systemd-251

[Douglas R. Reno]

New version of systemd

[Xi Ruoyao]

systemd System and Service Manager

CHANGES WITH 251:

Backwards-incompatible changes:

• The minimum kernel version required has been bumped from 3.13 to 4.15, and CLOCK_BOOTTIME is now assumed to always exist.

• C11 with GNU extensions (aka "gnu11") is now used to build our components. Public API headers are still restricted to ISO C89.

• In v250, a systemd-networkd feature that automatically configures routes to addresses specified in AllowedIPs= was added and enabled by default. However, this causes network connectivity issues in many existing setups. Hence, it has been disabled by default since systemd-stable 250.3. The feature can still be used by explicitly configuring RouteTable= setting in .netdev files.

• Jobs started via StartUnitWithFlags() will no longer return 'skipped' when a Condition*= check does not succeed, restoring the JobRemoved signal to the behaviour it had before v250.

• The org.freedesktop.portable1 methods GetMetadataWithExtensions() and GetImageMetadataWithExtensions() have been fixed to provide an extra return parameter, containing the actual extension release metadata. The current implementation was judged to be broken and unusable, and thus the usual procedure of adding a new set of methods was skipped, and backward compatibility broken instead on the assumption that nobody can be affected given the current state of this interface.

• All kernels supported by systemd mix RDRAND (or similar) into the entropy pool at early boot. This means that on those systems, even if /dev/urandom is not yet initialized, it still returns bytes that that are at least as high quality as RDRAND. For that reason, we no longer have reason to invoke RDRAND from systemd itself, which has historically been a source of bugs. Furthermore, kernels ≥5.6 provide the getrandom(GRND_INSECURE) interface for returning random bytes before the entropy pool is initialized without warning into kmsg, which is what we attempt to use if available. systemd's direct usage of RDRAND has been removed. x86 systems ≥Broadwell that are running an older kernel may experience kmsg warnings that were not seen with
  250. For newer kernels, non-x86 systems, or older x86 systems, there should be no visible changes.

• sd-boot will now measure the kernel command line into TPM PCR 12 rather than PCR 8. This improves usefulness of the measurements on systems where sd-boot is chainloaded from Grub. Grub measures all commands its executes into PCR 8, which makes it very hard to use reasonably, hence separate ourselves from that and use PCR 12 instead, which is what certain Ubuntu editions already do. To retain compatibility with systems running older systemd systems a new meson option 'efi-tpm-pcr-compat' has been added (which defaults to false). If enabled, the measurement is done twice: into the new-style PCR 12 *and* the old-style PCR 8. It's strongly advised to migrate all users to PCR 12 for this purpose in the long run, as we intend to remove this compatibility feature in two year's time.

• busctl capture now writes output in the newer pcapng format instead of pcap.

• An udev rule that imported hwdb matches for USB devices with lowercase hexadecimal vendor/product ID digits was added in systemd
  250. This has been reverted, since uppercase hexadecimal digits are supposed to be used, and we already had a rule that with the appropriate match.

Users might need to adjust their local hwdb entries.

• arch_prctl(2) has been moved to the @default set in the syscall filters (as exposed via the SystemCallFilter= setting in service unit files). It is apparently used by the linker now.

• The tmpfiles entries that create the /run/systemd/netif directory and its subdirectories were moved from tmpfiles.d/systemd.conf to tmpfiles.d/systemd-network.conf.

Users might need to adjust their files that override tmpfiles.d/systemd.conf to account for this change.

• The requirement for Portable Services images to contain a well-formed os-release file (i.e.: contain at least an ID field) is now enforced. This applies to base images and extensions, and also to systemd-sysext.

Changes in the Boot Loader Specification, kernel-install and sd-boot:

• kernel-install's and bootctl's Boot Loader Specification Type #1 entry generation logic has been reworked. The user may now pick explicitly by which "token" string to name the installation's boot entries, via the new /etc/kernel/entry-token file or the new --entry-token= switch to bootctl. By default — as before — the entries are named after the local machine ID. However, in "golden image" environments, where the machine ID shall be initialized on first boot (as opposed to at installation time before first boot) the machine ID will not be available at build time. In this case the --entry-token= switch to bootctl (or the /etc/kernel/entry-token file) may be used to override the "token" for the entries, for example the IMAGE_ID= or ID= fields from /etc/os-release. This will make the OS images independent of any machine ID, and ensure that the images will not carry any identifiable information before first boot, but on the other hand means that multiple parallel installations of the very same image on the same disk cannot be supported.

