1 systemd System and Service Manager
5 * The Restart= option for services now understands a new
6 on-watchdog setting, which will restart the service
7 automatically if the service stops sending out watchdog keep
8 alive messages (as configured with WatchdogSec=).
10 * The getty generator (which is responsible for bringing up a
11 getty on configured serial consoles) will no longer only
12 start a getty on the primary kernel console but on all
13 others, too. This makes the order in which console= is
14 specified on the kernel command line less important.
16 * libsystemd-logind gained a new sd_session_get_vt() call to
17 retrieve the VT number of a session.
19 * If the option "tries=0" is set for an entry of /etc/crypttab
20 its passphrase is queried indefinitely instead of any
21 maximum number of tries.
23 * If a service with a configure PID file terminates its PID
24 file will now be removed automatically if it still exists
25 afterwards. This should put an end to stale PID files.
27 * systemd-run will now also take relative binary path names
28 for execution and no longer insists on absolute paths.
30 * InaccessibleDirectories= and ReadOnlyDirectories= now take
31 paths that are optionally prefixed with "-" to indicate that
32 it should not be considered a failure if they don't exist.
34 * journalctl -o (and similar commands) now understands a new
35 output mode "short-precise", it is similar to "short" but
36 shows timestamps with usec accuracy.
38 * The option "discard" (as known from Debian) is now
39 synonymous to "allow-discards" in /etc/crypttab. In fact,
40 the latter is preferred now (since it is easier to remember
43 * Some licensing clean-ups were made, so that more code is now
44 LGPL-2.1 licensed than before.
46 * A minimal tool to save/restore the display backlight
47 brightness across reboots has been added. It will store the
48 backlight setting as late as possible at shutdown, and
49 restore it as early as possible during reboot.
51 * A logic to automatically discover and enable home and swap
52 partitions on GPT disks has been added. With this in place
53 /etc/fstab becomes optional for many setups as systemd can
54 discover certain partitions located on the root disk
55 automatically. Home partitions are recognized under their
56 GPT type ID 933ac7e12eb44f13b8440e14e2aef915. Swap
57 partitions are recognized under their GPT type ID
58 0657fd6da4ab43c484e50933c84b4f4f.
60 * systemd will no longer pass any environment from the kernel
61 or initrd to system services. If you want to set an
62 environment for all services, do so via the kernel command
63 line systemd.setenv= assignment.
65 * The systemd-sysctl tool no longer natively reads the
66 file /etc/sysctl.conf. If desired, the file should be
67 symlinked from /etc/sysctl.d/99-sysctl.conf. Apart from
68 providing legacy support by a symlink rather than built-in
69 code, it also makes the otherwise hidden order of application
70 of the different files visible.
72 * The "systemctl set-log-level" and "systemctl dump" commands
73 have been moved to systemd-analyze.
75 * systemd-run learned the new --remain-after-exit switch,
76 which causes the scope unit not to be cleaned up
77 automatically after the process terminated.
79 * tmpfiles learned a new --exclude-prefix= switch to exclude
80 certain paths from operation.
82 * journald will now automatically flush all messages to disk
83 as soon as a message of the log priorities CRIT, ALERT or
86 Contributions from: Andrew Cook, Brandon Philips, Christian
87 Hesse, Christoph Junghans, Colin Walters, Daniel Schaal,
88 Daniel Wallace, Dave Reisner, David Herrmann, Gao feng, George
89 McCollister, Giovanni Campagna, Hannes Reinecke, Harald Hoyer,
90 Herczeg Zsolt, Holger Hans Peter Freyther, Jan Engelhardt,
91 Jesper Larsen, Kay Sievers, Khem Raj, Lennart Poettering,
92 Lukas Nykryn, Maciej Wereski, Mantas Mikulėnas, Marcel
93 Holtmann, Martin Pitt, Michael Biebl, Michael Marineau,
94 Michael Scherer, Michael Stapelberg, Michal Sekletar, Michał
95 Górny, Olivier Brunel, Ondrej Balaz, Ronny Chevalier, Shawn
96 Landden, Steven Hiscocks, Thomas Bächler, Thomas Hindoe
97 Paaboel Andersen, Tom Gundersen, Umut Tezduyar, WANG Chao,
98 William Giokas, Zbigniew Jędrzejewski-Szmek
100 -- Berlin, 2013-09-13
104 * The documentation has been updated to cover the various new
105 concepts introduced with 205.
107 * Unit files now understand the new %v specifier which
108 resolves to the kernel version string as returned by "uname
111 * systemctl now supports filtering the unit list output by
112 load state, active state and sub state, using the new
115 * "systemctl status" will now show the results of the
116 condition checks (like ConditionPathExists= and similar) of
117 the last start attempts of the unit. They are also logged to
120 * "journalctl -b" may now be used to look for boot output of a
121 specific boot. Try "journalctl -b -1" for the previous boot,
122 but the syntax is substantially more powerful.
124 * "journalctl --show-cursor" has been added which prints the
125 cursor string the last shown log line. This may then be used
126 with the new "journalctl --after-cursor=" switch to continue
127 browsing logs from that point on.
129 * "journalctl --force" may now be used to force regeneration
132 * Creation of "dead" device nodes has been moved from udev
133 into kmod and tmpfiles. Previously, udev would read the kmod
134 databases to pre-generate dead device nodes based on meta
135 information contained in kernel modules, so that these would
136 be auto-loaded on access rather then at boot. As this
137 doesn't really have much to do with the exposing actual
138 kernel devices to userspace this has always been slightly
139 alien in the udev codebase. Following the new scheme kmod
140 will now generate a runtime snippet for tmpfiles from the
141 module meta information and it now is tmpfiles' job to the
142 create the nodes. This also allows overriding access and
143 other parameters for the nodes using the usual tmpfiles
144 facilities. As side effect this allows us to remove the
145 CAP_SYS_MKNOD capability bit from udevd entirely.
147 * logind's device ACLs may now be applied to these "dead"
148 devices nodes too, thus finally allowing managed access to
149 devices such as /dev/snd/sequencer whithout loading the
150 backing module right-away.
152 * A new RPM macro has been added that may be used to apply
153 tmpfiles configuration during package installation.
155 * systemd-detect-virt and ConditionVirtualization= now can
156 detect User-Mode-Linux machines (UML).
158 * journald will now implicitly log the effective capabilities
159 set of processes in the message metadata.
161 * systemd-cryptsetup has gained support for TrueCrypt volumes.
163 * The initrd interface has been simplified (more specifically,
164 support for passing performance data via environment
165 variables and fsck results via files in /run has been
166 removed). These features were non-essential, and are
167 nowadays available in a much nicer way by having systemd in
168 the initrd serialize its state and have the hosts systemd
169 deserialize it again.
171 * The udev "keymap" data files and tools to apply keyboard
172 specific mappings of scan to key codes, and force-release
173 scan code lists have been entirely replaced by a udev
174 "keyboard" builtin and a hwdb data file.
176 * systemd will now honour the kernel's "quiet" command line
177 argument also during late shutdown, resulting in a
178 completely silent shutdown when used.
180 * There's now an option to control the SO_REUSEPORT socket
181 option in .socket units.
183 * Instance units will now automatically get a per-template
184 subslice of system.slice unless something else is explicitly
185 configured. For example, instances of sshd@.service will now
186 implicitly be placed in system-sshd.slice rather than
187 system.slice as before.
189 * Test coverage support may now be enabled at build time.
191 Contributions from: Dave Reisner, Frederic Crozat, Harald
192 Hoyer, Holger Hans Peter Freyther, Jan Engelhardt, Jan
193 Janssen, Jason St. John, Jesper Larsen, Kay Sievers, Lennart
194 Poettering, Lukas Nykryn, Maciej Wereski, Martin Pitt, Michael
195 Olbrich, Ramkumar Ramachandra, Ross Lagerwall, Shawn Landden,
196 Thomas H.P. Andersen, Tom Gundersen, Tomasz Torcz, William
197 Giokas, Zbigniew Jędrzejewski-Szmek
199 -- Berlin, 2013-07-23
203 * Two new unit types have been introduced:
205 Scope units are very similar to service units, however, are
206 created out of pre-existing processes -- instead of PID 1
207 forking off the processes. By using scope units it is
208 possible for system services and applications to group their
209 own child processes (worker processes) in a powerful way
210 which then maybe used to organize them, or kill them
211 together, or apply resource limits on them.
213 Slice units may be used to partition system resources in an
214 hierarchial fashion and then assign other units to them. By
215 default there are now three slices: system.slice (for all
216 system services), user.slice (for all user sessions),
217 machine.slice (for VMs and containers).
219 Slices and scopes have been introduced primarily in
220 context of the work to move cgroup handling to a
221 single-writer scheme, where only PID 1
222 creates/removes/manages cgroups.
224 * There's a new concept of "transient" units. In contrast to
225 normal units these units are created via an API at runtime,
226 not from configuration from disk. More specifically this
227 means it is now possible to run arbitrary programs as
228 independent services, with all execution parameters passed
229 in via bus APIs rather than read from disk. Transient units
230 make systemd substantially more dynamic then it ever was,
231 and useful as a general batch manager.
233 * logind has been updated to make use of scope and slice units
234 for managing user sessions. As a user logs in he will get
235 his own private slice unit, to which all sessions are added
236 as scope units. We also added support for automatically
237 adding an instance of user@.service for the user into the
238 slice. Effectively logind will no longer create cgroup
239 hierarchies on its own now, it will defer entirely to PID 1
240 for this by means of scope, service and slice units. Since
241 user sessions this way become entities managed by PID 1
242 the output of "systemctl" is now a lot more comprehensive.
244 * A new mini-daemon "systemd-machined" has been added which
245 may be used by virtualization managers to register local
246 VMs/containers. nspawn has been updated accordingly, and
247 libvirt will be updated shortly. machined will collect a bit
248 of meta information about the VMs/containers, and assign
249 them their own scope unit (see above). The collected
250 meta-data is then made available via the "machinectl" tool,
251 and exposed in "ps" and similar tools. machined/machinectl
252 is compile-time optional.
254 * As discussed earlier, the low-level cgroup configuration
255 options ControlGroup=, ControlGroupModify=,
256 ControlGroupPersistent=, ControlGroupAttribute= have been
257 removed. Please use high-level attribute settings instead as
260 * A new bus call SetUnitProperties() has been added to alter
261 various runtime parameters of a unit. This is primarily
262 useful to alter cgroup parameters dynamically in a nice way,
263 but will be extended later on to make more properties
264 modifiable at runtime. systemctl gained a new set-properties
265 command that wraps this call.
267 * A new tool "systemd-run" has been added which can be used to
268 run arbitrary command lines as transient services or scopes,
269 while configuring a number of settings via the command
270 line. This tool is currently very basic, however already
271 very useful. We plan to extend this tool to even allow
272 queuing of execution jobs with time triggers from the
273 command line, similar in fashion to "at".
275 * nspawn will now inform the user explicitly that kernels with
276 audit enabled break containers, and suggest the user to turn
279 * Support for detecting the IMA and AppArmor security
280 frameworks with ConditionSecurity= has been added.
