NEWS revision 9b361114f568e839784a3aeba5c1df5a95e86832
afe3ab588a6b2992efe5a9b22ed038545ba3cdbfLennart Poetteringsystemd System and Service Manager
b3ae710c251d0ce5cf2cef63208e325497b5e323Zbigniew Jędrzejewski-SzmekCHANGES WITH 222:
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers * udev does not longer support the WAIT_FOR_SYSFS= key in udev rules.
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers There are no known issues with current sysfs, and udev does not need
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers or should be used to work around such bugs.
afe3ab588a6b2992efe5a9b22ed038545ba3cdbfLennart Poettering * udev does no longer enable USB HID power management. Several reports
d19e85f0d474ed1882561b458d528cbae49f640eZbigniew Jędrzejewski-Szmek indicate, that some devices cannot handle that setting.
d19e85f0d474ed1882561b458d528cbae49f640eZbigniew Jędrzejewski-Szmek * The udev accelerometer helper was removed. The functionality
d19e85f0d474ed1882561b458d528cbae49f640eZbigniew Jędrzejewski-Szmek is now fully included in iio-sensor-proxy. But this means,
d19e85f0d474ed1882561b458d528cbae49f640eZbigniew Jędrzejewski-Szmek older iio-sensor-proxy versions will no longer provide
3e495a6651609d0a45b62aab5c3ed5a3b40e11abZbigniew Jędrzejewski-Szmek accelerometer/orientation data with this systemd version.
3e495a6651609d0a45b62aab5c3ed5a3b40e11abZbigniew Jędrzejewski-Szmek Please upgrade iio-sensor-proxy to version 1.0.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * networkd gained a new configuration option IPv6PrivacyExtensions=
f85857df75cfedbc0d10b8ca2400188dc8f4c22eLennart Poettering which enables IPv6 privacy extensions (RFC 4941, "Privacy Extensions
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering for Stateless Address") on selected networks.
83a1ff25e5228b0a5b2cc942fd4f964d10bb73b0Zbigniew Jędrzejewski-Szmek * For the sake of fewer build-time dependencies and less code in the
83a1ff25e5228b0a5b2cc942fd4f964d10bb73b0Zbigniew Jędrzejewski-Szmek main repository, the python bindings are about to be removed in the
83a1ff25e5228b0a5b2cc942fd4f964d10bb73b0Zbigniew Jędrzejewski-Szmek next release. A new repository has been created which accommodates
83a1ff25e5228b0a5b2cc942fd4f964d10bb73b0Zbigniew Jędrzejewski-Szmek the code from now on, and we kindly ask distributions to create a
83a1ff25e5228b0a5b2cc942fd4f964d10bb73b0Zbigniew Jędrzejewski-Szmek separate package for this. The removal will take place in v223.
47ee3ee03483efd271642d5043070cbd171f19d4Lennart Poettering https://github.com/systemd/python-systemd
5df0997459fef2a3d3e15fcb1f4aa8d0643231aaLennart Poettering Contributions from: Abdo Roig-Maranges, Andrew Eikum, Bastien Nocera,
5df0997459fef2a3d3e15fcb1f4aa8d0643231aaLennart Poettering Cédric Delmas, Christian Hesse, Christos Trochalakis, Daniel Mack,
5df0997459fef2a3d3e15fcb1f4aa8d0643231aaLennart Poettering daurnimator, David Herrmann, Dimitri John Ledkov, Eric Biggers, Eric
1361205099406d2a19d64547448638a6b665af81Lennart Poettering Cook, Felipe Sateler, Geert Jansen, Gerd Hoffmann, Gianpaolo Macario,
1361205099406d2a19d64547448638a6b665af81Lennart Poettering Greg Kroah-Hartman, Iago López Galeiras, Jan Alexander Steffens
a2088fd025deb90839c909829e27eece40f7fce4Lennart Poettering (heftig), Jan Engelhardt, Jay Strict, Kay Sievers, Lennart Poettering,
a2088fd025deb90839c909829e27eece40f7fce4Lennart Poettering Markus Knetschke, Martin Pitt, Michael Biebl, Michael Marineau, Michal
a2088fd025deb90839c909829e27eece40f7fce4Lennart Poettering Sekletar, Miguel Bernal Marin, Peter Hutterer, Richard Maw, rinrinne,
a2088fd025deb90839c909829e27eece40f7fce4Lennart Poettering Susant Sahani, Tom Gundersen, Torstein Husebø, Vedran Miletić, WaLyong
a2088fd025deb90839c909829e27eece40f7fce4Lennart Poettering Cho, Zbigniew Jędrzejewski-Szmek
a2088fd025deb90839c909829e27eece40f7fce4Lennart Poettering -- Berlin, 2015-07-06
c874ef05a705d3c679e5fd5a50b81e1f5512c4fdLennart PoetteringCHANGES WITH 221:
affb71da79b0c3cbcd6ff6c0cedb218a14162c7cLennart Poettering * The sd-bus.h and sd-event.h APIs have now been declared
affb71da79b0c3cbcd6ff6c0cedb218a14162c7cLennart Poettering stable and have been added to the official interface of
ff609b8ecd0e36bfff0ba120932307274d993dc8Lennart Poettering libsystemd.so. sd-bus implements an alternative D-Bus client
ff609b8ecd0e36bfff0ba120932307274d993dc8Lennart Poettering library, that is relatively easy to use, very efficient and
ff609b8ecd0e36bfff0ba120932307274d993dc8Lennart Poettering supports both classic D-Bus as well as kdbus as transport
eedb4ac83158bad6f74305612660b4aff6acc6b4Lennart Poettering backend. sd-event is a generic event loop abstraction that
eedb4ac83158bad6f74305612660b4aff6acc6b4Lennart Poettering is built around Linux epoll, but adds features such as event
de587378ea5d22e11373b18b4fcabf8f26f89529Lennart Poettering prioritization or efficient timer handling. Both APIs are good
de587378ea5d22e11373b18b4fcabf8f26f89529Lennart Poettering choices for C programs looking for a bus and/or event loop
203e81db24ccb9b4dcb0b1bad0ba554116267d20Lennart Poettering implementation that is minimal and does not have to be
203e81db24ccb9b4dcb0b1bad0ba554116267d20Lennart Poettering portable to other kernels.
63432f5d9570b76a8efe82702d69611c20645530Lennart Poettering * kdbus support is no longer compile-time optional. It is now
ef6fc8ee57eff8a2b612de0270c9a25e066ee290Lennart Poettering always built-in. However, it can still be disabled at
ef6fc8ee57eff8a2b612de0270c9a25e066ee290Lennart Poettering runtime using the kdbus=0 kernel command line setting, and
fd6c2363af2cb144bb6a7d6b8bdba9f777440078Lennart Poettering that setting may be changed to default to off, by specifying
47ee3ee03483efd271642d5043070cbd171f19d4Lennart Poettering --disable-kdbus at build-time. Note though that the kernel
fd6c2363af2cb144bb6a7d6b8bdba9f777440078Lennart Poettering command line setting has no effect if the kdbus.ko kernel
fd6c2363af2cb144bb6a7d6b8bdba9f777440078Lennart Poettering module is not installed, in which case kdbus is (obviously)
fd6c2363af2cb144bb6a7d6b8bdba9f777440078Lennart Poettering also disabled. We encourage all downstream distributions to
5c5b7911d34c765f9de5528e1259ea028d5518c1Lennart Poettering begin testing kdbus by adding it to the kernel images in the
c2570ab99be82eddbee0f397fbf8704a95f6f736Lennart Poettering development distributions, and leaving kdbus support in
c2570ab99be82eddbee0f397fbf8704a95f6f736Lennart Poettering systemd enabled.
c2570ab99be82eddbee0f397fbf8704a95f6f736Lennart Poettering * The minimal required util-linux version has been bumped to
eba6fd30f2a27f51fa328484cb241807c6934ce1Zbigniew Jędrzejewski-Szmek * Support for chkconfig (--enable-chkconfig) was removed in
c2570ab99be82eddbee0f397fbf8704a95f6f736Lennart Poettering favor of calling an abstraction tool
c2570ab99be82eddbee0f397fbf8704a95f6f736Lennart Poettering /lib/systemd/systemd-sysv-install. This needs to be
c2570ab99be82eddbee0f397fbf8704a95f6f736Lennart Poettering implemented for your distribution. See "SYSV INIT.D SCRIPTS"
d89e647542a6ceeefac15fbe8e193de7418bf449Lennart Poettering in README for details.
e7e90a8eee056fd12c8ad83470143f7798240dbcLennart Poettering * If there's a systemd unit and a SysV init script for the
e7e90a8eee056fd12c8ad83470143f7798240dbcLennart Poettering same service name, and the user executes "systemctl enable"
e7e90a8eee056fd12c8ad83470143f7798240dbcLennart Poettering for it (or a related call), then this will now enable both
f06944d65b1a9012a5564b364608796d1fad45d2Lennart Poettering (or execute the related operation on both), not just the
d72bc5973465018e077fcecdcc720840bc1e9cfdLennart Poettering * The libudev API documentation has been converted from gtkdoc
d72bc5973465018e077fcecdcc720840bc1e9cfdLennart Poettering into man pages.
d72bc5973465018e077fcecdcc720840bc1e9cfdLennart Poettering * gudev has been removed from the systemd tree, it is now an
d72bc5973465018e077fcecdcc720840bc1e9cfdLennart Poettering external project.
07cc65c70150faa68a63a444d615f922517c7d94Lennart Poettering * The systemd-cgtop tool learnt a new --raw switch to generate
07cc65c70150faa68a63a444d615f922517c7d94Lennart Poettering "raw" (machine parsable) output.
