systemd 255-rc1 Brings "Blue Screen of Death" Support & New Tool To Spawn VMs

Systemd 255-rc1 is out this morning and it's packed with even more features for this dominant Linux init system and a growing list of other system utilities. Systemd 255 even is introducing systemd-bsod as a "Blue Screen of Death" for displaying important error messages during boot failure, systemd-vmspawn as a new tool to spawn virtual machines, and other new features.

It's not an off-timed April Fool's prank or anything, there is finally a systemd-bsod service for "Blue Screen of Death" full-screen error messages on Linux...

Systemd 255 is preparing to roll-out many new features as well as improvements to existing functionality. Some of the new highlights coming with systemd 255 include:

- A new component "systemd-storagetm" has been added that exposes all lock block devices as NVMe-TCP. This is a very nifty feature inspired by macOS with the new systemd Storage Target Mode.

- A new component "systemd-bsod" has been added to show logged error messages full-screen if they have a "LOG_EMERG" log level. This is intended as a tool for displaying emergency log messages full-screen on boot failures. Yes, BSOD in this case short for "Blue Screen of Death". This was worked on as part of Outreachy 2023. The systemd-bsod will also display a QR code for getting more information on the error causing the boot failure.

- There's been an overhaul to the way systemd services are spawned. Rather than forking the process that shared all of the manager's memory via CoW before exec'ing the target executable, the new process is now spawned using CLONE_VM and CLONE_VFORK via posix_spawn().

- A "systemd-pcrlock" has been added that allows managing local TPM2 PCR policies for PCRs 0-7 and similar.

- A new "systemd-vmspawn" tool has been added that provides for VMs the same interfaces and functionality that systemd-nspawn provides for containers. The systemd-vmspawn tool uses QEMU as its back-end. For systemd 255, systemd-vmspawn is experimental.

- A new "varlinkctl" tool has been added to allow interfacing with Varlink services.

- SECCOMP now supports the LoongArch 64-bit CPU architecture.

- Systemd's bootctl will now show whether the system was booted from a Unified Kernel Image (UKI).

- systemd-boot has new hotkeys of "B" to reboot and "O" to poweroff from the boot menu.

- Most internal process tracking is now using PIDFDs rather than PIDs when running on a supported kernel.

- systemctl will now automatically soft-reboot into a new root file-system if found under /run/nextroot/ when a reboot operation is invoked.

- A new option "SurveFinalKillSignal" has been added to skip the final SIGTERM/SIGKILL spree on shutdown in order to survive soft-reboot operation.

- A new "ConditionSecurity=measured-uki" option for only running when the system has been booted via a measured Unified Kernel Image (UKI).

- TPM measurements are now written to an event log at /run/log/systemd/tpm2-measure.log.

- Support for split-usr has been removed.

- Support for System V service scripts has been deprecated and will be removed in the future.

- A variety of systemd TPM(2) improvements.

- Hibernation into swap files backed by Btrfs are now supported.

Plus many other changes. More details and systemd 255-rc1 downloads via GitHub.