282 * journalctl gained a new "-k" switch for showing only kernel
283 messages, mimicking dmesg output; in addition to "--user"
284 and "--system" switches for showing only user's own logs
287 * systemd-delta can now show information about drop-in
288 snippets extending unit files.
290 * libsystemd-bus has been substantially updated but is still
291 not available as public API.
293 * systemd will now look for the "debug" argument on the kernel
294 command line and enable debug logging, similar to
295 "systemd.log_level=debug" already did before.
297 * "systemctl set-default", "systemctl get-default" has been
298 added to configure the default.target symlink, which
299 controls what to boot into by default.
301 * "systemctl set-log-level" has been added as a convenient
302 way to raise and lower systemd logging threshold.
304 * "systemd-analyze plot" will now show the time the various
305 generators needed for execution, as well as information
306 about the unit file loading.
308 * libsystemd-journal gained a new sd_journal_open_files() call
309 for opening specific journal files. journactl also gained a
310 new switch to expose this new functionality. Previously we
311 only supported opening all files from a directory, or all
312 files from the system, as opening individual files only is
313 racy due to journal file rotation.
315 * systemd gained the new DefaultEnvironment= setting in
316 /etc/systemd/system.conf to set environment variables for
319 * If a privileged process logs a journal message with the
320 OBJECT_PID= field set, then journald will automatically
321 augment this with additional OBJECT_UID=, OBJECT_GID=,
322 OBJECT_COMM=, OBJECT_EXE=, ... fields. This is useful if
323 system services want to log events about specific client
324 processes. journactl/systemctl has been updated to make use
325 of this information if all log messages regarding a specific
328 Contributions from: Auke Kok, Chengwei Yang, Colin Walters,
329 Cristian Rodríguez, Daniel Albers, Daniel Wallace, Dave
330 Reisner, David Coppa, David King, David Strauss, Eelco
331 Dolstra, Gabriel de Perthuis, Harald Hoyer, Jan Alexander
332 Steffens, Jan Engelhardt, Jan Janssen, Jason St. John, Johan
333 Heikkilä, Karel Zak, Karol Lewandowski, Kay Sievers, Lennart
334 Poettering, Lukas Nykryn, Mantas Mikulėnas, Marius Vollmer,
335 Martin Pitt, Michael Biebl, Michael Olbrich, Michael Tremer,
336 Michal Schmidt, Michał Bartoszkiewicz, Nirbheek Chauhan,
337 Pierre Neidhardt, Ross Burton, Ross Lagerwall, Sean McGovern,
338 Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar,
339 Václav Pavlín, Zachary Cook, Zbigniew Jędrzejewski-Szmek,
344 * The Python bindings gained some minimal support for the APIs
345 exposed by libsystemd-logind.
347 * ConditionSecurity= gained support for detecting SMACK. Since
348 this condition already supports SELinux and AppArmor we only
349 miss IMA for this. Patches welcome!
351 Contributions from: Karol Lewandowski, Lennart Poettering,
352 Zbigniew Jędrzejewski-Szmek
356 * systemd-nspawn will now create /etc/resolv.conf if
357 necessary, before bind-mounting the host's file onto it.
359 * systemd-nspawn will now store meta information about a
360 container on the container's cgroup as extended attribute
361 fields, including the root directory.
363 * The cgroup hierarchy has been reworked in many ways. All
364 objects any of the components systemd creates in the cgroup
365 tree are now suffixed. More specifically, user sessions are
366 now placed in cgroups suffixed with ".session", users in
367 cgroups suffixed with ".user", and nspawn containers in
368 cgroups suffixed with ".nspawn". Furthermore, all cgroup
369 names are now escaped in a simple scheme to avoid collision
370 of userspace object names with kernel filenames. This work
371 is preparation for making these objects relocatable in the
372 cgroup tree, in order to allow easy resource partitioning of
373 these objects without causing naming conflicts.
375 * systemctl list-dependencies gained the new switches
376 --plain, --reverse, --after and --before.
378 * systemd-inhibit now shows the process name of processes that
379 have taken an inhibitor lock.
381 * nss-myhostname will now also resolve "localhost"
382 implicitly. This makes /etc/hosts an optional file and
383 nicely handles that on IPv6 ::1 maps to both "localhost" and
386 * libsystemd-logind.so gained a new call
387 sd_get_machine_names() to enumerate running containers and
388 VMs (currently only supported by very new libvirt and
389 nspawn). sd_login_monitor can now be used to watch
390 VMs/containers coming and going.
392 * .include is not allowed recursively anymore, and only in
393 unit files. Usually it is better to use drop-in snippets in
394 .d/*.conf anyway, as introduced with systemd 198.
396 * systemd-analyze gained a new "critical-chain" command that
397 determines the slowest chain of units run during system
398 boot-up. It is very useful for tracking down where
399 optimizing boot time is the most beneficial.
401 * systemd will no longer allow manipulating service paths in
402 the name=systemd:/system cgroup tree using ControlGroup= in
403 units. (But is still fine with it in all other dirs.)
405 * There's a new systemd-nspawn@.service service file that may
406 be used to easily run nspawn containers as system
407 services. With the container's root directory in
408 /var/lib/container/foobar it is now sufficient to run
409 "systemctl start systemd-nspawn@foobar.service" to boot it.
411 * systemd-cgls gained a new parameter "--machine" to list only
412 the processes within a certain container.
414 * ConditionSecurity= now can check for "apparmor". We still
415 are lacking checks for SMACK and IMA for this condition
416 check though. Patches welcome!
418 * A new configuration file /etc/systemd/sleep.conf has been
419 added that may be used to configure which kernel operation
420 systemd is supposed to execute when "suspend", "hibernate"
421 or "hybrid-sleep" is requested. This makes the new kernel
422 "freeze" state accessible to the user.
424 * ENV{SYSTEMD_WANTS} in udev rules will now implicitly escape
425 the passed argument if applicable.
427 Contributions from: Auke Kok, Colin Guthrie, Colin Walters,
428 Cristian Rodríguez, Daniel Buch, Daniel Wallace, Dave Reisner,
429 Evangelos Foutras, Greg Kroah-Hartman, Harald Hoyer, Josh
430 Triplett, Kay Sievers, Lennart Poettering, Lukas Nykryn,
431 MUNEDA Takahiro, Mantas Mikulėnas, Mirco Tischler, Nathaniel
432 Chen, Nirbheek Chauhan, Ronny Chevalier, Ross Lagerwall, Tom
433 Gundersen, Umut Tezduyar, Ville Skyttä, Zbigniew
438 * The output of 'systemctl list-jobs' got some polishing. The
439 '--type=' argument may now be passed more than once. A new
440 command 'systemctl list-sockets' has been added which shows
441 a list of kernel sockets systemd is listening on with the
442 socket units they belong to, plus the units these socket
445 * The experimental libsystemd-bus library got substantial
446 updates to work in conjunction with the (also experimental)
447 kdbus kernel project. It works well enough to exchange
448 messages with some sophistication. Note that kdbus is not
449 ready yet, and the library is mostly an elaborate test case
450 for now, and not installable.
452 * systemd gained a new unit 'systemd-static-nodes.service'
453 that generates static device nodes earlier during boot, and
454 can run in conjunction with udev.
456 * libsystemd-login gained a new call sd_pid_get_user_unit()
457 to retrieve the user systemd unit a process is running
458 in. This is useful for systems where systemd is used as
461 * systemd-nspawn now places all containers in the new /machine
462 top-level cgroup directory in the name=systemd
463 hierarchy. libvirt will soon do the same, so that we get a
464 uniform separation of /system, /user and /machine for system
465 services, user processes and containers/virtual
466 machines. This new cgroup hierarchy is also useful to stick
467 stable names to specific container instances, which can be
468 recognized later this way (this name may be controlled
469 via systemd-nspawn's new -M switch). libsystemd-login also
470 gained a new call sd_pid_get_machine_name() to retrieve the
471 name of the container/VM a specific process belongs to.
473 * bootchart can now store its data in the journal.
475 * libsystemd-journal gained a new call
476 sd_journal_add_conjunction() for AND expressions to the
477 matching logic. This can be used to express more complex
480 * journactl can now take multiple --unit= and --user-unit=
483 * The cryptsetup logic now understands the "luks.key=" kernel
484 command line switch for specifying a file to read the
485 decryption key from. Also, if a configured key file is not
486 found the tool will now automatically fall back to prompting
489 * Python systemd.journal module was updated to wrap recently
490 added functions from libsystemd-journal. The interface was
491 changed to bring the low level interface in s.j._Reader
492 closer to the C API, and the high level interface in
493 s.j.Reader was updated to wrap and convert all data about
496 Contributions from: Anatol Pomozov, Auke Kok, Harald Hoyer,
497 Henrik Grindal Bakken, Josh Triplett, Kay Sievers, Lennart
498 Poettering, Lukas Nykryn, Mantas Mikulėnas Marius Vollmer,
499 Martin Jansa, Martin Pitt, Michael Biebl, Michal Schmidt,
500 Mirco Tischler, Pali Rohar, Simon Peeters, Steven Hiscocks,
501 Tom Gundersen, Zbigniew Jędrzejewski-Szmek
505 * journalctl --update-catalog now understands a new --root=
506 option to operate on catalogs found in a different root
509 * During shutdown after systemd has terminated all running
510 services a final killing loop kills all remaining left-over
511 processes. We will now print the name of these processes
512 when we send SIGKILL to them, since this usually indicates a
515 * If /etc/crypttab refers to password files stored on
516 configured mount points automatic dependencies will now be
517 generated to ensure the specific mount is established first
518 before the key file is attempted to be read.
520 * 'systemctl status' will now show information about the
521 network sockets a socket unit is listening on.
523 * 'systemctl status' will also shown information about any
524 drop-in configuration file for units. (Drop-In configuration
525 files in this context are files such as
526 /etc/systemd/systemd/foobar.service.d/*.conf)
528 * systemd-cgtop now optionally shows summed up CPU times of
529 cgroups. Press '%' while running cgtop to switch between
530 percentage and absolute mode. This is useful to determine
531 which cgroups use up the most CPU time over the entire
532 runtime of the system. systemd-cgtop has also been updated
533 to be 'pipeable' for processing with further shell tools.
535 * 'hostnamectl set-hostname' will now allow setting of FQDN
538 * The formatting and parsing of time span values has been
539 changed. The parser now understands fractional expressions
540 such as "5.5h". The formatter will now output fractional
541 expressions for all time spans under 1min, i.e. "5.123456s"
542 rather than "5s 123ms 456us". For time spans under 1s
543 millisecond values are shown, for those under 1ms
544 microsecond values are shown. This should greatly improve
545 all time-related output of systemd.
547 * libsystemd-login and libsystemd-journal gained new
548 functions for querying the poll() events mask and poll()
549 timeout value for integration into arbitrary event
552 * localectl gained the ability to list available X11 keymaps
553 (models, layouts, variants, options).
555 * 'systemd-analyze dot' gained the ability to filter for
556 specific units via shell-style globs, to create smaller,
557 more useful graphs. I.e. it's now possible to create simple
558 graphs of all the dependencies between only target units, or
559 of all units that Avahi has dependencies with.
