NEWS revision cd14eda3212f9109c98a77cd5fee4168010d80da
ee9c9500ab13c1093fc3feaf2aa5a0d330d0bfadKay Sieverssystemd System and Service Manager
c343be283b7152554bac0c02493a4e1759c163f7Kay SieversCHANGES WITH 214:
b3ae710c251d0ce5cf2cef63208e325497b5e323Zbigniew Jędrzejewski-Szmek * As an experimental feature, udev now tries to lock the
b3ae710c251d0ce5cf2cef63208e325497b5e323Zbigniew Jędrzejewski-Szmek disk device node (flock(LOCK_SH|LOCK_NB)) while it
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt executes events for the disk or any of its partitions.
cff452c7e974db5053cdbd0d7bbbab2e3b4c91b9Kay Sievers Applications like partitioning programs can lock the
cff452c7e974db5053cdbd0d7bbbab2e3b4c91b9Kay Sievers disk device node (flock(LOCK_EX)) and claim temporary
cff452c7e974db5053cdbd0d7bbbab2e3b4c91b9Kay Sievers device ownership that way; udev will entirely skip all event
cff452c7e974db5053cdbd0d7bbbab2e3b4c91b9Kay Sievers handling for this disk and its partitions. If the disk
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers was opened for writing, the close will trigger a partition
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers table rescan in udev's "watch" facility, and if needed
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers synthesize "change" events for the disk and all its partitions.
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers This is now unconditionally enabled, if it turns out to
a40593a0d0d740efa387e35411e1e456a6c5aba7Lennart Poettering cause major problems, we might turn it on only for specific
20ffc4c4a9226b0e45cc02ad9c0108981626c0bbKay Sievers devices, or might need to disable it entirely. Device-mapper
04ac799283f517672a5424e7c5bf066cfa4ca020Zbigniew Jędrzejewski-Szmek devices are excluded from this logic.
04ac799283f517672a5424e7c5bf066cfa4ca020Zbigniew Jędrzejewski-Szmek * We temporarily dropped the "-l" switch for fsck invocations,
04ac799283f517672a5424e7c5bf066cfa4ca020Zbigniew Jędrzejewski-Szmek since they collide with the flock() logic above. util-linux
374c356979ba7222fa7e09005824fe6996b0e91eDavid Herrmann upstream has been changed already to avoid this conflict,
374c356979ba7222fa7e09005824fe6996b0e91eDavid Herrmann and we will readd "-l" as soon as util-linux with this
374c356979ba7222fa7e09005824fe6996b0e91eDavid Herrmann change has been released.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * The dependency on libattr has been removed. Since a long
466784c8710e5cb0e0b86a16506d992d7ec5b619Kay Sievers time the extended attribute calls have moved to glibc, and
55d32caf94d8df547ca763be52b0c35bb6388606Lennart Poettering libattr is thus unnecessary.
bafb15bab99887d1b6b8a35136531bac6c3876a6Lennart Poettering * Virtualization detection works without priviliges now. This
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering means the systemd-detect-virt binary no longer requires
bafb15bab99887d1b6b8a35136531bac6c3876a6Lennart Poettering CAP_SYS_PTRACE file capabilities, and our daemons can run
eb124a97fb72d076014253b1acde69d428f15ecfLennart Poettering with fewer privileges.
3de03738fc970496d2d3da668c72767a48ccc41bLennart Poettering * systemd-networkd now runs under its own "systemd-network"
3de03738fc970496d2d3da668c72767a48ccc41bLennart Poettering user. It retains the CAP_NET_ADMIN, CAP_NET_BIND_SERVICE,
3de03738fc970496d2d3da668c72767a48ccc41bLennart Poettering CAP_NET_BROADCAST, CAP_NET_RAW capabilities though, but
3de03738fc970496d2d3da668c72767a48ccc41bLennart Poettering loses the ability to write to files owned by root this way.
eaa3b74dfd6395c8abaa8416d90dac5e0dc00e15Lennart Poettering * Similar, systemd-resolved now runs under its own
5c868fe2e980216b32588e16fa949ebb1f1f7b95Lennart Poettering "systemd-resolve" user with no capabilities remaining.
8891f695c71bd4c266d827c9aaedbbbbaf79d3ebLennart Poettering * Similar, systemd-bus-proxyd now runs under its own
8891f695c71bd4c266d827c9aaedbbbbaf79d3ebLennart Poettering "systemd-bus-proxy" user with only CAP_IPC_OWNER remaining.
2b1c3767515672dfd0f5e0a9c9d7ac3a16a6a361Lennart Poettering * systemd-networkd gained support for setting up "veth"
2b1c3767515672dfd0f5e0a9c9d7ac3a16a6a361Lennart Poettering virtual ethernet devices for container connectivity, as well
1df52dd282cd6014ace8ca2279dd90d9ea52d2a4Lennart Poettering as GRE and VTI tunnels.
1df52dd282cd6014ace8ca2279dd90d9ea52d2a4Lennart Poettering * systemd-networkd will no longer automatically attempt to
37efac5ddb21fd91ed420c070ed07f375e78b3b9Lennart Poettering manually load kernel modules necessary for certain tunnel
37efac5ddb21fd91ed420c070ed07f375e78b3b9Lennart Poettering transports. Instead it is assumed the kernel loads them
7348b3adb324614132cf376f478e883bd7de28f1Lennart Poettering automatically when required. This only works correctly on
7348b3adb324614132cf376f478e883bd7de28f1Lennart Poettering very new kernels. On older kernels, please consider adding
7348b3adb324614132cf376f478e883bd7de28f1Lennart Poettering the kernel modules to /etc/load-modules.d/ as a work-around.
f55b9bdfae46e3683c74c30f1d063642a41368a5Lennart Poettering * The resolv.conf file systemd-resolved generates has been
f55b9bdfae46e3683c74c30f1d063642a41368a5Lennart Poettering moved to /run/systemd/resolve/, if you have a symlink from
f55b9bdfae46e3683c74c30f1d063642a41368a5Lennart Poettering /etc/resolv.conf it might be necessary to correct it.
e107ed185ef08945102834234a05ec51bb438685Lennart Poettering * Two new service settings ProtectedHome= and ProtectedSystem=
e107ed185ef08945102834234a05ec51bb438685Lennart Poettering have been added. When enabled they will make the user data
e107ed185ef08945102834234a05ec51bb438685Lennart Poettering (such as /home) inaccessible or read-only and the system
e107ed185ef08945102834234a05ec51bb438685Lennart Poettering (such as /usr) read-only, for specific services. This allows
eaa3b74dfd6395c8abaa8416d90dac5e0dc00e15Lennart Poettering very light-weight per-service sandboxing to avoid
e107ed185ef08945102834234a05ec51bb438685Lennart Poettering modifications of user data or system files from
e107ed185ef08945102834234a05ec51bb438685Lennart Poettering services. These two new switches have been enabled for all
e107ed185ef08945102834234a05ec51bb438685Lennart Poettering of systemd's long-running services, where appropriate.
e30fa16e27cbd48f960113a1d72d9a15c3b2d67bLennart Poettering * Socket units gained new SocketUser= and SocketGroup=
f598ac3e28b729dd0b1d0a881df3e16465687a2bLennart Poettering settings to set the owner user and group of AF_UNIX sockets
11fb37f16ed99c1603c9d770b60ce4953b96a58dLennart Poettering and FIFOs in the file system.
