* $DBUS_SESSION_BUS_ADDRESS environment variable is set by pam_systemd
again.
- * kernel-install script now optionally takes a path to an initrd file,
- and passes it to all plugins.
+ * A new network device NamePolicy "keep" is implemented for link files,
+ and used by default in 99-default.link (the fallback configuration
+ provided by systemd). With this policy, if the network device name
+ was already set by userspace, the device will not be renamed again.
+ This matches the naming scheme that was implemented before
+ systemd-240. If naming-scheme < 240 is specified, the "keep" policy
+ is also enabled by default, even if not specified. Effectively, this
+ means that if naming-scheme >= 240 is specified, network devices will
+ be renamed according to the configuration, even if they have been
+ renamed already, if "keep" is not specified as the naming policy in
+ the .link file. The 99-default.link file provided by systemd includes
+ "keep" for backwards compatibility, but it is recommended for user
+ installed .link files to *not* include it.
+
+ The "kernel" policy, which keeps kernel names declared to be
+ "persistent", now works again as documented.
+
+ * kernel-install script now optionally takes the paths to one or more
+ initrd files, and passes them to all plugins.
+
+ * The mincore() system call has been dropped from the @system-service
+ system call filter group, as it is pretty exotic and may potentially
+ used for side-channel attacks.
* -fPIE is dropped from compiler and linker options. Please specify
-Db_pie=true option to meson to build position-independent
Note that the similar hardlink and symlink protection has been
enabled since v199, and may be disabled likewise.
+ * The files read from the EnvironmentFile= setting in unit files now
+ parse backslashes inside quotes literally, matching the behaviour of
+ POSIX shells.
+
+ * udevadm trigger, udevadm control, udevadm settle and udevadm monitor
+ now automatically become NOPs when run in a chroot() environment.
+
+ * The tmpfiles.d/ "C" line type will now copy directory trees not only
+ when the destination is so far missing, but also if it already exists
+ as a directory and is empty. This is useful to cater for systems
+ where directory trees are put together from multiple separate mount
+ points but otherwise empty.
+
+ * A new function sd_bus_close_unref() (and the associated
+ sd_bus_close_unrefp()) has been added to libsystemd, that combines
+ sd_bus_close() and sd_bus_unref() in one.
+
+ * udevadm control learnt a new option for --ping for testing whether a
+ systemd-udevd instance is running and reacting.
+
+ Contributions from: Aaron Plattner, Alex Mayer, Ayman Bagabas,
+ Beniamino Galvani, bl33pbl0p, Burt P, Chris Down, Chris Lamb, Chris
+ Morin, Claudius Ellsel, dana, Daniel Axtens, Daniele Medri, Dave
+ Reisner, dcanuhe, Dimitri John Ledkov, Evgeny Vereshchagin, Fabrice
+ Fontaine, Filipe Brandenburger, Franck Bui, Frantisek Sumsal, howl,
+ ikelos, James Hilliard, Jani Uusitalo, Jan Janssen, Jonathan Roemer,
+ Jonathon Kowalski, Joost Heitbrink, Jörg Thalheim, Lennart Poettering,
+ Louis Taylor, Lucas Werkmeister, Marc-Antoine Perennou, marvelousblack,
+ Michael Biebl, Michael Sloan, Michal Sekletar, Mike Auty, Mike Gilbert,
+ Mikhail Kasimov, Niklas Hambüchen, Patrick Williams, Paul Seyfert,
+ Philip Withnall, rogerjames99, Ronnie P. Thomas, Ryan Gonzalez, Sam
+ Morris, Susant Sahani, Taro Yamada, Thomas Haller, Topi Miettinen,
+ YunQiang Su, Yu Watanabe, Zbigniew Jędrzejewski-Szmek, zsergeant77
+
+ — Berlin, 2018-XX-XX
+
CHANGES WITH 240:
* NoNewPrivileges=yes has been set for all long-running services
file descriptors currently enforced (fs.file-max, fs.nr_open,
RLIMIT_NOFILE hard, RLIMIT_NOFILE soft) we turn off the first two,
and keep only the latter two. A set of build-time options
- (-Dbump-proc-sys-fs-file-max=no and -Dbump-proc-sys-fs-nr-open=no)
+ (-Dbump-proc-sys-fs-file-max=false and -Dbump-proc-sys-fs-nr-open=false)
has been added to revert this change in behaviour, which might be
an option for systems that turn off memcg in the kernel.
* $DBUS_SESSION_BUS_ADDRESS environment variable is not set by
pam_systemd anymore.
+ * The naming scheme for network devices was changed to always rename
+ devices, even if they were already renamed by userspace. The "kernel"
+ policy was changed to only apply as a fallback, if no other naming
+ policy took effect.
+
* The requirements to build systemd is bumped to meson-0.46 and
python-3.5.
allows ordering services before the service that executes the actual
update process in a generic way.
+ * Systemd now emits warnings whenever .include syntax is used.
+
Contributions from: Adam Duskett, Alan Jenkins, Alessandro Casale,
Alexander Kurtz, Alex Gartrell, Anssi Hannula, Arnaud Rebillout, Brian
J. Murrell, Bruno Vernay, Chris Lamb, Chris Lesiak, Christian Brauner,
IFUNC. Please make sure to use --enable-compat-libs only
during a transitional period!
+ * The .include syntax has been deprecated and is not documented
+ anymore. Drop-in files in .d directories should be used instead.
+
Contributions from: Andreas Fuchs, Armin K., Colin Walters,
Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
Holger Schurig, Jason A. Donenfeld, Jason St. John, Jasper
projects / thirdparty / systemd.git / blobdiff