summaryrefslogtreecommitdiff
path: root/man/systemd.exec.xml
AgeCommit message (Expand)Author
2017-02-06man: Document that RestrictAddressFamilies= doesn't work on s390/s390x/...Lennart Poettering
2017-02-03core/execute: set HOME, USER also for root usersZbigniew Jędrzejewski-Szmek
2017-02-02man: fix spelling error parth -> pathBrandon Philips
2017-01-19man: fix typos (#5109)Jakub Wilk
2017-01-17Merge pull request #4991 from poettering/seccomp-fixZbigniew Jędrzejewski-Szmek
2017-01-11Merge pull request #5009 from ian-kelling/ian-mnt-namespace-docZbigniew Jędrzejewski-Szmek
2017-01-03doc: MountFlags= don't reference container which may not exist (#5011)Ian Kelling
2017-01-03doc: correct "or" to "and" in MountFlags= description (#5010)Ian Kelling
2017-01-03man: document mount deletion between commandsIan Kelling
2016-12-29Merge pull request #4994 from poettering/private-tmp-tmpfilesMartin Pitt
2016-12-29man: add brief documentation for the (sd-pam) processes created due to PAMNam...Lennart Poettering
2016-12-27core: implicitly order units with PrivateTmp= after systemd-tmpfiles-setup.se...Lennart Poettering
2016-12-27seccomp: add two new filter sets: @reboot and @swapLennart Poettering
2016-12-14core: add ability to define arbitrary bind mounts for servicesLennart Poettering
2016-12-06man: fix $SERVICE_RESULT/$EXIT_CODE/$EXIT_STATUS documentationJouke Witteveen
2016-11-29bus-util: add protocol error type explanationJouke Witteveen
2016-11-23man: document protocol error type for service failures (#4724)Jouke Witteveen
2016-11-21seccomp: add @filesystem syscall group (#4537)Lennart Poettering
2016-11-17namespace: simplify, optimize and extend handling of mounts for namespaceLennart Poettering
2016-11-15doc: move ProtectKernelModules= documentation near ProtectKernelTunalbes=Djalal Harouni
2016-11-15doc: note when no new privileges is impliedDjalal Harouni
2016-11-04core: add new RestrictNamespaces= unit file settingLennart Poettering
2016-11-03Merge pull request #4548 from keszybz/seccomp-helpZbigniew Jędrzejewski-Szmek
2016-11-03doc: clarify NoNewPrivileges (#4562)Kees Cook
2016-11-03seccomp-util, analyze: export comments as a help stringZbigniew Jędrzejewski-Szmek
2016-11-03analyze: add syscall-filter verbZbigniew Jędrzejewski-Szmek
2016-11-02man: document that too strict system call filters may affect the service managerLennart Poettering
2016-11-02seccomp: add two new syscall groupsLennart Poettering
2016-11-02man: two minor fixesLennart Poettering
2016-11-02seccomp: include pipes and memfd in @ipcLennart Poettering
2016-11-02seccomp: drop execve() from @process listLennart Poettering
2016-11-02seccomp: add clock query and sleeping syscalls to "@default" groupLennart Poettering
2016-11-01seccomp: allow specifying arm64, mips, ppc (#4491)Zbigniew Jędrzejewski-Szmek
2016-10-31man: fix typos (#4527)Jakub Wilk
2016-10-28Merge pull request #4495 from topimiettinen/block-shmat-execDjalal Harouni
2016-10-26seccomp: also block shmat(..., SHM_EXEC) for MemoryDenyWriteExecuteTopi Miettinen
2016-10-24man: document the default value of NoNewPrivileges=Zbigniew Jędrzejewski-Szmek
2016-10-20man: document default for User=Lennart Poettering
2016-10-17core/exec: add a named-descriptor option ("fd") for streams (#4179)Luca Bruno
2016-10-17man: avoid abbreviated "cgroups" terminology (#4396)Lennart Poettering
2016-10-15man: add crosslink between systemd.resource-control(5) and systemd.exec(5)Zbigniew Jędrzejewski-Szmek
2016-10-13Merge pull request #4243 from endocode/djalal/sandbox-first-protection-kernel...Lennart Poettering
2016-10-12man: typo fixesThomas Hindoe Paaboel Andersen
2016-10-12core:sandbox: lets make /lib/modules/ inaccessible on ProtectKernelModules=Djalal Harouni
2016-10-12doc: minor hint about InaccessiblePaths= in regard of ProtectKernelTunables=Djalal Harouni
2016-10-12core:sandbox: remove CAP_SYS_RAWIO on PrivateDevices=yesDjalal Harouni
2016-10-12core:sandbox: Add ProtectKernelModules= optionDjalal Harouni
2016-10-11Merge pull request #4348 from poettering/docfixesZbigniew Jędrzejewski-Szmek
2016-10-11man: beef up documentation on per-unit resource limits a bitLennart Poettering
2016-10-07core: add "invocation ID" concept to service managerLennart Poettering