Changes between Version 9 and Version 16 of Ticket #1003

Aug 18, 2015, 6:53:36 PM (7 years ago)
William Harrington


  • Ticket #1003

    • Property Summary changed from Systemd 218 Version Upgrade to Systemd 224 Version Upgrade
  • Ticket #1003 – Description

    v9 v16  
     1New version
    3 Compat Patch:
     3Some info:
    6 We will see new users and groups installed and new daemons introduced and some daemons removed.
    8 Systemd 217/218 has quite a bit of changes since 213. We need to backtrack changes since 213:
    10 CHANGES WITH 218:
     12I suggest we conform our user ids and group ids to LFS since a lot of people use BLFS rather than our ancient CBLFS.
    13 CHANGES WITH 217:
     14This is what I have been using for my current builds:
    15         * journalctl gained the new options -t/--identifier= to match
    16           on the syslog identifier (aka "tag"), as well as --utc to
    17           show log timestamps in the UTC timezone. journalctl now also
    18           accepts -n/--lines=all to disable line capping in a pager.
     16cat /etc/passwd
     19daemon:x:6:6:Daemon User:/dev/null:/bin/false
     20messagebus:x:18:18:D-Bus Message Daemon User:/var/run/dbus:/bin/false
     21systemd-bus-proxy:x:72:72:systemd Bus Proxy:/:/bin/false
     22systemd-journal-gateway:x:73:73:systemd Journal Gateway:/:/bin/false
     23systemd-journal-remote:x:74:74:systemd Journal Remote:/:/bin/false
     24systemd-journal-upload:x:75:75:systemd Journal Upload:/:/bin/false
     25systemd-network:x:76:76:systemd Network Management:/:/bin/false
     26systemd-resolve:x:77:77:systemd Resolver:/:/bin/false
     27systemd-timesync:x:78:78:systemd Time Synchronization:/:/bin/false
     28nobody:x:65534:65533:Unprivileged User:/dev/null:/bin/false
    20         * Services can notify the manager before they start a reload
    21           (by sending RELOADING=1) or shutdown (by sending
    22           STOPPING=1). This allows the manager to track and show the
    23           internal state of daemons and closes a race condition when
    24           the process is still running but has closed its D-Bus
    25           connection.
     30cat /etc/group
    27         * Services with Type=oneshot do not have to have any ExecStart
    28           commands anymore.
    30         * User units are now loaded also from
    31           $XDG_RUNTIME_DIR/systemd/user/. This is similar to the
    32           /run/systemd/user directory that was already previously
    33           supported, but is under the control of the user.
    35         * Job timeouts (i.e. time-outs on the time a job that is
    36           queued stays in the run queue) can now optionally result in
    37           immediate reboot or power-off actions (JobTimeoutAction= and
    38           JobTimeoutRebootArgument=). This is useful on ".target"
    39           units, to limit the maximum time a target remains
    40           undispatched in the run queue, and to trigger an emergency
    41           operation in such a case. This is now used by default to
    42           turn off the system if boot-up (as defined by everything in
    43  hangs and does not complete for at least
    44           15min. Also, if power-off or reboot hang for at least 30min
    45           an immediate power-off/reboot operation is triggered. This
    46           functionality is particularly useful to increase reliability
    47           on embedded devices, but also on laptops which might
    48           accidentally get powered on when carried in a backpack and
    49           whose boot stays stuck in a hard disk encryption passphrase
    50           question.
    52         * systemd-logind can be configured to also handle lid switch
    53           events even when the machine is docked or multiple displays
    54           are attached (HandleLidSwitchDocked= option).
    56         * A helper binary and a service have been added which can be
    57           used to resume from hibernation in the initramfs. A
    58           generator will parse the resume= option on the kernel
    59           command-line to trigger resume.
    61         * A user console daemon systemd-consoled has been
    62           added. Currently, it is a preview, and will so far open a
    63           single terminal on each session of the user marked as
    64           Desktop=systemd-console.
    66         * Route metrics can be specified for DHCP routes added by
    67           systemd-networkd.
    69         * The SELinux context of socket-activated services can be set
    70           from the information provided by the networking stack
    71           (SELinuxContextFromNet= option).
    73         * Userspace firmware loading support has been removed and
    74           the minimum supported kernel version is thus bumped to 3.7.
    76         * Timeout for udev workers has been increased from 1 to 3
    77           minutes, but a warning will be printed after 1 minute to
    78           help diagnose kernel modules that take a long time to load.
    80         * Udev rules can now remove tags on devices with TAG-="foobar".
    82         * systemd's readahead implementation has been removed. In many
    83           circumstances it didn't give expected benefits even for
    84           rotational disk drives and was becoming less relevant in the
    85           age of SSDs. As none of the developers has been using
    86           rotating media anymore, and nobody stepped up to actively
    87           maintain this component of systemd it has now been removed.
    89         * Swap units can use Discard= to specify discard options.
    90           Discard options specified for swaps in /etc/fstab are now
    91           respected.
    93         * Docker containers are now detected as a separate type of
    94           virtualization.
    96         * The Password Agent protocol gained support for queries where
    97           the user input is shown, useful e.g. for user names.
    98           systemd-ask-password gained a new --echo option to turn that
    99           on.
    101         * The default sysctl.d/ snippets will now set:
    103                 net.core.default_qdisc = fq_codel
    105           This selects Fair Queuing Controlled Delay as the default
    106           queuing discipline for network interfaces. fq_codel helps
    107           fight the network bufferbloat problem. It is believed to be
    108           a good default with no tuning required for most workloads.
    109           Downstream distributions may override this choice. On 10Gbit
    110           servers that do not do forwarding, "fq" may perform better.
    111           Systems without a good clocksource should use "pfifo_fast".
    113         * If kdbus is enabled during build a new option BusPolicy= is
    114           available for service units, that allows locking all service
    115           processes into a stricter bus policy, in order to limit
    116           access to various bus services, or even hide most of them
    117           from the service's view entirely.
    119         * networkctl will now show the .network and .link file
    120           networkd has applied to a specific interface.
    122         * sd-login gained a new API call sd_session_get_desktop() to
    123           query which desktop environment has been selected for a
    124           session.
    126         * UNIX utmp support is now compile-time optional to support
    127           legacy-free systems.
    129         * systemctl gained two new commands "add-wants" and
    130           "add-requires" for pulling in units from specific targets
    131           easily.
    133         * If the word "rescue" is specified on the kernel command line
    134           the system will now boot into rescue mode (aka
    135 , which was previously available only by
    136           specifying "1" or "" on the kernel
    137           command line. This new kernel command line option nicely
    138           mirrors the already existing "emergency" kernel command line
    139           option.
    141         * New kernel command line options mount.usr=, mount.usrflags=,
    142           mount.usrfstype= have been added that match root=, rootflags=,
    143           rootfstype= but allow mounting a specific file system to
    144           /usr.
    146         * The $NOTIFY_SOCKET is now also passed to control processes of
    147           services, not only the main process.
    149         * This version reenables support for fsck's -l switch. This
    150           means at least version v2.25 of util-linux is required for
    151           operation, otherwise dead-locks on device nodes may
    152           occur. Again: you need to update util-linux to at least
    153           v2.25 when updating systemd to v217.
    155         * The "multi-seat-x" tool has been removed from systemd, as
    156           its functionality has been integrated into X servers 1.16,
    157           and the tool is hence redundant. It is recommended to update
    158           display managers invoking this tool to simply invoke X
    159           directly from now on, again.
    161         * Support for the new ALLOW_INTERACTIVE_AUTHORIZATION D-Bus
    162           message flag has been added for all of systemd's PolicyKit
    163           authenticated method calls has been added. In particular
    164           this now allows optional interactive authorization via
    165           PolicyKit for many of PID1's privileged operations such as
    166           unit file enabling and disabling.
    168         * "udevadm hwdb --update" learnt a new switch "--usr" for
    169           placing the rebuilt hardware database in /usr instead of
    170           /etc. When used only hardware database entries stored in
    171           /usr will be used, and any user database entries in /etc are
    172           ignored. This functionality is useful for vendors to ship a
    173           pre-built database on systems where local configuration is
    174           unnecessary or unlikely.
    176         * Calendar time specifications in .timer units now also
    177           understand the strings "semi-annually", "quarterly" and
    178           "minutely" as shortcuts (in addition to the preexisting
    179           "anually", "hourly", ...).
    181         * systemd-tmpfiles will now correctly create files in /dev
    182           at boot which are marked for creation only at boot. It is
    183           recommended to always create static device nodes with 'c!'
    184           and 'b!', so that they are created only at boot and not
    185           overwritten at runtime.
    187         * When the watchdog logic is used for a service (WatchdogSec=)
    188           and the watchdog timeout is hit the service will now be
    189           terminated with SIGABRT (instead of just SIGTERM), in order
    190           to make sure a proper coredump and backtrace is
    191           generated. This ensures that hanging services will result in
    192           similar coredump/backtrace behaviour as services that hit a
    193           segmentation fault.
    195 CHANGES WITH 216:
    197         * timedated no longer reads NTP implementation unit names from
    198           /usr/lib/systemd/ntp-units.d/*.list. Alternative NTP
    199           implementations should add a
    201             Conflicts=systemd-timesyncd.service
    203           to their unit files to take over and replace systemd's NTP
    204           default functionality.
    206         * systemd-sysusers gained a new line type "r" for configuring
    207           which UID/GID ranges to allocate system users/groups
    208           from. Lines of type "u" may now add an additional column
    209           that specifies the home directory for the system user to be
    210           created. Also, systemd-sysusers may now optionally read user
    211           information from STDIN instead of a file. This is useful for
    212           invoking it from RPM preinst scriptlets that need to create
    213           users before the first RPM file is installed since these
    214           files might need to be owned by them. A new
    215           %sysusers_create_inline RPM macro has been introduced to do
    216           just that. systemd-sysusers now updates the shadow files as
    217           well as the user/group databases, which should enhance
    218           compatibility with certain tools like grpck.
    220         * A number of bus APIs of PID 1 now optionally consult
    221           PolicyKit to permit access for otherwise unprivileged
    222           clients under certain conditions. Note that this currently
    223           doesn't support interactive authentication yet, but this is
    224           expected to be added eventually, too.
    226         * /etc/machine-info now has new fields for configuring the
    227           deployment environment of the machine, as well as the
    228           location of the machine. hostnamectl has been updated with
    229           new command to update these fields.
    231         * systemd-timesyncd has been updated to automatically acquire
    232           NTP server information from systemd-networkd, which might
    233           have been discovered via DHCP.
    235         * systemd-resolved now includes a caching DNS stub resolver
    236           and a complete LLMNR name resolution implementation. A new
    237           NSS module "nss-resolve" has been added which make be used
    238           of glibc's own "nss-dns" to resolve hostnames via
    239           systemd-resolved. Hostnames, addresses and arbitrary RRs may
    240           be resolved via systemd-resolved D-Bus APIs. In contrast to
    241           the glibc internal resolver systemd-resolved is aware of
    242           multi-homed system, and keeps DNS server and caches separate
    243           and per-interface. Queries are sent simultaneously on all
    244           interfaces that have DNS servers configured, in order to
    245           properly handle VPNs and local LANs which might resolve
    246           separate sets of domain names. systemd-resolved may acquire
    247           DNS server information from systemd-networkd automatically,
    248           which in turn might have discovered them via DHCP. A tool
    249           "systemd-resolve-host" has been added that may be used to
    250           query the DNS logic in resolved. systemd-resolved implements
    251           IDNA and automatically uses IDNA or UTF-8 encoding depending
    252           on whether classic DNS or LLMNR is used as transport. In the
    253           next releases we intend to add a DNSSEC and mDNS/DNS-SD
    254           implementation to systemd-resolved.
    256         * A new NSS module nss-mymachines has been added, that
    257           automatically resolves the names of all local registered
    258           containers to their respective IP addresses.
    260         * A new client tool "networkctl" for systemd-networkd has been
    261           added. It currently is entirely passive and will query
    262           networking configuration from udev, rtnetlink and networkd,
    263           and present it to the user in a very friendly
    264           way. Eventually, we hope to extend it to become a full
    265           control utility for networkd.
    267         * .socket units gained a new DeferAcceptSec= setting that
    268           controls the kernels' TCP_DEFER_ACCEPT sockopt for
    269           TCP. Similar, support for controlling TCP keep-alive
    270           settings has been added (KeepAliveTimeSec=,
    271           KeepAliveIntervalSec=, KeepAliveProbes=). Also, support for
    272           turning off Nagle's algorithm on TCP has been added
    273           (NoDelay=).
    275         * logind learned a new session type "web", for use in projects
    276           like Cockpit which register web clients as PAM sessions.
    278         * timer units with at least one OnCalendar= setting will now
    279           be started only after has been
    280           reached. This way they will not elapse before the system
    281           clock has been corrected by a local NTP client or
    282           similar. This is particular useful on RTC-less embedded
    283           machines, that come up with an invalid system clock.
    285         * systemd-nspawn's --network-veth= switch should now result in
    286           stable MAC addresses for both the outer and the inner side
    287           of the link.
    289         * systemd-nspawn gained a new --volatile= switch for running
    290           container instances with /etc or /var unpopulated.
    292         * The kdbus client code has been updated to use the new Linux
    293           3.17 memfd subsystem instead of the old kdbus-specific one.
    295         * systemd-networkd's DHCP client and server now support
    296           FORCERENEW. There are also new configuration options to
    297           configure the vendor client identifier and broadcast mode
    298           for DHCP.
    300         * systemd will no longer inform the kernel about the current
    301           timezone, as this is necessarily incorrect and racy as the
    302           kernel has no understanding of DST and similar
    303           concepts. This hence means FAT timestamps will be always
    304           considered UTC, similar to what Android is already
    305           doing. Also, when the RTC is configured to the local time
    306           (rather than UTC) systemd will never synchronize back to it,
    307           as this might confuse Windows at a later boot.
    309         * systemd-analyze gained a new command "verify" for offline
    310           validation of unit files.
    312         * systemd-networkd gained support for a couple of additional
    313           settings for bonding networking setups. Also, the metric for
    314           statically configured routes may now be configured. For
    315           network interfaces where this is appropriate the peer IP
    316           address may now be configured.
    318         * systemd-networkd's DHCP client will no longer request
    319           broadcasting by default, as this tripped up some networks.
    320           For hardware where broadcast is required the feature should
    321           be switched back on using RequestBroadcast=yes.
    323         * systemd-networkd will now set up IPv4LL addresses (when
    324           enabled) even if DHCP is configured successfully.
    326         * udev will now default to respect network device names given
    327           by the kernel when the kernel indicates that these are
    328           predictable. This behavior can be tweaked by changing
    329           NamePolicy= in the relevant .link file.
    331         * A new library systemd-terminal has been added that
    332           implements full TTY stream parsing and rendering. This
    333           library is supposed to be used later on for implementing a
    334           full userspace VT subsystem, replacing the current kernel
    335           implementation.
    337         * A new tool systemd-journal-upload has been added to push
    338           journal data to a remote system running
    339           systemd-journal-remote.
    341         * journald will no longer forward all local data to another
    342           running syslog daemon. This change has been made because
    343           rsyslog (which appears to be the most commonly used syslog
    344           implementation these days) no longer makes use of this, and
    345           instead pulls the data out of the journal on its own. Since
    346           forwarding the messages to a non-existent syslog server is
    347           more expensive than we assumed we have now turned this
    348           off. If you run a syslog server that is not a recent rsyslog
    349           version, you have to turn this option on again
    350           (ForwardToSyslog= in journald.conf).
    352         * journald now optionally supports the LZ4 compressor for
    353           larger journal fields. This compressor should perform much
    354           better than XZ which was the previous default.
    356         * machinectl now shows the IP addresses of local containers,
    357           if it knows them, plus the interface name of the container.
    359         * A new tool "systemd-escape" has been added that makes it
    360           easy to escape strings to build unit names and similar.
    362         * sd_notify() messages may now include a new ERRNO= field
    363           which is parsed and collected by systemd and shown among the
    364           "systemctl status" output for a service.
    366         * A new component "systemd-firstboot" has been added that
    367           queries the most basic systemd information (timezone,
    368           hostname, root password) interactively on first
    369           boot. Alternatively it may also be used to provision these
    370           things offline on OS images installed into directories.
    372         * The default sysctl.d/ snippets will now set
    374                 net.ipv4.conf.default.promote_secondaries=1
    376           This has the benefit of no flushing secondary IP addresses
    377           when primary addresses are removed.
    379         Contributions from: Ansgar Burchardt, Bastien Nocera, Colin
    380         Walters, Dan Dedrick, Daniel Buch, Daniel Korostil, Daniel
    381         Mack, Dan Williams, Dave Reisner, David Herrmann, Denis
    382         Kenzior, Eelco Dolstra, Eric Cook, Hannes Reinecke, Harald
    383         Hoyer, Hong Shick Pak, Hui Wang, Jean-André Santoni, Jóhann
    384         B. Guðmundsson, Jon Severinsson, Karel Zak, Kay Sievers, Kevin
    385         Wells, Lennart Poettering, Lukas Nykryn, Mantas Mikulėnas,
    386         Marc-Antoine Perennou, Martin Pitt, Michael Biebl, Michael
    387         Marineau, Michael Olbrich, Michal Schmidt, Michal Sekletar,
    388         Miguel Angel Ajo, Mike Gilbert, Olivier Brunel, Robert
    389         Schiele, Ronny Chevalier, Simon McVittie, Sjoerd Simons, Stef
    390         Walter, Steven Noonan, Susant Sahani, Tanu Kaskinen, Thomas
    391         Blume, Thomas Hindoe Paaboel Andersen, Timofey Titovets,
    392         Tobias Geerinckx-Rice, Tomasz Torcz, Tom Gundersen, Umut
    393         Tezduyar Lindskog, Zbigniew Jędrzejewski-Szmek
    395         -- Berlin, 2014-08-19
    397 CHANGES WITH 215:
    399         * A new tool systemd-sysusers has been added. This tool
    400           creates system users and groups in /etc/passwd and
    401           /etc/group, based on static declarative system user/group
    402           definitions in /usr/lib/sysusers.d/. This is useful to
    403           enable factory resets and volatile systems that boot up with
    404           an empty /etc directory, and thus need system users and
    405           groups created during early boot. systemd now also ships
    406           with two default sysusers.d/ files for the most basic
    407           users and groups systemd and the core operating system
    408           require.
    410         * A new tmpfiles snippet has been added that rebuilds the
    411           essential files in /etc on boot, should they be missing.
    413         * A directive for ensuring automatic clean-up of
    414           /var/cache/man/ has been removed from the default
    415           configuration. This line should now be shipped by the man
    416           implementation. The necessary change has been made to the
    417           man-db implementation. Note that you need to update your man
    418           implementation to one that ships this line, otherwise no
    419           automatic clean-up of /var/cache/man will take place.
    421         * A new condition ConditionNeedsUpdate= has been added that
    422           may conditionalize services to only run when /etc or /var
    423           are "older" than the vendor operating system resources in
    424           /usr. This is useful for reconstructing or updating /etc
    425           after an offline update of /usr or a factory reset, on the
    426           next reboot. Services that want to run once after such an
    427           update or reset should use this condition and order
    428           themselves before the new systemd-update-done.service, which
    429           will mark the two directories as fully updated. A number of
    430           service files have been added making use of this, to rebuild
    431           the udev hardware database, the journald message catalog and
    432           dynamic loader cache (ldconfig). The systemd-sysusers tool
    433           described above also makes use of this now. With this in
    434           place it is now possible to start up a minimal operating
    435           system with /etc empty cleanly. For more information on the
    436           concepts involved see this recent blog story:
    440         * A new system group "input" has been introduced, and all
    441           input device nodes get this group assigned. This is useful
    442           for system-level software to get access to input devices. It
    443           complements what is already done for "audio" and "video".
    445         * systemd-networkd learnt minimal DHCPv4 server support in
    446           addition to the existing DHCPv4 client support. It also
    447           learnt DHCPv6 client and IPv6 Router Solicitation client
    448           support. The DHCPv4 client gained support for static routes
    449           passed in from the server. Note that the [DHCPv4] section
    450           known in older systemd-networkd versions has been renamed to
    451           [DHCP] and is now also used by the DHCPv6 client. Existing
    452           .network files using settings of this section should be
    453           updated, though compatibility is maintained. Optionally, the
    454           client hostname may now be sent to the DHCP server.
    456         * networkd gained support for vxlan virtual networks as well
    457           as tun/tap and dummy devices.
    459         * networkd gained support for automatic allocation of address
    460           ranges for interfaces from a system-wide pool of
    461           addresses. This is useful for dynamically managing a large
    462           number of interfaces with a single network configuration
    463           file. In particular this is useful to easily assign
    464           appropriate IP addresses to the veth links of a large number
    465           of nspawn instances.
    467         * RPM macros for processing sysusers, sysctl and binfmt
    468           drop-in snippets at package installation time have been
    469           added.
    471         * The /etc/os-release file should now be placed in
    472           /usr/lib/os-release. The old location is automatically
    473           created as symlink. /usr/lib is the more appropriate
    474           location of this file, since it shall actually describe the
    475           vendor operating system shipped in /usr, and not the
    476           configuration stored in /etc.
    478         * .mount units gained a new boolean SloppyOptions= setting
    479           that maps to mount(8)'s -s option which enables permissive
    480           parsing of unknown mount options.
    482         * tmpfiles learnt a new "L+" directive which creates a symlink
    483           but (unlike "L") deletes a pre-existing file first, should
    484           it already exist and not already be the correct
    485           symlink. Similar, "b+", "c+" and "p+" directives have been
    486           added as well, which create block and character devices, as
    487           well as fifos in the filesystem, possibly removing any
    488           pre-existing files of different types.
    490         * For tmpfiles' "L", "L+", "C" and "C+" directives the final
    491           'argument' field (which so far specified the source to
    492           symlink/copy the files from) is now optional. If omitted the
    493           same file os copied from /usr/share/factory/ suffixed by the
    494           full destination path. This is useful for populating /etc
    495           with essential files, by copying them from vendor defaults
    496           shipped in /usr/share/factory/etc.
    498         * A new command "systemctl preset-all" has been added that
    499           applies the service preset settings to all installed unit
    500           files. A new switch --preset-mode= has been added that
    501           controls whether only enable or only disable operations
    502           shall be executed.
    504         * A new command "systemctl is-system-running" has been added
    505           that allows checking the overall state of the system, for
    506           example whether it is fully up and running.
    508         * When the system boots up with an empty /etc, the equivalent
    509           to "systemctl preset-all" is executed during early boot, to
    510           make sure all default services are enabled after a factory
    511           reset.
    513         * systemd now contains a minimal preset file that enables the
    514           most basic services systemd ships by default.
    516         * Unit files' [Install] section gained a new DefaultInstance=
    517           field for defining the default instance to create if a
    518           template unit is enabled with no instance specified.
    520         * A new passive target has been added
    521           that may be used by services that need to make they run and
    522           finish before the first LUKS cryptographic device is set up.
    524         * The /dev/loop-control and /dev/btrfs-control device nodes
    525           are now owned by the "disk" group by default, opening up
    526           access to this group.
    528         * systemd-coredump will now automatically generate a
    529           stack trace of all core dumps taking place on the system,
    530           based on elfutils' libdw library. This stack trace is logged
    531           to the journal.
    533         * systemd-coredump may now optionally store coredumps directly
    534           on disk (in /var/lib/systemd/coredump, possibly compressed),
    535           instead of storing them unconditionally in the journal. This
    536           mode is the new default. A new configuration file
    537           /etc/systemd/coredump.conf has been added to configure this
    538           and other parameters of systemd-coredump.
    540         * coredumpctl gained a new "info" verb to show details about a
    541           specific coredump. A new switch "-1" has also been added
    542           that makes sure to only show information about the most
    543           recent entry instead of all entries. Also, as the tool is
    544           generally useful now the "systemd-" prefix of the binary
    545           name has been removed. Distributions that want to maintain
    546           compatibility with the old name should add a symlink from
    547           the old name to the new name.
    549         * journald's SplitMode= now defaults to "uid". This makes sure
    550           that unprivileged users can access their own coredumps with
    551           coredumpctl without restrictions.
    553         * New kernel command line options "systemd.wants=" (for
    554           pulling an additional unit during boot), "systemd.mask="
    555           (for masking a specific unit for the boot), and
    556           "systemd.debug-shell" (for enabling the debug shell on tty9)
    557           have been added. This is implemented in the new generator
    558           "systemd-debug-generator".
    560         * systemd-nspawn will now by default filter a couple of
    561           syscalls for containers, among them those required for
    562           kernel module loading, direct x86 IO port access, swap
    563           management, and kexec. Most importantly though
    564           open_by_handle_at() is now prohibited for containers,
    565           closing a hole similar to a recently discussed vulnerability
    566           in docker regarding access to files on file hierarchies the
    567           container should normally not have access to. Note that for
    568           nspawn we generally make no security claims anyway (and
    569           this is explicitly documented in the man page), so this is
    570           just a fix for one of the most obvious problems.
    572         * A new man page file-hierarchy(7) has been added that
    573           contains a minimized, modernized version of the file system
    574           layout systemd expects, similar in style to the FHS
    575           specification or hier(5). A new tool systemd-path(1) has
    576           been added to query many of these paths for the local
    577           machine and user.
    579         * Automatic time-based clean-up of $XDG_RUNTIME_DIR is no
    580           longer done. Since the directory now has a per-user size
    581           limit, and is cleaned on logout this appears unnecessary,
    582           in particular since this now brings the lifecycle of this
    583           directory closer in line with how IPC objects are handled.
    585         * systemd.pc now exports a number of additional directories,
    586           including $libdir (which is useful to identify the library
    587           path for the primary architecture of the system), and a
    588           couple of drop-in directories.
    590         * udev's predictable network interface names now use the dev_port
    591           sysfs attribute, introduced in linux 3.15 instead of dev_id to
    592           distinguish between ports of the same PCI function. dev_id should
    593           only be used for ports using the same HW address, hence the need
    594           for dev_port.
    596         * machined has been updated to export the OS version of a
    597           container (read from /etc/os-release and
    598           /usr/lib/os-release) on the bus. This is now shown in
    599           "machinectl status" for a machine.
    601         * A new service setting RestartForceExitStatus= has been
    602           added. If configured to a set of exit signals or process
    603           return values, the service will be restarted when the main
    604           daemon process exits with any of them, regardless of the
    605           Restart= setting.
    607         * systemctl's -H switch for connecting to remote systemd
    608           machines has been extended so that it may be used to
    609           directly connect to a specific container on the
    610           host. "systemctl -H root@foobar:waldi" will now connect as
    611           user "root" to host "foobar", and then proceed directly to
    612           the container named "waldi". Note that currently you have to
    613           authenticate as user "root" for this to work, as entering
    614           containers is a privileged operation.
