Show Your Support: This site is primarily supported by advertisements. Ads are what have allowed this site to be maintained on a daily basis for the past 18+ years. We do our best to ensure only clean, relevant ads are shown, when any nasty ads are detected, we work to remove them ASAP. If you would like to view the site without ads while still supporting our work, please consider our ad-free Phoronix Premium.
Systemd 214 Comes "Stuffed With Great New Features"
Systemd 214 offers new file-system sandboxing features, support for new network interface types via networkd, and moves towards state-less system support with being able to rebuild /var if it's empty at boot time. The systemd 214 release also has support for virtualization detect without root rights, systemd-networkd/systemd-resolved/system-bus-proxy now run as their own users, new socket unit features, and much more.
Lennart explained the new state-less system support with being able to rebuild /var as:
What I find the most exciting change: a first step towards a state-less system: we will now rebuild /var if it is empty on boot. My favourite new command line making use of this is:
systemd-nspawn -D /srv/mycontainer --read-only --tmpfs=/var -b
Which spawns an nspawn container, with the directory tree mounted read-only, and an empty, volatile /var mounted on top, that is flushed when you terminate the container. With that in place you can easily run hundreds of ad-hoc throw-away container instances from the same tree, while making sure they don't end up interfering with each other. As next step (planned for the next release): add the infrastructure to support boots with /etc empty, too (or to turn this around: with a tmpfs as root and only /usr mounted in from a read-only vendor tree).
More details on systemd 214 can be found via the release announcement.