Linux News Today: Lennart Poettering Announces systemd 231 Init System for GNU/Linux Distributions
Today, July 25, 2016, systemd creator Lennart Poettering has proudly announced the release and general availability of the systemd 231 init system for major GNU/Linux OSes.
Bringing lots of fixes and numerous additions, systemd 231 is now the most advanced version of the modern and controversial init system that has been adopted in the last few years by more and more Linux kernel-based operating systems, including Fedora, Ubuntu, Arch Linux, openSUSE, Red Hat Enterprise Linux, and many others.
Looking at the release notes, we can notice some big improvements in today’s systemd 231 release, among which we can mention support for the “memory” cgroup controller on cgroupsv2, support for contacting Domain Name System (DNS) servers on link-local IPv6 addresses via systemd-resolved, and a new “stop” command for machinectl.
Additionally, systemd 231 introduces support for named and pre-defined system call filter sets to the “SystemCallFilter=” unit file setting, as well as the ability for services to now change the watchdog timeout at runtime via sd_notify(). Another interesting change is the addition of a new service setting called “MemoryDenyWriteExecute=,” which is capable of taking a boolean value.
“If turned on, a service may no longer create memory mappings that are writable and executable at the same time,” says Lennart Poettering. “This enhances security for services where this is enabled as it becomes harder to dynamically write and then execute memory in exploited service processes. This option has been enabled for all of systemd’s own long-running services.”
systemd 231 coming soon to a distro near you
There are numerous other enhancements and bug fixes implemented in the systemd 231 release, so we recommend that you check out the full changelog below if you want to know what exactly has been changed. In the meantime, if you are a GNU/Linux distribution maintainer, we recommend that you download the systemd 231 sources right now via our website and compile them for your operating system.
On the other hand, if you’re a regular GNU/Linux user, please monitor the main software repositories of your distribution for the systemd 231 update and install it as soon as possible. We always recommend our readers to bring their systems up-to-date with the latest software releases as soon as they’re out.