NEWS revision ce1dde29b92d1399ce502e0f7db790a99d14841f
d657c51f14601d0235434ffb78cf6ac0f27cc83cLennart Poetteringsystemd System and Service Manager
61f32bff6130a44d077886d38cff89ad161bf177Martin PittCHANGES WITH 215:
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * A new tool systemd-sysusers has been added. This tool
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering creates system users and groups in /etc/passwd and
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering /etc/group, based on static declarative system user/group
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering definitions in /usr/lib/sysusers.d/. This is useful to
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering enable factory resets and volatile systems that boot up with
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering an empty /etc directory, and thus need system users and
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering groups created during early boot. systemd now also ships
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering with two default sysusers.d/ files for the most basic
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering users and groups systemd and the core operating system
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * A new tmpfiles snippet has been added that rebuilds the
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering essential files in /etc on boot, should they be missing.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * A directive for ensuring automatic clean-up of
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering /var/cache/man/ has been removed from the default
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering configuration. This line should now be shipped by the man
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt implementation. The necessary change has been made to the
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt man-db implementation. Note that you need to update your man
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt implementation to one that ships this line, otherwise no
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering automatic clean-up of /var/cache/man will take place.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * A new condition ConditionNeedsUpdate= has been added that
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering may conditionalize services to only run when /etc or /var
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering are "older" than the vendor operating system resources in
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering /usr. This is useful for reconstructing or updating /etc
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering after an offline update of /usr or a factory reset, on the
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering next reboot. Services that want to run once after such an
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering update or reset should use this condition and order
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering themselves before the new systemd-update-done.service, which
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering will mark the two directories as fully updated. A number of
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering service files have been added making use of this, to rebuild
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering the udev hardware database, the journald message catalog and
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering dynamic loader cache (ldconfig). The systemd-sysusers tool
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering described above also makes use of this now. With this in
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering place it is now possible to start up a minimal operating
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering system with /etc empty cleanly. For more information on the
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering concepts involved see this recent blog story:
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering http://0pointer.de/blog/projects/stateless.html
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering * A new system group "input" has been introduced, and all
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering input device nodes get this group assigned. This is useful
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering for system-level software to get access to input devices. It
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering complements what is already done for "audio" and "video".
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering * systemd-networkd learnt minimal DHCPv4 server support in
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering addition to the existing DHCPv4 client support. It also
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering learnt DHCPv6 client and IPv6 Router Solicitation client
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering support. The DHCPv4 client gained support for static routes
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering passed in from the server. Note that the [DHCPv4] section
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering known in older systemd-networkd versions has been renamed to
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering [DHCP] and is now also used by the DHCPv6 client. Existing
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering .network files using settings of this section need to be
a7c723c0c00a1b8ee64fe360a5d3caf2c89cb25cLennart Poettering * networkd gained support for vxlan virtual networks.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * networkd gained support for automatic allocation of address
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering ranges for interfaces from a system-wide pool of
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering addresses. This is useful for dynamically managing a large
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering number of interfaces with a single network configuration
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering file. In particular this is useful to easily assign
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt appropriate IP addresses to the veth links of a large number
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt of nspawn instances.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * RPM macros for processing sysusers, sysctl and binfmt
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering drop-in snippets at package installation time have been
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * The /etc/os-release file should now be placed in
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering /usr/lib/os-release. The old location is automatically
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering created as symlink. /usr/lib is the more appropriate
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering location of this file, since it shall actually describe the
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering vendor operating system shipped in /usr, and not the
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering configuration stored in /etc.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * .mount units gained a new boolean SloppyOptions= setting
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering that maps to mount(8)'s -s option which enables permissive
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering parsing of unknown mount options.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * tmpfiles learnt a new "L+" directive which creates a symlink
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering but (unlike "L") deletes a pre-existing file first, should
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering it already exist and not already be the correct
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering symlink. Similar, "b+", "c+" and "p+" directives have been
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering added as well, which create block and character devices, as
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering well as fifos in the filesystem, possibly removing any
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering pre-existing files of different types.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * For tmpfiles' "L", "L+", "C" and "C+" directives the final
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering 'argument' field (which so far specified the source to
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering symlink/copy the files from) is now optional. If omitted the
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering same file os copied from /usr/share/factory/ suffixed by the
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering full destination path. This is useful for populating /etc
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering with essential files, by copying them from vendor defaults
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * A new command "systemctl preset-all" has been added that
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering applies the service preset settings to all installed unit
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering files. A new switch --preset-mode= has been added that
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering controls whether only enable or only disable operations
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering shall be executed.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * A new command "systemctl is-system-running" has been added
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering that allows checking the overall state of the system, for
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt example whether it is fully up and running.
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt * When the system boots up with an empty /etc, the equivalent
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt to "systemctl preset-all" is executed during early boot, to
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering make sure all default services are enabled after a factory
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt * systemd now contains a minimal preset file that enables the
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt most basic services systemd ships by default.
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt * Unit files' [Install] section gained a new DefaultInstance=
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt field for defining the default instance to create if a
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt template unit is enabled with no instance specified.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * A new passive target cryptsetup-pre.target has been added
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering that may be used by services that need to make they run and
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering finish before the first LUKS cryptographic device is set up.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * The /dev/loop-control and /dev/btrfs-control device nodes
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering are now owned by the "disk" group by default, opening up
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering access to this group.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * systemd-coredump will now automatically generate a
50f48ad37aad99c54de4db34b07c3825cdedcf41Daniel Mack stack trace of all core dumps taking place on the system,
50f48ad37aad99c54de4db34b07c3825cdedcf41Daniel Mack based on elfutils' libdw library. This stack trace is logged
50f48ad37aad99c54de4db34b07c3825cdedcf41Daniel Mack to the journal.
50f48ad37aad99c54de4db34b07c3825cdedcf41Daniel Mack * systemd-coredump may now optionally store coredumps directly
50f48ad37aad99c54de4db34b07c3825cdedcf41Daniel Mack on disk (in /var/lib/systemd/coredump, possibly compressed),
50f48ad37aad99c54de4db34b07c3825cdedcf41Daniel Mack instead of storing them unconditionally in the journal. This
50f48ad37aad99c54de4db34b07c3825cdedcf41Daniel Mack mode is the new default. A new configuration file
50f48ad37aad99c54de4db34b07c3825cdedcf41Daniel Mack /etc/systemd/coredump.conf has been added to configure this
50f48ad37aad99c54de4db34b07c3825cdedcf41Daniel Mack and other parameters of systemd-coredump.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * coredumpctl gained a new "info" verb to show details about a
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt specific coredump. A new switch "-1" has also been added
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering that makes sure to only show information about the most
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering recent entry instead of all entries. Also, as the tool is
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt generally useful now the "systemd-" prefix of the binary
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt name has been removed. Distributions that want to maintain
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt compatibility with the old name should add a symlink from
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering the old name to the new name.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * journald's SplitMode= now defaults to "uid". This makes sure
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering that unprivileged users can access their own coredumps with
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering coredumpctl without restrictions.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * New kernel command line options "systemd.wants=" (for
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering pulling an additional unit during boot), "systemd.mask="
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt (for masking a specific unit for the boot), and
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt "systemd.debug-shell" (for enabling the debug shell on tty9)
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt have been added. This is implemented in the new generator
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering "systemd-debug-generator".
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * systemd-nspawn will now by default filter a couple of
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering syscalls for containers, among them those required for
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt kernel module loading, direct x86 IO port access, swap
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt management, and kexec. Most importantly though
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt open_by_handle_at() is now prohibited for containers,
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering closing a hole similar to a recently discussed vulnerability
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering in docker regarding access to files on file hierarchies the
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt container should normally not have access to. Note that for
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt nspawn we generally make no security claims anyway (and
8968aea0fb900b5b786eea51a316652fce5641f8Martin Pitt this is explicitly documented in the man page), so this is
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering just a fix for one of the most obvious problems.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * A new man page file-hierarchy(7) has been added that
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering contains a minimized, modernized version of the file system
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering layout systemd expects, similar in style to the FHS
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering specification or hier(5).
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * Automatic time-based clean-up of $XDG_RUNTIME_DIR is no
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering longer done. Since the directory now has a per-user size
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering limit, and is cleaned on logout this appears unnecessary,
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering in particular since this now brings the lifecycle of this
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering directory closer in line with how IPC objects are handled.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * systemd.pc now exports a number of additional directories,
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering including $libdir (which is useful to identify the library
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering path for the primary architecture of the system), and a
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering couple of drop-in directories.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering * udev's predictable network interface names now use the dev_port
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering sysfs attribute, introduced in linux 3.15 instead of dev_id to
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart Poettering distinguish between ports of the same PCI function. dev_id should
61f32bff6130a44d077886d38cff89ad161bf177Martin Pitt only be used for ports using the same HW address, hence the need
61f32bff6130a44d077886d38cff89ad161bf177Martin Pitt for dev_port.
d5f8b2952a9c24c41f82fc3a12c1b580424566cbLennart PoetteringCHANGES WITH 214:
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering * As an experimental feature, udev now tries to lock the
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering disk device node (flock(LOCK_SH|LOCK_NB)) while it
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering executes events for the disk or any of its partitions.
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering Applications like partitioning programs can lock the
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering disk device node (flock(LOCK_EX)) and claim temporary
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering device ownership that way; udev will entirely skip all event
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering handling for this disk and its partitions. If the disk
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering was opened for writing, the close will trigger a partition
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering table rescan in udev's "watch" facility, and if needed
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering synthesize "change" events for the disk and all its partitions.
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering This is now unconditionally enabled, and if it turns out to
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering cause major problems, we might turn it on only for specific
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering devices, or might need to disable it entirely. Device Mapper
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering devices are excluded from this logic.
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering * We temporarily dropped the "-l" switch for fsck invocations,
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering since they collide with the flock() logic above. util-linux
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering upstream has been changed already to avoid this conflict,
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering and we will readd "-l" as soon as util-linux with this
3545ab3501ba6c95d070f7706f8532a8a12d0af0Lennart Poettering change has been released.
61f32bff6130a44d077886d38cff89ad161bf177Martin Pitt * The dependency on libattr has been removed. Since a long
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering time, the extended attribute calls have moved to glibc, and
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering libattr is thus unnecessary.
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering * Virtualization detection works without priviliges now. This
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering means the systemd-detect-virt binary no longer requires
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering CAP_SYS_PTRACE file capabilities, and our daemons can run
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering with fewer privileges.
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering * systemd-networkd now runs under its own "systemd-network"
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering user. It retains the CAP_NET_ADMIN, CAP_NET_BIND_SERVICE,
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering CAP_NET_BROADCAST, CAP_NET_RAW capabilities though, but
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering loses the ability to write to files owned by root this way.
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering * Similar, systemd-resolved now runs under its own
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering "systemd-resolve" user with no capabilities remaining.
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering * Similar, systemd-bus-proxyd now runs under its own
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering "systemd-bus-proxy" user with only CAP_IPC_OWNER remaining.
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering * systemd-networkd gained support for setting up "veth"
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering virtual ethernet devices for container connectivity, as well
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering as GRE and VTI tunnels.
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering * systemd-networkd will no longer automatically attempt to
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering manually load kernel modules necessary for certain tunnel
815bb5bd565b4edc05a426d24353a9ba68482834Thomas Hindoe Paaboel Andersen transports. Instead, it is assumed the kernel loads them
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering automatically when required. This only works correctly on
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering very new kernels. On older kernels, please consider adding
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering the kernel modules to /etc/modules-load.d/ as a work-around.
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering * The resolv.conf file systemd-resolved generates has been
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering moved to /run/systemd/resolve/. If you have a symlink from
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering /etc/resolv.conf, it might be necessary to correct it.
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering * Two new service settings, ProtectedHome= and ProtectedSystem=,
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering have been added. When enabled, they will make the user data
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering (such as /home) inaccessible or read-only and the system
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering (such as /usr) read-only, for specific services. This allows
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering very light-weight per-service sandboxing to avoid
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering modifications of user data or system files from
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering services. These two new switches have been enabled for all
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering of systemd's long-running services, where appropriate.
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering * Socket units gained new SocketUser= and SocketGroup=
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering settings to set the owner user and group of AF_UNIX sockets
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering and FIFOs in the file system.
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering * Socket units gained a new RemoveOnStop= setting. If enabled,
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering all FIFOS and sockets in the file system will be removed
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering when the specific socket unit is stopped.
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering * Socket units gained a new Symlinks= setting. It takes a list
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering of symlinks to create to file system sockets or FIFOs
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering created by the specific Unix sockets. This is useful to
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering manage symlinks to socket nodes with the same life-cycle as
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering the socket itself.
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering * The /dev/log socket and /dev/initctl FIFO have been moved to
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering /run, and have been replaced by symlinks. This allows
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering connecting to these facilities even if PrivateDevices=yes is
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering used for a service (which makes /dev/log itself unavailable,
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering but /run is left). This also has the benefit of ensuring
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering that /dev only contains device nodes, directories and
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering symlinks, and nothing else.
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering * sd-daemon gained two new calls sd_pid_notify() and
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering sd_pid_notifyf(). They are similar to sd_notify() and
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering sd_notifyf(), but allow overriding of the source PID of
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering notification messages if permissions permit this. This is
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering useful to send notify messages on behalf of a different
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering process (for example, the parent process). The
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering systemd-notify tool has been updated to make use of this
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering when sending messages (so that notification messages now
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering originate from the shell script invoking systemd-notify and
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering not the systemd-notify process itself. This should minimize
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering a race where systemd fails to associate notification
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering messages to services when the originating process already
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering * A new "on-abnormal" setting for Restart= has been added. If
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering set, it will result in automatic restarts on all "abnormal"
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering reasons for a process to exit, which includes unclean
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering signals, core dumps, timeouts and watchdog timeouts, but
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering does not include clean and unclean exit codes or clean
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering signals. Restart=on-abnormal is an alternative for
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering Restart=on-failure for services that shall be able to
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering terminate and avoid restarts on certain errors, by
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering indicating so with an unclean exit code. Restart=on-failure
ddb4b0d3eb57292c38a76f9b977f73cea15448fbLennart Poettering or Restart=on-abnormal is now the recommended setting for
ddb4b0d3eb57292c38a76f9b977f73cea15448fbLennart Poettering all long-running services.
ddb4b0d3eb57292c38a76f9b977f73cea15448fbLennart Poettering * If the InaccessibleDirectories= service setting points to a
ddb4b0d3eb57292c38a76f9b977f73cea15448fbLennart Poettering mount point (or if there are any submounts contained within
ddb4b0d3eb57292c38a76f9b977f73cea15448fbLennart Poettering it), it is now attempted to completely unmount it, to make
ddb4b0d3eb57292c38a76f9b977f73cea15448fbLennart Poettering the file systems truly unavailable for the respective
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering * The ReadOnlyDirectories= service setting and
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering systemd-nspawn's --read-only parameter are now recursively
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering applied to all submounts, too.
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering * Mount units may now be created transiently via the bus APIs.
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering * The support for SysV and LSB init scripts has been removed
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering from the systemd daemon itself. Instead, it is now
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering implemented as a generator that creates native systemd units
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering from these scripts when needed. This enables us to remove a
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering substantial amount of legacy code from PID 1, following the
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering fact that many distributions only ship a very small number
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering of LSB/SysV init scripts nowadays.
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering * Priviliged Xen (dom0) domains are not considered
815bb5bd565b4edc05a426d24353a9ba68482834Thomas Hindoe Paaboel Andersen virtualization anymore by the virtualization detection
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering logic. After all, they generally have unrestricted access to
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering the hardware and usually are used to manage the unprivileged
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering (domU) domains.
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering * systemd-tmpfiles gained a new "C" line type, for copying
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering files or entire directories.
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering * systemd-tmpfiles "m" lines are now fully equivalent to "z"
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering lines. So far, they have been non-globbing versions of the
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering latter, and have thus been redundant. In future, it is
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering recommended to only use "z". "m" has hence been removed
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering from the documentation, even though it stays supported.
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering * A tmpfiles snippet to recreate the most basic structure in
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering /var has been added. This is enough to create the /var/run →
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering /run symlink and create a couple of structural
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering directories. This allows systems to boot up with an empty or
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering volatile /var. Of course, while with this change, the core OS
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering now is capable with dealing with a volatile /var, not all
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering user services are ready for it. However, we hope that sooner
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering or later, many service daemons will be changed upstream so
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering that they are able to automatically create their necessary
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering directories in /var at boot, should they be missing. This is
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering the first step to allow state-less systems that only require
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering the vendor image for /usr to boot.
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering * systemd-nspawn has gained a new --tmpfs= switch to mount an
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering empty tmpfs instance to a specific directory. This is
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering particularly useful for making use of the automatic
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering reconstruction of /var (see above), by passing --tmpfs=/var.
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering * Access modes specified in tmpfiles snippets may now be
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering prefixed with "~", which indicates that they shall be masked
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering by whether the existing file or directly is currently
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering writable, readable or executable at all. Also, if specified,
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering the sgid/suid/sticky bits will be masked for all
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering non-directories.
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering * A new passive target unit "network-pre.target" has been
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering added which is useful for services that shall run before any
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering network is configured, for example firewall scripts.
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering * The "floppy" group that previously owned the /dev/fd*
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering devices is no longer used. The "disk" group is now used
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering instead. Distributions should probably deprecate usage of
b9e2f7eb00643f28390cedf883f516f4ba7193bbLennart Poettering Contributions from: Camilo Aguilar, Christian Hesse, Colin Ian
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering King, Cristian Rodríguez, Daniel Buch, Dave Reisner, David
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering Strauss, Denis Tikhomirov, John, Jonathan Liu, Kay Sievers,
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering Lennart Poettering, Mantas Mikulėnas, Mark Eichin, Ronny
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering Chevalier, Susant Sahani, Thomas Blume, Thomas Hindoe Paaboel
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering Andersen, Tom Gundersen, Umut Tezduyar Lindskog, Zbigniew
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering Jędrzejewski-Szmek
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering -- Berlin, 2014-06-11
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart PoetteringCHANGES WITH 213:
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering * A new "systemd-timesyncd" daemon has been added for
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering synchronizing the system clock across the network. It
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering implements an SNTP client. In contrast to NTP
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering implementations such as chrony or the NTP reference server,
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering this only implements a client side, and does not bother with
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering the full NTP complexity, focusing only on querying time from
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering one remote server and synchronizing the local clock to
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering it. Unless you intend to serve NTP to networked clients or
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering want to connect to local hardware clocks, this simple NTP
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering client should be more than appropriate for most
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering installations. The daemon runs with minimal privileges, and
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering has been hooked up with networkd to only operate when
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering network connectivity is available. The daemon saves the
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering current clock to disk every time a new NTP sync has been
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering acquired, and uses this to possibly correct the system clock
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering early at bootup, in order to accommodate for systems that
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering lack an RTC such as the Raspberry Pi and embedded devices,
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering and to make sure that time monotonically progresses on these
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering systems, even if it is not always correct. To make use of
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering this daemon, a new system user and group "systemd-timesync"
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering needs to be created on installation of systemd.
f1f8a5a5e110f485257e8702ad30b9997e529a74Lennart Poettering * The queue "seqnum" interface of libudev has been disabled, as
28c85daf0ae80d1d5f8b878efa4bdad690e1f29bLennart Poettering it was generally incompatible with device namespacing as
dd050decb6ad131ebdeabb71c4f9ecb4733269c0David Herrmann sequence numbers of devices go "missing" if the devices are
a11c7ea52cc31a8c95e46e781469d3a104f48090Lennart Poettering part of a different namespace.
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack * "systemctl list-timers" and "systemctl list-sockets" gained
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack a --recursive switch for showing units of these types also
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack for all local containers, similar in style to the already
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack supported --recursive switch for "systemctl list-units".
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack * A new RebootArgument= setting has been added for service
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack units, which may be used to specify a kernel reboot argument
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack to use when triggering reboots with StartLimitAction=.
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack * A new FailureAction= setting has been added for service
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack units which may be used to specify an operation to trigger
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack when a service fails. This works similarly to
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering StartLimitAction=, but unlike it, controls what is done
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering immediately rather than only after several attempts to
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack restart the service in question.
6fd5517b11d2c258b3c09baf571bae71b9ac98a7Zbigniew Jędrzejewski-Szmek * hostnamed got updated to also expose the kernel name,
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack release, and version on the bus. This is useful for
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack executing commands like hostnamectl with the -H switch.
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering systemd-analyze makes use of this to properly display
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering details when running non-locally.
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering * The bootchart tool can now show cgroup information in the
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering graphs it generates.
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack * The CFS CPU quota cgroup attribute is now exposed for
6fd5517b11d2c258b3c09baf571bae71b9ac98a7Zbigniew Jędrzejewski-Szmek services. The new CPUQuota= switch has been added for this
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack which takes a percentage value. Setting this will have the
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack result that a service may never get more CPU time than the
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack specified percentage, even if the machine is otherwise idle.
21d86c613d85a5ffb23decaf9876b9f42696e718Daniel Mack * systemd-networkd learned IPIP and SIT tunnel support.
21d86c613d85a5ffb23decaf9876b9f42696e718Daniel Mack * LSB init scripts exposing a dependency on $network will now
21d86c613d85a5ffb23decaf9876b9f42696e718Daniel Mack get a dependency on network-online.target rather than simply
21d86c613d85a5ffb23decaf9876b9f42696e718Daniel Mack network.target. This should bring LSB handling closer to
21d86c613d85a5ffb23decaf9876b9f42696e718Daniel Mack what it was on SysV systems.
21d86c613d85a5ffb23decaf9876b9f42696e718Daniel Mack * A new fsck.repair= kernel option has been added to control
21d86c613d85a5ffb23decaf9876b9f42696e718Daniel Mack how fsck shall deal with unclean file systems at boot.
