X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=NEWS;h=60c669e92ab07f0f5e76d699a65c20882dadd055;hp=b04f1b5bc7db2eacbbbb9f8767dc79bc294fca1e;hb=80cfe9e163b1c92f917e0a5e053b148fca790677;hpb=8ad2685909f988602eca32ccba5c8ea4159e7f2e diff --git a/NEWS b/NEWS index b04f1b5bc..60c669e92 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,351 @@ systemd System and Service Manager +CHANGES WITH 200: + + * The boot-time readahead implementation for rotating media + will now read the read-ahead data in multiple passes which + consist of all read requests made in equidistant time + intervals. This means instead of strictly reading read-ahead + data in its physical order on disk we now try to find a + middle ground between physical and access time order. + + * /etc/os-release files gained a new BUILD_ID= field for usage + on operating systems that provide continuous builds of OS + images. + + Contributions from: Auke Kok, Eelco Dolstra, Kay Sievers, + Lennart Poettering, Lukas Nykryn, Martin Pitt, Václav Pavlín + William Douglas, Zbigniew Jędrzejewski-Szmek + +CHANGES WITH 199: + + * systemd-python gained an API exposing libsystemd-daemon. + + * The SMACK setup logic gained support for uploading CIPSO + security policy. + + * Behaviour of PrivateTmp=, ReadWriteDirectories=, + ReadOnlyDirectories= and InaccessibleDirectories= has + changed. The private /tmp and /var/tmp directories are now + shared by all processes of a service (which means + ExecStartPre= may now leave data in /tmp that ExecStart= of + the same service can still access). When a service is + stopped its temporary directories are immediately deleted + (normal clean-up with tmpfiles is still done in addition to + this though). + + * By default, systemd will now set a couple of sysctl + variables in the kernel: the safe sysrq options are turned + on, IP route verification is turned on, and source routing + disabled. The recently added hardlink and softlink + protection of the kernel is turned on. These settings should + be reasonably safe, and good defaults for all new systems. + + * The predictable network naming logic may now be turned off + with a new kernel command line switch: net.ifnames=0. + + * A new libsystemd-bus module has been added that implements a + pretty complete D-Bus client library. For details see: + + http://lists.freedesktop.org/archives/systemd-devel/2013-March/009797.html + + * journald will now explicitly flush the journal files to disk + at the latest 5min after each write. The file will then also + be marked offline until the next write. This should increase + reliability in case of a crash. The synchronization delay + can be configured via SyncIntervalSec= in journald.conf. + + * There's a new remote-fs-setup.target unit that can be used + to pull in specific services when at least one remote file + system is to be mounted. + + * There are new targets timers.target and paths.target as + canonical targets to pull user timer and path units in + from. This complements sockets.target with a similar + purpose for socket units. + + * libudev gained a new call udev_device_set_attribute_value() + to set sysfs attributes of a device. + + * The udev daemon now sets the default number of worker + processes executed in parallel based on the number of available + CPUs instead of the amount of available RAM. This is supposed + to provide a more reliable default and limit a too agressive + paralellism for setups with 1000s of devices connected. + + Contributions from: Auke Kok, Colin Walters, Cristian + Rodríguez, Daniel Buch, Dave Reisner, Frederic Crozat, Hannes + Reinecke, Harald Hoyer, Jan Alexander Steffens, Jan + Engelhardt, Josh Triplett, Kay Sievers, Lennart Poettering, + Mantas Mikulėnas, Martin Pitt, Mathieu Bridon, Michael Biebl, + Michal Schmidt, Michal Sekletar, Miklos Vajna, Nathaniel Chen, + Oleksii Shevchuk, Ozan Çağlayan, Thomas Hindoe Paaboel + Andersen, Tollef Fog Heen, Tom Gundersen, Umut Tezduyar, + Zbigniew Jędrzejewski-Szmek + +CHANGES WITH 198: + + * Configuration of unit files may now be extended via drop-in + files without having to edit/override the unit files + themselves. More specifically, if the administrator wants to + change one value for a service file foobar.service he can + now do so by dropping in a configuration snippet into + /etc/systemd/system/foobar.service.d/*.conf. The unit logic + will load all these snippets and apply them on top of the + main unit configuration file, possibly extending or + overriding its settings. Using these drop-in snippets is + generally nicer than the two earlier options for changing + unit files locally: copying the files from + /usr/lib/systemd/system/ to /etc/systemd/system/ and editing + them there; or creating a new file in /etc/systemd/system/ + that incorporates the original one via ".include". Drop-in + snippets into these .d/ directories can be placed in any + directory systemd looks for units in, and the usual + overriding semantics between /usr/lib, /etc and /run apply + for them too. + + * Most unit file settings which take lists of items can now be + reset by assigning the empty string to them. For example, + normally, settings such as Environment=FOO=BAR append a new + environment variable assignment to the environment block, + each time they are used. By assigning Environment= the empty + string the environment block can be reset to empty. This is + particularly useful with the .d/*.conf drop-in snippets + mentioned above, since this adds the ability to reset list + settings from vendor unit files via these drop-ins. + + * systemctl gained a new "list-dependencies" command for + listing the dependencies of a unit recursively. + + * Inhibitors are now honored and listed by "systemctl + suspend", "systemctl poweroff" (and similar) too, not only + GNOME. These commands will also list active sessions by + other users. + + * Resource limits (as exposed by the various control group + controllers) can now be controlled dynamically at runtime + for all units. More specifically, you can now use a command + like "systemctl set-cgroup-attr foobar.service cpu.shares + 2000" to alter the CPU shares a specific service gets. These + settings are stored persistently on disk, and thus allow the + administrator to easily adjust the resource usage of + services with a few simple commands. This dynamic resource + management logic is also available to other programs via the + bus. Almost any kernel cgroup attribute and controller is + supported. + + * systemd-vconsole-setup will now copy all font settings to + all allocated VTs, where it previously applied them only to + the foreground VT. + + * libsystemd-login gained the new sd_session_get_tty() API + call. + + * This release drops support for a few legacy or + distribution-specific LSB facility names when parsing init + scripts: $x-display-manager, $mail-transfer-agent, + $mail-transport-agent, $mail-transfer-agent, $smtp, + $null. Also, the mail-transfer-agent.target unit backing + this has been removed. Distributions which want to retain + compatibility with this should carry the burden for + supporting this themselves and patch support for these back + in, if they really need to. Also, the facilities $syslog and + $local_fs are now ignored, since systemd does not support + early-boot LSB init scripts anymore, and these facilities + are implied anyway for normal services. syslog.target has + also been removed. + + * There are new bus calls on PID1's Manager object for + cancelling jobs, and removing snapshot units. Previously, + both calls were only available on the Job and Snapshot + objects themselves. + + * systemd-journal-gatewayd gained SSL support. + + * The various "environment" files, such as /etc/locale.conf + now support continuation lines with a backslash ("\") as + last character in the line, similar in style (but different) + to how this is supported in shells. + + * For normal user processes the _SYSTEMD_USER_UNIT= field is + now implicitly appended to every log entry logged. systemctl + has been updated to filter by this field when operating on a + user systemd instance. + + * nspawn will now implicitly add the CAP_AUDIT_WRITE and + CAP_AUDIT_CONTROL capabilities to the capabilities set for + the container. This makes it easier to boot unmodified + Fedora systems in a container, which however still requires + audit=0 to be passed on the kernel command line. Auditing in + kernel and userspace is unfortunately still too broken in + context of containers, hence we recommend compiling it out + of the kernel or using audit=0. Hopefully this will be fixed + one day for good in the kernel. + + * nspawn gained the new --bind= and --bind-ro= parameters to + bind mount specific directories from the host into the + container. + + * nspawn will now mount its own devpts file system instance + into the container, in order not to leak pty devices from + the host into the container. + + * systemd will now read the firmware boot time performance + information from the EFI variables, if the used boot loader + supports this, and takes it into account for boot performance + analysis via "systemd-analyze". This is currently supported + only in conjunction with Gummiboot, but could be supported + by other boot loaders too. For details see: + + http://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface + + * A new generator has been added that automatically mounts the + EFI System Partition (ESP) to /boot, if that directory + exists, is empty, and no other file system has been + configured to be mounted there. + + * logind will now send out PrepareForSleep(false) out + unconditionally, after coming back from suspend. This may be + used by applications as asynchronous notification for + system resume events. + + * "systemctl unlock-sessions" has been added, that allows + unlocking the screens of all user sessions at once, similar + how "systemctl lock-sessions" already locked all users + sessions. This is backed by a new D-Bus call UnlockSessions(). + + * "loginctl seat-status" will now show the master device of a + seat. (i.e. the device of a seat that needs to be around for + the seat to be considered available, usually the graphics + card). + + * tmpfiles gained a new "X" line type, that allows + configuration of files and directories (with wildcards) that + shall be excluded from automatic cleanup ("aging"). + + * udev default rules set the device node permissions now only + at "add" events, and do not change them any longer with a + later "change" event. + + * The log messages for lid events and power/sleep keypresses + now carry a message ID. + + * We now have a substantially larger unit test suite, but this + continues to be work in progress. + + * udevadm hwdb gained a new --root= parameter to change the + root directory to operate relative to. + + * logind will now issue a background sync() request to the kernel + early at shutdown, so that dirty buffers are flushed to disk early + instead of at the last moment, in order to optimize shutdown + times a little. + + * A new bootctl tool has been added that is an interface for + certain boot loader operations. This is currently a preview + and is likely to be extended into a small mechanism daemon + like timedated, localed, hostnamed, and can be used by + graphical UIs to enumerate available boot options, and + request boot into firmware operations. + + * systemd-bootchart has been relicensed to LGPLv2.1+ to match + the rest of the package. It also has been updated to work + correctly in initrds. + + * Policykit previously has been runtime optional, and is now + also compile time optional via a configure switch. + + * systemd-analyze has been reimplemented in C. Also "systemctl + dot" has moved into systemd-analyze. + + * "systemctl status" with no further parameters will now print + the status of all active or failed units. + + * Operations such as "systemctl start" can now be executed + with a new mode "--irreversible" which may be used to queue + operations that cannot accidentally be reversed by a later + job queuing. This is by default used to make shutdown + requests more robust. + + * The Python API of systemd now gained a new module for + reading journal files. + + * A new tool kernel-install has been added that can install + kernel images according to the Boot Loader Specification: + + http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec + + * Boot time console output has been improved to provide + animated boot time output for hanging jobs. + + * A new tool systemd-activate has been added which can be used + to test socket activation with, directly from the command + line. This should make it much easier to test and debug + socket activation in daemons. + + * journalctl gained a new "--reverse" (or -r) option to show + journal output in reverse order (i.e. newest line first). + + * journalctl gained a new "--pager-end" (or -e) option to jump + to immediately jump to the end of the journal in the + pager. This is only supported in conjunction with "less". + + * journalctl gained a new "--user-unit=" option, that works + similar to "--unit=" but filters for user units rather than + system units. + + * A number of unit files to ease adoption of systemd in + initrds has been added. This moves some minimal logic from + the various initrd implementations into systemd proper. + + * The journal files are now owned by a new group + "systemd-journal", which exists specifically to allow access + to the journal, and nothing else. Previously, we used the + "adm" group for that, which however possibly covers more + than just journal/log file access. This new group is now + already used by systemd-journal-gatewayd to ensure this + daemon gets access to the journal files and as little else + as possible. Note that "make install" will also set FS ACLs + up for /var/log/journal to give "adm" and "wheel" read + access to it, in addition to "systemd-journal" which owns + the journal files. We recommend that packaging scripts also + add read access to "adm" + "wheel" to /var/log/journal, and + all existing/future journal files. To normal users and + administrators little changes, however packagers need to + ensure to create the "systemd-journal" system group at + package installation time. + + * The systemd-journal-gatewayd now runs as unprivileged user + systemd-journal-gateway:systemd-journal-gateway. Packaging + scripts need to create these system user/group at + installation time. + + * timedated now exposes a new boolean property CanNTP that + indicates whether a local NTP service is available or not. + + * systemd-detect-virt will now also detect xen PVs + + * The pstore file system is now mounted by default, if it is + available. + + * In addition to the SELinux and IMA policies we will now also + load SMACK policies at early boot. + + Contributions from: Adel Gadllah, Aleksander Morgado, Auke + Kok, Ayan George, Bastien Nocera, Colin Walters, Daniel Buch, + Daniel Wallace, Dave Reisner, David Herrmann, David Strauss, + Eelco Dolstra, Enrico Scholz, Frederic Crozat, Harald Hoyer, + Jan Janssen, Jonathan Callen, Kay Sievers, Lennart Poettering, + Lukas Nykryn, Mantas Mikulėnas, Marc-Antoine Perennou, Martin + Pitt, Mauro Dreissig, Max F. Albrecht, Michael Biebl, Michael + Olbrich, Michal Schmidt, Michal Sekletar, Michal Vyskocil, + Michał Bartoszkiewicz, Mirco Tischler, Nathaniel Chen, Nestor + Ovroy, Oleksii Shevchuk, Paul W. Frields, Piotr Drąg, Rob + Clark, Ryan Lortie, Simon McVittie, Simon Peeters, Steven + Hiscocks, Thomas Hindoe Paaboel Andersen, Tollef Fog Heen, Tom + Gundersen, Umut Tezduyar, William Giokas, Zbigniew + Jędrzejewski-Szmek, Zeeshan Ali (Khattak) + CHANGES WITH 197: * Timer units now support calendar time events in addition to