01083ad094664e5c685060f4fb35a05ea2f212edLennart Poettering * Socket units gained a new RemoveOnStop= setting. If enabled
a2b135e3d8d5dfa103a87e304ed8a91b01fdbb02Lennart Poettering all FIFOS and sockets in the file system will be removed
a2b135e3d8d5dfa103a87e304ed8a91b01fdbb02Lennart Poettering when the specific socket unit is stopped.
a2b135e3d8d5dfa103a87e304ed8a91b01fdbb02Lennart Poettering * Socket units gained a new Symlinks= setting. It takes a list
b107b705cc97d3033e37c44229deb37b5aa31df5Lennart Poettering of symlinks to create to file system sockets or FIFOs
b107b705cc97d3033e37c44229deb37b5aa31df5Lennart Poettering created by the specific unix sockets. This is useful to
edb2935c5c5b95c42b8679086f60da5eafad74cbLennart Poettering manage symlinks to socket nodes with the same life-cycle as
edb2935c5c5b95c42b8679086f60da5eafad74cbLennart Poettering the socket itself.
769918ecd30c0f7ee6e87b9aa6226d956bd2f530Lennart Poettering * The /dev/log socket and /dev/initctl FIFO have been moved to
769918ecd30c0f7ee6e87b9aa6226d956bd2f530Lennart Poettering /run, and have been replaced by symlinks. This allows
769918ecd30c0f7ee6e87b9aa6226d956bd2f530Lennart Poettering connecting to these facilities even if PrivateDevices=yes is
6a3f892a23db71544d0439355f96c44350dafa8fLennart Poettering used for a service (which makes /dev/log itself unavailable,
2a781fc9bd33982c81e5ff75974a442a33d4f167Lennart Poettering but /run is left). This also has the benefit of ensuring
2a781fc9bd33982c81e5ff75974a442a33d4f167Lennart Poettering that /dev only contains device nodes, directories and
6a3f892a23db71544d0439355f96c44350dafa8fLennart Poettering symlinks, and nothing else.
efc141b8ffbfa1e449da40ce27fccaa81428f779Lennart Poettering * sd-daemon gained two new calls sd_pid_notify() and
efc141b8ffbfa1e449da40ce27fccaa81428f779Lennart Poettering sd_pid_notifyf(). They are similar to sd_notify() and
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt sd_notifyf(), but allow overriding of the source PID of
efc141b8ffbfa1e449da40ce27fccaa81428f779Lennart Poettering notification messages if permissions permit this. This is
efc141b8ffbfa1e449da40ce27fccaa81428f779Lennart Poettering useful to send notify messages on behalf of a different
726a6e963056a7238a512cfe6ce612af2c2d1419Lennart Poettering process (for example, the parent process). The
7ba4fedb8048182fb765bd6ae5aa1e548389bef3Lennart Poettering systemd-notify tool has been updated to make use of this
23fae27185ddde98706faac0f45d77b11ecd66e6Lennart Poettering when sending messages (so that notification messages now
23fae27185ddde98706faac0f45d77b11ecd66e6Lennart Poettering originate from the shell script invoking systemd-notify and
650264033f2f98f6319513958d94d59078654af8Lennart Poettering not the systemd-notify process itself. This should minimize
650264033f2f98f6319513958d94d59078654af8Lennart Poettering a race where systemd fails to associate notification
650264033f2f98f6319513958d94d59078654af8Lennart Poettering messages to services when the originating process already
eda8f06755bd98c4639293c26b856c225f0d1fe1Lennart Poettering * A new "on-abnormal" setting for Restart= has been added. If
d4fdc205a4610965cee46408dbd046c922e7620cLennart Poettering set it will result in automatic restarts on all "abnormal"
d4fdc205a4610965cee46408dbd046c922e7620cLennart Poettering reasons for a process to exit, which includes unclean
d4fdc205a4610965cee46408dbd046c922e7620cLennart Poettering signals, core dumps, timeouts and watchdog timeouts, but
af1082b04a3d45a9b1d796b4271f44e87e307026Lennart Poettering does not include clean and unclean exit codes or clean
af1082b04a3d45a9b1d796b4271f44e87e307026Lennart Poettering signals. Restart=on-abnormal is an alternative for
af1082b04a3d45a9b1d796b4271f44e87e307026Lennart Poettering Restart=on-failure for services that shall be able to
af1082b04a3d45a9b1d796b4271f44e87e307026Lennart Poettering terminate and avoid restarts on certain errors, by
488ad3b32a7e2b5b1380abf4a15e5f65fa65f3feLennart Poettering indicating so with an unclean exit code. Restart=on-failure
488ad3b32a7e2b5b1380abf4a15e5f65fa65f3feLennart Poettering or Restart=on-abnormal is now the recommended setting for
488ad3b32a7e2b5b1380abf4a15e5f65fa65f3feLennart Poettering all long-running services.
488ad3b32a7e2b5b1380abf4a15e5f65fa65f3feLennart Poettering * If the InaccessibleDirectories= service setting points to a
488ad3b32a7e2b5b1380abf4a15e5f65fa65f3feLennart Poettering mount point (or if there are any submounts contained within
47c94a96df29080f8b3a97e7362df4e9c6ba3265Lennart Poettering it), it is now attempted to completely unmount it, to make
47c94a96df29080f8b3a97e7362df4e9c6ba3265Lennart Poettering the file systems truly unavailable for the respective
09ecd746c9d6581664873674c2188f8c93ed7780Lennart Poettering * The ReadOnlyDirectories= service setting and
09ecd746c9d6581664873674c2188f8c93ed7780Lennart Poettering systemd-nspawn's --read-only parameter are now recursively
09ecd746c9d6581664873674c2188f8c93ed7780Lennart Poettering applied to all submounts, too.
09ecd746c9d6581664873674c2188f8c93ed7780Lennart Poettering * Mount units may now be created transiently via the bus APIs.
ef417cfd2211ae017a38b9796c6db29130133e63Zbigniew Jędrzejewski-Szmek * The support for SysV and LSB init scripts has been removed
3333d748facc15f49935b6b793490ba0824976e6Zbigniew Jędrzejewski-Szmek from the systemd daemon itself. Instead, it is now
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering implemented as a generator that creates native systemd units
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering from these scripts when needed. This enables us to remove a
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering substantial amount of legacy code from PID 1, following the
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering fact that many distributions only ship a very small number
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering of LSB/SysV init scripts nowadays.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * Priviliged Xen (dom0) domains are not considered
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering virtualization anymore by the virtualization detection
0bee65f0622c4faa8ac8ae771cc0c8a936dfa284Lennart Poettering logic. After all, they generally have unrestricted access to
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering the hardware and usually are used to manage the unprivileged
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering (domU) domains.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * systemd-tmpfiles gained a new "C" line type, for copying
ebcf1f97de4f6b1580ae55eb56b1a3939fe6b602Lennart Poettering files or entire directories.
