ProHoster > Blog > internet nhau > systemd system maneja kuburitswa 251

systemd system maneja kuburitswa 251

Mushure memwedzi mishanu yebudiriro, kuburitswa kwesystem maneja systemd 251 kunoratidzwa.

Shanduko huru:

  • Zvido zveSistimu zvawedzerwa. Iyo shoma inotsigirwa Linux kernel vhezheni yakawedzerwa kubva 3.13 kusvika 4.15. CLOCK_BOOTTIME timer inodiwa kuti ushande. Kuti uvake, unoda compiler inotsigira C11 standard uye GNU extensions (iyo C89 standard inoramba ichishandiswa kwemafaira emusoro).
  • Yakawedzera chiyedzo chekushandisa systemd-sysupdate kuti ione otomatiki, kurodha uye kuisa zvigadziriso uchishandisa atomu nzira yekutsiva zvikamu, mafaera kana madhairekitori (aviri akazvimirira mapartitions/mafaira/dhairekitori anoshandiswa, imwe yacho ine yazvino yekushanda sosi, uye imwe yekuisa. iyo inotevera yekuvandudza, mushure mezvo zvikamu / mafaera / madhairekitori anotsinhaniswa).
  • Yakaunza nyowani yemukati yakagovaniswa raibhurari libsystemd-core- .so, iyo yakaiswa mu /usr/lib/systemd/system dhairekitori uye inoenderana neiripo libsystemd-shared- library. .saka. Kushandisa iyo libsystemd-core- yakagovaniswa raibhurari .so inokutendera kuti uderedze saizi yese yekuisa nekushandisazve binary kodhi. Nhamba yevhezheni inogona kutsanangurwa kuburikidza neiyo 'yakagoverwa-lib-tag' paramende mune meson kuvaka system uye inobvumira kugovera kutumira akawanda mavhezheni emaraibhurari aya panguva imwe chete.
  • Yakaitwa kuchinjisa nharaunda $MONITOR_SERVICE_RESULT, $MONITOR_EXIT_CODE, $MONITOR_EXIT_STATUS, $MONITOR_INVOCATION_ID uye $MONITOR_UNIT kubva kuruzivo rwechikamu chakatariswa kuenda kune OnFailure/OnSuccess handlers.
  • Kumayuniti, iyo ExtensionDirectories set yakaitwa, iyo inogona kushandiswa kuronga kurodha kweSystem Extension components kubva kumadhairekitori enguva dzose, pane dhisiki mifananidzo. Zviri mukati meiyo system yekuwedzera dhairekitori zvakafukidzwa uchishandisa OverlayFS uye zvinoshandiswa kuwedzera hierarchy ye / usr/ uye / opt/ madhairekitori, uye kuwedzera mamwe mafaera panguva yekumhanya, kunyangwe akati madhairekitori akaiswa kuverenga-chete. Murairo we'portablectl attach --extension=' wawedzerawo rutsigiro rwekutsanangura dhairekitori.
  • Kune mayunitsi anomanikidzwa kugumiswa nesystemd-oomd mubato nekuda kwekushaikwa kwendangariro musystem, iyo 'oom-kuuraya' hunhu hunofambiswa uye huwandu hwekumanikidzwa kugumiswa hunoratidzwa mune 'user.oomd_ooms' hunhu.
  • Kumayuniti, mitsva yenzira inofananidzira %y/%Y yakawedzerwa, inoratidza nzira yakajairwa kuyuniti (nekuwedzera kwezviratidzo zvinongedzo). Zvawedzerwawo %q zvinotsanangurwa zvekutsiva PRETTY_HOSTNAME kukosha uye %d yeCREDENTIALS_DIRECTORY inotsiva.
