ProHoster > Blog > litaba tsa inthanete > Tsamaiso ea tsamaiso ea systemd e lokolloa 244

Tsamaiso ea tsamaiso ea systemd e lokolloa 244

Ka mor'a likhoeli tse tharo tsa tsoelo-pele hlahisoa ho lokolloa ha mookameli oa tsamaiso tsamaiso 244.

Liphetoho tse kholo:

  • Ts'ehetso e ekelitsoeng bakeng sa molaoli oa lisebelisoa tsa cpuset tse ipapisitseng le li-cgroups v2, tse fanang ka mokhoa oa ho tlama li-CPU tse itseng (setting ea "AllowedCPUs") le node tsa memori tsa NUMA (setting ea "AllowedMemoryNodes");
  • Ts'ehetso e ekelitsoeng bakeng sa ho kenya litlhophiso ho tsoa ho SystemdOptions EFI e feto-fetohang bakeng sa tlhophiso ea systemd, e u lumellang hore u iketsetse boits'oaro ba systemd maemong ao ho feto-fetoha ha mela ea taelo ea kernel e leng bothata mme tlhophiso e tsoang ho disk e baloa morao haholo (mohlala, ha o hloka ho hlophisa likhetho. e amanang le bolaodi ba sehlopha). Ho beha phapang ho EFI, o ka sebelisa taelo ea 'bootctl systemd-efi-options';
  • Tšehetso e kentsoeng bakeng sa ho kenya litlhophiso tsa "{unit_type}.d/" tse amanang le mefuta ea liyuniti (mohlala, "service.d/"), e ka sebelisoang ho kenya litlhophiso tse koahelang lifaele tsohle tsa mofuta o itseng ho hang;
  • Bakeng sa likarolo tsa lits'ebeletso, mokhoa o mocha oa ho itšehla thajana oa "sandbox" o kentsoe ProtectKernelLogs, e u lumellang hore u hane phihlello ea lenaneo ho kernel log buffer, e fumanehang ka mohala oa sistimi ea syslog (e se ke ea ferekanngoa le API ea lebitso le tšoanang le fanoeng ho libc). Haeba mokhoa o kentsoe tšebetsong, phihlello ea ts'ebeliso ho /proc/kmsg, /dev/kmsg le CAP_SYSLOG e tla thibeloa;
  • Bakeng sa li-unit, ho entsoe tlhahiso ea "RestartKillSignal", e u lumellang hore u hlalose palo ea lets'oao le sebelisitsoeng ho emisa ts'ebetso nakong ea ho qala mosebetsi (o ka fetola boitšoaro ba ho emisa ts'ebetso sethaleng sa ho itokisetsa ho qala bocha);
  • Taelo ea "systemctl clean" e fetotsoe hore e sebelisoe ka socket, mount, le swap units;
  • Qalong ea ho kenya, lithibelo tse mabapi le matla a tlhahiso ea kernel ea melaetsa ka mohala oa printk lia koaloa, e leng se lumellang hore li-log tse feletseng mabapi le tsoelo-pele ea ho kenya li bokelloe nakong eo polokelo ea log e e-s'o hokahane. e bokeletsoeng ka har'a lesakana la kernel). Ho beha meeli ea printk ho tloha moleng oa taelo ea kernel ho nka pele 'me ho u lumella ho tlōla boitšoaro ba tsamaiso. Mananeo a Systemd a hlahisang ka ho toba li-logs ho /dev/kmsg (sena se etsoa feela qalong ea mohato oa boot) sebelisa lithibelo tse arohaneng tsa ka hare ho sireletsa khahlanong le buffer clog;
  • Taelo ea 'stop --job-mode=triggering' e kenyelelitsoe ho systemctl utility, e leng se u lumellang hore u emise li-unit tse peli tse boletsoeng molaong oa taelo le lihlopha tsohle tse ka li bitsang;
  • Lintlha tsa unit state hona joale li kenyelletsa tlhahisoleseling mabapi le ho letsetsa le ho bitswa diyuniti;
  • Hoa khoneha ho sebelisa "RuntimeMaxSec" ho li-unit tsa scope (pele e ne e sebelisoa feela likarolong tsa tšebeletso). Mohlala, "RuntimeMaxSec" joale e ka sebelisoa ho fokotsa nako ea linako tsa PAM ka ho theha yuniti ea scope.
    bakeng sa akhaonto ea mosebedisi. Moeli oa nako o ka boela oa behoa ka khetho ea systemd.runtime_max_sec ho li-parameter tsa module ea pam_systemd PAM;