21d86c613d85a5ffb23decaf9876b9f42696e718Daniel Mack * The (.ini) configuration file parser will now silently
21d86c613d85a5ffb23decaf9876b9f42696e718Daniel Mack ignore sections whose name begins with "X-". This may be
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering used to maintain application-specific extension sections in unit
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering * machined gained a new API to query the IP addresses of
21d86c613d85a5ffb23decaf9876b9f42696e718Daniel Mack registered containers. "machinectl status" has been updated
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering to show these addresses in its output.
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering * A new call sd_uid_get_display() has been added to the
21d86c613d85a5ffb23decaf9876b9f42696e718Daniel Mack sd-login APIs for querying the "primary" session of a
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering user. The "primary" session of the user is elected from the
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering user's sessions and generally a graphical session is
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering preferred over a text one.
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering * A minimal systemd-resolved daemon has been added. It
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering currently simply acts as a companion to systemd-networkd and
21d86c613d85a5ffb23decaf9876b9f42696e718Daniel Mack manages resolv.conf based on per-interface DNS
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering configuration, possibly supplied via DHCP. In the long run
8b5f9d156ceec7284eeabe79fcbf51f503eb50f5Daniel Mack we hope to extend this into a local DNSSEC enabled DNS and
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering * The systemd-networkd-wait-online tool is now enabled by
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering default. It will delay network-online.target until a network
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering connection has been configured. The tool primarily integrates
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering with networkd, but will also make a best effort to make sense
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering of network configuration performed in some other way.
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering * Two new service options StartupCPUShares= and
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering StartupBlockIOWeight= have been added that work similarly to
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering CPUShares= and BlockIOWeight= however only apply during
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering system startup. This is useful to prioritize certain services
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering differently during bootup than during normal runtime.
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering * hostnamed has been changed to prefer the statically
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering configured hostname in /etc/hostname (unless set to
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering 'localhost' or empty) over any dynamic one supplied by
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering dhcp. With this change, the rules for picking the hostname
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering match more closely the rules of other configuration settings
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering where the local administrator's configuration in /etc always
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering overrides any other settings.
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Contributions fron: Ali H. Caliskan, Alison Chaiken, Bas van
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering den Berg, Brandon Philips, Cristian Rodríguez, Daniel Buch,
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Dan Kilman, Dave Reisner, David Härdeman, David Herrmann,
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering David Strauss, Dimitris Spingos, Djalal Harouni, Eelco
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Dolstra, Evan Nemerson, Florian Albrechtskirchinger, Greg
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Kroah-Hartman, Harald Hoyer, Holger Hans Peter Freyther, Jan
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Engelhardt, Jani Nikula, Jason St. John, Jeffrey Clark,
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Jonathan Boulle, Kay Sievers, Lennart Poettering, Lukas
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Nykryn, Lukasz Skalski, Łukasz Stelmach, Mantas Mikulėnas,
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Marcel Holtmann, Martin Pitt, Matthew Monaco, Michael
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Marineau, Michael Olbrich, Michal Sekletar, Mike Gilbert, Nis
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Martensen, Patrik Flykt, Philip Lorenz, poma, Ray Strode,
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Reyad Attiyat, Robert Milasan, Scott Thrasher, Stef Walter,
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Steven Siloti, Susant Sahani, Tanu Kaskinen, Thomas Bächler,
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Lindskog, WaLyong Cho, Will Woods, Zbigniew
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering Jędrzejewski-Szmek
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering -- Beijing, 2014-05-28
bdba9227ec6462198b63af69098a003aa2292c0fDaniel MackCHANGES WITH 212:
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack * When restoring the screen brightness at boot, stay away from
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack the darkest setting or from the lowest 5% of the available
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack range, depending on which is the larger value of both. This
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack should effectively protect the user from rebooting into a
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering black screen, should the brightness have been set to minimum
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering * sd-login gained a new sd_machine_get_class() call to
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering determine the class ("vm" or "container") of a machine
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack registered with machined.
a8eaaee72a2f06e0fb64fb71de3b71ecba31dafbJan Engelhardt * sd-login gained new calls
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack sd_peer_get_{session,owner_uid,unit,user_unit,slice,machine_name}(),
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack to query the identity of the peer of a local AF_UNIX
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack connection. They operate similarly to their sd_pid_get_xyz()
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering * PID 1 will now maintain a system-wide system state engine
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering with the states "starting", "running", "degraded",
edf4126f60561cc6236e46d07f4845dbc6935fa2Tom Gundersen "maintenance", "stopping". These states are bound to system
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering startup, normal runtime, runtime with at least one failed
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering service, rescue/emergency mode and system shutdown. This
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering state is shown in the "systemctl status" output when no unit
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering name is passed. It is useful to determine system state, in
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering particularly when doing so for many systems or containers at
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack * A new command "list-machines" has been added to "systemctl"
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack that lists all local OS containers and shows their system
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack state (see above), if systemd runs inside of them.
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack * systemctl gained a new "-r" switch to recursively enumerate
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack units on all local containers, when used with the
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack "list-unit" command (which is the default one that is
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack executed when no parameters are specified).
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack * The GPT automatic partition discovery logic will now honour
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack two GPT partition flags: one may be set on a partition to
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack cause it to be mounted read-only, and the other may be set
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack on a partition to ignore it during automatic discovery.
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack * Two new GPT type UUIDs have been added for automatic root
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering partition discovery, for 32-bit and 64-bit ARM. This is not
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering particularly useful for discovering the root directory on
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering these architectures during bare-metal boots (since UEFI is
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering not common there), but still very useful to allow booting of
fe08a30b58bba0e04fb3e43122e0b157af5846a1Lennart Poettering ARM disk images in nspawn with the -i option.
91d0d699121f9cf29e3ba45380ce503b8ea505feLennart Poettering * MAC addresses of interfaces created with nspawn's
91d0d699121f9cf29e3ba45380ce503b8ea505feLennart Poettering --network-interface= switch will now be generated from the
91d0d699121f9cf29e3ba45380ce503b8ea505feLennart Poettering machine name, and thus be stable between multiple invocations
91d0d699121f9cf29e3ba45380ce503b8ea505feLennart Poettering of the container.
91d0d699121f9cf29e3ba45380ce503b8ea505feLennart Poettering * logind will now automatically remove all IPC objects owned
91d0d699121f9cf29e3ba45380ce503b8ea505feLennart Poettering by a user if she or he fully logs out. This makes sure that
91d0d699121f9cf29e3ba45380ce503b8ea505feLennart Poettering users who are logged out cannot continue to consume IPC
91d0d699121f9cf29e3ba45380ce503b8ea505feLennart Poettering resources. This covers SysV memory, semaphores and message
91d0d699121f9cf29e3ba45380ce503b8ea505feLennart Poettering queues as well as POSIX shared memory and message
91d0d699121f9cf29e3ba45380ce503b8ea505feLennart Poettering queues. Traditionally, SysV and POSIX IPC had no life-cycle
91d0d699121f9cf29e3ba45380ce503b8ea505feLennart Poettering limits. With this functionality, that is corrected. This may
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering be turned off by using the RemoveIPC= switch of logind.conf.
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering * The systemd-machine-id-setup and tmpfiles tools gained a
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering --root= switch to operate on a specific root directory,
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering * journald can now forward logged messages to the TTYs of all
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering logged in users ("wall"). This is the default for all
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering emergency messages now.
d046fb936658e7239c8e2635ecb7fb32748ef535Lennart Poettering * A new tool systemd-journal-remote has been added to stream
c48eb61fa72205615e3a2bec9fb6576a5973fc6bTom Gundersen journal log messages across the network.
bdba9227ec6462198b63af69098a003aa2292c0fDaniel Mack * /sys/fs/cgroup/ is now mounted read-only after all cgroup
c30f086f047a2a34474de29e4b87ad4464594440Lennart Poettering controller trees are mounted into it. Note that the
efce0ffeac5ea1b71f61094914d4c00e97da53ecDaniel Machon directories mounted beneath it are not read-only. This is a
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack security measure and is particularly useful because glibc
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering actually includes a search logic to pick any tmpfs it can
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering find to implement shm_open() if /dev/shm is not available
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering (which it might very well be in namespaced setups).
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering * machinectl gained a new "poweroff" command to cleanly power
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering down a local OS container.
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering * The PrivateDevices= unit file setting will now also drop the
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering CAP_MKNOD capability from the capability bound set, and
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering imply DevicePolicy=closed.
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering * PrivateDevices=, PrivateNetwork= and PrivateTmp= is now used
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering comprehensively on all long-running systemd services where
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering this is appropriate.
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering * systemd-udevd will now run in a disassociated mount
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering namespace. To mount directories from udev rules, make sure to
61e6771c4ac5e8418a9537a0f3efa1e51c45e5b9Lennart Poettering pull in mount units via SYSTEMD_WANTS properties.
1e0adaa45d2c1a300199069bfdeb494281b54086Daniel Mack * The kdbus support gained support for uploading policy into
c97e586d8a18db5dc505d76059ed1d9add234925Daniel Mack the kernel. sd-bus gained support for creating "monitoring"
c9912c5eafa03fdf53e569eaf2e89d7e0932975bDavid Herrmann connections that can eavesdrop into all bus communication
c9912c5eafa03fdf53e569eaf2e89d7e0932975bDavid Herrmann for debugging purposes.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * Timestamps may now be specified in seconds since the UNIX
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering epoch Jan 1st, 1970 by specifying "@" followed by the value
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * Native tcpwrap support in systemd has been removed. tcpwrap
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering is old code, not really maintained anymore and has serious
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering shortcomings, and better options such as firewalls
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering exist. For setups that require tcpwrap usage, please
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering consider invoking your socket-activated service via tcpd,
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering like on traditional inetd.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * A new system.conf configuration option
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering DefaultTimerAccuracySec= has been added that controls the
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering default AccuracySec= setting of .timer units.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * Timer units gained a new WakeSystem= switch. If enabled,
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering timers configured this way will cause the system to resume
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering from system suspend (if the system supports that, which most
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering do these days).
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * Timer units gained a new Persistent= switch. If enabled,
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering timers configured this way will save to disk when they have
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering been last triggered. This information is then used on next
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering reboot to possible execute overdue timer events, that
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering could not take place because the system was powered off.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering This enables simple anacron-like behaviour for timer units.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * systemctl's "list-timers" will now also list the time a
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering timer unit was last triggered in addition to the next time
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering it will be triggered.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * systemd-networkd will now assign predictable IPv4LL
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering addresses to its local interfaces.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Contributions from: Brandon Philips, Daniel Buch, Daniel Mack,
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Dave Reisner, David Herrmann, Gerd Hoffmann, Greg
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Kroah-Hartman, Hendrik Brueckner, Jason St. John, Josh
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Triplett, Kay Sievers, Lennart Poettering, Marc-Antoine
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Perennou, Michael Marineau, Michael Olbrich, Miklos Vajna,
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Patrik Flykt, poma, Sebastian Thorarensen, Thomas Bächler,
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Thomas Hindoe Paaboel Andersen, Tomasz Torcz, Tom Gundersen,
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Umut Tezduyar Lindskog, Wieland Hoffmann, Zbigniew
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Jędrzejewski-Szmek
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering -- Berlin, 2014-03-25
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart PoetteringCHANGES WITH 211:
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * A new unit file setting RestrictAddressFamilies= has been
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering added to restrict which socket address families unit
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering processes gain access to. This takes address family names
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering like "AF_INET" or "AF_UNIX", and is useful to minimize the
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering attack surface of services via exotic protocol stacks. This
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering is built on seccomp system call filters.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * Two new unit file settings RuntimeDirectory= and
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering RuntimeDirectoryMode= have been added that may be used to
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering manage a per-daemon runtime directories below /run. This is
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering an alternative for setting up directory permissions with
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering tmpfiles snippets, and has the advantage that the runtime
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering directory's lifetime is bound to the daemon runtime and that
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering the daemon starts up with an empty directory each time. This
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering is particularly useful when writing services that drop
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering privileges using the User= or Group= setting.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * The DeviceAllow= unit setting now supports globbing for
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering matching against device group names.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * The systemd configuration file system.conf gained new
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering settings DefaultCPUAccounting=, DefaultBlockIOAccounting=,
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering DefaultMemoryAccounting= to globally turn on/off accounting
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering for specific resources (cgroups) for all units. These
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering settings may still be overridden individually in each unit
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * systemd-gpt-auto-generator is now able to discover /srv and
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering root partitions in addition to /home and swap partitions. It
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering also supports LUKS-encrypted partitions now. With this in
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering place, automatic discovery of partitions to mount following
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering the Discoverable Partitions Specification
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering (http://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec)
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering is now a lot more complete. This allows booting without
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering /etc/fstab and without root= on the kernel command line on
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering systems prepared appropriately.
c626bf1d306735a2442800c03ec10cf55442af55Daniel Mack * systemd-nspawn gained a new --image= switch which allows
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering booting up disk images and Linux installations on any block
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering device that follow the Discoverable Partitions Specification
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering (see above). This means that installations made with
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering appropriately updated installers may now be started and
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering deployed using container managers, completely
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering unmodified. (We hope that libvirt-lxc will add support for
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering this feature soon, too.)
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * systemd-nspawn gained a new --network-macvlan= setting to
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering set up a private macvlan interface for the
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering container. Similarly, systemd-networkd gained a new
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Kind=macvlan setting in .netdev files.
c9912c5eafa03fdf53e569eaf2e89d7e0932975bDavid Herrmann * systemd-networkd now supports configuring local addresses
47f5a38cdf98a220d6a0d4eb11a710a0a42ae5c4Lennart Poettering * A new tool systemd-network-wait-online has been added to
47f5a38cdf98a220d6a0d4eb11a710a0a42ae5c4Lennart Poettering synchronously wait for network connectivity using
47f5a38cdf98a220d6a0d4eb11a710a0a42ae5c4Lennart Poettering systemd-networkd.
2f77decc5ba25d0463f137aa7f64ce6684917cf1Lennart Poettering * The sd-bus.h bus API gained a new sd_bus_track object for
2f77decc5ba25d0463f137aa7f64ce6684917cf1Lennart Poettering tracking the life-cycle of bus peers. Note that sd-bus.h is
2f77decc5ba25d0463f137aa7f64ce6684917cf1Lennart Poettering still not a public API though (unless you specify
2f77decc5ba25d0463f137aa7f64ce6684917cf1Lennart Poettering --enable-kdbus on the configure command line, which however
2f77decc5ba25d0463f137aa7f64ce6684917cf1Lennart Poettering voids your warranty and you get no API stability guarantee).
2f77decc5ba25d0463f137aa7f64ce6684917cf1Lennart Poettering * The $XDG_RUNTIME_DIR runtime directories for each user are
23d08d1b2bfd7f4b3c0a9408c9ccd65c3fb80fc2David Herrmann now individual tmpfs instances, which has the benefit of
c9912c5eafa03fdf53e569eaf2e89d7e0932975bDavid Herrmann introducing separate pools for each user, with individual
23d08d1b2bfd7f4b3c0a9408c9ccd65c3fb80fc2David Herrmann size limits, and thus making sure that unprivileged clients
c9912c5eafa03fdf53e569eaf2e89d7e0932975bDavid Herrmann can no longer negatively impact the system or other users by
ec5249a27adb1ffbcd41f2c771e19c3353819456Daniel Mack filling up their $XDG_RUNTIME_DIR. A new logind.conf setting
ec5249a27adb1ffbcd41f2c771e19c3353819456Daniel Mack RuntimeDirectorySize= has been introduced that allows
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering controlling the default size limit for all users. It
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering defaults to 10% of the available physical memory. This is no
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering replacement for quotas on tmpfs though (which the kernel
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering still does not support), as /dev/shm and /tmp are still
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering shared resources used by both the system and unprivileged
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * logind will now automatically turn off automatic suspending
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering on laptop lid close when more than one display is
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering connected. This was previously expected to be implemented
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering individually in desktop environments (such as GNOME),
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering however has been added to logind now, in order to fix a
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering boot-time race where a desktop environment might not have
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering been started yet and thus not been able to take an inhibitor
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering lock at the time where logind already suspends the system
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering due to a closed lid.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * logind will now wait at least 30s after each system
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering suspend/resume cycle, and 3min after system boot before
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering suspending the system due to a closed laptop lid. This
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering should give USB docking stations and similar enough time to
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering be probed and configured after system resume and boot in
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering order to then act as suspend blocker.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * systemd-run gained a new --property= setting which allows
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering initialization of resource control properties (and others)
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering for the created scope or service unit. Example: "systemd-run
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering --property=BlockIOWeight=10 updatedb" may be used to run
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering updatedb at a low block IO scheduling weight.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * systemd-run's --uid=, --gid=, --setenv=, --setenv= switches
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering now also work in --scope mode.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * When systemd is compiled with kdbus support, basic support
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering for enforced policies is now in place. (Note that enabling
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering kdbus still voids your warranty and no API compatibility
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering promises are made.)
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Contributions from: Andrey Borzenkov, Ansgar Burchardt, Armin
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering K., Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Harald Hoyer, Henrik Grindal Bakken, Jasper St. Pierre, Kay
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Sievers, Kieran Clancy, Lennart Poettering, Lukas Nykryn,
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Mantas Mikulėnas, Marcel Holtmann, Mark Oteiza, Martin Pitt,
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Mike Gilbert, Peter Rajnoha, poma, Samuli Suominen, Stef
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Walter, Susant Sahani, Tero Roponen, Thomas Andersen, Thomas
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Bächler, Thomas Hindoe Paaboel Andersen, Tomasz Torcz, Tom
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Gundersen, Umut Tezduyar Lindskog, Uoti Urpala, Zachary Cook,
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering Zbigniew Jędrzejewski-Szmek
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering -- Berlin, 2014-03-12
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart PoetteringCHANGES WITH 210:
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * systemd will now relabel /dev after loading the SMACK policy
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering according to SMACK rules.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * A new unit file option AppArmorProfile= has been added to
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering set the AppArmor profile for the processes of a unit.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * A new condition check ConditionArchitecture= has been added
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering to conditionalize units based on the system architecture, as
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering reported by uname()'s "machine" field.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * systemd-networkd now supports matching on the system
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering virtualization, architecture, kernel command line, host name
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering and machine ID.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * logind is now a lot more aggressive when suspending the
e1439a1472c5f691733b8ef10e702beac2496a63David Herrmann machine due to a closed laptop lid. Instead of acting only
e1439a1472c5f691733b8ef10e702beac2496a63David Herrmann on the lid close action, it will continuously watch the lid
ec5249a27adb1ffbcd41f2c771e19c3353819456Daniel Mack status and act on it. This is useful for laptops where the
11811e856b0c63439d45edc9c9834ad427e1bb6aDavid Herrmann power button is on the outside of the chassis so that it can
11811e856b0c63439d45edc9c9834ad427e1bb6aDavid Herrmann be reached without opening the lid (such as the Lenovo
10fa421cd2abdc2ae1a07f7c13bfaa4ee6d6de4fDavid Herrmann Yoga). On those machines, logind will now immediately
10fa421cd2abdc2ae1a07f7c13bfaa4ee6d6de4fDavid Herrmann re-suspend the machine if the power button has been
10fa421cd2abdc2ae1a07f7c13bfaa4ee6d6de4fDavid Herrmann accidentally pressed while the laptop was suspended and in a
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering backpack or similar.
5e8d4254f916eb7115ae14de42e7eccf6bc83786Lennart Poettering * logind will now watch SW_DOCK switches and inhibit reaction
10fa421cd2abdc2ae1a07f7c13bfaa4ee6d6de4fDavid Herrmann to the lid switch if it is pressed. This means that logind
11811e856b0c63439d45edc9c9834ad427e1bb6aDavid Herrmann will not suspend the machine anymore if the lid is closed
11811e856b0c63439d45edc9c9834ad427e1bb6aDavid Herrmann and the system is docked, if the laptop supports SW_DOCK
11811e856b0c63439d45edc9c9834ad427e1bb6aDavid Herrmann notifications via the input layer. Note that ACPI docking
11811e856b0c63439d45edc9c9834ad427e1bb6aDavid Herrmann stations do not generate this currently. Also note that this
11811e856b0c63439d45edc9c9834ad427e1bb6aDavid Herrmann logic is usually not fully sufficient and Desktop
11811e856b0c63439d45edc9c9834ad427e1bb6aDavid Herrmann Environments should take a lid switch inhibitor lock when an
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann external display is connected, as systemd will not watch
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann this on its own.
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann * nspawn will now make use of the devices cgroup controller by
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann default, and only permit creation of and access to the usual
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann API device nodes like /dev/null or /dev/random, as well as
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann access to (but not creation of) the pty devices.
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann * We will now ship a default .network file for
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann systemd-networkd that automatically configures DHCP for
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann network interfaces created by nspawn's --network-veth or
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann --network-bridge= switches.
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack * systemd will now understand the usual M, K, G, T suffixes
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack according to SI conventions (i.e. to the base 1000) when
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack referring to throughput and hardware metrics. It will stay
37d54b938faeefd0a5a74f9197a33d78bbb8d6bfDaniel Mack with IEC conventions (i.e. to the base 1024) for software
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack metrics, according to what is customary according to
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack Wikipedia. We explicitly document which base applies for
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack each configuration option.
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack * The DeviceAllow= setting in unit files now supports a syntax
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack to whitelist an entire group of devices node majors at once,
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack based on the /proc/devices listing. For example, with the
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack string "char-pts", it is now possible to whitelist all
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack current and future pseudo-TTYs at once.
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack * sd-event learned a new "post" event source. Event sources of
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack this type are triggered by the dispatching of any event
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack source of a type that is not "post". This is useful for
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack implementing clean-up and check event sources that are
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack triggered by other work being done in the program.
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack * systemd-networkd is no longer statically enabled, but uses
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack the usual [Install] sections so that it can be
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack enabled/disabled using systemctl. It still is enabled by
931618d08c64083ff7b29c494f482c40a5b05608Daniel Mack default however.
f5f113f66692abaf72e83698cb7b4f3690b90cf8David Herrmann * When creating a veth interface pair with systemd-nspawn, the
f5f113f66692abaf72e83698cb7b4f3690b90cf8David Herrmann host side will now be prefixed with "vb-" if
f5f113f66692abaf72e83698cb7b4f3690b90cf8David Herrmann --network-bridge= is used, and with "ve-" if --network-veth
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann is used. This way, it is easy to distinguish these cases on
01608bc86a104423d192364f9534b83d0c75db7fKay Sievers the host, for example to apply different configuration to
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann them with systemd-networkd.
