Systemd 248 Released With System Extension Images Feature, More TPM2/FIDO2 Integration

Written by Michael Larabel in systemd on 30 March 2021 at 05:30 PM EDT. 18 Comments
SYSTEMD
After the release candidate phase kicked off last month, systemd 248 is now officially available as the newest feature release for this dominant Linux init system and service manager.

Highlights of new systemd 248 features include:

- A new concept of "system extension images" as images that can extend the /usr/ or /opt/ hierarchies at run-time with additional files. The images can be read-only and its usr/opt hierarchies combined via OverlayFS. This led to a new systemd-sysext tool with systemd 248 for managing of system extension hierarchies.

- A new "root=tmpfs" kernel command-line option that will mount a Tmpfs on /. The mount.usr option can then be used to point to the operating system implementation.

- Systemd-networkd now supports the B.A.T.M.A.N. Advanced Wireless Routing Protocol. The "Better Approach to Mobile Ad-hoc Networking" is a routing protocol for multi-hop mobile ad-hoc networks.

- Intel SGX enclave device nodes will now be owned by a new system security group called "sgx".

- A new /etc/veritytab configuration file for configuring dm-verity integrity protection for block devices.

- Systemd-cryptsetup can now unlock LUKS2 volumes using TPM2 hardware and FIDO2 security tokens.

- A new systemd-cryptenroll tool for adding TPM2 / FIDO2 / PKCS#11 security tokens to LUKS volumes.

- A new ConditionCPUFeature= setting that can conditionalize systemd units so they only run if matching given CPU features like RdRand.

- Various systemd-resolved improvements.

- The previously introduced systemd-oomd out-of-memory daemon now has a default memory pressure duration tunable and this service is also now considered fully-supported rather than just experimental.

- Systemd has renamed its main Git development branch from "master" to "main".

- Systemd will now set the $SYSTEMD_EXEC_PID environment variable for the spawned process to the PID of the process itself.

The lengthy list of systemd 248 changes in full can be found via their NEWS file. Those wanting to build systemd 248 from source can fetch it via GitHub.
18 Comments
Related News
systemd In 2023 Added Windows-Inspired "Blue Screen Of Death" & macOS-Inspired T.D.M.
systemd 255 Released With A "Blue Screen of Death" For Linux Systems
systemd 255-rc1 Brings "Blue Screen of Death" Support & New Tool To Spawn VMs
Systemd Working On "Storage Target Mode" Feature - Inspired By Apple macOS
systemd's All Systems Go Conference Returns Next Week
systemd 254 With New Soft Reboots Feature, systemd-battery-check
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them
Linux 6.10 To Merge NTSYNC Driver For Emulating Windows NT Synchronization Primitives
Ubuntu Maker Canonical Announces New Collaboration With Qualcomm
Fedora 41 Looks To "-O3" Optimizations For Its Python Build
APT 2.9 Released: Debian's APT 3.0 To Have A New UI With Colors, Columnar Display & More
KDE's KWin Merges Wayland Explicit Sync Support
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
Gentoo Linux Now An SPI Project