ProHoster > Блог > xov xwm hauv internet > systemd tus thawj tswj hwm tso tawm 242

systemd tus thawj tswj hwm tso tawm 242

[:ru]

Tom qab ob lub hlis ntawm kev loj hlob hais tawm system manager tso tawm systemd 242. Ntawm cov kev tsim kho tshiab, peb tuaj yeem nco txog kev txhawb nqa rau L2TP qhov, muaj peev xwm los tswj tus cwj pwm ntawm systemd-logind ntawm kev rov pib dua los ntawm ib puag ncig hloov pauv, kev txhawb nqa rau txuas ntxiv XBOOTLDR boot partitions rau mounting / khau raj, muaj peev xwm khau raj nrog lub hauv paus muab faib hauv overlayfs, nrog rau ntau qhov chaw tshiab rau ntau hom chav nyob.

Cov kev hloov loj:

  • systemd-networkd muab kev txhawb nqa rau L2TP tunnels;
  • sd-boot thiab bootctl muab kev txhawb nqa rau XBOOTLDR (Extended Boot Loader) partitions tsim los rau mounted rau / khau raj, ntxiv rau ESP partitions mounted ntawm /efi lossis /boot/efi. Kernels, nqis, initrd thiab EFI cov duab tam sim no tuaj yeem raug booted los ntawm ESP thiab XBOOTLDR partitions. Qhov kev hloov pauv no tso cai rau koj siv sd-boot bootloader hauv ntau qhov xwm txheej, thaum lub bootloader nws tus kheej nyob hauv ESP, thiab cov khoom thauj khoom thiab cov metadata cuam tshuam tau muab tso rau hauv ib ntu;
  • Ntxiv lub peev xwm rau khau raj nrog "systemd.volatile = overlay" kev xaiv dhau mus rau cov ntsiav, uas tso cai rau koj tso cov hauv paus muab faib rau hauv overlayfs thiab npaj ua haujlwm rau saum cov duab nyeem nkaus xwb ntawm cov ntawv hauv paus nrog cov kev hloov pauv sau rau ib qho. cais cov npe hauv tmpfs (kev hloov pauv hauv qhov kev teeb tsa no ploj tom qab rov pib dua). Los ntawm kev sib piv, systemd-nspawn tau ntxiv qhov "--volatile = overlay" kev xaiv los siv cov haujlwm zoo sib xws hauv ntim;
  • systemd-nspawn tau ntxiv qhov "--oci-bundle" kev xaiv kom tso cai rau kev siv lub sijhawm ua haujlwm los muab cais tawm ntawm cov ntim khoom uas ua raws li Open Container Initiative (OCI) specification. Rau kev siv nyob rau hauv cov kab hais kom ua thiab nspawn units, kev txhawb nqa rau ntau yam kev xaiv tau piav qhia hauv OCI specification yog npaj siab, piv txwv li, cov kev xaiv "--inaccessible" thiab "Inaccessible" yuav siv tau los tshem tawm qhov chaw ntawm cov ntaub ntawv system, thiab cov " --console" cov kev xaiv tau ntxiv rau kev teeb tsa cov qauv tso zis ntws thiab "-pipe";
  • Ntxiv lub peev xwm los tswj tus cwj pwm ntawm systemd-logind los ntawm ib puag ncig hloov pauv: $SYSTEMD_REBOOT_ TO_FIRMWARE_SETUP,
    $SYSTEMD_REBOOT_TO_BOOT_LOADER_MENU thiab
    $SYSTEMD_REBOOT_ TO_BOOT_LOADER_ENTRY. Siv cov kev hloov pauv no, koj tuaj yeem txuas koj tus kheej reboot txheej txheem handlers (/run/systemd/reboot-to-firmware-setup, /run/systemd/reboot-to-boot-loader-menu thiab
    /run/systemd/reboot-to-boot-loader-entry) lossis lov tes taw tag nrho (yog tias tus nqi raug teeb tsa tsis raug);

  • Ntxiv kev xaiv "-boot-load-menu =" thiab
    “—boot-loader-entry=”, tso cai rau koj xaiv ib qho khoom siv khau raj tshwj xeeb lossis hom khau raj tom qab reboot;

  • Ntxiv ib qho tshiab sandbox cais cov lus txib "RestrictSUIDSGID =", uas siv seccomp txwv tsis pub tsim cov ntaub ntawv nrog SUID / SGID chij;
  • Xyuas kom meej tias "NoNewPrivileges" thiab "RestrictSUIDSGID" kev txwv yog siv los ntawm lub neej ntawd hauv cov kev pabcuam nrog rau cov neeg siv khoom siv ID tiam ("DynamicUser" enabled);
  • Lub neej ntawd MACAddressPolicy= qhov teeb tsa tsis tu ncua hauv .link cov ntaub ntawv tau hloov pauv kom npog ntau cov khoom siv. Cov kev sib txuas ntawm cov txuas txuas hauv network, tunnels (tun, kais) thiab cov sib txuas sib txuas (daim ntawv cog lus) tsis qhia lawv tus kheej tshwj tsis yog los ntawm lub npe ntawm lub network interface, yog li lub npe no tam sim no siv los ua lub hauv paus rau khi MAC thiab IPv4 chaw nyob. Tsis tas li ntawd, qhov "MACAddressPolicy = random" tau ntxiv, uas tuaj yeem siv los khi MAC thiab IPv4 chaw nyob rau cov khoom siv hauv kev txiav txim siab;
  • ".device" chav tsev cov ntaub ntawv tsim los ntawm systemd-fstab-generator tsis suav nrog cov ".mount" units uas yog nyob rau hauv seem "Xav tau =". Tsuas yog ntsaws rau hauv ib lub cuab yeej tsis cia li tso tawm ib chav rau mount, tab sis cov chav nyob no tseem tuaj yeem tsim tawm rau lwm yam laj thawj, xws li ib feem ntawm lub zos-fs.target lossis raws li kev vam khom rau lwm cov units uas nyob ntawm lub zos-fs.target ;
  • Ntxiv kev txhawb nqa rau lub qhov ncauj qhov ntswg (“*”, thiab lwm yam) rau “networkctl list/status/lldp” cov lus txib kom lim tawm qee pawg ntawm kev sib txuas hauv network los ntawm ib feem ntawm lawv lub npe;
  • Lub $PIDFILE ib puag ncig hloov pauv tam sim no tau teeb tsa siv txoj hauv kev tsis raug teeb tsa hauv cov kev pabcuam ntawm "PIDFile =;" parameter.
  • Public Cloudflare servers (1.1.1.1) tau muab ntxiv rau tus lej ntawm cov thaub qab DNS servers siv yog tias lub ntsiab DNS tsis tau txhais meej meej. Txhawm rau rov txheeb xyuas cov npe ntawm cov thaub qab DNS servers, koj tuaj yeem siv "-Ddns-servers =" kev xaiv;
  • Thaum kuaj pom lub xub ntiag ntawm USB Device Controller, tus tshiab usb-gadget.target handler yog cia li tso tawm (thaum lub kaw lus khiav ntawm USB peripheral ntaus ntawv);
  • Rau chav tsev cov ntaub ntawv, qhov "CPUQuotaPeriodSec =" qhov teeb tsa tau ua tiav, uas txiav txim siab lub sijhawm lub sijhawm txheeb ze rau qhov ntsuas CPU lub sijhawm ntsuas, teeb tsa los ntawm "CPUQuota =" teeb tsa;
  • Rau cov ntaub ntawv chav tsev, qhov "ProtectHostname =" qhov teeb tsa tau ua tiav, uas txwv tsis pub cov kev pabcuam hloov pauv cov ntaub ntawv hais txog lub npe tswv, txawm tias lawv muaj kev tso cai tsim nyog;
  • Rau chav tsev cov ntaub ntawv, qhov "NetworkNamespacePath =" qhov teeb tsa tau ua tiav, uas tso cai rau koj los khi ib lub npe chaw rau cov kev pabcuam lossis lub qhov (socket units) los ntawm kev qhia txog txoj hauv kev rau cov ntaub ntawv namespace hauv pseudo-FS / proc;
  • Ntxiv lub peev xwm los lov tes taw kev hloov pauv ntawm ib puag ncig hloov pauv rau cov txheej txheem pib siv "ExecStart =" teeb tsa los ntawm kev ntxiv ":" cim ua ntej pib cov lus txib;
  • Rau timers (.timer units) tshiab chij “OnClockChange =” thiab
    "OnTimezoneChange =", uas koj tuaj yeem tswj hwm lub tsev hu thaum lub sijhawm lub sijhawm lossis lub sijhawm hloov pauv;

