NEWS revision bdba9227ec6462198b63af69098a003aa2292c0f
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsyncsystemd System and Service Manager
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsyncCHANGES WITH 227:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd now depends on util-linux v2.27. More specifically,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync the newly added mount monitor feature in libmount now
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync replaces systemd's former own implementation.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * libmount mandates /etc/mtab not to be regular file, and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync systemd now enforces this condition at early boot.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync /etc/mtab has been deprecated and warned about for a very
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync long time, so systems running systemd should already have
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync stopped having this file around as anything else than a
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * Support for the "pids" cgroup controller has been added. It
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync allows accounting the number of tasks in a cgroup and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync enforcing limits on it. This adds two new setting
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync TasksAccounting= and TasksMax= to each unit, as well as a
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync global option DefaultTasksAccounting=.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * Support for the "net_cls" cgroup controller has been added.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync It allows assigning a net class ID to each task in the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync cgroup, which can then be used in firewall rules and traffic
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync shaping configurations. Note that the kernel netfilter net
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync class code does not currently work reliably for ingress
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync packets on unestablished sockets.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync This adds a new config directive called NetClass= to CGroup
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync enabled units. Allowed values are positive numbers for fixed
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync assignments and "auto" for picking a free value
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync automatically.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * 'systemctl is-system-running' now returns 'offline' if the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync system is not booted with systemd. This command can now be
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync used as a substitute for 'systemd-notify --booted'.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * Watchdog timeouts have been increased to 3 minutes for all
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync in-tree service files. Apparently, disk IO issues are more
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync frequent than we hoped, and user reported >1 minute waiting
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync for disk IO.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * 'machine-id-commit' functionality has been merged into
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync 'machine-id-setup --commit'. The separate binary has been
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The WorkingDirectory= directive in unit files may now be set
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync to the special value '~'. In this case, the working
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync directory is set to the home directory of the user
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync configured in User=.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * "machinectl shell" will now open the shell in the home
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync directory of the selected user by default.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The CrashChVT= configuration file setting is renamed to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync CrashChangeVT=, following our usual logic of not
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync abbreviating unnecessarily. The old directive is still
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync supported for compat reasons. Also, this directive now takes
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync an integer value between 1 and 63, or a boolean value. The
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync formerly supported '-1' value for disabling stays around for
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync compat reasons.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The PrivateTmp=, PrivateDevices=, PrivateNetwork=,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync NoNewPrivileges=, TTYPath=, WorkingDirectory= and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync RootDirectory= properties can now be set for transient
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The systemd-analyze tool gained a new "set-log-target" verb
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync to change the logging target the system manager logs to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync dynamically during runtime. This is similar to how
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync "systemd-analyze set-log-level" already changes the log
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * In nspawn /sys is now mounted as tmpfs, with only a selected
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync set of subdirectories mounted in from the real sysfs. This
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync enhances security slightly, and is useful for ensuring user
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync namespaces work correctly.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * Support for USB FunctionFS activation has been added. This
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync allows implementation of USB gadget services that are
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync activated as soon as they are requested, so that they don't
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync have to run continously, similar to classic socket
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync activation.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The "systemctl exit" command now optionally takes an
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync additional parameter that sets the exit code to return from
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync the systemd manager when exiting. This is only relevant when
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync running the systemd user instance, or when running the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync system instance in a container.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * sd-bus gained the new API calls sd_bus_path_encode_many()
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync and sd_bus_path_decode_many() that allow easy encoding and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync decoding of multiple identifier strings inside a D-Bus
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync object path. Another new call sd_bus_default_flush_close()
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync has been added to flush and close per-thread default
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync connections.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-cgtop gained support for a -M/--machine= switch to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync show the control groups within a certain container only.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * "systemctl kill" gained support for an optional --fail
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync switch. If specified the requested operation will fail of no
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync processes have been killed, because the unit had no
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync processes attached, or similar.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * A new systemd.crash_reboot=1 kernel command line option has
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync been added that triggers a reboot after crashing. This can
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync also be set through CrashReboot= in systemd.conf.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The RuntimeDirectory= setting now understands unit
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync specifiers like %i or %f.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * A new (still internal) libary API sd-ipv4acd has been added,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync that implements address conflict detection for IPv4. It's
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync based on code from sd-ipv4ll, and will be useful for
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync detecting DHCP address conflicts.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * File descriptors passed during socket activation may now be
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync named. A new API sd_listen_fds_with_names() is added to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync access the names. The default names may be overriden,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync either in the .socket file using the FileDescriptorName=
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync parameter, or by passing FDNAME= when storing the file
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync descriptors using sd_notify().
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-networkd gained support for:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - Setting the IPv6 Router Advertisment settings via
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync IPv6AcceptRouterAdvertisements= in .network files.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - Configuring the HelloTimeSec=, MaxAgeSec= and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync ForwardDelaySec= bridge parameters in .netdev files.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - Configuring PreferredSource= for static routes in
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync .network files.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The "ask-password" framework used to query for LUKS harddisk
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync passwords or SSL passwords during boot gained support for
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync caching passwords in the kernel keyring, if it is
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync available. This makes sure that the user only has to type in
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync a passphrase once if there are multiple objects to unlock
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync with the same one. Previously, such password caching was
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync available only when Plymouth was used; this moves the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync caching logic into the systemd codebase itself. The
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync "systemd-ask-password" utility gained a new --keyname=
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync switch to control which kernel keyring key to use for
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync caching a password in. This functionality is also useful for
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync enabling display managers such as gdm to automatically
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync unlock the user's GNOME keyring if its passphrase, the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync user's password and the harddisk password are the same, if
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync gdm-autologin is used.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * When downloading tar or raw images using "machinectl
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync pull-tar" or "machinectl pull-raw", a matching ".nspawn"
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync file is now also downloaded, if it is available and stored
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync next to the image file.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * Units of type ".socket" gained a new boolean setting
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Writable= which is only useful in conjunction with
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync ListenSpecial=. If true, enables opening the specified
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync special file in O_RDWR mode rather than O_RDONLY mode.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-rfkill has been reworked to become a singleton