Summary: if you are building golden images that shall acquire identity information exclusively on first boot, make sure to both remove /etc/machine-id *and* to write /etc/kernel/entry-token to the value of the IMAGE_ID= or ID= field of /etc/os-release or another suitable identifier before deploying the image.

• The Boot Loader Specification has been extended with /loader/entries.srel file located in the EFI System Partition (ESP) that disambiguates the format of the entries in the /loader/entries/ directory (in order to discern them from incompatible uses of this directory by other projects). For entries that follow the Specification, the string "type1" is stored in this file.

bootctl will now write this file automatically when installing the systemd-boot boot loader.

• kernel-install supports a new initrd_generator= setting in /etc/kernel/install.conf, that is exported as $KERNEL_INSTALL_INITRD_GENERATOR to kernel-install plugins. This allows choosing different initrd generators.

• kernel-install will now create a "staging area" (an initially-empty directory to gather files for a Boot Loader Specification Type #1 entry). The path to this directory is exported as $KERNEL_INSTALL_STAGING_AREA to kernel-install plugins, which should drop files there instead of writing them directly to the final location. kernel-install will move them when all files have been prepared successfully.

• New option sort-key= has been added to the Boot Loader Specification to override the sorting order of the entries in the boot menu. It is read by sd-boot and bootctl, and will be written by kernel-install, with the default value of IMAGE_ID= or ID= fields from os-release. Together, this means that on multiboot installations, entries should be grouped and sorted in a predictable way.

• The sort order of boot entries has been updated: entries which have the new field sort-key= are sorted by it first, and all entries without it are ordered later. After that, entries are sorted by version so that newest entries are towards the beginning of the list.

• The kernel-install tool gained a new 'inspect' verb which shows the paths and other settings used.

• sd-boot can now optionally beep when the menu is shown and menu entries are selected, which can be useful on machines without a working display. (Controllable via a loader.conf setting.)

• The --make-machine-id-directory= switch to bootctl has been replaced by --make-entry-directory=, given that the entry directory is not necessarily named after the machine ID, but after some other suitable ID as selected via --entry-token= described above. The old name of the option is still understood to maximize compatibility.

• 'bootctl list' gained support for a new --json= switch to output boot menu entries in JSON format.

• 'bootctl is-installed' now supports the --graceful, and various verbs omit output with the new option --quiet.

Changes in systemd-homed:

• Starting with v250 systemd-homed uses UID/GID mapping on the mounts of activated home directories it manages (if the kernel and selected file systems support it). So far it mapped three UID ranges: the range from 0…60000, the user's own UID, and the range 60514…65534, leaving everything else unmapped (in other words, the 16bit UID range is mapped almost fully, with the exception of the UID subrange used for systemd-homed users, with one exception: the user's own UID). Unmapped UIDs may not be used for file ownership in the home directory — any chown() attempts with them will fail. With this release a fourth range is added to these mappings: 524288…1879048191. This range is the UID range intended for container uses, see:

​https://systemd.io/UIDS-GIDS

This range may be used for container managers that place container OS trees in the home directory (which is a questionable approach, for quota, permission, SUID handling and network file system compatibility reasons, but nonetheless apparently commonplace). Note that this mapping is mapped 1:1 in a pass-through fashion, i.e. the UID assignments from the range are not managed or mapped by systemd-homed, and must be managed with other mechanisms, in the context of the local system.

Typically, a better approach to user namespacing in relevant container managers would be to leave container OS trees on disk at UID offset 0, but then map them to a dynamically allocated runtime UID range via another UID mount map at container invocation time. That way user namespace UID ranges become strictly a runtime concept, and do not leak into persistent file systems, persistent user databases or persistent configuration, thus greatly simplifying handling, and improving compatibility with home directories intended to be portable like the ones managed by systemd-homed.

Changes in shared libraries:

• A new libsystemd-core-<version>.so private shared library is installed under /usr/lib/systemd/system, mirroring the existing libsystemd-shared-<version>.so library. This allows the total installation size to be reduced by binary code reuse.

