systemd System and Service Manager
+CHANGES WITH 208:
+
+ * logind has gained support for facilitating privileged input
+ and drm device access for unprivileged clients. This work is
+ useful to allow Wayland display servers (and similar
+ programs, such as kmscon) to run under the user's ID and
+ access input and drm devices which are normally
+ protected. When this is used (and the kernel is new enough)
+ logind will "mute" IO on the file descriptors passed to
+ Wayland as long as it is in the background and "unmute" it
+ if it returns into the foreground. This allows secure
+ session switching without allowing background sessions to
+ eavesdrop on input and display data. This also introduces
+ session switching support if VT support is turned off in the
+ kernel, and on seats that are not seat0.
+
+ * A new kernel command line option luks.options= is understood
+ now which allows specifiying LUKS options for usage for LUKS
+ encrypted partitions specified with luks.uuid=.
+
+ * tmpfiles.d(5) snippets may now use specifier expansion in
+ path names. More specifically %m, %b, %H, %v, are now
+ replaced by the local machine id, boot id, hostname, and
+ kernel version number.
+
+ * A new tmpfiles.d(5) command "m" has been introduced which
+ may be used to change the owner/group/access mode of a file
+ or directory if it exists, but do nothing if it doesn't.
+
+ * This release removes high-level support for the
+ MemorySoftLimit= cgroup setting. The underlying kernel
+ cgroup attribute memory.soft_limit= is currently badly
+ designed and likely to be removed from the kernel API in its
+ current form, hence we shouldn't expose it for now.
+
+ * The memory.use_hierarchy cgroup attribute is now enabled for
+ all cgroups systemd creates in the memory cgroup
+ hierarchy. This option is likely to be come the built-in
+ default in the kernel anyway, and the non-hierarchial mode
+ never made much sense in the intrinsically hierarchial
+ cgroup system.
+
+ * A new field _SYSTEMD_SLICE= is logged along with all journal
+ messages containing the slice a message was generated
+ from. This is useful to allow easy per-customer filtering of
+ logs among other things.
+
+ * systemd-journald will no longer adjust the group of journal
+ files it creates to the "systemd-journal" group. Instead we
+ rely on the journal directory to be owned by the
+ "systemd-journal" group, and its setgid bit set, so that the
+ kernel file system layer will automatically enforce that
+ journal files inherit this group assignment. The reason for
+ this change is that we cannot allow NSS look-ups from
+ journald which would be necessary to resolve
+ "systemd-journal" to a numeric GID, because this might
+ create deadlocks if NSS involves synchronous queries to
+ other daemons (such as nscd, or sssd) which in turn are
+ logging clients of journald and might block on it, which
+ would then dead lock. A tmpfiles.d(5) snippet included in
+ systemd will make sure the setgid bit and group are
+ properly set on the journal directory if it exists on every
+ boot. However, we recommend adjusting it manually after
+ upgrades too (or from RPM scriptlets), so that the change is
+ not delayed until next reboot.
+
+ * Backlight and random seed files in /var/lib/ have moved into
+ the /var/lib/systemd/ directory, in order to centralize all
+ systemd generated files in one directory.
+
+ * Boot time performance measurements (as displayed by
+ "systemd-analyze" for example) will now read ACPI 5.0 FPDT
+ performance information if that's available to determine how
+ much time BIOS and boot loader initialization required. With
+ a sufficiently new BIOS you hence no longer need to boot
+ with Gummiboot to get access to such information.
+
+ Contributions from: Andrey Borzenkov, Chen Jie, Colin Walters,
+ Cristian Rodríguez, Dave Reisner, David Herrmann, David
+ Mackey, David Strauss, Eelco Dolstra, Evan Callicoat, Gao
+ feng, Harald Hoyer, Jimmie Tauriainen, Kay Sievers, Lennart
+ Poettering, Lukas Nykryn, Mantas Mikulėnas, Martin Pitt,
+ Michael Scherer, Michał Górny, Mike Gilbert, Patrick McCarty,
+ Sebastian Ott, Tom Gundersen, Zbigniew Jędrzejewski-Szmek
+
+ -- Berlin, 2013-10-02
+
+CHANGES WITH 207:
+
+ * The Restart= option for services now understands a new
+ on-watchdog setting, which will restart the service
+ automatically if the service stops sending out watchdog keep
+ alive messages (as configured with WatchdogSec=).
+
+ * The getty generator (which is responsible for bringing up a
+ getty on configured serial consoles) will no longer only
+ start a getty on the primary kernel console but on all
+ others, too. This makes the order in which console= is
+ specified on the kernel command line less important.
+
+ * libsystemd-logind gained a new sd_session_get_vt() call to
+ retrieve the VT number of a session.
+
+ * If the option "tries=0" is set for an entry of /etc/crypttab
+ its passphrase is queried indefinitely instead of any
+ maximum number of tries.
+
+ * If a service with a configure PID file terminates its PID
+ file will now be removed automatically if it still exists
+ afterwards. This should put an end to stale PID files.
+
+ * systemd-run will now also take relative binary path names
+ for execution and no longer insists on absolute paths.
