systemd System and Service Manager
+CHANGES WITH 213:
+
+ * A new "systemd-timesyncd" daemon has been added for
+ synchronizing the system clock across the network. It
+ implements an SNTP client. In contrast to NTP
+ implementations such as chrony or the NTP reference server
+ this only implements a client side, and does not bother with
+ the full NTP complexity, focusing only on querying time from
+ one remote server and synchronizing the local clock to
+ it. Unless you intend to serve NTP to networked clients or
+ want to connect to local hardware clocks this simple NTP
+ client should be more than appropriate for most
+ installations. The daemon runs with minimal privileges, and
+ has been hooked up with networkd to only operate when
+ network connectivity is available. The daemon saves the
+ current clock to disk every time a new NTP sync has been
+ acquired, and uses this to possibly correct the system clock
+ early at bootup, in order to accommodate for systems that
+ lack an RTC such as the Raspberry Pi and embedded devices,
+ and make sure that time monotonically progresses on these
+ systems, even if it is not always correct. To make use of
+ this daemon a new system user and group "systemd-timesync"
+ needs to be created on installation of systemd.
+
+ * The queue "seqnum" interface of libudev has been disabled, as
+ it was generally incompatible with device namespacing as
+ sequence numbers of devices go "missing" if the devices are
+ part of a different namespace.
+
+ * "systemctl list-timers" and "systemctl list-sockets" gained
+ a --recursive switch for showing units of these types also
+ for all local containers, similar in style to the already
+ supported --recursive switch for "systemctl list-units".
+
+ * A new RebootArgument= setting has been added for service
+ units, which may be used to specify a kernel reboot argument
+ to use when triggering reboots with StartLimitAction=.
+
+ * A new FailureAction= setting has been added for service
+ units which may be used to specify an operation to trigger
+ when a service fails. This works similarly to
+ StartLimitAction=, but unlike it controls what is done
+ immediately rather than only after several attempts to
+ restart the service in question.
+
+ * hostnamed got updated to also expose the kernel name,
+ release, and version on the bus. This is useful for
+ executing commands like hostnamectl with the -H switch.
+ systemd-analyze makes use of this to properly display
+ details when running non-locally.
+
+ * The bootchart tool can now show cgroup information in the
+ graphs it generates.
+
+ * The CFS CPU quota cgroup attribute is now exposed for
+ services. The new CPUQuota= switch has been added for this
+ which takes a percentage value. Setting this will have the
+ result that a service may never get more CPU time than the
+ specified percentage, even if the machine is otherwise idle.
+
+ * systemd-networkd learned IPIP and SIT tunnel support.
+
+ * LSB init scripts exposing a dependency on $network will now
+ get a dependency on network-online.target rather than simply
+ network.target. This should bring LSB handling closer to
+ what it was on SysV systems.
+
+ * A new fsck.repair= kernel option has been added to control
+ how fsck shall deal with unclean file systems at boot.
+
+ * The (.ini) configuration file parser will now silently
+ ignore sections whose name begins with "X-". This may be
+ used to maintain application-specific extension sections in unit
+ files.
+
+ * machined gained a new API to query the IP addresses of
+ registered containers. "machinectl status" has been updated
+ to show these addresses in its output.
+
+ * A new call sd_uid_get_display() has been added to the
+ sd-login APIs for querying the "primary" session of a
+ user. The "primary" session of the user is elected from the
+ user's sessions and generally a graphical session is
+ preferred over a text one.
+
+ * A minimal systemd-resolved daemon has been added. It
+ currently simply acts as a companion to systemd-networkd and
+ manages resolv.conf based on per-interface DNS
+ configuration, possibly supplied via DHCP. In the long run
+ we hope to extend this into a local DNSSEC enabled DNS and
+ mDNS cache.
+
+ * The systemd-networkd-wait-online tool is now enabled by
+ default. It will delay network-online.target until a network
+ connection has been configured. The tool primarily integrates
+ with networkd, but will also make a best effort to make sense
+ of network configuration performed in some other way.
