systemd System and Service Manager
+CHANGES WITH 215:
+ * A new system group "input" is introduced, all input
+ device nodes get this group assigned. This is useful for
+ system-level software to get access to input devices. It
+ complements what is already done for "audio" and "video".
+
+CHANGES WITH 214:
+
+ * As an experimental feature, udev now tries to lock the
+ disk device node (flock(LOCK_SH|LOCK_NB)) while it
+ executes events for the disk or any of its partitions.
+ Applications like partitioning programs can lock the
+ disk device node (flock(LOCK_EX)) and claim temporary
+ device ownership that way; udev will entirely skip all event
+ handling for this disk and its partitions. If the disk
+ was opened for writing, the close will trigger a partition
+ table rescan in udev's "watch" facility, and if needed
+ synthesize "change" events for the disk and all its partitions.
+ This is now unconditionally enabled, if it turns out to
+ cause major problems, we might turn it on only for specific
+ devices, or might need to disable it entirely. Device-mapper
+ devices are excluded from this logic.
+
+ * We temporarily dropped the "-l" switch for fsck invocations,
+ since they collide with the flock() logic above. util-linux
+ upstream has been changed already to avoid this conflict,
+ and we will readd "-l" as soon as util-linux with this
+ change has been released.
+
+ * The dependency on libattr has been removed. Since a long
+ time the extended attribute calls have moved to glibc, and
+ libattr is thus unnecessary.
+
+ * Virtualization detection works without priviliges now. This
+ means the systemd-detect-virt binary no longer requires
+ CAP_SYS_PTRACE file capabilities, and our daemons can run
+ with fewer privileges.
+
+ * systemd-networkd now runs under its own "systemd-network"
+ user. It retains the CAP_NET_ADMIN, CAP_NET_BIND_SERVICE,
+ CAP_NET_BROADCAST, CAP_NET_RAW capabilities though, but
+ loses the ability to write to files owned by root this way.
+
+ * Similar, systemd-resolved now runs under its own
+ "systemd-resolve" user with no capabilities remaining.
+
+ * Similar, systemd-bus-proxyd now runs under its own
+ "systemd-bus-proxy" user with only CAP_IPC_OWNER remaining.
+
+ * systemd-networkd gained support for setting up "veth"
+ virtual ethernet devices for container connectivity, as well
+ as GRE and VTI tunnels.
+
+ * systemd-networkd will no longer automatically attempt to
+ manually load kernel modules necessary for certain tunnel
+ transports. Instead it is assumed the kernel loads them
+ automatically when required. This only works correctly on
+ very new kernels. On older kernels, please consider adding
+ the kernel modules to /etc/modules-load.d/ as a work-around.
+
+ * The resolv.conf file systemd-resolved generates has been
+ moved to /run/systemd/resolve/, if you have a symlink from
+ /etc/resolv.conf it might be necessary to correct it.
+
+ * Two new service settings ProtectedHome= and ProtectedSystem=
+ have been added. When enabled they will make the user data
+ (such as /home) inaccessible or read-only and the system
+ (such as /usr) read-only, for specific services. This allows
+ very light-weight per-service sandboxing to avoid
+ modifications of user data or system files from
+ services. These two new switches have been enabled for all
+ of systemd's long-running services, where appropriate.
+
+ * Socket units gained new SocketUser= and SocketGroup=
+ settings to set the owner user and group of AF_UNIX sockets
+ and FIFOs in the file system.
+
+ * Socket units gained a new RemoveOnStop= setting. If enabled
+ all FIFOS and sockets in the file system will be removed
+ when the specific socket unit is stopped.
+
+ * Socket units gained a new Symlinks= setting. It takes a list
+ of symlinks to create to file system sockets or FIFOs
+ created by the specific unix sockets. This is useful to
+ manage symlinks to socket nodes with the same life-cycle as
+ the socket itself.
+
+ * The /dev/log socket and /dev/initctl FIFO have been moved to
+ /run, and have been replaced by symlinks. This allows
+ connecting to these facilities even if PrivateDevices=yes is
+ used for a service (which makes /dev/log itself unavailable,
+ but /run is left). This also has the benefit of ensuring
+ that /dev only contains device nodes, directories and
+ symlinks, and nothing else.
+
+ * sd-daemon gained two new calls sd_pid_notify() and
+ sd_pid_notifyf(). They are similar to sd_notify() and
+ sd_notifyf(), but allow overriding of the source PID of
+ notification messages if permissions permit this. This is
+ useful to send notify messages on behalf of a different
+ process (for example, the parent process). The
+ systemd-notify tool has been updated to make use of this
+ when sending messages (so that notification messages now
+ originate from the shell script invoking systemd-notify and
+ not the systemd-notify process itself. This should minimize
+ a race where systemd fails to associate notification
+ messages to services when the originating process already
+ vanished.