47c94a96df29080f8b3a97e7362df4e9c6ba3265Lennart Poettering * systemd-tmpfiles "m" lines are now fully equivalent to "z"
718db96199eb307751264e4163555662c9a389faLennart Poettering lines. So far they have been non-globbing versions of the
718db96199eb307751264e4163555662c9a389faLennart Poettering latter, and have thus been redundant. In future it is
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering recommended to only use "z"; and "m" has hence been removed
718db96199eb307751264e4163555662c9a389faLennart Poettering from the documentation, even though it stays supported.
718db96199eb307751264e4163555662c9a389faLennart Poettering * A tmpfiles snippet to recreate the most basic structure in
966204e010ed432a1d7a0481d41a326d8ec7b0c8Lennart Poettering /var has been added. This is enough to create the /var/run →
966204e010ed432a1d7a0481d41a326d8ec7b0c8Lennart Poettering /run symlink and create a couple of structural
94676f3e9352cbf1f72e0a512ee0d2ed83ff676dLennart Poettering directories. This allows systems to boot up with an empty or
6fd4d0209827e5c3e52fa8c7144852f550f8f95cLennart Poettering volatile /var. Of course, while with this change the core OS
ced4d06784dbb19666688947901961f949f2aa6dLennart Poettering now is capable with dealing with a volatile /var not all
ced4d06784dbb19666688947901961f949f2aa6dLennart Poettering user services are ready for it. However, we hope that sooner
af1082b04a3d45a9b1d796b4271f44e87e307026Lennart Poettering or later many service daemons will be changed upstream so
416446221d905b6815175dc4d525d27f8ae43d1bLennart Poettering that they are able to automatically create their necessary
416446221d905b6815175dc4d525d27f8ae43d1bLennart Poettering directories in /var at boot, should they be missing. This is
416446221d905b6815175dc4d525d27f8ae43d1bLennart Poettering the first step to allow state-less systems that only require
7f79cd7109a60810140a045cc725291fc5515264Lennart Poettering the vendor image for /usr to boot.
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt * systemd-nspawn has gained a new --tmpfs= switch to mount an
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt empty tmpfs instance to a specific directory. This is
df5f6971e6e15b4632884916c71daa076c8bae96Lennart Poettering particularly useful for making use of the automatic
df5f6971e6e15b4632884916c71daa076c8bae96Lennart Poettering reconstruction of /var (see above), by passing --tmpfs=/var.
fcba531ed4c6e6f8f21d8ca4e3a56e3162b1c578Lennart Poettering * Access modes specified in tmpfiles snippets may now be
8b8f259170e35b93e6c6d1757cb8b835bbdaa40cZbigniew Jędrzejewski-Szmek prefixed with "~", which indicates that they shall be masked
8b8f259170e35b93e6c6d1757cb8b835bbdaa40cZbigniew Jędrzejewski-Szmek by whether the existing file or directly is currently
e10e429f2dcbb586215e65f62847f40c7d8b5956David Herrmann writable, readable or executable at all. Also, if specified
e1b7e7ec9b34ae6ae54a4c8084395cbf2bfe9960Lennart Poettering the sgid/suid/sticky bits will be masked for all
6aaa8c2f783cd1b3ac27c5ce40625d032e7e3d71Zbigniew Jędrzejewski-Szmek non-directories.
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * A new passive target unit "network-pre.target" has been
18d4e7c26e7806ac363d19989df7144d5058ce41Lennart Poettering added which is useful for services that shall run before any
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering network is configured, for example firewall scripts.
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering Contributions from: Camilo Aguilar, Christian Hesse, Colin Ian
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering King, Cristian Rodríguez, Daniel Buch, Dave Reisner, David
4e09014daf8f98584b3f15e64e93bed232e70a6bLennart Poettering Strauss, Denis Tikhomirov, John, Jonathan Liu, Kay Sievers,
4e09014daf8f98584b3f15e64e93bed232e70a6bLennart Poettering Lennart Poettering, Mantas Mikulėnas, Mark Eichin, Ronny
4e09014daf8f98584b3f15e64e93bed232e70a6bLennart Poettering Chevalier, Susant Sahani, Thomas Blume, Thomas Hindoe Paaboel
6bb648a16ae4a682ad4784412af706d2e6a3e4daTom Gundersen Andersen, Tom Gundersen, Umut Tezduyar Lindskog, Zbigniew
e30fa16e27cbd48f960113a1d72d9a15c3b2d67bLennart Poettering Jędrzejewski-Szmek
7973ca1927e1f3bac9438f3529458c9ff868905dLennart Poettering -- Berlin, 2014-06-11
7973ca1927e1f3bac9438f3529458c9ff868905dLennart PoetteringCHANGES WITH 213:
7973ca1927e1f3bac9438f3529458c9ff868905dLennart Poettering * A new "systemd-timesyncd" daemon has been added for
7973ca1927e1f3bac9438f3529458c9ff868905dLennart Poettering synchronizing the system clock across the network. It
7973ca1927e1f3bac9438f3529458c9ff868905dLennart Poettering implements an SNTP client. In contrast to NTP
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering implementations such as chrony or the NTP reference server
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering this only implements a client side, and does not bother with
80caea6cc72ebd311a311b1527cc6b87201c13bfLennart Poettering the full NTP complexity, focusing only on querying time from
ab9716c2489f9141ed13ec22dbb216b3e6fbd6b5Lennart Poettering one remote server and synchronizing the local clock to
df98a87ba389bdfc0359beedf47557411f3af434Lennart Poettering it. Unless you intend to serve NTP to networked clients or
df98a87ba389bdfc0359beedf47557411f3af434Lennart Poettering want to connect to local hardware clocks this simple NTP
df98a87ba389bdfc0359beedf47557411f3af434Lennart Poettering client should be more than appropriate for most
df98a87ba389bdfc0359beedf47557411f3af434Lennart Poettering installations. The daemon runs with minimal privileges, and
bee7e928990fd8a0c5909c2022a2b9eede557c81Lennart Poettering has been hooked up with networkd to only operate when
2ecfc64e59b5e4e96bed6f68bd36b612ef77a146Lennart Poettering network connectivity is available. The daemon saves the
6a8b5fa4635ed858788fb10099ec9b62b3359a0aLennart Poettering current clock to disk every time a new NTP sync has been
69727e6dc69ae5d9b5ae3681723778a3faa354e9Lennart Poettering acquired, and uses this to possibly correct the system clock
0f3e07b7cc535af3c4ea56c3b28c140c1771fa6aLennart Poettering early at bootup, in order to accommodate for systems that
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering lack an RTC such as the Raspberry Pi and embedded devices,
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering and make sure that time monotonically progresses on these
12179984a38fe74581333fbcdc11c822d81f505fLennart Poettering systems, even if it is not always correct. To make use of
eb01ba5de14859d7a94835ab9299de40132d549aLennart Poettering this daemon a new system user and group "systemd-timesync"
154ff088d371bee5651eaa2bc9bde8a34c185656Lennart Poettering needs to be created on installation of systemd.
