systemd System and Service Manager
-CHANGES WITH 243 in spe:
+CHANGES WITH 243:
* This release enables unprivileged programs (i.e. requiring neither
setuid nor file capabilities) to send ICMP Echo (i.e. ping) requests
killed. With this change behaviour is thus adjusted to match the
documentation.
- * The "kernel.pid_max" sysctl is now bumped to 4194304 by default,
- i.e. the full 22bit range the kernel allows, up from the old 16bit
- range. This should improve security and robustness a bit, as PID
- collisions are made less likely (though certainly still
- possible). There are rumours this might create compatibility
+ * On 64 bit systems, the "kernel.pid_max" sysctl is now bumped to
+ 4194304 by default, i.e. the full 22bit range the kernel allows, up
+ from the old 16bit range. This should improve security and
+ robustness, as PID collisions are made less likely (though certainly
+ still possible). There are rumours this might create compatibility
problems, though at this moment no practical ones are known to
us. Downstream distributions are hence advised to undo this change in
their builds if they are concerned about maximum compatibility, but
for everybody else we recommend leaving the value bumped. Besides
improving security and robustness this should also simplify things as
the maximum number of allowed concurrent tasks was previously bounded
- by both "kernel.pid_max" and "kernel.threads-max" and now only a
- single knob is left ("kernel.threads-max"). There have been concerns
- that usability is affected by this change because larger PID numbers
- are harder to type, but we believe the change from 5 digit PIDs to 7
- digit PIDs is not too hampering for usability.
+ by both "kernel.pid_max" and "kernel.threads-max" and now effectively
+ only a single knob is left ("kernel.threads-max"). There have been
+ concerns that usability is affected by this change because larger PID
+ numbers are harder to type, but we believe the change from 5 digits
+ to 7 digits doesn't hamper usability.
* MemoryLow= and MemoryMin= gained hierarchy-aware counterparts,
DefaultMemoryLow= and DefaultMemoryMin=, which can be used to
* Memory protection directives can now take a value of zero, allowing
explicit opting out of a default value propagated by an ancestor.
- * A new setting DisableControllers= has been added that may be used to
- explicitly disable one or more cgroups controllers for a unit and all
- its children.
-
* systemd now defaults to the "unified" cgroup hierarchy setup during
build-time, i.e. -Ddefault-hierarchy=unified is now the build-time
default. Previously, -Ddefault-hierarchy=hybrid was the default. This
* Man pages are not built by default anymore (html pages were already
disabled by default), to make development builds quicker. When
building systemd for a full installation with documentation, meson
- should be called with -Dman=true and/or -Dhtml=true as
- appropriate. The default was changed based on the assumption that
- quick one-off or repeated development builds are much more common
- than full optimized builds for installation, and people need to pass
- various other options to when doing "proper" builds anyway, so the
- gain from making development builds quicker is bigger than the one
- time disruption for packagers.
+ should be called with -Dman=true and/or -Dhtml=true as appropriate.
+ The default was changed based on the assumption that quick one-off or
+ repeated development builds are much more common than full optimized
+ builds for installation, and people need to pass various other
+ options to when doing "proper" builds anyway, so the gain from making
+ development builds quicker is bigger than the one time disruption for
+ packagers.
Two scripts are created in the *build* directory to generate and
preview man and html pages on demand, e.g.:
build/man/html systemd.index
* libidn2 is used by default if both libidn2 and libidn are installed.
- Please use -Dlibidn=true when libidn is favorable.
+ Please use -Dlibidn=true if libidn is preferred.
* The D-Bus "wire format" of the CPUAffinity= attribute is changed on
big-endian machines. Before, bytes were written and read in native
long number (with the length varying by architecture), so they can be
unambiguously distinguished.
- * SuccessExitStatus=, RestartPreventExitStatus=, and
- RestartForceExitStatus= now accept exit status names (e.g. "DATAERR"
- is equivalent to "65"). systemd-analyze learnt a new 'exit-status'
- verb to display those exit status name mappings.
-
* /usr/sbin/halt.local is no longer supported. Implementation in
distributions was inconsistent and it seems this functionality was
very rarely used.
* Services may now send a special WATCHDOG=trigger message with
sd_notify() to trigger an immediate "watchdog missed" event, and thus
- request service take down. This is useful both for testing watchdog
+ trigger service termination. This is useful both for testing watchdog
handling, but also for defining error paths in services, that shall
be handled the same way as watchdog events.
* systemd-resolved "Cache=" configuration option in resolved.conf has
been extended to also accept the 'no-negative' value. Previously,
only a boolean option was allowed (yes/no), having yes as the
- default. If this option is set to 'no-negative', negative answers
- are skipped from being cached while keeping the same cache heuristics
- for positive answers. The default remains as "yes" (i.e. caching is
- enabled).