+
+ * Two new service options StartupCPUShares= and
+ StartupBlockIOWeight= have been added that work similarly to
+ CPUShares= and BlockIOWeight= however only apply during
+ system startup. This is useful to prioritize certain services
+ differently during bootup than during normal runtime.
+
+ * hostnamed has been changed to prefer the statically
+ configured hostname in /etc/hostname (unless set to
+ 'localhost' or empty) over any dynamic one supplied by
+ dhcp. With this change the rules for picking the hostname
+ match more closely the rules of other configuration settings
+ where the local administrator's configuration in /etc always
+ overrides any other settings.
+
+ Contributions fron: Ali H. Caliskan, Alison Chaiken, Bas van
+ den Berg, Brandon Philips, Cristian Rodríguez, Daniel Buch,
+ Dan Kilman, Dave Reisner, David Härdeman, David Herrmann,
+ David Strauss, Dimitris Spingos, Djalal Harouni, Eelco
+ Dolstra, Evan Nemerson, Florian Albrechtskirchinger, Greg
+ Kroah-Hartman, Harald Hoyer, Holger Hans Peter Freyther, Jan
+ Engelhardt, Jani Nikula, Jason St. John, Jeffrey Clark,
+ Jonathan Boulle, Kay Sievers, Lennart Poettering, Lukas
+ Nykryn, Lukasz Skalski, Łukasz Stelmach, Mantas Mikulėnas,
+ Marcel Holtmann, Martin Pitt, Matthew Monaco, Michael
+ Marineau, Michael Olbrich, Michal Sekletar, Mike Gilbert, Nis
+ Martensen, Patrik Flykt, Philip Lorenz, poma, Ray Strode,
+ Reyad Attiyat, Robert Milasan, Scott Thrasher, Stef Walter,
+ Steven Siloti, Susant Sahani, Tanu Kaskinen, Thomas Bächler,
+ Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar
+ Lindskog, WaLyong Cho, Will Woods, Zbigniew
+ Jędrzejewski-Szmek
+
+ -- Beijing, 2014-05-28
+
+CHANGES WITH 212:
+
+ * When restoring the screen brightness at boot, stay away from
+ the darkest setting or from the lowest 5% of the available
+ range, depending on which is the larger value of both. This
+ should effectively protect the user from rebooting into a
+ black screen, should the brightness have been set to minimum
+ by accident.
+
+ * sd-login gained a new sd_machine_get_class() call to
+ determine the class ("vm" or "container") of a machine
+ registered with machined.
+
+ * sd-login gained new calls
+ sd_peer_get_{session,owner_uid,unit,user_unit,slice,machine_name}(),
+ to query the identity of the peer of a local AF_UNIX
+ connection. They operate similarly to their sd_pid_get_xyz()
+ counterparts.
+
+ * PID 1 will now maintain a system-wide system state engine
+ with the states "starting", "running", "degraded",
+ "maintenance", "stopping". These states are bound to system
+ startup, normal runtime, runtime with at least one failed
+ service, rescue/emergency mode and system shutdown. This
+ state is shown in the "systemctl status" output when no unit
+ name is passed. It is useful to determine system state, in
+ particularly when doing so for many systems or containers at
+ once.
+
+ * A new command "list-machines" has been added to "systemctl"
+ that lists all local OS containers and shows their system
+ state (see above), if systemd runs inside of them.
+
+ * systemctl gained a new "-r" switch to recursively enumerate
+ units on all local containers, when used with the
+ "list-unit" command (which is the default one that is
+ executed when no parameters are specified).
+
+ * The GPT automatic partition discovery logic will now honour
+ two GPT partition flags: one may be set on a partition to
+ cause it to be mounted read-only, and the other may be set
+ on a partition to ignore it during automatic discovery.
+
+ * Two new GPT type UUIDs have been added for automatic root
+ partition discovery, for 32-bit and 64-bit ARM. This is not
+ particularly useful for discovering the root directory on
+ these architectures during bare-metal boots (since UEFI is
+ not common there), but still very useful to allow booting of
+ ARM disk images in nspawn with the -i option.
+
+ * MAC addresses of interfaces created with nspawn's
+ --network-interface= switch will now be generated from the
+ machine name, and thus be stable between multiple invocations
+ of the container.