561 Contributions from: Cristian Rodríguez, Dr. Tilmann Bubeck,
562 Harald Hoyer, Holger Hans Peter Freyther, Kay Sievers, Kelly
563 Anderson, Koen Kooi, Lennart Poettering, Maksim Melnikau,
564 Marc-Antoine Perennou, Marius Vollmer, Martin Pitt, Michal
565 Schmidt, Oleksii Shevchuk, Ronny Chevalier, Simon McVittie,
566 Steven Hiscocks, Thomas Weißschuh, Umut Tezduyar, Václav
567 Pavlín, Zbigniew Jędrzejewski-Szmek, Łukasz Stelmach
571 * The boot-time readahead implementation for rotating media
572 will now read the read-ahead data in multiple passes which
573 consist of all read requests made in equidistant time
574 intervals. This means instead of strictly reading read-ahead
575 data in its physical order on disk we now try to find a
576 middle ground between physical and access time order.
578 * /etc/os-release files gained a new BUILD_ID= field for usage
579 on operating systems that provide continuous builds of OS
582 Contributions from: Auke Kok, Eelco Dolstra, Kay Sievers,
583 Lennart Poettering, Lukas Nykryn, Martin Pitt, Václav Pavlín
584 William Douglas, Zbigniew Jędrzejewski-Szmek
588 * systemd-python gained an API exposing libsystemd-daemon.
590 * The SMACK setup logic gained support for uploading CIPSO
593 * Behaviour of PrivateTmp=, ReadWriteDirectories=,
594 ReadOnlyDirectories= and InaccessibleDirectories= has
595 changed. The private /tmp and /var/tmp directories are now
596 shared by all processes of a service (which means
597 ExecStartPre= may now leave data in /tmp that ExecStart= of
598 the same service can still access). When a service is
599 stopped its temporary directories are immediately deleted
600 (normal clean-up with tmpfiles is still done in addition to
603 * By default, systemd will now set a couple of sysctl
604 variables in the kernel: the safe sysrq options are turned
605 on, IP route verification is turned on, and source routing
606 disabled. The recently added hardlink and softlink
607 protection of the kernel is turned on. These settings should
608 be reasonably safe, and good defaults for all new systems.
610 * The predictable network naming logic may now be turned off
611 with a new kernel command line switch: net.ifnames=0.
613 * A new libsystemd-bus module has been added that implements a
614 pretty complete D-Bus client library. For details see:
616 http://lists.freedesktop.org/archives/systemd-devel/2013-March/009797.html
618 * journald will now explicitly flush the journal files to disk
619 at the latest 5min after each write. The file will then also
620 be marked offline until the next write. This should increase
621 reliability in case of a crash. The synchronization delay
622 can be configured via SyncIntervalSec= in journald.conf.
624 * There's a new remote-fs-setup.target unit that can be used
625 to pull in specific services when at least one remote file
626 system is to be mounted.
628 * There are new targets timers.target and paths.target as
629 canonical targets to pull user timer and path units in
630 from. This complements sockets.target with a similar
631 purpose for socket units.
633 * libudev gained a new call udev_device_set_attribute_value()
634 to set sysfs attributes of a device.
636 * The udev daemon now sets the default number of worker
637 processes executed in parallel based on the number of available
638 CPUs instead of the amount of available RAM. This is supposed
639 to provide a more reliable default and limit a too aggressive
640 paralellism for setups with 1000s of devices connected.
642 Contributions from: Auke Kok, Colin Walters, Cristian
643 Rodríguez, Daniel Buch, Dave Reisner, Frederic Crozat, Hannes
644 Reinecke, Harald Hoyer, Jan Alexander Steffens, Jan
645 Engelhardt, Josh Triplett, Kay Sievers, Lennart Poettering,
646 Mantas Mikulėnas, Martin Pitt, Mathieu Bridon, Michael Biebl,
647 Michal Schmidt, Michal Sekletar, Miklos Vajna, Nathaniel Chen,
648 Oleksii Shevchuk, Ozan Çağlayan, Thomas Hindoe Paaboel
649 Andersen, Tollef Fog Heen, Tom Gundersen, Umut Tezduyar,
650 Zbigniew Jędrzejewski-Szmek
654 * Configuration of unit files may now be extended via drop-in
655 files without having to edit/override the unit files
656 themselves. More specifically, if the administrator wants to
657 change one value for a service file foobar.service he can
658 now do so by dropping in a configuration snippet into
659 /etc/systemd/system/foobar.service.d/*.conf. The unit logic
660 will load all these snippets and apply them on top of the
661 main unit configuration file, possibly extending or
662 overriding its settings. Using these drop-in snippets is
663 generally nicer than the two earlier options for changing
664 unit files locally: copying the files from
665 /usr/lib/systemd/system/ to /etc/systemd/system/ and editing
666 them there; or creating a new file in /etc/systemd/system/
667 that incorporates the original one via ".include". Drop-in
668 snippets into these .d/ directories can be placed in any
669 directory systemd looks for units in, and the usual
670 overriding semantics between /usr/lib, /etc and /run apply
673 * Most unit file settings which take lists of items can now be
674 reset by assigning the empty string to them. For example,
675 normally, settings such as Environment=FOO=BAR append a new
676 environment variable assignment to the environment block,
677 each time they are used. By assigning Environment= the empty
678 string the environment block can be reset to empty. This is
679 particularly useful with the .d/*.conf drop-in snippets
680 mentioned above, since this adds the ability to reset list
681 settings from vendor unit files via these drop-ins.
683 * systemctl gained a new "list-dependencies" command for
684 listing the dependencies of a unit recursively.
686 * Inhibitors are now honored and listed by "systemctl
687 suspend", "systemctl poweroff" (and similar) too, not only
688 GNOME. These commands will also list active sessions by
691 * Resource limits (as exposed by the various control group
692 controllers) can now be controlled dynamically at runtime
693 for all units. More specifically, you can now use a command
694 like "systemctl set-cgroup-attr foobar.service cpu.shares
695 2000" to alter the CPU shares a specific service gets. These
696 settings are stored persistently on disk, and thus allow the
697 administrator to easily adjust the resource usage of
698 services with a few simple commands. This dynamic resource
699 management logic is also available to other programs via the
700 bus. Almost any kernel cgroup attribute and controller is
703 * systemd-vconsole-setup will now copy all font settings to
704 all allocated VTs, where it previously applied them only to
707 * libsystemd-login gained the new sd_session_get_tty() API
710 * This release drops support for a few legacy or
711 distribution-specific LSB facility names when parsing init
712 scripts: $x-display-manager, $mail-transfer-agent,
713 $mail-transport-agent, $mail-transfer-agent, $smtp,
714 $null. Also, the mail-transfer-agent.target unit backing
715 this has been removed. Distributions which want to retain
716 compatibility with this should carry the burden for
717 supporting this themselves and patch support for these back
718 in, if they really need to. Also, the facilities $syslog and
719 $local_fs are now ignored, since systemd does not support
720 early-boot LSB init scripts anymore, and these facilities
721 are implied anyway for normal services. syslog.target has
724 * There are new bus calls on PID1's Manager object for
725 cancelling jobs, and removing snapshot units. Previously,
726 both calls were only available on the Job and Snapshot
729 * systemd-journal-gatewayd gained SSL support.
731 * The various "environment" files, such as /etc/locale.conf
732 now support continuation lines with a backslash ("\") as
733 last character in the line, similar in style (but different)
734 to how this is supported in shells.
736 * For normal user processes the _SYSTEMD_USER_UNIT= field is
737 now implicitly appended to every log entry logged. systemctl
738 has been updated to filter by this field when operating on a
739 user systemd instance.
741 * nspawn will now implicitly add the CAP_AUDIT_WRITE and
742 CAP_AUDIT_CONTROL capabilities to the capabilities set for
743 the container. This makes it easier to boot unmodified
744 Fedora systems in a container, which however still requires
745 audit=0 to be passed on the kernel command line. Auditing in
746 kernel and userspace is unfortunately still too broken in
747 context of containers, hence we recommend compiling it out
748 of the kernel or using audit=0. Hopefully this will be fixed
749 one day for good in the kernel.
751 * nspawn gained the new --bind= and --bind-ro= parameters to
752 bind mount specific directories from the host into the
755 * nspawn will now mount its own devpts file system instance
756 into the container, in order not to leak pty devices from
757 the host into the container.
759 * systemd will now read the firmware boot time performance
760 information from the EFI variables, if the used boot loader
761 supports this, and takes it into account for boot performance
762 analysis via "systemd-analyze". This is currently supported
763 only in conjunction with Gummiboot, but could be supported
764 by other boot loaders too. For details see:
766 http://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface
768 * A new generator has been added that automatically mounts the
769 EFI System Partition (ESP) to /boot, if that directory
770 exists, is empty, and no other file system has been
771 configured to be mounted there.
773 * logind will now send out PrepareForSleep(false) out
774 unconditionally, after coming back from suspend. This may be
775 used by applications as asynchronous notification for
776 system resume events.
778 * "systemctl unlock-sessions" has been added, that allows
779 unlocking the screens of all user sessions at once, similar
780 how "systemctl lock-sessions" already locked all users
781 sessions. This is backed by a new D-Bus call UnlockSessions().
783 * "loginctl seat-status" will now show the master device of a
784 seat. (i.e. the device of a seat that needs to be around for
785 the seat to be considered available, usually the graphics
788 * tmpfiles gained a new "X" line type, that allows
789 configuration of files and directories (with wildcards) that
790 shall be excluded from automatic cleanup ("aging").
792 * udev default rules set the device node permissions now only
793 at "add" events, and do not change them any longer with a
794 later "change" event.
796 * The log messages for lid events and power/sleep keypresses
797 now carry a message ID.
799 * We now have a substantially larger unit test suite, but this
800 continues to be work in progress.
802 * udevadm hwdb gained a new --root= parameter to change the
803 root directory to operate relative to.
805 * logind will now issue a background sync() request to the kernel
806 early at shutdown, so that dirty buffers are flushed to disk early
807 instead of at the last moment, in order to optimize shutdown
810 * A new bootctl tool has been added that is an interface for
811 certain boot loader operations. This is currently a preview
812 and is likely to be extended into a small mechanism daemon
813 like timedated, localed, hostnamed, and can be used by
814 graphical UIs to enumerate available boot options, and
815 request boot into firmware operations.
817 * systemd-bootchart has been relicensed to LGPLv2.1+ to match
818 the rest of the package. It also has been updated to work
819 correctly in initrds.
821 * Policykit previously has been runtime optional, and is now
822 also compile time optional via a configure switch.
824 * systemd-analyze has been reimplemented in C. Also "systemctl
825 dot" has moved into systemd-analyze.
827 * "systemctl status" with no further parameters will now print
828 the status of all active or failed units.
830 * Operations such as "systemctl start" can now be executed
831 with a new mode "--irreversible" which may be used to queue
832 operations that cannot accidentally be reversed by a later
833 job queuing. This is by default used to make shutdown
834 requests more robust.
836 * The Python API of systemd now gained a new module for
837 reading journal files.
839 * A new tool kernel-install has been added that can install
840 kernel images according to the Boot Loader Specification:
842 http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec
844 * Boot time console output has been improved to provide
845 animated boot time output for hanging jobs.
847 * A new tool systemd-activate has been added which can be used
848 to test socket activation with, directly from the command
849 line. This should make it much easier to test and debug
850 socket activation in daemons.
852 * journalctl gained a new "--reverse" (or -r) option to show
853 journal output in reverse order (i.e. newest line first).
855 * journalctl gained a new "--pager-end" (or -e) option to jump
856 to immediately jump to the end of the journal in the
857 pager. This is only supported in conjunction with "less".
859 * journalctl gained a new "--user-unit=" option, that works
860 similar to "--unit=" but filters for user units rather than
863 * A number of unit files to ease adoption of systemd in
864 initrds has been added. This moves some minimal logic from
865 the various initrd implementations into systemd proper.
867 * The journal files are now owned by a new group
868 "systemd-journal", which exists specifically to allow access
869 to the journal, and nothing else. Previously, we used the
870 "adm" group for that, which however possibly covers more
871 than just journal/log file access. This new group is now
872 already used by systemd-journal-gatewayd to ensure this
873 daemon gets access to the journal files and as little else
874 as possible. Note that "make install" will also set FS ACLs
875 up for /var/log/journal to give "adm" and "wheel" read
876 access to it, in addition to "systemd-journal" which owns
877 the journal files. We recommend that packaging scripts also
878 add read access to "adm" + "wheel" to /var/log/journal, and
879 all existing/future journal files. To normal users and
880 administrators little changes, however packagers need to
881 ensure to create the "systemd-journal" system group at
882 package installation time.
884 * The systemd-journal-gatewayd now runs as unprivileged user
885 systemd-journal-gateway:systemd-journal-gateway. Packaging
886 scripts need to create these system user/group at
889 * timedated now exposes a new boolean property CanNTP that
890 indicates whether a local NTP service is available or not.
892 * systemd-detect-virt will now also detect xen PVs
894 * The pstore file system is now mounted by default, if it is
897 * In addition to the SELinux and IMA policies we will now also
898 load SMACK policies at early boot.
900 Contributions from: Adel Gadllah, Aleksander Morgado, Auke
901 Kok, Ayan George, Bastien Nocera, Colin Walters, Daniel Buch,
902 Daniel Wallace, Dave Reisner, David Herrmann, David Strauss,
903 Eelco Dolstra, Enrico Scholz, Frederic Crozat, Harald Hoyer,
904 Jan Janssen, Jonathan Callen, Kay Sievers, Lennart Poettering,
905 Lukas Nykryn, Mantas Mikulėnas, Marc-Antoine Perennou, Martin
906 Pitt, Mauro Dreissig, Max F. Albrecht, Michael Biebl, Michael
907 Olbrich, Michal Schmidt, Michal Sekletar, Michal Vyskocil,
908 Michał Bartoszkiewicz, Mirco Tischler, Nathaniel Chen, Nestor
909 Ovroy, Oleksii Shevchuk, Paul W. Frields, Piotr Drąg, Rob
910 Clark, Ryan Lortie, Simon McVittie, Simon Peeters, Steven
911 Hiscocks, Thomas Hindoe Paaboel Andersen, Tollef Fog Heen, Tom
912 Gundersen, Umut Tezduyar, William Giokas, Zbigniew
913 Jędrzejewski-Szmek, Zeeshan Ali (Khattak)
917 * Timer units now support calendar time events in addition to
918 monotonic time events. That means you can now trigger a unit
919 based on a calendar time specification such as "Thu,Fri
920 2013-*-1,5 11:12:13" which refers to 11:12:13 of the first
921 or fifth day of any month of the year 2013, given that it is
922 a thursday or friday. This brings timer event support
923 considerably closer to cron's capabilities. For details on
924 the supported calendar time specification language see
927 * udev now supports a number of different naming policies for
928 network interfaces for predictable names, and a combination
929 of these policies is now the default. Please see this wiki
930 document for details:
932 http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames
934 * Auke Kok's bootchart implementation has been added to the
935 systemd tree. It's an optional component that can graph the
936 boot in quite some detail. It's one of the best bootchart
937 implementations around and minimal in its code and
940 * nss-myhostname has been integrated into the systemd source
941 tree. nss-myhostname guarantees that the local hostname
942 always stays resolvable via NSS. It has been a weak
943 requirement of systemd-hostnamed since a long time, and
944 since its code is actually trivial we decided to just
945 include it in systemd's source tree. It can be turned off
946 with a configure switch.
948 * The read-ahead logic is now capable of properly detecting
949 whether a btrfs file system is on SSD or rotating media, in
950 order to optimize the read-ahead scheme. Previously, it was
951 only capable of detecting this on traditional file systems
954 * In udev, additional device properties are now read from the
955 IAB in addition to the OUI database. Also, Bluetooth company
956 identities are attached to the devices as well.
958 * In service files %U may be used as specifier that is
959 replaced by the configured user name of the service.
961 * nspawn may now be invoked without a controlling TTY. This
962 makes it suitable for invocation as its own service. This
963 may be used to set up a simple containerized server system
964 using only core OS tools.
966 * systemd and nspawn can now accept socket file descriptors
967 when they are started for socket activation. This enables
968 implementation of socket activated nspawn
969 containers. i.e. think about autospawning an entire OS image
970 when the first SSH or HTTP connection is received. We expect
971 that similar functionality will also be added to libvirt-lxc
974 * journalctl will now suppress ANSI color codes when
977 * systemctl will no longer show control group information for
978 a unit if a the control group is empty anyway.
980 * logind can now automatically suspend/hibernate/shutdown the
983 * /etc/machine-info and hostnamed now also expose the chassis
984 type of the system. This can be used to determine whether
985 the local system is a laptop, desktop, handset or
986 tablet. This information may either be configured by the
987 user/vendor or is automatically determined from ACPI and DMI
988 information if possible.
990 * A number of PolicyKit actions are now bound together with
991 "imply" rules. This should simplify creating UIs because
992 many actions will now authenticate similar ones as well.
994 * Unit files learnt a new condition ConditionACPower= which
995 may be used to conditionalize a unit depending on whether an
996 AC power source is connected or not, of whether the system
997 is running on battery power.
999 * systemctl gained a new "is-failed" verb that may be used in
1000 shell scripts and suchlike to check whether a specific unit
1001 is in the "failed" state.
1003 * The EnvironmentFile= setting in unit files now supports file
1004 globbing, and can hence be used to easily read a number of
1005 environment files at once.
1007 * systemd will no longer detect and recognize specific
1008 distributions. All distribution-specific #ifdeffery has been
1009 removed, systemd is now fully generic and
1010 distribution-agnostic. Effectively, not too much is lost as
1011 a lot of the code is still accessible via explicit configure
1012 switches. However, support for some distribution specific
1013 legacy configuration file formats has been dropped. We
1014 recommend distributions to simply adopt the configuration
1015 files everybody else uses now and convert the old
1016 configuration from packaging scripts. Most distributions
1017 already did that. If that's not possible or desirable,
1018 distributions are welcome to forward port the specific
1019 pieces of code locally from the git history.
1021 * When logging a message about a unit systemd will now always
1022 log the unit name in the message meta data.
1024 * localectl will now also discover system locale data that is
1025 not stored in locale archives, but directly unpacked.
1027 * logind will no longer unconditionally use framebuffer
1028 devices as seat masters, i.e. as devices that are required
1029 to be existing before a seat is considered preset. Instead,
1030 it will now look for all devices that are tagged as
1031 "seat-master" in udev. By default framebuffer devices will
1032 be marked as such, but depending on local systems other
1033 devices might be marked as well. This may be used to
1034 integrate graphics cards using closed source drivers (such
1035 as NVidia ones) more nicely into logind. Note however, that
1036 we recommend using the open source NVidia drivers instead,
1037 and no udev rules for the closed-source drivers will be
1038 shipped from us upstream.
1040 Contributions from: Adam Williamson, Alessandro Crismani, Auke
1041 Kok, Colin Walters, Daniel Wallace, Dave Reisner, David
1042 Herrmann, David Strauss, Dimitrios Apostolou, Eelco Dolstra,
1043 Eric Benoit, Giovanni Campagna, Hannes Reinecke, Henrik
1044 Grindal Bakken, Hermann Gausterer, Kay Sievers, Lennart
1045 Poettering, Lukas Nykryn, Mantas Mikulėnas, Marcel Holtmann,
1046 Martin Pitt, Matthew Monaco, Michael Biebl, Michael Terry,
1047 Michal Schmidt, Michal Sekletar, Michał Bartoszkiewicz, Oleg
1048 Samarin, Pekka Lundstrom, Philip Nilsson, Ramkumar
1049 Ramachandra, Richard Yao, Robert Millan, Sami Kerola, Shawn
1050 Landden, Thomas Hindoe Paaboel Andersen, Thomas Jarosch,
1051 Tollef Fog Heen, Tom Gundersen, Umut Tezduyar, Zbigniew
1056 * udev gained support for loading additional device properties
1057 from an indexed database that is keyed by vendor/product IDs
1058 and similar device identifiers. For the beginning this
1059 "hwdb" is populated with data from the well-known PCI and
1060 USB database, but also includes PNP, ACPI and OID data. In
1061 the longer run this indexed database shall grow into
1062 becoming the one central database for non-essential
1063 userspace device metadata. Previously, data from the PCI/USB
1064 database was only attached to select devices, since the
1065 lookup was a relatively expensive operation due to O(n) time
1066 complexity (with n being the number of entries in the
1067 database). Since this is now O(1), we decided to add in this
1068 data for all devices where this is available, by
1069 default. Note that the indexed database needs to be rebuilt
1070 when new data files are installed. To achieve this you need
1071 to update your packaging scripts to invoke "udevadm hwdb
1072 --update" after installation of hwdb data files. For
1073 RPM-based distributions we introduced the new
1074 %udev_hwdb_update macro for this purpose.
1076 * The Journal gained support for the "Message Catalog", an
1077 indexed database to link up additional information with
1078 journal entries. For further details please check:
1080 http://www.freedesktop.org/wiki/Software/systemd/catalog
1082 The indexed message catalog database also needs to be
1083 rebuilt after installation of message catalog files. Use
1084 "journalctl --update-catalog" for this. For RPM-based
1085 distributions we introduced the %journal_catalog_update
1086 macro for this purpose.
1088 * The Python Journal bindings gained support for the standard
1089 Python logging framework.
1091 * The Journal API gained new functions for checking whether
1092 the underlying file system of a journal file is capable of
1093 properly reporting file change notifications, or whether
1094 applications that want to reflect journal changes "live"
1095 need to recheck journal files continuously in appropriate
1098 * It is now possible to set the "age" field for tmpfiles
1099 entries to 0, indicating that files matching this entry
1100 shall always be removed when the directories are cleaned up.
1102 * coredumpctl gained a new "gdb" verb which invokes gdb
1103 right-away on the selected coredump.
