systemd System and Service Manager
-CHANGES WITH 239 in spe:
+CHANGES WITH 239:
* NETWORK INTERFACE DEVICE NAMING CHANGES: systemd-udevd's "net_id"
- builtin may name network interfaces differently than in previous
- versions. SR-IOV virtual functions and NPAR partitions with PCI
- function numbers of 8 and above will be named more predictably, and
- udev may generate names based on the PCI slot number in some cases
- where it previously did not.
+ builtin will name network interfaces differently than in previous
+ versions for virtual network interfaces created with SR-IOV and NPAR
+ and for devices where the PCI network controller device does not have
+ a slot number associated.
+
+ SR-IOV virtual devices are now named based on the name of the parent
+ interface, with a suffix of "v<N>", where <N> is the virtual device
+ number. Previously those virtual devices were named as if completely
+ independent.
+
+ The ninth and later NPAR virtual devices will be named following the
+ scheme used for the first eight NPAR partitions. Previously those
+ devices were not renamed and the kernel default (eth<n>) was used.
+
+ "net_id" will also generate names for PCI devices where the PCI
+ network controller device does not have an associated slot number
+ itself, but one of its parents does. Previously those devices were
+ not renamed and the kernel default (eth<n>) was used.
* AF_INET and AF_INET6 are dropped from RestrictAddressFamilies= in
systemd-logind.service. Since v235, IPAddressDeny=any has been set to
both runtime and persistent enablement/masking, i.e. it will remove
any relevant symlinks both in /run and /etc.
+ * Note that all long-running system services shipped with systemd will
+ now default to a system call whitelist (rather than a blacklist, as
+ before). In particular, systemd-udevd will now enforce one too. For
+ most cases this should be safe, however downstream distributions
+ which disabled sandboxing of systemd-udevd (specifically the
+ MountFlags= setting), might want to disable this security feature
+ too, as the default whitelisting will prohibit all mount, swap,
+ reboot and clock changing operations from udev rules.
+
* sd-boot acquired new loader configuration settings to optionally turn
off Windows and MacOS boot partition discovery as well as
reboot-into-firmware menu items. It is also able to pick a better
name following the last dash.
* Unit files and other configuration files that support specifier
- expansion now understand another two new specifiers: %T and %V will
+ expansion now understand another three new specifiers: %T and %V will
resolve to /tmp and /var/tmp respectively, or whatever temporary
- directory has been set for the calling user.
+ directory has been set for the calling user. %E will expand to either
+ /etc (for system units) or $XDG_CONFIG_HOME (for user units).
* The ExecStart= lines of unit files are no longer required to
reference absolute paths. If non-absolute paths are specified the
example, "systemd-tmpfiles --cat-config" will now output the full
list of tmpfiles.d/ lines in place.
- * timedatectl gained two new verbs "timesync-status" (to show the
- current NTP synchronization state of systemd-timesyncd) and
- "show-timesync" (to show bus properties of systemd-timesyncd).
+ * timedatectl gained three new verbs: "show" shows bus properties of
+ systemd-timedated, "timesync-status" shows the current NTP
+ synchronization state of systemd-timesyncd, and "show-timesync"
+ shows bus properties of systemd-timesyncd.
* systemd-timesyncd gained a bus interface on which it exposes details
about its state.
https://github.com/systemd/systemd/blob/master/doc/PORTABLE_SERVICES.md
https://github.com/systemd/systemd/blob/master/doc/CODE_QUALITY.md
+ * The Boot Loader Specification has been added to the source tree.
+
+ https://github.com/systemd/systemd/blob/master/doc/BOOT_LOADER_SPECIFICATION.md
+
+ While moving it into our source tree we have updated it and further
+ changes are now accepted through the usual github PR workflow.
+
* pam_systemd will now look for PAM userdata fields systemd.memory_max,
systemd.tasks_max, systemd.cpu_weight, systemd.io_weight set by
earlier PAM modules. The data in these fields is used to initialize
system namespacing options. One such service is systemd-udevd.service
wher this is now used by default.
+ * ConditionSecurity= gained a new value "uefi-secureboot" that is true
+ when the system is booted in UEFI "secure mode".
+
+ * A new unit "system-update-pre.target" is added, which defines an
+ optional synchronization point for offline system updates, as
+ implemented by the pre-existing "system-update.target" unit. It
+ allows ordering services before the service that executes the actual
+ update process in a generic way.