+
+ * logind will now automatically remove all IPC objects owned
+ by a user if she or he fully logs out. This makes sure that
+ users who are logged out cannot continue to consume IPC
+ resources. This covers SysV memory, semaphores and message
+ queues as well as POSIX shared memory and message
+ queues. Traditionally, SysV and POSIX IPC had no life-cycle
+ limits. With this functionality, that is corrected. This may
+ be turned off by using the RemoveIPC= switch of logind.conf.
+
+ * The systemd-machine-id-setup and tmpfiles tools gained a
+ --root= switch to operate on a specific root directory,
+ instead of /.
+
+ * journald can now forward logged messages to the TTYs of all
+ logged in users ("wall"). This is the default for all
+ emergency messages now.
+
+ * A new tool systemd-journal-remote has been added to stream
+ journal log messages across the network.
+
+ * /sys/fs/cgroup/ is now mounted read-only after all cgroup
+ controller trees are mounted into it. Note that the
+ directories mounted beneath it are not read-only. This is a
+ security measure and is particularly useful because glibc
+ actually includes a search logic to pick any tmpfs it can
+ find to implement shm_open() if /dev/shm is not available
+ (which it might very well be in namespaced setups).
+
+ * machinectl gained a new "poweroff" command to cleanly power
+ down a local OS container.
+
+ * The PrivateDevices= unit file setting will now also drop the
+ CAP_MKNOD capability from the capability bound set, and
+ imply DevicePolicy=closed.
+
+ * PrivateDevices=, PrivateNetwork= and PrivateTmp= is now used
+ comprehensively on all long-running systemd services where
+ this is appropriate.
+
+ * systemd-udevd will now run in a disassociated mount
+ namespace. To mount directories from udev rules, make sure to
+ pull in mount units via SYSTEMD_WANTS properties.
+
+ * The kdbus support gained support for uploading policy into
+ the kernel. sd-bus gained support for creating "monitoring"
+ connections that can eavesdrop into all bus communication
+ for debugging purposes.
+
+ * Timestamps may now be specified in seconds since the UNIX
+ epoch Jan 1st, 1970 by specifying "@" followed by the value
+ in seconds.
+
+ * Native tcpwrap support in systemd has been removed. tcpwrap
+ is old code, not really maintained anymore and has serious
+ shortcomings, and better options such as firewalls
+ exist. For setups that require tcpwrap usage, please
+ consider invoking your socket-activated service via tcpd,
+ like on traditional inetd.
+
+ * A new system.conf configuration option
+ DefaultTimerAccuracySec= has been added that controls the
+ default AccuracySec= setting of .timer units.
+
+ * Timer units gained a new WakeSystem= switch. If enabled,
+ timers configured this way will cause the system to resume
+ from system suspend (if the system supports that, which most
+ do these days).
+
+ * Timer units gained a new Persistent= switch. If enabled,
+ timers configured this way will save to disk when they have
+ been last triggered. This information is then used on next
+ reboot to possible execute overdue timer events, that
+ could not take place because the system was powered off.
+ This enables simple anacron-like behaviour for timer units.
+
+ * systemctl's "list-timers" will now also list the time a
+ timer unit was last triggered in addition to the next time
+ it will be triggered.
+
+ * systemd-networkd will now assign predictable IPv4LL
+ addresses to its local interfaces.
+
+ Contributions from: Brandon Philips, Daniel Buch, Daniel Mack,
+ Dave Reisner, David Herrmann, Gerd Hoffmann, Greg
+ Kroah-Hartman, Hendrik Brueckner, Jason St. John, Josh
+ Triplett, Kay Sievers, Lennart Poettering, Marc-Antoine
+ Perennou, Michael Marineau, Michael Olbrich, Miklos Vajna,
+ Patrik Flykt, poma, Sebastian Thorarensen, Thomas Bächler,
+ Thomas Hindoe Paaboel Andersen, Tomasz Torcz, Tom Gundersen,
+ Umut Tezduyar Lindskog, Wieland Hoffmann, Zbigniew
+ Jędrzejewski-Szmek
+
+ -- Berlin, 2014-03-25
+
+CHANGES WITH 211:
+
+ * A new unit file setting RestrictAddressFamilies= has been
+ added to restrict which socket address families unit
+ processes gain access to. This takes address family names
+ like "AF_INET" or "AF_UNIX", and is useful to minimize the
+ attack surface of services via exotic protocol stacks. This
+ is built on seccomp system call filters.
