diff --git a/NEWS b/NEWS index 04c45ecee63..d19659758aa 100644 --- a/NEWS +++ b/NEWS @@ -47,34 +47,37 @@ CHANGES WITH 255 in spe: Service Manager: - * The way services are spawned has been overhauled. Previously, a process - was forked that shared all of the manager's memory (via copy-on-write) - while doing all the required set ups (e.g.: mount namespaces, CGroup - configuration, etc.) before exec'ing the target executable. This was - problematic for various reasons: several glibc APIs were called that - are not supposed to be used after a fork but before an exec, copy-on-write - meant that if either process (the manager or the child) touched a memory - page a copy was triggered, and also the memory footprint of the child - process was that of the manager but with the memory limits of the service. - From this version onward, the new process is spawned using CLONE_VM and - CLONE_VFORK semantics via posix_spawn, and it immediately execs a new - internal binary, systemd-executor, that receives the configuration to - apply via memfd, and sets up the process before exec'ing the target + * The way services are spawned has been overhauled. Previously, a + process was forked that shared all of the manager's memory (via + copy-on-write) while doing all the required set ups (e.g.: mount + namespaces, CGroup configuration, etc.) before exec'ing the target + executable. This was problematic for various reasons: several glibc + APIs were called that are not supposed to be used after a fork but + before an exec, copy-on-write meant that if either process (the + manager or the child) touched a memory page a copy was triggered, and + also the memory footprint of the child process was that of the + manager but with the memory limits of the service. From this version + onward, the new process is spawned using CLONE_VM and CLONE_VFORK + semantics via posix_spawn(), and it immediately execs a new internal + binary, systemd-executor, that receives the configuration to apply + via memfd, and sets up the process before exec'ing the target executable. - * Internal process tracking is being changed to use PIDFDs instead of PIDs - when the kernel supports it, to improve robustness and reliability. + * Most of the internal process tracking is being changed to use PIDFDs + instead of PIDs when the kernel supports it, to improve robustness + and reliability. * A new option SurviveFinalKillSignal= is now supported to configure a unit to skip units on the final SIGTERM/SIGKILL spree on shutdown. This is part of the required configuration to let a unit's processes survive a soft-reboot operation without being interrupted. - * Sysext images can now set EXTENSION_RELOAD_MANAGER=1 in their - extension-release files to automatically daemon-reload when - merging/refreshing/unmerging on boot. This should be used only in - exceptional circumstances, as it can cause very difficult to debug - race conditions and lockups. + * System extension images (sysext) can now set + EXTENSION_RELOAD_MANAGER=1 in their extension-release files to + automatically reload the service manager (PID 1) when + merging/refreshing/unmerging on boot. Generally, while this can be + used to ship services in system extension images it's recommended to + do that via portable services instead. * The ExtensionImages= and ExtensionDirectories= options now support confexts images/directories. @@ -86,10 +89,12 @@ CHANGES WITH 255 in spe: use numeric cgroup IDs, which change every time a service is restarted, making them hard to use in a systemd environment. - * A new option CoredumpReceive= can be set, together with Delegate=yes, to - make systemd-coredump on the host forward core files from processes crashed - inside the delegated CGroup subtree to systemd-coredump running in the - container. + * A new option CoredumpReceive= can be set for service and scope units, + together with Delegate=yes, to make systemd-coredump on the host + forward core files from processes crashed inside the delegated CGroup + subtree to systemd-coredump running in the container. This new option + is by default used by systemd-nspawn containers that use the "--boot" + switch, i.e. are fully booted up. * A new ConditionSecurity=measured-uki option is now available, to ensure a unit can only run when the system has been booted from a measured UKI. @@ -102,15 +107,16 @@ CHANGES WITH 255 in spe: SetLoginEnvironment= is now supported to determine whether to also set $HOME, $LOGNAME and $SHELL. - * Socket units now support a new PollLimit= option to configure a limit on - how often polling events on the file descriptors backing this unit will - be considered. + * Socket units now support a new pair of + PollLimitBurst=/PollLimitInterval= options to configure a limit on + how often polling events on the file descriptors backing this unit + will be considered within a time window. * Scope units can now be created passing PIDFDs instead of PIDs to select the processes they should include. - * Sending SIGRTMIN+18 with 0x500 as value will now cause the manager to - dump the list of currently pending jobs. + * Sending SIGRTMIN+18 with 0x500 as sigqueue() value will now cause the + manager to dump the list of currently pending jobs. * If the kernel supports MOVE_MOUNT_BENEATH, the systemctl and machinectl bind and mount-image verbs will now cause the new mount to to replace @@ -118,8 +124,8 @@ CHANGES WITH 255 in spe: TPM2 Support + Disk Encryption & Authentication: - * systemd-cryptenroll now allows specifying a PCR bank and hash digest in - the --tpm2-pcrs= option. + * systemd-cryptenroll now allows specifying a PCR bank and explicit hash + value in the --tpm2-pcrs= option. * systemd-cryptenroll now allows specifying a TPM2 key handle to be used instead of the default SRK via the new --tpm2-seal-key-handle= option. @@ -130,14 +136,20 @@ CHANGES WITH 255 in spe: * The TPM2 Storage Root Key will now be set up, if not already present, by a new systemd-tpm2-setup.service early boot service. - * The internal systemd-pcrphase executable has been renamed to systemd-pcrextend. + * The internal systemd-pcrphase executable has been renamed to + systemd-pcrextend. - * systemd-pcrextend now exposes a Varlink interface at io.systemd.PCRExtend - that can be used to do measurements and event logging on demand. + * The systemd-pcrextend tool gained a new --pcr= switch to override + which PCR to measure into. + + * systemd-pcrextend now exposes a Varlink interface at + io.systemd.PCRExtend that can be used to do measurements and event + logging on demand. * TPM measurements are now also written to an event log at - /run/log/systemd/tpm2-measure.log, using the TCG Canonical Event Log - format, together with the existing journald entries. + /run/log/systemd/tpm2-measure.log, using a derivative of the TCG + Canonical Event Log format. Previously we'd only log them to the + journal, where they however were subject to rotation and similar. systemd-boot, systemd-stub, ukify, bootctl, kernel-install: @@ -160,25 +172,26 @@ CHANGES WITH 255 in spe: SecureBoot is enabled. For more details see: https://github.com/systemd/systemd/security/advisories/GHSA-6m6p-rjcq-334c - * systemd-boot gained new hotkeys to reboot and power off the system from - the boot menu. + * systemd-boot gained new hotkeys to reboot and power off the system + from the boot menu ("B" and "O"). If the "auto-poweroff" and + "auto-reboot" options in loader.conf are set these entries are also + shown as menu items (which is useful on devices lacking a regular + keyboard). - * systemd-boot will now show auto-generated reboot and poweroff entries in - the boot menu. - - * systemd-boot gained a new configuration value menu-disabled for the + * systemd-boot gained a new configuration value "menu-disabled" for the set-timeout option, to allow completely disabling the boot menu, including the hotkey. - * systemd-boot will now measure the content of loader.conf in PCR5. + * systemd-boot will now measure the content of loader.conf in TPM2 PCR + 5. - * systemd-stub will now concatenate the content of all kernel command-line - addons before measuring them in PCR12, in a single measurement, instead - of measuring them individually. + * systemd-stub will now concatenate the content of all kernel + command-line addons before measuring them in TPM2 PCR 12, in a single + measurement, instead of measuring them individually. - * systemd-stub will now measure and load Devicetree Blob addons, which are - searched and loaded following the same model as the existing kernel - command-line addons. + * systemd-stub will now measure and load Devicetree Blob addons, which + are searched and loaded following the same model as the existing + kernel command-line addons. * systemd-stub will now ignore unauthenticated kernel command line options passed from systemd-boot when running inside Confidential VMs with UEFI @@ -197,12 +210,13 @@ CHANGES WITH 255 in spe: have been added to make it easier to generate these types of DDIs, without having to provide repart.d definitions for them. - * The dm-verity salt and UUID will now be derived from the specified seed. + * The dm-verity salt and UUID will now be derived from the specified + seed value. * New VerityDataBlockSizeBytes= and VerityHashBlockSizeBytes= can now be - configured in repart.d configuration files. + configured in repart.d/ configuration files. - * A new Subvolumes= setting is now supported in repart.d configuration + * A new Subvolumes= setting is now supported in repart.d/ configuration files, to indicate which directories in the target partition should be btrfs subvolumes. @@ -228,7 +242,7 @@ CHANGES WITH 255 in spe: attaching a file to a loopback device will implicitly make a handle available to be found via that file's inode information. - * udevadm info gained support for JSON output via a new --json flag, and + * udevadm info gained support for JSON output via a new --json= flag, and for filtering output using the same mechanism that udevadm trigger already implements. @@ -239,6 +253,18 @@ CHANGES WITH 255 in spe: It is now enabled by default and is part of the new "v255" naming scheme. + * A new hwdb/rules file has been added that sets the + ID_NET_AUTO_LINK_LOCAL_ONLY=1 udev property on all network interfaces + that should usually only be configured with link-local addressing + (IPv4LL + IPv6LL), i.e. for PC-to-PC cables ("laplink") or + Thunderbolt networking. systemd-networkd and NetworkManager (soon) + will make use of this information to apply an appropriate network + configuration by default. + + * The ID_NET_DRIVER property on network interfaces is now set + relatively early in the udev rule set so that other rules may rely on + its use. This is implemented in a new "net-driver" udev built-in. + Network Management: * The "duid-only" option for DHCPv4 client's ClientIdentifier= setting @@ -315,17 +341,14 @@ CHANGES WITH 255 in spe: 89-ethernet.network matches all Ethernet interfaces and enables both DHCPv4 and DHCPv6 clients. - Changes in systemd-analyze: + * If a ID_NET_MANAGED_BY= udev property is set on a network device and + it is any other string than "io.systemd.Network" then networkd will + not manage this device. This may be used to allow multiple network + management services to run in parallel and assign ownership of + specific devices explicitly. NetworkManager will soon implement a + similar logic. - * "systemd-analyze plot" has gained tooltips on each unit name with - related-unit information in its svg output, such as Before=, - Requires=, and similar properties. - - Other: - - * A new varlinkctl tool has been added to allow interfacing with - Varlink services, and introspection has been added to all such - services. + systemctl: * systemctl is-failed now checks the system state if no unit is specified. @@ -334,8 +357,7 @@ CHANGES WITH 255 in spe: system has been setup in /run/nextroot/ when a reboot operation is invoked. - * systemd-sysext and systemd-confext now expose a Varlink service - at io.systemd.sysext. + Login management: * wall messages now work even when utmp support is disabled, using systemd-logind to query the necessary information. @@ -346,6 +368,28 @@ CHANGES WITH 255 in spe: the additional information is the type of operation that is about to be executed. + Hibernation & Suspend: + + * The kernel and OS versions will no longer be checked on resume from + hibernation. + + * Hibernation into swap files backed by btrfs are now + supported. (Previously this was supported only for other file + systems.) + + Other: + + * "systemd-analyze plot" has gained tooltips on each unit name with + related-unit information in its svg output, such as Before=, + Requires=, and similar properties. + + * A new varlinkctl tool has been added to allow interfacing with + Varlink services, and introspection has been added to all such + services. + + * systemd-sysext and systemd-confext now expose a Varlink service + at io.systemd.sysext. + * systemd-sysupdate now accepts directories in the MatchPattern= option. * systemd-run will now output the invocation ID of the launched @@ -356,9 +400,9 @@ CHANGES WITH 255 in spe: combination with --cat-config to suppress uninteresting configuration lines, such as comments. - * systemd-resolved gained a new DumpStatistics() Varlink method, and - resolvectl gained a new corresponding show-server-state verb that - calls it. + * resolvectl gained a new "show-server-state" command that shows + current statistics of the resolver. This is backed by a new + DumpStatistics() Varlink method provided by systemd-resolved. * systemd-timesyncd will now emit a D-Bus signal when the LinkNTPServers property changes. @@ -366,9 +410,6 @@ CHANGES WITH 255 in spe: * vconsole now supports KEYMAP=@kernel for preserving the kernel keymap as-is. - * The kernel and OS versions will no longer be checked on resume from - hibernation. - * seccomp now supports the LoongArch64 architecture. * systemd-id128 now supports a new -P option to show only values, and @@ -398,39 +439,87 @@ CHANGES WITH 255 in spe: quickly get access to the local disk. It's inspired by MacOS "target disk mode". + * A new component "systemd-bsod" has been added, which can show logged + error messages full screen, if they have a log level of LOG_EMERG log + level. + + * The systemd-dissect tool's --with command will now set the + $SYSTEMD_DISSECT_DEVICE environment variable to the block device it + operates on for the invoked process. + + * The systemd-mount tool gained a new --tmpfs switch for mounting a new + 'tmpfs' instance. This is useful since it does so via .mount units + and thus can be executed remotely or in containers. + + * The various tools in systemd that take "verbs" (such as systemctl, + loginctl, machinectl, …) now will suggest a close verb name in case + the user specified an unrecognized one. + + * libsystemd now exports a new function sd_id128_get_app_specific() + that generates "app-specific" 128bit IDs from any ID. It's similar to + sd_id128_get_machine_app_specific() and + sd_id128_get_boot_app_specific() but takes the ID to base calculation + on as input. This new functionality is also exposed in the + "systemd-id128" tool where you can now combine --app= with `show`. + + * All tools that parse timestamps now can also parse RFC3339 style + timestamps that include the "T" and Z" characters. + + * New documentation as been added: + + https://systemd.io/FILE_DESCRIPTOR_STORE + https://systemd.io/TPM2_PCR_MEASUREMENTS + https://systemd.io/MOUNT_REQUIREMENTS.md + + * The codebase now recognizes the suffix .confext.raw and .sysext.raw + as alternative to the .raw suffix generally accepted for DDIs. It is + recommended to name configuration extensions and system extensions + with such suffixes, to indicate their purpose in the name. + + * The sd-device API gained a new function + sd_device_enumerator_add_match_property_required() which allows + configuring matches on properties that are strictly required. This is + different