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann * The compatibility libraries for libsystemd-journal.so,
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann libsystemd-daemon.so do not make use of IFUNC
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann anymore. Instead, we now build libsystemd.so multiple times
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann under these alternative names. This means that the footprint
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann is drastically increased, but given that these are
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann transitional compatibility libraries, this should not matter
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann much. This change has been made necessary to support the ARM
e4e66993951e9e349e8008fa7c81184b6e4ae385David Herrmann platform for these compatibility libraries, as the ARM
e4e66993951e9e349e8008fa7c81184b6e4ae385David Herrmann toolchain is not really at the same level as the toolchain
e4e66993951e9e349e8008fa7c81184b6e4ae385David Herrmann for other architectures like x86 and does not support
e4e66993951e9e349e8008fa7c81184b6e4ae385David Herrmann IFUNC. Please make sure to use --enable-compat-libs only
e4e66993951e9e349e8008fa7c81184b6e4ae385David Herrmann during a transitional period!
e4e66993951e9e349e8008fa7c81184b6e4ae385David Herrmann Contributions from: Andreas Fuchs, Armin K., Colin Walters,
e4e66993951e9e349e8008fa7c81184b6e4ae385David Herrmann Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
e4e66993951e9e349e8008fa7c81184b6e4ae385David Herrmann Holger Schurig, Jason A. Donenfeld, Jason St. John, Jasper
e4e66993951e9e349e8008fa7c81184b6e4ae385David Herrmann St. Pierre, Kay Sievers, Lennart Poettering, Łukasz Stelmach,
e4e66993951e9e349e8008fa7c81184b6e4ae385David Herrmann Marcel Holtmann, Michael Scherer, Michal Sekletar, Mike
e57eaef8a187762ca92838c24b9b6460878a800cDavid Herrmann Gilbert, Samuli Suominen, Thomas Bächler, Thomas Hindoe
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann Paaboel Andersen, Tom Gundersen, Umut Tezduyar Lindskog,
5541c88977e63215e74b7517fb33cb27e5a04f17David Herrmann Zbigniew Jędrzejewski-Szmek
861b02ebd6ec997a6880824960ba8903bac74f7dKay Sievers -- Berlin, 2014-02-24
861b02ebd6ec997a6880824960ba8903bac74f7dKay SieversCHANGES WITH 209:
861b02ebd6ec997a6880824960ba8903bac74f7dKay Sievers * A new component "systemd-networkd" has been added that can
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann be used to configure local network interfaces statically or
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann via DHCP. It is capable of bringing up bridges, VLANs, and
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann bonding. Currently, no hook-ups for interactive network
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann configuration are provided. Use this for your initrd,
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann container, embedded, or server setup if you need a simple,
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann yet powerful, network configuration solution. This
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann configuration subsystem is quite nifty, as it allows wildcard
5541c88977e63215e74b7517fb33cb27e5a04f17David Herrmann hotplug matching in interfaces. For example, with a single
5541c88977e63215e74b7517fb33cb27e5a04f17David Herrmann configuration snippet, you can configure that all Ethernet
5541c88977e63215e74b7517fb33cb27e5a04f17David Herrmann interfaces showing up are automatically added to a bridge,
5541c88977e63215e74b7517fb33cb27e5a04f17David Herrmann or similar. It supports link-sensing and more.
9b361114f568e839784a3aeba5c1df5a95e86832Daniel Mack * A new tool "systemd-socket-proxyd" has been added which can
9b361114f568e839784a3aeba5c1df5a95e86832Daniel Mack act as a bidirectional proxy for TCP sockets. This is
9b361114f568e839784a3aeba5c1df5a95e86832Daniel Mack useful for adding socket activation support to services that
9b361114f568e839784a3aeba5c1df5a95e86832Daniel Mack do not actually support socket activation, including virtual
9b361114f568e839784a3aeba5c1df5a95e86832Daniel Mack machines and the like.
9b361114f568e839784a3aeba5c1df5a95e86832Daniel Mack * Add a new tool to save/restore rfkill state on
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann * Save/restore state of keyboard backlights in addition to
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann display backlights on shutdown/boot.
5541c88977e63215e74b7517fb33cb27e5a04f17David Herrmann * udev learned a new SECLABEL{} construct to label device
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann nodes with a specific security label when they appear. For
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann now, only SECLABEL{selinux} is supported, but the syntax is
2d1ca11270e66777c90a449096203afebc37ec9cDavid Herrmann prepared for additional security frameworks.
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann * udev gained a new scheme to configure link-level attributes
2d1ca11270e66777c90a449096203afebc37ec9cDavid Herrmann from files in /etc/systemd/network/*.link. These files can
0db83ad7334809a6605501e24bad55f3b652c072David Herrmann match against MAC address, device path, driver name and type,
0f0467e63b0e0688ae9edb1512c1a2637d62ddb4Martin Pitt and will apply attributes like the naming policy, link speed,
0f0467e63b0e0688ae9edb1512c1a2637d62ddb4Martin Pitt MTU, duplex settings, Wake-on-LAN settings, MAC address, MAC
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering address assignment policy (randomized, ...).
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering * The configuration of network interface naming rules for
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering "permanent interface names" has changed: a new NamePolicy=
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering setting in the [Link] section of .link files determines the
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering priority of possible naming schemes (onboard, slot, mac,
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering path). The default value of this setting is determined by
0aee49d5fba2b2ec94e5c069d937004858a04b4fThomas Hindoe Paaboel Andersen /usr/lib/net/links/99-default.link. Old
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering 80-net-name-slot.rules udev configuration file has been
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering removed, so local configuration overriding this file should
5f92d24fa85d6652c4754e3b3b2a3393026bd0b9Kay Sievers be adapated to override 99-default.link instead.
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering * When the User= switch is used in a unit file, also
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering initialize $SHELL= based on the user database entry.
c65514649680e5d5ee6a118db6e5b20438cb1710Ronny Chevalier * systemd no longer depends on libdbus. All communication is
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering now done with sd-bus, systemd's low-level bus library
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering implementation.
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering * kdbus support has been added to PID 1 itself. When kdbus is
0aee49d5fba2b2ec94e5c069d937004858a04b4fThomas Hindoe Paaboel Andersen enabled, this causes PID 1 to set up the system bus and
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering enable support for a new ".busname" unit type that
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering encapsulates bus name activation on kdbus. It works a little
0f0467e63b0e0688ae9edb1512c1a2637d62ddb4Martin Pitt bit like ".socket" units, except for bus names. A new
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering generator has been added that converts classic dbus1 service
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering activation files automatically into native systemd .busname
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering and .service units.
0aee49d5fba2b2ec94e5c069d937004858a04b4fThomas Hindoe Paaboel Andersen * sd-bus: add a light-weight vtable implementation that allows
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering defining objects on the bus with a simple static const
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering vtable array of its methods, signals and properties.
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering * systemd will not generate or install static dbus
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering introspection data anymore to /usr/share/dbus-1/interfaces,
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering as the precise format of these files is unclear, and
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering nothing makes use of it.
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering * A proxy daemon is now provided to proxy clients connecting
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering via classic D-Bus AF_UNIX sockets to kdbus, to provide full
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering compatibility with classic D-Bus.
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering * A bus driver implementation has been added that supports the
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering classic D-Bus bus driver calls on kdbus, also for
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering compatibility purposes.
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering * A new API "sd-event.h" has been added that implements a
0aee49d5fba2b2ec94e5c069d937004858a04b4fThomas Hindoe Paaboel Andersen minimal event loop API built around epoll. It provides a
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering couple of features that direct epoll usage is lacking:
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering prioritization of events, scales to large numbers of timer
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering events, per-event timer slack (accuracy), system-wide
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering coalescing of timer events, exit handlers, watchdog
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering supervision support using systemd's sd_notify() API, child
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering process handling.
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering * A new API "sd-rntl.h" has been added that provides an API
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering around the route netlink interface of the kernel, similar in
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering * A new API "sd-dhcp-client.h" has been added that provides a
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering small DHCPv4 client-side implementation. This is used by
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering "systemd-networkd".
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering * There is a new kernel command line option
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering "systemd.restore_state=0|1". When set to "0", none of the
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering systemd tools will restore saved runtime state to hardware
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering devices. More specifically, the rfkill and backlight states
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering are not restored.
b912e251812bb65bed1d545d9748f5b0918f1559Lennart Poettering * The FsckPassNo= compatibility option in mount/service units
b912e251812bb65bed1d545d9748f5b0918f1559Lennart Poettering has been removed. The fstab generator will now add the
b912e251812bb65bed1d545d9748f5b0918f1559Lennart Poettering necessary dependencies automatically, and does not require
b912e251812bb65bed1d545d9748f5b0918f1559Lennart Poettering PID1's support for that anymore.
470e72d4081c7d0fd74666b7a45358d5ee2abee1Lennart Poettering * journalctl gained a new switch, --list-boots, that lists
b912e251812bb65bed1d545d9748f5b0918f1559Lennart Poettering recent boots with their times and boot IDs.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * The various tools like systemctl, loginctl, timedatectl,
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering busctl, systemd-run, ... have gained a new switch "-M" to
f7a73a2558bceffd983eb7642680e718cd981122David Herrmann connect to a specific, local OS container (as direct
f7a73a2558bceffd983eb7642680e718cd981122David Herrmann connection, without requiring SSH). This works on any
f7a73a2558bceffd983eb7642680e718cd981122David Herrmann container that is registered with machined, such as those
f7a73a2558bceffd983eb7642680e718cd981122David Herrmann created by libvirt-lxc or nspawn.
f7a73a2558bceffd983eb7642680e718cd981122David Herrmann * systemd-run and systemd-analyze also gained support for "-H"
f7a73a2558bceffd983eb7642680e718cd981122David Herrmann to connect to remote hosts via SSH. This is particularly
f7a73a2558bceffd983eb7642680e718cd981122David Herrmann useful for systemd-run because it enables queuing of jobs
f7a73a2558bceffd983eb7642680e718cd981122David Herrmann onto remote systems.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * machinectl gained a new command "login" to open a getty
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering login in any local container. This works with any container
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering that is registered with machined (such as those created by
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering libvirt-lxc or nspawn), and which runs systemd inside.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * machinectl gained a new "reboot" command that may be used to
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering trigger a reboot on a specific container that is registered
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering with machined. This works on any container that runs an init
29d1fcb4a3c921a3d4490353474e9775f7b13b0eZbigniew Jędrzejewski-Szmek system of some kind.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * systemctl gained a new "list-timers" command to print a nice
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering listing of installed timer units with the times they elapse
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * Alternative reboot() parameters may now be specified on the
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering "systemctl reboot" command line and are passed to the
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering reboot() system call.
29d1fcb4a3c921a3d4490353474e9775f7b13b0eZbigniew Jędrzejewski-Szmek * systemctl gained a new --job-mode= switch to configure the
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering mode to queue a job with. This is a more generic version of
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering --fail, --irreversible, and --ignore-dependencies, which are
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering still available but not advertised anymore.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * /etc/systemd/system.conf gained new settings to configure
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering various default timeouts of units, as well as the default
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering start limit interval and burst. These may still be overridden
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering within each Unit.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * PID1 will now export on the bus profile data of the security
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering policy upload process (such as the SELinux policy upload to
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * journald: when forwarding logs to the console, include
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering timestamps (following the setting in
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * OnCalendar= in timer units now understands the special
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering strings "yearly" and "annually". (Both are equivalent)
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * The accuracy of timer units is now configurable with the new
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering AccuracySec= setting. It defaults to 1min.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * A new dependency type JoinsNamespaceOf= has been added that
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering allows running two services within the same /tmp and network
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering namespace, if PrivateNetwork= or PrivateTmp= are used.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * A new command "cat" has been added to systemctl. It outputs
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering the original unit file of a unit, and concatenates the
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering contents of additional "drop-in" unit file snippets, so that
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering the full configuration is shown.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * systemctl now supports globbing on the various "list-xyz"
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering commands, like "list-units" or "list-sockets", as well as on
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering those commands which take multiple unit names.
1579dd2c9b8f97e5ec4016d3928d73fea160e55aLennart Poettering * journalctl's --unit= switch gained support for globbing.
1579dd2c9b8f97e5ec4016d3928d73fea160e55aLennart Poettering * All systemd daemons now make use of the watchdog logic so
1579dd2c9b8f97e5ec4016d3928d73fea160e55aLennart Poettering that systemd automatically notices when they hang.
1579dd2c9b8f97e5ec4016d3928d73fea160e55aLennart Poettering * If the $container_ttys environment variable is set,
1579dd2c9b8f97e5ec4016d3928d73fea160e55aLennart Poettering getty-generator will automatically spawn a getty for each
1579dd2c9b8f97e5ec4016d3928d73fea160e55aLennart Poettering listed tty. This is useful for container managers to request
1579dd2c9b8f97e5ec4016d3928d73fea160e55aLennart Poettering login gettys to be spawned on as many ttys as needed.
1579dd2c9b8f97e5ec4016d3928d73fea160e55aLennart Poettering * %h, %s, %U specifier support is not available anymore when
1579dd2c9b8f97e5ec4016d3928d73fea160e55aLennart Poettering used in unit files for PID 1. This is because NSS calls are
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering not safe from PID 1. They stay available for --user
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering instances of systemd, and as special case for the root user.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * loginctl gained a new "--no-legend" switch to turn off output
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering of the legend text.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * The "sd-login.h" API gained three new calls:
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering sd_session_is_remote(), sd_session_get_remote_user(),
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering sd_session_get_remote_host() to query information about
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering remote sessions.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * The udev hardware database now also carries vendor/product
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering information of SDIO devices.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * The "sd-daemon.h" API gained a new sd_watchdog_enabled() to
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering determine whether watchdog notifications are requested by
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering the system manager.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * Socket-activated per-connection services now include a
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering short description of the connection parameters in the
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * tmpfiles gained a new "--boot" option. When this is not used,
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering only lines where the command character is not suffixed with
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering "!" are executed. When this option is specified, those
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering options are executed too. This partitions tmpfiles
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering directives into those that can be safely executed at any
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering time, and those which should be run only at boot (for
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering example, a line that creates /run/nologin).
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * A new API "sd-resolve.h" has been added which provides a simple
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering asynchronous wrapper around glibc NSS host name resolution
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering calls, such as getaddrinfo(). In contrast to glibc's
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering getaddrinfo_a(), it does not use signals. In contrast to most
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering other asynchronous name resolution libraries, this one does
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering not reimplement DNS, but reuses NSS, so that alternate
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering host name resolution systems continue to work, such as mDNS,
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering LDAP, etc. This API is based on libasyncns, but it has been
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering cleaned up for inclusion in systemd.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * The APIs "sd-journal.h", "sd-login.h", "sd-id128.h",
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering "sd-daemon.h" are no longer found in individual libraries
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering libsystemd-journal.so, libsystemd-login.so,
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering libsystemd-id128.so, libsystemd-daemon.so. Instead, we have
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering merged them into a single library, libsystemd.so, which
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering provides all symbols. The reason for this is cyclic
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering dependencies, as these libraries tend to use each other's
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering symbols. So far, we have managed to workaround that by linking
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering a copy of a good part of our code into each of these
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering libraries again and again, which, however, makes certain
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering things hard to do, like sharing static variables. Also, it
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering substantially increases footprint. With this change, there
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering is only one library for the basic APIs systemd
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering provides. Also, "sd-bus.h", "sd-memfd.h", "sd-event.h",
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering "sd-rtnl.h", "sd-resolve.h", "sd-utf8.h" are found in this
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering library as well, however are subject to the --enable-kdbus
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering switch (see below). Note that "sd-dhcp-client.h" is not part
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering of this library (this is because it only consumes, never
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering provides, services of/to other APIs). To make the transition
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering easy from the separate libraries to the unified one, we
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering provide the --enable-compat-libs compile-time switch which
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering will generate stub libraries that are compatible with the
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering old ones but redirect all calls to the new one.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * All of the kdbus logic and the new APIs "sd-bus.h",
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering "sd-memfd.h", "sd-event.h", "sd-rtnl.h", "sd-resolve.h",
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering and "sd-utf8.h" are compile-time optional via the
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering "--enable-kdbus" switch, and they are not compiled in by
1a2d5fbe7efa04181a2d5518bc510b84b280baf9David Herrmann default. To make use of kdbus, you have to explicitly enable
1a2d5fbe7efa04181a2d5518bc510b84b280baf9David Herrmann the switch. Note however, that neither the kernel nor the
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering userspace API for all of this is considered stable yet. We
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering want to maintain the freedom to still change the APIs for
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering now. By specifying this build-time switch, you acknowledge
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering that you are aware of the instability of the current
1a2d5fbe7efa04181a2d5518bc510b84b280baf9David Herrmann * Also, note that while kdbus is pretty much complete,
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering it lacks one thing: proper policy support. This means you
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering can build a fully working system with all features; however,
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering it will be highly insecure. Policy support will be added in
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering one of the next releases, at the same time that we will
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering declare the APIs stable.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * When the kernel command-line argument "kdbus" is specified,
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering systemd will automatically load the kdbus.ko kernel module. At
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering this stage of development, it is only useful for testing kdbus
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering and should not be used in production. Note: if "--enable-kdbus"
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering is specified, and the kdbus.ko kernel module is available, and
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering "kdbus" is added to the kernel command line, the entire system
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering runs with kdbus instead of dbus-daemon, with the above mentioned
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering problem of missing the system policy enforcement. Also a future
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering version of kdbus.ko or a newer systemd will not be compatible with
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering each other, and will unlikely be able to boot the machine if only
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering one of them is updated.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * systemctl gained a new "import-environment" command which
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering uploads the caller's environment (or parts thereof) into the
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering service manager so that it is inherited by services started
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering by the manager. This is useful to upload variables like
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering $DISPLAY into the user service manager.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * A new PrivateDevices= switch has been added to service units
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering which allows running a service with a namespaced /dev
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering directory that does not contain any device nodes for
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering physical devices. More specifically, it only includes devices
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering such as /dev/null, /dev/urandom, and /dev/zero which are API
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * logind has been extended to support behaviour like VT
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering switching on seats that do not support a VT. This makes
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering multi-session available on seats that are not the first seat
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering (seat0), and on systems where kernel support for VTs has
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering been disabled at compile-time.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * If a process holds a delay lock for system sleep or shutdown
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering and fails to release it in time, we will now log its
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering identity. This makes it easier to identify processes that
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering cause slow suspends or power-offs.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * When parsing /etc/crypttab, support for a new key-slot=
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering option as supported by Debian is added. It allows indicating
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering which LUKS slot to use on disk, speeding up key loading.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * The sd_journald_sendv() API call has been checked and
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering officially declared to be async-signal-safe so that it may
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering be invoked from signal handlers for logging purposes.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * Boot-time status output is now enabled automatically after a
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering short timeout if boot does not progress, in order to give
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering the user an indication what she or he is waiting for.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * The boot-time output has been improved to show how much time
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering remains until jobs expire.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * The KillMode= switch in service units gained a new possible
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering value "mixed". If set, and the unit is shut down, then the
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering initial SIGTERM signal is sent only to the main daemon
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering process, while the following SIGKILL signal is sent to
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering all remaining processes of the service.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * When a scope unit is registered, a new property "Controller"
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering may be set. If set to a valid bus name, systemd will send a
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering RequestStop() signal to this name when it would like to shut
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering down the scope. This may be used to hook manager logic into
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering the shutdown logic of scope units. Also, scope units may now
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering be put in a special "abandoned" state, in which case the
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering manager process which created them takes no further
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering responsibilities for it.
