|Reported by:||Owned by:|
Description (last modified by )
Hold until stable 2.31 release -- Now released.
The package build-system follows GNU Coding Standards and uses --runstatedir instead of --localstatedir. The default is /run. Please, review your distribution build scripts (spec files etc.) to be sure that this change does not introduce any regression to your distribution.
rfkill -- NEW COMMAND for enabling and disabling wireless devices. This new implementation is based upon, and backward compatible with, the original rfkill from Johannes Berg and Marcel Holtmann.
The command su has been refactored and extended to create pseudo terminal for the session (new option --pty). This new EXPERIMENTAL feature provides better isolation between root's terminal and an unprivileged su session.
uuidparse -- NEW COMMAND to provide variant and type details for input UUIDs.
The library libuuid and command uuidgen support hash-based UUIDs v3 (md5) and v5 (sha1) as specified by RFC-4122. The library also provides UUID templates for dns, url, oid, or x500.
The library libblkid has been extended to support DM-integrity, HPE (aka extended-XFS) and UBI superblock. The library also provides a new API to hide already detected signatures. This allows the gathering of all possible magic string permutations for a device. For example, the command wipefs will now print the complete list of all magic strings.
The library libfdisk provides a new API to modify grain (a size used for partition calculations) and it is also possible to completely disable dialog driven partitioning.
The library libsmartcols provides a new API to move columns. This new functionality is available by "column --table-order" on the command line.
The command "column --table-header-repeat" allows repetition of table headers according to terminal size.
The libfdisk has been extended to use BLKPG ioctls to inform the kernel about changes. This means that cfdisk and fdisk will not force the kernel to reread all of the partition table, but untouched partitions may remain mounted and used by the system. The typical use-case is resizing the last partition on the system disk.
The command cfdisk provides a new dialog to resize a partition.
The fdisk menu behavior on ^C and ^D has been improved to stop the current operation and return to main menu rather than immediately terminating the fdisk program.
The 'look' command now follows the WORDLIST environment variable (if specified) to find the word list.
Almost all of the --help and --version outputs have been improved (thanks to Ruediger Meier and others).
The 'script' command has been improved to follow the usual semantics for stop/continue signals. It's possible to move a session to the background and later back to the foreground (e.g. shell command "fg", etc.).
The setpriv command now supports ambient capabilities with the new command line option --ambient-caps (thanks Patrick Steinhardt) and the new command line option --init-groups allows initialization of supplementary groups (thanks to Sebastian Schrader).
The hwclock command now significantly reduces system shutdown times by not reading the RTC before setting it (except when the --update-drift option is used). This also mitigates other potential shutdown and RTC setting problems caused by requiring an RTC read.
The hwclock command now logs --systz when using libaudit. Also, for busybox compatibility -l is now aliased to --localtime.
Security issues CVE-2016-2779
The new experimental "su --pty" feature has been implemented to fix this issue. The feature is not enabled by default and the new command line option --pty is necessary.
The classic way is to use setsid() to disable the ioctl TIOCSTI. Unfortunately, setsid() has well-defined use cases in su(1) and runuser(1) and any changes would introduce regressions. The setsid() also does not fix core of the problem that is terminal file descriptors shared between privileged and unprivileged sessions.