summaryrefslogtreecommitdiff
path: root/man
AgeCommit message (Collapse)Author
2014-02-13core: add a system-wide SystemCallArchitectures= settingLennart Poettering
This is useful to prohibit execution of non-native processes on systems, for example 32bit binaries on 64bit systems, this lowering the attack service on incorrect syscall and ioctl 32→64bit mappings.
2014-02-13core: add SystemCallArchitectures= unit setting to allow disabling of non-nativeLennart Poettering
architecture support for system calls Also, turn system call filter bus properties into complex types instead of concatenated strings.
2014-02-12core: rework syscall filterLennart Poettering
- Allow configuration of an errno error to return from blacklisted syscalls, instead of immediately terminating a process. - Fix parsing logic when libseccomp support is turned off - Only keep the actual syscall set in the ExecContext, and generate the string version only on demand.
2014-02-12syscallfilter: port to libseccompRonny Chevalier
2014-02-12man: use xinclude to de-deduplicate common textZbigniew Jędrzejewski-Szmek
I only tested with python-lxml. I'm not sure if xml.etree should be deprecated.
2014-02-12pager: support SYSTEMD_LESS environment variableJason A. Donenfeld
This allows customization of the arguments used by less. The main motivation is that some folks might not like having --no-init on every invocation of less.
2014-02-12nspawn: newer kernels (>= 3.14) allow resetting the audit loginuid, make use ↵Lennart Poettering
of this
2014-02-12machinectl: add new "machinectl reboot" callLennart Poettering
2014-02-11machined: optionally, allow registration of pre-existing units (scopesLennart Poettering
or services) as machine with machined
2014-02-11nspawn: add --register=yes|no switch to optionally disable registration of ↵Lennart Poettering
the container with machined
2014-02-10networkd: VLAN - allow multiple vlans to be created on a linkTom Gundersen
Also limit the range of vlan ids. Other implementations and documentation use the ranges {0,1}-{4094,4095}, but we use the one accepted by the kernel: 0-4094. Reported-by: Oleksii Shevchuk <alxchk@gmail.com>
2014-02-10nspawn: add new --share-system switch to run a container without PID/UTS/IPC ↵Lennart Poettering
namespacing
2014-02-10nspawn,man: use a common vocabulary when referring to selinux security contextsLennart Poettering
Let's always call the security labels the same way: SMACK: "Smack Label" SELINUX: "SELinux Security Context" And the low-level encapsulation is called "seclabel". Now let's hope we stick to this vocabulary in future, too, and don't mix "label"s and "security contexts" and so on wildly.
2014-02-10exec: Add support for ignoring errors on SELinuxContext by prefixing it with ↵Michael Scherer
-, like for others settings. Also remove call to security_check_context, as this doesn't serve anything, since setexeccon will fail anyway.
2014-02-10exec: Add SELinuxContext configuration itemMichael Scherer
This permit to let system administrators decide of the domain of a service. This can be used with templated units to have each service in a différent domain ( for example, a per customer database, using MLS or anything ), or can be used to force a non selinux enabled system (jvm, erlang, etc) to start in a different domain for each service.
2014-02-09man: fix another reference in systemd-inhibit(1)Zbigniew Jędrzejewski-Szmek
http://bugs.debian.org/738316
2014-02-09man: fix reference in systemd-inhibit(1)Zbigniew Jędrzejewski-Szmek
http://bugs.debian.org/738316
2014-02-07nspawn: rename --file-label to --apifs-label since it's really just about ↵Lennart Poettering
the API file systems, nothing else
2014-02-07networkd: netdev - rename Netdev to NetDevTom Gundersen
Both in the configuration file format and everywhere else in the code.
2014-02-07man: cryptsetup-1.6.3 now allows partition device file in system modeJan Janssen
2014-02-06nspawn: add --quiet switch for turning off any output noiseLennart Poettering
2014-02-05man: introduce new "Desktop" property for sessionsLennart Poettering
This is initialized from XDG_SESSION_DESKTOP and is useful for GNOME to recognize its own sessions. It's supposed to be set to a short string identifying the session, such as "kde" or "gnome".
2014-02-05logind: make session type and class settable via the same waysLennart Poettering
If the session type/class is set via environment variables, use that, and otherwise fallback to something that is set via the PAM module command line.
2014-02-04nspawn: various fixes in selinux hookupLennart Poettering
- As suggested, prefix argument variables with "arg_" how we do this usually. - As suggested, don't involve memory allocations when storing command line arguments. - Break --help text at 80 chars - man: explain that this is about SELinux - don't do unnecessary memory allocations when putting together mount option string
2014-02-04Add SELinux support to systemd-nspawnDan Walsh
This patch adds to new options: -Z PROCESS_LABEL This specifies the process label to run on processes run within the container. -L FILE_LABEL The file label to assign to memory file systems created within the container. For example if you wanted to wrap an container with SELinux sandbox labels, you could execute a command line the following chcon system_u:object_r:svirt_sandbox_file_t:s0:c0,c1 -R /srv/container systemd-nspawn -L system_u:object_r:svirt_sandbox_file_t:s0:c0,c1 -Z system_u:system_r:svirt_lxc_net_t:s0:c0,c1 -D /srv/container /bin/sh
2014-01-30networkd: dhcpv4 - add notion of 'CriticalConnection'Tom Gundersen
These connections are never torn down, even when the DHCP specifications say that they should be. This is useful/necessary when the rootfs (or another critical fs) is mounted over this network connection, and dataloss would result if the connection is lost. This option defaults to off, but our initrd generator (TBD) will enable it when applicable.
