berlin, 2013-09-13
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart PoetteringCHANGES WITH 206:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The documentation has been updated to cover the various new
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering concepts introduced with 205.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * Unit files now understand the new %v specifier which
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering resolves to the kernel version string as returned by "uname
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemctl now supports filtering the unit list output by
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering load state, active state and sub state, using the new
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering --state= parameter.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * "systemctl status" will now show the results of the
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek condition checks (like ConditionPathExists= and similar) of
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the last start attempts of the unit. They are also logged to
b97610038a122ff30e60b1996369ca4b979d8b19Kay Sievers * "journalctl -b" may now be used to look for boot output of a
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John specific boot. Try "journalctl -b -1" for the previous boot,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering but the syntax is substantially more powerful.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * "journalctl --show-cursor" has been added which prints the
b97610038a122ff30e60b1996369ca4b979d8b19Kay Sievers cursor string the last shown log line. This may then be used
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering with the new "journalctl --after-cursor=" switch to continue
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering browsing logs from that point on.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * "journalctl --force" may now be used to force regeneration
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering of an FSS key.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Creation of "dead" device nodes has been moved from udev
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering into kmod and tmpfiles. Previously, udev would read the kmod
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering databases to pre-generate dead device nodes based on meta
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering information contained in kernel modules, so that these would
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering be auto-loaded on access rather then at boot. As this
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering doesn't really have much to do with the exposing actual
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering kernel devices to userspace this has always been slightly
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek alien in the udev codebase. Following the new scheme kmod
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering will now generate a runtime snippet for tmpfiles from the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering module meta information and it now is tmpfiles' job to the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering create the nodes. This also allows overriding access and
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering other parameters for the nodes using the usual tmpfiles
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John facilities. As side effect this allows us to remove the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering CAP_SYS_MKNOD capability bit from udevd entirely.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * logind's device ACLs may now be applied to these "dead"
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering devices nodes too, thus finally allowing managed access to
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering devices such as /dev/snd/sequencer whithout loading the
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt backing module right-away.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * A new RPM macro has been added that may be used to apply
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John tmpfiles configuration during package installation.
6afc95b73605833e6e966af1c466b5c08feb953fLennart Poettering * systemd-detect-virt and ConditionVirtualization= now can
6afc95b73605833e6e966af1c466b5c08feb953fLennart Poettering detect User-Mode-Linux machines (UML).
b8bde11658366290521e3d03316378b482600323Jan Engelhardt * journald will now implicitly log the effective capabilities
b8bde11658366290521e3d03316378b482600323Jan Engelhardt set of processes in the message metadata.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-cryptsetup has gained support for TrueCrypt volumes.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The initrd interface has been simplified (more specifically,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering support for passing performance data via environment
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering variables and fsck results via files in /run has been
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering removed). These features were non-essential, and are
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering nowadays available in a much nicer way by having systemd in
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the initrd serialize its state and have the hosts systemd
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering deserialize it again.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The udev "keymap" data files and tools to apply keyboard
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John specific mappings of scan to key codes, and force-release
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John scan code lists have been entirely replaced by a udev
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering "keyboard" builtin and a hwdb data file.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd will now honour the kernel's "quiet" command line
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering argument also during late shutdown, resulting in a
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering completely silent shutdown when used.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * There's now an option to control the SO_REUSEPORT socket
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt option in .socket units.
b8bde11658366290521e3d03316378b482600323Jan Engelhardt * Instance units will now automatically get a per-template
b8bde11658366290521e3d03316378b482600323Jan Engelhardt subslice of system.slice unless something else is explicitly
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering configured. For example, instances of sshd@.service will now
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering implicitly be placed in system-sshd.slice rather than
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * Test coverage support may now be enabled at build time.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Contributions from: Dave Reisner, Frederic Crozat, Harald
210054d76cf4d294533aa09256d375e33b52569fKay Sievers Hoyer, Holger Hans Peter Freyther, Jan Engelhardt, Jan
210054d76cf4d294533aa09256d375e33b52569fKay Sievers Janssen, Jason St. John, Jesper Larsen, Kay Sievers, Lennart
210054d76cf4d294533aa09256d375e33b52569fKay Sievers Poettering, Lukas Nykryn, Maciej Wereski, Martin Pitt, Michael
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Olbrich, Ramkumar Ramachandra, Ross Lagerwall, Shawn Landden,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Thomas H.P. Andersen, Tom Gundersen, Tomasz Torcz, William
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Giokas, Zbigniew Jędrzejewski-Szmek
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering -- Berlin, 2013-07-23
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart PoetteringCHANGES WITH 205:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Two new unit types have been introduced:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Scope units are very similar to service units, however, are
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering created out of pre-existing processes -- instead of PID 1
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering forking off the processes. By using scope units it is
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering possible for system services and applications to group their
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering own child processes (worker processes) in a powerful way
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering which then maybe used to organize them, or kill them
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering together, or apply resource limits on them.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Slice units may be used to partition system resources in an
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering hierarchial fashion and then assign other units to them. By
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering default there are now three slices: system.slice (for all
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering system services), user.slice (for all user sessions),
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering machine.slice (for VMs and containers).
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Slices and scopes have been introduced primarily in
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering context of the work to move cgroup handling to a
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering single-writer scheme, where only PID 1
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * There's a new concept of "transient" units. In contrast to
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering normal units these units are created via an API at runtime,
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering not from configuration from disk. More specifically this
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering means it is now possible to run arbitrary programs as
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering independent services, with all execution parameters passed
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering in via bus APIs rather than read from disk. Transient units
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering make systemd substantially more dynamic then it ever was,
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering and useful as a general batch manager.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * logind has been updated to make use of scope and slice units
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering for managing user sessions. As a user logs in he will get
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering his own private slice unit, to which all sessions are added
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering as scope units. We also added support for automatically
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering adding an instance of user@.service for the user into the
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering slice. Effectively logind will no longer create cgroup
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering hierarchies on its own now, it will defer entirely to PID 1
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering for this by means of scope, service and slice units. Since
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering user sessions this way become entities managed by PID 1
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering the output of "systemctl" is now a lot more comprehensive.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * A new mini-daemon "systemd-machined" has been added which
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering may be used by virtualization managers to register local
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering VMs/containers. nspawn has been updated accordingly, and
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering libvirt will be updated shortly. machined will collect a bit
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering of meta information about the VMs/containers, and assign
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt them their own scope unit (see above). The collected
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering meta-data is then made available via the "machinectl" tool,
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering and exposed in "ps" and similar tools. machined/machinectl
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering is compile-time optional.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * As discussed earlier, the low-level cgroup configuration
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt options ControlGroup=, ControlGroupModify=,
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering ControlGroupPersistent=, ControlGroupAttribute= have been
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering removed. Please use high-level attribute settings instead as
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering well as slice units.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * A new bus call SetUnitProperties() has been added to alter
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering various runtime parameters of a unit. This is primarily
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering useful to alter cgroup parameters dynamically in a nice way,
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering but will be extended later on to make more properties
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering modifiable at runtime. systemctl gained a new set-properties
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering command that wraps this call.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * A new tool "systemd-run" has been added which can be used to
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering run arbitrary command lines as transient services or scopes,
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering while configuring a number of settings via the command
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering line. This tool is currently very basic, however already
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering very useful. We plan to extend this tool to even allow
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering queuing of execution jobs with time triggers from the
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering command line, similar in fashion to "at".
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * nspawn will now inform the user explicitly that kernels with
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering audit enabled break containers, and suggest the user to turn
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * Support for detecting the IMA and AppArmor security
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering frameworks with ConditionSecurity= has been added.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * journalctl gained a new "-k" switch for showing only kernel
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering messages, mimicking dmesg output; in addition to "--user"
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering and "--system" switches for showing only user's own logs
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering and system logs.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * systemd-delta can now show information about drop-in
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering snippets extending unit files.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * libsystemd-bus has been substantially updated but is still
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering not available as public API.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * systemd will now look for the "debug" argument on the kernel
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering command line and enable debug logging, similar to
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering "systemd.log_level=debug" already did before.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * "systemctl set-default", "systemctl get-default" has been
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering added to configure the default.target symlink, which
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering controls what to boot into by default.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * "systemctl set-log-level" has been added as a convenient
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering way to raise and lower systemd logging threshold.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * "systemd-analyze plot" will now show the time the various
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering generators needed for execution, as well as information
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering about the unit file loading.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * libsystemd-journal gained a new sd_journal_open_files() call
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering for opening specific journal files. journactl also gained a
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering new switch to expose this new functionality. Previously we
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering only supported opening all files from a directory, or all
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay Sievers files from the system, as opening individual files only is
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering racy due to journal file rotation.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * systemd gained the new DefaultEnvironment= setting in
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering /etc/systemd/system.conf to set environment variables for
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * If a privileged process logs a journal message with the
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering OBJECT_PID= field set, then journald will automatically
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering augment this with additional OBJECT_UID=, OBJECT_GID=,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering OBJECT_COMM=, OBJECT_EXE=, ... fields. This is useful if
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering system services want to log events about specific client
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering processes. journactl/systemctl has been updated to make use
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering of this information if all log messages regarding a specific
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering unit is requested.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Contributions from: Auke Kok, Chengwei Yang, Colin Walters,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Cristian Rodríguez, Daniel Albers, Daniel Wallace, Dave
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Reisner, David Coppa, David King, David Strauss, Eelco
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Dolstra, Gabriel de Perthuis, Harald Hoyer, Jan Alexander
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Steffens, Jan Engelhardt, Jan Janssen, Jason St. John, Johan
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Heikkilä, Karel Zak, Karol Lewandowski, Kay Sievers, Lennart
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Poettering, Lukas Nykryn, Mantas Mikulėnas, Marius Vollmer,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Martin Pitt, Michael Biebl, Michael Olbrich, Michael Tremer,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Michal Schmidt, Michał Bartoszkiewicz, Nirbheek Chauhan,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Pierre Neidhardt, Ross Burton, Ross Lagerwall, Sean McGovern,
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Václav Pavlín, Zachary Cook, Zbigniew Jędrzejewski-Szmek,
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay Sievers Łukasz Stelmach, 장동준
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart PoetteringCHANGES WITH 204:
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * The Python bindings gained some minimal support for the APIs
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering exposed by libsystemd-logind.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * ConditionSecurity= gained support for detecting SMACK. Since
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering this condition already supports SELinux and AppArmor we only
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay Sievers miss IMA for this. Patches welcome!
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Contributions from: Karol Lewandowski, Lennart Poettering,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Zbigniew Jędrzejewski-Szmek
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay SieversCHANGES WITH 203:
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * systemd-nspawn will now create /etc/resolv.conf if
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering necessary, before bind-mounting the host's file onto it.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * systemd-nspawn will now store meta information about a
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering container on the container's cgroup as extended attribute
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering fields, including the root directory.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * The cgroup hierarchy has been reworked in many ways. All
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering objects any of the components systemd creates in the cgroup
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering tree are now suffixed. More specifically, user sessions are
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering now placed in cgroups suffixed with ".session", users in
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering cgroups suffixed with ".user", and nspawn containers in
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering cgroups suffixed with ".nspawn". Furthermore, all cgroup
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering names are now escaped in a simple scheme to avoid collision
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering of userspace object names with kernel filenames. This work
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering is preparation for making these objects relocatable in the
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering cgroup tree, in order to allow easy resource partitioning of
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering these objects without causing naming conflicts.
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering * systemctl list-dependencies gained the new switches
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering --plain, --reverse, --after and --before.
