Commit Graph

267 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
95365a576f build-sys: add --without-kill-user-processes configure option 2016-04-21 00:21:32 -04:00
Zbigniew Jędrzejewski-Szmek
97e5530cf2 logind: flip KillUserProcesses to on by default
This ensures that users sessions are properly cleaned up after.
The admin can still enable or disable linger for specific users to allow
them to run processes after they log out. Doing that through the user
session is much cleaner and provides better control.

dbus daemon can now be run in the user session (with --enable-user-session,
added in 1.10.2), and most distributions opted to pick this configuration.
In the normal case it makes a lot of sense to kill remaining processes.
The exception is stuff like screen and tmux. But it's easy enough to
work around, a simple example was added to the man page in previous
commit. In the long run those services should integrate with the systemd
users session on their own.

https://bugs.freedesktop.org/show_bug.cgi?id=94508
https://github.com/systemd/systemd/issues/2900
2016-04-21 00:21:32 -04:00
Zbigniew Jędrzejewski-Szmek
96515dbf44 NEWS: add some more items
DUID support is mentioned without details since those are still
being worked out.
2016-04-03 13:16:17 -04:00
Elias Probst
f59dba2654 Reference correct machinectl command in 219 NEWS
NEWS for `219` references `machinectl list-images` to describe the introduced clone feature - this looks like a copy'n'paste problem.
Use `machinectl clone` instead.
2016-03-16 09:23:31 +01:00
Torstein Husebø
96d4901149 treewide: fix typos and then/that use 2016-02-24 11:56:11 +01:00
Lennart Poettering
61ecb465b1 resolved: turn on DNSSEC by default, unless configured otherwise
Let's make sure DNSSEC gets more testing, by defaulting DNSSEC to
"allow-downgrade" mode. Since distros should probably not ship DNSSEC enabled
by default add a configure switch to disable this again.

DNSSEC in "allow-downgrade" mode should mostly work without affecting user
experience. There's one exception: some captive portal systems rewrite DNS in
order to redirect HTTP traffic to the captive portal. If these systems
implement DNS servers that are otherwise DNSSEC-capable (which in fact is
pretty unlikely, but still...), then this will result in the captive portal
being inaccessible. To fix this support in NetworkManager (or any other network
management solution that does captive portal detection) is required, which
simply turns off DNSSEC during the captive portal detection, and resets it back
to the default (i.e. on) after captive portal authentication is complete.
2016-02-16 15:22:05 +01:00
Zbigniew Jędrzejewski-Szmek
7f6e804332 Promote systemd-activate to /usr/bin/systemd-socket-activate
It has fairly wide functionality now and the interface has been
stable for a while. It it a useful testing tool.

The name is changed to better indicate what it does.
2016-02-14 20:33:32 -05:00
Zbigniew Jędrzejewski-Szmek
ed5f884090 NEWS: journal device support is limited to current boot, grammar
Reword some sentences for better flow.
2016-02-11 21:50:42 -05:00
Lennart Poettering
3545ab3501 fill in contributors list in NEWS 2016-02-11 13:02:35 +01:00
Lennart Poettering
926db6521b Merge pull request #2574 from zonque/netclass-remove
cgroup: remove support for NetClass= directive
2016-02-10 17:03:00 +01:00
Daniel Mack
50f48ad37a cgroup: remove support for NetClass= directive
Support for net_cls.class_id through the NetClass= configuration directive
has been added in v227 in preparation for a per-unit packet filter mechanism.
However, it turns out the kernel people have decided to deprecate the net_cls
and net_prio controllers in v2. Tejun provides a comprehensive justification
for this in his commit, which has landed during the merge window for kernel
v4.5:

  https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bd1060a1d671

As we're aiming for full support for the v2 cgroup hierarchy, we can no
longer support this feature. Userspace tool such as nftables are moving over
to setting rules that are specific to the full cgroup path of a task, which
obsoletes these controllers anyway.

This commit removes support for tweaking details in the net_cls controller,
but keeps the NetClass= directive around for legacy compatibility reasons.
2016-02-10 16:38:56 +01:00
Lennart Poettering
a7c723c0c0 update NEWS 2016-02-10 16:34:11 +01:00
Martin Pitt
8968aea0fb NEWS: Various clarification and grammar fixes 2016-02-10 13:51:10 +01:00
Lennart Poettering
d5f8b2952a NEWS: start putting together a NEWS file for 229
Totally incomplete, but let's get this started.
2016-02-10 12:29:38 +01:00
Martin Pitt
61f32bff61 tmpfiles: drop /run/lock/lockdev
Hardly any software uses that any more, and better locking mechanisms like
flock() have been available for many years.

Also drop the corresponding "lock" group from sysusers.d/basic.conf.in, as
nothing else is using this.
2016-02-01 12:16:24 +01:00
Lennart Poettering
ddb4b0d3eb NEWS: add in missing NEWS entry for 228 feature RemainAfterElapse= 2015-11-18 17:04:04 +01:00
David Herrmann
dd050decb6 build: bump version numbers
Prepare for v228 release and bump version numbers.
2015-11-18 08:59:06 +01:00
Lennart Poettering
f1f8a5a5e1 Some additions to NEWS 2015-11-17 01:31:42 +01:00
Thomas Hindoe Paaboel Andersen
815bb5bd56 NEWS: typo fixes 2015-11-15 17:30:33 +01:00
Lennart Poettering
b9e2f7eb00 NEWS: document two more changes in behaviour 2015-11-13 14:59:25 +01:00
Lennart Poettering
28c85daf0a NEWS: add more stuff, and reorder things a bit 2015-11-13 13:59:50 +01:00
Lennart Poettering
a11c7ea52c NEWS: begin putting together a NEWS section for the next release 2015-11-12 13:40:25 +01:00
Jan Engelhardt
a8eaaee72a doc: correct orthography, word forms and missing/extraneous words 2015-11-06 13:45:21 +01:00
Jan Engelhardt
b938cb902c doc: correct punctuation and improve typography in documentation 2015-11-06 13:00:02 +01:00
Daniel Mack
1e0adaa45d update NEWS 2015-10-07 16:00:38 +02:00
Daniel Mack
bdba9227ec NEWS: re-order entries slightly
Also, the release is actually done in Berlin ;)
2015-10-07 15:57:04 +02:00
Lennart Poettering
61e6771c4a Update NEWS 2015-10-07 15:48:58 +02:00
Lennart Poettering
c30f086f04 update NEWS 2015-10-07 15:45:39 +02:00
Lennart Poettering
d046fb9366 update NEWS 2015-10-06 12:33:25 +02:00
Tom Gundersen
c48eb61fa7 NEWS 2015-10-06 12:11:44 +02:00
Tom Gundersen
edf4126f60 NEWS 2015-10-06 11:54:14 +02:00
Daniel Machon
efce0ffeac Update NEWS
Fixed spelling error: seriban -> serbian
2015-10-05 11:15:16 +02:00
Daniel Mack
62211cfe6e NEWS update 2015-10-05 09:47:58 +02:00
Daniel Mack
e46831f0f1 Merge pull request #1438 from poettering/rfkill-rework
An rfkill rework among other things
2015-10-01 16:35:43 +02:00
Lennart Poettering
91d0d69912 update NEWS 2015-10-01 16:24:04 +02:00
Daniel Mack
8b5f9d156c fix typo in NEWS 2015-10-01 13:28:09 +02:00
Lennart Poettering
fe08a30b58 update NEWS 2015-09-30 23:35:10 +02:00
Zbigniew Jędrzejewski-Szmek
6fd5517b11 NEWS: typos 2015-09-30 12:30:30 -04:00
Daniel Mack
5e6ad75f25 fix typos in NEWS 2015-09-30 14:03:14 +02:00
Daniel Mack
b5a684e3a1 update NEWS 2015-09-30 12:46:00 +02:00
Daniel Mack
21d86c613d update NEWS 2015-09-30 12:40:44 +02:00
Daniel Mack
0879a8d316 update NEWS 2015-09-25 17:37:27 +02:00
Daniel Mack
058d07ff37 update NEWS 2015-09-23 11:05:38 +02:00
Daniel Mack
c97e586d8a NEWS: add some information about v227 2015-09-22 13:30:12 +02:00
David Herrmann
23d08d1b2b build: prepare for v226
Bump version info and update NEWS for the upcoming release.
2015-09-08 13:31:57 +02:00
Lennart Poettering
2f77decc5b NEWS: update contributors list 2015-09-08 01:36:59 +02:00
Daniel Mack
c626bf1d30 NEWS: fix typos 2015-09-07 13:06:53 +02:00
Lennart Poettering
47f5a38cdf update NEWS 2015-09-07 12:43:25 +02:00
Lennart Poettering
5e8d4254f9 NEWS: add more content to both the 225 and 226 NEWS section 2015-09-07 00:08:12 +02:00
David Herrmann
c9912c5eaf NEWS: add entries for v226
Initial set of features for the upcoming v226 release next week. This is
mostly about the unified cgroup hierarchy and DHCP.
2015-09-05 11:09:44 +02:00