+
+ * Two new unit file settings RuntimeDirectory= and
+ RuntimeDirectoryMode= have been added that may be used to
+ manage a per-daemon runtime directories below /run. This is
+ an alternative for setting up directory permissions with
+ tmpfiles snippets, and has the advantage that the runtime
+ directory's lifetime is bound to the daemon runtime and that
+ the daemon starts up with an empty directory each time. This
+ is particularly useful when writing services that drop
+ privileges using the User= or Group= setting.
+
+ * The DeviceAllow= unit setting now supports globbing for
+ matching against device group names.
+
+ * The systemd configuration file system.conf gained new
+ settings DefaultCPUAccounting=, DefaultBlockIOAccounting=,
+ DefaultMemoryAccounting= to globally turn on/off accounting
+ for specific resources (cgroups) for all units. These
+ settings may still be overridden individually in each unit
+ though.
+
+ * systemd-gpt-auto-generator is now able to discover /srv and
+ root partitions in addition to /home and swap partitions. It
+ also supports LUKS-encrypted partitions now. With this in
+ place, automatic discovery of partitions to mount following
+ the Discoverable Partitions Specification
+ (http://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec)
+ is now a lot more complete. This allows booting without
+ /etc/fstab and without root= on the kernel command line on
+ systems prepared appropriately.
+
+ * systemd-nspawn gained a new --image= switch which allows
+ booting up disk images and Linux installations on any block
+ device that follow the Discoverable Partitions Specification
+ (see above). This means that installations made with
+ appropriately updated installers may now be started and
+ deployed using container managers, completely
+ unmodified. (We hope that libvirt-lxc will add support for
+ this feature soon, too.)
+
+ * systemd-nspawn gained a new --network-macvlan= setting to
+ set up a private macvlan interface for the
+ container. Similarly, systemd-networkd gained a new
+ Kind=macvlan setting in .netdev files.
+
+ * systemd-networkd now supports configuring local addresses
+ using IPv4LL.
+
+ * A new tool systemd-network-wait-online has been added to
+ synchronously wait for network connectivity using
+ systemd-networkd.
+
+ * The sd-bus.h bus API gained a new sd_bus_track object for
+ tracking the life-cycle of bus peers. Note that sd-bus.h is
+ still not a public API though (unless you specify
+ --enable-kdbus on the configure command line, which however
+ voids your warranty and you get no API stability guarantee).
+
+ * The $XDG_RUNTIME_DIR runtime directories for each user are
+ now individual tmpfs instances, which has the benefit of
+ introducing separate pools for each user, with individual
+ size limits, and thus making sure that unprivileged clients
+ can no longer negatively impact the system or other users by
+ filling up their $XDG_RUNTIME_DIR. A new logind.conf setting
+ RuntimeDirectorySize= has been introduced that allows
+ controlling the default size limit for all users. It
+ defaults to 10% of the available physical memory. This is no
+ replacement for quotas on tmpfs though (which the kernel
+ still does not support), as /dev/shm and /tmp are still
+ shared resources used by both the system and unprivileged
+ users.
+
+ * logind will now automatically turn off automatic suspending
+ on laptop lid close when more than one display is
+ connected. This was previously expected to be implemented
+ individually in desktop environments (such as GNOME),
+ however has been added to logind now, in order to fix a
+ boot-time race where a desktop environment might not have
+ been started yet and thus not been able to take an inhibitor
+ lock at the time where logind already suspends the system
+ due to a closed lid.
+
+ * logind will now wait at least 30s after each system
+ suspend/resume cycle, and 3min after system boot before
+ suspending the system due to a closed laptop lid. This
+ should give USB docking stations and similar enough time to
+ be probed and configured after system resume and boot in
+ order to then act as suspend blocker.