+ default. If this option is set to 'no-negative', negative answers are
+ not cached while the old cache heuristics are used positive answers.
+ The default remains unchanged.
* The predictable naming scheme for network devices now supports
generating predictable names for "netdevsim" devices.
+ Moreover, the "en" prefix was dropped from the ID_NET_NAME_ONBOARD
+ udev property.
+
+ Those two changes form a new net.naming-policy-scheme= entry.
+ Distributions which want to preserve naming stability may want to set
+ the -Ddefault-net-naming-scheme= configuration option.
+
* systemd-networkd now supports MACsec, nlmon, IPVTAP and Xfrm
interfaces natively.
SpeedMeterIntervalSec=, to measure bitrate of network interfaces. The
measured speed may be shown by 'networkctl status'.
+ * "networkctl status" now displays MTU and queue lengths, and more
+ detailed information about VXLAN and bridge devices.
+
* systemd-networkd's .network and .link files gained a new Property=
setting in the [Match] section, to match against devices with
specific udev properties.
been renamed to LinkLayerAddress=, and it now allows configuration of
IP addresses, too.
+ * systemd-networkd's handling of the kernel's disable_ipv6 sysctl is
+ simplified: systemd-networkd will disable the sysctl (enable IPv6) if
+ IPv6 configuration (static or DHCPv6) was found for a given
+ interface. It will not touch the sysctl otherwise.
+
+ * The order of entries is $PATH used by the user manager instance was
+ changed to put bin/ entries before the corresponding sbin/ entries.
+ It is recommended to not rely on this order, and only ever have one
+ binary with a given name in the system paths under /usr.
+
* A new tool systemd-network-generator has been added that may generate
.network, .netdev and .link files from IP configuration specified on
- the kernel command line, compatible with the format Dracut expects.
+ the kernel command line in the format used by Dracut.
* The CriticalConnection= setting in .network files is now deprecated,
and replaced by a new KeepConfiguration= setting which allows more
detailed configuration of the IP configuration to keep in place.
- * systemd-analyze gained a new "timestamp" verb for parsing and
- converting timestamps. It's similar to the existing "systemd-analyze
- calendar" command which does the same for recurring calendar
- events. It also gained a new "condition" verb for parsing and testing
- ConditionXYZ= expressions.
+ * systemd-analyze gained a few new verbs:
+
+ - "systemd-analyze timestamp" parses and converts timestamps. This is
+ similar to the existing "systemd-analyze calendar" command which
+ does the same for recurring calendar events.
+
+ - "systemd-analyze timespan" parses and converts timespans (i.e.
+ durations as opposed to points in time).
+
+ - "systemd-analyze condition" will parse and test ConditionXYZ=
+ expressions.
+
+ - "systemd-analyze exit-status" will parse and convert exit status
+ codes to their names and back.
+
+ - "systemd-analyze unit-files" will print a list of all unit
+ file paths and unit aliases.
+
+ * SuccessExitStatus=, RestartPreventExitStatus=, and
+ RestartForceExitStatus= now accept exit status names (e.g. "DATAERR"
+ is equivalent to "65"). Those exit status name mappings may be
+ displayed with the sytemd-analyze exit-status verb describe above.
* systemd-logind now exposes a per-session SetBrightness() bus call,
which may be used to securely change the brightness of a kernel
brightness device, if it belongs to the session's seat. By using this
call unprivileged clients can make changes to "backlight" and "leds"
- devices securely with strict requirements on session
- membership. Desktop environments may use this to generically make
- brightness changes to such devices without shipping private SUID
- binaries or specific udev rules for that purpose.
+ devices securely with strict requirements on session membership.
+ Desktop environments may use this to generically make brightness
+ changes to such devices without shipping private SUID binaries or
+ udev rules for that purpose.
* "udevadm info" gained a --wait-for-initialization switch to wait for
a device to be initialized.
* systemd-hibernate-resume-generator will now look for resumeflags= on
the kernel command line, which is similar to rootflags= and may be
- used to configure device timeouts for waiting for the hibernation
- device to show up.
+ used to configure device timeout for the hibernation device.
* sd-event learnt a new API call sd_event_source_disable_unref() for
disabling and unref'ing an event source in a single function. A
related call sd_event_source_disable_unrefp() has been added for use
- with GCC's cleanup extension.
+ with gcc's cleanup extension.
* The sd-id128.h public API gained a new definition
SD_ID128_UUID_FORMAT_STR for formatting a 128bit ID in UUID format
kernel command line option systemd.status_unit_format=.