481a0aa2c9803a62cda413b8a1d05571957bb4b5Lennart Poettering * When reading unit files, systemd will now verify
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering the access mode of these files, and warn about certain
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering suspicious combinations. This has been added to make it
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering easier to track down packaging bugs where unit files are
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering marked executable or world-writable.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-nspawn gained a new "--setenv=" switch to set
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering container-wide environment variables. The similar option in
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering systemd-activate was renamed from "--environment=" to
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering "--setenv=" for consistency.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-nspawn has been updated to create a new kdbus domain
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering for each container that is invoked, thus allowing each
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering container to have its own set of system and user buses,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering independent of the host.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-nspawn gained a new --drop-capability= switch to run
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering the container with less capabilities than the default. Both
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering --drop-capability= and --capability= now take the special
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering string "all" for dropping or keeping all capabilities.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-nspawn gained new switches for executing containers
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering with specific SELinux labels set.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-nspawn gained a new --quiet switch to not generate
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering any additional output but the container's own console
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-nspawn gained a new --share-system switch to run a
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering container without PID namespacing enabled.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-nspawn gained a new --register= switch to control
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering whether the container is registered with systemd-machined or
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering not. This is useful for containers that do not run full
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering OS images, but only specific apps.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-nspawn gained a new --keep-unit which may be used
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering when invoked as the only program from a service unit, and
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering results in registration of the unit service itself in
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering systemd-machined, instead of a newly opened scope unit.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-nspawn gained a new --network-interface= switch for
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering moving arbitrary interfaces to the container. The new
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering --network-veth switch creates a virtual Ethernet connection
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering between host and container. The new --network-bridge=
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering switch then allows assigning the host side of this virtual
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Ethernet connection to a bridge device.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-nspawn gained a new --personality= switch for
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering setting the kernel personality for the container. This is
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering useful when running a 32-bit container on a 64-bit host. A
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering similar option Personality= is now also available for service
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * logind will now also track a "Desktop" identifier for each
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering session which encodes the desktop environment of it. This is
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering useful for desktop environments that want to identify
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering multiple running sessions of itself easily.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * A new SELinuxContext= setting for service units has been
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering added that allows setting a specific SELinux execution
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering context for a service.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * Most systemd client tools will now honour $SYSTEMD_LESS for
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering settings of the "less" pager. By default, these tools will
94e5ba370aa12b47571f08112986d0b91935dee9Torstein Husebø override $LESS to allow certain operations to work, such as
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering jump-to-the-end. With $SYSTEMD_LESS, it is possible to
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering influence this logic.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd's "seccomp" hook-up has been changed to make use of
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering the libseccomp library instead of using its own
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering implementation. This has benefits for portability among
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * For usage together with SystemCallFilter=, a new
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering SystemCallErrorNumber= setting has been introduced that
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering allows configuration of a system error number to be returned
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering on filtered system calls, instead of immediately killing the
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering process. Also, SystemCallArchitectures= has been added to
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering limit access to system calls of a particular architecture
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering (in order to turn off support for unused secondary
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering architectures). There is also a global
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering SystemCallArchitectures= setting in system.conf now to turn
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering off support for non-native system calls system-wide.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd requires a kernel with a working name_to_handle_at(),
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering please see the kernel config requirements in the README file.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Contributions from: Adam Williamson, Alex Jia, Anatol Pomozov,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Ansgar Burchardt, AppleBloom, Auke Kok, Bastien Nocera,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Chengwei Yang, Christian Seiler, Colin Guthrie, Colin Walters,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Cristian Rodríguez, Daniel Buch, Daniele Medri, Daniel J
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Walsh, Daniel Mack, Dan McGee, Dave Reisner, David Coppa,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering David Herrmann, David Strauss, Djalal Harouni, Dmitry Pisklov,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Elia Pinto, Florian Weimer, George McCollister, Goffredo
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Baroncelli, Greg Kroah-Hartman, Hendrik Brueckner, Igor
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Zhbanov, Jan Engelhardt, Jan Janssen, Jason A. Donenfeld,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Jason St. John, Jasper St. Pierre, Jóhann B. Guðmundsson, Jose
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Ignacio Naranjo, Karel Zak, Kay Sievers, Kristian Høgsberg,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Lennart Poettering, Lubomir Rintel, Lukas Nykryn, Lukasz
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Skalski, Łukasz Stelmach, Luke Shumaker, Mantas Mikulėnas,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Marc-Antoine Perennou, Marcel Holtmann, Marcos Felipe Rasia de
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Mello, Marko Myllynen, Martin Pitt, Matthew Monaco, Michael
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Marineau, Michael Scherer, Michał Górny, Michal Sekletar,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Michele Curti, Oleksii Shevchuk, Olivier Brunel, Patrik Flykt,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Pavel Holica, Raudi, Richard Marko, Ronny Chevalier, Sébastien
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Luttringer, Sergey Ptashnick, Shawn Landden, Simon Peeters,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Stefan Beller, Susant Sahani, Sylvain Plantefeve, Sylvia Else,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Tero Roponen, Thomas Bächler, Thomas Hindoe Paaboel Andersen,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Tom Gundersen, Umut Tezduyar Lindskog, Unai Uribarri, Václav
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Pavlín, Vincent Batts, WaLyong Cho, William Giokas, Yang
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Zhiyong, Yin Kangkai, Yuxuan Shui, Zbigniew Jędrzejewski-Szmek
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering -- Berlin, 2014-02-20
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart PoetteringCHANGES WITH 208:
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * logind has gained support for facilitating privileged input
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering and drm device access for unprivileged clients. This work is
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering useful to allow Wayland display servers (and similar
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering programs, such as kmscon) to run under the user's ID and
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering access input and drm devices which are normally
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering protected. When this is used (and the kernel is new enough)
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering logind will "mute" IO on the file descriptors passed to
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Wayland as long as it is in the background and "unmute" it
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering if it returns into the foreground. This allows secure
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering session switching without allowing background sessions to
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering eavesdrop on input and display data. This also introduces
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering session switching support if VT support is turned off in the
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering kernel, and on seats that are not seat0.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * A new kernel command line option luks.options= is understood
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering now which allows specifiying LUKS options for usage for LUKS
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering encrypted partitions specified with luks.uuid=.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * tmpfiles.d(5) snippets may now use specifier expansion in
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering path names. More specifically %m, %b, %H, %v, are now
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering replaced by the local machine id, boot id, hostname, and
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering kernel version number.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * A new tmpfiles.d(5) command "m" has been introduced which
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering may be used to change the owner/group/access mode of a file
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering or directory if it exists, but do nothing if it does not.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * This release removes high-level support for the
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering MemorySoftLimit= cgroup setting. The underlying kernel
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering cgroup attribute memory.soft_limit= is currently badly
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering designed and likely to be removed from the kernel API in its
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering current form, hence we should not expose it for now.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * The memory.use_hierarchy cgroup attribute is now enabled for
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering all cgroups systemd creates in the memory cgroup
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering hierarchy. This option is likely to be come the built-in
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering default in the kernel anyway, and the non-hierarchial mode
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering never made much sense in the intrinsically hierarchial
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering cgroup system.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * A new field _SYSTEMD_SLICE= is logged along with all journal
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering messages containing the slice a message was generated
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering from. This is useful to allow easy per-customer filtering of
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering logs among other things.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-journald will no longer adjust the group of journal
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering files it creates to the "systemd-journal" group. Instead we
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering rely on the journal directory to be owned by the
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering "systemd-journal" group, and its setgid bit set, so that the
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering kernel file system layer will automatically enforce that
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering journal files inherit this group assignment. The reason for
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering this change is that we cannot allow NSS look-ups from
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering journald which would be necessary to resolve
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering "systemd-journal" to a numeric GID, because this might
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering create deadlocks if NSS involves synchronous queries to
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering other daemons (such as nscd, or sssd) which in turn are
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering logging clients of journald and might block on it, which
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering would then dead lock. A tmpfiles.d(5) snippet included in
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering systemd will make sure the setgid bit and group are
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering properly set on the journal directory if it exists on every
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering boot. However, we recommend adjusting it manually after
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering upgrades too (or from RPM scriptlets), so that the change is
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering not delayed until next reboot.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * Backlight and random seed files in /var/lib/ have moved into
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering the /var/lib/systemd/ directory, in order to centralize all
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering systemd generated files in one directory.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * Boot time performance measurements (as displayed by
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering "systemd-analyze" for example) will now read ACPI 5.0 FPDT
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering performance information if that's available to determine how
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering much time BIOS and boot loader initialization required. With
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering a sufficiently new BIOS you hence no longer need to boot
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering with Gummiboot to get access to such information.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Contributions from: Andrey Borzenkov, Chen Jie, Colin Walters,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Cristian Rodríguez, Dave Reisner, David Herrmann, David
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Mackey, David Strauss, Eelco Dolstra, Evan Callicoat, Gao
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering feng, Harald Hoyer, Jimmie Tauriainen, Kay Sievers, Lennart
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Poettering, Lukas Nykryn, Mantas Mikulėnas, Martin Pitt,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Michael Scherer, Michał Górny, Mike Gilbert, Patrick McCarty,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Sebastian Ott, Tom Gundersen, Zbigniew Jędrzejewski-Szmek
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering -- Berlin, 2013-10-02
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart PoetteringCHANGES WITH 207:
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * The Restart= option for services now understands a new
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering on-watchdog setting, which will restart the service
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering automatically if the service stops sending out watchdog keep
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering alive messages (as configured with WatchdogSec=).
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * The getty generator (which is responsible for bringing up a
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering getty on configured serial consoles) will no longer only
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering start a getty on the primary kernel console but on all
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering others, too. This makes the order in which console= is
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering specified on the kernel command line less important.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * libsystemd-logind gained a new sd_session_get_vt() call to
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering retrieve the VT number of a session.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * If the option "tries=0" is set for an entry of /etc/crypttab
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering its passphrase is queried indefinitely instead of any
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering maximum number of tries.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * If a service with a configure PID file terminates its PID
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering file will now be removed automatically if it still exists
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering afterwards. This should put an end to stale PID files.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-run will now also take relative binary path names
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering for execution and no longer insists on absolute paths.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * InaccessibleDirectories= and ReadOnlyDirectories= now take
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering paths that are optionally prefixed with "-" to indicate that
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering it should not be considered a failure if they do not exist.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * journalctl -o (and similar commands) now understands a new
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering output mode "short-precise", it is similar to "short" but
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering shows timestamps with usec accuracy.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * The option "discard" (as known from Debian) is now
7edecf218e5884ec8d1549707b4c7a0572c2d93bThomas Hindoe Paaboel Andersen synonymous to "allow-discards" in /etc/crypttab. In fact,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering "discard" is preferred now (since it is easier to remember
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * Some licensing clean-ups were made, so that more code is now
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering LGPL-2.1 licensed than before.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * A minimal tool to save/restore the display backlight
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering brightness across reboots has been added. It will store the
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering backlight setting as late as possible at shutdown, and
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering restore it as early as possible during reboot.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * A logic to automatically discover and enable home and swap
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering partitions on GPT disks has been added. With this in place
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering /etc/fstab becomes optional for many setups as systemd can
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering discover certain partitions located on the root disk
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering automatically. Home partitions are recognized under their
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering GPT type ID 933ac7e12eb44f13b8440e14e2aef915. Swap
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering partitions are recognized under their GPT type ID
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering 0657fd6da4ab43c484e50933c84b4f4f.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd will no longer pass any environment from the kernel
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering or initrd to system services. If you want to set an
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering environment for all services, do so via the kernel command
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering line systemd.setenv= assignment.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * The systemd-sysctl tool no longer natively reads the file
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering /etc/sysctl.conf. If desired, the file should be symlinked
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering from /etc/sysctl.d/99-sysctl.conf. Apart from providing
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering legacy support by a symlink rather than built-in code, it
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering also makes the otherwise hidden order of application of the
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering different files visible. (Note that this partly reverts to a
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering pre-198 application order of sysctl knobs!)
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * The "systemctl set-log-level" and "systemctl dump" commands
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering have been moved to systemd-analyze.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * systemd-run learned the new --remain-after-exit switch,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering which causes the scope unit not to be cleaned up
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering automatically after the process terminated.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * tmpfiles learned a new --exclude-prefix= switch to exclude
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering certain paths from operation.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering * journald will now automatically flush all messages to disk
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering as soon as a message of the log priorities CRIT, ALERT or
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering EMERG is received.
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Contributions from: Andrew Cook, Brandon Philips, Christian
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Hesse, Christoph Junghans, Colin Walters, Daniel Schaal,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Daniel Wallace, Dave Reisner, David Herrmann, Gao feng, George
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering McCollister, Giovanni Campagna, Hannes Reinecke, Harald Hoyer,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Herczeg Zsolt, Holger Hans Peter Freyther, Jan Engelhardt,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Jesper Larsen, Kay Sievers, Khem Raj, Lennart Poettering,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Lukas Nykryn, Maciej Wereski, Mantas Mikulėnas, Marcel
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Holtmann, Martin Pitt, Michael Biebl, Michael Marineau,
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Michael Scherer, Michael Stapelberg, Michal Sekletar, Michał
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Górny, Olivier Brunel, Ondrej Balaz, Ronny Chevalier, Shawn
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Landden, Steven Hiscocks, Thomas Bächler, Thomas Hindoe
615aaf412c441e67c7cad2e5ae966b03fca1fae7Lennart Poettering Paaboel Andersen, Tom Gundersen, Umut Tezduyar, WANG Chao,
11ea2781eea4b912d2feb26785ece475e504c57bLennart Poettering William Giokas, Zbigniew Jędrzejewski-Szmek
d2c643c662e2cb3b6d1445c17c80b4b2998d5c61Lennart Poettering -- Berlin, 2013-09-13
d2c643c662e2cb3b6d1445c17c80b4b2998d5c61Lennart PoetteringCHANGES WITH 206:
d2c643c662e2cb3b6d1445c17c80b4b2998d5c61Lennart Poettering * The documentation has been updated to cover the various new
d2c643c662e2cb3b6d1445c17c80b4b2998d5c61Lennart Poettering concepts introduced with 205.
d2c643c662e2cb3b6d1445c17c80b4b2998d5c61Lennart Poettering * Unit files now understand the new %v specifier which
d2c643c662e2cb3b6d1445c17c80b4b2998d5c61Lennart Poettering resolves to the kernel version string as returned by "uname
d2c643c662e2cb3b6d1445c17c80b4b2998d5c61Lennart Poettering * systemctl now supports filtering the unit list output by
d2c643c662e2cb3b6d1445c17c80b4b2998d5c61Lennart Poettering load state, active state and sub state, using the new
11ea2781eea4b912d2feb26785ece475e504c57bLennart Poettering --state= parameter.
11ea2781eea4b912d2feb26785ece475e504c57bLennart Poettering * "systemctl status" will now show the results of the
11ea2781eea4b912d2feb26785ece475e504c57bLennart Poettering condition checks (like ConditionPathExists= and similar) of
11ea2781eea4b912d2feb26785ece475e504c57bLennart Poettering the last start attempts of the unit. They are also logged to
d2c643c662e2cb3b6d1445c17c80b4b2998d5c61Lennart Poettering * "journalctl -b" may now be used to look for boot output of a
d2c643c662e2cb3b6d1445c17c80b4b2998d5c61Lennart Poettering specific boot. Try "journalctl -b -1" for the previous boot,
11ea2781eea4b912d2feb26785ece475e504c57bLennart Poettering but the syntax is substantially more powerful.
11ea2781eea4b912d2feb26785ece475e504c57bLennart Poettering * "journalctl --show-cursor" has been added which prints the
d4f5a1f47dbd04f26f2ddf951c97c4cb0ebbbe62David Herrmann cursor string the last shown log line. This may then be used
d4f5a1f47dbd04f26f2ddf951c97c4cb0ebbbe62David Herrmann with the new "journalctl --after-cursor=" switch to continue
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering browsing logs from that point on.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * "journalctl --force" may now be used to force regeneration
c7683ffb53da4ad4334cc9f813e39cffed7e0d0bEvgeny Vereshchagin of an FSS key.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * Creation of "dead" device nodes has been moved from udev
b938cb902c3b5bca807a94b277672c64d6767886Jan Engelhardt into kmod and tmpfiles. Previously, udev would read the kmod
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering databases to pre-generate dead device nodes based on meta
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering information contained in kernel modules, so that these would
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering be auto-loaded on access rather then at boot. As this
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering does not really have much to do with the exposing actual
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering kernel devices to userspace this has always been slightly
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering alien in the udev codebase. Following the new scheme kmod
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering will now generate a runtime snippet for tmpfiles from the
b938cb902c3b5bca807a94b277672c64d6767886Jan Engelhardt module meta information and it now is tmpfiles' job to the
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering create the nodes. This also allows overriding access and
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering other parameters for the nodes using the usual tmpfiles
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering facilities. As side effect this allows us to remove the
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering CAP_SYS_MKNOD capability bit from udevd entirely.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * logind's device ACLs may now be applied to these "dead"
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering devices nodes too, thus finally allowing managed access to
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering devices such as /dev/snd/sequencer whithout loading the
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering backing module right-away.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * A new RPM macro has been added that may be used to apply
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering tmpfiles configuration during package installation.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * systemd-detect-virt and ConditionVirtualization= now can
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering detect User-Mode-Linux machines (UML).
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * journald will now implicitly log the effective capabilities
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering set of processes in the message metadata.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * systemd-cryptsetup has gained support for TrueCrypt volumes.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * The initrd interface has been simplified (more specifically,
122676c9d9737f8591429fd5ffc9b454a994741dLennart Poettering support for passing performance data via environment
b938cb902c3b5bca807a94b277672c64d6767886Jan Engelhardt variables and fsck results via files in /run has been
122676c9d9737f8591429fd5ffc9b454a994741dLennart Poettering removed). These features were non-essential, and are
122676c9d9737f8591429fd5ffc9b454a994741dLennart Poettering nowadays available in a much nicer way by having systemd in
122676c9d9737f8591429fd5ffc9b454a994741dLennart Poettering the initrd serialize its state and have the hosts systemd
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering deserialize it again.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * The udev "keymap" data files and tools to apply keyboard
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering specific mappings of scan to key codes, and force-release
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering scan code lists have been entirely replaced by a udev
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering "keyboard" builtin and a hwdb data file.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * systemd will now honour the kernel's "quiet" command line
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering argument also during late shutdown, resulting in a
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering completely silent shutdown when used.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * There's now an option to control the SO_REUSEPORT socket
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering option in .socket units.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * Instance units will now automatically get a per-template
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering subslice of system.slice unless something else is explicitly
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering configured. For example, instances of sshd@.service will now
a8eaaee72a2f06e0fb64fb71de3b71ecba31dafbJan Engelhardt implicitly be placed in system-sshd.slice rather than
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * Test coverage support may now be enabled at build time.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering Contributions from: Dave Reisner, Frederic Crozat, Harald
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering Hoyer, Holger Hans Peter Freyther, Jan Engelhardt, Jan
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering Janssen, Jason St. John, Jesper Larsen, Kay Sievers, Lennart
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering Poettering, Lukas Nykryn, Maciej Wereski, Martin Pitt, Michael
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering Olbrich, Ramkumar Ramachandra, Ross Lagerwall, Shawn Landden,
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering Thomas H.P. Andersen, Tom Gundersen, Tomasz Torcz, William
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering Giokas, Zbigniew Jędrzejewski-Szmek
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering -- Berlin, 2013-07-23
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart PoetteringCHANGES WITH 205:
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * Two new unit types have been introduced:
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering Scope units are very similar to service units, however, are
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering created out of pre-existing processes -- instead of PID 1
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering forking off the processes. By using scope units it is
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering possible for system services and applications to group their
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering own child processes (worker processes) in a powerful way
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering which then maybe used to organize them, or kill them
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering together, or apply resource limits on them.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering Slice units may be used to partition system resources in an
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering hierarchial fashion and then assign other units to them. By
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering default there are now three slices: system.slice (for all
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering system services), user.slice (for all user sessions),
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering machine.slice (for VMs and containers).
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering Slices and scopes have been introduced primarily in
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering context of the work to move cgroup handling to a
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering single-writer scheme, where only PID 1
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * There's a new concept of "transient" units. In contrast to
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering normal units these units are created via an API at runtime,
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering not from configuration from disk. More specifically this
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering means it is now possible to run arbitrary programs as
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering independent services, with all execution parameters passed
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering in via bus APIs rather than read from disk. Transient units
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering make systemd substantially more dynamic then it ever was,
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering and useful as a general batch manager.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * logind has been updated to make use of scope and slice units
d4f5a1f47dbd04f26f2ddf951c97c4cb0ebbbe62David Herrmann for managing user sessions. As a user logs in he will get
d4f5a1f47dbd04f26f2ddf951c97c4cb0ebbbe62David Herrmann his own private slice unit, to which all sessions are added
d4f5a1f47dbd04f26f2ddf951c97c4cb0ebbbe62David Herrmann as scope units. We also added support for automatically
d4f5a1f47dbd04f26f2ddf951c97c4cb0ebbbe62David Herrmann adding an instance of user@.service for the user into the
d4f5a1f47dbd04f26f2ddf951c97c4cb0ebbbe62David Herrmann slice. Effectively logind will no longer create cgroup
b938cb902c3b5bca807a94b277672c64d6767886Jan Engelhardt hierarchies on its own now, it will defer entirely to PID 1
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering for this by means of scope, service and slice units. Since
b938cb902c3b5bca807a94b277672c64d6767886Jan Engelhardt user sessions this way become entities managed by PID 1
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering the output of "systemctl" is now a lot more comprehensive.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * A new mini-daemon "systemd-machined" has been added which
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering may be used by virtualization managers to register local
17c29493dc5c4c3ca886adfdc632d297c5eb06ebRonny Chevalier VMs/containers. nspawn has been updated accordingly, and
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering libvirt will be updated shortly. machined will collect a bit
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering of meta information about the VMs/containers, and assign
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering them their own scope unit (see above). The collected
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering meta-data is then made available via the "machinectl" tool,
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering and exposed in "ps" and similar tools. machined/machinectl
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering is compile-time optional.
997b2b438c2d272e3bc8df6e4b42dba3b70cb056Josh Triplett * As discussed earlier, the low-level cgroup configuration
997b2b438c2d272e3bc8df6e4b42dba3b70cb056Josh Triplett options ControlGroup=, ControlGroupModify=,
997b2b438c2d272e3bc8df6e4b42dba3b70cb056Josh Triplett ControlGroupPersistent=, ControlGroupAttribute= have been
997b2b438c2d272e3bc8df6e4b42dba3b70cb056Josh Triplett removed. Please use high-level attribute settings instead as
997b2b438c2d272e3bc8df6e4b42dba3b70cb056Josh Triplett well as slice units.
997b2b438c2d272e3bc8df6e4b42dba3b70cb056Josh Triplett * A new bus call SetUnitProperties() has been added to alter
997b2b438c2d272e3bc8df6e4b42dba3b70cb056Josh Triplett various runtime parameters of a unit. This is primarily
997b2b438c2d272e3bc8df6e4b42dba3b70cb056Josh Triplett useful to alter cgroup parameters dynamically in a nice way,
997b2b438c2d272e3bc8df6e4b42dba3b70cb056Josh Triplett but will be extended later on to make more properties
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering modifiable at runtime. systemctl gained a new set-properties
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering command that wraps this call.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * A new tool "systemd-run" has been added which can be used to
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering run arbitrary command lines as transient services or scopes,
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering while configuring a number of settings via the command
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering line. This tool is currently very basic, however already
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering very useful. We plan to extend this tool to even allow
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering queuing of execution jobs with time triggers from the
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering command line, similar in fashion to "at".
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * nspawn will now inform the user explicitly that kernels with
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering audit enabled break containers, and suggest the user to turn
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * Support for detecting the IMA and AppArmor security
a8eaaee72a2f06e0fb64fb71de3b71ecba31dafbJan Engelhardt frameworks with ConditionSecurity= has been added.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * journalctl gained a new "-k" switch for showing only kernel
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering messages, mimicking dmesg output; in addition to "--user"
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering and "--system" switches for showing only user's own logs
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering and system logs.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * systemd-delta can now show information about drop-in
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering snippets extending unit files.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * libsystemd-bus has been substantially updated but is still
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering not available as public API.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * systemd will now look for the "debug" argument on the kernel
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering command line and enable debug logging, similar to what
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering "systemd.log_level=debug" already did before.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * "systemctl set-default", "systemctl get-default" has been
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering added to configure the default.target symlink, which
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering controls what to boot into by default.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * "systemctl set-log-level" has been added as a convenient
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering way to raise and lower systemd logging threshold.