154ff088d371bee5651eaa2bc9bde8a34c185656Lennart Poettering * The queue "seqnum" interface of libudev has been disabled, as
154ff088d371bee5651eaa2bc9bde8a34c185656Lennart Poettering it was generally incompatible with device namespacing as
69af45035913e7119cffd94c542bd3039600e45dZbigniew Jędrzejewski-Szmek sequence numbers of devices go "missing" if the devices are
e8a7a315391a6a07897122725cd707f4e9ce63d7Lennart Poettering part of a different namespace.
461bd8e47cafacfcd38389e7558330bfb6e902adLennart Poettering * "systemctl list-timers" and "systemctl list-sockets" gained
461bd8e47cafacfcd38389e7558330bfb6e902adLennart Poettering a --recursive switch for showing units of these types also
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering for all local containers, similar in style to the already
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering supported --recursive switch for "systemctl list-units".
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering * A new RebootArgument= setting has been added for service
b454b11220e87add6d0f011695c7912b009c853dLennart Poettering units, which may be used to specify a kernel reboot argument
b454b11220e87add6d0f011695c7912b009c853dLennart Poettering to use when triggering reboots with StartLimitAction=.
b454b11220e87add6d0f011695c7912b009c853dLennart Poettering * A new FailureAction= setting has been added for service
06db8540cdfc8259423ed90e7352dbc1d71eccd9Lennart Poettering units which may be used to specify an operation to trigger
06db8540cdfc8259423ed90e7352dbc1d71eccd9Lennart Poettering when a service fails. This works similarly to
4ff49cb63075aba646b578f2516b37a8dfd5a65bLennart Poettering StartLimitAction=, but unlike it controls what is done
4ff49cb63075aba646b578f2516b37a8dfd5a65bLennart Poettering immediately rather than only after several attempts to
fff87a35d9e26c0d4ea41273a963c0eb20e18da4Zbigniew Jędrzejewski-Szmek restart the service in question.
fff87a35d9e26c0d4ea41273a963c0eb20e18da4Zbigniew Jędrzejewski-Szmek * hostnamed got updated to also expose the kernel name,
b8b4d3dddc7611dce3bf28004b0375d661120c62Lennart Poettering release, and version on the bus. This is useful for
b8b4d3dddc7611dce3bf28004b0375d661120c62Lennart Poettering executing commands like hostnamectl with the -H switch.
b8b4d3dddc7611dce3bf28004b0375d661120c62Lennart Poettering systemd-analyze makes use of this to properly display
3df82d5a8cdc510f518fd5e234ccb3233b748719Lennart Poettering details when running non-locally.
3df82d5a8cdc510f518fd5e234ccb3233b748719Lennart Poettering * The bootchart tool can now show cgroup information in the
3df82d5a8cdc510f518fd5e234ccb3233b748719Lennart Poettering graphs it generates.
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * The CFS CPU quota cgroup attribute is now exposed for
b5c03638d48c07aa0eaf13b5f54000c7133e1883Lennart Poettering services. The new CPUQuota= switch has been added for this
b5c03638d48c07aa0eaf13b5f54000c7133e1883Lennart Poettering which takes a percentage value. Setting this will have the
b5c03638d48c07aa0eaf13b5f54000c7133e1883Lennart Poettering result that a service may never get more CPU time than the
eece8c6fb5f4d354dcef6fd369e876c4f3a3f163Lennart Poettering specified percentage, even if the machine is otherwise idle.
eece8c6fb5f4d354dcef6fd369e876c4f3a3f163Lennart Poettering * systemd-networkd learned IPIP and SIT tunnel support.
356ce9915ab1a4a1e6dc26954df34936a69e7c12Lennart Poettering * LSB init scripts exposing a dependency on $network will now
09f727eebd87661f263d3c2c1e0de7b7771acd40Lennart Poettering get a dependency on network-online.target rather than simply
09f727eebd87661f263d3c2c1e0de7b7771acd40Lennart Poettering network.target. This should bring LSB handling closer to
09f727eebd87661f263d3c2c1e0de7b7771acd40Lennart Poettering what it was on SysV systems.
c144692179098c1861f2aeafc67689a74439cf4cLennart Poettering * A new fsck.repair= kernel option has been added to control
c144692179098c1861f2aeafc67689a74439cf4cLennart Poettering how fsck shall deal with unclean file systems at boot.
795607b22308f5b92073b012e43be1892fdd97c0Lennart Poettering * The (.ini) configuration file parser will now silently
0be8342c04bbf129b4a21e5073eacccbbce4e896Lennart Poettering ignore sections whose name begins with "X-". This may be
0be8342c04bbf129b4a21e5073eacccbbce4e896Lennart Poettering used to maintain application-specific extension sections in unit
0be8342c04bbf129b4a21e5073eacccbbce4e896Lennart Poettering * machined gained a new API to query the IP addresses of
e5ec62c56963d997edaffa904af5dc45dac23988Lennart Poettering registered containers. "machinectl status" has been updated
54c31a79f72ff57ac8eba089acacc4ab482b745dLennart Poettering to show these addresses in its output.
826872b61e4857dfffe63ba84e2b005623baecd6Lennart Poettering * A new call sd_uid_get_display() has been added to the
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt sd-login APIs for querying the "primary" session of a
826872b61e4857dfffe63ba84e2b005623baecd6Lennart Poettering user. The "primary" session of the user is elected from the
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering user's sessions and generally a graphical session is
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering preferred over a text one.