2014-01-29core: introduce new KillMode=mixed which sends SIGTERM only to the main ↵Lennart Poettering
process, but SIGKILL to all daemon processes This should fix some race with terminating systemd --user, where the system systemd instance might race against the user systemd instance when sending SIGTERM.
2014-01-28man: remove erroneous history sectionZbigniew Jędrzejewski-Szmek
2014-01-27manager: add systemd.show_status=auto modeZbigniew Jędrzejewski-Szmek
When set to auto, status will shown when the first ephemeral message is shown (a job has been running for five seconds). Then until the boot or shutdown ends, status messages will be shown. No indication about the switch is done: I think it should be clear for the user that first the cylon eye and the ephemeral messages appear, and afterwards messages are displayed. The initial arming of the event source was still wrong, but now should really be fixed.
2014-01-27journal: guarantee async-signal-safety in sd_journald_sendvZbigniew Jędrzejewski-Szmek
signal(7) provides a list of functions which may be called from a signal handler. Other functions, which only call those functions and don't access global memory and are reentrant are also safe. sd_j_sendv was mostly OK, but would call mkostemp and writev in a fallback path, which are unsafe. Being able to call sd_j_sendv in a async-signal-safe way is important because it allows it be used in signal handlers. Safety is achieved by replacing mkostemp with open(O_TMPFILE) and an open-coded writev replacement which uses write. Unfortunately, O_TMPFILE is only available on kernels >= 3.11. When O_TMPFILE is unavailable, an open-coded mkostemp is used. https://bugzilla.gnome.org/show_bug.cgi?id=722889
2014-01-26cryptsetup: Support key-slot optionChristian Seiler
Debian recently introduced the option key-slot to /etc/crypttab to specify the LUKS key slot to be used for decrypting the device. On systems where a keyfile is used and the key is not in the first slot, this can speed up the boot process quite a bit, since cryptsetup does not need to try all of the slots sequentially. (Unsuccessfully testing a key slot typically takes up to about 1 second.) This patch makes systemd aware of this option. Debian bug that introduced the feature: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704470
2014-01-25networkd: add basic VLAN supportTom Gundersen
2014-01-22networkd: add basic bonding supportTom Gundersen
Refactor bridging support to be generic netdev support and extend it to cover bonding as well.
2014-01-22man: document message timestamping/sequence number APILennart Poettering
2014-01-20exec: introduce PrivateDevices= switch to provide services with a private /devLennart Poettering
Similar to PrivateNetwork=, PrivateTmp= introduce PrivateDevices= that sets up a private /dev with only the API pseudo-devices like /dev/null, /dev/zero, /dev/random, but not any physical devices in them.
2014-01-18networkd: dhcp - by default ignore the MTUTom Gundersen
2014-01-16sd-dhcp-client/networkd: add transient hostname supportTom Gundersen
2014-01-16sd-dhcp-client/networkd: add interface MTU supportTom Gundersen
2014-01-15systemctl: introduce new "import-environment" commandLennart Poettering
This may be used in graphical session start-up scripts to upload environment variables such as $DISPLAY into the systemd manager easily.
2014-01-13networkd: DHCPv4 - allow opting out of using DNS serversTom Gundersen
Setting UseDNS=no will ignore any received DNS servers.
2014-01-13libsystemd-bus: rename to libsystemdTom Gundersen
Documentation was updated to refer to either 'libsystemd' or 'sd-bus' in place of libsystemd-bus.
2014-01-11man: add busctl(1)Zbigniew Jędrzejewski-Szmek
2014-01-11journald: do not free space when disk space runs lowZbigniew Jędrzejewski-Szmek
Before, journald would remove journal files until both MaxUse= and KeepFree= settings would be satisfied. The first one depends (if set automatically) on the size of the file system and is constant. But the second one depends on current use of the file system, and a spike in disk usage would cause journald to delete journal files, trying to reach usage which would leave 15% of the disk free. This behaviour is surprising for the user who doesn't expect his logs to be purged when disk usage goes above 85%, which on a large disk could be some gigabytes from being full. In addition attempting to keep 15% free provides an attack vector where filling the disk sufficiently disposes of almost all logs. Instead, obey KeepFree= only as a limit on adding additional files. When replacing old files with new, ignore KeepFree=. This means that if journal disk usage reached some high point that at some later point start to violate the KeepFree= constraint, journald will not add files to go above this point, but it will stay (slightly) below it. When journald is restarted, it forgets the previous maximum usage value, and sets the limit based on the current usage, so if disk remains to be filled, journald might use one journal-file-size less on each restart, if restarts happen just after rotation. This seems like a reasonable compromise between implementation complexity and robustness.
2014-01-11journalctl: allow globbing in --unit and --user-unitZbigniew Jędrzejewski-Szmek
This is a continuation of e3e0314b systemctl: allow globbing in commands which take multiple unit names. Multiple patterns can be specified, as separate arguments, or as one argument with patterns seperated by commas. If patterns are given, at least one unit must be matched (by any of the patterns). This is different behaviour than systemctl, but here it is necessary because otherwise anything would be matched, which is unlikely to be the intended behaviour. https://bugs.freedesktop.org/show_bug.cgi?id=59336
2014-01-10man: clarify sd_bus_e_get_errno with NULL argZbigniew Jędrzejewski-Szmek
2014-01-09man: mention which variables will be expanded in ExecStartZbigniew Jędrzejewski-Szmek
2014-01-07man: document label escaping functionsZbigniew Jędrzejewski-Szmek
2014-01-07man: fix bogus description of sd_bus_creds_has_*_capZbigniew Jędrzejewski-Szmek
2014-01-07man: document sd-bus error functionsZbigniew Jędrzejewski-Szmek
2014-01-05man: document some more bus functionsZbigniew Jędrzejewski-Szmek