07cc65c70150faa68a63a444d615f922517c7d94Lennart Poettering * networkd's IPForwarding= .network file setting learnt the
07cc65c70150faa68a63a444d615f922517c7d94Lennart Poettering new setting "kernel", which ensures that networkd does not
07cc65c70150faa68a63a444d615f922517c7d94Lennart Poettering change the IP forwarding sysctl from the default kernel
07cc65c70150faa68a63a444d615f922517c7d94Lennart Poettering * The systemd-logind bus API now exposes a new boolean
c2570ab99be82eddbee0f397fbf8704a95f6f736Lennart Poettering property "Docked" that reports whether logind considers the
0a0215783159b9c3a3652b231df36dbff08e0ac5Lennart Poettering system "docked", i.e. connected to a docking station or not.
17978b17d9f5d3591f1c644938efc9c27aa60485Lennart Poettering Contributions from: Alex Crawford, Andreas Pokorny, Andrei
17978b17d9f5d3591f1c644938efc9c27aa60485Lennart Poettering Borzenkov, Charles Duffy, Colin Guthrie, Cristian Rodríguez,
17978b17d9f5d3591f1c644938efc9c27aa60485Lennart Poettering Daniele Medri, Daniel Hahler, Daniel Mack, David Herrmann,
17978b17d9f5d3591f1c644938efc9c27aa60485Lennart Poettering David Mohr, Dimitri John Ledkov, Djalal Harouni, dslul, Ed
17978b17d9f5d3591f1c644938efc9c27aa60485Lennart Poettering Swierk, Eric Cook, Filipe Brandenburger, Gianpaolo Macario,
48e6d6a6e911af0cf4e3ef12b0a3eeb2c8031d8aLennart Poettering Harald Hoyer, Iago López Galeiras, Igor Vuk, Jan Synacek,
48e6d6a6e911af0cf4e3ef12b0a3eeb2c8031d8aLennart Poettering Jason Pleau, Jason S. McMullan, Jean Delvare, Jeff Huang,
48e6d6a6e911af0cf4e3ef12b0a3eeb2c8031d8aLennart Poettering Jonathan Boulle, Karel Zak, Kay Sievers, kloun, Lennart
48e6d6a6e911af0cf4e3ef12b0a3eeb2c8031d8aLennart Poettering Poettering, Marc-Antoine Perennou, Marcel Holtmann, Mario
8aa203819fc7f2a840191f8d9d0e65566c0ce98eLennart Poettering Limonciello, Martin Pitt, Michael Biebl, Michael Olbrich,
8aa203819fc7f2a840191f8d9d0e65566c0ce98eLennart Poettering Michal Schmidt, Mike Gilbert, Nick Owens, Pablo Lezaeta Reyes,
b18d23d7ac6a53d52b99dbf0b2048d5a946a2e28Lennart Poettering Patrick Donnelly, Pavel Odvody, Peter Hutterer, Philip
b18d23d7ac6a53d52b99dbf0b2048d5a946a2e28Lennart Poettering Withnall, Ronny Chevalier, Simon McVittie, Susant Sahani,
449a22a58f0fa55d9d0fd2eb597272446e032acdLennart Poettering Thomas Hindoe Paaboel Andersen, Tom Gundersen, Torstein
449a22a58f0fa55d9d0fd2eb597272446e032acdLennart Poettering Husebø, Umut Tezduyar Lindskog, Viktar Vauchkevich, Werner
449a22a58f0fa55d9d0fd2eb597272446e032acdLennart Poettering Fink, Zbigniew Jędrzejewski-Szmek
60d17b74d714fa15d68639062dc2932d7b096229Lennart Poettering -- Berlin, 2015-06-19
60d17b74d714fa15d68639062dc2932d7b096229Lennart PoetteringCHANGES WITH 220:
60d17b74d714fa15d68639062dc2932d7b096229Lennart Poettering * The gudev library has been extracted into a separate repository
2f653bded321fc2271edcda43d54fcc3e6c20dc9Lennart Poettering available at: https://git.gnome.org/browse/libgudev/
2f653bded321fc2271edcda43d54fcc3e6c20dc9Lennart Poettering It is now managed as part of the Gnome project. Distributions
2f653bded321fc2271edcda43d54fcc3e6c20dc9Lennart Poettering are recommended to pass --disable-gudev to systemd and use
ac749874bbb66c0e7eff15ca35d1616d29b6f3c1Lennart Poettering gudev from the Gnome project instead. gudev is still included
ac749874bbb66c0e7eff15ca35d1616d29b6f3c1Lennart Poettering in systemd, for now. It will be removed soon, though. Please
7d417f0f357c59cc1846aa832161e69a2328f699Lennart Poettering also see the announcement-thread on systemd-devel:
7d417f0f357c59cc1846aa832161e69a2328f699Lennart Poettering http://lists.freedesktop.org/archives/systemd-devel/2015-May/032070.html
e342b74468870f2e4f3e15f7277a0adea42183caZbigniew Jędrzejewski-Szmek * systemd now exposes a CPUUsageNSec= property for each
e342b74468870f2e4f3e15f7277a0adea42183caZbigniew Jędrzejewski-Szmek service unit on the bus, that contains the overall consumed
e342b74468870f2e4f3e15f7277a0adea42183caZbigniew Jędrzejewski-Szmek CPU time of a service (the sum of what each process of the
036a4773ffa1152e4cabd27473450b8cc01e019bLennart Poettering service consumed). This value is only available if
036a4773ffa1152e4cabd27473450b8cc01e019bLennart Poettering CPUAccounting= is turned on for a service, and is then shown
036a4773ffa1152e4cabd27473450b8cc01e019bLennart Poettering in the "systemctl status" output.
a88abde72169ddc2df77df3fa5bed30725022253Lennart Poettering * Support for configuring alternative mappings of the old SysV
a88abde72169ddc2df77df3fa5bed30725022253Lennart Poettering runlevels to systemd targets has been removed. They are now
a88abde72169ddc2df77df3fa5bed30725022253Lennart Poettering hardcoded in a way that runlevels 2, 3, 4 all map to
a88abde72169ddc2df77df3fa5bed30725022253Lennart Poettering multi-user.target and 5 to graphical.target (which
f93b36affa5ac5710cd84bfb8ff0dafabe99fbf1Lennart Poettering previously was already the default behaviour).
20760dcf5df7e253c21a51886cdb02dee612730bLennart Poettering * The auto-mounter logic gained support for mount point
20760dcf5df7e253c21a51886cdb02dee612730bLennart Poettering expiry, using a new TimeoutIdleSec= setting in .automount
20760dcf5df7e253c21a51886cdb02dee612730bLennart Poettering units. (Also available as x-systemd.idle-timeout= in /etc/fstab).
20760dcf5df7e253c21a51886cdb02dee612730bLennart Poettering * The EFI System Partition (ESP) as mounted to /boot by
df22b0bbfde403b3fa71f3c2f1e2ca38af946388Lennart Poettering systemd-efi-boot-generator will now be unmounted
df22b0bbfde403b3fa71f3c2f1e2ca38af946388Lennart Poettering automatically after 2 minutes of not being used. This should
df22b0bbfde403b3fa71f3c2f1e2ca38af946388Lennart Poettering minimize the risk of ESP corruptions.
c05482281c32bd408808b14c5fb03e706e65602dLennart Poettering * New /etc/fstab options x-systemd.requires= and
c05482281c32bd408808b14c5fb03e706e65602dLennart Poettering x-systemd.requires-mounts-for= are now supported to express
c05482281c32bd408808b14c5fb03e706e65602dLennart Poettering additional dependencies for mounts. This is useful for
73cb77549536deab85d8d1261b5381e87d80ab23Lennart Poettering journalling file systems that support external journal
73cb77549536deab85d8d1261b5381e87d80ab23Lennart Poettering devices or overlay file systems that require underlying file
73cb77549536deab85d8d1261b5381e87d80ab23Lennart Poettering systems to be mounted.
84bef24dd3ad050bab8ecdcd130d0d9794005fa0Lennart Poettering * systemd does not support direct live-upgrades (via systemctl
84bef24dd3ad050bab8ecdcd130d0d9794005fa0Lennart Poettering daemon-reexec) from versions older than v44 anymore. As no
477e75ef9ea6bb2e7e8cc76278c442942110f227Lennart Poettering distribution we are aware of shipped such old versions in a
477e75ef9ea6bb2e7e8cc76278c442942110f227Lennart Poettering stable release this should not be problematic.
477e75ef9ea6bb2e7e8cc76278c442942110f227Lennart Poettering * When systemd forks off a new per-connection service instance
477e75ef9ea6bb2e7e8cc76278c442942110f227Lennart Poettering it will now set the $REMOTE_ADDR environment variable to the
477e75ef9ea6bb2e7e8cc76278c442942110f227Lennart Poettering remote IP address, and $REMOTE_PORT environment variable to
7dfb0404b3b6882d582a571f61a52b2f56961675Lennart Poettering the remote IP port. This behaviour is similar to the
7dfb0404b3b6882d582a571f61a52b2f56961675Lennart Poettering corresponding environment variables defined by CGI.
7dfb0404b3b6882d582a571f61a52b2f56961675Lennart Poettering * systemd-networkd gained support for uplink failure
7dfb0404b3b6882d582a571f61a52b2f56961675Lennart Poettering detection. The BindCarrier= option allows binding interface
2bc39683c0cada86c9dc39e5f3d0ea475cf12e57Lennart Poettering configuration dynamically to the link sense of other
2bc39683c0cada86c9dc39e5f3d0ea475cf12e57Lennart Poettering interfaces. This is useful to achieve behaviour like in
2bc39683c0cada86c9dc39e5f3d0ea475cf12e57Lennart Poettering network switches.
687f6a0ba77872299b9fb1f2f04d31c977088a63Lennart Poettering * systemd-networkd gained support for configuring the DHCP
687f6a0ba77872299b9fb1f2f04d31c977088a63Lennart Poettering client identifier to use when requesting leases.
687f6a0ba77872299b9fb1f2f04d31c977088a63Lennart Poettering * systemd-networkd now has a per-network UseNTP= option to
687f6a0ba77872299b9fb1f2f04d31c977088a63Lennart Poettering configure whether NTP server information acquired via DHCP
2bc39683c0cada86c9dc39e5f3d0ea475cf12e57Lennart Poettering is passed on to services like systemd-timesyncd.
687f6a0ba77872299b9fb1f2f04d31c977088a63Lennart Poettering * systemd-networkd gained support for vti6 tunnels.
31a11e8f30449a81867e8fd081e3e76cf6664bb4Lennart Poettering * Note that systemd-networkd manages the sysctl variable
41bc22f3a0d5c61e019a0b493c430941d56aba4eLennart Poettering /proc/sys/net/ipv[46]/conf/*/forwarding for each interface
dbdee28bfadd6d8bd93cb34c85ce1fc325dd8120Lennart Poettering it is configured for since v219. The variable controls IP
17fe56148c44dfa5583a8643c1918fd6eccf2aeeLennart Poettering forwarding, and is a per-interface alternative to the global
17fe56148c44dfa5583a8643c1918fd6eccf2aeeLennart Poettering /proc/sys/net/ipv[46]/ip_forward. This setting is
17fe56148c44dfa5583a8643c1918fd6eccf2aeeLennart Poettering configurable in the IPForward= option, which defaults to
17fe56148c44dfa5583a8643c1918fd6eccf2aeeLennart Poettering "no". This means if networkd is used for an interface it is
7687f85ea6bab434324bb985e2898bf6373891bfLennart Poettering no longer sufficient to set the global sysctl option to turn
7687f85ea6bab434324bb985e2898bf6373891bfLennart Poettering on IP forwarding! Instead, the .network file option
7687f85ea6bab434324bb985e2898bf6373891bfLennart Poettering IPForward= needs to be turned on! Note that the
7687f85ea6bab434324bb985e2898bf6373891bfLennart Poettering implementation of this behaviour was broken in v219 and has
c14db9b32ab90738973071d31f259d1a457d7b4aLennart Poettering been fixed in v220.
fa607802f332e06f4044c3eb38dbea41076c803dLennart Poettering * Many bonding and vxlan options are now configurable in
fa607802f332e06f4044c3eb38dbea41076c803dLennart Poettering systemd-networkd.
a47e6701bfc45519a4e038daa52e9236e932f59aLennart Poettering * systemd-nspawn gained a new --property= setting to set unit
92ff080be100aff15f292e2631921131c610afe7Lennart Poettering properties for the container scope. This is useful for
b80c66ba9836456de5260e4a1b696ba25561f613Lennart Poettering setting resource parameters (e.g "CPUShares=500") on
bd69054b0987b40a0df87d40772893f6f8a078daLennart Poettering containers started from the command line.
c3a0d00d6dd6f5997d673e133ef6f9f856550b0aLennart Poettering * systemd-nspawn gained a new --private-users= switch to make
c3a0d00d6dd6f5997d673e133ef6f9f856550b0aLennart Poettering use of user namespacing available on recent Linux kernels.
c3a0d00d6dd6f5997d673e133ef6f9f856550b0aLennart Poettering * systemd-nspawn may now be called as part of a shell pipeline
c3a0d00d6dd6f5997d673e133ef6f9f856550b0aLennart Poettering in which case the pipes used for stdin and stdout are passed
c3a0d00d6dd6f5997d673e133ef6f9f856550b0aLennart Poettering directly to the process invoked in the container, without
de146bb2aac13361ade3050d37696499ac4ca9aeLennart Poettering indirection via a pseudo tty.
de146bb2aac13361ade3050d37696499ac4ca9aeLennart Poettering * systemd-nspawn gained a new switch to control the UNIX
de146bb2aac13361ade3050d37696499ac4ca9aeLennart Poettering signal to use when killing the init process of the container
c3a0d00d6dd6f5997d673e133ef6f9f856550b0aLennart Poettering when shutting down.
82e6c50c473f4be8df77c7a510577f1975eedddbLennart Poettering * systemd-nspawn gained a new --overlay= switch for mounting
82e6c50c473f4be8df77c7a510577f1975eedddbLennart Poettering overlay file systems into the container using the new kernel
d2f81fb00cc3c49e21b31000ba7d37b81a260257Lennart Poettering overlayfs support.
98cd2651988619bf606f0b27825440c4638a7e0bLennart Poettering * When a container image is imported via systemd-importd and
b7307642391c8ebb9724c99e6b33239e2c0ff944Lennart Poettering the host file system is not btrfs, a loopback block device
b7307642391c8ebb9724c99e6b33239e2c0ff944Lennart Poettering file is created in /var/lib/machines.raw with a btrfs file
2a441c8afe7c81f74cc2ceccdf9a71301cd39d4dLennart Poettering system inside. It is then mounted to /var/lib/machines to
2a441c8afe7c81f74cc2ceccdf9a71301cd39d4dLennart Poettering enable btrfs features for container management. The loopback
2a441c8afe7c81f74cc2ceccdf9a71301cd39d4dLennart Poettering file and btrfs file system is grown as needed when container
2a441c8afe7c81f74cc2ceccdf9a71301cd39d4dLennart Poettering images are imported via systemd-importd.
40ff4a4abd76d71408e598ed02d7860b8465fa9aLennart Poettering * systemd-machined/systemd-importd gained support for btrfs
40ff4a4abd76d71408e598ed02d7860b8465fa9aLennart Poettering quota, to enforce container disk space limits on disk. This
40ff4a4abd76d71408e598ed02d7860b8465fa9aLennart Poettering is exposed in "machinectl set-limit".
0a86c1a9d8066267b878dfeddc5e0087dda6a37bLennart Poettering * systemd-importd now can import containers from local .tar,
0a86c1a9d8066267b878dfeddc5e0087dda6a37bLennart Poettering .raw and .qcow2 images, and export them to .tar and .raw. It
f131770b1465fbf423881f16ba85523a05f846feVeres Lajos can also import dkr v2 images now from the network (on top
0a86c1a9d8066267b878dfeddc5e0087dda6a37bLennart Poettering of v1 as before).
0a86c1a9d8066267b878dfeddc5e0087dda6a37bLennart Poettering * systemd-importd gained support for verifying downloaded
0a86c1a9d8066267b878dfeddc5e0087dda6a37bLennart Poettering images with gpg2 (previously only gpg1 was supported).
0a86c1a9d8066267b878dfeddc5e0087dda6a37bLennart Poettering * systemd-machined, systemd-logind, systemd: most bus calls
0a86c1a9d8066267b878dfeddc5e0087dda6a37bLennart Poettering are now accessible to unprivileged processes via
0a86c1a9d8066267b878dfeddc5e0087dda6a37bLennart Poettering PolicyKit. Also, systemd-logind will now allow users to kill
e3286870fdf20c3c93e944b24fd9af53620f7dbaLennart Poettering their own sessions without further privileges or
e3286870fdf20c3c93e944b24fd9af53620f7dbaLennart Poettering authorization.
e3286870fdf20c3c93e944b24fd9af53620f7dbaLennart Poettering * systemd-shutdownd has been removed. This service was
8514b67754c5ff7fa628929b3d27131010c21842Lennart Poettering previously responsible for implementing scheduled shutdowns
8514b67754c5ff7fa628929b3d27131010c21842Lennart Poettering as exposed in /usr/bin/shutdown's time parameter. This
6c78f43c7b0e54e695af49917fda79b584f46830Lennart Poettering functionality has now been moved into systemd-logind and is
6c78f43c7b0e54e695af49917fda79b584f46830Lennart Poettering accessible via a bus interface.
7b0fce617c48eda32b2d4e04b5f0e4376e8c0106Lennart Poettering * "systemctl reboot" gained a new switch --firmware-setup that
7b0fce617c48eda32b2d4e04b5f0e4376e8c0106Lennart Poettering can be used to reboot into the EFI firmware setup, if that
7b0fce617c48eda32b2d4e04b5f0e4376e8c0106Lennart Poettering is available. systemd-logind now exposes an API on the bus
7b0fce617c48eda32b2d4e04b5f0e4376e8c0106Lennart Poettering to trigger such reboots, in case graphical desktop UIs want
b568ef14a75dffb7182e0acbdec743b31df2a597Lennart Poettering to cover this functionality.
264b8070715d2d19344c4991ace21147d998f56dLennart Poettering * "systemctl enable", "systemctl disable" and "systemctl mask"
264b8070715d2d19344c4991ace21147d998f56dLennart Poettering now support a new "--now" switch. If specified the units
7e27f3121e5a10629302b5221eb21345f832724aLennart Poettering that are enabled will also be started, and the ones
f81e67f79fa856aa2ecffad4d014772ce981745cLennart Poettering * The Gummiboot EFI boot loader tool has been merged into
d48b7bd271b1e70924c8485d2f95c2f5a1ae77cbLennart Poettering systemd, and renamed to "systemd-boot". The bootctl tool has been
d48b7bd271b1e70924c8485d2f95c2f5a1ae77cbLennart Poettering updated to support systemd-boot.