* PID 1 now understands a new option KExecWatchdogSec= in
- /etc/systemd/system.conf. It allows configuration of a watchdog
- timeout to write to a hardware watchdog device on kexec-based
- reboots. Previously this functionality was only available for regular
- reboots. This option defaults to off, since it depends on drivers and
- software setup whether the watchdog is correctly reset again after
- the kexec completed, and thus for the general case not clear if safe
- (since it might cause unwanted watchdog reboots after the kexec
- completed otherwise). Moreover, the old ShutdownWatchdogSec= setting
- has been renamed to RebootWatchdogSec= to more clearly communicate
- what it is about. The old name of the setting is still accepted for
- compatibility.
+ /etc/systemd/system.conf to set a watchdog timeout for kexec reboots.
+ Previously watchdog functionality was only available for regular
+ reboots. The new setting defaults to off, because we don't know in
+ the general case if the watchdog will be reset after kexec (some
+ drivers do reset it, but not all), and the new userspace might not be
+ configured to handle the watchdog.
+
+ Moreover, the old ShutdownWatchdogSec= setting has been renamed to
+ RebootWatchdogSec= to more clearly communicate what it is about. The
+ old name is still accepted for compatibility.
* The systemd.debug_shell kernel command line option now optionally
- takes a tty name to spawn the debug shell on, which allows selecting
- a different tty than the built-in default.
+ takes a tty name to spawn the debug shell on, which allows a
+ different tty to be selected than the built-in default.
* Service units gained a new ExecCondition= setting which will run
before ExecStartPre= and either continue execution of the unit (for
clean exit codes), stop execution without marking the unit failed
(for exit codes 1 through 254), or stop execution and fail the unit
- (for exit code 255 or cases of abnormal termination).
+ (for exit code 255 or abnormal termination).
* A new service systemd-pstore.service has been added that pulls data
from /sys/fs/pstore/ and saves it to /var/lib/pstore for later
true for the service to enable this behaviour, but please consult the
documentation first, since this comes with a couple of caveats.
- * systemd-random-seed.service is now a synchronization point for the
- point in time where the kernel's entropy pool is fully
- initialized. Order services that require /dev/urandom to be correctly
- initialized after this service.
+ * systemd-random-seed.service is now a synchronization point for full
+ initialization of the kernel's entropy pool. Services that require
+ /dev/urandom to be correctly initialized should be ordered after this
+ service.
* The systemd-boot boot loader has been updated to optionally maintain
a random seed file in the EFI System Partition (ESP). During the boot
phase, this random seed is read and updated with a new seed
- crytographically derived from it. Another derived seed is passed to
+ cryptographically derived from it. Another derived seed is passed to
the OS. The latter seed is then credited to the kernel's entropy pool
very early during userspace initialization (from PID 1). This allows
systems to boot up with a fully initialized kernel entropy pool from
earliest boot on, and thus entirely removes all entropy pool
initialization delays from systems using systemd-boot. Special care
is taken to ensure different seeds are derived on system images
- replicated to multiple systems.
+ replicated to multiple systems. "bootctl status" will show whether
+ a seed was received from the boot loader.
+
+ * bootctl gained two new verbs:
+
+ - "bootctl random-seed" will generate the file in ESP and an EFI
+ variable to allow a random seed to be passed to the OS as described
+ above.
+
+ - "bootctl is-installed" checks whether systemd-boot is currently
+ installed.
- * bootctl gained a new verb "is-installed" that checks whether
- systemd-boot is currently installed.
+ * bootctl will warn if it detects that boot entries are misconfigured
+ (for example if the kernel image was removed without purging the
+ bootloader entry).
* A new document has been added describing systemd's use and support
for the kernel's entropy pool subsystem:
option that permits selecting the timout how long to wait for a
device with an encryption key before asking for the password.
