systemd

systemd (formerly udev) is an open source system management daemon. In other words, it runs in the background and acts as a system and service manager for Linux-based operating systems.

Compatible with LSB and UNIX System V init scripts

Being compatible with the LSB (Linux Standard Base) and UNIX System V init scripts, systemd uses D-Bus and socket activation for starting services, and provides aggressive parallelization capabilities. In addition it supports restoring and snapshotting of the system state, maintains automount and mount points, keeps track of processes by using Linux control groups, offers on-demand starting of daemons, and implements a complex transactional dependency-based service control logic.

A drop-in replacement for sysvinit

systemd is included in almost every kernel-based Linux operating system, and it can be used as a drop-in replacement for the sysvinit software, but also for the inetd, acpid, atd, watchdog, cron, syslog, and pm-utils daemons. The program also comes with a built-in login manager, called systemd-logind, designed as a drop-in replacement for the deprecated ConsoleKit software. It features various multiseat improvements.

Can administer network configurations too

Since version 209, systemd can also administer network configurations, thanks to the integration of the networkd daemon. For example, it can statically assign IP addresses, as well as to provide basic bridging configuration.

Supported Linux distributions

Since its appearance, back in 2011, the project has been adopted quite fast by many popular Linux distributions, including Arch Linux, Fedora, Gentoo Linux, Mageia, openSUSE, Sabayon Linux, Frugalware Linux, Ångström, and CoreOS. In addition, many other powerful Linux operating system will adopt systemd in their forthcoming releases, such as Ubuntu 14.04 LTS (Trusty Tahr), Debian GNU/Linux 8 (Jessie), and Red Hat Enterprise Linux 7.

Bottom line

Even if some people tend to write SystemD, system d, system D or System D, the program’s name is spelled and written systemd. It is definitely the future of any Linux distribution, changing the way we interact with the operating system.

What is new in this release:

• Some keyboards come with a zoom see-saw or rocker which until now got
• mapped to the Linux "zoomin/out" keys in hwdb. However, these
• keycodes are not recognized by any major desktop. They now produce
• Up/Down key events so that they can be used for scrolling.
• * INCOMPATIBILITY: systemd-tmpfiles' "f" lines changed behaviour
• slightly: previously, if an argument was specified for lines of this
• type (i.e. the right-most column was set) this string was appended to
• existing files each time systemd-tmpfiles was run. This behaviour was
• different from what the documentation said, and not particularly
• useful, as repeated systemd-tmpfiles invocations would not be
• idempotent and grow such files without bounds. With this release
• behaviour has been altered slightly, to match what the documentation
• says: lines of this type only have an effect if the indicated files
• don't exist yet, and only then the argument string is written to the
• file.
• * FUTURE INCOMPATIBILITY: In systemd v238 we intend to slightly change
• systemd-tmpfiles behaviour: previously, read-only files owned by root
• were always excluded from the file "aging" algorithm (i.e. the
• automatic clean-up of directories like /tmp based on
• atime/mtime/ctime). We intend to drop this restriction, and age files
• by default even when owned by root and read-only. This behaviour was
• inherited from older tools, but there have been requests to remove
• it, and it's not obvious why this restriction was made in the first
• place. Please speak up now, if you are aware of software that reqires
• this behaviour, otherwise we'll remove the restriction in v238.
• * A new environment variable $SYSTEMD_OFFLINE is now understood by
• systemctl. It takes a boolean argument. If on, systemctl assumes it
• operates on an "offline" OS tree, and will not attempt to talk to the
• service manager. Previously, this mode was implicitly enabled if a
• chroot() environment was detected, and this new environment variable
• now provides explicit control.
• * .path and .socket units may now be created transiently, too.
• Previously only service, mount, automount and timer units were
• supported as transient units. The systemd-run tool has been updated
• to expose this new functionality, you may hence use it now to bind
• arbitrary commands to path or socket activation on-the-fly from the
• command line. Moreover, almost all properties are now exposed for the
• unit types that already supported transient operation.
• * The systemd-mount command gained support for a new --owner= parameter
• which takes a user name, which is then resolved and included in uid=
• and gid= mount options string of the file system to mount.
• * A new unit condition ConditionControlGroupController= has been added
• that checks whether a specific cgroup controller is available.
• * Unit files, udev's .link files, and systemd-networkd's .netdev and
• .network files all gained support for a new condition
• ConditionKernelVersion= for checking against specific kernel
• versions.
• * In systemd-networkd, the [IPVLAN] section in .netdev files gained
• support for configuring device flags in the Flags= setting. In the
• same files, the [Tunnel] section gained support for configuring
• AllowLocalRemote=. The [Route] section in .network files gained
• support for configuring InitialCongestionWindow=,
• InitialAdvertisedReceiveWindow= and QuickAck=. The [DHCP] section now
• understands RapidCommit=.
• * systemd-networkd's DHCPv6 support gained support for Prefix
• Delegation.
• * sd-bus gained support for a new "watch-bind" feature. When this
• feature is enabled, an sd_bus connection may be set up to connect to
• an AF_UNIX socket in the file system as soon as it is created. This
• functionality is useful for writing early-boot services that
• automatically connect to the system bus as soon as it is started,
• without ugly time-based polling. systemd-networkd and
• systemd-resolved have been updated to make use of this
• functionality. busctl exposes this functionality in a new
• --watch-bind= command line switch.
• * sd-bus will now optionally synthesize a local "Connected" signal as
• soon as a D-Bus connection is set up fully. This message mirrors the
• already existing "Disconnected" signal which is synthesized when the
• connection is terminated. This signal is generally useful but
• particularly handy in combination with the "watch-bind" feature
• described above. Synthesizing of this message has to be requested
• explicitly through the new API call sd_bus_set_connected_signal(). In
• addition a new call sd_bus_is_ready() has been added that checks
• whether a connection is fully set up (i.e. between the "Connected" and
• "Disconnected" signals).
• * sd-bus gained two new calls sd_bus_request_name_async() and
• sd_bus_release_name_async() for asynchronously registering bus
• names. Similar, there is now sd_bus_add_match_async() for installing
• a signal match asynchronously. All of systemd's own services have
• been updated to make use of these calls. Doing these operations
• asynchronously has two benefits: it reduces the risk of deadlocks in
• case of cyclic dependencies between bus services, and it speeds up
• service initialization since synchronization points for bus
• round-trips are removed.
• * sd-bus gained two new calls sd_bus_match_signal() and
• sd_bus_match_signal_async(), which are similar to sd_bus_add_match()
• and sd_bus_add_match_async() but instead of taking a D-Bus match
• string take match fields as normal function parameters.
• * sd-bus gained two new calls sd_bus_set_sender() and
• sd_bus_message_set_sender() for setting the sender name of outgoing
• messages (either for all outgoing messages or for just one specific
• one). These calls are only useful in direct connections as on
• brokered connections the broker fills in the sender anyway,
• overwriting whatever the client filled in.
• * sd-event gained a new pseudo-handle that may be specified on all API
• calls where an "sd_event*" object is expected: SD_EVENT_DEFAULT. When
• used this refers to the default event loop object of the calling
• thread. Note however that this does not implicitly allocate one -
• which has to be done prior by using sd_event_default(). Similarly
• sd-bus gained three new pseudo-handles SD_BUS_DEFAULT,
• SD_BUS_DEFAULT_USER, SD_BUS_DEFAULT_SYSTEM that may be used to refer
• to the default bus of the specified type of the calling thread. Here
• too this does not implicitly allocate bus connection objects, this
• has to be done prior with sd_bus_default() and friends.
• * sd-event gained a new call pair
• sd_event_source_{get|set}_io_fd_own(). This may be used to request
• automatic closure of the file descriptor an IO event source watches
• when the event source is destroyed.
• * systemd-networkd gained support for natively configuring WireGuard
• connections.
• * In previous versions systemd synthesized user records both for the
• "nobody" (UID 65534) and "root" (UID 0) users in nss-systemd and
• internally. In order to simplify distribution-wide renames of the
• "nobody" user (like it is planned in Fedora: nfsnobody -> nobody), a
• new transitional flag file has been added: if
• /etc/systemd/dont-synthesize-nobody exists synthesizing of the 65534
• user and group record within the systemd codebase is disabled.
• * systemd-notify gained a new --uid= option for selecting the source
• user/UID to use for notification messages sent to the service
• manager.
• * journalctl gained a new --grep= option to list only entries in which
• the message matches a certain pattern. By default matching is case
• insensitive if the pattern is lowercase, and case sensitive
• otherwise. Option --case-sensitive=yes|no can be used to override
• this an specify case sensitivity or case insensitivity.
• * There's now a "systemd-analyze service-watchdogs" command for printing
• the current state of the service runtime watchdog, and optionally
• enabling or disabling the per-service watchdogs system-wide if given a
• boolean argument (i.e. the concept you configure in WatchdogSec=), for
• debugging purposes. There's also a kernel command line option
• systemd.service_watchdogs= for controlling the same.
• * Two new "log-level" and "log-target" options for systemd-analyze were
• addded that merge the now deprecated get-log-level, set-log-level and
• get-log-target, set-log-target pairs. The deprecated options are still
• understood for backwards compatibility. The two new options print the
• current value when no arguments are given, and set them when a
• level/target is given as an argument.
• * sysusers.d's "u" lines now optionally accept both a UID and a GID
• specification, separated by a ":" character, in order to create users
• where UID and GID do not match.

What is new in version 238:

• Some keyboards come with a zoom see-saw or rocker which until now got
• mapped to the Linux "zoomin/out" keys in hwdb. However, these
• keycodes are not recognized by any major desktop. They now produce
• Up/Down key events so that they can be used for scrolling.
• * INCOMPATIBILITY: systemd-tmpfiles' "f" lines changed behaviour
• slightly: previously, if an argument was specified for lines of this
• type (i.e. the right-most column was set) this string was appended to
• existing files each time systemd-tmpfiles was run. This behaviour was
• different from what the documentation said, and not particularly
• useful, as repeated systemd-tmpfiles invocations would not be
• idempotent and grow such files without bounds. With this release
• behaviour has been altered slightly, to match what the documentation
• says: lines of this type only have an effect if the indicated files
• don't exist yet, and only then the argument string is written to the
• file.
• * FUTURE INCOMPATIBILITY: In systemd v238 we intend to slightly change
• systemd-tmpfiles behaviour: previously, read-only files owned by root
• were always excluded from the file "aging" algorithm (i.e. the
• automatic clean-up of directories like /tmp based on
• atime/mtime/ctime). We intend to drop this restriction, and age files
• by default even when owned by root and read-only. This behaviour was
• inherited from older tools, but there have been requests to remove
• it, and it's not obvious why this restriction was made in the first
• place. Please speak up now, if you are aware of software that reqires
• this behaviour, otherwise we'll remove the restriction in v238.
• * A new environment variable $SYSTEMD_OFFLINE is now understood by
• systemctl. It takes a boolean argument. If on, systemctl assumes it
• operates on an "offline" OS tree, and will not attempt to talk to the
• service manager. Previously, this mode was implicitly enabled if a
• chroot() environment was detected, and this new environment variable
• now provides explicit control.
• * .path and .socket units may now be created transiently, too.
• Previously only service, mount, automount and timer units were
• supported as transient units. The systemd-run tool has been updated
• to expose this new functionality, you may hence use it now to bind
• arbitrary commands to path or socket activation on-the-fly from the
• command line. Moreover, almost all properties are now exposed for the
• unit types that already supported transient operation.
• * The systemd-mount command gained support for a new --owner= parameter
• which takes a user name, which is then resolved and included in uid=
• and gid= mount options string of the file system to mount.
• * A new unit condition ConditionControlGroupController= has been added
• that checks whether a specific cgroup controller is available.
• * Unit files, udev's .link files, and systemd-networkd's .netdev and
• .network files all gained support for a new condition
• ConditionKernelVersion= for checking against specific kernel
• versions.
• * In systemd-networkd, the [IPVLAN] section in .netdev files gained
• support for configuring device flags in the Flags= setting. In the
• same files, the [Tunnel] section gained support for configuring
• AllowLocalRemote=. The [Route] section in .network files gained
• support for configuring InitialCongestionWindow=,
• InitialAdvertisedReceiveWindow= and QuickAck=. The [DHCP] section now
• understands RapidCommit=.
• * systemd-networkd's DHCPv6 support gained support for Prefix
• Delegation.
• * sd-bus gained support for a new "watch-bind" feature. When this
• feature is enabled, an sd_bus connection may be set up to connect to
• an AF_UNIX socket in the file system as soon as it is created. This
• functionality is useful for writing early-boot services that
• automatically connect to the system bus as soon as it is started,
• without ugly time-based polling. systemd-networkd and
• systemd-resolved have been updated to make use of this
• functionality. busctl exposes this functionality in a new
• --watch-bind= command line switch.
• * sd-bus will now optionally synthesize a local "Connected" signal as
• soon as a D-Bus connection is set up fully. This message mirrors the
• already existing "Disconnected" signal which is synthesized when the
• connection is terminated. This signal is generally useful but