+
+ * InaccessibleDirectories= and ReadOnlyDirectories= now take
+ paths that are optionally prefixed with "-" to indicate that
+ it should not be considered a failure if they don't exist.
+
+ * journalctl -o (and similar commands) now understands a new
+ output mode "short-precise", it is similar to "short" but
+ shows timestamps with usec accuracy.
+
+ * The option "discard" (as known from Debian) is now
+ synonymous to "allow-discards" in /etc/crypttab. In fact,
+ "discard" is preferred now (since it is easier to remember
+ and type).
+
+ * Some licensing clean-ups were made, so that more code is now
+ LGPL-2.1 licensed than before.
+
+ * A minimal tool to save/restore the display backlight
+ brightness across reboots has been added. It will store the
+ backlight setting as late as possible at shutdown, and
+ restore it as early as possible during reboot.
+
+ * A logic to automatically discover and enable home and swap
+ partitions on GPT disks has been added. With this in place
+ /etc/fstab becomes optional for many setups as systemd can
+ discover certain partitions located on the root disk
+ automatically. Home partitions are recognized under their
+ GPT type ID 933ac7e12eb44f13b8440e14e2aef915. Swap
+ partitions are recognized under their GPT type ID
+ 0657fd6da4ab43c484e50933c84b4f4f.
+
+ * systemd will no longer pass any environment from the kernel
+ or initrd to system services. If you want to set an
+ environment for all services, do so via the kernel command
+ line systemd.setenv= assignment.
+
+ * The systemd-sysctl tool no longer natively reads the file
+ /etc/sysctl.conf. If desired, the file should be symlinked
+ from /etc/sysctl.d/99-sysctl.conf. Apart from providing
+ legacy support by a symlink rather than built-in code, it
+ also makes the otherwise hidden order of application of the
+ different files visible. (Note that this partly reverts to a
+ pre-198 application order of sysctl knobs!)
+
+ * The "systemctl set-log-level" and "systemctl dump" commands
+ have been moved to systemd-analyze.
+
+ * systemd-run learned the new --remain-after-exit switch,
+ which causes the scope unit not to be cleaned up
+ automatically after the process terminated.
+
+ * tmpfiles learned a new --exclude-prefix= switch to exclude
+ certain paths from operation.
+
+ * journald will now automatically flush all messages to disk
+ as soon as a message of the log priorities CRIT, ALERT or
+ EMERG is received.
+
+ Contributions from: Andrew Cook, Brandon Philips, Christian
+ Hesse, Christoph Junghans, Colin Walters, Daniel Schaal,
+ Daniel Wallace, Dave Reisner, David Herrmann, Gao feng, George
+ McCollister, Giovanni Campagna, Hannes Reinecke, Harald Hoyer,
+ Herczeg Zsolt, Holger Hans Peter Freyther, Jan Engelhardt,
+ Jesper Larsen, Kay Sievers, Khem Raj, Lennart Poettering,
+ Lukas Nykryn, Maciej Wereski, Mantas Mikulėnas, Marcel
+ Holtmann, Martin Pitt, Michael Biebl, Michael Marineau,
+ Michael Scherer, Michael Stapelberg, Michal Sekletar, Michał
+ Górny, Olivier Brunel, Ondrej Balaz, Ronny Chevalier, Shawn
+ Landden, Steven Hiscocks, Thomas Bächler, Thomas Hindoe
+ Paaboel Andersen, Tom Gundersen, Umut Tezduyar, WANG Chao,
+ William Giokas, Zbigniew Jędrzejewski-Szmek
+
+ -- Berlin, 2013-09-13
+
+CHANGES WITH 206:
+
+ * The documentation has been updated to cover the various new
+ concepts introduced with 205.
+
+ * Unit files now understand the new %v specifier which
+ resolves to the kernel version string as returned by "uname
+ -r".
+
+ * systemctl now supports filtering the unit list output by
+ load state, active state and sub state, using the new
+ --state= parameter.
+
+ * "systemctl status" will now show the results of the
+ condition checks (like ConditionPathExists= and similar) of
+ the last start attempts of the unit. They are also logged to
+ the journal.
+
+ * "journalctl -b" may now be used to look for boot output of a
+ specific boot. Try "journalctl -b -1" for the previous boot,
+ but the syntax is substantially more powerful.
+
+ * "journalctl --show-cursor" has been added which prints the
+ cursor string the last shown log line. This may then be used
+ with the new "journalctl --after-cursor=" switch to continue
+ browsing logs from that point on.
+
+ * "journalctl --force" may now be used to force regeneration
+ of an FSS key.
+
+ * Creation of "dead" device nodes has been moved from udev
+ into kmod and tmpfiles. Previously, udev would read the kmod
+ databases to pre-generate dead device nodes based on meta
+ information contained in kernel modules, so that these would
+ be auto-loaded on access rather then at boot. As this
+ doesn't really have much to do with the exposing actual
+ kernel devices to userspace this has always been slightly
+ alien in the udev codebase. Following the new scheme kmod
+ will now generate a runtime snippet for tmpfiles from the
+ module meta information and it now is tmpfiles' job to the
+ create the nodes. This also allows overriding access and
+ other parameters for the nodes using the usual tmpfiles
+ facilities. As side effect this allows us to remove the
+ CAP_SYS_MKNOD capability bit from udevd entirely.
