Systemd 251 has just been released. As part of this new version of the software suite, the default version of C has changed from C89 to C11 with the GNU extensions (GNU11), although the API headers are still limited to the older version (89). This change could be motivated by the desire to follow in the footsteps of the Linux kernel, which also migrated to C11 due to the limitations of C89. Also, a new set of service monitoring environment variables are passed to OnFailure/OnSuccess handlers.
Systemd is the default system and service manager for most Linux distributions. However, systemd is also a very controversial init system. Criticisms of systemd are mostly about feature creep, because the project would not conform to the do one thing and do it well philosophy of Unix systems in general. Other aspects, such as the use of binary logs (as opposed to human-readable text logs), have also drawn criticism. In addition, criticism has also been fueled by the discovery of “serious” security flaws.
That said, systemd continues to grow and develop, just like Linux itself. Systemd version 251 has just been released and like most systemd updates, systemd 251 is another heavyweight release that continues to add new features to improve workflows and modernize other low-level areas of the Linux stack beyond its conventional init system functions. Looking at systemd’s Git repository from v250 to v251, there have been 79,853 new lines of code and 34,624 lines removed in the last six months.
Systemd 251 adds the new component systemd-sysupdate, which is the result of work started last summer by Red Hat and the main developers of systemd. According to the team, systemd-sysupdate Automatically discovers/downloads/installs type A/B updates for the host installation itself or container images/portable service images. As a reminder, type A/B system updates, also known as “transparent updates”, ensure that a working boot system remains on disk during an OTA (over-the-air) update.
This approach reduces the likelihood of an inactive device after an update, which means fewer device replacements and device resets at repair and warranty centers. Other commercial operating systems, such as Android and Chrome OS, also use Type A/B updates. According to the systemd team, the component systemd-sysupdate is currently considered experimental. Some of the major changes for systemd 251 include:
- systemd 251 now uses the standard “C11-with-GNU-extensions” GCC compiler, dubbed GNU11. This version thus aligns with the Linux kernel itself, which has used the same standard since version 5.18 – which has been helped by the fact that the 5.15 kernel has raised the minimum required version of GCC to 5.1;
- all kernels supported by systemd will now embed the statement output RdRand (or other random ISA CPU extensions) in the boot entropy pool. This means that even if /dev/urandom is not initialized, it will return bytes that have at least the same quality as RdRand. in turn, systemd no longer needs to invoke RdRand himself directly. In the past, the use of RdRand by systemd was prone to bugs;
- various bootloader specification improvements and various kernel installation improvements;
- a new set of service monitoring environment variables are passed to OnFailure/OnSuccess handlers;
- units that were destroyed by systemd-oomd will now have a service result of oom-kill ;
- enabled more service settings to now also work with non-privileged user services;
- busctlnow uses the format pcapng for the output rather than pcap ;
- new hardware database (HWDB) files for portable devices and A/V production devices;
- the files .netdev of systemd-networkd can now be used to create virtual WLAN devices;
- PID 1 now automatically retrieves system credentials from the interface fw_cfg from QEMU. This is a way to pass arbitrary data into VM systems, similar to what can currently be done with containers systemd-nspawn. Initially, the kernel command line systemd.set_credential= is the intended use case when paired with VMs using the UEFI stub systemd-stub ;
- l’option LoadCredential= will now automatically look for import credentials in directories /etc/credstore/, /run/credstore/, /usr/lib/credstore/ if no source filename or relative name is provided. According to the documentation, “the idea is that these directories are now the recommended location for the entire system to place credentials to be automatically retrieved by services”;
- the generators invoked by PID 1 now have several environment variables added: $SYSTEMD_SCOPE, $SYSTEMD_IN_INITRD, $SYSTEMD_ARCHITECTURE, $SYSTEMD_FIRST_BOOTet $SYSTEMD_VIRTUALIZATION ;
- block devices will now get a new set of device symlinks in /dev/disk/by-diskseq/[nr]which can be used to reference block device nodes via the value diskseq of the core. This is related to the change introduced by Linux 5.15 for systemd and raised by Microsoft engineers also for a global counter on block/disk changes;
- the tool systemd-creds now has a word has-tpm2 to indicate whether a working TPM 2.0 module is available;
Source : systemd v251
What do you think of the new features introduced by systemd 251?
See as well
GNOME 3.34 is now managed with systemd, the controversial init system, and thus brings some changes
Red Hat Enterprise Linux version 9.0 is available, includes kernel 5.14, systemd 249, Python 3.9, first major release since IBM spent $34 billion to buy
Linus Torvalds releases Linux kernel version 5.18 which marks the move to the C11 build standard, and includes better hardware support for Intel and AMD products
Intel to release “Pay-As-You-Go” processors where you pay to unlock processor features, mechanism expected to be supported by Linux 5.18 in spring