+
+ * systemd-run gained a new --property= setting which allows
+ initialization of resource control properties (and others)
+ for the created scope or service unit. Example: "systemd-run
+ --property=BlockIOWeight=10 updatedb" may be used to run
+ updatedb at a low block IO scheduling weight.
+
+ * systemd-run's --uid=, --gid=, --setenv=, --setenv= switches
+ now also work in --scope mode.
+
+ * When systemd is compiled with kdbus support, basic support
+ for enforced policies is now in place. (Note that enabling
+ kdbus still voids your warranty and no API compatibility
+ promises are made.)
+
+ Contributions from: Andrey Borzenkov, Ansgar Burchardt, Armin
+ K., Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
+ Harald Hoyer, Henrik Grindal Bakken, Jasper St. Pierre, Kay
+ Sievers, Kieran Clancy, Lennart Poettering, Lukas Nykryn,
+ Mantas Mikulėnas, Marcel Holtmann, Mark Oteiza, Martin Pitt,
+ Mike Gilbert, Peter Rajnoha, poma, Samuli Suominen, Stef
+ Walter, Susant Sahani, Tero Roponen, Thomas Andersen, Thomas
+ Bächler, Thomas Hindoe Paaboel Andersen, Tomasz Torcz, Tom
+ Gundersen, Umut Tezduyar Lindskog, Uoti Urpala, Zachary Cook,
+ Zbigniew Jędrzejewski-Szmek
+
+ -- Berlin, 2014-03-12
+
+CHANGES WITH 210:
+
+ * systemd will now relabel /dev after loading the SMACK policy
+ according to SMACK rules.
+
+ * A new unit file option AppArmorProfile= has been added to
+ set the AppArmor profile for the processes of a unit.
+
+ * A new condition check ConditionArchitecture= has been added
+ to conditionalize units based on the system architecture, as
+ reported by uname()'s "machine" field.
+
+ * systemd-networkd now supports matching on the system
+ virtualization, architecture, kernel command line, host name
+ and machine ID.
+
+ * logind is now a lot more aggressive when suspending the
+ machine due to a closed laptop lid. Instead of acting only
+ on the lid close action, it will continuously watch the lid
+ status and act on it. This is useful for laptops where the
+ power button is on the outside of the chassis so that it can
+ be reached without opening the lid (such as the Lenovo
+ Yoga). On those machines, logind will now immediately
+ re-suspend the machine if the power button has been
+ accidentally pressed while the laptop was suspended and in a
+ backpack or similar.
+
+ * logind will now watch SW_DOCK switches and inhibit reaction
+ to the lid switch if it is pressed. This means that logind
+ will not suspend the machine anymore if the lid is closed
+ and the system is docked, if the laptop supports SW_DOCK
+ notifications via the input layer. Note that ACPI docking
+ stations do not generate this currently. Also note that this
+ logic is usually not fully sufficient and Desktop
+ Environments should take a lid switch inhibitor lock when an
+ external display is connected, as systemd will not watch
+ this on its own.
+
+ * nspawn will now make use of the devices cgroup controller by
+ default, and only permit creation of and access to the usual
+ API device nodes like /dev/null or /dev/random, as well as
+ access to (but not creation of) the pty devices.
+
+ * We will now ship a default .network file for
+ systemd-networkd that automatically configures DHCP for
+ network interfaces created by nspawn's --network-veth or
+ --network-bridge= switches.
+
+ * systemd will now understand the usual M, K, G, T suffixes
+ according to SI conventions (i.e. to the base 1000) when
+ referring to throughput and hardware metrics. It will stay
+ with IEC conventions (i.e. to the base 1024) for software
+ metrics, according to what is customary according to
+ Wikipedia. We explicitly document which base applies for
+ each configuration option.
+
+ * The DeviceAllow= setting in unit files now supports a syntax
+ to whitelist an entire group of devices node majors at once,
+ based on the /proc/devices listing. For example, with the
+ string "char-pts", it is now possible to whitelist all
+ current and future pseudo-TTYs at once.
+
+ * sd-event learned a new "post" event source. Event sources of
+ this type are triggered by the dispatching of any event
+ source of a type that is not "post". This is useful for
+ implementing clean-up and check event sources that are
+ triggered by other work being done in the program.
+
+ * systemd-networkd is no longer statically enabled, but uses
+ the usual [Install] sections so that it can be
+ enabled/disabled using systemctl. It still is enabled by
+ default however.
+
+ * When creating a veth interface pair with systemd-nspawn, the
+ host side will now be prefixed with "vb-" if
+ --network-bridge= is used, and with "ve-" if --network-veth
+ is used. This way, it is easy to distinguish these cases on
+ the host, for example to apply different configuration to
+ them with systemd-networkd.
+
+ * The compatibility libraries for libsystemd-journal.so,
+ libsystem-id128.so, libsystemd-login.so and
+ libsystemd-daemon.so do not make use of IFUNC
+ anymore. Instead, we now build libsystemd.so multiple times
+ under these alternative names. This means that the footprint
+ is drastically increased, but given that these are
+ transitional compatibility libraries, this should not matter
+ much. This change has been made necessary to support the ARM
+ platform for these compatibility libraries, as the ARM
+ toolchain is not really at the same level as the toolchain
+ for other architectures like x86 and does not support
+ IFUNC. Please make sure to use --enable-compat-libs only
+ during a transitional period!
+
+ Contributions from: Andreas Fuchs, Armin K., Colin Walters,
+ Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
+ Holger Schurig, Jason A. Donenfeld, Jason St. John, Jasper
+ St. Pierre, Kay Sievers, Lennart Poettering, Łukasz Stelmach,
+ Marcel Holtmann, Michael Scherer, Michal Sekletar, Mike
+ Gilbert, Samuli Suominen, Thomas Bächler, Thomas Hindoe
+ Paaboel Andersen, Tom Gundersen, Umut Tezduyar Lindskog,
+ Zbigniew Jędrzejewski-Szmek
+
+ -- Berlin, 2014-02-24
+
CHANGES WITH 209:
* A new component "systemd-networkd" has been added that can
MTU, duplex settings, Wake-on-LAN settings, MAC address, MAC
address assignment policy (randomized, ...).
+ * The configuration of network interface naming rules for
+ "permanent interface names" has changed: a new NamePolicy=
+ setting in the [Link] section of .link files determines the
+ priority of possible naming schemes (onboard, slot, mac,
+ path). The default value of this setting is determined by
+ /usr/lib/net/links/99-default.link. Old
+ 80-net-name-slot.rules udev configuration file has been
+ removed, so local configuration overriding this file should
+ be adapated to override 99-default.link instead.
+
* When the User= switch is used in a unit file, also
initialize $SHELL= based on the user database entry.
LDAP, etc. This API is based on libasyncns, but it has been
cleaned up for inclusion in systemd.
- * The APIs "sd-journal.h", "sd-login.h", "sd-id128.h" are no
- longer found in individual libraries libsystemd-journal.so,
- libsystemd-login.so, libsystemd-id128.so. Instead, we have
+ * The APIs "sd-journal.h", "sd-login.h", "sd-id128.h",
+ "sd-daemon.h" are no longer found in individual libraries
+ libsystemd-journal.so, libsystemd-login.so,
+ libsystemd-id128.so, libsystemd-daemon.so. Instead, we have
merged them into a single library, libsystemd.so, which
provides all symbols. The reason for this is cyclic
dependencies, as these libraries tend to use each other's
- symbols. So far, we've managed to workaround that by linking a
- copy of a good part of our code into each of these libraries
- again and again, which, however, makes certain things hard to
- do, like sharing static variables. Also, it substantially
- increases footprint. With this change, there is only one
- library for the basic APIs systemd provides. Also,
- "sd-bus.h", "sd-memfd.h", "sd-event.h", "sd-rtnl.h",
- "sd-resolve.h", "sd-utf8.h" are found in this library as
- well, however are subject to the --enable-kdbus switch (see
- below). Note that "sd-dhcp-client.h" and "sd-daemon.h" are not
- part of this library (the former because it only consumes,
- never provides, services of/to other APIs, and the latter
- because it is completely standalone). To make the transition
+ symbols. So far, we have managed to workaround that by linking
+ a copy of a good part of our code into each of these
+ libraries again and again, which, however, makes certain
+ things hard to do, like sharing static variables. Also, it
+ substantially increases footprint. With this change, there
+ is only one library for the basic APIs systemd
+ provides. Also, "sd-bus.h", "sd-memfd.h", "sd-event.h",
+ "sd-rtnl.h", "sd-resolve.h", "sd-utf8.h" are found in this
+ library as well, however are subject to the --enable-kdbus
+ switch (see below). Note that "sd-dhcp-client.h" is not part
+ of this library (this is because it only consumes, never
+ provides, services of/to other APIs). To make the transition
easy from the separate libraries to the unified one, we
provide the --enable-compat-libs compile-time switch which
will generate stub libraries that are compatible with the
switch then allows assigning the host side of this virtual
Ethernet connection to a bridge device.