+
+ * logind's device ACLs may now be applied to these "dead"
+ devices nodes too, thus finally allowing managed access to
+ devices such as /dev/snd/sequencer whithout loading the
+ backing module right-away.
+
+ * A new RPM macro has been added that may be used to apply
+ tmpfiles configuration during package installation.
+
+ * systemd-detect-virt and ConditionVirtualization= now can
+ detect User-Mode-Linux machines (UML).
+
+ * journald will now implicitly log the effective capabilities
+ set of processes in the message metadata.
+
+ * systemd-cryptsetup has gained support for TrueCrypt volumes.
+
+ * The initrd interface has been simplified (more specifically,
+ support for passing performance data via environment
+ variables and fsck results via files in /run has been
+ removed). These features were non-essential, and are
+ nowadays available in a much nicer way by having systemd in
+ the initrd serialize its state and have the hosts systemd
+ deserialize it again.
+
+ * The udev "keymap" data files and tools to apply keyboard
+ specific mappings of scan to key codes, and force-release
+ scan code lists have been entirely replaced by a udev
+ "keyboard" builtin and a hwdb data file.
+
+ * systemd will now honour the kernel's "quiet" command line
+ argument also during late shutdown, resulting in a
+ completely silent shutdown when used.
+
+ * There's now an option to control the SO_REUSEPORT socket
+ option in .socket units.
+
+ * Instance units will now automatically get a per-template
+ subslice of system.slice unless something else is explicitly
+ configured. For example, instances of sshd@.service will now
+ implicitly be placed in system-sshd.slice rather than
+ system.slice as before.
+
+ * Test coverage support may now be enabled at build time.
+
+ Contributions from: Dave Reisner, Frederic Crozat, Harald
+ Hoyer, Holger Hans Peter Freyther, Jan Engelhardt, Jan
+ Janssen, Jason St. John, Jesper Larsen, Kay Sievers, Lennart
+ Poettering, Lukas Nykryn, Maciej Wereski, Martin Pitt, Michael
+ Olbrich, Ramkumar Ramachandra, Ross Lagerwall, Shawn Landden,
+ Thomas H.P. Andersen, Tom Gundersen, Tomasz Torcz, William
+ Giokas, Zbigniew Jędrzejewski-Szmek
+
+ -- Berlin, 2013-07-23
+
+CHANGES WITH 205:
+
+ * Two new unit types have been introduced:
+
+ Scope units are very similar to service units, however, are
+ created out of pre-existing processes -- instead of PID 1
+ forking off the processes. By using scope units it is
+ possible for system services and applications to group their
+ own child processes (worker processes) in a powerful way
+ which then maybe used to organize them, or kill them
+ together, or apply resource limits on them.
+
+ Slice units may be used to partition system resources in an
+ hierarchial fashion and then assign other units to them. By
+ default there are now three slices: system.slice (for all
+ system services), user.slice (for all user sessions),
+ machine.slice (for VMs and containers).
+
+ Slices and scopes have been introduced primarily in
+ context of the work to move cgroup handling to a
+ single-writer scheme, where only PID 1
+ creates/removes/manages cgroups.
+
+ * There's a new concept of "transient" units. In contrast to
+ normal units these units are created via an API at runtime,
+ not from configuration from disk. More specifically this
+ means it is now possible to run arbitrary programs as
+ independent services, with all execution parameters passed
+ in via bus APIs rather than read from disk. Transient units
+ make systemd substantially more dynamic then it ever was,
+ and useful as a general batch manager.
+
+ * logind has been updated to make use of scope and slice units
+ for managing user sessions. As a user logs in he will get
+ his own private slice unit, to which all sessions are added
+ as scope units. We also added support for automatically
+ adding an instance of user@.service for the user into the
+ slice. Effectively logind will no longer create cgroup
+ hierarchies on its own now, it will defer entirely to PID 1
+ for this by means of scope, service and slice units. Since
+ user sessions this way become entities managed by PID 1
+ the output of "systemctl" is now a lot more comprehensive.
+
+ * A new mini-daemon "systemd-machined" has been added which
+ may be used by virtualization managers to register local
+ VMs/containers. nspawn has been updated accordingly, and
+ libvirt will be updated shortly. machined will collect a bit
+ of meta information about the VMs/containers, and assign
+ them their own scope unit (see above). The collected
+ meta-data is then made available via the "machinectl" tool,
+ and exposed in "ps" and similar tools. machined/machinectl
+ is compile-time optional.
+
+ * As discussed earlier, the low-level cgroup configuration
+ options ControlGroup=, ControlGroupModify=,
+ ControlGroupPersistent=, ControlGroupAttribute= have been
+ removed. Please use high-level attribute settings instead as
+ well as slice units.
