Age | Commit message (Collapse) | Author |
|
When dbus client connects to systemd-bus-proxyd through
Unix domain socket proxy takes client's smack label and sets for itself.
It is done before and independent of dropping privileges.
The reason of such soluton is fact that tests of access rights
performed by lsm may take place inside kernel, not only
in userspace of recipient of message.
The bus-proxyd needs CAP_MAC_ADMIN to manipulate its label.
In case of systemd running in system mode, CAP_MAC_ADMIN
should be added to CapabilityBoundingSet in service file of bus-proxyd.
In case of systemd running in user mode ('systemd --user')
it can be achieved by addition
Capabilities=cap_mac_admin=i and SecureBits=keep-caps
to user@.service file
and setting cap_mac_admin+ei on bus-proxyd binary.
|
|
Support timer options --on-active=, --on-boot=, --on-startup=,
--on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options
corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=,
OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer
respectively. And OnCalendar= and WakeSystem= supported by
--timer-property= option like --property= of systemd-run.
And if --unit= option and timer options are specified the command can
be omitted. In this case, systemd-run assumes the target service is
already loaded. And just try to generate transient timer unit only.
|
|
|
|
As kdbus no longer exports this, remove all traces from sd-bus too
|
|
|
|
kdbus-git gained two new features:
* memfd offsets: This allows to specify a 'start' offset in kdbus_memfd
so you can send partial memfd hunks instead of always
the full memfd
* KDBUS_HELLO_UNPRIVILEGED: If passed during HELLO, the client will be
treated as unprivileged.
|
|
inet_ntoa() uses a static buffer, so you can't call it twice in the
same fprintf() call.
|
|
|
|
|
|
In the case where no entries have been added to the journal after the specified
cursor, set need_seek before the main loop to prevent display of the entry at
said cursor.
|
|
it's not quite as destructive as it sounds nowadays
|
|
If a cgroup fails to be destroyed (most likely because there are still
processes running as part of a service after the main pid exits), don't
free and remove the cgroup unit from the manager. This fixes a
regression introduced by the cgroup rework in v205 where systemd would
forget about processes still running after the unit becomes inactive.
(This can happen when the main pid exits and KillMode=process or none).
|
|
There is no need to require mount.usrflags. The original implementation
assumed that a btrfs subvolume would always be needed but that is not
applicable to systems that do not use btrfs for /usr.
Similar to using rootflags= for the default of mount.usrflags=, append
the classic 'ro' and 'rw' flags to the mount options.
|
|
|
|
device it is bound to is gone
We only want to restart the getty as long as the pts device is still
around. As soon as it is gone, the service should be removed to.
http://lists.freedesktop.org/archives/systemd-devel/2014-December/026048.html
|
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=85527
|
|
|
|
|
|
connections
|
|
|
|
|
|
config_parse_warn_compat is now always used for removed options.
https://bugs.freedesktop.org/show_bug.cgi?id=87125
|
|
The kernel always returns all addresses, rather than only for the given link, so let's only enumerate once.
|
|
With DIRECTION_UP (i.e. navigating backwards) in generic_array_bisect() when the
needle was found as the last item in the array, it wasn't actually processed as
match, resulting in entries being missed.
https://bugs.freedesktop.org/show_bug.cgi?id=86855
|
|
|
|
Nothing was being dropped, we just failed to account for the NLMSG_DONE.
|
|
|
|
|
|
This file won't exist on kernels earlier than 3.17.
|
|
Following commit 59580681f5f.
|
|
|
|
|
|
|
|
The ELF magic cannot work for consumers of our shard library, since they
are in a different module. Hence make all the ELF magic private, and
instead introduce a public function to register additional static
mapping table.
|
|
|
|
|
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=87020
|
|
Implement a recent change in the kdbus pool logic:
PAYLOAD_VEC_OFF items are now referencing offsets relative to the
connection's pool, not to the item itself. Follow this change in
sd-bus.
|
|
|
|
command line
|
|
|
|
|
|
This allows the default link settings (set in .link files) to be overridden per Network. Only MTU and MACAddress is supported for now.
|
|
|
|
|
|
This patch makes it possible to set extended attributes on files created
by tmpfiles. This can be especially used to set SMACK security labels on
volatile files and directories.
It is done by adding new line of type "t". Such line should contain
attributes in Argument field, using following format:
name=value
All other fields are ignored.
If value contains spaces, then it must be surrounded by quotation marks.
User can also put quotation mark in value by escaping it with backslash.
Example:
D /var/run/cups - - - -
t /var/run/cups - - - - security.SMACK64=printing
|
|
It's only exposed to userspace since
commit 685343fc3ba61a1f6eef361b786601123db16c28
Author: Tom Gundersen <teg@jklm.no>
AuthorDate: Mon Jul 14 16:37:22 2014 +0200
Commit: David S. Miller <davem@davemloft.net>
CommitDate: Tue Jul 15 16:12:01 2014 -0700
to the kernel.
|
|
This has been requested repeatedly, so let's give it a go. We explicitly do not allow matching
on names that have already been changed (from a previous udev run, or otherwise), and matching
on unpredictable names (ethX) is discouraged (but not currently disallowed).
We also currently allow:
[Match]
Name=veth0
[Link]
Name=my-name0
SomeOtherSetting=true
Which means that the link file will be applied the first time it is invoked, but
not on subsequent invocations, which may be surprising.
|