1 systemd System and Service Manager
5 * The journal and id128 C APIs are now fully documented as man
8 * Extra safety checks have been added when transitioning from
9 the initial RAM disk to the main system to avoid accidental
12 * /etc/crypttab entrie now understand the new keyfile-offset=
15 * systemctl -t can now be used to filter by unit load state.
17 * The journal C API gained the new sd_journal_wait() call to
18 make writing synchronous journal clients easier.
20 * journalctl gained the new -D switch to show journals from a
23 * journalctl now displays a special marker between log
24 messages of two different boots.
26 * The journal is now explicitly flushed to /var via a service
27 systemd-journal-flush.service, rather than implicitly simply
28 by seeing /var/log/journal to be writable.
30 * journalctl (and the journal C APIs) can now match for much
31 more complex expressions, with alternatives and
34 * When transitioning from the initial RAM disk to the main
35 system we will now kill all processes in a killing spree to
36 ensure no processes stay around by accident.
38 * Three new specifiers may be used in unit files: %u, %h, %s
39 resolve to the user name, user home directory resp. user
40 shell. This is useful for running systemd user instances.
42 * We now automatically rotate journal files if their data
43 object hash table gets a fill level > 75%. We also size the
44 hash table based on the configured maximum file size. This
45 together should lower hash collisions drastically and thus
46 speed things up a bit.
48 * journalctl gained the new "--header" switch to introspect
49 header data of journal files.
51 * A new setting SystemCallFilters= has been added to services
52 which may be used to apply blacklists or whitelists to
53 system calls. This is based on SECCOMP Mode 2 of Linux 3.5.
55 * nspawn gained a new --link-journal= switch (and quicker: -j)
56 to link the container journal with the host. This makes it
57 very easy to centralize log viewing on the host for all
58 guests while still keeping the journal files separated.
60 * Many bugfixes and optimizations
62 Contributions from: Auke Kok, Eelco Dolstra, Harald Hoyer, Kay
63 Sievers, Lennart Poettering, Malte Starostik, Paul Menzel, Rex
64 Tsai, Shawn Landden, Tom Gundersen, Ville Skyttä, Zbigniew
69 * Several tools now understand kernel command line arguments,
70 which are only read when run in an initial RAM disk. They
71 usually follow closely their normal counterparts, but are
74 * There's a new tool to analyze the readahead files that are
75 automatically generated at boot. Use:
77 /usr/lib/systemd/systemd-readahead analyze /.readahead
79 * We now provide an early debug shell on tty9 if this enabled. Use:
81 systemctl enable debug-shell.service
83 * All plymouth related units have been moved into the Plymouth
84 package. Please make sure to upgrade your Plymouth version
87 * systemd-tmpfiles now supports getting passed the basename of
88 a configuration file only, in which case it will look for it
89 in all appropriate directories automatically.
91 * udevadm info now takes a /dev or /sys path as argument, and
92 does the right thing. Example:
95 udevadm info /sys/class/block/sda
97 * systemctl now prints a warning if a unit is stopped but a
98 unit that might trigger it continues to run. Example: a
99 service is stopped but the socket that activates it is left
102 * "systemctl status" will now mention if the log output was
103 shortened due to rotation since a service has been started.
105 * The journal API now exposes functions to determine the
106 "cutoff" times due to rotation.
108 * journald now understands SIGUSR1 and SIGUSR2 for triggering
109 immediately flushing of runtime logs to /var if possible,
110 resp. for triggering immediate rotation of the journal
113 * It is now considered an error if a service is attempted to
114 be stopped that is not loaded.
116 * XDG_RUNTIME_DIR now uses numeric UIDs instead of usernames.
118 * systemd-analyze now supports Python 3
120 * tmpfiles now supports cleaning up directories via aging
121 where the first level dirs are always kept around but
122 directories beneath it automatically aged. This is enabled
123 by prefixing the age field with '~'.
125 * Seat objects now expose CanGraphical, CanTTY properties
126 which is required to deal with very fast bootups where the
127 display manager might be running before the graphics drivers
128 completed initialization.
130 * Seat objects now expose a State property.
132 * We now include RPM macros for service enabling/disabling
133 based on the preset logic. We recommend RPM based
134 distributions to make use of these macros if possible. This
135 makes it simpler to reuse RPM spec files across
138 * We now make sure that the collected systemd unit name is
139 always valid when services log to the journal via
142 * There's a new man page kernel-command-line(7) detailing all
143 command line options we understand.
145 * The fstab generator may now be disabled at boot by passing
146 fstab=0 on the kernel command line.
148 * A new kernel command line option modules-load= is now understood
149 to load a specific kernel module statically, early at boot.
151 * Unit names specified on the systemctl command line are now
152 automatically escaped as needed. Also, if file system or
153 device paths are specified they are automatically turned
154 into the appropriate mount or device unit names. Example:
156 systemctl status /home
157 systemctl status /dev/sda
159 * The SysVConsole= configuration option has been removed from
162 * The SysV search path is no longer exported on the D-Bus
165 * The Names= option is been removed from unit file parsing.
167 * There's a new man page bootup(7) detailing the boot process.
169 * Every unit and every generator we ship with systemd now
170 comes with full documentation. The self-explanatory boot is
173 * A couple of services gained "systemd-" prefixes in their
174 name if they wrap systemd code, rather than only external
175 code. Among them fsck@.service which is now
176 systemd-fsck@.service.
178 * The HaveWatchdog property has been removed from the D-Bus
181 * systemd.confirm_spawn= on the kernel command line should now
184 * There's a new man page crypttab(5) which details all options
185 we actually understand.
187 * systemd-nspawn gained a new --capability= switch to pass
188 additional capabilities to the container.
190 * timedated will now read known NTP implementation unit names
191 from /usr/lib/systemd/ntp-units.d/*.list,
192 systemd-timedated-ntp.target has been removed.
194 * journalctl gained a new switch "-b" that lists log data of
195 the current boot only.
197 * The notify socket is in the abstract namespace again, in
198 order to support daemons which chroot() at start-up.
200 * There is a new Storage= configuration option for journald
201 which allows configuration of where log data should go. This
202 also provides a way to disable journal logging entirely, so
203 that data collected is only forwarded to the console, the
204 kernel log buffer or another syslog implementation.
206 * Many bugfixes and optimizations
208 Contributions from: Auke Kok, Colin Guthrie, Dave Reisner,
209 David Strauss, Eelco Dolstra, Kay Sievers, Lennart Poettering,
210 Lukas Nykryn, Michal Schmidt, Michal Sekletar, Paul Menzel,
211 Shawn Landden, Tom Gundersen
214 * "systemctl help <unit>" now shows the man page if one is
217 * Several new man pages have been added.
219 * MaxLevelStore=, MaxLevelSyslog=, MaxLevelKMsg=,
220 MaxLevelConsole= can now be specified in
221 journald.conf. These options allow reducing the amount of
222 data stored on disk or forwarded by the log level.
224 * TimerSlackNSec= can now be specified in system.conf for
225 PID1. This allows system-wide power savings.
227 Contributions from: Dave Reisner, Kay Sievers, Lauri Kasanen,
228 Lennart Poettering, Malte Starostik, Marc-Antoine Perennou,
232 * logind is now capable of (optionally) handling power and
233 sleep keys as well as the lid switch.
235 * journalctl now understands the syntax "journalctl
236 /usr/bin/avahi-daemon" to get all log output of a specific
239 * CapabilityBoundingSet= in system.conf now also influences
240 the capability bound set of usermode helpers of the kernel.
242 Contributions from: Daniel Drake, Daniel J. Walsh, Gert
243 Michael Kulyk, Harald Hoyer, Jean Delvare, Kay Sievers,
244 Lennart Poettering, Matthew Garrett, Matthias Clasen, Paul
245 Menzel, Shawn Landden, Tero Roponen, Tom Gundersen
248 * Note that we skipped 139 releases here in order to set the
249 new version to something that is greater than both udev's
250 and systemd's most recent version number.