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync service that is activated through /dev/rfkill on each rfkill
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync state change and saves the settings to disk. This way,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync systemd-rfkill is now compatible with devices that exist
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync only intermittendly, and even restores state if the previous
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync system shutdown was abrupt rather than clean.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The journal daemon gained support for vacuuming old journal
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync files controlled by the number of files that shall remain,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync in addition to the already existing control by size and by
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync date. This is useful as journal interleaving performance
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync degrades with too many seperate journal files, and allows
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync putting an effective limit on them. The new setting defaults
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync to 100, but this may be changed by setting SystemMaxFiles=
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync and RuntimeMaxFiles= in journald.conf. Also, the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync "journalctl" tool gained the new --vacuum-files= switch to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync manually vacuum journal files to leave only the specified
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync number of files in place.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * udev will now create /dev/disk/by-path links for ATA devices
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync on kernels where that is supported.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * Galician, Serbian, Turkish and Korean translations were added.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Contributions from: Aaro Koskinen, Alban Crequy, Beniamino
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Galvani, Benjamin Robin, Branislav Blaskovic, Chen-Han Hsiao
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync (Stanley), Daniel Buch, Daniel Machon, Daniel Mack, David
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Herrmann, David Milburn, doubleodoug, Evgeny Vereshchagin,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Felipe Franciosi, Filipe Brandenburger, Fran Dieguez, Gabriel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync de Perthuis, Georg Müller, Hans de Goede, Hendrik Brueckner,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Ivan Shapovalov, Jacob Keller, Jan Engelhardt, Jan Janssen,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Jan Synacek, Jens Kuske, Karel Zak, Kay Sievers, Krzesimir
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Nowak, Krzysztof Kotlenga, Lars Uebernickel, Lennart
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Poettering, Lukas Nykryn, Łukasz Stelmach, Maciej Wereski,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Marcel Holtmann, Marius Thesing, Martin Pitt, Michael Biebl,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Michael Gebetsroither, Michal Schmidt, Michal Sekletar, Mike
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Gilbert, Muhammet Kara, nazgul77, Nicolas Cornu, NoXPhasma,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Olof Johansson, Patrik Flykt, Pawel Szewczyk, reverendhomer,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Ronny Chevalier, Sangjung Woo, Seong-ho Cho, Susant Sahani,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Sylvain Plantefève, Thomas Haller, Thomas Hindoe Paaboel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Andersen, Tom Gundersen, Tom Lyon, Viktar Vauchkevich,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Zbigniew Jędrzejewski-Szmek, Марко М. Костић
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync -- Milina, 2015-10-07
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsyncCHANGES WITH 226:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The DHCP implementation of systemd-networkd gained a set of
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync new features:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - The DHCP server now supports emitting DNS and NTP
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync information. It may be enabled and configured via
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync EmitDNS=, DNS=, EmitNTP=, and NTP=. If transmission of DNS
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync and NTP information is enabled, but no servers are
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync configured, the corresponding uplink information (if there
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync is any) is propagated.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - Server and client now support transmission and reception
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync of timezone information. It can be configured via the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync newly introduced network options UseTimezone=,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync EmitTimezone=, and Timezone=. Transmission of timezone
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync information is enabled between host and containers by
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync default now: the container will change its local timezone
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync to what the host has set.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - Lease timeouts can now be configured via
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync MaxLeaseTimeSec= and DefaultLeaseTimeSec=.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - The DHCP server improved on the stability of
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync leases. Clients are more likely to get the same lease
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync information back, even if the server loses state.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - The DHCP server supports two new configuration options to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync control the lease address pool metrics, PoolOffset= and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The encapsulation limit of tunnels in systemd-networkd may
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync now be configured via 'EncapsulationLimit='. It allows
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync modifying the maximum additional levels of encapsulation
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync that are permitted to be prepended to a packet.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd now supports the concept of user buses replacing
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync session buses, if used with dbus-1.10 (and enabled via dbus
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync --enable-user-session). It previously only supported this on
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync kdbus-enabled systems, and this release expands this to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync 'dbus-daemon' systems.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-networkd now supports predictable interface names
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync for virtio devices.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd now optionally supports the new Linux kernel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync "unified" control group hierarchy. If enabled via the kernel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync command-line option 'systemd.unified_cgroup_hierarchy=1',
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync systemd will try to mount the unified cgroup hierarchy
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync directly on /sys/fs/cgroup. If not enabled, or not
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync available, systemd will fall back to the legacy cgroup
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync hierarchy setup, as before. Host system and containers can
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync mix and match legacy and unified hierarchies as they
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync wish. nspawn understands the $UNIFIED_CROUP_HIERARCHY
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync environment variable to individually select the hierarchy to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync use for executed containers. By default, nspawn will use the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync unified hierarchy for the containers if the host uses the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync unified hierarchy, and the legacy hierarchy otherwise.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Please note that at this point the unified hierarchy is an
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync experimental kernel feature and is likely to change in one
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync of the next kernel releases. Therefore, it should not be
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync enabled by default in downstream distributions yet. The
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync minimum required kernel version for the unified hierarchy to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync work is 4.2. Note that when the unified hierarchy is used
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync for the first time delegated access to controllers is
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync safe. Because of this systemd-nspawn containers will get
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync access to controllers now, as will systemd user
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync sessions. This means containers and user sessions may now
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync manage their own resources, partitioning up what the system
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync grants them.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * A new special scope unit "init.scope" has been introduced
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync that encapsulates PID 1 of the system. It may be used to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync determine resource usage and enforce resource limits on PID
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync 1 itself. PID 1 hence moved out of the root of the control
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync group tree.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The cgtop tool gained support for filtering out kernel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync threads when counting tasks in a control group. Also, the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync count of processes is now recursively summed up by
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync default. Two options -k and --recursive= have been added to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync revert to old behaviour. The tool has also been updated to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync work correctly in containers now.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-nspawn's --bind= and --bind-ro= options have been
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync extended to allow creation of non-recursive bind mounts.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * libsystemd gained two new calls sd_pid_get_cgroup() and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync sd_peer_get_cgroup() which return the control group path of
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync a process or peer of a connected AF_UNIX socket. This
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync function call is particularly useful when implementing
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync delegated subtrees support in the control group hierarchy.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The "sd-event" event loop API of libsystemd now supports
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync correct dequeuing of real-time signals, without losing
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync signal events.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * When systemd requests a PolicyKit decision when managing
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync units it will now add additional fields to the request,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync including unit name and desired operation. This enables more
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync powerful PolicyKit policies, that make decisions depending
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync on these parameters.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * nspawn learnt support for .nspawn settings files, that may
