index
:
~lukeshu/systemd
elogind/master
eudev/master
notsystemd/master
notsystemd/postmove
notsystemd/premove
notsystemd/wip/cgroup2
notsystemd/wip/nspawn
notsystemd/wip/nspawn-parse
systemd/master
systemd/parabola
Unnamed repository; edit this file 'description' to name the repository.
git-mirror
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
/
core
Age
Commit message (
Expand
)
Author
2016-10-10
tree-wide: pass return value of make_null_stdio() to warning instead of errno...
0xAX
2016-10-09
main: initialize default unit little later (#4321)
0xAX
2016-10-09
tree-wide: print warning in a failure case of make_null_stdio() (#4320)
0xAX
2016-10-07
core: only warn on short reads on signal fd
Zbigniew Jędrzejewski-Szmek
2016-10-07
manager: tighten incoming notification message checks
Lennart Poettering
2016-10-07
manager: be stricter with incomining notifications, warn properly about too l...
Lennart Poettering
2016-10-07
manager: don't ever busy loop when we get a notification message we can't pro...
Lennart Poettering
2016-10-06
core: add possibility to set action for ctrl-alt-del burst (#4105)
Lukáš Nykrýn
2016-10-06
user-util: rework maybe_setgroups() a bit
Lennart Poettering
2016-10-06
core: leave PAM stub process around with GIDs updated
Lennart Poettering
2016-10-06
core: do not fail in a container if we can't use setgroups
Giuseppe Scrivano
2016-10-05
Fix typo
Giuseppe Scrivano
2016-10-04
tree-wide: remove consecutive duplicate words in comments
Stefan Schweter
2016-10-04
automount: make sure the expire event is restarted after a daemon-reload (#4265)
Michael Olbrich
2016-10-01
core: do not try to create /run/systemd/transient in test mode
Zbigniew Jędrzejewski-Szmek
2016-10-01
core: complain if Before= dep on .device is declared
Zbigniew Jędrzejewski-Szmek
2016-10-01
core: update warning message
Zbigniew Jędrzejewski-Szmek
2016-10-01
core: get rid of unneeded state variable
Zbigniew Jędrzejewski-Szmek
2016-09-29
pid1: more informative error message for ignored notifications
Zbigniew Jędrzejewski-Szmek
2016-09-29
pid1: process zero-length notification messages again
Zbigniew Jędrzejewski-Szmek
2016-09-29
pid1: don't return any error in manager_dispatch_notify_fd() (#4240)
Franck Bui
2016-09-29
If the notification message length is 0, ignore the message (#4237)
Jorge Niedbalski
2016-09-28
Merge pull request #4185 from endocode/djalal-sandbox-first-protection-v1
Evgeny Vereshchagin
2016-09-26
core: Fix USB functionfs activation and clarify its documentation (#4188)
Paweł Szewczyk
2016-09-25
core: Use @raw-io syscall group to filter I/O syscalls when PrivateDevices= i...
Djalal Harouni
2016-09-25
core:namespace: simplify ProtectHome= implementation
Djalal Harouni
2016-09-25
core: simplify ProtectSystem= implementation
Djalal Harouni
2016-09-25
core:sandbox: add more /proc/* entries to ProtectKernelTunables=
Djalal Harouni
2016-09-25
core:namespace: simplify mount calculation
Djalal Harouni
2016-09-25
core:namespace: put paths protected by ProtectKernelTunables= in
Djalal Harouni
2016-09-25
core:namespace: minor improvements to append_mounts()
Djalal Harouni
2016-09-25
execute: move SMACK setup code into its own function
Lennart Poettering
2016-09-25
namespace: drop all mounts outside of the new root directory
Lennart Poettering
2016-09-25
main: minor simplification
Lennart Poettering
2016-09-25
execute: filter low-level I/O syscalls if PrivateDevices= is set
Lennart Poettering
2016-09-25
namespace: don't make the root directory of a namespace a mount if it already...
Lennart Poettering
2016-09-25
namespace: chase symlinks for mounts to set up in userspace
Lennart Poettering
2016-09-25
namespace: invoke unshare() only after checking all parameters
Lennart Poettering
2016-09-25
execute: drop group priviliges only after setting up namespace
Lennart Poettering
2016-09-25
core: imply ProtectHome=read-only and ProtectSystem=strict if DynamicUser=1
Lennart Poettering
2016-09-25
core: introduce ProtectSystem=strict
Lennart Poettering
2016-09-25
namespace: add some debug logging when enforcing InaccessiblePaths=
Lennart Poettering
2016-09-25
namespace: rework how ReadWritePaths= is applied
Lennart Poettering
2016-09-25
namespace: when enforcing fs namespace restrictions suppress redundant mounts
Lennart Poettering
2016-09-25
namespace: simplify mount_path_compare() a bit
Lennart Poettering
2016-09-25
execute: if RuntimeDirectory= is set, it should be writable
Lennart Poettering
2016-09-25
execute: move suppression of HOME=/ and SHELL=/bin/nologin into user-util.c
Lennart Poettering
2016-09-25
execute: split out creation of runtime dirs into its own functions
Lennart Poettering
2016-09-25
namespace: make sure InaccessibleDirectories= masks all mounts further down
Lennart Poettering
2016-09-25
core: add two new service settings ProtectKernelTunables= and ProtectControlG...
Lennart Poettering
[next]