index
:
~lukeshu/systemd
elogind/master
eudev/master
notsystemd/master
notsystemd/postmove
notsystemd/premove
notsystemd/wip/cgroup2
notsystemd/wip/nspawn
notsystemd/wip/nspawn-parse
systemd/master
systemd/parabola
Unnamed repository; edit this file 'description' to name the repository.
git-mirror
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
/
core
Age
Commit message (
Expand
)
Author
2016-09-28
Merge pull request #4185 from endocode/djalal-sandbox-first-protection-v1
Evgeny Vereshchagin
2016-09-26
core: Fix USB functionfs activation and clarify its documentation (#4188)
Paweł Szewczyk
2016-09-25
core: Use @raw-io syscall group to filter I/O syscalls when PrivateDevices= i...
Djalal Harouni
2016-09-25
core:namespace: simplify ProtectHome= implementation
Djalal Harouni
2016-09-25
core: simplify ProtectSystem= implementation
Djalal Harouni
2016-09-25
core:sandbox: add more /proc/* entries to ProtectKernelTunables=
Djalal Harouni
2016-09-25
core:namespace: simplify mount calculation
Djalal Harouni
2016-09-25
core:namespace: put paths protected by ProtectKernelTunables= in
Djalal Harouni
2016-09-25
core:namespace: minor improvements to append_mounts()
Djalal Harouni
2016-09-25
execute: move SMACK setup code into its own function
Lennart Poettering
2016-09-25
namespace: drop all mounts outside of the new root directory
Lennart Poettering
2016-09-25
main: minor simplification
Lennart Poettering
2016-09-25
execute: filter low-level I/O syscalls if PrivateDevices= is set
Lennart Poettering
2016-09-25
namespace: don't make the root directory of a namespace a mount if it already...
Lennart Poettering
2016-09-25
namespace: chase symlinks for mounts to set up in userspace
Lennart Poettering
2016-09-25
namespace: invoke unshare() only after checking all parameters
Lennart Poettering
2016-09-25
execute: drop group priviliges only after setting up namespace
Lennart Poettering
2016-09-25
core: imply ProtectHome=read-only and ProtectSystem=strict if DynamicUser=1
Lennart Poettering
2016-09-25
core: introduce ProtectSystem=strict
Lennart Poettering
2016-09-25
namespace: add some debug logging when enforcing InaccessiblePaths=
Lennart Poettering
2016-09-25
namespace: rework how ReadWritePaths= is applied
Lennart Poettering
2016-09-25
namespace: when enforcing fs namespace restrictions suppress redundant mounts
Lennart Poettering
2016-09-25
namespace: simplify mount_path_compare() a bit
Lennart Poettering
2016-09-25
execute: if RuntimeDirectory= is set, it should be writable
Lennart Poettering
2016-09-25
execute: move suppression of HOME=/ and SHELL=/bin/nologin into user-util.c
Lennart Poettering
2016-09-25
execute: split out creation of runtime dirs into its own functions
Lennart Poettering
2016-09-25
namespace: make sure InaccessibleDirectories= masks all mounts further down
Lennart Poettering
2016-09-25
core: add two new service settings ProtectKernelTunables= and ProtectControlG...
Lennart Poettering
2016-09-25
core: enforce seccomp for secondary archs too, for all rules
Lennart Poettering
2016-09-16
tree-wide: rename config_parse_many to …_nulstr
Zbigniew Jędrzejewski-Szmek
2016-09-10
Merge pull request #4119 from keszybz/drop-more-kdbus
Evgeny Vereshchagin
2016-09-10
service: fixup ExecStop for socket-activated shutdown (#4120)
Kyle Russell
2016-09-09
unit: sent change signal before removing the unit if necessary (#4106)
Michael Olbrich
2016-09-09
pid1: drop kdbus_fd and all associated logic
Zbigniew Jędrzejewski-Szmek
2016-09-09
service: Continue shutdown on socket activated unit on termination (#4108)
Kyle Russell
2016-09-06
seccomp: also detect if seccomp filtering is enabled
Felipe Sateler
2016-08-31
core: introduce MemorySwapMax= (#3659)
Lennart Poettering
2016-08-31
load-fragment: Resolve specifiers in OnCalendar and On*Sec (#4045)
Lennart Poettering
2016-08-30
core: introduce MemorySwapMax=
WaLyong Cho
2016-08-27
mount: add SloppyOptions= to mount_dump()
Barron Rulon
2016-08-27
mount: add new ForceUnmount= setting for mount units, mapping to umount(8)'s ...
Barron Rulon
2016-08-26
load-fragment: Resolve specifiers in OnCalendar and On*Sec
Douglas Christman
2016-08-26
mount: add new LazyUnmount= setting for mount units, mapping to umount(8)'s "...
brulon
2016-08-26
Merge pull request #3984 from poettering/refcnt
Evgeny Vereshchagin
2016-08-23
core,network: Use const qualifiers for block-local variables in macro functio...
Felipe Sateler
2016-08-22
core: do not fail at step SECCOMP if there is no kernel support (#4004)
Felipe Sateler
2016-08-22
core: let's use set_contains() where appropriate
Lennart Poettering
2016-08-22
core: cache last CPU usage counter, before destorying a cgroup
Lennart Poettering
2016-08-22
core: add Ref()/Unref() bus calls for units
Lennart Poettering
2016-08-19
Merge pull request #3965 from htejun/systemd-controller-on-unified
Zbigniew Jędrzejewski-Szmek
[next]