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering * "systemd-analyze plot" will now show the time the various
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering generators needed for execution, as well as information
13e92f3966552091085982f4ebdeb38721f04a30Lennart Poettering about the unit file loading.
13e92f3966552091085982f4ebdeb38721f04a30Lennart Poettering * libsystemd-journal gained a new sd_journal_open_files() call
13e92f3966552091085982f4ebdeb38721f04a30Lennart Poettering for opening specific journal files. journactl also gained a
13e92f3966552091085982f4ebdeb38721f04a30Lennart Poettering new switch to expose this new functionality. Previously we
13e92f3966552091085982f4ebdeb38721f04a30Lennart Poettering only supported opening all files from a directory, or all
13e92f3966552091085982f4ebdeb38721f04a30Lennart Poettering files from the system, as opening individual files only is
13e92f3966552091085982f4ebdeb38721f04a30Lennart Poettering racy due to journal file rotation.
13e92f3966552091085982f4ebdeb38721f04a30Lennart Poettering * systemd gained the new DefaultEnvironment= setting in
13e92f3966552091085982f4ebdeb38721f04a30Lennart Poettering /etc/systemd/system.conf to set environment variables for
7da81d33c147f4d6397efa1fdd08ba0a40c9c457Lennart Poettering * If a privileged process logs a journal message with the
7da81d33c147f4d6397efa1fdd08ba0a40c9c457Lennart Poettering OBJECT_PID= field set, then journald will automatically
7da81d33c147f4d6397efa1fdd08ba0a40c9c457Lennart Poettering augment this with additional OBJECT_UID=, OBJECT_GID=,
7da81d33c147f4d6397efa1fdd08ba0a40c9c457Lennart Poettering OBJECT_COMM=, OBJECT_EXE=, ... fields. This is useful if
7da81d33c147f4d6397efa1fdd08ba0a40c9c457Lennart Poettering system services want to log events about specific client
13e92f3966552091085982f4ebdeb38721f04a30Lennart Poettering processes. journactl/systemctl has been updated to make use
13e92f3966552091085982f4ebdeb38721f04a30Lennart Poettering of this information if all log messages regarding a specific
f9e00a9f5870a9bcae2de8bf1cb3ce04703112e1Lennart Poettering unit is requested.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek Contributions from: Auke Kok, Chengwei Yang, Colin Walters,
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering Cristian Rodríguez, Daniel Albers, Daniel Wallace, Dave
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering Reisner, David Coppa, David King, David Strauss, Eelco
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering Dolstra, Gabriel de Perthuis, Harald Hoyer, Jan Alexander
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering Steffens, Jan Engelhardt, Jan Janssen, Jason St. John, Johan
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek Heikkilä, Karel Zak, Karol Lewandowski, Kay Sievers, Lennart
a65b82457735df2ef58736a55846f400124a8dc0Zbigniew Jędrzejewski-Szmek Poettering, Lukas Nykryn, Mantas Mikulėnas, Marius Vollmer,
a65b82457735df2ef58736a55846f400124a8dc0Zbigniew Jędrzejewski-Szmek Martin Pitt, Michael Biebl, Michael Olbrich, Michael Tremer,
a65b82457735df2ef58736a55846f400124a8dc0Zbigniew Jędrzejewski-Szmek Michal Schmidt, Michał Bartoszkiewicz, Nirbheek Chauhan,
a65b82457735df2ef58736a55846f400124a8dc0Zbigniew Jędrzejewski-Szmek Pierre Neidhardt, Ross Burton, Ross Lagerwall, Sean McGovern,
2a97b03b3b087e724867e7501ae0c1535ee35031Umut Tezduyar Lindskog Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar,
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek Václav Pavlín, Zachary Cook, Zbigniew Jędrzejewski-Szmek,
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek Łukasz Stelmach, 장동준
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart PoetteringCHANGES WITH 204:
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering * The Python bindings gained some minimal support for the APIs
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek exposed by libsystemd-logind.
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering * ConditionSecurity= gained support for detecting SMACK. Since
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek this condition already supports SELinux and AppArmor we only
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek miss IMA for this. Patches welcome!
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek Contributions from: Karol Lewandowski, Lennart Poettering,
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek Zbigniew Jędrzejewski-Szmek
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart PoetteringCHANGES WITH 203:
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering * systemd-nspawn will now create /etc/resolv.conf if
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering necessary, before bind-mounting the host's file onto it.
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering * systemd-nspawn will now store meta information about a
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering container on the container's cgroup as extended attribute
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering fields, including the root directory.
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering * The cgroup hierarchy has been reworked in many ways. All
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering objects any of the components systemd creates in the cgroup
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering tree are now suffixed. More specifically, user sessions are
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering now placed in cgroups suffixed with ".session", users in
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering cgroups suffixed with ".user", and nspawn containers in
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering cgroups suffixed with ".nspawn". Furthermore, all cgroup
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering names are now escaped in a simple scheme to avoid collision
4ffd29fda1a2621d8f1711ccaad723d327fef93aLennart Poettering of userspace object names with kernel filenames. This work
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek is preparation for making these objects relocatable in the
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek cgroup tree, in order to allow easy resource partitioning of
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek these objects without causing naming conflicts.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek * systemctl list-dependencies gained the new switches
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek --plain, --reverse, --after and --before.
81c7dd897c6af68e66b58e97abce676641edc197Lennart Poettering * systemd-inhibit now shows the process name of processes that
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek have taken an inhibitor lock.
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering * nss-myhostname will now also resolve "localhost"
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering implicitly. This makes /etc/hosts an optional file and
090771492f155cebe7075171530e96c1cd515d71Lennart Poettering nicely handles that on IPv6 ::1 maps to both "localhost" and
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek the local hostname.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek * libsystemd-logind.so gained a new call
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek sd_get_machine_names() to enumerate running containers and
ba8df74bb643c0f7c343fef78bba3661b0f9c31cKay Sievers VMs (currently only supported by very new libvirt and
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering nspawn). sd_login_monitor can now be used to watch
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek VMs/containers coming and going.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek * .include is not allowed recursively anymore, and only in
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek unit files. Usually it is better to use drop-in snippets in
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek .d/*.conf anyway, as introduced with systemd 198.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek * systemd-analyze gained a new "critical-chain" command that
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek determines the slowest chain of units run during system
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek boot-up. It is very useful for tracking down where
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering optimizing boot time is the most beneficial.
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering * systemd will no longer allow manipulating service paths in
f6d1de8547b1e957773f8b6764420579c8378aafRonny Chevalier the name=systemd:/system cgroup tree using ControlGroup= in
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek units. (But is still fine with it in all other dirs.)
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering * There's a new systemd-nspawn@.service service file that may
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering be used to easily run nspawn containers as system
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek services. With the container's root directory in
c4ac990007cd0069bb7e76ec15dd731320f382fdLennart Poettering /var/lib/container/foobar it is now sufficient to run
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek "systemctl start systemd-nspawn@foobar.service" to boot it.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek * systemd-cgls gained a new parameter "--machine" to list only
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek the processes within a certain container.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek * ConditionSecurity= now can check for "apparmor". We still
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek are lacking checks for SMACK and IMA for this condition
ba8df74bb643c0f7c343fef78bba3661b0f9c31cKay Sievers check though. Patches welcome!
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering * A new configuration file /etc/systemd/sleep.conf has been
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek added that may be used to configure which kernel operation
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt systemd is supposed to execute when "suspend", "hibernate"
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt or "hybrid-sleep" is requested. This makes the new kernel
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt "freeze" state accessible to the user.
ba8df74bb643c0f7c343fef78bba3661b0f9c31cKay Sievers * ENV{SYSTEMD_WANTS} in udev rules will now implicitly escape
ba8df74bb643c0f7c343fef78bba3661b0f9c31cKay Sievers the passed argument if applicable.
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt Contributions from: Auke Kok, Colin Guthrie, Colin Walters,
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt Cristian Rodríguez, Daniel Buch, Daniel Wallace, Dave Reisner,
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt Evangelos Foutras, Greg Kroah-Hartman, Harald Hoyer, Josh
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt Triplett, Kay Sievers, Lennart Poettering, Lukas Nykryn,
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt MUNEDA Takahiro, Mantas Mikulėnas, Mirco Tischler, Nathaniel
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering Chen, Nirbheek Chauhan, Ronny Chevalier, Ross Lagerwall, Tom
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering Gundersen, Umut Tezduyar, Ville Skyttä, Zbigniew
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering Jędrzejewski-Szmek
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart PoetteringCHANGES WITH 202:
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering * The output of 'systemctl list-jobs' got some polishing. The
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering '--type=' argument may now be passed more than once. A new
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering command 'systemctl list-sockets' has been added which shows
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering a list of kernel sockets systemd is listening on with the
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering socket units they belong to, plus the units these socket
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering units activate.
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering * The experimental libsystemd-bus library got substantial
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering updates to work in conjunction with the (also experimental)
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering kdbus kernel project. It works well enough to exchange
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering messages with some sophistication. Note that kdbus is not
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering ready yet, and the library is mostly an elaborate test case
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering for now, and not installable.
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering * systemd gained a new unit 'systemd-static-nodes.service'
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering that generates static device nodes earlier during boot, and
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering can run in conjunction with udev.
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering * libsystemd-login gained a new call sd_pid_get_user_unit()
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering to retrieve the user systemd unit a process is running
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering in. This is useful for systems where systemd is used as
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering session manager.
d4474c41ca3854db1b7a7b30765bb59fc570e1c4Tom Gundersen * systemd-nspawn now places all containers in the new /machine
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering top-level cgroup directory in the name=systemd
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering hierarchy. libvirt will soon do the same, so that we get a
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering uniform separation of /system, /user and /machine for system
f6d1de8547b1e957773f8b6764420579c8378aafRonny Chevalier services, user processes and containers/virtual
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering machines. This new cgroup hierarchy is also useful to stick
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering stable names to specific container instances, which can be
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering recognized later this way (this name may be controlled
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering via systemd-nspawn's new -M switch). libsystemd-login also
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering gained a new call sd_pid_get_machine_name() to retrieve the
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering name of the container/VM a specific process belongs to.
78b6b7ceb2c76a3e29aeaa4b00c257be0706bffcLennart Poettering * bootchart can now store its data in the journal.
3769415e6573da64fb80e31f4bb3f850cd99031eTimofey Titovets * libsystemd-journal gained a new call
3769415e6573da64fb80e31f4bb3f850cd99031eTimofey Titovets sd_journal_add_conjunction() for AND expressions to the
3769415e6573da64fb80e31f4bb3f850cd99031eTimofey Titovets matching logic. This can be used to express more complex
3769415e6573da64fb80e31f4bb3f850cd99031eTimofey Titovets logical expressions.
fae9332b140ffa3c1b04c80ac4cd3f2796e8cf3cLennart Poettering * journactl can now take multiple --unit= and --user-unit=
fae9332b140ffa3c1b04c80ac4cd3f2796e8cf3cLennart Poettering * The cryptsetup logic now understands the "luks.key=" kernel
ba8df74bb643c0f7c343fef78bba3661b0f9c31cKay Sievers command line switch for specifying a file to read the
fae9332b140ffa3c1b04c80ac4cd3f2796e8cf3cLennart Poettering decryption key from. Also, if a configured key file is not
fae9332b140ffa3c1b04c80ac4cd3f2796e8cf3cLennart Poettering found the tool will now automatically fall back to prompting
cfa1571b7f5a45927f76e54790974183a273d17aLennart Poettering * Python systemd.journal module was updated to wrap recently
cfa1571b7f5a45927f76e54790974183a273d17aLennart Poettering added functions from libsystemd-journal. The interface was
cfa1571b7f5a45927f76e54790974183a273d17aLennart Poettering changed to bring the low level interface in s.j._Reader
cfa1571b7f5a45927f76e54790974183a273d17aLennart Poettering closer to the C API, and the high level interface in
cfa1571b7f5a45927f76e54790974183a273d17aLennart Poettering s.j.Reader was updated to wrap and convert all data about
7e63dd1015c9ac6fc2042e45b0a87a3f9f8b9336Lennart Poettering Contributions from: Anatol Pomozov, Auke Kok, Harald Hoyer,
ba8df74bb643c0f7c343fef78bba3661b0f9c31cKay Sievers Henrik Grindal Bakken, Josh Triplett, Kay Sievers, Lennart
7e63dd1015c9ac6fc2042e45b0a87a3f9f8b9336Lennart Poettering Poettering, Lukas Nykryn, Mantas Mikulėnas Marius Vollmer,
7e63dd1015c9ac6fc2042e45b0a87a3f9f8b9336Lennart Poettering Martin Jansa, Martin Pitt, Michael Biebl, Michal Schmidt,
d4474c41ca3854db1b7a7b30765bb59fc570e1c4Tom Gundersen Mirco Tischler, Pali Rohar, Simon Peeters, Steven Hiscocks,
d4474c41ca3854db1b7a7b30765bb59fc570e1c4Tom Gundersen Tom Gundersen, Zbigniew Jędrzejewski-Szmek
d4474c41ca3854db1b7a7b30765bb59fc570e1c4Tom GundersenCHANGES WITH 201:
d4474c41ca3854db1b7a7b30765bb59fc570e1c4Tom Gundersen * journalctl --update-catalog now understands a new --root=
3b187c5cee0a9584d7c31e10f9fe008b94cf6d58Lennart Poettering option to operate on catalogs found in a different root
3b187c5cee0a9584d7c31e10f9fe008b94cf6d58Lennart Poettering * During shutdown after systemd has terminated all running
3b187c5cee0a9584d7c31e10f9fe008b94cf6d58Lennart Poettering services a final killing loop kills all remaining left-over
3b187c5cee0a9584d7c31e10f9fe008b94cf6d58Lennart Poettering processes. We will now print the name of these processes
3b187c5cee0a9584d7c31e10f9fe008b94cf6d58Lennart Poettering when we send SIGKILL to them, since this usually indicates a
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering * If /etc/crypttab refers to password files stored on
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering configured mount points automatic dependencies will now be
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering generated to ensure the specific mount is established first
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering before the key file is attempted to be read.
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering * 'systemctl status' will now show information about the
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering network sockets a socket unit is listening on.
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering * 'systemctl status' will also shown information about any
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering drop-in configuration file for units. (Drop-In configuration
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering files in this context are files such as
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering /etc/systemd/systemd/foobar.service.d/*.conf)
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering * systemd-cgtop now optionally shows summed up CPU times of
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering cgroups. Press '%' while running cgtop to switch between
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering percentage and absolute mode. This is useful to determine
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering which cgroups use up the most CPU time over the entire
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering runtime of the system. systemd-cgtop has also been updated
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering to be 'pipeable' for processing with further shell tools.
13e92f3966552091085982f4ebdeb38721f04a30Lennart Poettering * 'hostnamectl set-hostname' will now allow setting of FQDN
4b08dd87eebb4b634bdd5708ac1ba68dcee205b3Lennart Poettering * The formatting and parsing of time span values has been
b72ddf0f4f552dd53d6404b6ddbc9f17d02b8e12Kay Sievers changed. The parser now understands fractional expressions
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering such as "5.5h". The formatter will now output fractional
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering expressions for all time spans under 1min, i.e. "5.123456s"
b72ddf0f4f552dd53d6404b6ddbc9f17d02b8e12Kay Sievers rather than "5s 123ms 456us". For time spans under 1s
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering millisecond values are shown, for those under 1ms
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering microsecond values are shown. This should greatly improve
b72ddf0f4f552dd53d6404b6ddbc9f17d02b8e12Kay Sievers all time-related output of systemd.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * libsystemd-login and libsystemd-journal gained new
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering functions for querying the poll() events mask and poll()
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering timeout value for integration into arbitrary event
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * localectl gained the ability to list available X11 keymaps
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering (models, layouts, variants, options).
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * 'systemd-analyze dot' gained the ability to filter for
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering specific units via shell-style globs, to create smaller,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering more useful graphs. I.e. it is now possible to create simple
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering graphs of all the dependencies between only target units, or
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering of all units that Avahi has dependencies with.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Contributions from: Cristian Rodríguez, Dr. Tilmann Bubeck,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Harald Hoyer, Holger Hans Peter Freyther, Kay Sievers, Kelly
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Anderson, Koen Kooi, Lennart Poettering, Maksim Melnikau,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Marc-Antoine Perennou, Marius Vollmer, Martin Pitt, Michal
5f02e26ca7c039837dbaea63f3d3664fe45c26b9Thomas Hindoe Paaboel Andersen Schmidt, Oleksii Shevchuk, Ronny Chevalier, Simon McVittie,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Steven Hiscocks, Thomas Weißschuh, Umut Tezduyar, Václav
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Pavlín, Zbigniew Jędrzejewski-Szmek, Łukasz Stelmach
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart PoetteringCHANGES WITH 200:
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * The boot-time readahead implementation for rotating media
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering will now read the read-ahead data in multiple passes which
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering consist of all read requests made in equidistant time
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering intervals. This means instead of strictly reading read-ahead
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering data in its physical order on disk we now try to find a
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering middle ground between physical and access time order.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * /etc/os-release files gained a new BUILD_ID= field for usage
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering on operating systems that provide continuous builds of OS
daa05349dfefb12638c96e034c11be613bdc39b7Ansgar Burchardt Contributions from: Auke Kok, Eelco Dolstra, Kay Sievers,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Lennart Poettering, Lukas Nykryn, Martin Pitt, Václav Pavlín
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering William Douglas, Zbigniew Jędrzejewski-Szmek
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart PoetteringCHANGES WITH 199:
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * systemd-python gained an API exposing libsystemd-daemon.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * The SMACK setup logic gained support for uploading CIPSO
a1a4a25e7f6b515d0c8c25257714299853f261aaDaniel Mack security policy.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * Behaviour of PrivateTmp=, ReadWriteDirectories=,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering ReadOnlyDirectories= and InaccessibleDirectories= has
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering changed. The private /tmp and /var/tmp directories are now
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering shared by all processes of a service (which means
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering ExecStartPre= may now leave data in /tmp that ExecStart= of
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering the same service can still access). When a service is
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering stopped its temporary directories are immediately deleted
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering (normal clean-up with tmpfiles is still done in addition to
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * By default, systemd will now set a couple of sysctl
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering variables in the kernel: the safe sysrq options are turned
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering on, IP route verification is turned on, and source routing
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering disabled. The recently added hardlink and softlink
5f02e26ca7c039837dbaea63f3d3664fe45c26b9Thomas Hindoe Paaboel Andersen protection of the kernel is turned on. These settings should
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering be reasonably safe, and good defaults for all new systems.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * The predictable network naming logic may now be turned off
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering with a new kernel command line switch: net.ifnames=0.
a8eaaee72a2f06e0fb64fb71de3b71ecba31dafbJan Engelhardt * A new libsystemd-bus module has been added that implements a
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering pretty complete D-Bus client library. For details see:
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering http://lists.freedesktop.org/archives/systemd-devel/2013-March/009797.html
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * journald will now explicitly flush the journal files to disk
a1a4a25e7f6b515d0c8c25257714299853f261aaDaniel Mack at the latest 5min after each write. The file will then also
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering be marked offline until the next write. This should increase
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering reliability in case of a crash. The synchronization delay
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering can be configured via SyncIntervalSec= in journald.conf.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * There's a new remote-fs-setup.target unit that can be used
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering to pull in specific services when at least one remote file
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering system is to be mounted.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * There are new targets timers.target and paths.target as
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering canonical targets to pull user timer and path units in
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering from. This complements sockets.target with a similar
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering purpose for socket units.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * libudev gained a new call udev_device_set_attribute_value()
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering to set sysfs attributes of a device.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * The udev daemon now sets the default number of worker
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering processes executed in parallel based on the number of available
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering CPUs instead of the amount of available RAM. This is supposed
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering to provide a more reliable default and limit a too aggressive
01da80b1aa0e21f8785d467afc295e37fd00ffa1Lennart Poettering paralellism for setups with 1000s of devices connected.
01da80b1aa0e21f8785d467afc295e37fd00ffa1Lennart Poettering Contributions from: Auke Kok, Colin Walters, Cristian
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Rodríguez, Daniel Buch, Dave Reisner, Frederic Crozat, Hannes
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Reinecke, Harald Hoyer, Jan Alexander Steffens, Jan
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Engelhardt, Josh Triplett, Kay Sievers, Lennart Poettering,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Mantas Mikulėnas, Martin Pitt, Mathieu Bridon, Michael Biebl,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Michal Schmidt, Michal Sekletar, Miklos Vajna, Nathaniel Chen,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Oleksii Shevchuk, Ozan Çağlayan, Thomas Hindoe Paaboel
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Andersen, Tollef Fog Heen, Tom Gundersen, Umut Tezduyar,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Zbigniew Jędrzejewski-Szmek
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart PoetteringCHANGES WITH 198:
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * Configuration of unit files may now be extended via drop-in
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering files without having to edit/override the unit files
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering themselves. More specifically, if the administrator wants to
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering change one value for a service file foobar.service he can
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering now do so by dropping in a configuration snippet into
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering /etc/systemd/system/foobar.service.d/*.conf. The unit logic
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering will load all these snippets and apply them on top of the
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering main unit configuration file, possibly extending or
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen overriding its settings. Using these drop-in snippets is
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen generally nicer than the two earlier options for changing
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen unit files locally: copying the files from
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen /usr/lib/systemd/system/ to /etc/systemd/system/ and editing
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen them there; or creating a new file in /etc/systemd/system/
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen that incorporates the original one via ".include". Drop-in
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen snippets into these .d/ directories can be placed in any
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen directory systemd looks for units in, and the usual
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen overriding semantics between /usr/lib, /etc and /run apply
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen for them too.
