index
:
~lukeshu/systemd
elogind/master
eudev/master
notsystemd/master
notsystemd/postmove
notsystemd/premove
notsystemd/wip/cgroup2
notsystemd/wip/nspawn
notsystemd/wip/nspawn-parse
systemd/master
systemd/parabola
Unnamed repository; edit this file 'description' to name the repository.
git-mirror
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
Age
Commit message (
Expand
)
Author
2016-09-29
pid1: more informative error message for ignored notifications
Zbigniew Jędrzejewski-Szmek
2016-09-29
pid1: process zero-length notification messages again
Zbigniew Jędrzejewski-Szmek
2016-09-29
pid1: don't return any error in manager_dispatch_notify_fd() (#4240)
Franck Bui
2016-09-29
If the notification message length is 0, ignore the message (#4237)
Jorge Niedbalski
2016-09-28
journal: add stdout_stream_scan() comment (#4102)
Vito Caputo
2016-09-28
Merge pull request #4185 from endocode/djalal-sandbox-first-protection-v1
Evgeny Vereshchagin
2016-09-27
Merge pull request #4220 from keszybz/show-and-formatting-fixes
Martin Pitt
2016-09-27
basic: fix for IPv6 status (#4224)
Susant Sahani
2016-09-27
test: make sure that {readonly|inaccessible|readwrite}paths disconnect mount ...
Djalal Harouni
2016-09-27
test: add tests for simple ReadOnlyPaths= case
Djalal Harouni
2016-09-26
test-bus-creds: are more debugging info
Zbigniew Jędrzejewski-Szmek
2016-09-26
udev/path_id: introduce support for NVMe devices (#4169)
Keith Busch
2016-09-26
core: Fix USB functionfs activation and clarify its documentation (#4188)
Paweł Szewczyk
2016-09-26
machinectl: prefer user@ to --uid=user for shell (#4006)
Zbigniew Jędrzejewski-Szmek
2016-09-26
journald,ratelimit: fix wrong calculation of burst_modulate() (#4218)
HATAYAMA Daisuke
2016-09-26
coredump: initialize coredump_size in submit_coredump() (#4219)
Matej Habrnal
2016-09-26
treewide: fix typos (#4217)
Torstein Husebø
2016-09-25
test: add CAP_MKNOD tests for PrivateDevices=
Djalal Harouni
2016-09-25
core: Use @raw-io syscall group to filter I/O syscalls when PrivateDevices= i...
Djalal Harouni
2016-09-25
core:namespace: simplify ProtectHome= implementation
Djalal Harouni
2016-09-25
core: simplify ProtectSystem= implementation
Djalal Harouni
2016-09-25
core:sandbox: add more /proc/* entries to ProtectKernelTunables=
Djalal Harouni
2016-09-25
core:namespace: simplify mount calculation
Djalal Harouni
2016-09-25
core:namespace: put paths protected by ProtectKernelTunables= in
Djalal Harouni
2016-09-25
core:namespace: minor improvements to append_mounts()
Djalal Harouni
2016-09-25
execute: move SMACK setup code into its own function
Lennart Poettering
2016-09-25
namespace: drop all mounts outside of the new root directory
Lennart Poettering
2016-09-25
main: minor simplification
Lennart Poettering
2016-09-25
execute: filter low-level I/O syscalls if PrivateDevices= is set
Lennart Poettering
2016-09-25
namespace: don't make the root directory of a namespace a mount if it already...
Lennart Poettering
2016-09-25
namespace: chase symlinks for mounts to set up in userspace
Lennart Poettering
2016-09-25
namespace: invoke unshare() only after checking all parameters
Lennart Poettering
2016-09-25
execute: drop group priviliges only after setting up namespace
Lennart Poettering
2016-09-25
nspawn: let's mount /proc/sysrq-trigger read-only by default
Lennart Poettering
2016-09-25
core: imply ProtectHome=read-only and ProtectSystem=strict if DynamicUser=1
Lennart Poettering
2016-09-25
core: introduce ProtectSystem=strict
Lennart Poettering
2016-09-25
namespace: add some debug logging when enforcing InaccessiblePaths=
Lennart Poettering
2016-09-25
namespace: rework how ReadWritePaths= is applied
Lennart Poettering
2016-09-25
namespace: when enforcing fs namespace restrictions suppress redundant mounts
Lennart Poettering
2016-09-25
namespace: simplify mount_path_compare() a bit
Lennart Poettering
2016-09-25
execute: if RuntimeDirectory= is set, it should be writable
Lennart Poettering
2016-09-25
execute: move suppression of HOME=/ and SHELL=/bin/nologin into user-util.c
Lennart Poettering
2016-09-25
execute: split out creation of runtime dirs into its own functions
Lennart Poettering
2016-09-25
namespace: make sure InaccessibleDirectories= masks all mounts further down
Lennart Poettering
2016-09-25
core: add two new service settings ProtectKernelTunables= and ProtectControlG...
Lennart Poettering
2016-09-25
core: enforce seccomp for secondary archs too, for all rules
Lennart Poettering
2016-09-24
journal-remote: fix error format string
Zbigniew Jędrzejewski-Szmek
2016-09-24
systemctl: suppress errors with "show" for nonexistent units and properties
Zbigniew Jędrzejewski-Szmek
2016-09-24
systemctl,networkctl,busctl,backlight: use STRPTR_IN_SET
Zbigniew Jędrzejewski-Szmek
2016-09-24
basic/strv: add STRPTR_IN_SET
Zbigniew Jędrzejewski-Szmek
[next]