summaryrefslogtreecommitdiffstats
path: root/NEWS (follow)
Commit message (Collapse)AuthorAgeFilesLines
* NEWS fix boolean value for meson optionsChristian Hesse2019-02-041-1/+1
| | | | | Valid boolean values for meson are 'true' and 'false', not 'yes' and 'no'.
* More NEWS prep for v241v241-rc2Lennart Poettering2019-01-301-2/+34
|
* NEWS: add section about backslashes in EnvironmentFileLouis Taylor2019-01-211-0/+4
| | | | As a follow-up from #11427.
* NEWS: retroactively describe .include deprecationZbigniew Jędrzejewski-Szmek2019-01-181-0/+5
| | | | Closes #11479.
* Merge pull request #11449 from keszybz/udev-link-naming-againLennart Poettering2019-01-171-0/+22
|\ | | | | Make udev link re-renaming conditional
| * NEWS: describe the naming scheme updatesZbigniew Jędrzejewski-Szmek2019-01-171-0/+22
| |
* | seccomp: drop mincore() from @system-service syscall filter groupLennart Poettering2019-01-161-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, this system call was included in @system-service since it is a "getter" only, i.e. only queries information, and doesn't change anything, and hence was considered not risky. However, as it turns out, mincore() is actually security sensitive, see the discussion here: https://lwn.net/Articles/776034/ Hence, let's adjust the system call filter and drop mincore() from it. This constitues a compatibility break to some level, however I presume we can get away with this as the systemcall is pretty exotic. The fact that it is pretty exotic is also reflected by the fact that the kernel intends to majorly change behaviour of the system call soon (see the linked LWN article)
* | Enable regular file and FIFO protectionLucas Werkmeister2019-01-161-0/+13
|/ | | | | | These sysctls were added in Linux 4.19 (torvalds/linux@30aba6656f), and we should enable them just like we enable the older hardlink/symlink protection since v199. Implements #11414.
* NEWS: typosZbigniew Jędrzejewski-Szmek2019-01-151-4/+4
|
* NEWS: add more entriesYu Watanabe2019-01-131-0/+10
|
* NEWS: document deprecation of PermissionsStartOnly= in v240Zbigniew Jędrzejewski-Szmek2019-01-131-0/+5
| | | | https://github.com/systemd/systemd/pull/10802#issuecomment-453772058
* NEWS: update for v241Zbigniew Jędrzejewski-Szmek2019-01-131-0/+25
|
* NEWS: also mention that clock file for timesyncd may need to moveYu Watanabe2019-01-081-0/+2
| | | | | | Follow-up for aa2437e2aee003a361debbb34b341931caf49b3b. Closes #11329.
* cgroup: s/cgroups? ?v?([0-9])/cgroup v\1/gIChris Down2019-01-031-7/+7
| | | | | | | | | | Nitpicky, but we've used a lot of random spacings and names in the past, but we're trying to be completely consistent on "cgroup vN" now. Generated by `fd -0 | xargs -0 -n1 sed -ri --follow-symlinks 's/cgroups? ?v?([0-9])/cgroup v\1/gI'`. I manually ignored places where it's not appropriate to replace (eg. "cgroup2" fstype and in src/shared/linux).
* NEWS: add one more name and adjust locationv240Zbigniew Jędrzejewski-Szmek2018-12-211-38/+38
|
* Merge pull request #11239 from poettering/news-v240-finalZbigniew Jędrzejewski-Szmek2018-12-211-30/+31
|\ | | | | NEWS and build system bump for 240
| * NEWS: prepare for v240Lennart Poettering2018-12-211-30/+31
| |
* | Merge pull request #11206 from cdown/cgroup_no_v1Zbigniew Jędrzejewski-Szmek2018-12-211-0/+4
|\ \ | | | | | | cgroup: Imply systemd.unified_cgroup_hierarchy=1 on cgroup_no_v1=all
| * | cgroup: Add NEWS entry for cgroup_no_v1=all implying unified usageChris Down2018-12-211-0/+4
| | |
* | | Revert "sleep: offer hibernation only if the kernel image still exists"Zbigniew Jędrzejewski-Szmek2018-12-211-3/+0
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit edda44605f06a41fb86b7ab8128dcf99161d2344. The kernel explicitly supports resuming with a different kernel than the one used before hibernation. If this is something that shouldn't be supported, the place to change this is in the kernel. We shouldn't censor something that this exclusively in the kernel's domain. People might be using this to switch kernels without restaring programs, and we'd break this functionality for them. Also, even if resuming with a different kernel was a bad idea, we don't really prevent that with this check, since most users have more than one kernel and can freely pick a different one from the menu. So this only affected the corner case where the kernel has been removed, but there is no reason to single it out.
* | NEWS: mention DynamicUser= is disabled for networkd, resolved and timesyncdYu Watanabe2018-12-201-0/+9
|/ | | | Which was disabled by #10117.
* NEWS: add a note about symlink following in .wants and .requiresZbigniew Jędrzejewski-Szmek2018-12-181-0/+13
| | | | | | This ain't so easy to express without using too much technical language... https://github.com/systemd/systemd/pull/10094#issuecomment-427407570
* NEWS: add note about NNP=yesZbigniew Jędrzejewski-Szmek2018-12-181-0/+7
|
* NEWS: add one more itemLennart Poettering2018-12-181-0/+11
|
* NEWS: update contributors list, taking new .mailmap into accountLennart Poettering2018-12-181-39/+40
|
* NEWS: document the usern/mknod borkage in 4.18 a bitLennart Poettering2018-12-171-0/+28
|
* NEWS: add missing 'not'Lennart Poettering2018-12-171-1/+1
|
* NEWS: mention DynamicTransmitLoadBalancing=Yu Watanabe2018-12-171-7/+8
| | | | Which was added by #11142.
* sd-id128: add helpers to check fo all-0xFF idsLennart Poettering2018-12-151-0/+4
|
* tree-wide: s/time-out/timeout/gZbigniew Jędrzejewski-Szmek2018-12-141-2/+2
| | | | | | | | | | | | | | | | | From WordNet (r) 3.0 (2006) [wn]: time-out n 1: a brief suspension of play; "each team has two time-outs left" From The Free On-line Dictionary of Computing (18 March 2015) [foldoc]: timeout A period of time after which an error condition is raised if some event has not occured. A common example is sending a message. If the receiver does not acknowledge the message within some preset timeout period, a transmission error is assumed to have occured.
* NEWS: typos and wording adjustmentsZbigniew Jędrzejewski-Szmek2018-12-131-57/+58
|
* NEWS: initialy version of NEWSLennart Poettering2018-12-121-3/+329
| | | | Needs lots of updates still, but let's get the party started.
* NEWS: Add DisableControllers= to v240Chris Down2018-12-111-0/+3
|
* NEWS: Add that CPUAccounting=yes may not enable CPU controller in v240Chris Down2018-12-111-0/+4
|
* NEWS: extend docs on RLIMIT_NOFILELennart Poettering2018-11-291-2/+14
| | | | | | We now settled on 512K, and forgot to update NEWS. Moreover, explain why 512K was chosen.
* sysctl.d: switch net.ipv4.conf.all.rp_filter from 1 to 2Lubomir Rintel2018-11-281-0/+9
| | | | | | | | | | | | | | | | | | | This switches the RFC3704 Reverse Path filtering from Strict mode to Loose mode. The Strict mode breaks some pretty common and reasonable use cases, such as keeping connections via one default route alive after another one appears (e.g. plugging an Ethernet cable when connected via Wi-Fi). The strict filter also makes it impossible for NetworkManager to do connectivity check on a newly arriving default route (it starts with a higher metric and is bumped lower if there's connectivity). Kernel's default is 0 (no filter), but a Loose filter is good enough. The few use cases where a Strict mode could make sense can easily override this. The distributions that don't care about the client use cases and prefer a strict filter could just ship a custom configuration in /usr/lib/sysctl.d/ to override this.
* update NEWSLennart Poettering2018-11-141-0/+7
|
* main: bump fs.nr_open + fs.max-file to their largest possible valuesLennart Poettering2018-10-171-0/+11
| | | | | | | | | | After discussions with kernel folks, a system with memcg really shouldn't need extra hard limits on file descriptors anymore, as they are properly accounted for by memcg anyway. Hence, let's bump these values to their maximums. This also adds a build time option to turn thiss off, to cover those users who do not want to use memcg.
* NEWS: explain the RLIMIT_NOFILE bumpLennart Poettering2018-10-161-0/+25
|
* Merge pull request #10070 from keszybz/test-reportingYu Watanabe2018-09-151-4/+3
|\ | | | | Test reporting improvements
| * NEWS: remove repeated "slightly"Zbigniew Jędrzejewski-Szmek2018-09-131-4/+3
| |
* | replace https://github.com/systemd/systemd/blob/master/doc/* with ↵killermoehre2018-09-131-5/+5
|/ | | | https://github.com/systemd/systemd/blob/master/docs/* to point to proper documentation
* Merge pull request #9504 from poettering/nss-deadlockZbigniew Jędrzejewski-Szmek2018-07-261-1/+22
|\ | | | | some nss deadlock love
| * NEWS: document nss-ldap incompatibilitiesLennart Poettering2018-07-201-1/+22
| |
* | NEWS: add entry about Type=exec and announce that systemd-run is going to ↵Lennart Poettering2018-07-251-0/+27
|/ | | | default to it in 241
* tree-wide: use "polkit" to refer to PolicyKit/polkitZbigniew Jędrzejewski-Szmek2018-07-161-40/+36
| | | | | | | | | | | Back in 2012 the project was renamed, see the release notes for v 0.105 [https://cgit.freedesktop.org/polkit/tree/NEWS#n754]. Let's update our documentation and comments to do the same. Referring to PolicyKit is confusing to users because at the time the polkit api changed too, and we support the new version. I updated NEWS too, since all the references to PolicyKit there were added after the rename. "PolicyKit" is unchanged in various URLs and method call names.
* final touches to NEWSLennart Poettering2018-06-221-2/+2
|
* NEWS: mention 'timedatectl show'Yu Watanabe2018-06-211-3/+4
|
* NEWS: mention %EZbigniew Jędrzejewski-Szmek2018-06-211-2/+3
|
* NEWS: mention ConditionSecurity=uefi-securebootZbigniew Jędrzejewski-Szmek2018-06-201-0/+3
| | | | Follow-up for be405b909e5d78b43e3af47e0d10cd84c714e2f3.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 03:05:57 +0100