systemd System and Service Manager
-CHANGES WITH 233 in spe
-
- [ LIST FAR FROM COMPLETE YET ]
+CHANGES WITH 234 in spe
+
+ * The code to call libnss_dns as a fallback from libnss_resolve when
+ the communication with systemd-resolved fails was removed. This
+ fallback was redundant and interfered with the [!UNAVAIL=return]
+ suffix. See nss-resolve(8) for the recommended configuration.
+
+CHANGES WITH 233:
+
+ * This version requires at least gperf 3.1 for building, 3.0 is not
+ sufficient.
+
+ * The "hybrid" control group mode has been modified to improve
+ compatibility with "legacy" cgroups-v1 setups. Specifically, the
+ "hybrid" setup of /sys/fs/cgroup is now pretty much identical to
+ "legacy" (including /sys/fs/cgroup/systemd as "name=systemd" named
+ cgroups-v1 hierarchy), the only externally visible change being that
+ the cgroups-v2 hierarchy is also mounted, to
+ /sys/fs/cgroup/unified. This should provide a large degree of
+ compatibility with "legacy" cgroups-v1, while taking benefit of the
+ better management capabilities of cgroups-v2.
+
+ * The default control group setup mode may be selected both a boot-time
+ via a set of kernel command line parameters (specifically:
+ systemd.unified_cgroup_hierarchy= and
+ systemd.legacy_systemd_cgroup_controller=), as well as a compile-time
+ default selected on the configure command line
+ (--with-default-hierarchy=). The upstream default is "hybrid"
+ (i.e. the cgroups-v1 + cgroups-v2 mixture discussed above) now, but
+ this will change in a future systemd version to be "unified" (pure
+ cgroups-v2 mode). The third option for the compile time option is
+ "legacy", to enter pure cgroups-v1 mode. We recommend downstream
+ distributions to default to "hybrid" mode for release distributions,
+ starting with v233. We recommend "unified" for development
+ distributions (specifically: distributions such as Fedora's rawhide)
+ as that's where things are headed in the long run. Use "legacy" for
+ greatest stability and compatibility only.
+
+ * Note one current limitation of "unified" and "hybrid" control group
+ setup modes: the kernel currently does not permit the systemd --user
+ instance (i.e. unprivileged code) to migrate processes between two
+ disconnected cgroup subtrees, even if both are managed and owned by
+ the user. This effectively means "systemd-run --user --scope" doesn't
+ work when invoked from outside of any "systemd --user" service or
+ scope. Specifically, it is not supported from session scopes. We are
+ working on fixing this in a future systemd version. (See #3388 for
+ further details about this.)
* DBus policy files are now installed into /usr rather than /etc. Make
sure your system has dbus >= 1.9.18 running before upgrading to this
version, or override the install path with --with-dbuspolicydir= .
+ * All python scripts shipped with systemd (specifically: the various
+ tests written in Python) now require Python 3.
+
+ * systemd unit tests can now run standalone (without the source or
+ build directories), and can be installed into /usr/lib/systemd/tests/
+ with 'make install-tests'.
+
+ * Note that from this version on, CONFIG_CRYPTO_USER_API_HASH,
+ CONFIG_CRYPTO_HMAC and CONFIG_CRYPTO_SHA256 need to be enabled in the
+ kernel.
+
+ * Support for the %c, %r, %R specifiers in unit files has been
+ removed. Specifiers are not supposed to be dependent on configuration
+ in the unit file itself (so that they resolve the same regardless
+ where used in the unit files), but these specifiers were influenced
+ by the Slice= option.
+
* The shell invoked by debug-shell.service now defaults to /bin/sh in
all cases. If distributions want to use a different shell for this
purpose (for example Fedora's /sbin/sushell) they need to specify
during startup. If no such message is sent, the service now fails,
even if the main process exited with a successful exit code.
- * The option MulticastDNS= of network configuration files has acquire
- and actual implementation. With MulticastDNS=yes a host can resolve
- names of remote hosts and to reply to mDNS's A and AAAA requests from
- the hosts.
+ * Services that fail to start up correctly now always have their
+ ExecStopPost= commands executed. Previously, they'd enter "failed"
+ state directly, without executing these commands.
+
+ * The option MulticastDNS= of network configuration files has acquired
+ an actual implementation. With MulticastDNS=yes a host can resolve
+ names of remote hosts and reply to mDNS A and AAAA requests.
* When units are about to be started an additional check is now done to
ensure that all dependencies of type BindsTo= (when used in
* systemd-analyze gained a new verb "syscall-filter" which shows which
system call groups are defined for the SystemCallFilter= unit file
- setting, and which system calls they precisely contain.
+ setting, and which system calls they contain.
* A new system call filter group "@filesystem" has been added,
- consisting of various file system related system calls. A group
+ consisting of various file system related system calls. Group
"@reboot" has been added, covering reboot, kexec and shutdown related
- calls. Finally, a group "@swap" has been added covering swap
+ calls. Finally, group "@swap" has been added covering swap
configuration related calls.
* A new unit file option RestrictNamespaces= has been added that may be
used to restrict access to the various process namespace types the
Linux kernel provides. Specifically, it may be used to take away the
- right for specific service units to create additional file system,
- networking, user, and other namespaces. This sandboxing option is
- particularly relevant due to the high amount of recently discovered
- namespacing related vulnerabilities in the kernel.
+ right for a service unit to create additional file system, network,
+ user, and other namespaces. This sandboxing option is particularly
+ relevant due to the high amount of recently discovered namespacing
+ related vulnerabilities in the kernel.
- * .link gained support for a new AutoNegotiation= setting for
- configuring Ethernet auto-negotiation.
+ * systemd-udev's .link files gained support for a new AutoNegotiation=
+ setting for configuring Ethernet auto-negotiation.
* systemd-networkd's .network files gained support for a new
ListenPort= setting in the [DHCP] section to explicitly configure the
UDP client port the DHCP client shall listen on.
+ * .network files gained a new Unmanaged= boolean setting for explicitly
+ excluding one or more interfaces from management by systemd-networkd.
+
+ * The systemd-networkd ProxyARP= option has been renamed to
+ IPV4ProxyARP=. Similarly, VXLAN-specific option ARPProxy= has been
+ renamed to ReduceARPProxy=. The old names continue to be available
+ for compatibility.
+
+ * systemd-networkd gained support for configuring IPv6 Proxy NDP
+ addresses via the new IPv6ProxyNDPAddress= .network file setting.
+
+ * systemd-networkd's bonding device support gained support for two new
+ configuration options ActiveSlave= and PrimarySlave=.
+
+ * The various options in the [Match] section of .network files gained
+ support for negative matching.
+
* New systemd-specific mount options are now understood in /etc/fstab:
x-systemd.mount-timeout= may be used to configure the maximum
drives, so that mounted CDs are automatically unmounted when they are
removed from the drive.
- x-systemd.after= and x-systemd.before= may be use to explicitly order
- a mount after or before another unit or mount point.
+ x-systemd.after= and x-systemd.before= may be used to explicitly
+ order a mount after or before another unit or mount point.
* Enqueued start jobs for device units are now automatically garbage
collected if there are no jobs waiting for them anymore.
- * systemctl list-jobs gained two new switches: --after and
- --before. When specified for all queued jobs it is shown which other
- queued jobs are waiting for it, or the job is waiting for.
+ * systemctl list-jobs gained two new switches: with --after, for every
+ queued job the jobs it's waiting for are shown; with --before the
+ jobs which it's blocking are shown.
* systemd-nspawn gained support for ephemeral boots from disk images
(or in other words: --ephemeral and --image= may now be
combined). Moreover, ephemeral boots are now supported for normal
directories, even if the backing file system is not btrfs. Of course,
- if the used file system does not support file system snapshots or
- reflinks the initial copy operation will be relatively expensive, but
- this should still be suitable for many usecases.
