Systemd 256-rc1 Brings A Huge Number Of New Features
([systemd] 3 Hours Ago
systemd-vpick, importctl + more)
- Reference: 0001459900
- News link: https://www.phoronix.com/news/systemd-256-rc1
- Source link:
Systemd 256-rc1 is available this evening and it comes with many new features and improvements to existing features. It's a big one.
Systemd 256-rc1 is now available and it brings many new features as well as extending additional functionality. In going through the systemd 256-rc1 change-log this evening some of the items that catch my attention include:
- Support for cgroup v1 is now considered obsolete and systemd by default will refuse to boot under it. There still is a workaround to forcibly re-enable cgroup v1 support, but long story short it's time to move on to cgroup v2.
- A new "systemd-vpick" binary is added that implements the vpick protocol. Systemd-vpick can be used for resolving paths to versioned ".v/" versioned directories. More details in the [1]systemd documentation on systemd-vpick.
- Another new tool in systemd 256 is "importctl" as a tool to download, import, and export disk images via systemd-importd. Previously similar functionality to importctl was available via machinectl while now is also extended to cover sysext, confext, and portable service images.
- A new unit generator "systemd-ssh-generator" is added to see if the sshd binary is installed and then bind it via per-connection socket activation to various sockets depending on the execution context.
- Encrypted service credentials can now be made available to unprivileged users via new systemd-creds options.
- Systemd can now be compiled cleanly with all OpenSSL 3.0 deprecations removed.
- For systemd service management there is a new concept of "capsules" introduced. Capsules wrap additional per-user service managers and whose users are transient and only defined as long as the service manager is running (dynamic users).
- Systemd-networkd now provides a basic Varlink interface.
- Systemd-networkd can now pick up WireGuard secrets from the systemd credentials.
- Systemd Ukify now supports Zboot kernels.
- Various library dependencies have been made from regular shared library dependencies into dlopen() ones to enhance security following the XZ backdoor incident.
- Systemd-homed can now unlock home directories when logging in via SSH.
- New systemd services include systemd-nsresourced and systemd-mountfsd.
- Various systemd programs will now look to load main configuration files from locations below /usr/lib, /usr/local/lib, and /run rather than just /etc.
Downloads and the very lengthy list of changes with systemd 256-rc1 can be found via [2]GitHub . Expect to find systemd 256 rolling out for H2'2024 Linux distributions.
[1] https://www.freedesktop.org/software/systemd/man/devel/systemd-vpick.html
[2] https://github.com/systemd/systemd/releases/tag/v256-rc1
Systemd 256-rc1 is now available and it brings many new features as well as extending additional functionality. In going through the systemd 256-rc1 change-log this evening some of the items that catch my attention include:
- Support for cgroup v1 is now considered obsolete and systemd by default will refuse to boot under it. There still is a workaround to forcibly re-enable cgroup v1 support, but long story short it's time to move on to cgroup v2.
- A new "systemd-vpick" binary is added that implements the vpick protocol. Systemd-vpick can be used for resolving paths to versioned ".v/" versioned directories. More details in the [1]systemd documentation on systemd-vpick.
- Another new tool in systemd 256 is "importctl" as a tool to download, import, and export disk images via systemd-importd. Previously similar functionality to importctl was available via machinectl while now is also extended to cover sysext, confext, and portable service images.
- A new unit generator "systemd-ssh-generator" is added to see if the sshd binary is installed and then bind it via per-connection socket activation to various sockets depending on the execution context.
- Encrypted service credentials can now be made available to unprivileged users via new systemd-creds options.
- Systemd can now be compiled cleanly with all OpenSSL 3.0 deprecations removed.
- For systemd service management there is a new concept of "capsules" introduced. Capsules wrap additional per-user service managers and whose users are transient and only defined as long as the service manager is running (dynamic users).
- Systemd-networkd now provides a basic Varlink interface.
- Systemd-networkd can now pick up WireGuard secrets from the systemd credentials.
- Systemd Ukify now supports Zboot kernels.
- Various library dependencies have been made from regular shared library dependencies into dlopen() ones to enhance security following the XZ backdoor incident.
- Systemd-homed can now unlock home directories when logging in via SSH.
- New systemd services include systemd-nsresourced and systemd-mountfsd.
- Various systemd programs will now look to load main configuration files from locations below /usr/lib, /usr/local/lib, and /run rather than just /etc.
Downloads and the very lengthy list of changes with systemd 256-rc1 can be found via [2]GitHub . Expect to find systemd 256 rolling out for H2'2024 Linux distributions.
[1] https://www.freedesktop.org/software/systemd/man/devel/systemd-vpick.html
[2] https://github.com/systemd/systemd/releases/tag/v256-rc1
tildearrow