X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=NEWS;h=5560355b9010a6a3e86bbec310921ffa45caaff6;hp=673db06f32050e3bc9f030fe71d5ba48d706e333;hb=e2f2fb786059fbed410938f16e5cc8b851366b14;hpb=156f7d09add8fc93cae8a3f13adcb2564931fee4 diff --git a/NEWS b/NEWS index 673db06f3..5560355b9 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,456 @@ systemd System and Service Manager +CHANGES WITH 205: + + * Two new unit types have been introduced: + + Scope units are very similar to service units, however, are + created out of pre-existing processes -- instead of PID 1 + forking off the processes. By using scope units it is + possible for system services and applications to group their + own child processes (worker processes) in a powerful way + which then maybe used to organize them, or kill them + together, or apply resource limits on them. + + Slice units may be used to partition system resources in an + hierarchial fashion and then assign other units to them. By + default there are now three slices: system.slice (for all + system services), user.slice (for all user sessions), + machine.slice (for VMs and containers). + + Slices and scopes have been introduced primarily in + context of the work to move cgroup handling to a + single-writer scheme, where only PID 1 + creates/removes/manages cgroups. + + * There's a new concept of "transient" units. In contrast to + normal units these units are created via an API at runtime, + not from configuration from disk. More specifically this + means it is now possible to run arbitrary programs as + independent services, with all execution parameters passed + in via bus APIs rather than read from disk. Transient units + make systemd substantially more dynamic then it ever was, + and useful as a general batch manager. + + * logind has been updated to make use of scope and slice units + for managing user sessions. As a user logs in he will get + his own private slice unit, to which all sessions are added + as scope units. We also added support for automatically + adding an instance of user@.service for the user into the + slice. Effectively logind will no longer create cgroup + hierarchies on its own now, it will defer entirely to PID 1 + for this by means of scope, service and slice units. Since + user sessions this way become entities managed by PID 1 + the output of "systemctl" is now a lot more comprehensive. + + * A new mini-daemon "systemd-machined" has been added which + may be used by virtualization managers to register local + VMs/containers. nspawn has been updated accordingly, and + libvirt will be updated shortly. machined will collect a bit + of meta information about the VMs/containers, and assign + them their own scope unit (see above). The collected + meta-data is then made available via the "machinectl" tool, + and exposed in "ps" and similar tools. machined/machinectl + is compile-time optional. + + * As discussed earlier, the low-level cgroup configuration + options ControlGroup=, ControlGroupModify=, + ControlGroupPersistent=, ControlGroupAttribute= have been + removed. Please use high-level attribute settings instead as + well as slice units. + + * A new bus call SetUnitProperties() has been added to alter + various runtime parameters of a unit. This is primarily + useful to alter cgroup parameters dynamically in a nice way, + but will be extended later on to make more properties + modifiable at runtime. systemctl gained a new set-properties + command that wraps this call. + + * A new tool "systemd-run" has been added which can be used to + run arbitrary command lines as transient services or scopes, + while configuring a number of settings via the command + line. This tool is currently very basic, however already + very useful. We plan to extend this tool to even allow + queuing of execution jobs with time triggers from the + command line, similar in fashion to "at". + + * nspawn will now inform the user explicitly that kernels with + audit enabled break containers, and suggest the user to turn + off audit. + + * Support for detecting the IMA and AppArmor security + frameworks with ConditionSecurity= has been added. + + * journalctl gained a new "-k" switch for showing only kernel + messages, mimicking dmesg output; in addition to "--user" + and "--system" switches for showing only user's own logs + and system logs. + + * systemd-delta can now show information about drop-in + snippets extending unit files. + + * libsystemd-bus has been substantially updated but is still + not available as public API. + + * systemd will now look for the "debug" argument on the kernel + command line and enable debug logging, similar to + "systemd.log_level=debug" already did before. + + * "systemctl set-default", "systemctl get-default" has been + added to configure the default.target symlink, which + controls what to boot into by default. + + * "systemctl set-log-level" has been added as a convenient + way to raise and lower systemd logging threshold. + + * "systemd-analyze plot" will now show the time the various + generators needed for execution, as well as information + about the unit file loading. + + * libsystemd-journal gained a new sd_journal_open_files() call + for opening specific journal files. journactl also gained a + new switch to expose this new functionality. Previously we + only supported opening all files from a directory, or all + files from the system, as opening individual files only is + racy due to journal file rotation. + + * systemd gained the new DefaultEnvironment= setting in + /etc/systemd/system.conf to set environment variables for + all services. + + * If a privileged process logs a journal message with the + OBJECT_PID= field set, then journald will automatically + augment this with additional OBJECT_UID=, OBJECT_GID=, + OBJECT_COMM=, OBJECT_EXE=, ... fields. This is useful if + system services want to log events about specific client + processes. journactl/systemctl has been updated to make use + of this information if all log messages regarding a specific + unit is requested. + + Contributions from: Auke Kok, Chengwei Yang, Colin Walters, + Cristian Rodríguez, Daniel Albers, Daniel Wallace, Dave + Reisner, David Coppa, David King, David Strauss, Eelco + Dolstra, Gabriel de Perthuis, Harald Hoyer, Jan Alexander + Steffens, Jan Engelhardt, Jan Janssen, Jason St. John, Johan + Heikkilä, Karel Zak, Karol Lewandowski, Kay Sievers, Lennart + Poettering, Lukas Nykryn, Mantas Mikulėnas, Marius Vollmer, + Martin Pitt, Michael Biebl, Michael Olbrich, Michael Tremer, + Michal Schmidt, Michał Bartoszkiewicz, Nirbheek Chauhan, + Pierre Neidhardt, Ross Burton, Ross Lagerwall, Sean McGovern, + Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar, + Václav Pavlín, Zachary Cook, Zbigniew Jędrzejewski-Szmek, + Łukasz Stelmach, 장동준 + +CHANGES WITH 204: + + * The Python bindings gained some minimal support for the APIs + exposed by libsystemd-logind. + + * ConditionSecurity= gained support for detecting SMACK. Since + this condition already supports SELinux and AppArmor we only + miss IMA for this. Patches welcome! + + Contributions from: Karol Lewandowski, Lennart Poettering, + Zbigniew Jędrzejewski-Szmek + +CHANGES WITH 203: + + * systemd-nspawn will now create /etc/resolv.conf if + necessary, before bind-mounting the host's file onto it. + + * systemd-nspawn will now store meta information about a + container on the container's cgroup as extended attribute + fields, including the root directory. + + * The cgroup hierarchy has been reworked in many ways. All + objects any of the components systemd creates in the cgroup + tree are now suffixed. More specifically, user sessions are + now placed in cgroups suffixed with ".session", users in + cgroups suffixed with ".user", and nspawn containers in + cgroups suffixed with ".nspawn". Furthermore, all cgroup + names are now escaped in a simple scheme to avoid collision + of userspace object names with kernel filenames. This work + is preparation for making these objects relocatable in the + cgroup tree, in order to allow easy resource partitioning of + these objects without causing naming conflicts. + + * systemctl list-dependencies gained the new switches + --plain, --reverse, --after and --before. + + * systemd-inhibit now shows the process name of processes that + have taken an inhibitor lock. + + * nss-myhostname will now also resolve "localhost" + implicitly. This makes /etc/hosts an optional file and + nicely handles that on IPv6 ::1 maps to both "localhost" and + the local hostname. + + * libsystemd-logind.so gained a new call + sd_get_machine_names() to enumerate running containers and + VMs (currently only supported by very new libvirt and + nspawn). sd_login_monitor can now be used to watch + VMs/containers coming and going. + + * .include is not allowed recursively anymore, and only in + unit files. Usually it is better to use drop-in snippets in + .d/*.conf anyway, as introduced with systemd 198. + + * systemd-analyze gained a new "critical-chain" command that + determines the slowest chain of units run during system + boot-up. It is very useful for tracking down where + optimizing boot time is the most beneficial. + + * systemd will no longer allow manipulating service paths in + the name=systemd:/system cgroup tree using ControlGroup= in + units. (But is still fine with it in all other dirs.) + + * There's a new systemd-nspawn@.service service file that may + be used to easily run nspawn containers as system + services. With the container's root directory in + /var/lib/container/foobar it is now sufficient to run + "systemctl start systemd-nspawn@foobar.service" to