picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update NEWS

This commit is contained in:
Lennart Poettering 2019-11-20 12:47:52 +01:00 committed by Zbigniew Jędrzejewski-Szmek
parent 8490fc7aef
commit 168e131b8b
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
NEWS
View File

@ -187,6 +187,19 @@ CHANGES WITH 244 in spe:
used by the user service manager. The default is again to use the same
path as the system manager.
* The systemd-id128 tool gained a new switch "-u" (or "--uuid") for
outputting the 128bit IDs in UUID format (i.e. in the "canonical
representation").
* Service units gained a new sandboxing option ProtectKernelLogs= which
makes sure the program cannot get direct access to the kernel log
buffer anymore, i.e. the syslog() system call (not to be confused
with the API of the same name in libc, which is not affected), the
/proc/kmsg and /dev/kmsg nodes and the CAP_SYSLOG capability are made
inaccessible to the service. It's recommended to enable this setting
for all services that should not be able to read from or write to the
kernel log buffer, which are probably almost all.
CHANGES WITH 243:
* This release enables unprivileged programs (i.e. requiring neither