Inguqulo entsha yeSystemd 246 isivele ikhishiwe futhi lezi yizindaba zayo

Darkcrizt

Imizuzu ye-4

uhlelo-245

Ngemuva kwezinyanga ezinhlanu zentuthuko inguqulo entsha yeSystemd 246 yethulwe, lapho inguqulo entsha kufaka phakathi ukusekelwa kokuqandisa kweyunithi, ikhono lokuqinisekisa isithombe sediski ngesiginesha yedijithali, ukusekelwa kokucindezelwa kwerejista nokulahla okuyisisekelo usebenzisa i-algorithm yeZSTD, phakathi kwezinye izinto.

Kulabo abangajwayele i-systemd, kufanele ukwazi lokho lokhu kuyisethi yamademoni okuphatha uhlelo, imitapo yolwazi namathuluzi aklanywe njengokulawulwa okuphakathi nendawo yesikhulumi sokusebenzisana ne-kernel yohlelo lwe-GNU / Linux Operating System.

Yini okusha ku-Systemd 246?

Kule nguqulo entsha kugqanyiswa izinguquko eziningana futhi enye yazo isilawuli sezinsizakusebenza ngokususelwa kumaqembu we-v2, engikwaziyo ngakho ingamisa izinqubo futhi ikhulule izinsiza ezithile okwesikhashana ukwenza eminye imisebenzi. Ukubanda nokuncibilikisa kwamayunithi kulawulwa umyalo omusha othi "systemctl freeze" noma nge-D-Bus.

Olunye ushintsho olugqamile olusha ungeze ukusekelwa ukuqinisekisa isithombe sediski ngesiginesha yedijithali. Ukuqinisekiswa kwenziwa kusetshenziswa izilungiselelo ezintsha kumayunithi esevisi: I-RootHash ne-RootHashSignature.

Kumadrayivu we- * .mount, ukusethwa kwe-ReadWriteOnly kuyasetshenziswa, evimbela ukufaka ukwahlukanisa kumodi yokufunda kuphela uma kungakwazi ukukhwezwa ukuze kufundwe nokubhala.

Okokushayela kwe-* .socket, isilungiselelo se-PassPacketInfo sengeziwe, evumela i-kernel ukuthi ingeze imethadatha eyengeziwe yephakethe ngalinye elifundwe kusokhethi.

Kumasevisi, ukucushwa okuhlongozwayo yiCoredumpFilter kanye ne-TimeoutStartFailureMode / TimeoutStopFailureMode lapho ukuphela kwesikhathi kwenzeka lapho uqala noma umisa insiza).

Ngaphezu kwakho, futhi igqamisa izilungiselelo ezintsha zefayela ledrayivu ezingeziwe: IsimoPathIsEncrypted ne-AssertPathIsEncrypted ukubheka indawo yendlela ebekiwe kudivayisi ye-block usebenzisa ukubethela (dm-crypt / LUKS), i-ConditionEnvelo ne-AssertEnvelo ukubheka okuguquguqukayo kwemvelo (ngokwesibonelo, kusethwe yi-PAM noma lapho kulungiswa iziqukathi).

Kumapharamitha ahlukahlukeneAma-Command line s namafayela wokumisa ahlobene nokumisa okhiye noma izitifiketi, ikhono lokucacisa indlela eya kumasokhethi e-Unix liyasetshenziswa (AF_UNIX) ukudlulisa okhiye nezitifiketi ngezingcingo eziya ezinsizakalweni ze-IPC, lapho kungathandeki ukubeka izitifiketi kwizitori zediski ezingabhalwanga.

Futhi, insizakalo ye-systemd-homed ithole ikhono elengeziwe lokuvula izinkomba zasekhaya kusetshenziswa amathokheni we-FIDO2 futhi nge-backend encryption backend I-LUKS ingeza ukusekelwa kokubuyisa ngokuzenzakalela amabhulokhi wesistimu yefayela angenalutho ekupheleni kweseshini. 

Futhi ungeze imingcele emisha yomugqa we-kernel: systemd.hostname ukusetha igama lomethuleli esigabeni sokuqala sokuqalisa

  • udev.blockdev_read_only ukuvimbela wonke amadivayisi we-block ahlotshaniswa namadrayivu angokwenyama kumodi yokufunda kuphela (ungasebenzisa umyalo "blockdev -setrw" ukukhansela ngokukhetha)
  • systemd.shintsha ukukhubaza ukusebenza okuzenzakalelayo kokuhlukaniswa kokushintshaniswa
  • systemd.clock-usec ukusetha iwashi lohlelo kuma-microseconds
  • i-systemd.condition-needs-update and systemd.condition-first-boot Ukweqa ukuhlolwa kwe-ConditionNeedsUpdate ne-ConditionFirstBoot.

Kwezinye izinguquko lezo aveza:

  • Ku-systemd-networkd, esigabeni se- [DHCPv4], isilungiselelo se-UseGateway sesingeziwe ukukhubaza ukusetshenziswa kwemininingwane yesango etholwe nge-DHCP.
  • Ku-systemd-networkd, ezingxenyeni ze- [DHCPv4] ne- [DHCPServer], isethingi ye-SendVendorOption ingeziwe ukusetha nokucubungula izinketho zabanye abahlinzeki.
  • ISystemd-networkd inesethi entsha ye-EmitPOP3 / POP3, EmitSMTP / SMTP kanye nezinketho ze-EmitLPR / LPR kusigaba se- [DHCPServer] ukufaka imininingwane mayelana namaseva we-POP3, SMTP ne-LPR.
  • Kuqanjwe kabusha ukulungiselelwa kusuka ku-BlackList kuya ku-DenyList (ngokuhambisana nokubuyela emuva, ukuphatha igama lakudala kuyagcinwa).
  • I-Systemd-networkd ingeze ingxenye enkulu yezilungiselelo ezihlobene ze-IPv6 ne-DHCPv6.
  • Kungezwe ukusekelwa kokuhlolwa kwe-SNI ku-DNS ngokuqaliswa kwe-TLS.
  • Ku-systemd ixazululiwe, amandla wokumisa ukuqondiswa kabusha kwamagama we-DNS anelebula elilodwa (wegama lomethuleli) engeziwe.

Ekugcineni uma ufuna ukwazi irekhodi eliphelele wezinguquko nezindaba ezilethwe kulokhu kukhishwa okusha kwe-systemd 246, ungabonisana nabo Kulesi sixhumanisi esilandelayo.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Unomthwalo wemfanelo ngedatha: AB Internet Networks 2008 SL
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   luix kusho
    kwenza iminyaka 4

    i-systemd iyabamba !!

    Phendula ku-luix