boot it. + + * systemd-cgls gained a new parameter "--machine" to list only + the processes within a certain container. + + * ConditionSecurity= now can check for "apparmor". We still + are lacking checks for SMACK and IMA for this condition + check though. Patches welcome! + + * A new configuration file /etc/systemd/sleep.conf has been + added that may be used to configure which kernel operation + systemd is supposed to execute when "suspend", "hibernate" + or "hybrid-sleep" is requested. This makes the new kernel + "freeze" state accessible to the user. + + * ENV{SYSTEMD_WANTS} in udev rules will now implicitly escape + the passed argument if applicable. + + Contributions from: Auke Kok, Colin Guthrie, Colin Walters, + Cristian Rodríguez, Daniel Buch, Daniel Wallace, Dave Reisner, + Evangelos Foutras, Greg Kroah-Hartman, Harald Hoyer, Josh + Triplett, Kay Sievers, Lennart Poettering, Lukas Nykryn, + MUNEDA Takahiro, Mantas Mikulėnas, Mirco Tischler, Nathaniel + Chen, Nirbheek Chauhan, Ronny Chevalier, Ross Lagerwall, Tom + Gundersen, Umut Tezduyar, Ville Skyttä, Zbigniew + Jędrzejewski-Szmek + +CHANGES WITH 202: + + * The output of 'systemctl list-jobs' got some polishing. The + '--type=' argument may now be passed more than once. A new + command 'systemctl list-sockets' has been added which shows + a list of kernel sockets systemd is listening on with the + socket units they belong to, plus the units these socket + units activate. + + * The experimental libsystemd-bus library got substantial + updates to work in conjunction with the (also experimental) + kdbus kernel project. It works well enough to exchange + messages with some sophistication. Note that kdbus is not + ready yet, and the library is mostly an elaborate test case + for now, and not installable. + + * systemd gained a new unit 'systemd-static-nodes.service' + that generates static device nodes earlier during boot, and + can run in conjunction with udev. + + * libsystemd-login gained a new call sd_pid_get_user_unit() + to retrieve the user systemd unit a process is running + in. This is useful for systems where systemd is used as + session manager. + + * systemd-nspawn now places all containers in the new /machine + top-level cgroup directory in the name=systemd + hierarchy. libvirt will soon do the same, so that we get a + uniform separation of /system, /user and /machine for system + services, user processes and containers/virtual + machines. This new cgroup hierarchy is also useful to stick + stable names to specific container instances, which can be + recognized later this way (this name may be controlled + via systemd-nspawn's new -M switch). libsystemd-login also + gained a new call sd_pid_get_machine_name() to retrieve the + name of the container/VM a specific process belongs to. + + * bootchart can now store its data in the journal. + + * libsystemd-journal gained a new call + sd_journal_add_conjunction() for AND expressions to the + matching logic. This can be used to express more complex + logical expressions. + + * journactl can now take multiple --unit= and --user-unit= + switches. + + * The cryptsetup logic now understands the "luks.key=" kernel + command line switch for specifying a file to read the + decryption key from. Also, if a configured key file is not + found the tool will now automatically fall back to prompting + the user. + + * Python systemd.journal module was updated to wrap recently + added functions from libsystemd-journal. The interface was + changed to bring the low level interface in s.j._Reader + closer to the C API, and the high level interface in + s.j.Reader was updated to wrap and convert all data about + an entry. + + Contributions from: Anatol Pomozov, Auke Kok, Harald Hoyer, + Henrik Grindal Bakken, Josh Triplett, Kay Sievers, Lennart + Poettering, Lukas Nykryn, Mantas Mikulėnas Marius Vollmer, + Martin Jansa, Martin Pitt, Michael Biebl, Michal Schmidt, + Mirco Tischler, Pali Rohar, Simon Peeters, Steven Hiscocks, + Tom Gundersen, Zbigniew Jędrzejewski-Szmek + +CHANGES WITH 201: + + * journalctl --update-catalog now understands a new --root= + option to operate on catalogs found in a different root + directory. + + * During shutdown after systemd has terminated all running + services a final killing loop kills all remaining left-over + processes. We will now print the name of these processes + when we send SIGKILL to them, since this usually indicates a + problem. + + * If /etc/crypttab refers to password files stored on + configured mount points automatic dependencies will now be + generated to ensure the specific mount is established first + before the key file is attempted to be read. + + * 'systemctl status' will now show information about the + network sockets a socket unit is listening on. + + * 'systemctl status' will also