+ if the file system does not support file system snapshots or
+ reflinks, the initial copy operation will be relatively expensive, but
+ this should still be suitable for many use cases.
* Calendar time specifications in .timer units now support
specifications relative to the end of a month by using "~" instead of
"-" as separator between month and day. For example, "*-02~03" means
- "The third last day in February". In addition a new syntax for
+ "the third last day in February". In addition a new syntax for
repeated events has been added using the "/" character. For example,
"9..17/2:00" means "every two hours from 9am to 5pm".
* systemd-socket-proxyd gained a new parameter --connections-max= for
configuring the maximum number of concurrent connections.
- * All python scripts shipped with systemd (specifically: the various
- tests written in Python) now require Python 3.
-
- * sd-id128 gained a new API for generating unique IDs for the host,
- that do not leak the machine ID. Specifically,
+ * sd-id128 gained a new API for generating unique IDs for the host in a
+ way that does not leak the machine ID. Specifically,
sd_id128_get_machine_app_specific() derives an ID based on the
- machine ID in well-defined, non-reversible, stable way. This is
+ machine ID a in well-defined, non-reversible, stable way. This is
useful whenever an identifier for the host is needed but where the
identifier shall not be useful to identify the system beyond the
scope of the application itself. (Internally this uses HMAC-SHA256 as
with a temporary directory in the host's /var/tmp. This way changes
to /var are automatically flushed when the container shuts down.
- * .network files gained a new Unmanaged= boolean setting for explicitly
- excluding one or more interfaces from management by systemd-networkd.
-
- * systemd-nspawn's disk image dissection code has been updated. Among
- other things it's not permitted to pass raw file system block devices
- to the --image= option (in addition to images containing partition
- tables, as before).
+ * systemd-nspawn --image= option does now permit raw file system block
+ devices (in addition to images containing partition tables, as
+ before).
* The disk image dissection logic in systemd-nspawn gained support for
automatically setting up LUKS encrypted as well as Verity protected
LUKS and Verity partitions) to a local host directory, in order to
inspect them. This tool is not considered public API (yet), and is
thus not installed into /usr/bin. Please do not rely on its
- existance, since it might go away or be changed in later systemd
+ existence, since it might go away or be changed in later systemd
versions.
* A new generator "systemd-verity-generator" has been added, similar in
- style to "systemd-cryptsetup-generator" permitting automatic setup of
+ style to "systemd-cryptsetup-generator", permitting automatic setup of
Verity root partitions when systemd boots up. In order to make use of
this your partition setup should follow the Discoverable Partitions
Specification, and the GPT partition ID of the root file system
kernel and initrd image that incorporates such a root hash as well as
a Verity-enabled root partition.
- * Support for the %c, %r, %R specifiers in unit files has been
- removed. Specifiers are not supposed to be dependent on configuration
- of unit files themselves (so that they resolve to the same regardless
- where used in the unit files), but these options were due to the
- existence of the Slice= option.
-
- * The various options in the [Match] section of .network files gained
- support for negative matching.
-
* The hardware database (hwdb) udev supports has been updated to carry
accelerometer quirks.
systemd.firstboot= kernel command line option. It accepts a boolean
and when set to false the first boot questions are skipped.
- * The systemd-networkd ProxyARP= option has been renamed to
- IPV4ProxyARP=. Similar, VXLAN-specific option ARPProxy= has been
- renamed to ReduceARPProxy=. The old names continue to be available
- for compatibility.
-
- * systemd-networkd's bonding device support gained support for two new
- configuration options ActiveSlave= and PrimarySlave=.
-
* systemd-fstab-generator has been updated to check for the
- systemd.volatile= kernel command line option, which either takes a
- boolean parameter or the special value "state". If used the system
- may be booted in a "volatile" boot mode. Specifically,
- systemd.volatile=yes is used, the root directory will be mounted as
+ systemd.volatile= kernel command line option, which either takes an
+ optional boolean parameter or the special value "state". If used the
+ system may be booted in a "volatile" boot mode. Specifically,
+ "systemd.volatile" is used, the root directory will be mounted as
tmpfs, and only /usr is mounted from the actual root file system. If
- systemd.volatile=state is used, the root directory will be mounted as
- usual, but /var is mounted as tmpfs. This concept provides similar
+ "systemd.volatile=state" is used, the root directory will be mounted
+ as usual, but /var is mounted as tmpfs. This concept provides similar
functionality as systemd-nspawn's --volatile= option, but provides it
on physical boots. Use this option for implementing stateless
systems, or testing systems with all state and/or configuration reset
to the defaults. (Note though that many distributions are not
- prepared to boot up without a populated /etc or /var, though)
+ prepared to boot up without a populated /etc or /var, though.)
* systemd-gpt-auto-generator gained support for LUKS encrypted root
partitions. Previously it only supported LUKS encrypted partitions
for specifying the fallback hostname to use if none is configured in
/etc/hostname. For example, by specifying
--with-fallback-hostname=fedora it is possible to default to a
- hostname of "fedora" when the user didn't specify anything
- explicitly.
+ hostname of "fedora" on pristine installations.
* systemd-cgls gained support for a new --unit= switch for listing only
the control groups of a specific unit. Similar --user-unit= has been
possibly even including full integrity data.
* A new MountAPIVFS= unit file option has been added, taking a boolean
- argument. If enabled /proc, /sys and /proc (collectively called the
+ argument. If enabled /proc, /sys and /dev (collectively called the
"API VFS") will be mounted for the service. This is only relevant if
RootDirectory= or RootImage= is used for the service, as these mounts
are of course in place in the host mount namespace anyway.
different place. This option enables booting of ostree images
directly with systemd-nspawn.
- * systemd-networkd gained support for configuring IPv6 Proxy NDP
- addresses via the new IPv6ProxyNDPAddress= .network file setting.
-
* The systemd build scripts will no longer complain if the NTP server
- addresses are not changed from the defaults. Google is now supporting
+ addresses are not changed from the defaults. Google now supports
these NTP servers officially. We still recommend downstreams to
properly register an NTP pool with the NTP pool project though.
- * coredumpctl gained new new "--reverse" option for printing the list
+ * coredumpctl gained a new "--reverse" option for printing the list
of coredumps in reverse order.
+ * coredumpctl will now show additional information about truncated and
+ inaccessible coredumps, as well as coredumps that are still being
+ processed. It also gained a new --quiet switch for suppressing
+ additional informational message in its output.
+
+ * coredumpctl gained support for only showing coredumps newer and/or
+ older than specific timestamps, using the new --since= and --until=
+ options, reminiscent of journalctl's options by the same name.
+
* The systemd-coredump logic has been improved so that it may be reused
- for collecting backtraces in non-compiled languages, for example in
+ to collect backtraces in non-compiled languages, for example in
scripting languages such as Python.
* machinectl will now show the UID shift of local containers, if user
namespacing is enabled for them.
- * systemd will not optionally run "environment generator" binaries at
+ * systemd will now optionally run "environment generator" binaries at
configuration load time. They may be used to add environment
variables to the environment block passed to services invoked. One
- user environment generator is shipped by default, that sets up
- environment variables based on files dropped into
- ~/.config/environment.d/.
+ user environment generator is shipped by default that sets up
+ environment variables based on files dropped into /etc/environment.d
+ and ~/.config/environment.d/.
+
+ * systemd-resolved now includes the new, recently published 2017 DNSSEC
+ root key (KSK).
+
+ * hostnamed has been updated to report a new chassis type of
+ "convertible" to cover "foldable" laptops that can both act as a
+ tablet and as a laptop, such as various Lenovo Yoga devices.
