ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > systemd 245 muaj nyob nrog portable home directory siv

systemd 245 muaj nyob nrog portable home directory siv

Tom qab peb lub hlis ntawm kev loj hlob hais tawm system manager tso tawm systemd 245. Hauv kev tso tawm tshiab, cov khoom tshiab systemd-homed thiab systemd-repart tau ntxiv, kev txhawb nqa rau cov neeg siv khoom siv portable hauv JSON hom ntawv suav nrog, muaj peev xwm los txhais cov npe ntawm qhov systemd-journald yog muab, thiab kev txhawb nqa rau "pidfd" mechanism yog ntxiv. . Rov tsim dua tshiab ua tsaug, uas sau feem ntau ntawm cov ntaub ntawv muaj thiab tshaj tawm lub logo tshiab.

systemd 245 muaj nyob nrog portable home directory siv

ntsiab hloov:

  • Ntxiv kev pabcuam systemd-homed, uas muab kev tswj ntawm portable home directories, xa nyob rau hauv daim ntawv ntawm ib tug mounted duab ntaub ntawv, cov ntaub ntawv nyob rau hauv uas yog encrypted. Systemd-homed tso cai rau koj los tsim ib puag ncig ntawm tus kheej rau cov neeg siv cov ntaub ntawv uas tuaj yeem hloov pauv ntawm cov tshuab sib txawv yam tsis muaj kev txhawj xeeb txog tus lej synchronization thiab tsis pub lwm tus paub. Cov ntaub ntawv pov thawj ntawm cov neeg siv tau raug khi rau hauv cov npe hauv tsev es tsis yog qhov kev teeb tsa-ib qhov profile hauv hom yog siv los ntawm /etc/passwd, /etc/group thiab /etc/shadow JSON. Yog xav paub ntxiv, saib tshaj tawm kawg systemd-homed.
  • Ntxiv systemd-homed khub tivthaiv "siv db” (β€œsystemd-userdb”), uas txhais cov nyiaj UNIX/glibc NSS rau hauv JSON cov ntaub ntawv thiab muab ib qho kev sib koom ua ke Varlink API rau querying thiab iterating tshaj cov ntaub ntawv. JSON profile cuam tshuam nrog cov npe hauv tsev qhia txog qhov tsis xav tau rau tus neeg siv txoj haujlwm, suav nrog tus neeg siv lub npe, tus password hash, encryption keys, quotas, thiab cov peev txheej. Cov profile tuaj yeem raug lees paub nrog cov kos npe digital khaws cia rau sab nraud Yubikey token. Txhawm rau tswj hwm cov profile, cov khoom siv "userdbctl" tau thov. Kev them nyiaj yug rau JSON cov ntaub ntawv tau raug ntxiv rau ntau yam systemd Cheebtsam, suav nrog systemd-logind thiab pam-systemd, tso cai rau cov neeg siv ntawm cov ntaub ntawv nqa tau yooj yim rau kev lees paub, nkag mus, teeb tsa ib puag ncig hloov pauv, tsim kev sib tham, teeb tsa, thiab lwm yam. Nyob rau hauv lub neej yav tom ntej, nws xav tias sssd lub moj khaum yuav muaj peev xwm tsim JSON profiles nrog cov neeg siv chaw khaws cia hauv LDAP.
  • Ib qho txiaj ntsig tshiab "systemd-repart" tau ntxiv, tsim los rov faib cov lus faib cov lus hauv GPT. Cov qauv muab faib yog txhais nyob rau hauv daim ntawv tshaj tawm los ntawm cov ntaub ntawv uas piav qhia txog qhov kev faib yuav tsum los yog muaj nyob. Ntawm txhua lub khau raj, cov lus muab faib tiag tiag yog muab piv nrog cov ntaub ntawv no, tom qab ntawd cov partitions uas ploj lawm ntxiv los yog, yog tias tus txheeb ze lossis qhov loj me uas tau teev tseg hauv cov chaw tsis sib xws, qhov loj ntawm cov uas twb muaj lawm tau nce. Tsuas yog kev hloov pauv tau tso cai, piv txwv li. rho tawm thiab txo qhov luaj li cas yog tsis tau, partitions tsuas yog ntxiv thiab loj.
    Cov khoom siv hluav taws xob yog tsim los tsim tawm los ntawm initrd thiab tuaj yeem ntes cov disk uas lub hauv paus muab faib nyob, uas tsis tas yuav muaj kev teeb tsa ntxiv, tshwj tsis yog cov ntaub ntawv nrog lub ntsiab lus ntawm kev hloov pauv.

    Hauv kev xyaum, systemd-repart tuaj yeem muaj txiaj ntsig zoo rau kev ua haujlwm cov duab uas yuav pib xa mus rau hauv daim ntawv me me, thiab tom qab thawj khau raj tuaj yeem nthuav dav mus rau qhov loj ntawm cov khoom thaiv uas twb muaj lawm lossis ntxiv nrog cov partitions ntxiv (piv txwv li, hauv paus. muab faib tuaj yeem nthuav dav kom npog tag nrho cov disk lossis tom qab thawj khau raj tsim ib qho kev sib pauv faib lossis / tsev). Lwm qhov kev siv yuav yog configurations nrog ob rotating partitions - tsuas yog thawj zaug muab faib yuav muab nkag, thiab qhov thib ob ib tug yuav raug tsim rau thawj khau raj.

