summaryrefslogtreecommitdiff
path: root/man/systemd.exec.xml
AgeCommit message (Collapse)Author
2014-06-03core: add new ReadOnlySystem= and ProtectedHome= settings for service unitsLennart Poettering
ReadOnlySystem= uses fs namespaces to mount /usr and /boot read-only for a service. ProtectedHome= uses fs namespaces to mount /home and /run/user inaccessible or read-only for a service. This patch also enables these settings for all our long-running services. Together they should be good building block for a minimal service sandbox, removing the ability for services to modify the operating system or access the user's private data.
2014-05-19fix spelling of privilegeNis Martensen
2014-05-07doc: comma placement corrections and word orderJan Engelhardt
Set commas where there should be some. Some improvements to word order.
2014-05-07doc: corrections to words and formsJan Engelhardt
This patch exchange words which are inappropriate for a situation, deletes duplicated words, and adds particles where needed.
2014-05-06doc: typographical fine tuningJan Engelhardt
2014-03-25man: be more specific when EnvironmentFile= is readLennart Poettering
http://lists.freedesktop.org/archives/systemd-devel/2014-March/018004.html
2014-03-24core: remove tcpwrap supportLennart Poettering
tcpwrap is legacy code, that is barely maintained upstream. It's APIs are awful, and the feature set it exposes (such as DNS and IDENT access control) questionnable. We should not support this natively in systemd. Hence, let's remove the code. If people want to continue making use of this, they can do so by plugging in "tcpd" for the processes they start. With that scheme things are as well or badly supported as they were from traditional inetd, hence no functionality is really lost.
2014-03-20unit: turn off mount propagation for udevdLennart Poettering
Keep mounts done by udev rules private to udevd. Also, document how MountFlags= may be used for this.
2014-03-19man: improve documentation of fs namespace related settingsLennart Poettering
2014-03-18core: drop CAP_MKNOD when PrivateDevices= is setLennart Poettering
2014-03-03core: introduce new RuntimeDirectory= and RuntimeDirectoryMode= unit settingsLennart Poettering
As discussed on the ML these are useful to manage runtime directories below /run for services.
2014-02-26exec: imply NoNewPriviliges= only when seccomp filters are used in user modeLennart Poettering
2014-02-26core: add new RestrictAddressFamilies= switchLennart Poettering
This new unit settings allows restricting which address families are available to processes. This is an effective way to minimize the attack surface of services, by turning off entire network stacks for them. This is based on seccomp, and does not work on x86-32, since seccomp cannot filter socketcall() syscalls on that platform.
2014-02-21core: Add AppArmor profile switchingMichael Scherer
This permit to switch to a specific apparmor profile when starting a daemon. This will result in a non operation if apparmor is disabled. It also add a new build requirement on libapparmor for using this feature.
2014-02-19man: document $MAINPIDLennart Poettering
2014-02-19core: add Personality= option for units to set the personality for spawned ↵Lennart Poettering
processes
2014-02-18seccomp: add helper call to add all secondary archs to a seccomp filterLennart Poettering
And make use of it where appropriate for executing services and for nspawn.
2014-02-17doc: resolve missing/extraneous words or inappropriate formsJan Engelhardt
Issues fixed: * missing words required by grammar * duplicated or extraneous words * inappropriate forms (e.g. singular/plural), and declinations * orthographic misspellings
2014-02-17doc: update punctuationJan Engelhardt
Resolve spotted issues related to missing or extraneous commas, dashes.
2014-02-14man: replace STDOUT with standard output, etc.Zbigniew Jędrzejewski-Szmek
Actually 'STDOUT' is something that doesn't appear anywhere: in the stdlib we have 'stdin', and there's only the constant STDOUT_FILENO, so there's no reason to use capitals. When refering to code, STDOUT/STDOUT/STDERR are replaced with stdin/stdout/stderr, and in other places they are replaced with normal phrases like standard output, etc.
2014-02-14man: fix grammatical errors and other formatting issuesJason St. John
* standardize capitalization of STDIN, STDOUT, and STDERR * reword some sentences for clarity * reflow some very long lines to be shorter than ~80 characters * add some missing <literal>, <constant>, <varname>, <option>, and <filename> tags
2014-02-13core: add SystemCallArchitectures= unit setting to allow disabling of non-nativeLennart Poettering
architecture support for system calls Also, turn system call filter bus properties into complex types instead of concatenated strings.
2014-02-12core: rework syscall filterLennart Poettering
- Allow configuration of an errno error to return from blacklisted syscalls, instead of immediately terminating a process. - Fix parsing logic when libseccomp support is turned off - Only keep the actual syscall set in the ExecContext, and generate the string version only on demand.
2014-02-12syscallfilter: port to libseccompRonny Chevalier
2014-02-10nspawn,man: use a common vocabulary when referring to selinux security contextsLennart Poettering
Let's always call the security labels the same way: SMACK: "Smack Label" SELINUX: "SELinux Security Context" And the low-level encapsulation is called "seclabel". Now let's hope we stick to this vocabulary in future, too, and don't mix "label"s and "security contexts" and so on wildly.
2014-02-10exec: Add support for ignoring errors on SELinuxContext by prefixing it with ↵Michael Scherer
-, like for others settings. Also remove call to security_check_context, as this doesn't serve anything, since setexeccon will fail anyway.
2014-02-10exec: Add SELinuxContext configuration itemMichael Scherer
This permit to let system administrators decide of the domain of a service. This can be used with templated units to have each service in a différent domain ( for example, a per customer database, using MLS or anything ), or can be used to force a non selinux enabled system (jvm, erlang, etc) to start in a different domain for each service.
2014-01-20exec: introduce PrivateDevices= switch to provide services with a private /devLennart Poettering
Similar to PrivateNetwork=, PrivateTmp= introduce PrivateDevices= that sets up a private /dev with only the API pseudo-devices like /dev/null, /dev/zero, /dev/random, but not any physical devices in them.
2014-01-09man: mention which variables will be expanded in ExecStartZbigniew Jędrzejewski-Szmek
2013-12-25man: grammar and wording improvementsJan Engelhardt
This is a recurring submission and includes corrections to: - missing words, preposition choice. - change of /lib to /usr/lib, because that is what most distros are using as the system-wide location for systemd/udev files.
2013-12-25man: improvements to comma placementJan Engelhardt
This is a recurring submission and includes corrections to: comma placement.
2013-11-27service: add the ability for units to join other unit's PrivateNetwork= and ↵Lennart Poettering
PrivateTmp= namespaces
2013-10-15man: wording and grammar updatesJan Engelhardt
This is a recurring submission and includes corrections to various issue spotted. I guess I can just skip over reporting ubiquitous comma placement fixes…
2013-10-02execute.c: always set $SHELLZbigniew Jędrzejewski-Szmek
In e6dca81 $SHELL was added to user@.service. Let's instead provide it to all units which have a user.
2013-09-27man: drop references to "cgroup" wher appropriateLennart Poettering
Since cgroups are mostly now an implementation detail of systemd lets deemphasize it a bit in the man pages. This renames systemd.cgroup(5) to systemd.resource-control(5) and uses the term "resource control" rather than "cgroup" where appropriate. This leaves the word "cgroup" in at a couple of places though, like for example systemd-cgtop and systemd-cgls where cgroup stuff is at the core of what is happening.
2013-09-17man: add a list of environment variablesZbigniew Jędrzejewski-Szmek
2013-09-12man: wording and grammar updatesJan Engelhardt
This is a recurring submission and includes corrections to various issue spotted. I guess I can just skip over reporting ubiquitous comma placement fixes… Highligts in this particular commit: - the "unsigned" type qualifier is completed to form a full type "unsigned int" - alphabetic -> lexicographic (that way we automatically define how numbers get sorted)
2013-09-12man: Add a note about what environment variables are available by defaultZbigniew Jędrzejewski-Szmek
2013-09-10man: wording and grammar updatesJan Engelhardt
This includes regularly-submitted corrections to comma setting and orthographical mishaps that appeared in man/ in recent commits. In this particular commit: - the usual comma fixes - expand contractions (this is prose)
2013-08-23"-" prefix for InaccessibleDirectories and ReadOnlyDirectoriesMaciej Wereski
2013-07-19man: drop the old cgroup settings from the man pagesLennart Poettering
2013-07-16man: use HTTPS links for links that support itJason St. John
2013-07-13man: wording and grammar updateJan Engelhardt
2013-07-12man: document the slice and scope units, add systemd.cgroup(5)Zbigniew Jędrzejewski-Szmek
2013-07-02man: add more formatting markupZbigniew Jędrzejewski-Szmek
2013-07-02man: improve grammar and word formatting in numerous man pagesJason St. John
Use proper grammar, word usage, adjective hyphenation, commas, capitalization, spelling, etc. To improve readability, some run-on sentences or sentence fragments were revised. [zj: remove the space from 'file name', 'host name', and 'time zone'.]
2013-06-26man: use <constant> for various constants which look ugly with quotesZbigniew Jędrzejewski-Szmek
2013-06-20manager: add DefaultEnvironment optionUmut Tezduyar
This complements existing functionality of setting variables through 'systemctl set-environment', the kernel command line, and through normal environment variables for systemd in session mode.
2013-05-18Standardize on 'file system' and 'namespace' in man pages.David Strauss
This change is based on existing usage in systemd and online. 'File-system' may make sense in adjectival form, but man pages seem to prefer 'file system' even in those situations.
2013-05-03man: add various filenames to the indexZbigniew Jędrzejewski-Szmek
Everything which is an absolute filename marked with <filename></filename> lands in the index, unless noindex= attribute is present. Should make it easier for people to find stuff when they are looking at a file on disk. Various formatting errors in manpages are fixed, kernel-install(1) is restored to formatting sanity.