diff options
author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2018-06-13 14:52:57 +0900 |
---|---|---|
committer | Sven Eden <yamakuzure@gmx.net> | 2018-08-24 16:47:08 +0200 |
commit | 0d2592f8b1f71c81d7710c92421ef06e5d4c4825 (patch) | |
tree | b8b6be7e8557cbdf1587eacf51551bc558b9e8da /NEWS | |
parent | b82543d8b72eabbf495e9c4ce13bfba310d9e720 (diff) |
NEWS: add more news
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 20 |
1 files changed, 19 insertions, 1 deletions
@@ -53,11 +53,15 @@ CHANGES WITH 239 in spe: * The elogind-resolve tool has been renamed to resolvectl (it also * elogind-resolved now supports DNS-over-TLS ("PrivateDNS"). It's still - turned off by default, use PrivateDNS=yes to turn it on in + turned off by default, use PrivateDNS=opportunistic to turn it on in resolved.conf. We intend to make this the default as soon as couple of additional techniques for optimizing the initial latency caused by establishing a TLS/TCP connection are implemented. + * elogind-resolved.service and elogind-networkd.service now set + DynamicUser=yes. The users elogind-resolve and elogind-network are + not created by elogind-sysusers. + remains available under the old name, for compatibility), and its interface is now verb-based, similar in style to the other <xyz>ctl tools, such as systemctl or loginctl. @@ -200,6 +204,11 @@ CHANGES WITH 239 in spe: about its state. * elogind-nspawn gained a new --rlimit= switch for setting initial + * A new environment variable $SYSTEMD_TIMEDATED_NTP_SERVICES is now + understood by elogind-timedated. It takes a colon-separated list of + unit names of NTP client services. The list is used by + "timedatectl set-ntp". + resource limits for the container payload. There's a new switch --hostname= to explicitly override the container's hostname. A new --no-new-privileges= switch may be used to control the @@ -285,6 +294,15 @@ CHANGES WITH 239 in spe: query the default, built-in $PATH PID 1 will pass to the services it manages. + * A new unit file setting PrivateMounts= has been added. It's a boolean + option. If enabled the unit's processes are invoked in their own file + system namespace. Note that this behaviour is also implied if any + other file system namespacing options (such as PrivateTmp=, + PrivateDevices=, ProtectSystem=, …) are used. This option is hence + primarily useful for services that do not use any of the other file + system namespacing options. One such service is elogind-udevd.service + wher this is now used by default. + Contributions from: Adam Duskett, Alan Jenkins, Alessandro Casale, Alexander Kurtz, Alex Gartrell, Anssi Hannula, Antique, Arnaud Rebillout, Brian J. Murrell, Bruno Vernay, Chris Lesiak, Christian |