    616         Contributions from: Andreas Henriksson, Benjamin Steinwender,
    617         Carl Schaefer, Christian Hesse, Colin Ian King, Cristian
    618         Rodríguez, Daniel Mack, Dave Reisner, David Herrmann, Eugene
    619         Yakubovich, Filipe Brandenburger, Frederic Crozat, Hristo
    620         Venev, Jan Engelhardt, Jonathan Boulle, Kay Sievers, Lennart
    621         Poettering, Luke Shumaker, Mantas Mikulėnas, Marc-Antoine
    622         Perennou, Marcel Holtmann, Michael Marineau, Michael Olbrich,
    623         Michał Bartoszkiewicz, Michal Sekletar, Patrik Flykt, Ronan Le
    624         Martret, Ronny Chevalier, Ruediger Oertel, Steven Noonan,
    625         Susant Sahani, Thadeu Lima de Souza Cascardo, Thomas Hindoe
    626         Paaboel Andersen, Tom Gundersen, Tom Hirst, Umut Tezduyar
    627         Lindskog, Uoti Urpala, Zbigniew Jędrzejewski-Szmek
    629         -- Berlin, 2014-07-03
    631 CHANGES WITH 214:
    633         * As an experimental feature, udev now tries to lock the
    634           disk device node (flock(LOCK_SH|LOCK_NB)) while it
    635           executes events for the disk or any of its partitions.
    636           Applications like partitioning programs can lock the
    637           disk device node (flock(LOCK_EX)) and claim temporary
    638           device ownership that way; udev will entirely skip all event
    639           handling for this disk and its partitions. If the disk
    640           was opened for writing, the close will trigger a partition
    641           table rescan in udev's "watch" facility, and if needed
    642           synthesize "change" events for the disk and all its partitions.
    643           This is now unconditionally enabled, and if it turns out to
    644           cause major problems, we might turn it on only for specific
    645           devices, or might need to disable it entirely. Device Mapper
    646           devices are excluded from this logic.
    648         * We temporarily dropped the "-l" switch for fsck invocations,
    649           since they collide with the flock() logic above. util-linux
    650           upstream has been changed already to avoid this conflict,
    651           and we will readd "-l" as soon as util-linux with this
    652           change has been released.
    654         * The dependency on libattr has been removed. Since a long
    655           time, the extended attribute calls have moved to glibc, and
    656           libattr is thus unnecessary.
    658         * Virtualization detection works without priviliges now. This
    659           means the systemd-detect-virt binary no longer requires
    660           CAP_SYS_PTRACE file capabilities, and our daemons can run
    661           with fewer privileges.
    663         * systemd-networkd now runs under its own "systemd-network"
    664           user. It retains the CAP_NET_ADMIN, CAP_NET_BIND_SERVICE,
    665           CAP_NET_BROADCAST, CAP_NET_RAW capabilities though, but
    666           loses the ability to write to files owned by root this way.
    668         * Similar, systemd-resolved now runs under its own
    669           "systemd-resolve" user with no capabilities remaining.
    671         * Similar, systemd-bus-proxyd now runs under its own
    672           "systemd-bus-proxy" user with only CAP_IPC_OWNER remaining.
    674         * systemd-networkd gained support for setting up "veth"
    675           virtual ethernet devices for container connectivity, as well
    676           as GRE and VTI tunnels.
    678         * systemd-networkd will no longer automatically attempt to
    679           manually load kernel modules necessary for certain tunnel
    680           transports. Instead, it is assumed the kernel loads them
    681           automatically when required. This only works correctly on
    682           very new kernels. On older kernels, please consider adding
    683           the kernel modules to /etc/modules-load.d/ as a work-around.
    685         * The resolv.conf file systemd-resolved generates has been
    686           moved to /run/systemd/resolve/. If you have a symlink from
    687           /etc/resolv.conf, it might be necessary to correct it.
    689         * Two new service settings, ProtectHome= and ProtectSystem=,
    690           have been added. When enabled, they will make the user data
    691           (such as /home) inaccessible or read-only and the system
    692           (such as /usr) read-only, for specific services. This allows
    693           very light-weight per-service sandboxing to avoid
    694           modifications of user data or system files from
    695           services. These two new switches have been enabled for all
    696           of systemd's long-running services, where appropriate.
    698         * Socket units gained new SocketUser= and SocketGroup=
    699           settings to set the owner user and group of AF_UNIX sockets
    700           and FIFOs in the file system.
    702         * Socket units gained a new RemoveOnStop= setting. If enabled,
    703           all FIFOS and sockets in the file system will be removed
    704           when the specific socket unit is stopped.
    706         * Socket units gained a new Symlinks= setting. It takes a list
    707           of symlinks to create to file system sockets or FIFOs
    708           created by the specific Unix sockets. This is useful to
    709           manage symlinks to socket nodes with the same life-cycle as
    710           the socket itself.
    712         * The /dev/log socket and /dev/initctl FIFO have been moved to
    713           /run, and have been replaced by symlinks. This allows
    714           connecting to these facilities even if PrivateDevices=yes is
    715           used for a service (which makes /dev/log itself unavailable,
    716           but /run is left). This also has the benefit of ensuring
    717           that /dev only contains device nodes, directories and
    718           symlinks, and nothing else.