+
+ * A new "on-abnormal" setting for Restart= has been added. If
+ set it will result in automatic restarts on all "abnormal"
+ reasons for a process to exit, which includes unclean
+ signals, core dumps, timeouts and watchdog timeouts, but
+ does not include clean and unclean exit codes or clean
+ signals. Restart=on-abnormal is an alternative for
+ Restart=on-failure for services that shall be able to
+ terminate and avoid restarts on certain errors, by
+ indicating so with an unclean exit code. Restart=on-failure
+ or Restart=on-abnormal is now the recommended setting for
+ all long-running services.
+
+ * If the InaccessibleDirectories= service setting points to a
+ mount point (or if there are any submounts contained within
+ it), it is now attempted to completely unmount it, to make
+ the file systems truly unavailable for the respective
+ service.
+
+ * The ReadOnlyDirectories= service setting and
+ systemd-nspawn's --read-only parameter are now recursively
+ applied to all submounts, too.
+
+ * Mount units may now be created transiently via the bus APIs.
+
+ * The support for SysV and LSB init scripts has been removed
+ from the systemd daemon itself. Instead, it is now
+ implemented as a generator that creates native systemd units
+ from these scripts when needed. This enables us to remove a
+ substantial amount of legacy code from PID 1, following the
+ fact that many distributions only ship a very small number
+ of LSB/SysV init scripts nowadays.
+
+ * Priviliged Xen (dom0) domains are not considered
+ virtualization anymore by the virtualization detection
+ logic. After all, they generally have unrestricted access to
+ the hardware and usually are used to manage the unprivileged
+ (domU) domains.
+
+ * systemd-tmpfiles gained a new "C" line type, for copying
+ files or entire directories.
+
+ * systemd-tmpfiles "m" lines are now fully equivalent to "z"
+ lines. So far they have been non-globbing versions of the
+ latter, and have thus been redundant. In future it is
+ recommended to only use "z"; and "m" has hence been removed
+ from the documentation, even though it stays supported.
+
+ * A tmpfiles snippet to recreate the most basic structure in
+ /var has been added. This is enough to create the /var/run →
+ /run symlink and create a couple of structural
+ directories. This allows systems to boot up with an empty or
+ volatile /var. Of course, while with this change the core OS
+ now is capable with dealing with a volatile /var not all
+ user services are ready for it. However, we hope that sooner
+ or later many service daemons will be changed upstream so
+ that they are able to automatically create their necessary
+ directories in /var at boot, should they be missing. This is
+ the first step to allow state-less systems that only require
+ the vendor image for /usr to boot.
+
+ * systemd-nspawn has gained a new --tmpfs= switch to mount an
+ empty tmpfs instance to a specific directory. This is
+ particularly useful for making use of the automatic
+ reconstruction of /var (see above), by passing --tmpfs=/var.
+
+ * Access modes specified in tmpfiles snippets may now be
+ prefixed with "~", which indicates that they shall be masked
+ by whether the existing file or directly is currently
+ writable, readable or executable at all. Also, if specified
+ the sgid/suid/sticky bits will be masked for all
+ non-directories.
+
+ * A new passive target unit "network-pre.target" has been
+ added which is useful for services that shall run before any
+ network is configured, for example firewall scripts.
+
+ * The "floppy" group that previously owned the /dev/fd*
+ devices is no longer used. The "disk" group is now used
+ instead. Distributions should probably deprecate usage of
+ this group.
+
+ Contributions from: Camilo Aguilar, Christian Hesse, Colin Ian
+ King, Cristian Rodríguez, Daniel Buch, Dave Reisner, David
+ Strauss, Denis Tikhomirov, John, Jonathan Liu, Kay Sievers,
+ Lennart Poettering, Mantas Mikulėnas, Mark Eichin, Ronny
+ Chevalier, Susant Sahani, Thomas Blume, Thomas Hindoe Paaboel
+ Andersen, Tom Gundersen, Umut Tezduyar Lindskog, Zbigniew
+ Jędrzejewski-Szmek
+
+ -- Berlin, 2014-06-11
+
CHANGES WITH 213:
* A new "systemd-timesyncd" daemon has been added for
implements an SNTP client. In contrast to NTP
implementations such as chrony or the NTP reference server
this only implements a client side, and does not bother with
- the full NTP complexity, focusing only on querying time
- from one remote server and synchronizing the local clock to
+ the full NTP complexity, focusing only on querying time from
+ one remote server and synchronizing the local clock to
it. Unless you intend to serve NTP to networked clients or
want to connect to local hardware clocks this simple NTP
client should be more than appropriate for most
early at bootup, in order to accommodate for systems that
lack an RTC such as the Raspberry Pi and embedded devices,
and make sure that time monotonically progresses on these
- systems, even if it is not always correct.
+ systems, even if it is not always correct. To make use of
+ this daemon a new system user and group "systemd-timesync"
+ needs to be created on installation of systemd.
* The queue "seqnum" interface of libudev has been disabled, as
it was generally incompatible with device namespacing as
* "systemctl list-timers" and "systemctl list-sockets" gained
a --recursive switch for showing units of these types also
- for all local containers, similar in style to the
- --recursive switch "systemctl list-units" already supports.
+ for all local containers, similar in style to the already
+ supported --recursive switch for "systemctl list-units".
