ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > systemd tus thawj tswj hwm tso tawm 249

systemd tus thawj tswj hwm tso tawm 249

Tom qab peb lub hlis ntawm txoj kev loj hlob, kev tso tawm ntawm tus thawj tswj hwm qhov systemd 249 tau nthuav tawm. Qhov kev tso tawm tshiab muab lub peev xwm los txhais cov neeg siv / pab pawg hauv JSON hom, stabilizes Journal raws tu qauv, yooj yim rau lub koom haum ntawm kev thauj khoom ua tiav disk partitions, ntxiv lub peev xwm rau txuas BPF cov kev pab cuam rau cov kev pabcuam, thiab siv cov cim qhia txog cov neeg siv hauv cov khoom sib txuas, feem ntau ntawm kev teeb tsa network tshiab thiab cov hauv kev rau kev tso cov ntim khoom.

Cov kev hloov loj:

  • Phau ntawv xov xwm raws tu qauv tau sau tseg thiab tuaj yeem siv rau hauv cov neeg siv khoom hauv qhov chaw ntawm syslog raws tu qauv rau kev xa cov ntaub ntawv teev tseg hauv zos. Phau ntawv xov xwm raws tu qauv tau siv rau lub sijhawm ntev thiab twb tau siv rau hauv qee lub tsev qiv ntawv cov neeg siv khoom, txawm li cas los xij, nws txoj kev txhawb nqa tsuas yog tau tshaj tawm xwb.
  • Userdb thiab nss-systemd muab kev txhawb nqa rau kev nyeem ntxiv cov neeg siv cov ntsiab lus nyob rau hauv /etc/userdb/, /run/userdb/, /run/host/userdb/ thiab /usr/lib/userdb/ directories, teev hauv JSON hom. Nws tau raug sau tseg tias qhov tshwj xeeb no yuav muab cov txheej txheem ntxiv rau kev tsim cov neeg siv hauv lub kaw lus, muab kev koom ua ke tag nrho nrog NSS thiab /etc/shadow. JSON kev txhawb nqa rau cov neeg siv / pab pawg nkag kuj tseem tso cai rau ntau yam kev tswj hwm thiab lwm qhov chaw txuas rau cov neeg siv uas pam_systemd thiab systemd-logind lees paub.
  • nss-systemd muab kev sib txuas ntawm cov neeg siv / pab pawg nkag hauv /etc/shadow siv hashed passwords los ntawm systemd-homed.
  • Ib lub tswv yim tau siv los ua kom yooj yim rau lub koom haum ntawm kev hloov tshiab siv disk partitions uas hloov ib leeg (ib qho kev faib ua haujlwm, thiab qhov thib ob yog qhov seem - qhov hloov tshiab yog theej rau qhov seem seem, tom qab ntawd nws ua haujlwm). Yog hais tias muaj ob lub hauv paus los yog / usr partitions hauv daim duab disk, thiab udev tsis tau kuaj pom muaj qhov 'root =' parameter, lossis ua cov duab disk tau teev tseg ntawm "-- duab" kev xaiv hauv systemd-nspawn thiab systemd -dissect utilities, lub khau raj muab faib yuav raug xam los ntawm kev sib piv GPT daim ntawv lo (xav tias GPT daim ntawv lo hais txog tus lej version ntawm qhov muab faib cov ntsiab lus thiab systemd yuav xaiv qhov muab faib nrog cov kev hloov tshiab tsis ntev los no).
  • Kev teeb tsa BPFProgram tau ntxiv rau cov ntaub ntawv kev pabcuam, uas koj tuaj yeem npaj cov kev thauj khoom ntawm BPF cov kev pabcuam rau hauv cov ntsiav thiab tswj lawv nrog khi rau cov kev pabcuam tshwj xeeb.
  • Systemd-fstab-generator thiab systemd-repart ntxiv lub peev xwm rau khau raj los ntawm cov disks uas tsuas muaj ib qho kev faib / usr thiab tsis muaj cov hauv paus muab faib (cov hauv paus muab faib yuav raug tsim los ntawm systemd-repart thaum thawj khau raj).
