Ngemuva kwezinyanga ezinhlanu zentuthuko ukukhishwa kwenguqulo entsha ye-systemd 252 imenyezelwe, inguqulo lapho ushintsho olubalulekile enguqulweni entsha kwaba ukuhlanganiswa kwe ukusekelwa kwe- inqubo ye-boot eyenziwe yesimanje, okuvumela ukuqinisekiswa hhayi kuphela i-kernel ne-bootloader, kodwa futhi izingxenye zemvelo yesistimu engaphansi usebenzisa amasignesha edijithali.
Indlela ehlongozwayo ibandakanya ukusetshenziswa kwesithombe se-kernel esihlanganisiwe se-UKI (Isithombe se-kernel esihlanganisiwe) silayishiwe, esihlanganisa umshayeli wokulayisha i-kernel esuka ku-UEFI (UEFI boot stub), isithombe se-Linux kernel, kanye nemvelo yesistimu ye-initrd elayishwe kumemori, esetshenziselwa ukuqaliswa kokuqala esigabeni sangaphambilini ku-FS root mount. .
Ikakhulukazi, izinzuzo i-systemd-cryptsetup, systemd-cryptenroll kanye ne-systemd-cred ishintshiwe ukusebenzisa lolu lwazi, ukuze uqiniseke ukuthi izingxenye zediski ezibethelwe ziboshelwe ku-kernel esayiniwe ngokwedijithali (kulokhu, ukufinyelela kuhlukanisa okubethelwe kunikezwa kuphela uma isithombe se-UKI siphumelele ukuqinisekiswa okusekelwe kusiginesha yedijithali). ku-TPM).
Ngaphezu kwalokho, insiza ye-systemd-pcrphase ifakiwe, ekuvumela ukuthi ulawule ukuboshwa kwezigaba zokuqalisa ezahlukahlukene kumapharamitha abekwe enkumbulweni ngama-cryptoprocessors asekela ukucaciswa kwe-TPM 2.0 (isibonelo, ungenza ukhiye wokuhlukanisa we-LUKS2 utholakale kuphela esithombeni sokuqala futhi uvimbele ukufinyelela kukho ekulandiseni okulandelayo).
Izici ezintsha eziyinhloko ze-systemd 252
Ezinye izinguquko ezigqamayo ku-systemd 252, ukuthi sngenze isiqiniseko sokuthi indawo ezenzakalelayo ithi C.UTF-8 uma kungekho enye indawo eshiwo ekucushweni.
Ngaphezu kwalokho ku-systemd 252 futhi isebenzise ikhono lokwenza umsebenzi ogcwele wokusetha kabusha isevisi ("i-systemctl preset") ngesikhathi sokuqalisa kokuqala. Ukunika amandla ukusetha ngaphambilini ngesikhathi sokuqalisa kudinga ukwakhiwa ngenketho ethi "-Dfirst-boot-full-preset", kodwa kuhlelwe ukuthi kunikwe amandla ngokuzenzakalela ekukhishweni okuzayo.
Kumayunithi okuphatha abasebenzisi sebenzisa isilawuli sensiza ye-CPU, okwenze kwaba nokwenzeka ukuqinisekisa ukuthi isilungiselelo se-CPUWeight sisetshenziswa kuwo wonke amayunithi ocezu asetshenziselwa ukuhlukanisa isistimu ibe izingcezu (app.slice, background.slice, session.slice) ukuze kuhlukaniswe izinsiza phakathi kwamasevisi ahlukahlukene abasebenzisi, aqhudelana nezinsiza ze-CPU. I-CPUWeight futhi isekela inani "elingenzi lutho" ukuze liqalise imodi yokuqashisa efanele.
Ngakolunye uhlangothi, kunqubo yokuqalisa (PID 1), yengeze ikhono lokungenisa izifakazelo kusuka ezinkambini ze-SMBIOS (Uhlobo 11, "amaketango abahlinzeki be-OEM") kanye nokuwachaza nge-qemu_fwcfg, okwenza kube lula ukunikeza izifakazelo emishinini ebonakalayo futhi eqeda isidingo samathuluzi ezinkampani zangaphandle njenge-cloud -init kanye nokubasa.
Phakathi nokuvala shaqa, ingqondo yokwehliswa kwezinhlelo zamafayela abonakalayo (i-proc, i-sys) yashintshwa, futhi ulwazi olumayelana nezinqubo ezivimbela ukwehliswa kwesistimu yefayela lulondolozwa kulogi.
