only cgroup v2 ('unified' hierarchy) can be selected as build-time
default.
+ * Support for System V service scripts is deprecated and will be
+ removed in a future release. Please make sure to update your software
+ *now* to include a native systemd unit file instead of a legacy
+ System V script to retain compatibility with future systemd releases.
+
+ * Support for the SystemdOptions EFI variable is deprecated.
+ 'bootctl systemd-efi-options' will emit a warning when used. It seems
+ that this feature is little-used and it is better to use alternative
+ approaches like credentials and confexts. The plan is to drop support
+ altogether at a later point, but this might be revisited based on
+ user feedback.
+
+ * systemd-run's switch --expand-environment= which currently is disabled
+ by default when combined with --scope, will be changed in a future
+ release to be enabled by default.
+
* Previously, systemd-networkd did not explicitly remove any bridge
VLAN IDs assigned on bridge master and ports. Since version 256, if a
.network file for an interface has at least one valid setting in the
or /efi/ hierarchies in /etc/fstab. This is to prevent the generator
from interfering with systems where the ESP is explicitly configured
to be mounted at some path, for example /boot/efi/ (this type of
- setup is obsolete but still commonly found).
+ setup is obsolete, but still commonly found).
* The behavior of systemd-sleep and systemd-homed has been updated to
freeze user sessions when entering the various sleep modes or when
'D' stanzas. For example, with the combination of 'R /foo' and 'x
/foo/bar', /foo/bar will now be excluded from removal.
+ * systemd.crash_reboot and related settings are deprecated in favor of
+ systemd.crash_action=.
+
General Changes and New Features:
* Various programs will now attempt to load the main configuration file
embedded in the file name. The files are ordered by version and
the newest one is selected.
- systemd-nspawn --image=/--directory=, systemd-dissect, and the
- RootDirectory=, RootImage=, ExtensionImages=, and
- ExtensionDirectories= settings for units now support the vpick
- protocol and allow the latest version to be selected automatically if
- a "*.v/" directory is specified as the source.
+ systemd-nspawn --image=/--directory=, systemd-dissect,
+ systemd-portabled, and the RootDirectory=, RootImage=,
+ ExtensionImages=, and ExtensionDirectories= settings for units now
+ support the vpick protocol and allow the latest version to be
+ selected automatically if a "*.v/" directory is specified as the
+ source.
- * Encrypted service credentials may now be made accessible to
+ * Encrypted service credentials can now be made accessible to
unprivileged users. systemd-creds gained new options --user/--uid=
for encrypting/decrypting a credential for a specific user.
* New command-line tool 'importctl' to download, import, and export
disk images via systemd-importd is added with the following verbs:
pull-tar, pull-raw, import-tar, import-raw, import-fs, export-tar,
- export-raw, list-transfers, cancel-transfer. This functionality was
- previously available in "machinectl", where it was exclusively for
- machine image. The new "importctl" generalizes this for sysext,
- confext, portable service images, too.
+ export-raw, list-transfers, and cancel-transfer. This functionality
+ was previously available in "machinectl", where it was used
+ exclusively for machine images. The new "importctl" generalizes this
+ for sysext, confext, and portable service images.
+
+ * The systemd sources may now be compiled cleanly with all OpenSSL 3.0
+ deprecations removed, including the OpenSSL engine logic turned off.
Service Management:
analogous to the unit setting, but applies to the whole system. It is
enabled by default in the initrd.
+ Note that this means that code executed in the initrd cannot naively
+ expect to be able to write to /usr/ during boot. This affects
+ dracut <= 101, which wrote "hooks" to /lib/dracut/hooks/. See
+ https://github.com/dracut-ng/dracut-ng/commit/a45048b80c27ee5a45a380.
+
* New unit setting WantsMountsFor= has been added. It is analogous to
- RequiresMountsFor=, but with a Wants= dependency instead of
- Requires=. This new logic is used in various places where mounts were
- added as dependencies for other settings (WorkingDirectory=-…,
+ RequiresMountsFor=, but creates a Wants= dependency instead of
+ Requires=. This new logic is now used in various places where mounts
+ were added as dependencies for other settings (WorkingDirectory=-…,
PrivateTmp=yes, cryptsetup lines with 'nofail').
* New unit setting MemoryZSwapWriteback= can be used to control the new
* The manager gained a org.freedesktop.systemd1.StartAuxiliaryScope()
D-Bus method to devolve some processes from a service into a new
- scope. This new scope will remain even if the original service unit
- is restarted. Control group properties of the new scope are copied
- from the originating unit, so various limits are retained.
+ scope. This new scope will remain running, even when the original
+ service unit is restarted or stopped. This allows a service unit to
+ split out some worker processes which need to continue running.
+ Control group properties of the new scope are copied from the
+ originating unit, so various limits are retained.
* Units now expose properties EffectiveMemoryMax=,
EffectiveMemoryHigh=, and EffectiveTasksMax=, which report the
system credential.
* The systemd binary will no longer chainload sysvinit's "telinit"
- binary when called under the init/telinit name on a system that
- isn't booted with systemd. This previously has been supported to make
- sure a distribution that has both init systems installed can be
- reasonably switched from one to the other via a simple
- reboot. Distributions apparently have lost interest in this, and the
- functionality has not been supported on the primary distribution this
- was still intended for for a longer time, and hence has been removed
- now.
-
- * A new concept called "capsules" has been introduced. "Capsules"
- encapsulate additional per-user service managers, whose users are
- transient and are only defined as long as the service manager
- is running (implemented via DynamicUser=1). These service managers run
- off home directories defined in /var/lib/capsules/<name>, where
- <name> is a the capsule's name. These home directories can contain
- regular per-user services and other units. A capsule is started via a
- simple "systemctl start capsule@<name>.service". See the
- capsule@.service(5) man page for further details. Various systemd
- tools (including, and most importantly, systemctl and systemd-run)
- have been updated to interact with capsules via the new
+ binary when called under the init/telinit name on a system that isn't
+ booted with systemd. This previously has been supported to make sure
+ a distribution that has both init systems installed can reasonably
+ switch from one to the other via a simple reboot. Distributions
+ apparently have lost interest in this, and the functionality has not
+ been supported on the primary distribution this was still intended
+ for a long time, and hence has been removed now.
+
+ * A new concept called "capsules" has been introduced. "Capsules" wrap
+ additional per-user service managers, whose users are transient and
+ are only defined as long as the service manager is running. (This is
+ implemented via DynamicUser=1), allowing a user manager to be used to
+ manager a group of processes without needing to create an actual user
+ account. These service managers run with home directories of
+ /var/lib/capsules/<capsule-name> and can contain regular services and
+ other units. A capsule is started via a simple "systemctl start
+ capsule@<name>.service". See the capsule@.service(5) man page for
+ further details.
+
+ Various systemd tools (including, and most importantly, systemctl and
+ systemd-run) have been updated to interact with capsules via the new
"--capsule="/"-C" switch.
* .socket units gained a new setting PassFileDescriptorsToExec=, taking
encapsulates are passed to the ExecStartPost=, ExecStopPre=,
ExecStopPost= using the usual $LISTEN_FDS interface. This may be used
for doing additional initializations on the sockets once they are
- allocated (for example, install an additional eBPF program on them).
+ allocated. (For example, to install an additional eBPF program on
+ them).
* The .socket setting MaxConnectionsPerSource= (which so far put a
limit on concurrent connections per IP in Accept=yes socket units),
services in a simple Accept=yes mode.
* The service manager will now maintain a counter of soft reboot cycles
- the system went through so far. It may be queried via the D-Bus APIs.
+ the system went through. It may be queried via the D-Bus APIs.
* systemd's execution logic now supports the new pidfd_spawn() API
introduced by glibc 2.39, which allows us to invoke a subprocess in a
target cgroup and get a pidfd back in a single operation.
- * systemd/PID 1 will now send an additional sd_notify() message to its
+ * systemd/PID 1 will now send an additional sd_notify() message to its
supervising VMM or container manager reporting the selected hostname
("X_SYSTEMD_HOSTNAME=") and machine ID ("X_SYSTEMD_MACHINE_ID=") at
boot. Moreover, the service manager will send additional sd_notify()
reports "ssh-access.target" being reached a VMM/container manager
knows it can now connect to the system via SSH. Finally, a new
sd_notify() message ("X_SYSTEMD_SIGNALS_LEVEL=2") is sent the moment
- PID 1 successfully completed installation of its various UNIX process
- signal handlers (i.e. the moment where SIGRTMIN+4 sent to PID 1 will
- start to have the effect of shutting down the system cleanly).
+ PID 1 has successfully completed installation of its various UNIX
+ process signal handlers (i.e. the moment where SIGRTMIN+4 sent to
+ PID 1 will start to have the effect of shutting down the system
+ cleanly). X_SYSTEMD_SHUTDOWN= is sent shortly before the system shuts
+ down, and carries a string identifying the type of shutdown,
+ i.e. "poweroff", "halt", "reboot". X_SYSTEMD_REBOOT_PARAMETER= is
+ sent at the same time and carries the string passed to "systemctl
+ --reboot-argument=" if there was one.
+
+ * New D-Bus properties ExecMainHandoffTimestamp and
+ ExecMainHandoffTimestampMonotonic are now published by services
+ units. This timestamp is taken as the very last operation before
+ handing off control to invoked binaries. This information is
+ available for other unit types that fork off processes (i.e. mount,
+ swap, socket units), but currently only via "systemd-analyze dump".
+
+ * An additional timestamp is now taken by the service manager when a
+ system shutdown operation is initiated. It can be queried via D-Bus
+ during the shutdown phase. It's passed to the following service
+ manager invocation on soft reboots, which will then use it to log the
+ overall "grey-out" time of the soft reboot operation, i.e. the time
+ when the shutdown began until the system is fully up again.
+
+ * "systemctl status" will now display the invocation ID in its usual
+ output, i.e. the 128bit ID uniquely assigned to the current runtime
+ cycle of the unit. The ID has been supported for a long time, but is
+ now more prominently displayed, as it is a very useful handle to a
+ specific invocation of a service.
+
+ * systemd now generates a new "taint" string "unmerged-bin" for systems
+ that have /usr/bin/ and /usr/sbin/ separate. It's generally
+ recommended to make the latter a symlink to the former these days.
+
+ * A new systemd.crash_action= kernel command line option has been added
+ that configures what to do after the system manager (PID 1) crashes.
+ This can also be configured through CrashAction= in systemd.conf.
+
+ * "systemctl kill" now supports --wait which will make the command wait
+ until the signalled services terminate.
Journal:
* systemd-journald can now forward journal entries to a socket
(AF_INET, AF_INET6, AF_UNIX, or AF_VSOCK). The socket can be
- specified in journald.conf via a new option ForwardAddress= or via
- the 'journald.forward_address' credential. Log records are sent in
+ specified in journald.conf via a new option ForwardToSocket= or via
+ the 'journald.forward_to_socket' credential. Log records are sent in
the Journal Export Format. A related setting MaxLevelSocket= has been
added to control the maximum log levels for the messages sent to this
socket.
+ * systemd-journald now also reads the journal.storage credential when
+ determining where to store journal files.
+
* systemd-vmspawn gained a new --forward-journal= option to forward the
virtual machine's journal entries to the host. This is done over a
AF_VSOCK socket, i.e. it does not require networking in the guest.
* .link files now support a new ReceivePacketSteeringCPUMask= setting
for configuring which CPUs to steer incoming packets to.
+ * The [Network] section in .network files gained a new setting
+ UseDomains=, which is a single generic knob for controlling the
+ settings of the same name in the [DHCPv4], [DHCPv6] and
+ [IPv6AcceptRA].
+
+ * The 99-default.link file we ship by default (that defines the policy
+ for all network devices to which no other .link file applies) now
+ lists "mac" among AlternativeNamesPolicy=. This means that network
+ interfaces will now by default gain an additional MAC-address based
+ alternative device name. (i.e. enx…)
+
systemd-nspawn:
* systemd-nspawn now provides a /run/systemd/nspawn/unix-export/
directory where the container payload can expose AF_UNIX sockets to
- allow them them to be accessed from outside.
+ allow them to be accessed from outside.
* systemd-nspawn will tint the terminal background for containers in a
blueish color. This can be controller with the new --background=
* confexts are loaded by systemd-stub from the ESP as well.
- * The pcrlock policy is saved in an unencrypted credential file
- "pcrlock.<entry-token>.cred" under XBOOTLDR/ESP in the
- /loader/credentials/ directory. It will be picked up at boot by
- systemd-stub and passed to the initrd, where it can be used to unlock
- the root file system.
-
* kernel-install gained support for --root= for the 'list' verb.
- * systemd-pcrlock gained an --entry-token= option to configure the
- entry-token.
-
- * systemd-pcrlock now provides a basic Varlink interface and can be run
- as a daemon via a template unit.
-
* bootctl now provides a basic Varlink interface and can be run as a
daemon via a template unit.
for enrolling "dbx" too (Previously, only db/KEK/PK enrollment was
supported). It also now supports UEFI "Custom" mode.
+ * The pcrlock policy is saved in an unencrypted credential file
+ "pcrlock.<entry-token>.cred" under XBOOTLDR/ESP in the
+ /loader/credentials/ directory. It will be picked up at boot by
+ systemd-stub and passed to the initrd, where it can be used to unlock
+ the root file system.
+
+ * systemd-pcrlock gained an --entry-token= option to configure the
+ entry-token.
+
+ * systemd-pcrlock now provides a basic Varlink interface and can be run
+ as a daemon via a template unit.
+
+ * systemd-pcrlock's TPM nvindex access policy has been modified, this
+ means that previous pcrlock policies stored in nvindexes are
+ invalidated. They must be removed (systemd-pcrlock remove-policy) and
+ recreated (systemd-pcrlock make-policy). For the time being
+ systemd-pcrlock remains an experimental feature, but it is expected
+ to become stable in the next release, i.e. v257.
+
+ * systemd-pcrlock's --recovery-pin= switch now takes three values:
+ "hide", "show", "query". If "show" is selected the automatically
+ generated recovery PIN is shown to the user. If "query" is selected
+ then the PIN is queried from the user.
+
+ * sd-stub gained support for the new ".ucode" PE section in UKIs, that
+ may contain CPU microcode data. When control is handed over to the
+ Linux kernel this data is prepended to the set of initrds passed.
+
systemd-run/run0:
* systemd-run is now a multi-call binary. When invoked as 'run0', it
--ssh-key-type= to optionally set up transient SSH keys to pass to the
invoked VMs in order to be able to SSH into them once booted.
+ * systemd-vmspawn will now enable various "HyperV enlightenments" and
+ the "VM Generation ID" on the VMs.
+
+ * A new environment variable $SYSTEMD_VMSPAWN_QEMU_EXTRA may carry
+ additional qemu command line options to pass to qemu.
+
systemd-repart:
* systemd-repart gained new options --generate-fstab= and
been changed from regular shared library dependencies into dlopen()
based ones.
+ Note that this means that those libraries might not be automatically
+ pulled in when ELF dependencies are resolved. In particular lack of
+ libkmod might cause problems with boot. This affects dracut <= 101,
+ see https://github.com/dracut-ng/dracut-ng/commit/04b362d713235459cf.
+
* The sd-journal API gained a new call
sd_journal_stream_fd_with_namespace() which is just like
sd_journal_stream_fd() but creates a log stream targeted at a
specific log namespace.
+ * The sd-id128 API gained a new API call
+ sd_id128_get_invocation_app_specific() for acquiring an app-specific
+ ID that is derived from the service invocation ID.
+
+ * The sd-event API gained a new API call
+ sd_event_source_get_inotify_path() that returns the file system path
+ an inotify event source was created for.
+
systemd-cryptsetup/systemd-cryptenroll:
+ * The device node argument to systemd-cryptenroll is now optional. If
+ omitted it will be derived automatically from the backing block
+ device of /var/ (which quite likely is the same as the root file
+ system, hence effectively means if you don't specify things otherwise
+ the tool will now default to enrolling a key into the root file
+ system's LUKS device).
+
* systemd-cryptenroll can now enroll directly with a PKCS11 public key
(instead of a certificate).
https://systemd.io/VM_INTERFACE
- * The sd_notify() man page has gained an example with C code that shows
- how to implement the interface in C without involving libsystemd.
+ * The sd_notify() man page has gained examples with C and Python code
+ that shows how to implement the interface in those languages without
+ involving libsystemd.
systemd-homed, systemd-logind, systemd-userdbd:
used to specify the TTY for the debug shell, independently of
enabling or disabling it.
