summaryrefslogtreecommitdiffstats
path: root/NEWS
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 02:25:50 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 02:25:50 +0000
commit19f4f86bfed21c5326ed2acebe1163f3a83e832b (patch)
treed59b9989ce55ed23693e80974d94c856f1c2c8b1 /NEWS
parentInitial commit. (diff)
downloadsystemd-19f4f86bfed21c5326ed2acebe1163f3a83e832b.tar.xz
systemd-19f4f86bfed21c5326ed2acebe1163f3a83e832b.zip
Adding upstream version 241.upstream/241upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS9230
1 files changed, 9230 insertions, 0 deletions
diff --git a/NEWS b/NEWS
new file mode 100644
index 0000000..cd81d9c
--- /dev/null
+++ b/NEWS
@@ -0,0 +1,9230 @@
+systemd System and Service Manager
+
+CHANGES WITH 241:
+
+ * The default locale can now be configured at compile time. Otherwise,
+ a suitable default will be selected automatically (one of C.UTF-8,
+ en_US.UTF-8, and C).
+
+ * The version string shown by systemd and other tools now includes the
+ git commit hash when built from git. An override may be specified
+ during compilation, which is intended to be used by distributions to
+ include the package release information.
+
+ * systemd-cat can now filter standard input and standard error streams
+ for different syslog priorities using the new --stderr-priority=
+ option.
+
+ * systemd-journald and systemd-journal-remote reject entries which
+ contain too many fields (CVE-2018-16865) and set limits on the
+ process' command line length (CVE-2018-16864).
+
+ * $DBUS_SESSION_BUS_ADDRESS environment variable is set by pam_systemd
+ again.
+
+ * A new network device NamePolicy "keep" is implemented for link files,
+ and used by default in 99-default.link (the fallback configuration
+ provided by systemd). With this policy, if the network device name
+ was already set by userspace, the device will not be renamed again.
+ This matches the naming scheme that was implemented before
+ systemd-240. If naming-scheme < 240 is specified, the "keep" policy
+ is also enabled by default, even if not specified. Effectively, this
+ means that if naming-scheme >= 240 is specified, network devices will
+ be renamed according to the configuration, even if they have been
+ renamed already, if "keep" is not specified as the naming policy in
+ the .link file. The 99-default.link file provided by systemd includes
+ "keep" for backwards compatibility, but it is recommended for user
+ installed .link files to *not* include it.
+
+ The "kernel" policy, which keeps kernel names declared to be
+ "persistent", now works again as documented.
+
+ * kernel-install script now optionally takes the paths to one or more
+ initrd files, and passes them to all plugins.
+
+ * The mincore() system call has been dropped from the @system-service
+ system call filter group, as it is pretty exotic and may potentially
+ used for side-channel attacks.
+
+ * -fPIE is dropped from compiler and linker options. Please specify
+ -Db_pie=true option to meson to build position-independent
+ executables. Note that the meson option is supported since meson-0.49.
+
+ * The fs.protected_regular and fs.protected_fifos sysctls, which were
+ added in Linux 4.19 to make some data spoofing attacks harder, are
+ now enabled by default. While this will hopefully improve the
+ security of most installations, it is technically a backwards
+ incompatible change; to disable these sysctls again, place the
+ following lines in /etc/sysctl.d/60-protected.conf or a similar file:
+
+ fs.protected_regular = 0
+ fs.protected_fifos = 0
+
+ Note that the similar hardlink and symlink protection has been
+ enabled since v199, and may be disabled likewise.
+
+ * The files read from the EnvironmentFile= setting in unit files now
+ parse backslashes inside quotes literally, matching the behaviour of
+ POSIX shells.
+
+ * udevadm trigger, udevadm control, udevadm settle and udevadm monitor
+ now automatically become NOPs when run in a chroot() environment.
+
+ * The tmpfiles.d/ "C" line type will now copy directory trees not only
+ when the destination is so far missing, but also if it already exists
+ as a directory and is empty. This is useful to cater for systems
+ where directory trees are put together from multiple separate mount
+ points but otherwise empty.
+
+ * A new function sd_bus_close_unref() (and the associated
+ sd_bus_close_unrefp()) has been added to libsystemd, that combines
+ sd_bus_close() and sd_bus_unref() in one.
+
+ * udevadm control learnt a new option for --ping for testing whether a
+ systemd-udevd instance is running and reacting.
+
+ Contributions from: Aaron Plattner, Alberts Muktupāvels, Alex Mayer,
+ Ayman Bagabas, Beniamino Galvani, Burt P, Chris Down, Chris Lamb, Chris
+ Morin, Christian Hesse, Claudius Ellsel, dana, Daniel Axtens, Daniele
+ Medri, Dave Reisner, David Santamaría Rogado, Diego Canuhe, Dimitri
+ John Ledkov, Evgeny Vereshchagin, Fabrice Fontaine, Filipe
+ Brandenburger, Franck Bui, Frantisek Sumsal, govwin, Hans de Goede,
+ James Hilliard, Jan Engelhardt, Jani Uusitalo, Jan Janssen, Jan
+ Synacek, Jonathan McDowell, Jonathan Roemer, Jonathon Kowalski, Joost
+ Heitbrink, Jörg Thalheim, Lance, Lennart Poettering, Louis Taylor,
+ Lucas Werkmeister, Mantas Mikulėnas, Marc-Antoine Perennou,
+ marvelousblack, Michael Biebl, Michael Sloan, Michal Sekletar, Mike
+ Auty, Mike Gilbert, Mikhail Kasimov, Neil Brown, Niklas Hambüchen,
+ Patrick Williams, Paul Seyfert, Peter Hutterer, Philip Withnall, Roger
+ James, Ronnie P. Thomas, Ryan Gonzalez, Sam Morris, Stephan Edel,
+ Stephan Gerhold, Susant Sahani, Taro Yamada, Thomas Haller, Topi
+ Miettinen, YiFei Zhu, YmrDtnJu, YunQiang Su, Yu Watanabe, Zbigniew
+ Jędrzejewski-Szmek, zsergeant77, Дамјан Георгиевски
+
+ — Berlin, 2018-02-14
+
+CHANGES WITH 240:
+
+ * NoNewPrivileges=yes has been set for all long-running services
+ implemented by systemd. Previously, this was problematic due to
+ SELinux (as this would also prohibit the transition from PID1's label
+ to the service's label). This restriction has since been lifted, but
+ an SELinux policy update is required.
+ (See e.g. https://github.com/fedora-selinux/selinux-policy/pull/234.)
+
+ * DynamicUser=yes is dropped from systemd-networkd.service,
+ systemd-resolved.service and systemd-timesyncd.service, which was
+ enabled in v239 for systemd-networkd.service and systemd-resolved.service,
+ and since v236 for systemd-timesyncd.service. The users and groups
+ systemd-network, systemd-resolve and systemd-timesync are created
+ by systemd-sysusers again. Distributors or system administrators
+ may need to create these users and groups if they not exist (or need
+ to re-enable DynamicUser= for those units) while upgrading systemd.
+ Also, the clock file for systemd-timesyncd may need to move from
+ /var/lib/private/systemd/timesync/clock to /var/lib/systemd/timesync/clock.
+
+ * When unit files are loaded from disk, previously systemd would
+ sometimes (depending on the unit loading order) load units from the
+ target path of symlinks in .wants/ or .requires/ directories of other
+ units. This meant that unit could be loaded from different paths
+ depending on whether the unit was requested explicitly or as a
+ dependency of another unit, not honouring the priority of directories
+ in search path. It also meant that it was possible to successfully
+ load and start units which are not found in the unit search path, as
+ long as they were requested as a dependency and linked to from
+ .wants/ or .requires/. The target paths of those symlinks are not
+ used for loading units anymore and the unit file must be found in
+ the search path.
+
+ * A new service type has been added: Type=exec. It's very similar to
+ Type=simple but ensures the service manager will wait for both fork()
+ and execve() of the main service binary to complete before proceeding
+ with follow-up units. This is primarily useful so that the manager
+ propagates any errors in the preparation phase of service execution
+ back to the job that requested the unit to be started. For example,
+ consider a service that has ExecStart= set to a file system binary
+ that doesn't exist. With Type=simple starting the unit would be
+ considered instantly successful, as only fork() has to complete
+ successfully and the manager does not wait for execve(), and hence
+ its failure is seen "too late". With the new Type=exec service type
+ starting the unit will fail, as the manager will wait for the
+ execve() and notice its failure, which is then propagated back to the
+ start job.
+
+ NOTE: with the next release 241 of systemd we intend to change the
+ systemd-run tool to default to Type=exec for transient services
+ started by it. This should be mostly safe, but in specific corner
+ cases might result in problems, as the systemd-run tool will then
+ block on NSS calls (such as user name look-ups due to User=) done
+ between the fork() and execve(), which under specific circumstances
+ might cause problems. It is recommended to specify "-p Type=simple"
+ explicitly in the few cases where this applies. For regular,
+ non-transient services (i.e. those defined with unit files on disk)
+ we will continue to default to Type=simple.
+
+ * The Linux kernel's current default RLIMIT_NOFILE resource limit for
+ userspace processes is set to 1024 (soft) and 4096
+ (hard). Previously, systemd passed this on unmodified to all
+ processes it forked off. With this systemd release the hard limit
+ systemd passes on is increased to 512K, overriding the kernel's
+ defaults and substantially increasing the number of simultaneous file
+ descriptors unprivileged userspace processes can allocate. Note that
+ the soft limit remains at 1024 for compatibility reasons: the
+ traditional UNIX select() call cannot deal with file descriptors >=
+ 1024 and increasing the soft limit globally might thus result in
+ programs unexpectedly allocating a high file descriptor and thus
+ failing abnormally when attempting to use it with select() (of
+ course, programs shouldn't use select() anymore, and prefer
+ poll()/epoll, but the call unfortunately remains undeservedly popular
+ at this time). This change reflects the fact that file descriptor
+ handling in the Linux kernel has been optimized in more recent
+ kernels and allocating large numbers of them should be much cheaper
+ both in memory and in performance than it used to be. Programs that
+ want to take benefit of the increased limit have to "opt-in" into
+ high file descriptors explicitly by raising their soft limit. Of
+ course, when they do that they must acknowledge that they cannot use
+ select() anymore (and neither can any shared library they use — or
+ any shared library used by any shared library they use and so on).
+ Which default hard limit is most appropriate is of course hard to
+ decide. However, given reports that ~300K file descriptors are used
+ in real-life applications we believe 512K is sufficiently high as new
+ default for now. Note that there are also reports that using very
+ high hard limits (e.g. 1G) is problematic: some software allocates
+ large arrays with one element for each potential file descriptor
+ (Java, …) — a high hard limit thus triggers excessively large memory
+ allocations in these applications. Hopefully, the new default of 512K
+ is a good middle ground: higher than what real-life applications
+ currently need, and low enough for avoid triggering excessively large
+ allocations in problematic software. (And yes, somebody should fix
+ Java.)
+
+ * The fs.nr_open and fs.file-max sysctls are now automatically bumped
+ to the highest possible values, as separate accounting of file
+ descriptors is no longer necessary, as memcg tracks them correctly as
+ part of the memory accounting anyway. Thus, from the four limits on
+ file descriptors currently enforced (fs.file-max, fs.nr_open,
+ RLIMIT_NOFILE hard, RLIMIT_NOFILE soft) we turn off the first two,
+ and keep only the latter two. A set of build-time options
+ (-Dbump-proc-sys-fs-file-max=false and -Dbump-proc-sys-fs-nr-open=false)
+ has been added to revert this change in behaviour, which might be
+ an option for systems that turn off memcg in the kernel.
+
+ * When no /etc/locale.conf file exists (and hence no locale settings
+ are in place), systemd will now use the "C.UTF-8" locale by default,
+ and set LANG= to it. This locale is supported by various
+ distributions including Fedora, with clear indications that upstream
+ glibc is going to make it available too. This locale enables UTF-8
+ mode by default, which appears appropriate for 2018.
+
+ * The "net.ipv4.conf.all.rp_filter" sysctl will now be set to 2 by
+ default. This effectively switches the RFC3704 Reverse Path filtering
+ from Strict mode to Loose mode. This is more appropriate for hosts
+ that have multiple links with routes to the same networks (e.g.
+ a client with a Wi-Fi and Ethernet both connected to the internet).
+
+ Consult the kernel documentation for details on this sysctl:
+ https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
+
+ * CPUAccounting=yes no longer enables the CPU controller when using
+ kernel 4.15+ and the unified cgroup hierarchy, as required accounting
+ statistics are now provided independently from the CPU controller.
+
+ * Support for disabling a particular cgroup controller within a sub-tree
+ has been added through the DisableControllers= directive.
+
+ * cgroup_no_v1=all on the kernel command line now also implies
+ using the unified cgroup hierarchy, unless one explicitly passes
+ systemd.unified_cgroup_hierarchy=0 on the kernel command line.
+
+ * The new "MemoryMin=" unit file property may now be used to set the
+ memory usage protection limit of processes invoked by the unit. This
+ controls the cgroup v2 memory.min attribute. Similarly, the new
+ "IODeviceLatencyTargetSec=" property has been added, wrapping the new
+ cgroup v2 io.latency cgroup property for configuring per-service I/O
+ latency.
+
+ * systemd now supports the cgroup v2 devices BPF logic, as counterpart
+ to the cgroup v1 "devices" cgroup controller.
+
+ * systemd-escape now is able to combine --unescape with --template. It
+ also learnt a new option --instance for extracting and unescaping the
+ instance part of a unit name.
+
+ * sd-bus now provides the sd_bus_message_readv() which is similar to
+ sd_bus_message_read() but takes a va_list object. The pair
+ sd_bus_set_method_call_timeout() and sd_bus_get_method_call_timeout()
+ has been added for configuring the default method call timeout to
+ use. sd_bus_error_move() may be used to efficiently move the contents
+ from one sd_bus_error structure to another, invalidating the
+ source. sd_bus_set_close_on_exit() and sd_bus_get_close_on_exit() may
+ be used to control whether a bus connection object is automatically
+ flushed when an sd-event loop is exited.
+
+ * When processing classic BSD syslog log messages, journald will now
+ save the original time-stamp string supplied in the new
+ SYSLOG_TIMESTAMP= journal field. This permits consumers to
+ reconstruct the original BSD syslog message more correctly.
+
+ * StandardOutput=/StandardError= in service files gained support for
+ new "append:…" parameters, for connecting STDOUT/STDERR of a service
+ to a file, and appending to it.
+
+ * The signal to use as last step of killing of unit processes is now
+ configurable. Previously it was hard-coded to SIGKILL, which may now
+ be overridden with the new KillSignal= setting. Note that this is the
+ signal used when regular termination (i.e. SIGTERM) does not suffice.
+ Similarly, the signal used when aborting a program in case of a
+ watchdog timeout may now be configured too (WatchdogSignal=).
+
+ * The XDG_SESSION_DESKTOP environment variable may now be configured in
+ the pam_systemd argument line, using the new desktop= switch. This is
+ useful to initialize it properly from a display manager without
+ having to touch C code.
+
+ * Most configuration options that previously accepted percentage values
+ now also accept permille values with the '‰' suffix (instead of '%').
+
+ * systemd-resolved may now optionally use OpenSSL instead of GnuTLS for
+ DNS-over-TLS.
+
+ * systemd-resolved's configuration file resolved.conf gained a new
+ option ReadEtcHosts= which may be used to turn off processing and
+ honoring /etc/hosts entries.
+
+ * The "--wait" switch may now be passed to "systemctl
+ is-system-running", in which case the tool will synchronously wait
+ until the system finished start-up.
+
+ * hostnamed gained a new bus call to determine the DMI product UUID.
+
+ * On x86-64 systemd will now prefer using the RDRAND processor
+ instruction over /dev/urandom whenever it requires randomness that
+ neither has to be crypto-grade nor should be reproducible. This
+ should substantially reduce the amount of entropy systemd requests
+ from the kernel during initialization on such systems, though not
+ reduce it to zero. (Why not zero? systemd still needs to allocate
+ UUIDs and such uniquely, which require high-quality randomness.)
+
+ * networkd gained support for Foo-Over-UDP, ERSPAN and ISATAP
+ tunnels. It also gained a new option ForceDHCPv6PDOtherInformation=
+ for forcing the "Other Information" bit in IPv6 RA messages. The
+ bonding logic gained four new options AdActorSystemPriority=,
+ AdUserPortKey=, AdActorSystem= for configuring various 802.3ad
+ aspects, and DynamicTransmitLoadBalancing= for enabling dynamic
+ shuffling of flows. The tunnel logic gained a new
+ IPv6RapidDeploymentPrefix= option for configuring IPv6 Rapid
+ Deployment. The policy rule logic gained four new options IPProtocol=,
+ SourcePort= and DestinationPort=, InvertRule=. The bridge logic gained
+ support for the MulticastToUnicast= option. networkd also gained
+ support for configuring static IPv4 ARP or IPv6 neighbor entries.
+
+ * .preset files (as read by 'systemctl preset') may now be used to
+ instantiate services.
+
+ * /etc/crypttab now understands the sector-size= option to configure
+ the sector size for an encrypted partition.
+
+ * Key material for encrypted disks may now be placed on a formatted
+ medium, and referenced from /etc/crypttab by the UUID of the file
+ system, followed by "=" suffixed by the path to the key file.
+
+ * The "collect" udev component has been removed without replacement, as
+ it is neither used nor maintained.
+
+ * When the RuntimeDirectory=, StateDirectory=, CacheDirectory=,
+ LogsDirectory=, ConfigurationDirectory= settings are used in a
+ service the executed processes will now receive a set of environment
+ variables containing the full paths of these directories.
+ Specifically, RUNTIME_DIRECTORY=, STATE_DIRECTORY, CACHE_DIRECTORY,
+ LOGS_DIRECTORY, CONFIGURATION_DIRECTORY are now set if these options
+ are used. Note that these options may be used multiple times per
+ service in which case the resulting paths will be concatenated and
+ separated by colons.
+
+ * Predictable interface naming has been extended to cover InfiniBand
+ NICs. They will be exposed with an "ib" prefix.
+
+ * tmpfiles.d/ line types may now be suffixed with a '-' character, in
+ which case the respective line failing is ignored.
+
+ * .link files may now be used to configure the equivalent to the
+ "ethtool advertise" commands.
+
+ * The sd-device.h and sd-hwdb.h APIs are now exported, as an
+ alternative to libudev.h. Previously, the latter was just an internal
+ wrapper around the former, but now these two APIs are exposed
+ directly.
+
+ * sd-id128.h gained a new function sd_id128_get_boot_app_specific()
+ which calculates an app-specific boot ID similar to how
+ sd_id128_get_machine_app_specific() generates an app-specific machine
+ ID.
+
+ * A new tool systemd-id128 has been added that can be used to determine
+ and generate various 128bit IDs.
+
+ * /etc/os-release gained two new standardized fields DOCUMENTATION_URL=
+ and LOGO=.
+
+ * systemd-hibernate-resume-generator will now honor the "noresume"
+ kernel command line option, in which case it will bypass resuming
+ from any hibernated image.
+
+ * The systemd-sleep.conf configuration file gained new options
+ AllowSuspend=, AllowHibernation=, AllowSuspendThenHibernate=,
+ AllowHybridSleep= for prohibiting specific sleep modes even if the
+ kernel exports them.
+
+ * portablectl is now officially supported and has thus moved to
+ /usr/bin/.
+
+ * bootctl learnt the two new commands "set-default" and "set-oneshot"
+ for setting the default boot loader item to boot to (either
+ persistently or only for the next boot). This is currently only
+ compatible with sd-boot, but may be implemented on other boot loaders
+ too, that follow the boot loader interface. The updated interface is
+ now documented here:
+
+ https://systemd.io/BOOT_LOADER_INTERFACE
+
+ * A new kernel command line option systemd.early_core_pattern= is now
+ understood which may be used to influence the core_pattern PID 1
+ installs during early boot.
+
+ * busctl learnt two new options -j and --json= for outputting method
+ call replies, properties and monitoring output in JSON.
+
+ * journalctl's JSON output now supports simple ANSI coloring as well as
+ a new "json-seq" mode for generating RFC7464 output.
+
+ * Unit files now support the %g/%G specifiers that resolve to the UNIX
+ group/GID of the service manager runs as, similar to the existing
+ %u/%U specifiers that resolve to the UNIX user/UID.
+
+ * systemd-logind learnt a new global configuration option
+ UserStopDelaySec= that may be set in logind.conf. It specifies how
+ long the systemd --user instance shall remain started after a user
+ logs out. This is useful to speed up repetitive re-connections of the
+ same user, as it means the user's service manager doesn't have to be
+ stopped/restarted on each iteration, but can be reused between
+ subsequent options. This setting defaults to 10s. systemd-logind also
+ exports two new properties on its Manager D-Bus objects indicating
+ whether the system's lid is currently closed, and whether the system
+ is on AC power.
+
+ * systemd gained support for a generic boot counting logic, which
+ generically permits automatic reverting to older boot loader entries
+ if newer updated ones don't work. The boot loader side is implemented
+ in sd-boot, but is kept open for other boot loaders too. For details
+ see:
+
+ https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT
+
+ * The SuccessAction=/FailureAction= unit file settings now learnt two
+ new parameters: "exit" and "exit-force", which result in immediate
+ exiting of the service manager, and are only useful in systemd --user
+ and container environments.
+
+ * Unit files gained support for a pair of options
+ FailureActionExitStatus=/SuccessActionExitStatus= for configuring the
+ exit status to use as service manager exit status when
+ SuccessAction=/FailureAction= is set to exit or exit-force.
+
+ * A pair of LogRateLimitIntervalSec=/LogRateLimitBurst= per-service
+ options may now be used to configure the log rate limiting applied by
+ journald per-service.
+
+ * systemd-analyze gained a new verb "timespan" for parsing and
+ normalizing time span values (i.e. strings like "5min 7s 8us").
+
+ * systemd-analyze also gained a new verb "security" for analyzing the
+ security and sand-boxing settings of services in order to determine an
+ "exposure level" for them, indicating whether a service would benefit
+ from more sand-boxing options turned on for them.
+
+ * "systemd-analyze syscall-filter" will now also show system calls
+ supported by the local kernel but not included in any of the defined
+ groups.
+
+ * .nspawn files now understand the Ephemeral= setting, matching the
+ --ephemeral command line switch.
+
+ * sd-event gained the new APIs sd_event_source_get_floating() and
+ sd_event_source_set_floating() for controlling whether a specific
+ event source is "floating", i.e. destroyed along with the even loop
+ object itself.
+
+ * Unit objects on D-Bus gained a new "Refs" property that lists all
+ clients that currently have a reference on the unit (to ensure it is
+ not unloaded).
+
+ * The JoinControllers= option in system.conf is no longer supported, as
+ it didn't work correctly, is hard to support properly, is legacy (as
+ the concept only exists on cgroup v1) and apparently wasn't used.
+
+ * Journal messages that are generated whenever a unit enters the failed
+ state are now tagged with a unique MESSAGE_ID. Similarly, messages
+ generated whenever a service process exits are now made recognizable,
+ too. A taged message is also emitted whenever a unit enters the
+ "dead" state on success.
+
+ * systemd-run gained a new switch --working-directory= for configuring
+ the working directory of the service to start. A shortcut -d is
+ equivalent, setting the working directory of the service to the
+ current working directory of the invoking program. The new --shell
+ (or just -S) option has been added for invoking the $SHELL of the
+ caller as a service, and implies --pty --same-dir --wait --collect
+ --service-type=exec. Or in other words, "systemd-run -S" is now the
+ quickest way to quickly get an interactive in a fully clean and
+ well-defined system service context.
+
+ * machinectl gained a new verb "import-fs" for importing an OS tree
+ from a directory. Moreover, when a directory or tarball is imported
+ and single top-level directory found with the OS itself below the OS
+ tree is automatically mangled and moved one level up.
+
+ * systemd-importd will no longer set up an implicit btrfs loop-back
+ file system on /var/lib/machines. If one is already set up, it will
+ continue to be used.
+
+ * A new generator "systemd-run-generator" has been added. It will
+ synthesize a unit from one or more program command lines included in
+ the kernel command line. This is very useful in container managers
+ for example:
+
+ # systemd-nspawn -i someimage.raw -b systemd.run='"some command line"'
+
+ This will run "systemd-nspawn" on an image, invoke the specified
+ command line and immediately shut down the container again, returning
+ the command line's exit code.
+
+ * The block device locking logic is now documented:
+
+ https://systemd.io/BLOCK_DEVICE_LOCKING
+
+ * loginctl and machinectl now optionally output the various tables in
+ JSON using the --output= switch. It is our intention to add similar
+ support to systemctl and all other commands.
+
+ * udevadm's query and trigger verb now optionally take a .device unit
+ name as argument.
+
+ * systemd-udevd's network naming logic now understands a new
+ net.naming-scheme= kernel command line switch, which may be used to
+ pick a specific version of the naming scheme. This helps stabilizing
+ interface names even as systemd/udev are updated and the naming logic
+ is improved.
+
+ * sd-id128.h learnt two new auxiliary helpers: sd_id128_is_allf() and
+ SD_ID128_ALLF to test if a 128bit ID is set to all 0xFF bytes, and to
+ initialize one to all 0xFF.
+
+ * After loading the SELinux policy systemd will now recursively relabel
+ all files and directories listed in
+ /run/systemd/relabel-extra.d/*.relabel (which should be simple
+ newline separated lists of paths) in addition to the ones it already
+ implicitly relabels in /run, /dev and /sys. After the relabelling is
+ completed the *.relabel files (and /run/systemd/relabel-extra.d/) are
+ removed. This is useful to permit initrds (i.e. code running before
+ the SELinux policy is in effect) to generate files in the host
+ filesystem safely and ensure that the correct label is applied during
+ the transition to the host OS.
+
+ * KERNEL API BREAKAGE: Linux kernel 4.18 changed behaviour regarding
+ mknod() handling in user namespaces. Previously mknod() would always
+ fail with EPERM in user namespaces. Since 4.18 mknod() will succeed
+ but device nodes generated that way cannot be opened, and attempts to
+ open them result in EPERM. This breaks the "graceful fallback" logic
+ in systemd's PrivateDevices= sand-boxing option. This option is
+ implemented defensively, so that when systemd detects it runs in a
+ restricted environment (such as a user namespace, or an environment
+ where mknod() is blocked through seccomp or absence of CAP_SYS_MKNOD)
+ where device nodes cannot be created the effect of PrivateDevices= is
+ bypassed (following the logic that 2nd-level sand-boxing is not
+ essential if the system systemd runs in is itself already sand-boxed
+ as a whole). This logic breaks with 4.18 in container managers where
+ user namespacing is used: suddenly PrivateDevices= succeeds setting
+ up a private /dev/ file system containing devices nodes — but when
+ these are opened they don't work.
+
+ At this point is is recommended that container managers utilizing
+ user namespaces that intend to run systemd in the payload explicitly
+ block mknod() with seccomp or similar, so that the graceful fallback
+ logic works again.
+
+ We are very sorry for the breakage and the requirement to change
+ container configurations for newer kernels. It's purely caused by an
+ incompatible kernel change. The relevant kernel developers have been
+ notified about this userspace breakage quickly, but they chose to
+ ignore it.
+
+ * PermissionsStartOnly= setting is deprecated (but is still supported
+ for backwards compatibility). The same functionality is provided by
+ the more flexible "+", "!", and "!!" prefixes to ExecStart= and other
+ commands.
+
+ * $DBUS_SESSION_BUS_ADDRESS environment variable is not set by
+ pam_systemd anymore.
+
+ * The naming scheme for network devices was changed to always rename
+ devices, even if they were already renamed by userspace. The "kernel"
+ policy was changed to only apply as a fallback, if no other naming
+ policy took effect.
+
+ * The requirements to build systemd is bumped to meson-0.46 and
+ python-3.5.
+
+ Contributions from: afg, Alan Jenkins, Aleksei Timofeyev, Alexander
+ Filippov, Alexander Kurtz, Alexey Bogdanenko, Andreas Henriksson,
+ Andrew Jorgensen, Anita Zhang, apnix-uk, Arkan49, Arseny Maslennikov,
+ asavah, Asbjørn Apeland, aszlig, Bastien Nocera, Ben Boeckel, Benedikt
+ Morbach, Benjamin Berg, Bruce Zhang, Carlo Caione, Cedric Viou, Chen
+ Qi, Chris Chiu, Chris Down, Chris Morin, Christian Rebischke, Claudius
+ Ellsel, Colin Guthrie, dana, Daniel, Daniele Medri, Daniel Kahn
+ Gillmor, Daniel Rusek, Daniel van Vugt, Dariusz Gadomski, Dave Reisner,
+ David Anderson, Davide Cavalca, David Leeds, David Malcolm, David
+ Strauss, David Tardon, Dimitri John Ledkov, Dmitry Torokhov, dj-kaktus,
+ Dongsu Park, Elias Probst, Emil Soleyman, Erik Kooistra, Ervin Peters,
+ Evgeni Golov, Evgeny Vereshchagin, Fabrice Fontaine, Faheel Ahmad,
+ Faizal Luthfi, Felix Yan, Filipe Brandenburger, Franck Bui, Frank
+ Schaefer, Frantisek Sumsal, Gautier Husson, Gianluca Boiano, Giuseppe
+ Scrivano, glitsj16, Hans de Goede, Harald Hoyer, Harry Mallon, Harshit
+ Jain, Helmut Grohne, Henry Tung, Hui Yiqun, imayoda, Insun Pyo, Iwan
+ Timmer, Jan Janssen, Jan Pokorný, Jan Synacek, Jason A. Donenfeld,
+ javitoom, Jérémy Nouhaud, Jeremy Su, Jiuyang Liu, João Paulo Rechi
+ Vita, Joe Hershberger, Joe Rayhawk, Joerg Behrmann, Joerg Steffens,
+ Jonas Dorel, Jon Ringle, Josh Soref, Julian Andres Klode, Jun Bo Bi,
+ Jürg Billeter, Keith Busch, Khem Raj, Kirill Marinushkin, Larry
+ Bernstone, Lennart Poettering, Lion Yang, Li Song, Lorenz
+ Hübschle-Schneider, Lubomir Rintel, Lucas Werkmeister, Ludwin Janvier,
+ Lukáš Nykrýn, Luke Shumaker, mal, Marc-Antoine Perennou, Marcin
+ Skarbek, Marco Trevisan (Treviño), Marian Cepok, Mario Hros, Marko
+ Myllynen, Markus Grimm, Martin Pitt, Martin Sobotka, Martin Wilck,
+ Mathieu Trudel-Lapierre, Matthew Leeds, Michael Biebl, Michael Olbrich,
+ Michael 'pbone' Pobega, Michael Scherer, Michal Koutný, Michal
+ Sekletar, Michal Soltys, Mike Gilbert, Mike Palmer, Muhammet Kara, Neal
+ Gompa, Neil Brown, Network Silence, Niklas Tibbling, Nikolas Nyby,
+ Nogisaka Sadata, Oliver Smith, Patrik Flykt, Pavel Hrdina, Paweł
+ Szewczyk, Peter Hutterer, Piotr Drąg, Ray Strode, Reinhold Mueller,
+ Renaud Métrich, Roman Gushchin, Ronny Chevalier, Rubén Suárez Alvarez,
+ Ruixin Bao, RussianNeuroMancer, Ryutaroh Matsumoto, Saleem Rashid, Sam
+ Morris, Samuel Morris, Sandy Carter, scootergrisen, Sébastien Bacher,
+ Sergey Ptashnick, Shawn Landden, Shengyao Xue, Shih-Yuan Lee
+ (FourDollars), Silvio Knizek, Sjoerd Simons, Stasiek Michalski, Stephen
+ Gallagher, Steven Allen, Steve Ramage, Susant Sahani, Sven Joachim,
+ Sylvain Plantefève, Tanu Kaskinen, Tejun Heo, Thiago Macieira, Thomas
+ Blume, Thomas Haller, Thomas H. P. Andersen, Tim Ruffing, TJ, Tobias
+ Jungel, Todd Walton, Tommi Rantala, Tomsod M, Tony Novak, Tore
+ Anderson, Trevonn, Victor Laskurain, Victor Tapia, Violet Halo, Vojtech
+ Trefny, welaq, William A. Kennington III, William Douglas, Wyatt Ward,
+ Xiang Fan, Xi Ruoyao, Xuanwo, Yann E. Morin, YmrDtnJu, Yu Watanabe,
+ Zbigniew Jędrzejewski-Szmek, Zhang Xianwei, Zsolt Dollenstein
+
+ — Warsaw, 2018-12-21
+
+CHANGES WITH 239:
+
+ * NETWORK INTERFACE DEVICE NAMING CHANGES: systemd-udevd's "net_id"
+ builtin will name network interfaces differently than in previous
+ versions for virtual network interfaces created with SR-IOV and NPAR
+ and for devices where the PCI network controller device does not have
+ a slot number associated.
+
+ SR-IOV virtual devices are now named based on the name of the parent
+ interface, with a suffix of "v<N>", where <N> is the virtual device
+ number. Previously those virtual devices were named as if completely
+ independent.
+
+ The ninth and later NPAR virtual devices will be named following the
+ scheme used for the first eight NPAR partitions. Previously those
+ devices were not renamed and the kernel default (eth<n>) was used.
+
+ "net_id" will also generate names for PCI devices where the PCI
+ network controller device does not have an associated slot number
+ itself, but one of its parents does. Previously those devices were
+ not renamed and the kernel default (eth<n>) was used.
+
+ * AF_INET and AF_INET6 are dropped from RestrictAddressFamilies= in
+ systemd-logind.service. Since v235, IPAddressDeny=any has been set to
+ the unit. So, it is expected that the default behavior of
+ systemd-logind is not changed. However, if distribution packagers or
+ administrators disabled or modified IPAddressDeny= setting by a
+ drop-in config file, then it may be necessary to update the file to
+ re-enable AF_INET and AF_INET6 to support network user name services,
+ e.g. NIS.
+
+ * When the RestrictNamespaces= unit property is specified multiple
+ times, then the specified types are merged now. Previously, only the
+ last assignment was used. So, if distribution packagers or
+ administrators modified the setting by a drop-in config file, then it
+ may be necessary to update the file.
+
+ * When OnFailure= is used in combination with Restart= on a service
+ unit, then the specified units will no longer be triggered on
+ failures that result in restarting. Previously, the specified units
+ would be activated each time the unit failed, even when the unit was
+ going to be restarted automatically. This behaviour contradicted the
+ documentation. With this release the code is adjusted to match the
+ documentation.
+
+ * systemd-tmpfiles will now print a notice whenever it encounters
+ tmpfiles.d/ lines referencing the /var/run/ directory. It will
+ recommend reworking them to use the /run/ directory instead (for
+ which /var/run/ is simply a symlinked compatibility alias). This way
+ systemd-tmpfiles can properly detect line conflicts and merge lines
+ referencing the same file by two paths, without having to access
+ them.
+
+ * systemctl disable/unmask/preset/preset-all cannot be used with
+ --runtime. Previously this was allowed, but resulted in unintuitive
+ behaviour that wasn't useful. systemctl disable/unmask will now undo
+ both runtime and persistent enablement/masking, i.e. it will remove
+ any relevant symlinks both in /run and /etc.
+
+ * Note that all long-running system services shipped with systemd will
+ now default to a system call whitelist (rather than a blacklist, as
+ before). In particular, systemd-udevd will now enforce one too. For
+ most cases this should be safe, however downstream distributions
+ which disabled sandboxing of systemd-udevd (specifically the
+ MountFlags= setting), might want to disable this security feature
+ too, as the default whitelisting will prohibit all mount, swap,
+ reboot and clock changing operations from udev rules.
+
+ * sd-boot acquired new loader configuration settings to optionally turn
+ off Windows and MacOS boot partition discovery as well as
+ reboot-into-firmware menu items. It is also able to pick a better
+ screen resolution for HiDPI systems, and now provides loader
+ configuration settings to change the resolution explicitly.
+
+ * systemd-resolved now supports DNS-over-TLS. It's still
+ turned off by default, use DNSOverTLS=opportunistic to turn it on in
+ resolved.conf. We intend to make this the default as soon as couple
+ of additional techniques for optimizing the initial latency caused by
+ establishing a TLS/TCP connection are implemented.
+
+ * systemd-resolved.service and systemd-networkd.service now set
+ DynamicUser=yes. The users systemd-resolve and systemd-network are
+ not created by systemd-sysusers anymore.
+
+ NOTE: This has a chance of breaking nss-ldap and similar NSS modules
+ that embedd a network facing module into any process using getpwuid()
+ or related call: the dynamic allocation of the user ID for
+ systemd-resolved.service means the service manager has to check NSS
+ if the user name is already taken when forking off the service. Since
+ the user in the common case won't be defined in /etc/passwd the
+ lookup is likely to trigger nss-ldap which in turn might use NSS to
+ ask systemd-resolved for hostname lookups. This will hence result in
+ a deadlock: a user name lookup in order to start
+ systemd-resolved.service will result in a host name lookup for which
+ systemd-resolved.service needs to be started already. There are
+ multiple ways to work around this problem: pre-allocate the
+ "systemd-resolve" user on such systems, so that nss-ldap won't be
+ triggered; or use a different NSS package that doesn't do networking
+ in-process but provides a local asynchronous name cache; or configure
+ the NSS package to avoid lookups for UIDs in the range `pkg-config
+ systemd --variable=dynamicuidmin` … `pkg-config systemd
+ --variable=dynamicuidmax`, so that it does not consider itself
+ authoritative for the same UID range systemd allocates dynamic users
+ from.
+
+ * The systemd-resolve tool has been renamed to resolvectl (it also
+ remains available under the old name, for compatibility), and its
+ interface is now verb-based, similar in style to the other <xyz>ctl
+ tools, such as systemctl or loginctl.
+
+ * The resolvectl/systemd-resolve tool also provides 'resolvconf'
+ compatibility. It may be symlinked under the 'resolvconf' name, in
+ which case it will take arguments and input compatible with the
+ Debian and FreeBSD resolvconf tool.
+
+ * Support for suspend-then-hibernate has been added, i.e. a sleep mode
+ where the system initially suspends, and after a timeout resumes and
+ hibernates again.
+
+ * networkd's ClientIdentifier= now accepts a new option "duid-only". If
+ set the client will only send a DUID as client identifier.
+
+ * The nss-systemd glibc NSS module will now enumerate dynamic users and
+ groups in effect. Previously, it could resolve UIDs/GIDs to user
+ names/groups and vice versa, but did not support enumeration.
+
+ * journald's Compress= configuration setting now optionally accepts a
+ byte threshold value. All journal objects larger than this threshold
+ will be compressed, smaller ones will not. Previously this threshold
+ was not configurable and set to 512.
+
+ * A new system.conf setting NoNewPrivileges= is now available which may
+ be used to turn off acquisition of new privileges system-wide
+ (i.e. set Linux' PR_SET_NO_NEW_PRIVS for PID 1 itself, and thus also
+ for all its children). Note that turning this option on means setuid
+ binaries and file system capabilities lose their special powers.
+ While turning on this option is a big step towards a more secure
+ system, doing so is likely to break numerous pre-existing UNIX tools,
+ in particular su and sudo.
+
+ * A new service systemd-time-sync-wait.service has been added. If
+ enabled it will delay the time-sync.target unit at boot until time
+ synchronization has been received from the network. This
+ functionality is useful on systems lacking a local RTC or where it is
+ acceptable that the boot process shall be delayed by external network
+ services.
+
+ * When hibernating, systemd will now inform the kernel of the image
+ write offset, on kernels new enough to support this. This means swap
+ files should work for hibernation now.
+
+ * When loading unit files, systemd will now look for drop-in unit files
+ extensions in additional places. Previously, for a unit file name
+ "foo-bar-baz.service" it would look for dropin files in
+ "foo-bar-baz.service.d/*.conf". Now, it will also look in
+ "foo-bar-.service.d/*.conf" and "foo-.service.d/", i.e. at the
+ service name truncated after all inner dashes. This scheme allows
+ writing drop-ins easily that apply to a whole set of unit files at
+ once. It's particularly useful for mount and slice units (as their
+ naming is prefix based), but is also useful for service and other
+ units, for packages that install multiple unit files at once,
+ following a strict naming regime of beginning the unit file name with
+ the package's name. Two new specifiers are now supported in unit
+ files to match this: %j and %J are replaced by the part of the unit
+ name following the last dash.
+
+ * Unit files and other configuration files that support specifier
+ expansion now understand another three new specifiers: %T and %V will
+ resolve to /tmp and /var/tmp respectively, or whatever temporary
+ directory has been set for the calling user. %E will expand to either
+ /etc (for system units) or $XDG_CONFIG_HOME (for user units).
+
+ * The ExecStart= lines of unit files are no longer required to
+ reference absolute paths. If non-absolute paths are specified the
+ specified binary name is searched within the service manager's
+ built-in $PATH, which may be queried with 'systemd-path
+ search-binaries-default'. It's generally recommended to continue to
+ use absolute paths for all binaries specified in unit files.
+
+ * Units gained a new load state "bad-setting", which is used when a
+ unit file was loaded, but contained fatal errors which prevent it
+ from being started (for example, a service unit has been defined
+ lacking both ExecStart= and ExecStop= lines).
+
+ * coredumpctl's "gdb" verb has been renamed to "debug", in order to
+ support alternative debuggers, for example lldb. The old name
+ continues to be available however, for compatibility reasons. Use the
+ new --debugger= switch or the $SYSTEMD_DEBUGGER environment variable
+ to pick an alternative debugger instead of the default gdb.
+
+ * systemctl and the other tools will now output escape sequences that
+ generate proper clickable hyperlinks in various terminal emulators
+ where useful (for example, in the "systemctl status" output you can
+ now click on the unit file name to quickly open it in the
+ editor/viewer of your choice). Note that not all terminal emulators
+ support this functionality yet, but many do. Unfortunately, the
+ "less" pager doesn't support this yet, hence this functionality is
+ currently automatically turned off when a pager is started (which
+ happens quite often due to auto-paging). We hope to remove this
+ limitation as soon as "less" learns these escape sequences. This new
+ behaviour may also be turned off explicitly with the $SYSTEMD_URLIFY
+ environment variable. For details on these escape sequences see:
+ https://gist.github.com/egmontkob/eb114294efbcd5adb1944c9f3cb5feda
+
+ * networkd's .network files now support a new IPv6MTUBytes= option for
+ setting the MTU used by IPv6 explicitly as well as a new MTUBytes=
+ option in the [Route] section to configure the MTU to use for
+ specific routes. It also gained support for configuration of the DHCP
+ "UserClass" option through the new UserClass= setting. It gained
+ three new options in the new [CAN] section for configuring CAN
+ networks. The MULTICAST and ALLMULTI interface flags may now be
+ controlled explicitly with the new Multicast= and AllMulticast=
+ settings.
+
+ * networkd will now automatically make use of the kernel's route
+ expiration feature, if it is available.
+
+ * udevd's .link files now support setting the number of receive and
+ transmit channels, using the RxChannels=, TxChannels=,
+ OtherChannels=, CombinedChannels= settings.
+
+ * Support for UDPSegmentationOffload= has been removed, given its
+ limited support in hardware, and waning software support.
+
+ * networkd's .netdev files now support creating "netdevsim" interfaces.
+
+ * PID 1 learnt a new bus call GetUnitByControlGroup() which may be used
+ to query the unit belonging to a specific kernel control group.
+
+ * systemd-analyze gained a new verb "cat-config", which may be used to
+ dump the contents of any configuration file, with all its matching
+ drop-in files added in, and honouring the usual search and masking
+ logic applied to systemd configuration files. For example use
+ "systemd-analyze cat-config systemd/system.conf" to get the complete
+ system configuration file of systemd how it would be loaded by PID 1
+ itself. Similar to this, various tools such as systemd-tmpfiles or
+ systemd-sysusers, gained a new option "--cat-config", which does the
+ corresponding operation for their own configuration settings. For
+ example, "systemd-tmpfiles --cat-config" will now output the full
+ list of tmpfiles.d/ lines in place.
+
+ * timedatectl gained three new verbs: "show" shows bus properties of
+ systemd-timedated, "timesync-status" shows the current NTP
+ synchronization state of systemd-timesyncd, and "show-timesync"
+ shows bus properties of systemd-timesyncd.
+
+ * systemd-timesyncd gained a bus interface on which it exposes details
+ about its state.
+
+ * A new environment variable $SYSTEMD_TIMEDATED_NTP_SERVICES is now
+ understood by systemd-timedated. It takes a colon-separated list of
+ unit names of NTP client services. The list is used by
+ "timedatectl set-ntp".
+
+ * systemd-nspawn gained a new --rlimit= switch for setting initial
+ resource limits for the container payload. There's a new switch
+ --hostname= to explicitly override the container's hostname. A new
+ --no-new-privileges= switch may be used to control the
+ PR_SET_NO_NEW_PRIVS flag for the container payload. A new
+ --oom-score-adjust= switch controls the OOM scoring adjustment value
+ for the payload. The new --cpu-affinity= switch controls the CPU
+ affinity of the container payload. The new --resolv-conf= switch
+ allows more detailed control of /etc/resolv.conf handling of the
+ container. Similarly, the new --timezone= switch allows more detailed
+ control of /etc/localtime handling of the container.
+
+ * systemd-detect-virt gained a new --list switch, which will print a
+ list of all currently known VM and container environments.
+
+ * Support for "Portable Services" has been added, see
+ doc/PORTABLE_SERVICES.md for details. Currently, the support is still
+ experimental, but this is expected to change soon. Reflecting this
+ experimental state, the "portablectl" binary is not installed into
+ /usr/bin yet. The binary has to be called with the full path
+ /usr/lib/systemd/portablectl instead.
+
+ * journalctl's and systemctl's -o switch now knows a new log output
+ mode "with-unit". The output it generates is very similar to the
+ regular "short" mode, but displays the unit name instead of the
+ syslog tag for each log line. Also, the date is shown with timezone
+ information. This mode is probably more useful than the classic
+ "short" output mode for most purposes, except where pixel-perfect
+ compatibility with classic /var/log/messages formatting is required.
+
+ * A new --dump-bus-properties switch has been added to the systemd
+ binary, which may be used to dump all supported D-Bus properties.
+ (Options which are still supported, but are deprecated, are *not*
+ shown.)
+
+ * sd-bus gained a set of new calls:
+ sd_bus_slot_set_floating()/sd_bus_slot_get_floating() may be used to
+ enable/disable the "floating" state of a bus slot object,
+ i.e. whether the slot object pins the bus it is allocated for into
+ memory or if the bus slot object gets disconnected when the bus goes
+ away. sd_bus_open_with_description(),
+ sd_bus_open_user_with_description(),
+ sd_bus_open_system_with_description() may be used to allocate bus
+ objects and set their description string already during allocation.
+
+ * sd-event gained support for watching inotify events from the event
+ loop, in an efficient way, sharing inotify handles between multiple
+ users. For this a new function sd_event_add_inotify() has been added.
+
+ * sd-event and sd-bus gained support for calling special user-supplied
+ destructor functions for userdata pointers associated with
+ sd_event_source, sd_bus_slot, and sd_bus_track objects. For this new
+ functions sd_bus_slot_set_destroy_callback,
+ sd_bus_slot_get_destroy_callback, sd_bus_track_set_destroy_callback,
+ sd_bus_track_get_destroy_callback,
+ sd_event_source_set_destroy_callback,
+ sd_event_source_get_destroy_callback have been added.
+
+ * The "net.ipv4.tcp_ecn" sysctl will now be turned on by default.
+
+ * PID 1 will now automatically reschedule .timer units whenever the
+ local timezone changes. (They previously got rescheduled
+ automatically when the system clock changed.)
+
+ * New documentation has been added to document cgroups delegation,
+ portable services and the various code quality tools we have set up:
+
+ https://github.com/systemd/systemd/blob/master/docs/CGROUP_DELEGATION.md
+ https://github.com/systemd/systemd/blob/master/docs/PORTABLE_SERVICES.md
+ https://github.com/systemd/systemd/blob/master/docs/CODE_QUALITY.md
+
+ * The Boot Loader Specification has been added to the source tree.
+
+ https://github.com/systemd/systemd/blob/master/docs/BOOT_LOADER_SPECIFICATION.md
+
+ While moving it into our source tree we have updated it and further
+ changes are now accepted through the usual github PR workflow.
+
+ * pam_systemd will now look for PAM userdata fields systemd.memory_max,
+ systemd.tasks_max, systemd.cpu_weight, systemd.io_weight set by
+ earlier PAM modules. The data in these fields is used to initialize
+ the session scope's resource properties. Thus external PAM modules
+ may now configure per-session limits, for example sourced from
+ external user databases.
+
+ * socket units with Accept=yes will now maintain a "refused" counter in
+ addition to the existing "accepted" counter, counting connections
+ refused due to the enforced limits.
+
+ * The "systemd-path search-binaries-default" command may now be use to
+ query the default, built-in $PATH PID 1 will pass to the services it
+ manages.
+
+ * A new unit file setting PrivateMounts= has been added. It's a boolean
+ option. If enabled the unit's processes are invoked in their own file
+ system namespace. Note that this behaviour is also implied if any
+ other file system namespacing options (such as PrivateTmp=,
+ PrivateDevices=, ProtectSystem=, …) are used. This option is hence
+ primarily useful for services that do not use any of the other file
+ system namespacing options. One such service is systemd-udevd.service
+ wher this is now used by default.
+
+ * ConditionSecurity= gained a new value "uefi-secureboot" that is true
+ when the system is booted in UEFI "secure mode".
+
+ * A new unit "system-update-pre.target" is added, which defines an
+ optional synchronization point for offline system updates, as
+ implemented by the pre-existing "system-update.target" unit. It
+ allows ordering services before the service that executes the actual
+ update process in a generic way.
+
+ * Systemd now emits warnings whenever .include syntax is used.
+
+ Contributions from: Adam Duskett, Alan Jenkins, Alessandro Casale,
+ Alexander Kurtz, Alex Gartrell, Anssi Hannula, Arnaud Rebillout, Brian
+ J. Murrell, Bruno Vernay, Chris Lamb, Chris Lesiak, Christian Brauner,
+ Christian Hesse, Christian Rebischke, Colin Guthrie, Daniel Dao, Daniel
+ Lin, Danylo Korostil, Davide Cavalca, David Tardon, Dimitri John
+ Ledkov, Dmitriy Geels, Douglas Christman, Elia Geretto, emelenas, Emil
+ Velikov, Evgeny Vereshchagin, Felipe Sateler, Feng Sun, Filipe
+ Brandenburger, Franck Bui, futpib, Giuseppe Scrivano, Guillem Jover,
+ guixxx, Hannes Reinecke, Hans de Goede, Harald Hoyer, Henrique Dante de
+ Almeida, Hiram van Paassen, Ian Miell, Igor Gnatenko, Ivan Shapovalov,
+ Iwan Timmer, James Cowgill, Jan Janssen, Jan Synacek, Jared Kazimir,
+ Jérémy Rosen, João Paulo Rechi Vita, Joost Heitbrink, Jui-Chi Ricky
+ Liang, Jürg Billeter, Kai-Heng Feng, Karol Augustin, Kay Sievers,
+ Krzysztof Nowicki, Lauri Tirkkonen, Lennart Poettering, Leonard König,
+ Long Li, Luca Boccassi, Lucas Werkmeister, Marcel Hoppe, Marc
+ Kleine-Budde, Mario Limonciello, Martin Jansa, Martin Wilck, Mathieu
+ Malaterre, Matteo F. Vescovi, Matthew McGinn, Matthias-Christian Ott,
+ Michael Biebl, Michael Olbrich, Michael Prokop, Michal Koutný, Michal
+ Sekletar, Mike Gilbert, Mikhail Kasimov, Milan Broz, Milan Pässler,
+ Mladen Pejaković, Muhammet Kara, Nicolas Boichat, Omer Katz, Paride
+ Legovini, Paul Menzel, Paul Milliken, Pavel Hrdina, Peter A. Bigot,
+ Peter D'Hoye, Peter Hutterer, Peter Jones, Philip Sequeira, Philip
+ Withnall, Piotr Drąg, Radostin Stoyanov, Ricardo Salveti de Araujo,
+ Ronny Chevalier, Rosen Penev, Rubén Suárez Alvarez, Ryan Gonzalez,
+ Salvo Tomaselli, Sebastian Reichel, Sergey Ptashnick, Sergio Lindo
+ Mansilla, Stefan Schweter, Stephen Hemminger, Stuart Hayes, Susant
+ Sahani, Sylvain Plantefève, Thomas H. P. Andersen, Tobias Jungel,
+ Tomasz Torcz, Vito Caputo, Will Dietz, Will Thompson, Wim van Mourik,
+ Yu Watanabe, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2018-06-22
+
+CHANGES WITH 238:
+
+ * The MemoryAccounting= unit property now defaults to on. After
+ discussions with the upstream control group maintainers we learnt
+ that the negative impact of cgroup memory accounting on current
+ kernels is finally relatively minimal, so that it should be safe to
+ enable this by default without affecting system performance. Besides
+ memory accounting only task accounting is turned on by default, all
+ other forms of resource accounting (CPU, IO, IP) remain off for now,
+ because it's not clear yet that their impact is small enough to move
+ from opt-in to opt-out. We recommend downstreams to leave memory
+ accounting on by default if kernel 4.14 or higher is primarily
+ used. On very resource constrained systems or when support for old
+ kernels is a necessity, -Dmemory-accounting-default=false can be used
+ to revert this change.
