From: Lennart Poettering Date: Thu, 19 Apr 2018 14:51:04 +0000 (+0200) Subject: update NEWS X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=440e567596e42b97ba7b7bcaa558c1252b82304b;p=elogind.git update NEWS --- diff --git a/NEWS b/NEWS index 7431c070a..642ad4d04 100644 --- a/NEWS +++ b/NEWS @@ -3,24 +3,11 @@ systemd System and Service Manager CHANGES WITH 239 in spe: * NETWORK INTERFACE DEVICE NAMING CHANGES: elogind-udevd's "net_id" - builtin will name network interfaces differently than in previous - versions for virtual network interfaces created with SR-IOV and NPAR - and for devices where the PCI network controller device does not have - a slot number associated. - - SR-IOV virtual devices are now named based on the name of the parent - interface, with a suffix of "v", where is the virtual device - number. Previously those virtual devices were named as if completely - independent. - - The ninth and later NPAR virtual devices will be named following the - scheme used for the first eight NPAR partitions. Previously those - devices were not renamed and the kernel default (eth) was used. - - "net_id" will also generate names for PCI devices where the PCI - network controller device does not have an associated slot number - itself, but one of its parents does. Previously those devices were - not renamed and the kernel default (eth) was used. + builtin may name network interfaces differently than in previous + versions. SR-IOV virtual functions and NPAR partitions with PCI + function numbers of 8 and above will be named more predictably, and + udev may generate names based on the PCI slot number in some cases + where it previously did not. * AF_INET and AF_INET6 are dropped from RestrictAddressFamilies= in elogind.service. Since v235, IPAddressDeny=any has been set to @@ -59,6 +46,15 @@ CHANGES WITH 239 in spe: both runtime and persistent enablement/masking, i.e. it will remove any relevant symlinks both in /run and /etc. + * Note that all long-running system services shipped with elogind will + now default to a system call whitelist (rather than a blacklist, as + before). In particular, elogind-udevd will now enforce one too. For + most cases this should be safe, however downstream distributions + which disabled sandboxing of elogind-udevd (specifically the + MountFlags= setting), might want to disable this security feature + too, as the default whitelisting will prohibit all mount, swap, + reboot and clock changing operations from udev rules. + * sd-boot acquired new loader configuration settings to optionally turn off Windows and MacOS boot partition discovery as well as reboot-into-firmware menu items. It is also able to pick a better @@ -322,27 +318,27 @@ CHANGES WITH 239 in spe: J. Murrell, Bruno Vernay, Chris Lesiak, Christian Brauner, Christian Hesse, Daniel Dao, Daniel Lin, Danylo Korostil, Davide Cavalca, David Tardon, Dimitri John Ledkov, Dmitriy Geels, Douglas Christman, Elia - Geretto, emelenas, Emil Velikov, Evgeny Vereshchagin, Felipe Sateler, - Feng Sun, Filipe Brandenburger, Franck Bui, futpib, Giuseppe Scrivano, - Guillem Jover, guixxx, Hans de Goede, Henrique Dante de Almeida, Hiram - van Paassen, Ian Miell, Igor Gnatenko, Ivan Shapovalov, Iwan Timmer, + Geretto, emelenas, Evegeny Vereshchagin, Evgeny Vereshchagin, Felipe + Sateler, Feng Sun, Filipe Brandenburger, Franck Bui, futpib, Giuseppe + Scrivano, Guillem Jover, guixxx, Hans de Goede, Henrique Dante de + Almeida, Hiram van Paassen, Ian Miell, Igor Gnatenko, Ivan Shapovalov, James Cowgill, Jan Janssen, Jan Synacek, Jared Kazimir, João Paulo Rechi Vita, Joost Heitbrink, Jui-Chi Ricky Liang, Jürg Billeter, Kai-Heng Feng, Karol Augustin, Krzysztof Nowicki, Lauri Tirkkonen, Lennart Poettering, Leonard König, Long Li, Luca Boccassi, Lucas Werkmeister, Marcel Hoppe, Marc Kleine-Budde, Mario Limonciello, Martin Jansa, Martin Wilck, Mathieu Malaterre, Matteo F. Vescovi, Matthew - McGinn, Matthias-Christian Ott, Michael Biebl, Michael Olbrich, Michael - Prokop, Michal Koutný, Michal Sekletar, Mike Gilbert, Mikhail Kasimov, - Milan Broz, Milan Pässler, Muhammet Kara, Nicolas Boichat, Omer Katz, - Paride Legovini, Paul Menzel, Paul Milliken, Pavel Hrdina, Peter - A. Bigot, Peter Hutterer, Peter Jones, Philip Sequeira, Philip - Withnall, Piotr Drąg, Radostin Stoyanov, Ricardo Salveti de Araujo, - Rosen Penev, Rubén Suárez Alvarez, Ryan Gonzalez, Salvo Tomaselli, - Sebastian Reichel, Sergio Lindo Mansilla, Stefan Schweter, Stephen - Hemminger, Stuart Hayes, Susant Sahani, Sylvain Plantefève, Thomas - H. P. Andersen, Tobias Jungel, Tomasz Torcz, Vito Caputo, Will Dietz, - Will Thompson, Wim van Mourik, Yu Watanabe, Zbigniew Jędrzejewski-Szmek + McGinn, Michael Biebl, Michael Olbrich, Michael Prokop, Michal Koutný, + Michal Sekletar, Mike Gilbert, Mikhail Kasimov, Milan Broz, Milan + Pässler, Muhammet Kara, Nicolas Boichat, Omer Katz, Paride Legovini, + Paul Menzel, Paul Milliken, Pavel Hrdina, Peter A. Bigot, Peter + Hutterer, Peter Jones, Philip Sequeira, Philip Withnall, Piotr Drąg, + Radostin Stoyanov, Ricardo Salveti de Araujo, Rosen Penev, Rubén Suárez + Alvarez, Ryan Gonzalez, Salvo Tomaselli, Sebastian Reichel, Sergio + Lindo Mansilla, Stefan Schweter, Stephen Hemminger, Stuart Hayes, + Susant Sahani, Sylvain Plantefève, Thomas H. P. Andersen, Tobias + Jungel, Tomasz Torcz, Vito Caputo, Will Dietz, Will Thompson, Wim van + Mourik, Yu Watanabe, Zbigniew Jędrzejewski-Szmek — Berlin, 2018-06-XX