index
:
~lukeshu/systemd
elogind/master
eudev/master
notsystemd/master
notsystemd/postmove
notsystemd/premove
notsystemd/wip/cgroup2
notsystemd/wip/nspawn
notsystemd/wip/nspawn-parse
systemd/master
systemd/parabola
Unnamed repository; edit this file 'description' to name the repository.
git-mirror
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
/
core
/
namespace.c
Age
Commit message (
Expand
)
Author
2016-12-14
core: add ability to define arbitrary bind mounts for services
Lennart Poettering
2016-12-14
namespace: instead of chasing mount symlinks a priori, do so as-we-go
Lennart Poettering
2016-12-14
core: rename BindMount structure → MountEntry
Lennart Poettering
2016-12-14
namespace: add explicit read-only flag
Lennart Poettering
2016-12-13
namespace: reindent protect_system_strict_table[] as well
Lennart Poettering
2016-12-01
fs-util: add flags parameter to chase_symlinks()
Lennart Poettering
2016-12-01
tree-wide: stop using canonicalize_file_name(), use chase_symlinks() instead
Lennart Poettering
2016-11-17
namespace: clarify that /proc/apm is obsolete, but leave it blocked
Lennart Poettering
2016-11-17
namespace: reindent namespace tables
Lennart Poettering
2016-11-17
namespace: simplify, optimize and extend handling of mounts for namespace
Lennart Poettering
2016-11-10
core:namespace: count and free failed paths inside chase_all_symlinks() (#4619)
Djalal Harouni
2016-11-08
core: on DynamicUser= make sure that protecting sensitive paths is enforced (...
Djalal Harouni
2016-11-07
nspawn: slight simplification
Zbigniew Jędrzejewski-Szmek
2016-11-07
nspawn: avoid one strdup by using free_and_replace
Zbigniew Jędrzejewski-Szmek
2016-11-07
core: make RootDirectory= and ProtectKernelModules= work
Djalal Harouni
2016-10-23
tree-wide: drop NULL sentinel from strjoin
Zbigniew Jędrzejewski-Szmek
2016-10-12
core:sandbox: lets make /lib/modules/ inaccessible on ProtectKernelModules=
Djalal Harouni
2016-09-25
core:namespace: simplify ProtectHome= implementation
Djalal Harouni
2016-09-25
core: simplify ProtectSystem= implementation
Djalal Harouni
2016-09-25
core:sandbox: add more /proc/* entries to ProtectKernelTunables=
Djalal Harouni
2016-09-25
core:namespace: simplify mount calculation
Djalal Harouni
2016-09-25
core:namespace: put paths protected by ProtectKernelTunables= in
Djalal Harouni
2016-09-25
core:namespace: minor improvements to append_mounts()
Djalal Harouni
2016-09-25
namespace: drop all mounts outside of the new root directory
Lennart Poettering
2016-09-25
namespace: don't make the root directory of a namespace a mount if it already...
Lennart Poettering
2016-09-25
namespace: chase symlinks for mounts to set up in userspace
Lennart Poettering
2016-09-25
namespace: invoke unshare() only after checking all parameters
Lennart Poettering
2016-09-25
core: introduce ProtectSystem=strict
Lennart Poettering
2016-09-25
namespace: add some debug logging when enforcing InaccessiblePaths=
Lennart Poettering
2016-09-25
namespace: rework how ReadWritePaths= is applied
Lennart Poettering
2016-09-25
namespace: when enforcing fs namespace restrictions suppress redundant mounts
Lennart Poettering
2016-09-25
namespace: simplify mount_path_compare() a bit
Lennart Poettering
2016-09-25
namespace: make sure InaccessibleDirectories= masks all mounts further down
Lennart Poettering
2016-09-25
core: add two new service settings ProtectKernelTunables= and ProtectControlG...
Lennart Poettering
2016-07-22
Merge pull request #3764 from poettering/assorted-stuff-2
Martin Pitt
2016-07-20
namespace: fix wrong return value from mount(2) (#3758)
Topi Miettinen
2016-07-20
namespace: add a (void) cast
Lennart Poettering
2016-07-20
namespace: minor improvements
Lennart Poettering
2016-07-19
doc,core: Read{Write,Only}Paths= and InaccessiblePaths=
Alessandro Puccetti
2016-07-19
namespace: unify limit behavior on non-directory paths
Alessandro Puccetti
2016-05-15
namespace: Make private /dev noexec and readonly (#3263)
topimiettinen
2016-05-14
namespace: unmount old /dev under our new private /dev (#3254)
topimiettinen
2016-02-11
Remove kdbus custom endpoint support
Daniel Mack
2016-02-10
tree-wide: remove Emacs lines from all files
Daniel Mack
2015-10-27
util-lib: split out allocation calls into alloc-util.[ch]
Lennart Poettering
2015-10-27
user-util: move UID/GID related macros from macro.h to user-util.h
Lennart Poettering
2015-10-27
util-lib: split out umask-related code to umask-util.h
Lennart Poettering
2015-10-27
util-lib: move string table stuff into its own string-table.[ch]
Lennart Poettering
2015-10-27
util-lib: move mount related utility calls to mount-util.[ch]
Lennart Poettering
2015-10-26
socket-util: move remaining socket-related calls from util.[ch] to socket-uti...
Lennart Poettering
[next]