1105 * There's now support for "hybrid sleep" on kernels that
1106 support this, in addition to "suspend" and "hibernate". Use
1107 "systemctl hybrid-sleep" to make use of this.
1109 * logind's HandleSuspendKey= setting (and related settings)
1110 now gained support for a new "lock" setting to simply
1111 request the screen lock on all local sessions, instead of
1112 actually executing a suspend or hibernation.
1114 * systemd will now mount the EFI variables file system by
1117 * Socket units now gained support for configuration of the
1118 SMACK security label.
1120 * timedatectl will now output the time of the last and next
1121 daylight saving change.
1123 * We dropped support for various legacy and distro-specific
1124 concepts, such as insserv, early-boot SysV services
1125 (i.e. those for non-standard runlevels such as 'b' or 'S')
1126 or ArchLinux /etc/rc.conf support. We recommend the
1127 distributions who still need support this to either continue
1128 to maintain the necessary patches downstream, or find a
1129 different solution. (Talk to us if you have questions!)
1131 * Various systemd components will now bypass PolicyKit checks
1132 for root and otherwise handle properly if PolicyKit is not
1133 found to be around. This should fix most issues for
1134 PolicyKit-less systems. Quite frankly this should have been
1135 this way since day one. It is absolutely our intention to
1136 make systemd work fine on PolicyKit-less systems, and we
1137 consider it a bug if something doesn't work as it should if
1138 PolicyKit is not around.
1140 * For embedded systems it is now possible to build udev and
1141 systemd without blkid and/or kmod support.
1143 * "systemctl switch-root" is now capable of switching root
1144 more than once. I.e. in addition to transitions from the
1145 initrd to the host OS it is now possible to transition to
1146 further OS images from the host. This is useful to implement
1147 offline updating tools.
1149 * Various other additions have been made to the RPM macros
1150 shipped with systemd. Use %udev_rules_update() after
1151 installing new udev rules files. %_udevhwdbdir,
1152 %_udevrulesdir, %_journalcatalogdir, %_tmpfilesdir,
1153 %_sysctldir are now available which resolve to the right
1154 directories for packages to place various data files in.
1156 * journalctl gained the new --full switch (in addition to
1157 --all, to disable ellipsation for long messages.
1159 Contributions from: Anders Olofsson, Auke Kok, Ben Boeckel,
1160 Colin Walters, Cosimo Cecchi, Daniel Wallace, Dave Reisner,
1161 Eelco Dolstra, Holger Hans Peter Freyther, Kay Sievers,
1162 Chun-Yi Lee, Lekensteyn, Lennart Poettering, Mantas Mikulėnas,
1163 Marti Raudsepp, Martin Pitt, Mauro Dreissig, Michael Biebl,
1164 Michal Schmidt, Michal Sekletar, Miklos Vajna, Nis Martensen,
1165 Oleksii Shevchuk, Olivier Brunel, Ramkumar Ramachandra, Thomas
1166 Bächler, Thomas Hindoe Paaboel Andersen, Tom Gundersen, Tony
1167 Camuso, Umut Tezduyar, Zbigniew Jędrzejewski-Szmek
1171 * journalctl gained new --since= and --until= switches to
1172 filter by time. It also now supports nice filtering for
1173 units via --unit=/-u.
1175 * Type=oneshot services may use ExecReload= and do the
1178 * The journal daemon now supports time-based rotation and
1179 vacuuming, in addition to the usual disk-space based
1182 * The journal will now index the available field values for
1183 each field name. This enables clients to show pretty drop
1184 downs of available match values when filtering. The bash
1185 completion of journalctl has been updated
1186 accordingly. journalctl gained a new switch -F to list all
1187 values a certain field takes in the journal database.
1189 * More service events are now written as structured messages
1190 to the journal, and made recognizable via message IDs.
1192 * The timedated, localed and hostnamed mini-services which
1193 previously only provided support for changing time, locale
1194 and hostname settings from graphical DEs such as GNOME now
1195 also have a minimal (but very useful) text-based client
1196 utility each. This is probably the nicest way to changing
1197 these settings from the command line now, especially since
1198 it lists available options and is fully integrated with bash
1201 * There's now a new tool "systemd-coredumpctl" to list and
1202 extract coredumps from the journal.
1204 * We now install a README each in /var/log/ and
1205 /etc/rc.d/init.d explaining where the system logs and init
1206 scripts went. This hopefully should help folks who go to
1207 that dirs and look into the otherwise now empty void and
1208 scratch their heads.
1210 * When user-services are invoked (by systemd --user) the
1211 $MANAGERPID env var is set to the PID of systemd.
1213 * SIGRTMIN+24 when sent to a --user instance will now result
1214 in immediate termination of systemd.
1216 * gatewayd received numerous feature additions such as a
1217 "follow" mode, for live syncing and filtering.
1219 * browse.html now allows filtering and showing detailed
1220 information on specific entries. Keyboard navigation and
1221 mouse screen support has been added.
1223 * gatewayd/journalctl now supports HTML5/JSON
1224 Server-Sent-Events as output.
1226 * The SysV init script compatibility logic will now
1227 heuristically determine whether a script supports the
1228 "reload" verb, and only then make this available as
1231 * "systemctl status --follow" has been removed, use "journalctl
1234 * journald.conf's RuntimeMinSize=, PersistentMinSize= settings
1235 have been removed since they are hardly useful to be
1238 * And I'd like to take the opportunity to specifically mention
1239 Zbigniew for his great contributions. Zbigniew, you rock!
1241 Contributions from: Andrew Eikum, Christian Hesse, Colin
1242 Guthrie, Daniel J Walsh, Dave Reisner, Eelco Dolstra, Ferenc
1243 Wágner, Kay Sievers, Lennart Poettering, Lukas Nykryn, Mantas
1244 Mikulėnas, Martin Mikkelsen, Martin Pitt, Michael Olbrich,
1245 Michael Stapelberg, Michal Schmidt, Sebastian Ott, Thomas
1246 Bächler, Umut Tezduyar, Will Woods, Wulf C. Krueger, Zbigniew
1247 Jędrzejewski-Szmek, Сковорода Никита Андреевич
1251 * If /etc/vconsole.conf is non-existent or empty we will no
1252 longer load any console font or key map at boot by
1253 default. Instead the kernel defaults will be left
1254 intact. This is definitely the right thing to do, as no
1255 configuration should mean no configuration, and hard-coding
1256 font names that are different on all archs is probably a bad
1257 idea. Also, the kernel default key map and font should be
1258 good enough for most cases anyway, and mostly identical to
1259 the userspace fonts/key maps we previously overloaded them
1260 with. If distributions want to continue to default to a
1261 non-kernel font or key map they should ship a default
1262 /etc/vconsole.conf with the appropriate contents.
1264 Contributions from: Colin Walters, Daniel J Walsh, Dave
1265 Reisner, Kay Sievers, Lennart Poettering, Lukas Nykryn, Tollef
1266 Fog Heen, Tom Gundersen, Zbigniew Jędrzejewski-Szmek
1270 * journalctl gained a new --cursor= switch to show entries
1271 starting from the specified location in the journal.
1273 * We now enforce a size limit on journal entry fields exported
1274 with "-o json" in journalctl. Fields larger than 4K will be
1275 assigned null. This can be turned off with --all.
1277 * An (optional) journal gateway daemon is now available as
1278 "systemd-journal-gatewayd.service". This service provides
1279 access to the journal via HTTP and JSON. This functionality
1280 will be used to implement live log synchronization in both
1281 pull and push modes, but has various other users too, such
1282 as easy log access for debugging of embedded devices. Right
1283 now it is already useful to retrieve the journal via HTTP:
1285 # systemctl start systemd-journal-gatewayd.service
1286 # wget http://localhost:19531/entries
1288 This will download the journal contents in a
1289 /var/log/messages compatible format. The same as JSON:
1291 # curl -H"Accept: application/json" http://localhost:19531/entries
1293 This service is also accessible via a web browser where a
1294 single static HTML5 app is served that uses the JSON logic
1295 to enable the user to do some basic browsing of the
1296 journal. This will be extended later on. Here's an example
1297 screenshot of this app in its current state:
1299 http://0pointer.de/public/journal-gatewayd
1301 Contributions from: Kay Sievers, Lennart Poettering, Robert
1302 Milasan, Tom Gundersen
1306 * The bash completion logic is now available for journalctl
1309 * We don't mount the "cpuset" controller anymore together with
1310 "cpu" and "cpuacct", as "cpuset" groups generally cannot be
1311 started if no parameters are assigned to it. "cpuset" hence
1312 broke code that assumed it it could create "cpu" groups and
1315 * journalctl -f will now subscribe to terminal size changes,
1316 and line break accordingly.
1318 Contributions from: Dave Reisner, Kay Sievers, Lennart
1319 Poettering, Lukas Nykrynm, Mirco Tischler, Václav Pavlín
1323 * nspawn will now create a symlink /etc/localtime in the
1324 container environment, copying the host's timezone
1325 setting. Previously this has been done via a bind mount, but
1326 since symlinks cannot be bind mounted this has now been
1327 changed to create/update the appropriate symlink.
1329 * journalctl -n's line number argument is now optional, and
1330 will default to 10 if omitted.
1332 * journald will now log the maximum size the journal files may
1333 take up on disk. This is particularly useful if the default
1334 built-in logic of determining this parameter from the file
1335 system size is used. Use "systemctl status
1336 systemd-journald.service" to see this information.
1338 * The multi-seat X wrapper tool has been stripped down. As X
1339 is now capable of enumerating graphics devices via udev in a
1340 seat-aware way the wrapper is not strictly necessary
1341 anymore. A stripped down temporary stop-gap is still shipped
1342 until the upstream display managers have been updated to
1343 fully support the new X logic. Expect this wrapper to be
1344 removed entirely in one of the next releases.
1346 * HandleSleepKey= in logind.conf has been split up into
1347 HandleSuspendKey= and HandleHibernateKey=. The old setting
1348 is not available anymore. X11 and the kernel are
1349 distuingishing between these keys and we should too. This
1350 also means the inhibition lock for these keys has been split
1353 Contributions from: Dave Airlie, Eelco Dolstra, Lennart
1354 Poettering, Lukas Nykryn, Václav Pavlín
1358 * Whenever a unit changes state we'll now log this to the
1359 journal and show along the unit's own log output in
1362 * ConditionPathIsMountPoint= can now properly detect bind
1363 mount points too. (Previously, a bind mount of one file
1364 system to another place in the same file system could not be
1365 detected as mount, since they shared struct stat's st_dev
1368 * We will now mount the cgroup controllers cpu, cpuacct,
1369 cpuset and the controllers net_cls, net_prio together by
1372 * nspawn containers will now have a virtualized boot
1373 ID. (i.e. /proc/sys/kernel/random/boot_id is now mounted
1374 over with a randomized ID at container initialization). This
1375 has the effect of making "journalctl -b" do the right thing
1378 * The JSON output journal serialization has been updated not
1379 to generate "endless" list objects anymore, but rather one
1380 JSON object per line. This is more in line how most JSON
1381 parsers expect JSON objects. The new output mode
1382 "json-pretty" has been added to provide similar output, but
1383 neatly aligned for readability by humans.
1385 * We dropped all explicit sync() invocations in the shutdown
1386 code. The kernel does this implicitly anyway in the kernel
1387 reboot() syscall. halt(8)'s -n option is now a compatibility
1390 * We now support virtualized reboot() in containers, as
1391 supported by newer kernels. We will fall back to exit() if
1392 CAP_SYS_REBOOT is not available to the container. Also,
1393 nspawn makes use of this now and will actually reboot the
1394 container if the containerized OS asks for that.
1396 * journalctl will only show local log output by default
1397 now. Use --merge (-m) to show remote log output, too.
1399 * libsystemd-journal gained the new sd_journal_get_usage()
1400 call to determine the current disk usage of all journal
1401 files. This is exposed in the new "journalctl --disk-usage"
1404 * journald gained a new configuration setting SplitMode= in
1405 journald.conf which may be used to control how user journals
1406 are split off. See journald.conf(5) for details.
1408 * A new condition type ConditionFileNotEmpty= has been added.
1410 * tmpfiles' "w" lines now support file globbing, to write
1411 multiple files at once.
1413 * We added Python bindings for the journal submission
1414 APIs. More Python APIs for a number of selected APIs will
1415 likely follow. Note that we intend to add native bindings
1416 only for the Python language, as we consider it common
1417 enough to deserve bindings shipped within systemd. There are
1418 various projects outside of systemd that provide bindings
1419 for languages such as PHP or Lua.
1421 * Many conditions will now resolve specifiers such as %i. In
1422 addition, PathChanged= and related directives of .path units
1423 now support specifiers as well.
1425 * There's now a new RPM macro definition for the system preset
1428 * journald will now warn if it can't forward a message to the
1429 syslog daemon because it's socket is full.
1431 * timedated will no longer write or process /etc/timezone,
1432 except on Debian. As we do not support late mounted /usr
1433 anymore /etc/localtime always being a symlink is now safe,
1434 and hence the information in /etc/timezone is not necessary
1437 * logind will now always reserve one VT for a text getty (VT6
1438 by default). Previously if more than 6 X sessions where
1439 started they took up all the VTs with auto-spawned gettys,
1440 so that no text gettys were available anymore.
1442 * udev will now automatically inform the btrfs kernel logic
1443 about btrfs RAID components showing up. This should make
1444 simple hotplug based btrfs RAID assembly work.
1446 * PID 1 will now increase its RLIMIT_NOFILE to 64K by default
1447 (but not for its children which will stay at the kernel
1448 default). This should allow setups with a lot more listening
1451 * systemd will now always pass the configured timezone to the
1452 kernel at boot. timedated will do the same when the timezone
1455 * logind's inhibition logic has been updated. By default,
1456 logind will now handle the lid switch, the power and sleep
1457 keys all the time, even in graphical sessions. If DEs want
1458 to handle these events on their own they should take the new
1459 handle-power-key, handle-sleep-key and handle-lid-switch
1460 inhibitors during their runtime. A simple way to achiveve
1461 that is to invoke the DE wrapped in an invocation of:
1463 systemd-inhibit --what=handle-power-key:handle-sleep-key:handle-lid-switch ...
1465 * Access to unit operations is now checked via SELinux taking
1466 the unit file label and client process label into account.
1468 * systemd will now notify the administrator in the journal
1469 when he over-mounts a non-empty directory.
1471 * There are new specifiers that are resolved in unit files,
1472 for the host name (%H), the machine ID (%m) and the boot ID
1475 Contributions from: Allin Cottrell, Auke Kok, Brandon Philips,
1476 Colin Guthrie, Colin Walters, Daniel J Walsh, Dave Reisner,
1477 Eelco Dolstra, Jan Engelhardt, Kay Sievers, Lennart
1478 Poettering, Lucas De Marchi, Lukas Nykryn, Mantas Mikulėnas,
1479 Martin Pitt, Matthias Clasen, Michael Olbrich, Pierre Schmitz,
1480 Shawn Landden, Thomas Hindoe Paaboel Andersen, Tom Gundersen,
1481 Václav Pavlín, Yin Kangkai, Zbigniew Jędrzejewski-Szmek
1485 * Support for reading structured kernel messages from
1486 /dev/kmsg has now been added and is enabled by default.
1488 * Support for reading kernel messages from /proc/kmsg has now
1489 been removed. If you want kernel messages in the journal
1490 make sure to run a recent kernel (>= 3.5) that supports
1491 reading structured messages from /dev/kmsg (see
1492 above). /proc/kmsg is now exclusive property of classic
1493 syslog daemons again.
1495 * The libudev API gained the new
1496 udev_device_new_from_device_id() call.
1498 * The logic for file system namespace (ReadOnlyDirectory=,
1499 ReadWriteDirectoy=, PrivateTmp=) has been reworked not to
1500 require pivot_root() anymore. This means fewer temporary
1501 directories are created below /tmp for this feature.
1503 * nspawn containers will now see and receive all submounts
1504 made on the host OS below the root file system of the
1507 * Forward Secure Sealing is now supported for Journal files,
1508 which provide cryptographical sealing of journal files so
1509 that attackers cannot alter log history anymore without this
1510 being detectable. Lennart will soon post a blog story about
1511 this explaining it in more detail.
1513 * There are two new service settings RestartPreventExitStatus=
1514 and SuccessExitStatus= which allow configuration of exit
1515 status (exit code or signal) which will be excepted from the
1516 restart logic, resp. consider successful.
1518 * journalctl gained the new --verify switch that can be used
1519 to check the integrity of the structure of journal files and
1520 (if Forward Secure Sealing is enabled) the contents of
1523 * nspawn containers will now be run with /dev/stdin, /dev/fd/
1524 and similar symlinks pre-created. This makes running shells
1525 as container init process a lot more fun.
1527 * The fstab support can now handle PARTUUID= and PARTLABEL=
1530 * A new ConditionHost= condition has been added to match
1531 against the hostname (with globs) and machine ID. This is
1532 useful for clusters where a single OS image is used to
1533 provision a large number of hosts which shall run slightly
1534 different sets of services.
1536 * Services which hit the restart limit will now be placed in a
1539 Contributions from: Bertram Poettering, Dave Reisner, Huang
1540 Hang, Kay Sievers, Lennart Poettering, Lukas Nykryn, Martin
1541 Pitt, Simon Peeters, Zbigniew Jędrzejewski-Szmek
1545 * When running in --user mode systemd will now become a
1546 subreaper (PR_SET_CHILD_SUBREAPER). This should make the ps
1547 tree a lot more organized.
1549 * A new PartOf= unit dependency type has been introduced that
1550 may be used to group services in a natural way.
1552 * "systemctl enable" may now be used to enable instances of
1555 * journalctl now prints error log levels in red, and
1556 warning/notice log levels in bright white. It also supports
1557 filtering by log level now.
1559 * cgtop gained a new -n switch (similar to top), to configure
1560 the maximum number of iterations to run for. It also gained
1561 -b, to run in batch mode (accepting no input).
1563 * The suffix ".service" may now be omitted on most systemctl
1564 command lines involving service unit names.
1566 * There's a new bus call in logind to lock all sessions, as
1567 well as a loginctl verb for it "lock-sessions".
1569 * libsystemd-logind.so gained a new call sd_journal_perror()
1570 that works similar to libc perror() but logs to the journal
1571 and encodes structured information about the error number.
1573 * /etc/crypttab entries now understand the new keyfile-size=
1576 * shutdown(8) now can send a (configurable) wall message when
1577 a shutdown is cancelled.
1579 * The mount propagation mode for the root file system will now
1580 default to "shared", which is useful to make containers work
1581 nicely out-of-the-box so that they receive new mounts from
1582 the host. This can be undone locally by running "mount
1583 --make-rprivate /" if needed.
1585 * The prefdm.service file has been removed. Distributions
1586 should maintain this unit downstream if they intend to keep
1587 it around. However, we recommend writing normal unit files
1588 for display managers instead.
1590 * Since systemd is a crucial part of the OS we will now
1591 default to a number of compiler switches that improve
1592 security (hardening) such as read-only relocations, stack
1593 protection, and suchlike.
1595 * The TimeoutSec= setting for services is now split into
1596 TimeoutStartSec= and TimeoutStopSec= to allow configuration
1597 of individual time outs for the start and the stop phase of
1600 Contributions from: Artur Zaprzala, Arvydas Sidorenko, Auke
1601 Kok, Bryan Kadzban, Dave Reisner, David Strauss, Harald Hoyer,
1602 Jim Meyering, Kay Sievers, Lennart Poettering, Mantas
1603 Mikulėnas, Martin Pitt, Michal Schmidt, Michal Sekletar, Peter
1604 Alfredsen, Shawn Landden, Simon Peeters, Terence Honles, Tom
1605 Gundersen, Zbigniew Jędrzejewski-Szmek
1609 * The journal and id128 C APIs are now fully documented as man
1612 * Extra safety checks have been added when transitioning from
1613 the initial RAM disk to the main system to avoid accidental
1616 * /etc/crypttab entries now understand the new keyfile-offset=
1619 * systemctl -t can now be used to filter by unit load state.
1621 * The journal C API gained the new sd_journal_wait() call to
1622 make writing synchronous journal clients easier.
1624 * journalctl gained the new -D switch to show journals from a
1627 * journalctl now displays a special marker between log
1628 messages of two different boots.
1630 * The journal is now explicitly flushed to /var via a service
1631 systemd-journal-flush.service, rather than implicitly simply
1632 by seeing /var/log/journal to be writable.
1634 * journalctl (and the journal C APIs) can now match for much
1635 more complex expressions, with alternatives and
1638 * When transitioning from the initial RAM disk to the main
1639 system we will now kill all processes in a killing spree to
1640 ensure no processes stay around by accident.
1642 * Three new specifiers may be used in unit files: %u, %h, %s
1643 resolve to the user name, user home directory resp. user
1644 shell. This is useful for running systemd user instances.
1646 * We now automatically rotate journal files if their data
1647 object hash table gets a fill level > 75%. We also size the
1648 hash table based on the configured maximum file size. This
1649 together should lower hash collisions drastically and thus
1650 speed things up a bit.
1652 * journalctl gained the new "--header" switch to introspect
1653 header data of journal files.
1655 * A new setting SystemCallFilters= has been added to services
1656 which may be used to apply blacklists or whitelists to
1657 system calls. This is based on SECCOMP Mode 2 of Linux 3.5.
1659 * nspawn gained a new --link-journal= switch (and quicker: -j)
1660 to link the container journal with the host. This makes it
1661 very easy to centralize log viewing on the host for all
1662 guests while still keeping the journal files separated.
1664 * Many bugfixes and optimizations
1666 Contributions from: Auke Kok, Eelco Dolstra, Harald Hoyer, Kay
1667 Sievers, Lennart Poettering, Malte Starostik, Paul Menzel, Rex
1668 Tsai, Shawn Landden, Tom Gundersen, Ville Skyttä, Zbigniew
1673 * Several tools now understand kernel command line arguments,
1674 which are only read when run in an initial RAM disk. They
1675 usually follow closely their normal counterparts, but are
1678 * There's a new tool to analyze the readahead files that are
1679 automatically generated at boot. Use:
1681 /usr/lib/systemd/systemd-readahead analyze /.readahead
1683 * We now provide an early debug shell on tty9 if this enabled. Use:
1685 systemctl enable debug-shell.service
1687 * All plymouth related units have been moved into the Plymouth
1688 package. Please make sure to upgrade your Plymouth version
1691 * systemd-tmpfiles now supports getting passed the basename of
1692 a configuration file only, in which case it will look for it
1693 in all appropriate directories automatically.
1695 * udevadm info now takes a /dev or /sys path as argument, and
1696 does the right thing. Example:
1698 udevadm info /dev/sda
1699 udevadm info /sys/class/block/sda
1701 * systemctl now prints a warning if a unit is stopped but a
1702 unit that might trigger it continues to run. Example: a
1703 service is stopped but the socket that activates it is left
1706 * "systemctl status" will now mention if the log output was
1707 shortened due to rotation since a service has been started.
1709 * The journal API now exposes functions to determine the
1710 "cutoff" times due to rotation.
1712 * journald now understands SIGUSR1 and SIGUSR2 for triggering
1713 immediately flushing of runtime logs to /var if possible,
1714 resp. for triggering immediate rotation of the journal
1717 * It is now considered an error if a service is attempted to
1718 be stopped that is not loaded.
1720 * XDG_RUNTIME_DIR now uses numeric UIDs instead of usernames.
1722 * systemd-analyze now supports Python 3
1724 * tmpfiles now supports cleaning up directories via aging
1725 where the first level dirs are always kept around but
1726 directories beneath it automatically aged. This is enabled
1727 by prefixing the age field with '~'.
1729 * Seat objects now expose CanGraphical, CanTTY properties
1730 which is required to deal with very fast bootups where the
1731 display manager might be running before the graphics drivers
1732 completed initialization.
1734 * Seat objects now expose a State property.
1736 * We now include RPM macros for service enabling/disabling
1737 based on the preset logic. We recommend RPM based
1738 distributions to make use of these macros if possible. This
1739 makes it simpler to reuse RPM spec files across
1742 * We now make sure that the collected systemd unit name is
1743 always valid when services log to the journal via
1746 * There's a new man page kernel-command-line(7) detailing all
1747 command line options we understand.
1749 * The fstab generator may now be disabled at boot by passing
1750 fstab=0 on the kernel command line.
1752 * A new kernel command line option modules-load= is now understood
1753 to load a specific kernel module statically, early at boot.
1755 * Unit names specified on the systemctl command line are now
1756 automatically escaped as needed. Also, if file system or
1757 device paths are specified they are automatically turned
1758 into the appropriate mount or device unit names. Example:
1760 systemctl status /home
1761 systemctl status /dev/sda
1763 * The SysVConsole= configuration option has been removed from
1764 system.conf parsing.
1766 * The SysV search path is no longer exported on the D-Bus
1769 * The Names= option is been removed from unit file parsing.
1771 * There's a new man page bootup(7) detailing the boot process.
1773 * Every unit and every generator we ship with systemd now
1774 comes with full documentation. The self-explanatory boot is
1777 * A couple of services gained "systemd-" prefixes in their
1778 name if they wrap systemd code, rather than only external
1779 code. Among them fsck@.service which is now
1780 systemd-fsck@.service.
1782 * The HaveWatchdog property has been removed from the D-Bus
1785 * systemd.confirm_spawn= on the kernel command line should now
1788 * There's a new man page crypttab(5) which details all options
1789 we actually understand.
1791 * systemd-nspawn gained a new --capability= switch to pass
1792 additional capabilities to the container.
1794 * timedated will now read known NTP implementation unit names
1795 from /usr/lib/systemd/ntp-units.d/*.list,
1796 systemd-timedated-ntp.target has been removed.
1798 * journalctl gained a new switch "-b" that lists log data of
1799 the current boot only.
1801 * The notify socket is in the abstract namespace again, in
1802 order to support daemons which chroot() at start-up.
1804 * There is a new Storage= configuration option for journald
1805 which allows configuration of where log data should go. This
1806 also provides a way to disable journal logging entirely, so
1807 that data collected is only forwarded to the console, the
1808 kernel log buffer or another syslog implementation.
1810 * Many bugfixes and optimizations
1812 Contributions from: Auke Kok, Colin Guthrie, Dave Reisner,
1813 David Strauss, Eelco Dolstra, Kay Sievers, Lennart Poettering,
1814 Lukas Nykryn, Michal Schmidt, Michal Sekletar, Paul Menzel,
1815 Shawn Landden, Tom Gundersen
1819 * "systemctl help <unit>" now shows the man page if one is
1822 * Several new man pages have been added.
1824 * MaxLevelStore=, MaxLevelSyslog=, MaxLevelKMsg=,
1825 MaxLevelConsole= can now be specified in
1826 journald.conf. These options allow reducing the amount of
1827 data stored on disk or forwarded by the log level.
1829 * TimerSlackNSec= can now be specified in system.conf for
1830 PID1. This allows system-wide power savings.
1832 Contributions from: Dave Reisner, Kay Sievers, Lauri Kasanen,
1833 Lennart Poettering, Malte Starostik, Marc-Antoine Perennou,
1838 * logind is now capable of (optionally) handling power and
1839 sleep keys as well as the lid switch.
1841 * journalctl now understands the syntax "journalctl
1842 /usr/bin/avahi-daemon" to get all log output of a specific
1845 * CapabilityBoundingSet= in system.conf now also influences
1846 the capability bound set of usermode helpers of the kernel.
1848 Contributions from: Daniel Drake, Daniel J. Walsh, Gert
1849 Michael Kulyk, Harald Hoyer, Jean Delvare, Kay Sievers,
1850 Lennart Poettering, Matthew Garrett, Matthias Clasen, Paul
1851 Menzel, Shawn Landden, Tero Roponen, Tom Gundersen
1855 * Note that we skipped 139 releases here in order to set the
1856 new version to something that is greater than both udev's
1857 and systemd's most recent version number.
1859 * udev: all udev sources are merged into the systemd source tree now.
1860 All future udev development will happen in the systemd tree. It
1861 is still fully supported to use the udev daemon and tools without
1862 systemd running, like in initramfs or other init systems. Building
1863 udev though, will require the *build* of the systemd tree, but
1864 udev can be properly *run* without systemd.
1866 * udev: /lib/udev/devices/ are not read anymore; systemd-tmpfiles
1867 should be used to create dead device nodes as workarounds for broken
1870 * udev: RUN+="socket:..." and udev_monitor_new_from_socket() is
1871 no longer supported. udev_monitor_new_from_netlink() needs to be
1872 used to subscribe to events.
1874 * udev: when udevd is started by systemd, processes which are left
1875 behind by forking them off of udev rules, are unconditionally cleaned
1876 up and killed now after the event handling has finished. Services or
1877 daemons must be started as systemd services. Services can be
1878 pulled-in by udev to get started, but they can no longer be directly
1879 forked by udev rules.
1881 * udev: the daemon binary is called systemd-udevd now and installed
1882 in /usr/lib/systemd/. Standalone builds or non-systemd systems need
1883 to adapt to that, create symlink, or rename the binary after building
1886 * libudev no longer provides these symbols:
1887 udev_monitor_from_socket()
1888 udev_queue_get_failed_list_entry()
1889 udev_get_{dev,sys,run}_path()
1890 The versions number was bumped and symbol versioning introduced.
1892 * systemd-loginctl and systemd-journalctl have been renamed
1893 to loginctl and journalctl to match systemctl.
1895 * The config files: /etc/systemd/systemd-logind.conf and
1896 /etc/systemd/systemd-journald.conf have been renamed to
1897 logind.conf and journald.conf. Package updates should rename
1898 the files to the new names on upgrade.
1900 * For almost all files the license is now LGPL2.1+, changed
1901 from the previous GPL2.0+. Exceptions are some minor stuff
1902 of udev (which will be changed to LGPL2.1 eventually, too),
1903 and the MIT licensed sd-daemon.[ch] library that is suitable
1904 to be used as drop-in files.
1906 * systemd and logind now handle system sleep states, in
1907 particular suspending and hibernating.
1909 * logind now implements a sleep/shutdown/idle inhibiting logic
1910 suitable for a variety of uses. Soonishly Lennart will blog
1911 about this in more detail.
1913 * var-run.mount and var-lock.mount are no longer provided
1914 (which prevously bind mounted these directories to their new
1915 places). Distributions which have not converted these
1916 directories to symlinks should consider stealing these files
1917 from git history and add them downstream.
1919 * We introduced the Documentation= field for units and added
1920 this to all our shipped units. This is useful to make it
1921 easier to explore the boot and the purpose of the various
1924 * All smaller setup units (such as
1925 systemd-vconsole-setup.service) now detect properly if they
1926 are run in a container and are skipped when
1927 appropriate. This guarantees an entirely noise-free boot in
1928 Linux container environments such as systemd-nspawn.
1930 * A framework for implementing offline system updates is now
1931 integrated, for details see:
1932 http://freedesktop.org/wiki/Software/systemd/SystemUpdates
1934 * A new service type Type=idle is available now which helps us
1935 avoiding ugly interleaving of getty output and boot status
1938 * There's now a system-wide CapabilityBoundingSet= option to
1939 globally reduce the set of capabilities for the
1940 system. This is useful to drop CAP_SYS_MKNOD, CAP_SYS_RAWIO,
1941 CAP_NET_RAW, CAP_SYS_MODULE, CAP_SYS_TIME, CAP_SYS_PTRACE or
1942 even CAP_NET_ADMIN system-wide for secure systems.
1944 * There are now system-wide DefaultLimitXXX= options to
1945 globally change the defaults of the various resource limits
1946 for all units started by PID 1.
1948 * Harald Hoyer's systemd test suite has been integrated into
1949 systemd which allows easy testing of systemd builds in qemu
1950 and nspawn. (This is really awesome! Ask us for details!)
1952 * The fstab parser is now implemented as generator, not inside
1955 * systemctl will now warn you if .mount units generated from
1956 /etc/fstab are out of date due to changes in fstab that
1957 haven't been read by systemd yet.
1959 * systemd is now suitable for usage in initrds. Dracut has
1960 already been updated to make use of this. With this in place
1961 initrds get a slight bit faster but primarily are much
1962 easier to introspect and debug since "systemctl status" in
1963 the host system can be used to introspect initrd services,
1964 and the journal from the initrd is kept around too.
1966 * systemd-delta has been added, a tool to explore differences
1967 between user/admin configuration and vendor defaults.
1969 * PrivateTmp= now affects both /tmp and /var/tmp.
1971 * Boot time status messages are now much prettier and feature
1972 proper english language. Booting up systemd has never been
1975 * Read-ahead pack files now include the inode number of all
1976 files to pre-cache. When the inode changes the pre-caching
1977 is not attempted. This should be nicer to deal with updated
1978 packages which might result in changes of read-ahead
1981 * We now temporaritly lower the kernel's read_ahead_kb variable
1982 when collecting read-ahead data to ensure the kernel's
1983 built-in read-ahead does not add noise to our measurements
1984 of necessary blocks to pre-cache.
