Bayan watanni uku na ci gaba saki mai sarrafa tsarin . A cikin sabon saki, an ƙara sababbin abubuwan da aka haɗa da tsarin gida da tsarin repart, goyon baya ga bayanan martaba mai amfani a cikin tsarin JSON an haɗa shi, ana ba da damar ma'anar sunaye a cikin tsarin-jarida, kuma an ƙara goyon baya ga tsarin "pidfd". . An sake fasalin gaba ɗaya , wanda ke tattara yawancin takardun da ake da su kuma yana ba da shawarar sabon tambari.
Main :
- Ƙara sabis , wanda ke ba da sarrafa kundayen adireshi na gida masu ɗaukuwa, waɗanda aka kawo a cikin nau'in fayil ɗin hoto da aka ɗora, bayanan da aka ɓoye a ciki. Systemd-homed yana ba ku damar ƙirƙirar mahalli mai cin gashin kansa don bayanan mai amfani waɗanda za a iya canjawa wuri tsakanin tsarin daban-daban ba tare da damuwa game da aiki tare na ganowa da sirri ba. Ana ɗaure takaddun shaidar mai amfani zuwa littafin gida maimakon saitunan tsarin - ana amfani da bayanin martaba a cikin tsarin maimakon / sauransu / passwd, / sauransu / rukuni da / sauransu / inuwa. . Don ƙarin bayani, duba tsarin gida.
- An ƙara sashin haɗin gida-gida""("systemd-userdb"), wanda ke fassara UNIX/glibc NSS asusu zuwa bayanan JSON kuma yana ba da haɗin kai na Varlink API don yin tambaya da maimaita bayanan. Bayanan martaba na JSON da ke da alaƙa da kundin adireshin gida yana ƙayyadaddun sigogin da ake buƙata don aikin mai amfani, gami da sunan mai amfani, hash ɗin kalmar sirri, maɓallan ɓoyewa, ƙididdiga, da albarkatun da aka tanadar. Za'a iya ƙulla bayanan martaba tare da sa hannun dijital da aka adana akan alamar Yubikey na waje. Don sarrafa bayanan martaba, ana ba da shawarar amfanin “userdbctl”. An ƙara goyan bayan bayanan martaba na JSON zuwa sassa daban-daban na tsarin, gami da systemd-logind da pam-systemd, kyale masu amfani da kundayen adireshi don tantancewa, shiga, saita masu canjin yanayi, ƙirƙirar zaman, saita iyaka, da sauransu. A nan gaba, ana tsammanin tsarin sssd zai iya samar da bayanan martaba na JSON tare da saitunan mai amfani da aka adana a cikin LDAP.
- An ƙara sabon kayan aiki “systemd-repart”, wanda aka ƙera don raba teburan faifai a cikin tsarin GPT. An bayyana tsarin ɓangaren a cikin sigar sanarwa ta hanyar fayiloli waɗanda ke bayyana waɗanne ɓangarorin ya kamata ko zasu iya kasancewa. A kowane taya, ana kwatanta ainihin teburin rabo tare da waɗannan fayiloli, bayan haka an ƙara ɓangarorin da suka ɓace ko, idan dangi ko cikakken girman da aka ayyana a cikin saitunan bai dace ba, girman waɗanda ke akwai yana ƙaruwa. Canje-canje na ƙara kawai an yarda, watau. sharewa da rage girman ba zai yiwu ba, partitions za a iya ƙara kawai kuma ƙara girma.
An tsara mai amfani don ƙaddamar da shi daga initrd kuma ta atomatik gano faifan da ke cikin tushen tushen, wanda baya buƙatar ƙarin tsari, sai dai fayiloli tare da ma'anar canje-canje.A aikace, systemd-repart na iya zama da amfani ga hotunan tsarin aiki waɗanda za a iya aikawa da farko a cikin ƙaramin tsari, kuma bayan taya ta farko za a iya faɗaɗa girman na'urar toshewar da ake da ita ko kuma an ƙara ta da ƙarin ɓangarori (misali tushen tushen. Za a iya faɗaɗa bangare don rufe faifai gabaɗaya ko bayan taya ta farko ta ƙirƙiri ɓangaren musanyawa ko / gida). Wani amfani kuma shine saiti tare da juzu'i biyu masu jujjuyawa - kawai kashi na farko ne kawai za'a iya kawowa da farko, kuma na biyun za'a ƙirƙira shi akan taya ta farko.
- Yanzu yana yiwuwa a ƙaddamar da lokuta da yawa na systemd-journald, wanda kowannensu yana adana rajistan ayyukan a cikin sunan kansa. Baya ga babban tsarin systemd-journald.service, kundin adireshi na sabis yana ba da samfuri don ƙirƙirar ƙarin lokuta da aka ɗaure zuwa wuraren sunansu ta amfani da umarnin "LogNamespace". Kowane wurin sunan log ɗin ana ba da shi ta hanyar tsarin baya daban tare da saitin saitin sa da iyakoki. Siffar da aka tsara na iya zama da amfani don daidaita lodi tare da babban adadin rajistan ayyukan ko don haɓaka keɓantawar aikace-aikacen. Ƙara wani zaɓi na "-namespace" zuwa journalctl don iyakance tambayar zuwa takamaiman sarari suna kawai.
- Systemd-udevd da sauran abubuwan da aka haɗa na tsarin sun ƙara goyan baya don tsarin sanya madadin sunaye zuwa mu'amalar hanyar sadarwa, yana barin ana amfani da sunaye da yawa a lokaci guda don dubawa ɗaya. Sunan na iya zama har zuwa haruffa 128 (a baya, sunan cibiyar sadarwar yana iyakance ga haruffa 16). Ta hanyar tsoho, systemd-udevd yanzu yana ba kowace cibiyar sadarwa keɓance duk bambance-bambancen sunaye waɗanda aka ƙirƙira ta hanyar tsarin saka suna. Ana iya canza wannan hali ta sabon Madadin Suna da Madadin SunanPolicy a cikin fayilolin .link. systemd-nspawn yana aiwatar da ƙarni na madadin sunaye tare da cikakken sunan kwantena don hanyoyin haɗin veth da aka ƙirƙira a gefen mai masaukin baki.
- API ɗin sd-event.h yana ƙara tallafi ga tsarin kernel na Linux "pidfd" don kula da yanayin sake amfani da PID (pidfd yana da alaƙa da takamaiman tsari kuma baya canzawa, yayin da PID na iya haɗawa da wani tsari bayan tsarin na yanzu. hade da shi ya fita daga wannan PID). Duk abubuwan da aka haɗa banda PID 1 an canza su zuwa amfani da pidfds idan tsarin tsarin yana da goyan bayan kernel na yanzu.
- systemd-logind yana ba da rajistan shiga don aikin canji na ƙarshe ta hanyar PolicyKit. Ta hanyar tsoho, ana ba da izini don canza tashar tashar aiki kawai ga masu amfani waɗanda suka fara zama a kan tasha ta gida aƙalla sau ɗaya.
- Don sauƙaƙe ƙirƙirar hotunan initrd tare da systemd, mai kula da PID 1 yanzu yana gano ko ana amfani da initrd kuma a wannan yanayin ta atomatik yana ɗaukar initrd.target maimakon default.target. Tare da wannan hanyar, initrd da manyan hotunan tsarin zasu iya bambanta kawai a gaban fayil ɗin /etc/initrd-release.
- An ƙara sabon ma'aunin layin umarni na kernel - "systemd.cpu_affinity", daidai da zaɓi na CPUAffinity a /etc/systemd/system.conf kuma yana ba ku damar saita abin rufe fuska na CPU don PID 1 da sauran matakai.
- An kunna sake shigar da bayanan SELinux tare da sake farawa PID 1 ta umarni kamar "systemctl daemon-reload".
- An ƙara saitin "systemd.show-status=error" zuwa mai kula da PID 1, lokacin da aka saita, kawai saƙonnin kuskure da jinkirin jinkiri yayin lodawa ana nunawa a kan na'ura.
- systemd-sysusers sun kara tallafi don ƙirƙirar masu amfani tare da sunan rukuni na farko wanda ya bambanta da sunan mai amfani.
- systemd-growfs yana gabatar da tallafi don fadada ɓangaren XFS ta hanyar zaɓin hawan x-systemd.growfs a cikin /etc/fstab, ban da haɓaka ɓangaren da aka goyan baya a baya tare da Ext4 da Btrfs.
- Ƙara x-initrd.attach zaɓi zuwa /etc/crypttab don ayyana ɓoyayyen ɓoyayyen ɓoyayyen da aka riga an buɗe shi a matakin initrd.
- systemd-cryptsetup ya ƙara tallafi (zaɓin pkcs11-uri a cikin /etc/crypttab) don buɗe ɓoyayyun ɓangarori ta amfani da smartcards PKCS#11, misali don haɗa ɓoyayyen ɓoyayyen ɓangare zuwa YubiKeys.
- Sabbin zaɓuɓɓukan dutsen "x-systemd.required-by" da "x-systemd.wanted-by" an ƙara su zuwa /etc/fstab don daidaita raka'a a sarari waɗanda ke ayyana ayyukan hawan da za a kira maimakon gida-fs.target da nesa. -fs .manufa.
- An ƙara sabon zaɓin sandboxing sabis - ProtectClock, wanda ke iyakance rubutu zuwa agogon tsarin (an hana shiga a matakin /dev/rtc, kiran tsarin da izini na CAP_SYS_TIME/CAP_WAKE_ALARM).
- Don ƙayyadaddun bayanai da systemd-gpt-auto-generator ƙara gano bangare
/var da /var/tmp. - A cikin "systemctl list-unit-files", lokacin nuna jerin raka'a, sabon shafi ya bayyana wanda ke nuna ikon jihar da aka bayar a cikin saitattun masana'anta don irin wannan naúrar.
- An ƙara wani zaɓi "- tare da dogara" zuwa "systemctl", lokacin da aka shigar, umarni kamar "systemctl status" da "systemctl cat" za su nuna ba kawai duk raka'a masu dacewa ba, har ma da raka'a da suka dogara da su.
- A cikin tsarin sadarwa na tsarin, tsarin qdisc ya ƙara ikon daidaita sigogin TBF (Token Bucket Filter), SFQ (Stochastic Fairness Queuing), CoDel (Controlled-Delay Active Queue Management) da FQ (Fair Queue).
- systemd-networkd ƙarin tallafi don na'urorin cibiyar sadarwa na IFB ().
- Systemd-networkd yana aiwatar da ma'aunin MultiPathRoute a cikin sashin [Hanyar hanya] don daidaita hanyoyin hanyoyi masu yawa.
- A cikin hanyar sadarwa na tsarin don abokin ciniki na DHCPv4, an ƙara zaɓin SendDecline, lokacin da aka ƙayyade, bayan karɓar amsa ta DHCP tare da adireshi, ana yin duban adireshi kwafi kuma idan an gano rikicin adireshin, an ƙi adireshin da aka bayar. Hakanan an ƙara zaɓi na RouteMTUBytes zuwa abokin ciniki na DHCPv4, yana ba ku damar ƙayyade girman MTU don hanyoyin da aka samo daga ɗaurin adireshin IP (leases).
- An soke saitin PrefixRoute a cikin [Adireshin] na fayilolin cibiyar sadarwa. An maye gurbinsa da saitin "AddPrefixRoute", wanda ke da ma'anar sabanin haka.
- A cikin fayilolin hanyar sadarwa, an ƙara goyan bayan sabon ƙima "_dhcp" zuwa saitin Ƙofar a cikin sashin "[Hanyar hanya]", lokacin da aka saita, an zaɓi madaidaiciyar hanya dangane da ƙofa da aka saita ta DHCP.
- Saituna sun bayyana a cikin fayilolin hanyar sadarwa a cikin sashin "[RoutingPolicyRule]".
Mai amfani da SuppressPrefixLength don tantance hanyar tuntuɓar tushe dangane da kewayon UID da girman prefix. - A networkctl, umarnin “status” yana ba da ikon nuna rajistan ayyukan dangane da kowace cibiyar sadarwa.
- systemd-networkd-wait-online yana ƙara goyan baya don saita matsakaicin lokaci don jira mai dubawa ya zama aiki da kuma jira don dubawa don sauka.
- An dakatar da aiwatar da .link da .fayilolin hanyar sadarwa tare da fanko ko sharhin sashin "[Match]".
- A cikin fayilolin .link da .network, a cikin sashin "[Match]", an ƙara saitin "PermanentMACAddress" don duba adireshin MAC na dindindin na na'urori a yanayin yin amfani da MAC da aka haifar.
- An canza sashin "[TrafficControlQueueingDiscipline]" a cikin fayilolin cibiyar sadarwa zuwa "[NetworkEmulator]", kuma an cire prefix na "NetworkEmulator" daga sunayen saitunan da ke hade.
- tsarin da aka warware don DNS-over-TLS yana ƙara goyan baya don duba SNI.
source: budenet.ru