systemd System and Service Manager
+CHANGES WITH 236 in spe:
+
+ * The modprobe.d/ drop-in for the bonding.ko kernel module introduced
+ in v235, has been extended to also set the dummy.ko module option
+ numdummies=0, resolving issues with the kernel creating the dummy0
+ network interface implicitly.
+
+ * systemd-resolved now maintains a new dynamic
+ /run/systemd/resolve/stub-resolv.conf compatibility file. It is now
+ recommended to maintain /etc/resolv.conf as a symlink to this new
+ dynamic file. It points at the systemd-resolved stub DNS 127.0.0.53
+ resolver and it includes dynamically acquired search domains. This
+ achieves a more correct DNS resolution by software that bypasses
+ local DNS APIs (e.g. NSS).
+
+ * The "uaccess" udev tag has been dropped from /dev/kvm and
+ /dev/dri/renderD*. These devices now have the 0666 permissions by
+ default (but this may be changed at build-time). /dev/dri/renderD*
+ will now be owned by the "render" group along with /dev/kfd.
+
+ * This enables "DynamicUser=yes" by default for
+ systemd-timesyncd.service, systemd-journal-gatewayd.service and
+ systemd-journal-upload.service. This means "nss-systemd" really
+ should be enabled in /etc/nsswitch.conf to ensure the UIDs assigned
+ to these services show up properly in the user database.
+
+ * In systemd-networkd, the IPv6 RA logic now optionally may announce
+ DNS server and domain information.
+
+ * Support for the LUKS2 on-disk format for encrypted partitions has
+ been added. This requires libcryptsetup2 during compilation and
+ runtime.
+
+ * The systemd --user instance will not signal "readiness" when its
+ basic.target unit has been reached, instead of when the run queue ran
+ empty for the first time.
+
+ * Unit files learnt three new % specifiers that are expanded during
+ loading: %S resolves to the top-level state directory (/var/lib for
+ the system instance, $XDG_CONFIG_HOME for the user instance), %C
+ resolves to the top-level cache directory (/var/cache for the system
+ instance, $XDG_CACHE_HOME for the user instance), %L resolves to the
+ top-level logs directory (/var/log for the system instance,
+ $XDG_CONFIG_HOME/log/ for the user instance). This matches the
+ existing %t specifier, that resolves to the top-level runtime
+ directory (/run for the system instance, and $XDG_RUNTIME_DIR for the
+ user instance).
+
+ * journalctl learnt a new parameter --output-fields= for limiting the
+ set of journal fields to output in verbose and JSON output modes.
+
+ * systemd-timesyncd's configuration file gained a new option
+ RootDistanceMaxSec= for setting the maximum root distance, as well as
+ the new options PollIntervalMinSec= and PollIntervalMaxSec= to tweak
+ the minimum and maximum poll interval.
+
+ * bootctl gained a new command "list" for listing all available boot
+ menu items on systems that follor the boot loader specification.
+
+ * systemctl gained a new --dry-run switch that shows what would be done
+ instead of doing it, and is currently supported by the shutdown and
+ sleep verbs.
+
+ * ConditionSecurity= can now detect the TOMOYO security module.
+
+ * Unit file [Install] sections are now also respected in unit drop-in
+ files.
+
+ * systemd-firstboot may now also set up the initial keyboard mapping.
+
+ * When udev devices that are exposed as systemd .device units see a
+ "changed" events, this is propagated as reload from the units, in
+ respect to ReloadPropagatedFrom=.
+
+ * When a udev device with a SYSTEMD_WANTS= property containing a
+ systemd unit template name (i.e. a name in the form of
+ 'foobar@.service', without the instance component between the '@' and
+ the '.'), then the escaped sysfs path of the device is automatically
+ inserted when the unit is added as dependency.
+
+ * SystemCallFilter= in unit files has been extended so that an "errno"
+ can be specified individually for each system call. Example:
+ SystemCallFilter=~uname:EILSEQ.
+
+ * The cgroup delegation logic has been substantially updated. Delegate=
+ now optionally takes a list of controllers (instead of a boolean, as
+ before), which lists the controllers to delegate at least.
+
+ * The networkd DHCPv6 client now implements the FQDN option (RFC 4704)
+
+ * Two new unit file options have been added: LogLevelMax= configures
+ the maximum log level any process of the unit may log at
+ (i.e. anything with a lesser priority than what is specified is
+ automatically dropped). LogExtraFields= allows configuration of
+ additional journal fields to attach to all log records generated by
+ any of the unit's processes.
+
+ * A new unit file option CollectMode= has been added, that allows
+ tweaking the garbage collection logic for units. It may be used to
+ tell systemd to garbage collect units that have failed automatically
+ (normally it only GCs units that exited successfully). systemd-run
+ exposes this new functionality wiht a new -G option.
+
+ * Services gained a two new settings StandardInputData= and
+ StadardInputText=, along with a new option StandardInput=data. They
+ may be used to configure textual or binary data that shall be passed
+ to the executed service process via STDIN, encoded in-line in the
+ unit file.
+
+ * StandardInput=, StandardOutput= and StandardError= may now be used to
+ connect stdin/stdout/stderr of executed processes directly with a
+ file or AF_UNIX socket in the file system, using the new "file:" option.
+
+ * "machinectl bind" may now be used to bind mount non-directories
+ (i.e. regularfiles, devices, fifos, sockets).
+
+ * systemd-analyze gained a new verb "calendar" for validating and
+ testing calendar time specifications to use for OnCalendar= in timer
+ units. Besides validating the expression it will calculate the next
+ time the specified expression would elapse.
+
+ * In addition to the pre-existing FailureAction= unit file setting
+ there's now SuccessAction=, for configuring an shutdown action to
+ execute when a unit completed successfully. This is useful in
+ particular inside of containers that shall terminate after some
+ workload has been completed. Also, both options are now supported for
+ all unit types, not just services.
+
+ * networkds's IP rule support gained two new options
+ IncomingInterface=and OutgoingInterface= for configuring the incoming
+ and outgoing interfaces of configured rules. systemd-networkd also
+ gained support for "vxcan" network devices.
+
+ * networkd gained a new setting RequiredForOnline=, taking a
+ boolean. If set, systemd-wait-online will take it into consideration
+ when determining that the system is up, otherwise it will ignore the
+ interface for this purpose.
+
+ * The sd_notify() protocol gained support for a new operation: with
+ FDSTOREREMOVE=1 file descriptors may be removed from the per-service
+ store again, ahead of POLLHUP or POLLERR when they are removed
+ anyway.
+
+ Contributions from: aeywalee, Alan Jenkins, Alessandro Ghedini, Andrew
+ Jeddeloh, Antonio Rojas, Ari, bleep_blop, Carsten Strotmann, Christian
+ Brauner, Christian Hesse, Collin Eggert, Daniel Lockyer, Daniel Rusek,
+ Dimitri John Ledkov, Evgeny Vereshchagin, Florian Klink, Franck Bui,
+ gwendalcr, Hans de Goede, Jakub Wilk, Jérémy Rosen, jobol, John Lin,
+ juga0, Krzysztof Nowicki, Lars Karlitski, Lars Kellogg-Stedman, Lauri
+ Tirkkonen, Lennart Poettering, longersson, Lubomir Rintel, Lucas
+ Werkmeister, lukas, Lukáš Nykrýn, Lukasz Rubaszewski, Maciej
+ S. Szmigiero, macrothian, Mantas Mikulėnas, martingh, Mathieu
+ Trudel-Lapierre, Matija Skala, Michael Biebl, Michael Vogt, Michal
+ Sekletar, Mike Gilbert, Muhammet Kara, myrkr, Neil Brown, Ondrej
+ Kozina, Patrik Flykt, Peter Hutterer, Piotr Drąg, Razvan Cojocaru,
