systemd System and Service Manager
-CHANGES WITH 244 in spe:
+CHANGES WITH 244:
* Support for the cpuset cgroups v2 controller has been added.
Processes may be restricted to specific CPUs using the new
AllowedMemoryNodes= setting.
* The signal used in restart jobs (as opposed to e.g. stop jobs) may
- now be configured using a new RestartKillSignal= settting. This
+ now be configured using a new RestartKillSignal= setting. This
allows units which signals to request termination to implement
different behaviour when stopping in preparation for a restart.
request prefix hints in the DHCPv6 solicitation.
* The DHCPv4 server may be configured to send arbitrary options using
- a new SendRawOption= setting.
+ a new SendOption= setting.
* The DHCPv4 server may now be configured to emit SIP server list using
the new EmitSIP= and SIP= settings.
used by the user service manager. The default is again to use the same
path as the system manager.
+ * The systemd-id128 tool gained a new switch "-u" (or "--uuid") for
+ outputting the 128bit IDs in UUID format (i.e. in the "canonical
+ representation").
+
+ * Service units gained a new sandboxing option ProtectKernelLogs= which
+ makes sure the program cannot get direct access to the kernel log
+ buffer anymore, i.e. the syslog() system call (not to be confused
+ with the API of the same name in libc, which is not affected), the
+ /proc/kmsg and /dev/kmsg nodes and the CAP_SYSLOG capability are made
+ inaccessible to the service. It's recommended to enable this setting
+ for all services that should not be able to read from or write to the
+ kernel log buffer, which are probably almost all.
+
+ Contributions from: Aaron Plattner, Alcaro, Anita Zhang, Balint Reczey,
+ Bastien Nocera, Baybal Ni, Benjamin Bouvier, Benjamin Gilbert, Carlo
+ Teubner, cbzxt, Chen Qi, Chris Down, Christian Rebischke, Claudio
+ Zumbo, ClydeByrdIII, crashfistfight, Cyprien Laplace, Daniel Edgecumbe,
+ Daniel Gorbea, Daniel Rusek, Daniel Stuart, Dan Streetman, David
+ Pedersen, David Tardon, Dimitri John Ledkov, Dominique Martinet, Donald
+ A. Cupp Jr, Evgeny Vereshchagin, Fabian Henneke, Filipe Brandenburger,
+ Franck Bui, Frantisek Sumsal, Georg Müller, Hans de Goede, Haochen
+ Tong, HATAYAMA Daisuke, Iwan Timmer, Jan Janssen, Jan Kundrát, Jan
+ Synacek, Jan Tojnar, Jay Strict, Jérémy Rosen, Jóhann B. Guðmundsson,
+ Jonas Jelten, Jonas Thelemann, Justin Trudell, J. Xing, Kai-Heng Feng,
+ Kenneth D'souza, Kevin Becker, Kevin Kuehler, Lennart Poettering,
+ Léonard Gérard, Lorenz Bauer, Luca Boccassi, Maciej Stanczew, Mario
+ Limonciello, Marko Myllynen, Mark Stosberg, Martin Wilck, matthiasroos,
+ Michael Biebl, Michael Olbrich, Michael Tretter, Michal Sekletar,
+ Michal Sekletár, Michal Suchanek, Mike Gilbert, Mike Kazantsev, Nicolas
+ Douma, nikolas, Norbert Lange, pan93412, Pascal de Bruijn, Paul Menzel,
+ Pavel Hrdina, Peter Wu, Philip Withnall, Piotr Drąg, Rafael Fontenelle,
+ Renaud Métrich, Riccardo Schirone, RoadrunnerWMC, Ronan Pigott, Ryan
+ Attard, Sebastian Wick, Serge, Siddharth Chandrasekara, Steve Ramage,
+ Steve Traylen, Susant Sahani, Thibault Nélis, Tim Teichmann, Tom
+ Fitzhenry, Tommy J, Torsten Hilbrich, Vito Caputo, ypf791, Yu Watanabe,
+ Zach Smith, Zbigniew Jędrzejewski-Szmek
+
+ – Warsaw, 2019-11-29
+
CHANGES WITH 243:
* This release enables unprivileged programs (i.e. requiring neither