252 * udev: all udev sources are merged into the systemd source tree now.
253 All future udev development will happen in the systemd tree. It
254 is still fully supported to use the udev daemon and tools without
255 systemd running, like in initramfs or other init systems. Building
256 udev though, will require the *build* of the systemd tree, but
257 udev can be properly *run* without systemd.
259 * udev: /lib/udev/devices/ are not read anymore; systemd-tmpfiles
260 should be used to create dead device nodes as workarounds for broken
263 * udev: RUN+="socket:..." and udev_monitor_new_from_socket() is
264 no longer supported. udev_monitor_new_from_netlink() needs to be
265 used to subscribe to events.
267 * udev: when udevd is started by systemd, processes which are left
268 behind by forking them off of udev rules, are unconditionally cleaned
269 up and killed now after the event handling has finished. Services or
270 daemons must be started as systemd services. Services can be
271 pulled-in by udev to get started, but they can no longer be directly
272 forked by udev rules.
274 * udev: the daemon binary is called systemd-udevd now and installed
275 in /usr/lib/systemd/. Standalone builds or non-systemd systems need
276 to adapt to that, create symlink, or rename the binary after building
279 * libudev no longer provides these symbols:
280 udev_monitor_from_socket()
281 udev_queue_get_failed_list_entry()
282 udev_get_{dev,sys,run}_path()
283 The versions number was bumped and symbol versioning introduced.
285 * systemd-loginctl and systemd-journalctl have been renamed
286 to loginctl and journalctl to match systemctl.
288 * The config files: /etc/systemd/systemd-logind.conf and
289 /etc/systemd/systemd-journald.conf have been renamed to
290 logind.conf and journald.conf. Package updates should rename
291 the files to the new names on upgrade.
293 * For almost all files the license is now LGPL2.1+, changed
294 from the previous GPL2.0+. Exceptions are some minor stuff
295 of udev (which will be changed to LGPL2.1 eventually, too),
296 and the MIT licensed sd-daemon.[ch] library that is suitable
297 to be used as drop-in files.
299 * systemd and logind now handle system sleep states, in
300 particular suspending and hibernating.
302 * logind now implements a sleep/shutdown/idle inhibiting logic
303 suitable for a variety of uses. Soonishly Lennart will blog
304 about this in more detail.
306 * var-run.mount and var-lock.mount are no longer provided
307 (which prevously bind mounted these directories to their new
308 places). Distributions which have not converted these
309 directories to symlinks should consider stealing these files
310 from git history and add them downstream.
312 * We introduced the Documentation= field for units and added
313 this to all our shipped units. This is useful to make it
314 easier to explore the boot and the purpose of the various
317 * All smaller setup units (such as
318 systemd-vconsole-setup.service) now detect properly if they
319 are run in a container and are skipped when
320 appropriate. This guarantees an entirely noise-free boot in
321 Linux container environments such as systemd-nspawn.
323 * A framework for implementing offline system updates is now
324 integrated, for details see:
325 http://freedesktop.org/wiki/Software/systemd/SystemUpdates
327 * A new service type Type=idle is available now which helps us
328 avoiding ugly interleaving of getty output and boot status
331 * There's now a system-wide CapabilityBoundingSet= option to
332 globally reduce the set of capabilities for the
333 system. This is useful to drop CAP_SYS_MKNOD, CAP_SYS_RAWIO,
334 CAP_NET_RAW, CAP_SYS_MODULE, CAP_SYS_TIME, CAP_SYS_PTRACE or
335 even CAP_NET_ADMIN system-wide for secure systems.
337 * There are now system-wide DefaultLimitXXX= options to
338 globally change the defaults of the various resource limits
339 for all units started by PID 1.
341 * Harald Hoyer's systemd test suite has been integrated into
342 systemd which allows easy testing of systemd builds in qemu
343 and nspawn. (This is really awesome! Ask us for details!)
