* Services with Restart=always and a failing ExecCondition= will no longer
be restarted, to bring ExecCondition= in line with Condition*= settings.
+ * In v250 systemd-homed started making use of UID mapped mounts for the
+ home areas if the kernel and used file system support it. Files are
+ now internally owned by the "nobody" user (i.e. the user typically
+ used for indicating "this ownership is not mapped"), and dynamically
+ mapped to the UID used locally on the system via the UID mapping
+ mount logic of recent kernels.
+ In the current implementation systemd-homed only maps a limited
+ number of UIDs and GIDs making it impossible to run unprivileged
+ containers that want to map a full POSIX compliant UID and GID range
+ with their rootfs located within the systemd-homed managed home area.
+ This will be fixed in subsequent releases. See
+ https://github.com/systemd/systemd/pull/22239 for a proposal.
+
CHANGES WITH 250:
* Support for encrypted and authenticated credentials has been added.
projects / thirdparty / systemd.git / commitdiff
