mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-22 13:33:56 +03:00
Update NEWS
- categorize entries - add several news for networkd and udevd
This commit is contained in:
parent
ec4954d934
commit
0c6e746b86
254
NEWS
254
NEWS
@ -65,7 +65,7 @@ CHANGES WITH 251 in spe:
|
||||
(as exposed via the SystemCallFilter= setting in service unit files).
|
||||
It is apparently used by the linker now.
|
||||
|
||||
New functionality and other changes:
|
||||
Changes for Boot Loader Specification, kernel-install and sd-boot:
|
||||
|
||||
* kernel-install's and bootctl's Boot Loader Specification Type #1
|
||||
entry generation logic has been reworked. The user may now pick
|
||||
@ -113,6 +113,31 @@ CHANGES WITH 251 in spe:
|
||||
location. kernel-install will move them when all files have been
|
||||
prepared successfully.
|
||||
|
||||
* New option sort-key= has been added to the Boot Loader Specification
|
||||
to override the sorting order of the entries in the boot menu. It is
|
||||
read by sd-boot and bootctl, and will be written by kernel-install,
|
||||
with the default value of IMAGE_ID= or ID= fields from
|
||||
os-release. Together, this means that on multiboot installations,
|
||||
entries should be grouped and sorted in a predictable way.
|
||||
|
||||
* The kernel-install tool gained a new 'inspect' verb which shows the
|
||||
paths and other settings used.
|
||||
|
||||
* sd-boot can now optionally beep when the menu is shown and menu
|
||||
entries are selected, which can be useful on machines without a
|
||||
working display. (Controllable via a loader.conf setting.)
|
||||
|
||||
* The --make-machine-id-directory= switch to bootctl has been replaced
|
||||
by --make-entry-directory=, given that the entry directory is not
|
||||
necessarily named after the machine ID, but after some other suitable
|
||||
ID as selected via --entry-token= described above. The old name of
|
||||
the option is still understood to maximize compatibility.
|
||||
|
||||
* 'bootctl list' gained support for a new --json= switch to output boot
|
||||
menu entries in JSON format.
|
||||
|
||||
Changes for homed:
|
||||
|
||||
* Starting with v250 systemd-homed uses UID/GID mapping on the mounts
|
||||
of activated home directories it manages (if the kernel and selected
|
||||
file systems support it). So far it mapped three UID ranges: the
|
||||
@ -147,14 +172,7 @@ CHANGES WITH 251 in spe:
|
||||
handling, and improving compatibility with home directories intended
|
||||
to be portable like the ones managed by systemd-homed.
|
||||
|
||||
* The journal JSON export format has been added to listed of stable
|
||||
interfaces (https://systemd.io/PORTABILITY_AND_STABILITY/).
|
||||
|
||||
* /etc/locale.conf is now populated through tmpfiles.d factory /etc/
|
||||
handling with the values that were configured during systemd build
|
||||
(if /etc/locale.conf has not been created through some other
|
||||
mechanism). This means that /etc/locale.conf should always have
|
||||
reasonable contents and we avoid a potential mismatch in defaults.
|
||||
Changes for shared libraries:
|
||||
|
||||
* A new libsystemd-core-<version>.so private shared library is
|
||||
installed under /usr/lib/systemd/system, mirroring the existing
|
||||
@ -170,6 +188,12 @@ CHANGES WITH 251 in spe:
|
||||
fail to execute because they were installed earlier or later than the
|
||||
appropriate version of the library.
|
||||
|
||||
* The sd-id128 API gained a new call sd_id128_to_uuid_string() that is
|
||||
similar to sd_id128_to_string() but formats the ID in RFC 4122 UUID
|
||||
format instead of simple series of hex characters.
|
||||
|
||||
Changes for PID1 and systemctl:
|
||||
|
||||
* A new set of service monitor environment variables will be passed to
|
||||
OnFailure=/OnSuccess= handlers, but only if exactly one unit lists the
|
||||
handler unit as OnFailure=/OnSuccess=. The variables are:
|
||||
@ -184,50 +208,6 @@ CHANGES WITH 251 in spe:
|
||||
|
||||
'portablectl attach --extension=' now also accepts directory paths.
|
||||
|
||||
* HARDWARE_VENDOR= and HARDWARE_MODEL= can be set in /etc/machine-info
|
||||
to override the values gleaned from the hwdb.
|
||||
|
||||
* A ID_CHASSIS property can be set in the hwdb (for the DMI device
|
||||
/sys/class/dmi/id) to override the chassis that is reported by
|
||||
hostnamed.
|
||||
|
||||
* hostnamed's D-Bus interface gained a new method GetHardwareSerial()
|
||||
for reading the hardware serial number, as reportd by DMI.
|
||||
|
||||
* Two new hwdb files have been added. One lists "handhelds" (PDAs,
|
||||
calculators, etc.), the other AV production devices (DJ tables,
|
||||
keypads, etc.) that should accessible to the seat owner user by
|
||||
default.
|
||||
|
||||
* A new unit systemd-networkd-wait-online@<interface>.service has been
|
||||
added that can be used to wait for a specific network interface to be
|
||||
up.
|
||||
|
||||
* systemd-resolved is started earlier (in sysinit.target), so it
|
||||
available earlier and will also be started in the initrd if installed
|
||||
there.
|
||||
|
||||
* udevadm trigger gained a new --prioritized-subsystem= option to
|
||||
process certain subsystems (and all their parent devices) earlier.
|
||||
|
||||
systemd-udev-trigger.service now uses this new option to trigger
|
||||
block and TPM devices first, hopefully making the boot a bit faster.
|
||||
|
||||
* udevadm trigger now implements --type=all, --initialized-match,
|
||||
--initialized-nomatch to trigger both subsystems and devices, only
|
||||
already-initialized devices, and only devices which haven't been
|
||||
initialized yet, respectively.
|
||||
|
||||
* systemd-cryptenroll can now control whether to require the user to
|
||||
enter a PIN when using TPM-based unlocking of a volume via the new
|
||||
--tpm2-with-pin= option.
|
||||
|
||||
Option tpm2-pin= can be used in /etc/crypttab.
|
||||
|
||||
* When unlocking devices via TPM, TPM2 parameter encryption is now
|
||||
used, to ensure that communication between CPU and discrete TPM chips
|
||||
cannot be eavesdropped to acquire disk encryption keys.
|
||||
|
||||
* The user.delegate and user.invocation_id extended attributes on
|
||||
cgroups are used in addition to trusted.delegate and
|
||||
trusted.invocation_id. The latter pair requires privileges to set,
|
||||
@ -236,17 +216,6 @@ CHANGES WITH 251 in spe:
|
||||
|
||||
(Only supported on kernels ≥5.6.)
|
||||
|
||||
* New option sort-key= has been added to the Boot Loader Specification
|
||||
to override the sorting order of the entries in the boot menu. It is
|
||||
read by sd-boot and bootctl, and will be written by kernel-install,
|
||||
with the default value of IMAGE_ID= or ID= fields from
|
||||
os-release. Together, this means that on multiboot installations,
|
||||
entries should be grouped and sorted in a predictable way.
|
||||
|
||||
* sd-boot can now optionally beep when the menu is shown and menu
|
||||
entries are selected, which can be useful on machines without a
|
||||
working display. (Controllable via a loader.conf setting.)
|
||||
|
||||
* In unit files the new %y/%Y specifiers can be used to refer to
|
||||
normalized unit file path, which is particularly useful for symlinked
|
||||
unit files.
|
||||
@ -266,15 +235,6 @@ CHANGES WITH 251 in spe:
|
||||
services, i.e. those run by the user's --user service manager, as long
|
||||
as user namespaces are enabled on the system.
|
||||
|
||||
* The --make-machine-id-directory= switch to bootctl has been replaced
|
||||
by --make-entry-directory=, given that the entry directory is not
|
||||
necessarily named after the machine ID, but after some other suitable
|
||||
ID as selected via --entry-token= described above. The old name of
|
||||
the option is still understood to maximize compatibility.
|
||||
|
||||
* 'bootctl list' gained support for a new --json= switch to output boot
|
||||
menu entries in JSON format.
|
||||
|
||||
* Services with Restart=always and a failing ExecCondition= will no
|
||||
longer be restarted, to bring ExecCondition= behaviour in line with
|
||||
Condition*= settings.