shown information about any + drop-in configuration file for units. (Drop-In configuration + files in this context are files such as + /etc/systemd/systemd/foobar.service.d/*.conf) + + * systemd-cgtop now optionally shows summed up CPU times of + cgroups. Press '%' while running cgtop to switch between + percentage and absolute mode. This is useful to determine + which cgroups use up the most CPU time over the entire + runtime of the system. systemd-cgtop has also been updated + to be 'pipeable' for processing with further shell tools. + + * 'hostnamectl set-hostname' will now allow setting of FQDN + hostnames. + + * The formatting and parsing of time span values has been + changed. The parser now understands fractional expressions + such as "5.5h". The formatter will now output fractional + expressions for all time spans under 1min, i.e. "5.123456s" + rather than "5s 123ms 456us". For time spans under 1s + millisecond values are shown, for those under 1ms + microsecond values are shown. This should greatly improve + all time-related output of systemd. + + * libsystemd-login and libsystemd-journal gained new + functions for querying the poll() events mask and poll() + timeout value for integration into arbitrary event + loops. + + * localectl gained the ability to list available X11 keymaps + (models, layouts, variants, options). + + * 'systemd-analyze dot' gained the ability to filter for + specific units via shell-style globs, to create smaller, + more useful graphs. I.e. it's now possible to create simple + graphs of all the dependencies between only target units, or + of all units that Avahi has dependencies with. + + Contributions from: Cristian Rodríguez, Dr. Tilmann Bubeck, + Harald Hoyer, Holger Hans Peter Freyther, Kay Sievers, Kelly + Anderson, Koen Kooi, Lennart Poettering, Maksim Melnikau, + Marc-Antoine Perennou, Marius Vollmer, Martin Pitt, Michal + Schmidt, Oleksii Shevchuk, Ronny Chevalier, Simon McVittie, + Steven Hiscocks, Thomas Weißschuh, Umut Tezduyar, Václav + Pavlín, Zbigniew Jędrzejewski-Szmek, Łukasz Stelmach + +CHANGES WITH 200: + + * The boot-time readahead implementation for rotating media + will now read the read-ahead data in multiple passes which + consist of all read requests made in equidistant time + intervals. This means instead of strictly reading read-ahead + data in its physical order on disk we now try to find a + middle ground between physical and access time order. + + * /etc/os-release files gained a new BUILD_ID= field for usage + on operating systems that provide continuous builds of OS + images. + + Contributions from: Auke Kok, Eelco Dolstra, Kay Sievers, + Lennart Poettering, Lukas Nykryn, Martin Pitt, Václav Pavlín + William Douglas, Zbigniew Jędrzejewski-Szmek + +CHANGES WITH 199: + + * systemd-python gained an API exposing libsystemd-daemon. + + * The SMACK setup logic gained support for uploading CIPSO + security policy. + + * Behaviour of PrivateTmp=, ReadWriteDirectories=, + ReadOnlyDirectories= and InaccessibleDirectories= has + changed. The private /tmp and /var/tmp directories are now + shared by all processes of a service (which means + ExecStartPre= may now leave data in /tmp that ExecStart= of + the same service can still access). When a service is + stopped its temporary directories are immediately deleted + (normal clean-up with tmpfiles is still done in addition to + this though). + + * By default, systemd will now set a couple of sysctl + variables in the kernel: the safe sysrq options are turned + on, IP route verification is turned on, and source routing + disabled. The recently added hardlink and softlink + protection of the kernel is turned on. These settings should + be reasonably safe, and good defaults for all new systems. + + * The predictable network naming logic may now be turned off + with a new kernel command line switch: net.ifnames=0. + + * A new libsystemd-bus module has been added that implements a + pretty complete D-Bus client library. For details see: + + http://lists.freedesktop.org/archives/systemd-devel/2013-March/009797.html + + * journald will now explicitly flush the journal files to disk + at the latest 5min after each write. The file will then also + be marked offline until the next write. This should increase + reliability in case of a crash. The synchronization delay + can be configured via SyncIntervalSec= in journald.conf. + + * There's a new remote-fs-setup.target unit that can be used + to pull in specific services when at least one remote file + system is to be mounted. + + * There are new targets timers.target and paths.target as + canonical targets to pull user timer and path units in + from. This complements sockets.target with a similar + purpose for socket units. + + * libudev gained a new call udev_device_set_attribute_value() + to set sysfs