1986 * There's now RequiresMountsFor= to add automatic dependencies
1987 for all mounts necessary for a specific file system path.
1989 * MountAuto= and SwapAuto= have been removed from
1990 system.conf. Mounting file systems at boot has to take place
1993 * nspawn now learned a new switch --uuid= to set the machine
1994 ID on the command line.
1996 * nspawn now learned the -b switch to automatically search
1999 * vt102 is now the default TERM for serial TTYs, upgraded from
2002 * systemd-logind now works on VT-less systems.
2004 * The build tree has been reorganized. The individual
2005 components now have directories of their own.
2007 * A new condition type ConditionPathIsReadWrite= is now available.
2009 * nspawn learned the new -C switch to create cgroups for the
2010 container in other hierarchies.
2012 * We now have support for hardware watchdogs, configurable in
2015 * The scheduled shutdown logic now has a public API.
2017 * We now mount /tmp as tmpfs by default, but this can be
2018 masked and /etc/fstab can override it.
2020 * Since udisks doesn't make use of /media anymore we are not
2021 mounting a tmpfs on it anymore.
2023 * journalctl gained a new --local switch to only interleave
2024 locally generated journal files.
2026 * We can now load the IMA policy at boot automatically.
2028 * The GTK tools have been split off into a systemd-ui.
2030 Contributions from: Andreas Schwab, Auke Kok, Ayan George,
2031 Colin Guthrie, Daniel Mack, Dave Reisner, David Ward, Elan
2032 Ruusamäe, Frederic Crozat, Gergely Nagy, Guillermo Vidal,
2033 Hannes Reinecke, Harald Hoyer, Javier Jardón, Kay Sievers,
2034 Lennart Poettering, Lucas De Marchi, Léo Gillot-Lamure,
2035 Marc-Antoine Perennou, Martin Pitt, Matthew Monaco, Maxim
2036 A. Mikityanskiy, Michael Biebl, Michael Olbrich, Michal
2037 Schmidt, Nis Martensen, Patrick McCarty, Roberto Sassu, Shawn
2038 Landden, Sjoerd Simons, Sven Anders, Tollef Fog Heen, Tom
2043 * This is mostly a bugfix release
2045 * Support optional initialization of the machine ID from the
2046 KVM or container configured UUID.
2048 * Support immediate reboots with "systemctl reboot -ff"
2050 * Show /etc/os-release data in systemd-analyze output
2052 * Many bugfixes for the journal, including endianness fixes and
2053 ensuring that disk space enforcement works
2055 * sd-login.h is C++ comptaible again
2057 * Extend the /etc/os-release format on request of the Debian
2060 * We now refuse non-UTF8 strings used in various configuration
2061 and unit files. This is done to ensure we don't pass invalid
2062 data over D-Bus or expose it elsewhere.
2064 * Register Mimo USB Screens as suitable for automatic seat
2067 * Read SELinux client context from journal clients in a race
2070 * Reorder configuration file lookup order. /etc now always
2071 overrides /run in order to allow the administrator to always
2072 and unconditionally override vendor supplied or
2073 automatically generated data.
2075 * The various user visible bits of the journal now have man
2076 pages. We still lack man pages for the journal API calls
2079 * We now ship all man pages in HTML format again in the
2082 Contributions from: Dave Reisner, Dirk Eibach, Frederic
2083 Crozat, Harald Hoyer, Kay Sievers, Lennart Poettering, Marti
2084 Raudsepp, Michal Schmidt, Shawn Landden, Tero Roponen, Thierry
2089 * This is mostly a bugfix release
2091 * systems lacking /etc/os-release are no longer supported.
2093 * Various functionality updates to libsystemd-login.so
2095 * Track class of PAM logins to distuingish greeters from
2098 Contributions from: Kay Sievers, Lennart Poettering, Michael
2103 * This is an important bugfix release for v41.
2105 * Building man pages is now optional which should be useful
2106 for those building systemd from git but unwilling to install
2109 * Watchdog support for supervising services is now usable. In
2110 a future release support for hardware watchdogs
2111 (i.e. /dev/watchdog) will be added building on this.
2113 * Service start rate limiting is now configurable and can be
2114 turned off per service. When a start rate limit is hit a
2115 reboot can automatically be triggered.
2117 * New CanReboot(), CanPowerOff() bus calls in systemd-logind.
2119 Contributions from: Benjamin Franzke, Bill Nottingham,
2120 Frederic Crozat, Lennart Poettering, Michael Olbrich, Michal
2121 Schmidt, Michał Górny, Piotr Drąg
2125 * The systemd binary is installed /usr/lib/systemd/systemd now;
2126 An existing /sbin/init symlink needs to be adapted with the
2129 * The code that loads kernel modules has been ported to invoke
2130 libkmod directly, instead of modprobe. This means we do not
2131 support systems with module-init-tools anymore.
2133 * Watchdog support is now already useful, but still not
2136 * A new kernel command line option systemd.setenv= is
2137 understood to set system wide environment variables
2138 dynamically at boot.
2140 * We now limit the set of capabilities of systemd-journald.
2142 * We now set SIGPIPE to ignore by default, since it only is
2143 useful in shell pipelines, and has little use in general
2144 code. This can be disabled with IgnoreSIPIPE=no in unit
2147 Contributions from: Benjamin Franzke, Kay Sievers, Lennart
2148 Poettering, Michael Olbrich, Michal Schmidt, Tom Gundersen,
2153 * This is mostly a bugfix release
2155 * We now expose the reason why a service failed in the
2156 "Result" D-Bus property.
2158 * Rudimentary service watchdog support (will be completed over
2159 the next few releases.)
2161 * When systemd forks off in order execute some service we will
2162 now immediately changes its argv[0] to reflect which process
2163 it will execute. This is useful to minimize the time window
2164 with a generic argv[0], which makes bootcharts more useful
2166 Contributions from: Alvaro Soliverez, Chris Paulson-Ellis, Kay
2167 Sievers, Lennart Poettering, Michael Olbrich, Michal Schmidt,
2168 Mike Kazantsev, Ray Strode
2172 * This is mostly a test release, but incorporates many
2175 * New systemd-cgtop tool to show control groups by their
2178 * Linking against libacl for ACLs is optional again. If
2179 disabled, support tracking device access for active logins
2180 goes becomes unavailable, and so does access to the user
2181 journals by the respective users.
2183 * If a group "adm" exists, journal files are automatically
2184 owned by them, thus allow members of this group full access
2185 to the system journal as well as all user journals.
2187 * The journal now stores the SELinux context of the logging
2188 client for all entries.
2190 * Add C++ inclusion guards to all public headers
2192 * New output mode "cat" in the journal to print only text
2193 messages, without any meta data like date or time.
2195 * Include tiny X server wrapper as a temporary stop-gap to
2196 teach XOrg udev display enumeration. This is used by display
2197 managers such as gdm, and will go away as soon as XOrg
2198 learned native udev hotplugging for display devices.
2200 * Add new systemd-cat tool for executing arbitrary programs
2201 with STDERR/STDOUT connected to the journal. Can also act as
2202 BSD logger replacement, and does so by default.
2204 * Optionally store all locally generated coredumps in the
2205 journal along with meta data.
2207 * systemd-tmpfiles learnt four new commands: n, L, c, b, for
2208 writing short strings to files (for usage for /sys), and for
2209 creating symlinks, character and block device nodes.
2211 * New unit file option ControlGroupPersistent= to make cgroups
2212 persistent, following the mechanisms outlined in
2213 http://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups
2215 * Support multiple local RTCs in a sane way
2217 * No longer monopolize IO when replaying readahead data on
2218 rotating disks, since we might starve non-file-system IO to
2219 death, since fanotify() will not see accesses done by blkid,
2222 * Don't show kernel threads in systemd-cgls anymore, unless
2223 requested with new -k switch.
2225 Contributions from: Dan Horák, Kay Sievers, Lennart
2226 Poettering, Michal Schmidt
2230 * This is mostly a test release, but incorporates many
2233 * The git repository moved to:
2234 git://anongit.freedesktop.org/systemd/systemd
2235 ssh://git.freedesktop.org/git/systemd/systemd
2237 * First release with the journal
2238 http://0pointer.de/blog/projects/the-journal.html
2240 * The journal replaces both systemd-kmsg-syslogd and
2241 systemd-stdout-bridge.
2243 * New sd_pid_get_unit() API call in libsystemd-logind
2245 * Many systemadm clean-ups
2247 * Introduce remote-fs-pre.target which is ordered before all
2248 remote mounts and may be used to start services before all
2251 * Added Mageia support
2253 * Add bash completion for systemd-loginctl
2255 * Actively monitor PID file creation for daemons which exit in
2256 the parent process before having finished writing the PID
2257 file in the daemon process. Daemons which do this need to be
2258 fixed (i.e. PID file creation must have finished before the
2259 parent exits), but we now react a bit more gracefully to them.
2261 * Add colourful boot output, mimicking the well-known output
2262 of existing distributions.
2264 * New option PassCredentials= for socket units, for
2265 compatibility with a recent kernel ABI breakage.
2267 * /etc/rc.local is now hooked in via a generator binary, and
2268 thus will no longer act as synchronization point during
2271 * systemctl list-unit-files now supports --root=.
2273 * systemd-tmpfiles now understands two new commands: z, Z for
2274 relabelling files according to the SELinux database. This is
2275 useful to apply SELinux labels to specific files in /sys,
2278 * Output of SysV services is now forwarded to both the console
2279 and the journal by default, not only just the console.
2281 * New man pages for all APIs from libsystemd-login.
2283 * The build tree got reorganized and a the build system is a
2284 lot more modular allowing embedded setups to specifically
2285 select the components of systemd they are interested in.
2287 * Support for Linux systems lacking the kernel VT subsystem is
2290 * configure's --with-rootdir= got renamed to
2291 --with-rootprefix= to follow the naming used by udev and
2294 * Unless specified otherwise we'll now install to /usr instead
2295 of /usr/local by default.
2297 * Processes with '@' in argv[0][0] are now excluded from the
2298 final shut-down killing spree, following the logic explained
2300 http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons
2302 * All processes remaining in a service cgroup when we enter
2303 the START or START_PRE states are now killed with
2304 SIGKILL. That means it is no longer possible to spawn
2305 background processes from ExecStart= lines (which was never
2306 supported anyway, and bad style).
2308 * New PropagateReloadTo=/PropagateReloadFrom= options to bind
2309 reloading of units together.
2311 Contributions from: Bill Nottingham, Daniel J. Walsh, Dave
2312 Reisner, Dexter Morgan, Gregs Gregs, Jonathan Nieder, Kay
2313 Sievers, Lennart Poettering, Michael Biebl, Michal Schmidt,
2314 Michał Górny, Ran Benita, Thomas Jarosch, Tim Waugh, Tollef
2315 Fog Heen, Tom Gundersen, Zbigniew Jędrzejewski-Szmek