from the existing sd_device_enumerator_add_match_property() + matches of which one one needs to apply. + + * The MAC adress the veth side of an nspawn container shall get + assigned may now be controlled via the $SYSTEMD_NSPAWN_NETWORK_MAC + environment variable. + + * The libiptc dependency is not implemented via dlopen(), so that tools + such as networkd and nspawn no longer have a hard dependency on the + shared library when compiled with support for libiptc. + Contributions from: 김인수, Abderrahim Kitouni, Adam Williamson, Alexandre Peixoto Ferreira, Alex Hudspith, Alvin Alvarado, André Paiusco, Antonio Alvarez Feijoo, Anton Lundin, Arseny Maslennikov, Arthur Shau, Balázs Úr, beh_10257, Benjamin Peterson, Bertrand Jacquin, Brian Norris, Chris Patterson, - Christian Hergert, Christian Hesse, Christian Kirbach, - commondservice, Curtis Klein, cvlc12, Daan De Meyer, - Daniel P. Berrangé, Daniel Rusek, Dan Streetman, - David Rheinsberg, David Santamaría Rogado, David Tardon, + Christian Hergert, Christian Hesse, Christian Kirbach, commondservice, + Curtis Klein, cvlc12, Daan De Meyer, Daniel P. Berrangé, Daniel Rusek, + Dan Streetman, David Rheinsberg, David Santamaría Rogado, David Tardon, dependabot[bot], Dmitry V. Levin, Emanuele Giuseppe Esposito, Emil Renner Berthing, Emil Velikov, Etienne Dechamps, Fabian Vogt, - felixdoerre, Franck Bui, Frantisek Sumsal, G2-Games, - Gioele Barabucci, Hugo Carvalho, huyubiao, IllusionMan1212, - Jade Lovelace, janana, Jan Janssen, Jan Kuparinen, Jan Macku, - Jin Liu, Joerg Behrmann, Johannes Segitz, Jordan Rome, - Jordan Williams, Julien Malka, Juno Computers, Khem Raj, khm, - Kingbom Dou, Kiran Vemula, Laszlo Gombos, Lennart Poettering, - Luca Boccassi, Lucas Adriano Salles, Lukas, Maanya Goenka, Maarten, - Malte Poll, Marc Pervaz Boocha, Martin Beneš, Martin Wilck, - Mathieu Tortuyaux, Matthias Schiffer, Maxim Mikityanskiy, - Max Kellermann, Michael A Cassaniti, Michael Biebl, Michael Kuhn, - Michael Vasseur, Michal Koutný, Michal Sekletár, Mike Yuan, - Milton D. Miller II, mordner, msizanoen, NAHO, Nandakumar Raghavan, - Nick Rosbrook, NRK, Oğuz Ersen, Omojola Joshua, pelaufer, - Peter Hutterer, PhylLu, Pierre GRASSER, Piotr Drąg, Priit Laes, - Rahil Bhimjiani, Raito Bezarius, Raul Cheleguini, Reto Schneider, - Richard Maw, Robby Red, RoepLuke, Roland Hieber, Ronan Pigott, - Sam James, Sergey A, Susant Sahani, Sven Joachim, - Takashi Sakamoto, Thorsten Kukuk, Tj, Tomasz Świątek, - Topi Miettinen, Valentin David, Valentin Lefebvre, - Victor Westerhuis, Vincent Haupert, Vishal Chillara Srinivas, - Warren, Xiaotian Wu, xinpeng wang, Yu Watanabe, - Zbigniew Jędrzejewski-Szmek, наб + felixdoerre, Franck Bui, Frantisek Sumsal, G2-Games, Gioele Barabucci, + Hugo Carvalho, huyubiao, IllusionMan1212, Jade Lovelace, janana, + Jan Janssen, Jan Kuparinen, Jan Macku, Jin Liu, Joerg Behrmann, + Johannes Segitz, Jordan Rome, Jordan Williams, Julien Malka, + Juno Computers, Khem Raj, khm, Kingbom Dou, Kiran Vemula, + Laszlo Gombos, Lennart Poettering, Luca Boccassi, Lucas Adriano Salles, + Lukas, Maanya Goenka, Maarten, Malte Poll, Marc Pervaz Boocha, + Martin Beneš, Martin Wilck, Mathieu Tortuyaux, Matthias Schiffer, + Maxim Mikityanskiy, Max Kellermann, Michael A Cassaniti, Michael Biebl, + Michael Kuhn, Michael Vasseur, Michal Koutný, Michal Sekletár, + Mike Yuan, Milton D. Miller II, mordner, msizanoen, NAHO, + Nandakumar Raghavan, Nick Rosbrook, NRK, Oğuz Ersen, Omojola Joshua, + pelaufer, Peter Hutterer, PhylLu, Pierre GRASSER, Piotr Drąg, + Priit Laes, Rahil Bhimjiani, Raito Bezarius, Raul Cheleguini, + Reto Schneider, Richard Maw, Robby Red, RoepLuke, Roland Hieber, + Ronan Pigott, Sam James, Sergey A, Susant Sahani, Sven Joachim, + Takashi Sakamoto, Thorsten Kukuk, Tj, Tomasz Świątek, Topi Miettinen, + Valentin David, Valentin Lefebvre, Victor Westerhuis, Vincent Haupert, + Vishal Chillara Srinivas, Warren, Xiaotian Wu, xinpeng wang, + Yu Watanabe, Zbigniew Jędrzejewski-Szmek, наб CHANGES WITH 254: