documentation. With this release the code is adjusted to match the
documentation.
+ * systemd-tmpfiles will now print a notice whenever it encounters
+ tmpfiles.d/ lines referencing the /var/run/ directory. It will
+ recommend reworking them to use the /run/ directory instead (for
+ which /var/run/ is simply a symlinked compatibility alias). This is
+ recommended, so that systemd-tmpfiles can properly detect line
+ conflicts and merge lines referencing the same files by both paths,
+ without having to access them.
+
* systemctl disable/unmask/preset/preset-all cannot be used with
--runtime. Previously this was allowed, but resulted in unintuitive
behaviour that wasn't useful.
+ * sd-boot acquire new loader configuration settings for optionally
+ turning off Windows and MacOS boot partition discovery as well as
+ reboot-into-firmware menu items. It also should be able to pick a
+ better screen resolution for HiDPI systems, and now provides loader
+ configuration settings to change the resolution explicitly.
+
+ * The systemd-resolve tool has been renamed to resolvectl (it also
+ remains available under the old name, for compatibility), and its
+ interface is now verb-based, similar in style to the other <xyz>ctl
+ tools, such as systemctl or loginctl. Also, the tool may now be
+ linked to the "resolveconf" name, in which case it will take
+ arguments and input compatible with the Debian and FreeBSD resolvconf
+ tool.
+
+ * Support for suspend-then-hibernate has been added, i.e. a sleep mode
+ where the system initially suspends, and after a time-out resumes and
+ hibernates again.
+
+ * networkd's ClientIdentifier= now accepts a new option "duid-only". If
+ set the client will only send a DUID as client identifier.
+
+ * The nss-systemd glibc NSS module will now enumerate dynamic users and
+ groups in effect. Previously, it could resolve UIDs/GIDs to user
+ names/groups and vice versa, but did not support enumeration.
+
+ * journald's Compress= configuration setting now optionally accepts a
+ byte threshold value. All journal objects larger than this threshold
+ will be compressed, smaller ones will not. Previously this threshold
+ was not configurable and set to 512.
+
+ * A new system.conf NoNewPrivileges= is now available which may be used
+ to turn off acquiring of new privileges system-wide (i.e. set Linux'
+ PR_SET_NO_NEW_PRIVS for PID 1 itself, and thus also all its
+ children). Note that turning this option on means setuid binaries and
+ file system capabilities lose their special powers. While turning on
+ this option is a big step towards a more secure system, doing so is
+ likely to break numerous pre-existing UNIX tools, in particular su
+ and sudo.
+
+ * A new service systemd-time-sync-wait.service has been added. If
+ enabled it will delay the time-sync.target unit at boot until time
+ synchronization has been recieved from the network. This
+ functionality is useful on systems lacking a local RTC or where it is
+ acceptable that the boot process shall be delayed by external network
+ services.
+
+ * When hibernating, systemd will now inform the kernel of the image
+ write offset, on kernels new enough to support this. This means swap
+ files should work for hibernation now.
+
+ * When loading unit files, systemd will now look for drop-in unit file
+ extension at additional places. Previously, for a unit file name
+ "foo-bar-baz.service" it would look for dropin files in
+ "foo-bar-baz.service.d/*.conf". Now, it will also look in
+ "foo-bar-.service.d/*.conf" and "foo-.service.d/", i.e. at the
+ service name truncated after all inner dashes. This scheme allows
+ writing drop-ins easily that apply to a whole set of unit files at
+ once. It's particularly useful for mount and slice units (as their
+ naming is prefix based anyway), but is also useful for service and
+ other units, for packages that install multiple unit files at once,
+ following a strict naming regime of beginning the unit file name with
+ the package's name. Two new specifiers are now supported while
+ parsing unit files, to match this: %j and %J are replaced by the part
+ of the unit name following the last dash.
+
+ * The ExecStart= lines of unit files are no longer required to
+ reference absolute paths. If non-absolute paths are specified the
+ specified binary name is searched within the service manager's
+ built-in $PATH. It's generally recommended to continue to use
+ absolute paths for all binaries specified in unit files.
+
+ * coredumpctl's "gdb" verb has been renamed to "debug", in order to
+ support alternative debuggers, for example lldb. The old name
+ continues to be available however, for compatibility reasons. Use the
+ new --debugger= switch and $SYSTEMD_DEBUGGER environment variable to
+ pick an alternative debugger instead of the default of gdb.
+
+ * systemctl and the other tools will now output escape sequences that
+ generate proper clickable hyperlinks in various terminal emulators
+ where useful (for example, in the "systemctl status" output you can
+ now click on the unit file name to quickly open it in the
+ editor/viewer of your choice). Note that not all terminal emulators
+ support this functionality yet, but many do. Unfortunately, the
+ "less" pager doesn't support this yet, hence this functionality is
+ currently automatically turned off when a pager is started (which
+ happens quite often due to auto-paging). We hope to remove this
+ limitation as soon as "less" learns these escape sequences too. This
+ new behaviour may also be turned off explicitly with the
+ $SYSTEMD_URLIFY environment variable. For details on these escape
+ sequences see:
+ https://gist.github.com/egmontkob/eb114294efbcd5adb1944c9f3cb5feda
+
+ * networkd's .network files now support a new IPv6MTUBytes= option for
+ setting the MTU used by IPv6 explicitly as well as a new MTUBytes=
+ option in the [Route] section to configure the MTU to use for
+ specific routes. It also gained support for configuration of the DHCP
+ "UserClass" option through the new UserClass= setting. It gained
+ three new options in the new [CAN] section for configuring CAN
+ networks. The MULTICAST and ALLMULTI interface flags may now be
+ controlled explicitly with the new Multicast= and AllMulticast=
+ settings.
+
+ * networkd will now automatically make use of the kernel's route
+ expiration feature, if it is available.
+
+ * udevd's .link files now support setting the number of Rx/Tx channels,
+ using the RxChannels=, TxChannels=, OtherChannels=,
+ CombinedChannels=. Support for UDPSegmentationOffload= has been
+ removed, given its limited support in hardware, and waning software
+ support.
+
+ * networkd's .netdev files now support creating "netdevsim" interfaces.
+
+ * PID 1 learnt a new bus call GetUnitByControlGroup() which may be used
+ to query the unit belonging to a specific kernel control group.
+
+ * systemd-analyze learnt a new verb "cat-config", which may be used to
+ dump the contents of any configuration file, with all its matching
+ drop-in files added in, and honouring the usual search and masking
+ logic applied to systemd configuration files. For example use
+ "systemd-analyze cat-config systemd/system.conf" to get the complete
+ system configuration file of systemd how it would be loaded by PID 1
+ itself. Similar to this various tools, such as systemd-tmpfiles or
+ systemd-sysusers learnt new option "--cat-config", which do
+ corresponding operation for their own configuration settings. For
+ example, "systemd-tmpfiles --cat-config" will now output the full
+ list of tmpfiles.d/ lines in place.
+
+ * timedatectl gained two new verbs "timesync-status" (to show the
+ current NTP synchronization state of systemd-timesyncd) and
+ "show-timesync" (to show bus properties of systemd-timesyncd).
+
+ * systemd-timesyncd gained a bus interface on which it exposes details
+ about its state.
+
+ * systemd-nspawn gained a new --rlimit= switch for setting initial
+ resource limits for the container payload. There's a new switch
+ --hostname= for explicitly overriding the container's hostname. A new
+ --no-new-privileges= switch may be used to control the
+ PR_SET_NO_NEW_PRIVS flag for the container payload. A new
+ --oom-score-adjust= switch controls the OOM scoring adjustment value
+ for the payload. The new --cpu-affinity= switch controls the CPU
+ affinity of the container payload. The new --resolv-conf= switch
+ allows more detailed control of /etc/resolv.conf handling of the
+ container. Similar, the new --timezone= switch allows more detailed
+ control of /etc/localtime handling of the container.
+
+ * systemd-detect-virt learnt a new --list switch, which will print a
+ list of all currently known VM and container environments.
+
+ * Support for the new "Portable Services" concept has been added, see
+ doc/PORTABLE_SERVICES.md for details. Currently, the support is still
+ experimental, but this is expected to change soon. Reflecting the
+ experimental state the "portablectl" binary is not installed into
+ /usr/bin yet. The binary has to be called with the full path
+ /usr/lib/systemd/portablectl instead.
+
+ * journalctl's and systemctl's -o switch now knows a new log output
+ mode "with-unit". The output it generates is very similar to the
+ regular "short" mode, but displays the unit name instead of the
+ syslog tag for each log line. Also, the date is shown with timezone
+ information. This mode is probably more useful than the classic
+ "short" output mode for most purposes, except where pixel-perfect
+ compatibility with classic /var/log/messages formatting is required.
+
+ * A new --dump-bus-properties switch has been added to the systemd
+ binary, which may be used to dump all supported D-Bus properties.
+
+ * Unit files and other configuration files that support specifier
+ expansion now understand two new specifiers: %T and %V will resolve
+ to /tmp and /var/tmp respectively, or whatever temporary directory
+ has been set for the calling user.
+
+ * sd-bus gained a set of new calls:
+ sd_bus_slot_set_floating()/sd_bus_slot_get_floating() may be used to
+ enable/disable the "floating" state of a bus slot object,
+ i.e. whether the slot object pins the bus it is allocated for into
+ memory or if the bus slot object gets disconnected when the bus goes
+ away. sd_bus_open_with_description(),
+ sd_bus_open_user_with_description(),
+ sd_bus_open_system_with_description() may be used to allocate bus
+ objects and set their description string already during allocation.
+
+ * sd-event gained support for watching inotify events from the event
+ loop, in an efficient way, sharing inotify handles between multiple
+ users. For this a new function sd_event_add_inotify() has been added.
+
+ * sd-event and sd-bus gained support for calling special user-supplied
+ destructor functions for userdata pointers associated with
+ sd_event_source, sd_bus_slot and sd_bus_track objects.
+
+ * The "net.ipv4.tcp_ecn" sysctl will now be turned on by default.
+
+ * PID 1 will now automatically reschedule .timer units whenever the
+ local timezone changes. (They previously got rescheduled already
+ automatically when the system clock changed.)
+
+ * New documentation has been added to document cgroups delegation,
+ portable services and the various code quality tools we have set up:
+
+ https://github.com/systemd/systemd/blob/master/doc/CGROUP_DELEGATION.md
+ https://github.com/systemd/systemd/blob/master/doc/PORTABLE_SERVICES.md
+ https://github.com/systemd/systemd/blob/master/doc/CODE_QUALITY.md
+
+ * pam_systemd will now look for PAM userdata fields systemd.memory_max,
+ systemd.tasks_max, systemd.cpu_weight, systemd.io_weight set by
+ earlier PAM modules. The data in these fields is used to initialize
+ the session scope's resource properties. Thus external PAM modules
+ may now configure per-session limits, for example sourced from
+ external user databases.
+
+ * socket units with Accept=yes will now maintain a "refused" counter in
+ addition to the existing "accepted" counter, counting connections
+ refused due to the enforced limits.
+
+ * The "systemd-path search-binaries-default" command may now be use to
+ query the default, built-in $PATH PID 1 will pass to the services it
+ manages.
+
+ Contributions from: Adam Duskett, Alan Jenkins, Alessandro Casale,
+ Alexander Kurtz, Alex Gartrell, Anssi Hannula, Antique, Arnaud
+ Rebillout, Brian J. Murrell, Bruno Vernay, Chris Lesiak, Christian
+ Brauner, Christian Hesse, Daniel Dao, Daniel Lin, Danylo Korostil,
+ Davide Cavalca, David Tardon, Dimitri John Ledkov, Dmitriy Geels,
+ Douglas Christman, Elia Geretto, emelenas, Evegeny Vereshchagin, Evgeny
+ Vereshchagin, Felipe Sateler, Feng Sun, Filipe Brandenburger, Franck
+ Bui, futpib, Giuseppe Scrivano, Guillem Jover, guixxx, Hans de Goede,
+ Henrique Dante de Almeida, Hiram van Paassen, Ian Miell, Igor Gnatenko,
+ Ivan Shapovalov, James Cowgill, Jan Janssen, Jan Synacek, Jared
+ Kazimir, João Paulo Rechi Vita, Joost Heitbrink, juergbi, Jui-Chi Ricky
+ Liang, Kai-Heng Feng, Karol Augustin, Krzysztof Nowicki, Lauri
+ Tirkkonen, Lennart Poettering, Leonard, Long Li, Luca Boccassi, Lucas
+ Werkmeister, Marcel Hoppe, Marc Kleine-Budde, Mario Limonciello, Martin
+ Jansa, Martin Wilck, Mathieu Malaterre, Matteo F. Vescovi, Michael
+ Biebl, Michael Olbrich, Michael Prokop, Michal Koutný, Michal Sekletar,
+ Mike Gilbert, Mikhail Kasimov, Milan, Milan Broz, mourikwa, Muhammet
+ Kara, Nicolas Boichat, Omer Katz, Paride Legovini, Paul Menzel, Paul
+ Milliken, Peter A. Bigot, Peter Hutterer, Peter Jones, Philip Sequeira,
+ Philip Withnall, Piotr Drąg, Radostin Stoyanov, Ricardo Salveti de
+ Araujo, Rosen Penev, rubensa, Ryan Gonzalez, Salvo 'LtWorf' Tomaselli,
+ Sebastian Reichel, Sergio Lindo Mansilla, Stefan Schweter, Stephen
+ Hemminger, Stuart Hayes, Susant Sahani, Sylvain Plantefève, Thomas
+ H. P. Andersen, Tobias Jungel, Tomasz Torcz, Vito Caputo, Will Dietz,
+ Will Thompson, xginn8, Yu Watanabe, Zbigniew Jędrzejewski-Szmek
+
+ — Berlin, 2018-06-XX
+
CHANGES WITH 238:
* The MemoryAccounting= unit property now defaults to on. After
projects / platform / upstream / systemd.git / commitdiff