- Contributions from: A S Alam, AKHIL KUMAR, Abraham Samuel Adekunle,
- Adrian Vovk, Adrian Wannenmacher, Alan Liang, Alberto Planas,
- Alexander Zavyalov, Anders Jonsson, Andika Triwidada, Andres Beltran,
- Andrew Sayers, Antonio Alvarez Feijoo, Arthur Zamarin, Artur Pak,
- AtariDreams, Benjamin Franzke, Bernhard M. Wiedemann, Black-Hole1,
- Bryan Jacobs, Burak Gerz, Carlos Garnacho, Chandra Pratap,
- Chris Simons, Christian Wesselhoeft, Clayton Craft, Colin Geniet,
- Colin Walters, Costa Tsaousis, Cristian Rodríguez, Daan De Meyer,
+ * portablectl gained a new --clean switch that clears a portable
+ service's data (cache, logs, state, runtime, fdstore) when detaching
+ it.
+
+ Contributions from: A S Alam, AKHIL KUMAR,
+ Abraham Samuel Adekunle, Adrian Vovk, Adrian Wannenmacher,
+ Alan Liang, Alberto Planas, Alexander Zavyalov, Anders Jonsson,
+ Andika Triwidada, Andres Beltran, Andrew Sayers,
+ Antonio Alvarez Feijoo, Arthur Zamarin, Artur Pak, AtariDreams,
+ Benjamin Franzke, Bernhard M. Wiedemann, Black-Hole1, Bryan Jacobs,
+ Burak Gerz, Carlos Garnacho, Chandra Pratap, Chris Simons,
+ Christian Wesselhoeft, Clayton Craft, Colin Geniet, Colin Walters,
+ Costa Tsaousis, Cristian Rodríguez, Daan De Meyer,
Damien Challet, Dan Streetman, David Tardon, David Venhoek,
Diego Viola, Dionna Amalie Glaze, Dmitry Konishchev,
Edson Juliano Drosdeck, Eisuke Kawashima, Eli Schwartz,
Emanuele Giuseppe Esposito, Eric Daigle, Evgeny Vereshchagin,
- Felix Riemann, Fernando Fernandez Mancera, Florian Schmaus, Franck Bui,
- Frantisek Sumsal, Friedrich Altheide, Gabríel Arthúr Pétursson,
- Gaël Donval, Georges Basile Stavracas Neto, Gerd Hoffmann,
+ Felix Riemann, Fernando Fernandez Mancera, Florian Schmaus,
+ Franck Bui, Frantisek Sumsal, Friedrich Altheide,
+ Gabríel Arthúr Pétursson, Gaël Donval, Georges Basile Stavracas Neto,
+ Gerd Hoffmann, GNOME Foundation, Guido Leenders,
Guilhem Lettron, Göran Uddeborg, Hans de Goede, Harald Brinkmann,
Heinrich Schuchardt, Henry Li, Holger Assmann, Ivan Kruglov,
- Ivan Shapovalov, Jakub Sitnicki, James Muir, Jan Engelhardt, Jan Macku,
- Jeff King, JmbFountain, Joakim Nohlgård, Julius Alexandre,
- Jörg Behrmann, Keian, Kirk, Kristian Klausen, Krzesimir Nowak,
- Lars Ellenberg, Lennart Poettering, Luca Boccassi, Ludwig Nussel,
- Lukáš Nykrýn, Luxiter, Maanya Goenka, Mariano Giménez,
- Markus Merklinger, Martin Ivicic, Martin Trigaux, Martin Wilck,
- Matt Layher, Matt Muggeridge, Matteo Croce, Matthias Lisin,
- Max Gautier, Max Staudt, Michael Biebl, Michal Koutný, Michal Sekletár,
- Mike Gilbert, Mike Yuan, Mikko Ylinen, MkfsSion, MrSmör,
- Nandakumar Raghavan, Nick Cao, Nick Rosbrook, Ole Peder Brandtzæg,
- Ondrej Kozina, Oğuz Ersen, Pablo Méndez Hernández, Pierre GRASSER,
- Piotr Drąg, QuonXF, Rafaël Kooi, Raito Bezarius, Reid Wahl,
- Renjaya Raga Zenta, Richard Maw, Roland Hieber, Ronan Pigott, Rose,
- Ross Burton, Sam Leonard, Samuel BF, Sergei Zhmylev, Sergey A, Shulhan,
- SidhuRupinder, Sludge, Stuart Hayhurst, Susant Sahani,