• The <version> tag used in the name of libsystemd-shared.so and libsystemd-core.so can be configured via the meson option 'shared-lib-tag'. Distributions may build subsequent versions of the systemd package with unique tags (e.g. the full package version), thus allowing multiple installations of those shared libraries to be available at the same time. This is intended to fix an issue where programs that link to those libraries would fail to execute because they were installed earlier or later than the appropriate version of the library.

• The sd-id128 API gained a new call sd_id128_to_uuid_string() that is similar to sd_id128_to_string() but formats the ID in RFC 4122 UUID format instead of simple series of hex characters.

• The sd-device API gained two new calls sd_device_new_from_devname() and sd_device_new_from_path() which permit allocating an sd_device object from a device node name or file system path.

• sd-device also gained a new call sd_device_open() which will open the device node associated with a device for which an sd_device object has been allocated. The call is supposed to address races around device nodes being removed/recycled due to hotplug events, or media change events: the call checks internally whether the major/minor of the device node and the "diskseq" (in case of block devices) match with the metadata loaded in the sd_device object, thus ensuring that the device once opened really matches the provided sd_device object.

Changes in PID1, systemctl, and systemd-oomd:

• A new set of service monitor environment variables will be passed to OnFailure=/OnSuccess= handlers, but only if exactly one unit lists the handler unit as OnFailure=/OnSuccess=. The variables are: $MONITOR_SERVICE_RESULT, $MONITOR_EXIT_CODE, $MONITOR_EXIT_STATUS, $MONITOR_INVOCATION_ID and $MONITOR_UNIT. For cases when a single handler needs to watch multiple units, use a templated handler.

• A new ExtensionDirectories= setting in service unit files allows system extensions to be loaded from a directory. (It is similar to ExtensionImages=, but takes paths to directories, instead of disk image files.)

'portablectl attach --extension=' now also accepts directory paths.

• The user.delegate and user.invocation_id extended attributes on cgroups are used in addition to trusted.delegate and trusted.invocation_id. The latter pair requires privileges to set, but the former doesn't and can be also set by the unprivileged user manager.

(Only supported on kernels ≥5.6.)

• Units that were killed by systemd-oomd will now have a service result of 'oom-kill'. The number of times a service was killed is tallied in the 'user.oomd_ooms' extended attribute.

The OOMPolicy= unit file setting is now also honoured by systemd-oomd.

• In unit files the new %y/%Y specifiers can be used to refer to normalized unit file path, which is particularly useful for symlinked unit files.

The new %q specifier resolves to the pretty hostname (i.e. PRETTY_HOSTNAME= from /etc/machine-info).

The new %d specifier resolves to the credentials directory of a service (same as $CREDENTIALS_DIRECTORY).

• The RootDirectory=, MountAPIVFS=, ExtensionDirectories=, *Capabilities*=, ProtectHome=, *Directory=, TemporaryFileSystem=, PrivateTmp=, PrivateDevices=, PrivateNetwork=, NetworkNamespacePath=, PrivateIPC=, IPCNamespacePath=, PrivateUsers=, ProtectClock=, ProtectKernelTunables=, ProtectKernelModules=, ProtectKernelLogs=, MountFlags= service settings now also work in unprivileged user services, i.e. those run by the user's --user service manager, as long as user namespaces are enabled on the system.

• Services with Restart=always and a failing ExecCondition= will no longer be restarted, to bring ExecCondition= behaviour in line with Condition*= settings.

• LoadCredential= now accepts a directory as the argument; all files from the directory will be loaded as credentials.

• A new D-Bus property ControlGroupId is now exposed on service units, that encapsulates the service's numeric cgroup ID that newer kernels assign to each cgroup.

• PID 1 gained support for configuring the "pre-timeout" of watchdog devices and the associated governor, via the new RuntimeWatchdogPreSec= and RuntimeWatchdogPreGovernor= configuration options in /etc/systemd/system.conf.

• systemctl's --timestamp= option gained a new choice "unix", to show timestamp as unix times, i.e. seconds since 1970, Jan 1st.

• A new "taint" flag named "old-kernel" is introduced which is set when the kernel systemd runs on is older then the current baseline version (see above). The flag is shown in "systemctl status" output.