  • Ntxiv cov chaw tshiab "ConditionMemory =" thiab "ConditionCPUs=", uas txiav txim siab cov xwm txheej rau kev hu ib chav nyob nyob ntawm lub cim xeeb loj thiab tus naj npawb ntawm CPU cores (piv txwv li, kev pabcuam siv nyiaj ntau tuaj yeem tsim tawm tsuas yog yog tias qhov xav tau ntawm RAM muaj);
  • Ntxiv lub sijhawm tshiab-set.target chav tsev uas lees txais lub sijhawm teem sijhawm hauv zos, tsis tas siv kev sib raug zoo nrog lwm lub sijhawm servers siv lub sijhawm-sync.target unit. Chav tsev tshiab tuaj yeem siv tau los ntawm cov kev pabcuam uas xav tau qhov tseeb ntawm cov moos hauv zos tsis sib xws;
  • Qhov kev xaiv "--show-transaction" tau ntxiv rau "systemctl pib" thiab cov lus txib zoo sib xws, thaum tau teev tseg, cov ntsiab lus ntawm txhua txoj haujlwm ntxiv rau cov kab vim qhov kev thov ua haujlwm tau tshwm sim;
  • systemd-networkd siv lub ntsiab lus ntawm lub xeev 'enslaved' tshiab, siv es tsis txhob 'degraded' los yog 'carrier' rau network interfaces uas yog ib feem ntawm aggregate links los yog network txuas hniav. Rau thawj interfaces, nyob rau hauv cov ntaub ntawv ntawm teeb meem nrog ib tug ntawm cov kev sib txuas txuas, lub xeev 'degraded-carrier' tau ntxiv;
  • Ntxiv “IgnoreCarrierLoss=” kev xaiv rau .network units kom txuag tau lub network chaw nyob rau hauv cov ntaub ntawv ntawm kev twb kev txuas poob;
  • Los ntawm qhov "RequiredForOnline =" teeb tsa hauv .network units, tam sim no koj tuaj yeem teeb tsa qhov tsawg kawg nkaus uas yuav tsum tau txuas lub xeev yuav tsum tau hloov lub network interface rau "online" thiab ua rau systemd-networkd-wait-online handler;
  • Ntxiv qhov "--ib qho" kev xaiv rau systemd-networkd-tos-online los tos qhov kev npaj ntawm ib qho ntawm cov kev sib txuas hauv network uas tau teev tseg es tsis txhob tag nrho, nrog rau qhov "--operational-state =" kev xaiv los txiav txim lub xeev. qhov txuas qhia txog kev npaj txhij;
  • Ntxiv “UseAutonomousPrefix=” thiab “UseOnLinkPrefix=” nqis rau .network units, uas tuaj yeem siv los tsis quav ntsej cov lus ua ntej thaum tau txais
    tshaj tawm los ntawm IPv6 router (RA, Router Advertisement);