+ Ivan Shapovalov, Jakub Sitnicki, James Muir, Jan Engelhardt,
+ Jan Macku, Jeff King, JmbFountain, Joakim Nohlgård,
+ Jonathan Conder, Julius Alexandre, Jörg Behrmann, Keian, Kirk,
+ Kristian Klausen, Krzesimir Nowak, Lars Ellenberg,
+ Lennart Poettering, Luca Boccassi, Ludwig Nussel, Lukáš Nykrýn,
+ Luna Jernberg, Luxiter, Maanya Goenka, Mariano Giménez,
+ Markus Merklinger, Martin Ivicic, Martin Srebotnjak,
+ Martin Trigaux, Martin Wilck, Matt Layher, Matt Muggeridge,
+ Matteo Croce, Matthias Lisin, Max Gautier, Max Staudt, MaxHearnden,
+ Michael Biebl, Michal Koutný, Michal Sekletár, Mike Gilbert,
+ Mike Yuan, Mikko Ylinen, MkfsSion, MrSmör, Nandakumar Raghavan,
+ Nick Cao, Nick Rosbrook, Norbert Lange, Ole Peder Brandtzæg,
+ Ondrej Kozina, Oğuz Ersen, Pablo Méndez Hernández,
+ Pierre GRASSER, Piotr Drąg, QuonXF, Rafaël Kooi, Raito Bezarius,
+ Rasmus Villemoes, Reid Wahl, Renjaya Raga Zenta, Richard Maw,
+ Roland Hieber, Ronan Pigott, Rose, Ross Burton, Sam Leonard,
+ Samuel BF, Sarvajith Adyanthaya, Sergei Zhmylev, Sergey A, Shulhan,
+ SidhuRupinder, Simon Fowler, Sludge, Stuart Hayhurst, Susant Sahani,
Takashi Sakamoto, Temuri Doghonadze, Thilo Fromm, Thomas Blume,
- TobiPeterG, Tomáš Pecka, Topi Miettinen, Tycho Andersen, Unique-Usman,
- Usman Akinyemi, Vasiliy Kovalev, Vasiliy Stelmachenok,
- Vishal Chillara Srinivas, Vitaly Kuznetsov, Vito Caputo,
- Vladimir Stoiakin, Werner Sembach, Will Springer, Winterhuman,
- Xiaotian Wu, Yu Watanabe, Yuri Chornoivan, Zbigniew Jędrzejewski-Szmek,
- Zmyeir, aslepykh, chenjiayi, cpackham-atlnz, cunshunxia, djantti,
- hfavisado, hulkoba, ksaleem, medusalix, mille-feuille, mkubiak, mooo,
- msizanoen, networkException, nl6720, r-vdp, runiq, samuelvw01,
- sharad3001, sushmbha, wangyuhang, zzywysm, İ. Ensar Gülşen,
+ TobiPeterG, Tobias Fleig, Tomáš Pecka, Topi Miettinen,
+ Tycho Andersen, Unique-Usman, Usman Akinyemi, Vasiliy Kovalev,
+ Vasiliy Stelmachenok, Vishal Chillara Srinivas, Vitaly Kuznetsov,
+ Vito Caputo, Vladimir Stoiakin, Werner Sembach, Will Springer,
+ Winterhuman, Xiaotian Wu, Yu Watanabe, Yuri Chornoivan,
+ Zbigniew Jędrzejewski-Szmek, Zmyeir, aslepykh, chenjiayi,
+ cpackham-atlnz, cunshunxia, djantti, hfavisado, hulkoba, ksaleem,
+ medusalix, mille-feuille, mkubiak, mooo, msizanoen, networkException,
+ nl6720, r-vdp, runiq, sam-leonard-ct, samuelvw01, sharad3001, sushmbha,
+ wangyuhang, zzywysm, İ. Ensar Gülşen, Łukasz Stelmach,
Štěpán Němec, 我超厉害, 김인수
- — Happy Place, 2024-04-XX
+ — Edinburgh, 2024-04-25
CHANGES WITH 255:
sd_device_enumerator_add_match_property_required() which allows
configuring matches on properties that are strictly required. This is
different from the existing sd_device_enumerator_add_match_property()
- matches of which one one needs to apply.
+ matches of which one needs to apply.
* The MAC address the veth side of an nspawn container shall get
assigned may now be controlled via the $SYSTEMD_NSPAWN_NETWORK_MAC
projects / thirdparty / systemd.git / blobdiff