• particularly handy in combination with the "watch-bind" feature
• described above. Synthesizing of this message has to be requested
• explicitly through the new API call sd_bus_set_connected_signal(). In
• addition a new call sd_bus_is_ready() has been added that checks
• whether a connection is fully set up (i.e. between the "Connected" and
• "Disconnected" signals).
• * sd-bus gained two new calls sd_bus_request_name_async() and
• sd_bus_release_name_async() for asynchronously registering bus
• names. Similar, there is now sd_bus_add_match_async() for installing
• a signal match asynchronously. All of systemd's own services have
• been updated to make use of these calls. Doing these operations
• asynchronously has two benefits: it reduces the risk of deadlocks in
• case of cyclic dependencies between bus services, and it speeds up
• service initialization since synchronization points for bus
• round-trips are removed.
• * sd-bus gained two new calls sd_bus_match_signal() and
• sd_bus_match_signal_async(), which are similar to sd_bus_add_match()
• and sd_bus_add_match_async() but instead of taking a D-Bus match
• string take match fields as normal function parameters.
• * sd-bus gained two new calls sd_bus_set_sender() and
• sd_bus_message_set_sender() for setting the sender name of outgoing
• messages (either for all outgoing messages or for just one specific
• one). These calls are only useful in direct connections as on
• brokered connections the broker fills in the sender anyway,
• overwriting whatever the client filled in.
• * sd-event gained a new pseudo-handle that may be specified on all API
• calls where an "sd_event*" object is expected: SD_EVENT_DEFAULT. When
• used this refers to the default event loop object of the calling
• thread. Note however that this does not implicitly allocate one -
• which has to be done prior by using sd_event_default(). Similarly
• sd-bus gained three new pseudo-handles SD_BUS_DEFAULT,
• SD_BUS_DEFAULT_USER, SD_BUS_DEFAULT_SYSTEM that may be used to refer
• to the default bus of the specified type of the calling thread. Here
• too this does not implicitly allocate bus connection objects, this
• has to be done prior with sd_bus_default() and friends.
• * sd-event gained a new call pair
• sd_event_source_{get|set}_io_fd_own(). This may be used to request
• automatic closure of the file descriptor an IO event source watches
• when the event source is destroyed.
• * systemd-networkd gained support for natively configuring WireGuard
• connections.
• * In previous versions systemd synthesized user records both for the
• "nobody" (UID 65534) and "root" (UID 0) users in nss-systemd and
• internally. In order to simplify distribution-wide renames of the
• "nobody" user (like it is planned in Fedora: nfsnobody -> nobody), a
• new transitional flag file has been added: if
• /etc/systemd/dont-synthesize-nobody exists synthesizing of the 65534
• user and group record within the systemd codebase is disabled.
• * systemd-notify gained a new --uid= option for selecting the source
• user/UID to use for notification messages sent to the service
• manager.
• * journalctl gained a new --grep= option to list only entries in which
• the message matches a certain pattern. By default matching is case
• insensitive if the pattern is lowercase, and case sensitive
• otherwise. Option --case-sensitive=yes|no can be used to override
• this an specify case sensitivity or case insensitivity.
• * There's now a "systemd-analyze service-watchdogs" command for printing
• the current state of the service runtime watchdog, and optionally
• enabling or disabling the per-service watchdogs system-wide if given a
• boolean argument (i.e. the concept you configure in WatchdogSec=), for
• debugging purposes. There's also a kernel command line option
• systemd.service_watchdogs= for controlling the same.
• * Two new "log-level" and "log-target" options for systemd-analyze were
• addded that merge the now deprecated get-log-level, set-log-level and
• get-log-target, set-log-target pairs. The deprecated options are still
• understood for backwards compatibility. The two new options print the
• current value when no arguments are given, and set them when a
• level/target is given as an argument.
• * sysusers.d's "u" lines now optionally accept both a UID and a GID
• specification, separated by a ":" character, in order to create users
• where UID and GID do not match.

What is new in version :

• The modprobe.d/ drop-in for the bonding.ko kernel module introduced
• in v235 has been extended to also set the dummy.ko module option
• numdummies=0, preventing the kernel from automatically creating
• dummy0. All dummy interfaces must now be explicitly created.
• * Unknown '%' specifiers in configuration files are now rejected. This
• applies to units and tmpfiles.d configuration. Any percent characters
• that are followed by a letter or digit that are not supposed to be
• interpreted as the beginning of a specifier should be escaped by
• doubling ("%%"). (So "size=5%" is still accepted, as well as
• "size=5%,foo=bar", but not "LABEL=x%y%z" since %y and %z are not
• valid specifiers today.)
• * systemd-resolved now maintains a new dynamic
• /run/systemd/resolve/stub-resolv.conf compatibility file. It is
• recommended to make /etc/resolv.conf a symlink to it. This file
• points at the systemd-resolved stub DNS 127.0.0.53 resolver and
• includes dynamically acquired search domains, achieving more correct
• DNS resolution by software that bypasses local DNS APIs such as NSS.
• * The "uaccess" udev tag has been dropped from /dev/kvm and
• /dev/dri/renderD*. These devices now have the 0666 permissions by
• default (but this may be changed at build-time). /dev/dri/renderD*
• will now be owned by the "render" group along with /dev/kfd.
• * "DynamicUser=yes" has been enabled for systemd-timesyncd.service,
• systemd-journal-gatewayd.service and
• systemd-journal-upload.service. This means "nss-systemd" must be
• enabled in /etc/nsswitch.conf to ensure the UIDs assigned to these
• services are resolved properly.
• * In /etc/fstab two new mount options are now understood:
• x-systemd.makefs and x-systemd.growfs. The former has the effect that
• the configured file system is formatted before it is mounted, the
• latter that the file system is resized to the full block device size
• after it is mounted (i.e. if the file system is smaller than the
• partition it resides on, it's grown). This is similar to the fsck
• logic in /etc/fstab, and pulls in systemd-makefs at .service and
• systemd-growfs at .service as necessary, similar to
• systemd-fsck at .service. Resizing is currently only supported on ext4
• and btrfs.
• * In systemd-networkd, the IPv6 RA logic now optionally may announce
• DNS server and domain information.
• * Support for the LUKS2 on-disk format for encrypted partitions has
• been added. This requires libcryptsetup2 during compilation and
• runtime.
• * The systemd --user instance will now signal "readiness" when its
• basic.target unit has been reached, instead of when the run queue ran
• empty for the first time.
• * Tmpfiles.d with user configuration are now also supported.
• systemd-tmpfiles gained a new --user switch, and snippets placed in
• ~/.config/user-tmpfiles.d/ and corresponding directories will be
• executed by systemd-tmpfiles --user running in the new
• systemd-tmpfiles-setup.service and systemd-tmpfiles-clean.service
• running in the user session.
• * Unit files and tmpfiles.d snippets learnt three new % specifiers:
• %S resolves to the top-level state directory (/var/lib for the system
• instance, $XDG_CONFIG_HOME for the user instance), %C resolves to the
• top-level cache directory (/var/cache for the system instance,
• $XDG_CACHE_HOME for the user instance), %L resolves to the top-level
• logs directory (/var/log for the system instance,
• $XDG_CONFIG_HOME/log/ for the user instance). This matches the
• existing %t specifier, that resolves to the top-level runtime
• directory (/run for the system instance, and $XDG_RUNTIME_DIR for the
• user instance).
• * journalctl learnt a new parameter --output-fields= for limiting the
• set of journal fields to output in verbose and JSON output modes.
• * systemd-timesyncd's configuration file gained a new option
• RootDistanceMaxSec= for setting the maximum root distance of servers
• it'll use, as well as the new options PollIntervalMinSec= and
• PollIntervalMaxSec= to tweak the minimum and maximum poll interval.
• * bootctl gained a new command "list" for listing all available boot
• menu items on systems that follow the boot loader specification.
• * systemctl gained a new --dry-run switch that shows what would be done
• instead of doing it, and is currently supported by the shutdown and
• sleep verbs.
• * ConditionSecurity= can now detect the TOMOYO security module.
• * Unit file [Install] sections are now also respected in unit drop-in
• files. This is intended to be used by drop-ins under /usr/lib/.
• * systemd-firstboot may now also set the initial keyboard mapping.
• * Udev "changed" events for devices which are exposed as systemd
• .device units are now propagated to units specified in
• ReloadPropagatedFrom= as reload requests.
• * If a udev device has a SYSTEMD_WANTS= property containing a systemd
