systemd System and Service Manager
+CHANGES WITH 189:
+
+ * Support for reading structured kernel messages from
+ /dev/kmsg has now been added and is enabled by default.
+
+ * Support for reading kernel messages from /proc/kmsg has now
+ been removed. If you want kernel messages in the journal
+ make sure to run a recent kernel (>= 3.5) that supports
+ reading structured messages from /dev/kmsg (see
+ above). /proc/kmsg is now exclusive property of classic
+ syslog daemons again.
+
+ * The libudev API gained the new
+ udev_device_new_from_device_id() call.
+
+ * The logic for file system namespace (ReadOnlyDirectory=,
+ ReadWriteDirectoy=, PrivateTmp=) has been reworked not to
+ require pivot_root() anymore. This means fewer temporary
+ directories are created below /tmp for this feature.
+
+ * nspawn containers will now see and receive all submounts
+ made on the host OS below the root file system of the
+ container.
+
+ * Forward Secure Sealing is now supported for Journal files,
+ which provide cryptographical sealing of journal files so
+ that attackers cannot alter log history anymore without this
+ being detectable. Lennart will soon post a blog story about
+ this explaining it in more detail.
+
+ * There are two new service settings RestartPreventExitStatus=
+ and SuccessExitStatus= which allow configuration of exit
+ status (exit code or signal) which will be excepted from the
+ restart logic, resp. consider successful.
+
+ * journalctl gained the new --verify switch that can be used
+ to check the integrity of the structure of journal files and
+ (if Forward Secure Sealing is enabled) the contents of
+ journal files.
+
+ * nspawn containers will now be run with /dev/stdin, /dev/fd/
+ and similar symlinks pre-created. This makes running shells
+ as container init process a lot more fun.
+
+ * The fstab support can now handle PARTUUID= and PARTLABEL=
+ entries.
+
+ * A new ConditionHost= condition has been added to match
+ against the hostname (with globs) and machine ID. This is
+ useful for clusters where a single OS image is used to
+ provision a large number of hosts which shall run slightly
+ different sets of services.
+
+ * Services which hit the restart limit will now be placed in a
+ failure state.
+
+ Contributions from Bertram Poettering, Dave Reisner, Huang
+ Hang, Kay Sievers, Lennart Poettering, Lukas Nykryn, Martin
+ Pitt, Simon Peeters, Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 188:
+
+ * When running in --user mode systemd will now become a
+ subreaper (PR_SET_CHILD_SUBREAPER). This should make the ps
+ tree a lot more organized.
+
+ * A new PartOf= unit dependency type has been introduced that
+ may be used to group services in a natural way.
+
+ * "systemctl enable" may now be used to enable instances of
+ services.
+
+ * journalctl now prints error log levels in red, and
+ warning/notice log levels in bright white. It also supports
+ filtering by log level now.
+
+ * cgtop gained a new -n switch (similar to top), to configure
+ the maximum number of iterations to run for. It also gained
+ -b, to run in batch mode (accepting no input).
+
+ * The suffix ".service" may now be ommited on most systemctl
+ command lines involving service unit names.
+
+ * There's a new bus call in logind to lock all sessions, as
+ well as a loginctl verb for it "lock-sessions".
+
+ * libsystemd-logind.so gained a new call sd_journal_perror()
+ that works similar to libc perror() but logs to the journal
+ and encodes structured information about the error number.
+
+ * /etc/crypttab entries now understand the new keyfile-size=
+ option.
+
+ * shutdown(8) now can send a (configurable) wall message when
+ a shutdown is cancelled.
+
+ * The mount propagation mode for the root file system will now
+ default to "shared", which is useful to make containers work
+ nicely out-of-the-box so that they receive new mounts from
+ the host. This can be undone locally by running "mount
+ --make-rprivate /" if needed.
+
+ * The prefdm.service file has been removed. Distributions
+ should maintain this unit downstream if they intend to keep
+ it around. However, we recommend writing normal unit files
+ for display managers instead.
+
+ * Since systemd is a crucial part of the OS we will now
+ default to a number of compiler switches that improve
+ security (hardening) such as read-only relocations, stack
+ protection, and suchlike.
+
+ * The TimeoutSec= setting for services is now split into
+ TimeoutStartSec= and TimeoutStopSec= to allow configuration
+ of individual time outs for the start and the stop phase of
+ the service.
+
+ Contributions from: Artur Zaprzala, Arvydas Sidorenko, Auke
+ Kok, Bryan Kadzban, Dave Reisner, David Strauss, Harald Hoyer,
+ Jim Meyering, Kay Sievers, Lennart Poettering, Mantas
+ Mikulėnas, Martin Pitt, Michal Schmidt, Michal Sekletar, Peter
+ Alfredsen, Shawn Landden, Simon Peeters, Terence Honles, Tom
+ Gundersen, Zbigniew Jędrzejewski-Szmek
+
CHANGES WITH 187:
* The journal and id128 C APIs are now fully documented as man
the initial RAM disk to the main system to avoid accidental
data loss.
- * /etc/crypttab entrie now understand the new keyfile-offset=
+ * /etc/crypttab entries now understand the new keyfile-offset=
option.
* systemctl -t can now be used to filter by unit load state.