Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-02-21 | man: there is no ExecStopPre= for service units | Lennart Poettering | |
https://bugs.freedesktop.org/show_bug.cgi?id=73177 | |||
2014-02-20 | man: xinclude pkg-config note | Zbigniew Jędrzejewski-Szmek | |
2014-02-20 | man: xinclude --host/--machine | Zbigniew Jędrzejewski-Szmek | |
As usual, those common options are pushed to the end. | |||
2014-02-20 | man: xinclude --user/--system | Zbigniew Jędrzejewski-Szmek | |
2014-02-20 | man: xinclude --help/--version/--no-pager | Zbigniew Jędrzejewski-Szmek | |
2014-02-20 | build-sys: add conditionals and regenerate manpage list | Zbigniew Jędrzejewski-Szmek | |
The list of man pages is auto generated, based on conditonal='...' attributes in the man page itself. | |||
2014-02-21 | nspawn: when adding a veth interface to a bridge, use the "vb-" rather than ↵ | Lennart Poettering | |
"ve-" interface name prefix This way we can recognize the interfaces later on to apply different host-side configuration to them. | |||
2014-02-21 | core: Add AppArmor profile switching | Michael Scherer | |
This permit to switch to a specific apparmor profile when starting a daemon. This will result in a non operation if apparmor is disabled. It also add a new build requirement on libapparmor for using this feature. | |||
2014-02-21 | core: add new ConditionArchitecture() that checks the architecture returned ↵ | Lennart Poettering | |
by uname()'s machine field. | |||
2014-02-20 | man: networkd/udev - add to [Match] documentation | Tom Gundersen | |
2014-02-19 | udev: net-config - allow interface names to be set from the hwdb | Tom Gundersen | |
2014-02-19 | man: fix references to .pc files which aren't separate anymore | Lennart Poettering | |
2014-02-19 | man: don't advertise sd-daemon as embeddable anymore | Lennart Poettering | |
It's now part of libsystemd, and should be used like any other API. | |||
2014-02-19 | busctl: add --no-legend and use in bash completion | Thomas Hindoe Paaboel Andersen | |
2014-02-19 | man: busctl typo fix | Thomas Hindoe Paaboel Andersen | |
2014-02-19 | man: document $MAINPID | Lennart Poettering | |
2014-02-19 | core: add Personality= option for units to set the personality for spawned ↵ | Lennart Poettering | |
processes | |||
2014-02-18 | nspawn: add new --personality= switch to make it easier to run 32bit ↵ | Lennart Poettering | |
containers on a 64bit host | |||
2014-02-18 | net-match: fix Driver= match | Tom Gundersen | |
It should match on the driver of the parent device. | |||
2014-02-18 | seccomp: add helper call to add all secondary archs to a seccomp filter | Lennart Poettering | |
And make use of it where appropriate for executing services and for nspawn. | |||
2014-02-18 | machinectl: remove unused --no-ask-password | Thomas Hindoe Paaboel Andersen | |
2014-02-18 | machinectl: add bash completion | Thomas Hindoe Paaboel Andersen | |
2014-02-18 | man: machinectl: there is no command 'kill-machine' | Thomas Hindoe Paaboel Andersen | |
2014-02-18 | man: minor fixes to networkd page | Tom Gundersen | |
Also enforce that we don't allow setting the Broadcast for IPv6 addresses. | |||
2014-02-18 | doc: orthographic corrections | Jan Engelhardt | |
2014-02-17 | doc: utilize the DocBook markup for some literals | Jan Engelhardt | |
2014-02-17 | doc: reword "shared per-thread" wording | Jan Engelhardt | |
Either it is shared across threads, or it is per-thread: decide. Reading the source code, I see a thread_local identifier, so that's that. But that does not yet preclude that a program may pass around the pointer returned from the function among its own threads. Do a best effort at saying so. | |||
2014-02-17 | doc: balance C indirections in function prototypes | Jan Engelhardt | |
Shift the asterisks in the documentation's prototypes such that they are consistent among each other. Use the right side to match source code. | |||
2014-02-17 | doc: properly use XML entities | Jan Engelhardt | |
2014-02-17 | doc: choose different words to improve clarity | Jan Engelhardt | |
I suggest the following changes to improve the way the text reads ("flows"). | |||
2014-02-17 | doc: resolve missing/extraneous words or inappropriate forms | Jan Engelhardt | |
Issues fixed: * missing words required by grammar * duplicated or extraneous words * inappropriate forms (e.g. singular/plural), and declinations * orthographic misspellings | |||
2014-02-17 | doc: update punctuation | Jan Engelhardt | |
Resolve spotted issues related to missing or extraneous commas, dashes. | |||
2014-02-17 | doc: detail what "UID" is | Jan Engelhardt | |
2014-02-17 | doc: quote consistently in autoconf code | Jan Engelhardt | |
AS_HELP_STRING has been observed to expand such that the surround function complains; play it safe and consistenly quote the example code throughout. | |||
2014-02-17 | man: fix a typo | Ansgar Burchardt | |
2014-02-17 | Revert "man: systemd.service(5): clarify behavior of SuccessExitStatus" | Lennart Poettering | |
This reverts commit 29e254f7f093c07a1ec7e845e60203357f585235. Conflicts: man/systemd.service.xml | |||
2014-02-17 | Some modernizations | Zbigniew Jędrzejewski-Szmek | |
2014-02-16 | nspawn: add new --network-bridge= switch | Tom Gundersen | |
This adds the host side of the veth link to the given bridge. Also refactor the creation of the veth interfaces a bit to set it up from the host rather than the container. This simplifies the addition to the bridge, but otherwise the behavior is unchanged. | |||
2014-02-14 | man: use spaces instead of tabs | Jason St. John | |
Several sections of the man pages included intermixed tabs and spaces; this commit replaces all tabs with spaces. | |||
2014-02-14 | man: replace STDOUT with standard output, etc. | Zbigniew Jędrzejewski-Szmek | |
Actually 'STDOUT' is something that doesn't appear anywhere: in the stdlib we have 'stdin', and there's only the constant STDOUT_FILENO, so there's no reason to use capitals. When refering to code, STDOUT/STDOUT/STDERR are replaced with stdin/stdout/stderr, and in other places they are replaced with normal phrases like standard output, etc. | |||
2014-02-14 | man: fix grammatical errors and other formatting issues | Jason St. John | |
* standardize capitalization of STDIN, STDOUT, and STDERR * reword some sentences for clarity * reflow some very long lines to be shorter than ~80 characters * add some missing <literal>, <constant>, <varname>, <option>, and <filename> tags | |||
2014-02-14 | man: always place <programlisting> and </programlisting> in a line with ↵ | Lennart Poettering | |
actual sources, so that we don't get spurious newlines in the man page output | |||
2014-02-14 | man: systemd.service(5): clarify behavior of SuccessExitStatus | Dave Reisner | |
The behavior of this is a little cryptic in that $MAINPID must exit as a direct result of receiving a signal in order for a listed signal to be considered a success condition. | |||
2014-02-13 | nspawn: add new --network-veth switch to add a virtual ethernet link to the host | Lennart Poettering | |
2014-02-13 | nspawn: --private-network should imply CAP_NET_ADMIN | Lennart Poettering | |
2014-02-13 | nspawn: add new --network-interface= switch to move an existing interface ↵ | Lennart Poettering | |
into the container | |||
2014-02-13 | nspawn: introduce --capability=all for retaining all capabilities | Lennart Poettering | |
2014-02-13 | core: add a system-wide SystemCallArchitectures= setting | Lennart Poettering | |
This is useful to prohibit execution of non-native processes on systems, for example 32bit binaries on 64bit systems, this lowering the attack service on incorrect syscall and ioctl 32→64bit mappings. | |||
2014-02-13 | core: add SystemCallArchitectures= unit setting to allow disabling of non-native | Lennart Poettering | |
architecture support for system calls Also, turn system call filter bus properties into complex types instead of concatenated strings. | |||
2014-02-12 | core: rework syscall filter | Lennart Poettering | |
- Allow configuration of an errno error to return from blacklisted syscalls, instead of immediately terminating a process. - Fix parsing logic when libseccomp support is turned off - Only keep the actual syscall set in the ExecContext, and generate the string version only on demand. |