• Two additional taint flags "short-uid-range" and "short-gid-range" have been added as well, which are set when systemd notices it is run within a userns namespace that does not define the full 0…65535 UID range

• A new "unmerged-usr" taint flag has been added that is set whenever running on systems where /bin/ + /sbin/ are *not* symlinks to their counterparts in /usr/, i.e. on systems where the /usr/-merge has been completed.

• Generators invoked by PID 1 will now have a couple of useful environment variables set describing the execution context a bit. $SYSTEMD_SCOPE encodes whether the generator is called from the system service manager, or from the per-user service manager. $SYSTEMD_IN_INITRD encodes whether the generator is invoked in initrd context or on the host. $SYSTEMD_FIRST_BOOT encodes whether systemd considers the current boot to be a "first" boot. $SYSTEMD_VIRTUALIZATION encode whether virtualization is detected and which type of hypervisor/container manager. $SYSTEMD_ARCHITECTURE indicates which architecture the kernel is built for.

• PID 1 will now automatically pick up system credentials from qemu's fw_cfg interface, thus allowing passing arbitrary data into VM systems similar to how this is already supported for passing them into systemd-nspawn containers. Credentials may now also be passed in via the new kernel command line option systemd.set_credential= (note that kernel command line options are world-readable during runtime, and only useful for credentials that require no confidentiality). The credentials that can be passed to unified kernels that use the systemd-stub UEFI stub are now similarly picked up automatically. Automatic importing of system credentials this way can be turned off via the new systemd.import_credentials=no kernel command line option.

• LoadCredential= will now automatically look for credentials in the /etc/credstore/, /run/credstore/, /usr/lib/credstore/ directories if the argument is not an absolute path. Similarly, LoadCredentialEncrypted= will check the same directories plus /etc/credstore.encrypted/, /run/credstore.encrypted/ and /usr/lib/credstore.encrypted/. The idea is to use those directories as the system-wide location for credentials that services should pick up automatically.

• System and service credentials are described in great detail in a new document:

​https://systemd.io/CREDENTIALS

Changes in systemd-journald:

• The journal JSON export format has been added to listed of stable interfaces (​https://systemd.io/PORTABILITY_AND_STABILITY/).

• journalctl --list-boots now supports JSON output and the --reverse option.

• Under docs/: JOURNAL_EXPORT_FORMATS was imported from the wiki and updated, BUILDING_IMAGES is new:

​https://systemd.io/JOURNAL_EXPORT_FORMATS ​https://systemd.io/BUILDING_IMAGES

Changes in udev:

• Two new hwdb files have been added. One lists "handhelds" (PDAs, calculators, etc.), the other AV production devices (DJ tables, keypads, etc.) that should accessible to the seat owner user by default.

• udevadm trigger gained a new --prioritized-subsystem= option to process certain subsystems (and all their parent devices) earlier.

systemd-udev-trigger.service now uses this new option to trigger block and TPM devices first, hopefully making the boot a bit faster.

• udevadm trigger now implements --type=all, --initialized-match, --initialized-nomatch to trigger both subsystems and devices, only already-initialized devices, and only devices which haven't been initialized yet, respectively.

• udevadm gained a new "wait" command for safely waiting for a specific device to show up in the udev device database. This is useful in scripts that asynchronously allocate a block device (e.g. through repartitioning, or allocating a loopback device or similar) and need to synchronize on the creation to complete.

• udevadm gained a new "lock" command for locking one or more block devices while formatting it or writing a partition table to it. It is an implementation of ​https://systemd.io/BLOCK_DEVICE_LOCKING and usable in scripts dealing with block devices.

• udevadm info will show a couple of additional device fields in its output, and will not apply a limited set of coloring to line types.

• udevadm info --tree will now show a tree of objects (i.e. devices and suchlike) in the /sys/ hierarchy.

• Block devices will now get a new set of device symlinks in /dev/disk/by-diskseq/<nr>, which may be used to reference block device nodes via the kernel's "diskseq" value. Note that this does not guarantee that opening a device by a symlink like this will guarantee that the opened device actually matches the specified diskseq value. To be safe against races, the actual diskseq value of the opened device (BLKGETDISKSEQ ioctl()) must still be compred with the one in the symlink path.

• .link files gained support for setting MDI/MID-X on a link.

• .link files gained support for [Match] Firmware= setting to match on the device firmware description string. By mistake, it was previously only supported in .network files.

• .link files gained support for [Link] SR-IOVVirtualFunctions= setting and [SR-IOV] section to configure SR-IOV virtual functions.

Changes in systemd-networkd:

• The default scope for unicast routes configured through [Route] section is changed to "link", to make the behavior consistent with "ip route" command. The manual configuration of [Route] Scope= is still honored.

• A new unit systemd-networkd-wait-online@<interface>.service has been added that can be used to wait for a specific network interface to be up.

• systemd-networkd gained a new [Bridge] Isolated=true|false setting that configures the eponymous kernel attribute on the bridge.

• .netdev files now can be used to create virtual WLAN devices, and configure various settings on them, via the [WLAN] section.

• .link/.network files gained support for [Match] Kind= setting to match on device kind ("bond", "bridge", "gre", "tun", "veth", etc.)

This value is also shown by 'networkctl status'.

• The Local= setting in .netdev files for various virtual network devices gained support for specifying, in addition to the network address, the name of a local interface which must have the specified address.

• systemd-networkd gained a new [Tunnel] External= setting in .netdev files, to configure tunnels in external mode (a.k.a. collect metadata mode).

• [Network] L2TP= setting was removed. Please use interface specifier in Local= setting in .netdev files of corresponding L2TP interface.

• New [DHCPServer] BootServerName=, BootServerAddress=, and BootFilename= settings can be used to configure the server address, server name, and file name sent in the DHCP packet (e.g. to configure PXE boot).

Changes in systemd-resolved:

• systemd-resolved is started earlier (in sysinit.target), so it available earlier and will also be started in the initrd if installed there.

Changes in disk encryption:

• systemd-cryptenroll can now control whether to require the user to enter a PIN when using TPM-based unlocking of a volume via the new --tpm2-with-pin= option.

Option tpm2-pin= can be used in /etc/crypttab.

• When unlocking devices via TPM, TPM2 parameter encryption is now used, to ensure that communication between CPU and discrete TPM chips cannot be eavesdropped to acquire disk encryption keys.

• A new switch --fido2-credential-algorithm= has been added to systemd-cryptenroll allowing selection of the credential algorithm to use when binding encryption to FIDO2 tokens.

Changes in systemd-hostnamed:

• HARDWARE_VENDOR= and HARDWARE_MODEL= can be set in /etc/machine-info to override the values gleaned from the hwdb.

• A ID_CHASSIS property can be set in the hwdb (for the DMI device /sys/class/dmi/id) to override the chassis that is reported by hostnamed.

• hostnamed's D-Bus interface gained a new method GetHardwareSerial() for reading the hardware serial number, as reportd by DMI. It also exposes a new method D-Bus property FirmwareVersion that encode the firmware version of the system.

Changes in other components:

• /etc/locale.conf is now populated through tmpfiles.d factory /etc/ handling with the values that were configured during systemd build (if /etc/locale.conf has not been created through some other mechanism). This means that /etc/locale.conf should always have reasonable contents and we avoid a potential mismatch in defaults.

• The userdbctl tool will now show UID range information as part of the list of known users.

• A new build-time configuration setting default-user-shell= can be used to set the default shell for user records and nspawn shell invocations (instead of of the default /bin/bash).

• systemd-timesyncd now provides a D-Bus API for receiving NTP server information dynamically at runtime via IPC.

• The systemd-creds tool gained a new "has-tpm2" verb, which reports whether a functioning TPM2 infrastructure is available, i.e. if firmware, kernel driver and systemd all have TPM2 support enabled and a device found.

• The systemd-creds tool gained support for generating encrypted credentials that are using an empty encryption key. While this provides no integrity nor confidentiality it's useful to implement codeflows that work the same on TPM-ful and TPM2-less systems. The service manager will only accept credentials "encrypted" that way if a TPM2 device cannot be detected, to ensure that credentials "encrypted" like that cannot be used to trick TPM2 systems.

• When deciding whether to colorize output, all systemd programs now also check $COLORTERM (in addition to $NO_COLOR, $SYSTEMD_COLORS, and $TERM).

• Meson's new install_tag feature is now in use for several components, allowing to build and install select binaries only: pam, nss, devel (pkg-config files), systemd-boot, libsystemd, libudev. Example:

$ meson build systemd-boot $ meson install --tags systemd-boot --no-rebuild

​https://mesonbuild.com/Installing.html#installation-tags

• A new build configuration option has been added, to allow selecting the default compression algorithm used by systemd-journald and systemd-coredump. This allows to build-in support for decompressing all supported formats, but choose a specific one for compression. E.g.:

$ meson -Ddefault-compression=xz

Experimental features:

• sd-boot gained a new *experimental* setting "reboot-for-bitlocker" in loader.conf that implements booting Microsoft Windows from the sd-boot in a way that first reboots the system, to reset the TPM PCRs. This improves compatibility with BitLocker's TPM use, as the PCRs will only record the Windows boot process, and not sd-boot itself, thus retaining the PCR measurements not involving sd-boot. Note that this feature is experimental for now, and is likely going to be generalized and renamed in a future release, without retaining compatibility with the current implementation.

• A new systemd-sysupdate component has been added that automatically discovers, downloads, and installs A/B-style updates for the host installation itself, or container images, portable service images, and other assets. See the new systemd-sysupdate man page for updates.

Contributions from: 4piu, Adam Williamson, adrian5, Albert Brox, AlexCatze, Alex Henrie, Alfonso Sánchez-Beato, Alice S, Alvin Šipraga, amarjargal, Amarjargal, Andrea Pappacoda, Andreas Rammhold, Andy Chi, Anita Zhang, Antonio Alvarez Feijoo, Arfrever Frehtes Taifersar Arahesis, ash, Bastien Nocera, Be, bearhoney, Ben Efros, Benjamin Berg, Benjamin Franzke, Brett Holman, Christian Brauner, Clyde Byrd III, Curtis Klein, Daan De Meyer, Daniele Medri, Daniel Mack, Danilo Krummrich, David, David Bond, Davide Cavalca, David Tardon, davijosw, dependabot[bot], Donald Chan, Dorian Clay, Eduard Tolosa, Elias Probst, Eli Schwartz, Erik Sjölund, Evgeny Vereshchagin, Federico Ceratto, Franck Bui, Frantisek Sumsal, Gaël PORTAY, Georges Basile Stavracas Neto, Gibeom Gwon, Goffredo Baroncelli, Grigori Goronzy, Hans de Goede, Heiko Becker, Hugo Carvalho, Jakob Lell, James Hilliard, Jan Janssen, Jason A. Donenfeld, Joan Bruguera, Joerie de Gram, Josh Triplett, Julia Kartseva, Kazuo Moriwaka, Khem Raj, ksa678491784, Lance, Lan Tian, Laura Barcziova, Lennart Poettering, Leviticoh, licunlong, Lidong Zhong, lincoln auster, Lubomir Rintel, Luca Boccassi, Luca BRUNO, lucagoc, Ludwig Nussel, Marcel Hellwig, march1993, Marco Scardovi, Mario Limonciello, Mariusz Tkaczyk, Markus Weippert, Martin, Martin Liska, Martin Wilck, Matija Skala, Matthew Blythe, Matthias Lisin, Matthijs van Duin, Matt Walton, Max Gautier, Michael Biebl, Michael Olbrich, Michal Koutný, Michal Sekletár, Mike Gilbert, MkfsSion, Morten Linderud, Nick Rosbrook, Nikolai Grigoriev, Nikolai Kostrigin, Nishal Kulkarni, Noel Kuntze, Pablo Ceballos, Peter Hutterer, Peter Morrow, Pigmy-penguin, Piotr Drąg, prumian, Richard Neill, Rike-Benjamin Schuppner, rodin-ia, Romain Naour, Ruben Kerkhof, Ryan Hendrickson, Santa Wiryaman, Sebastian Pucilowski, Seth Falco, Simon Ellmann, Sonali Srivastava, Stefan Seering, Stephen Hemminger, tawefogo, techtino, Temuri Doghonadze, Thomas Batten, Thomas Haller, Thomas Weißschuh, Tobias Stoeckmann, Tomasz Pala, Tyson Whitehead, Vishal Chillara Srinivas, Vivien Didelot, w30023233, wangyuhang, Weblate, Xiaotian Wu, yangmingtai, YmrDtnJu, Yonathan Randolph, Yutsuten, Yu Watanabe, Zbigniew Jędrzejewski-Szmek, наб

— Edinburgh, 2022-05-21

[Xi Ruoyao]

Fixed at r11.1-129-ge6e8f0047. Vim left assigned for SA.