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering * A minimal systemd-resolved daemon has been added. It
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering currently simply acts as a companion to systemd-networkd and
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering manages resolv.conf based on per-interface DNS
cbb7712189527f9f483321607e44c4ead3dd11b8Lennart Poettering configuration, possibly supplied via DHCP. In the long run
cbb7712189527f9f483321607e44c4ead3dd11b8Lennart Poettering we hope to extend this into a local DNSSEC enabled DNS and
356ce9915ab1a4a1e6dc26954df34936a69e7c12Lennart Poettering * The systemd-networkd-wait-online tool is now enabled by
490b7e47093d491a2bdb1084fe92b796f4e07eefLennart Poettering default. It will delay network-online.target until a network
81d112a8f0522a09fcfe317f420363a2b728137cLennart Poettering connection has been configured. The tool primarily integrates
490b7e47093d491a2bdb1084fe92b796f4e07eefLennart Poettering with networkd, but will also make a best effort to make sense
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering of network configuration performed in some other way.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * Two new service options StartupCPUShares= and
466784c8710e5cb0e0b86a16506d992d7ec5b619Kay Sievers StartupBlockIOWeight= have been added that work similarly to
e41814846c19a48f4490169d82e359e005c4db45Lennart Poettering CPUShares= and BlockIOWeight= however only apply during
c0fe5db522b52f27e030655ce2c03e05cbbc1558Kay Sievers system startup. This is useful to prioritize certain services
e9fd44b728ff1fc0d1f24fccb87a767f6865df27Lennart Poettering differently during bootup than during normal runtime.
e9fd44b728ff1fc0d1f24fccb87a767f6865df27Lennart Poettering * hostnamed has been changed to prefer the statically
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering configured hostname in /etc/hostname (unless set to
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering 'localhost' or empty) over any dynamic one supplied by
3040728b6691ea2e9df3a2060e2d49a792bbaedaLennart Poettering dhcp. With this change the rules for picking the hostname
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering match more closely the rules of other configuration settings
8ed206517c2be381324ac5832bf34cc14024270eLennart Poettering where the local administrator's configuration in /etc always
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering overrides any other settings.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Contributions fron: Ali H. Caliskan, Alison Chaiken, Bas van
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering den Berg, Brandon Philips, Cristian Rodríguez, Daniel Buch,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Dan Kilman, Dave Reisner, David Härdeman, David Herrmann,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering David Strauss, Dimitris Spingos, Djalal Harouni, Eelco
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Dolstra, Evan Nemerson, Florian Albrechtskirchinger, Greg
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Kroah-Hartman, Harald Hoyer, Holger Hans Peter Freyther, Jan
e5ec62c56963d997edaffa904af5dc45dac23988Lennart Poettering Engelhardt, Jani Nikula, Jason St. John, Jeffrey Clark,
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Jonathan Boulle, Kay Sievers, Lennart Poettering, Lukas
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Nykryn, Lukasz Skalski, Łukasz Stelmach, Mantas Mikulėnas,
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Marcel Holtmann, Martin Pitt, Matthew Monaco, Michael
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Marineau, Michael Olbrich, Michal Sekletar, Mike Gilbert, Nis
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Martensen, Patrik Flykt, Philip Lorenz, poma, Ray Strode,
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Reyad Attiyat, Robert Milasan, Scott Thrasher, Stef Walter,
e673ad0415d89c322e5b1a121e411f1b1d8075c0Lennart Poettering Steven Siloti, Susant Sahani, Tanu Kaskinen, Thomas Bächler,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar
e673ad0415d89c322e5b1a121e411f1b1d8075c0Lennart Poettering Lindskog, WaLyong Cho, Will Woods, Zbigniew
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Jędrzejewski-Szmek
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering -- Beijing, 2014-05-28
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart PoetteringCHANGES WITH 212:
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * When restoring the screen brightness at boot, stay away from
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt the darkest setting or from the lowest 5% of the available
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering range, depending on which is the larger value of both. This
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering should effectively protect the user from rebooting into a
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering black screen, should the brightness have been set to minimum
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * sd-login gained a new sd_machine_get_class() call to
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering determine the class ("vm" or "container") of a machine
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering registered with machined.
f47ec8ebb3858553dec870e1c596e39525f46360Lennart Poettering * sd-login gained new calls
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering sd_peer_get_{session,owner_uid,unit,user_unit,slice,machine_name}(),
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering to query the identity of the peer of a local AF_UNIX
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering connection. They operate similarly to their sd_pid_get_xyz()
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * PID 1 will now maintain a system-wide system state engine
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering with the states "starting", "running", "degraded",
f47ec8ebb3858553dec870e1c596e39525f46360Lennart Poettering "maintenance", "stopping". These states are bound to system
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering startup, normal runtime, runtime with at least one failed
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering service, rescue/emergency mode and system shutdown. This
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering state is shown in the "systemctl status" output when no unit
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering name is passed. It is useful to determine system state, in
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering particularly when doing so for many systems or containers at
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * A new command "list-machines" has been added to "systemctl"
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering that lists all local OS containers and shows their system
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering state (see above), if systemd runs inside of them.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * systemctl gained a new "-r" switch to recursively enumerate
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering units on all local containers, when used with the
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering "list-unit" command (which is the default one that is
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering executed when no parameters are specified).
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * The GPT automatic partition discovery logic will now honour
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt two GPT partition flags: one may be set on a partition to
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering cause it to be mounted read-only, and the other may be set
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering on a partition to ignore it during automatic discovery.
8b8f259170e35b93e6c6d1757cb8b835bbdaa40cZbigniew Jędrzejewski-Szmek * Two new GPT type UUIDs have been added for automatic root
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering partition discovery, for 32-bit and 64-bit ARM. This is not
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering particularly useful for discovering the root directory on
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering these architectures during bare-metal boots (since UEFI is
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering not common there), but still very useful to allow booting of
eb124a97fb72d076014253b1acde69d428f15ecfLennart Poettering ARM disk images in nspawn with the -i option.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * MAC addresses of interfaces created with nspawn's
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering --network-interface= switch will now be generated from the
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering machine name, and thus be stable between multiple invocations
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering of the container.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * logind will now automatically remove all IPC objects owned
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering by a user if she or he fully logs out. This makes sure that
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering users who are logged out cannot continue to consume IPC
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering resources. This covers SysV memory, semaphores and message
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering queues as well as POSIX shared memory and message
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering queues. Traditionally, SysV and POSIX IPC had no life-cycle
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering limits. With this functionality, that is corrected. This may
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering be turned off by using the RemoveIPC= switch of logind.conf.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * The systemd-machine-id-setup and tmpfiles tools gained a
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering --root= switch to operate on a specific root directory,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * journald can now forward logged messages to the TTYs of all
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering logged in users ("wall"). This is the default for all
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering emergency messages now.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * A new tool systemd-journal-remote has been added to stream
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering journal log messages across the network.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * /sys/fs/cgroup/ is now mounted read-only after all cgroup
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering controller trees are mounted into it. Note that the
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering directories mounted beneath it are not read-only. This is a
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering security measure and is particularly useful because glibc
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering actually includes a search logic to pick any tmpfs it can
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering find to implement shm_open() if /dev/shm is not available
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering (which it might very well be in namespaced setups).