  • Mumasevhisi asina kurongeka akatangwa nemushandisi akajairwa uchishandisa "--mushandisi" mureza, shanduko kune marootDirectory, MountAPIVFS, ExtensionDirectories, *Capabilities*, ProtectHome, *Directory, TemporaryFileSystem, PrivateTmp, PrivateDevices, PrivateNetwork, NetworkNamespacePath, PrivateIPCNameIPC, , PrivateUsers, ProtectClock inobvumirwa, ProtectKernelTunables, ProtectKernelModules, ProtectKernelLogs uye MountFlags. Ichi chimiro chinowanikwa chete kana nzvimbo dzemazita dzevashandisi dzagoneswa muhurongwa.
  • Iyo LoadCredential setting inobvumira zita redhairekitori kuti ritsanangurwe senharo, apo panoedza kurodha zvitupa kubva kumafaira ese ari mudhairekitori rataurwa.
  • Mu systemctl, mune "-timestamp" parameter, zvakave zvichiita kudoma "unix" mureza kuratidza nguva mu epochal fomati (nhamba yemasekonzi kubvira Ndira 1, 1970).
  • Iyo "systemctl chimiro" inoshandisa iyo "yekare-kernel" mureza, iyo inoratidzwa kana kernel yakarodha muchikamu iine yekare vhezheni nhamba kupfuura base kernel inowanikwa muhurongwa. Yakawedzerawo mureza we "unmerged-usr" kuona kuti zviri mukati me /bin/ uye /sbin/ madhairekitori hazvina kuumbwa kuburikidza nesymlink ku /usr.
  • Kune majenareta akatangwa nePID 1 maitiro, mitsva yemamiriro ekunze anopihwa: $SYSTEMD_SCOPE (kutanga kubva kune system kana sevhisi yemushandisi), $SYSTEMD_IN_INITRD (kutanga kubva kune initrd kana nharaunda yekutambira), $SYSTEMD_FIRST_BOOT (yekutanga bhutsu chiratidzo), $SYSTEMD_VIRTUALIZATION ( kuvapo kwe virtualization kana kuvhura mumudziyo) uye $SYSTEMD_ARCHITECTURE (iyo dhizaini yakavakirwa kernel).
  • Iyo PID 1 mubato inoshandisa kugona kurodha system credential parameters kubva kuQEMU fw_cfg interface kana nekutsanangura systemd.set_credential parameter pamutsara wekuraira kernel. Iyo LoadCredential dhairekitori inopa otomatiki kutsvaga kwezvitupa mu /etc/credstore/, /run/credstore/ uye/usr/lib/credstore/ madhairekitori kana nzira yehukama yatsanangurwa senharo. Maitiro akafanana anoshanda kune iyo LoadCredentialEncrypted dhairekitori, iyo zvakare inotarisa iyo /etc/credstore.encrypted/, /run/credstore.encrypted/ uye /usr/lib/credstore.encrypted/ madhairekitori.
  • Iko kugona kutumira kunze muJSON fomati yakagadziriswa mu systemd-journald. Iyo "journalctl --list-boots" uye "bootctl list" inoraira ikozvino inotsigira kubuda muJSON fomati (iyo "--json" mureza).
  • Mafaira matsva ane hwdb dhatabhesi akawedzerwa kune udev, ane ruzivo nezve inotakurika zvishandiso (PDAs, Calculator, nezvimwewo) uye zvishandiso zvinoshandiswa kugadzira ruzha nevhidhiyo (DJ consoles, keypads).
  • Sarudzo nyowani "-prioritized-subsystem" yakawedzerwa kune udevadm kuseta kukosha kweanotevera masisitimu (anoshandiswa mu systemd-udev-trigger.service kugadzirisa block zvishandiso uye TPMs kutanga), "-type = zvese", "-yakatanga -match" uye "--initialized-nomatch" kusarudza zvishandiso zvakatangwa kana zvisina uninitialized, "udevadm info -tree" kuratidza muti wezvinhu mu /sys/ hierarchy. udevadm inowedzerawo mitsva "kumirira" uye "kiya" mirairo yekumirira kuti yekupinda mudziyo ioneke mudhatabhesi uye kukiya mudziyo wekuvharira paunenge uchifomati kana kunyora tafura yekugovera.
  • Yakawedzera seti nyowani yezviratidzo zvinongedzo kumidziyo /dev/disk/by-diskseq/ kuona block zvishandiso ne serial nhamba ("diskseq").
  • Yakawedzera tsigiro ye "Firmware" parameter ku .link mafaira muchikamu che [Match] yekufananidza mudziyo nemutsara nerondedzero ye firmware.
  • Musystemd-networkd, kune unicast nzira dzakagadziridzwa kuburikidza ne[Route] chikamu, kukosha kwechiyero kwakashandurwa kuita "link" nekusarudzika kuti ienderane nemaitiro e "ip nzira" yekuraira. Iyo Isolated=true|enhema parameter yawedzerwa kuchikamu che[Bridge] kugadzirisa hunhu hwezita rimwechete remabhiriji enetiweki mukernel. Muchikamu che [Tunnel], iyo External parameter yakawedzerwa kuseta rudzi rwenzira kune kunze (metadata yekuunganidza maitiro). Muchikamu che [DHHCPServer], BootServerName, BootServerAddress neBootFilename parameters dzawedzerwa kugadzirisa kero yeseva, zita reseva uye zita rebhuti refaira rinotumirwa neDHCP server paunenge uchitanga muPXE mode. Muchikamu che [Network], L2TP parameter yakabviswa, panzvimbo iyo mune .netdev mafaira unogona kushandisa itsva Local setting maererano neL2TP interface.
  • Yakawedzera new unit "systemd-networkd-wait-online@" .service", iyo inogona kushandiswa kumirira chaiyo network interface kuti iuye.
  • Izvozvi zvinogoneka kushandisa .netdev mafaira kugadzira chaiwo WLAN zvishandiso, izvo zvinogona kugadzirwa muchikamu che [WLAN].
  • Mumafaira e.link/.network, chikamu che[Match] chinoshandisa Kind parameter kuti ienzaniswe nemhando yemudziyo (β€œbond”, β€œbridge”, β€œgre”, β€œtun”, β€œveth”).
  • Systemd-yakagadziriswa yakatangwa pane yekutanga bhutsu nhanho, kusanganisira kutanga kubva initrd kana systemd-yakagadziriswa iripo mumufananidzo wekutanga.
  • systemd-cryptenroll inowedzera iyo --fido2-credential-algorithm sarudzo yekusarudza iyo credential encryption algorithm uye --tpm2-ne-pini sarudzo yekudzora yePIN yekupinda kana uchivhura chikamu uchishandisa TPM. Imwe yakafanana tpm2-pin sarudzo yakawedzerwa kune /etc/crypttab. Kana uchivhura zvishandiso kuburikidza neTPM, marongero akavharidzirwa kuti adzivirire kubva pakubatwa kwemakiyi ekuvharira.
  • systemd-timesyncd inowedzera D-Bus API yekutora zvine simba ruzivo kubva kune NTP server kuburikidza neIPC.
  • Kuti uone kudiwa kwekubuda kweruvara, mirairo yese shandisa cheki yeCOLORTERM nharaunda inoshanduka kuwedzera kune yakaongororwa kare NO_COLOR, SYSTEMD_COLORS uye TERM.
  • Iyo Meson kuvaka sisitimu inoshandisa iyo yekumisa_tag sarudzo yekusarudza kusangana uye kuisirwa zvinhu zvinodiwa: pam, nss, devel (pkg-config), systemd-boot, libsystemd, libudev. Yakawedzera kuvaka sarudzo default-kumanikidza kusarudza compression algorithm ye systemd-journald uye systemd-coredump.
  • Yakawedzera kuyedza "reboot-for-bitlocker" kuseta kune sd-boot muloader.conf kubhuya Microsoft Windows neBitLocker TPM.

Source: opennet.ru

Voeg