[systemd-devel] [ANNOUNCE] systemd v230

Hi, systemd v230 has been tagged. Enjoy! CHANGES WITH 230: * DNSSEC is now turned on by default in systemd-resolved (in "allow-downgrade" mode), but may be turned off during compile time by passing "--with-default-dnssec=no" to "configure" (and of course, during runtime with DNSSEC= in resolved.conf). We recommend downstreams to leave this on at least during development cycles and report any issues with the DNSSEC logic upstream. We are very interested in collecting feedback about the DNSSEC validator and its limitations in the wild. Note however, that DNSSEC support is probably nothing downstreams should turn on in stable distros just yet, as it might create incompatibilities with a few DNS servers and networks. We tried hard to make sure we downgrade to non-DNSSEC mode automatically whenever we detect such incompatible setups, but there might be systems we do not cover yet. Hence: please help us testing the DNSSEC code, leave this on where you can, report back, but then again don't consider turning this on in your stable, LTS or production release just yet. (Note that you have to enable nss-resolve in /etc/nsswitch.conf, to actually use systemd-resolved and its DNSSEC mode for host name resolution from local applications.) * systemd-resolve conveniently resolves DANE records with the --tlsa option and OPENPGPKEY records with the --openpgp option. It also supports dumping raw DNS record data via the new --raw= switch. * systemd-logind will now by default terminate user processes that are part of the user session scope unit (session-XX.scope) when the user logs out. This behavior is controlled by the KillUserProcesses= setting in logind.conf, and the previous default of "no" is now changed to "yes". This means that user sessions will be properly cleaned up after, but additional steps are necessary to allow intentionally long-running processes to survive logout. While the user is logged in at least once, user at .service is running, and any service that should survive the end of any individual login session can be started at a user service or scope using systemd-run. systemd-run(1) man page has been extended with an example which shows how to run screen in a scope unit underneath user at .service. The same command works for tmux. After the user logs out of all sessions, user at .service will be terminated too, by default, unless the user has "lingering" enabled. To effectively allow users to run long-term tasks even if they are logged out, lingering must be enabled for them. See loginctl(1) for details. The default polkit policy was modified to allow users to set lingering for themselves without authentication. Previous defaults can be restored at compile time by the --without-kill-user-processes option to "configure". * systemd-logind gained new configuration settings SessionsMax= and InhibitorsMax=, both with a default of 8192. It will not register new user sessions or inhibitors above this limit. * systemd-logind will now reload configuration on SIGHUP. * The unified cgroup hierarchy added in Linux 4.5 is now supported. Use systemd.unified_cgroup_hierarchy=1 on the kernel command line to enable. Also, support for the "io" cgroup controller in the unified hierarchy has been added, so that the "memory", "pids" and "io" are now the controllers that are supported on the unified hierarchy. WARNING: it is not possible to use previous systemd versions with systemd.unified_cgroup_hierarchy=1 and the new kernel. Therefore it is necessary to also update systemd in the initramfs if using the unified hierarchy. An updated SELinux policy is also required. * LLDP support has been extended, and both passive (receive-only) and active (sender) modes are supported. Passive mode ("routers-only") is enabled by default in systemd-networkd. Active LLDP mode is enabled by default for containers on the internal network. The "networkctl lldp" command may be used to list information gathered. "networkctl status" will also show basic LLDP information on connected peers now. * The IAID and DUID unique identifier sent in DHCP requests may now be configured for the system and each .network file managed by systemd-networkd using the DUIDType=, DUIDRawData=, IAID= options. * systemd-networkd gained support for configuring proxy ARP support for each interface, via the ProxyArp= setting in .network files. It also gained support for configuring the multicast querier feature of bridge devices, via the new MulticastQuerier= setting in .netdev files. Similarly, snooping on the IGMP traffic can be controlled via the new setting MulticastSnooping=. A new setting PreferredLifetime= has been added for addresses configured in .network file to configure the lifetime intended for an address. The systemd-networkd DHCP server gained the option EmitRouter=, which defaults to yes, to configure whether the DHCP Option 3 (Router) should be emitted. * The testing tool /usr/lib/systemd/systemd-activate is renamed to systemd-socket-activate and installed into /usr/bin. It is now fully supported. * systemd-journald now uses separate threads to flush changes to disk when closing journal files, thus reducing impact of slow disk I/O on logging performance. * The sd-journal API gained two new calls sd_journal_open_directory_fd() and sd_journal_open_files_fd() which can be used to open journal files using file descriptors instead of file or directory paths. sd_journal_open_container() has been deprecated, sd_journal_open_directory_fd() should be used instead with the flag SD_JOURNAL_OS_ROOT. * journalctl learned a new output mode "-o short-unix" that outputs log lines prefixed by their UNIX time (i.e. seconds since Jan 1st, 1970 UTC). It also gained support for a new --no-hostname setting to suppress the hostname column in the family of "short" output modes. * systemd-ask-password now optionally skips printing of the password to stdout with --no-output which can be useful in scripts. * Framebuffer devices (/dev/fb*) and 3D printers and scanners (devices tagged with ID_MAKER_TOOL) are