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * machinectl gained a new "poweroff" command to cleanly power
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering down a local OS container.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * The PrivateDevices= unit file setting will now also drop the
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering CAP_MKNOD capability from the capability bound set, and
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering imply DevicePolicy=closed.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * PrivateDevices=, PrivateNetwork= and PrivateTmp= is now used
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt comprehensively on all long-running systemd services where
90e071d1d59be05fcba66561439c3ca67c80ee20Lennart Poettering this is appropriate.
d2e83c23f5f0cdd3b6ec05c5c40209708721e704Kay Sievers * systemd-udevd will now run in a disassociated mount
d2e83c23f5f0cdd3b6ec05c5c40209708721e704Kay Sievers namespace. To mount directories from udev rules, make sure to
d2e83c23f5f0cdd3b6ec05c5c40209708721e704Kay Sievers pull in mount units via SYSTEMD_WANTS properties.
f6113d42d015ad9f3a9e702a09eb8006511a4424Kay Sievers * The kdbus support gained support for uploading policy into
d2e83c23f5f0cdd3b6ec05c5c40209708721e704Kay Sievers the kernel. sd-bus gained support for creating "monitoring"
7a43e910ce00eef22fd42925ae4c85cbea1b1320Kay Sievers connections that can eavesdrop into all bus communication
d2e83c23f5f0cdd3b6ec05c5c40209708721e704Kay Sievers for debugging purposes.
e707c49485b8f4f2ec040d3da232d39153e650b9Lennart Poettering * Timestamps may now be specified in seconds since the UNIX
e707c49485b8f4f2ec040d3da232d39153e650b9Lennart Poettering epoch Jan 1st, 1970 by specifying "@" followed by the value
7f8732835295fce29479b1afc9e8ee801852db09Lennart Poettering * Native tcpwrap support in systemd has been removed. tcpwrap
7f8732835295fce29479b1afc9e8ee801852db09Lennart Poettering is old code, not really maintained anymore and has serious
e707c49485b8f4f2ec040d3da232d39153e650b9Lennart Poettering shortcomings, and better options such as firewalls
a19554ed92a7460b4e709cc40c558cde827ab85bLennart Poettering exist. For setups that require tcpwrap usage, please
a19554ed92a7460b4e709cc40c558cde827ab85bLennart Poettering consider invoking your socket-activated service via tcpd,
1cb88f2c61f590083847d65cd5a518e834da87d3Lennart Poettering like on traditional inetd.
1cb88f2c61f590083847d65cd5a518e834da87d3Lennart Poettering * A new system.conf configuration option
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt DefaultTimerAccuracySec= has been added that controls the
1cb88f2c61f590083847d65cd5a518e834da87d3Lennart Poettering default AccuracySec= setting of .timer units.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * Timer units gained a new WakeSystem= switch. If enabled,
6d0274f11547a0f11200bb82bf598a5a253e12cfLennart Poettering timers configured this way will cause the system to resume
a7a3f28be404875eff20443a0fa8088bcc4c18dfLennart Poettering from system suspend (if the system supports that, which most
a7a3f28be404875eff20443a0fa8088bcc4c18dfLennart Poettering do these days).
08f9588885c5d65694b324846b0ed19211d2c178Lennart Poettering * Timer units gained a new Persistent= switch. If enabled,
97c52b838b45aee16ed9dad5a614a027f12d89eeLennart Poettering timers configured this way will save to disk when they have
7d8197d1f25c1291855bb6cffc705444978c6d8dKay Sievers been last triggered. This information is then used on next
7d8197d1f25c1291855bb6cffc705444978c6d8dKay Sievers reboot to possible execute overdue timer events, that
7d8197d1f25c1291855bb6cffc705444978c6d8dKay Sievers could not take place because the system was powered off.
7d8197d1f25c1291855bb6cffc705444978c6d8dKay Sievers This enables simple anacron-like behaviour for timer units.
7d8197d1f25c1291855bb6cffc705444978c6d8dKay Sievers * systemctl's "list-timers" will now also list the time a
9ee58bddeb6eb044753167e0047fe836479ca5dbKay Sievers timer unit was last triggered in addition to the next time
9ee58bddeb6eb044753167e0047fe836479ca5dbKay Sievers it will be triggered.
71ef24d09573874c0f7bc323c07c3aec2a458707Lennart Poettering * systemd-networkd will now assign predictable IPv4LL
71ef24d09573874c0f7bc323c07c3aec2a458707Lennart Poettering addresses to its local interfaces.
1b89884ba31cbe98f159ce2c7d6fac5f6a57698fLennart Poettering Contributions from: Brandon Philips, Daniel Buch, Daniel Mack,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Dave Reisner, David Herrmann, Gerd Hoffmann, Greg
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Kroah-Hartman, Hendrik Brueckner, Jason St. John, Josh
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Triplett, Kay Sievers, Lennart Poettering, Marc-Antoine
9e281251e99bbbbcb0366575b5195c36fc9483d7Lennart Poettering Perennou, Michael Marineau, Michael Olbrich, Miklos Vajna,
9cb74bcb23dde8488459ca233bf9caee642b8402Zbigniew Jędrzejewski-Szmek Patrik Flykt, poma, Sebastian Thorarensen, Thomas Bächler,
a56b63f41dc779a86573ae77814c14c1db156398Lennart Poettering Thomas Hindoe Paaboel Andersen, Tomasz Torcz, Tom Gundersen,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Umut Tezduyar Lindskog, Wieland Hoffmann, Zbigniew
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Jędrzejewski-Szmek
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering -- Berlin, 2014-03-25
5f1dac6bf605871615b35891a3966fa474db5b20Lennart PoetteringCHANGES WITH 211:
424a19f8a2061c6b058283228734010b2fa24db4Lennart Poettering * A new unit file setting RestrictAddressFamilies= has been
41f9172f427bdbb8221c64029f78364b8dd4e527Lennart Poettering added to restrict which socket address families unit
424a19f8a2061c6b058283228734010b2fa24db4Lennart Poettering processes gain access to. This takes address family names
424a19f8a2061c6b058283228734010b2fa24db4Lennart Poettering like "AF_INET" or "AF_UNIX", and is useful to minimize the
424a19f8a2061c6b058283228734010b2fa24db4Lennart Poettering attack surface of services via exotic protocol stacks. This
a1cccad1fe88ddd6943e18af97cf7f466296970fLennart Poettering is built on seccomp system call filters.