  • E kentse sehlopha se secha sa mehala ea sistimi "@pkey", ha o fokotsa lijana le lits'ebeletso, ho nolofatsa li-call tsa sistimi tse amanang le ts'ireletso ea mohopolo;
  • E kentse folakha ea "w+" ho systemd-tmpfiles bakeng sa ho ngola ka mokhoa oa append file;
  • Tlhahisoleseding e ekelitsoeng ho systemd-analyse sephetho mabapi le hore na tlhophiso ea kernel memory e lumellana le litlhophiso tsa systemd (mohlala, haeba lenaneo le leng la motho oa boraro le fetotse liparamente tsa kernel);
  • Khetho ea "-base-time" e kenyellelitsoe ho systemd-analyze, ha e hlalositsoe, data ea almanaka e baloa ho latela nako e boletsoeng khethong ena, mme ha e amane le nako ea sistimi ea hajoale;
  • "Journalctl -update-catalogue" e netefatsa ho tsitsisa tatellano ea likarolo tse hlahisoang (tse molemo bakeng sa ho hlophisa meaho e ka phetoang);
  • E kentse bokhoni ba ho hlakisa boleng ba kamehla bakeng sa "WatchdogSec" e sebelisoang lits'ebeletso tsa systemd. Ka nako ea ho bokella, boleng ba motheo bo ka khethoa ka khetho ea "-Dservice-watchdog" (haeba e behiloe ho hloka letho, watchdog e tla holofala);
  • Khetho ea ho aha "-Duser-path" e kenyellelitsoeng ho fetisa boleng ba $ PATH;
  • E kenyellelitsoe "-u" ("--uuid") khetho ho systemd-id128 ho hlahisa li-identifiers tsa 128-bit ho UUID (kemelo ea canonical ea UUID);
  • Ho aha hona joale ho hloka bonyane mofuta oa libcryptsetup 2.0.1.

Liphetoho tse amanang le litlhophiso tsa marang-rang:

  • Systemd-networkd e kentse tšehetso bakeng sa ho lokisa sehokelo ho fofa, moo litaelo tsa "ho kenya hape" le "reconfigure DEVICE ..." li kentsoe ho networkctl ho kenya li-setting hape le ho lokisa lisebelisoa;
  • systemd-networkd e emisitse ho theha litsela tsa kamehla tsa lihokelo tsa lehae tsa IPv4 tse nang le liaterese tsa intranet 169.254.0.0/16 (Sehokelo-sebakeng). Nakong e fetileng, ho iketsetsa litsela tsa kamehla bakeng sa lihokelo tse joalo ho felletse ka boitšoaro bo sa lebelloang le mathata a litsela maemong a mang. Ho khutlisa boitšoaro ba khale, sebelisa "DefaultRouteOnDevice=yes" setting. Ka mokhoa o ts'oanang, kabelo ea liaterese tsa lehae tsa IPv6 e emisitsoe haeba tsela ea lehae ea IPv6 e sa lumelloa bakeng sa sehokelo;
  • Ho systemd-networkd, ha o hokela marang-rang a se nang mohala ka mokhoa oa ad-hoc, tlhophiso ea kamehla e kengoa ts'ebetsong ka aterese ea sebaka sa marang-rang (link-local);
  • Mekhahlelo e ekelitsoeng RxBufferSiz le TxBufferSize ho lokisa boholo ba li-buffers tsa ho amohela le ho romela tsa marang-rang;
  • systemd-networkd e kenya tšebetsong papatso ea litsela tse ling tsa IPv6, tse laoloang ka khetho ea Route le LifetimeSec karolong ea “[IPv6RoutePrefix]”;
  • systemd-networkd e kentse bokhoni ba ho lokisa litsela tsa "next hop" ka ho sebelisa likhetho tsa "Gateway" le "Id" karolong ea "[NextHop]";
  • systemd-networkd le networkctl bakeng sa DHCP li fana ka ntlafatso ea hang-hang ea likhokahano tsa liaterese tsa IP (liase), tse sebelisoang ke taelo ea 'networkctl renew';
  • systemd-networkd e netefatsa hore tlhophiso ea DHCP e setiloe bocha ha e qala hape (sebelisa khetho ea KeepConfiguration ho boloka litlhophiso). Boleng ba kamehla ba SendRelease setting bo fetotsoe ho "'nete";
  • Moreki oa DHCPv4 o netefatsa hore boleng ba khetho ea OPTION_INFORMATION_REFRESH_TIME bo rometsoeng ke sefara boa sebelisoa. Ho kopa likhetho tse ikhethileng ho tsoa ho seva, ho hlahisoa parameter ea "RequestOptions", le ho romella likhetho ho seva - "SendOption". Ho lokisa mofuta oa tšebeletso ea IP ka mofani oa DHCP, "IPServiceType" parameter e kenyelitsoe;
  • Ho nkela sebaka sa lenane la li-server tsa SIP (Session Initiation Protocol) bakeng sa li-server tsa DHCPv4, li-parameter tsa "EmitSIP" le "SIP" li kentsoe. Ka lehlakoreng la bareki, ho fumana li-parameter tsa SIP ho tswa ho seva ho ka khoneha ho sebelisa "UseSIP=e" setting;
  • E kentse "PrefixDelegationHint" paramethara ho moreki oa DHCPv6 ho kopa sehlohlolo sa aterese;
  • Lifaele tsa .network li fana ka ts'ehetso ea ho etsa 'mapa oa marang-rang a se nang mohala ka SSID le BSSID, mohlala, ho tlama lebitso la sebaka sa phihlello le aterese ea MAC. Litekanyetso tsa SSID le BSSID li bonts'oa tlhahiso ea networkctl bakeng sa li-interfaces tse se nang mohala. Ho feta moo, bokhoni ba ho bapisa ka mofuta oa marang-rang oa waelese bo kentsoe (parameter ea WLANInterfaceType);
  • systemd-networkd e kentse bokhoni ba ho hlophisa litloaelo tsa queuing ho laola sephethephethe ho sebelisa liparamente tse ncha tsa Batsoali,
    NetworkEmulatorDelaySec, NetworkEmulatorDelayJitterSec,
    NetworkEmulatorPacketLimit le NetworkEmulatorLossRate,
    NetworkEmulatorDuplicateRate karolong ea "[TrafficControlQueueingDiscipline]";

  • systemd-resolved e fana ka netefatso ea liaterese tsa IP ho setifikeiti ha o haha ​​ka GnuTLS.

liphetoho tse amanang le udev:

  • Systemd-udevd e tlositse nako ea ho koaloa ha 30 ea bobeli ho qobella batshwari ba manganga ho emisa. Hona joale Systemd-udevd e emetse ho phethoa ha lisebelisuoa tseo metsotsoana e 30 e neng e sa lekana ho phethela ts'ebetso ka tloaelo lits'ebetsong tse kholo (mohlala, ho qeta nako ho ka sitisa ho qalisoa ha mokhanni nakong ea ho chencha karohano e kentsoeng bakeng sa sistimi ea faele ea metso). Ha o sebelisa systemd, nako eo systemd-udevd e tla e emela pele e tsoa e ka hlophisoa ka litlhophiso tsa TimeoutStopSec ho systemd-udevd.service. Ha o sebetsa ntle le systemd, nako ea nako e laoloa ke parameter ea udev.event_timeout;
  • E kentse lenaneo la fido_id bakeng sa udev, e khethollang li-tokens tsa FIDO CTAP1
    ("U2F")/CTAP2 e ipapisitse le data mabapi le ts'ebeliso ea bona ea nakong e fetileng mme e bonts'a mefuta e hlokahalang ea tikoloho (lenaneo le u lumella ho etsa ntle le manane a kantle a masoeu a li-tokens tsohle tse tsebahalang tse neng li sebelisoa pele);

  • E kentse ts'ebetsong ea ho iketsetsa melao ea udev autosuspend bakeng sa lisebelisoa ho tsoa lethathamong le lesoeu le tsoang ho Chromium OS (phetoho e u lumella ho atolosa tšebeliso ea mekhoa ea ho boloka matla bakeng sa lisebelisoa tse eketsehileng);
  • Setlhophiso se secha sa "CONST{key}=value" se kentsoe ho udev ho lumella limmapa tsa boleng ba sistimi ka kotloloho ntle le ho tsamaisa li-check handlers tse arohaneng. Hajoale ke linotlolo tsa "arch" le "virt" feela tse tšehetsoang;
  • E nolofalitse CDROM hore e bulehe ka mokhoa o sa khetheheng ha o etsa ts'ebetso ea kopo bakeng sa mekhoa e tšehetsoeng (phetoho e rarolla mathata ka mananeo a fihlellang CDROM mme e fokotsa kotsi ea ho sitisoa ha mananeo a ho ngola a disk a sa sebeliseng mokhoa o ikhethileng oa phihlello).

Source: opennet.ru

Eketsa ka tlhaloso