+
+ * rpm scriptlets to update the udev hwdb and rules (%udev_hwdb_update,
+ %udev_rules_update) and the journal catalog (%journal_catalog_update)
+ from the upgrade scriptlets of individual packages now do nothing.
+ Transfiletriggers have been added which will perform those updates
+ once at the end of the transaction.
+
+ Similar transfiletriggers have been added to execute any sysctl.d
+ and binfmt.d rules. Thus, it should be unnecessary to provide any
+ scriptlets to execute this configuration from package installation
+ scripts.
+
+ * systemd-sysusers gained a mode where the configuration to execute is
+ specified on the command line, but this configuration is not executed
+ directly, but instead it is merged with the configuration on disk,
+ and the result is executed. This is useful for package installation
+ scripts which want to create the user before installing any files on
+ disk (in case some of those files are owned by that user), while
+ still allowing local admin overrides.
+
+ This functionality is exposed to rpm scriptlets through a new
+ %sysusers_create_package macro. Old %sysusers_create and
+ %sysusers_create_inline macros are deprecated.
+
+ A transfiletrigger for sysusers.d configuration is now installed,
+ which means that it should be unnecessary to call systemd-sysusers from
+ package installation scripts, unless the package installs any files
+ owned by those newly-created users, in which case
+ %sysusers_create_package should be used.
+
+ * Analogous change has been done for systemd-tmpfiles: it gained a mode
+ where the command-line configuration is merged with the configuration
+ on disk. This is exposed as the new %tmpfiles_create_package macro,
+ and %tmpfiles_create is deprecated. A transfiletrigger is installed
+ for tmpfiles.d, hence it should be unnecessary to call systemd-tmpfiles
+ from package installation scripts.
+
+ * sysusers.d configuration for a user may now also specify the group
+ number, in addition to the user number ("u username 123:456"), or
+ without the user number ("u username -:456").
+
+ * Configution items for systemd-sysusers can now be specified as
+ positional arguments when the new --inline switch is used.
+
+ * The login shell of users created through sysusers.d may now be
+ specified (previously, it was always /bin/sh for root and
+ /sbin/nologin for other users).
+
+ * systemd-analyze gained a new --global switch to look at global user
+ configuration. It also gained a unit-paths verb to list the unit load
+ paths that are compiled into systemd (which can be used with
+ --systemd, --user, or --global).
+
+ * udevadm trigger gained a new --settle/-w option to wait for any
+ triggered events to finish (but just those, and not any other events
+ which are triggered meanwhile).
+
+ * The action that systemd-logind takes when the lid is closed and the
+ machine is connected to external power can now be configured using
+ HandleLidSwitchExternalPower= in logind.conf. Previously, this action
+ was determined by HandleLidSwitch=, and, for backwards compatibility,
+ is still is, if HandleLidSwitchExternalPower= is not explicitly set.
+
+ * journalctl will periodically call sd_journal_process() to make it
+ resilient against inotify queue overruns when journal files are
+ rotated very quickly.
+
+ * Two new functions in libsystemd — sd_bus_get_n_queued_read and
+ sd_bus_get_n_queued_write — may be used to check the number of
+ pending bus messages.
+
+ * systemd gained a new
+ org.freedesktop.systemd1.Manager.AttachProcessesToUnit dbus call
+ which can be used to migrate foreign processes to scope and service
+ units. The primary user for this new API is systemd itself: the
+ systemd --user instance uses this call of the systemd --system
+ instance to migrate processes if it itself gets the request to
+ migrate processes and the kernel refuses this due to access
+ restrictions. Thanks to this "systemd-run --scope --user …" works
+ again in pure cgroup v2 environments when invoked from the user
+ session scope.
+
+ * A new TemporaryFileSystem= setting can be used to mask out part of
+ the real file system tree with tmpfs mounts. This may be combined
+ with BindPaths= and BindReadOnlyPaths= to hide files or directories
+ not relevant to the unit, while still allowing some paths lower in
+ the tree to be accessed.
+
+ ProtectHome=tmpfs may now be used to hide user home and runtime
+ directories from units, in a way that is mostly equivalent to
+ "TemporaryFileSystem=/home /run/user /root".
+
+ * Non-service units are now started with KeyringMode=shared by default.
+ This means that mount and swapon and other mount tools have access
+ to keys in the main keyring.
+
+ * /sys/fs/bpf is now mounted automatically.
+
+ * QNX virtualization is now detected by systemd-detect-virt and may
+ be used in ConditionVirtualization=.
+
+ * IPAccounting= may now be enabled also for slice units.
+
+ * A new -Dsplit-bin= build configuration switch may be used to specify
+ whether bin and sbin directories are merged, or if they should be
+ included separately in $PATH and various listings of executable
+ directories. The build configuration scripts will try to autodetect
+ the proper values of -Dsplit-usr= and -Dsplit-bin= based on build
+ system, but distributions are encouraged to configure this
+ explicitly.
+
+ * A new -Dok-color= build configuration switch may be used to change
+ the colour of "OK" status messages.
+
+ * UPGRADE ISSUE: serialization of units using JoinsNamespaceOf= with
+ PrivateNetwork=yes was buggy in previous versions of systemd. This
+ means that after the upgrade and daemon-reexec, any such units must
+ be restarted.
+
+ * INCOMPATIBILITY: as announced in the NEWS for 237, systemd-tmpfiles
+ will not exclude read-only files owned by root from cleanup.
+
+ Contributions from: Alan Jenkins, Alexander F Rødseth, Alexis Jeandet,
+ Andika Triwidada, Andrei Gherzan, Ansgar Burchardt, antizealot1337,
+ Batuhan Osman Taşkaya, Beniamino Galvani, Bill Yodlowsky, Caio Marcelo
+ de Oliveira Filho, CuBiC, Daniele Medri, Daniel Mouritzen, Daniel
+ Rusek, Davide Cavalca, Dimitri John Ledkov, Douglas Christman, Evgeny
+ Vereshchagin, Faalagorn, Filipe Brandenburger, Franck Bui, futpib,
+ Giacomo Longo, Gunnar Hjalmarsson, Hans de Goede, Hermann Gausterer,
+ Iago López Galeiras, Jakub Filak, Jan Synacek, Jason A. Donenfeld,
+ Javier Martinez Canillas, Jérémy Rosen, Lennart Poettering, Lucas
+ Werkmeister, Mao Huang, Marco Gulino, Michael Biebl, Michael Vogt,
+ MilhouseVH, Neal Gompa (ニール・ゴンパ), Oleander Reis, Olof Mogren,
+ Patrick Uiterwijk, Peter Hutterer, Peter Portante, Piotr Drąg, Robert
+ Antoni Buj Gelonch, Sergey Ptashnick, Shawn Landden, Shuang Liu, Simon
+ Fowler, SjonHortensius, snorreflorre, Susant Sahani, Sylvain
+ Plantefève, Thomas Blume, Thomas Haller, Vito Caputo, Yu Watanabe,
+ Zbigniew Jędrzejewski-Szmek, Марко М. Костић (Marko M. Kostić)
+
+ — Warsaw, 2018-03-05
+
+CHANGES WITH 237:
+
+ * Some keyboards come with a zoom see-saw or rocker which until now got
+ mapped to the Linux "zoomin/out" keys in hwdb. However, these
+ keycodes are not recognized by any major desktop. They now produce
+ Up/Down key events so that they can be used for scrolling.
+
+ * INCOMPATIBILITY: systemd-tmpfiles' "f" lines changed behaviour
+ slightly: previously, if an argument was specified for lines of this
+ type (i.e. the right-most column was set) this string was appended to
+ existing files each time systemd-tmpfiles was run. This behaviour was
+ different from what the documentation said, and not particularly
+ useful, as repeated systemd-tmpfiles invocations would not be
+ idempotent and grow such files without bounds. With this release
+ behaviour has been altered to match what the documentation says:
+ lines of this type only have an effect if the indicated files don't
+ exist yet, and only then the argument string is written to the file.
+
+ * FUTURE INCOMPATIBILITY: In systemd v238 we intend to slightly change
+ systemd-tmpfiles behaviour: previously, read-only files owned by root
+ were always excluded from the file "aging" algorithm (i.e. the
+ automatic clean-up of directories like /tmp based on
+ atime/mtime/ctime). We intend to drop this restriction, and age files
+ by default even when owned by root and read-only. This behaviour was
+ inherited from older tools, but there have been requests to remove
+ it, and it's not obvious why this restriction was made in the first
+ place. Please speak up now, if you are aware of software that reqires
+ this behaviour, otherwise we'll remove the restriction in v238.
+
+ * A new environment variable $SYSTEMD_OFFLINE is now understood by
+ systemctl. It takes a boolean argument. If on, systemctl assumes it
+ operates on an "offline" OS tree, and will not attempt to talk to the
+ service manager. Previously, this mode was implicitly enabled if a
+ chroot() environment was detected, and this new environment variable
+ now provides explicit control.
+
+ * .path and .socket units may now be created transiently, too.
+ Previously only service, mount, automount and timer units were
+ supported as transient units. The systemd-run tool has been updated
+ to expose this new functionality, you may hence use it now to bind
+ arbitrary commands to path or socket activation on-the-fly from the
+ command line. Moreover, almost all properties are now exposed for the
+ unit types that already supported transient operation.
+
+ * The systemd-mount command gained support for a new --owner= parameter
+ which takes a user name, which is then resolved and included in uid=
+ and gid= mount options string of the file system to mount.
+
+ * A new unit condition ConditionControlGroupController= has been added
+ that checks whether a specific cgroup controller is available.
+
+ * Unit files, udev's .link files, and systemd-networkd's .netdev and
+ .network files all gained support for a new condition
+ ConditionKernelVersion= for checking against specific kernel
+ versions.
+
+ * In systemd-networkd, the [IPVLAN] section in .netdev files gained
+ support for configuring device flags in the Flags= setting. In the
+ same files, the [Tunnel] section gained support for configuring
+ AllowLocalRemote=. The [Route] section in .network files gained
+ support for configuring InitialCongestionWindow=,
+ InitialAdvertisedReceiveWindow= and QuickAck=. The [DHCP] section now
+ understands RapidCommit=.
+
+ * systemd-networkd's DHCPv6 support gained support for Prefix
+ Delegation.
+
+ * sd-bus gained support for a new "watch-bind" feature. When this
+ feature is enabled, an sd_bus connection may be set up to connect to
+ an AF_UNIX socket in the file system as soon as it is created. This
+ functionality is useful for writing early-boot services that
+ automatically connect to the system bus as soon as it is started,
+ without ugly time-based polling. systemd-networkd and
+ systemd-resolved have been updated to make use of this
+ functionality. busctl exposes this functionality in a new
+ --watch-bind= command line switch.
+
+ * sd-bus will now optionally synthesize a local "Connected" signal as
+ soon as a D-Bus connection is set up fully. This message mirrors the
+ already existing "Disconnected" signal which is synthesized when the
+ connection is terminated. This signal is generally useful but
+ particularly handy in combination with the "watch-bind" feature
+ described above. Synthesizing of this message has to be requested
+ explicitly through the new API call sd_bus_set_connected_signal(). In
+ addition a new call sd_bus_is_ready() has been added that checks
+ whether a connection is fully set up (i.e. between the "Connected" and
+ "Disconnected" signals).
+
+ * sd-bus gained two new calls sd_bus_request_name_async() and
+ sd_bus_release_name_async() for asynchronously registering bus
+ names. Similar, there is now sd_bus_add_match_async() for installing
+ a signal match asynchronously. All of systemd's own services have
+ been updated to make use of these calls. Doing these operations
+ asynchronously has two benefits: it reduces the risk of deadlocks in
+ case of cyclic dependencies between bus services, and it speeds up
+ service initialization since synchronization points for bus
+ round-trips are removed.
+
+ * sd-bus gained two new calls sd_bus_match_signal() and
+ sd_bus_match_signal_async(), which are similar to sd_bus_add_match()
+ and sd_bus_add_match_async() but instead of taking a D-Bus match
+ string take match fields as normal function parameters.
+
+ * sd-bus gained two new calls sd_bus_set_sender() and
+ sd_bus_message_set_sender() for setting the sender name of outgoing
+ messages (either for all outgoing messages or for just one specific
+ one). These calls are only useful in direct connections as on
+ brokered connections the broker fills in the sender anyway,
+ overwriting whatever the client filled in.
+
+ * sd-event gained a new pseudo-handle that may be specified on all API
+ calls where an "sd_event*" object is expected: SD_EVENT_DEFAULT. When
+ used this refers to the default event loop object of the calling
+ thread. Note however that this does not implicitly allocate one —
+ which has to be done prior by using sd_event_default(). Similarly
+ sd-bus gained three new pseudo-handles SD_BUS_DEFAULT,
+ SD_BUS_DEFAULT_USER, SD_BUS_DEFAULT_SYSTEM that may be used to refer
+ to the default bus of the specified type of the calling thread. Here
+ too this does not implicitly allocate bus connection objects, this
+ has to be done prior with sd_bus_default() and friends.
+
+ * sd-event gained a new call pair
+ sd_event_source_{get|set}_io_fd_own(). This may be used to request
+ automatic closure of the file descriptor an IO event source watches
+ when the event source is destroyed.
+
+ * systemd-networkd gained support for natively configuring WireGuard
+ connections.
+
+ * In previous versions systemd synthesized user records both for the
+ "nobody" (UID 65534) and "root" (UID 0) users in nss-systemd and
+ internally. In order to simplify distribution-wide renames of the
+ "nobody" user (like it is planned in Fedora: nfsnobody → nobody), a
+ new transitional flag file has been added: if
+ /etc/systemd/dont-synthesize-nobody exists synthesizing of the 65534
+ user and group record within the systemd codebase is disabled.
+
+ * systemd-notify gained a new --uid= option for selecting the source
+ user/UID to use for notification messages sent to the service
+ manager.
+
+ * journalctl gained a new --grep= option to list only entries in which
+ the message matches a certain pattern. By default matching is case
+ insensitive if the pattern is lowercase, and case sensitive
+ otherwise. Option --case-sensitive=yes|no can be used to override
+ this an specify case sensitivity or case insensitivity.
+
+ * There's now a "systemd-analyze service-watchdogs" command for printing
+ the current state of the service runtime watchdog, and optionally
+ enabling or disabling the per-service watchdogs system-wide if given a
+ boolean argument (i.e. the concept you configure in WatchdogSec=), for
+ debugging purposes. There's also a kernel command line option
+ systemd.service_watchdogs= for controlling the same.
+
+ * Two new "log-level" and "log-target" options for systemd-analyze were
+ added that merge the now deprecated get-log-level, set-log-level and
+ get-log-target, set-log-target pairs. The deprecated options are still
+ understood for backwards compatibility. The two new options print the
+ current value when no arguments are given, and set them when a
+ level/target is given as an argument.
+
+ * sysusers.d's "u" lines now optionally accept both a UID and a GID
+ specification, separated by a ":" character, in order to create users
+ where UID and GID do not match.
+
+ Contributions from: Adam Duskett, Alan Jenkins, Alexander Kuleshov,
+ Alexis Deruelle, Andrew Jeddeloh, Armin Widegreen, Batuhan Osman
+ Taşkaya, Björn Esser, bleep_blop, Bruce A. Johnson, Chris Down, Clinton
+ Roy, Colin Walters, Daniel Rusek, Dimitri John Ledkov, Dmitry Rozhkov,
+ Evgeny Vereshchagin, Ewout van Mansom, Felipe Sateler, Franck Bui,
+ Frantisek Sumsal, George Gaydarov, Gianluca Boiano, Hans-Christian
+ Noren Egtvedt, Hans de Goede, Henrik Grindal Bakken, Jan Alexander
+ Steffens, Jan Klötzke, Jason A. Donenfeld, jdkbx, Jérémy Rosen,
+ Jerónimo Borque, John Lin, John Paul Herold, Jonathan Rudenberg, Jörg
+ Thalheim, Ken (Bitsko) MacLeod, Larry Bernstone, Lennart Poettering,
+ Lucas Werkmeister, Maciej S. Szmigiero, Marek Čermák, Martin Pitt,
+ Mathieu Malaterre, Matthew Thode, Matthias-Christian Ott, Max Harmathy,
+ Michael Biebl, Michael Vogt, Michal Koutný, Michal Sekletar, Michał
+ Szczepański, Mike Gilbert, Nathaniel McCallum, Nicolas Chauvet, Olaf
+ Hering, Olivier Schwander, Patrik Flykt, Paul Cercueil, Peter Hutterer,
+ Piotr Drąg, Raphael Vogelgsang, Reverend Homer, Robert Kolchmeyer,
+ Samuel Dionne-Riel, Sergey Ptashnick, Shawn Landden, Susant Sahani,
+ Sylvain Plantefève, Thomas H. P. Andersen, Thomas Huth, Tomasz
+ Bachorski, Vladislav Vishnyakov, Wieland Hoffmann, Yu Watanabe, Zachary
+ Winnerman, Zbigniew Jędrzejewski-Szmek, Дамјан Георгиевски, Дилян
+ Палаузов
+
+ — Brno, 2018-01-28
+
+CHANGES WITH 236:
+
+ * The modprobe.d/ drop-in for the bonding.ko kernel module introduced
+ in v235 has been extended to also set the dummy.ko module option
+ numdummies=0, preventing the kernel from automatically creating
+ dummy0. All dummy interfaces must now be explicitly created.
+
+ * Unknown '%' specifiers in configuration files are now rejected. This
+ applies to units and tmpfiles.d configuration. Any percent characters
+ that are followed by a letter or digit that are not supposed to be
+ interpreted as the beginning of a specifier should be escaped by
+ doubling ("%%"). (So "size=5%" is still accepted, as well as
+ "size=5%,foo=bar", but not "LABEL=x%y%z" since %y and %z are not
+ valid specifiers today.)
+
+ * systemd-resolved now maintains a new dynamic
+ /run/systemd/resolve/stub-resolv.conf compatibility file. It is
+ recommended to make /etc/resolv.conf a symlink to it. This file
+ points at the systemd-resolved stub DNS 127.0.0.53 resolver and
+ includes dynamically acquired search domains, achieving more correct
+ DNS resolution by software that bypasses local DNS APIs such as NSS.
+
+ * The "uaccess" udev tag has been dropped from /dev/kvm and
+ /dev/dri/renderD*. These devices now have the 0666 permissions by
+ default (but this may be changed at build-time). /dev/dri/renderD*
+ will now be owned by the "render" group along with /dev/kfd.
+
+ * "DynamicUser=yes" has been enabled for systemd-timesyncd.service,
+ systemd-journal-gatewayd.service and
+ systemd-journal-upload.service. This means "nss-systemd" must be
+ enabled in /etc/nsswitch.conf to ensure the UIDs assigned to these
+ services are resolved properly.
+
+ * In /etc/fstab two new mount options are now understood:
+ x-systemd.makefs and x-systemd.growfs. The former has the effect that
+ the configured file system is formatted before it is mounted, the
+ latter that the file system is resized to the full block device size
+ after it is mounted (i.e. if the file system is smaller than the
+ partition it resides on, it's grown). This is similar to the fsck
+ logic in /etc/fstab, and pulls in systemd-makefs@.service and
+ systemd-growfs@.service as necessary, similar to
+ systemd-fsck@.service. Resizing is currently only supported on ext4
+ and btrfs.
+
+ * In systemd-networkd, the IPv6 RA logic now optionally may announce
+ DNS server and domain information.
+
+ * Support for the LUKS2 on-disk format for encrypted partitions has
+ been added. This requires libcryptsetup2 during compilation and
+ runtime.
+
+ * The systemd --user instance will now signal "readiness" when its
+ basic.target unit has been reached, instead of when the run queue ran
+ empty for the first time.
+
+ * Tmpfiles.d with user configuration are now also supported.
+ systemd-tmpfiles gained a new --user switch, and snippets placed in
+ ~/.config/user-tmpfiles.d/ and corresponding directories will be
+ executed by systemd-tmpfiles --user running in the new
+ systemd-tmpfiles-setup.service and systemd-tmpfiles-clean.service
+ running in the user session.
+
+ * Unit files and tmpfiles.d snippets learnt three new % specifiers:
+ %S resolves to the top-level state directory (/var/lib for the system
+ instance, $XDG_CONFIG_HOME for the user instance), %C resolves to the
+ top-level cache directory (/var/cache for the system instance,
+ $XDG_CACHE_HOME for the user instance), %L resolves to the top-level
+ logs directory (/var/log for the system instance,
+ $XDG_CONFIG_HOME/log/ for the user instance). This matches the
+ existing %t specifier, that resolves to the top-level runtime
+ directory (/run for the system instance, and $XDG_RUNTIME_DIR for the
+ user instance).
+
+ * journalctl learnt a new parameter --output-fields= for limiting the
+ set of journal fields to output in verbose and JSON output modes.
+
+ * systemd-timesyncd's configuration file gained a new option
+ RootDistanceMaxSec= for setting the maximum root distance of servers
+ it'll use, as well as the new options PollIntervalMinSec= and
+ PollIntervalMaxSec= to tweak the minimum and maximum poll interval.
+
+ * bootctl gained a new command "list" for listing all available boot
+ menu items on systems that follow the boot loader specification.
+
+ * systemctl gained a new --dry-run switch that shows what would be done
+ instead of doing it, and is currently supported by the shutdown and
+ sleep verbs.
+
+ * ConditionSecurity= can now detect the TOMOYO security module.
+
+ * Unit file [Install] sections are now also respected in unit drop-in
+ files. This is intended to be used by drop-ins under /usr/lib/.
+
+ * systemd-firstboot may now also set the initial keyboard mapping.
+
+ * Udev "changed" events for devices which are exposed as systemd
+ .device units are now propagated to units specified in
+ ReloadPropagatedFrom= as reload requests.
+
+ * If a udev device has a SYSTEMD_WANTS= property containing a systemd
+ unit template name (i.e. a name in the form of 'foobar@.service',
+ without the instance component between the '@' and - the '.'), then
+ the escaped sysfs path of the device is automatically used as the
+ instance.
+
+ * SystemCallFilter= in unit files has been extended so that an "errno"
+ can be specified individually for each system call. Example:
+ SystemCallFilter=~uname:EILSEQ.
+
+ * The cgroup delegation logic has been substantially updated. Delegate=
+ now optionally takes a list of controllers (instead of a boolean, as
+ before), which lists the controllers to delegate at least.
+
+ * The networkd DHCPv6 client now implements the FQDN option (RFC 4704).
+
+ * A new LogLevelMax= setting configures the maximum log level any
+ process of the service may log at (i.e. anything with a lesser
+ priority than what is specified is automatically dropped). A new
+ LogExtraFields= setting allows configuration of additional journal
+ fields to attach to all log records generated by any of the unit's
+ processes.
+
+ * New StandardInputData= and StandardInputText= settings along with the
+ new option StandardInput=data may be used to configure textual or
+ binary data that shall be passed to the executed service process via
+ standard input, encoded in-line in the unit file.
+
+ * StandardInput=, StandardOutput= and StandardError= may now be used to
+ connect stdin/stdout/stderr of executed processes directly with a
+ file or AF_UNIX socket in the file system, using the new "file:" option.
+
+ * A new unit file option CollectMode= has been added, that allows
+ tweaking the garbage collection logic for units. It may be used to
+ tell systemd to garbage collect units that have failed automatically
+ (normally it only GCs units that exited successfully). systemd-run
+ and systemd-mount expose this new functionality with a new -G option.
+
+ * "machinectl bind" may now be used to bind mount non-directories
+ (i.e. regularfiles, devices, fifos, sockets).
+
+ * systemd-analyze gained a new verb "calendar" for validating and
+ testing calendar time specifications to use for OnCalendar= in timer
+ units. Besides validating the expression it will calculate the next
+ time the specified expression would elapse.
+
+ * In addition to the pre-existing FailureAction= unit file setting
+ there's now SuccessAction=, for configuring a shutdown action to
+ execute when a unit completes successfully. This is useful in
+ particular inside containers that shall terminate after some workload
+ has been completed. Also, both options are now supported for all unit
+ types, not just services.
+
+ * networkds's IP rule support gained two new options
+ IncomingInterface= and OutgoingInterface= for configuring the incoming
+ and outgoing interfaces of configured rules. systemd-networkd also
+ gained support for "vxcan" network devices.
+
+ * networkd gained a new setting RequiredForOnline=, taking a
+ boolean. If set, systemd-wait-online will take it into consideration
+ when determining that the system is up, otherwise it will ignore the
+ interface for this purpose.
+
+ * The sd_notify() protocol gained support for a new operation: with
+ FDSTOREREMOVE=1 file descriptors may be removed from the per-service
+ store again, ahead of POLLHUP or POLLERR when they are removed
+ anyway.
+
+ * A new document doc/UIDS-GIDS.md has been added to the source tree,
+ that documents the UID/GID range and assignment assumptions and
+ requirements of systemd.
+
+ * The watchdog device PID 1 will ping may now be configured through the
+ WatchdogDevice= configuration file setting, or by setting the
+ systemd.watchdog_service= kernel commandline option.
+
+ * systemd-resolved's gained support for registering DNS-SD services on
+ the local network using MulticastDNS. Services may either be
+ registered by dropping in a .dnssd file in /etc/systemd/dnssd/ (or
+ the same dir below /run, /usr/lib), or through its D-Bus API.
+
+ * The sd_notify() protocol can now with EXTEND_TIMEOUT_USEC=microsecond
+ extend the effective start, runtime, and stop time. The service must
+ continue to send EXTEND_TIMEOUT_USEC within the period specified to
+ prevent the service manager from making the service as timedout.
+
+ * systemd-resolved's DNSSEC support gained support for RFC 8080
+ (Ed25519 keys and signatures).
+
+ * The systemd-resolve command line tool gained a new set of options
+ --set-dns=, --set-domain=, --set-llmnr=, --set-mdns=, --set-dnssec=,
+ --set-nta= and --revert to configure per-interface DNS configuration
+ dynamically during runtime. It's useful for pushing DNS information
+ into systemd-resolved from DNS hook scripts that various interface
+ managing software supports (such as pppd).
+
+ * systemd-nspawn gained a new --network-namespace-path= command line
+ option, which may be used to make a container join an existing
+ network namespace, by specifying a path to a "netns" file.
+
+ Contributions from: Alan Jenkins, Alan Robertson, Alessandro Ghedini,
+ Andrew Jeddeloh, Antonio Rojas, Ari, asavah, bleep_blop, Carsten
+ Strotmann, Christian Brauner, Christian Hesse, Clinton Roy, Collin
+ Eggert, Cong Wang, Daniel Black, Daniel Lockyer, Daniel Rusek, Dimitri
+ John Ledkov, Dmitry Rozhkov, Dongsu Park, Edward A. James, Evgeny
+ Vereshchagin, Florian Klink, Franck Bui, Gwendal Grignou, Hans de
+ Goede, Harald Hoyer, Hristo Venev, Iago López Galeiras, Ikey Doherty,
+ Jakub Wilk, Jérémy Rosen, Jiahui Xie, John Lin, José Bollo, Josef
+ Andersson, juga0, Krzysztof Nowicki, Kyle Walker, Lars Karlitski, Lars
+ Kellogg-Stedman, Lauri Tirkkonen, Lennart Poettering, Lubomir Rintel,
+ Luca Bruno, Lucas Werkmeister, Lukáš Nykrýn, Lukáš Říha, Lukasz
+ Rubaszewski, Maciej S. Szmigiero, Mantas Mikulėnas, Marcus Folkesson,
+ Martin Steuer, Mathieu Trudel-Lapierre, Matija Skala,
+ Matthias-Christian Ott, Max Resch, Michael Biebl, Michael Vogt, Michal
+ Koutný, Michal Sekletar, Mike Gilbert, Muhammet Kara, Neil Brown, Olaf
+ Hering, Ondrej Kozina, Patrik Flykt, Patryk Kocielnik, Peter Hutterer,
+ Piotr Drąg, Razvan Cojocaru, Robin McCorkell, Roland Hieber, Saran
+ Tunyasuvunakool, Sergey Ptashnick, Shawn Landden, Shuang Liu, Simon
+ Arlott, Simon Peeters, Stanislav Angelovič, Stefan Agner, Susant
+ Sahani, Sylvain Plantefève, Thomas Blume, Thomas Haller, Tiago Salem
+ Herrmann, Tinu Weber, Tom Stellard, Topi Miettinen, Torsten Hilbrich,
+ Vito Caputo, Vladislav Vishnyakov, WaLyong Cho, Yu Watanabe, Zbigniew
+ Jędrzejewski-Szmek, Zeal Jagannatha
+
+ — Berlin, 2017-12-14
+
+CHANGES WITH 235:
+
+ * INCOMPATIBILITY: systemd-logind.service and other long-running
+ services now run inside an IPv4/IPv6 sandbox, prohibiting them any IP
+ communication with the outside. This generally improves security of
+ the system, and is in almost all cases a safe and good choice, as
+ these services do not and should not provide any network-facing
+ functionality. However, systemd-logind uses the glibc NSS API to
+ query the user database. This creates problems on systems where NSS
+ is set up to directly consult network services for user database
+ lookups. In particular, this creates incompatibilities with the
+ "nss-nis" module, which attempts to directly contact the NIS/YP
+ network servers it is configured for, and will now consistently
+ fail. In such cases, it is possible to turn off IP sandboxing for
+ systemd-logind.service (set IPAddressDeny= in its [Service] section
+ to the empty string, via a .d/ unit file drop-in). Downstream
+ distributions might want to update their nss-nis packaging to include
+ such a drop-in snippet, accordingly, to hide this incompatibility
+ from the user. Another option is to make use of glibc's nscd service
+ to proxy such network requests through a privilege-separated, minimal
+ local caching daemon, or to switch to more modern technologies such
+ sssd, whose NSS hook-ups generally do not involve direct network
+ access. In general, we think it's definitely time to question the
+ implementation choices of nss-nis, i.e. whether it's a good idea
+ today to embed a network-facing loadable module into all local
+ processes that need to query the user database, including the most
+ trivial and benign ones, such as "ls". For more details about
+ IPAddressDeny= see below.
+
+ * A new modprobe.d drop-in is now shipped by default that sets the
+ bonding module option max_bonds=0. This overrides the kernel default,
+ to avoid conflicts and ambiguity as to whether or not bond0 should be
+ managed by systemd-networkd or not. This resolves multiple issues
+ with bond0 properties not being applied, when bond0 is configured
+ with systemd-networkd. Distributors may choose to not package this,
+ however in that case users will be prevented from correctly managing
+ bond0 interface using systemd-networkd.
+
+ * systemd-analyze gained new verbs "get-log-level" and "get-log-target"
+ which print the logging level and target of the system manager. They
+ complement the existing "set-log-level" and "set-log-target" verbs
+ used to change those values.
+
+ * journald.conf gained a new boolean setting ReadKMsg= which defaults
+ to on. If turned off kernel log messages will not be read by
+ systemd-journald or included in the logs. It also gained a new
+ setting LineMax= for configuring the maximum line length in
+ STDOUT/STDERR log streams. The new default for this value is 48K, up
+ from the previous hardcoded 2048.
+
+ * A new unit setting RuntimeDirectoryPreserve= has been added, which
+ allows more detailed control of what to do with a runtime directory
+ configured with RuntimeDirectory= (i.e. a directory below /run or
+ $XDG_RUNTIME_DIR) after a unit is stopped.
+
+ * The RuntimeDirectory= setting for units gained support for creating
+ deeper subdirectories below /run or $XDG_RUNTIME_DIR, instead of just
+ one top-level directory.
+
+ * Units gained new options StateDirectory=, CacheDirectory=,
+ LogsDirectory= and ConfigurationDirectory= which are closely related
+ to RuntimeDirectory= but manage per-service directories below
+ /var/lib, /var/cache, /var/log and /etc. By making use of them it is
+ possible to write unit files which when activated automatically gain
+ properly owned service specific directories in these locations, thus
+ making unit files self-contained and increasing compatibility with
+ stateless systems and factory reset where /etc or /var are
+ unpopulated at boot. Matching these new settings there's also
+ StateDirectoryMode=, CacheDirectoryMode=, LogsDirectoryMode=,
+ ConfigurationDirectoryMode= for configuring the access mode of these
+ directories. These settings are particularly useful in combination
+ with DynamicUser=yes as they provide secure, properly-owned,
+ writable, and stateful locations for storage, excluded from the
+ sandbox that such services live in otherwise.
+
+ * Automake support has been removed from this release. systemd is now
+ Meson-only.
+
+ * systemd-journald will now aggressively cache client metadata during
+ runtime, speeding up log write performance under pressure. This comes
+ at a small price though: as much of the metadata is read
+ asynchronously from /proc/ (and isn't implicitly attached to log
+ datagrams by the kernel, like UID/GID/PID/SELinux are) this means the
+ metadata stored alongside a log entry might be slightly
+ out-of-date. Previously it could only be slightly newer than the log
+ message. The time window is small however, and given that the kernel
+ is unlikely to be improved anytime soon in this regard, this appears
+ acceptable to us.
+
+ * nss-myhostname/systemd-resolved will now by default synthesize an
+ A/AAAA resource record for the "_gateway" hostname, pointing to the
+ current default IP gateway. Previously it did that for the "gateway"
+ name, hampering adoption, as some distributions wanted to leave that
+ host name open for local use. The old behaviour may still be
+ requested at build time.
+
+ * systemd-networkd's [Address] section in .network files gained a new
+ Scope= setting for configuring the IP address scope. The [Network]
+ section gained a new boolean setting ConfigureWithoutCarrier= that
+ tells systemd-networkd to ignore link sensing when configuring the
+ device. The [DHCP] section gained a new Anonymize= boolean option for
+ turning on a number of options suggested in RFC 7844. A new
+ [RoutingPolicyRule] section has been added for configuring the IP
+ routing policy. The [Route] section has gained support for a new
+ Type= setting which permits configuring
+ blackhole/unreachable/prohibit routes.
+
+ * The [VRF] section in .netdev files gained a new Table= setting for
+ configuring the routing table to use. The [Tunnel] section gained a
+ new Independent= boolean field for configuring tunnels independent of
+ an underlying network interface. The [Bridge] section gained a new
+ GroupForwardMask= option for configuration of propagation of link
+ local frames between bridge ports.
+
+ * The WakeOnLan= setting in .link files gained support for a number of
+ new modes. A new TCP6SegmentationOffload= setting has been added for
+ configuring TCP/IPv6 hardware segmentation offload.
+
+ * The IPv6 RA sender implementation may now optionally send out RDNSS
+ and RDNSSL records to supply DNS configuration to peers.
+
+ * systemd-nspawn gained support for a new --system-call-filter= command
+ line option for adding and removing entries in the default system
+ call filter it applies. Moreover systemd-nspawn has been changed to
+ implement a system call whitelist instead of a blacklist.
+
+ * systemd-run gained support for a new --pipe command line option. If
+ used the STDIN/STDOUT/STDERR file descriptors passed to systemd-run
+ are directly passed on to the activated transient service
+ executable. This allows invoking arbitrary processes as systemd
+ services (for example to take benefit of dependency management,
+ accounting management, resource management or log management that is
+ done automatically for services) — while still allowing them to be
+ integrated in a classic UNIX shell pipeline.
+
+ * When a service sends RELOAD=1 via sd_notify() and reload propagation
+ using ReloadPropagationTo= is configured, a reload is now propagated
+ to configured units. (Previously this was only done on explicitly
+ requested reloads, using "systemctl reload" or an equivalent
+ command.)
+
+ * For each service unit a restart counter is now kept: it is increased
+ each time the service is restarted due to Restart=, and may be
+ queried using "systemctl show -p NRestarts …".
+
+ * New system call filter groups @aio, @sync, @chown, @setuid, @memlock,
+ @signal and @timer have been added, for usage with SystemCallFilter=
+ in unit files and the new --system-call-filter= command line option
+ of systemd-nspawn (see above).
+
+ * ExecStart= lines in unit files gained two new modifiers: when a
+ command line is prefixed with "!" the command will be executed as
+ configured, except for the credentials applied by
+ setuid()/setgid()/setgroups(). It is very similar to the pre-existing
+ "+", but does still apply namespacing options unlike "+". There's
+ also "!!" now, which is mostly identical, but becomes a NOP on
+ systems that support ambient capabilities. This is useful to write
+ unit files that work with ambient capabilities where possible but
+ automatically fall back to traditional privilege dropping mechanisms
+ on systems where this is not supported.
+
+ * ListenNetlink= settings in socket units now support RDMA netlink
+ sockets.
+
+ * A new unit file setting LockPersonality= has been added which permits
+ locking down the chosen execution domain ("personality") of a service
+ during runtime.
+
+ * A new special target "getty-pre.target" has been added, which is
+ ordered before all text logins, and may be used to order services
+ before textual logins acquire access to the console.
+
+ * systemd will now attempt to load the virtio-rng.ko kernel module very
+ early on if a VM environment supporting this is detected. This should
+ improve entropy during early boot in virtualized environments.
+
+ * A _netdev option is now supported in /etc/crypttab that operates in a
+ similar way as the same option in /etc/fstab: it permits configuring
+ encrypted devices that need to be ordered after the network is up.
+ Following this logic, two new special targets
+ remote-cryptsetup-pre.target and remote-cryptsetup.target have been
+ added that are to cryptsetup.target what remote-fs.target and
+ remote-fs-pre.target are to local-fs.target.
+
+ * Service units gained a new UnsetEnvironment= setting which permits
+ unsetting specific environment variables for services that are
+ normally passed to it (for example in order to mask out locale
+ settings for specific services that can't deal with it).
+
+ * Units acquired a new boolean option IPAccounting=. When turned on, IP
+ traffic accounting (packet count as well as byte count) is done for
+ the service, and shown as part of "systemctl status" or "systemd-run
+ --wait".
+
+ * Service units acquired two new options IPAddressAllow= and
+ IPAddressDeny=, taking a list of IPv4 or IPv6 addresses and masks,
+ for configuring a simple IP access control list for all sockets of
+ the unit. These options are available also on .slice and .socket
+ units, permitting flexible access list configuration for individual
+ services as well as groups of services (as defined by a slice unit),
+ including system-wide. Note that IP ACLs configured this way are
+ enforced on every single IPv4 and IPv6 socket created by any process
+ of the service unit, and apply to ingress as well as egress traffic.
+
+ * If CPUAccounting= or IPAccounting= is turned on for a unit a new
+ structured log message is generated each time the unit is stopped,
+ containing information about the consumed resources of this
+ invocation.
+
+ * A new setting KeyringMode= has been added to unit files, which may be
+ used to control how the kernel keyring is set up for executed
+ processes.
+
+ * "systemctl poweroff", "systemctl reboot", "systemctl halt",
+ "systemctl kexec" and "systemctl exit" are now always asynchronous in
+ behaviour (that is: these commands return immediately after the
+ operation was enqueued instead of waiting for the operation to
+ complete). Previously, "systemctl poweroff" and "systemctl reboot"
+ were asynchronous on systems using systemd-logind (i.e. almost
+ always, and like they were on sysvinit), and the other three commands
+ were unconditionally synchronous. With this release this is cleaned
+ up, and callers will see the same asynchronous behaviour on all
+ systems for all five operations.
+
+ * systemd-logind gained new Halt() and CanHalt() bus calls for halting
+ the system.
+
+ * .timer units now accept calendar specifications in other timezones
+ than UTC or the local timezone.
+
+ * The tmpfiles snippet var.conf has been changed to create
+ /var/log/btmp with access mode 0660 instead of 0600. It was owned by
+ the "utmp" group already, and it appears to be generally understood
+ that members of "utmp" can modify/flush the utmp/wtmp/lastlog/btmp
+ databases. Previously this was implemented correctly for all these
+ databases excepts btmp, which has been opened up like this now
+ too. Note that while the other databases are world-readable
+ (i.e. 0644), btmp is not and remains more restrictive.
+
+ * The systemd-resolve tool gained a new --reset-server-features
+ switch. When invoked like this systemd-resolved will forget
+ everything it learnt about the features supported by the configured
+ upstream DNS servers, and restarts the feature probing logic on the
+ next resolver look-up for them at the highest feature level
+ again.
+
+ * The status dump systemd-resolved sends to the logs upon receiving
+ SIGUSR1 now also includes information about all DNS servers it is
+ configured to use, and the features levels it probed for them.
+
+ Contributions from: Abdó Roig-Maranges, Alan Jenkins, Alexander
+ Kuleshov, Andreas Rammhold, Andrew Jeddeloh, Andrew Soutar, Ansgar
+ Burchardt, Beniamino Galvani, Benjamin Berg, Benjamin Robin, Charles
+ Huber, Christian Hesse, Daniel Berrange, Daniel Kahn Gillmor, Daniel
+ Mack, Daniel Rusek, Daniel Șerbănescu, Davide Cavalca, Dimitri John
+ Ledkov, Diogo Pereira, Djalal Harouni, Dmitriy Geels, Dmitry Torokhov,
+ ettavolt, Evgeny Vereshchagin, Fabio Kung, Felipe Sateler, Franck Bui,
+ Hans de Goede, Harald Hoyer, Insun Pyo, Ivan Kurnosov, Ivan Shapovalov,
+ Jakub Wilk, Jan Synacek, Jason Gunthorpe, Jeremy Bicha, Jérémy Rosen,
+ John Lin, jonasBoss, Jonathan Lebon, Jonathan Teh, Jon Ringle, Jörg
+ Thalheim, Jouke Witteveen, juga0, Justin Capella, Justin Michaud,
+ Kai-Heng Feng, Lennart Poettering, Lion Yang, Luca Bruno, Lucas
+ Werkmeister, Lukáš Nykrýn, Marcel Hollerbach, Marcus Lundblad, Martin
+ Pitt, Michael Biebl, Michael Grzeschik, Michal Sekletar, Mike Gilbert,
+ Neil Brown, Nicolas Iooss, Patrik Flykt, pEJipE, Piotr Drąg, Russell
+ Stuart, S. Fan, Shengyao Xue, Stefan Pietsch, Susant Sahani, Tejun Heo,
+ Thomas Miller, Thomas Sailer, Tobias Hunger, Tomasz Pala, Tom
+ Gundersen, Tommi Rantala, Topi Miettinen, Torstein Husebø, userwithuid,
+ Vasilis Liaskovitis, Vito Caputo, WaLyong Cho, William Douglas, Xiang
+ Fan, Yu Watanabe, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2017-10-06
+
+CHANGES WITH 234:
+
+ * Meson is now supported as build system in addition to Automake. It is
+ our plan to remove Automake in one of our next releases, so that
+ Meson becomes our exclusive build system. Hence, please start using
+ the Meson build system in your downstream packaging. There's plenty
+ of documentation around how to use Meson, the extremely brief
+ summary:
+
+ ./autogen.sh && ./configure && make && sudo make install
+
+ becomes:
+
+ meson build && ninja -C build && sudo ninja -C build install
+
+ * Unit files gained support for a new JobRunningTimeoutUSec= setting,
+ which permits configuring a timeout on the time a job is
+ running. This is particularly useful for setting timeouts on jobs for
+ .device units.
+
+ * Unit files gained two new options ConditionUser= and ConditionGroup=
+ for conditionalizing units based on the identity of the user/group
+ running a systemd user instance.
+
+ * systemd-networkd now understands a new FlowLabel= setting in the
+ [VXLAN] section of .network files, as well as a Priority= in
+ [Bridge], GVRP= + MVRP= + LooseBinding= + ReorderHeader= in [VLAN]
+ and GatewayOnlink= + IPv6Preference= + Protocol= in [Route]. It also
+ gained support for configuration of GENEVE links, and IPv6 address
+ labels. The [Network] section gained the new IPv6ProxyNDP= setting.
+
+ * .link files now understand a new Port= setting.
+
+ * systemd-networkd's DHCP support gained support for DHCP option 119
+ (domain search list).
+
+ * systemd-networkd gained support for serving IPv6 address ranges using
+ the Router Advertisement protocol. The new .network configuration
+ section [IPv6Prefix] may be used to configure the ranges to
+ serve. This is implemented based on a new, minimal, native server
+ implementation of RA.
+
+ * journalctl's --output= switch gained support for a new parameter
+ "short-iso-precise" for a mode where timestamps are shown as precise
+ ISO date values.
+
+ * systemd-udevd's "net_id" builtin may now generate stable network
+ interface names from IBM PowerVM VIO devices as well as ACPI platform
+ devices.
+
+ * MulticastDNS support in systemd-resolved may now be explicitly
+ enabled/disabled using the new MulticastDNS= configuration file
+ option.
+
+ * systemd-resolved may now optionally use libidn2 instead of the libidn
+ for processing internationalized domain names. Support for libidn2
+ should be considered experimental and should not be enabled by
+ default yet.
+
+ * "machinectl pull-tar" and related call may now do verification of
+ downloaded images using SUSE-style .sha256 checksum files in addition
+ to the already existing support for validating using Ubuntu-style
+ SHA256SUMS files.
+
+ * sd-bus gained support for a new sd_bus_message_appendv() call which
+ is va_list equivalent of sd_bus_message_append().
+
+ * sd-boot gained support for validating images using SHIM/MOK.
+
+ * The SMACK code learnt support for "onlycap".
+
+ * systemd-mount --umount is now much smarter in figuring out how to
+ properly unmount a device given its mount or device path.
+
+ * The code to call libnss_dns as a fallback from libnss_resolve when
+ the communication with systemd-resolved fails was removed. This
+ fallback was redundant and interfered with the [!UNAVAIL=return]
+ suffix. See nss-resolve(8) for the recommended configuration.
+
+ * systemd-logind may now be restarted without losing state. It stores
+ the file descriptors for devices it manages in the system manager
+ using the FDSTORE= mechanism. Please note that further changes in
+ other components may be required to make use of this (for example
+ Xorg has code to listen for stops of systemd-logind and terminate
+ itself when logind is stopped or restarted, in order to avoid using
+ stale file descriptors for graphical devices, which is now
+ counterproductive and must be reverted in order for restarts of
+ systemd-logind to be safe. See
+ https://cgit.freedesktop.org/xorg/xserver/commit/?id=dc48bd653c7e101.)
+
+ * All kernel install plugins are called with the environment variable
+ KERNEL_INSTALL_MACHINE_ID which is set to the machine ID given by
+ /etc/machine-id. If the file is missing or empty, the variable is
+ empty and BOOT_DIR_ABS is the path of a temporary directory which is
+ removed after all the plugins exit. So, if KERNEL_INSTALL_MACHINE_ID
+ is empty, all plugins should not put anything in BOOT_DIR_ABS.
+
+ Contributions from: Adrian Heine né Lang, Aggelos Avgerinos, Alexander
+ Kurtz, Alexandros Frantzis, Alexey Brodkin, Alex Lu, Amir Pakdel, Amir
+ Yalon, Anchor Cat, Anthony Parsons, Bastien Nocera, Benjamin Gilbert,
+ Benjamin Robin, Boucman, Charles Plessy, Chris Chiu, Chris Lamb,
+ Christian Brauner, Christian Hesse, Colin Walters, Daniel Drake,
+ Danielle Church, Daniel Molkentin, Daniel Rusek, Daniel Wang, Davide
+ Cavalca, David Herrmann, David Michael, Dax Kelson, Dimitri John
+ Ledkov, Djalal Harouni, Dušan Kazik, Elias Probst, Evgeny Vereshchagin,
+ Federico Di Pierro, Felipe Sateler, Felix Zhang, Franck Bui, Gary
+ Tierney, George McCollister, Giedrius Statkevičius, Hans de Goede,
+ hecke, Hendrik Westerberg, Hristo Venev, Ian Wienand, Insun Pyo, Ivan
+ Shapovalov, James Cowgill, James Hemsing, Janne Heß, Jan Synacek, Jason
+ Reeder, João Paulo Rechi Vita, John Paul Adrian Glaubitz, Jörg
+ Thalheim, Josef Andersson, Josef Gajdusek, Julian Mehne, Kai Krakow,
+ Krzysztof Jackiewicz, Lars Karlitski, Lennart Poettering, Lluís Gili,
+ Lucas Werkmeister, Lukáš Nykrýn, Łukasz Stelmach, Mantas Mikulėnas,
+ Marcin Bachry, Marcus Cooper, Mark Stosberg, Martin Pitt, Matija Skala,
+ Matt Clarkson, Matthew Garrett, Matthias Greiner, Matthijs van Duin,
+ Max Resch, Michael Biebl, Michal Koutný, Michal Sekletar, Michal
+ Soltys, Michal Suchanek, Mike Gilbert, Nate Clark, Nathaniel R. Lewis,
+ Neil Brown, Nikolai Kondrashov, Pascal S. de Kloe, Pat Riehecky, Patrik
+ Flykt, Paul Kocialkowski, Peter Hutterer, Philip Withnall, Piotr
+ Szydełko, Rafael Fontenelle, Ray Strode, Richard Maw, Roelf Wichertjes,
+ Ronny Chevalier, Sarang S. Dalal, Sjoerd Simons, slodki, Stefan
+ Schweter, Susant Sahani, Ted Wood, Thomas Blume, Thomas Haller, Thomas
+ H. P. Andersen, Timothée Ravier, Tobias Jungel, Tobias Stoeckmann, Tom
+ Gundersen, Tom Yan, Torstein Husebø, Umut Tezduyar Lindskog,
+ userwithuid, Vito Caputo, Waldemar Brodkorb, WaLyong Cho, Yu, Li-Yu,
+ Yusuke Nojima, Yu Watanabe, Zbigniew Jędrzejewski-Szmek, Дамјан
+ Георгиевски
+
+ — Berlin, 2017-07-12
+
+CHANGES WITH 233:
+
+ * The "hybrid" control group mode has been modified to improve
+ compatibility with "legacy" cgroups-v1 setups. Specifically, the
+ "hybrid" setup of /sys/fs/cgroup is now pretty much identical to
+ "legacy" (including /sys/fs/cgroup/systemd as "name=systemd" named
+ cgroups-v1 hierarchy), the only externally visible change being that
+ the cgroups-v2 hierarchy is also mounted, to
+ /sys/fs/cgroup/unified. This should provide a large degree of
+ compatibility with "legacy" cgroups-v1, while taking benefit of the
+ better management capabilities of cgroups-v2.