345 * The fstab parser is now implemented as generator, not inside
348 * systemctl will now warn you if .mount units generated from
349 /etc/fstab are out of date due to changes in fstab that
350 haven't been read by systemd yet.
352 * systemd is now suitable for usage in initrds. Dracut has
353 already been updated to make use of this. With this in place
354 initrds get a slight bit faster but primarily are much
355 easier to introspect and debug since "systemctl status" in
356 the host system can be used to introspect initrd services,
357 and the journal from the initrd is kept around too.
359 * systemd-delta has been added, a tool to explore differences
360 between user/admin configuration and vendor defaults.
362 * PrivateTmp= now affects both /tmp and /var/tmp.
364 * Boot time status messages are now much prettier and feature
365 proper english language. Booting up systemd has never been
368 * Read-ahead pack files now include the inode number of all
369 files to pre-cache. When the inode changes the pre-caching
370 is not attempted. This should be nicer to deal with updated
371 packages which might result in changes of read-ahead
374 * We now temporaritly lower the kernel's read_ahead_kb variable
375 when collecting read-ahead data to ensure the kernel's
376 built-in read-ahead does not add noise to our measurements
377 of necessary blocks to pre-cache.
379 * There's now RequiresMountsFor= to add automatic dependencies
380 for all mounts necessary for a specific file system path.
382 * MountAuto= and SwapAuto= have been removed from
383 system.conf. Mounting file systems at boot has to take place
386 * nspawn now learned a new switch --uuid= to set the machine
387 ID on the command line.
389 * nspawn now learned the -b switch to automatically search
392 * vt102 is now the default TERM for serial TTYs, upgraded from
395 * systemd-logind now works on VT-less systems.
397 * The build tree has been reorganized. The individual
398 components now have directories of their own.
400 * A new condition type ConditionPathIsReadWrite= is now available.
402 * nspawn learned the new -C switch to create cgroups for the
403 container in other hierarchies.
405 * We now have support for hardware watchdogs, configurable in
408 * The scheduled shutdown logic now has a public API.
410 * We now mount /tmp as tmpfs by default, but this can be
411 masked and /etc/fstab can override it.
413 * Since udisks doesn't make use of /media anymore we are not
414 mounting a tmpfs on it anymore.
416 * journalctl gained a new --local switch to only interleave
417 locally generated journal files.
419 * We can now load the IMA policy at boot automatically.
421 * The GTK tools have been split off into a systemd-ui.
423 Contributions from: Andreas Schwab, Auke Kok, Ayan George,
424 Colin Guthrie, Daniel Mack, Dave Reisner, David Ward, Elan
425 Ruusamäe, Frederic Crozat, Gergely Nagy, Guillermo Vidal,
426 Hannes Reinecke, Harald Hoyer, Javier Jardón, Kay Sievers,
427 Lennart Poettering, Lucas De Marchi, Léo Gillot-Lamure,
428 Marc-Antoine Perennou, Martin Pitt, Matthew Monaco, Maxim
429 A. Mikityanskiy, Michael Biebl, Michael Olbrich, Michal
430 Schmidt, Nis Martensen, Patrick McCarty, Roberto Sassu, Shawn
431 Landden, Sjoerd Simons, Sven Anders, Tollef Fog Heen, Tom
435 * This is mostly a bugfix release
437 * Support optional initialization of the machine ID from the
438 KVM or container configured UUID.
440 * Support immediate reboots with "systemctl reboot -ff"
442 * Show /etc/os-release data in systemd-analyze output
444 * Many bugfixes for the journal, including endianess fixes and
445 ensuring that disk space enforcement works
447 * sd-login.h is C++ comptaible again
449 * Extend the /etc/os-release format on request of the Debian
452 * We now refuse non-UTF8 strings used in various configuration
453 and unit files. This is done to ensure we don't pass invalid
454 data over D-Bus or expose it elsewhere.
456 * Register Mimo USB Screens as suitable for automatic seat
459 * Read SELinux client context from journal clients in a race
462 * Reorder configuration file lookup order. /etc now always
463 overrides /run in order to allow the administrator to always
464 and unconditionally override vendor supplied or
465 automatically generated data.
467 * The various user visible bits of the journal now have man
468 pages. We still lack man pages for the journal API calls
471 * We now ship all man pages in HTML format again in the
474 Contributions from: Dave Reisner, Dirk Eibach, Frederic
475 Crozat, Harald Hoyer, Kay Sievers, Lennart Poettering, Marti
476 Raudsepp, Michal Schmidt, Shawn Landden, Tero Roponen, Thierry
480 * This is mostly a bugfix release
482 * systems lacking /etc/os-release are no longer supported.
484 * Various functionality updates to libsystemd-login.so
486 * Track class of PAM logins to distuingish greeters from
489 Contributions from: Kay Sievers, Lennart Poettering, Michael
493 * This is an important bugfix release for v41.
495 * Building man pages is now optional which should be useful
496 for those building systemd from git but unwilling to install
499 * Watchdog support for supervising services is now usable. In
500 a future release support for hardware watchdogs
501 (i.e. /dev/watchdog) will be added building on this.
503 * Service start rate limiting is now configurable and can be
504 turned off per service. When a start rate limit is hit a
505 reboot can automatically be triggered.
507 * New CanReboot(), CanPowerOff() bus calls in systemd-logind.
509 Contributions from: Benjamin Franzke, Bill Nottingham,
510 Frederic Crozat, Lennart Poettering, Michael Olbrich, Michal
511 Schmidt, Michał Górny, Piotr Drąg
514 * The systemd binary is installed /usr/lib/systemd/systemd now;
515 An existing /sbin/init symlink needs to be adapted with the
518 * The code that loads kernel modules has been ported to invoke
519 libkmod directly, instead of modprobe. This means we do not
520 support systems with module-init-tools anymore.
522 * Watchdog support is now already useful, but still not
525 * A new kernel command line option systemd.setenv= is
526 understood to set system wide environment variables
529 * We now limit the set of capabilities of systemd-journald.
531 * We now set SIGPIPE to ignore by default, since it only is
532 useful in shell pipelines, and has little use in general
533 code. This can be disabled with IgnoreSIPIPE=no in unit
536 Contributions from: Benjamin Franzke, Kay Sievers, Lennart
537 Poettering, Michael Olbrich, Michal Schmidt, Tom Gundersen,
541 * This is mostly a bugfix release
543 * We now expose the reason why a service failed in the
544 "Result" D-Bus property.
546 * Rudimentary service watchdog support (will be completed over
547 the next few releases.)
549 * When systemd forks off in order execute some service we will
550 now immediately changes its argv[0] to reflect which process
551 it will execute. This is useful to minimize the time window
552 with a generic argv[0], which makes bootcharts more useful
554 Contributions from: Alvaro Soliverez, Chris Paulson-Ellis, Kay
555 Sievers, Lennart Poettering, Michael Olbrich, Michal Schmidt,
556 Mike Kazantsev, Ray Strode
559 * This is mostly a test release, but incorporates many
562 * New systemd-cgtop tool to show control groups by their
565 * Linking against libacl for ACLs is optional again. If
566 disabled, support tracking device access for active logins
567 goes becomes unavailable, and so does access to the user
568 journals by the respective users.
570 * If a group "adm" exists, journal files are automatically
571 owned by them, thus allow members of this group full access
572 to the system journal as well as all user journals.
574 * The journal now stores the SELinux context of the logging
575 client for all entries.
577 * Add C++ inclusion guards to all public headers
579 * New output mode "cat" in the journal to print only text
580 messages, without any meta data like date or time.
582 * Include tiny X server wrapper as a temporary stop-gap to
583 teach XOrg udev display enumeration. This is used by display
584 managers such as gdm, and will go away as soon as XOrg
585 learned native udev hotplugging for display devices.
