ProHoster > Blog > xov xwm hauv internet > systemd tus thawj tswj hwm tso tawm 257

systemd tus thawj tswj hwm tso tawm 257

Tom qab rau lub hlis ntawm txoj kev loj hlob, kev tso tawm ntawm tus thawj tswj hwm systemd 257 tau nthuav tawm cov kev hloov pauv tseem ceeb: cov khoom siv hluav taws xob tshiab systemd-sbsign thiab systemd-keyutil, kev txhawb nqa rau MPTCP thaum qhib lub qhov (socket), pib kev txhawb nqa rau lub tsev nrog Musl C lub tsev qiv ntawv, lub updatectl kev siv hluav taws xob rau kev tswj hwm kev teeb tsa ntawm kev hloov kho tshiab ntawm systemd-sysupdate, muaj peev xwm tsim cov kev pabcuam hauv cov npe PID cais, tiv thaiv kev tsis sib haum xeeb ntawm cov ntaub ntawv thaum siv "systemd-tmpfiles -purge".

Ntawm cov kev hloov pauv hauv qhov kev tso tawm tshiab:

  • Ib qho cuab yeej tshiab, systemd-sbsign, tau ntxiv rau kev kos npe rau cov ntaub ntawv executable hauv hom PE (Portable Executable) uas npaj rau kev siv thaum khau raj hauv EFI Secure Boot hom. Cov cav thiab cov neeg muab kev pabcuam uas muab los ntawm OpenSSL lub tsev qiv ntawv tuaj yeem siv rau kev tsim kos npe. systemd-sbsign tuaj yeem siv ua lwm txoj hauv kev rau sbsigntool thiab pesign daim ntawv thov hauv ukify utility thaum tsim cov duab kernel thoob ntiaj teb (UKIs), uas muab UEFI boot loader (UEFI boot stub) thiab cov duab kernel ua ke hauv ib daim ntawv. Linux thiab qhov chaw ib puag ncig initrd thauj mus rau hauv lub cim xeeb.
  • Ib qho kev siv hluav taws xob tshiab, systemd-keyutil, tau ntxiv uas siv ntau yam haujlwm ntawm cov yuam sij ntiag tug thiab X.509 daim ntawv pov thawj. Piv txwv li, systemd-keyutil tuaj yeem siv los ntsuas lub peev xwm thauj cov yuam sij ntiag tug thiab daim ntawv pov thawj, thiab rho tawm cov yuam sij pej xeem los ntawm lawv hauv PEM hom.
  • Hauv cov ".socket" units siv los xyuas kom meej tias lub socket activation mechanism (pib cov txheej txheem thaum sim tsim kom muaj kev sib txuas network), kev txhawb nqa tau siv rau MPTCP (Multipath TCP), qhov txuas ntxiv ntawm TCP protocol rau kev teeb tsa kev ua haujlwm ntawm kev sib txuas TCP nrog kev xa cov pob ntawv tib lub sijhawm ntawm ntau txoj kev los ntawm ntau lub network interfaces khi rau ntau yam. Kuv tus IP chaw nyob.
  • suav nrog kev hloov pauv tsim nyog los tsim siv tus qauv Musl C tsev qiv ntawv.
  • Ntau yam systemd Cheebtsam uas tso saib cov cim qhia kev nce qib (piv txwv li, systemd-repart, systemd-sysupdate/updatectl, thiab importctl) tam sim no txhawb nqa kev siv ANSI cov kab ke los ua kom cov zaub qhia kev nce qib muaj zog. Cov kab ke no tam sim no tsuas yog txhawb nqa hauv Windows Terminal (nws xav tias dhau sijhawm ib qho feature zoo sib xws yuav raug xa mus rau terminal emulators rau Linux).
  • Lub peev xwm ntawm qhov systemd-sysupdate tivthaiv tau nthuav dav, siv los kuaj pom, rub tawm thiab nruab cov hloov tshiab uas siv lub tshuab atomic los hloov cov partitions, cov ntaub ntawv lossis cov npe (ob qhov kev faib tawm ywj siab / cov ntaub ntawv / cov npe tau siv, ib qho ntawm cov haujlwm tam sim no. cov peev txheej, thiab lwm yam teeb tsa tus tom ntej) hloov tshiab, tom qab ntawd cov ntu / cov ntaub ntawv / cov npe sib pauv). Hauv kev xyaum, systemd-sysupdate twb tau siv hauv GNOME OS.