- Contributions from: Aaron Barany, Adrian Bunk, Alan Jenkins, Andrej
- Valek, Anita Zhang, Arian van Putten, Balint Reczey, Bastien Nocera,
- Ben Boeckel, Benjamin Robin, camoz, Chen Qi, Chris Chiu, Chris Down,
- Christian Kellner, Clinton Roy, Connor Reeder, Daniele Medri, Dan
- Streetman, Dave Reisner, Dave Ross, David Art, David Tardon, Debarshi
- Ray, Dominick Grift, Donald Buczek, Douglas Christman, Eric DeVolder,
- Evgeny Vereshchagin, Feldwor, Felix Riemann, Florian Dollinger, Franck
- Bui, Frantisek Sumsal, Franz Pletz, Hans de Goede, Iago López Galeiras,
- Insun Pyo, Ivan Shapovalov, Iwan Timmer, Jack, Jakob Unterwurzacher,
- Jan Klötzke, Jan Pokorný, Jan Synacek, Jeka Pats, Jérémy Rosen, Jiri
- Pirko, Joe Lin, Joerg Behrmann, Joe Richey, Jóhann B. Guðmundsson,
- Johannes Schmitz, Jonathan Rouleau, Jorge Niedbalski, Kai Lüke, Karel
- Zak, Kashyap Chamarthy, Krayushkin Konstantin, Lennart Poettering,
- Lubomir Rintel, Luca Boccassi, Luís Ferreira, Marc-André Lureau, Markus
- Felten, Martin Pitt, Michael Biebl, Michael Olbrich, Michael Prokop,
- Michael Stapelberg, Michael Zhivich, Michal Koutný, Michal Sekletar,
- Mike Gilbert, Milan Broz, mpe85, Network Silence, Oliver Harley,
- pan93412, Paul Menzel, pEJipE, Peter A. Bigot, Philip Withnall, Piotr
- Drąg, Rafael Fontenelle, Roberto Santalla, root, RussianNeuroMancer,
- Sebastian Jennen, shinygold, Shreyas Behera, Simon Schricker, Susant
- Sahani, Thadeu Lima de Souza Cascardo, Theo Ouzhinski, Thiebaud
- Weksteen, Thomas Haller, Thomas Weißschuh, Tomas Mraz, Topi Miettinen,
- ven, Wieland Hoffmann, Xi Ruoyao, Yuri Chornoivan, Yu Watanabe, Zach
- Smith, Zbigniew Jędrzejewski-Szmek, Zhang Xianwei
-
- – Somewhere, SOME-TI-ME
+ * IOWeight= has learnt to properly set the IO weight when using the
+ BFQ scheduler officially found in kernels 5.0+.
+
+ * A new mailing list has been created for reporting of security issues:
+ systemd-security@redhat.com. For mode details, see
+ https://systemd.io/CONTRIBUTING#security-vulnerability-reports.
+
+ Contributions from: Aaron Barany, Adrian Bunk, Alan Jenkins, Albrecht
+ Lohofener, Andrej Valek, Anita Zhang, Arian van Putten, Balint Reczey,
+ Bastien Nocera, Ben Boeckel, Benjamin Robin, camoz, Chen Qi, Chris
+ Chiu, Chris Down, Christian Kellner, Clinton Roy, Connor Reeder, Daniel
+ Black, Daniele Medri, Dan Streetman, Dave Reisner, Dave Ross, David
+ Art, David Tardon, Debarshi Ray, Dimitri John Ledkov, Dominick Grift,
+ Donald Buczek, Douglas Christman, Eric DeVolder, EtherGraf, Evgeny
+ Vereshchagin, Feldwor, Felix Riemann, Florian Dollinger, Francesco
+ Pennica, Franck Bui, Frantisek Sumsal, Franz Pletz, frederik, Hans
+ de Goede, Iago López Galeiras, Insun Pyo, Ivan Shapovalov, Iwan Timmer,
+ Jack, Jakob Unterwurzacher, Jan Chren, Jan Klötzke, Jan Losinski, Jan
+ Pokorný, Jan Synacek, Jan-Michael Brummer, Jeka Pats, Jeremy Soller,
+ Jérémy Rosen, Jiri Pirko, Joe Lin, Joerg Behrmann, Joe Richey, Jóhann
+ B. Guðmundsson, Johannes Christ, Johannes Schmitz, Jonathan Rouleau,
+ Jorge Niedbalski, Kai Krakow, Kai Lüke, Karel Zak, Kashyap Chamarthy,
+ Krayushkin Konstantin, Lennart Poettering, Lubomir Rintel, Luca
+ Boccassi, Luís Ferreira, Marc-André Lureau, Markus Felten, Martin Pitt,
+ Matthew Leeds, Mattias Jernberg, Michael Biebl, Michael Olbrich,
+ Michael Prokop, Michael Stapelberg, Michael Zhivich, Michal Koutný,
+ Michal Sekletar, Mike Gilbert, Milan Broz, Miroslav Lichvar, mpe85,
+ Mr-Foo, Network Silence, Oliver Harley, pan93412, Paul Menzel, pEJipE,
+ Peter A. Bigot, Philip Withnall, Piotr Drąg, Rafael Fontenelle, Roberto
+ Santalla, Ronan Pigott, root, RussianNeuroMancer, Sebastian Jennen,
+ shinygold, Shreyas Behera, Simon Schricker, Susant Sahani, Thadeu Lima
+ de Souza Cascardo, Theo Ouzhinski, Thiebaud Weksteen, Thomas Haller,
+ Thomas Weißschuh, Tomas Mraz, Tommi Rantala, Topi Miettinen, VD-Lycos,
+ ven, Wieland Hoffmann, William A. Kennington III, William Wold, Xi
+ Ruoyao, Yuri Chornoivan, Yu Watanabe, Zach Smith, Zbigniew
+ Jędrzejewski-Szmek, Zhang Xianwei
+
+ – Camerino, 2019-09-03
CHANGES WITH 242:
projects / thirdparty / systemd.git / blobdiff