• unit template name (i.e. a name in the form of 'foobar at .service',
• without the instance component between the '@' and - the '.'), then
• the escaped sysfs path of the device is automatically used as the
• instance.
• * SystemCallFilter= in unit files has been extended so that an "errno"
• can be specified individually for each system call. Example:
• SystemCallFilter=~uname:EILSEQ.
• * The cgroup delegation logic has been substantially updated. Delegate=
• now optionally takes a list of controllers (instead of a boolean, as
• before), which lists the controllers to delegate at least.
• * The networkd DHCPv6 client now implements the FQDN option (RFC 4704).
• * A new LogLevelMax= setting configures the maximum log level any
• process of the service may log at (i.e. anything with a lesser
• priority than what is specified is automatically dropped). A new
• LogExtraFields= setting allows configuration of additional journal
• fields to attach to all log records generated by any of the unit's
• processes.
• * New StandardInputData= and StandardInputText= settings along with the
• new option StandardInput=data may be used to configure textual or
• binary data that shall be passed to the executed service process via
• standard input, encoded in-line in the unit file.
• * StandardInput=, StandardOutput= and StandardError= may now be used to
• connect stdin/stdout/stderr of executed processes directly with a
• file or AF_UNIX socket in the file system, using the new "file:" option.
• * A new unit file option CollectMode= has been added, that allows
• tweaking the garbage collection logic for units. It may be used to
• tell systemd to garbage collect units that have failed automatically
• (normally it only GCs units that exited successfully). systemd-run
• and systemd-mount expose this new functionality with a new -G option.
• * "machinectl bind" may now be used to bind mount non-directories
• (i.e. regularfiles, devices, fifos, sockets).
• * systemd-analyze gained a new verb "calendar" for validating and
• testing calendar time specifications to use for OnCalendar= in timer
• units. Besides validating the expression it will calculate the next
• time the specified expression would elapse.
• * In addition to the pre-existing FailureAction= unit file setting
• there's now SuccessAction=, for configuring a shutdown action to
• execute when a unit completes successfully. This is useful in
• particular inside containers that shall terminate after some workload
• has been completed. Also, both options are now supported for all unit
• types, not just services.
• * networkds's IP rule support gained two new options
• IncomingInterface= and OutgoingInterface= for configuring the incoming
• and outgoing interfaces of configured rules. systemd-networkd also
• gained support for "vxcan" network devices.
• * networkd gained a new setting RequiredForOnline=, taking a
• boolean. If set, systemd-wait-online will take it into consideration
• when determining that the system is up, otherwise it will ignore the
• interface for this purpose.
• * The sd_notify() protocol gained support for a new operation: with
• FDSTOREREMOVE=1 file descriptors may be removed from the per-service
• store again, ahead of POLLHUP or POLLERR when they are removed
• anyway.
• * A new document UIDS-GIDS.md has been added to the source tree, that
• documents the UID/GID range and assignment assumptions and
• requirements of systemd.
• * The watchdog device PID 1 will ping may now be configured through the
• WatchdogDevice= configuration file setting, or by setting the
• systemd.watchdog_service= kernel commandline option.
• * systemd-resolved's gained support for registering DNS-SD services on
• the local network using MulticastDNS. Services may either be
• registered by dropping in a .dnssd file in /etc/systemd/dnssd/ (or
• the same dir below /run, /usr/lib), or through its D-Bus API.
• * The sd_notify() protocol can now with EXTEND_TIMEOUT_USEC=microsecond
• extend the effective start, runtime, and stop time. The service must
• continue to send EXTEND_TIMEOUT_USEC within the period specified to
• prevent the service manager from making the service as timedout.
• * systemd-resolved's DNSSEC support gained support for RFC 8080
• (Ed25519 keys and signatures).
• * The systemd-resolve command line tool gained a new set of options
• --set-dns=, --set-domain=, --set-llmnr=, --set-mdns=, --set-dnssec=,
• --set-nta= and --revert to configure per-interface DNS configuration
• dynamically during runtime. It's useful for pushing DNS information
• into systemd-resolved from DNS hook scripts that various interface
• managing software supports (such as pppd).
• * systemd-nspawn gained a new --network-namespace-path= command line
• option, which may be used to make a container join an existing
• network namespace, by specifying a path to a "netns" file.

What is new in version 234:

• Meson is now supported as build system in addition to Automake. It is our plan to remove Automake in one of our next releases, so that Meson becomes our exclusive build system. Hence, please start using the Meson build system in your downstream packaging. There's plenty of documentation around how to use Meson, the extremely brief summary:
• ./autogen.sh && ./configure && make && sudo make install
• becomes:
• meson build && ninja -C build && sudo ninja -C build install
• Unit files gained support for a new JobRunningTimeoutUSec= setting, which permits configuring a timeout on the time a job is running. This is particularly useful for setting timeouts on jobs for .device units.
• Unit files gained two new options ConditionUser= and ConditionGroup= for conditionalizing units based on the identity of the user/group running a systemd user instance.
• systemd-networkd now understands a new FlowLabel= setting in the [VXLAN] section of .network files, as well as a Priority= in [Bridge], GVRP= + MVRP= + LooseBinding= + ReorderHeader= in [VLAN] and GatewayOnlink= + IPv6Preference= + Protocol= in [Route]. It also gained support for configuration of GENEVE links, and IPv6 address labels. The [Network] section gained the new IPv6ProxyNDP= setting.
• .link files now understand a new Port= setting.
• systemd-networkd's DHCP support gained support for DHCP option 119 (domain search list).
• systemd-networkd gained support for serving IPv6 address ranges using the Router Advertisment protocol. The new .network configuration section [IPv6Prefix] may be used to configure the ranges to serve. This is implemented based on a new, minimal, native server implementation of RA.
• journalctl's --output= switch gained support for a new parameter "short-iso-precise" for a mode where timestamps are shown as precise ISO date values.
• systemd-udevd's "net_id" builtin may now generate stable network interface names from IBM PowerVM VIO devices as well as ACPI platform devices.
• MulticastDNS support in systemd-resolved may now be explicitly enabled/disabled using the new MulticastDNS= configuration file option.
• systemd-resolved may now optionally use libidn2 instead of the libidn for processing internationalized domain names. Support for libidn2 should be considered experimental and should not be enabled by default yet.
• "machinectl pull-tar" and related call may now do verification of downloaded images using SUSE-style .sha256 checksum files in addition to the already existing support for validating using Ubuntu-style SHA256SUMS files.
• sd-bus gained support for a new sd_bus_message_appendv() call which is va_list equivalent of sd_bus_message_append().
• sd-boot gained support for validating images using SHIM/MOK.
• The SMACK code learnt support for "onlycap".
• systemd-mount --umount is now much smarter in figuring out how to properly unmount a device given its mount or device path.
• The code to call libnss_dns as a fallback from libnss_resolve when the communication with systemd-resolved fails was removed. This fallback was redundant and interfered with the [!UNAVAIL=return] suffix. See nss-resolve(8) for the recommended configuration.
• systemd-logind may now be restarted without losing state. It stores the file descriptors for devices it manages in the system manager using the FDSTORE= mechanism. Please note that further changes in other components may be required to make use of this (for example Xorg has code to listen for stops of systemd-logind and terminate itself when logind is stopped or restarted, in order to avoid using stale file descriptors for graphical devices, which is now counterproductive and must be reverted in order for restarts of systemd-logind to be safe. See https://cgit.freedesktop.org/xorg/xserver/commit/?id=dc48bd653c7e101.)
• All kernel install plugins are called with the environment variable KERNEL_INSTALL_MACHINE_ID which is set to the machine ID given by /etc/machine-id. If the file is missing or empty, the variable is empty and BOOT_DIR_ABS is the path of a temporary directory which is removed after all the plugins exit. So, if KERNEL_INSTALL_MACHINE_ID is empty, all plugins should not put anything in BOOT_DIR_ABS.

Requirements:

• It requires a 2.6 Linux kernel or later with CONFIG_HOTPLUG enabled to run.
• It is recommended that you also have the Linux Hotplug scripts installed, but it is not necessary for it to work properly.