+
+ * A new bus call SetUnitProperties() has been added to alter
+ various runtime parameters of a unit. This is primarily
+ useful to alter cgroup parameters dynamically in a nice way,
+ but will be extended later on to make more properties
+ modifiable at runtime. systemctl gained a new set-properties
+ command that wraps this call.
+
+ * A new tool "systemd-run" has been added which can be used to
+ run arbitrary command lines as transient services or scopes,
+ while configuring a number of settings via the command
+ line. This tool is currently very basic, however already
+ very useful. We plan to extend this tool to even allow
+ queuing of execution jobs with time triggers from the
+ command line, similar in fashion to "at".
+
+ * nspawn will now inform the user explicitly that kernels with
+ audit enabled break containers, and suggest the user to turn
+ off audit.
+
+ * Support for detecting the IMA and AppArmor security
+ frameworks with ConditionSecurity= has been added.
+
+ * journalctl gained a new "-k" switch for showing only kernel
+ messages, mimicking dmesg output; in addition to "--user"
+ and "--system" switches for showing only user's own logs
+ and system logs.
+
+ * systemd-delta can now show information about drop-in
+ snippets extending unit files.
+
+ * libsystemd-bus has been substantially updated but is still
+ not available as public API.
+
+ * systemd will now look for the "debug" argument on the kernel
+ command line and enable debug logging, similar to
+ "systemd.log_level=debug" already did before.
+
+ * "systemctl set-default", "systemctl get-default" has been
+ added to configure the default.target symlink, which
+ controls what to boot into by default.
+
+ * "systemctl set-log-level" has been added as a convenient
+ way to raise and lower systemd logging threshold.
+
+ * "systemd-analyze plot" will now show the time the various
+ generators needed for execution, as well as information
+ about the unit file loading.
+
+ * libsystemd-journal gained a new sd_journal_open_files() call
+ for opening specific journal files. journactl also gained a
+ new switch to expose this new functionality. Previously we
+ only supported opening all files from a directory, or all
+ files from the system, as opening individual files only is
+ racy due to journal file rotation.
+
+ * systemd gained the new DefaultEnvironment= setting in
+ /etc/systemd/system.conf to set environment variables for
+ all services.
+
+ * If a privileged process logs a journal message with the
+ OBJECT_PID= field set, then journald will automatically
+ augment this with additional OBJECT_UID=, OBJECT_GID=,
+ OBJECT_COMM=, OBJECT_EXE=, ... fields. This is useful if
+ system services want to log events about specific client
+ processes. journactl/systemctl has been updated to make use
+ of this information if all log messages regarding a specific
+ unit is requested.
+
+ Contributions from: Auke Kok, Chengwei Yang, Colin Walters,
+ Cristian Rodríguez, Daniel Albers, Daniel Wallace, Dave
+ Reisner, David Coppa, David King, David Strauss, Eelco
+ Dolstra, Gabriel de Perthuis, Harald Hoyer, Jan Alexander
+ Steffens, Jan Engelhardt, Jan Janssen, Jason St. John, Johan
+ Heikkilä, Karel Zak, Karol Lewandowski, Kay Sievers, Lennart
+ Poettering, Lukas Nykryn, Mantas Mikulėnas, Marius Vollmer,
+ Martin Pitt, Michael Biebl, Michael Olbrich, Michael Tremer,
+ Michal Schmidt, Michał Bartoszkiewicz, Nirbheek Chauhan,
+ Pierre Neidhardt, Ross Burton, Ross Lagerwall, Sean McGovern,
+ Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar,
+ Václav Pavlín, Zachary Cook, Zbigniew Jędrzejewski-Szmek,
+ Łukasz Stelmach, 장동준
+
+CHANGES WITH 204:
+
+ * The Python bindings gained some minimal support for the APIs
+ exposed by libsystemd-logind.
+
+ * ConditionSecurity= gained support for detecting SMACK. Since
+ this condition already supports SELinux and AppArmor we only
+ miss IMA for this. Patches welcome!
+
+ Contributions from: Karol Lewandowski, Lennart Poettering,
+ Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 203:
+
+ * systemd-nspawn will now create /etc/resolv.conf if
+ necessary, before bind-mounting the host's file onto it.
+
+ * systemd-nspawn will now store meta information about a
+ container on the container's cgroup as extended attribute
+ fields, including the root directory.
+
+ * The cgroup hierarchy has been reworked in many ways. All
+ objects any of the components systemd creates in the cgroup
+ tree are now suffixed. More specifically, user sessions are
+ now placed in cgroups suffixed with ".session", users in
+ cgroups suffixed with ".user", and nspawn containers in
+ cgroups suffixed with ".nspawn". Furthermore, all cgroup
+ names are now escaped in a simple scheme to avoid collision
+ of userspace object names with kernel filenames. This work
+ is preparation for making these objects relocatable in the
+ cgroup tree, in order to allow easy resource partitioning of
+ these objects without causing naming conflicts.
+
+ * systemctl list-dependencies gained the new switches
+ --plain, --reverse, --after and --before.
+
+ * systemd-inhibit now shows the process name of processes that
+ have taken an inhibitor lock.
