From 3b288a2d2bec2a1c905e43af085fd6d3f5d82c91 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 13 Dec 2022 20:24:08 +0100 Subject: NEWS: add a bunch of entries for v253 During the call today we agreed to work towards -rc1 in January. Nevertheless, I already started writing this up and I'll push it so it doesn't get lost. I didn't include all the changes to systemd-repart, because those are still in flux. --- NEWS | 156 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 153 insertions(+), 3 deletions(-) (limited to 'NEWS') diff --git a/NEWS b/NEWS index a295a8ebe2..d9ae6604b6 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,62 @@ systemd System and Service Manager CHANGES WITH 253 in spe: + Deprecations and incompatible changes + + * systemctl will now warn when invoked without /proc mounted (e.g. when + invoked after chroot into an image without the API mount points like + /proc being set up.) Operation in such an environment is not fully + supported. + + * 'udevadm hwdb' subcommand is deprecated and will emit a warning. + systemd-hwdb (added in 2014) should be used instead. + + * 'bootctl --json' now outputs well-formed JSON, instead of a stream + of newline-separated JSON objects. + + * Udev rules in 60-evdev.rules have been changed to load hwdb properties + for all modalias patterns. Previously only the first matching pattern + was used. This could change what properties are assigned if the user + has more and less specific patterns that could match the same device, + but it is expected that the change will have no effect for most users. + + New components: + + * A tool to build, measure, and sign Unified Kernel Images (UKIs) has + been added. This replaces functionality provided by 'dracut --uefi' + and extends it with automatic calculation of offsets, insertion of + signed PCR policies generated by systemd-measure, support for initrd + concatenation, signing of the embedded Linux image and the combined + image with sbsign, and heuristics to autodetect the kernel uname and + verify the splash image. + + Changes in systemd: + + * Initrd environments which are not on a temporary file system (for + example an overlayfs combination) are now supported. Systemd will only + skip removal of the files in the initrd if it doesn't detect a + temporary file system. + + * New MemoryZSwapMax= option has been added to configure + memory.zswap.max cgroup properties (the maximum amount of zswap used). + + * Scope units now support OOMPolicy=. Login session scopes default to + OOMPolicy=continue, allowing login scopes to survive the oom killer + terminating some processes in the scope. + + * systemd-fstab-generator now supports x-systemd.makefs option for + /sysroot (in the initrd). + + Changes in udev: + + * The new net naming scheme "v253" has been introduced. In the new + scheme, ID_NET_NAME_PATH is also set for USB devices not connected via + a PCI bus. This extends the converage of predictable interface names + in some embedded systems. + + The "amba" bus path is now included in ID_NET_NAME_PATH, resulting in + a more informative path on some embedded systems. + Changes in sd-boot, bootctl, and the Boot Loader Specification: * systemd-boot now passes its random seed directly to the kernel's RNG @@ -14,7 +70,7 @@ CHANGES WITH 253 in spe: protocol or a prior seed in LINUX_EFI_RANDOM_SEED_TABLE_GUID from a preceding bootloader. - * The random seed stored in ESP is now refreshed whenever + * The random seed stored in the ESP is now refreshed whenever systemd-random-seed.service is run. * systemd-boot handles various seed inputs using a domain- and @@ -32,10 +88,104 @@ CHANGES WITH 253 in spe: virtualized ones, and is activated in the case that the system token is missing from either sd-boot and sd-stub booted systems. + * systemd-boot now supports being loaded not from the ESP, for example + for direct kernel boot under QEMU or when embedded into the firmware. + + Changes in kernel-install: + + * A new "installation layout" can be configured as layout=uki. With this + setting, a Boot Loader Specification Type#1 entry will not be created. + Instead, a new kernel-install plugin 90-uki-copy.install will copy any + .efi files from the staging area into the boot partition. A plugin to + generate the UKI .efi file must be provided separately. + Changes in systemctl: - * systemctl reboot has dropped support for accepting a positional argument - as the argument to reboot(2) syscall. Please use --reboot-argument instead. + * 'systemctl reboot' has dropped support for accepting a positional + argument as the argument to the reboot(2) syscall. Please use the + --reboot-argument option instead. + + * 'systemctl disable' will now warn when called on units without install + information. A new --no-warn option has been added that silences this + warning. + + * 'systemctl kexec' now supports XEN. + + Changes in systemd-networkd and related tools: + + * The RouteMetric= option (for DHCPv4, DHCPv6, and IPv6 advertised + routes) now accepts three values, for high, medium, and low preference + of the router (which can be set with the RouterPreference=) setting. + + * systemd-networkd-wait-online now supports alternative interface names. + + Changes in systemd-dissect: + + * systemd-dissect gained a new option --list, to print the paths fo the + files and directories in the image. + + * systemd-dissect gained a new option --mtree, to generate output + compatible with BSD mtree(5). + + * systemd-dissect gained a new option --with, to execute a command in + the image temporarily mounted. + + * systemd-dissect gained a new option --discover, to search for + Discoverable Disk Images (DDIs) in well-known directories. This will + list machine, portable service and system extension disk images. + + * systemd-dissect now understands 2nd stage initrd images stored as a + Discoverable Disk Image (DDI). + + Changes in systemd-repart: + + * systemd-repart gained new options --include-partitions and + --exclude-partitions to filter operation on partitions by type UUID. + This allows systemd-repart to be used to build images in which the + type of one partition is set based on the contents of another + partition (for example when the boot partition shall include a verity + hash of the root partition). + + * systemd-repart now supports erofs (a read-only file system similar to + squashfs). + + Changes in systemd-homed: + + * systemd-homed gained support for luksPbkdfForceIterations (the + intended number of iterations for the PBKDF operation on LUKS). + + Changes in systemd-homenamed: + + * systemd-homed now exports the contents of + /sys/class/dmi/id/bios_vendor and /sys/class/dmi/id/bios_date via two + new D-Bus properties: FirmwareVendor and FirmwareDate. This allows + unprivileged code to access those values. + + Changes in libsystemd and shared code: + + * sd-bus gained new convenience functions sd_bus_emit_signal_to(), + sd_bus_emit_signal_tov(), and sd_bus_message_new_signal_to(). + + * Detection of chroot environments now works if /proc/ is not mounted. + This affects systemd-detect-virt --chroot, but also means that systemd + tools will silently skip various operations in such an environment. + + * "Lockheed Matrin Hardened Security for Intel Processors" (HS SRE) + virtualization is now detected. + + Changes in the build system: + + * Standalone variant of systemd-repart is built (if -Dstandalone=true). + + * systemd-ac-power has been moved to /usr/bin/, to, for example, allow + scripts to conditionalize execution on AC power supply. + + Changes in the documentation: + + * Specifications that are not closely tied to systemd have moved to + https://uapi-group.org/specifications/: the Boot Loader Spefication + and the Discoverable Partitions Specification. + CHANGES WITH 252 🎃: -- cgit v1.2.1