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync accompany the image files or directories of containers, and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync may contain additional settings for the container. This is
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync an alternative to configuring container parameters via the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync nspawn command line.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Contributions from: Cristian Rodríguez, Daniel Mack, David
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Herrmann, Eugene Yakubovich, Evgeny Vereshchagin, Filipe
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Brandenburger, Hans de Goede, Jan Alexander Steffens, Jan
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Synacek, Kay Sievers, Lennart Poettering, Mangix, Marcel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Holtmann, Martin Pitt, Michael Biebl, Michael Chapman, Michal
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Sekletar, Peter Hutterer, Piotr Drąg, reverendhomer, Robin
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Hack, Susant Sahani, Sylvain Pasche, Thomas Hindoe Paaboel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Andersen, Tom Gundersen, Torstein Husebø
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync -- Berlin, 2015-09-08
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsyncCHANGES WITH 225:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * machinectl gained a new verb 'shell' which opens a fresh
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync shell on the target container or the host. It is similar to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync the existing 'login' command of machinectl, but spawns the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync shell directly without prompting for username or
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync password. The pseudo machine '.host' now refers to the local
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync host and is used by default. Hence, 'machinectl shell' can
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync be used as replacement for 'su -' which spawns a session as
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync a fresh systemd unit in a way that is fully isolated from
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync the originating session.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-networkd learned to cope with private-zone DHCP
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync options and allows other programs to query the values.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * SELinux access control when enabling/disabling units is no
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync longer enforced with this release. The previous
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync implementation was incorrect, and a new corrected
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync implementation is not yet available. As unit file operations
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync are still protected via PolicyKit and D-Bus policy this is
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync not a security problem. Yet, distributions which care about
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync optimal SELinux support should probably not stabilize on
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync this release.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * sd-bus gained support for matches of type "arg0has=", that
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync test for membership of strings in string arrays sent in bus
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-resolved now dumps the contents of its DNS and LLMNR
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync caches to the logs on reception of the SIGUSR1 signal. This
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync is useful to debug DNS behaviour.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The coredumpctl tool gained a new --directory= option to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync operate on journal files in a specific directory.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * "systemctl reboot" and related commands gained a new
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync "--message=" option which may be used to set a free-text
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync wall message when shutting down or rebooting the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync system. This message is also logged, which is useful for
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync figuring out the reason for a reboot or shutdown a
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync posteriori.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The "systemd-resolve-host" tool's -i switch now takes
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync network interface numbers as alternative to interface names.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * A new unit file setting for services has been introduced:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync UtmpMode= allows configuration of how precisely systemd
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync handles utmp and wtmp entries for the service if this is
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync enabled. This allows writing services that appear similar to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync user sessions in the output of the "w", "who", "last" and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync "lastlog" tools.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-resolved will now locally synthesize DNS resource
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync records for the "localhost" and "gateway" domains as well as
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync the local hostname. This should ensure that clients querying
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync RRs via resolved will get similar results as those going via
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync NSS, if nss-myhostname is enabled.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Contributions from: Alastair Hughes, Alex Crawford, Daniel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Mack, David Herrmann, Dimitri John Ledkov, Eric Kostrowski,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Evgeny Vereshchagin, Felipe Sateler, HATAYAMA Daisuke, Jan
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Pokorný, Jan Synacek, Johnny Robeson, Karel Zak, Kay Sievers,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Kefeng Wang, Lennart Poettering, Major Hayden, Marcel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Holtmann, Markus Elfring, Martin Mikkelsen, Martin Pitt, Matt
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Turner, Maxim Mikityanskiy, Michael Biebl, Namhyung Kim,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Nicolas Cornu, Owen W. Taylor, Patrik Flykt, Peter Hutterer,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync reverendhomer, Richard Maw, Ronny Chevalier, Seth Jennings,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Stef Walter, Susant Sahani, Thomas Blume, Thomas Hindoe
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Paaboel Andersen, Thomas Meyer, Tom Gundersen, Vincent Batts,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync WaLyong Cho, Zbigniew Jędrzejewski-Szmek
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync -- Berlin, 2015-08-27
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsyncCHANGES WITH 224:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The systemd-efi-boot-generator functionality was merged into
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync systemd-gpt-auto-generator.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-networkd now supports Group Policy for vxlan
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync devices. It can be enabled via the new boolean configuration
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync option called 'GroupPolicyExtension='.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Contributions from: Andreas Kempf, Christian Hesse, Daniel Mack, David
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Herrmann, Herman Fries, Johannes Nixdorf, Kay Sievers, Lennart
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Poettering, Peter Hutterer, Susant Sahani, Tom Gundersen
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync -- Berlin, 2015-07-31
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsyncCHANGES WITH 223:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The python-systemd code has been removed from the systemd repository.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync A new repository has been created which accommodates the code from
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync now on, and we kindly ask distributions to create a separate package
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync for this: https://github.com/systemd/python-systemd
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The systemd daemon will now reload its main configuration
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync (/etc/systemd/system.conf) on daemon-reload.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * sd-dhcp now exposes vendor specific extensions via
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync sd_dhcp_lease_get_vendor_specific().
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-networkd gained a number of new configuration options.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - A new boolean configuration option for TAP devices called
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync 'VNetHeader='. If set, the IFF_VNET_HDR flag is set for the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync device, thus allowing to send and receive GSO packets.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - A new tunnel configuration option called 'CopyDSCP='.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync If enabled, the DSCP field of ip6 tunnels is copied into the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync decapsulated packet.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - A set of boolean bridge configuration options were added.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync 'UseBPDU=', 'HairPin=', 'FastLeave=', 'AllowPortToBeRoot=',
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync and 'UnicastFlood=' are now parsed by networkd and applied to the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync respective bridge link device via the respective IFLA_BRPORT_*
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync netlink attribute.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - A new string configuration option to override the hostname sent
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync to a DHCP server, called 'Hostname='. If set and 'SendHostname='
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync is true, networkd will use the configured hostname instead of the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync system hostname when sending DHCP requests.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - A new tunnel configuration option called 'IPv6FlowLabel='. If set,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync networkd will configure the IPv6 flow-label of the tunnel device
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync according to RFC2460.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync - The 'macvtap' virtual network devices are now supported, similar to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync the already supported 'macvlan' devices.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-resolved now implements RFC5452 to improve resilience against
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync cache poisoning. Additionally, source port randomization is enabled
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync by default to further protect against DNS spoofing attacks.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * nss-mymachines now supports translating UIDs and GIDs of running
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync containers with user-namespaces enabled. If a container 'foo'
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync translates a host uid 'UID' to the container uid 'TUID', then
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync nss-mymachines will also map uid 'UID' to/from username 'vu-foo-TUID'
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync (with 'foo' and 'TUID' replaced accordingly). Similarly, groups are
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync mapped as 'vg-foo-TGID'.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Contributions from: Beniamino Galvani, cee1, Christian Hesse, Daniel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Buch, Daniel Mack, daurnimator, David Herrmann, Dimitri John Ledkov,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync HATAYAMA Daisuke, Ivan Shapovalov, Jan Alexander Steffens (heftig),
