diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 166 |
1 files changed, 112 insertions, 54 deletions
@@ -1,6 +1,6 @@ systemd System and Service Manager -CHANGES WITH 230 in spe: +CHANGES WITH 230: * DNSSEC is now turned on by default in systemd-resolved (in "allow-downgrade" mode), but may be turned off during compile time by @@ -24,7 +24,7 @@ CHANGES WITH 230 in spe: * systemd-resolve conveniently resolves DANE records with the --tlsa option and OPENPGPKEY records with the --openpgp option. It also - supports dumping raw DNS record data via the new --raw= switch now. + supports dumping raw DNS record data via the new --raw= switch. * systemd-logind will now by default terminate user processes that are part of the user session scope unit (session-XX.scope) when the user @@ -51,9 +51,17 @@ CHANGES WITH 230 in spe: Previous defaults can be restored at compile time by the --without-kill-user-processes option to "configure". + * systemd-logind gained new configuration settings SessionsMax= and + InhibitorsMax=, both with a default of 8192. It will not register new + user sessions or inhibitors above this limit. + + * systemd-logind will now reload configuration on SIGHUP. + * The unified cgroup hierarchy added in Linux 4.5 is now supported. Use systemd.unified_cgroup_hierarchy=1 on the kernel command line to - enable. + enable. Also, support for the "io" cgroup controller in the unified + hierarchy has been added, so that the "memory", "pids" and "io" are + now the controllers that are supported on the unified hierarchy. WARNING: it is not possible to use previous systemd versions with systemd.unified_cgroup_hierarchy=1 and the new kernel. Therefore it @@ -69,7 +77,22 @@ CHANGES WITH 230 in spe: * The IAID and DUID unique identifier sent in DHCP requests may now be configured for the system and each .network file managed by - systemd-networkd. + systemd-networkd using the DUIDType=, DUIDRawData=, IAID= options. + + * systemd-networkd gained support for configuring proxy ARP support for + each interface, via the ProxyArp= setting in .network files. It also + gained support for configuring the multicast querier feature of + bridge devices, via the new MulticastQuerier= setting in .netdev + files. Similarly, snooping on the IGMP traffic can be controlled + via the new setting MulticastSnooping=. + + A new setting PreferredLifetime= has been added for addresses + configured in .network file to configure the lifetime intended for an + address. + + The systemd-networkd DHCP server gained the option EmitRouter=, which + defaults to yes, to configure whether the DHCP Option 3 (Router) + should be emitted. * The testing tool /usr/lib/systemd/systemd-activate is renamed to systemd-socket-activate and installed into /usr/bin. It is now fully @@ -79,6 +102,18 @@ CHANGES WITH 230 in spe: when closing journal files, thus reducing impact of slow disk I/O on logging performance. + * The sd-journal API gained two new calls + sd_journal_open_directory_fd() and sd_journal_open_files_fd() which + can be used to open journal files using file descriptors instead of + file or directory paths. sd_journal_open_container() has been + deprecated, sd_journal_open_directory_fd() should be used instead + with the flag SD_JOURNAL_OS_ROOT. + + * journalctl learned a new output mode "-o short-unix" that outputs log + lines prefixed by their UNIX time (i.e. seconds since Jan 1st, 1970 + UTC). It also gained support for a new --no-hostname setting to + suppress the hostname column in the family of "short" output modes. + * systemd-ask-password now optionally skips printing of the password to stdout with --no-output which can be useful in scripts. @@ -86,24 +121,18 @@ CHANGES WITH 230 in spe: (devices tagged with ID_MAKER_TOOL) are now tagged with "uaccess" and are available to logged in users. - * systemd-bootchart has been split out to a separate repository: - https://github.com/systemd/systemd-bootchart - - * The compatibility libraries libsystemd-daemon.so, - libsystemd-journal.so, libsystemd-id128.so, and libsystemd-login.so - which have been deprecated since systemd-209 have been removed along - with the corresponding pkg-config files. All symbols provided by - those libraries are provided by libsystemd.so. - - * The Capabilities= unit file setting has been removed (it is ignored - for backwards compatibility). AmbientCapabilities= and - CapabilityBoundingSet= should be used instead. + * The DeviceAllow= unit setting now supports specifiers (with "%"). * "systemctl show" gained a new --value switch, which allows print a only the contents of a specific unit property, without also printing the property's name. Similar support was added to "show*" verbs of loginctl and machinectl that output "key=value" lists. + * A new unit type "generated" was added for files dynamically generated + by generator tools. Similarly, a new unit type "transient" is used + for unit files created using the runtime API. "systemctl enable" will + refuse to operate on such files. + * A new command "systemctl revert" has been added that may be used to revert to the vendor version of a unit file, in case local changes have been made by adding drop-ins or overriding the unit file. @@ -111,25 +140,9 @@ CHANGES WITH 230 in spe: * "machinectl clean" gained a new verb to automatically remove all or just hidden container images. - * systemd-bus-proxyd has been removed, as kdbus is unlikely to still be - merged into the kernel in its current form. - - * systemd-networkd gained support for configuring proxy ARP support for - each interface, via the ProxyArp= setting in .network files. It also - gained support for configuring the multicast querier feature of - bridge devices, via the new MulticastQuerier= setting in .netdev - files. A new setting PreferredLifetime= has been added for addresses - configured in .network file to configure the lifetime intended for an - address. - * systemd-tmpfiles gained support for a new line type "e" for emptying directories, if they exist, without creating them if they don't. - * journalctl learned a new output mode "-o short-unix" that outputs log - lines prefixed by their UNIX time (i.e. seconds since Jan 1st, 1970 - UTC). It also gained support for a new --no-hostname setting to - suppress the hostname column in the family of "short" output modes. - * systemd-nspawn gained support for automatically patching the UID/GIDs of the owners and the ACLs of all files and directories in a container tree to match the UID/GID user namespacing range selected @@ -142,6 +155,19 @@ CHANGES WITH 230 in spe: deployable. The systemd-nspaw@.service template unit file has been changed to use this functionality by default. + * systemd-nspawn gained a new --network-zone= switch, that allows + creating ad-hoc virtual Ethernet links between multiple containers, + that only exist as long as at least one container referencing them is + running. This allows easy connecting of multiple containers with a + common link that implements an Ethernet broadcast domain. Each of + these network "zones" may be named relatively freely by the user, and + may be referenced by any number of containers, but each container may + only reference one of these "zones". On the lower level, this is + implemented by an automatically managed bridge network interface for + each zone, that is created when the first container referencing its + zone is created and removed when the last one referencing its zone + terminates. + * The default start timeout may now be configured on the kernel command line via systemd.default_timeout_start_sec=. It was already configurable via the DefaultTimeoutStartSec= option in @@ -157,31 +183,63 @@ CHANGES WITH 230 in spe: value is understood as UNIX nice value. If not prefixed like this it is understood as raw RLIMIT_NICE limit. - Contributions from: Alban Crequy, Alexander Kuleshov, Alex Crawford, - Andrew Eikum, Beniamino Galvani, Benjamin Robin, Benjamin ROBIN, Biao - Lu, Bjørnar Ness, Calvin Owens, Christian Hesse, Colin Guthrie, Daniel - J Walsh, Daniel Mack, Dan Nicholson, daurnimator, David Herrmann, David + * Note that the effect of the PrivateDevices= unit file setting changed + slightly with this release: the per-device /dev file system will be + mounted read-only from this version on, and will have "noexec" + set. This (minor) change of behavior might cause some (exceptional) + legacy software to break, when PrivateDevices=yes is set for its + service. Please leave PrivateDevices= off if you run into problems + with this. + + * systemd-bootchart has been split out to a separate repository: + https://github.com/systemd/systemd-bootchart + + * systemd-bus-proxyd has been removed, as kdbus is unlikely to still be + merged into the kernel in its current form. + + * The compatibility libraries libsystemd-daemon.so, + libsystemd-journal.so, libsystemd-id128.so, and libsystemd-login.so + which have been deprecated since systemd-209 have been removed along + with the corresponding pkg-config files. All symbols provided by + those libraries are provided by libsystemd.so. + + * The Capabilities= unit file setting has been removed (it is ignored + for backwards compatibility). AmbientCapabilities= and + CapabilityBoundingSet= should be used instead. + + * A new special target has been added, initrd-root-device.target, + which creates a synchronization point for dependencies of the root + device in early userspace. Initramfs builders must ensure that this + target is now included in early userspace. + + Contributions from: Alban Crequy, Alexander Kuleshov, Alexander Shopov, + Alex Crawford, Andre Klärner, Andrew Eikum, Beniamino Galvani, Benjamin + Robin, Biao Lu, Bjørnar Ness, Calvin Owens, Christian Hesse, Clemens + Gruber, Colin Guthrie, Daniel Drake, Daniele Medri, Daniel J Walsh, + Daniel Mack, Dan Nicholson, daurnimator, David Herrmann, David R. Hedges, Elias Probst, Emmanuel Gil Peyrot, EMOziko, Evgeny Vereshchagin, Federico, Felipe Sateler, Filipe Brandenburger, Franck - Bui, frankheckenbach, Georgia Brikis, Harald Hoyer, Hendrik Brueckner, - Hristo Venev, Iago López Galeiras, Ian Kelling, Ismo Puustinen, Jakub - Wilk, Jaroslav Škarvada, Jeff Huang, Joel Holdsworth, kayrus, Klearchos - Chaloulos, Lennart Poettering, Lubomir Rintel, Lukas Nykryn, Lukáš - Nykrýn, Mantas Mikulėnas, Marcel Holtmann, Martin Pitt, Michael Biebl, - michaelolbrich, Michał Bartoszkiewicz, Michal Koutný, Michal Sekletar, - Mike Frysinger, Mike Gilbert, Mingcong Bai, Ming Lin, mulkieran, - muzena, Nalin Dahyabhai, Naohiro Aota, Nathan McSween, Nicolas - Braud-Santoni, Patrik Flykt, Peter Hutterer, Petr Lautrbach, Petros - Angelatos, Piotr Drąg, Rabin Vincent, Robert Węcławski, Ronny - Chevalier, Samuel Tardieu, Stefan Schallenberg, Steven Siloti, Susant - Sahani, Sylvain Plantefève, Taylor Smock, tblume, Tejun Heo, Thomas - Blume, Thomas Haller, Thomas Hindoe Paaboel Andersen, Thomas - H. P. Andersen, Tobias Klauser, Tom Gundersen, Torstein Husebø, Umut - Tezduyar Lindskog, Vinay Kulkarni, Vito Caputo, Vittorio G (VittGam), - Vladimir Panteleev, Wieland Hoffmann, Wouter Verhelst, Yu Watanabe, - Zbigniew Jędrzejewski-Szmek + Bui, frankheckenbach, gdamjan, Georgia Brikis, Harald Hoyer, Hendrik + Brueckner, Hristo Venev, Iago López Galeiras, Ian Kelling, Ismo + Puustinen, Jakub Wilk, Jaroslav Škarvada, Jeff Huang, Joel Holdsworth, + John Paul Adrian Glaubitz, Jonathan Boulle, kayrus, Klearchos + Chaloulos, Kyle Russell, Lars Uebernickel, Lennart Poettering, Lubomir + Rintel, Lukáš Nykrýn, Mantas Mikulėnas, Marcel Holtmann, Martin Pitt, + Michael Biebl, michaelolbrich, Michał Bartoszkiewicz, Michal Koutný, + Michal Sekletar, Mike Frysinger, Mike Gilbert, Mingcong Bai, Ming Lin, + mulkieran, muzena, Nalin Dahyabhai, Naohiro Aota, Nathan McSween, + Nicolas Braud-Santoni, Patrik Flykt, Peter Hutterer, Peter Mattern, + Petr Lautrbach, Petros Angelatos, Piotr Drąg, Rabin Vincent, Robert + Węcławski, Ronny Chevalier, Samuel Tardieu, Stefan Saraev, Stefan + Schallenberg aka nafets227, Steven Siloti, Susant Sahani, Sylvain + Plantefève, Taylor Smock, Tejun Heo, Thomas Blume, Thomas Haller, + Thomas H. P. Andersen, Tobias Klauser, Tom Gundersen, topimiettinen, + Torstein Husebø, Umut Tezduyar Lindskog, Uwe Kleine-König, Victor Toso, + Vinay Kulkarni, Vito Caputo, Vittorio G (VittGam), Vladimir Panteleev, + Wieland Hoffmann, Wouter Verhelst, Yu Watanabe, Zbigniew + Jędrzejewski-Szmek - — Berlin, 2016-05-XX + — Fairfax, 2016-05-21 CHANGES WITH 229: |