diff options
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 16 |
1 files changed, 16 insertions, 0 deletions
@@ -18,6 +18,22 @@ CHANGES WITH 253 in spe: For more details, see: https://lists.freedesktop.org/archives/systemd-devel/2022-September/048352.html + * We intend to change behaviour w.r.t. units of the per-user service + manager and sandboxing options, so that they work without having to + manually enable PrivateUsers= as well, which is not required for + system units. To make this work, we will implicitly enable user + namespaces (PrivateUsers=yes) when a sandboxing option is enabled in a + user unit. The drawback is that system users will no longer be visible + (and appear as 'nobody') to the user unit when a sandboxing option is + enabled. By definition a sandboxed user unit should run with reduced + privileges, so impact should be small. This will remove a great source + of confusion that has been reported by users over the years, due to + how these options require an extra setting to be manually enabled when + used in the per-user service manager, as opposed as to the system + service manager. We plan to enable this change in the next release + later this year. For more details, see: + https://lists.freedesktop.org/archives/systemd-devel/2022-December/048682.html + Deprecations and incompatible changes: * systemctl will now warn when invoked without /proc/ mounted |