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Johan Ouwerkerk, Jose Carlos Venegas Munoz, Karel Zak, Kay Sievers,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Lennart Poettering, Lidong Zhong, Martin Pitt, Michael Biebl, Michael
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Olbrich, Michal Schmidt, Michal Sekletar, Mike Gilbert, Namhyung Kim,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Nick Owens, Peter Hutterer, Richard Maw, Steven Allen, Sungbae Yoo,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Susant Sahani, Thomas Blume, Thomas Hindoe Paaboel Andersen, Tom
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Gundersen, Torstein Husebø, Umut Tezduyar Lindskog, Vito Caputo,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Vivenzio Pagliari, Zbigniew Jędrzejewski-Szmek
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync -- Berlin, 2015-07-29
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsyncCHANGES WITH 222:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * udev does not longer support the WAIT_FOR_SYSFS= key in udev rules.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync There are no known issues with current sysfs, and udev does not need
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync or should be used to work around such bugs.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * udev does no longer enable USB HID power management. Several reports
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync indicate, that some devices cannot handle that setting.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The udev accelerometer helper was removed. The functionality
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync is now fully included in iio-sensor-proxy. But this means,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync older iio-sensor-proxy versions will no longer provide
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync accelerometer/orientation data with this systemd version.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Please upgrade iio-sensor-proxy to version 1.0.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * networkd gained a new configuration option IPv6PrivacyExtensions=
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync which enables IPv6 privacy extensions (RFC 4941, "Privacy Extensions
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync for Stateless Address") on selected networks.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * For the sake of fewer build-time dependencies and less code in the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync main repository, the python bindings are about to be removed in the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync next release. A new repository has been created which accommodates
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync the code from now on, and we kindly ask distributions to create a
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync separate package for this. The removal will take place in v223.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Contributions from: Abdo Roig-Maranges, Andrew Eikum, Bastien Nocera,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Cédric Delmas, Christian Hesse, Christos Trochalakis, Daniel Mack,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync daurnimator, David Herrmann, Dimitri John Ledkov, Eric Biggers, Eric
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Cook, Felipe Sateler, Geert Jansen, Gerd Hoffmann, Gianpaolo Macario,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Greg Kroah-Hartman, Iago López Galeiras, Jan Alexander Steffens
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync (heftig), Jan Engelhardt, Jay Strict, Kay Sievers, Lennart Poettering,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Markus Knetschke, Martin Pitt, Michael Biebl, Michael Marineau, Michal
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Sekletar, Miguel Bernal Marin, Peter Hutterer, Richard Maw, rinrinne,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Susant Sahani, Thomas Hindoe Paaboel Andersen, Tom Gundersen, Torstein
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Husebø, Vedran Miletić, WaLyong Cho, Zbigniew Jędrzejewski-Szmek
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync -- Berlin, 2015-07-07
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsyncCHANGES WITH 221:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The sd-bus.h and sd-event.h APIs have now been declared
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync stable and have been added to the official interface of
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync libsystemd.so. sd-bus implements an alternative D-Bus client
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync library, that is relatively easy to use, very efficient and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync supports both classic D-Bus as well as kdbus as transport
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync backend. sd-event is a generic event loop abstraction that
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync is built around Linux epoll, but adds features such as event
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync prioritization or efficient timer handling. Both APIs are good
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync choices for C programs looking for a bus and/or event loop
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync implementation that is minimal and does not have to be
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync portable to other kernels.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * kdbus support is no longer compile-time optional. It is now
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync always built-in. However, it can still be disabled at
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync runtime using the kdbus=0 kernel command line setting, and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync that setting may be changed to default to off, by specifying
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync --disable-kdbus at build-time. Note though that the kernel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync command line setting has no effect if the kdbus.ko kernel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync module is not installed, in which case kdbus is (obviously)
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync also disabled. We encourage all downstream distributions to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync begin testing kdbus by adding it to the kernel images in the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync development distributions, and leaving kdbus support in
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync systemd enabled.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The minimal required util-linux version has been bumped to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * Support for chkconfig (--enable-chkconfig) was removed in
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync favor of calling an abstraction tool
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync /lib/systemd/systemd-sysv-install. This needs to be
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync implemented for your distribution. See "SYSV INIT.D SCRIPTS"
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync in README for details.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * If there's a systemd unit and a SysV init script for the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync same service name, and the user executes "systemctl enable"
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync for it (or a related call), then this will now enable both
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync (or execute the related operation on both), not just the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The libudev API documentation has been converted from gtkdoc
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync into man pages.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * gudev has been removed from the systemd tree, it is now an
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync external project.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The systemd-cgtop tool learnt a new --raw switch to generate
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync "raw" (machine parsable) output.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * networkd's IPForwarding= .network file setting learnt the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync new setting "kernel", which ensures that networkd does not
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync change the IP forwarding sysctl from the default kernel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The systemd-logind bus API now exposes a new boolean
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync property "Docked" that reports whether logind considers the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync system "docked", i.e. connected to a docking station or not.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Contributions from: Alex Crawford, Andreas Pokorny, Andrei
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Borzenkov, Charles Duffy, Colin Guthrie, Cristian Rodríguez,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Daniele Medri, Daniel Hahler, Daniel Mack, David Herrmann,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync David Mohr, Dimitri John Ledkov, Djalal Harouni, dslul, Ed
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Swierk, Eric Cook, Filipe Brandenburger, Gianpaolo Macario,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Harald Hoyer, Iago López Galeiras, Igor Vuk, Jan Synacek,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Jason Pleau, Jason S. McMullan, Jean Delvare, Jeff Huang,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Jonathan Boulle, Karel Zak, Kay Sievers, kloun, Lennart
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Poettering, Marc-Antoine Perennou, Marcel Holtmann, Mario
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Limonciello, Martin Pitt, Michael Biebl, Michael Olbrich,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Michal Schmidt, Mike Gilbert, Nick Owens, Pablo Lezaeta Reyes,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Patrick Donnelly, Pavel Odvody, Peter Hutterer, Philip
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Withnall, Ronny Chevalier, Simon McVittie, Susant Sahani,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Thomas Hindoe Paaboel Andersen, Tom Gundersen, Torstein
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Husebø, Umut Tezduyar Lindskog, Viktar Vauchkevich, Werner
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Fink, Zbigniew Jędrzejewski-Szmek
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync -- Berlin, 2015-06-19
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsyncCHANGES WITH 220:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The gudev library has been extracted into a separate repository
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync available at: https://git.gnome.org/browse/libgudev/
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync It is now managed as part of the Gnome project. Distributions
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync are recommended to pass --disable-gudev to systemd and use
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync gudev from the Gnome project instead. gudev is still included
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync in systemd, for now. It will be removed soon, though. Please
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync also see the announcement-thread on systemd-devel:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync http://lists.freedesktop.org/archives/systemd-devel/2015-May/032070.html
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd now exposes a CPUUsageNSec= property for each
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync service unit on the bus, that contains the overall consumed
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync CPU time of a service (the sum of what each process of the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync service consumed). This value is only available if
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync CPUAccounting= is turned on for a service, and is then shown
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync in the "systemctl status" output.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * Support for configuring alternative mappings of the old SysV
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync runlevels to systemd targets has been removed. They are now
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync hardcoded in a way that runlevels 2, 3, 4 all map to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync previously was already the default behaviour).
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The auto-mounter logic gained support for mount point
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync expiry, using a new TimeoutIdleSec= setting in .automount
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync units. (Also available as x-systemd.idle-timeout= in /etc/fstab).
