index
:
~lukeshu/systemd
elogind/master
eudev/master
notsystemd/master
notsystemd/postmove
notsystemd/premove
notsystemd/wip/cgroup2
notsystemd/wip/nspawn
notsystemd/wip/nspawn-parse
systemd/master
systemd/parabola
Unnamed repository; edit this file 'description' to name the repository.
git-mirror
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
man
/
systemd.exec.xml
Age
Commit message (
Expand
)
Author
2016-11-01
seccomp: allow specifying arm64, mips, ppc (#4491)
Zbigniew Jędrzejewski-Szmek
2016-10-31
man: fix typos (#4527)
Jakub Wilk
2016-10-28
Merge pull request #4495 from topimiettinen/block-shmat-exec
Djalal Harouni
2016-10-26
seccomp: also block shmat(..., SHM_EXEC) for MemoryDenyWriteExecute
Topi Miettinen
2016-10-24
man: document the default value of NoNewPrivileges=
Zbigniew Jędrzejewski-Szmek
2016-10-20
man: document default for User=
Lennart Poettering
2016-10-17
core/exec: add a named-descriptor option ("fd") for streams (#4179)
Luca Bruno
2016-10-17
man: avoid abbreviated "cgroups" terminology (#4396)
Lennart Poettering
2016-10-15
man: add crosslink between systemd.resource-control(5) and systemd.exec(5)
Zbigniew Jędrzejewski-Szmek
2016-10-13
Merge pull request #4243 from endocode/djalal/sandbox-first-protection-kernel...
Lennart Poettering
2016-10-12
man: typo fixes
Thomas Hindoe Paaboel Andersen
2016-10-12
core:sandbox: lets make /lib/modules/ inaccessible on ProtectKernelModules=
Djalal Harouni
2016-10-12
doc: minor hint about InaccessiblePaths= in regard of ProtectKernelTunables=
Djalal Harouni
2016-10-12
core:sandbox: remove CAP_SYS_RAWIO on PrivateDevices=yes
Djalal Harouni
2016-10-12
core:sandbox: Add ProtectKernelModules= option
Djalal Harouni
2016-10-11
Merge pull request #4348 from poettering/docfixes
Zbigniew Jędrzejewski-Szmek
2016-10-11
man: beef up documentation on per-unit resource limits a bit
Lennart Poettering
2016-10-07
core: add "invocation ID" concept to service manager
Lennart Poettering
2016-10-05
seccomp: add support for the s390 architecture (#4287)
hbrueckner
2016-10-03
man: remove consecutive duplicate words (#4268)
Stefan Schweter
2016-09-25
core: Use @raw-io syscall group to filter I/O syscalls when PrivateDevices= i...
Djalal Harouni
2016-09-25
core:sandbox: add more /proc/* entries to ProtectKernelTunables=
Djalal Harouni
2016-09-25
doc: explicitly document that /dev/mem and /dev/port are blocked by PrivateDe...
Djalal Harouni
2016-09-25
doc: documentation fixes for ReadWritePaths= and ProtectKernelTunables=
Djalal Harouni
2016-09-25
man: shorten the exit status table a bit
Lennart Poettering
2016-09-25
man: the exit code/signal is stored in $EXIT_CODE, not $EXIT_STATUS
Lennart Poettering
2016-09-25
man: rework documentation for ReadOnlyPaths= and related settings
Lennart Poettering
2016-09-25
man: in user-facing documentaiton don't reference C function names
Lennart Poettering
2016-09-25
core: imply ProtectHome=read-only and ProtectSystem=strict if DynamicUser=1
Lennart Poettering
2016-09-25
core: introduce ProtectSystem=strict
Lennart Poettering
2016-09-25
core: add two new service settings ProtectKernelTunables= and ProtectControlG...
Lennart Poettering
2016-08-19
core: add RemoveIPC= setting
Lennart Poettering
2016-08-11
man: add "timeout" to status table (#3919)
Zbigniew Jędrzejewski-Szmek
2016-08-07
Merge pull request #3914 from keszybz/fix-man-links
Lennart Poettering
2016-08-07
man: add a table of possible exit statuses (#3910)
Zbigniew Jędrzejewski-Szmek
2016-08-06
Merge pull request #3884 from poettering/private-users
Zbigniew Jędrzejewski-Szmek
2016-08-06
man: provide html links to a bunch of external man pages
Zbigniew Jędrzejewski-Szmek
2016-08-04
core: set $SERVICE_RESULT, $EXIT_CODE and $EXIT_STATUS in ExecStop=/ExecStopP...
Lennart Poettering
2016-08-03
core: add new PrivateUsers= option to service execution
Lennart Poettering
2016-07-25
Merge pull request #3728 from poettering/dynamic-users
Zbigniew Jędrzejewski-Szmek
2016-07-25
core: change ExecStart=! syntax to ExecStart=+ (#3797)
Lennart Poettering
2016-07-22
core: add a concept of "dynamic" user ids, that are allocated as long as a se...
Lennart Poettering
2016-07-19
doc,core: Read{Write,Only}Paths= and InaccessiblePaths=
Alessandro Puccetti
2016-07-19
namespace: unify limit behavior on non-directory paths
Alessandro Puccetti
2016-06-23
execute: add a new easy-to-use RestrictRealtime= option to units
Lennart Poettering
2016-06-15
core: set $JOURNAL_STREAM to the dev_t/ino_t of the journal stream of execute...
Lennart Poettering
2016-06-13
core: improve seccomp syscall grouping a bit
Lennart Poettering
2016-06-10
core/execute: add the magic character '!' to allow privileged execution (#3493)
Alessandro Puccetti
2016-06-03
core: Restrict mmap and mprotect with PAGE_WRITE|PAGE_EXEC (#3319) (#3379)
Topi Miettinen
2016-06-01
core: add pre-defined syscall groups to SystemCallFilter= (#3053) (#3157)
Topi Miettinen
[next]