Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > systemd system manager kumasulidwa 253

systemd system manager kumasulidwa 253

Pambuyo pa miyezi itatu ndi theka ya chitukuko, kumasulidwa kwa Systemd Systemd 253 kunaperekedwa.

Zosintha pakutulutsa kwatsopano zikuphatikiza:

  • Phukusili limaphatikizapo ntchito ya 'ukify', yopangidwa kuti ipange, kutsimikizira ndi kupanga siginecha yazithunzi zolumikizana za kernel (UKI, Unified Kernel Image), kuphatikiza chogwirira ntchito kutsitsa kernel kuchokera ku UEFI (UEFI boot stub), chithunzi cha Linux kernel ndi a system environment yokwezedwa mu memory initrd, yomwe imagwiritsidwa ntchito poyambitsa koyamba pa siteji isanakhazikitse mizu yamafayilo. Chidacho chimalowa m'malo mwa magwiridwe antchito omwe adaperekedwa kale ndi lamulo la 'dracut -uefi' ndikulikwaniritsa ndi kuthekera kowerengera zokha zomwe zili mu mafayilo a PE, kuphatikiza ma initrds, kusaina zithunzi za kernel, kupanga zithunzi zophatikizika ndi sbsign, heuristics pozindikira kernel uname, kuyang'ana chithunzi chokhala ndi splash screen ndikuwonjezera mfundo zosainidwa za PCR zopangidwa ndi systemd-measure utility.
  • Thandizo lowonjezera la malo a initrd osawerengeka ndi kuyika kwa kukumbukira, komwe kumagwiritsidwa ntchito m'malo mwa tmpfs. Pazigawo zotere, systemd sichichotsa mafayilo onse mu initrd mutasintha mizu yamafayilo.
  • Gawo la "OpenFile" lawonjezedwa kuzinthu zotsegula mafayilo osasunthika pamafayilo (kapena kulumikiza ku sockets za Unix) ndikupereka zofotokozera zomwe zikugwirizana ndi zomwe zakhazikitsidwa (mwachitsanzo, mukafuna kukonza mwayi wopeza fayilo ya utumiki wopanda mwayi popanda kusintha ufulu wofikira ku fayilo) .
  • Mu systemd-cryptenroll, polembetsa makiyi atsopano, ndizotheka kumasula magawo obisika pogwiritsa ntchito ma tokeni a FIDO2 (-unlock-fido2-device) osafuna mawu achinsinsi. Nambala ya PIN yodziwika ndi wogwiritsa ntchito imasungidwa ndi mchere kuti ivutitse kuzindikira zankhanza.
  • Zowonjezera ReloadLimitIntervalSec ndi ReloadLimitBurst zoikamo, komanso zosankha za mzere wa kernel (systemd.reload_limit_interval_sec ndi /systemd.reload_limit_burst) kuti muchepetse kukula kwa ndondomeko yakumbuyo kuyambiranso.
  • Kwa mayunitsi, njira ya "MemoryZSwapMax" yakhala ikugwiritsidwa ntchito kuti ikonze memory.zswap.max katundu, zomwe zimatsimikizira kukula kwa zswap.
  • Kwa mayunitsi, njira ya "LogFilterPatterns" yakhazikitsidwa, yomwe imakulolani kuti muyike mawu okhazikika kuti musefa zomwe zimachokera ku chipika (chikhoza kugwiritsidwa ntchito kuchotsa zotuluka zina kapena kusunga deta yokha).
  • Magawo a Scope tsopano amathandizira makonda a "OOMPolicy" kuti akhazikitse zomwe akuchita poyesa kusamalidwa pomwe kukumbukira kuli kochepa (gawo lolowera limayikidwa OOMPolicy=pitilizani kuti wakupha OOM asawathetse mwamphamvu).
  • Mtundu watsopano wa ntchito wafotokozedwa - "Type=notify-reload", womwe umakulitsa mtundu wa "Type=notify" ndikutha kudikirira kuti siginecha yoyambitsanso imalize kukonza (SIGHUP). Services systemd-networkd.service, systemd-udevd.service ndi systemd-logind zasamutsidwa ku mtundu watsopano.
  • udev imagwiritsa ntchito njira yatsopano yopangira mayina pazida zama netiweki, kusiyana kwake ndikuti pazida za USB zomwe sizimangiriridwa pa basi ya PCI, ID_NET_NAME_PATH tsopano yakhazikitsidwa kuti zitsimikizire mayina odziwika bwino. Wogwiritsa '-=' wakhazikitsidwa pazosintha za SYMLINK, kusiya maulalo ophiphiritsa osakhazikika ngati lamulo lowonjezera lidafotokozedwa kale.
  • Mu systemd-boot, kufalitsa mbewu kwa pseudo-random manambala jenereta mu kernel ndi disk backend kwakonzedwanso. Thandizo lowonjezera pakukweza kernel osati kuchokera ku ESP (EFI System Partition), mwachitsanzo, kuchokera ku firmware kapena mwachindunji kwa QEMU. Kuyika kwa magawo a SMBIOS kumaperekedwa kuti mudziwe zoyambira m'malo owoneka bwino. Njira yatsopano ya 'ngati-otetezedwa' yakhazikitsidwa momwe satifiketi ya UEFI Secure Boot imakwezedwa kuchokera ku ESP pokhapokha ngati ikuwoneka kuti ndi yotetezeka (imayenda pamakina enieni).
  • Dongosolo la bootctl limagwiritsa ntchito kupanga ma tokeni pamakina onse a EFI, kupatula malo owoneka bwino. Malamulo owonjezera a 'kernel-identify' ndi 'kernel-inspect' kuti awonetse mtundu wa chithunzi cha kernel ndi chidziwitso chokhudza zosankha za mzere wa malamulo ndi mtundu wa kernel, 'unlink' kuchotsa fayilo yokhudzana ndi mtundu woyamba wa zolemba za boot, 'cleanup' kuchotsa zonse. mafayilo ochokera ku "entry-token" directory mu ESP ndi XBOOTLDR, osagwirizanitsidwa ndi mtundu woyamba wa zolemba za boot. Kusintha kwa KERNEL_INSTALL_CONF_ROOT kwaperekedwa.
  • Lamulo la 'systemctl list-dependencies' tsopano likuthandizira kukonza zosankha za '--type' ndi '--state', ndipo lamulo la 'systemctl kexec' limawonjezera kuthandizira madera motengera Xen hypervisor.
  • M'mafayilo a .network mu gawo la [DHCPv4], chithandizo cha SocketPriority ndi QuickAck, RouteMetric=high|medium|zosankha zotsika tsopano zawonjezedwa.
  • Zosankha zowonjezera za Systemd "--include-partitions", "--exclude-partitions" ndi "--defer-partitions" kuti zisefe magawo amtundu wa UUID, omwe, mwachitsanzo, amakulolani kuti mupange zithunzi zomwe gawo limodzi lili. yomangidwa potengera zomwe zili mugawo lina . Anawonjezeranso kusankha "--sector-size" kuti afotokoze kukula kwa gawo lomwe amagwiritsidwa ntchito popanga magawo. Thandizo lowonjezera pakupanga mafayilo a erofs. Kusintha kwa Minimize kumagwiritsa ntchito kusintha kwa mtengo "wabwino kwambiri" kuti musankhe kukula kwachithunzi kotheka.
  • systemd-journal-remote imalola kugwiritsa ntchito MaxUse, KeepFree, MaxFileSize ndi MaxFiles zoikamo kuti achepetse kugwiritsa ntchito malo a disk.
  • systemd-cryptsetup imawonjezera chithandizo chotumizira zopempha mwachangu ku ma tokeni a FIDO2 kuti adziwe kupezeka kwawo asanatsimikizidwe.
  • Magawo atsopano tpm2-measure-bank ndi tpm2-measure-pcr awonjezedwa ku crypttab.
  • systemd-gpt-auto-jenereta imagwiritsa ntchito kuyika magawo a ESP ndi XBOOTLDR mumitundu ya "noexec,nosuid,nodev", komanso imawonjezera zowerengera za rootfstype ndi rootflags zomwe zidadutsa pamzere wolamula wa kernel.
  • systemd-resolved imapereka mwayi wokonza zosintha pofotokoza dzina la nameserver, domain, network.dns ndi network.search_domains options pa mzere wa lamulo la kernel.
  • Lamulo la "systemd-analyze plot" tsopano limatha kutulutsa mumtundu wa JSON pofotokoza mbendera ya "-json". Zosankha zatsopano "--table" ndi "-no-legend" zawonjezedwa kuti ziwongolere zotuluka.
  • Mu 2023, tikukonzekera kuthetsa kuthandizira magulu a v1 ndi magawo ogawa (komwe / usr amaikidwa mosiyana ndi muzu, kapena / bin ndi / usr / bin, / lib ndi / usr / lib amalekanitsidwa).

Source: opennet.ru

Kuwonjezera ndemanga