Prep v231: Update build root files to upstream

1 files changed, 250 insertions, 7 deletions

diff --git a/NEWS b/NEWS
index 7c3f99d31..ca5468587 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,243 @@
 systemd System and Service Manager
 
+CHANGES WITH 231:
+
+        * In service units the various ExecXYZ= settings have been extended
+          with an additional special character as first argument of the
+          assigned value: if the character '+' is used the specified command
+          line it will be run with full privileges, regardless of User=,
+          Group=, CapabilityBoundingSet= and similar options. The effect is
+          similar to the existing PermissionsStartOnly= option, but allows
+          configuration of this concept for each executed command line
+          independently.
+
+        * Services may now alter the service watchdog timeout at runtime by
+          sending a WATCHDOG_USEC= message via sd_notify().
+
+        * MemoryLimit= and related unit settings now optionally take percentage
+          specifications. The percentage is taken relative to the amount of
+          physical memory in the system (or in case of containers, the assigned
+          amount of memory). This allows scaling service resources neatly with
+          the amount of RAM available on the system. Similarly, systemd-logind's
+          RuntimeDirectorySize= option now also optionally takes percentage
+          values.
+
+        * In similar fashion TasksMax= takes percentage values now, too. The
+          value is taken relative to the configured maximum number of processes
+          on the system. The per-service task maximum has been changed to 15%
+          using this functionality. (Effectively this is an increase of 512 →
+          4915 for service units, given the kernel's default pid_max setting.)
+
+        * Calendar time specifications in .timer units now understand a ".."
+          syntax for time ranges. Example: "4..7:10" may now be used for
+          defining a timer that is triggered at 4:10am, 5:10am, 6:10am and
+          7:10am every day.
+
+        * The InaccessableDirectories=, ReadOnlyDirectories= and
+          ReadWriteDirectories= unit file settings have been renamed to
+          InaccessablePaths=, ReadOnlyPaths= and ReadWritePaths= and may now be
+          applied to all kinds of file nodes, and not just directories, with
+          the exception of symlinks. Specifically these settings may now be
+          used on block and character device nodes, UNIX sockets and FIFOS as
+          well as regular files. The old names of these settings remain
+          available for compatibility.
+
+        * systemd will now log about all service processes it kills forcibly
+          (using SIGKILL) because they remained after the clean shutdown phase
+          of the service completed. This should help identifying services that
+          shut down uncleanly. Moreover if KillUserProcesses= is enabled in
+          systemd-logind's configuration a similar log message is generated for
+          processes killed at the end of each session due to this setting.
+
+        * systemd will now set the $JOURNAL_STREAM environment variable for all
+          services whose stdout/stderr are connected to the Journal (which
+          effectively means by default: all services). The variable contains
+          the device and inode number of the file descriptor used for
+          stdout/stderr. This may be used by invoked programs to detect whether
+          their stdout/stderr is connected to the Journal, in which case they
+          can switch over to direct Journal communication, thus being able to
+          pass extended, structured metadata along with their log messages. As
+          one example, this is now used by glib's logging primitives.
+
+        * When using systemd's default tmp.mount unit for /tmp, the mount point
+          will now be established with the "nosuid" and "nodev" options. This
+          avoids privilege escalation attacks that put traps and exploits into
+          /tmp.  However, this might cause problems if you e. g. put container
+          images or overlays into /tmp; if you need this, override tmp.mount's
+          "Options=" with a drop-in, or mount /tmp from /etc/fstab with your
+          desired options.
+
+        * systemd now supports the "memory" cgroup controller also on
+          cgroupsv2.
+
+        * The systemd-cgtop tool now optionally takes a control group path as
+          command line argument. If specified, the control group list shown is
+          limited to subgroups of that group.
+
+        * The SystemCallFilter= unit file setting gained support for
+          pre-defined, named system call filter sets. For example
+          SystemCallFilter=@clock is now an effective way to make all clock
+          changing-related system calls unavailable to a service. A number of
+          similar pre-defined groups are defined. Writing system call filters
+          for system services is simplified substantially with this new
+          concept. Accordingly, all of systemd's own, long-running services now
+          enable system call filtering based on this, by default.
+
+        * A new service setting MemoryDenyWriteExecute= has been added, taking
+          a boolean value. If turned on, a service may no longer create memory
+          mappings that are writable and executable at the same time. This
+          enhances security for services where this is enabled as it becomes
+          harder to dynamically write and then execute memory in exploited
+          service processes. This option has been enabled for all of systemd's
+          own long-running services.
+
+        * A new RestrictRealtime= service setting has been added, taking a
+          boolean argument. If set the service's processes may no longer
+          acquire realtime scheduling. This improves security as realtime
+          scheduling may otherwise be used to easily freeze the system.
+
+        * systemd-nspawn gained a new switch --notify-ready= taking a boolean
+          value. This may be used for requesting that the system manager inside
+          of the container reports start-up completion to nspawn which then
+          propagates this notification further to the service manager
+          supervising nspawn itself. A related option NotifyReady= in .nspawn
+          files has been added too. This functionality allows ordering of the
+          start-up of multiple containers using the usual systemd ordering
+          primitives.
+
+        * machinectl gained a new command "stop" that is an alias for
+          "terminate".
+
+        * systemd-resolved gained support for contacting DNS servers on
+          link-local IPv6 addresses.
+
+        * If systemd-resolved receives the SIGUSR2 signal it will now flush all
+          its caches. A method call for requesting the same operation has been
+          added to the bus API too, and is made available via "systemd-resolve
+          --flush-caches".
+
+        * systemd-resolve gained a new --status switch. If passed a brief
+          summary of the used DNS configuration with per-interface information
+          is shown.
+
+        * resolved.conf gained a new Cache= boolean option, defaulting to
+          on. If turned off local DNS caching is disabled. This comes with a
+          performance penalty in particular when DNSSEC is enabled. Note that
+          resolved disables its internal caching implicitly anyway, when the
+          configured DNS server is on a host-local IP address such as ::1 or
+          127.0.0.1, thus automatically avoiding double local caching.
+
+        * systemd-resolved now listens on the local IP address 127.0.0.53:53
+          for DNS requests. This improves compatibility with local programs
+          that do not use the libc NSS or systemd-resolved's bus APIs for name
+          resolution. This minimal DNS service is only available to local
+          programs and does not implement the full DNS protocol, but enough to
+          cover local DNS clients. A new, static resolv.conf file, listing just
+          this DNS server is now shipped in /usr/lib/systemd/resolv.conf. It is
+          now recommended to make /etc/resolv.conf a symlink to this file in
+          order to route all DNS lookups to systemd-resolved, regardless if
+          done via NSS, the bus API or raw DNS packets. Note that this local
+          DNS service is not as fully featured as the libc NSS or
+          systemd-resolved's bus APIs. For example, as unicast DNS cannot be
+          used to deliver link-local address information (as this implies
+          sending a local interface index along), LLMNR/mDNS support via this
+          interface is severely restricted. It is thus strongly recommended for
+          all applications to use the libc NSS API or native systemd-resolved
+          bus API instead.
+
+        * systemd-networkd's bridge support learned a new setting
+          VLANFiltering= for controlling VLAN filtering. Moreover a new section
+          in .network files has been added for configuring VLAN bridging in
+          more detail: VLAN=, EgressUntagged=, PVID= in [BridgeVLAN].
+
+        * systemd-networkd's IPv6 Router Advertisement code now makes use of
+          the DNSSL and RDNSS options. This means IPv6 DNS configuration may
+          now be acquired without relying on DHCPv6. Two new options
+          UseDomains= and UseDNS= have been added to configure this behaviour.
+
+        * systemd-networkd's IPv6AcceptRouterAdvertisements= option has been