  • Hauv systemd-nspawn, qhov kev xaiv "--private-user-chown" tau hloov los ntawm ntau qhov kev xaiv "-private-user-ownership", uas tuaj yeem lees txais "chown" qhov tseem ceeb raws li qhov sib npaug ntawm "-- ntiag tug-neeg siv-chown", "tawm" kom lov tes taw qub chaw, "daim ntawv qhia" rau daim ntawv qhia tus neeg siv IDs ntawm mounted filesystems thiab "auto" xaiv "daim ntawv qhia" yog tias qhov kev ua haujlwm yuav tsum muaj nyob hauv cov ntsiav (5.12+) lossis poob rov qab mus rau recursive hu rau "chown" txwv tsis pub. Siv daim ntawv qhia, koj tuaj yeem ua daim ntawv qhia ib tus neeg siv cov ntaub ntawv ntawm kev faib tawm txawv teb chaws rau lwm tus neeg siv ntawm cov kab ke tam sim no, ua kom yooj yim rau kev sib qhia cov ntaub ntawv ntawm cov neeg siv sib txawv. Hauv qhov systemd-homed portable home directory mechanism, daim ntawv qhia yuav tso cai rau cov neeg siv txav lawv cov npe hauv tsev mus rau cov xov xwm sab nraud thiab siv lawv ntawm cov khoos phis tawj sib txawv uas tsis muaj tib tus neeg siv ID layout.
  • Hauv systemd-nspawn, qhov kev xaiv "--private-user" tam sim no tuaj yeem siv tus nqi "tus kheej" los cuam tshuam ncaj qha rau tus neeg siv IDs thaum teeb tsa tus neeg siv lub npe, piv txwv li. UID 0 thiab UID 1 nyob rau hauv lub thawv yuav xav txog hauv UID 0 thiab UID 1 ntawm tus tswv tsev, kom txo tau cov vectors (lub thawv tsuas yog tau txais cov txheej txheem peev txheej hauv nws lub npe).
  • Cov kev xaiv "--bind-user" tau ntxiv rau systemd-nspawn xa mus rau tus neeg siv nyiaj uas muaj nyob rau hauv ib puag ncig tus tswv rau lub thawv (cov npe hauv tsev tau muab tso rau hauv lub thawv, tus neeg siv / pab pawg nkag tau ntxiv, thiab UID daim ntawv qhia yog ua nyob nruab nrab ntawm lub thawv thiab lub tsev ib puag ncig).
  • systemd-nug-password thiab systemd-sysusers tau ntxiv kev txhawb nqa rau kev thov cov passwords (passwd.hashed-password. thiab passwd.plaintext-password.) siv cov txheej txheem qhia hauv systemd 247 kom ruaj ntseg hloov cov ntaub ntawv siv. intermediate cov ntaub ntawv nyob rau hauv ib tug cais directory. Los ntawm lub neej ntawd, cov ntaub ntawv pov thawj tau txais los ntawm cov txheej txheem nrog PID1, uas tau txais lawv, piv txwv li, los ntawm tus tswj hwm lub thawv, uas tso cai rau koj los teeb tsa tus neeg siv lo lus zais ntawm thawj khau raj.
  • systemd-firstboot ntxiv kev txhawb nqa rau kev siv kev ruaj ntseg hloov pauv ntawm cov ntaub ntawv rhiab rau cov lus nug ntau yam kev tsis sib haum xeeb, uas tuaj yeem siv los pib qhov kev teeb tsa hauv lub system thaum xub pib lub thawv duab uas tsis muaj qhov tsim nyog nyob rau hauv /etc directory.
  • Tus txheej txheem PID 1 ua kom ntseeg tau tias ob lub npe thiab cov lus piav qhia tau tshwm sim thaum khau raj. Koj tuaj yeem hloov cov zis los ntawm "StatusUnitFormat=combined" parameter hauv system.conf lossis cov kab hais kom ua kab xaiv "systemd.status-unit-format=combined"
  • Qhov kev xaiv "--duab" tau ntxiv rau qhov systemd-machine-id-setup thiab systemd-repart utilities kom hloov cov ntaub ntawv nrog lub tshuab id mus rau ib daim duab disk los yog ua kom loj ntawm daim duab disk.