  • Hauv .network units, "MulticastFlood =", "NeighborSuppression =" thiab "Learning =" chaw tau ntxiv los hloov cov kev khiav hauj lwm tsis ntawm tus choj network, nrog rau "TripleSampling=" qhov teeb tsa los hloov TRIPLE-SAMPLING hom ntawm CAN virtual interfaces;
  • “PrivateKeyFile =” thiab “PresharedKeyFile=” cov chaw tau ntxiv rau .netdev units, uas koj tuaj yeem hais qhia tus kheej thiab sib koom (PSK) yuam sij rau WireGuard VPN interfaces;
  • Ntxiv tib-cpu-crypt thiab xa-los ntawm-crypt-cpus xaiv rau /etc/crypttab, uas tswj tus cwj pwm ntawm tus teem sijhawm thaum tsiv teb tsaws chaw ua haujlwm cuam tshuam ntawm CPU cores;
  • systemd-tmpfiles muab cov ntaub ntawv kaw ua ntej ua haujlwm hauv cov npe nrog cov ntaub ntawv ib ntus, uas tso cai rau koj los lov tes taw ua haujlwm ntawm kev tu cov ntaub ntawv tsis tu ncua rau lub sijhawm ntawm qee qhov kev ua haujlwm (piv txwv li, thaum unpacking tar archive hauv / tmp, cov ntaub ntawv qub heev yuav yog. qhib uas tsis tuaj yeem rho tawm ua ntej qhov kawg ntawm qhov kev txiav txim nrog lawv);
  • Cov lus txib "systemd-analyze cat-config" muab lub peev xwm los txheeb xyuas qhov kev teeb tsa tau muab faib ua ntau cov ntaub ntawv, piv txwv li, cov neeg siv thiab cov txheej txheem presets, cov ntsiab lus ntawm tmpfiles.d thiab sysusers.d, udev cov cai, thiab lwm yam.
  • Ntxiv "--cursor-file=" kev xaiv rau "journalctl" txhawm rau txheeb xyuas cov ntaub ntawv thauj khoom thiab txuag tus cursor txoj haujlwm;
  • Ntxiv cov ntsiab lus ntawm ACRN hypervisor thiab WSL subsystem (Windows Subsystem rau Linux) rau systemd-detect-virt rau kev txuas ntxiv txuas ntxiv siv tus neeg teb xov tooj xwm txheej "ConditionVirtualization";
  • Thaum lub sij hawm systemd installation (thaum ua tiav "ninja nruab"), tsim cov cim txuas rau cov ntaub ntawv systemd-networkd.service, systemd-networkd.socket,
    systemd-resolved.service, chaw taws teeb-cryptsetup.target, chaw taws teeb-fs.target,
    systemd-networkd-wait-online.service thiab systemd-timesyncd.service. Txhawm rau tsim cov ntaub ntawv no, koj tam sim no yuav tsum tau khiav "systemctl preset-tag nrho" hais kom ua.

Tau qhov twg losopennet.ru

[: en]

Tom qab ob lub hlis ntawm kev loj hlob hais tawm system manager tso tawm systemd 242. Ntawm cov kev tsim kho tshiab, peb tuaj yeem nco txog kev txhawb nqa rau L2TP qhov, muaj peev xwm los tswj tus cwj pwm ntawm systemd-logind ntawm kev rov pib dua los ntawm ib puag ncig hloov pauv, kev txhawb nqa rau txuas ntxiv XBOOTLDR boot partitions rau mounting / khau raj, muaj peev xwm khau raj nrog lub hauv paus muab faib hauv overlayfs, nrog rau ntau qhov chaw tshiab rau ntau hom chav nyob.

Cov kev hloov loj:

  • systemd-networkd muab kev txhawb nqa rau L2TP tunnels;
  • sd-boot thiab bootctl muab kev txhawb nqa rau XBOOTLDR (Extended Boot Loader) partitions tsim los rau mounted rau / khau raj, ntxiv rau ESP partitions mounted ntawm /efi lossis /boot/efi. Kernels, nqis, initrd thiab EFI cov duab tam sim no tuaj yeem raug booted los ntawm ESP thiab XBOOTLDR partitions. Qhov kev hloov pauv no tso cai rau koj siv sd-boot bootloader hauv ntau qhov xwm txheej, thaum lub bootloader nws tus kheej nyob hauv ESP, thiab cov khoom thauj khoom thiab cov metadata cuam tshuam tau muab tso rau hauv ib ntu;
  • Ntxiv lub peev xwm rau khau raj nrog "systemd.volatile = overlay" kev xaiv dhau mus rau cov ntsiav, uas tso cai rau koj tso cov hauv paus muab faib rau hauv overlayfs thiab npaj ua haujlwm rau saum cov duab nyeem nkaus xwb ntawm cov ntawv hauv paus nrog cov kev hloov pauv sau rau ib qho. cais cov npe hauv tmpfs (kev hloov pauv hauv qhov kev teeb tsa no ploj tom qab rov pib dua). Los ntawm kev sib piv, systemd-nspawn tau ntxiv qhov "--volatile = overlay" kev xaiv los siv cov haujlwm zoo sib xws hauv ntim;
  • systemd-nspawn tau ntxiv qhov "--oci-bundle" kev xaiv kom tso cai rau kev siv lub sijhawm ua haujlwm los muab cais tawm ntawm cov ntim khoom uas ua raws li Open Container Initiative (OCI) specification. Rau kev siv nyob rau hauv cov kab hais kom ua thiab nspawn units, kev txhawb nqa rau ntau yam kev xaiv tau piav qhia hauv OCI specification yog npaj siab, piv txwv li, cov kev xaiv "--inaccessible" thiab "Inaccessible" yuav siv tau los tshem tawm qhov chaw ntawm cov ntaub ntawv system, thiab cov " --console" cov kev xaiv tau ntxiv rau kev teeb tsa cov qauv tso zis ntws thiab "-pipe";
  • Ntxiv lub peev xwm los tswj tus cwj pwm ntawm systemd-logind los ntawm ib puag ncig hloov pauv: $SYSTEMD_REBOOT_ TO_FIRMWARE_SETUP,
    $SYSTEMD_REBOOT_TO_BOOT_LOADER_MENU thiab
    $SYSTEMD_REBOOT_ TO_BOOT_LOADER_ENTRY. Siv cov kev hloov pauv no, koj tuaj yeem txuas koj tus kheej reboot txheej txheem handlers (/run/systemd/reboot-to-firmware-setup, /run/systemd/reboot-to-boot-loader-menu thiab
    /run/systemd/reboot-to-boot-loader-entry) lossis lov tes taw tag nrho (yog tias tus nqi raug teeb tsa tsis raug);

  • Ntxiv kev xaiv "-boot-load-menu =" thiab
    “—boot-loader-entry=”, tso cai rau koj xaiv ib qho khoom siv khau raj tshwj xeeb lossis hom khau raj tom qab reboot;

  • Ntxiv ib qho tshiab sandbox cais cov lus txib "RestrictSUIDSGID =", uas siv seccomp txwv tsis pub tsim cov ntaub ntawv nrog SUID / SGID chij;
  • Xyuas kom meej tias "NoNewPrivileges" thiab "RestrictSUIDSGID" kev txwv yog siv los ntawm lub neej ntawd hauv cov kev pabcuam nrog rau cov neeg siv khoom siv ID tiam ("DynamicUser" enabled);
  • Lub neej ntawd MACAddressPolicy= qhov teeb tsa tsis tu ncua hauv .link cov ntaub ntawv tau hloov pauv kom npog ntau cov khoom siv. Cov kev sib txuas ntawm cov txuas txuas hauv network, tunnels (tun, kais) thiab cov sib txuas sib txuas (daim ntawv cog lus) tsis qhia lawv tus kheej tshwj tsis yog los ntawm lub npe ntawm lub network interface, yog li lub npe no tam sim no siv los ua lub hauv paus rau khi MAC thiab IPv4 chaw nyob. Tsis tas li ntawd, qhov "MACAddressPolicy = random" tau ntxiv, uas tuaj yeem siv los khi MAC thiab IPv4 chaw nyob rau cov khoom siv hauv kev txiav txim siab;
  • ".device" chav tsev cov ntaub ntawv tsim los ntawm systemd-fstab-generator tsis suav nrog cov ".mount" units uas yog nyob rau hauv seem "Xav tau =". Tsuas yog ntsaws rau hauv ib lub cuab yeej tsis cia li tso tawm ib chav rau mount, tab sis cov chav nyob no tseem tuaj yeem tsim tawm rau lwm yam laj thawj, xws li ib feem ntawm lub zos-fs.target lossis raws li kev vam khom rau lwm cov units uas nyob ntawm lub zos-fs.target ;
  • Ntxiv kev txhawb nqa rau lub qhov ncauj qhov ntswg (“*”, thiab lwm yam) rau “networkctl list/status/lldp” cov lus txib kom lim tawm qee pawg ntawm kev sib txuas hauv network los ntawm ib feem ntawm lawv lub npe;
  • Lub $PIDFILE ib puag ncig hloov pauv tam sim no tau teeb tsa siv txoj hauv kev tsis raug teeb tsa hauv cov kev pabcuam ntawm "PIDFile =;" parameter.
  • Public Cloudflare servers (1.1.1.1) tau muab ntxiv rau tus lej ntawm cov thaub qab DNS servers siv yog tias lub ntsiab DNS tsis tau txhais meej meej. Txhawm rau rov txheeb xyuas cov npe ntawm cov thaub qab DNS servers, koj tuaj yeem siv "-Ddns-servers =" kev xaiv;
  • Thaum kuaj pom lub xub ntiag ntawm USB Device Controller, tus tshiab usb-gadget.target handler yog cia li tso tawm (thaum lub kaw lus khiav ntawm USB peripheral ntaus ntawv);
  • Rau chav tsev cov ntaub ntawv, qhov "CPUQuotaPeriodSec =" qhov teeb tsa tau ua tiav, uas txiav txim siab lub sijhawm lub sijhawm txheeb ze rau qhov ntsuas CPU lub sijhawm ntsuas, teeb tsa los ntawm "CPUQuota =" teeb tsa;
  • Rau cov ntaub ntawv chav tsev, qhov "ProtectHostname =" qhov teeb tsa tau ua tiav, uas txwv tsis pub cov kev pabcuam hloov pauv cov ntaub ntawv hais txog lub npe tswv, txawm tias lawv muaj kev tso cai tsim nyog;
  • Rau chav tsev cov ntaub ntawv, qhov "NetworkNamespacePath =" qhov teeb tsa tau ua tiav, uas tso cai rau koj los khi ib lub npe chaw rau cov kev pabcuam lossis lub qhov (socket units) los ntawm kev qhia txog txoj hauv kev rau cov ntaub ntawv namespace hauv pseudo-FS / proc;
  • Ntxiv lub peev xwm los lov tes taw kev hloov pauv ntawm ib puag ncig hloov pauv rau cov txheej txheem pib siv "ExecStart =" teeb tsa los ntawm kev ntxiv ":" cim ua ntej pib cov lus txib;
  • Rau timers (.timer units) tshiab chij “OnClockChange =” thiab
    "OnTimezoneChange =", uas koj tuaj yeem tswj hwm lub tsev hu thaum lub sijhawm lub sijhawm lossis lub sijhawm hloov pauv;

  • Ntxiv cov chaw tshiab "ConditionMemory =" thiab "ConditionCPUs=", uas txiav txim siab cov xwm txheej rau kev hu ib chav nyob nyob ntawm lub cim xeeb loj thiab tus naj npawb ntawm CPU cores (piv txwv li, kev pabcuam siv nyiaj ntau tuaj yeem tsim tawm tsuas yog yog tias qhov xav tau ntawm RAM muaj);
  • Ntxiv lub sijhawm tshiab-set.target chav tsev uas lees txais lub sijhawm teem sijhawm hauv zos, tsis tas siv kev sib raug zoo nrog lwm lub sijhawm servers siv lub sijhawm-sync.target unit. Chav tsev tshiab tuaj yeem siv tau los ntawm cov kev pabcuam uas xav tau qhov tseeb ntawm cov moos hauv zos tsis sib xws;
  • Qhov kev xaiv "--show-transaction" tau ntxiv rau "systemctl pib" thiab cov lus txib zoo sib xws, thaum tau teev tseg, cov ntsiab lus ntawm txhua txoj haujlwm ntxiv rau cov kab vim qhov kev thov ua haujlwm tau tshwm sim;
  • systemd-networkd siv lub ntsiab lus ntawm lub xeev 'enslaved' tshiab, siv es tsis txhob 'degraded' los yog 'carrier' rau network interfaces uas yog ib feem ntawm aggregate links los yog network txuas hniav. Rau thawj interfaces, nyob rau hauv cov ntaub ntawv ntawm teeb meem nrog ib tug ntawm cov kev sib txuas txuas, lub xeev 'degraded-carrier' tau ntxiv;
  • Ntxiv “IgnoreCarrierLoss=” kev xaiv rau .network units kom txuag tau lub network chaw nyob rau hauv cov ntaub ntawv ntawm kev twb kev txuas poob;
  • Los ntawm qhov "RequiredForOnline =" teeb tsa hauv .network units, tam sim no koj tuaj yeem teeb tsa qhov tsawg kawg nkaus uas yuav tsum tau txuas lub xeev yuav tsum tau hloov lub network interface rau "online" thiab ua rau systemd-networkd-wait-online handler;
  • Ntxiv qhov "--ib qho" kev xaiv rau systemd-networkd-tos-online los tos qhov kev npaj ntawm ib qho ntawm cov kev sib txuas hauv network uas tau teev tseg es tsis txhob tag nrho, nrog rau qhov "--operational-state =" kev xaiv los txiav txim lub xeev. qhov txuas qhia txog kev npaj txhij;
  • Ntxiv “UseAutonomousPrefix=” thiab “UseOnLinkPrefix=” nqis rau .network units, uas tuaj yeem siv los tsis quav ntsej cov lus ua ntej thaum tau txais
    tshaj tawm los ntawm IPv6 router (RA, Router Advertisement);