+          renamed IPv6AcceptRA=, without altering its behaviour. The old
+          setting name remains available for compatibility reasons.
+
+        * The systemd-networkd VTI/VTI6 tunneling support gained new options
+          Key=, InputKey= and OutputKey=.
+
+        * systemd-networkd gained support for VRF ("Virtual Routing Function")
+          interface configuration.
+
+        * "systemctl edit" may now be used to create new unit files by
+          specifying the --force switch.
+
+        * sd-event gained a new function sd_event_get_iteration() for
+          requesting the current iteration counter of the event loop. It starts
+          at zero and is increased by one with each event loop iteration.
+
+        * A new rpm macro %systemd_ordering is provided by the macros.systemd
+          file. It can be used in lieu of %systemd_requires in packages which
+          don't use any systemd functionality and are intended to be installed
+          in minimal containers without systemd present. This macro provides
+          ordering dependecies to ensure that if the package is installed in
+          the same rpm transaction as systemd, systemd will be installed before
+          the scriptlets for the package are executed, allowing unit presets
+          to be handled.
+
+          New macros %_systemdgeneratordir and %_systemdusergeneratordir have
+          been added to simplify packaging of generators.
+
+        * The os-release file gained VERSION_CODENAME field for the
+          distribution nickname (e.g. VERSION_CODENAME=woody).
+
+        * New udev property UDEV_DISABLE_PERSISTENT_STORAGE_RULES_FLAG=1
+          can be set to disable parsing of metadata and the creation
+          of persistent symlinks for that device.
+
+        * The v230 change to tag framebuffer devices (/dev/fb*) with "uaccess"
+          to make them available to logged-in users has been reverted.
+
+        * Much of the common code of the various systemd components is now
+          built into an internal shared library libsystemd-shared-231.so
+          (incorporating the systemd version number in the name, to be updated
+          with future releases) that the components link to. This should
+          decrease systemd footprint both in memory during runtime and on
+          disk. Note that the shared library is not for public use, and is
+          neither API not ABI stable, but is likely to change with every new
+          released update. Packagers need to make sure that binaries
+          linking to libsystemd-shared.so are updated in step with the
+          library.
+
+        * Configuration for "mkosi" is now part of the systemd
+          repository. mkosi is a tool to easily build legacy-free OS images,
+          and is available on github: https://github.com/systemd/mkosi. If
+          "mkosi" is invoked in the build tree a new raw OS image is generated
+          incorporating the systemd sources currently being worked on and a
+          clean, fresh distribution installation. The generated OS image may be
+          booted up with "systemd-nspawn -b -i", qemu-kvm or on any physcial
+          UEFI PC. This functionality is particularly useful to easily test
+          local changes made to systemd in a pristine, defined environment. See
+          HACKING for details.
+
+        Contributions from: Alban Crequy, Alessandro Puccetti, Alessio Igor
+        Bogani, Alexander Kuleshov, Alexander Kurtz, Alex Gaynor, Andika
+        Triwidada, Andreas Pokorny, Andreas Rammhold, Andrew Jeddeloh, Ansgar
+        Burchardt, Atrotors, Benjamin Drung, Brian Boylston, Christian Hesse,
+        Christian Rebischke, Daniele Medri, Daniel Mack, Dave Reisner, David
+        Herrmann, David Michael, Djalal Harouni, Douglas Christman, Elias
+        Probst, Evgeny Vereshchagin, Federico Mena Quintero, Felipe Sateler,
+        Franck Bui, Harald Hoyer, Ian Lee, Ivan Shapovalov, Jakub Wilk, Jan
+        Janssen, Jean-Sébastien Bour, John Paul Adrian Glaubitz, Jouke
+        Witteveen, Kai Ruhnau, kpengboy, Kyle Walker, Lénaïc Huard, Lennart
+        Poettering, Luca Bruno, Lukas Lösche, Lukáš Nykrýn, mahkoh, Marcel
+        Holtmann, Martin Pitt, Marty Plummer, Matthieu Codron, Max Prokhorov,
+        Michael Biebl, Michael Karcher, Michael Olbrich, Michał Bartoszkiewicz,
+        Michal Sekletar, Michal Soltys, Minkyung, Muhammet Kara, mulkieran,
+        Otto Wallenius, Pablo Lezaeta Reyes, Peter Hutterer, Ronny Chevalier,
+        Rusty Bird, Stef Walter, Susant Sahani, Tejun Heo, Thomas Blume, Thomas
+        Haller, Thomas H. P. Andersen, Tobias Jungel, Tom Gundersen, Tom Yan,
+        Topi Miettinen, Torstein Husebø, Valentin Vidić, Viktar Vaŭčkievič,
+        WaLyong Cho, Weng Xuetian, Werner Fink, Zbigniew Jędrzejewski-Szmek
+
+        — Berlin, 2016-07-25
+
 CHANGES WITH 230:
 
         * DNSSEC is now turned on by default in systemd-resolved (in
@@ -152,7 +390,7 @@ CHANGES WITH 230:
           container, via the new --private-users=pick setting (which implies
           --private-user-chown). Together, these options for the first time
           make user namespacing for nspawn containers fully automatic and thus
-          deployable. The systemd-nspaw@.service template unit file has been
+          deployable. The systemd-nspawn@.service template unit file has been
           changed to use this functionality by default.
 
         * systemd-nspawn gained a new --network-zone= switch, that allows
@@ -207,6 +445,11 @@ CHANGES WITH 230:
           for backwards compatibility). AmbientCapabilities= and
           CapabilityBoundingSet= should be used instead.
 
+        * A new special target has been added, initrd-root-device.target,
+          which creates a synchronization point for dependencies of the root
+          device in early userspace. Initramfs builders must ensure that this
+          target is now included in early userspace.
+
         Contributions from: Alban Crequy, Alexander Kuleshov, Alexander Shopov,
         Alex Crawford, Andre Klärner, Andrew Eikum, Beniamino Galvani, Benjamin
         Robin, Biao Lu, Bjørnar Ness, Calvin Owens, Christian Hesse, Clemens
@@ -542,7 +785,7 @@ CHANGES WITH 228:
           the service.
 
         * Timer units gained support for a new RemainAfterElapse=
-          setting which takes a boolean argument. It defaults on on,
+          setting which takes a boolean argument. It defaults to on,
           exposing behaviour unchanged to previous releases. If set to
           off, timer units are unloaded after they elapsed if they
           cannot elapse again. This is particularly useful for
@@ -733,7 +976,7 @@ CHANGES WITH 227:
         * Support for USB FunctionFS activation has been added. This
           allows implementation of USB gadget services that are
           activated as soon as they are requested, so that they don't
-          have to run continously, similar to classic socket
+          have to run continuously, similar to classic socket
           activation.
 
         * The "systemctl exit" command now optionally takes an
@@ -778,7 +1021,7 @@ CHANGES WITH 227:
 
         * systemd-networkd gained support for:
 
-            - Setting the IPv6 Router Advertisment settings via
+            - Setting the IPv6 Router Advertisement settings via
               IPv6AcceptRouterAdvertisements= in .network files.
 
             - Configuring the HelloTimeSec=, MaxAgeSec= and
@@ -824,7 +1067,7 @@ CHANGES WITH 227:
           files controlled by the number of files that shall remain,
           in addition to the already existing control by size and by
           date. This is useful as journal interleaving performance
-          degrades with too many seperate journal files, and allows
+          degrades with too many separate journal files, and allows
           putting an effective limit on them. The new setting defaults
           to 100, but this may be changed by setting SystemMaxFiles=
           and RuntimeMaxFiles= in journald.conf. Also, the
@@ -911,7 +1154,7 @@ CHANGES WITH 226:
           available, systemd will fall back to the legacy cgroup
           hierarchy setup, as before. Host system and containers can
           mix and match legacy and unified hierarchies as they
-          wish. nspawn understands the $UNIFIED_CROUP_HIERARCHY
+          wish. nspawn understands the $UNIFIED_CGROUP_HIERARCHY
           environment variable to individually select the hierarchy to
           use for executed containers. By default, nspawn will use the
           unified hierarchy for the containers if the host uses the
@@ -5209,7 +5452,7 @@ CHANGES WITH 192:
         * We do not mount the "cpuset" controller anymore together with
           "cpu" and "cpuacct", as "cpuset" groups generally cannot be
           started if no parameters are assigned to it. "cpuset" hence
-          broke code that assumed it it could create "cpu" groups and
+          broke code that assumed it could create "cpu" groups and
           just start them.
 
         * journalctl -f will now subscribe to terminal size changes,