+
Contributions from: Adam Duskett, Alan Jenkins, Alessandro Casale,
Alexander Kurtz, Alex Gartrell, Anssi Hannula, Arnaud Rebillout, Brian
- J. Murrell, Bruno Vernay, Chris Lesiak, Christian Brauner, Christian
- Hesse, Daniel Dao, Daniel Lin, Danylo Korostil, Davide Cavalca, David
- Tardon, Dimitri John Ledkov, Dmitriy Geels, Douglas Christman, Elia
- Geretto, emelenas, Emil Velikov, Evgeny Vereshchagin, Felipe Sateler,
- Feng Sun, Filipe Brandenburger, Franck Bui, futpib, Giuseppe Scrivano,
- Guillem Jover, guixxx, Hans de Goede, Henrique Dante de Almeida, Hiram
- van Paassen, Ian Miell, Igor Gnatenko, Ivan Shapovalov, Iwan Timmer,
- James Cowgill, Jan Janssen, Jan Synacek, Jared Kazimir, João Paulo
- Rechi Vita, Joost Heitbrink, Jui-Chi Ricky Liang, Jürg Billeter,
- Kai-Heng Feng, Karol Augustin, Krzysztof Nowicki, Lauri Tirkkonen,
- Lennart Poettering, Leonard König, Long Li, Luca Boccassi, Lucas
- Werkmeister, Marcel Hoppe, Marc Kleine-Budde, Mario Limonciello, Martin
- Jansa, Martin Wilck, Mathieu Malaterre, Matteo F. Vescovi, Matthew
- McGinn, Matthias-Christian Ott, Michael Biebl, Michael Olbrich, Michael
- Prokop, Michal Koutný, Michal Sekletar, Mike Gilbert, Mikhail Kasimov,
- Milan Broz, Milan Pässler, Muhammet Kara, Nicolas Boichat, Omer Katz,
- Paride Legovini, Paul Menzel, Paul Milliken, Pavel Hrdina, Peter
- A. Bigot, Peter Hutterer, Peter Jones, Philip Sequeira, Philip
+ J. Murrell, Bruno Vernay, Chris Lamb, Chris Lesiak, Christian Brauner,
+ Christian Hesse, Christian Rebischke, Colin Guthrie, Daniel Dao, Daniel
+ Lin, Danylo Korostil, Davide Cavalca, David Tardon, Dimitri John
+ Ledkov, Dmitriy Geels, Douglas Christman, Elia Geretto, emelenas, Emil
+ Velikov, Evgeny Vereshchagin, Felipe Sateler, Feng Sun, Filipe
+ Brandenburger, Franck Bui, futpib, Giuseppe Scrivano, Guillem Jover,
+ guixxx, Hannes Reinecke, Hans de Goede, Harald Hoyer, Henrique Dante de
+ Almeida, Hiram van Paassen, Ian Miell, Igor Gnatenko, Ivan Shapovalov,
+ Iwan Timmer, James Cowgill, Jan Janssen, Jan Synacek, Jared Kazimir,
+ Jérémy Rosen, João Paulo Rechi Vita, Joost Heitbrink, Jui-Chi Ricky
+ Liang, Jürg Billeter, Kai-Heng Feng, Karol Augustin, Kay Sievers,
+ Krzysztof Nowicki, Lauri Tirkkonen, Lennart Poettering, Leonard König,
+ Long Li, Luca Boccassi, Lucas Werkmeister, Marcel Hoppe, Marc
+ Kleine-Budde, Mario Limonciello, Martin Jansa, Martin Wilck, Mathieu
+ Malaterre, Matteo F. Vescovi, Matthew McGinn, Matthias-Christian Ott,
+ Michael Biebl, Michael Olbrich, Michael Prokop, Michal Koutný, Michal
+ Sekletar, Mike Gilbert, Mikhail Kasimov, Milan Broz, Milan Pässler,
+ Mladen Pejaković, Muhammet Kara, Nicolas Boichat, Omer Katz, Paride
+ Legovini, Paul Menzel, Paul Milliken, Pavel Hrdina, Peter A. Bigot,
+ Peter D'Hoye, Peter Hutterer, Peter Jones, Philip Sequeira, Philip
Withnall, Piotr Drąg, Radostin Stoyanov, Ricardo Salveti de Araujo,
- Rosen Penev, Rubén Suárez Alvarez, Ryan Gonzalez, Salvo Tomaselli,
- Sebastian Reichel, Sergio Lindo Mansilla, Stefan Schweter, Stephen
- Hemminger, Stuart Hayes, Susant Sahani, Sylvain Plantefève, Thomas
- H. P. Andersen, Tobias Jungel, Tomasz Torcz, Vito Caputo, Will Dietz,
- Will Thompson, Wim van Mourik, Yu Watanabe, Zbigniew Jędrzejewski-Szmek
-
- — Berlin, 2018-06-XX
+ Ronny Chevalier, Rosen Penev, Rubén Suárez Alvarez, Ryan Gonzalez,
+ Salvo Tomaselli, Sebastian Reichel, Sergey Ptashnick, Sergio Lindo
+ Mansilla, Stefan Schweter, Stephen Hemminger, Stuart Hayes, Susant
+ Sahani, Sylvain Plantefève, Thomas H. P. Andersen, Tobias Jungel,
+ Tomasz Torcz, Vito Caputo, Will Dietz, Will Thompson, Wim van Mourik,
+ Yu Watanabe, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2018-06-22
CHANGES WITH 238: