14 DAY TRIAL // Today, November 3, 2016, Lennart Pottering proudly announced the release and general availability of the systemd 232 modern, next-generation init system used in numerous GNU/Linux distributions.
More than three months have passed since the release of systemd 231, during which Lennart Pottering and his team of over 100 developers managed to add even more exciting new features, as well as to improve existing functionality in the widely-used systemd init system. All these are now available as part of the systemd 232 release, and are coming soon to a distro near you.
Looking at the release notes, which we've also attached at the end of the article for your viewing pleasure, we can notice that systemd 232 sports a total of 60 improvements, and it looks like the prominent ones are support for VeraCrypt encrypted partitions, hardening of various systemd services, and support for dynamically creating users during a service's lifetime.
New ProtectKernelModules and ProtectKernelTunables options, more
Among other interesting features implemented in today's systemd 232 release, we can mention the addition of the ProtectKernelModules and ProtectKernelTunables options. While the first can be used for disabling explicit load and unload of kernel modules by a service, the second one allows a service to disable modifications of configuration files in /proc and /sys.
There's also a brand new ProtectControlGroups option for disabling a service's write access to /sys/fs/cgroup, the ability to have no /etc/group or /etc/passwd files in chroot or minimal container environments, support for the cgroup namespace in systemd-nspawn, along with support for limiting the maximum swap usage under the unified cgroup hierarchy by using the new MemorySwapMax option.
The CPU controller is now supported in the unified cgroup hierarchy, it is possible to transiently create mount and automount units, "Virtual CAN" interface configuration was implemented in systemd-networkd, the systemd-sysctl component can now configure kernel parameters in the order they appear in the configuration files, and it looks like there's a new tool called systemd-mount, which can mount filesystems, similar to what the mount tool can do.
"For example, this tool automatically runs fsck on a backing block device before mounting, and allows the automount logic to be used dynamically from the command line for establishing mount points," said Lennart Pottering. "This tool is particularly useful when dealing with removable media, as it will ensure fsck is run - if necessary - before the first access and that the file system is quickly unmounted after each access by utilizing the automount logic."
There are numerous other small improvements and bug fixes, so check out the full changelog below for all the technical details. In the meantime, you can download the systemd 232 source archive right now if you fancy compiling software for your Linux-based operating system, but rest assure that the new systemd version will land soon in the main, stable repositories of your GNU/Linux distribution.