+
+ * nss-myhostname will now also resolve "localhost"
+ implicitly. This makes /etc/hosts an optional file and
+ nicely handles that on IPv6 ::1 maps to both "localhost" and
+ the local hostname.
+
+ * libsystemd-logind.so gained a new call
+ sd_get_machine_names() to enumerate running containers and
+ VMs (currently only supported by very new libvirt and
+ nspawn). sd_login_monitor can now be used to watch
+ VMs/containers coming and going.
+
+ * .include is not allowed recursively anymore, and only in
+ unit files. Usually it is better to use drop-in snippets in
+ .d/*.conf anyway, as introduced with systemd 198.
+
+ * systemd-analyze gained a new "critical-chain" command that
+ determines the slowest chain of units run during system
+ boot-up. It is very useful for tracking down where
+ optimizing boot time is the most beneficial.
+
+ * systemd will no longer allow manipulating service paths in
+ the name=systemd:/system cgroup tree using ControlGroup= in
+ units. (But is still fine with it in all other dirs.)
+
+ * There's a new systemd-nspawn@.service service file that may
+ be used to easily run nspawn containers as system
+ services. With the container's root directory in
+ /var/lib/container/foobar it is now sufficient to run
+ "systemctl start systemd-nspawn@foobar.service" to boot it.
+
+ * systemd-cgls gained a new parameter "--machine" to list only
+ the processes within a certain container.
+
+ * ConditionSecurity= now can check for "apparmor". We still
+ are lacking checks for SMACK and IMA for this condition
+ check though. Patches welcome!
+
+ * A new configuration file /etc/systemd/sleep.conf has been
+ added that may be used to configure which kernel operation
+ systemd is supposed to execute when "suspend", "hibernate"
+ or "hybrid-sleep" is requested. This makes the new kernel
+ "freeze" state accessible to the user.
+
+ * ENV{SYSTEMD_WANTS} in udev rules will now implicitly escape
+ the passed argument if applicable.
+
+ Contributions from: Auke Kok, Colin Guthrie, Colin Walters,
+ Cristian Rodríguez, Daniel Buch, Daniel Wallace, Dave Reisner,
+ Evangelos Foutras, Greg Kroah-Hartman, Harald Hoyer, Josh
+ Triplett, Kay Sievers, Lennart Poettering, Lukas Nykryn,
+ MUNEDA Takahiro, Mantas Mikulėnas, Mirco Tischler, Nathaniel
+ Chen, Nirbheek Chauhan, Ronny Chevalier, Ross Lagerwall, Tom
+ Gundersen, Umut Tezduyar, Ville Skyttä, Zbigniew
+ Jędrzejewski-Szmek
+
+CHANGES WITH 202:
+
+ * The output of 'systemctl list-jobs' got some polishing. The
+ '--type=' argument may now be passed more than once. A new
+ command 'systemctl list-sockets' has been added which shows
+ a list of kernel sockets systemd is listening on with the
+ socket units they belong to, plus the units these socket
+ units activate.
+
+ * The experimental libsystemd-bus library got substantial
+ updates to work in conjunction with the (also experimental)
+ kdbus kernel project. It works well enough to exchange
+ messages with some sophistication. Note that kdbus is not
+ ready yet, and the library is mostly an elaborate test case
+ for now, and not installable.
+
+ * systemd gained a new unit 'systemd-static-nodes.service'
+ that generates static device nodes earlier during boot, and
+ can run in conjunction with udev.
+
+ * libsystemd-login gained a new call sd_pid_get_user_unit()
+ to retrieve the user systemd unit a process is running
+ in. This is useful for systems where systemd is used as
+ session manager.
+
+ * systemd-nspawn now places all containers in the new /machine
+ top-level cgroup directory in the name=systemd
+ hierarchy. libvirt will soon do the same, so that we get a
+ uniform separation of /system, /user and /machine for system
+ services, user processes and containers/virtual
+ machines. This new cgroup hierarchy is also useful to stick
+ stable names to specific container instances, which can be
+ recognized later this way (this name may be controlled
+ via systemd-nspawn's new -M switch). libsystemd-login also
+ gained a new call sd_pid_get_machine_name() to retrieve the
+ name of the container/VM a specific process belongs to.
+
+ * bootchart can now store its data in the journal.
+
+ * libsystemd-journal gained a new call
+ sd_journal_add_conjunction() for AND expressions to the
+ matching logic. This can be used to express more complex
+ logical expressions.
+
+ * journactl can now take multiple --unit= and --user-unit=
+ switches.
+
+ * The cryptsetup logic now understands the "luks.key=" kernel
+ command line switch for specifying a file to read the
+ decryption key from. Also, if a configured key file is not
+ found the tool will now automatically fall back to prompting
+ the user.
+
+ * Python systemd.journal module was updated to wrap recently
+ added functions from libsystemd-journal. The interface was
+ changed to bring the low level interface in s.j._Reader
+ closer to the C API, and the high level interface in
+ s.j.Reader was updated to wrap and convert all data about
+ an entry.
