summaryrefslogtreecommitdiff
path: root/NEWS
Commit message (Collapse)AuthorAgeFilesLines
* Fixup typo in NEWSSlava Kardakov2019-12-031-1/+1
|
* NEWS: update for final 244Lennart Poettering2019-11-291-22/+24
|
* NEWS: add contributors for v244Zbigniew Jędrzejewski-Szmek2019-11-221-1/+25
|
* update NEWSLennart Poettering2019-11-201-0/+13
|
* Merge pull request #14074 from keszybz/rename-system-optionsZbigniew Jędrzejewski-Szmek2019-11-201-2/+2
|\ | | | | Rename system-options
| * Rename "system-options" to "systemd-efi-options"Zbigniew Jędrzejewski-Szmek2019-11-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This makes the naming more consistent: we now have bootctl systemd-efi-options, $SYSTEMD_EFI_OPTIONS and the SystemdOptions EFI variable. (SystemdEFIOptions would be redundant, because it is only used in the context of efivars, and users don't interact with that name directly.) bootctl is adjusted to use 2sp indentation, similarly to systemctl and other programs. Remove the prefix with the old name from 'bootctl systemd-efi-options' output, since it's redundant and we don't want the old name anyway.
| * NEWS: fix antique typoZbigniew Jędrzejewski-Szmek2019-11-181-1/+1
| |
* | NEWS: SendRawOption= -> SendOption=Yu Watanabe2019-11-191-1/+1
|/
* NEWS: more itemsZbigniew Jędrzejewski-Szmek2019-11-161-16/+40
| | | | Also reorder some entries to restore the grouping by subject.
* Merge pull request #13961 from mwilck/udev-no-exit-timeoutZbigniew Jędrzejewski-Szmek2019-11-131-0/+11
|\ | | | | udevd: wait for workers to finish when exiting
| * udevd: wait for workers to finish when exitingMartin Wilck2019-11-121-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On some systems with lots of devices, device probing for certain drivers can take a very long time. If systemd-udevd detects a timeout and kills the worker running modprobe using SIGKILL, some devices will not be probed, or end up in unusable state. The --event-timeout option can be used to modify the maximum time spent in an uevent handler. But if systemd-udevd exits, it uses a different timeout, hard-coded to 30s, and exits when this timeout expires, causing all workers to be KILLed by systemd afterwards. In practice, this may lead to workers being killed after significantly less time than specified with the event-timeout. This is particularly significant during initrd processing: systemd-udevd will be stopped by systemd when initrd-switch-root.target is about to be isolated, which usually happens quickly after finding and mounting the root FS. If systemd-udevd is started by PID 1 (i.e. basically always), systemd will kill both udevd and the workers after expiry of TimeoutStopSec. This is actually better than the built-in udevd timeout, because it's more transparent and configurable for users. This way users can avoid the mentioned boot problem by simply increasing StopTimeoutSec= in systemd-udevd.service. If udevd is not started by systemd (standalone), this is still an improvement. udevd will kill hanging workers when the event timeout is reached, which is configurable via the udev.event_timeout= kernel command line parameter. Before this patch, udevd would simply exit with workers still running, which would then become zombie processes. With the timeout removed, the sd_event_now() assertion in manager_exit() can be dropped.
* | core: change top-level drop-in from -.service.d to service.dAnita Zhang2019-11-071-4/+3
|/ | | | | | | | | | Discussed in #13743, the -.service semantic conflicts with the existing root mount and slice names, making this feature not uniformly extensible to all types. Change the name to be <type>.d instead. Updating to this format also extends the top-level dropin to unit types.
* NEWS: mention NetworkEmulatorDuplicateRate= settingYu Watanabe2019-11-011-1/+2
|
* add other worthy newsChristian Rebischke2019-10-311-0/+3
| | | | | | | | | I think we can mention that systemd-resolved is able to validate IP address certificates and prefer TLS 1.3 before TLS 1.2 now. Also the `machinectl reboot` command actually works now. Signed-off-by: Christian Rebischke <chris@nullday.de>
* NEWS: fix two typosZbigniew Jędrzejewski-Szmek2019-10-301-2/+2
|
* NEWS: fix option nameYu Watanabe2019-10-301-1/+1
|
* NEWS: start preparations for v244Zbigniew Jędrzejewski-Szmek2019-10-301-0/+149
|
* mailmap: add entry to fix authorship of commitZbigniew Jędrzejewski-Szmek2019-10-211-1/+1
| | | | | 471cffcfb0e005b7c4044b3b52cc4f25d217efac was committed on a debug VM where I didn't have git set up properly.
* Update NEWS for v243v243Zbigniew Jędrzejewski-Szmek2019-09-031-2/+12
|
* NEWS: update contributors listZbigniew Jędrzejewski-Szmek2019-09-031-10/+11
|
* docs: new systemd-security mailing listZbigniew Jędrzejewski-Szmek2019-08-301-0/+4
| | | | | | | | | | | | | | | | | | | | In the past, we asked people to open a security bug on one of the "big" distros. This worked OK as far as getting bugs reported and notifying some upstream developers went. But we always had trouble getting information to all the appropriate parties, because each time a bug was reported, a big thread was created, with a growing CC list. People who were not CCed early enough were missing some information, etc. To clean this up, we decided to create a private mailing list. The natural place would be freedesktop.org, but unfortunately the request to create a mailing list wasn't handled (https://gitlab.freedesktop.org/freedesktop/freedesktop/issues/134). And even if it was, at this point, if there was ever another administrative issue, it seems likely it could take months to resolve. So instead, we asked for a list to be created on the redhat mailservers. Please consider the previous security issue reporting mechanisms rescinded, and send any senstive bugs to systemd-security@redhat.com.
* NEWS: update contributors listv243-rc2Zbigniew Jędrzejewski-Szmek2019-08-221-24/+28
|
* cgroup: Also set io.bfq.weightKai Krakow2019-08-201-0/+3
| | | | | | | | | | | | Current kernels with BFQ scheduler do not yet set their IO weight through "io.weight" but through "io.bfq.weight" (using a slightly different interface supporting only default weights, not per-device weights). This commit enables "IOWeight=" to just to that. This patch may be dropped at some time later. Github-Link: https://github.com/systemd/systemd/issues/7057 Signed-off-by: Kai Krakow <kai@kaishome.de>
* NEWS: Remove DisableControllers from v243Chris Down2019-07-311-4/+0
| | | | We already released this in v240 and had a NEWS entry then.
* NEWS: more entries and some rewordingsZbigniew Jędrzejewski-Szmek2019-07-301-63/+93
|
* Merge pull request #13219 from poettering/named-exit-codes-tweaksZbigniew Jędrzejewski-Szmek2019-07-301-3/+3
|\ | | | | quick follow-up for the symbolic exit status PR #13207
| * analyze: rename "exit-codes" to "exit-status"Lennart Poettering2019-07-291-3/+3
| | | | | | | | | | | | waitid(2) and the libc function signature calls this "exit status", and uses "exit code" for something different. Let's stick to the same nomenclature hence.
* | update TODOLennart Poettering2019-07-301-5/+15
|/
* Merge pull request #13207 from keszybz/symbolic-exit-code-namesLennart Poettering2019-07-291-0/+5
|\ | | | | Symbolic exit code names
| * NEWS: add entry about exit status changesZbigniew Jędrzejewski-Szmek2019-07-291-0/+5
| |
* | more 243 newsLennart Poettering2019-07-291-20/+51
| |
* | news corrections and improvements (#13200)Clinton Roy2019-07-291-35/+36
|/ | | | | | | | * missing whitespace. * NEWS: some small fixes (?) and improvements (???). * a number of small corrections and (hopefully) improvements
* Merge pull request #13191 from poettering/sysctl-no-failZbigniew Jędrzejewski-Szmek2019-07-261-0/+12
|\ | | | | allow sysctl assignments to fail
| * NEWS: mention the new sysctl.d/ - prefixLennart Poettering2019-07-261-0/+3
| |
| * Revert "Revert "sysctl: Enable ping(8) inside rootless Podman containers""Lennart Poettering2019-07-261-0/+9
| | | | | | | | | | | | | | This reverts commit be74f51605b4c7cb74fec3a50cd13b67598a8ac1. Let's add this again. With the new sysctl "-" thing we can make this work.
