systemd System and Service Manager
+CHANGES WITH 246 in spe:
+ * The fs.suid_dumpable sysctl is set to 2 / "suidsafe". This allows
+ systemd-coredump to save core files for suid processes. When saving
+ the core file, systemd-coredump will use the effective uid and gid of
+ the process that faulted.
+
+ * "systemctl list-units" and "systemctl list-machines" no longer hide
+ their first output column with --no-legend. To hide the first column,
+ use --plain.
+
CHANGES WITH 245:
* A new tool "systemd-repart" has been added, that operates as an
* networkctl gained support for showing per-interface logs in its
"status" output.
- * systemd-networkd-wait-online gain support for specifying the maximum
+ * systemd-networkd-wait-online gained support for specifying the maximum
operational state to wait for, and to wait for interfaces to
disappear.
to combine attachment with enablement and invocation, or detachment
with stopping and disablement.
+ * UPGRADE ISSUE: a bug where some jobs were trimmed as redundant was
+ fixed, which in turn exposed bugs in unit configuration of services
+ which have Type=oneshot and should only run once, but do not have
+ RemainAfterExit=yes set. Without RemainAfterExit=yes, a one-shot
+ service may be started again after exiting successfully, for example
+ as a dependency in another transaction. Affected services included
+ some internal systemd services (most notably
+ systemd-vconsole-setup.service, which was updated to have
+ RemainAfterExit=yes), and plymouth-start.service. Please ensure that
+ plymouth has been suitably updated or patched before upgrading to
+ this systemd release. See
+ https://bugzilla.redhat.com/show_bug.cgi?id=1807771 for some
+ additional discussion.
+
Contributions from: AJ Bagwell, Alin Popa, Andreas Rammhold, Anita
Zhang, Ansgar Burchardt, Antonio Russo, Arian van Putten, Ashley Davis,
Balint Reczey, Bart Willems, Bastien Nocera, Benjamin Dahlhoff, Charles
Chornoivan, Yu Watanabe, Zach Smith, Zbigniew Jędrzejewski-Szmek, Zeyu
DONG
- – Warsaw, 2020-02-05
+ – Warsaw, 2020-03-06
CHANGES WITH 244:
configuration time using the -Dservice-watchdog= setting. If set to
empty, the watchdogs will be disabled.
- * systemd-resolved validates IP addresses in certificates now when GnuTLS
- is being used.
+ * systemd-resolved validates IP addresses in certificates now when GnuTLS
+ is being used.
* libcryptsetup >= 2.0.1 is now required.
Contributions from: Aaron Barany, Adrian Bunk, Alan Jenkins, Albrecht
Lohofener, Andrej Valek, Anita Zhang, Arian van Putten, Balint Reczey,
Bastien Nocera, Ben Boeckel, Benjamin Robin, camoz, Chen Qi, Chris
- Chiu, Chris Down, Christian Kellner, Clinton Roy, Connor Reeder, Daniel
- Black, Daniele Medri, Dan Streetman, Dave Reisner, Dave Ross, David
- Art, David Tardon, Debarshi Ray, Dimitri John Ledkov, Dominick Grift,
- Donald Buczek, Douglas Christman, Eric DeVolder, EtherGraf, Evgeny
- Vereshchagin, Feldwor, Felix Riemann, Florian Dollinger, Francesco
- Pennica, Franck Bui, Frantisek Sumsal, Franz Pletz, frederik, Hans
- de Goede, Iago López Galeiras, Insun Pyo, Ivan Shapovalov, Iwan Timmer,
- Jack, Jakob Unterwurzacher, Jan Chren, Jan Klötzke, Jan Losinski, Jan
- Pokorný, Jan Synacek, Jan-Michael Brummer, Jeka Pats, Jeremy Soller,
- Jérémy Rosen, Jiri Pirko, Joe Lin, Joerg Behrmann, Joe Richey, Jóhann
- B. Guðmundsson, Johannes Christ, Johannes Schmitz, Jonathan Rouleau,
- Jorge Niedbalski, Kai Krakow, Kai Lüke, Karel Zak, Kashyap Chamarthy,
+ Chiu, Chris Down, Christian Göttsche, Christian Kellner, Clinton Roy,
+ Connor Reeder, Daniel Black, Daniel Lublin, Daniele Medri, Dan
+ Streetman, Dave Reisner, Dave Ross, David Art, David Tardon, Debarshi
+ Ray, Dimitri John Ledkov, Dominick Grift, Donald Buczek, Douglas
+ Christman, Eric DeVolder, EtherGraf, Evgeny Vereshchagin, Feldwor,
+ Felix Riemann, Florian Dollinger, Francesco Pennica, Franck Bui,
+ Frantisek Sumsal, Franz Pletz, frederik, Hans de Goede, Iago López
+ Galeiras, Insun Pyo, Ivan Shapovalov, Iwan Timmer, Jack, Jakob
+ Unterwurzacher, Jan Chren, Jan Klötzke, Jan Losinski, Jan Pokorný, Jan
+ Synacek, Jan-Michael Brummer, Jeka Pats, Jeremy Soller, Jérémy Rosen,
+ Jiri Pirko, Joe Lin, Joerg Behrmann, Joe Richey, Jóhann B. Guðmundsson,
+ Johannes Christ, Johannes Schmitz, Jonathan Rouleau, Jorge Niedbalski,
+ Jörg Thalheim, Kai Krakow, Kai Lüke, Karel Zak, Kashyap Chamarthy,
Krayushkin Konstantin, Lennart Poettering, Lubomir Rintel, Luca
Boccassi, Luís Ferreira, Marc-André Lureau, Markus Felten, Martin Pitt,
Matthew Leeds, Mattias Jernberg, Michael Biebl, Michael Olbrich,
