systemd 255 arrives implemented the blue screen of death, improvements and more

systemd

systemd is a set of system administration daemons, libraries, and tools designed as a central administration and configuration platform for interfacing with the Linux operating system kernel.

After four months of development, the release of new version of systemd 255, a version that highlights support for exporting units through NVMe-TCP, systemd-bsod to display error messages in full screen, systemd-vmspawn to start virtual machines, among others.

In this new version of systemd 255 that is presented, one of the most important changes that stands out is the “systemd-storagetm” integration, which Allows automatic export of all local block devices using the NVMe-TCP driver.

Another change that stands out and that above all has generated divided opinions, is the component "systemd-bsod" which is an analogous implementation of the "blue screen of death" of Windows (blue screen of death), and whose function is to display critical error messages (LOG_EMERG) in the form of a full screen notification at the startup stage.

In addition to that, Also highlighted is the new “systemd-vmspawn” utility, which is analogous to the systemd-nspawn utility for booting an operating system image on a virtual machine (the systemd-nspawn utility is designed for starting containers, and systemd-vmspawn provides a similar interface for virtual machines.) Currently, only a QEMU-based backend is available for running virtual machines.

Another important change that systemd 255 received is the PAM module pam_systemd_loadkey.so, designed to automatically extract from the kernel keychain the passphrase used in cryptsetup to unlock the FS encrypt root and set this passphrase as an authentication token (PAM authtok). The module can be used, for example, to configure auto-unlock access to GNOME Keyring and KDE Wallet when auto-login is enabled.

The code for tracking internal processes has been moved to use PIDFD instead of PID in environments with a kernel that supports PIDFD, and the ability to create scope units using PIDFD instead of PID to select processes has also been implemented.

Systemd-repart: “–copy-from” It is another of the new utilities that systemd 255 receives and it is allows you to obtain partition descriptions of the specified file system image:

  • «–copy-source«: to specify the base directory for the CopyFiles parameter
  • «— make-ddi=confext», » –make-ddi=sysext» and «–make-ddi=portable» to generate different types of DDI, and «–tpm2-device-key» to link the disk to a specific TPM2.

Utility added “systemd-pcrlock” to analyze and predict the states of TPM2 PCR records (Platform Configuration Register) and generate access rules stored in the TPM2 NV index that allow access to TPM2 objects, such as disk encryption keys, only digitally and signed components released at the verified download stage.

The option SurviveFinalKillSignal has been added to units, with the purpose of allow ignoring SIGTERM/SIGKILL signal final issued during shutdown, which can be useful for leaving a unit running during a soft reset of the system in soft reset mode.

Of the other changes that stand out from this new version:

  • Support for separate directory hierarchies (when /usr is mounted separately from the root directory, or the directories /bin and /usr/bin, /lib and /usr/lib they are separated).
  • Added “varlinkctl” utility to call and introspect services using the Varlink protocol.
  • Added support for entering hibernation mode and saving memory contents to exchange files stored in the Btrfs file system.
  • Added NFTSet setting that allows you to use cgroup identifiers to change logic in firewall rules.
  • systemd-boot has added new “B” and “O” hotkeys to reboot and shutdown the system from the boot menu.
  • Support for the LoongArch64 architecture has been added to the seccomp subsystem.
  • Added option «–tmpfs» to the systemd-mount utility to mount a new 'tmpfs' instance.

Finally, if you are interested in being able to know more about it, you can consult the details in the following link


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.