+ * systemd-nspawn gained a new --personality= switch for
+ setting the kernel personality for the container. This is
+ useful when running a 32-bit container on a 64-bit host. A
+ similar option Personality= is now also available for service
+ units to use.
+
* logind will now also track a "Desktop" identifier for each
session which encodes the desktop environment of it. This is
useful for desktop environments that want to identify
* For usage together with SystemCallFilter=, a new
SystemCallErrorNumber= setting has been introduced that
- allows configuration of a system error number to return on
- filtered system calls, instead of immediately killing the
+ allows configuration of a system error number to be returned
+ on filtered system calls, instead of immediately killing the
process. Also, SystemCallArchitectures= has been added to
limit access to system calls of a particular architecture
(in order to turn off support for unused secondary
SystemCallArchitectures= setting in system.conf now to turn
off support for non-native system calls system-wide.
+ * systemd requires a kernel with a working name_to_handle_at(),
+ please see the kernel config requirements in the README file.
+
Contributions from: Adam Williamson, Alex Jia, Anatol Pomozov,
Ansgar Burchardt, AppleBloom, Auke Kok, Bastien Nocera,
Chengwei Yang, Christian Seiler, Colin Guthrie, Colin Walters,
Pavlín, Vincent Batts, WaLyong Cho, William Giokas, Yang
Zhiyong, Yin Kangkai, Yuxuan Shui, Zbigniew Jędrzejewski-Szmek
- -- Berlin, 2014-02-xx
+ -- Berlin, 2014-02-20
CHANGES WITH 208:
* A new tmpfiles.d(5) command "m" has been introduced which
may be used to change the owner/group/access mode of a file
- or directory if it exists, but do nothing if it doesn't.
+ or directory if it exists, but do nothing if it does not.
* This release removes high-level support for the
MemorySoftLimit= cgroup setting. The underlying kernel
cgroup attribute memory.soft_limit= is currently badly
designed and likely to be removed from the kernel API in its
- current form, hence we shouldn't expose it for now.
+ current form, hence we should not expose it for now.
* The memory.use_hierarchy cgroup attribute is now enabled for
all cgroups systemd creates in the memory cgroup
* InaccessibleDirectories= and ReadOnlyDirectories= now take
paths that are optionally prefixed with "-" to indicate that
- it should not be considered a failure if they don't exist.
+ it should not be considered a failure if they do not exist.
* journalctl -o (and similar commands) now understands a new
output mode "short-precise", it is similar to "short" but
databases to pre-generate dead device nodes based on meta
information contained in kernel modules, so that these would
be auto-loaded on access rather then at boot. As this
- doesn't really have much to do with the exposing actual
+ does not really have much to do with the exposing actual
kernel devices to userspace this has always been slightly
alien in the udev codebase. Following the new scheme kmod
will now generate a runtime snippet for tmpfiles from the
not available as public API.
* systemd will now look for the "debug" argument on the kernel
- command line and enable debug logging, similar to
+ command line and enable debug logging, similar to what
"systemd.log_level=debug" already did before.