+ Robin McCorkell, Roland Hieber, Sergey Ptashnick, Shawn Landden, Shuang
+ Liu, Simon Arlott, Simon Peeters, Stefan Agner, Susant Sahani, Sylvain
+ Plantefève, Thomas Blume, Tom Stellard, Topi Miettinen, Vito Caputo,
+ Vladislav Vishnyakov, WaLyong Cho, Yu Watanabe, Zbigniew
+ Jędrzejewski-Szmek, Zeal Jagannatha
+
+ — Berlin, 2017-12-XX
+
CHANGES WITH 235:
+ * INCOMPATIBILITY: systemd-logind.service and other long-running
+ services now run inside an IPv4/IPv6 sandbox, prohibiting them any IP
+ communication with the outside. This generally improves security of
+ the system, and is in almost all cases a safe and good choice, as
+ these services do not and should not provide any network-facing
+ functionality. However, systemd-logind uses the glibc NSS API to
+ query the user database. This creates problems on systems where NSS
+ is set up to directly consult network services for user database
+ lookups. In particular, this creates incompatibilities with the
+ "nss-nis" module, which attempts to directly contact the NIS/YP
+ network servers it is configured for, and will now consistently
+ fail. In such cases, it is possible to turn off IP sandboxing for
+ systemd-logind.service (set IPAddressDeny= in its [Service] section
+ to the empty string, via a .d/ unit file drop-in). Downstream
+ distributions might want to update their nss-nis packaging to include
+ such a drop-in snippet, accordingly, to hide this incompatibility
+ from the user. Another option is to make use of glibc's nscd service
+ to proxy such network requests through a privilege-separated, minimal
+ local caching daemon, or to switch to more modern technologies such
+ sssd, whose NSS hook-ups generally do not involve direct network
+ access. In general, we think it's definitely time to question the
+ implementation choices of nss-nis, i.e. whether it's a good idea
+ today to embed a network-facing loadable module into all local
+ processes that need to query the user database, including the most
+ trivial and benign ones, such as "ls". For more details about
+ IPAddressDeny= see below.
+
* A new modprobe.d drop-in is now shipped by default that sets the
bonding module option max_bonds=0. This overrides the kernel default,
to avoid conflicts and ambiguity as to whether or not bond0 should be
each time the service is restarted due to Restart=, and may be
queried using "systemctl show -p NRestarts …".
- * New system call filter groups @setuid, @memlock, @signal and
- @timer have been added, for usage with SystemCallFilter=
+ * New system call filter groups @aio, @sync, @chown, @setuid, @memlock,
+ @signal and @timer have been added, for usage with SystemCallFilter=
in unit files and the new --system-call-filter= command line option
of systemd-nspawn (see above).
too. Note that while the other databases are world-readable
(i.e. 0644), btmp is not and remains more restrictive.
+ * The systemd-resolve tool gained a new --reset-server-features
+ switch. When invoked like this systemd-resolved will forget
+ everything it learnt about the features supported by the configured
+ upstream DNS servers, and restarts the feature probing logic on the
+ next resolver look-up for them at the highest feature level
+ again.
+
+ * The status dump systemd-resolved sends to the logs upon receiving
+ SIGUSR1 now also includes information about all DNS servers it is
+ configured to use, and the features levels it probed for them.
+
Contributions from: Abdó Roig-Maranges, Alan Jenkins, Alexander
Kuleshov, Andreas Rammhold, Andrew Jeddeloh, Andrew Soutar, Ansgar
Burchardt, Beniamino Galvani, Benjamin Berg, Benjamin Robin, Charles
Vasilis Liaskovitis, Vito Caputo, WaLyong Cho, William Douglas, Xiang
Fan, Yu Watanabe, Zbigniew Jędrzejewski-Szmek
- — Berlin, 2017-10-XX
+ — Berlin, 2017-10-06
CHANGES WITH 234: