systemd System and Service Manager
+CHANGES WITH 210:
+
+ * systemd will now relabel /dev after loading the SMACK policy
+ according to SMACK rules.
+
+ * A new unit file option AppArmorProfile= has been added to
+ set the AppArmor profile for the processes of a unit.
+
+ * A new condition check ConditionArchitecture= has been added
+ to conditionalize units based on the system architecture, as
+ reported by uname()'s "machine" field.
+
+ * systemd-networkd now supports matching on the system
+ virtualization, architecture, kernel command line, host name
+ and machine ID.
+
+ * logind is now a lot more aggressive when suspending the
+ machine due to a closed laptop lid. Instead of acting only
+ on the lid close action it will continuously watch the lid
+ status and act on it. This is useful for laptops where the
+ power button is on the outside of the chassis so that it can
+ be reached without opening the lid (such as the Lenovo
+ Yoga). On those machines logind will now immediately
+ re-suspend the machine if the power button has been
+ accidentally pressed while the laptop was suspended and in a
+ backpack or similar.
+
+ * logind will now watch SW_DOCK switches and inhibit reaction
+ to the lid switch if it is pressed. This means that logind
+ will not suspend the machine anymore if the lid is closed
+ and the system is docked, if the laptop supports SW_DOCK
+ notifications via the input layer. Note that ACPI docking
+ stations do not generate this currently. Also note that this
+ logic is usually not fully sufficient and Desktop
+ Environments should take a lid switch inhibitor lock when an
+ external display is connected, as systemd will not watch
+ this on its own.
+
+ * nspawn will now make use of the devices cgroup controller by
+ default, and only permit creation of and access to the usual
+ API device nodes like /dev/null or /dev/random, as well as
+ access to (but not creation of) the pty devices.
+
+ * We will now ship a default .network file for
+ systemd-networkd that automatically configures DHCP for
+ network interfaces created by nspawn's --network-veth or
+ --network-bridge= switches.
+
+ * systemd will now understand the usual M, K, G, T suffixes
+ according to SI conventions (i.e. to the base 1000) when
+ referring to throughput and hardware metrics. It will stay
+ with IEC conventions (i.e. to the base 1024) for software
+ metrics, according to what is customary according to
+ Wikipedia. We explicitly document which base applies for
+ each configuration option.
+
+ * The DeviceAllow= setting in unit files now supports a syntax
+ to whitelist an entire group of devices node majors at once,
+ based on the /proc/devices listing. For example, with the
+ string "char-pts" it is now possible to whitelist all
+ current and future pseudo-TTYs at once.
+
+ * sd-event learned a new "post" event source. Event sources of
+ this type are triggered by the dispatching of any event
+ source of a type that is not "post". This is useful for
+ implementing clean-up and check event sources that are
+ triggered by other work being done in the program.
+
+ * systemd-networkd is no longer statically enabled, but uses
+ the usual [Install] sections so that it can be
+ enabled/disabled using systemctl. It still is enabled by
+ default however.
+
+ * When creating a veth interface pair with systemd-nspawn the
+ host side will now be prefixed with "vb-" if
+ --network-bridge= is used, and with "ve-" if --network-veth
+ is used. This way it is easy to distinguish these cases on
+ the host, for example to apply different configuration to
+ them with systemd-networkd.
+
+ * The compatibility libraries for libsystemd-journal.so,
+ libsystem-id128.so, libsystemd-login.so and
+ libsystemd-daemon.so do not make use of IFUNC
+ anymore. Instead we now build libsystemd.so multiple times
+ under these alternative names. This means that the footprint
+ is drastically increased, but given that these are
+ transitional compatibility libraries this shouldn't matter
+ much. This change has been made necessary to support the ARM
+ platform for these compatibility libraries, as the ARM
+ toolchain isn't really at the same level as the toolchain
+ for other architectures like x86 and does not support
+ IFUNC. Please make sure to use --enable-compat-libs only
+ during a transitional period!
+
+ Contributions from: Andreas Fuchs, Armin K, Colin Walters,
+ Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
+ Holger Schurig, Jason A. Donenfeld, Jason St. John, Jasper
+ St. Pierre, Kay Sievers, Lennart Poettering, Łukasz Stelmach,
+ Marcel Holtmann, Michael Scherer, Michal Sekletar, Mike
+ Gilbert, Samuli Suominen, Thomas Bächler, Thomas Hindoe
+ Paaboel Andersen, Tom Gundersen, Umut Tezduyar Lindskog,
+ Zbigniew Jędrzejewski-Szmek
+
+ -- Berlin, 2014-02-24
+
CHANGES WITH 209:
* A new component "systemd-networkd" has been added that can
MTU, duplex settings, Wake-on-LAN settings, MAC address, MAC
address assignment policy (randomized, ...).
+ * The configuration of network interface naming rules for
+ "permanent interface names" has changed: a new NamePolicy=
+ setting in the [Link] section of .link files determines the
+ priority of possible naming schemes (onboard, slot, mac,
+ path). The default value of this setting is determined by
+ /usr/lib/net/links/99-default.link. Old
+ 80-net-name-slot.rules udev configuration file has been
+ removed, so local configuration overriding this file should
+ be adapated to override 99-default.link instead.
+
* When the User= switch is used in a unit file, also
initialize $SHELL= based on the user database entry.
LDAP, etc. This API is based on libasyncns, but it has been
cleaned up for inclusion in systemd.
- * The APIs "sd-journal.h", "sd-login.h", "sd-id128.h" are no
- longer found in individual libraries libsystemd-journal.so,
- libsystemd-login.so, libsystemd-id128.so. Instead, we have
+ * The APIs "sd-journal.h", "sd-login.h", "sd-id128.h",
+ "sd-daemon.h" are no longer found in individual libraries
+ libsystemd-journal.so, libsystemd-login.so,
+ libsystemd-id128.so, libsystemd-daemon.so. Instead, we have
merged them into a single library, libsystemd.so, which
provides all symbols. The reason for this is cyclic
dependencies, as these libraries tend to use each other's
- symbols. So far, we've managed to workaround that by linking a
- copy of a good part of our code into each of these libraries
- again and again, which, however, makes certain things hard to
- do, like sharing static variables. Also, it substantially
- increases footprint. With this change, there is only one
- library for the basic APIs systemd provides. Also,
- "sd-bus.h", "sd-memfd.h", "sd-event.h", "sd-rtnl.h",
- "sd-resolve.h", "sd-utf8.h" are found in this library as
- well, however are subject to the --enable-kdbus switch (see
- below). Note that "sd-dhcp-client.h" and "sd-daemon.h" are not
- part of this library (the former because it only consumes,
- never provides, services of/to other APIs, and the latter
- because it is completely standalone). To make the transition
+ symbols. So far, we've managed to workaround that by linking
+ a copy of a good part of our code into each of these
+ libraries again and again, which, however, makes certain
+ things hard to do, like sharing static variables. Also, it
+ substantially increases footprint. With this change, there
+ is only one library for the basic APIs systemd
+ provides. Also, "sd-bus.h", "sd-memfd.h", "sd-event.h",
+ "sd-rtnl.h", "sd-resolve.h", "sd-utf8.h" are found in this
+ library as well, however are subject to the --enable-kdbus
+ switch (see below). Note that "sd-dhcp-client.h" is not part
+ of this library (this is because it only consumes, never
+ provides, services of/to other APIs). To make the transition
easy from the separate libraries to the unified one, we
provide the --enable-compat-libs compile-time switch which
will generate stub libraries that are compatible with the
* systemd-nspawn gained a new --personality= switch for
setting the kernel personality for the container. This is
- useful when running a 32bit container on a 64bit host.
+ useful when running a 32bit container on a 64bit host. A
+ similar option Personality= is now also available in service
+ units.
* logind will now also track a "Desktop" identifier for each
session which encodes the desktop environment of it. This is
SystemCallArchitectures= setting in system.conf now to turn
off support for non-native system calls system-wide.
+ * systemd requires a kernel with a working name_to_handle_at(),
+ please see the kernel config requirements in the README file.
+
Contributions from: Adam Williamson, Alex Jia, Anatol Pomozov,
Ansgar Burchardt, AppleBloom, Auke Kok, Bastien Nocera,
Chengwei Yang, Christian Seiler, Colin Guthrie, Colin Walters,
Pavlín, Vincent Batts, WaLyong Cho, William Giokas, Yang
Zhiyong, Yin Kangkai, Yuxuan Shui, Zbigniew Jędrzejewski-Szmek
- -- Berlin, 2014-02-xx
+ -- Berlin, 2014-02-20
CHANGES WITH 208:
~ianmdlvl / elogind.git / blobdiff