* "systemctl set-default", "systemctl get-default" has been
* 'systemd-analyze dot' gained the ability to filter for
specific units via shell-style globs, to create smaller,
- more useful graphs. I.e. it's now possible to create simple
+ more useful graphs. I.e. it is now possible to create simple
graphs of all the dependencies between only target units, or
of all units that Avahi has dependencies with.
* The various "environment" files, such as /etc/locale.conf
now support continuation lines with a backslash ("\") as
- last character in the line, similar in style (but different)
+ last character in the line, similarly in style (but different)
to how this is supported in shells.
* For normal user processes the _SYSTEMD_USER_UNIT= field is
* "systemctl unlock-sessions" has been added, that allows
unlocking the screens of all user sessions at once, similar
- how "systemctl lock-sessions" already locked all users
+ to how "systemctl lock-sessions" already locked all users
sessions. This is backed by a new D-Bus call UnlockSessions().
* "loginctl seat-status" will now show the master device of a
pager. This is only supported in conjunction with "less".
* journalctl gained a new "--user-unit=" option, that works
- similar to "--unit=" but filters for user units rather than
+ similarly to "--unit=" but filters for user units rather than
system units.
* A number of unit files to ease adoption of systemd in
http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames
* Auke Kok's bootchart implementation has been added to the
- systemd tree. It's an optional component that can graph the
- boot in quite some detail. It's one of the best bootchart
+ systemd tree. It is an optional component that can graph the
+ boot in quite some detail. It is one of the best bootchart
implementations around and minimal in its code and
dependencies.
PolicyKit-less systems. Quite frankly this should have been
this way since day one. It is absolutely our intention to
make systemd work fine on PolicyKit-less systems, and we
- consider it a bug if something doesn't work as it should if
+ consider it a bug if something does not work as it should if
PolicyKit is not around.
* For embedded systems it is now possible to build udev and
* The bash completion logic is now available for journalctl
too.
- * We don't mount the "cpuset" controller anymore together with
+ * We do not mount the "cpuset" controller anymore together with
"cpu" and "cpuacct", as "cpuset" groups generally cannot be
started if no parameters are assigned to it. "cpuset" hence
broke code that assumed it it could create "cpu" groups and
CHANGES WITH 190:
- * Whenever a unit changes state we'll now log this to the
+ * Whenever a unit changes state we will now log this to the
journal and show along the unit's own log output in
"systemctl status".
* There's now a new RPM macro definition for the system preset
dir: %_presetdir.
- * journald will now warn if it can't forward a message to the
- syslog daemon because it's socket is full.
+ * journald will now warn if it ca not forward a message to the
+ syslog daemon because its socket is full.
* timedated will no longer write or process /etc/timezone,
except on Debian. As we do not support late mounted /usr
* systemctl will now warn you if .mount units generated from
/etc/fstab are out of date due to changes in fstab that
- haven't been read by systemd yet.
+ have not been read by systemd yet.
* systemd is now suitable for usage in initrds. Dracut has
already been updated to make use of this. With this in place
* We now mount /tmp as tmpfs by default, but this can be
masked and /etc/fstab can override it.
- * Since udisks doesn't make use of /media anymore we are not
+ * Since udisks does not make use of /media anymore we are not
mounting a tmpfs on it anymore.
* journalctl gained a new --local switch to only interleave
folks
* We now refuse non-UTF8 strings used in various configuration
- and unit files. This is done to ensure we don't pass invalid
+ and unit files. This is done to ensure we do not pass invalid
data over D-Bus or expose it elsewhere.
* Register Mimo USB Screens as suitable for automatic seat
death, since fanotify() will not see accesses done by blkid,
or fsck.
- * Don't show kernel threads in systemd-cgls anymore, unless
+ * Do not show kernel threads in systemd-cgls anymore, unless
requested with new -k switch.
Contributions from: Dan Horák, Kay Sievers, Lennart
--with-rootprefix= to follow the naming used by udev and
kmod
- * Unless specified otherwise we'll now install to /usr instead
+ * Unless specified otherwise we will now install to /usr instead
of /usr/local by default.
* Processes with '@' in argv[0][0] are now excluded from the
~ianmdlvl / elogind.git / blobdiff