CHANGES WITH 243 in spe:
+ * Previously, filters defined with SystemCallFilter= would have the
+ effect that an calling an offending system call would terminate the
+ calling thread. This behaviour never made much sense, since killing
+ individual threads of unexpecting processes is likely to create more
+ problems than it solves. With this release the default action changed
+ from killing the thread to killing the whole process. For this to
+ work correctly both a kernel version (>= 4.14) and a libseccomp
+ version (>= 2.4.0) supporting this new seccomp action is required. If
+ an older kernel or libseccomp is used the old behaviour continues to
+ be used. This change does not affect any services that have no system
+ call filters defined, or that use SystemCallErrorNumber= (and thus
+ see EPERM or another error instead of being killed when calling an
+ offending system call). Note that systemd documentation always
+ claimed that the whole process is killed. With this change behaviour
+ is thus adjusted to match the documentation.
+
* The "kernel.pid_max" sysctl is now bumped to 4194304 by default,
i.e. the full 22bit range the kernel allows, up from the old 16bit
range. This should improve security and robustness a bit, as PID
are harder to type, but we believe the change from 5 digit PIDs to 7
digit PIDs is not too hampering for usability.
+ * MemoryLow and MemoryMin gained hierarchy-aware counterparts,
+ DefaultMemoryLow and DefaultMemoryMin, which can be used to
+ hierarchically set default memory protection values for a particular
+ subtree of the unit hierarchy.
+
+ * Memory protection directives can now take a value of zero, allowing
+ explicit opting out of a default value propagated by an ancestor.
+
+ * systemd now defaults to the "unified" cgroup hierarchy setup during
+ build-time, i.e. -Ddefault-hierarchy=unified is now the build-time
+ default. Previously, -Ddefault-hierarchy=hybrid was the default. This
+ change reflects the fact that cgroupsv2 support has matured
+ substantially in both systemd and in the kernel, and is clearly the
+ way forward. Downstream production distributions might want to
+ continue to use -Ddefault-hierarchy=hybrid (or even =legacy) for
+ their builds as unfortunately the popular container managers have not
+ caught up with the kernel API changes.
+
+ * Man pages are not built by default anymore (html pages were already
+ disabled by default), to make development builds quicker. When
+ building systemd for a full installation with documentation, meson
+ should be called -Dman=true and/or -Dhtml=true as appropriate. The
+ default was changed based on the assumption that quick one-off or
+ repeated development builds are much more common than full optimized
+ builds for installation, and people need to pass various other
+ options to when doing "proper" builds anyway, so the gain from making
+ development builds quicker is bigger than the one time disruption for
+ packagers.
+
+ Two scripts are created in the *build* directory to generate and
+ preview man and html pages on demand, e.g.:
+
+ build/man/man systemctl
+ build/man/html systemd.index
+
+ * The D-Bus "wire format" for CPUAffinity attribute is changed on
+ big-endian machines. Before, bytes were written and read in native
+ machine order as exposed by the native libc __cpu_mask interface.
+ Now, little-endian order is always used (CPUs 0–7 are described by
+ bits 0–7 in byte 0, CPUs 8–15 are described by byte 1, and so on).
+ This change fixes D-Bus calls that cross endianness boundary.
+
+ The presentation format used for CPUAffinity by systemctl show and
+ systemd-analyze dump is changed to present CPU indices instead of the
+ raw __cpu_mask bitmask. For example, CPUAffinity=0-1 would be shown
+ as CPUAffinity=03000000000000000000000000000… (on little-endian) or
+ CPUAffinity=00000000000000300000000000000… (on 64-bit big-endian),
+ and is now shown as CPUAffinity=0-1, matching the input format. The
+ maximum integer that will be printed in new format is 8191 (four
+ digits), while the old format always used a very long number (with
+ the length varying by architecture), so they can be unambiguously
+ distinguished.
+
+ * /usr/sbin/halt.local is no longer supported. Implementation in
+ distributions was inconsistent and it seems this functionality was
+ very rarely used.
+
+ To replace this functionality, users should:
+ - either define a new unit and make it a dependency of final.target
+ (systemctl add-wants final.target my-halt-local.service)
+ - or move the shutdown script to /usr/lib/systemd/system-shutdown/
+ and ensure that it accepts "halt", "poweroff", "reboot", and
+ "kexec" as an argument, see the description in systemd-shutdown(8).
+
+ * When a [Match] section in .link or .network file is empty (contains
+ no match patterns), a warning will be emitted. Please add any "match
+ all" pattern instead, e.g. OriginalName=* or Name=* in case all
+ interfaces should really be matched.
+
…
CHANGES WITH 242:
* Journal messages that are generated whenever a unit enters the failed
state are now tagged with a unique MESSAGE_ID. Similarly, messages
generated whenever a service process exits are now made recognizable,
- too. A taged message is also emitted whenever a unit enters the
+ too. A tagged message is also emitted whenever a unit enters the
"dead" state on success.
* systemd-run gained a new switch --working-directory= for configuring
not created by systemd-sysusers anymore.
NOTE: This has a chance of breaking nss-ldap and similar NSS modules
- that embedd a network facing module into any process using getpwuid()
+ that embed a network facing module into any process using getpwuid()
or related call: the dynamic allocation of the user ID for
systemd-resolved.service means the service manager has to check NSS
if the user name is already taken when forking off the service. Since
PrivateDevices=, ProtectSystem=, …) are used. This option is hence
primarily useful for services that do not use any of the other file
system namespacing options. One such service is systemd-udevd.service
- wher this is now used by default.
+ where this is now used by default.
* ConditionSecurity= gained a new value "uefi-secureboot" that is true
when the system is booted in UEFI "secure mode".
/etc/machine-id. If the machine ID could not be determined,
$KERNEL_INSTALL_MACHINE_ID will be empty. Plugins should not put
anything in the entry directory (passed as the second argument) if
- $KERNEL_INSTALL_MACHINE_ID is empty. For backwards compatiblity, a
+ $KERNEL_INSTALL_MACHINE_ID is empty. For backwards compatibility, a
temporary directory is passed as the entry directory and removed
after all the plugins exit.
* We temporarily dropped the "-l" switch for fsck invocations,
since they collide with the flock() logic above. util-linux
upstream has been changed already to avoid this conflict,
- and we will readd "-l" as soon as util-linux with this
+ and we will re-add "-l" as soon as util-linux with this
change has been released.
* The dependency on libattr has been removed. Since a long
where the local administrator's configuration in /etc always
overrides any other settings.
- Contributions fron: Ali H. Caliskan, Alison Chaiken, Bas van
+ Contributions from: Ali H. Caliskan, Alison Chaiken, Bas van
den Berg, Brandon Philips, Cristian Rodríguez, Daniel Buch,
Dan Kilman, Dave Reisner, David Härdeman, David Herrmann,
David Strauss, Dimitris Spingos, Djalal Harouni, Eelco