    Ntxiv nrog rau cov txheej txheem systemd-sysupdate, ib qho kev pabcuam ntawm tib lub npe tau ntxiv uas tso cai rau D-Bus siv los tswj cov kev hloov kho tshiab los ntawm tus neeg siv tsis muaj cai. Txhawm rau tswj hwm qhov kev pabcuam, cov khoom siv tshiab updatectl kuj suav nrog. Ntxiv "--offline" chij rau systemd-sysupdate kom lov tes taw rub tawm cov metadata hauv lub network thiab siv tsuas yog cov ntawv uas twb rub tawm rau hauv zos. Ntxiv kev txhawb nqa rau cov zis hauv JSON hom rau tag nrho cov lus txib.

  • Cov cuab yeej tshiab "PrivatePIDs" tau siv rau cov kev pabcuam, uas koj tuaj yeem teeb tsa cov txheej txheem nrog PID 1 (init txheej txheem) nyob rau hauv ib qho txheej txheem cais qhov chaw (PID namespace). Nyob rau hauv ib puag ncig tsim rau cov txheej txheem launched, tsuas yog cov txheej txheem los ntawm lub namespace tsim rau nws yuav pom.
  • Ntxiv kev txhawb nqa rau cov ntaub ntawv tsis sib xws rau udev cov cai (piv txwv li 'ATTR{foo}==i»abcd»'). Siv udev, nws muaj peev xwm muab cov neeg siv tsis raug cai hauv zos nkag mus rau ("uaccess") rau / dev / udmabuf ntaus ntawv, uas tsim nyog rau kev ua haujlwm nrog IPMI koob yees duab ntawm libcamera. udev muab kev lees paub ntawm ntau yam khoom siv kho vajtse crypto hnab nyiaj nrog USB interface thiab teeb tsa ID_HARDWARE_WALLET cov cuab yeej rau lawv, uas tso cai rau koj siv hom "uaccess" rau lawv rau kev nkag los ntawm cov neeg siv tsis muaj cai.
  • Cov teb tshiab RELEASE_TYPE, EXPERIMENT thiab EXPERIMENT_URL tau ntxiv rau /etc/os-release file. "RELEASE_TYPE" tuaj yeem coj qhov tseem ceeb "sim", "kev txhim kho", "ruaj khov" thiab "lts" los cais cov qauv ruaj khov los ntawm kev txhim kho thiab kev sim tsim. EXPERIMENT thiab EXPERIMENT_URL tsis yog npaj los piav qhia qhov tseem ceeb ntawm kev sim tsim.
  • Qhov kev siv hluav taws xob run0, tsim los hloov pauv rau qhov kev pab cuam sudo, tau ntxiv qhov "--shell-prompt-prefix" kev xaiv, uas qhia txog cov hlua ua ntej rau lub plhaub hais kom ua. Los ntawm lub neej ntawd, lub emoji "🦸" tau tshwm sim ua cov lus ua ntej kom pom qhov pom ntawm qhov kev sib kho siab.
  • Hauv systemd-tmpfiles, kom tsis txhob yuam kev tshem tawm cov ntaub ntawv tsis raug, qhov kev xaiv "--purge" tam sim no tsuas yog siv rau cov chaw hauv tmpfiles.d/ uas muaj "$" chij qhia meej meej. Kev ua haujlwm "--purge" tseem tam sim no yuav tsum tau qhia tsawg kawg ib cov ntaub ntawv los ntawm tmpfiles.d/ directory. Rau cov hlua nrog 'L' hom, tus chij '?' tau ntxiv, thaum tau teev tseg, cov cim txuas yuav raug tsim tsuas yog tias cov ntaub ntawv muaj nyob.
  • Hauv tus thawj tswj hwm kev pabcuam thiab cov khoom siv cuam tshuam, cov txheej txheem taug qab cov lej txuas ntxiv hloov mus siv PIDFD tsis yog PID. Ib qho PIDFD cuam tshuam nrog cov txheej txheem tshwj xeeb thiab tsis hloov pauv, thaum PID tuaj yeem cuam tshuam nrog lwm cov txheej txheem tom qab cov txheej txheem tam sim no cuam tshuam nrog PID ntawd xaus.
  • Rau cov kev pabcuam, tam sim no muaj peev xwm txheeb xyuas tus nqi "debug" hauv "RestartMode" parameter, uas qhov kev pabcuam ua tsis tiav yuav rov pib dua nrog hom kev debug tau qhib (qhov chaw hloov pauv DEBUG_INVOCATION=1 tau teeb tsa), thiab LogLevelMax tus nqi yuav yog ib ntus nce mus rau qib debug.
