mirror of
https://github.com/systemd/systemd
synced 2024-10-14 20:17:52 +00:00
NEWS: add some notes for v243
Let's get this ball rolling.
This commit is contained in:
parent
b9adb191a1
commit
2875a36b77
203
NEWS
203
NEWS
|
@ -35,14 +35,18 @@ CHANGES WITH 243 in spe:
|
||||||
are harder to type, but we believe the change from 5 digit PIDs to 7
|
are harder to type, but we believe the change from 5 digit PIDs to 7
|
||||||
digit PIDs is not too hampering for usability.
|
digit PIDs is not too hampering for usability.
|
||||||
|
|
||||||
* MemoryLow and MemoryMin gained hierarchy-aware counterparts,
|
* MemoryLow= and MemoryMin= gained hierarchy-aware counterparts,
|
||||||
DefaultMemoryLow and DefaultMemoryMin, which can be used to
|
DefaultMemoryLow= and DefaultMemoryMin=, which can be used to
|
||||||
hierarchically set default memory protection values for a particular
|
hierarchically set default memory protection values for a particular
|
||||||
subtree of the unit hierarchy.
|
subtree of the unit hierarchy.
|
||||||
|
|
||||||
* Memory protection directives can now take a value of zero, allowing
|
* Memory protection directives can now take a value of zero, allowing
|
||||||
explicit opting out of a default value propagated by an ancestor.
|
explicit opting out of a default value propagated by an ancestor.
|
||||||
|
|
||||||
|
* A new setting DisableControllers= has been added that may be used to
|
||||||
|
explicitly disable one or more cgroups controllers for a unit and all
|
||||||
|
its children.
|
||||||
|
|
||||||
* systemd now defaults to the "unified" cgroup hierarchy setup during
|
* systemd now defaults to the "unified" cgroup hierarchy setup during
|
||||||
build-time, i.e. -Ddefault-hierarchy=unified is now the build-time
|
build-time, i.e. -Ddefault-hierarchy=unified is now the build-time
|
||||||
default. Previously, -Ddefault-hierarchy=hybrid was the default. This
|
default. Previously, -Ddefault-hierarchy=hybrid was the default. This
|
||||||
|
@ -73,23 +77,23 @@ CHANGES WITH 243 in spe:
|
||||||
* libidn2 is used by default if both libidn2 and libidn are installed.
|
* libidn2 is used by default if both libidn2 and libidn are installed.
|
||||||
Please use -Dlibidn=true when libidn is favorable.
|
Please use -Dlibidn=true when libidn is favorable.
|
||||||
|
|
||||||
* The D-Bus "wire format" for CPUAffinity attribute is changed on
|
* The D-Bus "wire format" of the CPUAffinity= attribute is changed on
|
||||||
big-endian machines. Before, bytes were written and read in native
|
big-endian machines. Before, bytes were written and read in native
|
||||||
machine order as exposed by the native libc __cpu_mask interface.
|
machine order as exposed by the native libc __cpu_mask interface.
|
||||||
Now, little-endian order is always used (CPUs 0–7 are described by
|
Now, little-endian order is always used (CPUs 0–7 are described by
|
||||||
bits 0–7 in byte 0, CPUs 8–15 are described by byte 1, and so on).
|
bits 0–7 in byte 0, CPUs 8–15 are described by byte 1, and so on).
|
||||||
This change fixes D-Bus calls that cross endianness boundary.
|
This change fixes D-Bus calls that cross endianness boundary.