* | Merge pull request #13188 from yuwata/news-igmp-versionLennart Poettering2019-07-261-1/+3
|\ \ | | | | | | network: rename `IGMPVersion=` to `MulticastIGMPVersion=`
| * | NEWS: mention Bridge.MulticastIGMPVersion=Yu Watanabe2019-07-261-1/+3
| | |
* | | NEWS: mention SpeedMeter=Yu Watanabe2019-07-261-0/+4
| |/ |/|
* | Revert "sysctl: Enable ping(8) inside rootless Podman containers"Evgeny Vereshchagin2019-07-261-9/+0
|/ | | | | | This reverts commit 90ce7627dfe824ff6e7c0ca5f96350fbcfec7118. See https://github.com/systemd/systemd/issues/13177#issuecomment-514931461
* update NEWS with more recently commited stuffLennart Poettering2019-07-241-20/+37
|
* sysctl: Enable ping(8) inside rootless Podman containersDebarshi Ray2019-07-241-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | This makes ping(8) work without CAP_NET_ADMIN and CAP_NET_RAW because those aren't effective inside rootless Podman containers. It's quite useful when using OSTree based operating systems like Fedora Silverblue, where development environments are often set up using rootless Podman containers with helpers like Toolbox [1]. Not having a basic network utility like ping(8) work inside the development environment can be inconvenient. See: https://lwn.net/Articles/422330/ http://man7.org/linux/man-pages/man7/icmp.7.html https://github.com/containers/libpod/issues/1550 The upper limit of the range of group identifiers is set to 2147483647, which is 2^31-1. Values greater than that get rejected by the kernel because of this definition in linux/include/net/ping.h: #define GID_T_MAX (((gid_t)~0U) >> 1) That's not so bad because values between 2^31 and 2^32-1 are reserved on systemd-based systems anyway [2]. [1] https://github.com/debarshiray/toolbox [2] https://systemd.io/UIDS-GIDS.html#summary
* NEWS: more additions in preparation von v243Lennart Poettering2019-07-231-12/+58
|
* NEWS: bullet point for ExecCondition=Anita Zhang2019-07-171-0/+6
|
* resolved: switch cache option to a tri-state option (systemd#5552).Jorge Niedbalski2019-07-171-0/+7
| | | | | | | | | | | | | Change the resolved.conf Cache option to a tri-state "no, no-negative, yes" values. If a lookup returns SERVFAIL systemd-resolved will cache the result for 30s (See 201d995), however, there are several use cases on which this condition is not acceptable (See systemd#5552 comments) and the only workaround would be to disable cache entirely or flush it , which isn't optimal. This change adds the 'no-negative' option when set it avoids putting in cache negative answers but still works the same heuristics for positive answers. Signed-off-by: Jorge Niedbalski <jnr@metaklass.org>
* NEWS: update section nameYu Watanabe2019-07-161-1/+1
|
* Update NEWSBoucman2019-07-141-3/+3
|
* NEWS: add some notes for v243Lennart Poettering2019-07-141-13/+190
| | | | Let's get this ball rolling.
* NEWS: mention that the libidn2 is used by defaultYu Watanabe2019-06-291-0/+3
|
* docs: fix typos and duplicate wordsMichael Prokop2019-06-271-2/+2
| | | | | | | | | s/and and/and/ s/explicity/explicitly/ s/that that/that/ s/the the/the/ s/is is/it is/ s/overriden/overridden/
* core: introduce NUMAPolicy and NUMAMask optionsMichal Sekletar2019-06-241-0/+6
| | | | | | | | | | | | | Make possible to set NUMA allocation policy for manager. Manager's policy is by default inherited to all forked off processes. However, it is possible to override the policy on per-service basis. Currently we support, these policies: default, prefer, bind, interleave, local. See man 2 set_mempolicy for details on each policy. Overall NUMA policy actually consists of two parts. Policy itself and bitmask representing NUMA nodes where is policy effective. Node mask can be specified using related option, NUMAMask. Default mask can be overwritten on per-service level.