|
||||
@ -286,31 +246,18 @@ CHANGES WITH 251 in spe:
|
||||
that encapsulates the service's numeric cgroup ID that newer kernels
|
||||
assign to each cgroup.
|
||||
|
||||
* systemd-networkd gained a new [Bridge] Isolated=true|false setting
|
||||
that configures the eponymous kernel attribute on the bridge.
|
||||
* PID 1 gained support for configuring the "pre-timeout" of watchdog
|
||||
devices and the associated governor, via the new
|
||||
RuntimeWatchdogPreSec= and RuntimeWatchdogPreGovernor= configuration
|
||||
options in /etc/systemd/system.conf.
|
||||
|
||||
* .netdev files now can be used to create virtual WLAN devices, and
|
||||
configure various settings on them, via the [VirtualWLAN] section.
|
||||
* systemctl's --timestamp= option gained a new choice "unix", to show
|
||||
timestamp as unix times, i.e. seconds since 1970, Jan 1st.
|
||||
|
||||
* .link files gained support for [Match] Firmware= setting to match on
|
||||
the device firmware description string. By mistake, it was previously
|
||||
only supported in .network files.
|
||||
Changes for journald:
|
||||
|
||||
* .link/.network files gained support for [Match] Kind= setting to match
|
||||
on device kind ("bond", "bridge", "gre", "tun", "veth", etc.)
|
||||
|
||||
This value is also shown by 'networkctl status'.
|
||||
|
||||
* .link files gained support for setting MDI/MID-X on a link.
|
||||
|
||||
* The Local= setting for various virtual network devices gained support
|
||||
for specifying, in addition to the network address, the name of a
|
||||
local interface which must have the specified address.
|
||||
|
||||
* New [DHCPServer] BootServerName=, BootServerAddress=, and
|
||||
BootFilename= settings can be used to configure the server address,
|
||||
server name, and file name sent in the DHCP packet (e.g. to configure
|
||||
PXE boot).
|
||||
* The journal JSON export format has been added to listed of stable
|
||||
interfaces (https://systemd.io/PORTABILITY_AND_STABILITY/).
|
||||
|
||||
* journalctl --list-boots now supports JSON output and the --reverse option.
|
||||
|
||||
@ -320,24 +267,113 @@ CHANGES WITH 251 in spe:
|
||||
https://systemd.io/JOURNAL_EXPORT_FORMATS
|
||||
https://systemd.io/BUILDING_IMAGES
|
||||
|
||||
* The sd-id128 API gained a new call sd_id128_to_uuid_string() that is
|
||||
similar to sd_id128_to_string() but formats the ID in RFC 4122 UUID
|
||||
format instead of simple series of hex characters.
|
||||
Changes for udev:
|
||||
|
||||
* Two new hwdb files have been added. One lists "handhelds" (PDAs,
|
||||
calculators, etc.), the other AV production devices (DJ tables,
|
||||
keypads, etc.) that should accessible to the seat owner user by
|
||||
default.
|
||||
|
||||
* udevadm trigger gained a new --prioritized-subsystem= option to
|
||||
process certain subsystems (and all their parent devices) earlier.
|
||||
|
||||
systemd-udev-trigger.service now uses this new option to trigger
|
||||
block and TPM devices first, hopefully making the boot a bit faster.
|
||||
|
||||
* udevadm trigger now implements --type=all, --initialized-match,
|
||||
--initialized-nomatch to trigger both subsystems and devices, only
|
||||
already-initialized devices, and only devices which haven't been
|
||||
initialized yet, respectively.
|
||||
|
||||
* .link files gained support for setting MDI/MID-X on a link.
|
||||
|
||||
* .link files gained support for [Match] Firmware= setting to match on
|
||||
the device firmware description string. By mistake, it was previously
|
||||
only supported in .network files.
|
||||
|
||||
* .link files gained support for [Link] SR-IOVVirtualFunctions= setting
|
||||
and [SR-IOV] section to configure SR-IOV virtual functions.
|
||||
|
||||
Changes for networkd:
|
||||
|
||||
* The default scope for unicast routes configured through [Route]
|
||||
section is changed to "link", to make the behavior consistent with
|
||||
"ip route" command. The manual configuration of [Route] Scope= is
|
||||
still honored.