25e14499c4c5b02229d05a5bc26c3693ade5f987Lennart Poettering * An EFI kernel stub has been added that may be used to create
758c4d7a391c0e024737053c815bf3924653b8c5Lennart Poettering kernel EFI binaries that contain not only the actual kernel,
758c4d7a391c0e024737053c815bf3924653b8c5Lennart Poettering but also an initrd, boot splash, command line and OS release
821cc13ddae40fb7608458b44aaa7a3fd33d56d9Lennart Poettering information. This combined binary can then be signed as a
821cc13ddae40fb7608458b44aaa7a3fd33d56d9Lennart Poettering single image, so that the firmware can verify it all in one
8483d73ff158ee0d51ccbba09a470cc6ae9b071aLennart Poettering step. systemd-boot has special support for EFI binaries created
8483d73ff158ee0d51ccbba09a470cc6ae9b071aLennart Poettering like this and can extract OS release information from them
8483d73ff158ee0d51ccbba09a470cc6ae9b071aLennart Poettering and show them in the boot menu. This functionality is useful
8483d73ff158ee0d51ccbba09a470cc6ae9b071aLennart Poettering to implement cryptographically verified boot schemes.
8483d73ff158ee0d51ccbba09a470cc6ae9b071aLennart Poettering * Optional support has been added to systemd-fsck to pass
8483d73ff158ee0d51ccbba09a470cc6ae9b071aLennart Poettering fsck's progress report to an AF_UNIX socket in the file
6dab5bb18151c80fc39bd51f03dcff40b920de3eLennart Poettering * udev will no longer create device symlinks for all block
6dab5bb18151c80fc39bd51f03dcff40b920de3eLennart Poettering devices by default. A blacklist for excluding special block
384a4be2b00cb95ce215dd343cc9aa77adc9b1ecLennart Poettering devices from this logic has been turned into a whitelist
384a4be2b00cb95ce215dd343cc9aa77adc9b1ecLennart Poettering that requires picking block devices explicitly that require
706d97503df83d141d241b645d2c920d691b3d62Lennart Poettering device symlinks.
3bcde97e8502c48b53f7420e2433ca68e601662dLennart Poettering * A new (currently still internal) API sd-device.h has been
3bcde97e8502c48b53f7420e2433ca68e601662dLennart Poettering added to libsystemd. This modernized API is supposed to
533bb267f13e2f7b4d7b78de30e821dc81c82335Lennart Poettering replace libudev eventually. In fact, already much of libudev
533bb267f13e2f7b4d7b78de30e821dc81c82335Lennart Poettering is now just a wrapper around sd-device.h.
533bb267f13e2f7b4d7b78de30e821dc81c82335Lennart Poettering * A new hwdb database for storing metadata about pointing
b42de08aa4c97636e42c28c7bce08f0d7c2a719aZbigniew Jędrzejewski-Szmek stick devices has been added.
b42de08aa4c97636e42c28c7bce08f0d7c2a719aZbigniew Jędrzejewski-Szmek * systemd-tmpfiles gained support for setting file attributes
b42de08aa4c97636e42c28c7bce08f0d7c2a719aZbigniew Jędrzejewski-Szmek similar to the "chattr" tool with new 'h' and 'H' lines.
42aeb14a4a0fa7d43da96a8ed0fb0e180a2dd5c8Lennart Poettering * systemd-journald will no longer unconditionally set the
42aeb14a4a0fa7d43da96a8ed0fb0e180a2dd5c8Lennart Poettering btrfs NOCOW flag on new journal files. This is instead done
42aeb14a4a0fa7d43da96a8ed0fb0e180a2dd5c8Lennart Poettering with tmpfiles snippet using the new 'h' line type. This
42aeb14a4a0fa7d43da96a8ed0fb0e180a2dd5c8Lennart Poettering allows easy disabling of this logic, by masking the
14a32924c9b46817c92ae11c1147a59dcb62012bLennart Poettering * systemd-journald will now translate audit message types to
14a32924c9b46817c92ae11c1147a59dcb62012bLennart Poettering human readable identifiers when writing them to the
563b1bdc09efe0cf94dd3f514f30376ca854c1ceLennart Poettering journal. This should improve readability of audit messages.
5dcf983854c2e8314dbee239180255490ec8ae1cLennart Poettering * The LUKS logic gained support for the offset= and skip=
5dcf983854c2e8314dbee239180255490ec8ae1cLennart Poettering options in /etc/crypttab, as previously implemented by
6bd7941ece602ae9962a103c8d65ecda7d642391Tom Gundersen * /usr/lib/os-release gained a new optional field VARIANT= for
6bd7941ece602ae9962a103c8d65ecda7d642391Tom Gundersen distributions that support multiple variants (such as a
b873d33ec9583c92a0c2bc6807d010720fa31595Lennart Poettering desktop edition, a server edition, ...)
510cc5ae0810d71e167cc5b389d36995f90e29cfTom Gundersen Contributions from: Aaro Koskinen, Adam Goode, Alban Crequy,
d61bb44a89fde3042c7c15ea4975239f7dcb0cb0Lennart Poettering Alberto Fanjul Alonso, Alexander Sverdlin, Alex Puchades, Alin
ed220efd6657822332b9563ec53c5ab9f3c33220Lennart Poettering Rauta, Alison Chaiken, Andrew Jones, Arend van Spriel,
ed220efd6657822332b9563ec53c5ab9f3c33220Lennart Poettering Benedikt Morbach, Benjamin Franzke, Benjamin Tissoires, Blaž
41488fe9024a8955d19811620fd55dcc56a5b2baLennart Poettering Tomažič, Chris Morgan, Chris Morin, Colin Walters, Cristian
41488fe9024a8955d19811620fd55dcc56a5b2baLennart Poettering Rodríguez, Daniel Buch, Daniel Drake, Daniele Medri, Daniel
41488fe9024a8955d19811620fd55dcc56a5b2baLennart Poettering Mack, Daniel Mustieles, daurnimator, Davide Bettio, David
41488fe9024a8955d19811620fd55dcc56a5b2baLennart Poettering Herrmann, David Strauss, Didier Roche, Dimitri John Ledkov,
41488fe9024a8955d19811620fd55dcc56a5b2baLennart Poettering Eric Cook, Gavin Li, Goffredo Baroncelli, Hannes Reinecke,
41488fe9024a8955d19811620fd55dcc56a5b2baLennart Poettering Hans de Goede, Hans-Peter Deifel, Harald Hoyer, Iago López
ca70bec9261977336c94f44d5fcf37e1c495326aLennart Poettering Galeiras, Ivan Shapovalov, Jan Engelhardt, Jan Janssen, Jan
ca70bec9261977336c94f44d5fcf37e1c495326aLennart Poettering Pazdziora, Jan Synacek, Jasper St. Pierre, Jay Faulkner, John
ca70bec9261977336c94f44d5fcf37e1c495326aLennart Poettering Paul Adrian Glaubitz, Jonathon Gilbert, Karel Zak, Kay
1dbe0a6efda7b1d35957eab7e1d56a2c69d806d9Lennart Poettering Sievers, Koen Kooi, Lennart Poettering, Lubomir Rintel, Lucas
1dbe0a6efda7b1d35957eab7e1d56a2c69d806d9Lennart Poettering De Marchi, Lukas Nykryn, Lukas Rusak, Lukasz Skalski, Łukasz
157a180e4fc827606833a6724834ba7b0246d650Tom Gundersen Stelmach, Mantas Mikulėnas, Marc-Antoine Perennou, Marcel
157a180e4fc827606833a6724834ba7b0246d650Tom Gundersen Holtmann, Martin Pitt, Mathieu Chevrier, Matthew Garrett,
823f4a91ebd8942a2c1ff31050dc55eaa60f6ffcLukas Nykryn Michael Biebl, Michael Marineau, Michael Olbrich, Michal
510cc5ae0810d71e167cc5b389d36995f90e29cfTom Gundersen Schmidt, Michal Sekletar, Mirco Tischler, Nir Soffer, Patrik
b873d33ec9583c92a0c2bc6807d010720fa31595Lennart Poettering Flykt, Pavel Odvody, Peter Hutterer, Peter Lemenkov, Peter
9d6db739ce1eaa3eace21801fd606d523b73c8f4Lennart Poettering Waller, Piotr Drąg, Raul Gutierrez S, Richard Maw, Ronny
1dbe0a6efda7b1d35957eab7e1d56a2c69d806d9Lennart Poettering Chevalier, Ross Burton, Sebastian Rasmussen, Sergey Ptashnick,
1dbe0a6efda7b1d35957eab7e1d56a2c69d806d9Lennart Poettering Seth Jennings, Shawn Landden, Simon Farnsworth, Stefan Junker,
9d6db739ce1eaa3eace21801fd606d523b73c8f4Lennart Poettering Stephen Gallagher, Susant Sahani, Sylvain Plantefève, Thomas
ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek Haller, Thomas Hindoe Paaboel Andersen, Tobias Hunger, Tom
23c4091dc2b85d117512e89233fdeb47d1ff3d92Lennart Poettering Gundersen, Torstein Husebø, Umut Tezduyar Lindskog, Will
23c4091dc2b85d117512e89233fdeb47d1ff3d92Lennart Poettering Woods, Zachary Cook, Zbigniew Jędrzejewski-Szmek
0f47ed0a052c0da743404f23ac3532aaabd23655Lennart Poettering -- Berlin, 2015-05-22
bc07548926ec5ed7b13df8d3656654f238e0b9a7Lennart PoetteringCHANGES WITH 219:
b6b63571ae3eca1741d54172922961af972b8f20Lennart Poettering * Introduce a new API "sd-hwdb.h" for querying the hardware
3f77a1b19f5a8ce33566f7f6e28e94c08ea30841Kay Sievers metadata database. With this minimal interface one can query
e2a69298819b58f008be61d314f8ab95ccaec427Lennart Poettering and enumerate the udev hwdb, decoupled from the old libudev
e2a69298819b58f008be61d314f8ab95ccaec427Lennart Poettering library. libudev's interface for this is now only a wrapper
2834ffe78d7fd8be118429aa1449ac72641638c2Lennart Poettering around sd-hwdb. A new tool systemd-hwdb has been added to
2834ffe78d7fd8be118429aa1449ac72641638c2Lennart Poettering interface with and update the database.