04bf3c1a60d82791e0320381e9268f727708f776Kay Sievers * systemd-inhibit now shows the process name of processes that
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering have taken an inhibitor lock.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * nss-myhostname will now also resolve "localhost"
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering implicitly. This makes /etc/hosts an optional file and
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering nicely handles that on IPv6 ::1 maps to both "localhost" and
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering the local hostname.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * libsystemd-logind.so gained a new call
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering sd_get_machine_names() to enumerate running containers and
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering VMs (currently only supported by very new libvirt and
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering nspawn). sd_login_monitor can now be used to watch
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering VMs/containers coming and going.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * .include is not allowed recursively anymore, and only in
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering unit files. Usually it is better to use drop-in snippets in
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering .d/*.conf anyway, as introduced with systemd 198.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * systemd-analyze gained a new "critical-chain" command that
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering determines the slowest chain of units run during system
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering boot-up. It is very useful for tracking down where
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering optimizing boot time is the most beneficial.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * systemd will no longer allow manipulating service paths in
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering the name=systemd:/system cgroup tree using ControlGroup= in
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering units. (But is still fine with it in all other dirs.)
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * There's a new systemd-nspawn@.service service file that may
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering be used to easily run nspawn containers as system
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering services. With the container's root directory in
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering /var/lib/container/foobar it is now sufficient to run
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering "systemctl start systemd-nspawn@foobar.service" to boot it.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * systemd-cgls gained a new parameter "--machine" to list only
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering the processes within a certain container.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * ConditionSecurity= now can check for "apparmor". We still
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering are lacking checks for SMACK and IMA for this condition
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering check though. Patches welcome!
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * A new configuration file /etc/systemd/sleep.conf has been
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering added that may be used to configure which kernel operation
33b521be152f67cd722695ba9a2966eda5ee6765Maciej Wereski systemd is supposed to execute when "suspend", "hibernate"
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering or "hybrid-sleep" is requested. This makes the new kernel
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering "freeze" state accessible to the user.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * ENV{SYSTEMD_WANTS} in udev rules will now implicitly escape
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering the passed argument if applicable.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering Contributions from: Auke Kok, Colin Guthrie, Colin Walters,
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering Cristian Rodríguez, Daniel Buch, Daniel Wallace, Dave Reisner,
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering Evangelos Foutras, Greg Kroah-Hartman, Harald Hoyer, Josh
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering Triplett, Kay Sievers, Lennart Poettering, Lukas Nykryn,
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering MUNEDA Takahiro, Mantas Mikulėnas, Mirco Tischler, Nathaniel
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering Chen, Nirbheek Chauhan, Ronny Chevalier, Ross Lagerwall, Tom
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering Gundersen, Umut Tezduyar, Ville Skyttä, Zbigniew
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering Jędrzejewski-Szmek
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart PoetteringCHANGES WITH 202:
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * The output of 'systemctl list-jobs' got some polishing. The
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering '--type=' argument may now be passed more than once. A new
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering command 'systemctl list-sockets' has been added which shows
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering a list of kernel sockets systemd is listening on with the
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering socket units they belong to, plus the units these socket
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering units activate.
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * The experimental libsystemd-bus library got substantial
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering updates to work in conjunction with the (also experimental)
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering kdbus kernel project. It works well enough to exchange
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering messages with some sophistication. Note that kdbus is not
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering ready yet, and the library is mostly an elaborate test case
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering for now, and not installable.
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * systemd gained a new unit 'systemd-static-nodes.service'
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering that generates static device nodes earlier during boot, and
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering can run in conjunction with udev.
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * libsystemd-login gained a new call sd_pid_get_user_unit()
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering to retrieve the user systemd unit a process is running
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering in. This is useful for systems where systemd is used as
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering session manager.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * systemd-nspawn now places all containers in the new /machine
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering top-level cgroup directory in the name=systemd
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering hierarchy. libvirt will soon do the same, so that we get a
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering uniform separation of /system, /user and /machine for system
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering services, user processes and containers/virtual
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering machines. This new cgroup hierarchy is also useful to stick
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering stable names to specific container instances, which can be
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering recognized later this way (this name may be controlled
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering via systemd-nspawn's new -M switch). libsystemd-login also
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering gained a new call sd_pid_get_machine_name() to retrieve the
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering name of the container/VM a specific process belongs to.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * bootchart can now store its data in the journal.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering * libsystemd-journal gained a new call
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering sd_journal_add_conjunction() for AND expressions to the
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering matching logic. This can be used to express more complex
28f5c779e5513ab1301ac103471009711b0961e0Kay Sievers logical expressions.
28f5c779e5513ab1301ac103471009711b0961e0Kay Sievers * journactl can now take multiple --unit= and --user-unit=
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * The cryptsetup logic now understands the "luks.key=" kernel
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering command line switch for specifying a file to read the
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering decryption key from. Also, if a configured key file is not
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering found the tool will now automatically fall back to prompting
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * Python systemd.journal module was updated to wrap recently
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering added functions from libsystemd-journal. The interface was
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering changed to bring the low level interface in s.j._Reader
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering closer to the C API, and the high level interface in
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering s.j.Reader was updated to wrap and convert all data about
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Contributions from: Anatol Pomozov, Auke Kok, Harald Hoyer,
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Henrik Grindal Bakken, Josh Triplett, Kay Sievers, Lennart
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Poettering, Lukas Nykryn, Mantas Mikulėnas Marius Vollmer,
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Martin Jansa, Martin Pitt, Michael Biebl, Michal Schmidt,
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Mirco Tischler, Pali Rohar, Simon Peeters, Steven Hiscocks,
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering Tom Gundersen, Zbigniew Jędrzejewski-Szmek
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart PoetteringCHANGES WITH 201:
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering * journalctl --update-catalog now understands a new --root=
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering option to operate on catalogs found in a different root
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * During shutdown after systemd has terminated all running
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering services a final killing loop kills all remaining left-over
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering processes. We will now print the name of these processes
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering when we send SIGKILL to them, since this usually indicates a
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * If /etc/crypttab refers to password files stored on
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering configured mount points automatic dependencies will now be
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering generated to ensure the specific mount is established first
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering before the key file is attempted to be read.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * 'systemctl status' will now show information about the
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering network sockets a socket unit is listening on.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * 'systemctl status' will also shown information about any
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering drop-in configuration file for units. (Drop-In configuration
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering files in this context are files such as
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering /etc/systemd/systemd/foobar.service.d/*.conf)
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * systemd-cgtop now optionally shows summed up CPU times of
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering cgroups. Press '%' while running cgtop to switch between
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering percentage and absolute mode. This is useful to determine
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering which cgroups use up the most CPU time over the entire
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering runtime of the system. systemd-cgtop has also been updated
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering to be 'pipeable' for processing with further shell tools.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * 'hostnamectl set-hostname' will now allow setting of FQDN
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * The formatting and parsing of time span values has been
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering changed. The parser now understands fractional expressions
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering such as "5.5h". The formatter will now output fractional
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering expressions for all time spans under 1min, i.e. "5.123456s"
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering rather than "5s 123ms 456us". For time spans under 1s
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering millisecond values are shown, for those under 1ms
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering microsecond values are shown. This should greatly improve
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering all time-related output of systemd.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * libsystemd-login and libsystemd-journal gained new
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering functions for querying the poll() events mask and poll()
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering timeout value for integration into arbitrary event
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * localectl gained the ability to list available X11 keymaps
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering (models, layouts, variants, options).
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * 'systemd-analyze dot' gained the ability to filter for
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering specific units via shell-style globs, to create smaller,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering more useful graphs. I.e. it's now possible to create simple
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering graphs of all the dependencies between only target units, or
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering of all units that Avahi has dependencies with.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Contributions from: Cristian Rodríguez, Dr. Tilmann Bubeck,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Harald Hoyer, Holger Hans Peter Freyther, Kay Sievers, Kelly
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Anderson, Koen Kooi, Lennart Poettering, Maksim Melnikau,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Marc-Antoine Perennou, Marius Vollmer, Martin Pitt, Michal
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Schmidt, Oleksii Shevchuk, Ronny Chevalier, Simon McVittie,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Steven Hiscocks, Thomas Weißschuh, Umut Tezduyar, Václav
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Pavlín, Zbigniew Jędrzejewski-Szmek, Łukasz Stelmach
00aa832b948a27507c33e2157e46963852cffc85Lennart PoetteringCHANGES WITH 200:
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * The boot-time readahead implementation for rotating media
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering will now read the read-ahead data in multiple passes which
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering consist of all read requests made in equidistant time
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering intervals. This means instead of strictly reading read-ahead
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering data in its physical order on disk we now try to find a
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering middle ground between physical and access time order.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * /etc/os-release files gained a new BUILD_ID= field for usage
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering on operating systems that provide continuous builds of OS
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Contributions from: Auke Kok, Eelco Dolstra, Kay Sievers,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Lennart Poettering, Lukas Nykryn, Martin Pitt, Václav Pavlín
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering William Douglas, Zbigniew Jędrzejewski-Szmek
00aa832b948a27507c33e2157e46963852cffc85Lennart PoetteringCHANGES WITH 199:
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * systemd-python gained an API exposing libsystemd-daemon.
1fda0ab5fc9cf7454c8da32941e433dc38ba9991Zbigniew Jędrzejewski-Szmek * The SMACK setup logic gained support for uploading CIPSO
1fda0ab5fc9cf7454c8da32941e433dc38ba9991Zbigniew Jędrzejewski-Szmek security policy.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * Behaviour of PrivateTmp=, ReadWriteDirectories=,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering ReadOnlyDirectories= and InaccessibleDirectories= has
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering changed. The private /tmp and /var/tmp directories are now
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering shared by all processes of a service (which means
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering ExecStartPre= may now leave data in /tmp that ExecStart= of
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering the same service can still access). When a service is
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering stopped its temporary directories are immediately deleted
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering (normal clean-up with tmpfiles is still done in addition to
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * By default, systemd will now set a couple of sysctl
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering variables in the kernel: the safe sysrq options are turned
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering on, IP route verification is turned on, and source routing
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering disabled. The recently added hardlink and softlink
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering protection of the kernel is turned on. These settings should
1fda0ab5fc9cf7454c8da32941e433dc38ba9991Zbigniew Jędrzejewski-Szmek be reasonably safe, and good defaults for all new systems.
1fda0ab5fc9cf7454c8da32941e433dc38ba9991Zbigniew Jędrzejewski-Szmek * The predictable network naming logic may now be turned off
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering with a new kernel command line switch: net.ifnames=0.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * A new libsystemd-bus module has been added that implements a
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering pretty complete D-Bus client library. For details see:
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering http://lists.freedesktop.org/archives/systemd-devel/2013-March/009797.html
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * journald will now explicitly flush the journal files to disk
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering at the latest 5min after each write. The file will then also
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering be marked offline until the next write. This should increase
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering reliability in case of a crash. The synchronization delay
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering can be configured via SyncIntervalSec= in journald.conf.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * There's a new remote-fs-setup.target unit that can be used
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering to pull in specific services when at least one remote file
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering system is to be mounted.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * There are new targets timers.target and paths.target as
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering canonical targets to pull user timer and path units in
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering from. This complements sockets.target with a similar
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering purpose for socket units.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * libudev gained a new call udev_device_set_attribute_value()
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering to set sysfs attributes of a device.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering * The udev daemon now sets the default number of worker
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering processes executed in parallel based on the number of available
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering CPUs instead of the amount of available RAM. This is supposed
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering to provide a more reliable default and limit a too aggressive
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering paralellism for setups with 1000s of devices connected.
