summaryrefslogtreecommitdiff
path: root/man/systemd.exec.xml
AgeCommit message (Expand)Author
2016-12-14core: add ability to define arbitrary bind mounts for servicesLennart Poettering
2016-12-06man: fix $SERVICE_RESULT/$EXIT_CODE/$EXIT_STATUS documentationJouke Witteveen
2016-11-29bus-util: add protocol error type explanationJouke Witteveen
2016-11-23man: document protocol error type for service failures (#4724)Jouke Witteveen
2016-11-21seccomp: add @filesystem syscall group (#4537)Lennart Poettering
2016-11-17namespace: simplify, optimize and extend handling of mounts for namespaceLennart Poettering
2016-11-15doc: move ProtectKernelModules= documentation near ProtectKernelTunalbes=Djalal Harouni
2016-11-15doc: note when no new privileges is impliedDjalal Harouni
2016-11-04core: add new RestrictNamespaces= unit file settingLennart Poettering
2016-11-03Merge pull request #4548 from keszybz/seccomp-helpZbigniew Jędrzejewski-Szmek
2016-11-03doc: clarify NoNewPrivileges (#4562)Kees Cook
2016-11-03seccomp-util, analyze: export comments as a help stringZbigniew Jędrzejewski-Szmek
2016-11-03analyze: add syscall-filter verbZbigniew Jędrzejewski-Szmek
2016-11-02man: document that too strict system call filters may affect the service managerLennart Poettering
2016-11-02seccomp: add two new syscall groupsLennart Poettering
2016-11-02man: two minor fixesLennart Poettering
2016-11-02seccomp: include pipes and memfd in @ipcLennart Poettering
2016-11-02seccomp: drop execve() from @process listLennart Poettering
2016-11-02seccomp: add clock query and sleeping syscalls to "@default" groupLennart Poettering
2016-11-01seccomp: allow specifying arm64, mips, ppc (#4491)Zbigniew Jędrzejewski-Szmek
2016-10-31man: fix typos (#4527)Jakub Wilk
2016-10-28Merge pull request #4495 from topimiettinen/block-shmat-execDjalal Harouni
2016-10-26seccomp: also block shmat(..., SHM_EXEC) for MemoryDenyWriteExecuteTopi Miettinen
2016-10-24man: document the default value of NoNewPrivileges=Zbigniew Jędrzejewski-Szmek
2016-10-20man: document default for User=Lennart Poettering
2016-10-17core/exec: add a named-descriptor option ("fd") for streams (#4179)Luca Bruno
2016-10-17man: avoid abbreviated "cgroups" terminology (#4396)Lennart Poettering
2016-10-15man: add crosslink between systemd.resource-control(5) and systemd.exec(5)Zbigniew Jędrzejewski-Szmek
2016-10-13Merge pull request #4243 from endocode/djalal/sandbox-first-protection-kernel...Lennart Poettering
2016-10-12man: typo fixesThomas Hindoe Paaboel Andersen
2016-10-12core:sandbox: lets make /lib/modules/ inaccessible on ProtectKernelModules=Djalal Harouni
2016-10-12doc: minor hint about InaccessiblePaths= in regard of ProtectKernelTunables=Djalal Harouni
2016-10-12core:sandbox: remove CAP_SYS_RAWIO on PrivateDevices=yesDjalal Harouni
2016-10-12core:sandbox: Add ProtectKernelModules= optionDjalal Harouni
2016-10-11Merge pull request #4348 from poettering/docfixesZbigniew Jędrzejewski-Szmek
2016-10-11man: beef up documentation on per-unit resource limits a bitLennart Poettering
2016-10-07core: add "invocation ID" concept to service managerLennart Poettering
2016-10-05seccomp: add support for the s390 architecture (#4287)hbrueckner
2016-10-03man: remove consecutive duplicate words (#4268)Stefan Schweter
2016-09-25core: Use @raw-io syscall group to filter I/O syscalls when PrivateDevices= i...Djalal Harouni
2016-09-25core:sandbox: add more /proc/* entries to ProtectKernelTunables=Djalal Harouni
2016-09-25doc: explicitly document that /dev/mem and /dev/port are blocked by PrivateDe...Djalal Harouni
2016-09-25doc: documentation fixes for ReadWritePaths= and ProtectKernelTunables=Djalal Harouni
2016-09-25man: shorten the exit status table a bitLennart Poettering
2016-09-25man: the exit code/signal is stored in $EXIT_CODE, not $EXIT_STATUSLennart Poettering
2016-09-25man: rework documentation for ReadOnlyPaths= and related settingsLennart Poettering
2016-09-25man: in user-facing documentaiton don't reference C function namesLennart Poettering
2016-09-25core: imply ProtectHome=read-only and ProtectSystem=strict if DynamicUser=1Lennart Poettering
2016-09-25core: introduce ProtectSystem=strictLennart Poettering
2016-09-25core: add two new service settings ProtectKernelTunables= and ProtectControlG...Lennart Poettering
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-25 14:06:40 +0000