8556879e0d14925ce897875c6c264368e2d048c2Lennart Poettering * Two new unit file settings RuntimeDirectory= and
d05c556b6b2a680ec8b51ecbbc99a9ab14c28eedZbigniew Jędrzejewski-Szmek RuntimeDirectoryMode= have been added that may be used to
8556879e0d14925ce897875c6c264368e2d048c2Lennart Poettering manage a per-daemon runtime directories below /run. This is
8556879e0d14925ce897875c6c264368e2d048c2Lennart Poettering an alternative for setting up directory permissions with
8556879e0d14925ce897875c6c264368e2d048c2Lennart Poettering tmpfiles snippets, and has the advantage that the runtime
4a30847b9d71e0381948d68279c8f775b9de7850Lennart Poettering directory's lifetime is bound to the daemon runtime and that
4a30847b9d71e0381948d68279c8f775b9de7850Lennart Poettering the daemon starts up with an empty directory each time. This
5e8b28838e493b59628322b69580097ef7dd9384Lennart Poettering is particularly useful when writing services that drop
5e8b28838e493b59628322b69580097ef7dd9384Lennart Poettering privileges using the User= or Group= setting.
d87be9b0af81a6e07d4fb3028e45c4409100dc26Lennart Poettering * The DeviceAllow= unit setting now supports globbing for
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering matching against device group names.
d8b78264a5245307babbf5af8e39d6d4a1ae095fLennart Poettering * The systemd configuration file system.conf gained new
d8b78264a5245307babbf5af8e39d6d4a1ae095fLennart Poettering settings DefaultCPUAccounting=, DefaultBlockIOAccounting=,
68f160039eb78fe122cfe0d4c49695ae91f6f0d1Lennart Poettering DefaultMemoryAccounting= to globally turn on/off accounting
0790b9fed42eefc4e22dbbe2337cba9713b7848cLennart Poettering for specific resources (cgroups) for all units. These
5a7e959984788cf89719dec31999409b63bb802bLennart Poettering settings may still be overridden individually in each unit
68f160039eb78fe122cfe0d4c49695ae91f6f0d1Lennart Poettering * systemd-gpt-auto-generator is now able to discover /srv and
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt root partitions in addition to /home and swap partitions. It
68f160039eb78fe122cfe0d4c49695ae91f6f0d1Lennart Poettering also supports LUKS-encrypted partitions now. With this in
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt place, automatic discovery of partitions to mount following
68f160039eb78fe122cfe0d4c49695ae91f6f0d1Lennart Poettering the Discoverable Partitions Specification
0790b9fed42eefc4e22dbbe2337cba9713b7848cLennart Poettering (http://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec)
fd4d89b2c0b31da01d134301e30916931ae3c7d9Lennart Poettering is now a lot more complete. This allows booting without
fd4d89b2c0b31da01d134301e30916931ae3c7d9Lennart Poettering /etc/fstab and without root= on the kernel command line on
8230e26dc954a40d8c9dbc8ddd9376117021f9d2Lennart Poettering systems prepared appropriately.
4d9909c93e9c58789c71b34555a1908307c6849eLennart Poettering * systemd-nspawn gained a new --image= switch which allows
4d9909c93e9c58789c71b34555a1908307c6849eLennart Poettering booting up disk images and Linux installations on any block
47ae7201b1df43bd3da83a19e38483b0e5694c99Lennart Poettering device that follow the Discoverable Partitions Specification
47ae7201b1df43bd3da83a19e38483b0e5694c99Lennart Poettering (see above). This means that installations made with
88a6c5894c9d3f85d63b87b040c130366b4006ceKay Sievers appropriately updated installers may now be started and
8351ceaea9480d9c2979aa2ff0f4982cfdfef58dLennart Poettering deployed using container managers, completely
9946996cda11a18b44d82344676e5a0e96339408Lennart Poettering unmodified. (We hope that libvirt-lxc will add support for
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt this feature soon, too.)
3471bedc005fab03f40b99bf6599645330adcd9eLennart Poettering * systemd-nspawn gained a new --network-macvlan= setting to
3471bedc005fab03f40b99bf6599645330adcd9eLennart Poettering set up a private macvlan interface for the
59cea26a349cfa8db906b520dac72563dd773ff2Lennart Poettering container. Similarly, systemd-networkd gained a new
35eb6b124ebdf82bd77aad6e44962a9a039c4d33Lennart Poettering Kind=macvlan setting in .netdev files.
5b40d33761376354116a8cddb9b9fbdb6c4727d6Lennart Poettering * systemd-networkd now supports configuring local addresses
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers using IPv4LL.
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers * A new tool systemd-network-wait-online has been added to
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers synchronously wait for network connectivity using
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers systemd-networkd.
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers * The sd-bus.h bus API gained a new sd_bus_track object for
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers tracking the life-cycle of bus peers. Note that sd-bus.h is
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers still not a public API though (unless you specify
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers --enable-kdbus on the configure command line, which however
465349c06d994dd2cc6b6fc4109ac0b9952d500aLennart Poettering voids your warranty and you get no API stability guarantee).
a888b352eb53b07daa24fa859ceeb254336b293dLennart Poettering * The $XDG_RUNTIME_DIR runtime directories for each user are
abd55b16547d0bb0ed1c31e72e16838f0f59f48bKay Sievers now individual tmpfs instances, which has the benefit of
3f60bcb5e69846fe8a3156ca1c9a7e0813ac158aKay Sievers introducing separate pools for each user, with individual
abd55b16547d0bb0ed1c31e72e16838f0f59f48bKay Sievers size limits, and thus making sure that unprivileged clients
abd55b16547d0bb0ed1c31e72e16838f0f59f48bKay Sievers can no longer negatively impact the system or other users by
abd55b16547d0bb0ed1c31e72e16838f0f59f48bKay Sievers filling up their $XDG_RUNTIME_DIR. A new logind.conf setting
e8d842a0d0b39f298e1e7f70d29759e50b2b16d4Tom Gundersen RuntimeDirectorySize= has been introduced that allows
b8217b7bd5fd171916a095b150fad4c3a37f5a41Kay Sievers controlling the default size limit for all users. It
169c4f65131fbc7bcb51e7d5487a715cdcd0e0ebLennart Poettering defaults to 10% of the available physical memory. This is no
169c4f65131fbc7bcb51e7d5487a715cdcd0e0ebLennart Poettering replacement for quotas on tmpfs though (which the kernel
fb0864e7b9c6d26269ccea6ec5c0fd921c029781Lennart Poettering still does not support), as /dev/shm and /tmp are still
fb0864e7b9c6d26269ccea6ec5c0fd921c029781Lennart Poettering shared resources used by both the system and unprivileged
d0e5a33374cee92962af33dfc03873e470b014f6Lennart Poettering * logind will now automatically turn off automatic suspending
d0e5a33374cee92962af33dfc03873e470b014f6Lennart Poettering on laptop lid close when more than one display is
d0e5a33374cee92962af33dfc03873e470b014f6Lennart Poettering connected. This was previously expected to be implemented
d0e5a33374cee92962af33dfc03873e470b014f6Lennart Poettering individually in desktop environments (such as GNOME),
87a8baa35d6d65ac3b58ae8e26e338e67f8ae8edLennart Poettering however has been added to logind now, in order to fix a
87a8baa35d6d65ac3b58ae8e26e338e67f8ae8edLennart Poettering boot-time race where a desktop environment might not have
87a8baa35d6d65ac3b58ae8e26e338e67f8ae8edLennart Poettering been started yet and thus not been able to take an inhibitor
87a8baa35d6d65ac3b58ae8e26e338e67f8ae8edLennart Poettering lock at the time where logind already suspends the system
70a44afee385c4afadaab9a002b3f9dd44aedf4aJan Engelhardt due to a closed lid.