  • Tam sim no nws muaj peev xwm tshaj tawm ntau qhov xwm txheej ntawm systemd-journald, txhua tus uas khaws cov cav hauv nws tus kheej lub npe. Ntxiv rau qhov tseem ceeb systemd-journald.service, .service directory muaj cov qauv tsim los tsim cov xwm txheej ntxiv ua ke rau lawv cov npe chaw siv cov lus qhia "LogNamespace". Txhua lub log namespace tau txais kev pabcuam los ntawm cov txheej txheem keeb kwm yav dhau los nrog nws tus kheej cov txheej txheem thiab kev txwv. Lub tswv yim feature yuav pab tau rau load ntsuas nrog ib tug loj ntim ntawm cav los yog rau kev txhim kho daim ntawv thov kev rho tawm. Ntxiv "--namespace" kev xaiv rau journalctl kom txwv cov lus nug rau cov npe teev npe nkaus xwb.
  • Systemd-udevd thiab lwm yam systemd Cheebtsam tau ntxiv kev txhawb nqa rau lub tswv yim rau kev muab lwm lub npe rau kev sib txuas hauv network, tso cai rau ntau lub npe siv ib txhij rau ib lub interface. Lub npe tuaj yeem muaj txog li 128 tus cim (yav dhau los, lub network interface lub npe raug txwv rau 16 cim). Los ntawm lub neej ntawd, systemd-udevd tam sim no muab txhua lub network sib cuam tshuam tag nrho cov npe sib txawv tsim los ntawm kev txhawb nqa lub npe. Tus cwj pwm no tuaj yeem hloov pauv los ntawm AlternativeName tshiab thiab AlternativeNamesPolicy nqis hauv .link cov ntaub ntawv. systemd-nspawn siv lub cim ntawm lwm lub npe nrog rau lub thawv ntim tag nrho rau veth txuas tsim rau ntawm tus tswv tsev.
  • sd-event.h API ntxiv kev txhawb nqa rau Linux kernel subsystem "pidfd" los tswj qhov xwm txheej ntawm PID rov siv dua (pidfd cuam tshuam nrog cov txheej txheem tshwj xeeb thiab tsis hloov pauv, thaum PID tuaj yeem cuam tshuam nrog lwm cov txheej txheem tom qab cov txheej txheem tam sim no cuam ​​tshuam nrog nws tawm ntawm PID no). Txhua qhov systemd Cheebtsam tshwj tsis yog PID 1 tau hloov dua siab tshiab los siv pidfds yog tias lub subsystem tau txais kev txhawb nqa los ntawm cov ntsiav tam sim no.
  • systemd-logind muab kev nkag mus rau hauv virtual davhlau ya nyob twg hloov pauv ntawm PolicyKit. Los ntawm lub neej ntawd, kev tso cai hloov pauv lub davhlau ya nyob twg tau tso cai tsuas yog rau cov neeg siv uas tau pib qhov kev sib kho ntawm lub davhlau ya nyob twg hauv zos tsawg kawg ib zaug.
  • Txhawm rau ua kom yooj yim los tsim cov duab initrd nrog systemd, PID 1 handler tam sim no tshawb pom seb lub initrd puas tau siv thiab qhov no cia li thauj khoom initrd.target es tsis yog default.target. Nrog rau txoj hauv kev no, cov duab initrd thiab cov duab tseem ceeb tuaj yeem sib txawv tsuas yog thaum muaj cov ntaub ntawv /etc/initrd-tso tawm.
  • Ntxiv cov kab lus hais kom ua kab tshiab - "systemd.cpu_affinity", sib npaug rau CPUAffinity xaiv hauv /etc/systemd/system.conf thiab tso cai rau koj los teeb tsa CPU affinity npog rau PID 1 thiab lwm yam txheej txheem.
  • Ua kom reloading ntawm SELinux database nrog rau rov pib dua PID 1 ntawm cov lus txib xws li "systemctl daemon-reload".
  • Qhov "systemd.show-status=error" teeb tsa tau ntxiv rau PID 1 handler, thaum teeb tsa, tsuas yog cov lus yuam kev thiab qhov tseem ceeb qeeb thaum thauj khoom tau tshwm sim ntawm lub console.
  • systemd-sysusers ntxiv kev txhawb nqa rau kev tsim cov neeg siv nrog lub npe thawj pab pawg uas txawv ntawm tus neeg siv lub npe.
  • systemd-growfs qhia txog kev txhawb nqa rau XFS muab faib nthuav dav ntawm x-systemd.growfs mount kev xaiv hauv /etc/fstab, ntxiv rau yav dhau los txhawb kev faib faib nrog Ext4 thiab Btrfs.
  • Ntxiv x-initrd.attach kev xaiv rau /etc/crypttab los txheeb xyuas qhov muab faib encrypted twb tau xauv ntawm theem initrd.
  • systemd-cryptsetup tau ntxiv kev txhawb nqa (kev xaiv pkcs11-uri hauv /etc/crypttab) rau kev qhib cov ntaub ntawv encrypted siv PKCS#11 smartcards, piv txwv li rau muab faib encryption rau YubiKeys.
  • Cov kev xaiv mount tshiab "x-systemd.required-by" thiab "x-systemd.wanted-by" tau ntxiv rau /etc/fstab kom meej meej configure units uas txhais cov haujlwm mount kom raug hu los ntawm lub zos-fs.target thiab tej thaj chaw deb -fs .cov.
  • Ib qho kev pabcuam tshiab sandboxing xaiv tau ntxiv - ProtectClock, uas txwv tsis pub sau ntawv rau lub kaw lus moos (kev nkag tau raug thaiv ntawm qib /dev/rtc, kev hu xov tooj thiab CAP_SYS_TIME/CAP_WAKE_ALARM tso cai).
  • Rau specification Discoverable Partitions thiab systemd-gpt-auto-generator ntxiv muab faib kom paub
    /var thiab /var/tmp.

  • Hauv "systemctl list-unit-files", thaum tso tawm cov npe ntawm cov chav nyob, kab tshiab tau tshwm sim uas cuam tshuam txog lub xeev muaj nyob rau hauv cov chaw tsim khoom presets rau hom chav tsev no.
  • Ib qho kev xaiv "-with-dependencies" tau ntxiv rau "systemctl", thaum nruab, cov lus txib zoo li "systemctl xwm txheej" thiab "systemctl miv" yuav tso saib tsis yog txhua qhov sib txuas, tab sis kuj yog cov units uas lawv nyob.
  • Hauv systemd-networkd, lub qdisc configuration tau ntxiv lub peev xwm los teeb tsa TBF (Token Bucket Filter), SFQ (Stochastic Fairness Queuing), CoDel (Controlled-Delay Active Queue Management) thiab FQ (Fair Queue) parameters.
  • systemd-networkd ntxiv kev txhawb nqa rau IFB network li (Intermediate Functional Block).
  • Systemd-networkd siv cov MultiPathRoute parameter hauv ntu [Route] kom teeb tsa ntau txoj hauv kev.
  • Hauv systemd-networkd rau DHCPv4 tus neeg siv khoom, qhov kev xaiv SendDecline tau ntxiv, thaum tau teev tseg, tom qab tau txais DHCP cov lus teb nrog qhov chaw nyob, kuaj qhov chaw nyob sib npaug thiab yog tias kuaj pom qhov chaw nyob tsis sib haum, qhov chaw nyob tawm raug tsis lees paub. Qhov kev xaiv RouteMTUBytes kuj tau ntxiv rau DHCPv4 tus neeg siv khoom, tso cai rau koj los txiav txim siab MTU loj rau cov kev tsim los ntawm IP chaw nyob khi (nqi xauj tsev).
  • Qhov teeb tsa PrefixRoute hauv ntu [Chaw Nyob] ntawm .network cov ntaub ntawv tau raug txiav tawm. Nws tau hloov los ntawm qhov "AddPrefixRoute", uas muaj lub ntsiab lus txawv.
  • Hauv .network cov ntaub ntawv, kev txhawb nqa rau tus nqi tshiab "_dhcp" tau ntxiv rau Gateway teeb tsa hauv ntu "[Route]", thaum teeb tsa, txoj kev zoo li qub raug xaiv raws li lub rooj vag teeb tsa ntawm DHCP.
  • Cov chaw tau tshwm sim hauv .network cov ntaub ntawv hauv ntu "[RoutingPolicyRule]".
    Tus neeg siv thiab SuppressPrefixLength kom qhia meej qhov chaw routing raws li UID ntau thiab prefix loj.

  • Hauv networkctl, cov lus txib "txheej xwm" muab lub peev xwm los tso saib cov ntawv teev npe cuam tshuam rau txhua lub network interface.
  • systemd-networkd-wait-online ntxiv kev txhawb nqa rau kev teeb tsa lub sijhawm siab tshaj plaws los tos lub interface kom ua haujlwm tau thiab tos kom lub interface poob mus.
  • Nres ua .link thiab .network cov ntaub ntawv nrog qhov khoob lossis tawm tswv yim tawm "[Match]" ntu.
  • Hauv .link thiab .network cov ntaub ntawv, nyob rau hauv seem "[Match]", qhov "PermanentMACAddress" tau ntxiv los xyuas qhov chaw nyob ruaj khov MAC ntawm cov khoom siv nyob rau hauv rooj plaub ntawm kev siv ib qho MAC generated random.
  • Tshooj "[TrafficControlQueueingDiscipline]" hauv .network cov ntaub ntawv tau raug hloov npe mus rau "[NetworkEmulator]", thiab "NetworkEmulator" ua ntej tau raug tshem tawm ntawm cov npe ntawm cov chaw cuam tshuam.
  • systemd-kev daws teeb meem rau DNS-dhau-TLS ntxiv kev txhawb nqa rau SNI kuaj.

Tau qhov twg los: opennet.ru

Ntxiv ib saib