ProHoster > Blog > internet news > systemd 255

systemd 255

A new version of the free system manager systemd has been released.

Changes that break backward compatibility:

  • Now mounting a separate partition / usr / Only supported at the initramfs stage.

  • A future release will remove support for System V init scripts and cgroups v1.

  • Options SuspendMode=, HibernateState= и HybridSleepState= from section [Sleep] are deprecated in systemd-sleep.conf and have no effect on system behavior.

Changes in the work of the supervisor:

  • Daemons are now initialized using posix_spawn() instead of a combination of fork() and exec(); pull request #27890.

  • systemd now uses PIDFD file descriptors to keep track of child processes; this simplifies the logic of the supervisor’s work; pull request #29142, #29594, #29455.

  • New option SurviveFinalKillSignal= allows the daemon to avoid stopping when using the soft-reboot mechanism; pull request #28545.

  • Units now support options MemoryPeak=, MemorySwapPeak=, MemorySwapCurrent= и MemoryZSwapCurrent=; these options correspond to the parameters memory.peak, memory.swap.peak, memory.swap.current и memory.zswap.current properties from cgroups v2.

  • New option ConditionSecurity= allows you to tell systemd that the service should only be started if the system was booted with a verified UKI image.

TPM2 support:

  • systemd-cryptenroll now allows you to specify a specific PCR slot and hash.

  • systemd-cryptenroll allows you to specify a key index; pull request #29427.

  • It is now possible to bind a LUKS volume to a specific TPM2 chip without having access to it, if the public key is known.

  • The systemd-cryptsetup binary has been moved to / usr / bin / and can be used outside of systemd.

  • The systemd-pcrphase internal component has been renamed to systemd-pcrextend.

  • A new component, systemd-pcrlock, allows you to predict PCR entries based on available system information; pull request #28891.

systemd-boot, systemd-stub, ukify, bootctl, kernel-install:

  • bootctl now allows you to determine whether the system was booted from uki.

  • systemd-boot supports hotkeys for shutting down and rebooting the system.

  • systemd-boot no longer loads untrusted Devicetree blobs when SecureBoot is enabled.

  • systemd-boot and systemd-stub now have different identifiers in the .sbat section, and UEFI can call them independently; pull request #29196.

  • The ukify component is no longer experimental; the executable is now located in / usr / bin /.

systemd-networkd:

  • Added support for Rapid Commit technology.

  • dbus interface systemd-networkd now allows you to obtain information about the status of the DHCP client; commit #28896.

  • Option NFTSet= allows you to bind the network interface configuration to a set of rules nftables.

  • Section [IPv6AcceptRA] supports new options: UsePREF64=, UseHopLimit=, UseICMP6RateLimit= и NFTSet=.

  • Section [IPv6SendRA] now supports options RetransmitSec=, HopLimit=, HomeAgent=, HomeAgentLifetimeSec= и HomeAgentPreference=.

  • Configuration files generated from kernel command line options now have the prefix 70; The priority of these files is now higher than the priority of the default configuration files.

Source: linux.org.ru

Add a comment