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Contributions from: Auke Kok, Colin Walters, Cristian
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Rodríguez, Daniel Buch, Dave Reisner, Frederic Crozat, Hannes
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Reinecke, Harald Hoyer, Jan Alexander Steffens, Jan
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Engelhardt, Josh Triplett, Kay Sievers, Lennart Poettering,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Mantas Mikulėnas, Martin Pitt, Mathieu Bridon, Michael Biebl,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Michal Schmidt, Michal Sekletar, Miklos Vajna, Nathaniel Chen,
00aa832b948a27507c33e2157e46963852cffc85Lennart Poettering Oleksii Shevchuk, Ozan Çağlayan, Thomas Hindoe Paaboel
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering Andersen, Tollef Fog Heen, Tom Gundersen, Umut Tezduyar,
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering Zbigniew Jędrzejewski-Szmek
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart PoetteringCHANGES WITH 198:
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering * Configuration of unit files may now be extended via drop-in
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering files without having to edit/override the unit files
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering themselves. More specifically, if the administrator wants to
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering change one value for a service file foobar.service he can
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering now do so by dropping in a configuration snippet into
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering /etc/systemd/system/foobar.service.d/*.conf. The unit logic
606c24e3bd41207c395f24a56bcfcad791e265a5Lennart Poettering will load all these snippets and apply them on top of the
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering main unit configuration file, possibly extending or
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering overriding its settings. Using these drop-in snippets is
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering generally nicer than the two earlier options for changing
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering unit files locally: copying the files from
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering /usr/lib/systemd/system/ to /etc/systemd/system/ and editing
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering them there; or creating a new file in /etc/systemd/system/
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering that incorporates the original one via ".include". Drop-in
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering snippets into these .d/ directories can be placed in any
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering directory systemd looks for units in, and the usual
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering overriding semantics between /usr/lib, /etc and /run apply
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * Most unit file settings which take lists of items can now be
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering reset by assigning the empty string to them. For example,
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering normally, settings such as Environment=FOO=BAR append a new
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering environment variable assignment to the environment block,
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering each time they are used. By assigning Environment= the empty
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering string the environment block can be reset to empty. This is
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering particularly useful with the .d/*.conf drop-in snippets
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering mentioned above, since this adds the ability to reset list
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering settings from vendor unit files via these drop-ins.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * systemctl gained a new "list-dependencies" command for
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering listing the dependencies of a unit recursively.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * Inhibitors are now honored and listed by "systemctl
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering suspend", "systemctl poweroff" (and similar) too, not only
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering GNOME. These commands will also list active sessions by
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * Resource limits (as exposed by the various control group
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering controllers) can now be controlled dynamically at runtime
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering for all units. More specifically, you can now use a command
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering like "systemctl set-cgroup-attr foobar.service cpu.shares
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering 2000" to alter the CPU shares a specific service gets. These
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering settings are stored persistently on disk, and thus allow the
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering administrator to easily adjust the resource usage of
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering services with a few simple commands. This dynamic resource
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering management logic is also available to other programs via the
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering bus. Almost any kernel cgroup attribute and controller is
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * systemd-vconsole-setup will now copy all font settings to
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering all allocated VTs, where it previously applied them only to
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering the foreground VT.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * libsystemd-login gained the new sd_session_get_tty() API
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * This release drops support for a few legacy or
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering distribution-specific LSB facility names when parsing init
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering scripts: $x-display-manager, $mail-transfer-agent,
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering $mail-transport-agent, $mail-transfer-agent, $smtp,
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering $null. Also, the mail-transfer-agent.target unit backing
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering this has been removed. Distributions which want to retain
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering compatibility with this should carry the burden for
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering supporting this themselves and patch support for these back
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering in, if they really need to. Also, the facilities $syslog and
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering $local_fs are now ignored, since systemd does not support
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering early-boot LSB init scripts anymore, and these facilities
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering are implied anyway for normal services. syslog.target has
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering also been removed.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * There are new bus calls on PID1's Manager object for
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering cancelling jobs, and removing snapshot units. Previously,
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering both calls were only available on the Job and Snapshot
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering objects themselves.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * systemd-journal-gatewayd gained SSL support.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * The various "environment" files, such as /etc/locale.conf
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering now support continuation lines with a backslash ("\") as
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering last character in the line, similar in style (but different)
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering to how this is supported in shells.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * For normal user processes the _SYSTEMD_USER_UNIT= field is
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering now implicitly appended to every log entry logged. systemctl
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering has been updated to filter by this field when operating on a
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering user systemd instance.
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering * nspawn will now implicitly add the CAP_AUDIT_WRITE and
2f3fcf85c5fa6c9c483b31823a0efdd28914c756Lennart Poettering CAP_AUDIT_CONTROL capabilities to the capabilities set for
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering the container. This makes it easier to boot unmodified
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering Fedora systems in a container, which however still requires
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering audit=0 to be passed on the kernel command line. Auditing in
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering kernel and userspace is unfortunately still too broken in
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering context of containers, hence we recommend compiling it out
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering of the kernel or using audit=0. Hopefully this will be fixed
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering one day for good in the kernel.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * nspawn gained the new --bind= and --bind-ro= parameters to
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering bind mount specific directories from the host into the
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * nspawn will now mount its own devpts file system instance
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering into the container, in order not to leak pty devices from
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering the host into the container.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * systemd will now read the firmware boot time performance
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering information from the EFI variables, if the used boot loader
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering supports this, and takes it into account for boot performance
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering analysis via "systemd-analyze". This is currently supported
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering only in conjunction with Gummiboot, but could be supported
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering by other boot loaders too. For details see:
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering http://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * A new generator has been added that automatically mounts the
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering EFI System Partition (ESP) to /boot, if that directory
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering exists, is empty, and no other file system has been
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering configured to be mounted there.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * logind will now send out PrepareForSleep(false) out
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering unconditionally, after coming back from suspend. This may be
7c04ad2da1cf08ebf53b9aa9671c8c1dc9577135Lennart Poettering used by applications as asynchronous notification for
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering system resume events.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * "systemctl unlock-sessions" has been added, that allows
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering unlocking the screens of all user sessions at once, similar
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering how "systemctl lock-sessions" already locked all users
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering sessions. This is backed by a new D-Bus call UnlockSessions().
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * "loginctl seat-status" will now show the master device of a
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering seat. (i.e. the device of a seat that needs to be around for
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering the seat to be considered available, usually the graphics
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * tmpfiles gained a new "X" line type, that allows
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering configuration of files and directories (with wildcards) that
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering shall be excluded from automatic cleanup ("aging").
7c04ad2da1cf08ebf53b9aa9671c8c1dc9577135Lennart Poettering * udev default rules set the device node permissions now only
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering at "add" events, and do not change them any longer with a
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering later "change" event.
cbeabcfbc5a5fa27385e5794780e8f034e090606Zbigniew Jędrzejewski-Szmek * The log messages for lid events and power/sleep keypresses
cbeabcfbc5a5fa27385e5794780e8f034e090606Zbigniew Jędrzejewski-Szmek now carry a message ID.
cbeabcfbc5a5fa27385e5794780e8f034e090606Zbigniew Jędrzejewski-Szmek * We now have a substantially larger unit test suite, but this
cbeabcfbc5a5fa27385e5794780e8f034e090606Zbigniew Jędrzejewski-Szmek continues to be work in progress.
cbeabcfbc5a5fa27385e5794780e8f034e090606Zbigniew Jędrzejewski-Szmek * udevadm hwdb gained a new --root= parameter to change the
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering root directory to operate relative to.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering * logind will now issue a background sync() request to the kernel
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering early at shutdown, so that dirty buffers are flushed to disk early
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering instead of at the last moment, in order to optimize shutdown
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poettering times a little.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * A new bootctl tool has been added that is an interface for
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering certain boot loader operations. This is currently a preview
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering and is likely to be extended into a small mechanism daemon
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering like timedated, localed, hostnamed, and can be used by
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering graphical UIs to enumerate available boot options, and
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering request boot into firmware operations.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * systemd-bootchart has been relicensed to LGPLv2.1+ to match
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering the rest of the package. It also has been updated to work
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering correctly in initrds.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * Policykit previously has been runtime optional, and is now
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering also compile time optional via a configure switch.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * systemd-analyze has been reimplemented in C. Also "systemctl
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering dot" has moved into systemd-analyze.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * "systemctl status" with no further parameters will now print
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering the status of all active or failed units.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * Operations such as "systemctl start" can now be executed
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering with a new mode "--irreversible" which may be used to queue
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering operations that cannot accidentally be reversed by a later
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering job queuing. This is by default used to make shutdown
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering requests more robust.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * The Python API of systemd now gained a new module for
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering reading journal files.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * A new tool kernel-install has been added that can install
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering kernel images according to the Boot Loader Specification:
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * Boot time console output has been improved to provide
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering animated boot time output for hanging jobs.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * A new tool systemd-activate has been added which can be used
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering to test socket activation with, directly from the command
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering line. This should make it much easier to test and debug
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering socket activation in daemons.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * journalctl gained a new "--reverse" (or -r) option to show
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering journal output in reverse order (i.e. newest line first).
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * journalctl gained a new "--pager-end" (or -e) option to jump
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering to immediately jump to the end of the journal in the
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering pager. This is only supported in conjunction with "less".
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * journalctl gained a new "--user-unit=" option, that works
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering similar to "--unit=" but filters for user units rather than
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * A number of unit files to ease adoption of systemd in
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt initrds has been added. This moves some minimal logic from
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering the various initrd implementations into systemd proper.
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering * The journal files are now owned by a new group
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering "systemd-journal", which exists specifically to allow access
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering to the journal, and nothing else. Previously, we used the
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering "adm" group for that, which however possibly covers more
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering than just journal/log file access. This new group is now
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering already used by systemd-journal-gatewayd to ensure this
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering daemon gets access to the journal files and as little else
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering as possible. Note that "make install" will also set FS ACLs
d3a86981d1ae4c1d668e18868c3e6c9d2f23c144Lennart Poettering up for /var/log/journal to give "adm" and "wheel" read
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering access to it, in addition to "systemd-journal" which owns
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering the journal files. We recommend that packaging scripts also
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering add read access to "adm" + "wheel" to /var/log/journal, and
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering all existing/future journal files. To normal users and
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering administrators little changes, however packagers need to
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering ensure to create the "systemd-journal" system group at
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering package installation time.
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering * The systemd-journal-gatewayd now runs as unprivileged user
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering systemd-journal-gateway:systemd-journal-gateway. Packaging
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering scripts need to create these system user/group at
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering installation time.
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering * timedated now exposes a new boolean property CanNTP that
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering indicates whether a local NTP service is available or not.
9ca3c17f207121b3c19a44217558b056a7585944Lennart Poettering * systemd-detect-virt will now also detect xen PVs
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * The pstore file system is now mounted by default, if it is
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * In addition to the SELinux and IMA policies we will now also
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering load SMACK policies at early boot.
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Contributions from: Adel Gadllah, Aleksander Morgado, Auke
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Kok, Ayan George, Bastien Nocera, Colin Walters, Daniel Buch,
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Daniel Wallace, Dave Reisner, David Herrmann, David Strauss,
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Eelco Dolstra, Enrico Scholz, Frederic Crozat, Harald Hoyer,
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Jan Janssen, Jonathan Callen, Kay Sievers, Lennart Poettering,
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Lukas Nykryn, Mantas Mikulėnas, Marc-Antoine Perennou, Martin
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Pitt, Mauro Dreissig, Max F. Albrecht, Michael Biebl, Michael
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek Olbrich, Michal Schmidt, Michal Sekletar, Michal Vyskocil,
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Michał Bartoszkiewicz, Mirco Tischler, Nathaniel Chen, Nestor
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Ovroy, Oleksii Shevchuk, Paul W. Frields, Piotr Drąg, Rob
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Clark, Ryan Lortie, Simon McVittie, Simon Peeters, Steven
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Hiscocks, Thomas Hindoe Paaboel Andersen, Tollef Fog Heen, Tom
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Gundersen, Umut Tezduyar, William Giokas, Zbigniew
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering Jędrzejewski-Szmek, Zeeshan Ali (Khattak)
35911459410714a0e9108b35da78f96919b65ee7Lennart PoetteringCHANGES WITH 197:
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * Timer units now support calendar time events in addition to
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek monotonic time events. That means you can now trigger a unit
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering based on a calendar time specification such as "Thu,Fri
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering 2013-*-1,5 11:12:13" which refers to 11:12:13 of the first
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering or fifth day of any month of the year 2013, given that it is
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering a thursday or friday. This brings timer event support
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering considerably closer to cron's capabilities. For details on
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering the supported calendar time specification language see
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek * udev now supports a number of different naming policies for
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek network interfaces for predictable names, and a combination
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek of these policies is now the default. Please see this wiki
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering document for details:
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * Auke Kok's bootchart implementation has been added to the
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering systemd tree. It's an optional component that can graph the
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering boot in quite some detail. It's one of the best bootchart
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering implementations around and minimal in its code and
6a7d3d68bf1ae9bcdaa3a17bc76f72bb7b988ec4Lennart Poettering * nss-myhostname has been integrated into the systemd source
6a7d3d68bf1ae9bcdaa3a17bc76f72bb7b988ec4Lennart Poettering tree. nss-myhostname guarantees that the local hostname
6a7d3d68bf1ae9bcdaa3a17bc76f72bb7b988ec4Lennart Poettering always stays resolvable via NSS. It has been a weak
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek requirement of systemd-hostnamed since a long time, and
a87197f5a22688626dc9bead29ddc1c572b074b9Zbigniew Jędrzejewski-Szmek since its code is actually trivial we decided to just
c20d8298029a39cc3e9602b30a4d23b951e11df8Kay Sievers include it in systemd's source tree. It can be turned off
ab06eef8101866dd1337c4759002f7360a9db416Anatol Pomozov with a configure switch.
c20d8298029a39cc3e9602b30a4d23b951e11df8Kay Sievers * The read-ahead logic is now capable of properly detecting
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering whether a btrfs file system is on SSD or rotating media, in
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering order to optimize the read-ahead scheme. Previously, it was
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering only capable of detecting this on traditional file systems
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * In udev, additional device properties are now read from the
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering IAB in addition to the OUI database. Also, Bluetooth company
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering identities are attached to the devices as well.
35911459410714a0e9108b35da78f96919b65ee7Lennart Poettering * In service files %U may be used as specifier that is
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering replaced by the configured user name of the service.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * nspawn may now be invoked without a controlling TTY. This
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering makes it suitable for invocation as its own service. This
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering may be used to set up a simple containerized server system
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering using only core OS tools.
ad88e758d1b08a21d25971b074e119c167757109Zbigniew Jędrzejewski-Szmek * systemd and nspawn can now accept socket file descriptors
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering when they are started for socket activation. This enables
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering implementation of socket activated nspawn
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering containers. i.e. think about autospawning an entire OS image
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers when the first SSH or HTTP connection is received. We expect
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers that similar functionality will also be added to libvirt-lxc
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * journalctl will now suppress ANSI color codes when
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering presenting log data.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * systemctl will no longer show control group information for
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering a unit if a the control group is empty anyway.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * logind can now automatically suspend/hibernate/shutdown the
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering system on idle.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * /etc/machine-info and hostnamed now also expose the chassis
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering type of the system. This can be used to determine whether
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering the local system is a laptop, desktop, handset or
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering tablet. This information may either be configured by the
156f7d09add8fc93cae8a3f13adcb2564931fee4Kay Sievers user/vendor or is automatically determined from ACPI and DMI
156f7d09add8fc93cae8a3f13adcb2564931fee4Kay Sievers information if possible.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * A number of PolicyKit actions are now bound together with
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering "imply" rules. This should simplify creating UIs because
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering many actions will now authenticate similar ones as well.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * Unit files learnt a new condition ConditionACPower= which
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering may be used to conditionalize a unit depending on whether an
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering AC power source is connected or not, of whether the system
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering is running on battery power.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * systemctl gained a new "is-failed" verb that may be used in
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering shell scripts and suchlike to check whether a specific unit
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering is in the "failed" state.
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering * The EnvironmentFile= setting in unit files now supports file
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering globbing, and can hence be used to easily read a number of
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering environment files at once.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * systemd will no longer detect and recognize specific
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering distributions. All distribution-specific #ifdeffery has been
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering removed, systemd is now fully generic and
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering distribution-agnostic. Effectively, not too much is lost as
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering a lot of the code is still accessible via explicit configure
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering switches. However, support for some distribution specific
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering legacy configuration file formats has been dropped. We
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering recommend distributions to simply adopt the configuration
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering files everybody else uses now and convert the old
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering configuration from packaging scripts. Most distributions
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering already did that. If that's not possible or desirable,
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering distributions are welcome to forward port the specific
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering pieces of code locally from the git history.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * When logging a message about a unit systemd will now always
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering log the unit name in the message meta data.
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering * localectl will now also discover system locale data that is
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering not stored in locale archives, but directly unpacked.
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering * logind will no longer unconditionally use framebuffer
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering devices as seat masters, i.e. as devices that are required
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering to be existing before a seat is considered preset. Instead,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering it will now look for all devices that are tagged as
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers "seat-master" in udev. By default framebuffer devices will
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering be marked as such, but depending on local systems other
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering devices might be marked as well. This may be used to
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering integrate graphics cards using closed source drivers (such
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering as NVidia ones) more nicely into logind. Note however, that
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering we recommend using the open source NVidia drivers instead,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering and no udev rules for the closed-source drivers will be
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering shipped from us upstream.
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek Contributions from: Adam Williamson, Alessandro Crismani, Auke
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Kok, Colin Walters, Daniel Wallace, Dave Reisner, David
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Herrmann, David Strauss, Dimitrios Apostolou, Eelco Dolstra,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Eric Benoit, Giovanni Campagna, Hannes Reinecke, Henrik
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Grindal Bakken, Hermann Gausterer, Kay Sievers, Lennart
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Poettering, Lukas Nykryn, Mantas Mikulėnas, Marcel Holtmann,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Martin Pitt, Matthew Monaco, Michael Biebl, Michael Terry,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Michal Schmidt, Michal Sekletar, Michał Bartoszkiewicz, Oleg
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Samarin, Pekka Lundstrom, Philip Nilsson, Ramkumar
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Ramachandra, Richard Yao, Robert Millan, Sami Kerola, Shawn
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Landden, Thomas Hindoe Paaboel Andersen, Thomas Jarosch,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Tollef Fog Heen, Tom Gundersen, Umut Tezduyar, Zbigniew
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Jędrzejewski-Szmek
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart PoetteringCHANGES WITH 196:
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * udev gained support for loading additional device properties
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering from an indexed database that is keyed by vendor/product IDs
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering and similar device identifiers. For the beginning this
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering "hwdb" is populated with data from the well-known PCI and
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering USB database, but also includes PNP, ACPI and OID data. In
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering the longer run this indexed database shall grow into
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers becoming the one central database for non-essential
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering userspace device metadata. Previously, data from the PCI/USB
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering database was only attached to select devices, since the
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering lookup was a relatively expensive operation due to O(n) time
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering complexity (with n being the number of entries in the
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering database). Since this is now O(1), we decided to add in this
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering data for all devices where this is available, by
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering default. Note that the indexed database needs to be rebuilt
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering when new data files are installed. To achieve this you need
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering to update your packaging scripts to invoke "udevadm hwdb
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering --update" after installation of hwdb data files. For
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering RPM-based distributions we introduced the new
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering %udev_hwdb_update macro for this purpose.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * The Journal gained support for the "Message Catalog", an
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering indexed database to link up additional information with
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering journal entries. For further details please check:
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering http://www.freedesktop.org/wiki/Software/systemd/catalog
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering The indexed message catalog database also needs to be
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering rebuilt after installation of message catalog files. Use
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering "journalctl --update-catalog" for this. For RPM-based
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering distributions we introduced the %journal_catalog_update
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering macro for this purpose.
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers * The Python Journal bindings gained support for the standard
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Python logging framework.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * The Journal API gained new functions for checking whether
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering the underlying file system of a journal file is capable of
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering properly reporting file change notifications, or whether
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering applications that want to reflect journal changes "live"
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering need to recheck journal files continuously in appropriate
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering time intervals.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * It is now possible to set the "age" field for tmpfiles
bf9335608821264163058a8b036a00775a8ffbe4Kay Sievers entries to 0, indicating that files matching this entry
bf9335608821264163058a8b036a00775a8ffbe4Kay Sievers shall always be removed when the directories are cleaned up.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * coredumpctl gained a new "gdb" verb which invokes gdb
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering right-away on the selected coredump.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * There's now support for "hybrid sleep" on kernels that
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering support this, in addition to "suspend" and "hibernate". Use
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering "systemctl hybrid-sleep" to make use of this.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * logind's HandleSuspendKey= setting (and related settings)
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering now gained support for a new "lock" setting to simply
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering request the screen lock on all local sessions, instead of
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers actually executing a suspend or hibernation.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * systemd will now mount the EFI variables file system by
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * Socket units now gained support for configuration of the
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering SMACK security label.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * timedatectl will now output the time of the last and next
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering daylight saving change.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * We dropped support for various legacy and distro-specific
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering concepts, such as insserv, early-boot SysV services
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering (i.e. those for non-standard runlevels such as 'b' or 'S')
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering or ArchLinux /etc/rc.conf support. We recommend the
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering distributions who still need support this to either continue
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering to maintain the necessary patches downstream, or find a
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering different solution. (Talk to us if you have questions!)
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * Various systemd components will now bypass PolicyKit checks
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering for root and otherwise handle properly if PolicyKit is not
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering found to be around. This should fix most issues for
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering PolicyKit-less systems. Quite frankly this should have been
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering this way since day one. It is absolutely our intention to
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering make systemd work fine on PolicyKit-less systems, and we
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering consider it a bug if something doesn't work as it should if
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering PolicyKit is not around.
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering * For embedded systems it is now possible to build udev and
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering systemd without blkid and/or kmod support.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * "systemctl switch-root" is now capable of switching root
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering more than once. I.e. in addition to transitions from the
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering initrd to the host OS it is now possible to transition to
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering further OS images from the host. This is useful to implement
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering offline updating tools.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * Various other additions have been made to the RPM macros
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering shipped with systemd. Use %udev_rules_update() after
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering installing new udev rules files. %_udevhwdbdir,
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering %_udevrulesdir, %_journalcatalogdir, %_tmpfilesdir,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering %_sysctldir are now available which resolve to the right
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering directories for packages to place various data files in.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * journalctl gained the new --full switch (in addition to
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering --all, to disable ellipsation for long messages.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Contributions from: Anders Olofsson, Auke Kok, Ben Boeckel,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Colin Walters, Cosimo Cecchi, Daniel Wallace, Dave Reisner,
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Eelco Dolstra, Holger Hans Peter Freyther, Kay Sievers,
43447fb72693d62363a1a271dacc70d400ed685bLennart Poettering Chun-Yi Lee, Lekensteyn, Lennart Poettering, Mantas Mikulėnas,
43447fb72693d62363a1a271dacc70d400ed685bLennart Poettering Marti Raudsepp, Martin Pitt, Mauro Dreissig, Michael Biebl,
43447fb72693d62363a1a271dacc70d400ed685bLennart Poettering Michal Schmidt, Michal Sekletar, Miklos Vajna, Nis Martensen,
43447fb72693d62363a1a271dacc70d400ed685bLennart Poettering Oleksii Shevchuk, Olivier Brunel, Ramkumar Ramachandra, Thomas
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering Bächler, Thomas Hindoe Paaboel Andersen, Tom Gundersen, Tony
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek Camuso, Umut Tezduyar, Zbigniew Jędrzejewski-Szmek
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart PoetteringCHANGES WITH 195:
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * journalctl gained new --since= and --until= switches to
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering filter by time. It also now supports nice filtering for
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering units via --unit=/-u.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * Type=oneshot services may use ExecReload= and do the
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * The journal daemon now supports time-based rotation and
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering vacuuming, in addition to the usual disk-space based
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * The journal will now index the available field values for
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering each field name. This enables clients to show pretty drop
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering downs of available match values when filtering. The bash
6aa8d43ade72e24c9426e604f7fc4b7582b9db7cLennart Poettering completion of journalctl has been updated
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering accordingly. journalctl gained a new switch -F to list all
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering values a certain field takes in the journal database.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * More service events are now written as structured messages
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering to the journal, and made recognizable via message IDs.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * The timedated, localed and hostnamed mini-services which
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering previously only provided support for changing time, locale
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering and hostname settings from graphical DEs such as GNOME now
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering also have a minimal (but very useful) text-based client
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering utility each. This is probably the nicest way to changing
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering these settings from the command line now, especially since
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering it lists available options and is fully integrated with bash
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers * There's now a new tool "systemd-coredumpctl" to list and
40e21da873c120936faff0aa42a6533f6933edf7Kay Sievers extract coredumps from the journal.
1aed45907715ad4dce7dbc84a957cd5de8cca36eLennart Poettering * We now install a README each in /var/log/ and
1aed45907715ad4dce7dbc84a957cd5de8cca36eLennart Poettering /etc/rc.d/init.d explaining where the system logs and init
1aed45907715ad4dce7dbc84a957cd5de8cca36eLennart Poettering scripts went. This hopefully should help folks who go to
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering that dirs and look into the otherwise now empty void and
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering scratch their heads.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * When user-services are invoked (by systemd --user) the
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering $MANAGERPID env var is set to the PID of systemd.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * SIGRTMIN+24 when sent to a --user instance will now result
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering in immediate termination of systemd.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * gatewayd received numerous feature additions such as a
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering "follow" mode, for live syncing and filtering.
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering * browse.html now allows filtering and showing detailed
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering information on specific entries. Keyboard navigation and
85d683970b7dc2c4470b2b7d60c3d9dce28c1471Lennart Poettering mouse screen support has been added.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * gatewayd/journalctl now supports HTML5/JSON
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Server-Sent-Events as output.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * The SysV init script compatibility logic will now
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering heuristically determine whether a script supports the
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering "reload" verb, and only then make this available as
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering "systemctl reload".
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * "systemctl status --follow" has been removed, use "journalctl
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * journald.conf's RuntimeMinSize=, PersistentMinSize= settings
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering have been removed since they are hardly useful to be
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * And I'd like to take the opportunity to specifically mention
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Zbigniew for his great contributions. Zbigniew, you rock!
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Contributions from: Andrew Eikum, Christian Hesse, Colin
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt Guthrie, Daniel J Walsh, Dave Reisner, Eelco Dolstra, Ferenc
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt Wágner, Kay Sievers, Lennart Poettering, Lukas Nykryn, Mantas
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Mikulėnas, Martin Mikkelsen, Martin Pitt, Michael Olbrich,
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Michael Stapelberg, Michal Schmidt, Sebastian Ott, Thomas
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Bächler, Umut Tezduyar, Will Woods, Wulf C. Krueger, Zbigniew
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Jędrzejewski-Szmek, Сковорода Никита Андреевич
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart PoetteringCHANGES WITH 194:
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * If /etc/vconsole.conf is non-existent or empty we will no
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering longer load any console font or key map at boot by
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering default. Instead the kernel defaults will be left
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering intact. This is definitely the right thing to do, as no
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering configuration should mean no configuration, and hard-coding
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering font names that are different on all archs is probably a bad
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering idea. Also, the kernel default key map and font should be
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering good enough for most cases anyway, and mostly identical to
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering the userspace fonts/key maps we previously overloaded them
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering with. If distributions want to continue to default to a
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering non-kernel font or key map they should ship a default
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering /etc/vconsole.conf with the appropriate contents.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Contributions from: Colin Walters, Daniel J Walsh, Dave
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Reisner, Kay Sievers, Lennart Poettering, Lukas Nykryn, Tollef
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Fog Heen, Tom Gundersen, Zbigniew Jędrzejewski-Szmek
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart PoetteringCHANGES WITH 193:
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * journalctl gained a new --cursor= switch to show entries
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering starting from the specified location in the journal.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * We now enforce a size limit on journal entry fields exported
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering with "-o json" in journalctl. Fields larger than 4K will be
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering assigned null. This can be turned off with --all.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * An (optional) journal gateway daemon is now available as
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering "systemd-journal-gatewayd.service". This service provides
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering access to the journal via HTTP and JSON. This functionality
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering will be used to implement live log synchronization in both
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering pull and push modes, but has various other users too, such
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering as easy log access for debugging of embedded devices. Right
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering now it is already useful to retrieve the journal via HTTP:
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering # systemctl start systemd-journal-gatewayd.service
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering This will download the journal contents in a
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering /var/log/messages compatible format. The same as JSON:
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering # curl -H"Accept: application/json" http://localhost:19531/entries
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering This service is also accessible via a web browser where a
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering single static HTML5 app is served that uses the JSON logic
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering to enable the user to do some basic browsing of the
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering journal. This will be extended later on. Here's an example
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering screenshot of this app in its current state:
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering http://0pointer.de/public/journal-gatewayd
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Contributions from: Kay Sievers, Lennart Poettering, Robert
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Milasan, Tom Gundersen
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart PoetteringCHANGES WITH 192:
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * The bash completion logic is now available for journalctl
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * We don't mount the "cpuset" controller anymore together with
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering "cpu" and "cpuacct", as "cpuset" groups generally cannot be
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering started if no parameters are assigned to it. "cpuset" hence
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering broke code that assumed it it could create "cpu" groups and
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering just start them.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * journalctl -f will now subscribe to terminal size changes,
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering and line break accordingly.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Contributions from: Dave Reisner, Kay Sievers, Lennart
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Poettering, Lukas Nykrynm, Mirco Tischler, Václav Pavlín
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart PoetteringCHANGES WITH 191:
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * nspawn will now create a symlink /etc/localtime in the
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering container environment, copying the host's timezone
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering setting. Previously this has been done via a bind mount, but
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering since symlinks cannot be bind mounted this has now been
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering changed to create/update the appropriate symlink.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * journalctl -n's line number argument is now optional, and
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering will default to 10 if omitted.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * journald will now log the maximum size the journal files may
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering take up on disk. This is particularly useful if the default
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering built-in logic of determining this parameter from the file
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering system size is used. Use "systemctl status
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering systemd-journald.service" to see this information.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * The multi-seat X wrapper tool has been stripped down. As X
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering is now capable of enumerating graphics devices via udev in a
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering seat-aware way the wrapper is not strictly necessary
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering anymore. A stripped down temporary stop-gap is still shipped
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering until the upstream display managers have been updated to
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering fully support the new X logic. Expect this wrapper to be
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering removed entirely in one of the next releases.
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * HandleSleepKey= in logind.conf has been split up into
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering HandleSuspendKey= and HandleHibernateKey=. The old setting
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering is not available anymore. X11 and the kernel are
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering distuingishing between these keys and we should too. This
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering also means the inhibition lock for these keys has been split
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Contributions from: Dave Airlie, Eelco Dolstra, Lennart
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering Poettering, Lukas Nykryn, Václav Pavlín
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart PoetteringCHANGES WITH 190:
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering * Whenever a unit changes state we'll now log this to the
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering journal and show along the unit's own log output in
8ad2685909f988602eca32ccba5c8ea4159e7f2eLennart Poettering "systemctl status".
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * ConditionPathIsMountPoint= can now properly detect bind
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering mount points too. (Previously, a bind mount of one file
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering system to another place in the same file system could not be
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering detected as mount, since they shared struct stat's st_dev
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * We will now mount the cgroup controllers cpu, cpuacct,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering cpuset and the controllers net_cls, net_prio together by
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * nspawn containers will now have a virtualized boot
96ec33c079caacdf9c7cdfb2cad2f1bc48dfca65Lennart Poettering ID. (i.e. /proc/sys/kernel/random/boot_id is now mounted
96ec33c079caacdf9c7cdfb2cad2f1bc48dfca65Lennart Poettering over with a randomized ID at container initialization). This
96ec33c079caacdf9c7cdfb2cad2f1bc48dfca65Lennart Poettering has the effect of making "journalctl -b" do the right thing
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering in a container.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * The JSON output journal serialization has been updated not
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering to generate "endless" list objects anymore, but rather one
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering JSON object per line. This is more in line how most JSON
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering parsers expect JSON objects. The new output mode
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering "json-pretty" has been added to provide similar output, but
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering neatly aligned for readability by humans.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * We dropped all explicit sync() invocations in the shutdown
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering code. The kernel does this implicitly anyway in the kernel
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering reboot() syscall. halt(8)'s -n option is now a compatibility
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * We now support virtualized reboot() in containers, as
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering supported by newer kernels. We will fall back to exit() if
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering CAP_SYS_REBOOT is not available to the container. Also,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering nspawn makes use of this now and will actually reboot the
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering container if the containerized OS asks for that.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * journalctl will only show local log output by default
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering now. Use --merge (-m) to show remote log output, too.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * libsystemd-journal gained the new sd_journal_get_usage()
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering call to determine the current disk usage of all journal
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering files. This is exposed in the new "journalctl --disk-usage"
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * journald gained a new configuration setting SplitMode= in
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering journald.conf which may be used to control how user journals
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering are split off. See journald.conf(5) for details.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * A new condition type ConditionFileNotEmpty= has been added.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * tmpfiles' "w" lines now support file globbing, to write
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering multiple files at once.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * We added Python bindings for the journal submission
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering APIs. More Python APIs for a number of selected APIs will
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering likely follow. Note that we intend to add native bindings
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering only for the Python language, as we consider it common
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering enough to deserve bindings shipped within systemd. There are
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering various projects outside of systemd that provide bindings
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering for languages such as PHP or Lua.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * Many conditions will now resolve specifiers such as %i. In
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering addition, PathChanged= and related directives of .path units
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering now support specifiers as well.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * There's now a new RPM macro definition for the system preset
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering dir: %_presetdir.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * journald will now warn if it can't forward a message to the
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering syslog daemon because it's socket is full.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * timedated will no longer write or process /etc/timezone,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering except on Debian. As we do not support late mounted /usr
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering anymore /etc/localtime always being a symlink is now safe,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering and hence the information in /etc/timezone is not necessary
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * logind will now always reserve one VT for a text getty (VT6
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering by default). Previously if more than 6 X sessions where
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering started they took up all the VTs with auto-spawned gettys,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering so that no text gettys were available anymore.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * udev will now automatically inform the btrfs kernel logic
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering about btrfs RAID components showing up. This should make
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt simple hotplug based btrfs RAID assembly work.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * PID 1 will now increase its RLIMIT_NOFILE to 64K by default
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering (but not for its children which will stay at the kernel
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering default). This should allow setups with a lot more listening
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * systemd will now always pass the configured timezone to the
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering kernel at boot. timedated will do the same when the timezone
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * logind's inhibition logic has been updated. By default,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering logind will now handle the lid switch, the power and sleep
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering keys all the time, even in graphical sessions. If DEs want
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering to handle these events on their own they should take the new
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering handle-power-key, handle-sleep-key and handle-lid-switch
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering inhibitors during their runtime. A simple way to achiveve
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering that is to invoke the DE wrapped in an invocation of:
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering systemd-inhibit --what=handle-power-key:handle-sleep-key:handle-lid-switch ...
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * Access to unit operations is now checked via SELinux taking
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering the unit file label and client process label into account.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * systemd will now notify the administrator in the journal
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering when he over-mounts a non-empty directory.
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering * There are new specifiers that are resolved in unit files,
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering for the host name (%H), the machine ID (%m) and the boot ID
0428ddb729d12563b827510e04663de9cb4056f3Lennart Poettering Contributions from: Allin Cottrell, Auke Kok, Brandon Philips,
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering Colin Guthrie, Colin Walters, Daniel J Walsh, Dave Reisner,
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering Eelco Dolstra, Jan Engelhardt, Kay Sievers, Lennart
6827101ab4df4730a22062f4b3a8f8c2bae5be28Zbigniew Jędrzejewski-Szmek Poettering, Lucas De Marchi, Lukas Nykryn, Mantas Mikulėnas,
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering Martin Pitt, Matthias Clasen, Michael Olbrich, Pierre Schmitz,
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering Shawn Landden, Thomas Hindoe Paaboel Andersen, Tom Gundersen,
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering Václav Pavlín, Yin Kangkai, Zbigniew Jędrzejewski-Szmek
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart PoetteringCHANGES WITH 189:
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * Support for reading structured kernel messages from
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering /dev/kmsg has now been added and is enabled by default.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * Support for reading kernel messages from /proc/kmsg has now
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering been removed. If you want kernel messages in the journal
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering make sure to run a recent kernel (>= 3.5) that supports
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering reading structured messages from /dev/kmsg (see
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering above). /proc/kmsg is now exclusive property of classic
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering syslog daemons again.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * The libudev API gained the new
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering udev_device_new_from_device_id() call.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * The logic for file system namespace (ReadOnlyDirectory=,
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering ReadWriteDirectoy=, PrivateTmp=) has been reworked not to
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering require pivot_root() anymore. This means fewer temporary
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering directories are created below /tmp for this feature.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * nspawn containers will now see and receive all submounts
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering made on the host OS below the root file system of the
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * Forward Secure Sealing is now supported for Journal files,
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering which provide cryptographical sealing of journal files so
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering that attackers cannot alter log history anymore without this
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering being detectable. Lennart will soon post a blog story about
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering this explaining it in more detail.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * There are two new service settings RestartPreventExitStatus=
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering and SuccessExitStatus= which allow configuration of exit
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering status (exit code or signal) which will be excepted from the
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering restart logic, resp. consider successful.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * journalctl gained the new --verify switch that can be used
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering to check the integrity of the structure of journal files and
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering (if Forward Secure Sealing is enabled) the contents of
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering journal files.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * nspawn containers will now be run with /dev/stdin, /dev/fd/
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering and similar symlinks pre-created. This makes running shells
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering as container init process a lot more fun.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * The fstab support can now handle PARTUUID= and PARTLABEL=
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * A new ConditionHost= condition has been added to match
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering against the hostname (with globs) and machine ID. This is
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering useful for clusters where a single OS image is used to
1cb88f2c61f590083847d65cd5a518e834da87d3Lennart Poettering provision a large number of hosts which shall run slightly
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering different sets of services.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * Services which hit the restart limit will now be placed in a
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering failure state.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering Contributions from: Bertram Poettering, Dave Reisner, Huang
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering Hang, Kay Sievers, Lennart Poettering, Lukas Nykryn, Martin
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering Pitt, Simon Peeters, Zbigniew Jędrzejewski-Szmek
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart PoetteringCHANGES WITH 188:
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * When running in --user mode systemd will now become a
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering subreaper (PR_SET_CHILD_SUBREAPER). This should make the ps
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering tree a lot more organized.
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * A new PartOf= unit dependency type has been introduced that
4d92e078e9d7e9a9d346065ea5e4afbafbdadb48Lennart Poettering may be used to group services in a natural way.
4d92e078e9d7e9a9d346065ea5e4afbafbdadb48Lennart Poettering * "systemctl enable" may now be used to enable instances of
139ee8cc316a861bcc8a8ebdf4a8449dffe16f79Lennart Poettering * journalctl now prints error log levels in red, and
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering warning/notice log levels in bright white. It also supports
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering filtering by log level now.
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering * cgtop gained a new -n switch (similar to top), to configure
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering the maximum number of iterations to run for. It also gained
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering -b, to run in batch mode (accepting no input).
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering * The suffix ".service" may now be omitted on most systemctl
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering command lines involving service unit names.
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering * There's a new bus call in logind to lock all sessions, as
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering well as a loginctl verb for it "lock-sessions".
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering * libsystemd-logind.so gained a new call sd_journal_perror()
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering that works similar to libc perror() but logs to the journal
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering and encodes structured information about the error number.
f9b557200b6d59a3dce1623d0873a259ee2fe421Lennart Poettering * /etc/crypttab entries now understand the new keyfile-size=
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering * shutdown(8) now can send a (configurable) wall message when
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering a shutdown is cancelled.
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering * The mount propagation mode for the root file system will now
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering default to "shared", which is useful to make containers work
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering nicely out-of-the-box so that they receive new mounts from
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering the host. This can be undone locally by running "mount
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering --make-rprivate /" if needed.
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering * The prefdm.service file has been removed. Distributions
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering should maintain this unit downstream if they intend to keep
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering it around. However, we recommend writing normal unit files
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering for display managers instead.
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering * Since systemd is a crucial part of the OS we will now
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering default to a number of compiler switches that improve
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering security (hardening) such as read-only relocations, stack
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering protection, and suchlike.
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering * The TimeoutSec= setting for services is now split into
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering TimeoutStartSec= and TimeoutStopSec= to allow configuration
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering of individual time outs for the start and the stop phase of
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering Contributions from: Artur Zaprzala, Arvydas Sidorenko, Auke
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering Kok, Bryan Kadzban, Dave Reisner, David Strauss, Harald Hoyer,
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering Jim Meyering, Kay Sievers, Lennart Poettering, Mantas
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering Mikulėnas, Martin Pitt, Michal Schmidt, Michal Sekletar, Peter
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering Alfredsen, Shawn Landden, Simon Peeters, Terence Honles, Tom
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering Gundersen, Zbigniew Jędrzejewski-Szmek
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart PoetteringCHANGES WITH 187:
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering * The journal and id128 C APIs are now fully documented as man
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering * Extra safety checks have been added when transitioning from
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering the initial RAM disk to the main system to avoid accidental
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * /etc/crypttab entries now understand the new keyfile-offset=
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering * systemctl -t can now be used to filter by unit load state.
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering * The journal C API gained the new sd_journal_wait() call to
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering make writing synchronous journal clients easier.
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering * journalctl gained the new -D switch to show journals from a
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering specific directory.
075d4ecb4026c5bc55e73bd2d44e3fc4d679adc7Lennart Poettering * journalctl now displays a special marker between log
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering messages of two different boots.
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * The journal is now explicitly flushed to /var via a service
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering systemd-journal-flush.service, rather than implicitly simply
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering by seeing /var/log/journal to be writable.
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * journalctl (and the journal C APIs) can now match for much
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering more complex expressions, with alternatives and
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * When transitioning from the initial RAM disk to the main
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering system we will now kill all processes in a killing spree to
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering ensure no processes stay around by accident.
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * Three new specifiers may be used in unit files: %u, %h, %s
6563b535a062055ae68f2e574018d9d04a864b65Lennart Poettering resolve to the user name, user home directory resp. user
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering shell. This is useful for running systemd user instances.
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * We now automatically rotate journal files if their data
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering object hash table gets a fill level > 75%. We also size the
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering hash table based on the configured maximum file size. This
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering together should lower hash collisions drastically and thus
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering speed things up a bit.
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * journalctl gained the new "--header" switch to introspect
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering header data of journal files.
6563b535a062055ae68f2e574018d9d04a864b65Lennart Poettering * A new setting SystemCallFilters= has been added to services
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering which may be used to apply blacklists or whitelists to
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering system calls. This is based on SECCOMP Mode 2 of Linux 3.5.
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * nspawn gained a new --link-journal= switch (and quicker: -j)
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering to link the container journal with the host. This makes it
597c52cfedb5edd13ee1635fa6be72fc80e587c3Lennart Poettering very easy to centralize log viewing on the host for all
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering guests while still keeping the journal files separated.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * Many bugfixes and optimizations
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering Contributions from: Auke Kok, Eelco Dolstra, Harald Hoyer, Kay
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering Sievers, Lennart Poettering, Malte Starostik, Paul Menzel, Rex
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering Tsai, Shawn Landden, Tom Gundersen, Ville Skyttä, Zbigniew
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering Jędrzejewski-Szmek
8d0256b7eb119de92c748cf566257996b02fb506Lennart PoetteringCHANGES WITH 186:
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * Several tools now understand kernel command line arguments,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering which are only read when run in an initial RAM disk. They
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering usually follow closely their normal counterparts, but are
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering prefixed with rd.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * There's a new tool to analyze the readahead files that are
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering automatically generated at boot. Use:
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering /usr/lib/systemd/systemd-readahead analyze /.readahead
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * We now provide an early debug shell on tty9 if this enabled. Use:
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * All plymouth related units have been moved into the Plymouth
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering package. Please make sure to upgrade your Plymouth version
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * systemd-tmpfiles now supports getting passed the basename of
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering a configuration file only, in which case it will look for it
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering in all appropriate directories automatically.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * udevadm info now takes a /dev or /sys path as argument, and
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering does the right thing. Example:
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * systemctl now prints a warning if a unit is stopped but a
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering unit that might trigger it continues to run. Example: a
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering service is stopped but the socket that activates it is left
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * "systemctl status" will now mention if the log output was
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering shortened due to rotation since a service has been started.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * The journal API now exposes functions to determine the
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering "cutoff" times due to rotation.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * journald now understands SIGUSR1 and SIGUSR2 for triggering
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering immediately flushing of runtime logs to /var if possible,
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering resp. for triggering immediate rotation of the journal
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * It is now considered an error if a service is attempted to
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering be stopped that is not loaded.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * XDG_RUNTIME_DIR now uses numeric UIDs instead of usernames.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * systemd-analyze now supports Python 3
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * tmpfiles now supports cleaning up directories via aging
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering where the first level dirs are always kept around but
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering directories beneath it automatically aged. This is enabled
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering by prefixing the age field with '~'.
a98d5d64720bdf32e3b5f72f896b583e23f730adLennart Poettering * Seat objects now expose CanGraphical, CanTTY properties
a98d5d64720bdf32e3b5f72f896b583e23f730adLennart Poettering which is required to deal with very fast bootups where the
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering display manager might be running before the graphics drivers
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering completed initialization.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * Seat objects now expose a State property.
dca348bcbb462305864526c587495a14a76bfcdeJan Engelhardt * We now include RPM macros for service enabling/disabling
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering based on the preset logic. We recommend RPM based
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering distributions to make use of these macros if possible. This
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering makes it simpler to reuse RPM spec files across
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering distributions.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * We now make sure that the collected systemd unit name is
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering always valid when services log to the journal via
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * There's a new man page kernel-command-line(7) detailing all
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering command line options we understand.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * The fstab generator may now be disabled at boot by passing
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering fstab=0 on the kernel command line.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * A new kernel command line option modules-load= is now understood
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering to load a specific kernel module statically, early at boot.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * Unit names specified on the systemctl command line are now
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering automatically escaped as needed. Also, if file system or
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering device paths are specified they are automatically turned
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering into the appropriate mount or device unit names. Example:
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering systemctl status /home
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering systemctl status /dev/sda
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * The SysVConsole= configuration option has been removed from
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * The SysV search path is no longer exported on the D-Bus
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering Manager object.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * The Names= option is been removed from unit file parsing.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * There's a new man page bootup(7) detailing the boot process.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * Every unit and every generator we ship with systemd now
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering comes with full documentation. The self-explanatory boot is
aad803af990f7c88e94427b9278d88afe3a12d38Lennart Poettering * A couple of services gained "systemd-" prefixes in their
aad803af990f7c88e94427b9278d88afe3a12d38Lennart Poettering name if they wrap systemd code, rather than only external
aad803af990f7c88e94427b9278d88afe3a12d38Lennart Poettering code. Among them fsck@.service which is now
aad803af990f7c88e94427b9278d88afe3a12d38Lennart Poettering systemd-fsck@.service.