+
+ Contributions from: Anatol Pomozov, Auke Kok, Harald Hoyer,
+ Henrik Grindal Bakken, Josh Triplett, Kay Sievers, Lennart
+ Poettering, Lukas Nykryn, Mantas Mikulėnas Marius Vollmer,
+ Martin Jansa, Martin Pitt, Michael Biebl, Michal Schmidt,
+ Mirco Tischler, Pali Rohar, Simon Peeters, Steven Hiscocks,
+ Tom Gundersen, Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 201:
+
+ * journalctl --update-catalog now understands a new --root=
+ option to operate on catalogs found in a different root
+ directory.
+
+ * During shutdown after systemd has terminated all running
+ services a final killing loop kills all remaining left-over
+ processes. We will now print the name of these processes
+ when we send SIGKILL to them, since this usually indicates a
+ problem.
+
+ * If /etc/crypttab refers to password files stored on
+ configured mount points automatic dependencies will now be
+ generated to ensure the specific mount is established first
+ before the key file is attempted to be read.
+
+ * 'systemctl status' will now show information about the
+ network sockets a socket unit is listening on.
+
+ * 'systemctl status' will also shown information about any
+ drop-in configuration file for units. (Drop-In configuration
+ files in this context are files such as
+ /etc/systemd/systemd/foobar.service.d/*.conf)
+
+ * systemd-cgtop now optionally shows summed up CPU times of
+ cgroups. Press '%' while running cgtop to switch between
+ percentage and absolute mode. This is useful to determine
+ which cgroups use up the most CPU time over the entire
+ runtime of the system. systemd-cgtop has also been updated
+ to be 'pipeable' for processing with further shell tools.
+
+ * 'hostnamectl set-hostname' will now allow setting of FQDN
+ hostnames.
+
+ * The formatting and parsing of time span values has been
+ changed. The parser now understands fractional expressions
+ such as "5.5h". The formatter will now output fractional
+ expressions for all time spans under 1min, i.e. "5.123456s"
+ rather than "5s 123ms 456us". For time spans under 1s
+ millisecond values are shown, for those under 1ms
+ microsecond values are shown. This should greatly improve
+ all time-related output of systemd.
+
+ * libsystemd-login and libsystemd-journal gained new
+ functions for querying the poll() events mask and poll()
+ timeout value for integration into arbitrary event
+ loops.
+
+ * localectl gained the ability to list available X11 keymaps
+ (models, layouts, variants, options).
+
+ * 'systemd-analyze dot' gained the ability to filter for
+ specific units via shell-style globs, to create smaller,
+ more useful graphs. I.e. it's now possible to create simple
+ graphs of all the dependencies between only target units, or
+ of all units that Avahi has dependencies with.
+
+ Contributions from: Cristian Rodríguez, Dr. Tilmann Bubeck,
+ Harald Hoyer, Holger Hans Peter Freyther, Kay Sievers, Kelly
+ Anderson, Koen Kooi, Lennart Poettering, Maksim Melnikau,
+ Marc-Antoine Perennou, Marius Vollmer, Martin Pitt, Michal
+ Schmidt, Oleksii Shevchuk, Ronny Chevalier, Simon McVittie,
+ Steven Hiscocks, Thomas Weißschuh, Umut Tezduyar, Václav
+ Pavlín, Zbigniew Jędrzejewski-Szmek, Łukasz Stelmach
+
+CHANGES WITH 200:
+
+ * The boot-time readahead implementation for rotating media
+ will now read the read-ahead data in multiple passes which
+ consist of all read requests made in equidistant time
+ intervals. This means instead of strictly reading read-ahead
+ data in its physical order on disk we now try to find a
+ middle ground between physical and access time order.
+
+ * /etc/os-release files gained a new BUILD_ID= field for usage
+ on operating systems that provide continuous builds of OS
+ images.
+
+ Contributions from: Auke Kok, Eelco Dolstra, Kay Sievers,
+ Lennart Poettering, Lukas Nykryn, Martin Pitt, Václav Pavlín
+ William Douglas, Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 199:
+
+ * systemd-python gained an API exposing libsystemd-daemon.
+
+ * The SMACK setup logic gained support for uploading CIPSO
+ security policy.
+
+ * Behaviour of PrivateTmp=, ReadWriteDirectories=,
+ ReadOnlyDirectories= and InaccessibleDirectories= has
+ changed. The private /tmp and /var/tmp directories are now
+ shared by all processes of a service (which means
+ ExecStartPre= may now leave data in /tmp that ExecStart= of
+ the same service can still access). When a service is
+ stopped its temporary directories are immediately deleted
+ (normal clean-up with tmpfiles is still done in addition to
+ this though).
+
+ * By default, systemd will now set a couple of sysctl
+ variables in the kernel: the safe sysrq options are turned
+ on, IP route verification is turned on, and source routing
+ disabled. The recently added hardlink and softlink
+ protection of the kernel is turned on. These settings should
+ be reasonably safe, and good defaults for all new systems.
+
+ * The predictable network naming logic may now be turned off
+ with a new kernel command line switch: net.ifnames=0.
+
+ * A new libsystemd-bus module has been added that implements a
+ pretty complete D-Bus client library. For details see:
+
+ http://lists.freedesktop.org/archives/systemd-devel/2013-March/009797.html
+
+ * journald will now explicitly flush the journal files to disk
+ at the latest 5min after each write. The file will then also
+ be marked offline until the next write. This should increase
+ reliability in case of a crash. The synchronization delay
+ can be configured via SyncIntervalSec= in journald.conf.
+
+ * There's a new remote-fs-setup.target unit that can be used
+ to pull in specific services when at least one remote file
+ system is to be mounted.
+
+ * There are new targets timers.target and paths.target as
+ canonical targets to pull user timer and path units in
+ from. This complements sockets.target with a similar
+ purpose for socket units.
+
+ * libudev gained a new call udev_device_set_attribute_value()
+ to set sysfs attributes of a device.
+
+ * The udev daemon now sets the default number of worker
+ processes executed in parallel based on the number of available
+ CPUs instead of the amount of available RAM. This is supposed
+ to provide a more reliable default and limit a too aggressive
+ paralellism for setups with 1000s of devices connected.
+
+ Contributions from: Auke Kok, Colin Walters, Cristian
+ Rodríguez, Daniel Buch, Dave Reisner, Frederic Crozat, Hannes
+ Reinecke, Harald Hoyer, Jan Alexander Steffens, Jan
+ Engelhardt, Josh Triplett, Kay Sievers, Lennart Poettering,
+ Mantas Mikulėnas, Martin Pitt, Mathieu Bridon, Michael Biebl,
+ Michal Schmidt, Michal Sekletar, Miklos Vajna, Nathaniel Chen,
+ Oleksii Shevchuk, Ozan Çağlayan, Thomas Hindoe Paaboel
+ Andersen, Tollef Fog Heen, Tom Gundersen, Umut Tezduyar,
+ Zbigniew Jędrzejewski-Szmek
+
CHANGES WITH 198:
* Configuration of unit files may now be extended via drop-in
themselves. More specifically, if the administrator wants to
change one value for a service file foobar.service he can
now do so by dropping in a configuration snippet into
- /etc/systemd/systemd/foobar.service.d/*.conf. The unit logic
+ /etc/systemd/system/foobar.service.d/*.conf. The unit logic
will load all these snippets and apply them on top of the
main unit configuration file, possibly extending or
overriding its settings. Using these drop-in snippets is
them there; or creating a new file in /etc/systemd/system/
that incorporates the original one via ".include". Drop-in
snippets into these .d/ directories can be placed in any
- directory systems looks for units in, and the usual
+ directory systemd looks for units in, and the usual
overriding semantics between /usr/lib, /etc and /run apply
for them too.
* Most unit file settings which take lists of items can now be
- reset by assigning the empty strings to them. For example,
+ reset by assigning the empty string to them. For example,
normally, settings such as Environment=FOO=BAR append a new
environment variable assignment to the environment block,
each time they are used. By assigning Environment= the empty
string the environment block can be reset to empty. This is
particularly useful with the .d/*.conf drop-in snippets
- mentioned above, since this allows resetting list settings
- from vendor unit files via these drop-ins.
+ mentioned above, since this adds the ability to reset list
+ settings from vendor unit files via these drop-ins.
* systemctl gained a new "list-dependencies" command for
listing the dependencies of a unit recursively.
for all units. More specifically, you can now use a command
like "systemctl set-cgroup-attr foobar.service cpu.shares
2000" to alter the CPU shares a specific service gets. These
- settings are stores persistently on disk, and thus allow the
+ settings are stored persistently on disk, and thus allow the
administrator to easily adjust the resource usage of
services with a few simple commands. This dynamic resource
- management logic is also available to other services via the
+ management logic is also available to other programs via the
bus. Almost any kernel cgroup attribute and controller is
supported.
* systemd-vconsole-setup will now copy all font settings to
- all open VTs, where it previously applied them only to the
- foreground VT.
+ all allocated VTs, where it previously applied them only to
+ the foreground VT.
* libsystemd-login gained the new sd_session_get_tty() API
call.
- * This release drops support with a few
- legacy/distribution-specific LSB facility names when parsing
- init scripts: $x-display-manager, $mail-transfer-agent,
+ * This release drops support for a few legacy or
+ distribution-specific LSB facility names when parsing init
+ scripts: $x-display-manager, $mail-transfer-agent,
$mail-transport-agent, $mail-transfer-agent, $smtp,
$null. Also, the mail-transfer-agent.target unit backing
this has been removed. Distributions which want to retain
- compatibility with this should carry the burden for support
- this themselves and patch support for these back in if they
- really need to. Also, the facilities $syslog and $local_fs
- are now ignored, since systemd does not support early-boot
- LSB init scripts anymore, and these facilities are implied
- anyway for normal services. syslog.target has also been
- removed.
+ compatibility with this should carry the burden for
+ supporting this themselves and patch support for these back
+ in, if they really need to. Also, the facilities $syslog and
+ $local_fs are now ignored, since systemd does not support
+ early-boot LSB init scripts anymore, and these facilities
+ are implied anyway for normal services. syslog.target has
+ also been removed.
* There are new bus calls on PID1's Manager object for
- canceling jobs, and removing snapshot units. Previously,
+ cancelling jobs, and removing snapshot units. Previously,
both calls were only available on the Job and Snapshot
objects themselves.
container.
* nspawn will now mount its own devpts file system instance
- into the container, in order not to leake pty devices from
+ into the container, in order not to leak pty devices from
the host into the container.
* systemd will now read the firmware boot time performance
- from the EFI variables, if the used boot loader supports
- this, and take it into account for boot performance analysis
- via "systemd-analyze". This is currently supported only in
- conjunction with Gummiboot, but could be supported by other
- boot loaders too. For details see:
+ information from the EFI variables, if the used boot loader
+ supports this, and takes it into account for boot performance
+ analysis via "systemd-analyze". This is currently supported
+ only in conjunction with Gummiboot, but could be supported
+ by other boot loaders too. For details see:
http://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface
* A new generator has been added that automatically mounts the
EFI System Partition (ESP) to /boot, if that directory
- exists, is empty, and no other partition has been configured
- to be mounted there.
+ exists, is empty, and no other file system has been
+ configured to be mounted there.
* logind will now send out PrepareForSleep(false) out
unconditionally, after coming back from suspend. This may be
configuration of files and directories (with wildcards) that
shall be excluded from automatic cleanup ("aging").
- * udev permission rules are now only applied for "add" events,
- no longer for "change" events.
+ * udev default rules set the device node permissions now only
+ at "add" events, and do not change them any longer with a
+ later "change" event.
* The log messages for lid events and power/sleep keypresses
now carry a message ID.
* Operations such as "systemctl start" can now be executed
with a new mode "--irreversible" which may be used to queue
operations that cannot accidentally be reversed by a later
- job queuing. This is by default use to make shutdown
+ job queuing. This is by default used to make shutdown
requests more robust.
* The Python API of systemd now gained a new module for
http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec
* Boot time console output has been improved to provide
- animated boot time output.
+ animated boot time output for hanging jobs.
* A new tool systemd-activate has been added which can be used
to test socket activation with, directly from the command
* journalctl gained a new "--reverse" (or -r) option to show
journal output in reverse order (i.e. newest line first).
+ * journalctl gained a new "--pager-end" (or -e) option to jump
+ to immediately jump to the end of the journal in the
+ pager. This is only supported in conjunction with "less".
+
* journalctl gained a new "--user-unit=" option, that works
similar to "--unit=" but filters for user units rather than
system units.
* The journal files are now owned by a new group
"systemd-journal", which exists specifically to allow access
to the journal, and nothing else. Previously, we used the
- "adm" group for that, which however possible covers more
+ "adm" group for that, which however possibly covers more
than just journal/log file access. This new group is now
already used by systemd-journal-gatewayd to ensure this
daemon gets access to the journal files and as little else
up for /var/log/journal to give "adm" and "wheel" read
access to it, in addition to "systemd-journal" which owns
the journal files. We recommend that packaging scripts also
- add read access to "adm", "wheel" to /var/log/journal, and
+ add read access to "adm" + "wheel" to /var/log/journal, and
all existing/future journal files. To normal users and
administrators little changes, however packagers need to
ensure to create the "systemd-journal" system group at
* The pstore file system is now mounted by default, if it is
available.
+ * In addition to the SELinux and IMA policies we will now also
+ load SMACK policies at early boot.
+
Contributions from: Adel Gadllah, Aleksander Morgado, Auke
Kok, Ayan George, Bastien Nocera, Colin Walters, Daniel Buch,
Daniel Wallace, Dave Reisner, David Herrmann, David Strauss,
the underlying file system of a journal file is capable of
properly reporting file change notifications, or whether
applications that want to reflect journal changes "live"
- need to recheck journal files continously in appropriate
+ need to recheck journal files continuously in appropriate
time intervals.
* It is now possible to set the "age" field for tmpfiles
* There's now a new RPM macro definition for the system preset
dir: %_presetdir.
- * journald will now warn if it can't foward a message to the
+ * journald will now warn if it can't forward a message to the
syslog daemon because it's socket is full.
* timedated will no longer write or process /etc/timezone,
the maximum number of iterations to run for. It also gained
-b, to run in batch mode (accepting no input).
- * The suffix ".service" may now be ommited on most systemctl
+ * The suffix ".service" may now be omitted on most systemctl
command lines involving service unit names.
* There's a new bus call in logind to lock all sessions, as
* Show /etc/os-release data in systemd-analyze output
- * Many bugfixes for the journal, including endianess fixes and
+ * Many bugfixes for the journal, including endianness fixes and
ensuring that disk space enforcement works
* sd-login.h is C++ comptaible again
understood to set system wide environment variables
dynamically at boot.
- * We now limit the set of capabilities of systemd-journald.
+ * We now limit the set of capabilities of systemd-journald.
* We now set SIGPIPE to ignore by default, since it only is
useful in shell pipelines, and has little use in general
~ianmdlvl / elogind.git / blobdiff