+
+ * The default control group setup mode may be selected both a boot-time
+ via a set of kernel command line parameters (specifically:
+ systemd.unified_cgroup_hierarchy= and
+ systemd.legacy_systemd_cgroup_controller=), as well as a compile-time
+ default selected on the configure command line
+ (--with-default-hierarchy=). The upstream default is "hybrid"
+ (i.e. the cgroups-v1 + cgroups-v2 mixture discussed above) now, but
+ this will change in a future systemd version to be "unified" (pure
+ cgroups-v2 mode). The third option for the compile time option is
+ "legacy", to enter pure cgroups-v1 mode. We recommend downstream
+ distributions to default to "hybrid" mode for release distributions,
+ starting with v233. We recommend "unified" for development
+ distributions (specifically: distributions such as Fedora's rawhide)
+ as that's where things are headed in the long run. Use "legacy" for
+ greatest stability and compatibility only.
+
+ * Note one current limitation of "unified" and "hybrid" control group
+ setup modes: the kernel currently does not permit the systemd --user
+ instance (i.e. unprivileged code) to migrate processes between two
+ disconnected cgroup subtrees, even if both are managed and owned by
+ the user. This effectively means "systemd-run --user --scope" doesn't
+ work when invoked from outside of any "systemd --user" service or
+ scope. Specifically, it is not supported from session scopes. We are
+ working on fixing this in a future systemd version. (See #3388 for
+ further details about this.)
+
+ * DBus policy files are now installed into /usr rather than /etc. Make
+ sure your system has dbus >= 1.9.18 running before upgrading to this
+ version, or override the install path with --with-dbuspolicydir= .
+
+ * All python scripts shipped with systemd (specifically: the various
+ tests written in Python) now require Python 3.
+
+ * systemd unit tests can now run standalone (without the source or
+ build directories), and can be installed into /usr/lib/systemd/tests/
+ with 'make install-tests'.
+
+ * Note that from this version on, CONFIG_CRYPTO_USER_API_HASH,
+ CONFIG_CRYPTO_HMAC and CONFIG_CRYPTO_SHA256 need to be enabled in the
+ kernel.
+
+ * Support for the %c, %r, %R specifiers in unit files has been
+ removed. Specifiers are not supposed to be dependent on configuration
+ in the unit file itself (so that they resolve the same regardless
+ where used in the unit files), but these specifiers were influenced
+ by the Slice= option.
+
+ * The shell invoked by debug-shell.service now defaults to /bin/sh in
+ all cases. If distributions want to use a different shell for this
+ purpose (for example Fedora's /sbin/sushell) they need to specify
+ this explicitly at configure time using --with-debug-shell=.
+
+ * The confirmation spawn prompt has been reworked to offer the
+ following choices:
+
+ (c)ontinue, proceed without asking anymore
+ (D)ump, show the state of the unit
+ (f)ail, don't execute the command and pretend it failed
+ (h)elp
+ (i)nfo, show a short summary of the unit
+ (j)obs, show jobs that are in progress
+ (s)kip, don't execute the command and pretend it succeeded
+ (y)es, execute the command
+
+ The 'n' choice for the confirmation spawn prompt has been removed,
+ because its meaning was confusing.
+
+ The prompt may now also be redirected to an alternative console by
+ specifying the console as parameter to systemd.confirm_spawn=.
+
+ * Services of Type=notify require a READY=1 notification to be sent
+ during startup. If no such message is sent, the service now fails,
+ even if the main process exited with a successful exit code.
+
+ * Services that fail to start up correctly now always have their
+ ExecStopPost= commands executed. Previously, they'd enter "failed"
+ state directly, without executing these commands.
+
+ * The option MulticastDNS= of network configuration files has acquired
+ an actual implementation. With MulticastDNS=yes a host can resolve
+ names of remote hosts and reply to mDNS A and AAAA requests.
+
+ * When units are about to be started an additional check is now done to
+ ensure that all dependencies of type BindsTo= (when used in
+ combination with After=) have been started.
+
+ * systemd-analyze gained a new verb "syscall-filter" which shows which
+ system call groups are defined for the SystemCallFilter= unit file
+ setting, and which system calls they contain.
+
+ * A new system call filter group "@filesystem" has been added,
+ consisting of various file system related system calls. Group
+ "@reboot" has been added, covering reboot, kexec and shutdown related
+ calls. Finally, group "@swap" has been added covering swap
+ configuration related calls.
+
+ * A new unit file option RestrictNamespaces= has been added that may be
+ used to restrict access to the various process namespace types the
+ Linux kernel provides. Specifically, it may be used to take away the
+ right for a service unit to create additional file system, network,
+ user, and other namespaces. This sandboxing option is particularly
+ relevant due to the high amount of recently discovered namespacing
+ related vulnerabilities in the kernel.
+
+ * systemd-udev's .link files gained support for a new AutoNegotiation=
+ setting for configuring Ethernet auto-negotiation.
+
+ * systemd-networkd's .network files gained support for a new
+ ListenPort= setting in the [DHCP] section to explicitly configure the
+ UDP client port the DHCP client shall listen on.
+
+ * .network files gained a new Unmanaged= boolean setting for explicitly
+ excluding one or more interfaces from management by systemd-networkd.
+
+ * The systemd-networkd ProxyARP= option has been renamed to
+ IPV4ProxyARP=. Similarly, VXLAN-specific option ARPProxy= has been
+ renamed to ReduceARPProxy=. The old names continue to be available
+ for compatibility.
+
+ * systemd-networkd gained support for configuring IPv6 Proxy NDP
+ addresses via the new IPv6ProxyNDPAddress= .network file setting.
+
+ * systemd-networkd's bonding device support gained support for two new
+ configuration options ActiveSlave= and PrimarySlave=.
+
+ * The various options in the [Match] section of .network files gained
+ support for negative matching.
+
+ * New systemd-specific mount options are now understood in /etc/fstab:
+
+ x-systemd.mount-timeout= may be used to configure the maximum
+ permitted runtime of the mount command.
+
+ x-systemd.device-bound may be set to bind a mount point to its
+ backing device unit, in order to automatically remove a mount point
+ if its backing device is unplugged. This option may also be
+ configured through the new SYSTEMD_MOUNT_DEVICE_BOUND udev property
+ on the block device, which is now automatically set for all CDROM
+ drives, so that mounted CDs are automatically unmounted when they are
+ removed from the drive.
+
+ x-systemd.after= and x-systemd.before= may be used to explicitly
+ order a mount after or before another unit or mount point.
+
+ * Enqueued start jobs for device units are now automatically garbage
+ collected if there are no jobs waiting for them anymore.
+
+ * systemctl list-jobs gained two new switches: with --after, for every
+ queued job the jobs it's waiting for are shown; with --before the
+ jobs which it's blocking are shown.
+
+ * systemd-nspawn gained support for ephemeral boots from disk images
+ (or in other words: --ephemeral and --image= may now be
+ combined). Moreover, ephemeral boots are now supported for normal
+ directories, even if the backing file system is not btrfs. Of course,
+ if the file system does not support file system snapshots or
+ reflinks, the initial copy operation will be relatively expensive, but
+ this should still be suitable for many use cases.
+
+ * Calendar time specifications in .timer units now support
+ specifications relative to the end of a month by using "~" instead of
+ "-" as separator between month and day. For example, "*-02~03" means
+ "the third last day in February". In addition a new syntax for
+ repeated events has been added using the "/" character. For example,
+ "9..17/2:00" means "every two hours from 9am to 5pm".
+
+ * systemd-socket-proxyd gained a new parameter --connections-max= for
+ configuring the maximum number of concurrent connections.
+
+ * sd-id128 gained a new API for generating unique IDs for the host in a
+ way that does not leak the machine ID. Specifically,
+ sd_id128_get_machine_app_specific() derives an ID based on the
+ machine ID a in well-defined, non-reversible, stable way. This is
+ useful whenever an identifier for the host is needed but where the
+ identifier shall not be useful to identify the system beyond the
+ scope of the application itself. (Internally this uses HMAC-SHA256 as
+ keyed hash function using the machine ID as input.)
+
+ * NotifyAccess= gained a new supported value "exec". When set
+ notifications are accepted from all processes systemd itself invoked,
+ including all control processes.
+
+ * .nspawn files gained support for defining overlay mounts using the
+ Overlay= and OverlayReadOnly= options. Previously this functionality
+ was only available on the systemd-nspawn command line.
+
+ * systemd-nspawn's --bind= and --overlay= options gained support for
+ bind/overlay mounts whose source lies within the container tree by
+ prefixing the source path with "+".
+
+ * systemd-nspawn's --bind= and --overlay= options gained support for
+ automatically allocating a temporary source directory in /var/tmp
+ that is removed when the container dies. Specifically, if the source
+ directory is specified as empty string this mechanism is selected. An
+ example usage is --overlay=+/var::/var, which creates an overlay
+ mount based on the original /var contained in the image, overlayed
+ with a temporary directory in the host's /var/tmp. This way changes
+ to /var are automatically flushed when the container shuts down.
+
+ * systemd-nspawn --image= option does now permit raw file system block
+ devices (in addition to images containing partition tables, as
+ before).
+
+ * The disk image dissection logic in systemd-nspawn gained support for
+ automatically setting up LUKS encrypted as well as Verity protected
+ partitions. When a container is booted from an encrypted image the
+ passphrase is queried at start-up time. When a container with Verity
+ data is started, the root hash is search in a ".roothash" file
+ accompanying the disk image (alternatively, pass the root hash via
+ the new --root-hash= command line option).
+
+ * A new tool /usr/lib/systemd/systemd-dissect has been added that may
+ be used to dissect disk images the same way as systemd-nspawn does
+ it, following the Bootable Partition Specification. It may even be
+ used to mount disk images with complex partition setups (including
+ LUKS and Verity partitions) to a local host directory, in order to
+ inspect them. This tool is not considered public API (yet), and is
+ thus not installed into /usr/bin. Please do not rely on its
+ existence, since it might go away or be changed in later systemd
+ versions.
+
+ * A new generator "systemd-verity-generator" has been added, similar in
+ style to "systemd-cryptsetup-generator", permitting automatic setup of
+ Verity root partitions when systemd boots up. In order to make use of
+ this your partition setup should follow the Discoverable Partitions
+ Specification, and the GPT partition ID of the root file system
+ partition should be identical to the upper 128bit of the Verity root
+ hash. The GPT partition ID of the Verity partition protecting it
+ should be the lower 128bit of the Verity root hash. If the partition
+ image follows this model it is sufficient to specify a single
+ "roothash=" kernel command line argument to both configure which root
+ image and verity partition to use as well as the root hash for
+ it. Note that systemd-nspawn's Verity support follows the same
+ semantics, meaning that disk images with proper Verity data in place
+ may be booted in containers with systemd-nspawn as well as on
+ physical systems via the verity generator. Also note that the "mkosi"
+ tool available at https://github.com/systemd/mkosi has been updated
+ to generate Verity protected disk images following this scheme. In
+ fact, it has been updated to generate disk images that optionally
+ implement a complete UEFI SecureBoot trust chain, involving a signed
+ kernel and initrd image that incorporates such a root hash as well as
+ a Verity-enabled root partition.
+
+ * The hardware database (hwdb) udev supports has been updated to carry
+ accelerometer quirks.
+
+ * All system services are now run with a fresh kernel keyring set up
+ for them. The invocation ID is stored by default in it, thus
+ providing a safe, non-overridable way to determine the invocation
+ ID of each service.
+
+ * Service unit files gained new BindPaths= and BindReadOnlyPaths=
+ options for bind mounting arbitrary paths in a service-specific
+ way. When these options are used, arbitrary host or service files and
+ directories may be mounted to arbitrary locations in the service's
+ view.
+
+ * Documentation has been added that lists all of systemd's low-level
+ environment variables:
+
+ https://github.com/systemd/systemd/blob/master/docs/ENVIRONMENT.md
+
+ * sd-daemon gained a new API sd_is_socket_sockaddr() for determining
+ whether a specific socket file descriptor matches a specified socket
+ address.
+
+ * systemd-firstboot has been updated to check for the
+ systemd.firstboot= kernel command line option. It accepts a boolean
+ and when set to false the first boot questions are skipped.
+
+ * systemd-fstab-generator has been updated to check for the
+ systemd.volatile= kernel command line option, which either takes an
+ optional boolean parameter or the special value "state". If used the
+ system may be booted in a "volatile" boot mode. Specifically,
+ "systemd.volatile" is used, the root directory will be mounted as
+ tmpfs, and only /usr is mounted from the actual root file system. If
+ "systemd.volatile=state" is used, the root directory will be mounted
+ as usual, but /var is mounted as tmpfs. This concept provides similar
+ functionality as systemd-nspawn's --volatile= option, but provides it
+ on physical boots. Use this option for implementing stateless
+ systems, or testing systems with all state and/or configuration reset
+ to the defaults. (Note though that many distributions are not
+ prepared to boot up without a populated /etc or /var, though.)
+
+ * systemd-gpt-auto-generator gained support for LUKS encrypted root
+ partitions. Previously it only supported LUKS encrypted partitions
+ for all other uses, except for the root partition itself.
+
+ * Socket units gained support for listening on AF_VSOCK sockets for
+ communication in virtualized QEMU environments.
+
+ * The "configure" script gained a new option --with-fallback-hostname=
+ for specifying the fallback hostname to use if none is configured in
+ /etc/hostname. For example, by specifying
+ --with-fallback-hostname=fedora it is possible to default to a
+ hostname of "fedora" on pristine installations.
+
+ * systemd-cgls gained support for a new --unit= switch for listing only
+ the control groups of a specific unit. Similar --user-unit= has been
+ added for listing only the control groups of a specific user unit.
+
+ * systemd-mount gained a new --umount switch for unmounting a mount or
+ automount point (and all mount/automount points below it).
+
+ * systemd will now refuse full configuration reloads (via systemctl
+ daemon-reload and related calls) unless at least 16MiB of free space
+ are available in /run. This is a safety precaution in order to ensure
+ that generators can safely operate after the reload completed.
+
+ * A new unit file option RootImage= has been added, which has a similar
+ effect as RootDirectory= but mounts the service's root directory from
+ a disk image instead of plain directory. This logic reuses the same
+ image dissection and mount logic that systemd-nspawn already uses,
+ and hence supports any disk images systemd-nspawn supports, including
+ those following the Discoverable Partition Specification, as well as
+ Verity enabled images. This option enables systemd to run system
+ services directly off disk images acting as resource bundles,
+ possibly even including full integrity data.
+
+ * A new MountAPIVFS= unit file option has been added, taking a boolean
+ argument. If enabled /proc, /sys and /dev (collectively called the
+ "API VFS") will be mounted for the service. This is only relevant if
+ RootDirectory= or RootImage= is used for the service, as these mounts
+ are of course in place in the host mount namespace anyway.
+
+ * systemd-nspawn gained support for a new --pivot-root= switch. If
+ specified the root directory within the container image is pivoted to
+ the specified mount point, while the original root disk is moved to a
+ different place. This option enables booting of ostree images
+ directly with systemd-nspawn.
+
+ * The systemd build scripts will no longer complain if the NTP server
+ addresses are not changed from the defaults. Google now supports
+ these NTP servers officially. We still recommend downstreams to
+ properly register an NTP pool with the NTP pool project though.
+
+ * coredumpctl gained a new "--reverse" option for printing the list
+ of coredumps in reverse order.
+
+ * coredumpctl will now show additional information about truncated and
+ inaccessible coredumps, as well as coredumps that are still being
+ processed. It also gained a new --quiet switch for suppressing
+ additional informational message in its output.
+
+ * coredumpctl gained support for only showing coredumps newer and/or
+ older than specific timestamps, using the new --since= and --until=
+ options, reminiscent of journalctl's options by the same name.
+
+ * The systemd-coredump logic has been improved so that it may be reused
+ to collect backtraces in non-compiled languages, for example in
+ scripting languages such as Python.
+
+ * machinectl will now show the UID shift of local containers, if user
+ namespacing is enabled for them.
+
+ * systemd will now optionally run "environment generator" binaries at
+ configuration load time. They may be used to add environment
+ variables to the environment block passed to services invoked. One
+ user environment generator is shipped by default that sets up
+ environment variables based on files dropped into /etc/environment.d
+ and ~/.config/environment.d/.
+
+ * systemd-resolved now includes the new, recently published 2017 DNSSEC
+ root key (KSK).
+
+ * hostnamed has been updated to report a new chassis type of
+ "convertible" to cover "foldable" laptops that can both act as a
+ tablet and as a laptop, such as various Lenovo Yoga devices.
+
+ Contributions from: Adrián López, Alexander Galanin, Alexander
+ Kochetkov, Alexandros Frantzis, Andrey Ulanov, Antoine Eiche, Baruch
+ Siach, Bastien Nocera, Benjamin Robin, Björn, Brandon Philips, Cédric
+ Schieli, Charles (Chas) Williams, Christian Hesse, Daniele Medri,
+ Daniel Drake, Daniel Rusek, Daniel Wagner, Dan Streetman, Dave Reisner,
+ David Glasser, David Herrmann, David Michael, Djalal Harouni, Dmitry
+ Khlebnikov, Dmitry Rozhkov, Dongsu Park, Douglas Christman, Earnestly,
+ Emil Soleyman, Eric Cook, Evgeny Vereshchagin, Felipe Sateler, Fionn
+ Cleary, Florian Klink, Francesco Brozzu, Franck Bui, Gabriel Rauter,
+ Gianluca Boiano, Giedrius Statkevičius, Graeme Lawes, Hans de Goede,
+ Harald Hoyer, Ian Kelling, Ivan Shapovalov, Jakub Wilk, Janne Heß, Jan
+ Synacek, Jason Reeder, Jonathan Boulle, Jörg Thalheim, Jouke Witteveen,
+ Karl Kraus, Kees Cook, Keith Busch, Kieran Colford, kilian-k, Lennart
+ Poettering, Lubomir Rintel, Lucas Werkmeister, Lukas Rusak, Maarten de
+ Vries, Maks Naumov, Mantas Mikulėnas, Marc-Andre Lureau, Marcin Bachry,
+ Mark Stosberg, Martin Ejdestig, Martin Pitt, Mauricio Faria de
+ Oliveira, micah, Michael Biebl, Michael Shields, Michal Schmidt, Michal
+ Sekletar, Michel Kraus, Mike Gilbert, Mikko Ylinen, Mirza Krak,
+ Namhyung Kim, nikolaof, peoronoob, Peter Hutterer, Peter Körner, Philip
+ Withnall, Piotr Drąg, Ray Strode, Reverend Homer, Rike-Benjamin
+ Schuppner, Robert Kreuzer, Ronny Chevalier, Ruslan Bilovol, sammynx,
+ Sergey Ptashnick, Sergiusz Urbaniak, Stefan Berger, Stefan Hajnoczi,
+ Stefan Schweter, Stuart McLaren, Susant Sahani, Sylvain Plantefève,
+ Taylor Smock, Tejun Heo, Thomas Blume, Thomas H. P. Andersen, Tibor
+ Nagy, Tobias Stoeckmann, Tom Gundersen, Torstein Husebø, Viktar
+ Vaŭčkievič, Viktor Mihajlovski, Vitaly Sulimov, Waldemar Brodkorb,
+ Walter Garcia-Fontes, Wim de With, Yassine Imounachen, Yi EungJun,
+ YunQiang Su, Yu Watanabe, Zbigniew Jędrzejewski-Szmek, Александр
+ Тихонов
+
+ — Berlin, 2017-03-01
+
+CHANGES WITH 232:
+
+ * udev now runs with MemoryDenyWriteExecute=, RestrictRealtime= and
+ RestrictAddressFamilies= enabled. These sandboxing options should
+ generally be compatible with the various external udev call-out
+ binaries we are aware of, however there may be exceptions, in
+ particular when exotic languages for these call-outs are used. In
+ this case, consider turning off these settings locally.
+
+ * The new RemoveIPC= option can be used to remove IPC objects owned by
+ the user or group of a service when that service exits.
+
+ * The new ProtectKernelModules= option can be used to disable explicit
+ load and unload operations of kernel modules by a service. In
+ addition access to /usr/lib/modules is removed if this option is set.
+
+ * ProtectSystem= option gained a new value "strict", which causes the
+ whole file system tree with the exception of /dev, /proc, and /sys,
+ to be remounted read-only for a service.
+
+ * The new ProtectKernelTunables= option can be used to disable
+ modification of configuration files in /sys and /proc by a service.
+ Various directories and files are remounted read-only, so access is
+ restricted even if the file permissions would allow it.
+
+ * The new ProtectControlGroups= option can be used to disable write
+ access by a service to /sys/fs/cgroup.
+
+ * Various systemd services have been hardened with
+ ProtectKernelTunables=yes, ProtectControlGroups=yes,
+ RestrictAddressFamilies=.
+
+ * Support for dynamically creating users for the lifetime of a service
+ has been added. If DynamicUser=yes is specified, user and group IDs
+ will be allocated from the range 61184..65519 for the lifetime of the
+ service. They can be resolved using the new nss-systemd.so NSS
+ module. The module must be enabled in /etc/nsswitch.conf. Services
+ started in this way have PrivateTmp= and RemoveIPC= enabled, so that
+ any resources allocated by the service will be cleaned up when the
+ service exits. They also have ProtectHome=read-only and
+ ProtectSystem=strict enabled, so they are not able to make any
+ permanent modifications to the system.
+
+ * The nss-systemd module also always resolves root and nobody, making
+ it possible to have no /etc/passwd or /etc/group files in minimal
+ container or chroot environments.
+
+ * Services may be started with their own user namespace using the new
+ boolean PrivateUsers= option. Only root, nobody, and the uid/gid
+ under which the service is running are mapped. All other users are
+ mapped to nobody.
+
+ * Support for the cgroup namespace has been added to systemd-nspawn. If
+ supported by kernel, the container system started by systemd-nspawn
+ will have its own view of the cgroup hierarchy. This new behaviour
+ can be disabled using $SYSTEMD_NSPAWN_USE_CGNS environment variable.
+
+ * The new MemorySwapMax= option can be used to limit the maximum swap
+ usage under the unified cgroup hierarchy.
+
+ * Support for the CPU controller in the unified cgroup hierarchy has
+ been added, via the CPUWeight=, CPUStartupWeight=, CPUAccounting=
+ options. This controller requires out-of-tree patches for the kernel
+ and the support is provisional.
+
+ * Mount and automount units may now be created transiently
+ (i.e. dynamically at runtime via the bus API, instead of requiring
+ unit files in the file system).
+
+ * systemd-mount is a new tool which may mount file systems – much like
+ mount(8), optionally pulling in additional dependencies through
+ transient .mount and .automount units. For example, this tool
+ automatically runs fsck on a backing block device before mounting,
+ and allows the automount logic to be used dynamically from the
+ command line for establishing mount points. This tool is particularly
+ useful when dealing with removable media, as it will ensure fsck is
+ run – if necessary – before the first access and that the file system
+ is quickly unmounted after each access by utilizing the automount
+ logic. This maximizes the chance that the file system on the
+ removable media stays in a clean state, and if it isn't in a clean
+ state is fixed automatically.
+
+ * LazyUnmount=yes option for mount units has been added to expose the
+ umount --lazy option. Similarly, ForceUnmount=yes exposes the --force
+ option.
+
+ * /efi will be used as the mount point of the EFI boot partition, if
+ the directory is present, and the mount point was not configured
+ through other means (e.g. fstab). If /efi directory does not exist,
+ /boot will be used as before. This makes it easier to automatically
+ mount the EFI partition on systems where /boot is used for something
+ else.
+
+ * When operating on GPT disk images for containers, systemd-nspawn will
+ now mount the ESP to /boot or /efi according to the same rules as PID
+ 1 running on a host. This allows tools like "bootctl" to operate
+ correctly within such containers, in order to make container images
+ bootable on physical systems.
+
+ * disk/by-id and disk/by-path symlinks are now created for NVMe drives.
+
+ * Two new user session targets have been added to support running
+ graphical sessions under the systemd --user instance:
+ graphical-session.target and graphical-session-pre.target. See
+ systemd.special(7) for a description of how those targets should be
+ used.
+
+ * The vconsole initialization code has been significantly reworked to
+ use KD_FONT_OP_GET/SET ioctls instead of KD_FONT_OP_COPY and better
+ support unicode keymaps. Font and keymap configuration will now be
+ copied to all allocated virtual consoles.
+
+ * FreeBSD's bhyve virtualization is now detected.
+
+ * Information recorded in the journal for core dumps now includes the
+ contents of /proc/mountinfo and the command line of the process at
+ the top of the process hierarchy (which is usually the init process
+ of the container).
+
+ * systemd-journal-gatewayd learned the --directory= option to serve
+ files from the specified location.
+
+ * journalctl --root=… can be used to peruse the journal in the
+ /var/log/ directories inside of a container tree. This is similar to
+ the existing --machine= option, but does not require the container to
+ be active.
+
+ * The hardware database has been extended to support
+ ID_INPUT_TRACKBALL, used in addition to ID_INPUT_MOUSE to identify
+ trackball devices.
+
+ MOUSE_WHEEL_CLICK_ANGLE_HORIZONTAL hwdb property has been added to
+ specify the click rate for mice which include a horizontal wheel with
+ a click rate that is different than the one for the vertical wheel.
+
+ * systemd-run gained a new --wait option that makes service execution
+ synchronous. (Specifically, the command will not return until the
+ specified service binary exited.)
+
+ * systemctl gained a new --wait option that causes the start command to
+ wait until the units being started have terminated again.
+
+ * A new journal output mode "short-full" has been added which displays
+ timestamps with abbreviated English day names and adds a timezone
+ suffix. Those timestamps include more information than the default
+ "short" output mode, and can be passed directly to journalctl's
+ --since= and --until= options.
+
+ * /etc/resolv.conf will be bind-mounted into containers started by
+ systemd-nspawn, if possible, so any changes to resolv.conf contents
+ are automatically propagated to the container.
+
+ * The number of instances for socket-activated services originating
+ from a single IP address can be limited with
+ MaxConnectionsPerSource=, extending the existing setting of
+ MaxConnections=.
+
+ * systemd-networkd gained support for vcan ("Virtual CAN") interface
+ configuration.
+
+ * .netdev and .network configuration can now be extended through
+ drop-ins.
+
+ * UDP Segmentation Offload, TCP Segmentation Offload, Generic
+ Segmentation Offload, Generic Receive Offload, Large Receive Offload
+ can be enabled and disabled using the new UDPSegmentationOffload=,
+ TCPSegmentationOffload=, GenericSegmentationOffload=,
+ GenericReceiveOffload=, LargeReceiveOffload= options in the
+ [Link] section of .link files.
+
+ * The Spanning Tree Protocol, Priority, Aging Time, and the Default
+ Port VLAN ID can be configured for bridge devices using the new STP=,
+ Priority=, AgeingTimeSec=, and DefaultPVID= settings in the [Bridge]
+ section of .netdev files.
+
+ * The route table to which routes received over DHCP or RA should be
+ added can be configured with the new RouteTable= option in the [DHCP]
+ and [IPv6AcceptRA] sections of .network files.
+
+ * The Address Resolution Protocol can be disabled on links managed by
+ systemd-networkd using the ARP=no setting in the [Link] section of
+ .network files.
+
+ * New environment variables $SERVICE_RESULT, $EXIT_CODE and
+ $EXIT_STATUS are set for ExecStop= and ExecStopPost= commands, and
+ encode information about the result and exit codes of the current
+ service runtime cycle.
+
+ * systemd-sysctl will now configure kernel parameters in the order
+ they occur in the configuration files. This matches what sysctl
+ has been traditionally doing.
+
+ * kernel-install "plugins" that are executed to perform various
+ tasks after a new kernel is added and before an old one is removed
+ can now return a special value to terminate the procedure and
+ prevent any later plugins from running.
+
+ * Journald's SplitMode=login setting has been deprecated. It has been
+ removed from documentation, and its use is discouraged. In a future
+ release it will be completely removed, and made equivalent to current
+ default of SplitMode=uid.
+
+ * Storage=both option setting in /etc/systemd/coredump.conf has been
+ removed. With fast LZ4 compression storing the core dump twice is not
+ useful.
+
+ * The --share-system systemd-nspawn option has been replaced with an
+ (undocumented) variable $SYSTEMD_NSPAWN_SHARE_SYSTEM, but the use of
+ this functionality is discouraged. In addition the variables
+ $SYSTEMD_NSPAWN_SHARE_NS_IPC, $SYSTEMD_NSPAWN_SHARE_NS_PID,
+ $SYSTEMD_NSPAWN_SHARE_NS_UTS may be used to control the unsharing of
+ individual namespaces.
+
+ * "machinectl list" now shows the IP address of running containers in
+ the output, as well as OS release information.
+
+ * "loginctl list" now shows the TTY of each session in the output.
+
+ * sd-bus gained new API calls sd_bus_track_set_recursive(),
+ sd_bus_track_get_recursive(), sd_bus_track_count_name(),
+ sd_bus_track_count_sender(). They permit usage of sd_bus_track peer
+ tracking objects in a "recursive" mode, where a single client can be
+ counted multiple times, if it takes multiple references.
+
+ * sd-bus gained new API calls sd_bus_set_exit_on_disconnect() and
+ sd_bus_get_exit_on_disconnect(). They may be used to make a
+ process using sd-bus automatically exit if the bus connection is
+ severed.
+
+ * Bus clients of the service manager may now "pin" loaded units into
+ memory, by taking an explicit reference on them. This is useful to
+ ensure the client can retrieve runtime data about the service even
+ after the service completed execution. Taking such a reference is
+ available only for privileged clients and should be helpful to watch
+ running services in a race-free manner, and in particular collect
+ information about exit statuses and results.
+
+ * The nss-resolve module has been changed to strictly return UNAVAIL
+ when communication via D-Bus with resolved failed, and NOTFOUND when
+ a lookup completed but was negative. This means it is now possible to
+ neatly configure fallbacks using nsswitch.conf result checking
+ expressions. Taking benefit of this, the new recommended
+ configuration line for the "hosts" entry in /etc/nsswitch.conf is:
+
+ hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname
+
+ * A new setting CtrlAltDelBurstAction= has been added to
+ /etc/systemd/system.conf which may be used to configure the precise
+ behaviour if the user on the console presses Ctrl-Alt-Del more often
+ than 7 times in 2s. Previously this would unconditionally result in
+ an expedited, immediate reboot. With this new setting the precise
+ operation may be configured in more detail, and also turned off
+ entirely.
+
+ * In .netdev files two new settings RemoteChecksumTx= and
+ RemoteChecksumRx= are now understood that permit configuring the
+ remote checksumming logic for VXLAN networks.
+
+ * The service manager learnt a new "invocation ID" concept for invoked
+ services. Each runtime cycle of a service will get a new invocation
+ ID (a 128bit random UUID) assigned that identifies the current
+ run of the service uniquely and globally. A new invocation ID
+ is generated each time a service starts up. The journal will store
+ the invocation ID of a service along with any logged messages, thus
+ making the invocation ID useful for matching the online runtime of a
+ service with the offline log data it generated in a safe way without
+ relying on synchronized timestamps. In many ways this new service
+ invocation ID concept is similar to the kernel's boot ID concept that
+ uniquely and globally identifies the runtime of each boot. The
+ invocation ID of a service is passed to the service itself via an
+ environment variable ($INVOCATION_ID). A new bus call
+ GetUnitByInvocationID() has been added that is similar to GetUnit()
+ but instead of retrieving the bus path for a unit by its name
+ retrieves it by its invocation ID. The returned path is valid only as
+ long as the passed invocation ID is current.
+
+ * systemd-resolved gained a new "DNSStubListener" setting in
+ resolved.conf. It either takes a boolean value or the special values
+ "udp" and "tcp", and configures whether to enable the stub DNS
+ listener on 127.0.0.53:53.
+
+ * IP addresses configured via networkd may now carry additional
+ configuration settings supported by the kernel. New options include:
+ HomeAddress=, DuplicateAddressDetection=, ManageTemporaryAddress=,
+ PrefixRoute=, AutoJoin=.
+
+ * The PAM configuration fragment file for "user@.service" shipped with
+ systemd (i.e. the --user instance of systemd) has been stripped to
+ the minimum necessary to make the system boot. Previously, it
+ contained Fedora-specific stanzas that did not apply to other
+ distributions. It is expected that downstream distributions add
+ additional configuration lines, matching their needs to this file,
+ using it only as rough template of what systemd itself needs. Note
+ that this reduced fragment does not even include an invocation of
+ pam_limits which most distributions probably want to add, even though
+ systemd itself does not need it. (There's also the new build time
+ option --with-pamconfdir=no to disable installation of the PAM
+ fragment entirely.)
+
+ * If PrivateDevices=yes is set for a service the CAP_SYS_RAWIO
+ capability is now also dropped from its set (in addition to
+ CAP_SYS_MKNOD as before).
+
+ * In service unit files it is now possible to connect a specific named
+ file descriptor with stdin/stdout/stdout of an executed service. The
+ name may be specified in matching .socket units using the
+ FileDescriptorName= setting.
+
+ * A number of journal settings may now be configured on the kernel
+ command line. Specifically, the following options are now understood:
+ systemd.journald.max_level_console=,
+ systemd.journald.max_level_store=,
+ systemd.journald.max_level_syslog=, systemd.journald.max_level_kmsg=,
+ systemd.journald.max_level_wall=.
+
+ * "systemctl is-enabled --full" will now show by which symlinks a unit
+ file is enabled in the unit dependency tree.
+
+ * Support for VeraCrypt encrypted partitions has been added to the
+ "cryptsetup" logic and /etc/crypttab.
+
+ * systemd-detect-virt gained support for a new --private-users switch
+ that checks whether the invoking processes are running inside a user
+ namespace. Similar, a new special value "private-users" for the
+ existing ConditionVirtualization= setting has been added, permitting
+ skipping of specific units in user namespace environments.
+
+ Contributions from: Alban Crequy, Alexander Kuleshov, Alfie John,
+ Andreas Henriksson, Andrew Jeddeloh, Balázs Úr, Bart Rulon, Benjamin
+ Richter, Ben Gamari, Ben Harris, Brian J. Murrell, Christian Brauner,
+ Christian Rebischke, Clinton Roy, Colin Walters, Cristian Rodríguez,
+ Daniel Hahler, Daniel Mack, Daniel Maixner, Daniel Rusek, Dan Dedrick,
+ Davide Cavalca, David Herrmann, David Michael, Dennis Wassenberg,
+ Djalal Harouni, Dongsu Park, Douglas Christman, Elias Probst, Eric
+ Cook, Erik Karlsson, Evgeny Vereshchagin, Felipe Sateler, Felix Zhang,
+ Franck Bui, George Hilliard, Giuseppe Scrivano, HATAYAMA Daisuke,
+ Heikki Kemppainen, Hendrik Brueckner, hi117, Ismo Puustinen, Ivan
+ Shapovalov, Jakub Filak, Jakub Wilk, Jan Synacek, Jason Kölker,
+ Jean-Sébastien Bour, Jiří Pírko, Jonathan Boulle, Jorge Niedbalski,
+ Keith Busch, kristbaum, Kyle Russell, Lans Zhang, Lennart Poettering,
+ Leonardo Brondani Schenkel, Lucas Werkmeister, Luca Bruno, Lukáš
+ Nykrýn, Maciek Borzecki, Mantas Mikulėnas, Marc-Antoine Perennou,
+ Marcel Holtmann, Marcos Mello, Martin Ejdestig, Martin Pitt, Matej
+ Habrnal, Maxime de Roucy, Michael Biebl, Michael Chapman, Michael Hoy,
+ Michael Olbrich, Michael Pope, Michal Sekletar, Michal Soltys, Mike
+ Gilbert, Nick Owens, Patrik Flykt, Paweł Szewczyk, Peter Hutterer,
+ Piotr Drąg, Reid Price, Richard W.M. Jones, Roman Stingler, Ronny
+ Chevalier, Seraphime Kirkovski, Stefan Schweter, Steve Muir, Susant
+ Sahani, Tejun Heo, Thomas Blume, Thomas H. P. Andersen, Tiago Levit,
+ Tobias Jungel, Tomáš Janoušek, Topi Miettinen, Torstein Husebø, Umut
+ Tezduyar Lindskog, Vito Caputo, WaLyong Cho, Wilhelm Schuster, Yann
+ E. MORIN, Yi EungJun, Yuki Inoguchi, Yu Watanabe, Zbigniew
+ Jędrzejewski-Szmek, Zeal Jagannatha
+
+ — Santa Fe, 2016-11-03
+
+CHANGES WITH 231:
+
+ * In service units the various ExecXYZ= settings have been extended
+ with an additional special character as first argument of the
+ assigned value: if the character '+' is used the specified command
+ line it will be run with full privileges, regardless of User=,
+ Group=, CapabilityBoundingSet= and similar options. The effect is
+ similar to the existing PermissionsStartOnly= option, but allows
+ configuration of this concept for each executed command line
+ independently.
+
+ * Services may now alter the service watchdog timeout at runtime by
+ sending a WATCHDOG_USEC= message via sd_notify().
+
+ * MemoryLimit= and related unit settings now optionally take percentage
+ specifications. The percentage is taken relative to the amount of
+ physical memory in the system (or in case of containers, the assigned
+ amount of memory). This allows scaling service resources neatly with
+ the amount of RAM available on the system. Similarly, systemd-logind's
+ RuntimeDirectorySize= option now also optionally takes percentage
+ values.
+
+ * In similar fashion TasksMax= takes percentage values now, too. The
+ value is taken relative to the configured maximum number of processes
+ on the system. The per-service task maximum has been changed to 15%
+ using this functionality. (Effectively this is an increase of 512 →
+ 4915 for service units, given the kernel's default pid_max setting.)
+
+ * Calendar time specifications in .timer units now understand a ".."
+ syntax for time ranges. Example: "4..7:10" may now be used for
+ defining a timer that is triggered at 4:10am, 5:10am, 6:10am and
+ 7:10am every day.
+
+ * The InaccessableDirectories=, ReadOnlyDirectories= and
+ ReadWriteDirectories= unit file settings have been renamed to
+ InaccessablePaths=, ReadOnlyPaths= and ReadWritePaths= and may now be
+ applied to all kinds of file nodes, and not just directories, with
+ the exception of symlinks. Specifically these settings may now be
+ used on block and character device nodes, UNIX sockets and FIFOS as
+ well as regular files. The old names of these settings remain
+ available for compatibility.
+
+ * systemd will now log about all service processes it kills forcibly
+ (using SIGKILL) because they remained after the clean shutdown phase
+ of the service completed. This should help identifying services that
+ shut down uncleanly. Moreover if KillUserProcesses= is enabled in
+ systemd-logind's configuration a similar log message is generated for
+ processes killed at the end of each session due to this setting.
+
+ * systemd will now set the $JOURNAL_STREAM environment variable for all
+ services whose stdout/stderr are connected to the Journal (which
+ effectively means by default: all services). The variable contains
+ the device and inode number of the file descriptor used for
+ stdout/stderr. This may be used by invoked programs to detect whether
+ their stdout/stderr is connected to the Journal, in which case they
+ can switch over to direct Journal communication, thus being able to
+ pass extended, structured metadata along with their log messages. As
+ one example, this is now used by glib's logging primitives.
+
+ * When using systemd's default tmp.mount unit for /tmp, the mount point
+ will now be established with the "nosuid" and "nodev" options. This
+ avoids privilege escalation attacks that put traps and exploits into
+ /tmp. However, this might cause problems if you e. g. put container
+ images or overlays into /tmp; if you need this, override tmp.mount's
+ "Options=" with a drop-in, or mount /tmp from /etc/fstab with your
+ desired options.
+
+ * systemd now supports the "memory" cgroup controller also on
+ cgroup v2.
+
+ * The systemd-cgtop tool now optionally takes a control group path as
+ command line argument. If specified, the control group list shown is
+ limited to subgroups of that group.
+
+ * The SystemCallFilter= unit file setting gained support for
+ pre-defined, named system call filter sets. For example
+ SystemCallFilter=@clock is now an effective way to make all clock
+ changing-related system calls unavailable to a service. A number of
+ similar pre-defined groups are defined. Writing system call filters
+ for system services is simplified substantially with this new
+ concept. Accordingly, all of systemd's own, long-running services now
+ enable system call filtering based on this, by default.
+
+ * A new service setting MemoryDenyWriteExecute= has been added, taking
+ a boolean value. If turned on, a service may no longer create memory
+ mappings that are writable and executable at the same time. This
+ enhances security for services where this is enabled as it becomes
+ harder to dynamically write and then execute memory in exploited
+ service processes. This option has been enabled for all of systemd's
+ own long-running services.
+
+ * A new RestrictRealtime= service setting has been added, taking a
+ boolean argument. If set the service's processes may no longer
+ acquire realtime scheduling. This improves security as realtime
+ scheduling may otherwise be used to easily freeze the system.
+
+ * systemd-nspawn gained a new switch --notify-ready= taking a boolean
+ value. This may be used for requesting that the system manager inside
+ of the container reports start-up completion to nspawn which then
+ propagates this notification further to the service manager
+ supervising nspawn itself. A related option NotifyReady= in .nspawn
+ files has been added too. This functionality allows ordering of the
+ start-up of multiple containers using the usual systemd ordering
+ primitives.
+
+ * machinectl gained a new command "stop" that is an alias for
+ "terminate".
+
+ * systemd-resolved gained support for contacting DNS servers on
+ link-local IPv6 addresses.
+
+ * If systemd-resolved receives the SIGUSR2 signal it will now flush all
+ its caches. A method call for requesting the same operation has been
+ added to the bus API too, and is made available via "systemd-resolve
+ --flush-caches".
+
+ * systemd-resolve gained a new --status switch. If passed a brief
+ summary of the used DNS configuration with per-interface information
+ is shown.
+
+ * resolved.conf gained a new Cache= boolean option, defaulting to
+ on. If turned off local DNS caching is disabled. This comes with a
+ performance penalty in particular when DNSSEC is enabled. Note that
+ resolved disables its internal caching implicitly anyway, when the
+ configured DNS server is on a host-local IP address such as ::1 or
+ 127.0.0.1, thus automatically avoiding double local caching.
+
+ * systemd-resolved now listens on the local IP address 127.0.0.53:53
+ for DNS requests. This improves compatibility with local programs
+ that do not use the libc NSS or systemd-resolved's bus APIs for name
+ resolution. This minimal DNS service is only available to local
+ programs and does not implement the full DNS protocol, but enough to
+ cover local DNS clients. A new, static resolv.conf file, listing just
+ this DNS server is now shipped in /usr/lib/systemd/resolv.conf. It is
+ now recommended to make /etc/resolv.conf a symlink to this file in
+ order to route all DNS lookups to systemd-resolved, regardless if
+ done via NSS, the bus API or raw DNS packets. Note that this local
+ DNS service is not as fully featured as the libc NSS or
+ systemd-resolved's bus APIs. For example, as unicast DNS cannot be
+ used to deliver link-local address information (as this implies
+ sending a local interface index along), LLMNR/mDNS support via this
+ interface is severely restricted. It is thus strongly recommended for
+ all applications to use the libc NSS API or native systemd-resolved
+ bus API instead.
+
+ * systemd-networkd's bridge support learned a new setting
+ VLANFiltering= for controlling VLAN filtering. Moreover a new section
+ in .network files has been added for configuring VLAN bridging in
+ more detail: VLAN=, EgressUntagged=, PVID= in [BridgeVLAN].
+
+ * systemd-networkd's IPv6 Router Advertisement code now makes use of
+ the DNSSL and RDNSS options. This means IPv6 DNS configuration may
+ now be acquired without relying on DHCPv6. Two new options
+ UseDomains= and UseDNS= have been added to configure this behaviour.
+
+ * systemd-networkd's IPv6AcceptRouterAdvertisements= option has been
+ renamed IPv6AcceptRA=, without altering its behaviour. The old
+ setting name remains available for compatibility reasons.
+
+ * The systemd-networkd VTI/VTI6 tunneling support gained new options
+ Key=, InputKey= and OutputKey=.
+
+ * systemd-networkd gained support for VRF ("Virtual Routing Function")
+ interface configuration.
+
+ * "systemctl edit" may now be used to create new unit files by
+ specifying the --force switch.
+
+ * sd-event gained a new function sd_event_get_iteration() for
+ requesting the current iteration counter of the event loop. It starts
+ at zero and is increased by one with each event loop iteration.
+
+ * A new rpm macro %systemd_ordering is provided by the macros.systemd
+ file. It can be used in lieu of %systemd_requires in packages which
+ don't use any systemd functionality and are intended to be installed
+ in minimal containers without systemd present. This macro provides
+ ordering dependencies to ensure that if the package is installed in
+ the same rpm transaction as systemd, systemd will be installed before
+ the scriptlets for the package are executed, allowing unit presets
+ to be handled.
+
+ New macros %_systemdgeneratordir and %_systemdusergeneratordir have
+ been added to simplify packaging of generators.
+
+ * The os-release file gained VERSION_CODENAME field for the
+ distribution nickname (e.g. VERSION_CODENAME=woody).
+
+ * New udev property UDEV_DISABLE_PERSISTENT_STORAGE_RULES_FLAG=1
+ can be set to disable parsing of metadata and the creation
+ of persistent symlinks for that device.
+
+ * The v230 change to tag framebuffer devices (/dev/fb*) with "uaccess"
+ to make them available to logged-in users has been reverted.
+
+ * Much of the common code of the various systemd components is now
+ built into an internal shared library libsystemd-shared-231.so
+ (incorporating the systemd version number in the name, to be updated
+ with future releases) that the components link to. This should
+ decrease systemd footprint both in memory during runtime and on
+ disk. Note that the shared library is not for public use, and is
+ neither API nor ABI stable, but is likely to change with every new
+ released update. Packagers need to make sure that binaries
+ linking to libsystemd-shared.so are updated in step with the
+ library.
+
+ * Configuration for "mkosi" is now part of the systemd
+ repository. mkosi is a tool to easily build legacy-free OS images,
+ and is available on github: https://github.com/systemd/mkosi. If
+ "mkosi" is invoked in the build tree a new raw OS image is generated
+ incorporating the systemd sources currently being worked on and a
+ clean, fresh distribution installation. The generated OS image may be
+ booted up with "systemd-nspawn -b -i", qemu-kvm or on any physical
+ UEFI PC. This functionality is particularly useful to easily test
+ local changes made to systemd in a pristine, defined environment. See
+ doc/HACKING for details.
+
+ * configure learned the --with-support-url= option to specify the
+ distribution's bugtracker.
+
+ Contributions from: Alban Crequy, Alessandro Puccetti, Alessio Igor
+ Bogani, Alexander Kuleshov, Alexander Kurtz, Alex Gaynor, Andika
+ Triwidada, Andreas Pokorny, Andreas Rammhold, Andrew Jeddeloh, Ansgar
+ Burchardt, Atrotors, Benjamin Drung, Brian Boylston, Christian Hesse,
+ Christian Rebischke, Daniele Medri, Daniel Mack, Dave Reisner, David
+ Herrmann, David Michael, Djalal Harouni, Douglas Christman, Elias
+ Probst, Evgeny Vereshchagin, Federico Mena Quintero, Felipe Sateler,
+ Franck Bui, Harald Hoyer, Ian Lee, Ivan Shapovalov, Jakub Wilk, Jan
+ Janssen, Jean-Sébastien Bour, John Paul Adrian Glaubitz, Jouke
+ Witteveen, Kai Ruhnau, kpengboy, Kyle Walker, Lénaïc Huard, Lennart
+ Poettering, Luca Bruno, Lukas Lösche, Lukáš Nykrýn, mahkoh, Marcel
+ Holtmann, Martin Pitt, Marty Plummer, Matthieu Codron, Max Prokhorov,
+ Michael Biebl, Michael Karcher, Michael Olbrich, Michał Bartoszkiewicz,
+ Michal Sekletar, Michal Soltys, Minkyung, Muhammet Kara, mulkieran,
+ Otto Wallenius, Pablo Lezaeta Reyes, Peter Hutterer, Ronny Chevalier,
+ Rusty Bird, Stef Walter, Susant Sahani, Tejun Heo, Thomas Blume, Thomas
+ Haller, Thomas H. P. Andersen, Tobias Jungel, Tom Gundersen, Tom Yan,
+ Topi Miettinen, Torstein Husebø, Valentin Vidić, Viktar Vaŭčkievič,
+ WaLyong Cho, Weng Xuetian, Werner Fink, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2016-07-25
+
+CHANGES WITH 230:
+
+ * DNSSEC is now turned on by default in systemd-resolved (in
+ "allow-downgrade" mode), but may be turned off during compile time by
+ passing "--with-default-dnssec=no" to "configure" (and of course,
+ during runtime with DNSSEC= in resolved.conf). We recommend
+ downstreams to leave this on at least during development cycles and
+ report any issues with the DNSSEC logic upstream. We are very
+ interested in collecting feedback about the DNSSEC validator and its
+ limitations in the wild. Note however, that DNSSEC support is
+ probably nothing downstreams should turn on in stable distros just
+ yet, as it might create incompatibilities with a few DNS servers and
+ networks. We tried hard to make sure we downgrade to non-DNSSEC mode
+ automatically whenever we detect such incompatible setups, but there
+ might be systems we do not cover yet. Hence: please help us testing
+ the DNSSEC code, leave this on where you can, report back, but then
+ again don't consider turning this on in your stable, LTS or
+ production release just yet. (Note that you have to enable
+ nss-resolve in /etc/nsswitch.conf, to actually use systemd-resolved
+ and its DNSSEC mode for host name resolution from local
+ applications.)
+
+ * systemd-resolve conveniently resolves DANE records with the --tlsa
+ option and OPENPGPKEY records with the --openpgp option. It also
+ supports dumping raw DNS record data via the new --raw= switch.
+
+ * systemd-logind will now by default terminate user processes that are
+ part of the user session scope unit (session-XX.scope) when the user
+ logs out. This behavior is controlled by the KillUserProcesses=
+ setting in logind.conf, and the previous default of "no" is now
+ changed to "yes". This means that user sessions will be properly
+ cleaned up after, but additional steps are necessary to allow
+ intentionally long-running processes to survive logout.
+
+ While the user is logged in at least once, user@.service is running,
+ and any service that should survive the end of any individual login
+ session can be started at a user service or scope using systemd-run.
+ systemd-run(1) man page has been extended with an example which shows
+ how to run screen in a scope unit underneath user@.service. The same
+ command works for tmux.
+
+ After the user logs out of all sessions, user@.service will be
+ terminated too, by default, unless the user has "lingering" enabled.
+ To effectively allow users to run long-term tasks even if they are
+ logged out, lingering must be enabled for them. See loginctl(1) for
+ details. The default polkit policy was modified to allow users to
+ set lingering for themselves without authentication.
+
+ Previous defaults can be restored at compile time by the
+ --without-kill-user-processes option to "configure".
+
+ * systemd-logind gained new configuration settings SessionsMax= and
+ InhibitorsMax=, both with a default of 8192. It will not register new
+ user sessions or inhibitors above this limit.
+
+ * systemd-logind will now reload configuration on SIGHUP.
+
+ * The unified cgroup hierarchy added in Linux 4.5 is now supported.
+ Use systemd.unified_cgroup_hierarchy=1 on the kernel command line to
+ enable. Also, support for the "io" cgroup controller in the unified
+ hierarchy has been added, so that the "memory", "pids" and "io" are
+ now the controllers that are supported on the unified hierarchy.
+
+ WARNING: it is not possible to use previous systemd versions with
+ systemd.unified_cgroup_hierarchy=1 and the new kernel. Therefore it
+ is necessary to also update systemd in the initramfs if using the
+ unified hierarchy. An updated SELinux policy is also required.
+
+ * LLDP support has been extended, and both passive (receive-only) and
+ active (sender) modes are supported. Passive mode ("routers-only") is
+ enabled by default in systemd-networkd. Active LLDP mode is enabled
+ by default for containers on the internal network. The "networkctl
+ lldp" command may be used to list information gathered. "networkctl
+ status" will also show basic LLDP information on connected peers now.