  • PID 1 handler muaj peev xwm thauj cov kev cai rau IPE (Integrity Policy Enforcement) LSM module, uas txhais cov cai tswj kev ncaj ncees rau tag nrho cov kab ke (qhov kev ua haujlwm twg raug tso cai thiab yuav ua li cas qhov tseeb ntawm cov khoom yuav tsum raug txheeb xyuas).
  • Qhov kev xaiv "DeferReactivation" tau ntxiv rau ".timer" cov ntaub ntawv chav tsev, uas tso cai rau koj hla lub sijhawm ua kom lub sijhawm tom ntej yog tias qhov kev pabcuam tseem tsis tau ua tiav nws qhov kev ua tiav txij li qhov ua kom dhau los.
  • Nyob rau hauv PrivateUsers unit file parameter, tam sim no muaj peev xwm txheeb xyuas tus nqi "tus kheej" kom ua kom pom tseeb ntawm tus neeg siv IDs thaum tsim tus neeg siv lub npe.
  • Ntxiv kev txhawb nqa rau tus nqi "tsis txuas" rau PrivateTmp cov ntaub ntawv parameter, uas yuav siv cais tmpfs piv txwv rau /tmp/ thiab /var/tmp/ directories.
  • Kev them nyiaj yug rau cov tshiab "private" thiab "strict" hom tau ntxiv rau ProtectControlGroups unit file parameter, thaum teeb tsa, cgroup namespace tshiab yog tsim rau cov kev pabcuam thiab cgroupfs tau teeb tsa. Thaum qhov kev xaiv " nruj" raug teeb tsa, cgroupfs tau teeb tsa hauv hom nyeem nkaus xwb.
  • Lub StateDirectory, RuntimeDirectory, CacheDirectory, LogsDirectory thiab ConfigurationDirectory tsis muab lub peev xwm los siv tus chij ':ro' txwv tsis pub nkag mus rau cov npe sib txuas rau hom nyeem nkaus xwb.
  • Ntxiv kev txhawb nqa rau "firmware" tus nqi rau "systemd.machine_id" kernel hais kom ua kab parameter, nyob rau hauv qhov system ID (machine ID) yuav raug xam raws li UUID los ntawm SMBIOS/DeviceTree.
  • Ntxiv kev txhawb nqa rau mseal(), listmount(), thiab statmount() kev hu xov tooj uas tau qhia hauv cov kernel tso tawm tsis ntev los no. Linux.
  • Lub solvectl, timedatectl thiab systemd-inhibit utilities tam sim no txhawb kev sib tham sib tso cai siv Polkit.
  • Lub tshuab hluav taws xob systemctl tau ntxiv lub peev xwm los siv tus chij "--tam sim no" hauv "reenable" hais kom ua.
  • Ntxiv "--json" kev xaiv rau qhov systemd-mount utility rau cov zis hauv JSON hom (piv txwv li, thaum teev nrog "--list-devices", cov npe ntawm cov khoom siv yuav raug tso tawm hauv JSON hom).
  • Ntxiv "-l" thiab "--tag nrho" kev xaiv rau "localectl" kev siv hluav taws xob los lov tes taw trimming ntawm cov kab ntev thaum lub sijhawm tso tawm.
  • Qhov kev xaiv HibernateOnACPower tau ntxiv rau sleep.conf, uas tso cai rau koj ncua sijhawm hloov mus rau hom pw tsaug zog kom txog thaum lub cuab yeej raug txiav tawm ntawm qhov chaw nres tsheb fais fab.
  • Hauv systemd-sysusers, kev txhawb nqa rau "!" hloov kho tau ntxiv rau "u" kab, uas koj tuaj yeem tsim cov neeg siv nyiaj xauv tag (yav dhau los, teeb tsa tus password tsis raug siv los thaiv tus neeg siv, uas, piv txwv li, tsis ua rau kev thaiv thaum lub sij hawm tseem ceeb authentication hauv SSH).
  • Systemd-coredump ntxiv qhov "EnterNamespace" kev xaiv uas tso cai rau nkag mus rau qhov chaw mount point ntawm txhua qhov kev sib tsoo kom tau txais lawv cov cim kev debugging. Hauv kev xyaum, qhov kev xaiv tuaj yeem muaj txiaj ntsig zoo rau kev teeb tsa rov qab ntawm cov ntaub ntawv tseem ceeb los ntawm cov ntawv thov khiav hauv cov thawv cais.