|
||||||
|
|
||||||
The presentation format used for CPUAffinity by systemctl show and
|
The presentation format used for CPUAffinity= by "systemctl show" and
|
||||||
systemd-analyze dump is changed to present CPU indices instead of the
|
"systemd-analyze dump" is changed to present CPU indices instead of
|
||||||
raw __cpu_mask bitmask. For example, CPUAffinity=0-1 would be shown
|
the raw __cpu_mask bitmask. For example, CPUAffinity=0-1 would be
|
||||||
as CPUAffinity=03000000000000000000000000000… (on little-endian) or
|
shown as CPUAffinity=03000000000000000000000000000… (on
|
||||||
CPUAffinity=00000000000000300000000000000… (on 64-bit big-endian),
|
little-endian) or CPUAffinity=00000000000000300000000000000… (on
|
||||||
and is now shown as CPUAffinity=0-1, matching the input format. The
|
64-bit big-endian), and is now shown as CPUAffinity=0-1, matching the
|
||||||
maximum integer that will be printed in new format is 8191 (four
|
input format. The maximum integer that will be printed in the new
|
||||||
digits), while the old format always used a very long number (with
|
format is 8191 (four digits), while the old format always used a very
|
||||||
the length varying by architecture), so they can be unambiguously
|
long number (with the length varying by architecture), so they can be
|
||||||
distinguished.
|
unambiguously distinguished.
|
||||||
|
|
||||||
* /usr/sbin/halt.local is no longer supported. Implementation in
|
* /usr/sbin/halt.local is no longer supported. Implementation in
|
||||||
distributions was inconsistent and it seems this functionality was
|
distributions was inconsistent and it seems this functionality was
|
||||||
|
@ -113,6 +117,179 @@ CHANGES WITH 243 in spe:
|
||||||
overridden on per-service basis. Related setting NUMAMask= is used to
|
overridden on per-service basis. Related setting NUMAMask= is used to
|
||||||
specify NUMA node mask that should be associated with the selected
|
specify NUMA node mask that should be associated with the selected
|
||||||
policy.
|
policy.
|
||||||
|
|
||||||
|
* PID 1 will now listen to Out-Of-Memory (OOM) events the kernel
|
||||||
|
generates when processes it manages a reaching their memory limits,
|
||||||
|
and will place their units in a special state, and optionally kill or
|
||||||
|
stop the whole unit.
|
||||||
|
|
||||||
|
* The service manager will now expose bus properties for the IO
|
||||||
|
resources used by units. This information is also shown in "systemctl
|
||||||
|
status" now (for services that have IOAccounting=yes set). Moreover,
|
||||||
|
the IO accounting data is included in the resource log message
|
||||||
|
generated whenever a unit stops.
|
||||||
|
|
||||||
|
* units may now configure an explicit time-out to apply to when killed
|
||||||
|
with SIGABRT, for example when a service watchdog is hit. Previously,
|
||||||
|
the regular TimeoutStopSec= time-out was applied in this case too —
|
||||||
|
now a separate time-out may be set using TimeoutAbortSec=.
|
||||||
|
|
||||||
|
* Services may now send a special WATCHDOG=trigger message with
|
||||||
|
sd_notify() to trigger an immediate "watchdog missed" event, and thus
|
||||||
|
request service take down. This is useful both for testing watchdog
|
||||||
|
handling, but also for defining error paths in services, that shall
|
||||||
|
be handled the same way as watchdog events.
|
||||||
|
|
||||||
|
* There are two new per-unit settings IPIngressFilterPath= and
|
||||||
|
IPEgressFilterPath= which allow configuration of a BPF program
|
||||||
|
(usually by specifying a path to a program uploaded to /sys/fs/bpf/)
|
||||||
|
to apply to the IP packet ingress/egress path of all processes of a
|
||||||
|
unit. This is useful to allow running systemd services with BPF
|
||||||
|
programs set up externally.
|
||||||
|
|
||||||
|
* systemctl gained a new "clean" verb for removing the state, cache,
|
||||||
|
runtime or logs directories of a service while it is terminated. The
|
||||||
|
new verb may also be used to remove the state maintained on disk for
|
||||||
|
timer units that have Persistent= configured.
|
||||||
|
|
||||||
|
* During the last phase of shutdown systemd will now automatically
|
||||||
|
increase the log level configured in the "kernel.printk" sysctl so
|
||||||
|
that any relevant loggable events happening during late shutdown are
|
||||||
|
made visible. Previously, loggable events happening so late during
|
||||||
|
shutdown were generally lost if the "kernel.printk" sysctl was set to
|
||||||
|
high thresholds, as regular logging daemons are terminated at that
|
||||||
|
time and thus nothing is written to disk.
|
||||||
|
|
||||||
|
* If processes terminated during the last phase of shutdown do not exit
|
||||||
|
quickly systemd will now show their names after a short time, to make
|
||||||
|
debugging easier. After a longer time-out they are forcibly killed,
|
||||||
|
as before.
|
||||||
|
|
||||||
|
* journalctl (and the other tools that display logs) will now highlight
|
||||||
|
warnings in yellow (previously, both LOG_NOTICE and LOG_WARNING where
|
||||||
|
shown in bright bold, now only LOG_NOTICE is). Moreover, audit logs
|
||||||
|
are now shown in blue color, to separate them visually from regular
|
||||||
|
logs. References to configuration files are now turned into clickable
|
||||||
|
links on terminals that support that.
|
||||||
|
|
||||||
|
* systemd-journald will now stop logging to /var/log/journal during
|
||||||
|
shutdown when /var/ is on a separate mount, so that it can be
|
||||||
|
unmounted safely during shutdown.
|
||||||
|
|
||||||
|
* systemd-resolved gained support for a new 'strict' DNS-over-TLS mode.
|
||||||
|
|
||||||
|
* The predictable naming scheme for network devices now supports
|
||||||
|
generating predictable names for "netdevsim" devices.
|
||||||
|
|
||||||
|
* systemd-networkd now supports MACsec, nlmon, IPVTAP and Xfrm
|
||||||
|
interfaces natively.
|
||||||
|
|
||||||
|
* systemd-networkd's bridge FDB support now allows configuration of a
|
||||||
|
destination address for each entry (Destination=), as well as the
|
||||||
|
VXLAN VNI (VNI=), as well as an option to declare what an entry is
|
||||||
|
associated with (AssociatedWith=).
|
||||||
|
|
||||||
|
* systemd-networkd's DHCPv4 support now understands a new MaxAttempts=
|
||||||
|
option for configuring the maximum number of attempts to request a
|
||||||
|
DHCP lease. It also learnt a new BlackList= option for blacklisting
|
||||||
|
DHCP servers (a similar setting has also been added to the IPv6 RA
|
||||||
|
client), as well as a SendRelease= option for configuring whether to
|
||||||
|
send a DHCP RELEASE message when terminating.
|
||||||
|
|
||||||
|
* systemd-networkd's DHCPv4 and DHCPv6 stacks can now be configured
|
||||||
|
seperately in the [DHCPv4] and [DHCPv6] sections.
|
||||||
|
|
||||||
|
* systemd-networkd's VXLAN support gained a new option
|
||||||
|
GenericProtocolExtension= for enabling XVLAN Generic Protocol
|
||||||
|
Extension support, as well as IPDoNotFragment= for setting the IP
|
||||||
|
"Don't fragment" bit on outgoing packets. A similar option has been
|
||||||
|
added to the GENEVE support.
|
||||||
|
|
||||||
|
* In systemd-networkd's [Route] section you may now configure
|
||||||
|
FastOpenNoCookie= for configuring per-route TCP fast-open support, as
|
||||||
|
well as TTLPropagate= for configuring Label Switched Path (LSP) TTL
|
||||||
|
propagation. The Type= setting now supports local, broadcast,
|
||||||
|
anycast, multicast, any, xresolve routes, too.
|
||||||
|
|
||||||
|
* systemd-networkd's [Network] section learnt a new option
|
||||||
|
DefaultRouteOnDevice= for automatically configuring a default route
|
||||||
|
onto the network device.
|
||||||
|
|
||||||
|
* systemd-networkd's bridging support gained two new options ProxyARP=
|
||||||
|
and ProxyARPWifi= for configuring proxy ARP behaviour as well as
|
||||||
|
MulticastRouter= for configureing multicast routing behaviour.
|
||||||
|
|
||||||
|
* systemd-networkd's FooOverUDP support gained the ability to configure
|
||||||
|
local and peer IP addresses via Local= and Peer=. A new option
|
||||||
|
PeerPort= may be used to configure the peer's IP port.
