| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-02-26 | core: add new RestrictAddressFamilies= switch | Lennart Poettering | |
| This new unit settings allows restricting which address families are available to processes. This is an effective way to minimize the attack surface of services, by turning off entire network stacks for them. This is based on seccomp, and does not work on x86-32, since seccomp cannot filter socketcall() syscalls on that platform. | |||
| 2014-02-12 | syscallfilter: port to libseccomp | Ronny Chevalier | |
| 2013-11-22 | build-sys: move more files from core/ to share/ that are generic enough | Lennart Poettering | |
| 2013-11-22 | bus: rework sd_bus_error APIs | Lennart Poettering | |
| All calls that set a sd_bus_error structure will now return the same error converted to a negative errno. This may be used as syntactic sugar to return from a function and setting a bus_error structure in one go. Also, translate all Linux Exyz (EIO, EINVAL, EUCLEAN, EPIPE, ...) automatically into counterparts in the (new) "Posix.Error." namespace. If we fail to allocate memory for the components of a sd_bus_error automatically reset it to an OOM error which we always can write. | |||
 |
index : ~lukeshu/systemd | |
| Unnamed repository; edit this file 'description' to name the repository. | git-mirror |
| summaryrefslogtreecommitdiff |