Contributions from: Adrián López, Alexander Galanin, Alexander
Kochetkov, Alexandros Frantzis, Andrey Ulanov, Antoine Eiche, Baruch
Khlebnikov, Dmitry Rozhkov, Dongsu Park, Douglas Christman, Earnestly,
Emil Soleyman, Eric Cook, Evgeny Vereshchagin, Felipe Sateler, Fionn
Cleary, Florian Klink, Francesco Brozzu, Franck Bui, Gabriel Rauter,
- Gianluca Boiano, Graeme Lawes, Hans de Goede, Harald Hoyer, Ian
- Kelling, Ivan Shapovalov, Jakub Wilk, Janne Heß, Jan Synacek, Jason
- Reeder, Jonathan Boulle, Jörg Thalheim, Jouke Witteveen, Karl Kraus,
- Kees Cook, Keith Busch, Kieran Colford, kilian-k, Lennart Poettering,
- Lubomir Rintel, Lucas Werkmeister, Lukas Rusak, Maarten de Vries, Maks
- Naumov, Mantas Mikulėnas, Marc-Andre Lureau, Marcin Bachry, Mark
- Stosberg, Martin Ejdestig, Martin Pitt, micah, Michael Biebl, Michael
- Shields, Michal Schmidt, Michal Sekletar, Michel Kraus, Mike Gilbert,
- Mirza Krak, Namhyung Kim, nikolaof, peoronoob, Peter Hutterer, Peter
- Körner, Philip Withnall, Piotr Drąg, Ray Strode, Reverend Homer,
- Rike-Benjamin Schuppner, Robert Kreuzer, Ronny Chevalier, Ruslan
- Bilovol, sammynx, Sergey Ptashnick, Sergiusz Urbaniak, Stefan Berger,
- Stefan Hajnoczi, Stefan Schweter, Susant Sahani, Sylvain Plantefève,
- Taylor Smock, Thomas Blume, Thomas H. P. Andersen, Tobias Stoeckmann,
- Tom Gundersen, Torstein Husebø, Viktar Vaŭčkievič, Viktor Mihajlovski,
- Waldemar Brodkorb, Walter Garcia-Fontes, Wim de With, Yassine
- Imounachen, Yi EungJun, Yu Watanabe, Zbigniew Jędrzejewski-Szmek,
- Александр Тихонов
-
- — Santa Fe, 2017-02-XX
+ Gianluca Boiano, Giedrius Statkevičius, Graeme Lawes, Hans de Goede,
+ Harald Hoyer, Ian Kelling, Ivan Shapovalov, Jakub Wilk, Janne Heß, Jan
+ Synacek, Jason Reeder, Jonathan Boulle, Jörg Thalheim, Jouke Witteveen,
+ Karl Kraus, Kees Cook, Keith Busch, Kieran Colford, kilian-k, Lennart
+ Poettering, Lubomir Rintel, Lucas Werkmeister, Lukas Rusak, Maarten de
+ Vries, Maks Naumov, Mantas Mikulėnas, Marc-Andre Lureau, Marcin Bachry,
+ Mark Stosberg, Martin Ejdestig, Martin Pitt, Mauricio Faria de
+ Oliveira, micah, Michael Biebl, Michael Shields, Michal Schmidt, Michal
+ Sekletar, Michel Kraus, Mike Gilbert, Mikko Ylinen, Mirza Krak,
+ Namhyung Kim, nikolaof, peoronoob, Peter Hutterer, Peter Körner, Philip
+ Withnall, Piotr Drąg, Ray Strode, Reverend Homer, Rike-Benjamin
+ Schuppner, Robert Kreuzer, Ronny Chevalier, Ruslan Bilovol, sammynx,
+ Sergey Ptashnick, Sergiusz Urbaniak, Stefan Berger, Stefan Hajnoczi,
+ Stefan Schweter, Stuart McLaren, Susant Sahani, Sylvain Plantefève,
+ Taylor Smock, Tejun Heo, Thomas Blume, Thomas H. P. Andersen, Tibor
+ Nagy, Tobias Stoeckmann, Tom Gundersen, Torstein Husebø, Viktar
+ Vaŭčkievič, Viktor Mihajlovski, Vitaly Sulimov, Waldemar Brodkorb,
+ Walter Garcia-Fontes, Wim de With, Yassine Imounachen, Yi EungJun,
+ YunQiang Su, Yu Watanabe, Zbigniew Jędrzejewski-Szmek, Александр
+ Тихонов
+
+ — Berlin, 2017-03-01
CHANGES WITH 232:
+ * udev now runs with MemoryDenyWriteExecute=, RestrictRealtime= and
+ RestrictAddressFamilies= enabled. These sandboxing options should
+ generally be compatible with the various external udev call-out
+ binaries we are aware of, however there may be exceptions, in
+ particular when exotic languages for these call-outs are used. In
+ this case, consider turning off these settings locally.