now tagged with "uaccess" and are available to logged in users. * The DeviceAllow= unit setting now supports specifiers (with "%"). * "systemctl show" gained a new --value switch, which allows print a only the contents of a specific unit property, without also printing the property's name. Similar support was added to "show*" verbs of loginctl and machinectl that output "key=value" lists. * A new unit type "generated" was added for files dynamically generated by generator tools. Similarly, a new unit type "transient" is used for unit files created using the runtime API. "systemctl enable" will refuse to operate on such files. * A new command "systemctl revert" has been added that may be used to revert to the vendor version of a unit file, in case local changes have been made by adding drop-ins or overriding the unit file. * "machinectl clean" gained a new verb to automatically remove all or just hidden container images. * systemd-tmpfiles gained support for a new line type "e" for emptying directories, if they exist, without creating them if they don't. * systemd-nspawn gained support for automatically patching the UID/GIDs of the owners and the ACLs of all files and directories in a container tree to match the UID/GID user namespacing range selected for the container invocation. This mode is enabled via the new --private-user-chown switch. It also gained support for automatically choosing a free, previously unused UID/GID range when starting a container, via the new --private-users=pick setting (which implies --private-user-chown). Together, these options for the first time make user namespacing for nspawn containers fully automatic and thus deployable. The systemd-nspaw at .service template unit file has been changed to use this functionality by default. * systemd-nspawn gained a new --network-zone= switch, that allows creating ad-hoc virtual Ethernet links between multiple containers, that only exist as long as at least one container referencing them is running. This allows easy connecting of multiple containers with a common link that implements an Ethernet broadcast domain. Each of these network "zones" may be named relatively freely by the user, and may be referenced by any number of containers, but each container may only reference one of these "zones". On the lower level, this is implemented by an automatically managed bridge network interface for each zone, that is created when the first container referencing its zone is created and removed when the last one referencing its zone terminates. * The default start timeout may now be configured on the kernel command line via systemd.default_timeout_start_sec=. It was already configurable via the DefaultTimeoutStartSec= option in /etc/systemd/system.conf. * Socket units gained a new TriggerLimitIntervalSec= and TriggerLimitBurst= setting to configure a limit on the activation rate of the socket unit. * The LimitNICE= setting now optionally takes normal UNIX nice values in addition to the raw integer limit value. If the specified parameter is prefixed with "+" or "-" and is in the range -20..19 the value is understood as UNIX nice value. If not prefixed like this it is understood as raw RLIMIT_NICE limit. * Note that the effect of the PrivateDevices= unit file setting changed slightly with this release: the per-device /dev file system will be mounted read-only from this version on, and will have "noexec" set. This (minor) change of behavior might cause some (exceptional) legacy software to break, when PrivateDevices=yes is set for its service. Please leave PrivateDevices= off if you run into problems with this. * systemd-bootchart has been split out to a separate repository: https://github.com/systemd/systemd-bootchart * systemd-bus-proxyd has been removed, as kdbus is unlikely to still be merged into the kernel in its current form. * The compatibility libraries libsystemd-daemon.so, libsystemd-journal.so, libsystemd-id128.so, and libsystemd-login.so which have been deprecated since systemd-209 have been removed along with the corresponding pkg-config files. All symbols provided by those libraries are provided by libsystemd.so. * The Capabilities= unit file setting has been removed (it is ignored for backwards compatibility). AmbientCapabilities= and CapabilityBoundingSet= should be used instead. Contributions from: Alban Crequy, Alexander Kuleshov, Alexander Shopov, Alex Crawford, Andre Klärner, Andrew Eikum, Beniamino Galvani, Benjamin Robin, Biao Lu, Bjørnar Ness, Calvin Owens, Christian Hesse, Clemens Gruber, Colin Guthrie, Daniel Drake, Daniele Medri, Daniel J Walsh, Daniel Mack, Dan Nicholson, daurnimator, David Herrmann, David R. Hedges, Elias Probst, Emmanuel Gil Peyrot, EMOziko, Evgeny Vereshchagin, Federico, Felipe Sateler, Filipe Brandenburger, Franck Bui, frankheckenbach, gdamjan, Georgia Brikis, Harald Hoyer, Hendrik Brueckner, Hristo Venev, Iago López Galeiras, Ian Kelling, Ismo Puustinen, Jakub Wilk, Jaroslav Škarvada, Jeff Huang, Joel Holdsworth, John Paul Adrian Glaubitz, Jonathan Boulle, kayrus, Klearchos Chaloulos, Kyle Russell, Lars Uebernickel, Lennart Poettering, Lubomir Rintel, Lukáš Nykrýn, Mantas Mikulėnas, Marcel Holtmann, Martin Pitt, Michael Biebl, michaelolbrich, Michał Bartoszkiewicz, Michal Koutný, Michal Sekletar, Mike Frysinger, Mike Gilbert, Mingcong Bai, Ming Lin, mulkieran, muzena, Nalin Dahyabhai, Naohiro Aota, Nathan McSween, Nicolas Braud-Santoni, Patrik Flykt, Peter Hutterer, Peter Mattern, Petr Lautrbach, Petros Angelatos, Piotr Drąg, Rabin Vincent, Robert Węcławski, Ronny Chevalier, Samuel Tardieu, Stefan Saraev, Stefan Schallenberg aka nafets227, Steven Siloti, Susant Sahani, Sylvain Plantefève, Taylor Smock, Tejun Heo, Thomas Blume, Thomas Haller, Thomas H. P. Andersen, Tobias Klauser, Tom Gundersen, topimiettinen, Torstein Husebø, Umut Tezduyar Lindskog, Uwe Kleine-König, Victor Toso, Vinay Kulkarni, Vito Caputo, Vittorio G (VittGam), Vladimir Panteleev, Wieland Hoffmann, Wouter Verhelst, Yu Watanabe, Zbigniew Jędrzejewski-Szmek — Fairfax, 2016-05-21 Zbyszek