    720         * sd-daemon gained two new calls sd_pid_notify() and
    721           sd_pid_notifyf(). They are similar to sd_notify() and
    722           sd_notifyf(), but allow overriding of the source PID of
    723           notification messages if permissions permit this. This is
    724           useful to send notify messages on behalf of a different
    725           process (for example, the parent process). The
    726           systemd-notify tool has been updated to make use of this
    727           when sending messages (so that notification messages now
    728           originate from the shell script invoking systemd-notify and
    729           not the systemd-notify process itself. This should minimize
    730           a race where systemd fails to associate notification
    731           messages to services when the originating process already
    732           vanished.
    734         * A new "on-abnormal" setting for Restart= has been added. If
    735           set, it will result in automatic restarts on all "abnormal"
    736           reasons for a process to exit, which includes unclean
    737           signals, core dumps, timeouts and watchdog timeouts, but
    738           does not include clean and unclean exit codes or clean
    739           signals. Restart=on-abnormal is an alternative for
    740           Restart=on-failure for services that shall be able to
    741           terminate and avoid restarts on certain errors, by
    742           indicating so with an unclean exit code. Restart=on-failure
    743           or Restart=on-abnormal is now the recommended setting for
    744           all long-running services.
    746         * If the InaccessibleDirectories= service setting points to a
    747           mount point (or if there are any submounts contained within
    748           it), it is now attempted to completely unmount it, to make
    749           the file systems truly unavailable for the respective
    750           service.
    752         * The ReadOnlyDirectories= service setting and
    753           systemd-nspawn's --read-only parameter are now recursively
    754           applied to all submounts, too.
    756         * Mount units may now be created transiently via the bus APIs.
    758         * The support for SysV and LSB init scripts has been removed
    759           from the systemd daemon itself. Instead, it is now
    760           implemented as a generator that creates native systemd units
    761           from these scripts when needed. This enables us to remove a
    762           substantial amount of legacy code from PID 1, following the
    763           fact that many distributions only ship a very small number
    764           of LSB/SysV init scripts nowadays.
    766         * Priviliged Xen (dom0) domains are not considered
    767           virtualization anymore by the virtualization detection
    768           logic. After all, they generally have unrestricted access to
    769           the hardware and usually are used to manage the unprivileged
    770           (domU) domains.
    772         * systemd-tmpfiles gained a new "C" line type, for copying
    773           files or entire directories.
    775         * systemd-tmpfiles "m" lines are now fully equivalent to "z"
    776           lines. So far, they have been non-globbing versions of the
    777           latter, and have thus been redundant. In future, it is
    778           recommended to only use "z". "m" has hence been removed
    779           from the documentation, even though it stays supported.
    781         * A tmpfiles snippet to recreate the most basic structure in
    782           /var has been added. This is enough to create the /var/run →
    783           /run symlink and create a couple of structural
    784           directories. This allows systems to boot up with an empty or
    785           volatile /var. Of course, while with this change, the core OS
    786           now is capable with dealing with a volatile /var, not all
    787           user services are ready for it. However, we hope that sooner
    788           or later, many service daemons will be changed upstream so
    789           that they are able to automatically create their necessary
    790           directories in /var at boot, should they be missing. This is
    791           the first step to allow state-less systems that only require
    792           the vendor image for /usr to boot.
    794         * systemd-nspawn has gained a new --tmpfs= switch to mount an
    795           empty tmpfs instance to a specific directory. This is
    796           particularly useful for making use of the automatic
    797           reconstruction of /var (see above), by passing --tmpfs=/var.
    799         * Access modes specified in tmpfiles snippets may now be
    800           prefixed with "~", which indicates that they shall be masked
    801           by whether the existing file or directly is currently
    802           writable, readable or executable at all. Also, if specified,
    803           the sgid/suid/sticky bits will be masked for all
    804           non-directories.
    806         * A new passive target unit "" has been
    807           added which is useful for services that shall run before any
    808           network is configured, for example firewall scripts.
    810         * The "floppy" group that previously owned the /dev/fd*
    811           devices is no longer used. The "disk" group is now used
    812           instead. Distributions should probably deprecate usage of
    813           this group.
    815         Contributions from: Camilo Aguilar, Christian Hesse, Colin Ian
    816         King, Cristian Rodríguez, Daniel Buch, Dave Reisner, David
    817         Strauss, Denis Tikhomirov, John, Jonathan Liu, Kay Sievers,
    818         Lennart Poettering, Mantas Mikulėnas, Mark Eichin, Ronny
    819         Chevalier, Susant Sahani, Thomas Blume, Thomas Hindoe Paaboel
    820         Andersen, Tom Gundersen, Umut Tezduyar Lindskog, Zbigniew
    821         Jędrzejewski-Szmek
    823         -- Berlin, 2014-06-11
     63Don't need users. Was just checking out what LFS has been doing.