Michael Prokop, Michael Stapelberg, Michael Zhivich, Michal Koutný,
Michal Sekletar, Mike Gilbert, Milan Broz, Miroslav Lichvar, mpe85,
Mr-Foo, Network Silence, Oliver Harley, pan93412, Paul Menzel, pEJipE,
- Peter A. Bigot, Philip Withnall, Piotr Drąg, Rafael Fontenelle, Roberto
- Santalla, Ronan Pigott, root, RussianNeuroMancer, Sebastian Jennen,
- shinygold, Shreyas Behera, Simon Schricker, Susant Sahani, Thadeu Lima
- de Souza Cascardo, Theo Ouzhinski, Thiebaud Weksteen, Thomas Haller,
- Thomas Weißschuh, Tomas Mraz, Tommi Rantala, Topi Miettinen, VD-Lycos,
- ven, Wieland Hoffmann, William A. Kennington III, William Wold, Xi
- Ruoyao, Yuri Chornoivan, Yu Watanabe, Zach Smith, Zbigniew
- Jędrzejewski-Szmek, Zhang Xianwei
+ Peter A. Bigot, Philip Withnall, Piotr Drąg, Rafael Fontenelle, Robert
+ Scheck, Roberto Santalla, Ronan Pigott, root, RussianNeuroMancer,
+ Sebastian Jennen, shinygold, Shreyas Behera, Simon Schricker, Susant
+ Sahani, Thadeu Lima de Souza Cascardo, Theo Ouzhinski, Thiebaud
+ Weksteen, Thomas Haller, Thomas Weißschuh, Tomas Mraz, Tommi Rantala,
+ Topi Miettinen, VD-Lycos, ven, Vladimir Yerilov, Wieland Hoffmann,
+ William A. Kennington III, William Wold, Xi Ruoyao, Yuri Chornoivan,
+ Yu Watanabe, Zach Smith, Zbigniew Jędrzejewski-Szmek, Zhang Xianwei
– Camerino, 2019-09-03
lookup is likely to trigger nss-ldap which in turn might use NSS to
ask systemd-resolved for hostname lookups. This will hence result in
a deadlock: a user name lookup in order to start
- systemd-resolved.service will result in a host name lookup for which
+ systemd-resolved.service will result in a hostname lookup for which
systemd-resolved.service needs to be started already. There are
multiple ways to work around this problem: pre-allocate the
"systemd-resolve" user on such systems, so that nss-ldap won't be
A/AAAA resource record for the "_gateway" hostname, pointing to the
current default IP gateway. Previously it did that for the "gateway"
name, hampering adoption, as some distributions wanted to leave that
- host name open for local use. The old behaviour may still be
+ hostname open for local use. The old behaviour may still be
requested at build time.
* systemd-networkd's [Address] section in .network files gained a new
again don't consider turning this on in your stable, LTS or
production release just yet. (Note that you have to enable
nss-resolve in /etc/nsswitch.conf, to actually use systemd-resolved
- and its DNSSEC mode for host name resolution from local
+ and its DNSSEC mode for hostname resolution from local
applications.)
* systemd-resolve conveniently resolves DANE records with the --tlsa
for a unit, as declared in the (usually vendor-supplied)
system preset files.
- * nss-myhostname will now resolve the single-label host name
+ * nss-myhostname will now resolve the single-label hostname
"gateway" to the locally configured default IP routing
gateways, ordered by their metrics. This assigns a stable
name to the used gateways, regardless which ones are
currently configured. Note that the name will only be
resolved after all other name sources (if nss-myhostname is
configured properly) and should hence not negatively impact
- systems that use the single-label host name "gateway" in
+ systems that use the single-label hostname "gateway" in
other contexts.
* systemd-inhibit now allows filtering by mode when listing
reported by uname()'s "machine" field.
* systemd-networkd now supports matching on the system
- virtualization, architecture, kernel command line, host name
+ virtualization, architecture, kernel command line, hostname
and machine ID.
* logind is now a lot more aggressive when suspending the
example, a line that creates /run/nologin).
* A new API "sd-resolve.h" has been added which provides a simple
- asynchronous wrapper around glibc NSS host name resolution
+ asynchronous wrapper around glibc NSS hostname resolution
calls, such as getaddrinfo(). In contrast to glibc's
getaddrinfo_a(), it does not use signals. In contrast to most
other asynchronous name resolution libraries, this one does
not reimplement DNS, but reuses NSS, so that alternate
- host name resolution systems continue to work, such as mDNS,
+ hostname resolution systems continue to work, such as mDNS,
LDAP, etc. This API is based on libasyncns, but it has been
cleaned up for inclusion in systemd.
when he over-mounts a non-empty directory.
* There are new specifiers that are resolved in unit files,
- for the host name (%H), the machine ID (%m) and the boot ID
+ for the hostname (%H), the machine ID (%m) and the boot ID
(%b).
Contributions from: Allin Cottrell, Auke Kok, Brandon Philips,