Systemd 247 Released With Experimental Out-of-Memory Daemon, New Credentials Capability

Written by Michael Larabel in systemd on 26 November 2020 at 01:15 PM EST. 46 Comments
SYSTEMD
Systemd 247 is out today as the latest major version of this Linux init system. Like most systemd releases, systemd 247 is very heavy on new features.

Systemd 247 most notably introduces the still-experimental systemd-oomd as the out-of-memory daemon with that Linux OOMD code originally developed by Facebook and later adopted for desktop use-cases. Once stabilized, the goal of systemd-oomd is for improving the behavior when the Linux system is low on memory / under memory pressure.

Beyond systemd-oomd, systemd 247 now defaults to using Btrfs with systemd-homed and other enhancements as outlined below.

- The new systemd-oomd service has been added for monitoring resource contention and can kill processes when memory/swap pressure is above the defined limits. For now this is experimental and just enabled in the developer mode.

- Systemd-homed defaults to using the Btrfs file-system when available for creating home directories in LUKS volumes. The DefaultFileSystemType= option for homed.conf remains available for changing off the default/ Btrfs was chosen since it can grow and shrink the file-system online.

- Systemd's system services now supports "credentials" logic as a means of passing privileged data to services in a safe and secure manner. The intended use-case is around passwords, cryptographic keys, and other per-service private data handling but also possibly less privileged data like usernames and certificates. Systemd-nspawn is among the early users of systemd credentials.

- JSON user records for systemd-homed adds support for "recovery keys" as a means of secondary passphrases for unlocking accounts/home directories.

- Run-time dependencies on a number of libraries are now loaded using dlopen() when found on the system. This allows minimizing the possible dependencies needed by systemd and for constructing more minimal operating system images.

- The systemd-dissect tool for inspecting operating system disk images has now been moved to /usr/bin in being promoted to being an officially supported tool with a stable interface.

- The systemd-repart partitioner can now optionally dump its output in JSON form.

- Setting the SYSTEMD_RDRAND=0 environment variable will now disable RdRand CPU instruction usage even with supported CPUs.

Systemd 247 can be downloaded from GitHub.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week