  • systemd-logind suav nrog kev ua tiav ntawm Ctrl-Alt-Shift-Esc ua ke kom xa cov org.freedesktop.login1.SecureAttentionKey teeb liab rau cov neeg siv ib puag ncig cov khoom nrog kev thov kom tso saib qhov kev nkag nkag ruaj ntseg dialog. Ua raws li "DesignatedMaintenanceTime" teeb tsa kom teem sijhawm ua haujlwm kom tiav raws sijhawm. Los ntawm kev sib piv nrog kev txhawb nqa rau DRM thiab evdev cov cuab yeej, kev txhawb nqa tau ntxiv rau kev teeb tsa kev nkag mus rau cov neeg siv tsis tau txais txiaj ntsig rau hidraw li (cov tswj kev ua si thiab joysticks).
  • systemd-machined tam sim no txhawb nqa cov neeg siv khoom tsis muaj cai nkag mus. cov tshuab virtual thiab cov thawv. Kev nkag mus rau systemd-machined functionality yog muab los ntawm Varlink API, ntxiv rau D-Bus.
  • Ib ntu tshiab "[IPv6AddressLabel]" tau ntxiv rau cov ntaub ntawv networkd.conf teeb tsa los teeb tsa cov ntawv cim npe thiab cov npe ua ntej rau IPv6 chaw nyob
  • Ntxiv "--stdin" kev xaiv rau 'networkctl kho' cov lus txib kom tau txais cov ntsiab lus ntawm cov kwj txheej txheem. Ntxiv kev txhawb nqa rau kev kho thiab tso tawm .netdev cov ntaub ntawv los ntawm kev qhia lub network interface rau 'networkctl kho' thiab 'networkctl miv' cov lus txib. Ntxiv kev xaiv "--tsis-nug-password" los lov tes taw kev tso cai sib tham sib.
  • Ntxiv qhov "--certificate-source" kev xaiv rau ukify, bootctl, systemd-keyutil, systemd-measure, systemd-repart, thiab systemd-sbsign utilities mus thauj khoom X.509 daim ntawv pov thawj los ntawm OpenSSL tus neeg zov me nyuam es tsis txhob ncaj qha thauj khoom los ntawm ib qho ntaub ntawv.
  • systemd-boot ntxiv lub peev xwm los siv lub ntim khawm kom txav mus los ntawm cov ntawv qhia khau raj, uas tuaj yeem pab tau zoo ntawm cov khoom siv xws li smartphones. Kev them nyiaj yug rau kev txhim kho UEFI Secure Boot database hauv ESL(db/dbx/…) hom ntawv rau systemd-boot tau ntxiv rau cov khoom siv bootctl.
  • Ntxiv "--list-invocation" kev xaiv rau journalctl los qhia ib daim ntawv teev npe hu thiab "--invocation" xaiv ("-I") los qhia cov cav cuam tshuam nrog kev hu tshwj xeeb.
  • systemd-nspawn ntxiv kev txhawb nqa rau kev siv tsis raug cai ntawm FUSE (Filesystem hauv Userspace) hauv ntim. Thaum siv qhov "--bind-user" xaiv, tus neeg siv SSH cov yuam sij xav tau rau kev nkag ntawm SSH raug xa mus rau lub thawv.
  • libsystemd tau ntxiv qhov programming tshiab interface "sd-json" uas siv JSON hom, nrog rau qhov interface "sd-varlink" uas siv IPC Varlink.
  • Qhov pom zoo lub hauv paus ntsiav version tau hloov kho kom tso tawm 5.4, tsim hauv 2019. Xyoo tom ntej lawv npaj yuav tsum tsis txhob txhawb nqa cov laus laus thiab kos lub 5.4 tso tawm raws li qhov tsawg kawg nkaus txhawb nqa hauv paus.
  • Kev them nyiaj yug rau cgroups v1 tau raug deprecated thiab yog neeg xiam oob qhab los ntawm lub neej ntawd (kom pab tau nws, koj yuav tsum qhia SYSTEMD_CGROUP_ENABLE_LEGACY_FORCE=1 ntawm cov kab hais kom ua kernel ntxiv rau ua kom nws nyob rau hauv qhov systemd chaw). Qhov kev tso tawm tom ntej ntawm systemd 258 npaj kom tshem tawm tag nrho cov cgroups v1 ntsig txog code. Systemd version 258 kuj tseem tau hais kom tshem tawm kev txhawb nqa rau System V cov ntawv pabcuam.

Tau qhov twg los: opennet.ru

Yuav txhim khu kev qha hosting rau cov chaw nrog DDoS tiv thaiv, VPS VDS servers 🔥 Yuav lub vev xaib hosting txhim khu kev qha nrog kev tiv thaiv DDoS, VPS VDS servers | ProHoster