587 * Add new systemd-cat tool for executing arbitrary programs
588 with STDERR/STDOUT connected to the journal. Can also act as
589 BSD logger replacement, and does so by default.
591 * Optionally store all locally generated coredumps in the
592 journal along with meta data.
594 * systemd-tmpfiles learnt four new commands: n, L, c, b, for
595 writing short strings to files (for usage for /sys), and for
596 creating symlinks, character and block device nodes.
598 * New unit file option ControlGroupPersistent= to make cgroups
599 persistent, following the mechanisms outlined in
600 http://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups
602 * Support multiple local RTCs in a sane way
604 * No longer monopolize IO when replaying readahead data on
605 rotating disks, since we might starve non-file-system IO to
606 death, since fanotify() will not see accesses done by blkid,
609 * Don't show kernel threads in systemd-cgls anymore, unless
610 requested with new -k switch.
612 Contributions from: Dan Horák, Kay Sievers, Lennart
613 Poettering, Michal Schmidt
616 * This is mostly a test release, but incorporates many
619 * The git repository moved to:
620 git://anongit.freedesktop.org/systemd/systemd
621 ssh://git.freedesktop.org/git/systemd/systemd
623 * First release with the journal
624 http://0pointer.de/blog/projects/the-journal.html
626 * The journal replaces both systemd-kmsg-syslogd and
627 systemd-stdout-bridge.
629 * New sd_pid_get_unit() API call in libsystemd-logind
631 * Many systemadm clean-ups
633 * Introduce remote-fs-pre.target which is ordered before all
634 remote mounts and may be used to start services before all
637 * Added Mageia support
639 * Add bash completion for systemd-loginctl
641 * Actively monitor PID file creation for daemons which exit in
642 the parent process before having finished writing the PID
643 file in the daemon process. Daemons which do this need to be
644 fixed (i.e. PID file creation must have finished before the
645 parent exits), but we now react a bit more gracefully to them.
647 * Add colourful boot output, mimicking the well-known output
648 of existing distributions.
650 * New option PassCredentials= for socket units, for
651 compatibility with a recent kernel ABI breakage.
653 * /etc/rc.local is now hooked in via a generator binary, and
654 thus will no longer act as synchronization point during
657 * systemctl list-unit-files now supports --root=.
659 * systemd-tmpfiles now understands two new commands: z, Z for
660 relabelling files according to the SELinux database. This is
661 useful to apply SELinux labels to specific files in /sys,
664 * Output of SysV services is now forwarded to both the console
665 and the journal by default, not only just the console.
667 * New man pages for all APIs from libsystemd-login.
669 * The build tree got reorganized and a the build system is a
670 lot more modular allowing embedded setups to specifically
671 select the components of systemd they are interested in.
673 * Support for Linux systems lacking the kernel VT subsystem is
676 * configure's --with-rootdir= got renamed to
677 --with-rootprefix= to follow the naming used by udev and
680 * Unless specified otherwise we'll now install to /usr instead
681 of /usr/local by default.
683 * Processes with '@' in argv[0][0] are now excluded from the
684 final shut-down killing spree, following the logic explained
686 http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons
688 * All processes remaining in a service cgroup when we enter
689 the START or START_PRE states are now killed with
690 SIGKILL. That means it is no longer possible to spawn
691 background processes from ExecStart= lines (which was never
692 supported anyway, and bad style).
694 * New PropagateReloadTo=/PropagateReloadFrom= options to bind
695 reloading of units together.
697 Contributions from: Bill Nottingham, Daniel J. Walsh, Dave
698 Reisner, Dexter Morgan, Gregs Gregs, Jonathan Nieder, Kay
699 Sievers, Lennart Poettering, Michael Biebl, Michal Schmidt,
700 Michał Górny, Ran Benita, Thomas Jarosch, Tim Waugh, Tollef
701 Fog Heen, Tom Gundersen, Zbigniew Jędrzejewski-Szmek