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen * Most unit file settings which take lists of items can now be
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen reset by assigning the empty string to them. For example,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering normally, settings such as Environment=FOO=BAR append a new
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering environment variable assignment to the environment block,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering each time they are used. By assigning Environment= the empty
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering string the environment block can be reset to empty. This is
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering particularly useful with the .d/*.conf drop-in snippets
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering mentioned above, since this adds the ability to reset list
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering settings from vendor unit files via these drop-ins.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * systemctl gained a new "list-dependencies" command for
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering listing the dependencies of a unit recursively.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * Inhibitors are now honored and listed by "systemctl
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering suspend", "systemctl poweroff" (and similar) too, not only
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering GNOME. These commands will also list active sessions by
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * Resource limits (as exposed by the various control group
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering controllers) can now be controlled dynamically at runtime
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering for all units. More specifically, you can now use a command
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering like "systemctl set-cgroup-attr foobar.service cpu.shares
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering 2000" to alter the CPU shares a specific service gets. These
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering settings are stored persistently on disk, and thus allow the
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering administrator to easily adjust the resource usage of
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering services with a few simple commands. This dynamic resource
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering management logic is also available to other programs via the
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering bus. Almost any kernel cgroup attribute and controller is
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * systemd-vconsole-setup will now copy all font settings to
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering all allocated VTs, where it previously applied them only to
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering the foreground VT.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * libsystemd-login gained the new sd_session_get_tty() API
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * This release drops support for a few legacy or
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering distribution-specific LSB facility names when parsing init
a1a4a25e7f6b515d0c8c25257714299853f261aaDaniel Mack scripts: $x-display-manager, $mail-transfer-agent,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering $mail-transport-agent, $mail-transfer-agent, $smtp,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering $null. Also, the mail-transfer-agent.target unit backing
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering this has been removed. Distributions which want to retain
01da80b1aa0e21f8785d467afc295e37fd00ffa1Lennart Poettering compatibility with this should carry the burden for
01da80b1aa0e21f8785d467afc295e37fd00ffa1Lennart Poettering supporting this themselves and patch support for these back
01da80b1aa0e21f8785d467afc295e37fd00ffa1Lennart Poettering in, if they really need to. Also, the facilities $syslog and
01da80b1aa0e21f8785d467afc295e37fd00ffa1Lennart Poettering $local_fs are now ignored, since systemd does not support
01da80b1aa0e21f8785d467afc295e37fd00ffa1Lennart Poettering early-boot LSB init scripts anymore, and these facilities
01da80b1aa0e21f8785d467afc295e37fd00ffa1Lennart Poettering are implied anyway for normal services. syslog.target has
01da80b1aa0e21f8785d467afc295e37fd00ffa1Lennart Poettering also been removed.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * There are new bus calls on PID1's Manager object for
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering cancelling jobs, and removing snapshot units. Previously,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering both calls were only available on the Job and Snapshot
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering objects themselves.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * systemd-journal-gatewayd gained SSL support.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * The various "environment" files, such as /etc/locale.conf
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering now support continuation lines with a backslash ("\") as
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering last character in the line, similarly in style (but different)
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering to how this is supported in shells.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering * For normal user processes the _SYSTEMD_USER_UNIT= field is
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering now implicitly appended to every log entry logged. systemctl
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering has been updated to filter by this field when operating on a
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering user systemd instance.
3dff3e00e044e2d53c76fa842b9a4759d4a50e69Kay Sievers * nspawn will now implicitly add the CAP_AUDIT_WRITE and
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering CAP_AUDIT_CONTROL capabilities to the capabilities set for
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering the container. This makes it easier to boot unmodified
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Fedora systems in a container, which however still requires
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering audit=0 to be passed on the kernel command line. Auditing in
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering kernel and userspace is unfortunately still too broken in
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering context of containers, hence we recommend compiling it out
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering of the kernel or using audit=0. Hopefully this will be fixed
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering one day for good in the kernel.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * nspawn gained the new --bind= and --bind-ro= parameters to
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering bind mount specific directories from the host into the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * nspawn will now mount its own devpts file system instance
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering into the container, in order not to leak pty devices from
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering the host into the container.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * systemd will now read the firmware boot time performance
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering information from the EFI variables, if the used boot loader
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering supports this, and takes it into account for boot performance
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering analysis via "systemd-analyze". This is currently supported
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering only in conjunction with Gummiboot, but could be supported
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering by other boot loaders too. For details see:
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering http://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A new generator has been added that automatically mounts the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering EFI System Partition (ESP) to /boot, if that directory
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering exists, is empty, and no other file system has been
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering configured to be mounted there.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * logind will now send out PrepareForSleep(false) out
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering unconditionally, after coming back from suspend. This may be
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering used by applications as asynchronous notification for
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering system resume events.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * "systemctl unlock-sessions" has been added, that allows
ce1dde29b92d1399ce502e0f7db790a99d14841fThomas Hindoe Paaboel Andersen unlocking the screens of all user sessions at once, similar
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering to how "systemctl lock-sessions" already locked all users
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering sessions. This is backed by a new D-Bus call UnlockSessions().
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * "loginctl seat-status" will now show the master device of a
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering seat. (i.e. the device of a seat that needs to be around for
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering the seat to be considered available, usually the graphics
3dff3e00e044e2d53c76fa842b9a4759d4a50e69Kay Sievers * tmpfiles gained a new "X" line type, that allows
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering configuration of files and directories (with wildcards) that
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering shall be excluded from automatic cleanup ("aging").
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * udev default rules set the device node permissions now only
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering at "add" events, and do not change them any longer with a
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering later "change" event.
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering * The log messages for lid events and power/sleep keypresses
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering now carry a message ID.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * We now have a substantially larger unit test suite, but this
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering continues to be work in progress.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * udevadm hwdb gained a new --root= parameter to change the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering root directory to operate relative to.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * logind will now issue a background sync() request to the kernel
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering early at shutdown, so that dirty buffers are flushed to disk early
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering instead of at the last moment, in order to optimize shutdown
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering times a little.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A new bootctl tool has been added that is an interface for
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering certain boot loader operations. This is currently a preview
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering and is likely to be extended into a small mechanism daemon
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering like timedated, localed, hostnamed, and can be used by
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering graphical UIs to enumerate available boot options, and
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering request boot into firmware operations.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * systemd-bootchart has been relicensed to LGPLv2.1+ to match
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering the rest of the package. It also has been updated to work
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering correctly in initrds.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * Policykit previously has been runtime optional, and is now
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering also compile time optional via a configure switch.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * systemd-analyze has been reimplemented in C. Also "systemctl
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering dot" has moved into systemd-analyze.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * "systemctl status" with no further parameters will now print
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering the status of all active or failed units.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * Operations such as "systemctl start" can now be executed
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering with a new mode "--irreversible" which may be used to queue
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering operations that cannot accidentally be reversed by a later
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering job queuing. This is by default used to make shutdown
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering requests more robust.
ce1dde29b92d1399ce502e0f7db790a99d14841fThomas Hindoe Paaboel Andersen * The Python API of systemd now gained a new module for
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering reading journal files.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A new tool kernel-install has been added that can install
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering kernel images according to the Boot Loader Specification:
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * Boot time console output has been improved to provide
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering animated boot time output for hanging jobs.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A new tool systemd-activate has been added which can be used
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering to test socket activation with, directly from the command
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering line. This should make it much easier to test and debug
ce1dde29b92d1399ce502e0f7db790a99d14841fThomas Hindoe Paaboel Andersen socket activation in daemons.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * journalctl gained a new "--reverse" (or -r) option to show
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering journal output in reverse order (i.e. newest line first).
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * journalctl gained a new "--pager-end" (or -e) option to jump
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering to immediately jump to the end of the journal in the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering pager. This is only supported in conjunction with "less".
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * journalctl gained a new "--user-unit=" option, that works
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering similarly to "--unit=" but filters for user units rather than
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * A number of unit files to ease adoption of systemd in
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering initrds has been added. This moves some minimal logic from
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering the various initrd implementations into systemd proper.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * The journal files are now owned by a new group
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering "systemd-journal", which exists specifically to allow access
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering to the journal, and nothing else. Previously, we used the
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering "adm" group for that, which however possibly covers more
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering than just journal/log file access. This new group is now
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering already used by systemd-journal-gatewayd to ensure this
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering daemon gets access to the journal files and as little else
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering as possible. Note that "make install" will also set FS ACLs
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering up for /var/log/journal to give "adm" and "wheel" read
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering access to it, in addition to "systemd-journal" which owns
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering the journal files. We recommend that packaging scripts also
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering add read access to "adm" + "wheel" to /var/log/journal, and
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering all existing/future journal files. To normal users and
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering administrators little changes, however packagers need to
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering ensure to create the "systemd-journal" system group at
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering package installation time.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * The systemd-journal-gatewayd now runs as unprivileged user
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering systemd-journal-gateway:systemd-journal-gateway. Packaging
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering scripts need to create these system user/group at
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering installation time.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * timedated now exposes a new boolean property CanNTP that
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering indicates whether a local NTP service is available or not.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * systemd-detect-virt will now also detect xen PVs
ce1dde29b92d1399ce502e0f7db790a99d14841fThomas Hindoe Paaboel Andersen * The pstore file system is now mounted by default, if it is
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * In addition to the SELinux and IMA policies we will now also
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering load SMACK policies at early boot.
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Contributions from: Adel Gadllah, Aleksander Morgado, Auke
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Kok, Ayan George, Bastien Nocera, Colin Walters, Daniel Buch,
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Daniel Wallace, Dave Reisner, David Herrmann, David Strauss,
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Eelco Dolstra, Enrico Scholz, Frederic Crozat, Harald Hoyer,
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Jan Janssen, Jonathan Callen, Kay Sievers, Lennart Poettering,
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Lukas Nykryn, Mantas Mikulėnas, Marc-Antoine Perennou, Martin
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Pitt, Mauro Dreissig, Max F. Albrecht, Michael Biebl, Michael
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Olbrich, Michal Schmidt, Michal Sekletar, Michal Vyskocil,
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Michał Bartoszkiewicz, Mirco Tischler, Nathaniel Chen, Nestor
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Ovroy, Oleksii Shevchuk, Paul W. Frields, Piotr Drąg, Rob
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Clark, Ryan Lortie, Simon McVittie, Simon Peeters, Steven
b938cb902c3b5bca807a94b277672c64d6767886Jan Engelhardt Hiscocks, Thomas Hindoe Paaboel Andersen, Tollef Fog Heen, Tom
b938cb902c3b5bca807a94b277672c64d6767886Jan Engelhardt Gundersen, Umut Tezduyar, William Giokas, Zbigniew
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering Jędrzejewski-Szmek, Zeeshan Ali (Khattak)
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart PoetteringCHANGES WITH 197:
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * Timer units now support calendar time events in addition to
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering monotonic time events. That means you can now trigger a unit
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering based on a calendar time specification such as "Thu,Fri
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering 2013-*-1,5 11:12:13" which refers to 11:12:13 of the first
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering or fifth day of any month of the year 2013, given that it is
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering a thursday or friday. This brings timer event support
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering considerably closer to cron's capabilities. For details on
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering the supported calendar time specification language see
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering * udev now supports a number of different naming policies for
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering network interfaces for predictable names, and a combination
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering of these policies is now the default. Please see this wiki
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering document for details:
24a2bf4c9b0917231dd4f9b4289eabd46c382d3fLennart Poettering http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames
3058e017fced6d5c8712e10c8c1477421bc1e960Thadeu Lima de Souza Cascardo * Auke Kok's bootchart implementation has been added to the
3058e017fced6d5c8712e10c8c1477421bc1e960Thadeu Lima de Souza Cascardo systemd tree. It is an optional component that can graph the
3058e017fced6d5c8712e10c8c1477421bc1e960Thadeu Lima de Souza Cascardo boot in quite some detail. It is one of the best bootchart
3058e017fced6d5c8712e10c8c1477421bc1e960Thadeu Lima de Souza Cascardo implementations around and minimal in its code and
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering * nss-myhostname has been integrated into the systemd source
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering tree. nss-myhostname guarantees that the local hostname
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering always stays resolvable via NSS. It has been a weak
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering requirement of systemd-hostnamed since a long time, and
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering since its code is actually trivial we decided to just
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering include it in systemd's source tree. It can be turned off
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering with a configure switch.
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering * The read-ahead logic is now capable of properly detecting
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering whether a btrfs file system is on SSD or rotating media, in
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering order to optimize the read-ahead scheme. Previously, it was
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering only capable of detecting this on traditional file systems
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering * In udev, additional device properties are now read from the
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering IAB in addition to the OUI database. Also, Bluetooth company
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering identities are attached to the devices as well.
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering * In service files %U may be used as specifier that is
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering replaced by the configured user name of the service.
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering * nspawn may now be invoked without a controlling TTY. This
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering makes it suitable for invocation as its own service. This
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering may be used to set up a simple containerized server system
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering using only core OS tools.
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering * systemd and nspawn can now accept socket file descriptors
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering when they are started for socket activation. This enables
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering implementation of socket activated nspawn
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering containers. i.e. think about autospawning an entire OS image
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering when the first SSH or HTTP connection is received. We expect
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering that similar functionality will also be added to libvirt-lxc
c7435cc9115f5c8166433fd5ece028c06360ecd1Lennart Poettering * journalctl will now suppress ANSI color codes when
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers presenting log data.
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers * systemctl will no longer show control group information for
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers a unit if a the control group is empty anyway.
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers * logind can now automatically suspend/hibernate/shutdown the
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers system on idle.
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers * /etc/machine-info and hostnamed now also expose the chassis
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers type of the system. This can be used to determine whether
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers the local system is a laptop, desktop, handset or
71449cafa1f3aecad6fc755ae5e571eddf0bbd02Kay Sievers tablet. This information may either be configured by the
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt user/vendor or is automatically determined from ACPI and DMI
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers information if possible.
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers * A number of PolicyKit actions are now bound together with
4196a3ead3cfb823670d225eefcb3e60e34c7d95Kay Sievers "imply" rules. This should simplify creating UIs because
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering many actions will now authenticate similar ones as well.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Unit files learnt a new condition ConditionACPower= which
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering may be used to conditionalize a unit depending on whether an
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering AC power source is connected or not, of whether the system
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering is running on battery power.
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt * systemctl gained a new "is-failed" verb that may be used in
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering shell scripts and suchlike to check whether a specific unit
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering is in the "failed" state.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The EnvironmentFile= setting in unit files now supports file
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering globbing, and can hence be used to easily read a number of
71449cafa1f3aecad6fc755ae5e571eddf0bbd02Kay Sievers environment files at once.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * systemd will no longer detect and recognize specific
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering distributions. All distribution-specific #ifdeffery has been
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering removed, systemd is now fully generic and
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering distribution-agnostic. Effectively, not too much is lost as
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering a lot of the code is still accessible via explicit configure
a8eaaee72a2f06e0fb64fb71de3b71ecba31dafbJan Engelhardt switches. However, support for some distribution specific
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering legacy configuration file formats has been dropped. We
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering recommend distributions to simply adopt the configuration
a8eaaee72a2f06e0fb64fb71de3b71ecba31dafbJan Engelhardt files everybody else uses now and convert the old
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering configuration from packaging scripts. Most distributions
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering already did that. If that's not possible or desirable,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering distributions are welcome to forward port the specific
a8eaaee72a2f06e0fb64fb71de3b71ecba31dafbJan Engelhardt pieces of code locally from the git history.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * When logging a message about a unit systemd will now always
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering log the unit name in the message meta data.
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt * localectl will now also discover system locale data that is
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering not stored in locale archives, but directly unpacked.
c54bed5d515771c21250b8e0c052cb6600e21d37Mantas Mikulėnas * logind will no longer unconditionally use framebuffer
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering devices as seat masters, i.e. as devices that are required
cd14eda3212f9109c98a77cd5fee4168010d80daLennart Poettering to be existing before a seat is considered preset. Instead,
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt it will now look for all devices that are tagged as
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt "seat-master" in udev. By default framebuffer devices will
cd14eda3212f9109c98a77cd5fee4168010d80daLennart Poettering be marked as such, but depending on local systems other
ef392da6c56cdfff35265403192f051af257b3f8Ansgar Burchardt devices might be marked as well. This may be used to
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt integrate graphics cards using closed source drivers (such
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering as NVidia ones) more nicely into logind. Note however, that
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering we recommend using the open source NVidia drivers instead,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering and no udev rules for the closed-source drivers will be
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering shipped from us upstream.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Contributions from: Adam Williamson, Alessandro Crismani, Auke
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Kok, Colin Walters, Daniel Wallace, Dave Reisner, David
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Herrmann, David Strauss, Dimitrios Apostolou, Eelco Dolstra,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Eric Benoit, Giovanni Campagna, Hannes Reinecke, Henrik
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Grindal Bakken, Hermann Gausterer, Kay Sievers, Lennart
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Poettering, Lukas Nykryn, Mantas Mikulėnas, Marcel Holtmann,
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt Martin Pitt, Matthew Monaco, Michael Biebl, Michael Terry,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Michal Schmidt, Michal Sekletar, Michał Bartoszkiewicz, Oleg
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Samarin, Pekka Lundstrom, Philip Nilsson, Ramkumar
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Ramachandra, Richard Yao, Robert Millan, Sami Kerola, Shawn
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Landden, Thomas Hindoe Paaboel Andersen, Thomas Jarosch,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Tollef Fog Heen, Tom Gundersen, Umut Tezduyar, Zbigniew
45df8656ebb1b0559a75993d1508fc61c2d39829Jan Engelhardt Jędrzejewski-Szmek
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart PoetteringCHANGES WITH 196:
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * udev gained support for loading additional device properties
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering from an indexed database that is keyed by vendor/product IDs
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering and similar device identifiers. For the beginning this
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering "hwdb" is populated with data from the well-known PCI and
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering USB database, but also includes PNP, ACPI and OID data. In
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering the longer run this indexed database shall grow into
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering becoming the one central database for non-essential
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering userspace device metadata. Previously, data from the PCI/USB
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering database was only attached to select devices, since the
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering lookup was a relatively expensive operation due to O(n) time
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering complexity (with n being the number of entries in the
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering database). Since this is now O(1), we decided to add in this
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering data for all devices where this is available, by
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering default. Note that the indexed database needs to be rebuilt
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering when new data files are installed. To achieve this you need
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering to update your packaging scripts to invoke "udevadm hwdb
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering --update" after installation of hwdb data files. For
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering RPM-based distributions we introduced the new
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering %udev_hwdb_update macro for this purpose.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The Journal gained support for the "Message Catalog", an
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering indexed database to link up additional information with
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering journal entries. For further details please check:
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering http://www.freedesktop.org/wiki/Software/systemd/catalog
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering The indexed message catalog database also needs to be
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering rebuilt after installation of message catalog files. Use
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering "journalctl --update-catalog" for this. For RPM-based
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering distributions we introduced the %journal_catalog_update
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering macro for this purpose.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The Python Journal bindings gained support for the standard
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering Python logging framework.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * The Journal API gained new functions for checking whether
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering the underlying file system of a journal file is capable of
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering properly reporting file change notifications, or whether
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering applications that want to reflect journal changes "live"
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering need to recheck journal files continuously in appropriate
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering time intervals.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * It is now possible to set the "age" field for tmpfiles
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering entries to 0, indicating that files matching this entry
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering shall always be removed when the directories are cleaned up.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * coredumpctl gained a new "gdb" verb which invokes gdb
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering right-away on the selected coredump.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * There's now support for "hybrid sleep" on kernels that
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering support this, in addition to "suspend" and "hibernate". Use
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering "systemctl hybrid-sleep" to make use of this.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * logind's HandleSuspendKey= setting (and related settings)
cc98b3025eeb89addb76a27390cb2baca4eab8b9Torstein Husebø now gained support for a new "lock" setting to simply
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering request the screen lock on all local sessions, instead of
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering actually executing a suspend or hibernation.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * systemd will now mount the EFI variables file system by
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Socket units now gained support for configuration of the
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering SMACK security label.
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt * timedatectl will now output the time of the last and next
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt daylight saving change.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * We dropped support for various legacy and distro-specific
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering concepts, such as insserv, early-boot SysV services
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering (i.e. those for non-standard runlevels such as 'b' or 'S')
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering or ArchLinux /etc/rc.conf support. We recommend the
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering distributions who still need support this to either continue
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering to maintain the necessary patches downstream, or find a
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt different solution. (Talk to us if you have questions!)
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Various systemd components will now bypass PolicyKit checks
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt for root and otherwise handle properly if PolicyKit is not
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering found to be around. This should fix most issues for
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering PolicyKit-less systems. Quite frankly this should have been
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering this way since day one. It is absolutely our intention to
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering make systemd work fine on PolicyKit-less systems, and we
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering consider it a bug if something does not work as it should if
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering PolicyKit is not around.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * For embedded systems it is now possible to build udev and
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering systemd without blkid and/or kmod support.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * "systemctl switch-root" is now capable of switching root
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering more than once. I.e. in addition to transitions from the
daa05349dfefb12638c96e034c11be613bdc39b7Ansgar Burchardt initrd to the host OS it is now possible to transition to
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt further OS images from the host. This is useful to implement
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering offline updating tools.
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering * Various other additions have been made to the RPM macros
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering shipped with systemd. Use %udev_rules_update() after
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering installing new udev rules files. %_udevhwdbdir,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering %_udevrulesdir, %_journalcatalogdir, %_tmpfilesdir,
04e91da2cfdfb7153218be7a77c885f1c23d3fd7Lennart Poettering %_sysctldir are now available which resolve to the right
4c0d13bdd5ef971a3003899064af1717c8960beeLennart Poettering directories for packages to place various data files in.
4c0d13bdd5ef971a3003899064af1717c8960beeLennart Poettering * journalctl gained the new --full switch (in addition to
4c0d13bdd5ef971a3003899064af1717c8960beeLennart Poettering --all, to disable ellipsation for long messages.
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Contributions from: Anders Olofsson, Auke Kok, Ben Boeckel,
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Colin Walters, Cosimo Cecchi, Daniel Wallace, Dave Reisner,
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Eelco Dolstra, Holger Hans Peter Freyther, Kay Sievers,
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Chun-Yi Lee, Lekensteyn, Lennart Poettering, Mantas Mikulėnas,
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Marti Raudsepp, Martin Pitt, Mauro Dreissig, Michael Biebl,
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Michal Schmidt, Michal Sekletar, Miklos Vajna, Nis Martensen,
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Oleksii Shevchuk, Olivier Brunel, Ramkumar Ramachandra, Thomas
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Bächler, Thomas Hindoe Paaboel Andersen, Tom Gundersen, Tony
dc1d6c02fcf55bb7dac918d0ed3bd3e2a3d67525Lennart Poettering Camuso, Umut Tezduyar, Zbigniew Jędrzejewski-Szmek
6936cd8926b6935364874b3701e86fe823e8c4ceLennart PoetteringCHANGES WITH 195:
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * journalctl gained new --since= and --until= switches to
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers filter by time. It also now supports nice filtering for
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering units via --unit=/-u.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * Type=oneshot services may use ExecReload= and do the
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * The journal daemon now supports time-based rotation and
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt vacuuming, in addition to the usual disk-space based
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * The journal will now index the available field values for
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering each field name. This enables clients to show pretty drop
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering downs of available match values when filtering. The bash
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering completion of journalctl has been updated
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers accordingly. journalctl gained a new switch -F to list all
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering values a certain field takes in the journal database.
c9679c652b3c31f2510e8805d81630680ebc7e95Lennart Poettering * More service events are now written as structured messages
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt to the journal, and made recognizable via message IDs.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * The timedated, localed and hostnamed mini-services which
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers previously only provided support for changing time, locale
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers and hostname settings from graphical DEs such as GNOME now
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering also have a minimal (but very useful) text-based client
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering utility each. This is probably the nicest way to changing
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering these settings from the command line now, especially since
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering it lists available options and is fully integrated with bash
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek * There's now a new tool "systemd-coredumpctl" to list and
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering extract coredumps from the journal.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * We now install a README each in /var/log/ and
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek /etc/rc.d/init.d explaining where the system logs and init
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering scripts went. This hopefully should help folks who go to
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering that dirs and look into the otherwise now empty void and
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering scratch their heads.
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt * When user-services are invoked (by systemd --user) the
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering $MANAGERPID env var is set to the PID of systemd.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * SIGRTMIN+24 when sent to a --user instance will now result
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering in immediate termination of systemd.
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek * gatewayd received numerous feature additions such as a
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek "follow" mode, for live syncing and filtering.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * browse.html now allows filtering and showing detailed
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering information on specific entries. Keyboard navigation and
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering mouse screen support has been added.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * gatewayd/journalctl now supports HTML5/JSON
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Server-Sent-Events as output.
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * The SysV init script compatibility logic will now
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering heuristically determine whether a script supports the
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering "reload" verb, and only then make this available as
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering "systemctl reload".
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * "systemctl status --follow" has been removed, use "journalctl
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * journald.conf's RuntimeMinSize=, PersistentMinSize= settings
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering have been removed since they are hardly useful to be
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * And I'd like to take the opportunity to specifically mention
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Zbigniew for his great contributions. Zbigniew, you rock!
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Contributions from: Andrew Eikum, Christian Hesse, Colin
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Guthrie, Daniel J Walsh, Dave Reisner, Eelco Dolstra, Ferenc
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Wágner, Kay Sievers, Lennart Poettering, Lukas Nykryn, Mantas
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Mikulėnas, Martin Mikkelsen, Martin Pitt, Michael Olbrich,
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Michael Stapelberg, Michal Schmidt, Sebastian Ott, Thomas
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Bächler, Umut Tezduyar, Will Woods, Wulf C. Krueger, Zbigniew
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering Jędrzejewski-Szmek, Сковорода Никита Андреевич
6936cd8926b6935364874b3701e86fe823e8c4ceLennart PoetteringCHANGES WITH 194:
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering * If /etc/vconsole.conf is non-existent or empty we will no
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering longer load any console font or key map at boot by
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering default. Instead the kernel defaults will be left
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering intact. This is definitely the right thing to do, as no
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering configuration should mean no configuration, and hard-coding
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering font names that are different on all archs is probably a bad
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering idea. Also, the kernel default key map and font should be
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering good enough for most cases anyway, and mostly identical to
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering the userspace fonts/key maps we previously overloaded them
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering with. If distributions want to continue to default to a
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen non-kernel font or key map they should ship a default
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen /etc/vconsole.conf with the appropriate contents.
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen Contributions from: Colin Walters, Daniel J Walsh, Dave
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen Reisner, Kay Sievers, Lennart Poettering, Lukas Nykryn, Tollef
68dd0956ef9d607e6ff9aea15883a2c290a33c2aTom Gundersen Fog Heen, Tom Gundersen, Zbigniew Jędrzejewski-Szmek
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-SzmekCHANGES WITH 193:
69beda1f75070b36d0562e4050cd567bf2da5a87Kay Sievers * journalctl gained a new --cursor= switch to show entries
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering starting from the specified location in the journal.
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering * We now enforce a size limit on journal entry fields exported
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering with "-o json" in journalctl. Fields larger than 4K will be
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering assigned null. This can be turned off with --all.
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering * An (optional) journal gateway daemon is now available as
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering "systemd-journal-gatewayd.service". This service provides
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering access to the journal via HTTP and JSON. This functionality
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering will be used to implement live log synchronization in both
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering pull and push modes, but has various other users too, such
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering as easy log access for debugging of embedded devices. Right
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering now it is already useful to retrieve the journal via HTTP:
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering # systemctl start systemd-journal-gatewayd.service
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering This will download the journal contents in a
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering /var/log/messages compatible format. The same as JSON:
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering # curl -H"Accept: application/json" http://localhost:19531/entries
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering This service is also accessible via a web browser where a
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering single static HTML5 app is served that uses the JSON logic
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering to enable the user to do some basic browsing of the
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering journal. This will be extended later on. Here's an example
6936cd8926b6935364874b3701e86fe823e8c4ceLennart Poettering screenshot of this app in its current state:
8e7acf67b278e47cff0f849780365f8b1a824189Lennart Poettering http://0pointer.de/public/journal-gatewayd
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Contributions from: Kay Sievers, Lennart Poettering, Robert
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Milasan, Tom Gundersen
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart PoetteringCHANGES WITH 192:
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * The bash completion logic is now available for journalctl
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * We do not mount the "cpuset" controller anymore together with
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering "cpu" and "cpuacct", as "cpuset" groups generally cannot be
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering started if no parameters are assigned to it. "cpuset" hence
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering broke code that assumed it it could create "cpu" groups and
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering just start them.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * journalctl -f will now subscribe to terminal size changes,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering and line break accordingly.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Contributions from: Dave Reisner, Kay Sievers, Lennart
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Poettering, Lukas Nykrynm, Mirco Tischler, Václav Pavlín
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart PoetteringCHANGES WITH 191:
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * nspawn will now create a symlink /etc/localtime in the
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering container environment, copying the host's timezone
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering setting. Previously this has been done via a bind mount, but
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering since symlinks cannot be bind mounted this has now been
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering changed to create/update the appropriate symlink.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * journalctl -n's line number argument is now optional, and
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering will default to 10 if omitted.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * journald will now log the maximum size the journal files may
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering take up on disk. This is particularly useful if the default
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering built-in logic of determining this parameter from the file
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering system size is used. Use "systemctl status
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering systemd-journald.service" to see this information.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * The multi-seat X wrapper tool has been stripped down. As X
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering is now capable of enumerating graphics devices via udev in a
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering seat-aware way the wrapper is not strictly necessary
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering anymore. A stripped down temporary stop-gap is still shipped
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering until the upstream display managers have been updated to
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering fully support the new X logic. Expect this wrapper to be
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering removed entirely in one of the next releases.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * HandleSleepKey= in logind.conf has been split up into
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering HandleSuspendKey= and HandleHibernateKey=. The old setting
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering is not available anymore. X11 and the kernel are
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering distuingishing between these keys and we should too. This
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering also means the inhibition lock for these keys has been split
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Contributions from: Dave Airlie, Eelco Dolstra, Lennart
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering Poettering, Lukas Nykryn, Václav Pavlín
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart PoetteringCHANGES WITH 190:
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * Whenever a unit changes state we will now log this to the
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering journal and show along the unit's own log output in
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering "systemctl status".
b8bde11658366290521e3d03316378b482600323Jan Engelhardt * ConditionPathIsMountPoint= can now properly detect bind
b8bde11658366290521e3d03316378b482600323Jan Engelhardt mount points too. (Previously, a bind mount of one file
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering system to another place in the same file system could not be
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering detected as mount, since they shared struct stat's st_dev
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * We will now mount the cgroup controllers cpu, cpuacct,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering cpuset and the controllers net_cls, net_prio together by
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * nspawn containers will now have a virtualized boot
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering ID. (i.e. /proc/sys/kernel/random/boot_id is now mounted
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering over with a randomized ID at container initialization). This
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering has the effect of making "journalctl -b" do the right thing
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering in a container.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * The JSON output journal serialization has been updated not
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering to generate "endless" list objects anymore, but rather one
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering JSON object per line. This is more in line how most JSON
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering parsers expect JSON objects. The new output mode
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering "json-pretty" has been added to provide similar output, but
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering neatly aligned for readability by humans.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * We dropped all explicit sync() invocations in the shutdown
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering code. The kernel does this implicitly anyway in the kernel
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering reboot() syscall. halt(8)'s -n option is now a compatibility
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * We now support virtualized reboot() in containers, as
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering supported by newer kernels. We will fall back to exit() if
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering CAP_SYS_REBOOT is not available to the container. Also,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering nspawn makes use of this now and will actually reboot the
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering container if the containerized OS asks for that.
b8bde11658366290521e3d03316378b482600323Jan Engelhardt * journalctl will only show local log output by default
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering now. Use --merge (-m) to show remote log output, too.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * libsystemd-journal gained the new sd_journal_get_usage()
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering call to determine the current disk usage of all journal
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering files. This is exposed in the new "journalctl --disk-usage"
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * journald gained a new configuration setting SplitMode= in
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering journald.conf which may be used to control how user journals
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering are split off. See journald.conf(5) for details.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * A new condition type ConditionFileNotEmpty= has been added.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * tmpfiles' "w" lines now support file globbing, to write
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering multiple files at once.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * We added Python bindings for the journal submission
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering APIs. More Python APIs for a number of selected APIs will
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering likely follow. Note that we intend to add native bindings
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering only for the Python language, as we consider it common
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering enough to deserve bindings shipped within systemd. There are
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering various projects outside of systemd that provide bindings
b8bde11658366290521e3d03316378b482600323Jan Engelhardt for languages such as PHP or Lua.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * Many conditions will now resolve specifiers such as %i. In
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering addition, PathChanged= and related directives of .path units
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering now support specifiers as well.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * There's now a new RPM macro definition for the system preset
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering dir: %_presetdir.
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * journald will now warn if it ca not forward a message to the
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt syslog daemon because its socket is full.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * timedated will no longer write or process /etc/timezone,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering except on Debian. As we do not support late mounted /usr
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering anymore /etc/localtime always being a symlink is now safe,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering and hence the information in /etc/timezone is not necessary
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * logind will now always reserve one VT for a text getty (VT6
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering by default). Previously if more than 6 X sessions where
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering started they took up all the VTs with auto-spawned gettys,
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering so that no text gettys were available anymore.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * udev will now automatically inform the btrfs kernel logic
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering about btrfs RAID components showing up. This should make
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering simple hotplug based btrfs RAID assembly work.
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering * PID 1 will now increase its RLIMIT_NOFILE to 64K by default
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering (but not for its children which will stay at the kernel
51c61cda1a542c9e999bfdc6aab4a029c0ae7f5aLennart Poettering default). This should allow setups with a lot more listening
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * systemd will now always pass the configured timezone to the
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering kernel at boot. timedated will do the same when the timezone
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * logind's inhibition logic has been updated. By default,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering logind will now handle the lid switch, the power and sleep
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering keys all the time, even in graphical sessions. If DEs want
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering to handle these events on their own they should take the new
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering handle-power-key, handle-sleep-key and handle-lid-switch
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering inhibitors during their runtime. A simple way to achiveve
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering that is to invoke the DE wrapped in an invocation of:
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering systemd-inhibit --what=handle-power-key:handle-sleep-key:handle-lid-switch ...
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * Access to unit operations is now checked via SELinux taking
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering the unit file label and client process label into account.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * systemd will now notify the administrator in the journal
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering when he over-mounts a non-empty directory.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * There are new specifiers that are resolved in unit files,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering for the host name (%H), the machine ID (%m) and the boot ID
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Contributions from: Allin Cottrell, Auke Kok, Brandon Philips,
22e7062d749c69d7edfcd52ef7cc6ec005e862d5David Herrmann Colin Guthrie, Colin Walters, Daniel J Walsh, Dave Reisner,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Eelco Dolstra, Jan Engelhardt, Kay Sievers, Lennart
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Poettering, Lucas De Marchi, Lukas Nykryn, Mantas Mikulėnas,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Martin Pitt, Matthias Clasen, Michael Olbrich, Pierre Schmitz,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Shawn Landden, Thomas Hindoe Paaboel Andersen, Tom Gundersen,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Václav Pavlín, Yin Kangkai, Zbigniew Jędrzejewski-Szmek
699b6b3491dc265ead79602404ad67ccdacae302Lennart PoetteringCHANGES WITH 189:
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * Support for reading structured kernel messages from
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering /dev/kmsg has now been added and is enabled by default.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * Support for reading kernel messages from /proc/kmsg has now
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering been removed. If you want kernel messages in the journal
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering make sure to run a recent kernel (>= 3.5) that supports
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering reading structured messages from /dev/kmsg (see
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering above). /proc/kmsg is now exclusive property of classic
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering syslog daemons again.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * The libudev API gained the new
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering udev_device_new_from_device_id() call.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * The logic for file system namespace (ReadOnlyDirectory=,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering ReadWriteDirectoy=, PrivateTmp=) has been reworked not to
499b604b21c02ee64c8590a76d7900d64d7a5cb7Zbigniew Jędrzejewski-Szmek require pivot_root() anymore. This means fewer temporary
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering directories are created below /tmp for this feature.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * nspawn containers will now see and receive all submounts
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering made on the host OS below the root file system of the
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * Forward Secure Sealing is now supported for Journal files,
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering which provide cryptographical sealing of journal files so
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering that attackers cannot alter log history anymore without this
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering being detectable. Lennart will soon post a blog story about
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering this explaining it in more detail.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * There are two new service settings RestartPreventExitStatus=
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering and SuccessExitStatus= which allow configuration of exit
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering status (exit code or signal) which will be excepted from the
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering restart logic, resp. consider successful.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * journalctl gained the new --verify switch that can be used
4ef6e535e30c67d4ff34b2ca785e555dbaeac14eKay Sievers to check the integrity of the structure of journal files and
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering (if Forward Secure Sealing is enabled) the contents of
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering journal files.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * nspawn containers will now be run with /dev/stdin, /dev/fd/
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering and similar symlinks pre-created. This makes running shells
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering as container init process a lot more fun.
4ef6e535e30c67d4ff34b2ca785e555dbaeac14eKay Sievers * The fstab support can now handle PARTUUID= and PARTLABEL=
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * A new ConditionHost= condition has been added to match
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering against the hostname (with globs) and machine ID. This is
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering useful for clusters where a single OS image is used to
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering provision a large number of hosts which shall run slightly
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering different sets of services.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * Services which hit the restart limit will now be placed in a
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering failure state.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Contributions from: Bertram Poettering, Dave Reisner, Huang
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Hang, Kay Sievers, Lennart Poettering, Lukas Nykryn, Martin
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering Pitt, Simon Peeters, Zbigniew Jędrzejewski-Szmek
699b6b3491dc265ead79602404ad67ccdacae302Lennart PoetteringCHANGES WITH 188:
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * When running in --user mode systemd will now become a
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering subreaper (PR_SET_CHILD_SUBREAPER). This should make the ps
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering tree a lot more organized.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * A new PartOf= unit dependency type has been introduced that
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering may be used to group services in a natural way.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * "systemctl enable" may now be used to enable instances of
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * journalctl now prints error log levels in red, and
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering warning/notice log levels in bright white. It also supports
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering filtering by log level now.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * cgtop gained a new -n switch (similar to top), to configure
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering the maximum number of iterations to run for. It also gained
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering -b, to run in batch mode (accepting no input).
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * The suffix ".service" may now be omitted on most systemctl
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering command lines involving service unit names.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * There's a new bus call in logind to lock all sessions, as
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering well as a loginctl verb for it "lock-sessions".
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * libsystemd-logind.so gained a new call sd_journal_perror()
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering that works similar to libc perror() but logs to the journal
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering and encodes structured information about the error number.
699b6b3491dc265ead79602404ad67ccdacae302Lennart Poettering * /etc/crypttab entries now understand the new keyfile-size=
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * shutdown(8) now can send a (configurable) wall message when
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering a shutdown is cancelled.
67dd87c51b1ba254dc6a0eeae41762aace40addaLennart Poettering * The mount propagation mode for the root file system will now
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering default to "shared", which is useful to make containers work
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering nicely out-of-the-box so that they receive new mounts from
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering the host. This can be undone locally by running "mount
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering --make-rprivate /" if needed.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * The prefdm.service file has been removed. Distributions
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering should maintain this unit downstream if they intend to keep
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering it around. However, we recommend writing normal unit files
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering for display managers instead.
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers * Since systemd is a crucial part of the OS we will now
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering default to a number of compiler switches that improve
b8bde11658366290521e3d03316378b482600323Jan Engelhardt security (hardening) such as read-only relocations, stack
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering protection, and suchlike.
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers * The TimeoutSec= setting for services is now split into
b8bde11658366290521e3d03316378b482600323Jan Engelhardt TimeoutStartSec= and TimeoutStopSec= to allow configuration
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers of individual time outs for the start and the stop phase of
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Contributions from: Artur Zaprzala, Arvydas Sidorenko, Auke
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Kok, Bryan Kadzban, Dave Reisner, David Strauss, Harald Hoyer,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Jim Meyering, Kay Sievers, Lennart Poettering, Mantas
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering Mikulėnas, Martin Pitt, Michal Schmidt, Michal Sekletar, Peter
949138ccc3417748b0978980e4a1c67955dd4ba4Ansgar Burchardt Alfredsen, Shawn Landden, Simon Peeters, Terence Honles, Tom
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Gundersen, Zbigniew Jędrzejewski-Szmek
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart PoetteringCHANGES WITH 187:
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * The journal and id128 C APIs are now fully documented as man
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * Extra safety checks have been added when transitioning from
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering the initial RAM disk to the main system to avoid accidental
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * /etc/crypttab entries now understand the new keyfile-offset=
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * systemctl -t can now be used to filter by unit load state.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * The journal C API gained the new sd_journal_wait() call to
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering make writing synchronous journal clients easier.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * journalctl gained the new -D switch to show journals from a
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering specific directory.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * journalctl now displays a special marker between log
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering messages of two different boots.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * The journal is now explicitly flushed to /var via a service
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers systemd-journal-flush.service, rather than implicitly simply
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering by seeing /var/log/journal to be writable.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * journalctl (and the journal C APIs) can now match for much
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering more complex expressions, with alternatives and
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * When transitioning from the initial RAM disk to the main
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering system we will now kill all processes in a killing spree to
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering ensure no processes stay around by accident.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * Three new specifiers may be used in unit files: %u, %h, %s
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering resolve to the user name, user home directory resp. user
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering shell. This is useful for running systemd user instances.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * We now automatically rotate journal files if their data
b8bde11658366290521e3d03316378b482600323Jan Engelhardt object hash table gets a fill level > 75%. We also size the
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering hash table based on the configured maximum file size. This
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering together should lower hash collisions drastically and thus
b8bde11658366290521e3d03316378b482600323Jan Engelhardt speed things up a bit.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * journalctl gained the new "--header" switch to introspect
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering header data of journal files.
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering * A new setting SystemCallFilters= has been added to services
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering which may be used to apply blacklists or whitelists to
b8bde11658366290521e3d03316378b482600323Jan Engelhardt system calls. This is based on SECCOMP Mode 2 of Linux 3.5.
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering * nspawn gained a new --link-journal= switch (and quicker: -j)
b8bde11658366290521e3d03316378b482600323Jan Engelhardt to link the container journal with the host. This makes it
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering very easy to centralize log viewing on the host for all
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering guests while still keeping the journal files separated.
ed28905eecf631916f03edd0a7dfad8b0a177990Kay Sievers * Many bugfixes and optimizations
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering Contributions from: Auke Kok, Eelco Dolstra, Harald Hoyer, Kay
d27893efdf652c6d85ea590fa0b7c2b88f817083Lennart Poettering Sievers, Lennart Poettering, Malte Starostik, Paul Menzel, Rex
13b28d822462e9a0a7130ad40bed08cb380082f0Lennart Poettering Tsai, Shawn Landden, Tom Gundersen, Ville Skyttä, Zbigniew
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering Jędrzejewski-Szmek
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart PoetteringCHANGES WITH 186:
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * Several tools now understand kernel command line arguments,
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering which are only read when run in an initial RAM disk. They
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering usually follow closely their normal counterparts, but are
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering prefixed with rd.
43c71255b3db02916f4f70afa18bab196c6f4a45Lennart Poettering * There's a new tool to analyze the readahead files that are
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering automatically generated at boot. Use:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering /usr/lib/systemd/systemd-readahead analyze /.readahead
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * We now provide an early debug shell on tty9 if this enabled. Use:
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * All plymouth related units have been moved into the Plymouth
4670e9d5f23fc39360c086fb58eadf8b157ee205Jan Engelhardt package. Please make sure to upgrade your Plymouth version
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * systemd-tmpfiles now supports getting passed the basename of
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek a configuration file only, in which case it will look for it
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering in all appropriate directories automatically.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * udevadm info now takes a /dev or /sys path as argument, and
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering does the right thing. Example:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemctl now prints a warning if a unit is stopped but a
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering unit that might trigger it continues to run. Example: a
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John service is stopped but the socket that activates it is left
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * "systemctl status" will now mention if the log output was
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering shortened due to rotation since a service has been started.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The journal API now exposes functions to determine the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering "cutoff" times due to rotation.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * journald now understands SIGUSR1 and SIGUSR2 for triggering
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John immediately flushing of runtime logs to /var if possible,
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt resp. for triggering immediate rotation of the journal
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * It is now considered an error if a service is attempted to
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek be stopped that is not loaded.