|
||||
|
||||
* A new unit systemd-networkd-wait-online@<interface>.service has been
|
||||
added that can be used to wait for a specific network interface to be
|
||||
up.
|
||||
|
||||
* systemd-networkd gained a new [Bridge] Isolated=true|false setting
|
||||
that configures the eponymous kernel attribute on the bridge.
|
||||
|
||||
* .netdev files now can be used to create virtual WLAN devices, and
|
||||
configure various settings on them, via the [WLAN] section.
|
||||
|
||||
* .link/.network files gained support for [Match] Kind= setting to match
|
||||
on device kind ("bond", "bridge", "gre", "tun", "veth", etc.)
|
||||
|
||||
This value is also shown by 'networkctl status'.
|
||||
|
||||
* The Local= setting in .netdev files for various virtual network
|
||||
devices gained support for specifying, in addition to the network
|
||||
address, the name of a local interface which must have the specified
|
||||
address.
|
||||
|
||||
* systemd-networkd gained a new [Tunnel] External= setting in .netdev
|
||||
files, to configure tunnels in external mode (a.k.a. collect metadata
|
||||
mode).
|
||||
|
||||
* [Network] L2TP= setting was removed. Please use interface specifier in
|
||||
Local= setting in .netdev files of corresponding L2TP interface.
|
||||
|
||||
* New [DHCPServer] BootServerName=, BootServerAddress=, and
|
||||
BootFilename= settings can be used to configure the server address,
|
||||
server name, and file name sent in the DHCP packet (e.g. to configure
|
||||
PXE boot).
|
||||
|
||||
Changes for resolved:
|
||||
|
||||
* systemd-resolved is started earlier (in sysinit.target), so it
|
||||
available earlier and will also be started in the initrd if installed
|
||||
there.
|
||||
|
||||
Changes for disk encryption:
|
||||
|
||||
* systemd-cryptenroll can now control whether to require the user to
|
||||
enter a PIN when using TPM-based unlocking of a volume via the new
|
||||
--tpm2-with-pin= option.
|
||||
|
||||
Option tpm2-pin= can be used in /etc/crypttab.
|
||||
|
||||
* When unlocking devices via TPM, TPM2 parameter encryption is now
|
||||
used, to ensure that communication between CPU and discrete TPM chips
|
||||
cannot be eavesdropped to acquire disk encryption keys.
|
||||
|
||||
Changes for hostnamed:
|
||||
|
||||
* HARDWARE_VENDOR= and HARDWARE_MODEL= can be set in /etc/machine-info
|
||||
to override the values gleaned from the hwdb.
|
||||
|
||||
* A ID_CHASSIS property can be set in the hwdb (for the DMI device
|
||||
/sys/class/dmi/id) to override the chassis that is reported by
|
||||
hostnamed.
|
||||
|
||||
* hostnamed's D-Bus interface gained a new method GetHardwareSerial()
|
||||
for reading the hardware serial number, as reportd by DMI.
|
||||
|
||||
Changes for other components:
|
||||
|
||||
* /etc/locale.conf is now populated through tmpfiles.d factory /etc/
|
||||
handling with the values that were configured during systemd build
|
||||
(if /etc/locale.conf has not been created through some other
|
||||
mechanism). This means that /etc/locale.conf should always have
|
||||
reasonable contents and we avoid a potential mismatch in defaults.
|
||||
|
||||
* The userdbctl tool will now show UID range information as part of the
|
||||
list of known users.
|
||||
|
||||
* systemctl's --timestamp= option gained a new choice "unix", to show
|
||||
timestamp as unix times, i.e. seconds since 1970, Jan 1st.
|
||||
|
||||
* PID 1 gained support for configuring the "pre-timeout" of watchdog
|
||||
devices and the associated governor, via the new
|
||||
RuntimeWatchdogPreSec= and RuntimeWatchdogPreGovernor= configuration
|
||||
options in /etc/systemd/system.conf.
|
||||
|
||||
* The kernel-install tool gained a new 'inspect' verb which shows the
|
||||
paths and other settings used.
|
||||
|
||||
Experimental features:
|
||||
|
||||
* sd-boot gained a new *experimental* setting "reboot-for-bitlocker" in
|
||||
|
Loading…
Reference in New Issue
Block a user