a940778fb1dd16479f455bab3ac6cbdbc5b06165Lennart Poettering * When any of systemd's tools copies files (for example due to
a01647e53727107d82382bc5c9d98c894e8f386cLennart Poettering tmpfiles' C lines) a btrfs reflink will attempted first,
3c779fa59d1825d7db2a9516669d34ded7916913Lennart Poettering before bytewise copying is done.
a01647e53727107d82382bc5c9d98c894e8f386cLennart Poettering * systemd-nspawn gained a new --ephemeral switch. When
3de03738fc970496d2d3da668c72767a48ccc41bLennart Poettering specified a btrfs snapshot is taken of the container's root
3de03738fc970496d2d3da668c72767a48ccc41bLennart Poettering directory, and immediately removed when the container
2b1c3767515672dfd0f5e0a9c9d7ac3a16a6a361Lennart Poettering terminates again. Thus, a container can be started whose
2b1c3767515672dfd0f5e0a9c9d7ac3a16a6a361Lennart Poettering changes never alter the container's root directory, and are
37efac5ddb21fd91ed420c070ed07f375e78b3b9Lennart Poettering lost on container termination. This switch can also be used
37efac5ddb21fd91ed420c070ed07f375e78b3b9Lennart Poettering for starting a container off the root file system of the
7348b3adb324614132cf376f478e883bd7de28f1Lennart Poettering host without affecting the host OS. This switch is only
7348b3adb324614132cf376f478e883bd7de28f1Lennart Poettering available on btrfs file systems.
e107ed185ef08945102834234a05ec51bb438685Lennart Poettering * systemd-nspawn gained a new --template= switch. It takes the
81429136905a6204875174b60a179333b7f3c9e4Kay Sievers path to a container tree to use as template for the tree
81429136905a6204875174b60a179333b7f3c9e4Kay Sievers specified via --directory=, should that directory be
e107ed185ef08945102834234a05ec51bb438685Lennart Poettering missing. This allows instantiating containers dynamically,
f598ac3e28b729dd0b1d0a881df3e16465687a2bLennart Poettering on first run. This switch is only available on btrfs file
01083ad094664e5c685060f4fb35a05ea2f212edLennart Poettering * When a .mount unit refers to a mount point on which multiple
edb2935c5c5b95c42b8679086f60da5eafad74cbLennart Poettering mounts are stacked, and the .mount unit is stopped all of
edb2935c5c5b95c42b8679086f60da5eafad74cbLennart Poettering the stacked mount points will now be unmounted until no
769918ecd30c0f7ee6e87b9aa6226d956bd2f530Lennart Poettering mount point remains.
769918ecd30c0f7ee6e87b9aa6226d956bd2f530Lennart Poettering * systemd now has an explicit notion of supported and
769918ecd30c0f7ee6e87b9aa6226d956bd2f530Lennart Poettering unsupported unit types. Jobs enqueued for unsupported unit
6a3f892a23db71544d0439355f96c44350dafa8fLennart Poettering types will now fail with an "unsupported" error code. More
2a781fc9bd33982c81e5ff75974a442a33d4f167Lennart Poettering specifically .swap, .automount and .device units are not
2a781fc9bd33982c81e5ff75974a442a33d4f167Lennart Poettering supported in containers, .busname units are not supported on
6a3f892a23db71544d0439355f96c44350dafa8fLennart Poettering non-kdbus systems. .swap and .automount are also not
6a3f892a23db71544d0439355f96c44350dafa8fLennart Poettering supported if their respective kernel compile time options
650264033f2f98f6319513958d94d59078654af8Lennart Poettering * machinectl gained support for two new "copy-from" and
f8901862b2b030921b3d5aba4157044ceab16451Lennart Poettering "copy-to" commands for copying files from a running
eda8f06755bd98c4639293c26b856c225f0d1fe1Lennart Poettering container to the host or vice versa.
d4fdc205a4610965cee46408dbd046c922e7620cLennart Poettering * machinectl gained support for a new "bind" command to bind
d4fdc205a4610965cee46408dbd046c922e7620cLennart Poettering mount host directories into local containers. This is
d4fdc205a4610965cee46408dbd046c922e7620cLennart Poettering currently only supported for nspawn containers.
af1082b04a3d45a9b1d796b4271f44e87e307026Lennart Poettering * networkd gained support for configuring bridge forwarding
af1082b04a3d45a9b1d796b4271f44e87e307026Lennart Poettering database entries (fdb) from .network files.
488ad3b32a7e2b5b1380abf4a15e5f65fa65f3feLennart Poettering * A new tiny daemon "systemd-importd" has been added that can
488ad3b32a7e2b5b1380abf4a15e5f65fa65f3feLennart Poettering download container images in tar, raw, qcow2 or dkr formats,
488ad3b32a7e2b5b1380abf4a15e5f65fa65f3feLennart Poettering and make them available locally in /var/lib/machines, so
488ad3b32a7e2b5b1380abf4a15e5f65fa65f3feLennart Poettering that they can run as nspawn containers. The daemon can GPG
488ad3b32a7e2b5b1380abf4a15e5f65fa65f3feLennart Poettering verify the downloads (not supported for dkr, since it has no
488ad3b32a7e2b5b1380abf4a15e5f65fa65f3feLennart Poettering provisions for verifying downloads). It will transparently
47c94a96df29080f8b3a97e7362df4e9c6ba3265Lennart Poettering decompress bz2, xz, gzip compressed downloads if necessary,
47c94a96df29080f8b3a97e7362df4e9c6ba3265Lennart Poettering and restore sparse files on disk. The daemon uses privilege
09ecd746c9d6581664873674c2188f8c93ed7780Lennart Poettering separation to ensure the actual download logic runs with
09ecd746c9d6581664873674c2188f8c93ed7780Lennart Poettering fewer privileges than the deamon itself. machinectl has
09ecd746c9d6581664873674c2188f8c93ed7780Lennart Poettering gained new commands "pull-tar", "pull-raw" and "pull-dkr" to
09ecd746c9d6581664873674c2188f8c93ed7780Lennart Poettering make the functionality of importd available to the
09ecd746c9d6581664873674c2188f8c93ed7780Lennart Poettering user. With this in place the Fedora and Ubuntu "Cloud"
09ecd746c9d6581664873674c2188f8c93ed7780Lennart Poettering images can be downloaded and booted as containers unmodified
09ecd746c9d6581664873674c2188f8c93ed7780Lennart Poettering (the Fedora images lack the appropriate GPG signature files
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering currently, so they cannot be verified, but this will change
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering soon, hopefully). Note that downloading images is currently
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering only fully supported on btrfs.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * machinectl is now able to list container images found in
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering /var/lib/machines, along with some metadata about sizes of
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering disk and similar. If the directory is located on btrfs and
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering quota is enabled, this includes quota display. A new command
0bee65f0622c4faa8ac8ae771cc0c8a936dfa284Lennart Poettering "image-status" has been added that shows additional
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering information about images.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * machinectl is now able to clone container images
ebcf1f97de4f6b1580ae55eb56b1a3939fe6b602Lennart Poettering efficiently, if the underlying file system (btrfs) supports
47c94a96df29080f8b3a97e7362df4e9c6ba3265Lennart Poettering it, with the new "machinectl list-images" command. It also
47c94a96df29080f8b3a97e7362df4e9c6ba3265Lennart Poettering gained commands for renaming and removing images, as well as
718db96199eb307751264e4163555662c9a389faLennart Poettering marking them read-only or read-write (supported also on
718db96199eb307751264e4163555662c9a389faLennart Poettering legacy file systems).
718db96199eb307751264e4163555662c9a389faLennart Poettering * networkd gained support for collecting LLDP network
718db96199eb307751264e4163555662c9a389faLennart Poettering announcements, from hardware that supports this. This is
718db96199eb307751264e4163555662c9a389faLennart Poettering shown in networkctl output.
966204e010ed432a1d7a0481d41a326d8ec7b0c8Lennart Poettering * systemd-run gained support for a new -t (--pty) switch for
94676f3e9352cbf1f72e0a512ee0d2ed83ff676dLennart Poettering invoking a binary on a pty whose input and output is
6fd4d0209827e5c3e52fa8c7144852f550f8f95cLennart Poettering connected to the invoking terminal. This allows executing
416446221d905b6815175dc4d525d27f8ae43d1bLennart Poettering processes as system services while interactively
416446221d905b6815175dc4d525d27f8ae43d1bLennart Poettering communicating with them via the terminal. Most interestingly
7f79cd7109a60810140a045cc725291fc5515264Lennart Poettering this is supported across container boundaries. Invoking
0aafd43d235982510d1c40564079f7bcec0c7c19Lennart Poettering "systemd-run -t /bin/bash" is an alternative to running a
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt full login session, the difference being that the former
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt will not register a session, nor go through the PAM session
fcba531ed4c6e6f8f21d8ca4e3a56e3162b1c578Lennart Poettering * tmpfiles gained support for a new "v" line type for creating
fcba531ed4c6e6f8f21d8ca4e3a56e3162b1c578Lennart Poettering btrfs subvolumes. If the underlying file system is a legacy
6aaa8c2f783cd1b3ac27c5ce40625d032e7e3d71Zbigniew Jędrzejewski-Szmek file system, this automatically degrades to creating a
c3bb87dbab8b79bb9253407cb5b7f3e6fe8db395Lennart Poettering normal directory. Among others /var/lib/machines is now
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt created like this at boot, should it be missing.
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering * The directory /var/lib/containers/ has been deprecated and
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering been replaced by /var/lib/machines. The term "machines" has
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering been used in the systemd context as generic term for both
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering VMs and containers, and hence appears more appropriate for
4e09014daf8f98584b3f15e64e93bed232e70a6bLennart Poettering this, as the directory can also contain raw images bootable
6bb648a16ae4a682ad4784412af706d2e6a3e4daTom Gundersen * systemd-nspawn when invoked with -M but without --directory=
fa607802f332e06f4044c3eb38dbea41076c803dLennart Poettering or --image= is now capable of searching for the container
d0928791499734e202460d5c027b5d3e0d28e7abLennart Poettering root directory, subvolume or disk image automatically, in
7212c6083a5577eabc96c35c9db4c19c113cae93Lennart Poettering /var/lib/machines. systemd-nspawn@.service has been updated
1f140dd8b048c5f5599a886b8c4d20f3f1065774David Herrmann to make use of this, thus allowing it to be used for raw
57f2a947270faf65e1876797b930e3f6d60ebd06Lennart Poettering disk images, too.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * A new machines.target unit has been introduced that is
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering supposed to group all containers/VMs invoked as services on
dc17bcef197a0d5ee798cce59c40e4f5e85c24f6Lennart Poettering the system. systemd-nspawn@.service has been updated to
80caea6cc72ebd311a311b1527cc6b87201c13bfLennart Poettering integrate with that.
df98a87ba389bdfc0359beedf47557411f3af434Lennart Poettering * machinectl gained a new "start" command, for invoking a
df98a87ba389bdfc0359beedf47557411f3af434Lennart Poettering container as a service. "machinectl start foo" is mostly
df98a87ba389bdfc0359beedf47557411f3af434Lennart Poettering equivalent to "systemctl start systemd-nspawn@foo.service",
df98a87ba389bdfc0359beedf47557411f3af434Lennart Poettering but handles escaping in a nicer way.
6a8b5fa4635ed858788fb10099ec9b62b3359a0aLennart Poettering * systemd-nspawn will now mount most of the cgroupfs tree
69727e6dc69ae5d9b5ae3681723778a3faa354e9Lennart Poettering read-only into each container, with the exception of the
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering container's own subtree in the name=systemd hierarchy.
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering * journald now sets the special FS_NOCOW file flag for its
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering journal files. This should improve performance on btrfs, by
b568ef14a75dffb7182e0acbdec743b31df2a597Lennart Poettering avoiding heavy fragmentation when journald's write-pattern
0ad68f8743f3baaa7cd8ac7a2275459ae0f7b96aLennart Poettering is used on COW file systems. It degrades btrfs' data
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering integrity guarantees for the files to the same levels as for
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering ext3/ext4 however. This should be OK though as journald does
12179984a38fe74581333fbcdc11c822d81f505fLennart Poettering its own data integrity checks and all its objects are
0536ce5d0ceaf87f3e81faaff41d69ffeed2186fZbigniew Jędrzejewski-Szmek checksummed on disk. Also, journald should handle btrfs disk
eb01ba5de14859d7a94835ab9299de40132d549aLennart Poettering full events a lot more gracefully now, by processing SIGBUS
154ff088d371bee5651eaa2bc9bde8a34c185656Lennart Poettering errors, and not relying on fallocate() anymore.
154ff088d371bee5651eaa2bc9bde8a34c185656Lennart Poettering * When journald detects that journal files it is writing to
154ff088d371bee5651eaa2bc9bde8a34c185656Lennart Poettering have been deleted it will immediately start new journal
461bd8e47cafacfcd38389e7558330bfb6e902adLennart Poettering * systemd now provides a way to store file descriptors
461bd8e47cafacfcd38389e7558330bfb6e902adLennart Poettering per-service in PID 1.This is useful for daemons to ensure
461bd8e47cafacfcd38389e7558330bfb6e902adLennart Poettering that fds they require are not lost during a daemon
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering restart. The fds are passed to the deamon on the next
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering invocation in the same way socket activation fds are
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering passed. This is now used by journald to ensure that the
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering various sockets connected to all the system's stdout/stderr
b454b11220e87add6d0f011695c7912b009c853dLennart Poettering are not lost when journald is restarted. File descriptors
b454b11220e87add6d0f011695c7912b009c853dLennart Poettering may be stored in PID 1 via the sd_pid_notify_with_fds() API,
4ff49cb63075aba646b578f2516b37a8dfd5a65bLennart Poettering an extension to sd_notify(). Note that a limit is enforced
4ff49cb63075aba646b578f2516b37a8dfd5a65bLennart Poettering on the number of fds a service can store in PID 1, and it
fff87a35d9e26c0d4ea41273a963c0eb20e18da4Zbigniew Jędrzejewski-Szmek defaults to 0, so that no fds may be stored, unless this is
fff87a35d9e26c0d4ea41273a963c0eb20e18da4Zbigniew Jędrzejewski-Szmek explicitly turned on.
b8b4d3dddc7611dce3bf28004b0375d661120c62Lennart Poettering * The default TERM variable to use for units connected to a
b5c03638d48c07aa0eaf13b5f54000c7133e1883Lennart Poettering terminal, when no other value is explicitly is set is now
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt vt220 rather than vt102. This should be fairly safe still,
b5c03638d48c07aa0eaf13b5f54000c7133e1883Lennart Poettering but allows PgUp/PgDn work.
b5c03638d48c07aa0eaf13b5f54000c7133e1883Lennart Poettering * The /etc/crypttab option header= as known from Debian is now
eece8c6fb5f4d354dcef6fd369e876c4f3a3f163Lennart Poettering * "loginctl user-status" and "loginctl session-status" will
356ce9915ab1a4a1e6dc26954df34936a69e7c12Lennart Poettering now show the last 10 lines of log messages of the
356ce9915ab1a4a1e6dc26954df34936a69e7c12Lennart Poettering user/session following the status output. Similar,
c144692179098c1861f2aeafc67689a74439cf4cLennart Poettering "machinectl status" will show the last 10 log lines
c144692179098c1861f2aeafc67689a74439cf4cLennart Poettering associated with a virtual machine or container
c144692179098c1861f2aeafc67689a74439cf4cLennart Poettering service. (Note that this is usually not the log messages
c144692179098c1861f2aeafc67689a74439cf4cLennart Poettering done in the VM/container itself, but simply what the
795607b22308f5b92073b012e43be1892fdd97c0Lennart Poettering container manager logs. For nspawn this includes all console
0be8342c04bbf129b4a21e5073eacccbbce4e896Lennart Poettering output however.)
0be8342c04bbf129b4a21e5073eacccbbce4e896Lennart Poettering * "loginctl session-status" without further argument will now
0be8342c04bbf129b4a21e5073eacccbbce4e896Lennart Poettering show the status of the session of the caller. Similar,
0be8342c04bbf129b4a21e5073eacccbbce4e896Lennart Poettering "lock-session", "unlock-session", "activate",
e5ec62c56963d997edaffa904af5dc45dac23988Lennart Poettering "enable-linger", "disable-linger" may now be called without
54c31a79f72ff57ac8eba089acacc4ab482b745dLennart Poettering session/user parameter in which case they apply to the
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * An X11 session scriptlet is now shipped that uploads
826872b61e4857dfffe63ba84e2b005623baecd6Lennart Poettering $DISPLAY and $XAUTHORITY into the environment of the systemd
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering --user daemon if a session begins. This should improve
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering compatibility with X11 enabled applications run as systemd
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering user services.
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering * Generators are now subject to masking via /etc and /run, the
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering same way as unit files.
490b7e47093d491a2bdb1084fe92b796f4e07eefLennart Poettering * networkd .network files gained support for configuring
81d112a8f0522a09fcfe317f420363a2b728137cLennart Poettering per-link IPv4/IPv6 packet forwarding as well as IPv4
490b7e47093d491a2bdb1084fe92b796f4e07eefLennart Poettering masquerading. This is by default turned on for veth links to
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering containers, as registered by systemd-nspawn. This means that
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering nspawn containers run with --network-veth will now get
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering automatic routed access to the host's networks without any
466784c8710e5cb0e0b86a16506d992d7ec5b619Kay Sievers further configuration or setup, as long as networkd runs on
e9fd44b728ff1fc0d1f24fccb87a767f6865df27Lennart Poettering * systemd-nspawn gained the --port= (-p) switch to expose TCP
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering or UDP posts of a container on the host. With this in place
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering it is possible to run containers with private veth links
3040728b6691ea2e9df3a2060e2d49a792bbaedaLennart Poettering (--network-veth), and have their functionality exposed on
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering the host as if their services were running directly on the
e6c6e7afffa80ad74efdb1ddfa815294624f1608Lennart Poettering * systemd-nspawn's --network-veth switch now gained a short
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering version "-n", since with the changes above it is now truly
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering useful out-of-the-box. The systemd-nspawn@.service has been
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering updated to make use of it too by default.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * systemd-nspawn will now maintain a per-image R/W lock, to
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering ensure that the same image is not started more than once
e5ec62c56963d997edaffa904af5dc45dac23988Lennart Poettering writable. (It's OK to run an image multiple times
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering simultaneously in read-only mode.)
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * systemd-nspawn's --image= option is now capable of
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering dissecting and booting MBR and GPT disk images that contain
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering only a single active Linux partition. Previously it
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering supported only GPT disk images with proper GPT type
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering IDs. This allows running cloud images from major
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering distributions directly with systemd-nspawn, without
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering * In addition to collecting mouse dpi data in the udev
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering hardware database, there's now support for collecting angle
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering information for mouse scroll wheels. The database is
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering supposed to guarantee similar scrolling behavior on mice
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering that it knows about. There's also support for collecting
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering information about Touchpad types.
b568ef14a75dffb7182e0acbdec743b31df2a597Lennart Poettering * udev's input_id built-in will now also collect touch screen
e673ad0415d89c322e5b1a121e411f1b1d8075c0Lennart Poettering dimension data and attach it to probed devices.
e673ad0415d89c322e5b1a121e411f1b1d8075c0Lennart Poettering * /etc/os-release gained support for a Distribution Privacy
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Policy link field.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * networkd gained support for creating "ipvlan", "gretap",
57f2a947270faf65e1876797b930e3f6d60ebd06Lennart Poettering "ip6gre", "ip6gretap" and "ip6tnl" network devices.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * systemd-tmpfiles gained support for "a" lines for setting
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering ACLs on files.
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * systemd-nspawn will now mount /tmp in the container to
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering tmpfs, automatically.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * systemd now exposes the memory.usage_in_bytes cgroup
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering attribute and shows it for each service in the "systemctl
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering status" output, if available.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * When the user presses Ctrl-Alt-Del more than 7x within 2s an
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering immediate reboot is triggered. This useful if shutdown is
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering hung and is unable to complete, to expedite the
f47ec8ebb3858553dec870e1c596e39525f46360Lennart Poettering operation. Note that this kind of reboot will still unmount
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering all file systems, and hence should not result in fsck being
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering run on next reboot.
038cf33420afa5f913fe5cbf3e7138574c33d97bZbigniew Jędrzejewski-Szmek * A .device unit for an optical block device will now be
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering considered active only when a medium is in the drive. Also,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering mount units are now bound to their backing devices thus
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering triggering automatic unmounting when devices become
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering unavailable. With this in place systemd will now
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering automatically unmount left-over mounts when a CD-ROM is
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering ejected or an USB stick is yanked from the system.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * networkd-wait-online now has support for waiting for
601d9d6fb394a780765e80581daab850623e9698Josh Triplett specific interfaces only (with globbing), and for giving up
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering after a configurable timeout.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * networkd now exits when idle. It will be automatically
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering restarted as soon as interfaces show up, are removed or
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering change state. networkd will stay around as long as there is
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering at least one DHCP state machine or similar around, that keep
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * networkd may now configure IPv6 link-local addressing in
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt addition to IPv4 link-local addressing.
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering * The IPv6 "token" for use in SLAAC may now be configured for
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering each .network interface in networkd.
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering * Routes configured with networkd may now be assigned a scope
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering in .network files.
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering * networkd's [Match] sections now support globbing and lists
279f036675536d55c901562b49f9df146af1a0e3Lennart Poettering of multiple space-separated matches per item.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Contributions from: Alban Crequy, Alin Rauta, Andrey Chaser,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Bastien Nocera, Bruno Bottazzini, Carlos Garnacho, Carlos
8b8f259170e35b93e6c6d1757cb8b835bbdaa40cZbigniew Jędrzejewski-Szmek Morata Castillo, Chris Atkinson, Chris J. Arges, Christian
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Kirbach, Christian Seiler, Christoph Brill, Colin Guthrie,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Colin Walters, Cristian Rodríguez, Daniele Medri, Daniel Mack,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Dave Reisner, David Herrmann, Djalal Harouni, Erik Auerswald,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Filipe Brandenburger, Frank Theile, Gabor Kelemen, Gabriel de
eb124a97fb72d076014253b1acde69d428f15ecfLennart Poettering Perthuis, Harald Hoyer, Hui Wang, Ivan Shapovalov, Jan
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Engelhardt, Jan Synacek, Jay Faulkner, Johannes Hölzl, Jonas
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Ådahl, Jonathan Boulle, Josef Andersson, Kay Sievers, Ken
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Werner, Lennart Poettering, Lucas De Marchi, Lukas Märdian,
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Lukas Nykryn, Lukasz Skalski, Luke Shumaker, Mantas Mikulėnas,
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Manuel Mendez, Marcel Holtmann, Marc Schmitzer, Marko
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Myllynen, Martin Pitt, Maxim Mikityanskiy, Michael Biebl,
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering Michael Marineau, Michael Olbrich, Michal Schmidt, Mindaugas
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Baranauskas, Moez Bouhlel, Naveen Kumar, Patrik Flykt, Paul
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Martin, Peter Hutterer, Peter Mattern, Philippe De Swert,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Piotr Drąg, Rafael Ferreira, Rami Rosen, Robert Milasan, Ronny
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Chevalier, Sangjung Woo, Sebastien Bacher, Sergey Ptashnick,
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Shawn Landden, Stéphane Graber, Susant Sahani, Sylvain
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Plantefève, Thomas Hindoe Paaboel Andersen, Tim JP, Tom
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Gundersen, Topi Miettinen, Torstein Husebø, Umut Tezduyar
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Lindskog, Veres Lajos, Vincent Batts, WaLyong Cho, Wieland
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Hoffmann, Zbigniew Jędrzejewski-Szmek
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt -- Berlin, 2015-02-16
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart PoetteringCHANGES WITH 218:
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * When querying unit file enablement status (for example via
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering "systemctl is-enabled"), a new state "indirect" is now known
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering which indicates that a unit might not be enabled itself, but
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering another unit listed in its Alias= setting might be.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * Similar to the various existing ConditionXYZ= settings for
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering units there are now matching AssertXYZ= settings. While
8b04b925e587ff56568c62ff5ad3f2ea2b34ca7aLennart Poettering failing conditions cause a unit to be skipped, but its job
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering to succeed, failing assertions declared like this will cause
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering a unit start operation and its job to fail.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * hostnamed now knows a new chassis type "embedded".
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * systemctl gained a new "edit" command. When used on a unit
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt file this allows extending unit files with .d/ drop-in
90e071d1d59be05fcba66561439c3ca67c80ee20Lennart Poettering configuration snippets or editing the full file (after
d2e83c23f5f0cdd3b6ec05c5c40209708721e704Kay Sievers copying it from /usr/lib to /etc). This will invoke the
a19554ed92a7460b4e709cc40c558cde827ab85bLennart Poettering user's editor (as configured with $EDITOR), and reload the
a19554ed92a7460b4e709cc40c558cde827ab85bLennart Poettering modified configuration after editing.
1cb88f2c61f590083847d65cd5a518e834da87d3Lennart Poettering * "systemctl status" now shows the suggested enablement state
a7a3f28be404875eff20443a0fa8088bcc4c18dfLennart Poettering for a unit, as declared in the (usually vendor-supplied)
a7a3f28be404875eff20443a0fa8088bcc4c18dfLennart Poettering system preset files.
08f9588885c5d65694b324846b0ed19211d2c178Lennart Poettering * nss-myhostname will now resolve the single-label host name
9ee58bddeb6eb044753167e0047fe836479ca5dbKay Sievers "gateway" to the locally configured default IP routing
9ee58bddeb6eb044753167e0047fe836479ca5dbKay Sievers gateways, ordered by their metrics. This assigns a stable
dcfc4b2e5c1af6375488c00bdc6fb8122f86c4d7Lennart Poettering name to the used gateways, regardless which ones are
71ef24d09573874c0f7bc323c07c3aec2a458707Lennart Poettering currently configured. Note that the name will only be
71ef24d09573874c0f7bc323c07c3aec2a458707Lennart Poettering resolved after all other name sources (if nss-myhostname is
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt configured properly) and should hence not negatively impact
1b89884ba31cbe98f159ce2c7d6fac5f6a57698fLennart Poettering systems that use the single-label host name "gateway" in
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering other contexts.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * systemd-inhibit now allows filtering by mode when listing
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering * Scope and service units gained a new "Delegate" boolean
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering property, which when set allows processes running inside the
5f1dac6bf605871615b35891a3966fa474db5b20Lennart Poettering unit to further partition resources. This is primarily
f801968466fed39d50d410b30ac828c26722cc95Lennart Poettering useful for systemd user instances as well as container
424a19f8a2061c6b058283228734010b2fa24db4Lennart Poettering * journald will now pick up audit messages directly from
424a19f8a2061c6b058283228734010b2fa24db4Lennart Poettering the kernel, and log them like any other log message. The
424a19f8a2061c6b058283228734010b2fa24db4Lennart Poettering audit fields are split up and fully indexed. This means that
a1cccad1fe88ddd6943e18af97cf7f466296970fLennart Poettering journalctl in many ways is now a (nicer!) alternative to
8556879e0d14925ce897875c6c264368e2d048c2Lennart Poettering ausearch, the traditional audit client. Note that this
4a30847b9d71e0381948d68279c8f775b9de7850Lennart Poettering implements only a minimal audit client, if you want the
4a30847b9d71e0381948d68279c8f775b9de7850Lennart Poettering special audit modes like reboot-on-log-overflow, please use
5e8b28838e493b59628322b69580097ef7dd9384Lennart Poettering the traditional auditd instead, which can be used in
5e8b28838e493b59628322b69580097ef7dd9384Lennart Poettering parallel to journald.
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering * The ConditionSecurity= unit file option now understands the
68f160039eb78fe122cfe0d4c49695ae91f6f0d1Lennart Poettering special string "audit" to check whether auditing is
68f160039eb78fe122cfe0d4c49695ae91f6f0d1Lennart Poettering * journalctl gained two new commands --vacuum-size= and
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt --vacuum-time= to delete old journal files until the
68f160039eb78fe122cfe0d4c49695ae91f6f0d1Lennart Poettering remaining ones take up no more the specified size on disk,
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt or are not older than the specified time.