  • Lub MakeDirectories parameter tau muab ntxiv rau cov ntaub ntawv muab faib ua ke siv los ntawm systemd-repart utility, uas tuaj yeem siv los tsim cov npe tsis raug cai hauv cov ntaub ntawv tsim ua ntej raug cuam tshuam rau hauv cov lus muab faib (piv txwv li, los tsim cov npe rau cov ntsiab lus hauv lub hauv paus muab faib kom koj tuaj yeem tam sim mount qhov muab faib hauv hom nyeem nkaus xwb). Txhawm rau tswj GPT chij nyob rau hauv cov ntu tsim, cov chij sib thooj, ReadOnly thiab NoAuto tsis tau ntxiv. Lub CopyBlocks parameter muaj tus nqi ntawm "auto" los xaiv qhov kev faib khau raj tam sim no raws li qhov chaw thaum luam cov blocks (piv txwv li, thaum koj xav hloov koj tus kheej hauv paus muab faib rau cov xov xwm tshiab).
  • GPT siv qhov "loj-file-system" chij, uas zoo ib yam li x-systemd.growfs mount kev xaiv thiab muab kev nthuav dav ntawm FS loj rau thaj tsam ntawm cov khoom thaiv yog tias FS loj me dua qhov muab faib. Tus chij muaj feem xyuam rau Ext3, XFS thiab Btrfs cov ntaub ntawv systems, thiab tuaj yeem siv rau kev kuaj pom cov partitions. Tus chij tau qhib los ntawm lub neej ntawd rau cov ntawv sau tau tuaj yeem tsim los ntawm systemd-repart. Qhov kev xaiv GrowFileSystem tau ntxiv los teeb tsa tus chij hauv systemd-repart.
  • Cov ntaub ntawv /etc/os-release muab kev txhawb nqa rau IMAGE_VERSION thiab IMAGE_ID hloov pauv tshiab los txiav txim siab cov qauv thiab ID ntawm atomically hloov kho cov duab. Cov %M thiab %A specifiers tau npaj los hloov cov nqi teev tseg rau hauv ntau cov lus txib.
  • Qhov "--extension" parameter tau muab ntxiv rau lub portablectl kev siv hluav taws xob los qhib cov kab ke txuas ntxiv cov duab (piv txwv li, los ntawm lawv koj tuaj yeem faib cov duab nrog cov kev pabcuam ntxiv rau hauv lub hauv paus muab faib).
  • Cov khoom siv hluav taws xob systemd-coredump muab kev rho tawm ntawm ELF tsim-id cov ntaub ntawv thaum tsim cov pob pov tseg tseem ceeb ntawm cov txheej txheem, uas tuaj yeem muaj txiaj ntsig zoo rau kev txiav txim siab lub pob twg cov txheej txheem tsis ua haujlwm yog cov ntaub ntawv hais txog lub npe thiab cov qauv ntawm deb lossis rpm pob tau tsim. rau hauv ELF cov ntaub ntawv.
  • Lub hauv paus kho vajtse tshiab rau FireWire (IEEE 1394) cov cuab yeej tau ntxiv rau udev.
  • Hauv udev, peb qhov kev hloov pauv tau ntxiv rau "net_id" network interface npe xaiv lub tswv yim uas ua txhaum rov qab sib raug zoo: cov cim tsis raug hauv cov npe interface tam sim no hloov nrog "_"; PCI hotplug lub npe rau s390 tshuab tau ua tiav hauv daim ntawv hexadecimal; Kev siv txog li 65535 built-in PCI li tau tso cai (yav dhau los cov lej saum toj no 16383 raug thaiv).
  • systemd-resolved ntxiv qhov "home.arpa" sau rau NTA (Negative Trust Anchors) daim ntawv teev npe, uas tau pom zoo rau cov tsev sib txuas hauv zos, tab sis tsis siv hauv DNSSEC.
  • CPUAffinity parameter muab parsing ntawm "%" specifiers.
  • Ib qho ManageForeignRoutingPolicyRules parameter tau ntxiv rau .network cov ntaub ntawv, uas tuaj yeem siv los cais cov systemd-networkd los ntawm kev ua cov txheej txheem thib peb.