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * The HaveWatchdog property has been removed from the D-Bus
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering Manager object.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * systemd.confirm_spawn= on the kernel command line should now
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering work sensibly.
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering * There's a new man page crypttab(5) which details all options
0c11f949db8d6d9899e0c473bf1f8cca0614493eLennart Poettering we actually understand.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * systemd-nspawn gained a new --capability= switch to pass
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering additional capabilities to the container.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * timedated will now read known NTP implementation unit names
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering from /usr/lib/systemd/ntp-units.d/*.list,
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering systemd-timedated-ntp.target has been removed.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * journalctl gained a new switch "-b" that lists log data of
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering the current boot only.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * The notify socket is in the abstract namespace again, in
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering order to support daemons which chroot() at start-up.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * There is a new Storage= configuration option for journald
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering which allows configuration of where log data should go. This
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering also provides a way to disable journal logging entirely, so
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering that data collected is only forwarded to the console, the
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering kernel log buffer or another syslog implementation.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * Many bugfixes and optimizations
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering Contributions from: Auke Kok, Colin Guthrie, Dave Reisner,
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering David Strauss, Eelco Dolstra, Kay Sievers, Lennart Poettering,
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering Lukas Nykryn, Michal Schmidt, Michal Sekletar, Paul Menzel,
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering Shawn Landden, Tom Gundersen
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart PoetteringCHANGES WITH 185:
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * "systemctl help <unit>" now shows the man page if one is
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * Several new man pages have been added.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * MaxLevelStore=, MaxLevelSyslog=, MaxLevelKMsg=,
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering MaxLevelConsole= can now be specified in
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering journald.conf. These options allow reducing the amount of
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering data stored on disk or forwarded by the log level.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * TimerSlackNSec= can now be specified in system.conf for
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering PID1. This allows system-wide power savings.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering Contributions from: Dave Reisner, Kay Sievers, Lauri Kasanen,
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering Lennart Poettering, Malte Starostik, Marc-Antoine Perennou,
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering Matthias Clasen
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart PoetteringCHANGES WITH 184:
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * logind is now capable of (optionally) handling power and
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering sleep keys as well as the lid switch.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * journalctl now understands the syntax "journalctl
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering /usr/bin/avahi-daemon" to get all log output of a specific
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * CapabilityBoundingSet= in system.conf now also influences
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering the capability bound set of usermode helpers of the kernel.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering Contributions from: Daniel Drake, Daniel J. Walsh, Gert
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering Michael Kulyk, Harald Hoyer, Jean Delvare, Kay Sievers,
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering Lennart Poettering, Matthew Garrett, Matthias Clasen, Paul
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering Menzel, Shawn Landden, Tero Roponen, Tom Gundersen
c269cec334f940d82146f70d69125b1caef08baaLennart PoetteringCHANGES WITH 183:
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * Note that we skipped 139 releases here in order to set the
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering new version to something that is greater than both udev's
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering and systemd's most recent version number.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * udev: all udev sources are merged into the systemd source tree now.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering All future udev development will happen in the systemd tree. It
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering is still fully supported to use the udev daemon and tools without
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering systemd running, like in initramfs or other init systems. Building
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering udev though, will require the *build* of the systemd tree, but
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering udev can be properly *run* without systemd.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * udev: /lib/udev/devices/ are not read anymore; systemd-tmpfiles
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering should be used to create dead device nodes as workarounds for broken
ab06eef8101866dd1337c4759002f7360a9db416Anatol Pomozov * udev: RUN+="socket:..." and udev_monitor_new_from_socket() is
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering no longer supported. udev_monitor_new_from_netlink() needs to be
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering used to subscribe to events.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * udev: when udevd is started by systemd, processes which are left
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering behind by forking them off of udev rules, are unconditionally cleaned
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering up and killed now after the event handling has finished. Services or
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering daemons must be started as systemd services. Services can be
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering pulled-in by udev to get started, but they can no longer be directly
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering forked by udev rules.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * udev: the daemon binary is called systemd-udevd now and installed
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering in /usr/lib/systemd/. Standalone builds or non-systemd systems need
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering to adapt to that, create symlink, or rename the binary after building
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * libudev no longer provides these symbols:
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering udev_monitor_from_socket()
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering udev_queue_get_failed_list_entry()
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering udev_get_{dev,sys,run}_path()
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering The versions number was bumped and symbol versioning introduced.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * systemd-loginctl and systemd-journalctl have been renamed
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering to loginctl and journalctl to match systemctl.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * The config files: /etc/systemd/systemd-logind.conf and
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering /etc/systemd/systemd-journald.conf have been renamed to
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering logind.conf and journald.conf. Package updates should rename
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering the files to the new names on upgrade.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * For almost all files the license is now LGPL2.1+, changed
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering from the previous GPL2.0+. Exceptions are some minor stuff
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering of udev (which will be changed to LGPL2.1 eventually, too),
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering and the MIT licensed sd-daemon.[ch] library that is suitable
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering to be used as drop-in files.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * systemd and logind now handle system sleep states, in
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering particular suspending and hibernating.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * logind now implements a sleep/shutdown/idle inhibiting logic
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering suitable for a variety of uses. Soonishly Lennart will blog
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering about this in more detail.
c269cec334f940d82146f70d69125b1caef08baaLennart Poettering * var-run.mount and var-lock.mount are no longer provided
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering (which prevously bind mounted these directories to their new
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering places). Distributions which have not converted these
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering directories to symlinks should consider stealing these files
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering from git history and add them downstream.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * We introduced the Documentation= field for units and added
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering this to all our shipped units. This is useful to make it
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering easier to explore the boot and the purpose of the various
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * All smaller setup units (such as
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering systemd-vconsole-setup.service) now detect properly if they
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering are run in a container and are skipped when
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering appropriate. This guarantees an entirely noise-free boot in
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering Linux container environments such as systemd-nspawn.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * A framework for implementing offline system updates is now
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering integrated, for details see:
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering http://freedesktop.org/wiki/Software/systemd/SystemUpdates
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * A new service type Type=idle is available now which helps us
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering avoiding ugly interleaving of getty output and boot status
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * There's now a system-wide CapabilityBoundingSet= option to
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering globally reduce the set of capabilities for the
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering system. This is useful to drop CAP_SYS_MKNOD, CAP_SYS_RAWIO,
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering CAP_NET_RAW, CAP_SYS_MODULE, CAP_SYS_TIME, CAP_SYS_PTRACE or
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering even CAP_NET_ADMIN system-wide for secure systems.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * There are now system-wide DefaultLimitXXX= options to
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering globally change the defaults of the various resource limits
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering for all units started by PID 1.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * Harald Hoyer's systemd test suite has been integrated into
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering systemd which allows easy testing of systemd builds in qemu
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering and nspawn. (This is really awesome! Ask us for details!)
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * The fstab parser is now implemented as generator, not inside
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering of PID 1 anymore.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * systemctl will now warn you if .mount units generated from
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering /etc/fstab are out of date due to changes in fstab that
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering haven't been read by systemd yet.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * systemd is now suitable for usage in initrds. Dracut has
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering already been updated to make use of this. With this in place
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering initrds get a slight bit faster but primarily are much
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering easier to introspect and debug since "systemctl status" in
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering the host system can be used to introspect initrd services,
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering and the journal from the initrd is kept around too.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * systemd-delta has been added, a tool to explore differences
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering between user/admin configuration and vendor defaults.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * PrivateTmp= now affects both /tmp and /var/tmp.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * Boot time status messages are now much prettier and feature
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering proper english language. Booting up systemd has never been
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * Read-ahead pack files now include the inode number of all
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering files to pre-cache. When the inode changes the pre-caching
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering is not attempted. This should be nicer to deal with updated
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering packages which might result in changes of read-ahead
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * We now temporaritly lower the kernel's read_ahead_kb variable
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering when collecting read-ahead data to ensure the kernel's
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering built-in read-ahead does not add noise to our measurements
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering of necessary blocks to pre-cache.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * There's now RequiresMountsFor= to add automatic dependencies
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering for all mounts necessary for a specific file system path.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * MountAuto= and SwapAuto= have been removed from
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering system.conf. Mounting file systems at boot has to take place
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering in systemd now.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * nspawn now learned a new switch --uuid= to set the machine
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering ID on the command line.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * nspawn now learned the -b switch to automatically search
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering for an init system.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * vt102 is now the default TERM for serial TTYs, upgraded from
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * systemd-logind now works on VT-less systems.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * The build tree has been reorganized. The individual
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering components now have directories of their own.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * A new condition type ConditionPathIsReadWrite= is now available.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * nspawn learned the new -C switch to create cgroups for the
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering container in other hierarchies.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * We now have support for hardware watchdogs, configurable in
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * The scheduled shutdown logic now has a public API.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * We now mount /tmp as tmpfs by default, but this can be
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering masked and /etc/fstab can override it.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Since udisks doesn't make use of /media anymore we are not
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering mounting a tmpfs on it anymore.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * journalctl gained a new --local switch to only interleave
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering locally generated journal files.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * We can now load the IMA policy at boot automatically.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * The GTK tools have been split off into a systemd-ui.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Contributions from: Andreas Schwab, Auke Kok, Ayan George,
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Colin Guthrie, Daniel Mack, Dave Reisner, David Ward, Elan
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Ruusamäe, Frederic Crozat, Gergely Nagy, Guillermo Vidal,
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Hannes Reinecke, Harald Hoyer, Javier Jardón, Kay Sievers,
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Lennart Poettering, Lucas De Marchi, Léo Gillot-Lamure,
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Marc-Antoine Perennou, Martin Pitt, Matthew Monaco, Maxim
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering A. Mikityanskiy, Michael Biebl, Michael Olbrich, Michal
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Schmidt, Nis Martensen, Patrick McCarty, Roberto Sassu, Shawn
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Landden, Sjoerd Simons, Sven Anders, Tollef Fog Heen, Tom
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart PoetteringCHANGES WITH 44:
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * This is mostly a bugfix release
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Support optional initialization of the machine ID from the
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering KVM or container configured UUID.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Support immediate reboots with "systemctl reboot -ff"
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Show /etc/os-release data in systemd-analyze output
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Many bugfixes for the journal, including endianness fixes and
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering ensuring that disk space enforcement works
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * sd-login.h is C++ comptaible again
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Extend the /etc/os-release format on request of the Debian
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * We now refuse non-UTF8 strings used in various configuration
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering and unit files. This is done to ensure we don't pass invalid
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering data over D-Bus or expose it elsewhere.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Register Mimo USB Screens as suitable for automatic seat
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Read SELinux client context from journal clients in a race
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Reorder configuration file lookup order. /etc now always
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering overrides /run in order to allow the administrator to always
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering and unconditionally override vendor supplied or
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering automatically generated data.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * The various user visible bits of the journal now have man
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering pages. We still lack man pages for the journal API calls
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * We now ship all man pages in HTML format again in the
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Contributions from: Dave Reisner, Dirk Eibach, Frederic
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Crozat, Harald Hoyer, Kay Sievers, Lennart Poettering, Marti
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Raudsepp, Michal Schmidt, Shawn Landden, Tero Roponen, Thierry
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart PoetteringCHANGES WITH 43:
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * This is mostly a bugfix release
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * systems lacking /etc/os-release are no longer supported.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Various functionality updates to libsystemd-login.so
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Track class of PAM logins to distuingish greeters from
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering normal user logins.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering Contributions from: Kay Sievers, Lennart Poettering, Michael
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart PoetteringCHANGES WITH 42:
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * This is an important bugfix release for v41.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Building man pages is now optional which should be useful
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering for those building systemd from git but unwilling to install
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Watchdog support for supervising services is now usable. In
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering a future release support for hardware watchdogs
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering (i.e. /dev/watchdog) will be added building on this.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Service start rate limiting is now configurable and can be
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering turned off per service. When a start rate limit is hit a
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering reboot can automatically be triggered.