0790b9fed42eefc4e22dbbe2337cba9713b7848cLennart Poettering * A new, native PPPoE library has been added to sd-network,
fd4d89b2c0b31da01d134301e30916931ae3c7d9Lennart Poettering systemd's library of light-weight networking protocols. This
fd4d89b2c0b31da01d134301e30916931ae3c7d9Lennart Poettering library will be used in a future version of networkd to
47ae7201b1df43bd3da83a19e38483b0e5694c99Lennart Poettering enable PPPoE communication without an external pppd daemon.
88a6c5894c9d3f85d63b87b040c130366b4006ceKay Sievers * The busctl tool now understands a new "capture" verb that
8351ceaea9480d9c2979aa2ff0f4982cfdfef58dLennart Poettering works similar to "monitor", but writes a packet capture
9946996cda11a18b44d82344676e5a0e96339408Lennart Poettering trace to STDOUT that can be redirected to a file which is
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt compatible with libcap's capture file format. This can then
9946996cda11a18b44d82344676e5a0e96339408Lennart Poettering be loaded in Wireshark and similar tools to inspect bus
3471bedc005fab03f40b99bf6599645330adcd9eLennart Poettering communication.
59cea26a349cfa8db906b520dac72563dd773ff2Lennart Poettering * The busctl tool now understands a new "tree" verb that shows
35eb6b124ebdf82bd77aad6e44962a9a039c4d33Lennart Poettering the object trees of a specific service on the bus, or of all
e01a15b71e18bf2008aec7e75041ffa42eb80b80Kay Sievers * The busctl tool now understands a new "introspect" verb that
a888b352eb53b07daa24fa859ceeb254336b293dLennart Poettering shows all interfaces and members of objects on the bus,
abd55b16547d0bb0ed1c31e72e16838f0f59f48bKay Sievers including their signature and values. This is particularly
abd55b16547d0bb0ed1c31e72e16838f0f59f48bKay Sievers useful to get more information about bus objects shown by
abd55b16547d0bb0ed1c31e72e16838f0f59f48bKay Sievers the new "busctl tree" command.
e8d842a0d0b39f298e1e7f70d29759e50b2b16d4Tom Gundersen * The busctl tool now understands new verbs "call",
b8217b7bd5fd171916a095b150fad4c3a37f5a41Kay Sievers "set-property" and "get-property" for invoking bus method
169c4f65131fbc7bcb51e7d5487a715cdcd0e0ebLennart Poettering calls, setting and getting bus object properties in a
fb0864e7b9c6d26269ccea6ec5c0fd921c029781Lennart Poettering * busctl gained a new --augment-creds= argument that controls
7f110ff9b8828b477e87de7b28c708cf69a3d008Lennart Poettering whether the tool shall augment credential information it
7f110ff9b8828b477e87de7b28c708cf69a3d008Lennart Poettering gets from the bus with data from /proc, in a possibly
d0e5a33374cee92962af33dfc03873e470b014f6Lennart Poettering * nspawn's --link-journal= switch gained two new values
d0e5a33374cee92962af33dfc03873e470b014f6Lennart Poettering "try-guest" and "try-host" that work like "guest" and
87a8baa35d6d65ac3b58ae8e26e338e67f8ae8edLennart Poettering "host", but do not fail if the host has no persistent
87a8baa35d6d65ac3b58ae8e26e338e67f8ae8edLennart Poettering journalling enabled. -j is now equivalent to
87a8baa35d6d65ac3b58ae8e26e338e67f8ae8edLennart Poettering --link-journal=try-guest.
70a44afee385c4afadaab9a002b3f9dd44aedf4aJan Engelhardt * macvlan network devices created by nspawn will now have
65c0cf7108ae3537a357c74b4586a783baba82f9Lennart Poettering stable MAC addresses.
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers * A new SmackProcessLabel= unit setting has been added, which
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers controls the SMACK security label processes forked off by
ad740100d108282d0244d5739d4dcc86fe4c5fdeLennart Poettering the respective unit shall use.
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering * If compiled with --enable-xkbcommon, systemd-localed will
f38afcd0c7f558ca5bf0854b42f8c6954f8ad7f3Lennart Poettering verify x11 keymap settings by compiling the given keymap. It
614cc34f3a2a7c64a21c3f5256f2e2b2c1de1d51Zbigniew Jędrzejewski-Szmek will spew out warnings if the compilation fails. This
614cc34f3a2a7c64a21c3f5256f2e2b2c1de1d51Zbigniew Jędrzejewski-Szmek requires libxkbcommon to be installed.
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt * When a coredump is collected a larger number of metadata
14e639ae7a1dbf156273ce697d30fbc6c6594209Lennart Poettering fields is now collected and included in the journal records
7f8aa67131cfc03ddcbd31c0420754864fc122f0Lennart Poettering created for it. More specifically control group membership,
ff01d048b4c1455241c894cf7982662c9d28fd34Lennart Poettering environment variables, memory maps, working directory,
d3c7d7dd77b2b72315164b672462825cef6c0f9aKay Sievers chroot directory, /proc/$PID/status, and a list of open file
72b9ed828bd22f3ddd74b6853c183eebf006d6d8Lennart Poettering descriptors is now stored in the log entry.
1d6702e8d3877c0bebf3ac817dc45ff72f5ecfa9Lennart Poettering * The udev hwdb now contains DPI information for mice. For
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering http://who-t.blogspot.de/2014/12/building-a-dpi-database-for-mice.html
1258097cd3cdbc5dd3d264850119e553a29c5068Lennart Poettering * All systemd programs that read standalone configuration
1258097cd3cdbc5dd3d264850119e553a29c5068Lennart Poettering files in /etc now also support a corresponding series of
a4c279f87451186b8beb1b8cc21c7cad561ecf4bLennart Poettering .conf.d configuration directories in /etc/, /run/,
a4c279f87451186b8beb1b8cc21c7cad561ecf4bLennart Poettering /usr/local/lib/, /usr/lib/, and (if configured with
55cdcbacf70f05a40a155af24f6d2da6b478cba6Lennart Poettering --enable-split-usr) /lib/. In particular, the following
8d0e38a2b966799af884e78a54fd6a2dffa44788Lennart Poettering configuration files now have corresponding configuration
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering directories: system.conf user.conf, logind.conf,
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering journald.conf, sleep.conf, bootchart.conf, coredump.conf,
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering resolved.conf, timesyncd.conf, journal-remote.conf, and
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering journal-upload.conf. Note that distributions should use the
88a07670cfa974a605c7c7b520b8a3135fce37f9Lennart Poettering configuration directories in /usr/lib/; the directories in
88a07670cfa974a605c7c7b520b8a3135fce37f9Lennart Poettering /etc/ are reserved for the system administrator.
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering * systemd-rfkill will no longer take the rfkill device name
916abb21d0a6653e0187b91591e492026886b0a4Lennart Poettering into account when storing rfkill state on disk, as the name
9534ce54858c67363b841cdbdc315140437bfdb4Lennart Poettering might be dynamically assigned and not stable. Instead, the
9534ce54858c67363b841cdbdc315140437bfdb4Lennart Poettering ID_PATH udev variable combined with the rfkill type (wlan,
68c7d001f4117f0c3d0a4582e32cbb03ae5fac57Lennart Poettering bluetooth, ...) is used.
68c7d001f4117f0c3d0a4582e32cbb03ae5fac57Lennart Poettering * A new service systemd-machine-id-commit.service has been
68c7d001f4117f0c3d0a4582e32cbb03ae5fac57Lennart Poettering added. When used on systems where /etc is read-only during
7a2a0b907b5cc60f5d9a871997d7d6e7f62bf4d8Lennart Poettering boot, and /etc/machine-id is not initialized (but an empty
253ee27a0c7a410d27d490bb79ea97caed6a2b68Lennart Poettering file), this service will copy the temporary machine ID
5d0fcd7c8d29340ac9425c309e8ac436a9af699cLennart Poettering created as replacement into /etc after the system is fully
8bbabc447b1d913bd21faf97c7b17d20d315d2b4Lennart Poettering booted up. This is useful for systems that are freshly
f530371f1f85a070d7d0fb5112146a43533ae00bLennart Poettering installed with a non-initialized machine ID, but should get
e707c49485b8f4f2ec040d3da232d39153e650b9Lennart Poettering a fixed machine ID for subsequent boots.
a73d88fa024b5668ed7dde681e99547d41e6a864Lennart Poettering * networkd's .netdev files now provide a large set of
a74a8793b04de9886b4f6987b9cb86fa02c73520Lennart Poettering configuration parameters for VXLAN devices. Similar, the
3040728b6691ea2e9df3a2060e2d49a792bbaedaLennart Poettering bridge port cost parameter is now configurable in .network
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering files. There's also new support for configuring IP source
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering routing. networkd .link files gained support for a new
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering OriginalName= match that is useful to match against the
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering original interface name the kernel assigned. .network files
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering may include MTU= and MACAddress= fields for altering the MTU
73090dc815390f4fca4e3ed8a7e1d3806605daaaLennart Poettering and MAC address while being connected to a specific network
260abb780a135e4cae8c10715c7e85675efc345aLennart Poettering * The LUKS logic gained supported for configuring
2791a8f8dc8764a9247cdba3562bd4c04010f144Lennart Poettering UUID-specific key files. There's also new support for naming
a8f11321c209830a35edd0357e8def5d4437d854Lennart Poettering LUKS device from the kernel command line, using the new