|
||||||
|
|
||||||
|
* systemd-networkd's TUN support gained a new setting VnetHeader= for
|
||||||
|
tweaking Generic Segment Offload support.
|
||||||
|
|
||||||
|
* networkctl gained a new "delete" command for removing virtual network
|
||||||
|
devices, as well as a new "--stats" switch for showing device
|
||||||
|
statistics.
|
||||||
|
|
||||||
|
* systemd-networkd's .network and .link files gained a new Property=
|
||||||
|
setting in the [Match] section, to match against devices with
|
||||||
|
specific udev properties.
|
||||||
|
|
||||||
|
* systemd-networkd's tunnel support gained a new option
|
||||||
|
AssignToLoopback= for selecting whether to use the loopback device
|
||||||
|
"lo" as underlying device.
|
||||||
|
|
||||||
|
* systemd-networkd's MACAddress= setting in the [Network] section has
|
||||||
|
been renamed to LinkLayerAddress=, and it now allows configuration of
|
||||||
|
IP addresses, too.
|
||||||
|
|
||||||
|
* The CriticalConnection= setting in .network files is now deprecated,
|
||||||
|
and replaced by a new KeepConfiguration= setting which allows more
|
||||||
|
detailed configuration of the IP configuration to keep in place.
|
||||||
|
|
||||||
|
* systemd-analyze gained a new "timestamp" verb for parsing and
|
||||||
|
converting timestamps. It's similar to the existing "systemd-analyze
|
||||||
|
calendar" command which does the same for recurring calendar
|
||||||
|
events. It also gained a new "condition" verb for parsing and testing
|
||||||
|
ConditionXYZ= expressions.
|
||||||
|
|
||||||
|
* systemd-logind now exposes a per-session SetBrightness() bus call,
|
||||||
|
which may be used to securely change the brightness of a kernel
|
||||||
|
brightness device, if it belongs to the session's seat. By using this
|
||||||
|
call unprivileged clients can make changes to "backlight" and "leds"
|
||||||
|
devices securely with strict requirements on session
|
||||||
|
membership. Desktop environments may use this to generically make
|
||||||
|
brightness changes to such devices without shipping private SUID
|
||||||
|
binaries for that purpose.
|
||||||
|
|
||||||
|
* "udevadm info" gained a --wait-for-initialization switch to wait for
|
||||||
|
a device to be initialized.
|
||||||
|
|
||||||
|
* systemd-hibernate-resume-generator will now look for resumeflags= on
|
||||||
|
the kernel command line, which is similar to rootflags= and may be
|
||||||
|
used to configure device timeouts for waiting for the hibernation
|
||||||
|
device to show up.
|
||||||
|
|
||||||
|
* sd-event learnt a new API call sd_event_source_disable_unref() for
|
||||||
|
disabling and unref'ing an event source in a single function. A
|
||||||
|
related call sd_event_source_disable_unrefp() has been added for use
|
||||||
|
with GCC's cleanup extension.
|
||||||
|
|
||||||
|
* The sd-id128.h public API gained a new definition
|
||||||
|
SD_ID128_UUID_FORMAT_STR for formatting a 128bit ID in UUID format
|
||||||
|
with printf().
|
||||||
|
|
||||||
|
* "busctl introspect" gained a new switch --xml-interface for dumping
|
||||||
|
XML introspection data unmodified.
|
||||||
|
|
||||||
|
* PID 1 may now show the unit name instead of the unit description
|
||||||
|
string in its status output during boot. This may be configured in
|
||||||
|
the StatusUnitFormat= setting in /etc/systemd/system.conf or the
|
||||||
|
kernel command line option systemd.status_unit_format=.
|
||||||
|
|
||||||
|
* The systemd.debug_shell kernel command line option now optionally
|
||||||
|
takes a tty name to spawn the debug shell on, which allows selecting
|
||||||
|
a different tty than the built-in default.
|
||||||
|
|
||||||
…
|
…
|
||||||
|
|
||||||
CHANGES WITH 242:
|
CHANGES WITH 242:
|
||||||
|
|
Loading…
Reference in a new issue