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers * logind will now wait at least 30s after each system
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers suspend/resume cycle, and 3min after system boot before
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers suspending the system due to a closed laptop lid. This
ad740100d108282d0244d5739d4dcc86fe4c5fdeLennart Poettering should give USB docking stations and similar enough time to
ad740100d108282d0244d5739d4dcc86fe4c5fdeLennart Poettering be probed and configured after system resume and boot in
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering order to then act as suspend blocker.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * systemd-run gained a new --property= setting which allows
7d441ddb5ca090b5a97f58ac4b4d97b3e84fa81eLennart Poettering initialization of resource control properties (and others)
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt for the created scope or service unit. Example: "systemd-run
14e639ae7a1dbf156273ce697d30fbc6c6594209Lennart Poettering --property=BlockIOWeight=10 updatedb" may be used to run
7f8aa67131cfc03ddcbd31c0420754864fc122f0Lennart Poettering updatedb at a low block IO scheduling weight.
d3c7d7dd77b2b72315164b672462825cef6c0f9aKay Sievers * systemd-run's --uid=, --gid=, --setenv=, --setenv= switches
72b9ed828bd22f3ddd74b6853c183eebf006d6d8Lennart Poettering now also work in --scope mode.
1d6702e8d3877c0bebf3ac817dc45ff72f5ecfa9Lennart Poettering * When systemd is compiled with kdbus support, basic support
1d6702e8d3877c0bebf3ac817dc45ff72f5ecfa9Lennart Poettering for enforced policies is now in place. (Note that enabling
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering kdbus still voids your warranty and no API compatibility
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering promises are made.)
1258097cd3cdbc5dd3d264850119e553a29c5068Lennart Poettering Contributions from: Andrey Borzenkov, Ansgar Burchardt, Armin
1258097cd3cdbc5dd3d264850119e553a29c5068Lennart Poettering K., Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
a4c279f87451186b8beb1b8cc21c7cad561ecf4bLennart Poettering Harald Hoyer, Henrik Grindal Bakken, Jasper St. Pierre, Kay
a4c279f87451186b8beb1b8cc21c7cad561ecf4bLennart Poettering Sievers, Kieran Clancy, Lennart Poettering, Lukas Nykryn,
7c697168102cb64c5cb65a542959684014da99c7Lennart Poettering Mantas Mikulėnas, Marcel Holtmann, Mark Oteiza, Martin Pitt,
253ee27a0c7a410d27d490bb79ea97caed6a2b68Lennart Poettering Mike Gilbert, Peter Rajnoha, poma, Samuli Suominen, Stef
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering Walter, Susant Sahani, Tero Roponen, Thomas Andersen, Thomas
8d0e38a2b966799af884e78a54fd6a2dffa44788Lennart Poettering Bächler, Thomas Hindoe Paaboel Andersen, Tomasz Torcz, Tom
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering Gundersen, Umut Tezduyar Lindskog, Uoti Urpala, Zachary Cook,
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering Zbigniew Jędrzejewski-Szmek
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering -- Berlin, 2014-03-12
a012ab5293a28af93454b3105ca85ca148b1c11fDave ReisnerCHANGES WITH 210:
88a07670cfa974a605c7c7b520b8a3135fce37f9Lennart Poettering * systemd will now relabel /dev after loading the SMACK policy
88a07670cfa974a605c7c7b520b8a3135fce37f9Lennart Poettering according to SMACK rules.
916abb21d0a6653e0187b91591e492026886b0a4Lennart Poettering * A new unit file option AppArmorProfile= has been added to
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering set the AppArmor profile for the processes of a unit.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * A new condition check ConditionArchitecture= has been added
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering to conditionalize units based on the system architecture, as
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering reported by uname()'s "machine" field.
b23de6af893c11da4286bc416455cd0926d1532eLennart Poettering * systemd-networkd now supports matching on the system
21bdae12e11ae20460715475d8a0c991f15464acLennart Poettering virtualization, architecture, kernel command line, host name
21bdae12e11ae20460715475d8a0c991f15464acLennart Poettering and machine ID.
9534ce54858c67363b841cdbdc315140437bfdb4Lennart Poettering * logind is now a lot more aggressive when suspending the
68c7d001f4117f0c3d0a4582e32cbb03ae5fac57Lennart Poettering machine due to a closed laptop lid. Instead of acting only
796b06c21b62d13c9021e2fbd9c58a5c6edb2764Kay Sievers on the lid close action, it will continuously watch the lid
68c7d001f4117f0c3d0a4582e32cbb03ae5fac57Lennart Poettering status and act on it. This is useful for laptops where the
68c7d001f4117f0c3d0a4582e32cbb03ae5fac57Lennart Poettering power button is on the outside of the chassis so that it can
7a2a0b907b5cc60f5d9a871997d7d6e7f62bf4d8Lennart Poettering be reached without opening the lid (such as the Lenovo
253ee27a0c7a410d27d490bb79ea97caed6a2b68Lennart Poettering Yoga). On those machines, logind will now immediately
5d0fcd7c8d29340ac9425c309e8ac436a9af699cLennart Poettering re-suspend the machine if the power button has been
5d0fcd7c8d29340ac9425c309e8ac436a9af699cLennart Poettering accidentally pressed while the laptop was suspended and in a
8bbabc447b1d913bd21faf97c7b17d20d315d2b4Lennart Poettering backpack or similar.
e707c49485b8f4f2ec040d3da232d39153e650b9Lennart Poettering * logind will now watch SW_DOCK switches and inhibit reaction
a19554ed92a7460b4e709cc40c558cde827ab85bLennart Poettering to the lid switch if it is pressed. This means that logind
a73d88fa024b5668ed7dde681e99547d41e6a864Lennart Poettering will not suspend the machine anymore if the lid is closed
a74a8793b04de9886b4f6987b9cb86fa02c73520Lennart Poettering and the system is docked, if the laptop supports SW_DOCK
3040728b6691ea2e9df3a2060e2d49a792bbaedaLennart Poettering notifications via the input layer. Note that ACPI docking
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering stations do not generate this currently. Also note that this
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering logic is usually not fully sufficient and Desktop
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering Environments should take a lid switch inhibitor lock when an
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering external display is connected, as systemd will not watch
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering this on its own.
44143309dd0b37d61d7d842ca58f01a65646ec71Kay Sievers * nspawn will now make use of the devices cgroup controller by
3d57c6ab801f4437f12948e29589e3d00c3ad9dbLennart Poettering default, and only permit creation of and access to the usual
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering API device nodes like /dev/null or /dev/random, as well as
3f7a8c4e9f1d3ce48919e24eb2c9d56dd6fd88d8Kay Sievers access to (but not creation of) the pty devices.
2791a8f8dc8764a9247cdba3562bd4c04010f144Lennart Poettering * We will now ship a default .network file for
a8f11321c209830a35edd0357e8def5d4437d854Lennart Poettering systemd-networkd that automatically configures DHCP for
a8f11321c209830a35edd0357e8def5d4437d854Lennart Poettering network interfaces created by nspawn's --network-veth or