Systemd developers are celebrating Halloween by releasing systemd 252.
Systemd 252 is as stable as the newest version of this dominant Linux init system today. With systemd 252 there are new systemd-measure command and many improvements in this ever growing codebase. Some of the highlights of systemd 252 are:
– systemd-measure has been added as an aid to pre-calculate PCR measurements to make it easier to streamline TPM2 principles.
– If systemd detects that the OS image has passed its end of support date, it will set an “end of support” flaw flag. This is as well as the OS version that gained a new “SUPPORT_END=” field to indicate a date when OS support is deemed unsupported.
– New settings for ConditionCredential= and AssertCredential= to skip/fail units when no specific credential is provided.
– DefaultDeviceTimeoutSec= can be used to specify the default timeout for devices.
– A change that allows for greater resource isolation between different user services competing for the CPU.
– Systemd support for a full preset in “first boot” condition rather than just activation.
– C.UTF-8 is now used as the default locale when nothing else is configured.
– New D-Bus features related to Watchdog are now published by systemd.
– UEFI monotonic boot counter is now included in random seed as additional entropy.
– Systemd boot support is now supported for booting in EFI mixed mode for 64-bit kernel with 32-bit UEFI firmware.
– Improved detection of Parallels and KubeVirt virtualization.
– OpenSSL is the default crypto backend for systemd resolved while GnuTLS is still supported.
– Systemd-repart now supports creating SquashFS partitions as well as dm-verity partitions.
– systemd-oomd now sends a “Killed” D-Bus signal when a group is killed.
– For systemd in RISC-V, the riscv_flush_icache() system call is now added to the list of allowed system calls by default when enabling the “SystemCallFilter” option.
– Additions are now allowed for temporary units.
– systemd’s sd-stub will now use LoadImage / StartImage to run the kernel. sd-stub also adds a temporary UEFI SecurityOverride to allow booting unsigned nested images.
– Various improvements have been made to systemd-resolved. Systemd-resolved now offers a varlink socket at /run/systemd/resolve/io.systemd.Resolve.Monitor that provides processed DNS requests in JSON format for all clients connected to this socket. Systemd’s insolvectl now also supports a “monitor” option to take advantage of this monitor socket.
– Portablectl gained a “–force” flag to bypass certain sanity checks.
– systemd-udev will now create infiniband/by-path and infiniband/by-ibdev connections for Infiniband devices.
– mkosi configuration in systemd now has support for automatically compiling a kernel with a suitable configuration for systemd testing.
Downloads and more details on Systemd version 252 GitHub.