c4f1b86299c4ce2a62ce845bc48f2794f5459762Lennart Poettering * New CanReboot(), CanPowerOff() bus calls in systemd-logind.
2d938ac75d013f713c1225def78a53583af6a596Lennart Poettering Contributions from: Benjamin Franzke, Bill Nottingham,
2d938ac75d013f713c1225def78a53583af6a596Lennart Poettering Frederic Crozat, Lennart Poettering, Michael Olbrich, Michal
2d938ac75d013f713c1225def78a53583af6a596Lennart Poettering Schmidt, Michał Górny, Piotr Drąg
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart PoetteringCHANGES WITH 41:
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * The systemd binary is installed /usr/lib/systemd/systemd now;
2d1972857b7bd19b4a74a8f80865749a8082f32aKay Sievers An existing /sbin/init symlink needs to be adapted with the
2d1972857b7bd19b4a74a8f80865749a8082f32aKay Sievers package update.
2d1972857b7bd19b4a74a8f80865749a8082f32aKay Sievers * The code that loads kernel modules has been ported to invoke
2d1972857b7bd19b4a74a8f80865749a8082f32aKay Sievers libkmod directly, instead of modprobe. This means we do not
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering support systems with module-init-tools anymore.
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * Watchdog support is now already useful, but still not
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering * A new kernel command line option systemd.setenv= is
b5b4c94a67d90891a0225af0e08cf45dbc329377Lennart Poettering understood to set system wide environment variables
2d1972857b7bd19b4a74a8f80865749a8082f32aKay Sievers dynamically at boot.
2d1972857b7bd19b4a74a8f80865749a8082f32aKay Sievers * We now limit the set of capabilities of systemd-journald.
2d1972857b7bd19b4a74a8f80865749a8082f32aKay Sievers * We now set SIGPIPE to ignore by default, since it only is
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering useful in shell pipelines, and has little use in general
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering code. This can be disabled with IgnoreSIPIPE=no in unit
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering Contributions from: Benjamin Franzke, Kay Sievers, Lennart
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering Poettering, Michael Olbrich, Michal Schmidt, Tom Gundersen,
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering William Douglas
4c8cd173305697f59adcebf980ad7babe751d38cLennart PoetteringCHANGES WITH 40:
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering * This is mostly a bugfix release
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering * We now expose the reason why a service failed in the
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering "Result" D-Bus property.
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering * Rudimentary service watchdog support (will be completed over
4c8cd173305697f59adcebf980ad7babe751d38cLennart Poettering the next few releases.)
b6a867398de9f75fb623a84db7c6181d26b0a8d5Lennart Poettering * When systemd forks off in order execute some service we will
187076d47907f7b3fcd61b2ef5eef9820915946aLennart Poettering now immediately changes its argv[0] to reflect which process
187076d47907f7b3fcd61b2ef5eef9820915946aLennart Poettering it will execute. This is useful to minimize the time window
187076d47907f7b3fcd61b2ef5eef9820915946aLennart Poettering with a generic argv[0], which makes bootcharts more useful
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers Contributions from: Alvaro Soliverez, Chris Paulson-Ellis, Kay
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers Sievers, Lennart Poettering, Michael Olbrich, Michal Schmidt,
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers Mike Kazantsev, Ray Strode
194bbe33382f5365be3865ed1779147cb680f1d3Kay SieversCHANGES WITH 39:
07cd4fc16806783d3b6b3008db222ac6a024805cKay Sievers * This is mostly a test release, but incorporates many
f13b388f97bc3ba8db844bd3413d510e2466a0b6Kay Sievers * New systemd-cgtop tool to show control groups by their
64661ee70d5a10c6208a1cb66ecd8b158e2d8bc5Kay Sievers resource usage.
2d13da8821b8197e62f819b5b996750800e910abKay Sievers * Linking against libacl for ACLs is optional again. If
2d13da8821b8197e62f819b5b996750800e910abKay Sievers disabled, support tracking device access for active logins
2d13da8821b8197e62f819b5b996750800e910abKay Sievers goes becomes unavailable, and so does access to the user
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers journals by the respective users.
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers * If a group "adm" exists, journal files are automatically
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers owned by them, thus allow members of this group full access
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering to the system journal as well as all user journals.
194bbe33382f5365be3865ed1779147cb680f1d3Kay Sievers * The journal now stores the SELinux context of the logging
f13b388f97bc3ba8db844bd3413d510e2466a0b6Kay Sievers client for all entries.
f13b388f97bc3ba8db844bd3413d510e2466a0b6Kay Sievers * Add C++ inclusion guards to all public headers
f13b388f97bc3ba8db844bd3413d510e2466a0b6Kay Sievers * New output mode "cat" in the journal to print only text
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering messages, without any meta data like date or time.
c195956988799837b763ab1b9f078e5f0b7f26e6Kay Sievers * Include tiny X server wrapper as a temporary stop-gap to
c195956988799837b763ab1b9f078e5f0b7f26e6Kay Sievers teach XOrg udev display enumeration. This is used by display
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering managers such as gdm, and will go away as soon as XOrg
c195956988799837b763ab1b9f078e5f0b7f26e6Kay Sievers learned native udev hotplugging for display devices.
9ae9afce6f53a872f4b01b9be13daa75833bd59eLennart Poettering * Add new systemd-cat tool for executing arbitrary programs
18b754d345ecb0b15e369978aaffa72e9814b86aKay Sievers with STDERR/STDOUT connected to the journal. Can also act as
18b754d345ecb0b15e369978aaffa72e9814b86aKay Sievers BSD logger replacement, and does so by default.
18b754d345ecb0b15e369978aaffa72e9814b86aKay Sievers * Optionally store all locally generated coredumps in the
18b754d345ecb0b15e369978aaffa72e9814b86aKay Sievers journal along with meta data.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * systemd-tmpfiles learnt four new commands: n, L, c, b, for
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering writing short strings to files (for usage for /sys), and for
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering creating symlinks, character and block device nodes.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * New unit file option ControlGroupPersistent= to make cgroups
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering persistent, following the mechanisms outlined in
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering http://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Support multiple local RTCs in a sane way
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * No longer monopolize IO when replaying readahead data on
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering rotating disks, since we might starve non-file-system IO to
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering death, since fanotify() will not see accesses done by blkid,
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Don't show kernel threads in systemd-cgls anymore, unless
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering requested with new -k switch.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering Contributions from: Dan Horák, Kay Sievers, Lennart
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering Poettering, Michal Schmidt
3943231cfeb3d76dc4ec0b9f845c3f874593a9deLennart PoetteringCHANGES WITH 38:
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * This is mostly a test release, but incorporates many
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * The git repository moved to:
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering git://anongit.freedesktop.org/systemd/systemd
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering ssh://git.freedesktop.org/git/systemd/systemd
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * First release with the journal
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering http://0pointer.de/blog/projects/the-journal.html
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * The journal replaces both systemd-kmsg-syslogd and
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering systemd-stdout-bridge.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * New sd_pid_get_unit() API call in libsystemd-logind
439d6dfd12f58d7230bcae06d73b841eb3bc588aLennart Poettering * Many systemadm clean-ups
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Introduce remote-fs-pre.target which is ordered before all
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering remote mounts and may be used to start services before all
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering remote mounts.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Added Mageia support
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Add bash completion for systemd-loginctl
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Actively monitor PID file creation for daemons which exit in
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering the parent process before having finished writing the PID
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering file in the daemon process. Daemons which do this need to be
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering fixed (i.e. PID file creation must have finished before the
3943231cfeb3d76dc4ec0b9f845c3f874593a9deLennart Poettering parent exits), but we now react a bit more gracefully to them.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Add colourful boot output, mimicking the well-known output
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering of existing distributions.
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * New option PassCredentials= for socket units, for
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering compatibility with a recent kernel ABI breakage.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * /etc/rc.local is now hooked in via a generator binary, and
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering thus will no longer act as synchronization point during
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * systemctl list-unit-files now supports --root=.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * systemd-tmpfiles now understands two new commands: z, Z for
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering relabelling files according to the SELinux database. This is
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering useful to apply SELinux labels to specific files in /sys,
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering among other things.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Output of SysV services is now forwarded to both the console
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering and the journal by default, not only just the console.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * New man pages for all APIs from libsystemd-login.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * The build tree got reorganized and a the build system is a
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering lot more modular allowing embedded setups to specifically
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering select the components of systemd they are interested in.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Support for Linux systems lacking the kernel VT subsystem is
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * configure's --with-rootdir= got renamed to
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering --with-rootprefix= to follow the naming used by udev and
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Unless specified otherwise we'll now install to /usr instead
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * Processes with '@' in argv[0][0] are now excluded from the
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering final shut-down killing spree, following the logic explained
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * All processes remaining in a service cgroup when we enter
f8c0a2cb695e3b8140b51cb40637a09ba6eff48eLennart Poettering the START or START_PRE states are now killed with
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering SIGKILL. That means it is no longer possible to spawn
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering background processes from ExecStart= lines (which was never
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering supported anyway, and bad style).
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering * New PropagateReloadTo=/PropagateReloadFrom= options to bind
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering reloading of units together.
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering Contributions from: Bill Nottingham, Daniel J. Walsh, Dave
3943231cfeb3d76dc4ec0b9f845c3f874593a9deLennart Poettering Reisner, Dexter Morgan, Gregs Gregs, Jonathan Nieder, Kay
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering Sievers, Lennart Poettering, Michael Biebl, Michal Schmidt,
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering Michał Górny, Ran Benita, Thomas Jarosch, Tim Waugh, Tollef
ea5943d3862cc690daa76e2ad336737407ec711cLennart Poettering Fog Heen, Tom Gundersen, Zbigniew Jędrzejewski-Szmek