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The EFI System Partition (ESP) as mounted to /boot by
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync systemd-efi-boot-generator will now be unmounted
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync automatically after 2 minutes of not being used. This should
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync minimize the risk of ESP corruptions.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync x-systemd.requires-mounts-for= are now supported to express
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync additional dependencies for mounts. This is useful for
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync journalling file systems that support external journal
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync devices or overlay file systems that require underlying file
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync systems to be mounted.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd does not support direct live-upgrades (via systemctl
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync daemon-reexec) from versions older than v44 anymore. As no
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync distribution we are aware of shipped such old versions in a
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync stable release this should not be problematic.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * When systemd forks off a new per-connection service instance
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync it will now set the $REMOTE_ADDR environment variable to the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync remote IP address, and $REMOTE_PORT environment variable to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync the remote IP port. This behaviour is similar to the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync corresponding environment variables defined by CGI.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-networkd gained support for uplink failure
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync detection. The BindCarrier= option allows binding interface
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync configuration dynamically to the link sense of other
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync interfaces. This is useful to achieve behaviour like in
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync network switches.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-networkd gained support for configuring the DHCP
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync client identifier to use when requesting leases.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-networkd now has a per-network UseNTP= option to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync configure whether NTP server information acquired via DHCP
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync is passed on to services like systemd-timesyncd.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-networkd gained support for vti6 tunnels.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * Note that systemd-networkd manages the sysctl variable
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync /proc/sys/net/ipv[46]/conf/*/forwarding for each interface
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync it is configured for since v219. The variable controls IP
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync forwarding, and is a per-interface alternative to the global
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync /proc/sys/net/ipv[46]/ip_forward. This setting is
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync configurable in the IPForward= option, which defaults to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync "no". This means if networkd is used for an interface it is
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync no longer sufficient to set the global sysctl option to turn
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync on IP forwarding! Instead, the .network file option
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync IPForward= needs to be turned on! Note that the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync implementation of this behaviour was broken in v219 and has
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync been fixed in v220.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * Many bonding and vxlan options are now configurable in
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync systemd-networkd.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-nspawn gained a new --property= setting to set unit
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync properties for the container scope. This is useful for
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync setting resource parameters (e.g "CPUShares=500") on
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync containers started from the command line.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-nspawn gained a new --private-users= switch to make
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync use of user namespacing available on recent Linux kernels.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-nspawn may now be called as part of a shell pipeline
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync in which case the pipes used for stdin and stdout are passed
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync directly to the process invoked in the container, without
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync indirection via a pseudo tty.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-nspawn gained a new switch to control the UNIX
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync signal to use when killing the init process of the container
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync when shutting down.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-nspawn gained a new --overlay= switch for mounting
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync overlay file systems into the container using the new kernel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync overlayfs support.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * When a container image is imported via systemd-importd and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync the host file system is not btrfs, a loopback block device
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync file is created in /var/lib/machines.raw with a btrfs file
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync system inside. It is then mounted to /var/lib/machines to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync enable btrfs features for container management. The loopback
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync file and btrfs file system is grown as needed when container
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync images are imported via systemd-importd.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-machined/systemd-importd gained support for btrfs
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync quota, to enforce container disk space limits on disk. This
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync is exposed in "machinectl set-limit".
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-importd now can import containers from local .tar,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync .raw and .qcow2 images, and export them to .tar and .raw. It
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync can also import dkr v2 images now from the network (on top
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync of v1 as before).
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-importd gained support for verifying downloaded
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync images with gpg2 (previously only gpg1 was supported).
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-machined, systemd-logind, systemd: most bus calls
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync are now accessible to unprivileged processes via
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync PolicyKit. Also, systemd-logind will now allow users to kill
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync their own sessions without further privileges or
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync authorization.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-shutdownd has been removed. This service was
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync previously responsible for implementing scheduled shutdowns
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync as exposed in /usr/bin/shutdown's time parameter. This
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync functionality has now been moved into systemd-logind and is
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync accessible via a bus interface.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * "systemctl reboot" gained a new switch --firmware-setup that
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync can be used to reboot into the EFI firmware setup, if that
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync is available. systemd-logind now exposes an API on the bus
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync to trigger such reboots, in case graphical desktop UIs want
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync to cover this functionality.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * "systemctl enable", "systemctl disable" and "systemctl mask"
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync now support a new "--now" switch. If specified the units
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync that are enabled will also be started, and the ones
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The Gummiboot EFI boot loader tool has been merged into
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync systemd, and renamed to "systemd-boot". The bootctl tool has been
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync updated to support systemd-boot.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * An EFI kernel stub has been added that may be used to create
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync kernel EFI binaries that contain not only the actual kernel,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync but also an initrd, boot splash, command line and OS release
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync information. This combined binary can then be signed as a
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync single image, so that the firmware can verify it all in one
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync step. systemd-boot has special support for EFI binaries created
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync like this and can extract OS release information from them
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync and show them in the boot menu. This functionality is useful
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync to implement cryptographically verified boot schemes.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * Optional support has been added to systemd-fsck to pass
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync fsck's progress report to an AF_UNIX socket in the file
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * udev will no longer create device symlinks for all block
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync devices by default. A blacklist for excluding special block
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync devices from this logic has been turned into a whitelist
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync that requires picking block devices explicitly that require
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync device symlinks.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * A new (currently still internal) API sd-device.h has been
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync added to libsystemd. This modernized API is supposed to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync replace libudev eventually. In fact, already much of libudev
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync is now just a wrapper around sd-device.h.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * A new hwdb database for storing metadata about pointing
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync stick devices has been added.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-tmpfiles gained support for setting file attributes
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync similar to the "chattr" tool with new 'h' and 'H' lines.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-journald will no longer unconditionally set the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync btrfs NOCOW flag on new journal files. This is instead done
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync with tmpfiles snippet using the new 'h' line type. This
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync allows easy disabling of this logic, by masking the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-journald will now translate audit message types to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync human readable identifiers when writing them to the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync journal. This should improve readability of audit messages.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The LUKS logic gained support for the offset= and skip=
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync options in /etc/crypttab, as previously implemented by
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * /usr/lib/os-release gained a new optional field VARIANT= for
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync distributions that support multiple variants (such as a
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync desktop edition, a server edition, ...)
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Contributions from: Aaro Koskinen, Adam Goode, Alban Crequy,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Alberto Fanjul Alonso, Alexander Sverdlin, Alex Puchades, Alin
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Rauta, Alison Chaiken, Andrew Jones, Arend van Spriel,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Benedikt Morbach, Benjamin Franzke, Benjamin Tissoires, Blaž
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Tomažič, Chris Morgan, Chris Morin, Colin Walters, Cristian
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Rodríguez, Daniel Buch, Daniel Drake, Daniele Medri, Daniel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Mack, Daniel Mustieles, daurnimator, Davide Bettio, David
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Herrmann, David Strauss, Didier Roche, Dimitri John Ledkov,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Eric Cook, Gavin Li, Goffredo Baroncelli, Hannes Reinecke,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Hans de Goede, Hans-Peter Deifel, Harald Hoyer, Iago López
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Galeiras, Ivan Shapovalov, Jan Engelhardt, Jan Janssen, Jan
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Pazdziora, Jan Synacek, Jasper St. Pierre, Jay Faulkner, John
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Paul Adrian Glaubitz, Jonathon Gilbert, Karel Zak, Kay
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Sievers, Koen Kooi, Lennart Poettering, Lubomir Rintel, Lucas
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync De Marchi, Lukas Nykryn, Lukas Rusak, Lukasz Skalski, Łukasz
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Stelmach, Mantas Mikulėnas, Marc-Antoine Perennou, Marcel
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Holtmann, Martin Pitt, Mathieu Chevrier, Matthew Garrett,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Michael Biebl, Michael Marineau, Michael Olbrich, Michal
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Schmidt, Michal Sekletar, Mirco Tischler, Nir Soffer, Patrik
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Flykt, Pavel Odvody, Peter Hutterer, Peter Lemenkov, Peter
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Waller, Piotr Drąg, Raul Gutierrez S, Richard Maw, Ronny
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Chevalier, Ross Burton, Sebastian Rasmussen, Sergey Ptashnick,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Seth Jennings, Shawn Landden, Simon Farnsworth, Stefan Junker,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Stephen Gallagher, Susant Sahani, Sylvain Plantefève, Thomas
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Haller, Thomas Hindoe Paaboel Andersen, Tobias Hunger, Tom
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Gundersen, Torstein Husebø, Umut Tezduyar Lindskog, Will
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync Woods, Zachary Cook, Zbigniew Jędrzejewski-Szmek
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync -- Berlin, 2015-05-22
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsyncCHANGES WITH 219:
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * Introduce a new API "sd-hwdb.h" for querying the hardware
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync metadata database. With this minimal interface one can query
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync and enumerate the udev hwdb, decoupled from the old libudev
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync library. libudev's interface for this is now only a wrapper
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync around sd-hwdb. A new tool systemd-hwdb has been added to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync interface with and update the database.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * When any of systemd's tools copies files (for example due to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync tmpfiles' C lines) a btrfs reflink will attempted first,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync before bytewise copying is done.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-nspawn gained a new --ephemeral switch. When
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync specified a btrfs snapshot is taken of the container's root
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync directory, and immediately removed when the container
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync terminates again. Thus, a container can be started whose
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync changes never alter the container's root directory, and are
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync lost on container termination. This switch can also be used
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync for starting a container off the root file system of the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync host without affecting the host OS. This switch is only
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync available on btrfs file systems.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-nspawn gained a new --template= switch. It takes the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync path to a container tree to use as template for the tree
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync specified via --directory=, should that directory be
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync missing. This allows instantiating containers dynamically,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync on first run. This switch is only available on btrfs file
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * When a .mount unit refers to a mount point on which multiple
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync mounts are stacked, and the .mount unit is stopped all of
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync the stacked mount points will now be unmounted until no
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync mount point remains.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd now has an explicit notion of supported and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync unsupported unit types. Jobs enqueued for unsupported unit
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync types will now fail with an "unsupported" error code. More
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync specifically .swap, .automount and .device units are not
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync supported in containers, .busname units are not supported on
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync non-kdbus systems. .swap and .automount are also not
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync supported if their respective kernel compile time options
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync are disabled.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * machinectl gained support for two new "copy-from" and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync "copy-to" commands for copying files from a running
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync container to the host or vice versa.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * machinectl gained support for a new "bind" command to bind
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync mount host directories into local containers. This is
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync currently only supported for nspawn containers.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * networkd gained support for configuring bridge forwarding
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync database entries (fdb) from .network files.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * A new tiny daemon "systemd-importd" has been added that can
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync download container images in tar, raw, qcow2 or dkr formats,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync and make them available locally in /var/lib/machines, so
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync that they can run as nspawn containers. The daemon can GPG
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync verify the downloads (not supported for dkr, since it has no
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync provisions for verifying downloads). It will transparently
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync decompress bz2, xz, gzip compressed downloads if necessary,
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync and restore sparse files on disk. The daemon uses privilege
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync separation to ensure the actual download logic runs with
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync fewer privileges than the daemon itself. machinectl has
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync gained new commands "pull-tar", "pull-raw" and "pull-dkr" to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync make the functionality of importd available to the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync user. With this in place the Fedora and Ubuntu "Cloud"
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync images can be downloaded and booted as containers unmodified
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync (the Fedora images lack the appropriate GPG signature files
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync currently, so they cannot be verified, but this will change
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync soon, hopefully). Note that downloading images is currently
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync only fully supported on btrfs.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * machinectl is now able to list container images found in
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync /var/lib/machines, along with some metadata about sizes of
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync disk and similar. If the directory is located on btrfs and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync quota is enabled, this includes quota display. A new command
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync "image-status" has been added that shows additional
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync information about images.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * machinectl is now able to clone container images
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync efficiently, if the underlying file system (btrfs) supports
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync it, with the new "machinectl list-images" command. It also
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync gained commands for renaming and removing images, as well as
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync marking them read-only or read-write (supported also on
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync legacy file systems).
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * networkd gained support for collecting LLDP network
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync announcements, from hardware that supports this. This is
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync shown in networkctl output.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-run gained support for a new -t (--pty) switch for
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync invoking a binary on a pty whose input and output is
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync connected to the invoking terminal. This allows executing
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync processes as system services while interactively
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync communicating with them via the terminal. Most interestingly
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync this is supported across container boundaries. Invoking
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync "systemd-run -t /bin/bash" is an alternative to running a
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync full login session, the difference being that the former
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync will not register a session, nor go through the PAM session
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * tmpfiles gained support for a new "v" line type for creating
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync btrfs subvolumes. If the underlying file system is a legacy
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync file system, this automatically degrades to creating a
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync normal directory. Among others /var/lib/machines is now
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync created like this at boot, should it be missing.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * The directory /var/lib/containers/ has been deprecated and
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync been replaced by /var/lib/machines. The term "machines" has
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync been used in the systemd context as generic term for both
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync VMs and containers, and hence appears more appropriate for
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync this, as the directory can also contain raw images bootable
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-nspawn when invoked with -M but without --directory=
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync or --image= is now capable of searching for the container
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync root directory, subvolume or disk image automatically, in
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync /var/lib/machines. systemd-nspawn@.service has been updated
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync to make use of this, thus allowing it to be used for raw
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync disk images, too.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * A new machines.target unit has been introduced that is
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync supposed to group all containers/VMs invoked as services on
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync the system. systemd-nspawn@.service has been updated to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync integrate with that.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * machinectl gained a new "start" command, for invoking a
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync container as a service. "machinectl start foo" is mostly
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync equivalent to "systemctl start systemd-nspawn@foo.service",
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync but handles escaping in a nicer way.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd-nspawn will now mount most of the cgroupfs tree
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync read-only into each container, with the exception of the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync container's own subtree in the name=systemd hierarchy.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * journald now sets the special FS_NOCOW file flag for its
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync journal files. This should improve performance on btrfs, by
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync avoiding heavy fragmentation when journald's write-pattern
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync is used on COW file systems. It degrades btrfs' data
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync integrity guarantees for the files to the same levels as for
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync ext3/ext4 however. This should be OK though as journald does
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync its own data integrity checks and all its objects are
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync checksummed on disk. Also, journald should handle btrfs disk
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync full events a lot more gracefully now, by processing SIGBUS
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync errors, and not relying on fallocate() anymore.
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * When journald detects that journal files it is writing to
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync have been deleted it will immediately start new journal
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync * systemd now provides a way to store file descriptors
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync per-service in PID 1.This is useful for daemons to ensure
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync that fds they require are not lost during a daemon
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync restart. The fds are passed to the daemon on the next
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync invocation in the same way socket activation fds are
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync passed. This is now used by journald to ensure that the
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync various sockets connected to all the system's stdout/stderr
b6251cd7c3ee1990339b293f31a18bccb5602ef8vboxsync are not lost when journald is restarted. File descriptors
but allows PgUp/PgDn work.
* The /etc/crypttab option header= as known from Debian is now
user/session following the status output. Similar,
done in the VM/container itself, but simply what the
session/user parameter in which case they apply to the
caller's session/user.
per-link IPv4/IPv6 packet forwarding as well as IPv4
* /etc/os-release gained support for a Distribution Privacy
* systemd now exposes the memory.usage_in_bytes cgroup
copying it from /usr/lib to /etc). This will invoke the
chroot directory, /proc/$PID/status, and a list of open file
.conf.d configuration directories in /etc/, /run/,
journal-upload.conf. Note that distributions should use the
configuration directories in /usr/lib/; the directories in
* A new service systemd-machine-id-commit.service has been
boot, and /etc/machine-id is not initialized (but an empty
luks.name= argument.
Richard Schütz, Richard W.M. Jones, Ronny Chevalier, Ross
persistent storage is enabled. systemd-journal-flush.service
$XDG_RUNTIME_DIR/systemd/user/. This is similar to the
/run/systemd/user directory that was already previously
* Job timeouts (i.e. time-outs on the time a job that is
basic.target) hangs and does not complete for at least
an immediate power-off/reboot operation is triggered. This
Discard options specified for swaps in /etc/fstab are now
the user input is shown, useful e.g. for user names.
* The default sysctl.d/ snippets will now set:
net.core.default_qdisc = fq_codel
rescue.target), which was previously available only by
mount.usrfstype= have been added that match root=, rootflags=,
similar coredump/backtrace behaviour as services that hit a
/usr/lib/systemd/ntp-units.d/*.list. Alternative NTP
Conflicts=systemd-timesyncd.service
well as the user/group databases, which should enhance
* /etc/machine-info now has new fields for configuring the
next releases we intend to add a DNSSEC and mDNS/DNS-SD
be started only after timer-sync.target has been
(ForwardToSyslog= in journald.conf).
* The default sysctl.d/ snippets will now set
creates system users and groups in /etc/passwd and
definitions in /usr/lib/sysusers.d/. This is useful to
with two default sysusers.d/ files for the most basic
/var/cache/man/ has been removed from the default
automatic clean-up of /var/cache/man will take place.
themselves before the new systemd-update-done.service, which
as tun/tap and dummy devices.
* The /etc/os-release file should now be placed in
/usr/lib/os-release. The old location is automatically
created as symlink. /usr/lib is the more appropriate
symlink/copy the files from) is now optional. If omitted the
same file os copied from /usr/share/factory/ suffixed by the
shipped in /usr/share/factory/etc.
* A new passive target cryptsetup-pre.target has been added
on disk (in /var/lib/systemd/coredump, possibly compressed),
/etc/systemd/coredump.conf has been added to configure this
* New kernel command line options "systemd.wants=" (for
pulling an additional unit during boot), "systemd.mask="
"systemd.debug-shell" (for enabling the debug shell on tty9)
* systemd.pc now exports a number of additional directories,
container (read from /etc/os-release and
/usr/lib/os-release) on the bus. This is now shown in
the kernel modules to /etc/modules-load.d/ as a work-around.
* The resolv.conf file systemd-resolved generates has been
moved to /run/systemd/resolve/. If you have a symlink from
/etc/resolv.conf, it might be necessary to correct it.
used for a service (which makes /dev/log itself unavailable,
of LSB/SysV init scripts nowadays.
/var has been added. This is enough to create the /var/run →
the sgid/suid/sticky bits will be masked for all
* A new passive target unit "network-pre.target" has been
* The "floppy" group that previously owned the /dev/fd*
get a dependency on network-online.target rather than simply
network.target. This should bring LSB handling closer to
* A new fsck.repair= kernel option has been added to control
manages resolv.conf based on per-interface DNS
default. It will delay network-online.target until a network
configured hostname in /etc/hostname (unless set to
service, rescue/emergency mode and system shutdown. This
be turned off by using the RemoveIPC= switch of logind.conf.
* /sys/fs/cgroup/ is now mounted read-only after all cgroup
find to implement shm_open() if /dev/shm is not available
* A new system.conf configuration option
* The systemd configuration file system.conf gained new
DefaultMemoryAccounting= to globally turn on/off accounting
/etc/fstab and without root= on the kernel command line on
* The sd-bus.h bus API gained a new sd_bus_track object for
tracking the life-cycle of bus peers. Note that sd-bus.h is
filling up their $XDG_RUNTIME_DIR. A new logind.conf setting
still does not support), as /dev/shm and /tmp are still
suspend/resume cycle, and 3min after system boot before
according to SI conventions (i.e. to the base 1000) when
with IEC conventions (i.e. to the base 1024) for software
based on the /proc/devices listing. For example, with the
enabled/disabled using systemctl. It still is enabled by
* The compatibility libraries for libsystemd-journal.so,
libsystemd-daemon.so do not make use of IFUNC
anymore. Instead, we now build libsystemd.so multiple times
* Add a new tool to save/restore rfkill state on
* Save/restore state of keyboard backlights in addition to
display backlights on shutdown/boot.
from files in /etc/systemd/network/*.link. These files can
80-net-name-slot.rules udev configuration file has been
be adapated to override 99-default.link instead.
introspection data anymore to /usr/share/dbus-1/interfaces,
* A new API "sd-event.h" has been added that implements a
* A new API "sd-rntl.h" has been added that provides an API
style to "sd-bus.h".
* A new API "sd-dhcp-client.h" has been added that provides a
"systemd.restore_state=0|1". When set to "0", none of the
* The FsckPassNo= compatibility option in mount/service units
* /etc/systemd/system.conf gained new settings to configure
* The "sd-login.h" API gained three new calls:
* The udev hardware database now also carries vendor/product
* The "sd-daemon.h" API gained a new sd_watchdog_enabled() to
example, a line that creates /run/nologin).
* A new API "sd-resolve.h" has been added which provides a simple
"sd-daemon.h" are no longer found in individual libraries
merged them into a single library, libsystemd.so, which
switch (see below). Note that "sd-dhcp-client.h" is not part
provides, services of/to other APIs). To make the transition
* All of the kdbus logic and the new APIs "sd-bus.h",
and "sd-utf8.h" are compile-time optional via the
systemd will automatically load the kdbus.ko kernel module. At
is specified, and the kdbus.ko kernel module is available, and
version of kdbus.ko or a newer systemd will not be compatible with
* When parsing /etc/crypttab, support for a new key-slot=
SystemCallArchitectures= setting in system.conf now to turn
* A new kernel command line option luks.options= is understood
encrypted partitions specified with luks.uuid=.