I-sd bootloader yengeze amandla okuqalisa ngemodi exubile, isebenzisa i-64-bit Linux kernel kusuka ku-32-bit UEFI firmware. Kwengezwe amandla okuhlola ukuze usebenzise ngokuzenzakalelayo okhiye be-SecureBoot kusukela kumafayela atholakala ku-ESP (EFI System Partition).
Kwengezwe izinketho ezintsha ku-bootctl utility "-all-architectures" ukufaka amabhanari azo zonke izakhiwo ze-EFI ezisekelwayo, «-impande=” kanye “–isithombe=»ukusebenza ngohla lwemibhalo noma ngesithombe sediski, «--faka-umthombo=»ukuchaza ifonti ezofakwa, «-efi-boot-option-description=»ukulawula amagama okufakwa ebhuthini.
Kwezinye izinguquko lokho kuphuma ku-systemd 252:
- i-systemd-nspawn ivumela ukusetshenziswa kwemizila yefayela ehlobene kuzinketho ze-“-bind=" kanye ne-“–overlay=". Kwengezwe usekelo lwenketho ye-'rootidmap' kunketho ethi "–bind=" ukuze ubophe i-ID yomsebenzisi oyimpande esitsheni kumnikazi wohla lwemibhalo olufakwe kuhlangothi losokhaya.
- i-systemd-resolved isebenzisa iphakheji ye-OpenSSL njengesipele sokubethela ngokuzenzakalelayo (usekelo lwe-gnutls lugcinwa njengenketho). Ama-algorithms we-DNSSEC angasekelwe manje athathwa njengokungavikelekile esikhundleni sokubuyisela iphutha (SERVFAIL).
- i-systemd-sysusers, i-systemd-tmpfiles, ne-systemd-sysctl zisebenzisa ikhono lokudlulisa ukucushwa ngendlela yokugcina imininingwane.
- Kwengezwe umyalo 'wokuqhathanisa izinguqulo' ukuze kuhlaziywe i-systemd ukuze kuqhathaniswe iyunithi yezinhlamvu nezinombolo zenguqulo (ezifana ne-'rpmdev-vercmp' kanye ne-'dpkg -compare-versions').
- Kwengezwe amandla okuhlunga amadrayivu ngemaski kumyalo we-'systemd-analyze dump'.
- Uma ukhetha imodi yokulala yezigaba eziningi (lala bese ulala ubuthongo, ulale ubuthongo ngemva kokulala), isikhathi esichithwa kumodi yokulinda manje sesikhethiwe ngokusekelwe esibikezelweni sempilo yebhethri esisele.
- Ushintsho olusheshayo lwemodi yokulala lwenziwa uma kunokushajwa kwebhethri okungaphansi kuka-5%.
Kuyafaneleka futhi ukukusho lokho ngo-2024, i-systemd ihlela ukuyeka ukusekela i-cgroup v1 resource capping mechanism, yehliswe kunguqulo 248 ye-systemd. Abalawuli bayelulekwa ukuthi banakekele izinsiza ezihambayo ezixhunywe ku-cgroup v1 ukuze baqoqe i-v2 kusengaphambili.
Umehluko oyinhloko phakathi kwamaqoqo v2 kanye ne-v1 ukusetshenziswa kwesigaba esivamile samaqembu kuzo zonke izinhlobo zensiza, esikhundleni sezigaba ezihlukene zokwabiwa kwensiza ye-CPU, ukuphathwa kwenkumbulo, kanye ne-I/O. Izigaba ezihlukene ziholela ebunzimeni ekuhleleni ukusebenzisana phakathi kwabashayeli kanye nezindleko ezengeziwe zensiza ye-kernel lapho kusetshenziswa imithetho yenqubo eqanjwe ngezigaba ezahlukene.
Engxenyeni yesibili ka-2023, kuhlelwe ukuthi kumiswe ukusekela uhla lwemibhalo ehlukanisiwe, lapho /usr ifakwe ngokuhlukana nempande, noma /bin kanye /usr/bin, /lib kanye /usr/lib izinkomba zihlukaniswa.
udoti omningi ovela ku-lennart..
Umfana uyisisebenzi…futhi uyisisebenzi esihle…uvumelana ngokuphelele nomphathi wakhe.