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek * XDG_RUNTIME_DIR now uses numeric UIDs instead of usernames.
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek * systemd-analyze now supports Python 3
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek * tmpfiles now supports cleaning up directories via aging
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek where the first level dirs are always kept around but
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek directories beneath it automatically aged. This is enabled
dfb08b058401d56c395f4f2d20ff214d31a277e5Zbigniew Jędrzejewski-Szmek by prefixing the age field with '~'.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * Seat objects now expose CanGraphical, CanTTY properties
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering which is required to deal with very fast bootups where the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering display manager might be running before the graphics drivers
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering completed initialization.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Seat objects now expose a State property.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * We now include RPM macros for service enabling/disabling
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering based on the preset logic. We recommend RPM based
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering distributions to make use of these macros if possible. This
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering makes it simpler to reuse RPM spec files across
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering distributions.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * We now make sure that the collected systemd unit name is
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering always valid when services log to the journal via
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * There's a new man page kernel-command-line(7) detailing all
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering command line options we understand.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The fstab generator may now be disabled at boot by passing
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek fstab=0 on the kernel command line.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new kernel command line option modules-load= is now understood
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering to load a specific kernel module statically, early at boot.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Unit names specified on the systemctl command line are now
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering automatically escaped as needed. Also, if file system or
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering device paths are specified they are automatically turned
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering into the appropriate mount or device unit names. Example:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering systemctl status /home
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering systemctl status /dev/sda
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The SysVConsole= configuration option has been removed from
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The SysV search path is no longer exported on the D-Bus
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Manager object.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The Names= option is been removed from unit file parsing.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * There's a new man page bootup(7) detailing the boot process.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Every unit and every generator we ship with systemd now
7e95eda5b36f4a5259e1e86989b5aee824d83d03Patrik Flykt comes with full documentation. The self-explanatory boot is
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A couple of services gained "systemd-" prefixes in their
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt name if they wrap systemd code, rather than only external
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John code. Among them fsck@.service which is now
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John systemd-fsck@.service.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * The HaveWatchdog property has been removed from the D-Bus
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Manager object.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd.confirm_spawn= on the kernel command line should now
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering work sensibly.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * There's a new man page crypttab(5) which details all options
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John we actually understand.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-nspawn gained a new --capability= switch to pass
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering additional capabilities to the container.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * timedated will now read known NTP implementation unit names
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering from /usr/lib/systemd/ntp-units.d/*.list,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering systemd-timedated-ntp.target has been removed.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * journalctl gained a new switch "-b" that lists log data of
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the current boot only.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * The notify socket is in the abstract namespace again, in
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John order to support daemons which chroot() at start-up.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * There is a new Storage= configuration option for journald
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering which allows configuration of where log data should go. This
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering also provides a way to disable journal logging entirely, so
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering that data collected is only forwarded to the console, the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering kernel log buffer or another syslog implementation.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Many bugfixes and optimizations
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Contributions from: Auke Kok, Colin Guthrie, Dave Reisner,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering David Strauss, Eelco Dolstra, Kay Sievers, Lennart Poettering,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Lukas Nykryn, Michal Schmidt, Michal Sekletar, Paul Menzel,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Shawn Landden, Tom Gundersen
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart PoetteringCHANGES WITH 185:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * "systemctl help <unit>" now shows the man page if one is
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Several new man pages have been added.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * MaxLevelStore=, MaxLevelSyslog=, MaxLevelKMsg=,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering MaxLevelConsole= can now be specified in
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering journald.conf. These options allow reducing the amount of
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering data stored on disk or forwarded by the log level.
b97610038a122ff30e60b1996369ca4b979d8b19Kay Sievers * TimerSlackNSec= can now be specified in system.conf for
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering PID1. This allows system-wide power savings.
270f1624022039b370b9db311f9d33492833ad24Lennart Poettering Contributions from: Dave Reisner, Kay Sievers, Lauri Kasanen,
270f1624022039b370b9db311f9d33492833ad24Lennart Poettering Lennart Poettering, Malte Starostik, Marc-Antoine Perennou,
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering Matthias Clasen
4670e9d5f23fc39360c086fb58eadf8b157ee205Jan EngelhardtCHANGES WITH 184:
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * logind is now capable of (optionally) handling power and
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering sleep keys as well as the lid switch.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * journalctl now understands the syntax "journalctl
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering /usr/bin/avahi-daemon" to get all log output of a specific
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * CapabilityBoundingSet= in system.conf now also influences
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering the capability bound set of usermode helpers of the kernel.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Contributions from: Daniel Drake, Daniel J. Walsh, Gert
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Michael Kulyk, Harald Hoyer, Jean Delvare, Kay Sievers,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Lennart Poettering, Matthew Garrett, Matthias Clasen, Paul
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Menzel, Shawn Landden, Tero Roponen, Tom Gundersen
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-SzmekCHANGES WITH 183:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Note that we skipped 139 releases here in order to set the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering new version to something that is greater than both udev's
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek and systemd's most recent version number.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * udev: all udev sources are merged into the systemd source tree now.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering All future udev development will happen in the systemd tree. It
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering is still fully supported to use the udev daemon and tools without
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering systemd running, like in initramfs or other init systems. Building
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering udev though, will require the *build* of the systemd tree, but
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt udev can be properly *run* without systemd.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * udev: /lib/udev/devices/ are not read anymore; systemd-tmpfiles
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering should be used to create dead device nodes as workarounds for broken
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * udev: RUN+="socket:..." and udev_monitor_new_from_socket() is
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering no longer supported. udev_monitor_new_from_netlink() needs to be
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering used to subscribe to events.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * udev: when udevd is started by systemd, processes which are left
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering behind by forking them off of udev rules, are unconditionally cleaned
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering up and killed now after the event handling has finished. Services or
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering daemons must be started as systemd services. Services can be
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering pulled-in by udev to get started, but they can no longer be directly
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering forked by udev rules.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * udev: the daemon binary is called systemd-udevd now and installed
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering in /usr/lib/systemd/. Standalone builds or non-systemd systems need
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering to adapt to that, create symlink, or rename the binary after building
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * libudev no longer provides these symbols:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering udev_monitor_from_socket()
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering udev_queue_get_failed_list_entry()
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek udev_get_{dev,sys,run}_path()
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering The versions number was bumped and symbol versioning introduced.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-loginctl and systemd-journalctl have been renamed
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt to loginctl and journalctl to match systemctl.
4670e9d5f23fc39360c086fb58eadf8b157ee205Jan Engelhardt * The config files: /etc/systemd/systemd-logind.conf and
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek /etc/systemd/systemd-journald.conf have been renamed to
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek logind.conf and journald.conf. Package updates should rename
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek the files to the new names on upgrade.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * For almost all files the license is now LGPL2.1+, changed
c0c5af00bec95567435bdfb818c69b2b669adfedDaniel Buch from the previous GPL2.0+. Exceptions are some minor stuff
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt of udev (which will be changed to LGPL2.1 eventually, too),
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering and the MIT licensed sd-daemon.[ch] library that is suitable
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt to be used as drop-in files.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * systemd and logind now handle system sleep states, in
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering particular suspending and hibernating.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * logind now implements a sleep/shutdown/idle inhibiting logic
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering suitable for a variety of uses. Soonishly Lennart will blog
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering about this in more detail.
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering * var-run.mount and var-lock.mount are no longer provided
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering (which prevously bind mounted these directories to their new
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John places). Distributions which have not converted these
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John directories to symlinks should consider stealing these files
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering from git history and add them downstream.
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering * We introduced the Documentation= field for units and added
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering this to all our shipped units. This is useful to make it
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering easier to explore the boot and the purpose of the various
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering * All smaller setup units (such as
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering systemd-vconsole-setup.service) now detect properly if they
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering are run in a container and are skipped when
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering appropriate. This guarantees an entirely noise-free boot in
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering Linux container environments such as systemd-nspawn.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * A framework for implementing offline system updates is now
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt integrated, for details see:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering http://freedesktop.org/wiki/Software/systemd/SystemUpdates
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new service type Type=idle is available now which helps us
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John avoiding ugly interleaving of getty output and boot status
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * There's now a system-wide CapabilityBoundingSet= option to
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John globally reduce the set of capabilities for the
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt system. This is useful to drop CAP_SYS_MKNOD, CAP_SYS_RAWIO,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering CAP_NET_RAW, CAP_SYS_MODULE, CAP_SYS_TIME, CAP_SYS_PTRACE or
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering even CAP_NET_ADMIN system-wide for secure systems.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * There are now system-wide DefaultLimitXXX= options to
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers globally change the defaults of the various resource limits
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers for all units started by PID 1.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Harald Hoyer's systemd test suite has been integrated into
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John systemd which allows easy testing of systemd builds in qemu
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt and nspawn. (This is really awesome! Ask us for details!)
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * The fstab parser is now implemented as generator, not inside
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering of PID 1 anymore.
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers * systemctl will now warn you if .mount units generated from
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John /etc/fstab are out of date due to changes in fstab that
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers have not been read by systemd yet.
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers * systemd is now suitable for usage in initrds. Dracut has
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers already been updated to make use of this. With this in place
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers initrds get a slight bit faster but primarily are much
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers easier to introspect and debug since "systemctl status" in
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers the host system can be used to introspect initrd services,
ad42cf7308c45fb8a77c15b313f45361c5ea8fb5Kay Sievers and the journal from the initrd is kept around too.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systemd-delta has been added, a tool to explore differences
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt between user/admin configuration and vendor defaults.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * PrivateTmp= now affects both /tmp and /var/tmp.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Boot time status messages are now much prettier and feature
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering proper english language. Booting up systemd has never been
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * Read-ahead pack files now include the inode number of all
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John files to pre-cache. When the inode changes the pre-caching
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering is not attempted. This should be nicer to deal with updated
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering packages which might result in changes of read-ahead
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * We now temporaritly lower the kernel's read_ahead_kb variable
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering when collecting read-ahead data to ensure the kernel's
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John built-in read-ahead does not add noise to our measurements
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering of necessary blocks to pre-cache.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * There's now RequiresMountsFor= to add automatic dependencies
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering for all mounts necessary for a specific file system path.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * MountAuto= and SwapAuto= have been removed from
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek system.conf. Mounting file systems at boot has to take place
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * nspawn now learned a new switch --uuid= to set the machine
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek ID on the command line.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * nspawn now learned the -b switch to automatically search
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering for an init system.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * vt102 is now the default TERM for serial TTYs, upgraded from
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * systemd-logind now works on VT-less systems.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The build tree has been reorganized. The individual
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering components now have directories of their own.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * A new condition type ConditionPathIsReadWrite= is now available.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * nspawn learned the new -C switch to create cgroups for the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering container in other hierarchies.
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan Engelhardt * We now have support for hardware watchdogs, configurable in
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The scheduled shutdown logic now has a public API.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * We now mount /tmp as tmpfs by default, but this can be
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering masked and /etc/fstab can override it.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * Since udisks does not make use of /media anymore we are not
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering mounting a tmpfs on it anymore.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * journalctl gained a new --local switch to only interleave
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering locally generated journal files.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * We can now load the IMA policy at boot automatically.
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * The GTK tools have been split off into a systemd-ui.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Contributions from: Andreas Schwab, Auke Kok, Ayan George,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Colin Guthrie, Daniel Mack, Dave Reisner, David Ward, Elan
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Ruusamäe, Frederic Crozat, Gergely Nagy, Guillermo Vidal,
b97610038a122ff30e60b1996369ca4b979d8b19Kay Sievers Hannes Reinecke, Harald Hoyer, Javier Jardón, Kay Sievers,
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John Lennart Poettering, Lucas De Marchi, Léo Gillot-Lamure,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Marc-Antoine Perennou, Martin Pitt, Matthew Monaco, Maxim
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering A. Mikityanskiy, Michael Biebl, Michael Olbrich, Michal
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Schmidt, Nis Martensen, Patrick McCarty, Roberto Sassu, Shawn
b97610038a122ff30e60b1996369ca4b979d8b19Kay Sievers Landden, Sjoerd Simons, Sven Anders, Tollef Fog Heen, Tom
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart PoetteringCHANGES WITH 44:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * This is mostly a bugfix release
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Support optional initialization of the machine ID from the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering KVM or container configured UUID.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Support immediate reboots with "systemctl reboot -ff"
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Show /etc/os-release data in systemd-analyze output
1e190502e78cea1f8bcb62e6d390305c89e41e6aZbigniew Jędrzejewski-Szmek * Many bugfixes for the journal, including endianness fixes and
8e420494bc59d8b9d43e6d34d8ec8bb765946c74Lennart Poettering ensuring that disk space enforcement works
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * sd-login.h is C++ comptaible again
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * Extend the /etc/os-release format on request of the Debian
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * We now refuse non-UTF8 strings used in various configuration
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering and unit files. This is done to ensure we do not pass invalid
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering data over D-Bus or expose it elsewhere.
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * Register Mimo USB Screens as suitable for automatic seat
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John configuration
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Read SELinux client context from journal clients in a race
70a44afee385c4afadaab9a002b3f9dd44aedf4aJan Engelhardt * Reorder configuration file lookup order. /etc now always
b8bde11658366290521e3d03316378b482600323Jan Engelhardt overrides /run in order to allow the administrator to always
b8bde11658366290521e3d03316378b482600323Jan Engelhardt and unconditionally override vendor supplied or
6afc95b73605833e6e966af1c466b5c08feb953fLennart Poettering automatically generated data.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The various user visible bits of the journal now have man
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering pages. We still lack man pages for the journal API calls
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * We now ship all man pages in HTML format again in the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Contributions from: Dave Reisner, Dirk Eibach, Frederic
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Crozat, Harald Hoyer, Kay Sievers, Lennart Poettering, Marti
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Raudsepp, Michal Schmidt, Shawn Landden, Tero Roponen, Thierry
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart PoetteringCHANGES WITH 43:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * This is mostly a bugfix release
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * systems lacking /etc/os-release are no longer supported.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Various functionality updates to libsystemd-login.so
8b7d0494a3fe35209d4db0d1b9e065e7e5cc9875Jason St. John * Track class of PAM logins to distuingish greeters from
b8bde11658366290521e3d03316378b482600323Jan Engelhardt normal user logins.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Contributions from: Kay Sievers, Lennart Poettering, Michael
4c2413bffa7861bd3c4b3589c821ab7e0ac51c83Jan EngelhardtCHANGES WITH 42:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * This is an important bugfix release for v41.
210054d76cf4d294533aa09256d375e33b52569fKay Sievers * Building man pages is now optional which should be useful
210054d76cf4d294533aa09256d375e33b52569fKay Sievers for those building systemd from git but unwilling to install
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Watchdog support for supervising services is now usable. In
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering a future release support for hardware watchdogs
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering (i.e. /dev/watchdog) will be added building on this.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * Service start rate limiting is now configurable and can be
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering turned off per service. When a start rate limit is hit a
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering reboot can automatically be triggered.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * New CanReboot(), CanPowerOff() bus calls in systemd-logind.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Contributions from: Benjamin Franzke, Bill Nottingham,
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Frederic Crozat, Lennart Poettering, Michael Olbrich, Michal
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering Schmidt, Michał Górny, Piotr Drąg
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart PoetteringCHANGES WITH 41:
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The systemd binary is installed /usr/lib/systemd/systemd now;
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering An existing /sbin/init symlink needs to be adapted with the
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering package update.
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering * The code that loads kernel modules has been ported to invoke
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering libkmod directly, instead of modprobe. This means we do not
e49b5aada0df13c9e8fce7338ae34e075dd7ccd1Lennart Poettering support systems with module-init-tools anymore.
6300b3eca9e5261b73bd7f1bb9735992b127cd80Lennart Poettering * Watchdog support is now already useful, but still not
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * A new kernel command line option systemd.setenv= is
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering understood to set system wide environment variables
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering dynamically at boot.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * We now limit the set of capabilities of systemd-journald.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * We now set SIGPIPE to ignore by default, since it only is
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering useful in shell pipelines, and has little use in general
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering code. This can be disabled with IgnoreSIPIPE=no in unit
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering Contributions from: Benjamin Franzke, Kay Sievers, Lennart
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering Poettering, Michael Olbrich, Michal Schmidt, Tom Gundersen,
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering William Douglas
cd4010b37349413db1e553e213e62e654ca28113Lennart PoetteringCHANGES WITH 40:
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * This is mostly a bugfix release
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * We now expose the reason why a service failed in the
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering "Result" D-Bus property.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * Rudimentary service watchdog support (will be completed over
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering the next few releases.)
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * When systemd forks off in order execute some service we will
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt now immediately changes its argv[0] to reflect which process
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering it will execute. This is useful to minimize the time window
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering with a generic argv[0], which makes bootcharts more useful
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering Contributions from: Alvaro Soliverez, Chris Paulson-Ellis, Kay
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering Sievers, Lennart Poettering, Michael Olbrich, Michal Schmidt,
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt Mike Kazantsev, Ray Strode
cd4010b37349413db1e553e213e62e654ca28113Lennart PoetteringCHANGES WITH 39:
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * This is mostly a test release, but incorporates many
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * New systemd-cgtop tool to show control groups by their
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering resource usage.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * Linking against libacl for ACLs is optional again. If
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering disabled, support tracking device access for active logins
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering goes becomes unavailable, and so does access to the user
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering journals by the respective users.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * If a group "adm" exists, journal files are automatically
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering owned by them, thus allow members of this group full access
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering to the system journal as well as all user journals.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * The journal now stores the SELinux context of the logging
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering client for all entries.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * Add C++ inclusion guards to all public headers
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * New output mode "cat" in the journal to print only text
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering messages, without any meta data like date or time.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * Include tiny X server wrapper as a temporary stop-gap to
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering teach XOrg udev display enumeration. This is used by display
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering managers such as gdm, and will go away as soon as XOrg
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering learned native udev hotplugging for display devices.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * Add new systemd-cat tool for executing arbitrary programs
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering with STDERR/STDOUT connected to the journal. Can also act as
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering BSD logger replacement, and does so by default.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * Optionally store all locally generated coredumps in the
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering journal along with meta data.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * systemd-tmpfiles learnt four new commands: n, L, c, b, for
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering writing short strings to files (for usage for /sys), and for
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering creating symlinks, character and block device nodes.
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * New unit file option ControlGroupPersistent= to make cgroups
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering persistent, following the mechanisms outlined in
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering http://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * Support multiple local RTCs in a sane way
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering * No longer monopolize IO when replaying readahead data on
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering rotating disks, since we might starve non-file-system IO to
cd4010b37349413db1e553e213e62e654ca28113Lennart Poettering death, since fanotify() will not see accesses done by blkid,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * Do not show kernel threads in systemd-cgls anymore, unless
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering requested with new -k switch.
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay Sievers Contributions from: Dan Horák, Kay Sievers, Lennart
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Poettering, Michal Schmidt
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart PoetteringCHANGES WITH 38:
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * This is mostly a test release, but incorporates many
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * The git repository moved to:
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering git://anongit.freedesktop.org/systemd/systemd
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering ssh://git.freedesktop.org/git/systemd/systemd
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * First release with the journal
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering http://0pointer.de/blog/projects/the-journal.html
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * The journal replaces both systemd-kmsg-syslogd and
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering systemd-stdout-bridge.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * New sd_pid_get_unit() API call in libsystemd-logind
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * Many systemadm clean-ups
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * Introduce remote-fs-pre.target which is ordered before all
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering remote mounts and may be used to start services before all
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering remote mounts.
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * Added Mageia support
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay Sievers * Add bash completion for systemd-loginctl
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * Actively monitor PID file creation for daemons which exit in
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering the parent process before having finished writing the PID
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering file in the daemon process. Daemons which do this need to be
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering fixed (i.e. PID file creation must have finished before the
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering parent exits), but we now react a bit more gracefully to them.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * Add colourful boot output, mimicking the well-known output
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay Sievers of existing distributions.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * New option PassCredentials= for socket units, for
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering compatibility with a recent kernel ABI breakage.
f3a165b05d117b9a9657076fed6b265eb40d5ba3Kay Sievers * /etc/rc.local is now hooked in via a generator binary, and
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering thus will no longer act as synchronization point during
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * systemctl list-unit-files now supports --root=.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * systemd-tmpfiles now understands two new commands: z, Z for
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering relabelling files according to the SELinux database. This is
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering useful to apply SELinux labels to specific files in /sys,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering among other things.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * Output of SysV services is now forwarded to both the console
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering and the journal by default, not only just the console.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * New man pages for all APIs from libsystemd-login.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * The build tree got reorganized and a the build system is a
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering lot more modular allowing embedded setups to specifically
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering select the components of systemd they are interested in.
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering * Support for Linux systems lacking the kernel VT subsystem is
387abf80ad40e4a6c2f4725c8eff4d66bf110d1fLennart Poettering * configure's --with-rootdir= got renamed to
04bf3c1a60d82791e0320381e9268f727708f776Kay Sievers --with-rootprefix= to follow the naming used by udev and
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * Unless specified otherwise we will now install to /usr instead
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * Processes with '@' in argv[0][0] are now excluded from the
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering final shut-down killing spree, following the logic explained
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * All processes remaining in a service cgroup when we enter
f47ad59316ddbfce0b24edac752222d300ed0da4Zbigniew Jędrzejewski-Szmek the START or START_PRE states are now killed with
f47ad59316ddbfce0b24edac752222d300ed0da4Zbigniew Jędrzejewski-Szmek SIGKILL. That means it is no longer possible to spawn
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering background processes from ExecStart= lines (which was never
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering supported anyway, and bad style).
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering * New PropagateReloadTo=/PropagateReloadFrom= options to bind
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering reloading of units together.
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Contributions from: Bill Nottingham, Daniel J. Walsh, Dave
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Reisner, Dexter Morgan, Gregs Gregs, Jonathan Nieder, Kay
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Sievers, Lennart Poettering, Michael Biebl, Michal Schmidt,
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Michał Górny, Ran Benita, Thomas Jarosch, Tim Waugh, Tollef
4f0be680b5323e037314cfbd3dba34f03e637c8fLennart Poettering Fog Heen, Tom Gundersen, Zbigniew Jędrzejewski-Szmek