* tmpfiles.d(5) snippets may now use specifier expansion in
* A new tmpfiles.d(5) command "m" has been introduced which
may be used to change the owner/group/access mode of a file
cgroup attribute memory.soft_limit= is currently badly
* The memory.use_hierarchy cgroup attribute is now enabled for
would then dead lock. A tmpfiles.d(5) snippet included in
* Backlight and random seed files in /var/lib/ have moved into
the /var/lib/systemd/ directory, in order to centralize all
* If the option "tries=0" is set for an entry of /etc/crypttab
synonymous to "allow-discards" in /etc/crypttab. In fact,
* A minimal tool to save/restore the display backlight
/etc/fstab becomes optional for many setups as systemd can
line systemd.setenv= assignment.
/etc/sysctl.conf. If desired, the file should be symlinked
devices such as /dev/snd/sequencer whithout loading the
subslice of system.slice unless something else is explicitly
implicitly be placed in system-sshd.slice rather than
system.slice as before.
Thomas H.P. Andersen, Tom Gundersen, Tomasz Torcz, William
default there are now three slices: system.slice (for all
system services), user.slice (for all user sessions),
machine.slice (for VMs and containers).
creates/removes/manages cgroups.
VMs/containers. nspawn has been updated accordingly, and
of meta information about the VMs/containers, and assign
and exposed in "ps" and similar tools. machined/machinectl
"systemd.log_level=debug" already did before.
added to configure the default.target symlink, which
/etc/systemd/system.conf to set environment variables for
processes. journactl/systemctl has been updated to make use
* systemd-nspawn will now create /etc/resolv.conf if
implicitly. This makes /etc/hosts an optional file and
* libsystemd-logind.so gained a new call
VMs/containers coming and going.
/var/lib/container/foobar it is now sufficient to run
* A new configuration file /etc/systemd/sleep.conf has been
* systemd gained a new unit 'systemd-static-nodes.service'
services, user processes and containers/virtual
name of the container/VM a specific process belongs to.
* The cryptsetup logic now understands the "luks.key=" kernel
* Python systemd.journal module was updated to wrap recently
changed to bring the low level interface in s.j._Reader
s.j.Reader was updated to wrap and convert all data about
* If /etc/crypttab refers to password files stored on
expressions for all time spans under 1min, i.e. "5.123456s"
more useful graphs. I.e. it is now possible to create simple
* /etc/os-release files gained a new BUILD_ID= field for usage
changed. The private /tmp and /var/tmp directories are now
with a new kernel command line switch: net.ifnames=0.
can be configured via SyncIntervalSec= in journald.conf.
* There's a new remote-fs-setup.target unit that can be used
from. This complements sockets.target with a similar
files without having to edit/override the unit files
change one value for a service file foobar.service he can
/etc/systemd/system/foobar.service.d/*.conf. The unit logic
them there; or creating a new file in /etc/systemd/system/
overriding semantics between /usr/lib, /etc and /run apply
$null. Also, the mail-transfer-agent.target unit backing
are implied anyway for normal services. syslog.target has
* The various "environment" files, such as /etc/locale.conf
seat. (i.e. the device of a seat that needs to be around for
* The log messages for lid events and power/sleep keypresses
journal output in reverse order (i.e. newest line first).
than just journal/log file access. This new group is now
up for /var/log/journal to give "adm" and "wheel" read
add read access to "adm" + "wheel" to /var/log/journal, and
all existing/future journal files. To normal users and
scripts need to create these system user/group at
systemd.time(7).
containers. i.e. think about autospawning an entire OS image
* logind can now automatically suspend/hibernate/shutdown the
* /etc/machine-info and hostnamed now also expose the chassis
user/vendor or is automatically determined from ACPI and DMI
devices as seat masters, i.e. as devices that are required
from an indexed database that is keyed by vendor/product IDs
userspace device metadata. Previously, data from the PCI/USB
(i.e. those for non-standard runlevels such as 'b' or 'S')
or ArchLinux /etc/rc.conf support. We recommend the
systemd without blkid and/or kmod support.
more than once. I.e. in addition to transitions from the
* We now install a README each in /var/log/ and
/etc/rc.d/init.d explaining where the system logs and init
* browse.html now allows filtering and showing detailed
* journald.conf's RuntimeMinSize=, PersistentMinSize= settings
* If /etc/vconsole.conf is non-existent or empty we will no
the userspace fonts/key maps we previously overloaded them
/etc/vconsole.conf with the appropriate contents.
"systemd-journal-gatewayd.service". This service provides
# systemctl start systemd-journal-gatewayd.service
/var/log/messages compatible format. The same as JSON:
* nspawn will now create a symlink /etc/localtime in the
changed to create/update the appropriate symlink.
systemd-journald.service" to see this information.
* HandleSleepKey= in logind.conf has been split up into
journald.conf which may be used to control how user journals
are split off. See journald.conf(5) for details.
* timedated will no longer write or process /etc/timezone,
anymore /etc/localtime always being a symlink is now safe,
and hence the information in /etc/timezone is not necessary
/dev/kmsg has now been added and is enabled by default.
* Support for reading kernel messages from /proc/kmsg has now
reading structured messages from /dev/kmsg (see
above). /proc/kmsg is now exclusive property of classic
warning/notice log levels in bright white. It also supports
* libsystemd-logind.so gained a new call sd_journal_perror()
* /etc/crypttab entries now understand the new keyfile-size=
* The prefdm.service file has been removed. Distributions
* /etc/crypttab entries now understand the new keyfile-offset=
systemd-journal-flush.service, rather than implicitly simply
by seeing /var/log/journal to be writable.
/usr/lib/systemd/systemd-readahead analyze /.readahead
systemctl enable debug-shell.service
udevadm info /dev/sda
udevadm info /sys/class/block/sda
* We now include RPM macros for service enabling/disabling
systemctl status /dev/sda
system.conf parsing.
* systemd.confirm_spawn= on the kernel command line should now
from /usr/lib/systemd/ntp-units.d/*.list,
systemd-timedated-ntp.target has been removed.
journald.conf. These options allow reducing the amount of
* TimerSlackNSec= can now be specified in system.conf for
/usr/bin/avahi-daemon" to get all log output of a specific
* CapabilityBoundingSet= in system.conf now also influences
* udev: /lib/udev/devices/ are not read anymore; systemd-tmpfiles
in /usr/lib/systemd/. Standalone builds or non-systemd systems need
* The config files: /etc/systemd/systemd-logind.conf and
/etc/systemd/systemd-journald.conf have been renamed to
* logind now implements a sleep/shutdown/idle inhibiting logic
systemd-vconsole-setup.service) now detect properly if they
/etc/fstab are out of date due to changes in fstab that
between user/admin configuration and vendor defaults.
* PrivateTmp= now affects both /tmp and /var/tmp.
system.conf. Mounting file systems at boot has to take place
masked and /etc/fstab can override it.
* Show /etc/os-release data in systemd-analyze output
* sd-login.h is C++ comptaible again
* Extend the /etc/os-release format on request of the Debian
* systems lacking /etc/os-release are no longer supported.
* Various functionality updates to libsystemd-login.so
* The systemd binary is installed /usr/lib/systemd/systemd now;
An existing /sbin/init symlink needs to be adapted with the
* A new kernel command line option systemd.setenv= is
with STDERR/STDOUT connected to the journal. Can also act as
* Introduce remote-fs-pre.target which is ordered before all
fixed (i.e. PID file creation must have finished before the
* /etc/rc.local is now hooked in via a generator binary, and
of /usr/local by default.