Mushure memwedzi mitanhatu yekuvandudzwa, iyo kuburitswa kweiyo vhezheni itsva ye "systemd 256", iyo inoratidzira huwandu hukuru hwekuchinja kwakakosha kunosanganisira kuunzwa kwezvizhinji zvishandiso zvitsva uye pfungwa.
Pakati pezvinhu zvitsva zvinomira pachena mushanduro itsva, tinogona kuwana zvakamirirwa kwenguva refu kutanga kwe run0, chishandiso chine chinangwa tsiva iyo SUDO command uye inosanganisirwa nesystemd-run kuti ipe nzira yakachengeteka yekumhanyisa maitiro nevamwe vashandisi 'vanozivisa. Panzvimbo pekushandisa SUID, run0 inogadzira pseudoterminal nyowani uye inomhanyisa yakasarudzika maitiro mune yakasarudzika mamiriro inogadzirwa ne process PID 1, isingatore nhaka yenzvimbo yemushandisi. Polkit inoshandiswa kupa mvumo uye kuona kugona kwemushandisi.
Imwe shanduko iyo systemd 256 inopa ndeyekugadziriswa kutsva "ProtectSystem", iyo yakawedzerwa kune system administrator, kubvumira kudzora kukwira kwezvikamu zvefaira system mukuverenga-chete modhi pamwero wehurongwa hwese, uye kwete zvemayuniti ega ega. Nekumisikidza, iyi sarudzo inogoneswa initrd kudzivirira kunyora kune dhairekitori /usr panguva yekutanga.
Zvemayuniti, Maseting matsva akaunzwa: WantsMountsFor=, iyo inotsanangudza kukwidziridzwa kwechikamu sechinhu chinosarudzika kutsamira, uye MemoryZSwapWriteback=, iyo inodzora parameter Memory.zswap.write yakaunzwa muLinux kernel 6.8. Iwo mayunitsi .mount y .swap ikozvino bvumira kushandiswa kwe fstab style identifiers.
Pamusoro pazvo, dhairekitori /dev ikozvino inobvumira kusikwa kwezvisungo zvekufananidzira iyo inosanganisa nzira uye ruzivo ruzivo. Izvi zvinokutendera kuti ugovere zvikamu zvakafanana pamidziyo yakasiyana yekuchengetera, senge mushure mekuvhara zviri mukati meimwe dhisiki kune imwe mudziyo.
systemd-networkd inoshandisawo zvigadziriso IPv6RetransmissionTimeSec y UseRetransmissionTime kudzora nguva yekudzosera yeNS meseji inoshandiswa kuona vavakidzani IPv6 mauto. Yakawedzerwa rutsigiro rwekutora Wireguard VPN makiyi kubva kune zvitupa dhatabhesi. The parameter ReceiverPacketSteeringCPUMask yakawedzerwa kumafaira ekusunga kuronga kusungirirwa kwevanouya vanobata mapaketi kune chaiwo maCPU.
Of the dzimwe shanduko dzinomira pachena yeiyi vhezheni itsva:
- Iyo yekumisikidza MaxConnectionsPerSource= yakawedzerwa kumayuniti .socket nesarudzo Gamuchira=hongu, zvichikubvumidza kuti uise muganhu pahuwandu hwekubatanidza panguva imwe chete kubva kuIP kero kana UID (yeUNIX sockets).
- Iyo nzira systemd-bsod, iyo inoshandisa yakaenzana ne "blue skrini yerufu", ikozvino inosanganisira iyo -tty sarudzo yekusarudza iyo terminal inozoratidzwa chiziviso chizere kana paine zvikanganiso zvakakomba (LOG_EMERG).
- Mukuwedzera kune dhairekitori
/etc, akati wandei systemd zvikamu zvino tsvaga kurodha iyo huru yekumisikidza faira kubva kune madhairekitori/usr/lib,/usr/local/liby/run. - Yakawedzerwa chishandiso «importctl»kurodha, kupinza uye kutumira kunze disk mifananidzo uchishandisa sevhisi systemd-importd.
- Yakawedzera kugona kuunganidza systemd kubva kunobva, kudzima zvese zvenhaka maficha muOpenSSL 3.0.
- Iyo vpick protocol yakaitwa, ichibvumira vhezheni kuwana kune zviwanikwa zvakaita sedhisiki mifananidzo kubva kune mamwe madhairekitori.
- Vasina rombo vashandisi vanogona ikozvino kuwana encrypted sevhisi zvitupa. Kufambisa izvi, sarudzo dzakawedzerwa -mushandisi uye -uid kune utility systemd-creds, zvichikubvumidza kuti uvhare uye unyore zvinyorwa zvevashandisi chaivo.
- Sevhisi yawedzerwa systemd-udev-load-credentials.service kurodha udev mitemo kubva kune zvitupa dhatabhesi.
- Zvimiro zvakawedzerwa sekutsigira makiyi akawanikwa kuburikidza userdbctl, jenareta yeyuniti ye activating sshd inoenderana nezvigadziko zvakati, uye chishandiso «systemd-ssh-proxy» kubatana nema sockets AF_VSOCK uye AF_UNIX.
pakupedzisira kana uri kuda kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo mu inotevera chinongedzo.
Nezve kuwanikwa kweiyo vhezheni itsva ye systemd 256 yekugovera kwako, panguva yekunyora chinyorwa, haisati yaitwa kuti iwanikwe mumatura ekugoverwa kukuru kweLinux. Ingori nyaya yekumirira maawa mashoma kuti shanduro itsva itange kutumira.