The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.

The systemd packages have been upgraded to upstream version 219, which provides a number of bug fixes and enhancements over the previous version. Notably (BZ#1199644):

The systemd-tmpfiles tool gained support for a new "v" line type for creating btrfs subvolumes. If the underlying file system is a legacy file system, this automatically degrades to creating a normal directory. Among others, the /var/lib/machines/ directory, if it is missing, is now created in this way at boot time.

The /var/lib/containers/ directory has been deprecated and replaced by /var/lib/machines/. The term "machines" has been used in the systemd context as a generic term for both Virtaul Machines (VMs) and containers, and therefore seems more appropriate, as the directory can also contain raw images bootable via QEMU/KVM.

The "loginctl user-status" and "loginctl session-status" commands now show the last 10 lines of log messages of the user and session respectively following the status output. Similarly, the "machinectl status" command shows the last 10 log lines associated with a virtual machine or container service.

The "loginctl session-status" command without further argument shows the status of the caller's session. Similarly, the "lock-session", "unlock-session", "activate", "enable-linger", and "disable-linger" commands cannot be called without the session or user parameter in which case they apply to the caller's session or user respectively.

The systemd-tmpfiles tool gained support for "a" lines for setting ACLs on files.

The systemd service now exposes the memory.usage_in_bytes cgroup attribute and shows it for each service in the "systemctl status" output, if available.

When the user presses Ctrl-Alt-Del more than seven times within 2s, an immediate reboot is triggered. This feature is useful if shutdown is hung and is unable to complete, to expedite the operation. Note that this kind of reboot still unmounts all file systems, and hence should not result in fsck being run on next reboot.

Similar to the various existing "ConditionXYZ=" settings for units, there are now matching "AssertXYZ=" settings. While failing conditions cause a unit to be skipped, but its job to succeed, failing assertions declared like this cause a unit start operation and its job to fail.

The systemctl utility gained a new "edit" command. When used on a unit file, this allows extending unit files with .d/ drop-in configuration snippets or editing the full file (after copying it from /usr/lib/ to /etc/). This invokes the user's editor (as configured with $EDITOR), and reloads the modified configuration after editing.

All systemd programs that read stand-alone configuration files in the /etc/ directory now also support a corresponding series of /.conf.d/ configuration directories in /etc/, /run/, /usr/local/lib/, /usr/lib/, and (if configured with the --enable-split-usr option) /lib/. In particular, the following configuration files now have corresponding configuration directories: system.conf, user.conf, logind.conf, journald.conf, sleep.conf, bootchart.conf, coredump.conf, resolved.conf, timesyncd.conf, journal-remote.conf, and journal-upload.conf. Note that distributions should use the configuration directories in /usr/lib/; the directories in /etc/ are reserved for the system administrator.

The journalctl utility gained the new "-t" and "--identifier=" options to match on the syslog identifier (also known as "tag"), as well as the "--utc" option to show log time stamps in the UTC timezone. The journalctl utility now also accepts "-n" and "--lines=all" options to disable line capping in a pager.

Services with "Type=oneshot" no longer have to have any ExecStart commands.

The udev rules can now remove tags on devices with TAG-="foobar".

If the word "rescue" is specified on the kernel command line, the system now boots into rescue mode (also known as rescue.target), which was previously available only by specifying "1" or "systemd.unit=rescue.target" on the kernel command line. This new kernel command-line option mirrors the already existing "emergency" kernel command-line option.

With this update, the logind daemon uses a new session type "web" in projects like Cockpit which register web clients as PAM sessions.

Timer units with at least one OnCalendar= setting are now started only after timer-sync.target has been reached. This way they do not elapse before the system clock has been corrected by a local Network Time Protocol (NTP) client or similar. This is particularly useful on RTC-less embedded machines that come up with an invalid system clock.

The systemd-analyze utility gained a new command "verify" for offline validation of unit files.

A new system group "input" has been introduced, and all input device nodes get this group assigned. This enables for system-level software to get access to input devices and complements what is already provided for "audio" and "video".

The "systemctl is-system-running" command has been added that allows checking the overall state of the system, for example whether it is fully up and running.

The [Install] section in unit files gained a new DefaultInstance= field for defining the default instance to create if a template unit is enabled with no instance specified.

Linux Standard Base (LSB) init scripts exposing a dependency on $network now get a dependency on network-online.target rather than simply network.target. This brings LSB handling closer to the logic used on SysV systems.

The PrivateDevices= unit file setting now also drops the CAP_MKNOD capability from the capability bound set, and imply DevicePolicy=closed.

Native tcpwrap support in systemd has been deprecated. For setups that require tcpwrap usage, consider invoking your socket-activated service using the tcpd daemon, like on traditional the inetd daemon.

A new condition check ConditionArchitecture= has been added to conditionalize units based on the system architecture, as reported by the uname()'s "machine" field..

This update adds a new tool to save and restore the rfkill state on shutdown and boot.

The systemctl utility gained a new "list-timers" command to print a listing of installed timer units with the times they elapse next.

The JoinsNamespaceOf= dependency type has been added which allows running two services within the same /tmp and network name space if PrivateNetwork= or PrivateTmp= are used.

The systemctl utility supports globbing on the various "list-xyz" commands, such as "list-units" or "list-sockets", as well as on those commands which take multiple unit names.

A new PrivateDevices= switch has been added to service units which allows running a service with a namespaced /dev directory that does not contain any device nodes for physical devices. More specifically, it only includes devices such as /dev/null, /dev/urandom, and /dev/zero which are API entry points.

This update also adds a new tool "systemd-socket-proxyd" which can act as a bidirectional proxy for TCP sockets. This tool is used for adding socket activation support to services that do not actually support socket activation, including for example virtual machines.

The systemd-run and systemd-analyze utilities gained support for the "-H" option to connect to remote hosts via SSH. This is particularly useful for systemd-run because it enables queuing of jobs onto remote systems.

A new command "cat" has been added to the systemctl utility. It outputs the original unit file of a unit, and concatenates the contents of additional "drop-in" unit file snippets, so that the full configuration is shown.

Mount points in the fstab file were not previously checked, and thus were not mounted in initramfs. This bug has been fixed within this rebase, and mount points in the fstab are now checked and mounted as expected.

The $XDG_RUNTIME_DIR runtime directories for each user are now individual tmpfs instances, which have the benefit of introducing separate pools for each user, with individual size limits, and thus making sure that unprivileged clients can no longer negatively impact the system or other users by filling up their $XDG_RUNTIME_DIR. A new logind.conf setting RuntimeDirectorySize= has been introduced that allows controlling the default size limit for all users. It defaults to 10% of the available physical memory. This is no replacement for quotas on tmpfs though (which the kernel still does not support), as the /dev/shm and /tmp directories are still shared resources used by both the system and unprivileged users.

PID 1 now maintains a system-wide system state engine with the states "starting", "running", "degraded", "maintenance", and "stopping". These states are bound to system startup, normal runtime, runtime with at least one failed service, rescue and emergency mode and system shutdown. These states are shown in the "systemctl status" output when no unit name is passed. This feature is used to determine system state, in particular for many systems or containers at once.

A new fsck.repair= kernel option has been added to control how fsck deals with unclean file systems at boot time.

Services can now notify the manager before they start a reload by sending RELOADING=1 or shutdown by sending STOPPING=1. This allows the manager to track and show the internal state of daemons and closes a race condition when the process is still running but has closed its D-Bus connection.

The systemd service now provides a way to store file descriptors per-service in PID 1. This is used for daemons to ensure that file descriptors they require are not lost during a daemon restart. The file descriptors are passed to the daemon on the next invocation in the same way socket activation file descriptors are passed. This is now used by journald to ensure that the various sockets connected to all the system's stdout/stderr are not lost when journald is restarted. File descriptors may be stored in PID 1 via the sd_pid_notify_with_fds() API, an extension to the sd_notify() function. Note that a limit is enforced on the number of file descriptors a service can store in PID 1, and it defaults to 0, so that no file descriptors can be stored, unless this is explicitly turned on.