[systemd-devel] [ANNOUNCE] systemd v223
dh.herrmann at gmail.com
Wed Jul 29 06:13:39 PDT 2015
Here's the next version of systemd, v223:
Many bug-fixes, code cleanups and some new additions to networkd and
resolved. As announced with the previous release, systemd-python has
been removed from upstream and now resides in its own repository:
CHANGES WITH 223:
* The python-systemd code has been removed from the systemd repository.
A new repository has been created which accommodates the code from
now on, and we kindly ask distributions to create a separate package
for this: https://github.com/systemd/python-systemd
* The systemd daemon will now reload its main configuration
(/etc/systemd/system.conf) on daemon-reload.
* sd-dhcp now exposes vendor specific extensions via
* systemd-networkd gained a number of new configuration options.
- A new boolean configuration option for TAP devices called
'VNetHeader='. If set, the IFF_VNET_HDR flag is set for the
device, thus allowing to send and receive GSO packets.
- A new tunnel configuration option called 'CopyDSCP='.
If enabled, the DSCP field of ip6 tunnels is copied into the
- A set of boolean bridge configuration options were added.
'UseBPDU=', 'HairPin=', 'FastLeave=', 'AllowPortToBeRoot=',
and 'UnicastFlood=' are now parsed by networkd and applied to the
respective bridge link device via the respective IFLA_BRPORT_*
- A new string configuration option to override the hostname sent
to a DHCP server, called 'Hostname='. If set and 'SendHostname='
is true, networkd will use the configured hostname instead of the
system hostname when sending DHCP requests.
- A new tunnel configuration option called 'IPv6FlowLabel='. If set,
networkd will configure the IPv6 flow-label of the tunnel device
according to RFC2460.
- The 'macvtap' virtual network devices are now supported, similar to
the already supported 'macvlan' devices.
* systemd-resolved now implements RFC5452 to improve resilience against
cache poisoning. Additionally, source port randomization is enabled
by default to further protect against DNS spoofing attacks.
* nss-mymachines now supports translating UIDs and GIDs of running
containers with user-namespaces enabled. If a container 'foo'
translates a host uid 'UID' to the container uid 'TUID', then
nss-mymachines will also map uid 'UID' to/from username 'vu-foo-TUID'
(with 'foo' and 'TUID' replaced accordingly). Similarly, groups are
mapped as 'vg-foo-TGID'.
Contributions from: Beniamino Galvani, cee1, Christian Hesse, Daniel
Buch, Daniel Mack, daurnimator, David Herrmann, Dimitri John Ledkov,
HATAYAMA Daisuke, Ivan Shapovalov, Jan Alexander Steffens (heftig),
Johan Ouwerkerk, Jose Carlos Venegas Munoz, Karel Zak, Kay Sievers,
Lennart Poettering, Lidong Zhong, Martin Pitt, Michael Biebl, Michael
Olbrich, Michal Schmidt, Michal Sekletar, Mike Gilbert, Namhyung Kim,
Nick Owens, Peter Hutterer, Richard Maw, Steven Allen, Sungbae Yoo,
Susant Sahani, Thomas Blume, Thomas Hindoe Paaboel Andersen, Tom
Gundersen, Torstein Husebø, Umut Tezduyar Lindskog, Vito Caputo,
Vivenzio Pagliari, Zbigniew Jędrzejewski-Szmek
-- Berlin, 2015-07-29
More information about the systemd-devel