+
+ * The IAID and DUID unique identifier sent in DHCP requests may now be
+ configured for the system and each .network file managed by
+ systemd-networkd using the DUIDType=, DUIDRawData=, IAID= options.
+
+ * systemd-networkd gained support for configuring proxy ARP support for
+ each interface, via the ProxyArp= setting in .network files. It also
+ gained support for configuring the multicast querier feature of
+ bridge devices, via the new MulticastQuerier= setting in .netdev
+ files. Similarly, snooping on the IGMP traffic can be controlled
+ via the new setting MulticastSnooping=.
+
+ A new setting PreferredLifetime= has been added for addresses
+ configured in .network file to configure the lifetime intended for an
+ address.
+
+ The systemd-networkd DHCP server gained the option EmitRouter=, which
+ defaults to yes, to configure whether the DHCP Option 3 (Router)
+ should be emitted.
+
+ * The testing tool /usr/lib/systemd/systemd-activate is renamed to
+ systemd-socket-activate and installed into /usr/bin. It is now fully
+ supported.
+
+ * systemd-journald now uses separate threads to flush changes to disk
+ when closing journal files, thus reducing impact of slow disk I/O on
+ logging performance.
+
+ * The sd-journal API gained two new calls
+ sd_journal_open_directory_fd() and sd_journal_open_files_fd() which
+ can be used to open journal files using file descriptors instead of
+ file or directory paths. sd_journal_open_container() has been
+ deprecated, sd_journal_open_directory_fd() should be used instead
+ with the flag SD_JOURNAL_OS_ROOT.
+
+ * journalctl learned a new output mode "-o short-unix" that outputs log
+ lines prefixed by their UNIX time (i.e. seconds since Jan 1st, 1970
+ UTC). It also gained support for a new --no-hostname setting to
+ suppress the hostname column in the family of "short" output modes.
+
+ * systemd-ask-password now optionally skips printing of the password to
+ stdout with --no-output which can be useful in scripts.
+
+ * Framebuffer devices (/dev/fb*) and 3D printers and scanners
+ (devices tagged with ID_MAKER_TOOL) are now tagged with
+ "uaccess" and are available to logged in users.
+
+ * The DeviceAllow= unit setting now supports specifiers (with "%").
+
+ * "systemctl show" gained a new --value switch, which allows print a
+ only the contents of a specific unit property, without also printing
+ the property's name. Similar support was added to "show*" verbs
+ of loginctl and machinectl that output "key=value" lists.
+
+ * A new unit type "generated" was added for files dynamically generated
+ by generator tools. Similarly, a new unit type "transient" is used
+ for unit files created using the runtime API. "systemctl enable" will
+ refuse to operate on such files.
+
+ * A new command "systemctl revert" has been added that may be used to
+ revert to the vendor version of a unit file, in case local changes
+ have been made by adding drop-ins or overriding the unit file.
+
+ * "machinectl clean" gained a new verb to automatically remove all or
+ just hidden container images.
+
+ * systemd-tmpfiles gained support for a new line type "e" for emptying
+ directories, if they exist, without creating them if they don't.
+
+ * systemd-nspawn gained support for automatically patching the UID/GIDs
+ of the owners and the ACLs of all files and directories in a
+ container tree to match the UID/GID user namespacing range selected
+ for the container invocation. This mode is enabled via the new
+ --private-users-chown switch. It also gained support for
+ automatically choosing a free, previously unused UID/GID range when
+ starting a container, via the new --private-users=pick setting (which
+ implies --private-users-chown). Together, these options for the first
+ time make user namespacing for nspawn containers fully automatic and
+ thus deployable. The systemd-nspawn@.service template unit file has
+ been changed to use this functionality by default.
+
+ * systemd-nspawn gained a new --network-zone= switch, that allows
+ creating ad-hoc virtual Ethernet links between multiple containers,
+ that only exist as long as at least one container referencing them is
+ running. This allows easy connecting of multiple containers with a
+ common link that implements an Ethernet broadcast domain. Each of
+ these network "zones" may be named relatively freely by the user, and
+ may be referenced by any number of containers, but each container may
+ only reference one of these "zones". On the lower level, this is
+ implemented by an automatically managed bridge network interface for
+ each zone, that is created when the first container referencing its
+ zone is created and removed when the last one referencing its zone
+ terminates.
+
+ * The default start timeout may now be configured on the kernel command
+ line via systemd.default_timeout_start_sec=. It was already
+ configurable via the DefaultTimeoutStartSec= option in
+ /etc/systemd/system.conf.
+
+ * Socket units gained a new TriggerLimitIntervalSec= and
+ TriggerLimitBurst= setting to configure a limit on the activation
+ rate of the socket unit.
+
+ * The LimitNICE= setting now optionally takes normal UNIX nice values
+ in addition to the raw integer limit value. If the specified
+ parameter is prefixed with "+" or "-" and is in the range -20..19 the
+ value is understood as UNIX nice value. If not prefixed like this it
+ is understood as raw RLIMIT_NICE limit.
+
+ * Note that the effect of the PrivateDevices= unit file setting changed
+ slightly with this release: the per-device /dev file system will be
+ mounted read-only from this version on, and will have "noexec"
+ set. This (minor) change of behavior might cause some (exceptional)
+ legacy software to break, when PrivateDevices=yes is set for its
+ service. Please leave PrivateDevices= off if you run into problems
+ with this.
+
+ * systemd-bootchart has been split out to a separate repository:
+ https://github.com/systemd/systemd-bootchart
+
+ * systemd-bus-proxyd has been removed, as kdbus is unlikely to still be
+ merged into the kernel in its current form.
+
+ * The compatibility libraries libsystemd-daemon.so,
+ libsystemd-journal.so, libsystemd-id128.so, and libsystemd-login.so
+ which have been deprecated since systemd-209 have been removed along
+ with the corresponding pkg-config files. All symbols provided by
+ those libraries are provided by libsystemd.so.
+
+ * The Capabilities= unit file setting has been removed (it is ignored
+ for backwards compatibility). AmbientCapabilities= and
+ CapabilityBoundingSet= should be used instead.
+
+ * A new special target has been added, initrd-root-device.target,
+ which creates a synchronization point for dependencies of the root
+ device in early userspace. Initramfs builders must ensure that this
+ target is now included in early userspace.
+
+ Contributions from: Alban Crequy, Alexander Kuleshov, Alexander Shopov,
+ Alex Crawford, Andre Klärner, Andrew Eikum, Beniamino Galvani, Benjamin
+ Robin, Biao Lu, Bjørnar Ness, Calvin Owens, Christian Hesse, Clemens
+ Gruber, Colin Guthrie, Daniel Drake, Daniele Medri, Daniel J Walsh,
+ Daniel Mack, Dan Nicholson, daurnimator, David Herrmann, David
+ R. Hedges, Elias Probst, Emmanuel Gil Peyrot, EMOziko, Evgeny
+ Vereshchagin, Federico, Felipe Sateler, Filipe Brandenburger, Franck
+ Bui, frankheckenbach, gdamjan, Georgia Brikis, Harald Hoyer, Hendrik
+ Brueckner, Hristo Venev, Iago López Galeiras, Ian Kelling, Ismo
+ Puustinen, Jakub Wilk, Jaroslav Škarvada, Jeff Huang, Joel Holdsworth,
+ John Paul Adrian Glaubitz, Jonathan Boulle, kayrus, Klearchos
+ Chaloulos, Kyle Russell, Lars Uebernickel, Lennart Poettering, Lubomir
+ Rintel, Lukáš Nykrýn, Mantas Mikulėnas, Marcel Holtmann, Martin Pitt,
+ Michael Biebl, michaelolbrich, Michał Bartoszkiewicz, Michal Koutný,
+ Michal Sekletar, Mike Frysinger, Mike Gilbert, Mingcong Bai, Ming Lin,
+ mulkieran, muzena, Nalin Dahyabhai, Naohiro Aota, Nathan McSween,
+ Nicolas Braud-Santoni, Patrik Flykt, Peter Hutterer, Peter Mattern,
+ Petr Lautrbach, Petros Angelatos, Piotr Drąg, Rabin Vincent, Robert
+ Węcławski, Ronny Chevalier, Samuel Tardieu, Stefan Saraev, Stefan
+ Schallenberg aka nafets227, Steven Siloti, Susant Sahani, Sylvain
+ Plantefève, Taylor Smock, Tejun Heo, Thomas Blume, Thomas Haller,
+ Thomas H. P. Andersen, Tobias Klauser, Tom Gundersen, topimiettinen,
+ Torstein Husebø, Umut Tezduyar Lindskog, Uwe Kleine-König, Victor Toso,
+ Vinay Kulkarni, Vito Caputo, Vittorio G (VittGam), Vladimir Panteleev,
+ Wieland Hoffmann, Wouter Verhelst, Yu Watanabe, Zbigniew
+ Jędrzejewski-Szmek
+
+ — Fairfax, 2016-05-21
+
+CHANGES WITH 229:
+
+ * The systemd-resolved DNS resolver service has gained a substantial
+ set of new features, most prominently it may now act as a DNSSEC
+ validating stub resolver. DNSSEC mode is currently turned off by
+ default, but is expected to be turned on by default in one of the
+ next releases. For now, we invite everybody to test the DNSSEC logic
+ by setting DNSSEC=allow-downgrade in /etc/systemd/resolved.conf. The
+ service also gained a full set of D-Bus interfaces, including calls
+ to configure DNS and DNSSEC settings per link (for use by external
+ network management software). systemd-resolved and systemd-networkd
+ now distinguish between "search" and "routing" domains. The former
+ are used to qualify single-label names, the latter are used purely
+ for routing lookups within certain domains to specific links.
+ resolved now also synthesizes RRs for all entries from /etc/hosts.
+
+ * The systemd-resolve tool (which is a client utility for
+ systemd-resolved) has been improved considerably and is now fully
+ supported and documented. Hence it has moved from /usr/lib/systemd to
+ /usr/bin.
+
+ * /dev/disk/by-path/ symlink support has been (re-)added for virtio
+ devices.
+
+ * The coredump collection logic has been reworked: when a coredump is
+ collected it is now written to disk, compressed and processed
+ (including stacktrace extraction) from a new instantiated service
+ systemd-coredump@.service, instead of directly from the
+ /proc/sys/kernel/core_pattern hook we provide. This is beneficial as
+ processing large coredumps can take up a substantial amount of
+ resources and time, and this previously happened entirely outside of
+ systemd's service supervision. With the new logic the core_pattern
+ hook only does minimal metadata collection before passing off control
+ to the new instantiated service, which is configured with a time
+ limit, a nice level and other settings to minimize negative impact on
+ the rest of the system. Also note that the new logic will honour the
+ RLIMIT_CORE setting of the crashed process, which now allows users
+ and processes to turn off coredumping for their processes by setting
+ this limit.
+
+ * The RLIMIT_CORE resource limit now defaults to "unlimited" for PID 1
+ and all forked processes by default. Previously, PID 1 would leave
+ the setting at "0" for all processes, as set by the kernel. Note that
+ the resource limit traditionally has no effect on the generated
+ coredumps on the system if the /proc/sys/kernel/core_pattern hook
+ logic is used. Since the limit is now honoured (see above) its
+ default has been changed so that the coredumping logic is enabled by
+ default for all processes, while allowing specific opt-out.
+
+ * When the stacktrace is extracted from processes of system users, this
+ is now done as "systemd-coredump" user, in order to sandbox this
+ potentially security sensitive parsing operation. (Note that when
+ processing coredumps of normal users this is done under the user ID
+ of process that crashed, as before.) Packagers should take notice
+ that it is now necessary to create the "systemd-coredump" system user
+ and group at package installation time.
+
+ * The systemd-activate socket activation testing tool gained support
+ for SOCK_DGRAM and SOCK_SEQPACKET sockets using the new --datagram
+ and --seqpacket switches. It also has been extended to support both
+ new-style and inetd-style file descriptor passing. Use the new
+ --inetd switch to request inetd-style file descriptor passing.
+
+ * Most systemd tools now honor a new $SYSTEMD_COLORS environment
+ variable, which takes a boolean value. If set to false, ANSI color
+ output is disabled in the tools even when run on a terminal that
+ supports it.
+
+ * The VXLAN support in networkd now supports two new settings
+ DestinationPort= and PortRange=.
+
+ * A new systemd.machine_id= kernel command line switch has been added,
+ that may be used to set the machine ID in /etc/machine-id if it is
+ not initialized yet. This command line option has no effect if the
+ file is already initialized.
+
+ * systemd-nspawn gained a new --as-pid2 switch that invokes any
+ specified command line as PID 2 rather than PID 1 in the
+ container. In this mode PID 1 is a minimal stub init process that
+ implements the special POSIX and Linux semantics of PID 1 regarding
+ signal and child process management. Note that this stub init process
+ is implemented in nspawn itself and requires no support from the
+ container image. This new logic is useful to support running
+ arbitrary commands in the container, as normal processes are
+ generally not prepared to run as PID 1.
+
+ * systemd-nspawn gained a new --chdir= switch for setting the current
+ working directory for the process started in the container.
+
+ * "journalctl /dev/sda" will now output all kernel log messages for
+ specified device from the current boot, in addition to all devices
+ that are parents of it. This should make log output about devices
+ pretty useful, as long as kernel drivers attach enough metadata to
+ the log messages. (The usual SATA drivers do.)
+
+ * The sd-journal API gained two new calls
+ sd_journal_has_runtime_files() and sd_journal_has_persistent_files()
+ that report whether log data from /run or /var has been found.
+
+ * journalctl gained a new switch "--fields" that prints all journal
+ record field names currently in use in the journal. This is backed
+ by two new sd-journal API calls sd_journal_enumerate_fields() and
+ sd_journal_restart_fields().
+
+ * Most configurable timeouts in systemd now expect an argument of
+ "infinity" to turn them off, instead of "0" as before. The semantics
+ from now on is that a timeout of "0" means "now", and "infinity"
+ means "never". To maintain backwards compatibility, "0" continues to
+ turn off previously existing timeout settings.
+
+ * "systemctl reload-or-try-restart" has been renamed to "systemctl
+ try-reload-or-restart" to clarify what it actually does: the "try"
+ logic applies to both reloading and restarting, not just restarting.
+ The old name continues to be accepted for compatibility.
+
+ * On boot-up, when PID 1 detects that the system clock is behind the
+ release date of the systemd version in use, the clock is now set
+ to the latter. Previously, this was already done in timesyncd, in order
+ to avoid running with clocks set to the various clock epochs such as
+ 1902, 1938 or 1970. With this change the logic is now done in PID 1
+ in addition to timesyncd during early boot-up, so that it is enforced
+ before the first process is spawned by systemd. Note that the logic
+ in timesyncd remains, as it is more comprehensive and ensures
+ clock monotonicity by maintaining a persistent timestamp file in
+ /var. Since /var is generally not available in earliest boot or the
+ initrd, this part of the logic remains in timesyncd, and is not done
+ by PID 1.
+
+ * Support for tweaking details in net_cls.class_id through the
+ NetClass= configuration directive has been removed, as the kernel
+ people have decided to deprecate that controller in cgroup v2.
+ Userspace tools such as nftables are moving over to setting rules
+ that are specific to the full cgroup path of a task, which obsoletes
+ these controllers anyway. The NetClass= directive is kept around for
+ legacy compatibility reasons. For a more in-depth description of the
+ kernel change, please refer to the respective upstream commit:
+
+ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bd1060a1d671
+
+ * A new service setting RuntimeMaxSec= has been added that may be used
+ to specify a maximum runtime for a service. If the timeout is hit, the
+ service is terminated and put into a failure state.
+
+ * A new service setting AmbientCapabilities= has been added. It allows
+ configuration of additional Linux process capabilities that are
+ passed to the activated processes. This is only available on very
+ recent kernels.
+
+ * The process resource limit settings in service units may now be used
+ to configure hard and soft limits individually.
+
+ * The various libsystemd APIs such as sd-bus or sd-event now publicly
+ expose support for gcc's __attribute__((cleanup())) C extension.
+ Specifically, for many object destructor functions alternative
+ versions have been added that have names suffixed with "p" and take a
+ pointer to a pointer to the object to destroy, instead of just a
+ pointer to the object itself. This is useful because these destructor
+ functions may be used directly as parameters to the cleanup
+ construct. Internally, systemd has been a heavy user of this GCC
+ extension for a long time, and with this change similar support is
+ now available to consumers of the library outside of systemd. Note
+ that by using this extension in your sources compatibility with old
+ and strictly ANSI compatible C compilers is lost. However, all gcc or
+ LLVM versions of recent years support this extension.
+
+ * Timer units gained support for a new setting RandomizedDelaySec= that
+ allows configuring some additional randomized delay to the configured
+ time. This is useful to spread out timer events to avoid load peaks in
+ clusters or larger setups.
+
+ * Calendar time specifications now support sub-second accuracy.
+
+ * Socket units now support listening on SCTP and UDP-lite protocol
+ sockets.
+
+ * The sd-event API now comes with a full set of man pages.
+
+ * Older versions of systemd contained experimental support for
+ compressing journal files and coredumps with the LZ4 compressor that
+ was not compatible with the lz4 binary (due to API limitations of the
+ lz4 library). This support has been removed; only support for files
+ compatible with the lz4 binary remains. This LZ4 logic is now
+ officially supported and no longer considered experimental.
+
+ * The dkr image import logic has been removed again from importd. dkr's
+ micro-services focus doesn't fit into the machine image focus of
+ importd, and quickly got out of date with the upstream dkr API.
+
+ * Creation of the /run/lock/lockdev/ directory was dropped from
+ tmpfiles.d/legacy.conf. Better locking mechanisms like flock() have
+ been available for many years. If you still need this, you need to
+ create your own tmpfiles.d config file with:
+
+ d /run/lock/lockdev 0775 root lock -
+
+ * The settings StartLimitBurst=, StartLimitInterval=, StartLimitAction=
+ and RebootArgument= have been moved from the [Service] section of
+ unit files to [Unit], and they are now supported on all unit types,
+ not just service units. Of course, systemd will continue to
+ understand these settings also at the old location, in order to
+ maintain compatibility.
+
+ Contributions from: Abdo Roig-Maranges, Alban Crequy, Aleksander
+ Adamowski, Alexander Kuleshov, Andreas Pokorny, Andrei Borzenkov,
+ Andrew Wilcox, Arthur Clement, Beniamino Galvani, Casey Schaufler,
+ Chris Atkinson, Chris Mayo, Christian Hesse, Damjan Georgievski, Dan
+ Dedrick, Daniele Medri, Daniel J Walsh, Daniel Korostil, Daniel Mack,
+ David Herrmann, Dimitri John Ledkov, Dominik Hannen, Douglas Christman,
+ Evgeny Vereshchagin, Filipe Brandenburger, Franck Bui, Gabor Kelemen,
+ Harald Hoyer, Hayden Walles, Helmut Grohne, Henrik Kaare Poulsen,
+ Hristo Venev, Hui Wang, Indrajit Raychaudhuri, Ismo Puustinen, Jakub
+ Wilk, Jan Alexander Steffens (heftig), Jan Engelhardt, Jan Synacek,
+ Joost Bremmer, Jorgen Schaefer, Karel Zak, Klearchos Chaloulos,
+ lc85446, Lennart Poettering, Lukas Nykryn, Mantas Mikulėnas, Marcel
+ Holtmann, Martin Pitt, Michael Biebl, Michael Olbrich, Michael Scherer,
+ Michał Górny, Michal Sekletar, Nicolas Cornu, Nicolas Iooss, Nils
+ Carlson, nmartensen, nnz1024, Patrick Ohly, Peter Hutterer, Phillip Sz,
+ Ronny Chevalier, Samu Kallio, Shawn Landden, Stef Walter, Susant
+ Sahani, Sylvain Plantefève, Tadej Janež, Thomas Hindoe Paaboel
+ Andersen, Tom Gundersen, Torstein Husebø, Umut Tezduyar Lindskog, Vito
+ Caputo, WaLyong Cho, Yu Watanabe, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2016-02-11
+
+CHANGES WITH 228:
+
+ * A number of properties previously only settable in unit
+ files are now also available as properties to set when
+ creating transient units programmatically via the bus, as it
+ is exposed with systemd-run's --property=
+ setting. Specifically, these are: SyslogIdentifier=,
+ SyslogLevelPrefix=, TimerSlackNSec=, OOMScoreAdjust=,
+ EnvironmentFile=, ReadWriteDirectories=,
+ ReadOnlyDirectories=, InaccessibleDirectories=,
+ ProtectSystem=, ProtectHome=, RuntimeDirectory=.
+
+ * When creating transient services via the bus API it is now
+ possible to pass in a set of file descriptors to use as
+ STDIN/STDOUT/STDERR for the invoked process.
+
+ * Slice units may now be created transiently via the bus APIs,
+ similar to the way service and scope units may already be
+ created transiently.
+
+ * Wherever systemd expects a calendar timestamp specification
+ (like in journalctl's --since= and --until= switches) UTC
+ timestamps are now supported. Timestamps suffixed with "UTC"
+ are now considered to be in Universal Time Coordinated
+ instead of the local timezone. Also, timestamps may now
+ optionally be specified with sub-second accuracy. Both of
+ these additions also apply to recurring calendar event
+ specification, such as OnCalendar= in timer units.
+
+ * journalctl gained a new "--sync" switch that asks the
+ journal daemon to write all so far unwritten log messages to
+ disk and sync the files, before returning.
+
+ * systemd-tmpfiles learned two new line types "q" and "Q" that
+ operate like "v", but also set up a basic btrfs quota
+ hierarchy when used on a btrfs file system with quota
+ enabled.
+
+ * tmpfiles' "v", "q" and "Q" will now create a plain directory
+ instead of a subvolume (even on a btrfs file system) if the
+ root directory is a plain directory, and not a
+ subvolume. This should simplify things with certain chroot()
+ environments which are not aware of the concept of btrfs
+ subvolumes.
+
+ * systemd-detect-virt gained a new --chroot switch to detect
+ whether execution takes place in a chroot() environment.
+
+ * CPUAffinity= now takes CPU index ranges in addition to
+ individual indexes.
+
+ * The various memory-related resource limit settings (such as
+ LimitAS=) now understand the usual K, M, G, ... suffixes to
+ the base of 1024 (IEC). Similar, the time-related resource
+ limit settings understand the usual min, h, day, ...
+ suffixes now.
+
+ * There's a new system.conf setting DefaultTasksMax= to
+ control the default TasksMax= setting for services and
+ scopes running on the system. (TasksMax= is the primary
+ setting that exposes the "pids" cgroup controller on systemd
+ and was introduced in the previous systemd release.) The
+ setting now defaults to 512, which means services that are
+ not explicitly configured otherwise will only be able to
+ create 512 processes or threads at maximum, from this
+ version on. Note that this means that thread- or
+ process-heavy services might need to be reconfigured to set
+ TasksMax= to a higher value. It is sufficient to set
+ TasksMax= in these specific unit files to a higher value, or
+ even "infinity". Similar, there's now a logind.conf setting
+ UserTasksMax= that defaults to 4096 and limits the total
+ number of processes or tasks each user may own
+ concurrently. nspawn containers also have the TasksMax=
+ value set by default now, to 8192. Note that all of this
+ only has an effect if the "pids" cgroup controller is
+ enabled in the kernel. The general benefit of these changes
+ should be a more robust and safer system, that provides a
+ certain amount of per-service fork() bomb protection.
+
+ * systemd-nspawn gained the new --network-veth-extra= switch
+ to define additional and arbitrarily-named virtual Ethernet
+ links between the host and the container.
+
+ * A new service execution setting PassEnvironment= has been
+ added that allows importing select environment variables
+ from PID1's environment block into the environment block of
+ the service.
+
+ * Timer units gained support for a new RemainAfterElapse=
+ setting which takes a boolean argument. It defaults to on,
+ exposing behaviour unchanged to previous releases. If set to
+ off, timer units are unloaded after they elapsed if they
+ cannot elapse again. This is particularly useful for
+ transient timer units, which shall not stay around longer
+ than until they first elapse.
+
+ * systemd will now bump the net.unix.max_dgram_qlen to 512 by
+ default now (the kernel default is 16). This is beneficial
+ for avoiding blocking on AF_UNIX/SOCK_DGRAM sockets since it
+ allows substantially larger numbers of queued
+ datagrams. This should increase the capability of systemd to
+ parallelize boot-up, as logging and sd_notify() are unlikely
+ to stall execution anymore. If you need to change the value
+ from the new defaults, use the usual sysctl.d/ snippets.
+
+ * The compression framing format used by the journal or
+ coredump processing has changed to be in line with what the
+ official LZ4 tools generate. LZ4 compression support in
+ systemd was considered unsupported previously, as the format
+ was not compatible with the normal tools. With this release
+ this has changed now, and it is hence safe for downstream
+ distributions to turn it on. While not compressing as well
+ as the XZ, LZ4 is substantially faster, which makes
+ it a good default choice for the compression logic in the
+ journal and in coredump handling.
+
+ * Any reference to /etc/mtab has been dropped from
+ systemd. The file has been obsolete since a while, but
+ systemd refused to work on systems where it was incorrectly
+ set up (it should be a symlink or non-existent). Please make
+ sure to update to util-linux 2.27.1 or newer in conjunction
+ with this systemd release, which also drops any reference to
+ /etc/mtab. If you maintain a distribution make sure that no
+ software you package still references it, as this is a
+ likely source of bugs. There's also a glibc bug pending,
+ asking for removal of any reference to this obsolete file:
+
+ https://sourceware.org/bugzilla/show_bug.cgi?id=19108
+
+ Note that only util-linux versions built with
+ --enable-libmount-force-mountinfo are supported.
+
+ * Support for the ".snapshot" unit type has been removed. This
+ feature turned out to be little useful and little used, and
+ has now been removed from the core and from systemctl.
+
+ * The dependency types RequiresOverridable= and
+ RequisiteOverridable= have been removed from systemd. They
+ have been used only very sparingly to our knowledge and
+ other options that provide a similar effect (such as
+ systemctl --mode=ignore-dependencies) are much more useful
+ and commonly used. Moreover, they were only half-way
+ implemented as the option to control behaviour regarding
+ these dependencies was never added to systemctl. By removing
+ these dependency types the execution engine becomes a bit
+ simpler. Unit files that use these dependencies should be
+ changed to use the non-Overridable dependency types
+ instead. In fact, when parsing unit files with these
+ options, that's what systemd will automatically convert them
+ too, but it will also warn, asking users to fix the unit
+ files accordingly. Removal of these dependency types should
+ only affect a negligible number of unit files in the wild.
+
+ * Behaviour of networkd's IPForward= option changed
+ (again). It will no longer maintain a per-interface setting,
+ but propagate one way from interfaces where this is enabled
+ to the global kernel setting. The global setting will be
+ enabled when requested by a network that is set up, but
+ never be disabled again. This change was made to make sure
+ IPv4 and IPv6 behaviour regarding packet forwarding is
+ similar (as the Linux IPv6 stack does not support
+ per-interface control of this setting) and to minimize
+ surprises.
+
+ * In unit files the behaviour of %u, %U, %h, %s has
+ changed. These specifiers will now unconditionally resolve
+ to the various user database fields of the user that the
+ systemd instance is running as, instead of the user
+ configured in the specific unit via User=. Note that this
+ effectively doesn't change much, as resolving of these
+ specifiers was already turned off in the --system instance
+ of systemd, as we cannot do NSS lookups from PID 1. In the
+ --user instance of systemd these specifiers where correctly
+ resolved, but hardly made any sense, since the user instance
+ lacks privileges to do user switches anyway, and User= is
+ hence useless. Moreover, even in the --user instance of
+ systemd behaviour was awkward as it would only take settings
+ from User= assignment placed before the specifier into
+ account. In order to unify and simplify the logic around
+ this the specifiers will now always resolve to the
+ credentials of the user invoking the manager (which in case
+ of PID 1 is the root user).
+
+ Contributions from: Andrew Jones, Beniamino Galvani, Boyuan
+ Yang, Daniel Machon, Daniel Mack, David Herrmann, David
+ Reynolds, David Strauss, Dongsu Park, Evgeny Vereshchagin,
+ Felipe Sateler, Filipe Brandenburger, Franck Bui, Hristo
+ Venev, Iago López Galeiras, Jan Engelhardt, Jan Janssen, Jan
+ Synacek, Jesus Ornelas Aguayo, Karel Zak, kayrus, Kay Sievers,
+ Lennart Poettering, Liu Yuan Yuan, Mantas Mikulėnas, Marcel
+ Holtmann, Marcin Bachry, Marcos Alano, Marcos Mello, Mark
+ Theunissen, Martin Pitt, Michael Marineau, Michael Olbrich,
+ Michal Schmidt, Michal Sekletar, Mirco Tischler, Nick Owens,
+ Nicolas Cornu, Patrik Flykt, Peter Hutterer, reverendhomer,
+ Ronny Chevalier, Sangjung Woo, Seong-ho Cho, Shawn Landden,
+ Susant Sahani, Thomas Haller, Thomas Hindoe Paaboel Andersen,
+ Tom Gundersen, Torstein Husebø, Vito Caputo, Zbigniew
+ Jędrzejewski-Szmek
+
+ — Berlin, 2015-11-18
+
+CHANGES WITH 227:
+
+ * systemd now depends on util-linux v2.27. More specifically,
+ the newly added mount monitor feature in libmount now
+ replaces systemd's former own implementation.
+
+ * libmount mandates /etc/mtab not to be regular file, and
+ systemd now enforces this condition at early boot.
+ /etc/mtab has been deprecated and warned about for a very
+ long time, so systems running systemd should already have
+ stopped having this file around as anything else than a
+ symlink to /proc/self/mounts.
+
+ * Support for the "pids" cgroup controller has been added. It
+ allows accounting the number of tasks in a cgroup and
+ enforcing limits on it. This adds two new setting
+ TasksAccounting= and TasksMax= to each unit, as well as a
+ global option DefaultTasksAccounting=.
+
+ * Support for the "net_cls" cgroup controller has been added.
+ It allows assigning a net class ID to each task in the
+ cgroup, which can then be used in firewall rules and traffic
+ shaping configurations. Note that the kernel netfilter net
+ class code does not currently work reliably for ingress
+ packets on unestablished sockets.
+
+ This adds a new config directive called NetClass= to CGroup
+ enabled units. Allowed values are positive numbers for fixed
+ assignments and "auto" for picking a free value
+ automatically.
+
+ * 'systemctl is-system-running' now returns 'offline' if the
+ system is not booted with systemd. This command can now be
+ used as a substitute for 'systemd-notify --booted'.
+
+ * Watchdog timeouts have been increased to 3 minutes for all
+ in-tree service files. Apparently, disk IO issues are more
+ frequent than we hoped, and user reported >1 minute waiting
+ for disk IO.
+
+ * 'machine-id-commit' functionality has been merged into
+ 'machine-id-setup --commit'. The separate binary has been
+ removed.
+
+ * The WorkingDirectory= directive in unit files may now be set
+ to the special value '~'. In this case, the working
+ directory is set to the home directory of the user
+ configured in User=.
+
+ * "machinectl shell" will now open the shell in the home
+ directory of the selected user by default.
+
+ * The CrashChVT= configuration file setting is renamed to
+ CrashChangeVT=, following our usual logic of not
+ abbreviating unnecessarily. The old directive is still
+ supported for compat reasons. Also, this directive now takes
+ an integer value between 1 and 63, or a boolean value. The
+ formerly supported '-1' value for disabling stays around for
+ compat reasons.
+
+ * The PrivateTmp=, PrivateDevices=, PrivateNetwork=,
+ NoNewPrivileges=, TTYPath=, WorkingDirectory= and
+ RootDirectory= properties can now be set for transient
+ units.
+
+ * The systemd-analyze tool gained a new "set-log-target" verb
+ to change the logging target the system manager logs to
+ dynamically during runtime. This is similar to how
+ "systemd-analyze set-log-level" already changes the log
+ level.
+
+ * In nspawn /sys is now mounted as tmpfs, with only a selected
+ set of subdirectories mounted in from the real sysfs. This
+ enhances security slightly, and is useful for ensuring user
+ namespaces work correctly.
+
+ * Support for USB FunctionFS activation has been added. This
+ allows implementation of USB gadget services that are
+ activated as soon as they are requested, so that they don't
+ have to run continuously, similar to classic socket
+ activation.
+
+ * The "systemctl exit" command now optionally takes an
+ additional parameter that sets the exit code to return from
+ the systemd manager when exiting. This is only relevant when
+ running the systemd user instance, or when running the
+ system instance in a container.
+
+ * sd-bus gained the new API calls sd_bus_path_encode_many()
+ and sd_bus_path_decode_many() that allow easy encoding and
+ decoding of multiple identifier strings inside a D-Bus
+ object path. Another new call sd_bus_default_flush_close()
+ has been added to flush and close per-thread default
+ connections.
+
+ * systemd-cgtop gained support for a -M/--machine= switch to
+ show the control groups within a certain container only.
+
+ * "systemctl kill" gained support for an optional --fail
+ switch. If specified the requested operation will fail of no
+ processes have been killed, because the unit had no
+ processes attached, or similar.
+
+ * A new systemd.crash_reboot=1 kernel command line option has
+ been added that triggers a reboot after crashing. This can
+ also be set through CrashReboot= in systemd.conf.
+
+ * The RuntimeDirectory= setting now understands unit
+ specifiers like %i or %f.
+
+ * A new (still internal) library API sd-ipv4acd has been added,
+ that implements address conflict detection for IPv4. It's
+ based on code from sd-ipv4ll, and will be useful for
+ detecting DHCP address conflicts.
+
+ * File descriptors passed during socket activation may now be
+ named. A new API sd_listen_fds_with_names() is added to
+ access the names. The default names may be overridden,
+ either in the .socket file using the FileDescriptorName=
+ parameter, or by passing FDNAME= when storing the file
+ descriptors using sd_notify().
+
+ * systemd-networkd gained support for:
+
+ - Setting the IPv6 Router Advertisement settings via
+ IPv6AcceptRouterAdvertisements= in .network files.
+
+ - Configuring the HelloTimeSec=, MaxAgeSec= and
+ ForwardDelaySec= bridge parameters in .netdev files.
+
+ - Configuring PreferredSource= for static routes in
+ .network files.
+
+ * The "ask-password" framework used to query for LUKS harddisk
+ passwords or SSL passwords during boot gained support for
+ caching passwords in the kernel keyring, if it is
+ available. This makes sure that the user only has to type in
+ a passphrase once if there are multiple objects to unlock
+ with the same one. Previously, such password caching was
+ available only when Plymouth was used; this moves the
+ caching logic into the systemd codebase itself. The
+ "systemd-ask-password" utility gained a new --keyname=
+ switch to control which kernel keyring key to use for
+ caching a password in. This functionality is also useful for
+ enabling display managers such as gdm to automatically
+ unlock the user's GNOME keyring if its passphrase, the
+ user's password and the harddisk password are the same, if
+ gdm-autologin is used.
+
+ * When downloading tar or raw images using "machinectl
+ pull-tar" or "machinectl pull-raw", a matching ".nspawn"
+ file is now also downloaded, if it is available and stored
+ next to the image file.
+
+ * Units of type ".socket" gained a new boolean setting
+ Writable= which is only useful in conjunction with
+ ListenSpecial=. If true, enables opening the specified
+ special file in O_RDWR mode rather than O_RDONLY mode.
+
+ * systemd-rfkill has been reworked to become a singleton
+ service that is activated through /dev/rfkill on each rfkill
+ state change and saves the settings to disk. This way,
+ systemd-rfkill is now compatible with devices that exist
+ only intermittendly, and even restores state if the previous
+ system shutdown was abrupt rather than clean.
+
+ * The journal daemon gained support for vacuuming old journal
+ files controlled by the number of files that shall remain,
+ in addition to the already existing control by size and by
+ date. This is useful as journal interleaving performance
+ degrades with too many separate journal files, and allows
+ putting an effective limit on them. The new setting defaults
+ to 100, but this may be changed by setting SystemMaxFiles=
+ and RuntimeMaxFiles= in journald.conf. Also, the
+ "journalctl" tool gained the new --vacuum-files= switch to
+ manually vacuum journal files to leave only the specified
+ number of files in place.
+
+ * udev will now create /dev/disk/by-path links for ATA devices
+ on kernels where that is supported.
+
+ * Galician, Serbian, Turkish and Korean translations were added.
+
+ Contributions from: Aaro Koskinen, Alban Crequy, Beniamino
+ Galvani, Benjamin Robin, Branislav Blaskovic, Chen-Han Hsiao
+ (Stanley), Daniel Buch, Daniel Machon, Daniel Mack, David
+ Herrmann, David Milburn, doubleodoug, Evgeny Vereshchagin,
+ Felipe Franciosi, Filipe Brandenburger, Fran Dieguez, Gabriel
+ de Perthuis, Georg Müller, Hans de Goede, Hendrik Brueckner,
+ Ivan Shapovalov, Jacob Keller, Jan Engelhardt, Jan Janssen,
+ Jan Synacek, Jens Kuske, Karel Zak, Kay Sievers, Krzesimir
+ Nowak, Krzysztof Kotlenga, Lars Uebernickel, Lennart
+ Poettering, Lukas Nykryn, Łukasz Stelmach, Maciej Wereski,
+ Marcel Holtmann, Marius Thesing, Martin Pitt, Michael Biebl,
+ Michael Gebetsroither, Michal Schmidt, Michal Sekletar, Mike
+ Gilbert, Muhammet Kara, nazgul77, Nicolas Cornu, NoXPhasma,
+ Olof Johansson, Patrik Flykt, Pawel Szewczyk, reverendhomer,
+ Ronny Chevalier, Sangjung Woo, Seong-ho Cho, Susant Sahani,
+ Sylvain Plantefève, Thomas Haller, Thomas Hindoe Paaboel
+ Andersen, Tom Gundersen, Tom Lyon, Viktar Vauchkevich,
+ Zbigniew Jędrzejewski-Szmek, Марко М. Костић
+
+ — Berlin, 2015-10-07
+
+CHANGES WITH 226:
+
+ * The DHCP implementation of systemd-networkd gained a set of
+ new features:
+
+ - The DHCP server now supports emitting DNS and NTP
+ information. It may be enabled and configured via
+ EmitDNS=, DNS=, EmitNTP=, and NTP=. If transmission of DNS
+ and NTP information is enabled, but no servers are
+ configured, the corresponding uplink information (if there
+ is any) is propagated.
+
+ - Server and client now support transmission and reception
+ of timezone information. It can be configured via the
+ newly introduced network options UseTimezone=,
+ EmitTimezone=, and Timezone=. Transmission of timezone
+ information is enabled between host and containers by
+ default now: the container will change its local timezone
+ to what the host has set.
+
+ - Lease timeouts can now be configured via
+ MaxLeaseTimeSec= and DefaultLeaseTimeSec=.
+
+ - The DHCP server improved on the stability of
+ leases. Clients are more likely to get the same lease
+ information back, even if the server loses state.
+
+ - The DHCP server supports two new configuration options to
+ control the lease address pool metrics, PoolOffset= and
+ PoolSize=.
+
+ * The encapsulation limit of tunnels in systemd-networkd may
+ now be configured via 'EncapsulationLimit='. It allows
+ modifying the maximum additional levels of encapsulation
+ that are permitted to be prepended to a packet.
+
+ * systemd now supports the concept of user buses replacing
+ session buses, if used with dbus-1.10 (and enabled via dbus
+ --enable-user-session). It previously only supported this on
+ kdbus-enabled systems, and this release expands this to
+ 'dbus-daemon' systems.
+
+ * systemd-networkd now supports predictable interface names
+ for virtio devices.
+
+ * systemd now optionally supports the new Linux kernel
+ "unified" control group hierarchy. If enabled via the kernel
+ command-line option 'systemd.unified_cgroup_hierarchy=1',
+ systemd will try to mount the unified cgroup hierarchy
+ directly on /sys/fs/cgroup. If not enabled, or not
+ available, systemd will fall back to the legacy cgroup
+ hierarchy setup, as before. Host system and containers can
+ mix and match legacy and unified hierarchies as they
+ wish. nspawn understands the $UNIFIED_CGROUP_HIERARCHY
+ environment variable to individually select the hierarchy to
+ use for executed containers. By default, nspawn will use the
+ unified hierarchy for the containers if the host uses the
+ unified hierarchy, and the legacy hierarchy otherwise.
+ Please note that at this point the unified hierarchy is an
+ experimental kernel feature and is likely to change in one
+ of the next kernel releases. Therefore, it should not be
+ enabled by default in downstream distributions yet. The
+ minimum required kernel version for the unified hierarchy to
+ work is 4.2. Note that when the unified hierarchy is used
+ for the first time delegated access to controllers is
+ safe. Because of this systemd-nspawn containers will get
+ access to controllers now, as will systemd user
+ sessions. This means containers and user sessions may now
+ manage their own resources, partitioning up what the system
+ grants them.
+
+ * A new special scope unit "init.scope" has been introduced
+ that encapsulates PID 1 of the system. It may be used to
+ determine resource usage and enforce resource limits on PID
+ 1 itself. PID 1 hence moved out of the root of the control
+ group tree.
+
+ * The cgtop tool gained support for filtering out kernel
+ threads when counting tasks in a control group. Also, the
+ count of processes is now recursively summed up by
+ default. Two options -k and --recursive= have been added to
+ revert to old behaviour. The tool has also been updated to
+ work correctly in containers now.
+
+ * systemd-nspawn's --bind= and --bind-ro= options have been
+ extended to allow creation of non-recursive bind mounts.
+
+ * libsystemd gained two new calls sd_pid_get_cgroup() and
+ sd_peer_get_cgroup() which return the control group path of
+ a process or peer of a connected AF_UNIX socket. This
+ function call is particularly useful when implementing
+ delegated subtrees support in the control group hierarchy.
+
+ * The "sd-event" event loop API of libsystemd now supports
+ correct dequeuing of real-time signals, without losing
+ signal events.
+
+ * When systemd requests a polkit decision when managing units it
+ will now add additional fields to the request, including unit
+ name and desired operation. This enables more powerful polkit
+ policies, that make decisions depending on these parameters.
+
+ * nspawn learnt support for .nspawn settings files, that may
+ accompany the image files or directories of containers, and
+ may contain additional settings for the container. This is
+ an alternative to configuring container parameters via the
+ nspawn command line.
+
+ Contributions from: Cristian Rodríguez, Daniel Mack, David
+ Herrmann, Eugene Yakubovich, Evgeny Vereshchagin, Filipe
+ Brandenburger, Hans de Goede, Jan Alexander Steffens, Jan
+ Synacek, Kay Sievers, Lennart Poettering, Mangix, Marcel
+ Holtmann, Martin Pitt, Michael Biebl, Michael Chapman, Michal
+ Sekletar, Peter Hutterer, Piotr Drąg, reverendhomer, Robin
+ Hack, Susant Sahani, Sylvain Pasche, Thomas Hindoe Paaboel
+ Andersen, Tom Gundersen, Torstein Husebø
+
+ — Berlin, 2015-09-08
+
+CHANGES WITH 225:
+
+ * machinectl gained a new verb 'shell' which opens a fresh
+ shell on the target container or the host. It is similar to
+ the existing 'login' command of machinectl, but spawns the
+ shell directly without prompting for username or
+ password. The pseudo machine '.host' now refers to the local
+ host and is used by default. Hence, 'machinectl shell' can
+ be used as replacement for 'su -' which spawns a session as
+ a fresh systemd unit in a way that is fully isolated from
+ the originating session.
+
+ * systemd-networkd learned to cope with private-zone DHCP
+ options and allows other programs to query the values.
+
+ * SELinux access control when enabling/disabling units is no
+ longer enforced with this release. The previous implementation
+ was incorrect, and a new corrected implementation is not yet
+ available. As unit file operations are still protected via
+ polkit and D-Bus policy this is not a security problem. Yet,
+ distributions which care about optimal SELinux support should
+ probably not stabilize on this release.
+
+ * sd-bus gained support for matches of type "arg0has=", that
+ test for membership of strings in string arrays sent in bus
+ messages.
+
+ * systemd-resolved now dumps the contents of its DNS and LLMNR
+ caches to the logs on reception of the SIGUSR1 signal. This
+ is useful to debug DNS behaviour.
+
+ * The coredumpctl tool gained a new --directory= option to
+ operate on journal files in a specific directory.
+
+ * "systemctl reboot" and related commands gained a new
+ "--message=" option which may be used to set a free-text
+ wall message when shutting down or rebooting the
+ system. This message is also logged, which is useful for
+ figuring out the reason for a reboot or shutdown a
+ posteriori.
+
+ * The "systemd-resolve-host" tool's -i switch now takes
+ network interface numbers as alternative to interface names.
+
+ * A new unit file setting for services has been introduced:
+ UtmpMode= allows configuration of how precisely systemd
+ handles utmp and wtmp entries for the service if this is
+ enabled. This allows writing services that appear similar to
+ user sessions in the output of the "w", "who", "last" and
+ "lastlog" tools.
+
+ * systemd-resolved will now locally synthesize DNS resource
+ records for the "localhost" and "gateway" domains as well as
+ the local hostname. This should ensure that clients querying
+ RRs via resolved will get similar results as those going via
+ NSS, if nss-myhostname is enabled.
+
+ Contributions from: Alastair Hughes, Alex Crawford, Daniel
+ Mack, David Herrmann, Dimitri John Ledkov, Eric Kostrowski,
+ Evgeny Vereshchagin, Felipe Sateler, HATAYAMA Daisuke, Jan
+ Pokorný, Jan Synacek, Johnny Robeson, Karel Zak, Kay Sievers,
+ Kefeng Wang, Lennart Poettering, Major Hayden, Marcel
+ Holtmann, Markus Elfring, Martin Mikkelsen, Martin Pitt, Matt
+ Turner, Maxim Mikityanskiy, Michael Biebl, Namhyung Kim,
+ Nicolas Cornu, Owen W. Taylor, Patrik Flykt, Peter Hutterer,
+ reverendhomer, Richard Maw, Ronny Chevalier, Seth Jennings,
+ Stef Walter, Susant Sahani, Thomas Blume, Thomas Hindoe
+ Paaboel Andersen, Thomas Meyer, Tom Gundersen, Vincent Batts,
+ WaLyong Cho, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2015-08-27
+
+CHANGES WITH 224:
+
+ * The systemd-efi-boot-generator functionality was merged into
+ systemd-gpt-auto-generator.
+
+ * systemd-networkd now supports Group Policy for vxlan
+ devices. It can be enabled via the new boolean configuration
+ option called 'GroupPolicyExtension='.
+
+ Contributions from: Andreas Kempf, Christian Hesse, Daniel Mack, David
+ Herrmann, Herman Fries, Johannes Nixdorf, Kay Sievers, Lennart
+ Poettering, Peter Hutterer, Susant Sahani, Tom Gundersen
+
+ — Berlin, 2015-07-31
+
+CHANGES WITH 223:
+
+ * The python-systemd code has been removed from the systemd repository.
+ A new repository has been created which accommodates the code from
+ now on, and we kindly ask distributions to create a separate package
+ for this: https://github.com/systemd/python-systemd
+
+ * The systemd daemon will now reload its main configuration
+ (/etc/systemd/system.conf) on daemon-reload.
+
+ * sd-dhcp now exposes vendor specific extensions via
+ sd_dhcp_lease_get_vendor_specific().
+
+ * systemd-networkd gained a number of new configuration options.
+
+ - A new boolean configuration option for TAP devices called
+ 'VNetHeader='. If set, the IFF_VNET_HDR flag is set for the
+ device, thus allowing to send and receive GSO packets.
+
+ - A new tunnel configuration option called 'CopyDSCP='.
+ If enabled, the DSCP field of ip6 tunnels is copied into the
+ decapsulated packet.
+
+ - A set of boolean bridge configuration options were added.
+ 'UseBPDU=', 'HairPin=', 'FastLeave=', 'AllowPortToBeRoot=',
+ and 'UnicastFlood=' are now parsed by networkd and applied to the
+ respective bridge link device via the respective IFLA_BRPORT_*
+ netlink attribute.
+
+ - A new string configuration option to override the hostname sent
+ to a DHCP server, called 'Hostname='. If set and 'SendHostname='
+ is true, networkd will use the configured hostname instead of the
+ system hostname when sending DHCP requests.
+
+ - A new tunnel configuration option called 'IPv6FlowLabel='. If set,
+ networkd will configure the IPv6 flow-label of the tunnel device
+ according to RFC2460.
+
+ - The 'macvtap' virtual network devices are now supported, similar to
+ the already supported 'macvlan' devices.
+
+ * systemd-resolved now implements RFC5452 to improve resilience against
+ cache poisoning. Additionally, source port randomization is enabled
+ by default to further protect against DNS spoofing attacks.
+
+ * nss-mymachines now supports translating UIDs and GIDs of running
+ containers with user-namespaces enabled. If a container 'foo'
+ translates a host uid 'UID' to the container uid 'TUID', then
+ nss-mymachines will also map uid 'UID' to/from username 'vu-foo-TUID'
+ (with 'foo' and 'TUID' replaced accordingly). Similarly, groups are
+ mapped as 'vg-foo-TGID'.
+
+ Contributions from: Beniamino Galvani, cee1, Christian Hesse, Daniel
+ Buch, Daniel Mack, daurnimator, David Herrmann, Dimitri John Ledkov,
+ HATAYAMA Daisuke, Ivan Shapovalov, Jan Alexander Steffens (heftig),
+ Johan Ouwerkerk, Jose Carlos Venegas Munoz, Karel Zak, Kay Sievers,
+ Lennart Poettering, Lidong Zhong, Martin Pitt, Michael Biebl, Michael
+ Olbrich, Michal Schmidt, Michal Sekletar, Mike Gilbert, Namhyung Kim,
+ Nick Owens, Peter Hutterer, Richard Maw, Steven Allen, Sungbae Yoo,
+ Susant Sahani, Thomas Blume, Thomas Hindoe Paaboel Andersen, Tom
+ Gundersen, Torstein Husebø, Umut Tezduyar Lindskog, Vito Caputo,
+ Vivenzio Pagliari, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2015-07-29
+
+CHANGES WITH 222:
+
+ * udev does not longer support the WAIT_FOR_SYSFS= key in udev rules.
+ There are no known issues with current sysfs, and udev does not need
+ or should be used to work around such bugs.
+
+ * udev does no longer enable USB HID power management. Several reports
+ indicate, that some devices cannot handle that setting.
+
+ * The udev accelerometer helper was removed. The functionality
+ is now fully included in iio-sensor-proxy. But this means,
+ older iio-sensor-proxy versions will no longer provide
+ accelerometer/orientation data with this systemd version.
+ Please upgrade iio-sensor-proxy to version 1.0.
+
+ * networkd gained a new configuration option IPv6PrivacyExtensions=
+ which enables IPv6 privacy extensions (RFC 4941, "Privacy Extensions
+ for Stateless Address") on selected networks.
+
+ * For the sake of fewer build-time dependencies and less code in the
+ main repository, the python bindings are about to be removed in the
+ next release. A new repository has been created which accommodates
+ the code from now on, and we kindly ask distributions to create a
+ separate package for this. The removal will take place in v223.