* A new RebootArgument= setting has been added for service
units, which may be used to specify a kernel reboot argument
- for usage when triggering reboots with StartLimitAction=.
+ to use when triggering reboots with StartLimitAction=.
* A new FailureAction= setting has been added for service
units which may be used to specify an operation to trigger
- when a service fails. This works similar to
+ when a service fails. This works similarly to
StartLimitAction=, but unlike it controls what is done
immediately rather than only after several attempts to
restart the service in question.
* hostnamed got updated to also expose the kernel name,
- release and version on the bus. This is useful for executing
- commands like hostnamectl with the -H switch.
+ release, and version on the bus. This is useful for
+ executing commands like hostnamectl with the -H switch.
+ systemd-analyze makes use of this to properly display
+ details when running non-locally.
* The bootchart tool can now show cgroup information in the
graphs it generates.
of network configuration performed in some other way.
* Two new service options StartupCPUShares= and
- StartupBlockIOWeight= have been added that work similar to
+ StartupBlockIOWeight= have been added that work similarly to
CPUShares= and BlockIOWeight= however only apply during
system startup. This is useful to prioritize certain services
differently during bootup than during normal runtime.
- Contributions from: Ali H. Caliskan, Alison Chaiken, Bas van
+ * hostnamed has been changed to prefer the statically
+ configured hostname in /etc/hostname (unless set to
+ 'localhost' or empty) over any dynamic one supplied by
+ dhcp. With this change the rules for picking the hostname
+ match more closely the rules of other configuration settings
+ where the local administrator's configuration in /etc always
+ overrides any other settings.
+
+ Contributions fron: Ali H. Caliskan, Alison Chaiken, Bas van
den Berg, Brandon Philips, Cristian Rodríguez, Daniel Buch,
Dan Kilman, Dave Reisner, David Härdeman, David Herrmann,
David Strauss, Dimitris Spingos, Djalal Harouni, Eelco
Engelhardt, Jani Nikula, Jason St. John, Jeffrey Clark,
Jonathan Boulle, Kay Sievers, Lennart Poettering, Lukas
Nykryn, Lukasz Skalski, Łukasz Stelmach, Mantas Mikulėnas,
- Marcel Holtmann, Matthew Monaco, Michael Marineau, Michael
- Olbrich, Michal Sekletar, Mike Gilbert, Nis Martensen, Patrik
- Flykt, Philip Lorenz, poma, Ray Strode, Robert Milasan, Scott
- Thrasher, Steven Siloti, Susant Sahani, Tanu Kaskinen, Thomas
- Bächler, Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut
- Tezduyar Lindskog, WaLyong Cho, Will Woods, Zbigniew
+ Marcel Holtmann, Martin Pitt, Matthew Monaco, Michael
+ Marineau, Michael Olbrich, Michal Sekletar, Mike Gilbert, Nis
+ Martensen, Patrik Flykt, Philip Lorenz, poma, Ray Strode,
+ Reyad Attiyat, Robert Milasan, Scott Thrasher, Stef Walter,
+ Steven Siloti, Susant Sahani, Tanu Kaskinen, Thomas Bächler,
+ Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar
+ Lindskog, WaLyong Cho, Will Woods, Zbigniew
Jędrzejewski-Szmek
- -- Beijing, 2014-05-24
+ -- Beijing, 2014-05-28
CHANGES WITH 212:
* sd-login gained new calls
sd_peer_get_{session,owner_uid,unit,user_unit,slice,machine_name}(),
to query the identity of the peer of a local AF_UNIX
- connection. They operate similar to their sd_pid_get_xyz()
+ connection. They operate similarly to their sd_pid_get_xyz()
counterparts.
* PID 1 will now maintain a system-wide system state engine
* systemd-nspawn gained a new --network-macvlan= setting to
set up a private macvlan interface for the
- container. Similar, systemd-networkd gained a new
+ container. Similarly, systemd-networkd gained a new
Kind=macvlan setting in .netdev files.
* systemd-networkd now supports configuring local addresses
not available as public API.
* systemd will now look for the "debug" argument on the kernel
- command line and enable debug logging, similar to
+ command line and enable debug logging, similar to what
"systemd.log_level=debug" already did before.
* "systemctl set-default", "systemctl get-default" has been
* The various "environment" files, such as /etc/locale.conf
now support continuation lines with a backslash ("\") as
- last character in the line, similar in style (but different)
+ last character in the line, similarly in style (but different)
to how this is supported in shells.
* For normal user processes the _SYSTEMD_USER_UNIT= field is
* "systemctl unlock-sessions" has been added, that allows
unlocking the screens of all user sessions at once, similar
- how "systemctl lock-sessions" already locked all users
+ to how "systemctl lock-sessions" already locked all users
sessions. This is backed by a new D-Bus call UnlockSessions().
* "loginctl seat-status" will now show the master device of a
pager. This is only supported in conjunction with "less".
* journalctl gained a new "--user-unit=" option, that works
- similar to "--unit=" but filters for user units rather than
+ similarly to "--unit=" but filters for user units rather than
system units.
* A number of unit files to ease adoption of systemd in
~ianmdlvl / elogind.git / blobdiff