  • Hauv .network units, "MulticastFlood =", "NeighborSuppression =" thiab "Learning =" chaw tau ntxiv los hloov cov kev khiav hauj lwm tsis ntawm tus choj network, nrog rau "TripleSampling=" qhov teeb tsa los hloov TRIPLE-SAMPLING hom ntawm CAN virtual interfaces;
  • “PrivateKeyFile =” thiab “PresharedKeyFile=” cov chaw tau ntxiv rau .netdev units, uas koj tuaj yeem hais qhia tus kheej thiab sib koom (PSK) yuam sij rau WireGuard VPN interfaces;
  • Ntxiv tib-cpu-crypt thiab xa-los ntawm-crypt-cpus xaiv rau /etc/crypttab, uas tswj tus cwj pwm ntawm tus teem sijhawm thaum tsiv teb tsaws chaw ua haujlwm cuam tshuam ntawm CPU cores;
  • systemd-tmpfiles muab cov ntaub ntawv kaw ua ntej ua haujlwm hauv cov npe nrog cov ntaub ntawv ib ntus, uas tso cai rau koj los lov tes taw ua haujlwm ntawm kev tu cov ntaub ntawv tsis tu ncua rau lub sijhawm ntawm qee qhov kev ua haujlwm (piv txwv li, thaum unpacking tar archive hauv / tmp, cov ntaub ntawv qub heev yuav yog. qhib uas tsis tuaj yeem rho tawm ua ntej qhov kawg ntawm qhov kev txiav txim nrog lawv);
  • Cov lus txib "systemd-analyze cat-config" muab lub peev xwm los txheeb xyuas qhov kev teeb tsa tau muab faib ua ntau cov ntaub ntawv, piv txwv li, cov neeg siv thiab cov txheej txheem presets, cov ntsiab lus ntawm tmpfiles.d thiab sysusers.d, udev cov cai, thiab lwm yam.
  • Ntxiv "--cursor-file=" kev xaiv rau "journalctl" txhawm rau txheeb xyuas cov ntaub ntawv thauj khoom thiab txuag tus cursor txoj haujlwm;
  • Ntxiv cov ntsiab lus ntawm ACRN hypervisor thiab WSL subsystem (Windows Subsystem rau Linux) rau systemd-detect-virt rau kev txuas ntxiv txuas ntxiv siv tus neeg teb xov tooj xwm txheej "ConditionVirtualization";
  • Thaum lub sij hawm systemd installation (thaum ua tiav "ninja nruab"), tsim cov cim txuas rau cov ntaub ntawv systemd-networkd.service, systemd-networkd.socket,
    systemd-resolved.service, chaw taws teeb-cryptsetup.target, chaw taws teeb-fs.target,
    systemd-networkd-wait-online.service thiab systemd-timesyncd.service. Txhawm rau tsim cov ntaub ntawv no, koj tam sim no yuav tsum tau khiav "systemctl preset-tag nrho" hais kom ua.

Tau qhov twg los: opennet.ru

[:]

Ntxiv ib saib