+
* The new RemoveIPC= option can be used to remove IPC objects owned by
the user or group of a service when that service exits.
gudev from the Gnome project instead. gudev is still included
in systemd, for now. It will be removed soon, though. Please
also see the announcement-thread on systemd-devel:
- http://lists.freedesktop.org/archives/systemd-devel/2015-May/032070.html
+ https://lists.freedesktop.org/archives/systemd-devel/2015-May/032070.html
* systemd now exposes a CPUUsageNSec= property for each
service unit on the bus, that contains the overall consumed
like Cockpit which register web clients as PAM sessions.
* timer units with at least one OnCalendar= setting will now
- be started only after timer-sync.target has been
+ be started only after time-sync.target has been
reached. This way they will not elapse before the system
clock has been corrected by a local NTP client or
similar. This is particular useful on RTC-less embedded
also supports LUKS-encrypted partitions now. With this in
place, automatic discovery of partitions to mount following
the Discoverable Partitions Specification
- (http://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec)
+ (https://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec)
is now a lot more complete. This allows booting without
/etc/fstab and without root= on the kernel command line on
systems prepared appropriately.
* A new libsystemd-bus module has been added that implements a
pretty complete D-Bus client library. For details see:
- http://lists.freedesktop.org/archives/systemd-devel/2013-March/009797.html
+ https://lists.freedesktop.org/archives/systemd-devel/2013-March/009797.html
* journald will now explicitly flush the journal files to disk
at the latest 5min after each write. The file will then also
only in conjunction with Gummiboot, but could be supported
by other boot loaders too. For details see:
- http://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface
+ https://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface
* A new generator has been added that automatically mounts the
EFI System Partition (ESP) to /boot, if that directory
* A new tool kernel-install has been added that can install
kernel images according to the Boot Loader Specification:
- http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec
+ https://www.freedesktop.org/wiki/Specifications/BootLoaderSpec
* Boot time console output has been improved to provide
animated boot time output for hanging jobs.
of these policies is now the default. Please see this wiki
document for details:
- http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames
+ https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames
* Auke Kok's bootchart implementation has been added to the
systemd tree. It is an optional component that can graph the
indexed database to link up additional information with
journal entries. For further details please check:
- http://www.freedesktop.org/wiki/Software/systemd/catalog
+ https://www.freedesktop.org/wiki/Software/systemd/catalog
The indexed message catalog database also needs to be
rebuilt after installation of message catalog files. Use
* A framework for implementing offline system updates is now
integrated, for details see:
- http://freedesktop.org/wiki/Software/systemd/SystemUpdates
+ https://www.freedesktop.org/wiki/Software/systemd/SystemUpdates
* A new service type Type=idle is available now which helps us
avoiding ugly interleaving of getty output and boot status
* New unit file option ControlGroupPersistent= to make cgroups
persistent, following the mechanisms outlined in
- http://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups
+ https://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups
* Support multiple local RTCs in a sane way
* Processes with '@' in argv[0][0] are now excluded from the
final shut-down killing spree, following the logic explained
in:
- http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons
+ https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons
* All processes remaining in a service cgroup when we enter
the START or START_PRE states are now killed with
projects / thirdparty / systemd.git / blobdiff