+
+ https://github.com/systemd/python-systemd
+
+ Contributions from: Abdo Roig-Maranges, Andrew Eikum, Bastien Nocera,
+ Cédric Delmas, Christian Hesse, Christos Trochalakis, Daniel Mack,
+ daurnimator, David Herrmann, Dimitri John Ledkov, Eric Biggers, Eric
+ Cook, Felipe Sateler, Geert Jansen, Gerd Hoffmann, Gianpaolo Macario,
+ Greg Kroah-Hartman, Iago López Galeiras, Jan Alexander Steffens
+ (heftig), Jan Engelhardt, Jay Strict, Kay Sievers, Lennart Poettering,
+ Markus Knetschke, Martin Pitt, Michael Biebl, Michael Marineau, Michal
+ Sekletar, Miguel Bernal Marin, Peter Hutterer, Richard Maw, rinrinne,
+ Susant Sahani, Thomas Hindoe Paaboel Andersen, Tom Gundersen, Torstein
+ Husebø, Vedran Miletić, WaLyong Cho, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2015-07-07
+
+CHANGES WITH 221:
+
+ * The sd-bus.h and sd-event.h APIs have now been declared
+ stable and have been added to the official interface of
+ libsystemd.so. sd-bus implements an alternative D-Bus client
+ library, that is relatively easy to use, very efficient and
+ supports both classic D-Bus as well as kdbus as transport
+ backend. sd-event is a generic event loop abstraction that
+ is built around Linux epoll, but adds features such as event
+ prioritization or efficient timer handling. Both APIs are good
+ choices for C programs looking for a bus and/or event loop
+ implementation that is minimal and does not have to be
+ portable to other kernels.
+
+ * kdbus support is no longer compile-time optional. It is now
+ always built-in. However, it can still be disabled at
+ runtime using the kdbus=0 kernel command line setting, and
+ that setting may be changed to default to off, by specifying
+ --disable-kdbus at build-time. Note though that the kernel
+ command line setting has no effect if the kdbus.ko kernel
+ module is not installed, in which case kdbus is (obviously)
+ also disabled. We encourage all downstream distributions to
+ begin testing kdbus by adding it to the kernel images in the
+ development distributions, and leaving kdbus support in
+ systemd enabled.
+
+ * The minimal required util-linux version has been bumped to
+ 2.26.
+
+ * Support for chkconfig (--enable-chkconfig) was removed in
+ favor of calling an abstraction tool
+ /lib/systemd/systemd-sysv-install. This needs to be
+ implemented for your distribution. See "SYSV INIT.D SCRIPTS"
+ in README for details.
+
+ * If there's a systemd unit and a SysV init script for the
+ same service name, and the user executes "systemctl enable"
+ for it (or a related call), then this will now enable both
+ (or execute the related operation on both), not just the
+ unit.
+
+ * The libudev API documentation has been converted from gtkdoc
+ into man pages.
+
+ * gudev has been removed from the systemd tree, it is now an
+ external project.
+
+ * The systemd-cgtop tool learnt a new --raw switch to generate
+ "raw" (machine parsable) output.
+
+ * networkd's IPForwarding= .network file setting learnt the
+ new setting "kernel", which ensures that networkd does not
+ change the IP forwarding sysctl from the default kernel
+ state.
+
+ * The systemd-logind bus API now exposes a new boolean
+ property "Docked" that reports whether logind considers the
+ system "docked", i.e. connected to a docking station or not.
+
+ Contributions from: Alex Crawford, Andreas Pokorny, Andrei
+ Borzenkov, Charles Duffy, Colin Guthrie, Cristian Rodríguez,
+ Daniele Medri, Daniel Hahler, Daniel Mack, David Herrmann,
+ David Mohr, Dimitri John Ledkov, Djalal Harouni, dslul, Ed
+ Swierk, Eric Cook, Filipe Brandenburger, Gianpaolo Macario,
+ Harald Hoyer, Iago López Galeiras, Igor Vuk, Jan Synacek,
+ Jason Pleau, Jason S. McMullan, Jean Delvare, Jeff Huang,
+ Jonathan Boulle, Karel Zak, Kay Sievers, kloun, Lennart
+ Poettering, Marc-Antoine Perennou, Marcel Holtmann, Mario
+ Limonciello, Martin Pitt, Michael Biebl, Michael Olbrich,
+ Michal Schmidt, Mike Gilbert, Nick Owens, Pablo Lezaeta Reyes,
+ Patrick Donnelly, Pavel Odvody, Peter Hutterer, Philip
+ Withnall, Ronny Chevalier, Simon McVittie, Susant Sahani,
+ Thomas Hindoe Paaboel Andersen, Tom Gundersen, Torstein
+ Husebø, Umut Tezduyar Lindskog, Viktar Vauchkevich, Werner
+ Fink, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2015-06-19
+
+CHANGES WITH 220:
+
+ * The gudev library has been extracted into a separate repository
+ available at: https://git.gnome.org/browse/libgudev/
+ It is now managed as part of the Gnome project. Distributions
+ are recommended to pass --disable-gudev to systemd and use
+ gudev from the Gnome project instead. gudev is still included
+ in systemd, for now. It will be removed soon, though. Please
+ also see the announcement-thread on systemd-devel:
+ https://lists.freedesktop.org/archives/systemd-devel/2015-May/032070.html
+
+ * systemd now exposes a CPUUsageNSec= property for each
+ service unit on the bus, that contains the overall consumed
+ CPU time of a service (the sum of what each process of the
+ service consumed). This value is only available if
+ CPUAccounting= is turned on for a service, and is then shown
+ in the "systemctl status" output.
+
+ * Support for configuring alternative mappings of the old SysV
+ runlevels to systemd targets has been removed. They are now
+ hardcoded in a way that runlevels 2, 3, 4 all map to
+ multi-user.target and 5 to graphical.target (which
+ previously was already the default behaviour).
+
+ * The auto-mounter logic gained support for mount point
+ expiry, using a new TimeoutIdleSec= setting in .automount
+ units. (Also available as x-systemd.idle-timeout= in /etc/fstab).
+
+ * The EFI System Partition (ESP) as mounted to /boot by
+ systemd-efi-boot-generator will now be unmounted
+ automatically after 2 minutes of not being used. This should
+ minimize the risk of ESP corruptions.
+
+ * New /etc/fstab options x-systemd.requires= and
+ x-systemd.requires-mounts-for= are now supported to express
+ additional dependencies for mounts. This is useful for
+ journalling file systems that support external journal
+ devices or overlay file systems that require underlying file
+ systems to be mounted.
+
+ * systemd does not support direct live-upgrades (via systemctl
+ daemon-reexec) from versions older than v44 anymore. As no
+ distribution we are aware of shipped such old versions in a
+ stable release this should not be problematic.
+
+ * When systemd forks off a new per-connection service instance
+ it will now set the $REMOTE_ADDR environment variable to the
+ remote IP address, and $REMOTE_PORT environment variable to
+ the remote IP port. This behaviour is similar to the
+ corresponding environment variables defined by CGI.
+
+ * systemd-networkd gained support for uplink failure
+ detection. The BindCarrier= option allows binding interface
+ configuration dynamically to the link sense of other
+ interfaces. This is useful to achieve behaviour like in
+ network switches.
+
+ * systemd-networkd gained support for configuring the DHCP
+ client identifier to use when requesting leases.
+
+ * systemd-networkd now has a per-network UseNTP= option to
+ configure whether NTP server information acquired via DHCP
+ is passed on to services like systemd-timesyncd.
+
+ * systemd-networkd gained support for vti6 tunnels.
+
+ * Note that systemd-networkd manages the sysctl variable
+ /proc/sys/net/ipv[46]/conf/*/forwarding for each interface
+ it is configured for since v219. The variable controls IP
+ forwarding, and is a per-interface alternative to the global
+ /proc/sys/net/ipv[46]/ip_forward. This setting is
+ configurable in the IPForward= option, which defaults to
+ "no". This means if networkd is used for an interface it is
+ no longer sufficient to set the global sysctl option to turn
+ on IP forwarding! Instead, the .network file option
+ IPForward= needs to be turned on! Note that the
+ implementation of this behaviour was broken in v219 and has
+ been fixed in v220.
+
+ * Many bonding and vxlan options are now configurable in
+ systemd-networkd.
+
+ * systemd-nspawn gained a new --property= setting to set unit
+ properties for the container scope. This is useful for
+ setting resource parameters (e.g. "CPUShares=500") on
+ containers started from the command line.
+
+ * systemd-nspawn gained a new --private-users= switch to make
+ use of user namespacing available on recent Linux kernels.
+
+ * systemd-nspawn may now be called as part of a shell pipeline
+ in which case the pipes used for stdin and stdout are passed
+ directly to the process invoked in the container, without
+ indirection via a pseudo tty.
+
+ * systemd-nspawn gained a new switch to control the UNIX
+ signal to use when killing the init process of the container
+ when shutting down.
+
+ * systemd-nspawn gained a new --overlay= switch for mounting
+ overlay file systems into the container using the new kernel
+ overlayfs support.
+
+ * When a container image is imported via systemd-importd and
+ the host file system is not btrfs, a loopback block device
+ file is created in /var/lib/machines.raw with a btrfs file
+ system inside. It is then mounted to /var/lib/machines to
+ enable btrfs features for container management. The loopback
+ file and btrfs file system is grown as needed when container
+ images are imported via systemd-importd.
+
+ * systemd-machined/systemd-importd gained support for btrfs
+ quota, to enforce container disk space limits on disk. This
+ is exposed in "machinectl set-limit".
+
+ * systemd-importd now can import containers from local .tar,
+ .raw and .qcow2 images, and export them to .tar and .raw. It
+ can also import dkr v2 images now from the network (on top
+ of v1 as before).
+
+ * systemd-importd gained support for verifying downloaded
+ images with gpg2 (previously only gpg1 was supported).
+
+ * systemd-machined, systemd-logind, systemd: most bus calls are
+ now accessible to unprivileged processes via polkit. Also,
+ systemd-logind will now allow users to kill their own sessions
+ without further privileges or authorization.
+
+ * systemd-shutdownd has been removed. This service was
+ previously responsible for implementing scheduled shutdowns
+ as exposed in /usr/bin/shutdown's time parameter. This
+ functionality has now been moved into systemd-logind and is
+ accessible via a bus interface.
+
+ * "systemctl reboot" gained a new switch --firmware-setup that
+ can be used to reboot into the EFI firmware setup, if that
+ is available. systemd-logind now exposes an API on the bus
+ to trigger such reboots, in case graphical desktop UIs want
+ to cover this functionality.
+
+ * "systemctl enable", "systemctl disable" and "systemctl mask"
+ now support a new "--now" switch. If specified the units
+ that are enabled will also be started, and the ones
+ disabled/masked also stopped.
+
+ * The Gummiboot EFI boot loader tool has been merged into
+ systemd, and renamed to "systemd-boot". The bootctl tool has been
+ updated to support systemd-boot.
+
+ * An EFI kernel stub has been added that may be used to create
+ kernel EFI binaries that contain not only the actual kernel,
+ but also an initrd, boot splash, command line and OS release
+ information. This combined binary can then be signed as a
+ single image, so that the firmware can verify it all in one
+ step. systemd-boot has special support for EFI binaries created
+ like this and can extract OS release information from them
+ and show them in the boot menu. This functionality is useful
+ to implement cryptographically verified boot schemes.
+
+ * Optional support has been added to systemd-fsck to pass
+ fsck's progress report to an AF_UNIX socket in the file
+ system.
+
+ * udev will no longer create device symlinks for all block
+ devices by default. A blacklist for excluding special block
+ devices from this logic has been turned into a whitelist
+ that requires picking block devices explicitly that require
+ device symlinks.
+
+ * A new (currently still internal) API sd-device.h has been
+ added to libsystemd. This modernized API is supposed to
+ replace libudev eventually. In fact, already much of libudev
+ is now just a wrapper around sd-device.h.
+
+ * A new hwdb database for storing metadata about pointing
+ stick devices has been added.
+
+ * systemd-tmpfiles gained support for setting file attributes
+ similar to the "chattr" tool with new 'h' and 'H' lines.
+
+ * systemd-journald will no longer unconditionally set the
+ btrfs NOCOW flag on new journal files. This is instead done
+ with tmpfiles snippet using the new 'h' line type. This
+ allows easy disabling of this logic, by masking the
+ journal-nocow.conf tmpfiles file.
+
+ * systemd-journald will now translate audit message types to
+ human readable identifiers when writing them to the
+ journal. This should improve readability of audit messages.
+
+ * The LUKS logic gained support for the offset= and skip=
+ options in /etc/crypttab, as previously implemented by
+ Debian.
+
+ * /usr/lib/os-release gained a new optional field VARIANT= for
+ distributions that support multiple variants (such as a
+ desktop edition, a server edition, ...)
+
+ Contributions from: Aaro Koskinen, Adam Goode, Alban Crequy,
+ Alberto Fanjul Alonso, Alexander Sverdlin, Alex Puchades, Alin
+ Rauta, Alison Chaiken, Andrew Jones, Arend van Spriel,
+ Benedikt Morbach, Benjamin Franzke, Benjamin Tissoires, Blaž
+ Tomažič, Chris Morgan, Chris Morin, Colin Walters, Cristian
+ Rodríguez, Daniel Buch, Daniel Drake, Daniele Medri, Daniel
+ Mack, Daniel Mustieles, daurnimator, Davide Bettio, David
+ Herrmann, David Strauss, Didier Roche, Dimitri John Ledkov,
+ Eric Cook, Gavin Li, Goffredo Baroncelli, Hannes Reinecke,
+ Hans de Goede, Hans-Peter Deifel, Harald Hoyer, Iago López
+ Galeiras, Ivan Shapovalov, Jan Engelhardt, Jan Janssen, Jan
+ Pazdziora, Jan Synacek, Jasper St. Pierre, Jay Faulkner, John
+ Paul Adrian Glaubitz, Jonathon Gilbert, Karel Zak, Kay
+ Sievers, Koen Kooi, Lennart Poettering, Lubomir Rintel, Lucas
+ De Marchi, Lukas Nykryn, Lukas Rusak, Lukasz Skalski, Łukasz
+ Stelmach, Mantas Mikulėnas, Marc-Antoine Perennou, Marcel
+ Holtmann, Martin Pitt, Mathieu Chevrier, Matthew Garrett,
+ Michael Biebl, Michael Marineau, Michael Olbrich, Michal
+ Schmidt, Michal Sekletar, Mirco Tischler, Nir Soffer, Patrik
+ Flykt, Pavel Odvody, Peter Hutterer, Peter Lemenkov, Peter
+ Waller, Piotr Drąg, Raul Gutierrez S, Richard Maw, Ronny
+ Chevalier, Ross Burton, Sebastian Rasmussen, Sergey Ptashnick,
+ Seth Jennings, Shawn Landden, Simon Farnsworth, Stefan Junker,
+ Stephen Gallagher, Susant Sahani, Sylvain Plantefève, Thomas
+ Haller, Thomas Hindoe Paaboel Andersen, Tobias Hunger, Tom
+ Gundersen, Torstein Husebø, Umut Tezduyar Lindskog, Will
+ Woods, Zachary Cook, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2015-05-22
+
+CHANGES WITH 219:
+
+ * Introduce a new API "sd-hwdb.h" for querying the hardware
+ metadata database. With this minimal interface one can query
+ and enumerate the udev hwdb, decoupled from the old libudev
+ library. libudev's interface for this is now only a wrapper
+ around sd-hwdb. A new tool systemd-hwdb has been added to
+ interface with and update the database.
+
+ * When any of systemd's tools copies files (for example due to
+ tmpfiles' C lines) a btrfs reflink will attempted first,
+ before bytewise copying is done.
+
+ * systemd-nspawn gained a new --ephemeral switch. When
+ specified a btrfs snapshot is taken of the container's root
+ directory, and immediately removed when the container
+ terminates again. Thus, a container can be started whose
+ changes never alter the container's root directory, and are
+ lost on container termination. This switch can also be used
+ for starting a container off the root file system of the
+ host without affecting the host OS. This switch is only
+ available on btrfs file systems.
+
+ * systemd-nspawn gained a new --template= switch. It takes the
+ path to a container tree to use as template for the tree
+ specified via --directory=, should that directory be
+ missing. This allows instantiating containers dynamically,
+ on first run. This switch is only available on btrfs file
+ systems.
+
+ * When a .mount unit refers to a mount point on which multiple
+ mounts are stacked, and the .mount unit is stopped all of
+ the stacked mount points will now be unmounted until no
+ mount point remains.
+
+ * systemd now has an explicit notion of supported and
+ unsupported unit types. Jobs enqueued for unsupported unit
+ types will now fail with an "unsupported" error code. More
+ specifically .swap, .automount and .device units are not
+ supported in containers, .busname units are not supported on
+ non-kdbus systems. .swap and .automount are also not
+ supported if their respective kernel compile time options
+ are disabled.
+
+ * machinectl gained support for two new "copy-from" and
+ "copy-to" commands for copying files from a running
+ container to the host or vice versa.
+
+ * machinectl gained support for a new "bind" command to bind
+ mount host directories into local containers. This is
+ currently only supported for nspawn containers.
+
+ * networkd gained support for configuring bridge forwarding
+ database entries (fdb) from .network files.
+
+ * A new tiny daemon "systemd-importd" has been added that can
+ download container images in tar, raw, qcow2 or dkr formats,
+ and make them available locally in /var/lib/machines, so
+ that they can run as nspawn containers. The daemon can GPG
+ verify the downloads (not supported for dkr, since it has no
+ provisions for verifying downloads). It will transparently
+ decompress bz2, xz, gzip compressed downloads if necessary,
+ and restore sparse files on disk. The daemon uses privilege
+ separation to ensure the actual download logic runs with
+ fewer privileges than the daemon itself. machinectl has
+ gained new commands "pull-tar", "pull-raw" and "pull-dkr" to
+ make the functionality of importd available to the
+ user. With this in place the Fedora and Ubuntu "Cloud"
+ images can be downloaded and booted as containers unmodified
+ (the Fedora images lack the appropriate GPG signature files
+ currently, so they cannot be verified, but this will change
+ soon, hopefully). Note that downloading images is currently
+ only fully supported on btrfs.
+
+ * machinectl is now able to list container images found in
+ /var/lib/machines, along with some metadata about sizes of
+ disk and similar. If the directory is located on btrfs and
+ quota is enabled, this includes quota display. A new command
+ "image-status" has been added that shows additional
+ information about images.
+
+ * machinectl is now able to clone container images
+ efficiently, if the underlying file system (btrfs) supports
+ it, with the new "machinectl clone" command. It also
+ gained commands for renaming and removing images, as well as
+ marking them read-only or read-write (supported also on
+ legacy file systems).
+
+ * networkd gained support for collecting LLDP network
+ announcements, from hardware that supports this. This is
+ shown in networkctl output.
+
+ * systemd-run gained support for a new -t (--pty) switch for
+ invoking a binary on a pty whose input and output is
+ connected to the invoking terminal. This allows executing
+ processes as system services while interactively
+ communicating with them via the terminal. Most interestingly
+ this is supported across container boundaries. Invoking
+ "systemd-run -t /bin/bash" is an alternative to running a
+ full login session, the difference being that the former
+ will not register a session, nor go through the PAM session
+ setup.
+
+ * tmpfiles gained support for a new "v" line type for creating
+ btrfs subvolumes. If the underlying file system is a legacy
+ file system, this automatically degrades to creating a
+ normal directory. Among others /var/lib/machines is now
+ created like this at boot, should it be missing.
+
+ * The directory /var/lib/containers/ has been deprecated and
+ been replaced by /var/lib/machines. The term "machines" has
+ been used in the systemd context as generic term for both
+ VMs and containers, and hence appears more appropriate for
+ this, as the directory can also contain raw images bootable
+ via qemu/kvm.
+
+ * systemd-nspawn when invoked with -M but without --directory=
+ or --image= is now capable of searching for the container
+ root directory, subvolume or disk image automatically, in
+ /var/lib/machines. systemd-nspawn@.service has been updated
+ to make use of this, thus allowing it to be used for raw
+ disk images, too.
+
+ * A new machines.target unit has been introduced that is
+ supposed to group all containers/VMs invoked as services on
+ the system. systemd-nspawn@.service has been updated to
+ integrate with that.
+
+ * machinectl gained a new "start" command, for invoking a
+ container as a service. "machinectl start foo" is mostly
+ equivalent to "systemctl start systemd-nspawn@foo.service",
+ but handles escaping in a nicer way.
+
+ * systemd-nspawn will now mount most of the cgroupfs tree
+ read-only into each container, with the exception of the
+ container's own subtree in the name=systemd hierarchy.
+
+ * journald now sets the special FS_NOCOW file flag for its
+ journal files. This should improve performance on btrfs, by
+ avoiding heavy fragmentation when journald's write-pattern
+ is used on COW file systems. It degrades btrfs' data
+ integrity guarantees for the files to the same levels as for
+ ext3/ext4 however. This should be OK though as journald does
+ its own data integrity checks and all its objects are
+ checksummed on disk. Also, journald should handle btrfs disk
+ full events a lot more gracefully now, by processing SIGBUS
+ errors, and not relying on fallocate() anymore.
+
+ * When journald detects that journal files it is writing to
+ have been deleted it will immediately start new journal
+ files.
+
+ * systemd now provides a way to store file descriptors
+ per-service in PID 1. This is useful for daemons to ensure
+ that fds they require are not lost during a daemon
+ restart. The fds are passed to the daemon on the next
+ invocation in the same way socket activation fds are
+ passed. This is now used by journald to ensure that the
+ various sockets connected to all the system's stdout/stderr
+ are not lost when journald is restarted. File descriptors
+ may be stored in PID 1 via the sd_pid_notify_with_fds() API,
+ an extension to sd_notify(). Note that a limit is enforced
+ on the number of fds a service can store in PID 1, and it
+ defaults to 0, so that no fds may be stored, unless this is
+ explicitly turned on.
+
+ * The default TERM variable to use for units connected to a
+ terminal, when no other value is explicitly is set is now
+ vt220 rather than vt102. This should be fairly safe still,
+ but allows PgUp/PgDn work.
+
+ * The /etc/crypttab option header= as known from Debian is now
+ supported.
+
+ * "loginctl user-status" and "loginctl session-status" will
+ now show the last 10 lines of log messages of the
+ user/session following the status output. Similar,
+ "machinectl status" will show the last 10 log lines
+ associated with a virtual machine or container
+ service. (Note that this is usually not the log messages
+ done in the VM/container itself, but simply what the
+ container manager logs. For nspawn this includes all console
+ output however.)
+
+ * "loginctl session-status" without further argument will now
+ show the status of the session of the caller. Similar,
+ "lock-session", "unlock-session", "activate",
+ "enable-linger", "disable-linger" may now be called without
+ session/user parameter in which case they apply to the
+ caller's session/user.
+
+ * An X11 session scriptlet is now shipped that uploads
+ $DISPLAY and $XAUTHORITY into the environment of the systemd
+ --user daemon if a session begins. This should improve
+ compatibility with X11 enabled applications run as systemd
+ user services.
+
+ * Generators are now subject to masking via /etc and /run, the
+ same way as unit files.
+
+ * networkd .network files gained support for configuring
+ per-link IPv4/IPv6 packet forwarding as well as IPv4
+ masquerading. This is by default turned on for veth links to
+ containers, as registered by systemd-nspawn. This means that
+ nspawn containers run with --network-veth will now get
+ automatic routed access to the host's networks without any
+ further configuration or setup, as long as networkd runs on
+ the host.
+
+ * systemd-nspawn gained the --port= (-p) switch to expose TCP
+ or UDP posts of a container on the host. With this in place
+ it is possible to run containers with private veth links
+ (--network-veth), and have their functionality exposed on
+ the host as if their services were running directly on the
+ host.
+
+ * systemd-nspawn's --network-veth switch now gained a short
+ version "-n", since with the changes above it is now truly
+ useful out-of-the-box. The systemd-nspawn@.service has been
+ updated to make use of it too by default.
+
+ * systemd-nspawn will now maintain a per-image R/W lock, to
+ ensure that the same image is not started more than once
+ writable. (It's OK to run an image multiple times
+ simultaneously in read-only mode.)
+
+ * systemd-nspawn's --image= option is now capable of
+ dissecting and booting MBR and GPT disk images that contain
+ only a single active Linux partition. Previously it
+ supported only GPT disk images with proper GPT type
+ IDs. This allows running cloud images from major
+ distributions directly with systemd-nspawn, without
+ modification.
+
+ * In addition to collecting mouse dpi data in the udev
+ hardware database, there's now support for collecting angle
+ information for mouse scroll wheels. The database is
+ supposed to guarantee similar scrolling behavior on mice
+ that it knows about. There's also support for collecting
+ information about Touchpad types.
+
+ * udev's input_id built-in will now also collect touch screen
+ dimension data and attach it to probed devices.
+
+ * /etc/os-release gained support for a Distribution Privacy
+ Policy link field.
+
+ * networkd gained support for creating "ipvlan", "gretap",
+ "ip6gre", "ip6gretap" and "ip6tnl" network devices.
+
+ * systemd-tmpfiles gained support for "a" lines for setting
+ ACLs on files.
+
+ * systemd-nspawn will now mount /tmp in the container to
+ tmpfs, automatically.
+
+ * systemd now exposes the memory.usage_in_bytes cgroup
+ attribute and shows it for each service in the "systemctl
+ status" output, if available.
+
+ * When the user presses Ctrl-Alt-Del more than 7x within 2s an
+ immediate reboot is triggered. This useful if shutdown is
+ hung and is unable to complete, to expedite the
+ operation. Note that this kind of reboot will still unmount
+ all file systems, and hence should not result in fsck being
+ run on next reboot.
+
+ * A .device unit for an optical block device will now be
+ considered active only when a medium is in the drive. Also,
+ mount units are now bound to their backing devices thus
+ triggering automatic unmounting when devices become
+ unavailable. With this in place systemd will now
+ automatically unmount left-over mounts when a CD-ROM is
+ ejected or an USB stick is yanked from the system.
+
+ * networkd-wait-online now has support for waiting for
+ specific interfaces only (with globbing), and for giving up
+ after a configurable timeout.
+
+ * networkd now exits when idle. It will be automatically
+ restarted as soon as interfaces show up, are removed or
+ change state. networkd will stay around as long as there is
+ at least one DHCP state machine or similar around, that keep
+ it non-idle.
+
+ * networkd may now configure IPv6 link-local addressing in
+ addition to IPv4 link-local addressing.
+
+ * The IPv6 "token" for use in SLAAC may now be configured for
+ each .network interface in networkd.
+
+ * Routes configured with networkd may now be assigned a scope
+ in .network files.
+
+ * networkd's [Match] sections now support globbing and lists
+ of multiple space-separated matches per item.
+
+ Contributions from: Alban Crequy, Alin Rauta, Andrey Chaser,
+ Bastien Nocera, Bruno Bottazzini, Carlos Garnacho, Carlos
+ Morata Castillo, Chris Atkinson, Chris J. Arges, Christian
+ Kirbach, Christian Seiler, Christoph Brill, Colin Guthrie,
+ Colin Walters, Cristian Rodríguez, Daniele Medri, Daniel Mack,
+ Dave Reisner, David Herrmann, Djalal Harouni, Erik Auerswald,
+ Filipe Brandenburger, Frank Theile, Gabor Kelemen, Gabriel de
+ Perthuis, Harald Hoyer, Hui Wang, Ivan Shapovalov, Jan
+ Engelhardt, Jan Synacek, Jay Faulkner, Johannes Hölzl, Jonas
+ Ådahl, Jonathan Boulle, Josef Andersson, Kay Sievers, Ken
+ Werner, Lennart Poettering, Lucas De Marchi, Lukas Märdian,
+ Lukas Nykryn, Lukasz Skalski, Luke Shumaker, Mantas Mikulėnas,
+ Manuel Mendez, Marcel Holtmann, Marc Schmitzer, Marko
+ Myllynen, Martin Pitt, Maxim Mikityanskiy, Michael Biebl,
+ Michael Marineau, Michael Olbrich, Michal Schmidt, Mindaugas
+ Baranauskas, Moez Bouhlel, Naveen Kumar, Patrik Flykt, Paul
+ Martin, Peter Hutterer, Peter Mattern, Philippe De Swert,
+ Piotr Drąg, Rafael Ferreira, Rami Rosen, Robert Milasan, Ronny
+ Chevalier, Sangjung Woo, Sebastien Bacher, Sergey Ptashnick,
+ Shawn Landden, Stéphane Graber, Susant Sahani, Sylvain
+ Plantefève, Thomas Hindoe Paaboel Andersen, Tim JP, Tom
+ Gundersen, Topi Miettinen, Torstein Husebø, Umut Tezduyar
+ Lindskog, Veres Lajos, Vincent Batts, WaLyong Cho, Wieland
+ Hoffmann, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2015-02-16
+
+CHANGES WITH 218:
+
+ * When querying unit file enablement status (for example via
+ "systemctl is-enabled"), a new state "indirect" is now known
+ which indicates that a unit might not be enabled itself, but
+ another unit listed in its Also= setting might be.
+
+ * Similar to the various existing ConditionXYZ= settings for
+ units, there are now matching AssertXYZ= settings. While
+ failing conditions cause a unit to be skipped, but its job
+ to succeed, failing assertions declared like this will cause
+ a unit start operation and its job to fail.
+
+ * hostnamed now knows a new chassis type "embedded".
+
+ * systemctl gained a new "edit" command. When used on a unit
+ file, this allows extending unit files with .d/ drop-in
+ configuration snippets or editing the full file (after
+ copying it from /usr/lib to /etc). This will invoke the
+ user's editor (as configured with $EDITOR), and reload the
+ modified configuration after editing.
+
+ * "systemctl status" now shows the suggested enablement state
+ for a unit, as declared in the (usually vendor-supplied)
+ system preset files.
+
+ * nss-myhostname will now resolve the single-label host name
+ "gateway" to the locally configured default IP routing
+ gateways, ordered by their metrics. This assigns a stable
+ name to the used gateways, regardless which ones are
+ currently configured. Note that the name will only be
+ resolved after all other name sources (if nss-myhostname is
+ configured properly) and should hence not negatively impact
+ systems that use the single-label host name "gateway" in
+ other contexts.
+
+ * systemd-inhibit now allows filtering by mode when listing
+ inhibitors.
+
+ * Scope and service units gained a new "Delegate" boolean
+ property, which, when set, allows processes running inside the
+ unit to further partition resources. This is primarily
+ useful for systemd user instances as well as container
+ managers.
+
+ * journald will now pick up audit messages directly from
+ the kernel, and log them like any other log message. The
+ audit fields are split up and fully indexed. This means that
+ journalctl in many ways is now a (nicer!) alternative to
+ ausearch, the traditional audit client. Note that this
+ implements only a minimal audit client. If you want the
+ special audit modes like reboot-on-log-overflow, please use
+ the traditional auditd instead, which can be used in
+ parallel to journald.
+
+ * The ConditionSecurity= unit file option now understands the
+ special string "audit" to check whether auditing is
+ available.
+
+ * journalctl gained two new commands --vacuum-size= and
+ --vacuum-time= to delete old journal files until the
+ remaining ones take up no more than the specified size on disk,
+ or are not older than the specified time.
+
+ * A new, native PPPoE library has been added to sd-network,
+ systemd's library of light-weight networking protocols. This
+ library will be used in a future version of networkd to
+ enable PPPoE communication without an external pppd daemon.
+
+ * The busctl tool now understands a new "capture" verb that
+ works similar to "monitor", but writes a packet capture
+ trace to STDOUT that can be redirected to a file which is
+ compatible with libcap's capture file format. This can then
+ be loaded in Wireshark and similar tools to inspect bus
+ communication.
+
+ * The busctl tool now understands a new "tree" verb that shows
+ the object trees of a specific service on the bus, or of all
+ services.
+
+ * The busctl tool now understands a new "introspect" verb that
+ shows all interfaces and members of objects on the bus,
+ including their signature and values. This is particularly
+ useful to get more information about bus objects shown by
+ the new "busctl tree" command.
+
+ * The busctl tool now understands new verbs "call",
+ "set-property" and "get-property" for invoking bus method
+ calls, setting and getting bus object properties in a
+ friendly way.
+
+ * busctl gained a new --augment-creds= argument that controls
+ whether the tool shall augment credential information it
+ gets from the bus with data from /proc, in a possibly
+ race-ful way.
+
+ * nspawn's --link-journal= switch gained two new values
+ "try-guest" and "try-host" that work like "guest" and
+ "host", but do not fail if the host has no persistent
+ journalling enabled. -j is now equivalent to
+ --link-journal=try-guest.
+
+ * macvlan network devices created by nspawn will now have
+ stable MAC addresses.
+
+ * A new SmackProcessLabel= unit setting has been added, which
+ controls the SMACK security label processes forked off by
+ the respective unit shall use.
+
+ * If compiled with --enable-xkbcommon, systemd-localed will
+ verify x11 keymap settings by compiling the given keymap. It
+ will spew out warnings if the compilation fails. This
+ requires libxkbcommon to be installed.
+
+ * When a coredump is collected, a larger number of metadata
+ fields is now collected and included in the journal records
+ created for it. More specifically, control group membership,
+ environment variables, memory maps, working directory,
+ chroot directory, /proc/$PID/status, and a list of open file
+ descriptors is now stored in the log entry.
+
+ * The udev hwdb now contains DPI information for mice. For
+ details see:
+
+ http://who-t.blogspot.de/2014/12/building-a-dpi-database-for-mice.html
+
+ * All systemd programs that read standalone configuration
+ files in /etc now also support a corresponding series of
+ .conf.d configuration directories in /etc/, /run/,
+ /usr/local/lib/, /usr/lib/, and (if configured with
+ --enable-split-usr) /lib/. In particular, the following
+ configuration files now have corresponding configuration
+ directories: system.conf user.conf, logind.conf,
+ journald.conf, sleep.conf, bootchart.conf, coredump.conf,
+ resolved.conf, timesyncd.conf, journal-remote.conf, and
+ journal-upload.conf. Note that distributions should use the
+ configuration directories in /usr/lib/; the directories in
+ /etc/ are reserved for the system administrator.
+
+ * systemd-rfkill will no longer take the rfkill device name
+ into account when storing rfkill state on disk, as the name
+ might be dynamically assigned and not stable. Instead, the
+ ID_PATH udev variable combined with the rfkill type (wlan,
+ bluetooth, ...) is used.
+
+ * A new service systemd-machine-id-commit.service has been
+ added. When used on systems where /etc is read-only during
+ boot, and /etc/machine-id is not initialized (but an empty
+ file), this service will copy the temporary machine ID
+ created as replacement into /etc after the system is fully
+ booted up. This is useful for systems that are freshly
+ installed with a non-initialized machine ID, but should get
+ a fixed machine ID for subsequent boots.
+
+ * networkd's .netdev files now provide a large set of
+ configuration parameters for VXLAN devices. Similarly, the
+ bridge port cost parameter is now configurable in .network
+ files. There's also new support for configuring IP source
+ routing. networkd .link files gained support for a new
+ OriginalName= match that is useful to match against the
+ original interface name the kernel assigned. .network files
+ may include MTU= and MACAddress= fields for altering the MTU
+ and MAC address while being connected to a specific network
+ interface.
+
+ * The LUKS logic gained supported for configuring
+ UUID-specific key files. There's also new support for naming
+ LUKS device from the kernel command line, using the new
+ luks.name= argument.
+
+ * Timer units may now be transiently created via the bus API
+ (this was previously already available for scope and service
+ units). In addition it is now possible to create multiple
+ transient units at the same time with a single bus call. The
+ "systemd-run" tool has been updated to make use of this for
+ running commands on a specified time, in at(1)-style.
+
+ * tmpfiles gained support for "t" lines, for assigning
+ extended attributes to files. Among other uses this may be
+ used to assign SMACK labels to files.
+
+ Contributions from: Alin Rauta, Alison Chaiken, Andrej
+ Manduch, Bastien Nocera, Chris Atkinson, Chris Leech, Chris
+ Mayo, Colin Guthrie, Colin Walters, Cristian Rodríguez,
+ Daniele Medri, Daniel Mack, Dan Williams, Dan Winship, Dave
+ Reisner, David Herrmann, Didier Roche, Felipe Sateler, Gavin
+ Li, Hans de Goede, Harald Hoyer, Iago López Galeiras, Ivan
+ Shapovalov, Jakub Filak, Jan Janssen, Jan Synacek, Joe
+ Lawrence, Josh Triplett, Kay Sievers, Lennart Poettering,
+ Lukas Nykryn, Łukasz Stelmach, Maciej Wereski, Mantas
+ Mikulėnas, Marcel Holtmann, Martin Pitt, Maurizio Lombardi,
+ Michael Biebl, Michael Chapman, Michael Marineau, Michal
+ Schmidt, Michal Sekletar, Olivier Brunel, Patrik Flykt, Peter
+ Hutterer, Przemyslaw Kedzierski, Rami Rosen, Ray Strode,
+ Richard Schütz, Richard W.M. Jones, Ronny Chevalier, Ross
+ Lagerwall, Sean Young, Stanisław Pitucha, Susant Sahani,
+ Thomas Haller, Thomas Hindoe Paaboel Andersen, Tom Gundersen,
+ Torstein Husebø, Umut Tezduyar Lindskog, Vicente Olivert
+ Riera, WaLyong Cho, Wesley Dawson, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2014-12-10
+
+CHANGES WITH 217:
+
+ * journalctl gained the new options -t/--identifier= to match
+ on the syslog identifier (aka "tag"), as well as --utc to
+ show log timestamps in the UTC timezone. journalctl now also
+ accepts -n/--lines=all to disable line capping in a pager.
+
+ * journalctl gained a new switch, --flush, that synchronously
+ flushes logs from /run/log/journal to /var/log/journal if
+ persistent storage is enabled. systemd-journal-flush.service
+ now waits until the operation is complete.
+
+ * Services can notify the manager before they start a reload
+ (by sending RELOADING=1) or shutdown (by sending
+ STOPPING=1). This allows the manager to track and show the
+ internal state of daemons and closes a race condition when
+ the process is still running but has closed its D-Bus
+ connection.
+
+ * Services with Type=oneshot do not have to have any ExecStart
+ commands anymore.
+
+ * User units are now loaded also from
+ $XDG_RUNTIME_DIR/systemd/user/. This is similar to the
+ /run/systemd/user directory that was already previously
+ supported, but is under the control of the user.
+
+ * Job timeouts (i.e. timeouts on the time a job that is
+ queued stays in the run queue) can now optionally result in
+ immediate reboot or power-off actions (JobTimeoutAction= and
+ JobTimeoutRebootArgument=). This is useful on ".target"
+ units, to limit the maximum time a target remains
+ undispatched in the run queue, and to trigger an emergency
+ operation in such a case. This is now used by default to
+ turn off the system if boot-up (as defined by everything in
+ basic.target) hangs and does not complete for at least
+ 15min. Also, if power-off or reboot hang for at least 30min
+ an immediate power-off/reboot operation is triggered. This
+ functionality is particularly useful to increase reliability
+ on embedded devices, but also on laptops which might
+ accidentally get powered on when carried in a backpack and
+ whose boot stays stuck in a hard disk encryption passphrase
+ question.
+
+ * systemd-logind can be configured to also handle lid switch
+ events even when the machine is docked or multiple displays
+ are attached (HandleLidSwitchDocked= option).
+
+ * A helper binary and a service have been added which can be
+ used to resume from hibernation in the initramfs. A
+ generator will parse the resume= option on the kernel
+ command line to trigger resume.
+
+ * A user console daemon systemd-consoled has been
+ added. Currently, it is a preview, and will so far open a
+ single terminal on each session of the user marked as
+ Desktop=systemd-console.
+
+ * Route metrics can be specified for DHCP routes added by
+ systemd-networkd.
+
+ * The SELinux context of socket-activated services can be set
+ from the information provided by the networking stack
+ (SELinuxContextFromNet= option).
+
+ * Userspace firmware loading support has been removed and
+ the minimum supported kernel version is thus bumped to 3.7.
+
+ * Timeout for udev workers has been increased from 1 to 3
+ minutes, but a warning will be printed after 1 minute to
+ help diagnose kernel modules that take a long time to load.
+
+ * Udev rules can now remove tags on devices with TAG-="foobar".
+
+ * systemd's readahead implementation has been removed. In many
+ circumstances it didn't give expected benefits even for
+ rotational disk drives and was becoming less relevant in the
+ age of SSDs. As none of the developers has been using
+ rotating media anymore, and nobody stepped up to actively
+ maintain this component of systemd it has now been removed.
+
+ * Swap units can use Options= to specify discard options.
+ Discard options specified for swaps in /etc/fstab are now
+ respected.
+
+ * Docker containers are now detected as a separate type of
+ virtualization.
+
+ * The Password Agent protocol gained support for queries where
+ the user input is shown, useful e.g. for user names.
+ systemd-ask-password gained a new --echo option to turn that
+ on.
+
+ * The default sysctl.d/ snippets will now set:
+
+ net.core.default_qdisc = fq_codel
+
+ This selects Fair Queuing Controlled Delay as the default
+ queuing discipline for network interfaces. fq_codel helps
+ fight the network bufferbloat problem. It is believed to be
+ a good default with no tuning required for most workloads.
+ Downstream distributions may override this choice. On 10Gbit
+ servers that do not do forwarding, "fq" may perform better.
+ Systems without a good clocksource should use "pfifo_fast".
+
+ * If kdbus is enabled during build a new option BusPolicy= is
+ available for service units, that allows locking all service
+ processes into a stricter bus policy, in order to limit
+ access to various bus services, or even hide most of them
+ from the service's view entirely.
+
+ * networkctl will now show the .network and .link file
+ networkd has applied to a specific interface.
+
+ * sd-login gained a new API call sd_session_get_desktop() to
+ query which desktop environment has been selected for a
+ session.
+
+ * UNIX utmp support is now compile-time optional to support
+ legacy-free systems.
+
+ * systemctl gained two new commands "add-wants" and
+ "add-requires" for pulling in units from specific targets
+ easily.
+
+ * If the word "rescue" is specified on the kernel command line
+ the system will now boot into rescue mode (aka
+ rescue.target), which was previously available only by
+ specifying "1" or "systemd.unit=rescue.target" on the kernel
+ command line. This new kernel command line option nicely
+ mirrors the already existing "emergency" kernel command line
+ option.
+
+ * New kernel command line options mount.usr=, mount.usrflags=,
+ mount.usrfstype= have been added that match root=, rootflags=,
+ rootfstype= but allow mounting a specific file system to
+ /usr.
+
+ * The $NOTIFY_SOCKET is now also passed to control processes of
+ services, not only the main process.
+
+ * This version reenables support for fsck's -l switch. This
+ means at least version v2.25 of util-linux is required for
+ operation, otherwise dead-locks on device nodes may
+ occur. Again: you need to update util-linux to at least
+ v2.25 when updating systemd to v217.
+
+ * The "multi-seat-x" tool has been removed from systemd, as
+ its functionality has been integrated into X servers 1.16,
+ and the tool is hence redundant. It is recommended to update
+ display managers invoking this tool to simply invoke X
+ directly from now on, again.
+
+ * Support for the new ALLOW_INTERACTIVE_AUTHORIZATION D-Bus
+ message flag has been added for all of systemd's polkit
+ authenticated method calls has been added. In particular this
+ now allows optional interactive authorization via polkit for
+ many of PID1's privileged operations such as unit file
+ enabling and disabling.
+
+ * "udevadm hwdb --update" learnt a new switch "--usr" for
+ placing the rebuilt hardware database in /usr instead of
+ /etc. When used only hardware database entries stored in
+ /usr will be used, and any user database entries in /etc are
+ ignored. This functionality is useful for vendors to ship a
+ pre-built database on systems where local configuration is
+ unnecessary or unlikely.
+
+ * Calendar time specifications in .timer units now also
+ understand the strings "semi-annually", "quarterly" and
+ "minutely" as shortcuts (in addition to the preexisting
+ "anually", "hourly", ...).
+
+ * systemd-tmpfiles will now correctly create files in /dev
+ at boot which are marked for creation only at boot. It is
+ recommended to always create static device nodes with 'c!'
+ and 'b!', so that they are created only at boot and not
+ overwritten at runtime.
+
+ * When the watchdog logic is used for a service (WatchdogSec=)
+ and the watchdog timeout is hit the service will now be
+ terminated with SIGABRT (instead of just SIGTERM), in order
+ to make sure a proper coredump and backtrace is
+ generated. This ensures that hanging services will result in
+ similar coredump/backtrace behaviour as services that hit a
+ segmentation fault.
+
+ Contributions from: Andreas Henriksson, Andrei Borzenkov,
+ Angus Gibson, Ansgar Burchardt, Ben Wolsieffer, Brandon L.
+ Black, Christian Hesse, Cristian Rodríguez, Daniel Buch,
+ Daniele Medri, Daniel Mack, Dan Williams, Dave Reisner, David
+ Herrmann, David Sommerseth, David Strauss, Emil Renner
+ Berthing, Eric Cook, Evangelos Foutras, Filipe Brandenburger,
+ Gustavo Sverzut Barbieri, Hans de Goede, Harald Hoyer, Hristo
+ Venev, Hugo Grostabussiat, Ivan Shapovalov, Jan Janssen, Jan
+ Synacek, Jonathan Liu, Juho Son, Karel Zak, Kay Sievers, Klaus
+ Purer, Koen Kooi, Lennart Poettering, Lukas Nykryn, Lukasz
+ Skalski, Łukasz Stelmach, Mantas Mikulėnas, Marcel Holtmann,
+ Marius Tessmann, Marko Myllynen, Martin Pitt, Michael Biebl,
+ Michael Marineau, Michael Olbrich, Michael Scherer, Michal
+ Schmidt, Michal Sekletar, Miroslav Lichvar, Patrik Flykt,
+ Philippe De Swert, Piotr Drąg, Rahul Sundaram, Richard
+ Weinberger, Robert Milasan, Ronny Chevalier, Ruben Kerkhof,
+ Santiago Vila, Sergey Ptashnick, Simon McVittie, Sjoerd
+ Simons, Stefan Brüns, Steven Allen, Steven Noonan, Susant
+ Sahani, Sylvain Plantefève, Thomas Hindoe Paaboel Andersen,
+ Timofey Titovets, Tobias Hunger, Tom Gundersen, Torstein
+ Husebø, Umut Tezduyar Lindskog, WaLyong Cho, Zbigniew
+ Jędrzejewski-Szmek
+
+ — Berlin, 2014-10-28
+
+CHANGES WITH 216:
+
+ * timedated no longer reads NTP implementation unit names from
+ /usr/lib/systemd/ntp-units.d/*.list. Alternative NTP
+ implementations should add a
+
+ Conflicts=systemd-timesyncd.service
+
+ to their unit files to take over and replace systemd's NTP
+ default functionality.
+
+ * systemd-sysusers gained a new line type "r" for configuring
+ which UID/GID ranges to allocate system users/groups
+ from. Lines of type "u" may now add an additional column
+ that specifies the home directory for the system user to be
+ created. Also, systemd-sysusers may now optionally read user
+ information from STDIN instead of a file. This is useful for
+ invoking it from RPM preinst scriptlets that need to create
+ users before the first RPM file is installed since these
+ files might need to be owned by them. A new
+ %sysusers_create_inline RPM macro has been introduced to do
+ just that. systemd-sysusers now updates the shadow files as
+ well as the user/group databases, which should enhance
+ compatibility with certain tools like grpck.
+
+ * A number of bus APIs of PID 1 now optionally consult polkit to
+ permit access for otherwise unprivileged clients under certain
+ conditions. Note that this currently doesn't support
+ interactive authentication yet, but this is expected to be
+ added eventually, too.
+
+ * /etc/machine-info now has new fields for configuring the
+ deployment environment of the machine, as well as the
+ location of the machine. hostnamectl has been updated with
+ new command to update these fields.
+
+ * systemd-timesyncd has been updated to automatically acquire
+ NTP server information from systemd-networkd, which might
+ have been discovered via DHCP.
+
+ * systemd-resolved now includes a caching DNS stub resolver
+ and a complete LLMNR name resolution implementation. A new
+ NSS module "nss-resolve" has been added which can be used
+ instead of glibc's own "nss-dns" to resolve hostnames via
+ systemd-resolved. Hostnames, addresses and arbitrary RRs may
+ be resolved via systemd-resolved D-Bus APIs. In contrast to
+ the glibc internal resolver systemd-resolved is aware of
+ multi-homed system, and keeps DNS server and caches separate
+ and per-interface. Queries are sent simultaneously on all
+ interfaces that have DNS servers configured, in order to
+ properly handle VPNs and local LANs which might resolve
+ separate sets of domain names. systemd-resolved may acquire
+ DNS server information from systemd-networkd automatically,
+ which in turn might have discovered them via DHCP. A tool
+ "systemd-resolve-host" has been added that may be used to
+ query the DNS logic in resolved. systemd-resolved implements
+ IDNA and automatically uses IDNA or UTF-8 encoding depending
+ on whether classic DNS or LLMNR is used as transport. In the
+ next releases we intend to add a DNSSEC and mDNS/DNS-SD
+ implementation to systemd-resolved.
+
+ * A new NSS module nss-mymachines has been added, that
+ automatically resolves the names of all local registered
+ containers to their respective IP addresses.
+
+ * A new client tool "networkctl" for systemd-networkd has been
+ added. It currently is entirely passive and will query
+ networking configuration from udev, rtnetlink and networkd,
+ and present it to the user in a very friendly
+ way. Eventually, we hope to extend it to become a full
+ control utility for networkd.
+
+ * .socket units gained a new DeferAcceptSec= setting that
+ controls the kernels' TCP_DEFER_ACCEPT sockopt for
+ TCP. Similarly, support for controlling TCP keep-alive
+ settings has been added (KeepAliveTimeSec=,
+ KeepAliveIntervalSec=, KeepAliveProbes=). Also, support for
+ turning off Nagle's algorithm on TCP has been added
+ (NoDelay=).
+
+ * logind learned a new session type "web", for use in projects
+ like Cockpit which register web clients as PAM sessions.
+
+ * timer units with at least one OnCalendar= setting will now
+ be started only after time-sync.target has been
+ reached. This way they will not elapse before the system
+ clock has been corrected by a local NTP client or
+ similar. This is particular useful on RTC-less embedded
+ machines, that come up with an invalid system clock.
+
+ * systemd-nspawn's --network-veth= switch should now result in
+ stable MAC addresses for both the outer and the inner side
+ of the link.
+
+ * systemd-nspawn gained a new --volatile= switch for running
+ container instances with /etc or /var unpopulated.
+
+ * The kdbus client code has been updated to use the new Linux
+ 3.17 memfd subsystem instead of the old kdbus-specific one.
+
+ * systemd-networkd's DHCP client and server now support
+ FORCERENEW. There are also new configuration options to
+ configure the vendor client identifier and broadcast mode
+ for DHCP.
+
+ * systemd will no longer inform the kernel about the current
+ timezone, as this is necessarily incorrect and racy as the
+ kernel has no understanding of DST and similar
+ concepts. This hence means FAT timestamps will be always
+ considered UTC, similar to what Android is already
+ doing. Also, when the RTC is configured to the local time
+ (rather than UTC) systemd will never synchronize back to it,
+ as this might confuse Windows at a later boot.
+
+ * systemd-analyze gained a new command "verify" for offline
+ validation of unit files.
+
+ * systemd-networkd gained support for a couple of additional
+ settings for bonding networking setups. Also, the metric for
+ statically configured routes may now be configured. For
+ network interfaces where this is appropriate the peer IP
+ address may now be configured.
+
+ * systemd-networkd's DHCP client will no longer request
+ broadcasting by default, as this tripped up some networks.
+ For hardware where broadcast is required the feature should
+ be switched back on using RequestBroadcast=yes.
+
+ * systemd-networkd will now set up IPv4LL addresses (when
+ enabled) even if DHCP is configured successfully.
+
+ * udev will now default to respect network device names given
+ by the kernel when the kernel indicates that these are
+ predictable. This behavior can be tweaked by changing
+ NamePolicy= in the relevant .link file.
+
+ * A new library systemd-terminal has been added that
+ implements full TTY stream parsing and rendering. This
+ library is supposed to be used later on for implementing a
+ full userspace VT subsystem, replacing the current kernel
+ implementation.
+
+ * A new tool systemd-journal-upload has been added to push
+ journal data to a remote system running
+ systemd-journal-remote.
+
+ * journald will no longer forward all local data to another
+ running syslog daemon. This change has been made because
+ rsyslog (which appears to be the most commonly used syslog
+ implementation these days) no longer makes use of this, and
+ instead pulls the data out of the journal on its own. Since
+ forwarding the messages to a non-existent syslog server is
+ more expensive than we assumed we have now turned this
+ off. If you run a syslog server that is not a recent rsyslog
+ version, you have to turn this option on again
+ (ForwardToSyslog= in journald.conf).
+
+ * journald now optionally supports the LZ4 compressor for
+ larger journal fields. This compressor should perform much
+ better than XZ which was the previous default.
+
+ * machinectl now shows the IP addresses of local containers,
+ if it knows them, plus the interface name of the container.
+
+ * A new tool "systemd-escape" has been added that makes it
+ easy to escape strings to build unit names and similar.
+
+ * sd_notify() messages may now include a new ERRNO= field
+ which is parsed and collected by systemd and shown among the
+ "systemctl status" output for a service.
+
+ * A new component "systemd-firstboot" has been added that
+ queries the most basic systemd information (timezone,
+ hostname, root password) interactively on first
+ boot. Alternatively it may also be used to provision these
+ things offline on OS images installed into directories.
+
+ * The default sysctl.d/ snippets will now set
+
+ net.ipv4.conf.default.promote_secondaries=1
+
+ This has the benefit of no flushing secondary IP addresses
+ when primary addresses are removed.
+
+ Contributions from: Ansgar Burchardt, Bastien Nocera, Colin
+ Walters, Dan Dedrick, Daniel Buch, Daniel Korostil, Daniel
+ Mack, Dan Williams, Dave Reisner, David Herrmann, Denis
+ Kenzior, Eelco Dolstra, Eric Cook, Hannes Reinecke, Harald
+ Hoyer, Hong Shick Pak, Hui Wang, Jean-André Santoni, Jóhann
+ B. Guðmundsson, Jon Severinsson, Karel Zak, Kay Sievers, Kevin
+ Wells, Lennart Poettering, Lukas Nykryn, Mantas Mikulėnas,
+ Marc-Antoine Perennou, Martin Pitt, Michael Biebl, Michael
+ Marineau, Michael Olbrich, Michal Schmidt, Michal Sekletar,
+ Miguel Angel Ajo, Mike Gilbert, Olivier Brunel, Robert
+ Schiele, Ronny Chevalier, Simon McVittie, Sjoerd Simons, Stef
+ Walter, Steven Noonan, Susant Sahani, Tanu Kaskinen, Thomas
+ Blume, Thomas Hindoe Paaboel Andersen, Timofey Titovets,
+ Tobias Geerinckx-Rice, Tomasz Torcz, Tom Gundersen, Umut
+ Tezduyar Lindskog, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2014-08-19
+
+CHANGES WITH 215:
+
+ * A new tool systemd-sysusers has been added. This tool
+ creates system users and groups in /etc/passwd and
+ /etc/group, based on static declarative system user/group
+ definitions in /usr/lib/sysusers.d/. This is useful to
+ enable factory resets and volatile systems that boot up with
+ an empty /etc directory, and thus need system users and
+ groups created during early boot. systemd now also ships
+ with two default sysusers.d/ files for the most basic
+ users and groups systemd and the core operating system
+ require.
+
+ * A new tmpfiles snippet has been added that rebuilds the
+ essential files in /etc on boot, should they be missing.
+
+ * A directive for ensuring automatic clean-up of
+ /var/cache/man/ has been removed from the default
+ configuration. This line should now be shipped by the man
+ implementation. The necessary change has been made to the
+ man-db implementation. Note that you need to update your man
+ implementation to one that ships this line, otherwise no
+ automatic clean-up of /var/cache/man will take place.
+
+ * A new condition ConditionNeedsUpdate= has been added that
+ may conditionalize services to only run when /etc or /var
+ are "older" than the vendor operating system resources in
+ /usr. This is useful for reconstructing or updating /etc
+ after an offline update of /usr or a factory reset, on the
+ next reboot. Services that want to run once after such an
+ update or reset should use this condition and order
+ themselves before the new systemd-update-done.service, which
+ will mark the two directories as fully updated. A number of
+ service files have been added making use of this, to rebuild
+ the udev hardware database, the journald message catalog and
+ dynamic loader cache (ldconfig). The systemd-sysusers tool
+ described above also makes use of this now. With this in
+ place it is now possible to start up a minimal operating
+ system with /etc empty cleanly. For more information on the
+ concepts involved see this recent blog story:
+
+ http://0pointer.de/blog/projects/stateless.html
+
+ * A new system group "input" has been introduced, and all
+ input device nodes get this group assigned. This is useful
+ for system-level software to get access to input devices. It
+ complements what is already done for "audio" and "video".
+
+ * systemd-networkd learnt minimal DHCPv4 server support in
+ addition to the existing DHCPv4 client support. It also
+ learnt DHCPv6 client and IPv6 Router Solicitation client
+ support. The DHCPv4 client gained support for static routes
+ passed in from the server. Note that the [DHCPv4] section
+ known in older systemd-networkd versions has been renamed to
+ [DHCP] and is now also used by the DHCPv6 client. Existing
+ .network files using settings of this section should be
+ updated, though compatibility is maintained. Optionally, the
+ client hostname may now be sent to the DHCP server.
+
+ * networkd gained support for vxlan virtual networks as well
+ as tun/tap and dummy devices.
+
+ * networkd gained support for automatic allocation of address
+ ranges for interfaces from a system-wide pool of
+ addresses. This is useful for dynamically managing a large
+ number of interfaces with a single network configuration
+ file. In particular this is useful to easily assign
+ appropriate IP addresses to the veth links of a large number
+ of nspawn instances.
+
+ * RPM macros for processing sysusers, sysctl and binfmt
+ drop-in snippets at package installation time have been
+ added.
+
+ * The /etc/os-release file should now be placed in
+ /usr/lib/os-release. The old location is automatically
+ created as symlink. /usr/lib is the more appropriate
+ location of this file, since it shall actually describe the
+ vendor operating system shipped in /usr, and not the
+ configuration stored in /etc.
+
+ * .mount units gained a new boolean SloppyOptions= setting
+ that maps to mount(8)'s -s option which enables permissive
+ parsing of unknown mount options.
+
+ * tmpfiles learnt a new "L+" directive which creates a symlink
+ but (unlike "L") deletes a pre-existing file first, should
+ it already exist and not already be the correct
+ symlink. Similarly, "b+", "c+" and "p+" directives have been
+ added as well, which create block and character devices, as
+ well as fifos in the filesystem, possibly removing any
+ pre-existing files of different types.
+
+ * For tmpfiles' "L", "L+", "C" and "C+" directives the final
+ 'argument' field (which so far specified the source to
+ symlink/copy the files from) is now optional. If omitted the
+ same file os copied from /usr/share/factory/ suffixed by the
+ full destination path. This is useful for populating /etc
+ with essential files, by copying them from vendor defaults
+ shipped in /usr/share/factory/etc.
+
+ * A new command "systemctl preset-all" has been added that
+ applies the service preset settings to all installed unit
+ files. A new switch --preset-mode= has been added that
+ controls whether only enable or only disable operations
+ shall be executed.
+
+ * A new command "systemctl is-system-running" has been added
+ that allows checking the overall state of the system, for
+ example whether it is fully up and running.
+
+ * When the system boots up with an empty /etc, the equivalent
+ to "systemctl preset-all" is executed during early boot, to
+ make sure all default services are enabled after a factory
+ reset.
+
+ * systemd now contains a minimal preset file that enables the
+ most basic services systemd ships by default.
+
+ * Unit files' [Install] section gained a new DefaultInstance=
+ field for defining the default instance to create if a
+ template unit is enabled with no instance specified.
+
+ * A new passive target cryptsetup-pre.target has been added
+ that may be used by services that need to make they run and
+ finish before the first LUKS cryptographic device is set up.
+
+ * The /dev/loop-control and /dev/btrfs-control device nodes
+ are now owned by the "disk" group by default, opening up
+ access to this group.
+
+ * systemd-coredump will now automatically generate a
+ stack trace of all core dumps taking place on the system,
+ based on elfutils' libdw library. This stack trace is logged
+ to the journal.
+
+ * systemd-coredump may now optionally store coredumps directly
+ on disk (in /var/lib/systemd/coredump, possibly compressed),
+ instead of storing them unconditionally in the journal. This
+ mode is the new default. A new configuration file
+ /etc/systemd/coredump.conf has been added to configure this
+ and other parameters of systemd-coredump.
+
+ * coredumpctl gained a new "info" verb to show details about a
+ specific coredump. A new switch "-1" has also been added
+ that makes sure to only show information about the most
+ recent entry instead of all entries. Also, as the tool is
+ generally useful now the "systemd-" prefix of the binary
+ name has been removed. Distributions that want to maintain
+ compatibility with the old name should add a symlink from
+ the old name to the new name.
+
+ * journald's SplitMode= now defaults to "uid". This makes sure
+ that unprivileged users can access their own coredumps with
+ coredumpctl without restrictions.
+
+ * New kernel command line options "systemd.wants=" (for
+ pulling an additional unit during boot), "systemd.mask="
+ (for masking a specific unit for the boot), and
+ "systemd.debug-shell" (for enabling the debug shell on tty9)
+ have been added. This is implemented in the new generator
+ "systemd-debug-generator".
+
+ * systemd-nspawn will now by default filter a couple of
+ syscalls for containers, among them those required for
+ kernel module loading, direct x86 IO port access, swap
+ management, and kexec. Most importantly though
+ open_by_handle_at() is now prohibited for containers,
+ closing a hole similar to a recently discussed vulnerability
+ in docker regarding access to files on file hierarchies the
+ container should normally not have access to. Note that, for
+ nspawn, we generally make no security claims anyway (and
+ this is explicitly documented in the man page), so this is
+ just a fix for one of the most obvious problems.
+
+ * A new man page file-hierarchy(7) has been added that
+ contains a minimized, modernized version of the file system
+ layout systemd expects, similar in style to the FHS
+ specification or hier(5). A new tool systemd-path(1) has
+ been added to query many of these paths for the local
+ machine and user.
+
+ * Automatic time-based clean-up of $XDG_RUNTIME_DIR is no
+ longer done. Since the directory now has a per-user size
+ limit, and is cleaned on logout this appears unnecessary,
+ in particular since this now brings the lifecycle of this
+ directory closer in line with how IPC objects are handled.
+
+ * systemd.pc now exports a number of additional directories,
+ including $libdir (which is useful to identify the library
+ path for the primary architecture of the system), and a
+ couple of drop-in directories.
+
+ * udev's predictable network interface names now use the dev_port
+ sysfs attribute, introduced in linux 3.15 instead of dev_id to
+ distinguish between ports of the same PCI function. dev_id should
+ only be used for ports using the same HW address, hence the need
+ for dev_port.
+
+ * machined has been updated to export the OS version of a
+ container (read from /etc/os-release and
+ /usr/lib/os-release) on the bus. This is now shown in
+ "machinectl status" for a machine.
+
+ * A new service setting RestartForceExitStatus= has been
+ added. If configured to a set of exit signals or process
+ return values, the service will be restarted when the main
+ daemon process exits with any of them, regardless of the
+ Restart= setting.
+
+ * systemctl's -H switch for connecting to remote systemd
+ machines has been extended so that it may be used to
+ directly connect to a specific container on the
+ host. "systemctl -H root@foobar:waldi" will now connect as
+ user "root" to host "foobar", and then proceed directly to
+ the container named "waldi". Note that currently you have to
+ authenticate as user "root" for this to work, as entering
+ containers is a privileged operation.
+
+ Contributions from: Andreas Henriksson, Benjamin Steinwender,
+ Carl Schaefer, Christian Hesse, Colin Ian King, Cristian
+ Rodríguez, Daniel Mack, Dave Reisner, David Herrmann, Eugene
+ Yakubovich, Filipe Brandenburger, Frederic Crozat, Hristo
+ Venev, Jan Engelhardt, Jonathan Boulle, Kay Sievers, Lennart
+ Poettering, Luke Shumaker, Mantas Mikulėnas, Marc-Antoine
+ Perennou, Marcel Holtmann, Michael Marineau, Michael Olbrich,
+ Michał Bartoszkiewicz, Michal Sekletar, Patrik Flykt, Ronan Le
+ Martret, Ronny Chevalier, Ruediger Oertel, Steven Noonan,
+ Susant Sahani, Thadeu Lima de Souza Cascardo, Thomas Hindoe
+ Paaboel Andersen, Tom Gundersen, Tom Hirst, Umut Tezduyar
+ Lindskog, Uoti Urpala, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2014-07-03
+
+CHANGES WITH 214:
+
+ * As an experimental feature, udev now tries to lock the
+ disk device node (flock(LOCK_SH|LOCK_NB)) while it
+ executes events for the disk or any of its partitions.
+ Applications like partitioning programs can lock the
+ disk device node (flock(LOCK_EX)) and claim temporary
+ device ownership that way; udev will entirely skip all event
+ handling for this disk and its partitions. If the disk
+ was opened for writing, the close will trigger a partition
+ table rescan in udev's "watch" facility, and if needed
+ synthesize "change" events for the disk and all its partitions.
+ This is now unconditionally enabled, and if it turns out to
+ cause major problems, we might turn it on only for specific
+ devices, or might need to disable it entirely. Device Mapper
+ devices are excluded from this logic.
+
+ * We temporarily dropped the "-l" switch for fsck invocations,
+ since they collide with the flock() logic above. util-linux
+ upstream has been changed already to avoid this conflict,
+ and we will readd "-l" as soon as util-linux with this
+ change has been released.
+
+ * The dependency on libattr has been removed. Since a long
+ time, the extended attribute calls have moved to glibc, and
+ libattr is thus unnecessary.
+
+ * Virtualization detection works without privileges now. This
+ means the systemd-detect-virt binary no longer requires
+ CAP_SYS_PTRACE file capabilities, and our daemons can run
+ with fewer privileges.
+
+ * systemd-networkd now runs under its own "systemd-network"
+ user. It retains the CAP_NET_ADMIN, CAP_NET_BIND_SERVICE,
+ CAP_NET_BROADCAST, CAP_NET_RAW capabilities though, but
+ loses the ability to write to files owned by root this way.
+
+ * Similarly, systemd-resolved now runs under its own
+ "systemd-resolve" user with no capabilities remaining.
+
+ * Similarly, systemd-bus-proxyd now runs under its own
+ "systemd-bus-proxy" user with only CAP_IPC_OWNER remaining.
+
+ * systemd-networkd gained support for setting up "veth"
+ virtual Ethernet devices for container connectivity, as well
+ as GRE and VTI tunnels.
+
+ * systemd-networkd will no longer automatically attempt to
+ manually load kernel modules necessary for certain tunnel
+ transports. Instead, it is assumed the kernel loads them
+ automatically when required. This only works correctly on
+ very new kernels. On older kernels, please consider adding
+ the kernel modules to /etc/modules-load.d/ as a work-around.
+
+ * The resolv.conf file systemd-resolved generates has been
+ moved to /run/systemd/resolve/. If you have a symlink from
+ /etc/resolv.conf, it might be necessary to correct it.
+
+ * Two new service settings, ProtectHome= and ProtectSystem=,
+ have been added. When enabled, they will make the user data
+ (such as /home) inaccessible or read-only and the system
+ (such as /usr) read-only, for specific services. This allows
+ very light-weight per-service sandboxing to avoid
+ modifications of user data or system files from
+ services. These two new switches have been enabled for all
+ of systemd's long-running services, where appropriate.
+
+ * Socket units gained new SocketUser= and SocketGroup=
+ settings to set the owner user and group of AF_UNIX sockets
+ and FIFOs in the file system.
+
+ * Socket units gained a new RemoveOnStop= setting. If enabled,
+ all FIFOS and sockets in the file system will be removed
+ when the specific socket unit is stopped.
+
+ * Socket units gained a new Symlinks= setting. It takes a list
+ of symlinks to create to file system sockets or FIFOs
+ created by the specific Unix sockets. This is useful to
+ manage symlinks to socket nodes with the same life-cycle as
+ the socket itself.
+
+ * The /dev/log socket and /dev/initctl FIFO have been moved to
+ /run, and have been replaced by symlinks. This allows
+ connecting to these facilities even if PrivateDevices=yes is
+ used for a service (which makes /dev/log itself unavailable,
+ but /run is left). This also has the benefit of ensuring
+ that /dev only contains device nodes, directories and
+ symlinks, and nothing else.
+
+ * sd-daemon gained two new calls sd_pid_notify() and
+ sd_pid_notifyf(). They are similar to sd_notify() and
+ sd_notifyf(), but allow overriding of the source PID of
+ notification messages if permissions permit this. This is
+ useful to send notify messages on behalf of a different
+ process (for example, the parent process). The
+ systemd-notify tool has been updated to make use of this
+ when sending messages (so that notification messages now
+ originate from the shell script invoking systemd-notify and
+ not the systemd-notify process itself. This should minimize
+ a race where systemd fails to associate notification
+ messages to services when the originating process already
+ vanished.
+
+ * A new "on-abnormal" setting for Restart= has been added. If
+ set, it will result in automatic restarts on all "abnormal"
+ reasons for a process to exit, which includes unclean
+ signals, core dumps, timeouts and watchdog timeouts, but
+ does not include clean and unclean exit codes or clean
+ signals. Restart=on-abnormal is an alternative for
+ Restart=on-failure for services that shall be able to
+ terminate and avoid restarts on certain errors, by
+ indicating so with an unclean exit code. Restart=on-failure
+ or Restart=on-abnormal is now the recommended setting for
+ all long-running services.
+
+ * If the InaccessibleDirectories= service setting points to a
+ mount point (or if there are any submounts contained within
+ it), it is now attempted to completely unmount it, to make
+ the file systems truly unavailable for the respective
+ service.
+
+ * The ReadOnlyDirectories= service setting and
+ systemd-nspawn's --read-only parameter are now recursively
+ applied to all submounts, too.
+
+ * Mount units may now be created transiently via the bus APIs.
+
+ * The support for SysV and LSB init scripts has been removed
+ from the systemd daemon itself. Instead, it is now
+ implemented as a generator that creates native systemd units
+ from these scripts when needed. This enables us to remove a
+ substantial amount of legacy code from PID 1, following the
+ fact that many distributions only ship a very small number
+ of LSB/SysV init scripts nowadays.
+
+ * Privileged Xen (dom0) domains are not considered
+ virtualization anymore by the virtualization detection
+ logic. After all, they generally have unrestricted access to
+ the hardware and usually are used to manage the unprivileged
+ (domU) domains.
+
+ * systemd-tmpfiles gained a new "C" line type, for copying
+ files or entire directories.
+
+ * systemd-tmpfiles "m" lines are now fully equivalent to "z"
+ lines. So far, they have been non-globbing versions of the
+ latter, and have thus been redundant. In future, it is
+ recommended to only use "z". "m" has hence been removed
+ from the documentation, even though it stays supported.
+
+ * A tmpfiles snippet to recreate the most basic structure in
+ /var has been added. This is enough to create the /var/run →
+ /run symlink and create a couple of structural
+ directories. This allows systems to boot up with an empty or
+ volatile /var. Of course, while with this change, the core OS
+ now is capable with dealing with a volatile /var, not all
+ user services are ready for it. However, we hope that sooner
+ or later, many service daemons will be changed upstream so
+ that they are able to automatically create their necessary
+ directories in /var at boot, should they be missing. This is
+ the first step to allow state-less systems that only require
+ the vendor image for /usr to boot.
+
+ * systemd-nspawn has gained a new --tmpfs= switch to mount an
+ empty tmpfs instance to a specific directory. This is
+ particularly useful for making use of the automatic
+ reconstruction of /var (see above), by passing --tmpfs=/var.
+
+ * Access modes specified in tmpfiles snippets may now be
+ prefixed with "~", which indicates that they shall be masked
+ by whether the existing file or directory is currently
+ writable, readable or executable at all. Also, if specified,
+ the sgid/suid/sticky bits will be masked for all
+ non-directories.
+
+ * A new passive target unit "network-pre.target" has been
+ added which is useful for services that shall run before any
+ network is configured, for example firewall scripts.
+
+ * The "floppy" group that previously owned the /dev/fd*
+ devices is no longer used. The "disk" group is now used
+ instead. Distributions should probably deprecate usage of
+ this group.
+
+ Contributions from: Camilo Aguilar, Christian Hesse, Colin Ian
+ King, Cristian Rodríguez, Daniel Buch, Dave Reisner, David
+ Strauss, Denis Tikhomirov, John, Jonathan Liu, Kay Sievers,
+ Lennart Poettering, Mantas Mikulėnas, Mark Eichin, Ronny
+ Chevalier, Susant Sahani, Thomas Blume, Thomas Hindoe Paaboel
+ Andersen, Tom Gundersen, Umut Tezduyar Lindskog, Zbigniew
+ Jędrzejewski-Szmek
+
+ — Berlin, 2014-06-11
+
+CHANGES WITH 213:
+
+ * A new "systemd-timesyncd" daemon has been added for
+ synchronizing the system clock across the network. It
+ implements an SNTP client. In contrast to NTP
+ implementations such as chrony or the NTP reference server,
+ this only implements a client side, and does not bother with
+ the full NTP complexity, focusing only on querying time from
+ one remote server and synchronizing the local clock to
+ it. Unless you intend to serve NTP to networked clients or
+ want to connect to local hardware clocks, this simple NTP
+ client should be more than appropriate for most
+ installations. The daemon runs with minimal privileges, and
+ has been hooked up with networkd to only operate when
+ network connectivity is available. The daemon saves the
+ current clock to disk every time a new NTP sync has been
+ acquired, and uses this to possibly correct the system clock
+ early at bootup, in order to accommodate for systems that
+ lack an RTC such as the Raspberry Pi and embedded devices,
+ and to make sure that time monotonically progresses on these
+ systems, even if it is not always correct. To make use of
+ this daemon, a new system user and group "systemd-timesync"
+ needs to be created on installation of systemd.
+
+ * The queue "seqnum" interface of libudev has been disabled, as
+ it was generally incompatible with device namespacing as
+ sequence numbers of devices go "missing" if the devices are
+ part of a different namespace.
+
+ * "systemctl list-timers" and "systemctl list-sockets" gained
+ a --recursive switch for showing units of these types also
+ for all local containers, similar in style to the already
+ supported --recursive switch for "systemctl list-units".
+
+ * A new RebootArgument= setting has been added for service
+ units, which may be used to specify a kernel reboot argument
+ to use when triggering reboots with StartLimitAction=.
+
+ * A new FailureAction= setting has been added for service
+ units which may be used to specify an operation to trigger
+ when a service fails. This works similarly to
+ StartLimitAction=, but unlike it, controls what is done
+ immediately rather than only after several attempts to
+ restart the service in question.
+
+ * hostnamed got updated to also expose the kernel name,
+ release, and version on the bus. This is useful for
+ executing commands like hostnamectl with the -H switch.
+ systemd-analyze makes use of this to properly display
+ details when running non-locally.
+
+ * The bootchart tool can now show cgroup information in the
+ graphs it generates.
+
+ * The CFS CPU quota cgroup attribute is now exposed for
+ services. The new CPUQuota= switch has been added for this
+ which takes a percentage value. Setting this will have the
+ result that a service may never get more CPU time than the
+ specified percentage, even if the machine is otherwise idle.
+
+ * systemd-networkd learned IPIP and SIT tunnel support.
+
+ * LSB init scripts exposing a dependency on $network will now
+ get a dependency on network-online.target rather than simply
+ network.target. This should bring LSB handling closer to
+ what it was on SysV systems.
+
+ * A new fsck.repair= kernel option has been added to control
+ how fsck shall deal with unclean file systems at boot.
+
+ * The (.ini) configuration file parser will now silently
+ ignore sections whose name begins with "X-". This may be
+ used to maintain application-specific extension sections in unit
+ files.
+
+ * machined gained a new API to query the IP addresses of
+ registered containers. "machinectl status" has been updated
+ to show these addresses in its output.
+
+ * A new call sd_uid_get_display() has been added to the
+ sd-login APIs for querying the "primary" session of a
+ user. The "primary" session of the user is elected from the
+ user's sessions and generally a graphical session is
+ preferred over a text one.
+
+ * A minimal systemd-resolved daemon has been added. It
+ currently simply acts as a companion to systemd-networkd and
+ manages resolv.conf based on per-interface DNS
+ configuration, possibly supplied via DHCP. In the long run
+ we hope to extend this into a local DNSSEC enabled DNS and
+ mDNS cache.
+
+ * The systemd-networkd-wait-online tool is now enabled by
+ default. It will delay network-online.target until a network
+ connection has been configured. The tool primarily integrates
+ with networkd, but will also make a best effort to make sense
+ of network configuration performed in some other way.
+
+ * Two new service options StartupCPUShares= and
+ StartupBlockIOWeight= have been added that work similarly to
+ CPUShares= and BlockIOWeight= however only apply during
+ system startup. This is useful to prioritize certain services
+ differently during bootup than during normal runtime.
+
+ * hostnamed has been changed to prefer the statically
+ configured hostname in /etc/hostname (unless set to
+ 'localhost' or empty) over any dynamic one supplied by
+ dhcp. With this change, the rules for picking the hostname
+ match more closely the rules of other configuration settings
+ where the local administrator's configuration in /etc always
+ overrides any other settings.
+
+ Contributions fron: Ali H. Caliskan, Alison Chaiken, Bas van
+ den Berg, Brandon Philips, Cristian Rodríguez, Daniel Buch,
+ Dan Kilman, Dave Reisner, David Härdeman, David Herrmann,
+ David Strauss, Dimitris Spingos, Djalal Harouni, Eelco
+ Dolstra, Evan Nemerson, Florian Albrechtskirchinger, Greg
+ Kroah-Hartman, Harald Hoyer, Holger Hans Peter Freyther, Jan
+ Engelhardt, Jani Nikula, Jason St. John, Jeffrey Clark,
+ Jonathan Boulle, Kay Sievers, Lennart Poettering, Lukas
+ Nykryn, Lukasz Skalski, Łukasz Stelmach, Mantas Mikulėnas,
+ Marcel Holtmann, Martin Pitt, Matthew Monaco, Michael
+ Marineau, Michael Olbrich, Michal Sekletar, Mike Gilbert, Nis
+ Martensen, Patrik Flykt, Philip Lorenz, poma, Ray Strode,
+ Reyad Attiyat, Robert Milasan, Scott Thrasher, Stef Walter,
+ Steven Siloti, Susant Sahani, Tanu Kaskinen, Thomas Bächler,
+ Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar
+ Lindskog, WaLyong Cho, Will Woods, Zbigniew
+ Jędrzejewski-Szmek
+
+ — Beijing, 2014-05-28
+
+CHANGES WITH 212:
+
+ * When restoring the screen brightness at boot, stay away from
+ the darkest setting or from the lowest 5% of the available
+ range, depending on which is the larger value of both. This
+ should effectively protect the user from rebooting into a
+ black screen, should the brightness have been set to minimum
+ by accident.
+
+ * sd-login gained a new sd_machine_get_class() call to
+ determine the class ("vm" or "container") of a machine
+ registered with machined.
+
+ * sd-login gained new calls
+ sd_peer_get_{session,owner_uid,unit,user_unit,slice,machine_name}(),
+ to query the identity of the peer of a local AF_UNIX
+ connection. They operate similarly to their sd_pid_get_xyz()
+ counterparts.
+
+ * PID 1 will now maintain a system-wide system state engine
+ with the states "starting", "running", "degraded",
+ "maintenance", "stopping". These states are bound to system
+ startup, normal runtime, runtime with at least one failed
+ service, rescue/emergency mode and system shutdown. This
+ state is shown in the "systemctl status" output when no unit
+ name is passed. It is useful to determine system state, in
+ particularly when doing so for many systems or containers at
+ once.
+
+ * A new command "list-machines" has been added to "systemctl"
+ that lists all local OS containers and shows their system
+ state (see above), if systemd runs inside of them.
+
+ * systemctl gained a new "-r" switch to recursively enumerate
+ units on all local containers, when used with the
+ "list-unit" command (which is the default one that is
+ executed when no parameters are specified).
+
+ * The GPT automatic partition discovery logic will now honour
+ two GPT partition flags: one may be set on a partition to
+ cause it to be mounted read-only, and the other may be set
+ on a partition to ignore it during automatic discovery.
+
+ * Two new GPT type UUIDs have been added for automatic root
+ partition discovery, for 32-bit and 64-bit ARM. This is not
+ particularly useful for discovering the root directory on
+ these architectures during bare-metal boots (since UEFI is
+ not common there), but still very useful to allow booting of
+ ARM disk images in nspawn with the -i option.
+
+ * MAC addresses of interfaces created with nspawn's
+ --network-interface= switch will now be generated from the
+ machine name, and thus be stable between multiple invocations
+ of the container.
+
+ * logind will now automatically remove all IPC objects owned
+ by a user if she or he fully logs out. This makes sure that
+ users who are logged out cannot continue to consume IPC
+ resources. This covers SysV memory, semaphores and message
+ queues as well as POSIX shared memory and message
+ queues. Traditionally, SysV and POSIX IPC had no life-cycle
+ limits. With this functionality, that is corrected. This may
+ be turned off by using the RemoveIPC= switch of logind.conf.
+
+ * The systemd-machine-id-setup and tmpfiles tools gained a
+ --root= switch to operate on a specific root directory,
+ instead of /.
+
+ * journald can now forward logged messages to the TTYs of all
+ logged in users ("wall"). This is the default for all
+ emergency messages now.
+
+ * A new tool systemd-journal-remote has been added to stream
+ journal log messages across the network.
+
+ * /sys/fs/cgroup/ is now mounted read-only after all cgroup
+ controller trees are mounted into it. Note that the
+ directories mounted beneath it are not read-only. This is a
+ security measure and is particularly useful because glibc
+ actually includes a search logic to pick any tmpfs it can
+ find to implement shm_open() if /dev/shm is not available
+ (which it might very well be in namespaced setups).
+
+ * machinectl gained a new "poweroff" command to cleanly power
+ down a local OS container.
+
+ * The PrivateDevices= unit file setting will now also drop the
+ CAP_MKNOD capability from the capability bound set, and
+ imply DevicePolicy=closed.
+
+ * PrivateDevices=, PrivateNetwork= and PrivateTmp= is now used
+ comprehensively on all long-running systemd services where
+ this is appropriate.
+
+ * systemd-udevd will now run in a disassociated mount
+ namespace. To mount directories from udev rules, make sure to
+ pull in mount units via SYSTEMD_WANTS properties.
+
+ * The kdbus support gained support for uploading policy into
+ the kernel. sd-bus gained support for creating "monitoring"
+ connections that can eavesdrop into all bus communication
+ for debugging purposes.
+
+ * Timestamps may now be specified in seconds since the UNIX
+ epoch Jan 1st, 1970 by specifying "@" followed by the value
+ in seconds.
+
+ * Native tcpwrap support in systemd has been removed. tcpwrap
+ is old code, not really maintained anymore and has serious
+ shortcomings, and better options such as firewalls
+ exist. For setups that require tcpwrap usage, please
+ consider invoking your socket-activated service via tcpd,
+ like on traditional inetd.
+
+ * A new system.conf configuration option
+ DefaultTimerAccuracySec= has been added that controls the
+ default AccuracySec= setting of .timer units.
+
+ * Timer units gained a new WakeSystem= switch. If enabled,
+ timers configured this way will cause the system to resume
+ from system suspend (if the system supports that, which most
+ do these days).
+
+ * Timer units gained a new Persistent= switch. If enabled,
+ timers configured this way will save to disk when they have
+ been last triggered. This information is then used on next
+ reboot to possible execute overdue timer events, that
+ could not take place because the system was powered off.
+ This enables simple anacron-like behaviour for timer units.
+
+ * systemctl's "list-timers" will now also list the time a
+ timer unit was last triggered in addition to the next time
+ it will be triggered.
+
+ * systemd-networkd will now assign predictable IPv4LL
+ addresses to its local interfaces.
+
+ Contributions from: Brandon Philips, Daniel Buch, Daniel Mack,
+ Dave Reisner, David Herrmann, Gerd Hoffmann, Greg
+ Kroah-Hartman, Hendrik Brueckner, Jason St. John, Josh
+ Triplett, Kay Sievers, Lennart Poettering, Marc-Antoine
+ Perennou, Michael Marineau, Michael Olbrich, Miklos Vajna,
+ Patrik Flykt, poma, Sebastian Thorarensen, Thomas Bächler,
+ Thomas Hindoe Paaboel Andersen, Tomasz Torcz, Tom Gundersen,
+ Umut Tezduyar Lindskog, Wieland Hoffmann, Zbigniew
+ Jędrzejewski-Szmek
+
+ — Berlin, 2014-03-25
+
+CHANGES WITH 211:
+
+ * A new unit file setting RestrictAddressFamilies= has been
+ added to restrict which socket address families unit
+ processes gain access to. This takes address family names
+ like "AF_INET" or "AF_UNIX", and is useful to minimize the
+ attack surface of services via exotic protocol stacks. This
+ is built on seccomp system call filters.
+
+ * Two new unit file settings RuntimeDirectory= and
+ RuntimeDirectoryMode= have been added that may be used to
+ manage a per-daemon runtime directories below /run. This is
+ an alternative for setting up directory permissions with
+ tmpfiles snippets, and has the advantage that the runtime
+ directory's lifetime is bound to the daemon runtime and that
+ the daemon starts up with an empty directory each time. This
+ is particularly useful when writing services that drop
+ privileges using the User= or Group= setting.
+
+ * The DeviceAllow= unit setting now supports globbing for
+ matching against device group names.
+
+ * The systemd configuration file system.conf gained new
+ settings DefaultCPUAccounting=, DefaultBlockIOAccounting=,
+ DefaultMemoryAccounting= to globally turn on/off accounting
+ for specific resources (cgroups) for all units. These
+ settings may still be overridden individually in each unit
+ though.
+
+ * systemd-gpt-auto-generator is now able to discover /srv and
+ root partitions in addition to /home and swap partitions. It
+ also supports LUKS-encrypted partitions now. With this in
+ place, automatic discovery of partitions to mount following
+ the Discoverable Partitions Specification
+ (https://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec)
+ is now a lot more complete. This allows booting without
+ /etc/fstab and without root= on the kernel command line on
+ systems prepared appropriately.
+
+ * systemd-nspawn gained a new --image= switch which allows
+ booting up disk images and Linux installations on any block
+ device that follow the Discoverable Partitions Specification
+ (see above). This means that installations made with
+ appropriately updated installers may now be started and
+ deployed using container managers, completely
+ unmodified. (We hope that libvirt-lxc will add support for
+ this feature soon, too.)
+
+ * systemd-nspawn gained a new --network-macvlan= setting to
+ set up a private macvlan interface for the
+ container. Similarly, systemd-networkd gained a new
+ Kind=macvlan setting in .netdev files.
+
+ * systemd-networkd now supports configuring local addresses
+ using IPv4LL.
+
+ * A new tool systemd-network-wait-online has been added to
+ synchronously wait for network connectivity using
+ systemd-networkd.
+
+ * The sd-bus.h bus API gained a new sd_bus_track object for
+ tracking the life-cycle of bus peers. Note that sd-bus.h is
+ still not a public API though (unless you specify
+ --enable-kdbus on the configure command line, which however
+ voids your warranty and you get no API stability guarantee).
+
+ * The $XDG_RUNTIME_DIR runtime directories for each user are
+ now individual tmpfs instances, which has the benefit of
+ introducing separate pools for each user, with individual
+ size limits, and thus making sure that unprivileged clients
+ can no longer negatively impact the system or other users by
+ filling up their $XDG_RUNTIME_DIR. A new logind.conf setting
+ RuntimeDirectorySize= has been introduced that allows
+ controlling the default size limit for all users. It
+ defaults to 10% of the available physical memory. This is no
+ replacement for quotas on tmpfs though (which the kernel
+ still does not support), as /dev/shm and /tmp are still
+ shared resources used by both the system and unprivileged
+ users.
+
+ * logind will now automatically turn off automatic suspending
+ on laptop lid close when more than one display is
+ connected. This was previously expected to be implemented
+ individually in desktop environments (such as GNOME),
+ however has been added to logind now, in order to fix a
+ boot-time race where a desktop environment might not have
+ been started yet and thus not been able to take an inhibitor
+ lock at the time where logind already suspends the system
+ due to a closed lid.
+
+ * logind will now wait at least 30s after each system
+ suspend/resume cycle, and 3min after system boot before
+ suspending the system due to a closed laptop lid. This
+ should give USB docking stations and similar enough time to
+ be probed and configured after system resume and boot in
+ order to then act as suspend blocker.
+
+ * systemd-run gained a new --property= setting which allows
+ initialization of resource control properties (and others)
+ for the created scope or service unit. Example: "systemd-run
+ --property=BlockIOWeight=10 updatedb" may be used to run
+ updatedb at a low block IO scheduling weight.
+
+ * systemd-run's --uid=, --gid=, --setenv=, --setenv= switches
+ now also work in --scope mode.
+
+ * When systemd is compiled with kdbus support, basic support
+ for enforced policies is now in place. (Note that enabling
+ kdbus still voids your warranty and no API compatibility
+ promises are made.)
+
+ Contributions from: Andrey Borzenkov, Ansgar Burchardt, Armin
+ K., Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
+ Harald Hoyer, Henrik Grindal Bakken, Jasper St. Pierre, Kay
+ Sievers, Kieran Clancy, Lennart Poettering, Lukas Nykryn,
+ Mantas Mikulėnas, Marcel Holtmann, Mark Oteiza, Martin Pitt,
+ Mike Gilbert, Peter Rajnoha, poma, Samuli Suominen, Stef
+ Walter, Susant Sahani, Tero Roponen, Thomas Andersen, Thomas
+ Bächler, Thomas Hindoe Paaboel Andersen, Tomasz Torcz, Tom
+ Gundersen, Umut Tezduyar Lindskog, Uoti Urpala, Zachary Cook,
+ Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2014-03-12
+
+CHANGES WITH 210:
+
+ * systemd will now relabel /dev after loading the SMACK policy
+ according to SMACK rules.
+
+ * A new unit file option AppArmorProfile= has been added to
+ set the AppArmor profile for the processes of a unit.
+
+ * A new condition check ConditionArchitecture= has been added
+ to conditionalize units based on the system architecture, as
+ reported by uname()'s "machine" field.
+
+ * systemd-networkd now supports matching on the system
+ virtualization, architecture, kernel command line, host name
+ and machine ID.
+
+ * logind is now a lot more aggressive when suspending the
+ machine due to a closed laptop lid. Instead of acting only
+ on the lid close action, it will continuously watch the lid
+ status and act on it. This is useful for laptops where the
+ power button is on the outside of the chassis so that it can
+ be reached without opening the lid (such as the Lenovo
+ Yoga). On those machines, logind will now immediately
+ re-suspend the machine if the power button has been
+ accidentally pressed while the laptop was suspended and in a
+ backpack or similar.
+
+ * logind will now watch SW_DOCK switches and inhibit reaction
+ to the lid switch if it is pressed. This means that logind
+ will not suspend the machine anymore if the lid is closed
+ and the system is docked, if the laptop supports SW_DOCK
+ notifications via the input layer. Note that ACPI docking
+ stations do not generate this currently. Also note that this
+ logic is usually not fully sufficient and Desktop
+ Environments should take a lid switch inhibitor lock when an
+ external display is connected, as systemd will not watch
+ this on its own.
+
+ * nspawn will now make use of the devices cgroup controller by
+ default, and only permit creation of and access to the usual
+ API device nodes like /dev/null or /dev/random, as well as
+ access to (but not creation of) the pty devices.
+
+ * We will now ship a default .network file for
+ systemd-networkd that automatically configures DHCP for
+ network interfaces created by nspawn's --network-veth or
+ --network-bridge= switches.
+
+ * systemd will now understand the usual M, K, G, T suffixes
+ according to SI conventions (i.e. to the base 1000) when
+ referring to throughput and hardware metrics. It will stay
+ with IEC conventions (i.e. to the base 1024) for software
+ metrics, according to what is customary according to
+ Wikipedia. We explicitly document which base applies for
+ each configuration option.
+
+ * The DeviceAllow= setting in unit files now supports a syntax
+ to whitelist an entire group of devices node majors at once,
+ based on the /proc/devices listing. For example, with the
+ string "char-pts", it is now possible to whitelist all
+ current and future pseudo-TTYs at once.
+
+ * sd-event learned a new "post" event source. Event sources of
+ this type are triggered by the dispatching of any event
+ source of a type that is not "post". This is useful for
+ implementing clean-up and check event sources that are
+ triggered by other work being done in the program.
+
+ * systemd-networkd is no longer statically enabled, but uses
+ the usual [Install] sections so that it can be
+ enabled/disabled using systemctl. It still is enabled by
+ default however.
+
+ * When creating a veth interface pair with systemd-nspawn, the
+ host side will now be prefixed with "vb-" if
+ --network-bridge= is used, and with "ve-" if --network-veth
+ is used. This way, it is easy to distinguish these cases on
+ the host, for example to apply different configuration to
+ them with systemd-networkd.
+
+ * The compatibility libraries for libsystemd-journal.so,
+ libsystem-id128.so, libsystemd-login.so and
+ libsystemd-daemon.so do not make use of IFUNC
+ anymore. Instead, we now build libsystemd.so multiple times
+ under these alternative names. This means that the footprint
+ is drastically increased, but given that these are
+ transitional compatibility libraries, this should not matter
+ much. This change has been made necessary to support the ARM
+ platform for these compatibility libraries, as the ARM
+ toolchain is not really at the same level as the toolchain
+ for other architectures like x86 and does not support
+ IFUNC. Please make sure to use --enable-compat-libs only
+ during a transitional period!
+
+ * The .include syntax has been deprecated and is not documented
+ anymore. Drop-in files in .d directories should be used instead.
+
+ Contributions from: Andreas Fuchs, Armin K., Colin Walters,
+ Daniel Mack, Dave Reisner, David Herrmann, Djalal Harouni,
+ Holger Schurig, Jason A. Donenfeld, Jason St. John, Jasper
+ St. Pierre, Kay Sievers, Lennart Poettering, Łukasz Stelmach,
+ Marcel Holtmann, Michael Scherer, Michal Sekletar, Mike
+ Gilbert, Samuli Suominen, Thomas Bächler, Thomas Hindoe
+ Paaboel Andersen, Tom Gundersen, Umut Tezduyar Lindskog,
+ Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2014-02-24
+
+CHANGES WITH 209:
+
+ * A new component "systemd-networkd" has been added that can
+ be used to configure local network interfaces statically or
+ via DHCP. It is capable of bringing up bridges, VLANs, and
+ bonding. Currently, no hook-ups for interactive network
+ configuration are provided. Use this for your initrd,
+ container, embedded, or server setup if you need a simple,
+ yet powerful, network configuration solution. This
+ configuration subsystem is quite nifty, as it allows wildcard
+ hotplug matching in interfaces. For example, with a single
+ configuration snippet, you can configure that all Ethernet
+ interfaces showing up are automatically added to a bridge,
+ or similar. It supports link-sensing and more.
+
+ * A new tool "systemd-socket-proxyd" has been added which can
+ act as a bidirectional proxy for TCP sockets. This is
+ useful for adding socket activation support to services that
+ do not actually support socket activation, including virtual
+ machines and the like.
+
+ * Add a new tool to save/restore rfkill state on
+ shutdown/boot.
+
+ * Save/restore state of keyboard backlights in addition to
+ display backlights on shutdown/boot.
+
+ * udev learned a new SECLABEL{} construct to label device
+ nodes with a specific security label when they appear. For
+ now, only SECLABEL{selinux} is supported, but the syntax is
+ prepared for additional security frameworks.
+
+ * udev gained a new scheme to configure link-level attributes
+ from files in /etc/systemd/network/*.link. These files can
+ match against MAC address, device path, driver name and type,
+ and will apply attributes like the naming policy, link speed,
+ MTU, duplex settings, Wake-on-LAN settings, MAC address, MAC
+ address assignment policy (randomized, ...).
+
+ * The configuration of network interface naming rules for
+ "permanent interface names" has changed: a new NamePolicy=
+ setting in the [Link] section of .link files determines the
+ priority of possible naming schemes (onboard, slot, MAC,
+ path). The default value of this setting is determined by
+ /usr/lib/net/links/99-default.link. Old
+ 80-net-name-slot.rules udev configuration file has been
+ removed, so local configuration overriding this file should
+ be adapted to override 99-default.link instead.
+
+ * When the User= switch is used in a unit file, also
+ initialize $SHELL= based on the user database entry.
+
+ * systemd no longer depends on libdbus. All communication is
+ now done with sd-bus, systemd's low-level bus library
+ implementation.
+
+ * kdbus support has been added to PID 1 itself. When kdbus is
+ enabled, this causes PID 1 to set up the system bus and
+ enable support for a new ".busname" unit type that
+ encapsulates bus name activation on kdbus. It works a little
+ bit like ".socket" units, except for bus names. A new
+ generator has been added that converts classic dbus1 service
+ activation files automatically into native systemd .busname
+ and .service units.
+
+ * sd-bus: add a light-weight vtable implementation that allows
+ defining objects on the bus with a simple static const
+ vtable array of its methods, signals and properties.
+
+ * systemd will not generate or install static dbus
+ introspection data anymore to /usr/share/dbus-1/interfaces,
+ as the precise format of these files is unclear, and
+ nothing makes use of it.
+
+ * A proxy daemon is now provided to proxy clients connecting
+ via classic D-Bus AF_UNIX sockets to kdbus, to provide full
+ compatibility with classic D-Bus.
+
+ * A bus driver implementation has been added that supports the
+ classic D-Bus bus driver calls on kdbus, also for
+ compatibility purposes.
+
+ * A new API "sd-event.h" has been added that implements a
+ minimal event loop API built around epoll. It provides a
+ couple of features that direct epoll usage is lacking:
+ prioritization of events, scales to large numbers of timer
+ events, per-event timer slack (accuracy), system-wide
+ coalescing of timer events, exit handlers, watchdog
+ supervision support using systemd's sd_notify() API, child
+ process handling.
+
+ * A new API "sd-rntl.h" has been added that provides an API
+ around the route netlink interface of the kernel, similar in
+ style to "sd-bus.h".
+
+ * A new API "sd-dhcp-client.h" has been added that provides a
+ small DHCPv4 client-side implementation. This is used by
+ "systemd-networkd".
+
+ * There is a new kernel command line option
+ "systemd.restore_state=0|1". When set to "0", none of the
+ systemd tools will restore saved runtime state to hardware
+ devices. More specifically, the rfkill and backlight states
+ are not restored.
+
+ * The FsckPassNo= compatibility option in mount/service units
+ has been removed. The fstab generator will now add the
+ necessary dependencies automatically, and does not require
+ PID1's support for that anymore.
+
+ * journalctl gained a new switch, --list-boots, that lists
+ recent boots with their times and boot IDs.
+
+ * The various tools like systemctl, loginctl, timedatectl,
+ busctl, systemd-run, ... have gained a new switch "-M" to
+ connect to a specific, local OS container (as direct
+ connection, without requiring SSH). This works on any
+ container that is registered with machined, such as those
+ created by libvirt-lxc or nspawn.
+
+ * systemd-run and systemd-analyze also gained support for "-H"
+ to connect to remote hosts via SSH. This is particularly
+ useful for systemd-run because it enables queuing of jobs
+ onto remote systems.
+
+ * machinectl gained a new command "login" to open a getty
+ login in any local container. This works with any container
+ that is registered with machined (such as those created by
+ libvirt-lxc or nspawn), and which runs systemd inside.
+
+ * machinectl gained a new "reboot" command that may be used to
+ trigger a reboot on a specific container that is registered
+ with machined. This works on any container that runs an init
+ system of some kind.
+
+ * systemctl gained a new "list-timers" command to print a nice
+ listing of installed timer units with the times they elapse
+ next.
+
+ * Alternative reboot() parameters may now be specified on the
+ "systemctl reboot" command line and are passed to the
+ reboot() system call.
+
+ * systemctl gained a new --job-mode= switch to configure the
+ mode to queue a job with. This is a more generic version of
+ --fail, --irreversible, and --ignore-dependencies, which are
+ still available but not advertised anymore.
+
+ * /etc/systemd/system.conf gained new settings to configure
+ various default timeouts of units, as well as the default
+ start limit interval and burst. These may still be overridden
+ within each Unit.
+
+ * PID1 will now export on the bus profile data of the security
+ policy upload process (such as the SELinux policy upload to
+ the kernel).
+
+ * journald: when forwarding logs to the console, include
+ timestamps (following the setting in
+ /sys/module/printk/parameters/time).
+
+ * OnCalendar= in timer units now understands the special
+ strings "yearly" and "annually". (Both are equivalent)
+
+ * The accuracy of timer units is now configurable with the new
+ AccuracySec= setting. It defaults to 1min.
+
+ * A new dependency type JoinsNamespaceOf= has been added that
+ allows running two services within the same /tmp and network
+ namespace, if PrivateNetwork= or PrivateTmp= are used.
+
+ * A new command "cat" has been added to systemctl. It outputs
+ the original unit file of a unit, and concatenates the
+ contents of additional "drop-in" unit file snippets, so that
+ the full configuration is shown.
+
+ * systemctl now supports globbing on the various "list-xyz"
+ commands, like "list-units" or "list-sockets", as well as on
+ those commands which take multiple unit names.
+
+ * journalctl's --unit= switch gained support for globbing.
+
+ * All systemd daemons now make use of the watchdog logic so
+ that systemd automatically notices when they hang.
+
+ * If the $container_ttys environment variable is set,
+ getty-generator will automatically spawn a getty for each
+ listed tty. This is useful for container managers to request
+ login gettys to be spawned on as many ttys as needed.
+
+ * %h, %s, %U specifier support is not available anymore when
+ used in unit files for PID 1. This is because NSS calls are
+ not safe from PID 1. They stay available for --user
+ instances of systemd, and as special case for the root user.
+
+ * loginctl gained a new "--no-legend" switch to turn off output
+ of the legend text.
+
+ * The "sd-login.h" API gained three new calls:
+ sd_session_is_remote(), sd_session_get_remote_user(),
+ sd_session_get_remote_host() to query information about
+ remote sessions.
+
+ * The udev hardware database now also carries vendor/product
+ information of SDIO devices.
+
+ * The "sd-daemon.h" API gained a new sd_watchdog_enabled() to
+ determine whether watchdog notifications are requested by
+ the system manager.
+
+ * Socket-activated per-connection services now include a
+ short description of the connection parameters in the
+ description.
+
+ * tmpfiles gained a new "--boot" option. When this is not used,
+ only lines where the command character is not suffixed with
+ "!" are executed. When this option is specified, those
+ options are executed too. This partitions tmpfiles
+ directives into those that can be safely executed at any
+ time, and those which should be run only at boot (for
+ example, a line that creates /run/nologin).
+
+ * A new API "sd-resolve.h" has been added which provides a simple
+ asynchronous wrapper around glibc NSS host name resolution
+ calls, such as getaddrinfo(). In contrast to glibc's
+ getaddrinfo_a(), it does not use signals. In contrast to most
+ other asynchronous name resolution libraries, this one does
+ not reimplement DNS, but reuses NSS, so that alternate
+ host name resolution systems continue to work, such as mDNS,
+ LDAP, etc. This API is based on libasyncns, but it has been
+ cleaned up for inclusion in systemd.
+
+ * The APIs "sd-journal.h", "sd-login.h", "sd-id128.h",
+ "sd-daemon.h" are no longer found in individual libraries
+ libsystemd-journal.so, libsystemd-login.so,
+ libsystemd-id128.so, libsystemd-daemon.so. Instead, we have
+ merged them into a single library, libsystemd.so, which
+ provides all symbols. The reason for this is cyclic
+ dependencies, as these libraries tend to use each other's
+ symbols. So far, we have managed to workaround that by linking
+ a copy of a good part of our code into each of these
+ libraries again and again, which, however, makes certain
+ things hard to do, like sharing static variables. Also, it
+ substantially increases footprint. With this change, there
+ is only one library for the basic APIs systemd
+ provides. Also, "sd-bus.h", "sd-memfd.h", "sd-event.h",
+ "sd-rtnl.h", "sd-resolve.h", "sd-utf8.h" are found in this
+ library as well, however are subject to the --enable-kdbus
+ switch (see below). Note that "sd-dhcp-client.h" is not part
+ of this library (this is because it only consumes, never
+ provides, services of/to other APIs). To make the transition
+ easy from the separate libraries to the unified one, we
+ provide the --enable-compat-libs compile-time switch which
+ will generate stub libraries that are compatible with the
+ old ones but redirect all calls to the new one.
+
+ * All of the kdbus logic and the new APIs "sd-bus.h",
+ "sd-memfd.h", "sd-event.h", "sd-rtnl.h", "sd-resolve.h",
+ and "sd-utf8.h" are compile-time optional via the
+ "--enable-kdbus" switch, and they are not compiled in by
+ default. To make use of kdbus, you have to explicitly enable
+ the switch. Note however, that neither the kernel nor the
+ userspace API for all of this is considered stable yet. We
+ want to maintain the freedom to still change the APIs for
+ now. By specifying this build-time switch, you acknowledge
+ that you are aware of the instability of the current
+ APIs.
+
+ * Also, note that while kdbus is pretty much complete,
+ it lacks one thing: proper policy support. This means you
+ can build a fully working system with all features; however,
+ it will be highly insecure. Policy support will be added in
+ one of the next releases, at the same time that we will
+ declare the APIs stable.
+
+ * When the kernel command line argument "kdbus" is specified,
+ systemd will automatically load the kdbus.ko kernel module. At
+ this stage of development, it is only useful for testing kdbus
+ and should not be used in production. Note: if "--enable-kdbus"
+ is specified, and the kdbus.ko kernel module is available, and
+ "kdbus" is added to the kernel command line, the entire system
+ runs with kdbus instead of dbus-daemon, with the above mentioned
+ problem of missing the system policy enforcement. Also a future
+ version of kdbus.ko or a newer systemd will not be compatible with
+ each other, and will unlikely be able to boot the machine if only
+ one of them is updated.
+
+ * systemctl gained a new "import-environment" command which
+ uploads the caller's environment (or parts thereof) into the
+ service manager so that it is inherited by services started
+ by the manager. This is useful to upload variables like
+ $DISPLAY into the user service manager.
+
+ * A new PrivateDevices= switch has been added to service units
+ which allows running a service with a namespaced /dev
+ directory that does not contain any device nodes for
+ physical devices. More specifically, it only includes devices
+ such as /dev/null, /dev/urandom, and /dev/zero which are API
+ entry points.
+
+ * logind has been extended to support behaviour like VT
+ switching on seats that do not support a VT. This makes
+ multi-session available on seats that are not the first seat
+ (seat0), and on systems where kernel support for VTs has
+ been disabled at compile-time.
+
+ * If a process holds a delay lock for system sleep or shutdown
+ and fails to release it in time, we will now log its
+ identity. This makes it easier to identify processes that
+ cause slow suspends or power-offs.
+
+ * When parsing /etc/crypttab, support for a new key-slot=
+ option as supported by Debian is added. It allows indicating
+ which LUKS slot to use on disk, speeding up key loading.
+
+ * The sd_journal_sendv() API call has been checked and
+ officially declared to be async-signal-safe so that it may
+ be invoked from signal handlers for logging purposes.
+
+ * Boot-time status output is now enabled automatically after a
+ short timeout if boot does not progress, in order to give
+ the user an indication what she or he is waiting for.
+
+ * The boot-time output has been improved to show how much time
+ remains until jobs expire.
+
+ * The KillMode= switch in service units gained a new possible
+ value "mixed". If set, and the unit is shut down, then the
+ initial SIGTERM signal is sent only to the main daemon
+ process, while the following SIGKILL signal is sent to
+ all remaining processes of the service.
+
+ * When a scope unit is registered, a new property "Controller"
+ may be set. If set to a valid bus name, systemd will send a
+ RequestStop() signal to this name when it would like to shut
+ down the scope. This may be used to hook manager logic into
+ the shutdown logic of scope units. Also, scope units may now
+ be put in a special "abandoned" state, in which case the
+ manager process which created them takes no further
+ responsibilities for it.
+
+ * When reading unit files, systemd will now verify
+ the access mode of these files, and warn about certain
+ suspicious combinations. This has been added to make it
+ easier to track down packaging bugs where unit files are
+ marked executable or world-writable.
+
+ * systemd-nspawn gained a new "--setenv=" switch to set
+ container-wide environment variables. The similar option in
+ systemd-activate was renamed from "--environment=" to
+ "--setenv=" for consistency.
+
+ * systemd-nspawn has been updated to create a new kdbus domain
+ for each container that is invoked, thus allowing each
+ container to have its own set of system and user buses,
+ independent of the host.
+
+ * systemd-nspawn gained a new --drop-capability= switch to run
+ the container with less capabilities than the default. Both
+ --drop-capability= and --capability= now take the special
+ string "all" for dropping or keeping all capabilities.
+
+ * systemd-nspawn gained new switches for executing containers
+ with specific SELinux labels set.
+
+ * systemd-nspawn gained a new --quiet switch to not generate
+ any additional output but the container's own console
+ output.
+
+ * systemd-nspawn gained a new --share-system switch to run a
+ container without PID namespacing enabled.
+
+ * systemd-nspawn gained a new --register= switch to control
+ whether the container is registered with systemd-machined or
+ not. This is useful for containers that do not run full
+ OS images, but only specific apps.
+
+ * systemd-nspawn gained a new --keep-unit which may be used
+ when invoked as the only program from a service unit, and
+ results in registration of the unit service itself in
+ systemd-machined, instead of a newly opened scope unit.
+
+ * systemd-nspawn gained a new --network-interface= switch for
+ moving arbitrary interfaces to the container. The new
+ --network-veth switch creates a virtual Ethernet connection
+ between host and container. The new --network-bridge=
+ switch then allows assigning the host side of this virtual
+ Ethernet connection to a bridge device.
+
+ * systemd-nspawn gained a new --personality= switch for
+ setting the kernel personality for the container. This is
+ useful when running a 32-bit container on a 64-bit host. A
+ similar option Personality= is now also available for service
+ units to use.
+
+ * logind will now also track a "Desktop" identifier for each
+ session which encodes the desktop environment of it. This is
+ useful for desktop environments that want to identify
+ multiple running sessions of itself easily.
+
+ * A new SELinuxContext= setting for service units has been
+ added that allows setting a specific SELinux execution
+ context for a service.
+
+ * Most systemd client tools will now honour $SYSTEMD_LESS for
+ settings of the "less" pager. By default, these tools will
+ override $LESS to allow certain operations to work, such as
+ jump-to-the-end. With $SYSTEMD_LESS, it is possible to
+ influence this logic.
+
+ * systemd's "seccomp" hook-up has been changed to make use of
+ the libseccomp library instead of using its own
+ implementation. This has benefits for portability among
+ other things.
+
+ * For usage together with SystemCallFilter=, a new
+ SystemCallErrorNumber= setting has been introduced that
+ allows configuration of a system error number to be returned
+ on filtered system calls, instead of immediately killing the
+ process. Also, SystemCallArchitectures= has been added to
+ limit access to system calls of a particular architecture
+ (in order to turn off support for unused secondary
+ architectures). There is also a global
+ SystemCallArchitectures= setting in system.conf now to turn
+ off support for non-native system calls system-wide.
+
+ * systemd requires a kernel with a working name_to_handle_at(),
+ please see the kernel config requirements in the README file.
+
+ Contributions from: Adam Williamson, Alex Jia, Anatol Pomozov,
+ Ansgar Burchardt, AppleBloom, Auke Kok, Bastien Nocera,
+ Chengwei Yang, Christian Seiler, Colin Guthrie, Colin Walters,
+ Cristian Rodríguez, Daniel Buch, Daniele Medri, Daniel J
+ Walsh, Daniel Mack, Dan McGee, Dave Reisner, David Coppa,
+ David Herrmann, David Strauss, Djalal Harouni, Dmitry Pisklov,
+ Elia Pinto, Florian Weimer, George McCollister, Goffredo
+ Baroncelli, Greg Kroah-Hartman, Hendrik Brueckner, Igor
+ Zhbanov, Jan Engelhardt, Jan Janssen, Jason A. Donenfeld,
+ Jason St. John, Jasper St. Pierre, Jóhann B. Guðmundsson, Jose
+ Ignacio Naranjo, Karel Zak, Kay Sievers, Kristian Høgsberg,
+ Lennart Poettering, Lubomir Rintel, Lukas Nykryn, Lukasz
+ Skalski, Łukasz Stelmach, Luke Shumaker, Mantas Mikulėnas,
+ Marc-Antoine Perennou, Marcel Holtmann, Marcos Felipe Rasia de
+ Mello, Marko Myllynen, Martin Pitt, Matthew Monaco, Michael
+ Marineau, Michael Scherer, Michał Górny, Michal Sekletar,
+ Michele Curti, Oleksii Shevchuk, Olivier Brunel, Patrik Flykt,
+ Pavel Holica, Raudi, Richard Marko, Ronny Chevalier, Sébastien
+ Luttringer, Sergey Ptashnick, Shawn Landden, Simon Peeters,
+ Stefan Beller, Susant Sahani, Sylvain Plantefeve, Sylvia Else,
+ Tero Roponen, Thomas Bächler, Thomas Hindoe Paaboel Andersen,
+ Tom Gundersen, Umut Tezduyar Lindskog, Unai Uribarri, Václav
+ Pavlín, Vincent Batts, WaLyong Cho, William Giokas, Yang
+ Zhiyong, Yin Kangkai, Yuxuan Shui, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2014-02-20
+
+CHANGES WITH 208:
+
+ * logind has gained support for facilitating privileged input
+ and drm device access for unprivileged clients. This work is
+ useful to allow Wayland display servers (and similar
+ programs, such as kmscon) to run under the user's ID and
+ access input and drm devices which are normally
+ protected. When this is used (and the kernel is new enough)
+ logind will "mute" IO on the file descriptors passed to
+ Wayland as long as it is in the background and "unmute" it
+ if it returns into the foreground. This allows secure
+ session switching without allowing background sessions to
+ eavesdrop on input and display data. This also introduces
+ session switching support if VT support is turned off in the
+ kernel, and on seats that are not seat0.
+
+ * A new kernel command line option luks.options= is understood
+ now which allows specifying LUKS options for usage for LUKS
+ encrypted partitions specified with luks.uuid=.
+
+ * tmpfiles.d(5) snippets may now use specifier expansion in
+ path names. More specifically %m, %b, %H, %v, are now
+ replaced by the local machine id, boot id, hostname, and
+ kernel version number.
+
+ * A new tmpfiles.d(5) command "m" has been introduced which
+ may be used to change the owner/group/access mode of a file
+ or directory if it exists, but do nothing if it does not.
+
+ * This release removes high-level support for the
+ MemorySoftLimit= cgroup setting. The underlying kernel
+ cgroup attribute memory.soft_limit= is currently badly
+ designed and likely to be removed from the kernel API in its
+ current form, hence we should not expose it for now.
+
+ * The memory.use_hierarchy cgroup attribute is now enabled for
+ all cgroups systemd creates in the memory cgroup
+ hierarchy. This option is likely to be come the built-in
+ default in the kernel anyway, and the non-hierarchical mode
+ never made much sense in the intrinsically hierarchical
+ cgroup system.
+
+ * A new field _SYSTEMD_SLICE= is logged along with all journal
+ messages containing the slice a message was generated
+ from. This is useful to allow easy per-customer filtering of
+ logs among other things.
+
+ * systemd-journald will no longer adjust the group of journal
+ files it creates to the "systemd-journal" group. Instead we
+ rely on the journal directory to be owned by the
+ "systemd-journal" group, and its setgid bit set, so that the
+ kernel file system layer will automatically enforce that
+ journal files inherit this group assignment. The reason for
+ this change is that we cannot allow NSS look-ups from
+ journald which would be necessary to resolve
+ "systemd-journal" to a numeric GID, because this might
+ create deadlocks if NSS involves synchronous queries to
+ other daemons (such as nscd, or sssd) which in turn are
+ logging clients of journald and might block on it, which
+ would then dead lock. A tmpfiles.d(5) snippet included in
+ systemd will make sure the setgid bit and group are
+ properly set on the journal directory if it exists on every
+ boot. However, we recommend adjusting it manually after
+ upgrades too (or from RPM scriptlets), so that the change is
+ not delayed until next reboot.
+
+ * Backlight and random seed files in /var/lib/ have moved into
+ the /var/lib/systemd/ directory, in order to centralize all
+ systemd generated files in one directory.
+
+ * Boot time performance measurements (as displayed by
+ "systemd-analyze" for example) will now read ACPI 5.0 FPDT
+ performance information if that's available to determine how
+ much time BIOS and boot loader initialization required. With
+ a sufficiently new BIOS you hence no longer need to boot
+ with Gummiboot to get access to such information.
+
+ Contributions from: Andrey Borzenkov, Chen Jie, Colin Walters,
+ Cristian Rodríguez, Dave Reisner, David Herrmann, David
+ Mackey, David Strauss, Eelco Dolstra, Evan Callicoat, Gao
+ feng, Harald Hoyer, Jimmie Tauriainen, Kay Sievers, Lennart
+ Poettering, Lukas Nykryn, Mantas Mikulėnas, Martin Pitt,
+ Michael Scherer, Michał Górny, Mike Gilbert, Patrick McCarty,
+ Sebastian Ott, Tom Gundersen, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2013-10-02
+
+CHANGES WITH 207:
+
+ * The Restart= option for services now understands a new
+ on-watchdog setting, which will restart the service
+ automatically if the service stops sending out watchdog keep
+ alive messages (as configured with WatchdogSec=).
+
+ * The getty generator (which is responsible for bringing up a
+ getty on configured serial consoles) will no longer only
+ start a getty on the primary kernel console but on all
+ others, too. This makes the order in which console= is
+ specified on the kernel command line less important.
+
+ * libsystemd-logind gained a new sd_session_get_vt() call to
+ retrieve the VT number of a session.
+
+ * If the option "tries=0" is set for an entry of /etc/crypttab
+ its passphrase is queried indefinitely instead of any
+ maximum number of tries.
+
+ * If a service with a configure PID file terminates its PID
+ file will now be removed automatically if it still exists
+ afterwards. This should put an end to stale PID files.
+
+ * systemd-run will now also take relative binary path names
+ for execution and no longer insists on absolute paths.
+
+ * InaccessibleDirectories= and ReadOnlyDirectories= now take
+ paths that are optionally prefixed with "-" to indicate that
+ it should not be considered a failure if they do not exist.
+
+ * journalctl -o (and similar commands) now understands a new
+ output mode "short-precise", it is similar to "short" but
+ shows timestamps with usec accuracy.
+
+ * The option "discard" (as known from Debian) is now
+ synonymous to "allow-discards" in /etc/crypttab. In fact,
+ "discard" is preferred now (since it is easier to remember
+ and type).
+
+ * Some licensing clean-ups were made, so that more code is now
+ LGPL-2.1 licensed than before.
+
+ * A minimal tool to save/restore the display backlight
+ brightness across reboots has been added. It will store the
+ backlight setting as late as possible at shutdown, and
+ restore it as early as possible during reboot.
+
+ * A logic to automatically discover and enable home and swap
+ partitions on GPT disks has been added. With this in place
+ /etc/fstab becomes optional for many setups as systemd can
+ discover certain partitions located on the root disk
+ automatically. Home partitions are recognized under their
+ GPT type ID 933ac7e12eb44f13b8440e14e2aef915. Swap
+ partitions are recognized under their GPT type ID
+ 0657fd6da4ab43c484e50933c84b4f4f.
+
+ * systemd will no longer pass any environment from the kernel
+ or initrd to system services. If you want to set an
+ environment for all services, do so via the kernel command
+ line systemd.setenv= assignment.
+
+ * The systemd-sysctl tool no longer natively reads the file
+ /etc/sysctl.conf. If desired, the file should be symlinked
+ from /etc/sysctl.d/99-sysctl.conf. Apart from providing
+ legacy support by a symlink rather than built-in code, it
+ also makes the otherwise hidden order of application of the
+ different files visible. (Note that this partly reverts to a
+ pre-198 application order of sysctl knobs!)
+
+ * The "systemctl set-log-level" and "systemctl dump" commands
+ have been moved to systemd-analyze.
+
+ * systemd-run learned the new --remain-after-exit switch,
+ which causes the scope unit not to be cleaned up
+ automatically after the process terminated.
+
+ * tmpfiles learned a new --exclude-prefix= switch to exclude
+ certain paths from operation.
+
+ * journald will now automatically flush all messages to disk
+ as soon as a message at the log level CRIT, ALERT or EMERG
+ is received.
+
+ Contributions from: Andrew Cook, Brandon Philips, Christian
+ Hesse, Christoph Junghans, Colin Walters, Daniel Schaal,
+ Daniel Wallace, Dave Reisner, David Herrmann, Gao feng, George
+ McCollister, Giovanni Campagna, Hannes Reinecke, Harald Hoyer,
+ Herczeg Zsolt, Holger Hans Peter Freyther, Jan Engelhardt,
+ Jesper Larsen, Kay Sievers, Khem Raj, Lennart Poettering,
+ Lukas Nykryn, Maciej Wereski, Mantas Mikulėnas, Marcel
+ Holtmann, Martin Pitt, Michael Biebl, Michael Marineau,
+ Michael Scherer, Michael Stapelberg, Michal Sekletar, Michał
+ Górny, Olivier Brunel, Ondrej Balaz, Ronny Chevalier, Shawn
+ Landden, Steven Hiscocks, Thomas Bächler, Thomas Hindoe
+ Paaboel Andersen, Tom Gundersen, Umut Tezduyar, WANG Chao,
+ William Giokas, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2013-09-13
+
+CHANGES WITH 206:
+
+ * The documentation has been updated to cover the various new
+ concepts introduced with 205.
+
+ * Unit files now understand the new %v specifier which
+ resolves to the kernel version string as returned by "uname
+ -r".
+
+ * systemctl now supports filtering the unit list output by
+ load state, active state and sub state, using the new
+ --state= parameter.
+
+ * "systemctl status" will now show the results of the
+ condition checks (like ConditionPathExists= and similar) of
+ the last start attempts of the unit. They are also logged to
+ the journal.
+
+ * "journalctl -b" may now be used to look for boot output of a
+ specific boot. Try "journalctl -b -1" for the previous boot,
+ but the syntax is substantially more powerful.
+
+ * "journalctl --show-cursor" has been added which prints the
+ cursor string the last shown log line. This may then be used
+ with the new "journalctl --after-cursor=" switch to continue
+ browsing logs from that point on.
+
+ * "journalctl --force" may now be used to force regeneration
+ of an FSS key.
+
+ * Creation of "dead" device nodes has been moved from udev
+ into kmod and tmpfiles. Previously, udev would read the kmod
+ databases to pre-generate dead device nodes based on meta
+ information contained in kernel modules, so that these would
+ be auto-loaded on access rather then at boot. As this
+ does not really have much to do with the exposing actual
+ kernel devices to userspace this has always been slightly
+ alien in the udev codebase. Following the new scheme kmod
+ will now generate a runtime snippet for tmpfiles from the
+ module meta information and it now is tmpfiles' job to the
+ create the nodes. This also allows overriding access and
+ other parameters for the nodes using the usual tmpfiles
+ facilities. As side effect this allows us to remove the
+ CAP_SYS_MKNOD capability bit from udevd entirely.
+
+ * logind's device ACLs may now be applied to these "dead"
+ devices nodes too, thus finally allowing managed access to
+ devices such as /dev/snd/sequencer without loading the
+ backing module right-away.
+
+ * A new RPM macro has been added that may be used to apply
+ tmpfiles configuration during package installation.
+
+ * systemd-detect-virt and ConditionVirtualization= now can
+ detect User-Mode-Linux machines (UML).
+
+ * journald will now implicitly log the effective capabilities
+ set of processes in the message metadata.
+
+ * systemd-cryptsetup has gained support for TrueCrypt volumes.
+
+ * The initrd interface has been simplified (more specifically,
+ support for passing performance data via environment
+ variables and fsck results via files in /run has been
+ removed). These features were non-essential, and are
+ nowadays available in a much nicer way by having systemd in
+ the initrd serialize its state and have the hosts systemd
+ deserialize it again.
+
+ * The udev "keymap" data files and tools to apply keyboard
+ specific mappings of scan to key codes, and force-release
+ scan code lists have been entirely replaced by a udev
+ "keyboard" builtin and a hwdb data file.
+
+ * systemd will now honour the kernel's "quiet" command line
+ argument also during late shutdown, resulting in a
+ completely silent shutdown when used.
+
+ * There's now an option to control the SO_REUSEPORT socket
+ option in .socket units.
+
+ * Instance units will now automatically get a per-template
+ subslice of system.slice unless something else is explicitly
+ configured. For example, instances of sshd@.service will now
+ implicitly be placed in system-sshd.slice rather than
+ system.slice as before.
+
+ * Test coverage support may now be enabled at build time.
+
+ Contributions from: Dave Reisner, Frederic Crozat, Harald
+ Hoyer, Holger Hans Peter Freyther, Jan Engelhardt, Jan
+ Janssen, Jason St. John, Jesper Larsen, Kay Sievers, Lennart
+ Poettering, Lukas Nykryn, Maciej Wereski, Martin Pitt, Michael
+ Olbrich, Ramkumar Ramachandra, Ross Lagerwall, Shawn Landden,
+ Thomas H.P. Andersen, Tom Gundersen, Tomasz Torcz, William
+ Giokas, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2013-07-23
+
+CHANGES WITH 205:
+
+ * Two new unit types have been introduced:
+
+ Scope units are very similar to service units, however, are
+ created out of pre-existing processes — instead of PID 1
+ forking off the processes. By using scope units it is
+ possible for system services and applications to group their
+ own child processes (worker processes) in a powerful way
+ which then maybe used to organize them, or kill them
+ together, or apply resource limits on them.
+
+ Slice units may be used to partition system resources in an
+ hierarchical fashion and then assign other units to them. By
+ default there are now three slices: system.slice (for all
+ system services), user.slice (for all user sessions),
+ machine.slice (for VMs and containers).
+
+ Slices and scopes have been introduced primarily in
+ context of the work to move cgroup handling to a
+ single-writer scheme, where only PID 1
+ creates/removes/manages cgroups.
+
+ * There's a new concept of "transient" units. In contrast to
+ normal units these units are created via an API at runtime,
+ not from configuration from disk. More specifically this
+ means it is now possible to run arbitrary programs as
+ independent services, with all execution parameters passed
+ in via bus APIs rather than read from disk. Transient units
+ make systemd substantially more dynamic then it ever was,
+ and useful as a general batch manager.
+
+ * logind has been updated to make use of scope and slice units
+ for managing user sessions. As a user logs in he will get
+ his own private slice unit, to which all sessions are added
+ as scope units. We also added support for automatically
+ adding an instance of user@.service for the user into the
+ slice. Effectively logind will no longer create cgroup
+ hierarchies on its own now, it will defer entirely to PID 1
+ for this by means of scope, service and slice units. Since
+ user sessions this way become entities managed by PID 1
+ the output of "systemctl" is now a lot more comprehensive.
+
+ * A new mini-daemon "systemd-machined" has been added which
+ may be used by virtualization managers to register local
+ VMs/containers. nspawn has been updated accordingly, and
+ libvirt will be updated shortly. machined will collect a bit
+ of meta information about the VMs/containers, and assign
+ them their own scope unit (see above). The collected
+ meta-data is then made available via the "machinectl" tool,
+ and exposed in "ps" and similar tools. machined/machinectl
+ is compile-time optional.
+
+ * As discussed earlier, the low-level cgroup configuration
+ options ControlGroup=, ControlGroupModify=,
+ ControlGroupPersistent=, ControlGroupAttribute= have been
+ removed. Please use high-level attribute settings instead as
+ well as slice units.
+
+ * A new bus call SetUnitProperties() has been added to alter
+ various runtime parameters of a unit. This is primarily
+ useful to alter cgroup parameters dynamically in a nice way,
+ but will be extended later on to make more properties
+ modifiable at runtime. systemctl gained a new set-properties
+ command that wraps this call.
+
+ * A new tool "systemd-run" has been added which can be used to
+ run arbitrary command lines as transient services or scopes,
+ while configuring a number of settings via the command
+ line. This tool is currently very basic, however already
+ very useful. We plan to extend this tool to even allow
+ queuing of execution jobs with time triggers from the
+ command line, similar in fashion to "at".
+
+ * nspawn will now inform the user explicitly that kernels with
+ audit enabled break containers, and suggest the user to turn
+ off audit.
+
+ * Support for detecting the IMA and AppArmor security
+ frameworks with ConditionSecurity= has been added.
+
+ * journalctl gained a new "-k" switch for showing only kernel
+ messages, mimicking dmesg output; in addition to "--user"
+ and "--system" switches for showing only user's own logs
+ and system logs.
+
+ * systemd-delta can now show information about drop-in
+ snippets extending unit files.
+
+ * libsystemd-bus has been substantially updated but is still
+ not available as public API.
+
+ * systemd will now look for the "debug" argument on the kernel
+ command line and enable debug logging, similar to what
+ "systemd.log_level=debug" already did before.
+
+ * "systemctl set-default", "systemctl get-default" has been
+ added to configure the default.target symlink, which
+ controls what to boot into by default.
+
+ * "systemctl set-log-level" has been added as a convenient
+ way to raise and lower systemd logging threshold.
+
+ * "systemd-analyze plot" will now show the time the various
+ generators needed for execution, as well as information
+ about the unit file loading.
+
+ * libsystemd-journal gained a new sd_journal_open_files() call
+ for opening specific journal files. journactl also gained a
+ new switch to expose this new functionality. Previously we
+ only supported opening all files from a directory, or all
+ files from the system, as opening individual files only is
+ racy due to journal file rotation.
+
+ * systemd gained the new DefaultEnvironment= setting in
+ /etc/systemd/system.conf to set environment variables for
+ all services.
+
+ * If a privileged process logs a journal message with the
+ OBJECT_PID= field set, then journald will automatically
+ augment this with additional OBJECT_UID=, OBJECT_GID=,
+ OBJECT_COMM=, OBJECT_EXE=, ... fields. This is useful if
+ system services want to log events about specific client
+ processes. journactl/systemctl has been updated to make use
+ of this information if all log messages regarding a specific
+ unit is requested.
+
+ Contributions from: Auke Kok, Chengwei Yang, Colin Walters,
+ Cristian Rodríguez, Daniel Albers, Daniel Wallace, Dave
+ Reisner, David Coppa, David King, David Strauss, Eelco
+ Dolstra, Gabriel de Perthuis, Harald Hoyer, Jan Alexander
+ Steffens, Jan Engelhardt, Jan Janssen, Jason St. John, Johan
+ Heikkilä, Karel Zak, Karol Lewandowski, Kay Sievers, Lennart
+ Poettering, Lukas Nykryn, Mantas Mikulėnas, Marius Vollmer,
+ Martin Pitt, Michael Biebl, Michael Olbrich, Michael Tremer,
+ Michal Schmidt, Michał Bartoszkiewicz, Nirbheek Chauhan,
+ Pierre Neidhardt, Ross Burton, Ross Lagerwall, Sean McGovern,
+ Thomas Hindoe Paaboel Andersen, Tom Gundersen, Umut Tezduyar,
+ Václav Pavlín, Zachary Cook, Zbigniew Jędrzejewski-Szmek,
+ Łukasz Stelmach, 장동준
+
+CHANGES WITH 204:
+
+ * The Python bindings gained some minimal support for the APIs
+ exposed by libsystemd-logind.
+
+ * ConditionSecurity= gained support for detecting SMACK. Since
+ this condition already supports SELinux and AppArmor we only
+ miss IMA for this. Patches welcome!
+
+ Contributions from: Karol Lewandowski, Lennart Poettering,
+ Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 203:
+
+ * systemd-nspawn will now create /etc/resolv.conf if
+ necessary, before bind-mounting the host's file onto it.
+
+ * systemd-nspawn will now store meta information about a
+ container on the container's cgroup as extended attribute
+ fields, including the root directory.
+
+ * The cgroup hierarchy has been reworked in many ways. All
+ objects any of the components systemd creates in the cgroup
+ tree are now suffixed. More specifically, user sessions are
+ now placed in cgroups suffixed with ".session", users in
+ cgroups suffixed with ".user", and nspawn containers in
+ cgroups suffixed with ".nspawn". Furthermore, all cgroup
+ names are now escaped in a simple scheme to avoid collision
+ of userspace object names with kernel filenames. This work
+ is preparation for making these objects relocatable in the
+ cgroup tree, in order to allow easy resource partitioning of
+ these objects without causing naming conflicts.
+
+ * systemctl list-dependencies gained the new switches
+ --plain, --reverse, --after and --before.
+
+ * systemd-inhibit now shows the process name of processes that
+ have taken an inhibitor lock.
+
+ * nss-myhostname will now also resolve "localhost"
+ implicitly. This makes /etc/hosts an optional file and
+ nicely handles that on IPv6 ::1 maps to both "localhost" and
+ the local hostname.
+
+ * libsystemd-logind.so gained a new call
+ sd_get_machine_names() to enumerate running containers and
+ VMs (currently only supported by very new libvirt and
+ nspawn). sd_login_monitor can now be used to watch
+ VMs/containers coming and going.
+
+ * .include is not allowed recursively anymore, and only in
+ unit files. Usually it is better to use drop-in snippets in
+ .d/*.conf anyway, as introduced with systemd 198.
+
+ * systemd-analyze gained a new "critical-chain" command that
+ determines the slowest chain of units run during system
+ boot-up. It is very useful for tracking down where
+ optimizing boot time is the most beneficial.
+
+ * systemd will no longer allow manipulating service paths in
+ the name=systemd:/system cgroup tree using ControlGroup= in
+ units. (But is still fine with it in all other dirs.)
+
+ * There's a new systemd-nspawn@.service service file that may
+ be used to easily run nspawn containers as system
+ services. With the container's root directory in
+ /var/lib/container/foobar it is now sufficient to run
+ "systemctl start systemd-nspawn@foobar.service" to boot it.
+
+ * systemd-cgls gained a new parameter "--machine" to list only
+ the processes within a certain container.
+
+ * ConditionSecurity= now can check for "apparmor". We still
+ are lacking checks for SMACK and IMA for this condition
+ check though. Patches welcome!
+
+ * A new configuration file /etc/systemd/sleep.conf has been
+ added that may be used to configure which kernel operation
+ systemd is supposed to execute when "suspend", "hibernate"
+ or "hybrid-sleep" is requested. This makes the new kernel
+ "freeze" state accessible to the user.
+
+ * ENV{SYSTEMD_WANTS} in udev rules will now implicitly escape
+ the passed argument if applicable.
+
+ Contributions from: Auke Kok, Colin Guthrie, Colin Walters,
+ Cristian Rodríguez, Daniel Buch, Daniel Wallace, Dave Reisner,
+ Evangelos Foutras, Greg Kroah-Hartman, Harald Hoyer, Josh
+ Triplett, Kay Sievers, Lennart Poettering, Lukas Nykryn,
+ MUNEDA Takahiro, Mantas Mikulėnas, Mirco Tischler, Nathaniel
+ Chen, Nirbheek Chauhan, Ronny Chevalier, Ross Lagerwall, Tom
+ Gundersen, Umut Tezduyar, Ville Skyttä, Zbigniew
+ Jędrzejewski-Szmek
+
+CHANGES WITH 202:
+
+ * The output of 'systemctl list-jobs' got some polishing. The
+ '--type=' argument may now be passed more than once. A new
+ command 'systemctl list-sockets' has been added which shows
+ a list of kernel sockets systemd is listening on with the
+ socket units they belong to, plus the units these socket
+ units activate.
+
+ * The experimental libsystemd-bus library got substantial
+ updates to work in conjunction with the (also experimental)
+ kdbus kernel project. It works well enough to exchange
+ messages with some sophistication. Note that kdbus is not
+ ready yet, and the library is mostly an elaborate test case
+ for now, and not installable.
+
+ * systemd gained a new unit 'systemd-static-nodes.service'
+ that generates static device nodes earlier during boot, and
+ can run in conjunction with udev.
+
+ * libsystemd-login gained a new call sd_pid_get_user_unit()
+ to retrieve the user systemd unit a process is running
+ in. This is useful for systems where systemd is used as
+ session manager.
+
+ * systemd-nspawn now places all containers in the new /machine
+ top-level cgroup directory in the name=systemd
+ hierarchy. libvirt will soon do the same, so that we get a
+ uniform separation of /system, /user and /machine for system
+ services, user processes and containers/virtual
+ machines. This new cgroup hierarchy is also useful to stick
+ stable names to specific container instances, which can be
+ recognized later this way (this name may be controlled
+ via systemd-nspawn's new -M switch). libsystemd-login also
+ gained a new call sd_pid_get_machine_name() to retrieve the
+ name of the container/VM a specific process belongs to.
+
+ * bootchart can now store its data in the journal.
+
+ * libsystemd-journal gained a new call
+ sd_journal_add_conjunction() for AND expressions to the
+ matching logic. This can be used to express more complex
+ logical expressions.
+
+ * journactl can now take multiple --unit= and --user-unit=
+ switches.
+
+ * The cryptsetup logic now understands the "luks.key=" kernel
+ command line switch for specifying a file to read the
+ decryption key from. Also, if a configured key file is not
+ found the tool will now automatically fall back to prompting
+ the user.
+
+ * Python systemd.journal module was updated to wrap recently
+ added functions from libsystemd-journal. The interface was
+ changed to bring the low level interface in s.j._Reader
+ closer to the C API, and the high level interface in
+ s.j.Reader was updated to wrap and convert all data about
+ an entry.
+
+ Contributions from: Anatol Pomozov, Auke Kok, Harald Hoyer,
+ Henrik Grindal Bakken, Josh Triplett, Kay Sievers, Lennart
+ Poettering, Lukas Nykryn, Mantas Mikulėnas Marius Vollmer,
+ Martin Jansa, Martin Pitt, Michael Biebl, Michal Schmidt,
+ Mirco Tischler, Pali Rohar, Simon Peeters, Steven Hiscocks,
+ Tom Gundersen, Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 201:
+
+ * journalctl --update-catalog now understands a new --root=
+ option to operate on catalogs found in a different root
+ directory.
+
+ * During shutdown after systemd has terminated all running
+ services a final killing loop kills all remaining left-over
+ processes. We will now print the name of these processes
+ when we send SIGKILL to them, since this usually indicates a
+ problem.
+
+ * If /etc/crypttab refers to password files stored on
+ configured mount points automatic dependencies will now be
+ generated to ensure the specific mount is established first
+ before the key file is attempted to be read.
+
+ * 'systemctl status' will now show information about the
+ network sockets a socket unit is listening on.
+
+ * 'systemctl status' will also shown information about any
+ drop-in configuration file for units. (Drop-In configuration
+ files in this context are files such as
+ /etc/systemd/systemd/foobar.service.d/*.conf)
+
+ * systemd-cgtop now optionally shows summed up CPU times of
+ cgroups. Press '%' while running cgtop to switch between
+ percentage and absolute mode. This is useful to determine
+ which cgroups use up the most CPU time over the entire
+ runtime of the system. systemd-cgtop has also been updated
+ to be 'pipeable' for processing with further shell tools.
+
+ * 'hostnamectl set-hostname' will now allow setting of FQDN
+ hostnames.
+
+ * The formatting and parsing of time span values has been
+ changed. The parser now understands fractional expressions
+ such as "5.5h". The formatter will now output fractional
+ expressions for all time spans under 1min, i.e. "5.123456s"
+ rather than "5s 123ms 456us". For time spans under 1s
+ millisecond values are shown, for those under 1ms
+ microsecond values are shown. This should greatly improve
+ all time-related output of systemd.
+
+ * libsystemd-login and libsystemd-journal gained new
+ functions for querying the poll() events mask and poll()
+ timeout value for integration into arbitrary event
+ loops.
+
+ * localectl gained the ability to list available X11 keymaps
+ (models, layouts, variants, options).
+
+ * 'systemd-analyze dot' gained the ability to filter for
+ specific units via shell-style globs, to create smaller,
+ more useful graphs. I.e. it is now possible to create simple
+ graphs of all the dependencies between only target units, or
+ of all units that Avahi has dependencies with.
+
+ Contributions from: Cristian Rodríguez, Dr. Tilmann Bubeck,
+ Harald Hoyer, Holger Hans Peter Freyther, Kay Sievers, Kelly
+ Anderson, Koen Kooi, Lennart Poettering, Maksim Melnikau,
+ Marc-Antoine Perennou, Marius Vollmer, Martin Pitt, Michal
+ Schmidt, Oleksii Shevchuk, Ronny Chevalier, Simon McVittie,
+ Steven Hiscocks, Thomas Weißschuh, Umut Tezduyar, Václav
+ Pavlín, Zbigniew Jędrzejewski-Szmek, Łukasz Stelmach
+
+CHANGES WITH 200:
+
+ * The boot-time readahead implementation for rotating media
+ will now read the read-ahead data in multiple passes which
+ consist of all read requests made in equidistant time
+ intervals. This means instead of strictly reading read-ahead
+ data in its physical order on disk we now try to find a
+ middle ground between physical and access time order.
+
+ * /etc/os-release files gained a new BUILD_ID= field for usage
+ on operating systems that provide continuous builds of OS
+ images.
+
+ Contributions from: Auke Kok, Eelco Dolstra, Kay Sievers,
+ Lennart Poettering, Lukas Nykryn, Martin Pitt, Václav Pavlín
+ William Douglas, Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 199:
+
+ * systemd-python gained an API exposing libsystemd-daemon.
+
+ * The SMACK setup logic gained support for uploading CIPSO
+ security policy.
+
+ * Behaviour of PrivateTmp=, ReadWriteDirectories=,
+ ReadOnlyDirectories= and InaccessibleDirectories= has
+ changed. The private /tmp and /var/tmp directories are now
+ shared by all processes of a service (which means
+ ExecStartPre= may now leave data in /tmp that ExecStart= of
+ the same service can still access). When a service is
+ stopped its temporary directories are immediately deleted
+ (normal clean-up with tmpfiles is still done in addition to
+ this though).
+
+ * By default, systemd will now set a couple of sysctl
+ variables in the kernel: the safe sysrq options are turned
+ on, IP route verification is turned on, and source routing
+ disabled. The recently added hardlink and softlink
+ protection of the kernel is turned on. These settings should
+ be reasonably safe, and good defaults for all new systems.
+
+ * The predictable network naming logic may now be turned off
+ with a new kernel command line switch: net.ifnames=0.
+
+ * A new libsystemd-bus module has been added that implements a
+ pretty complete D-Bus client library. For details see:
+
+ https://lists.freedesktop.org/archives/systemd-devel/2013-March/009797.html
+
+ * journald will now explicitly flush the journal files to disk
+ at the latest 5min after each write. The file will then also
+ be marked offline until the next write. This should increase
+ reliability in case of a crash. The synchronization delay
+ can be configured via SyncIntervalSec= in journald.conf.
+
+ * There's a new remote-fs-setup.target unit that can be used
+ to pull in specific services when at least one remote file
+ system is to be mounted.
+
+ * There are new targets timers.target and paths.target as
+ canonical targets to pull user timer and path units in
+ from. This complements sockets.target with a similar
+ purpose for socket units.
+
+ * libudev gained a new call udev_device_set_attribute_value()
+ to set sysfs attributes of a device.
+
+ * The udev daemon now sets the default number of worker
+ processes executed in parallel based on the number of available
+ CPUs instead of the amount of available RAM. This is supposed
+ to provide a more reliable default and limit a too aggressive
+ parallelism for setups with 1000s of devices connected.
+
+ Contributions from: Auke Kok, Colin Walters, Cristian
+ Rodríguez, Daniel Buch, Dave Reisner, Frederic Crozat, Hannes
+ Reinecke, Harald Hoyer, Jan Alexander Steffens, Jan
+ Engelhardt, Josh Triplett, Kay Sievers, Lennart Poettering,
+ Mantas Mikulėnas, Martin Pitt, Mathieu Bridon, Michael Biebl,
+ Michal Schmidt, Michal Sekletar, Miklos Vajna, Nathaniel Chen,
+ Oleksii Shevchuk, Ozan Çağlayan, Thomas Hindoe Paaboel
+ Andersen, Tollef Fog Heen, Tom Gundersen, Umut Tezduyar,
+ Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 198:
+
+ * Configuration of unit files may now be extended via drop-in
+ files without having to edit/override the unit files
+ themselves. More specifically, if the administrator wants to
+ change one value for a service file foobar.service he can
+ now do so by dropping in a configuration snippet into
+ /etc/systemd/system/foobar.service.d/*.conf. The unit logic
+ will load all these snippets and apply them on top of the
+ main unit configuration file, possibly extending or
+ overriding its settings. Using these drop-in snippets is
+ generally nicer than the two earlier options for changing
+ unit files locally: copying the files from
+ /usr/lib/systemd/system/ to /etc/systemd/system/ and editing
+ them there; or creating a new file in /etc/systemd/system/
+ that incorporates the original one via ".include". Drop-in
+ snippets into these .d/ directories can be placed in any
+ directory systemd looks for units in, and the usual
+ overriding semantics between /usr/lib, /etc and /run apply
+ for them too.
+
+ * Most unit file settings which take lists of items can now be
+ reset by assigning the empty string to them. For example,
+ normally, settings such as Environment=FOO=BAR append a new
+ environment variable assignment to the environment block,
+ each time they are used. By assigning Environment= the empty
+ string the environment block can be reset to empty. This is
+ particularly useful with the .d/*.conf drop-in snippets
+ mentioned above, since this adds the ability to reset list
+ settings from vendor unit files via these drop-ins.
+
+ * systemctl gained a new "list-dependencies" command for
+ listing the dependencies of a unit recursively.
+
+ * Inhibitors are now honored and listed by "systemctl
+ suspend", "systemctl poweroff" (and similar) too, not only
+ GNOME. These commands will also list active sessions by
+ other users.
+
+ * Resource limits (as exposed by the various control group
+ controllers) can now be controlled dynamically at runtime
+ for all units. More specifically, you can now use a command
+ like "systemctl set-cgroup-attr foobar.service cpu.shares
+ 2000" to alter the CPU shares a specific service gets. These
+ settings are stored persistently on disk, and thus allow the
+ administrator to easily adjust the resource usage of
+ services with a few simple commands. This dynamic resource
+ management logic is also available to other programs via the
+ bus. Almost any kernel cgroup attribute and controller is
+ supported.
+
+ * systemd-vconsole-setup will now copy all font settings to
+ all allocated VTs, where it previously applied them only to
+ the foreground VT.
+
+ * libsystemd-login gained the new sd_session_get_tty() API
+ call.
+
+ * This release drops support for a few legacy or
+ distribution-specific LSB facility names when parsing init
+ scripts: $x-display-manager, $mail-transfer-agent,
+ $mail-transport-agent, $mail-transfer-agent, $smtp,
+ $null. Also, the mail-transfer-agent.target unit backing
+ this has been removed. Distributions which want to retain
+ compatibility with this should carry the burden for
+ supporting this themselves and patch support for these back
+ in, if they really need to. Also, the facilities $syslog and
+ $local_fs are now ignored, since systemd does not support
+ early-boot LSB init scripts anymore, and these facilities
+ are implied anyway for normal services. syslog.target has
+ also been removed.
+
+ * There are new bus calls on PID1's Manager object for
+ cancelling jobs, and removing snapshot units. Previously,
+ both calls were only available on the Job and Snapshot
+ objects themselves.
+
+ * systemd-journal-gatewayd gained SSL support.
+
+ * The various "environment" files, such as /etc/locale.conf
+ now support continuation lines with a backslash ("\") as
+ last character in the line, similarly in style (but different)
+ to how this is supported in shells.
+
+ * For normal user processes the _SYSTEMD_USER_UNIT= field is
+ now implicitly appended to every log entry logged. systemctl
+ has been updated to filter by this field when operating on a
+ user systemd instance.
+
+ * nspawn will now implicitly add the CAP_AUDIT_WRITE and
+ CAP_AUDIT_CONTROL capabilities to the capabilities set for
+ the container. This makes it easier to boot unmodified
+ Fedora systems in a container, which however still requires
+ audit=0 to be passed on the kernel command line. Auditing in
+ kernel and userspace is unfortunately still too broken in
+ context of containers, hence we recommend compiling it out
+ of the kernel or using audit=0. Hopefully this will be fixed
+ one day for good in the kernel.
+
+ * nspawn gained the new --bind= and --bind-ro= parameters to
+ bind mount specific directories from the host into the
+ container.
+
+ * nspawn will now mount its own devpts file system instance
+ into the container, in order not to leak pty devices from
+ the host into the container.
+
+ * systemd will now read the firmware boot time performance
+ information from the EFI variables, if the used boot loader
+ supports this, and takes it into account for boot performance
+ analysis via "systemd-analyze". This is currently supported
+ only in conjunction with Gummiboot, but could be supported
+ by other boot loaders too. For details see:
+
+ https://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface
+
+ * A new generator has been added that automatically mounts the
+ EFI System Partition (ESP) to /boot, if that directory
+ exists, is empty, and no other file system has been
+ configured to be mounted there.
+
+ * logind will now send out PrepareForSleep(false) out
+ unconditionally, after coming back from suspend. This may be
+ used by applications as asynchronous notification for
+ system resume events.
+
+ * "systemctl unlock-sessions" has been added, that allows
+ unlocking the screens of all user sessions at once, similar
+ to how "systemctl lock-sessions" already locked all users
+ sessions. This is backed by a new D-Bus call UnlockSessions().
+
+ * "loginctl seat-status" will now show the master device of a
+ seat. (i.e. the device of a seat that needs to be around for
+ the seat to be considered available, usually the graphics
+ card).
+
+ * tmpfiles gained a new "X" line type, that allows
+ configuration of files and directories (with wildcards) that
+ shall be excluded from automatic cleanup ("aging").
+
+ * udev default rules set the device node permissions now only
+ at "add" events, and do not change them any longer with a
+ later "change" event.
+
+ * The log messages for lid events and power/sleep keypresses
+ now carry a message ID.
+
+ * We now have a substantially larger unit test suite, but this
+ continues to be work in progress.
+
+ * udevadm hwdb gained a new --root= parameter to change the
+ root directory to operate relative to.
+
+ * logind will now issue a background sync() request to the kernel
+ early at shutdown, so that dirty buffers are flushed to disk early
+ instead of at the last moment, in order to optimize shutdown
+ times a little.
+
+ * A new bootctl tool has been added that is an interface for
+ certain boot loader operations. This is currently a preview
+ and is likely to be extended into a small mechanism daemon
+ like timedated, localed, hostnamed, and can be used by
+ graphical UIs to enumerate available boot options, and
+ request boot into firmware operations.
+
+ * systemd-bootchart has been relicensed to LGPLv2.1+ to match
+ the rest of the package. It also has been updated to work
+ correctly in initrds.
+
+ * polkit previously has been runtime optional, and is now also
+ compile time optional via a configure switch.
+
+ * systemd-analyze has been reimplemented in C. Also "systemctl
+ dot" has moved into systemd-analyze.
+
+ * "systemctl status" with no further parameters will now print
+ the status of all active or failed units.
+
+ * Operations such as "systemctl start" can now be executed
+ with a new mode "--irreversible" which may be used to queue
+ operations that cannot accidentally be reversed by a later
+ job queuing. This is by default used to make shutdown
+ requests more robust.
+
+ * The Python API of systemd now gained a new module for
+ reading journal files.
+
+ * A new tool kernel-install has been added that can install
+ kernel images according to the Boot Loader Specification:
+
+ https://www.freedesktop.org/wiki/Specifications/BootLoaderSpec
+
+ * Boot time console output has been improved to provide
+ animated boot time output for hanging jobs.
+
+ * A new tool systemd-activate has been added which can be used
+ to test socket activation with, directly from the command
+ line. This should make it much easier to test and debug
+ socket activation in daemons.
+
+ * journalctl gained a new "--reverse" (or -r) option to show
+ journal output in reverse order (i.e. newest line first).
+
+ * journalctl gained a new "--pager-end" (or -e) option to jump
+ to immediately jump to the end of the journal in the
+ pager. This is only supported in conjunction with "less".
+
+ * journalctl gained a new "--user-unit=" option, that works
+ similarly to "--unit=" but filters for user units rather than
+ system units.
+
+ * A number of unit files to ease adoption of systemd in
+ initrds has been added. This moves some minimal logic from
+ the various initrd implementations into systemd proper.
+
+ * The journal files are now owned by a new group
+ "systemd-journal", which exists specifically to allow access
+ to the journal, and nothing else. Previously, we used the
+ "adm" group for that, which however possibly covers more
+ than just journal/log file access. This new group is now
+ already used by systemd-journal-gatewayd to ensure this
+ daemon gets access to the journal files and as little else
+ as possible. Note that "make install" will also set FS ACLs
+ up for /var/log/journal to give "adm" and "wheel" read
+ access to it, in addition to "systemd-journal" which owns
+ the journal files. We recommend that packaging scripts also
+ add read access to "adm" + "wheel" to /var/log/journal, and
+ all existing/future journal files. To normal users and
+ administrators little changes, however packagers need to
+ ensure to create the "systemd-journal" system group at
+ package installation time.
+
+ * The systemd-journal-gatewayd now runs as unprivileged user
+ systemd-journal-gateway:systemd-journal-gateway. Packaging
+ scripts need to create these system user/group at
+ installation time.
+
+ * timedated now exposes a new boolean property CanNTP that
+ indicates whether a local NTP service is available or not.
+
+ * systemd-detect-virt will now also detect xen PVs
+
+ * The pstore file system is now mounted by default, if it is
+ available.
+
+ * In addition to the SELinux and IMA policies we will now also
+ load SMACK policies at early boot.
+
+ Contributions from: Adel Gadllah, Aleksander Morgado, Auke
+ Kok, Ayan George, Bastien Nocera, Colin Walters, Daniel Buch,
+ Daniel Wallace, Dave Reisner, David Herrmann, David Strauss,
+ Eelco Dolstra, Enrico Scholz, Frederic Crozat, Harald Hoyer,
+ Jan Janssen, Jonathan Callen, Kay Sievers, Lennart Poettering,
+ Lukas Nykryn, Mantas Mikulėnas, Marc-Antoine Perennou, Martin
+ Pitt, Mauro Dreissig, Max F. Albrecht, Michael Biebl, Michael
+ Olbrich, Michal Schmidt, Michal Sekletar, Michal Vyskocil,
+ Michał Bartoszkiewicz, Mirco Tischler, Nathaniel Chen, Nestor
+ Ovroy, Oleksii Shevchuk, Paul W. Frields, Piotr Drąg, Rob
+ Clark, Ryan Lortie, Simon McVittie, Simon Peeters, Steven
+ Hiscocks, Thomas Hindoe Paaboel Andersen, Tollef Fog Heen, Tom
+ Gundersen, Umut Tezduyar, William Giokas, Zbigniew
+ Jędrzejewski-Szmek, Zeeshan Ali (Khattak)
+
+CHANGES WITH 197:
+
+ * Timer units now support calendar time events in addition to
+ monotonic time events. That means you can now trigger a unit
+ based on a calendar time specification such as "Thu,Fri
+ 2013-*-1,5 11:12:13" which refers to 11:12:13 of the first
+ or fifth day of any month of the year 2013, given that it is
+ a thursday or friday. This brings timer event support
+ considerably closer to cron's capabilities. For details on
+ the supported calendar time specification language see
+ systemd.time(7).
+
+ * udev now supports a number of different naming policies for
+ network interfaces for predictable names, and a combination
+ of these policies is now the default. Please see this wiki
+ document for details:
+
+ https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames
+
+ * Auke Kok's bootchart implementation has been added to the
+ systemd tree. It is an optional component that can graph the
+ boot in quite some detail. It is one of the best bootchart
+ implementations around and minimal in its code and
+ dependencies.
+
+ * nss-myhostname has been integrated into the systemd source
+ tree. nss-myhostname guarantees that the local hostname
+ always stays resolvable via NSS. It has been a weak
+ requirement of systemd-hostnamed since a long time, and
+ since its code is actually trivial we decided to just
+ include it in systemd's source tree. It can be turned off
+ with a configure switch.
+
+ * The read-ahead logic is now capable of properly detecting
+ whether a btrfs file system is on SSD or rotating media, in
+ order to optimize the read-ahead scheme. Previously, it was
+ only capable of detecting this on traditional file systems
+ such as ext4.
+
+ * In udev, additional device properties are now read from the
+ IAB in addition to the OUI database. Also, Bluetooth company
+ identities are attached to the devices as well.
+
+ * In service files %U may be used as specifier that is
+ replaced by the configured user name of the service.
+
+ * nspawn may now be invoked without a controlling TTY. This
+ makes it suitable for invocation as its own service. This
+ may be used to set up a simple containerized server system
+ using only core OS tools.
+
+ * systemd and nspawn can now accept socket file descriptors
+ when they are started for socket activation. This enables
+ implementation of socket activated nspawn
+ containers. i.e. think about autospawning an entire OS image
+ when the first SSH or HTTP connection is received. We expect
+ that similar functionality will also be added to libvirt-lxc
+ eventually.
+
+ * journalctl will now suppress ANSI color codes when
+ presenting log data.
+
+ * systemctl will no longer show control group information for
+ a unit if the control group is empty anyway.
+
+ * logind can now automatically suspend/hibernate/shutdown the
+ system on idle.
+
+ * /etc/machine-info and hostnamed now also expose the chassis
+ type of the system. This can be used to determine whether
+ the local system is a laptop, desktop, handset or
+ tablet. This information may either be configured by the
+ user/vendor or is automatically determined from ACPI and DMI
+ information if possible.
+
+ * A number of polkit actions are now bound together with "imply"
+ rules. This should simplify creating UIs because many actions
+ will now authenticate similar ones as well.
+
+ * Unit files learnt a new condition ConditionACPower= which
+ may be used to conditionalize a unit depending on whether an
+ AC power source is connected or not, of whether the system
+ is running on battery power.
+
+ * systemctl gained a new "is-failed" verb that may be used in
+ shell scripts and suchlike to check whether a specific unit
+ is in the "failed" state.
+
+ * The EnvironmentFile= setting in unit files now supports file
+ globbing, and can hence be used to easily read a number of
+ environment files at once.
+
+ * systemd will no longer detect and recognize specific
+ distributions. All distribution-specific #ifdeffery has been
+ removed, systemd is now fully generic and
+ distribution-agnostic. Effectively, not too much is lost as
+ a lot of the code is still accessible via explicit configure
+ switches. However, support for some distribution specific
+ legacy configuration file formats has been dropped. We
+ recommend distributions to simply adopt the configuration
+ files everybody else uses now and convert the old
+ configuration from packaging scripts. Most distributions
+ already did that. If that's not possible or desirable,
+ distributions are welcome to forward port the specific
+ pieces of code locally from the git history.
+
+ * When logging a message about a unit systemd will now always
+ log the unit name in the message meta data.
+
+ * localectl will now also discover system locale data that is
+ not stored in locale archives, but directly unpacked.
+
+ * logind will no longer unconditionally use framebuffer
+ devices as seat masters, i.e. as devices that are required
+ to be existing before a seat is considered preset. Instead,
+ it will now look for all devices that are tagged as
+ "seat-master" in udev. By default, framebuffer devices will
+ be marked as such, but depending on local systems, other
+ devices might be marked as well. This may be used to
+ integrate graphics cards using closed source drivers (such
+ as NVidia ones) more nicely into logind. Note however, that
+ we recommend using the open source NVidia drivers instead,
+ and no udev rules for the closed-source drivers will be
+ shipped from us upstream.
+
+ Contributions from: Adam Williamson, Alessandro Crismani, Auke
+ Kok, Colin Walters, Daniel Wallace, Dave Reisner, David
+ Herrmann, David Strauss, Dimitrios Apostolou, Eelco Dolstra,
+ Eric Benoit, Giovanni Campagna, Hannes Reinecke, Henrik
+ Grindal Bakken, Hermann Gausterer, Kay Sievers, Lennart
+ Poettering, Lukas Nykryn, Mantas Mikulėnas, Marcel Holtmann,
+ Martin Pitt, Matthew Monaco, Michael Biebl, Michael Terry,
+ Michal Schmidt, Michal Sekletar, Michał Bartoszkiewicz, Oleg
+ Samarin, Pekka Lundstrom, Philip Nilsson, Ramkumar
+ Ramachandra, Richard Yao, Robert Millan, Sami Kerola, Shawn
+ Landden, Thomas Hindoe Paaboel Andersen, Thomas Jarosch,
+ Tollef Fog Heen, Tom Gundersen, Umut Tezduyar, Zbigniew
+ Jędrzejewski-Szmek
+
+CHANGES WITH 196:
+
+ * udev gained support for loading additional device properties
+ from an indexed database that is keyed by vendor/product IDs
+ and similar device identifiers. For the beginning this
+ "hwdb" is populated with data from the well-known PCI and
+ USB database, but also includes PNP, ACPI and OID data. In
+ the longer run this indexed database shall grow into
+ becoming the one central database for non-essential
+ userspace device metadata. Previously, data from the PCI/USB
+ database was only attached to select devices, since the
+ lookup was a relatively expensive operation due to O(n) time
+ complexity (with n being the number of entries in the
+ database). Since this is now O(1), we decided to add in this
+ data for all devices where this is available, by
+ default. Note that the indexed database needs to be rebuilt
+ when new data files are installed. To achieve this you need
+ to update your packaging scripts to invoke "udevadm hwdb
+ --update" after installation of hwdb data files. For
+ RPM-based distributions we introduced the new
+ %udev_hwdb_update macro for this purpose.
+
+ * The Journal gained support for the "Message Catalog", an
+ indexed database to link up additional information with
+ journal entries. For further details please check:
+
+ https://www.freedesktop.org/wiki/Software/systemd/catalog
+
+ The indexed message catalog database also needs to be
+ rebuilt after installation of message catalog files. Use
+ "journalctl --update-catalog" for this. For RPM-based
+ distributions we introduced the %journal_catalog_update
+ macro for this purpose.
+
+ * The Python Journal bindings gained support for the standard
+ Python logging framework.
+
+ * The Journal API gained new functions for checking whether
+ the underlying file system of a journal file is capable of
+ properly reporting file change notifications, or whether
+ applications that want to reflect journal changes "live"
+ need to recheck journal files continuously in appropriate
+ time intervals.
+
+ * It is now possible to set the "age" field for tmpfiles
+ entries to 0, indicating that files matching this entry
+ shall always be removed when the directories are cleaned up.
+
+ * coredumpctl gained a new "gdb" verb which invokes gdb
+ right-away on the selected coredump.
+
+ * There's now support for "hybrid sleep" on kernels that
+ support this, in addition to "suspend" and "hibernate". Use
+ "systemctl hybrid-sleep" to make use of this.
+
+ * logind's HandleSuspendKey= setting (and related settings)
+ now gained support for a new "lock" setting to simply
+ request the screen lock on all local sessions, instead of
+ actually executing a suspend or hibernation.
+
+ * systemd will now mount the EFI variables file system by
+ default.
+
+ * Socket units now gained support for configuration of the
+ SMACK security label.
+
+ * timedatectl will now output the time of the last and next
+ daylight saving change.
+
+ * We dropped support for various legacy and distro-specific
+ concepts, such as insserv, early-boot SysV services
+ (i.e. those for non-standard runlevels such as 'b' or 'S')
+ or ArchLinux /etc/rc.conf support. We recommend the
+ distributions who still need support this to either continue
+ to maintain the necessary patches downstream, or find a
+ different solution. (Talk to us if you have questions!)
+
+ * Various systemd components will now bypass polkit checks for
+ root and otherwise handle properly if polkit is not found to
+ be around. This should fix most issues for polkit-less
+ systems. Quite frankly this should have been this way since
+ day one. It is absolutely our intention to make systemd work
+ fine on polkit-less systems, and we consider it a bug if
+ something does not work as it should if polkit is not around.
+
+ * For embedded systems it is now possible to build udev and
+ systemd without blkid and/or kmod support.
+
+ * "systemctl switch-root" is now capable of switching root
+ more than once. I.e. in addition to transitions from the
+ initrd to the host OS it is now possible to transition to
+ further OS images from the host. This is useful to implement
+ offline updating tools.
+
+ * Various other additions have been made to the RPM macros
+ shipped with systemd. Use %udev_rules_update() after
+ installing new udev rules files. %_udevhwdbdir,
+ %_udevrulesdir, %_journalcatalogdir, %_tmpfilesdir,
+ %_sysctldir are now available which resolve to the right
+ directories for packages to place various data files in.
+
+ * journalctl gained the new --full switch (in addition to
+ --all, to disable ellipsation for long messages.
+
+ Contributions from: Anders Olofsson, Auke Kok, Ben Boeckel,
+ Colin Walters, Cosimo Cecchi, Daniel Wallace, Dave Reisner,
+ Eelco Dolstra, Holger Hans Peter Freyther, Kay Sievers,
+ Chun-Yi Lee, Lekensteyn, Lennart Poettering, Mantas Mikulėnas,
+ Marti Raudsepp, Martin Pitt, Mauro Dreissig, Michael Biebl,
+ Michal Schmidt, Michal Sekletar, Miklos Vajna, Nis Martensen,
+ Oleksii Shevchuk, Olivier Brunel, Ramkumar Ramachandra, Thomas
+ Bächler, Thomas Hindoe Paaboel Andersen, Tom Gundersen, Tony
+ Camuso, Umut Tezduyar, Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 195:
+
+ * journalctl gained new --since= and --until= switches to
+ filter by time. It also now supports nice filtering for
+ units via --unit=/-u.
+
+ * Type=oneshot services may use ExecReload= and do the
+ right thing.
+
+ * The journal daemon now supports time-based rotation and
+ vacuuming, in addition to the usual disk-space based
+ rotation.
+
+ * The journal will now index the available field values for
+ each field name. This enables clients to show pretty drop
+ downs of available match values when filtering. The bash
+ completion of journalctl has been updated
+ accordingly. journalctl gained a new switch -F to list all
+ values a certain field takes in the journal database.
+
+ * More service events are now written as structured messages
+ to the journal, and made recognizable via message IDs.
+
+ * The timedated, localed and hostnamed mini-services which
+ previously only provided support for changing time, locale
+ and hostname settings from graphical DEs such as GNOME now
+ also have a minimal (but very useful) text-based client
+ utility each. This is probably the nicest way to changing
+ these settings from the command line now, especially since
+ it lists available options and is fully integrated with bash
+ completion.
+
+ * There's now a new tool "systemd-coredumpctl" to list and
+ extract coredumps from the journal.
+
+ * We now install a README each in /var/log/ and
+ /etc/rc.d/init.d explaining where the system logs and init
+ scripts went. This hopefully should help folks who go to
+ that dirs and look into the otherwise now empty void and
+ scratch their heads.
+
+ * When user-services are invoked (by systemd --user) the
+ $MANAGERPID env var is set to the PID of systemd.
+
+ * SIGRTMIN+24 when sent to a --user instance will now result
+ in immediate termination of systemd.
+
+ * gatewayd received numerous feature additions such as a
+ "follow" mode, for live syncing and filtering.
+
+ * browse.html now allows filtering and showing detailed
+ information on specific entries. Keyboard navigation and
+ mouse screen support has been added.
+
+ * gatewayd/journalctl now supports HTML5/JSON
+ Server-Sent-Events as output.
+
+ * The SysV init script compatibility logic will now
+ heuristically determine whether a script supports the
+ "reload" verb, and only then make this available as
+ "systemctl reload".
+
+ * "systemctl status --follow" has been removed, use "journalctl
+ -u" instead.
+
+ * journald.conf's RuntimeMinSize=, PersistentMinSize= settings
+ have been removed since they are hardly useful to be
+ configured.
+
+ * And I'd like to take the opportunity to specifically mention
+ Zbigniew for his great contributions. Zbigniew, you rock!
+
+ Contributions from: Andrew Eikum, Christian Hesse, Colin
+ Guthrie, Daniel J Walsh, Dave Reisner, Eelco Dolstra, Ferenc
+ Wágner, Kay Sievers, Lennart Poettering, Lukas Nykryn, Mantas
+ Mikulėnas, Martin Mikkelsen, Martin Pitt, Michael Olbrich,
+ Michael Stapelberg, Michal Schmidt, Sebastian Ott, Thomas
+ Bächler, Umut Tezduyar, Will Woods, Wulf C. Krueger, Zbigniew
+ Jędrzejewski-Szmek, Сковорода Никита Андреевич
+
+CHANGES WITH 194:
+
+ * If /etc/vconsole.conf is non-existent or empty we will no
+ longer load any console font or key map at boot by
+ default. Instead the kernel defaults will be left
+ intact. This is definitely the right thing to do, as no
+ configuration should mean no configuration, and hard-coding
+ font names that are different on all archs is probably a bad
+ idea. Also, the kernel default key map and font should be
+ good enough for most cases anyway, and mostly identical to
+ the userspace fonts/key maps we previously overloaded them
+ with. If distributions want to continue to default to a
+ non-kernel font or key map they should ship a default
+ /etc/vconsole.conf with the appropriate contents.
+
+ Contributions from: Colin Walters, Daniel J Walsh, Dave
+ Reisner, Kay Sievers, Lennart Poettering, Lukas Nykryn, Tollef
+ Fog Heen, Tom Gundersen, Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 193:
+
+ * journalctl gained a new --cursor= switch to show entries
+ starting from the specified location in the journal.
+
+ * We now enforce a size limit on journal entry fields exported
+ with "-o json" in journalctl. Fields larger than 4K will be
+ assigned null. This can be turned off with --all.
+
+ * An (optional) journal gateway daemon is now available as
+ "systemd-journal-gatewayd.service". This service provides
+ access to the journal via HTTP and JSON. This functionality
+ will be used to implement live log synchronization in both
+ pull and push modes, but has various other users too, such
+ as easy log access for debugging of embedded devices. Right
+ now it is already useful to retrieve the journal via HTTP:
+
+ # systemctl start systemd-journal-gatewayd.service
+ # wget http://localhost:19531/entries
+
+ This will download the journal contents in a
+ /var/log/messages compatible format. The same as JSON:
+
+ # curl -H"Accept: application/json" http://localhost:19531/entries
+
+ This service is also accessible via a web browser where a
+ single static HTML5 app is served that uses the JSON logic
+ to enable the user to do some basic browsing of the
+ journal. This will be extended later on. Here's an example
+ screenshot of this app in its current state:
+
+ http://0pointer.de/public/journal-gatewayd
+
+ Contributions from: Kay Sievers, Lennart Poettering, Robert
+ Milasan, Tom Gundersen
+
+CHANGES WITH 192:
+
+ * The bash completion logic is now available for journalctl
+ too.
+
+ * We do not mount the "cpuset" controller anymore together with
+ "cpu" and "cpuacct", as "cpuset" groups generally cannot be
+ started if no parameters are assigned to it. "cpuset" hence
+ broke code that assumed it could create "cpu" groups and
+ just start them.
+
+ * journalctl -f will now subscribe to terminal size changes,
+ and line break accordingly.
+
+ Contributions from: Dave Reisner, Kay Sievers, Lennart
+ Poettering, Lukas Nykrynm, Mirco Tischler, Václav Pavlín
+
+CHANGES WITH 191:
+
+ * nspawn will now create a symlink /etc/localtime in the
+ container environment, copying the host's timezone
+ setting. Previously this has been done via a bind mount, but
+ since symlinks cannot be bind mounted this has now been
+ changed to create/update the appropriate symlink.
+
+ * journalctl -n's line number argument is now optional, and
+ will default to 10 if omitted.
+
+ * journald will now log the maximum size the journal files may
+ take up on disk. This is particularly useful if the default
+ built-in logic of determining this parameter from the file
+ system size is used. Use "systemctl status
+ systemd-journald.service" to see this information.
+
+ * The multi-seat X wrapper tool has been stripped down. As X
+ is now capable of enumerating graphics devices via udev in a
+ seat-aware way the wrapper is not strictly necessary
+ anymore. A stripped down temporary stop-gap is still shipped
+ until the upstream display managers have been updated to
+ fully support the new X logic. Expect this wrapper to be
+ removed entirely in one of the next releases.
+
+ * HandleSleepKey= in logind.conf has been split up into
+ HandleSuspendKey= and HandleHibernateKey=. The old setting
+ is not available anymore. X11 and the kernel are
+ distinguishing between these keys and we should too. This
+ also means the inhibition lock for these keys has been split
+ into two.
+
+ Contributions from: Dave Airlie, Eelco Dolstra, Lennart
+ Poettering, Lukas Nykryn, Václav Pavlín
+
+CHANGES WITH 190:
+
+ * Whenever a unit changes state we will now log this to the
+ journal and show along the unit's own log output in
+ "systemctl status".
+
+ * ConditionPathIsMountPoint= can now properly detect bind
+ mount points too. (Previously, a bind mount of one file
+ system to another place in the same file system could not be
+ detected as mount, since they shared struct stat's st_dev
+ field.)
+
+ * We will now mount the cgroup controllers cpu, cpuacct,
+ cpuset and the controllers net_cls, net_prio together by
+ default.
+
+ * nspawn containers will now have a virtualized boot
+ ID. (i.e. /proc/sys/kernel/random/boot_id is now mounted
+ over with a randomized ID at container initialization). This
+ has the effect of making "journalctl -b" do the right thing
+ in a container.
+
+ * The JSON output journal serialization has been updated not
+ to generate "endless" list objects anymore, but rather one
+ JSON object per line. This is more in line how most JSON
+ parsers expect JSON objects. The new output mode
+ "json-pretty" has been added to provide similar output, but
+ neatly aligned for readability by humans.
+
+ * We dropped all explicit sync() invocations in the shutdown
+ code. The kernel does this implicitly anyway in the kernel
+ reboot() syscall. halt(8)'s -n option is now a compatibility
+ no-op.
+
+ * We now support virtualized reboot() in containers, as
+ supported by newer kernels. We will fall back to exit() if
+ CAP_SYS_REBOOT is not available to the container. Also,
+ nspawn makes use of this now and will actually reboot the
+ container if the containerized OS asks for that.
+
+ * journalctl will only show local log output by default
+ now. Use --merge (-m) to show remote log output, too.
+
+ * libsystemd-journal gained the new sd_journal_get_usage()
+ call to determine the current disk usage of all journal
+ files. This is exposed in the new "journalctl --disk-usage"
+ command.
+
+ * journald gained a new configuration setting SplitMode= in
+ journald.conf which may be used to control how user journals
+ are split off. See journald.conf(5) for details.
+
+ * A new condition type ConditionFileNotEmpty= has been added.
+
+ * tmpfiles' "w" lines now support file globbing, to write
+ multiple files at once.
+
+ * We added Python bindings for the journal submission
+ APIs. More Python APIs for a number of selected APIs will
+ likely follow. Note that we intend to add native bindings
+ only for the Python language, as we consider it common
+ enough to deserve bindings shipped within systemd. There are
+ various projects outside of systemd that provide bindings
+ for languages such as PHP or Lua.
+
+ * Many conditions will now resolve specifiers such as %i. In
+ addition, PathChanged= and related directives of .path units
+ now support specifiers as well.
+
+ * There's now a new RPM macro definition for the system preset
+ dir: %_presetdir.
+
+ * journald will now warn if it ca not forward a message to the
+ syslog daemon because its socket is full.
+
+ * timedated will no longer write or process /etc/timezone,
+ except on Debian. As we do not support late mounted /usr
+ anymore /etc/localtime always being a symlink is now safe,
+ and hence the information in /etc/timezone is not necessary
+ anymore.
+
+ * logind will now always reserve one VT for a text getty (VT6
+ by default). Previously if more than 6 X sessions where
+ started they took up all the VTs with auto-spawned gettys,
+ so that no text gettys were available anymore.
+
+ * udev will now automatically inform the btrfs kernel logic
+ about btrfs RAID components showing up. This should make
+ simple hotplug based btrfs RAID assembly work.
+
+ * PID 1 will now increase its RLIMIT_NOFILE to 64K by default
+ (but not for its children which will stay at the kernel
+ default). This should allow setups with a lot more listening
+ sockets.
+
+ * systemd will now always pass the configured timezone to the
+ kernel at boot. timedated will do the same when the timezone
+ is changed.
+
+ * logind's inhibition logic has been updated. By default,
+ logind will now handle the lid switch, the power and sleep
+ keys all the time, even in graphical sessions. If DEs want
+ to handle these events on their own they should take the new
+ handle-power-key, handle-sleep-key and handle-lid-switch
+ inhibitors during their runtime. A simple way to achieve
+ that is to invoke the DE wrapped in an invocation of:
+
+ systemd-inhibit --what=handle-power-key:handle-sleep-key:handle-lid-switch ...
+
+ * Access to unit operations is now checked via SELinux taking
+ the unit file label and client process label into account.
+
+ * systemd will now notify the administrator in the journal
+ when he over-mounts a non-empty directory.
+
+ * There are new specifiers that are resolved in unit files,
+ for the host name (%H), the machine ID (%m) and the boot ID
+ (%b).
+
+ Contributions from: Allin Cottrell, Auke Kok, Brandon Philips,
+ Colin Guthrie, Colin Walters, Daniel J Walsh, Dave Reisner,
+ Eelco Dolstra, Jan Engelhardt, Kay Sievers, Lennart
+ Poettering, Lucas De Marchi, Lukas Nykryn, Mantas Mikulėnas,
+ Martin Pitt, Matthias Clasen, Michael Olbrich, Pierre Schmitz,
+ Shawn Landden, Thomas Hindoe Paaboel Andersen, Tom Gundersen,
+ Václav Pavlín, Yin Kangkai, Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 189:
+
+ * Support for reading structured kernel messages from
+ /dev/kmsg has now been added and is enabled by default.
+
+ * Support for reading kernel messages from /proc/kmsg has now
+ been removed. If you want kernel messages in the journal
+ make sure to run a recent kernel (>= 3.5) that supports
+ reading structured messages from /dev/kmsg (see
+ above). /proc/kmsg is now exclusive property of classic
+ syslog daemons again.
+
+ * The libudev API gained the new
+ udev_device_new_from_device_id() call.
+
+ * The logic for file system namespace (ReadOnlyDirectory=,
+ ReadWriteDirectoy=, PrivateTmp=) has been reworked not to
+ require pivot_root() anymore. This means fewer temporary
+ directories are created below /tmp for this feature.
+
+ * nspawn containers will now see and receive all submounts
+ made on the host OS below the root file system of the
+ container.
+
+ * Forward Secure Sealing is now supported for Journal files,
+ which provide cryptographical sealing of journal files so
+ that attackers cannot alter log history anymore without this
+ being detectable. Lennart will soon post a blog story about
+ this explaining it in more detail.
+
+ * There are two new service settings RestartPreventExitStatus=
+ and SuccessExitStatus= which allow configuration of exit
+ status (exit code or signal) which will be excepted from the
+ restart logic, resp. consider successful.
+
+ * journalctl gained the new --verify switch that can be used
+ to check the integrity of the structure of journal files and
+ (if Forward Secure Sealing is enabled) the contents of
+ journal files.
+
+ * nspawn containers will now be run with /dev/stdin, /dev/fd/
+ and similar symlinks pre-created. This makes running shells
+ as container init process a lot more fun.
+
+ * The fstab support can now handle PARTUUID= and PARTLABEL=
+ entries.
+
+ * A new ConditionHost= condition has been added to match
+ against the hostname (with globs) and machine ID. This is
+ useful for clusters where a single OS image is used to
+ provision a large number of hosts which shall run slightly
+ different sets of services.
+
+ * Services which hit the restart limit will now be placed in a
+ failure state.
+
+ Contributions from: Bertram Poettering, Dave Reisner, Huang
+ Hang, Kay Sievers, Lennart Poettering, Lukas Nykryn, Martin
+ Pitt, Simon Peeters, Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 188:
+
+ * When running in --user mode systemd will now become a
+ subreaper (PR_SET_CHILD_SUBREAPER). This should make the ps
+ tree a lot more organized.
+
+ * A new PartOf= unit dependency type has been introduced that
+ may be used to group services in a natural way.
+
+ * "systemctl enable" may now be used to enable instances of
+ services.
+
+ * journalctl now prints error log levels in red, and
+ warning/notice log levels in bright white. It also supports
+ filtering by log level now.
+
+ * cgtop gained a new -n switch (similar to top), to configure
+ the maximum number of iterations to run for. It also gained
+ -b, to run in batch mode (accepting no input).
+
+ * The suffix ".service" may now be omitted on most systemctl
+ command lines involving service unit names.
+
+ * There's a new bus call in logind to lock all sessions, as
+ well as a loginctl verb for it "lock-sessions".
+
+ * libsystemd-logind.so gained a new call sd_journal_perror()
+ that works similar to libc perror() but logs to the journal
+ and encodes structured information about the error number.
+
+ * /etc/crypttab entries now understand the new keyfile-size=
+ option.
+
+ * shutdown(8) now can send a (configurable) wall message when
+ a shutdown is cancelled.
+
+ * The mount propagation mode for the root file system will now
+ default to "shared", which is useful to make containers work
+ nicely out-of-the-box so that they receive new mounts from
+ the host. This can be undone locally by running "mount
+ --make-rprivate /" if needed.
+
+ * The prefdm.service file has been removed. Distributions
+ should maintain this unit downstream if they intend to keep
+ it around. However, we recommend writing normal unit files
+ for display managers instead.
+
+ * Since systemd is a crucial part of the OS we will now
+ default to a number of compiler switches that improve
+ security (hardening) such as read-only relocations, stack
+ protection, and suchlike.
+
+ * The TimeoutSec= setting for services is now split into
+ TimeoutStartSec= and TimeoutStopSec= to allow configuration
+ of individual time outs for the start and the stop phase of
+ the service.
+
+ Contributions from: Artur Zaprzala, Arvydas Sidorenko, Auke
+ Kok, Bryan Kadzban, Dave Reisner, David Strauss, Harald Hoyer,
+ Jim Meyering, Kay Sievers, Lennart Poettering, Mantas
+ Mikulėnas, Martin Pitt, Michal Schmidt, Michal Sekletar, Peter
+ Alfredsen, Shawn Landden, Simon Peeters, Terence Honles, Tom
+ Gundersen, Zbigniew Jędrzejewski-Szmek
+
+CHANGES WITH 187:
+
+ * The journal and id128 C APIs are now fully documented as man
+ pages.
+
+ * Extra safety checks have been added when transitioning from
+ the initial RAM disk to the main system to avoid accidental
+ data loss.
+
+ * /etc/crypttab entries now understand the new keyfile-offset=
+ option.
+
+ * systemctl -t can now be used to filter by unit load state.
+
+ * The journal C API gained the new sd_journal_wait() call to
+ make writing synchronous journal clients easier.
+
+ * journalctl gained the new -D switch to show journals from a
+ specific directory.
+
+ * journalctl now displays a special marker between log
+ messages of two different boots.
+
+ * The journal is now explicitly flushed to /var via a service
+ systemd-journal-flush.service, rather than implicitly simply
+ by seeing /var/log/journal to be writable.
+
+ * journalctl (and the journal C APIs) can now match for much
+ more complex expressions, with alternatives and
+ disjunctions.
+
+ * When transitioning from the initial RAM disk to the main
+ system we will now kill all processes in a killing spree to
+ ensure no processes stay around by accident.
+
+ * Three new specifiers may be used in unit files: %u, %h, %s
+ resolve to the user name, user home directory resp. user
+ shell. This is useful for running systemd user instances.
+
+ * We now automatically rotate journal files if their data
+ object hash table gets a fill level > 75%. We also size the
+ hash table based on the configured maximum file size. This
+ together should lower hash collisions drastically and thus
+ speed things up a bit.
+
+ * journalctl gained the new "--header" switch to introspect
+ header data of journal files.
+
+ * A new setting SystemCallFilters= has been added to services
+ which may be used to apply blacklists or whitelists to
+ system calls. This is based on SECCOMP Mode 2 of Linux 3.5.
+
+ * nspawn gained a new --link-journal= switch (and quicker: -j)
+ to link the container journal with the host. This makes it
+ very easy to centralize log viewing on the host for all
+ guests while still keeping the journal files separated.
+
+ * Many bugfixes and optimizations
+
+ Contributions from: Auke Kok, Eelco Dolstra, Harald Hoyer, Kay
+ Sievers, Lennart Poettering, Malte Starostik, Paul Menzel, Rex
+ Tsai, Shawn Landden, Tom Gundersen, Ville Skyttä, Zbigniew
+ Jędrzejewski-Szmek
+
+CHANGES WITH 186:
+
+ * Several tools now understand kernel command line arguments,
+ which are only read when run in an initial RAM disk. They
+ usually follow closely their normal counterparts, but are
+ prefixed with rd.
+
+ * There's a new tool to analyze the readahead files that are
+ automatically generated at boot. Use:
+
+ /usr/lib/systemd/systemd-readahead analyze /.readahead
+
+ * We now provide an early debug shell on tty9 if this enabled. Use:
+
+ systemctl enable debug-shell.service
+
+ * All plymouth related units have been moved into the Plymouth
+ package. Please make sure to upgrade your Plymouth version
+ as well.
+
+ * systemd-tmpfiles now supports getting passed the basename of
+ a configuration file only, in which case it will look for it
+ in all appropriate directories automatically.
+
+ * udevadm info now takes a /dev or /sys path as argument, and
+ does the right thing. Example:
+
+ udevadm info /dev/sda
+ udevadm info /sys/class/block/sda
+
+ * systemctl now prints a warning if a unit is stopped but a
+ unit that might trigger it continues to run. Example: a
+ service is stopped but the socket that activates it is left
+ running.
+
+ * "systemctl status" will now mention if the log output was
+ shortened due to rotation since a service has been started.
+
+ * The journal API now exposes functions to determine the
+ "cutoff" times due to rotation.
+
+ * journald now understands SIGUSR1 and SIGUSR2 for triggering
+ immediately flushing of runtime logs to /var if possible,
+ resp. for triggering immediate rotation of the journal
+ files.
+
+ * It is now considered an error if a service is attempted to
+ be stopped that is not loaded.
+
+ * XDG_RUNTIME_DIR now uses numeric UIDs instead of usernames.
+
+ * systemd-analyze now supports Python 3
+
+ * tmpfiles now supports cleaning up directories via aging
+ where the first level dirs are always kept around but
+ directories beneath it automatically aged. This is enabled
+ by prefixing the age field with '~'.
+
+ * Seat objects now expose CanGraphical, CanTTY properties
+ which is required to deal with very fast bootups where the
+ display manager might be running before the graphics drivers
+ completed initialization.
+
+ * Seat objects now expose a State property.
+
+ * We now include RPM macros for service enabling/disabling
+ based on the preset logic. We recommend RPM based
+ distributions to make use of these macros if possible. This
+ makes it simpler to reuse RPM spec files across
+ distributions.
+
+ * We now make sure that the collected systemd unit name is
+ always valid when services log to the journal via
+ STDOUT/STDERR.
+
+ * There's a new man page kernel-command-line(7) detailing all
+ command line options we understand.
+
+ * The fstab generator may now be disabled at boot by passing
+ fstab=0 on the kernel command line.
+
+ * A new kernel command line option modules-load= is now understood
+ to load a specific kernel module statically, early at boot.
+
+ * Unit names specified on the systemctl command line are now
+ automatically escaped as needed. Also, if file system or
+ device paths are specified they are automatically turned
+ into the appropriate mount or device unit names. Example:
+
+ systemctl status /home
+ systemctl status /dev/sda
+
+ * The SysVConsole= configuration option has been removed from
+ system.conf parsing.
+
+ * The SysV search path is no longer exported on the D-Bus
+ Manager object.
+
+ * The Names= option has been removed from unit file parsing.
+
+ * There's a new man page bootup(7) detailing the boot process.
+
+ * Every unit and every generator we ship with systemd now
+ comes with full documentation. The self-explanatory boot is
+ complete.
+
+ * A couple of services gained "systemd-" prefixes in their
+ name if they wrap systemd code, rather than only external
+ code. Among them fsck@.service which is now
+ systemd-fsck@.service.
+
+ * The HaveWatchdog property has been removed from the D-Bus
+ Manager object.
+
+ * systemd.confirm_spawn= on the kernel command line should now
+ work sensibly.
+
+ * There's a new man page crypttab(5) which details all options
+ we actually understand.
+
+ * systemd-nspawn gained a new --capability= switch to pass
+ additional capabilities to the container.
+
+ * timedated will now read known NTP implementation unit names
+ from /usr/lib/systemd/ntp-units.d/*.list,
+ systemd-timedated-ntp.target has been removed.
+
+ * journalctl gained a new switch "-b" that lists log data of
+ the current boot only.
+
+ * The notify socket is in the abstract namespace again, in
+ order to support daemons which chroot() at start-up.
+
+ * There is a new Storage= configuration option for journald
+ which allows configuration of where log data should go. This
+ also provides a way to disable journal logging entirely, so
+ that data collected is only forwarded to the console, the
+ kernel log buffer or another syslog implementation.
+
+ * Many bugfixes and optimizations
+
+ Contributions from: Auke Kok, Colin Guthrie, Dave Reisner,
+ David Strauss, Eelco Dolstra, Kay Sievers, Lennart Poettering,
+ Lukas Nykryn, Michal Schmidt, Michal Sekletar, Paul Menzel,
+ Shawn Landden, Tom Gundersen
+
+CHANGES WITH 185:
+
+ * "systemctl help <unit>" now shows the man page if one is
+ available.
+
+ * Several new man pages have been added.
+
+ * MaxLevelStore=, MaxLevelSyslog=, MaxLevelKMsg=,
+ MaxLevelConsole= can now be specified in
+ journald.conf. These options allow reducing the amount of
+ data stored on disk or forwarded by the log level.
+
+ * TimerSlackNSec= can now be specified in system.conf for
+ PID1. This allows system-wide power savings.
+
+ Contributions from: Dave Reisner, Kay Sievers, Lauri Kasanen,
+ Lennart Poettering, Malte Starostik, Marc-Antoine Perennou,
+ Matthias Clasen
+
+CHANGES WITH 184:
+
+ * logind is now capable of (optionally) handling power and
+ sleep keys as well as the lid switch.
+
+ * journalctl now understands the syntax "journalctl
+ /usr/bin/avahi-daemon" to get all log output of a specific
+ daemon.
+
+ * CapabilityBoundingSet= in system.conf now also influences
+ the capability bound set of usermode helpers of the kernel.
+
+ Contributions from: Daniel Drake, Daniel J. Walsh, Gert
+ Michael Kulyk, Harald Hoyer, Jean Delvare, Kay Sievers,
+ Lennart Poettering, Matthew Garrett, Matthias Clasen, Paul
+ Menzel, Shawn Landden, Tero Roponen, Tom Gundersen
+
+CHANGES WITH 183:
+
+ * Note that we skipped 139 releases here in order to set the
+ new version to something that is greater than both udev's
+ and systemd's most recent version number.
+
+ * udev: all udev sources are merged into the systemd source tree now.
+ All future udev development will happen in the systemd tree. It
+ is still fully supported to use the udev daemon and tools without
+ systemd running, like in initramfs or other init systems. Building
+ udev though, will require the *build* of the systemd tree, but
+ udev can be properly *run* without systemd.
+
+ * udev: /lib/udev/devices/ are not read anymore; systemd-tmpfiles
+ should be used to create dead device nodes as workarounds for broken
+ subsystems.
+
+ * udev: RUN+="socket:..." and udev_monitor_new_from_socket() is
+ no longer supported. udev_monitor_new_from_netlink() needs to be
+ used to subscribe to events.
+
+ * udev: when udevd is started by systemd, processes which are left
+ behind by forking them off of udev rules, are unconditionally cleaned
+ up and killed now after the event handling has finished. Services or
+ daemons must be started as systemd services. Services can be
+ pulled-in by udev to get started, but they can no longer be directly
+ forked by udev rules.
+
+ * udev: the daemon binary is called systemd-udevd now and installed
+ in /usr/lib/systemd/. Standalone builds or non-systemd systems need
+ to adapt to that, create symlink, or rename the binary after building
+ it.
+
+ * libudev no longer provides these symbols:
+ udev_monitor_from_socket()
+ udev_queue_get_failed_list_entry()
+ udev_get_{dev,sys,run}_path()
+ The versions number was bumped and symbol versioning introduced.
+
+ * systemd-loginctl and systemd-journalctl have been renamed
+ to loginctl and journalctl to match systemctl.
+
+ * The config files: /etc/systemd/systemd-logind.conf and
+ /etc/systemd/systemd-journald.conf have been renamed to
+ logind.conf and journald.conf. Package updates should rename
+ the files to the new names on upgrade.
+
+ * For almost all files the license is now LGPL2.1+, changed
+ from the previous GPL2.0+. Exceptions are some minor stuff
+ of udev (which will be changed to LGPL2.1 eventually, too),
+ and the MIT licensed sd-daemon.[ch] library that is suitable
+ to be used as drop-in files.
+
+ * systemd and logind now handle system sleep states, in
+ particular suspending and hibernating.
+
+ * logind now implements a sleep/shutdown/idle inhibiting logic
+ suitable for a variety of uses. Soonishly Lennart will blog
+ about this in more detail.
+
+ * var-run.mount and var-lock.mount are no longer provided
+ (which previously bind mounted these directories to their new
+ places). Distributions which have not converted these
+ directories to symlinks should consider stealing these files
+ from git history and add them downstream.
+
+ * We introduced the Documentation= field for units and added
+ this to all our shipped units. This is useful to make it
+ easier to explore the boot and the purpose of the various
+ units.
+
+ * All smaller setup units (such as
+ systemd-vconsole-setup.service) now detect properly if they
+ are run in a container and are skipped when
+ appropriate. This guarantees an entirely noise-free boot in
+ Linux container environments such as systemd-nspawn.
+
+ * A framework for implementing offline system updates is now
+ integrated, for details see:
+ https://www.freedesktop.org/wiki/Software/systemd/SystemUpdates
+
+ * A new service type Type=idle is available now which helps us
+ avoiding ugly interleaving of getty output and boot status
+ messages.
+
+ * There's now a system-wide CapabilityBoundingSet= option to
+ globally reduce the set of capabilities for the
+ system. This is useful to drop CAP_SYS_MKNOD, CAP_SYS_RAWIO,
+ CAP_NET_RAW, CAP_SYS_MODULE, CAP_SYS_TIME, CAP_SYS_PTRACE or
+ even CAP_NET_ADMIN system-wide for secure systems.
+
+ * There are now system-wide DefaultLimitXXX= options to
+ globally change the defaults of the various resource limits
+ for all units started by PID 1.
+
+ * Harald Hoyer's systemd test suite has been integrated into
+ systemd which allows easy testing of systemd builds in qemu
+ and nspawn. (This is really awesome! Ask us for details!)
+
+ * The fstab parser is now implemented as generator, not inside
+ of PID 1 anymore.
+
+ * systemctl will now warn you if .mount units generated from
+ /etc/fstab are out of date due to changes in fstab that
+ have not been read by systemd yet.
+
+ * systemd is now suitable for usage in initrds. Dracut has
+ already been updated to make use of this. With this in place
+ initrds get a slight bit faster but primarily are much
+ easier to introspect and debug since "systemctl status" in
+ the host system can be used to introspect initrd services,
+ and the journal from the initrd is kept around too.
+
+ * systemd-delta has been added, a tool to explore differences
+ between user/admin configuration and vendor defaults.
+
+ * PrivateTmp= now affects both /tmp and /var/tmp.
+
+ * Boot time status messages are now much prettier and feature
+ proper english language. Booting up systemd has never been
+ so sexy.
+
+ * Read-ahead pack files now include the inode number of all
+ files to pre-cache. When the inode changes the pre-caching
+ is not attempted. This should be nicer to deal with updated
+ packages which might result in changes of read-ahead
+ patterns.
+
+ * We now temporaritly lower the kernel's read_ahead_kb variable
+ when collecting read-ahead data to ensure the kernel's
+ built-in read-ahead does not add noise to our measurements
+ of necessary blocks to pre-cache.
+
+ * There's now RequiresMountsFor= to add automatic dependencies
+ for all mounts necessary for a specific file system path.
+
+ * MountAuto= and SwapAuto= have been removed from
+ system.conf. Mounting file systems at boot has to take place
+ in systemd now.
+
+ * nspawn now learned a new switch --uuid= to set the machine
+ ID on the command line.
+
+ * nspawn now learned the -b switch to automatically search
+ for an init system.
+
+ * vt102 is now the default TERM for serial TTYs, upgraded from
+ vt100.
+
+ * systemd-logind now works on VT-less systems.
+
+ * The build tree has been reorganized. The individual
+ components now have directories of their own.
+
+ * A new condition type ConditionPathIsReadWrite= is now available.
+
+ * nspawn learned the new -C switch to create cgroups for the
+ container in other hierarchies.
+
+ * We now have support for hardware watchdogs, configurable in
+ system.conf.
+
+ * The scheduled shutdown logic now has a public API.
+
+ * We now mount /tmp as tmpfs by default, but this can be
+ masked and /etc/fstab can override it.
+
+ * Since udisks does not make use of /media anymore we are not
+ mounting a tmpfs on it anymore.
+
+ * journalctl gained a new --local switch to only interleave
+ locally generated journal files.
+
+ * We can now load the IMA policy at boot automatically.
+
+ * The GTK tools have been split off into a systemd-ui.
+
+ Contributions from: Andreas Schwab, Auke Kok, Ayan George,
+ Colin Guthrie, Daniel Mack, Dave Reisner, David Ward, Elan
+ Ruusamäe, Frederic Crozat, Gergely Nagy, Guillermo Vidal,
+ Hannes Reinecke, Harald Hoyer, Javier Jardón, Kay Sievers,
+ Lennart Poettering, Lucas De Marchi, Léo Gillot-Lamure,
+ Marc-Antoine Perennou, Martin Pitt, Matthew Monaco, Maxim
+ A. Mikityanskiy, Michael Biebl, Michael Olbrich, Michal
+ Schmidt, Nis Martensen, Patrick McCarty, Roberto Sassu, Shawn
+ Landden, Sjoerd Simons, Sven Anders, Tollef Fog Heen, Tom
+ Gundersen
+
+CHANGES WITH 44:
+
+ * This is mostly a bugfix release
+
+ * Support optional initialization of the machine ID from the
+ KVM or container configured UUID.
+
+ * Support immediate reboots with "systemctl reboot -ff"
+
+ * Show /etc/os-release data in systemd-analyze output
+
+ * Many bugfixes for the journal, including endianness fixes and
+ ensuring that disk space enforcement works
+
+ * sd-login.h is C++ compatible again
+
+ * Extend the /etc/os-release format on request of the Debian
+ folks
+
+ * We now refuse non-UTF8 strings used in various configuration
+ and unit files. This is done to ensure we do not pass invalid
+ data over D-Bus or expose it elsewhere.
+
+ * Register Mimo USB Screens as suitable for automatic seat
+ configuration
+
+ * Read SELinux client context from journal clients in a race
+ free fashion
+
+ * Reorder configuration file lookup order. /etc now always
+ overrides /run in order to allow the administrator to always
+ and unconditionally override vendor-supplied or
+ automatically generated data.
+
+ * The various user visible bits of the journal now have man
+ pages. We still lack man pages for the journal API calls
+ however.
+
+ * We now ship all man pages in HTML format again in the
+ tarball.
+
+ Contributions from: Dave Reisner, Dirk Eibach, Frederic
+ Crozat, Harald Hoyer, Kay Sievers, Lennart Poettering, Marti
+ Raudsepp, Michal Schmidt, Shawn Landden, Tero Roponen, Thierry
+ Reding
+
+CHANGES WITH 43:
+
+ * This is mostly a bugfix release
+
+ * systems lacking /etc/os-release are no longer supported.
+
+ * Various functionality updates to libsystemd-login.so
+
+ * Track class of PAM logins to distinguish greeters from
+ normal user logins.
+
+ Contributions from: Kay Sievers, Lennart Poettering, Michael
+ Biebl
+
+CHANGES WITH 42:
+
+ * This is an important bugfix release for v41.
+
+ * Building man pages is now optional which should be useful
+ for those building systemd from git but unwilling to install
+ xsltproc.
+
+ * Watchdog support for supervising services is now usable. In
+ a future release support for hardware watchdogs
+ (i.e. /dev/watchdog) will be added building on this.
+
+ * Service start rate limiting is now configurable and can be
+ turned off per service. When a start rate limit is hit a
+ reboot can automatically be triggered.
+
+ * New CanReboot(), CanPowerOff() bus calls in systemd-logind.
+
+ Contributions from: Benjamin Franzke, Bill Nottingham,
+ Frederic Crozat, Lennart Poettering, Michael Olbrich, Michal
+ Schmidt, Michał Górny, Piotr Drąg
+
+CHANGES WITH 41:
+
+ * The systemd binary is installed /usr/lib/systemd/systemd now;
+ An existing /sbin/init symlink needs to be adapted with the
+ package update.
+
+ * The code that loads kernel modules has been ported to invoke
+ libkmod directly, instead of modprobe. This means we do not
+ support systems with module-init-tools anymore.
+
+ * Watchdog support is now already useful, but still not
+ complete.
+
+ * A new kernel command line option systemd.setenv= is
+ understood to set system wide environment variables
+ dynamically at boot.
+
+ * We now limit the set of capabilities of systemd-journald.
+
+ * We now set SIGPIPE to ignore by default, since it only is
+ useful in shell pipelines, and has little use in general
+ code. This can be disabled with IgnoreSIPIPE=no in unit
+ files.
+
+ Contributions from: Benjamin Franzke, Kay Sievers, Lennart
+ Poettering, Michael Olbrich, Michal Schmidt, Tom Gundersen,
+ William Douglas
+
+CHANGES WITH 40:
+
+ * This is mostly a bugfix release
+
+ * We now expose the reason why a service failed in the
+ "Result" D-Bus property.
+
+ * Rudimentary service watchdog support (will be completed over
+ the next few releases.)
+
+ * When systemd forks off in order execute some service we will
+ now immediately changes its argv[0] to reflect which process
+ it will execute. This is useful to minimize the time window
+ with a generic argv[0], which makes bootcharts more useful
+
+ Contributions from: Alvaro Soliverez, Chris Paulson-Ellis, Kay
+ Sievers, Lennart Poettering, Michael Olbrich, Michal Schmidt,
+ Mike Kazantsev, Ray Strode
+
+CHANGES WITH 39:
+
+ * This is mostly a test release, but incorporates many
+ bugfixes.
+
+ * New systemd-cgtop tool to show control groups by their
+ resource usage.
+
+ * Linking against libacl for ACLs is optional again. If
+ disabled, support tracking device access for active logins
+ goes becomes unavailable, and so does access to the user
+ journals by the respective users.
+
+ * If a group "adm" exists, journal files are automatically
+ owned by them, thus allow members of this group full access
+ to the system journal as well as all user journals.
+
+ * The journal now stores the SELinux context of the logging
+ client for all entries.
+
+ * Add C++ inclusion guards to all public headers
+
+ * New output mode "cat" in the journal to print only text
+ messages, without any meta data like date or time.
+
+ * Include tiny X server wrapper as a temporary stop-gap to
+ teach XOrg udev display enumeration. This is used by display
+ managers such as gdm, and will go away as soon as XOrg
+ learned native udev hotplugging for display devices.
+
+ * Add new systemd-cat tool for executing arbitrary programs
+ with STDERR/STDOUT connected to the journal. Can also act as
+ BSD logger replacement, and does so by default.
+
+ * Optionally store all locally generated coredumps in the
+ journal along with meta data.
+
+ * systemd-tmpfiles learnt four new commands: n, L, c, b, for
+ writing short strings to files (for usage for /sys), and for
+ creating symlinks, character and block device nodes.
+
+ * New unit file option ControlGroupPersistent= to make cgroups
+ persistent, following the mechanisms outlined in
+ https://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups
+
+ * Support multiple local RTCs in a sane way
+
+ * No longer monopolize IO when replaying readahead data on
+ rotating disks, since we might starve non-file-system IO to
+ death, since fanotify() will not see accesses done by blkid,
+ or fsck.
+
+ * Do not show kernel threads in systemd-cgls anymore, unless
+ requested with new -k switch.
+
+ Contributions from: Dan Horák, Kay Sievers, Lennart
+ Poettering, Michal Schmidt
+
+CHANGES WITH 38:
+
+ * This is mostly a test release, but incorporates many
+ bugfixes.
+
+ * The git repository moved to:
+ git://anongit.freedesktop.org/systemd/systemd
+ ssh://git.freedesktop.org/git/systemd/systemd
+
+ * First release with the journal
+ http://0pointer.de/blog/projects/the-journal.html
+
+ * The journal replaces both systemd-kmsg-syslogd and
+ systemd-stdout-bridge.
+
+ * New sd_pid_get_unit() API call in libsystemd-logind
+
+ * Many systemadm clean-ups
+
+ * Introduce remote-fs-pre.target which is ordered before all
+ remote mounts and may be used to start services before all
+ remote mounts.
+
+ * Added Mageia support
+
+ * Add bash completion for systemd-loginctl
+
+ * Actively monitor PID file creation for daemons which exit in
+ the parent process before having finished writing the PID
+ file in the daemon process. Daemons which do this need to be
+ fixed (i.e. PID file creation must have finished before the
+ parent exits), but we now react a bit more gracefully to them.
+
+ * Add colourful boot output, mimicking the well-known output
+ of existing distributions.
+
+ * New option PassCredentials= for socket units, for
+ compatibility with a recent kernel ABI breakage.
+
+ * /etc/rc.local is now hooked in via a generator binary, and
+ thus will no longer act as synchronization point during
+ boot.
+
+ * systemctl list-unit-files now supports --root=.
+
+ * systemd-tmpfiles now understands two new commands: z, Z for
+ relabelling files according to the SELinux database. This is
+ useful to apply SELinux labels to specific files in /sys,
+ among other things.
+
+ * Output of SysV services is now forwarded to both the console
+ and the journal by default, not only just the console.
+
+ * New man pages for all APIs from libsystemd-login.
+
+ * The build tree got reorganized and the build system is a
+ lot more modular allowing embedded setups to specifically
+ select the components of systemd they are interested in.
+
+ * Support for Linux systems lacking the kernel VT subsystem is
+ restored.
+
+ * configure's --with-rootdir= got renamed to
+ --with-rootprefix= to follow the naming used by udev and
+ kmod
+
+ * Unless specified otherwise we will now install to /usr instead
+ of /usr/local by default.
+
+ * Processes with '@' in argv[0][0] are now excluded from the
+ final shut-down killing spree, following the logic explained
+ in:
+ https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons
+
+ * All processes remaining in a service cgroup when we enter
+ the START or START_PRE states are now killed with
+ SIGKILL. That means it is no longer possible to spawn
+ background processes from ExecStart= lines (which was never
+ supported anyway, and bad style).
+
+ * New PropagateReloadTo=/PropagateReloadFrom= options to bind
+ reloading of units together.
+
+ Contributions from: Bill Nottingham, Daniel J. Walsh, Dave
+ Reisner, Dexter Morgan, Gregs Gregs, Jonathan Nieder, Kay
+ Sievers, Lennart Poettering, Michael Biebl, Michal Schmidt,
+ Michał Górny, Ran Benita, Thomas Jarosch, Tim Waugh, Tollef
+ Fog Heen, Tom Gundersen, Zbigniew Jędrzejewski-Szmek