systemd System and Service Manager
+CHANGES WITH 246 in spe:
+ * The fs.suid_dumpable sysctl is set to 2 / "suidsafe". This allows
+ systemd-coredump to save core files for suid processes. When saving
+ the core file, systemd-coredump will use the effective uid and gid of
+ the process that faulted.
+
+ * "systemctl list-units" and "systemctl list-machines" no longer hide
+ their first output column with --no-legend. To hide the first column,
+ use --plain.
+
CHANGES WITH 245:
* A new tool "systemd-repart" has been added, that operates as an
to combine attachment with enablement and invocation, or detachment
with stopping and disablement.
+ * UPGRADE ISSUE: a bug where some jobs were trimmed as redundant was
+ fixed, which in turn exposed bugs in unit configuration of services
+ which have Type=oneshot and should only run once, but do not have
+ RemainAfterExit=yes set. Without RemainAfterExit=yes, a one-shot
+ service may be started again after exiting successfully, for example
+ as a dependency in another transaction. Affected services included
+ some internal systemd services (most notably
+ systemd-vconsole-setup.service, which was updated to have
+ RemainAfterExit=yes), and plymouth-start.service. Please ensure that
+ plymouth has been suitably updated or patched before upgrading to
+ this systemd release. See
+ https://bugzilla.redhat.com/show_bug.cgi?id=1807771 for some
+ additional discussion.
+
Contributions from: AJ Bagwell, Alin Popa, Andreas Rammhold, Anita
Zhang, Ansgar Burchardt, Antonio Russo, Arian van Putten, Ashley Davis,
Balint Reczey, Bart Willems, Bastien Nocera, Benjamin Dahlhoff, Charles
configuration time using the -Dservice-watchdog= setting. If set to
empty, the watchdogs will be disabled.
- * systemd-resolved validates IP addresses in certificates now when GnuTLS
- is being used.
+ * systemd-resolved validates IP addresses in certificates now when GnuTLS
+ is being used.
* libcryptsetup >= 2.0.1 is now required.
lookup is likely to trigger nss-ldap which in turn might use NSS to
ask systemd-resolved for hostname lookups. This will hence result in
a deadlock: a user name lookup in order to start
- systemd-resolved.service will result in a host name lookup for which
+ systemd-resolved.service will result in a hostname lookup for which
systemd-resolved.service needs to be started already. There are
multiple ways to work around this problem: pre-allocate the
"systemd-resolve" user on such systems, so that nss-ldap won't be
A/AAAA resource record for the "_gateway" hostname, pointing to the
current default IP gateway. Previously it did that for the "gateway"
name, hampering adoption, as some distributions wanted to leave that
- host name open for local use. The old behaviour may still be
+ hostname open for local use. The old behaviour may still be
requested at build time.
* systemd-networkd's [Address] section in .network files gained a new
again don't consider turning this on in your stable, LTS or
production release just yet. (Note that you have to enable
nss-resolve in /etc/nsswitch.conf, to actually use systemd-resolved
- and its DNSSEC mode for host name resolution from local
+ and its DNSSEC mode for hostname resolution from local
applications.)
* systemd-resolve conveniently resolves DANE records with the --tlsa
for a unit, as declared in the (usually vendor-supplied)
system preset files.
- * nss-myhostname will now resolve the single-label host name
+ * nss-myhostname will now resolve the single-label hostname
"gateway" to the locally configured default IP routing
gateways, ordered by their metrics. This assigns a stable
name to the used gateways, regardless which ones are
currently configured. Note that the name will only be
resolved after all other name sources (if nss-myhostname is
configured properly) and should hence not negatively impact
- systems that use the single-label host name "gateway" in
+ systems that use the single-label hostname "gateway" in
other contexts.
* systemd-inhibit now allows filtering by mode when listing
reported by uname()'s "machine" field.
* systemd-networkd now supports matching on the system
- virtualization, architecture, kernel command line, host name
+ virtualization, architecture, kernel command line, hostname
and machine ID.
* logind is now a lot more aggressive when suspending the
example, a line that creates /run/nologin).
* A new API "sd-resolve.h" has been added which provides a simple
- asynchronous wrapper around glibc NSS host name resolution
+ asynchronous wrapper around glibc NSS hostname resolution
calls, such as getaddrinfo(). In contrast to glibc's
getaddrinfo_a(), it does not use signals. In contrast to most
other asynchronous name resolution libraries, this one does
not reimplement DNS, but reuses NSS, so that alternate
- host name resolution systems continue to work, such as mDNS,
+ hostname resolution systems continue to work, such as mDNS,
LDAP, etc. This API is based on libasyncns, but it has been
cleaned up for inclusion in systemd.
when he over-mounts a non-empty directory.
* There are new specifiers that are resolved in unit files,
- for the host name (%H), the machine ID (%m) and the boot ID
+ for the hostname (%H), the machine ID (%m) and the boot ID
(%b).
Contributions from: Allin Cottrell, Auke Kok, Brandon Philips,