attributes of a device. + + * The udev daemon now sets the default number of worker + processes executed in parallel based on the number of available + CPUs instead of the amount of available RAM. This is supposed + to provide a more reliable default and limit a too aggressive + paralellism for setups with 1000s of devices connected. + + Contributions from: Auke Kok, Colin Walters, Cristian + Rodríguez, Daniel Buch, Dave Reisner, Frederic Crozat, Hannes + Reinecke, Harald Hoyer, Jan Alexander Steffens, Jan + Engelhardt, Josh Triplett, Kay Sievers, Lennart Poettering, + Mantas Mikulėnas, Martin Pitt, Mathieu Bridon, Michael Biebl, + Michal Schmidt, Michal Sekletar, Miklos Vajna, Nathaniel Chen, + Oleksii Shevchuk, Ozan Çağlayan, Thomas Hindoe Paaboel + Andersen, Tollef Fog Heen, Tom Gundersen, Umut Tezduyar, + Zbigniew Jędrzejewski-Szmek + CHANGES WITH 198: * Configuration of unit files may now be extended via drop-in @@ -7,7 +458,7 @@ CHANGES WITH 198: themselves. More specifically, if the administrator wants to change one value for a service file foobar.service he can now do so by dropping in a configuration snippet into - /etc/systemd/systemd/foobar.service.d/*.conf. The unit logic + /etc/systemd/system/foobar.service.d/*.conf. The unit logic will load all these snippets and apply them on top of the main unit configuration file, possibly extending or overriding its settings. Using these drop-in snippets is @@ -22,7 +473,7 @@ CHANGES WITH 198: for them too. * Most unit file settings which take lists of items can now be - reset by assigning an empty strings to them. For example, + reset by assigning the empty string to them. For example, normally, settings such as Environment=FOO=BAR append a new environment variable assignment to the environment block, each time they are used. By assigning Environment= the empty @@ -44,36 +495,36 @@ CHANGES WITH 198: for all units. More specifically, you can now use a command like "systemctl set-cgroup-attr foobar.service cpu.shares 2000" to alter the CPU shares a specific service gets. These - settings are stores persistently on disk, and thus allow the + settings are stored persistently on disk, and thus allow the administrator to easily adjust the resource usage of services with a few simple commands. This dynamic resource - management logic is also available to other services via the + management logic is also available to other programs via the bus. Almost any kernel cgroup attribute and controller is supported. * systemd-vconsole-setup will now copy all font settings to - all open VTs, where it previously applied them only to the - foreground VT. + all allocated VTs, where it previously applied them only to + the foreground VT. * libsystemd-login gained the new sd_session_get_tty() API call. - * This release drops support with a few - legacy/distribution-specific LSB facility names when parsing - init scripts: $x-display-manager, $mail-transfer-agent, + * This release drops support for a few legacy or + distribution-specific LSB facility names when parsing init + scripts: $x-display-manager, $mail-transfer-agent, $mail-transport-agent, $mail-transfer-agent, $smtp, $null. Also, the mail-transfer-agent.target unit backing this has been removed. Distributions which want to retain - compatibility with this should carry the burden for support - this themselves and patch support for these back in if they - really need to. Also, the facilities $syslog and $local_fs - are now ignored, since systemd does not support early-boot - LSB init scripts anymore, and these facilities are implied - anyway for normal services. syslog.target has also been - removed. + compatibility with this should carry the burden for + supporting this themselves and patch support for these back + in, if they really need to. Also, the facilities $syslog and + $local_fs are now ignored, since systemd does not support + early-boot LSB init scripts anymore, and these facilities + are implied anyway for normal services. syslog.target has + also been removed. * There are new bus calls on PID1's Manager object for - canceling jobs, and removing snapshot units. Previously, + cancelling jobs, and removing snapshot units. Previously, both calls were only available on the Job and Snapshot objects themselves. @@ -104,22 +555,22 @@ CHANGES WITH 198: container. * nspawn will now mount its own devpts file system instance - into the container, in order not to leake pty devices from + into the container, in order not to leak pty devices from the host into the container. * systemd will now read the firmware boot time performance - from the EFI variables, if the used boot loader supports - this, and take it into account for boot performance analysis - via "systemd-analyze". This is currently supported only in - conjunction with Gummiboot, but could be supported by other - boot loaders too. For details see: + information from the EFI variables, if the used boot loader + supports this, and takes it into account for boot performance + analysis via "systemd-analyze". This is currently supported + only in conjunction with Gummiboot, but could be supported + by other boot loaders too. For details see: http://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface * A new generator has been added that automatically mounts the EFI System Partition (ESP) to /boot, if that directory - exists, is empty, and no other partition has been configured - to be mounted there. + exists, is empty, and no other file system has been + configured to be mounted there. * logind will now send out PrepareForSleep(false) out unconditionally, after coming back from suspend. This may be @@ -181,7 +632,7 @@ CHANGES WITH 198: * Operations such as "systemctl start" can now be executed with a new mode "--irreversible" which may be used to queue operations that cannot accidentally be reversed by a later - job queuing. This is by default use to make shutdown + job queuing. This is by default used to make shutdown requests more robust. * The Python API of systemd now gained a new module for @@ -193,7 +644,7 @@ CHANGES WITH 198: http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec * Boot time console output has been improved to provide - animated boot time output. + animated boot time output for hanging jobs. * A new tool systemd-activate has been added which can be used to test socket activation with, directly from the command @@ -203,6 +654,10 @@ CHANGES WITH 198: * journalctl gained a new "--reverse" (or -r) option to show journal output in reverse order (i.e. newest line first). + * journalctl gained a new "--pager-end" (or -e) option to jump + to immediately jump to the end of the journal in the + pager. This is only supported in conjunction with "less". + * journalctl gained a new "--user-unit=" option, that works similar to "--unit=" but filters for user units rather than system units. @@ -214,7 +669,7 @@ CHANGES WITH 198: * The journal files are now owned by a new group "systemd-journal", which exists specifically to allow access to the journal, and nothing else. Previously, we used the - "adm" group for that, which however possible covers more + "adm" group for that, which however possibly covers more than just journal/log file access. This new group is now already used by systemd-journal-gatewayd to ensure this daemon gets access to the journal files and as little else @@ -222,7 +677,7 @@ CHANGES WITH 198: up for /var/log/journal to give "adm" and "wheel" read access to it, in addition to "systemd-journal" which owns the journal files. We recommend that packaging scripts also - add read access to "adm", "wheel" to /var/log/journal, and + add read access to "adm" + "wheel" to /var/log/journal, and all existing/future journal files. To normal users and administrators little changes, however packagers need to ensure to create the "systemd-journal" system group at @@ -439,7 +894,7 @@ CHANGES WITH 196: the underlying file system of a journal file is capable of properly reporting file change notifications, or whether applications that want to reflect journal changes "live" - need to recheck journal files continously in appropriate + need to recheck journal files continuously in appropriate time intervals. * It is now possible to set the "age" field for tmpfiles @@ -772,7 +1227,7 @@ CHANGES WITH 190: * There's now a new RPM macro definition for the system preset dir: %_presetdir. - * journald will now warn if it can't foward a message to the + * journald will now warn if it can't forward a message to the syslog daemon because it's socket is full. * timedated will no longer write or process /etc/timezone, @@ -907,7 +1362,7 @@ CHANGES WITH 188: the maximum number of iterations to run for. It also gained -b, to run in batch mode (accepting no input). - * The suffix ".service" may now be ommited on most systemctl + * The suffix ".service" may now be omitted on most systemctl command lines involving service unit names. * There's a new bus call in logind to lock all sessions, as @@ -1396,7 +1851,7 @@ CHANGES WITH 44: * Show /etc/os-release data in systemd-analyze output - * Many bugfixes for the journal, including endianess fixes and + * Many bugfixes for the journal, including endianness fixes and ensuring that disk space enforcement works * sd-login.h is C++ comptaible again @@ -1484,7 +1939,7 @@ CHANGES WITH 41: understood to set system wide environment variables dynamically at boot. - * We now limit the set of capabilities of systemd-journald. + * We now limit the set of capabilities of systemd-journald. * We now set SIGPIPE to ignore by default, since it only is useful in shell pipelines, and has little use in general