  • Qhov RequiredFamilyForOnline parameter tau ntxiv rau ".network" cov ntaub ntawv los txiav txim seb muaj IPv4 lossis IPv6 chaw nyob raws li qhov kos npe tias lub network interface nyob hauv "online" xeev. Networkctl muab cov zaub ntawm "online" xwm txheej rau txhua qhov txuas.
  • Ntxiv OutgoingInterface parameter rau .network cov ntaub ntawv los txhais cov kev cuam tshuam tawm thaum teeb tsa cov txuas txuas txuas.
  • Ib pawg parameter tau ntxiv rau ".network" cov ntaub ntawv, tso cai rau koj los teeb tsa ib pawg Multipath rau kev nkag rau hauv ntu "[NextHop]".
  • Ntxiv kev xaiv "-4" thiab "-6" rau systemd-network-tos-online kom txwv kev sib txuas tos rau IPv4 lossis IPv6 nkaus xwb.
  • Ib qho RelayTarget parameter tau ntxiv rau DHCP server chaw, uas hloov lub server rau DHCP Ralay hom. Rau kev teeb tsa ntxiv ntawm DHCP relay, cov kev xaiv RelayAgentCircuitId thiab RelayAgentRemoteId muaj.
  • ServerAddress parameter tau ntxiv rau DHCP neeg rau zaub mov, tso cai rau koj los teeb tsa tus neeg rau zaub mov IP chaw nyob ncaj qha ( txwv tsis pub qhov chaw nyob raug xaiv tau).
  • Tus neeg rau zaub mov DHCP siv cov ntu [DHCPServerStaticLease], uas tso cai rau koj los teeb tsa qhov chaw nyob ruaj khov (DHCP kev xauj tsev), qhia meej IP ruaj ruaj rau MAC chaw nyob thiab rov ua dua.
  • Qhov RestrictAddressFamilies teeb tsa txhawb qhov "tsis muaj" tus nqi, uas txhais tau hais tias qhov kev pabcuam yuav tsis muaj kev nkag mus rau lub qhov (socket) ntawm ib tsev neeg chaw nyob.
  • Hauv ".network" cov ntaub ntawv hauv [Address], [DHCPv6PrefixDelegation] thiab [IPv6Prefix] ntu, kev txhawb nqa rau RouteMetric teeb tsa yog siv, uas tso cai rau koj los qhia qhov ntsuas rau txoj kev ua ntej tsim rau qhov chaw nyob.
  • nss-myhostname thiab systemd- daws teeb meem muab kev sib txuas ntawm DNS cov ntaub ntawv nrog chaw nyob rau cov tswv nrog lub npe tshwj xeeb "_outbound", uas ib txwm muab IP hauv zos, xaiv raws li txoj hauv kev siv rau kev sib txuas tawm.
  • Hauv .network cov ntaub ntawv, hauv ntu "[DHCPv4]", qhov chaw pib ua haujlwm RoutesToNTP tau raug ntxiv, uas yuav tsum tau ntxiv ib txoj hauv kev los ntawm kev sib txuas tam sim no kom nkag mus rau NTP server chaw nyob tau txais rau qhov kev sib txuas no siv DHCP (zoo ib yam li DNS , qhov chaw tso cai rau koj los lav tias kev khiav mus rau NTP server yuav raug xa mus los ntawm kev sib cuam tshuam los ntawm qhov chaw nyob no tau txais).
  • Ntxiv SocketBindAllow thiab SocketBindDeny teeb tsa los tswj kev nkag mus rau cov qhov (socket) khi rau cov kev pabcuam tam sim no.
  • Rau chav tsev cov ntaub ntawv, ib qho kev teeb tsa hu ua ConditionFirmware tau ua tiav, uas tso cai rau koj los tsim cov tshev uas ntsuas cov haujlwm firmware, xws li kev ua haujlwm ntawm UEFI thiab device.tree systems, nrog rau kev txheeb xyuas kev sib raug zoo nrog qee yam cuab yeej-ntoo muaj peev xwm.
  • Ua raws li ConditionOSRelease xaiv los xyuas cov teb hauv /etc/os-release file. Thaum txhais cov xwm txheej rau kev txheeb xyuas qhov muaj nuj nqis, tus neeg teb xov tooj "=", "! =", "=", ">" yog txais.
  • Hauv cov khoom siv hostnameectl, cov lus txib xws li "get-xyz" thiab "set-xyz" yog tso tawm los ntawm "tau" thiab "set" ua ntej, piv txwv li, tsis yog "hostnamectl get-hostname" thiab "hostnamectl "set-hostname" koj tuaj yeem siv qhov hais kom ua "hostnamectl hostname" "", kev ua haujlwm ntawm tus nqi uas txiav txim siab los ntawm kev qhia txog kev sib cav ntxiv ("hostnamectl hostname tus nqi"). Kev them nyiaj yug rau cov lus txib qub tau khaws cia kom ntseeg tau tias muaj kev sib haum xeeb.
  • Qhov systemd-detect-virt utility thiab ConditionVirtualization teeb tsa kom paub meej qhov tseeb ntawm Amazon EC2 ib puag ncig.
  • LogLevelMax teeb tsa hauv chav tsev cov ntaub ntawv tam sim no siv tsis yog rau cov ntawv teev lus tsim los ntawm cov kev pabcuam, tab sis kuj rau PID 1 txheej txheem cov lus uas hais txog qhov kev pabcuam.
  • Muab lub peev xwm los suav nrog SBAT (UEFI Secure Boot Advanced Targeting) cov ntaub ntawv hauv systemd-boot EFI PE cov ntaub ntawv.
  • /etc/crypttab siv cov kev xaiv tshiab "headless" thiab "password-echo" - thawj tso cai rau koj hla tag nrho cov haujlwm cuam tshuam nrog kev sib tham sib qhia rau cov passwords thiab PINs los ntawm tus neeg siv, thiab qhov thib ob tso cai rau koj los teeb tsa txoj hauv kev rau kev tso tawm tus password nkag. (tsis qhia dab tsi, qhia tus cwj pwm los ntawm tus cwj pwm thiab tso saib hnub qub). Qhov kev xaiv "--echo" tau ntxiv rau systemd-nug-password rau cov hom phiaj zoo sib xws.
  • systemd-cryptenroll, systemd-cryptsetup, thiab systemd-homed tau nthuav dav kev txhawb nqa rau kev qhib cov ntaub ntawv encrypted LUKS2 siv FIDO2 tokens. Ntxiv cov kev xaiv tshiab "--fido2-with-user-presence", "--fido2-with-user-verification" thiab "-fido2-with-client-pin" los tswj cov neeg siv lub cev muaj pov thawj, pov thawj thiab xav tau nkag mus. ib PIN code.
  • Ntxiv "--user", "--system", "--merge" thiab "--file" xaiv rau systemd-journal-gatewayd, zoo ib yam li cov kev xaiv journalctl.
  • Ntxiv rau qhov kev cia siab ncaj qha ntawm cov units tau teev tseg los ntawm OnFailure thiab Slice tsis muaj, kev txhawb nqa rau implicit inverse dependencies OnFailureOf thiab SliceOf tau ntxiv, uas tuaj yeem pab tau, piv txwv li, rau kev txiav txim siab tag nrho cov units suav nrog hauv daim.
  • Ntxiv hom tshiab ntawm kev vam khom ntawm cov units: OnSuccess thiab OnSuccessOf (qhov ntxeev ntawm OnFailure, hu ua thaum ua tiav); PropagatesStopTo thiab StopPropagatedFrom (tso cai rau koj nthuav tawm ib chav nres qhov xwm txheej mus rau lwm chav); Upholds thiab UpheldBy (alternative to Restart).
  • Lub systemd-nug-password qhov hluav taws xob tam sim no muaj "--emoji" kev xaiv los tswj cov tsos ntawm lub cim ntsuas phoo (πŸ”) hauv kab nkag lo lus zais.
  • Ntxiv cov ntaub ntawv ntawm systemd qhov chaw ntoo qauv.
  • Rau cov chav nyob, MemoryAvailable cuab yeej tau ntxiv, qhia tias lub cim xeeb npaum li cas lub tsev tau tso tseg ua ntej mus txog qhov txwv tau teev tseg los ntawm MemoryMax, MemoryHigh lossis MemoryAvailable tsis.

Tau qhov twg los: opennet.ru

Ntxiv ib saib