Age | Commit message (Collapse) | Author |
|
This is useful to prohibit execution of non-native processes on systems,
for example 32bit binaries on 64bit systems, this lowering the attack
service on incorrect syscall and ioctl 32→64bit mappings.
|
|
|
|
architecture support for system calls
Also, turn system call filter bus properties into complex types instead
of concatenated strings.
|
|
|
|
- Allow configuration of an errno error to return from blacklisted
syscalls, instead of immediately terminating a process.
- Fix parsing logic when libseccomp support is turned off
- Only keep the actual syscall set in the ExecContext, and generate the
string version only on demand.
|
|
|
|
Some DHCP servers will not work correctly if secs == 0, so round up
to at least 1.
|
|
Udev does not run in containers, so instead of relying on it to tell us when a
network device is ready to be used by networkd, we simply assume that any
device was fully initialized before being added to the container.
|
|
This allows customization of the arguments used by less. The main
motivation is that some folks might not like having --no-init on every
invocation of less.
|
|
of this
|
|
Let's remove the tests for cg_path_get_machine_name(), since they no
longer operate solely on the cgroup path, but actually look up data in
/run. Since we have a test for cg_pid_get_machine_name() this shouldn't
be too much of a loss.
|
|
|
|
Otherwise we get a (harmless) message like:
systemd-logind[30845]: Failed to process message [type=signal sender=:1.36 path=/org/freedesktop/systemd1/job/4674 interface=org.freedesktop.DBus.Properties member=PropertiesChanged signature=sa{sv}as]: Invalid argument
|
|
KillUserProcesses=yes/no should be ignored when termination is
explicitly requested.
|
|
|
|
|
|
In function user_get_state() remove the session_is_active() check, just
count on the session_get_state() function to get the correct session
state.
session_is_active() may return true before starting the session scope
and user service, this means it will return true even before the creation
of the session fifo_fd which will produce incorrect states.
So be consistent and just use session_get_state().
|
|
disabled
|
|
or services) as machine with machined
|
|
|
|
|
|
the container with machined
|
|
|
|
The .sym file somehow lacks these declarations, so add these. You have to
run "make clean" to make sure the sym-test runs fine afterwards.
|
|
This fixes a regression introduced in 672682a6b
|
|
Also limit the range of vlan ids. Other implementations and
documentation use the ranges {0,1}-{4094,4095}, but we use
the one accepted by the kernel: 0-4094.
Reported-by: Oleksii Shevchuk <alxchk@gmail.com>
|
|
|
|
|
|
We are more likely to catch errors if we don't use '0' as test value.
|
|
|
|
namespacing
|
|
Let's always call the security labels the same way:
SMACK: "Smack Label"
SELINUX: "SELinux Security Context"
And the low-level encapsulation is called "seclabel". Now let's hope we
stick to this vocabulary in future, too, and don't mix "label"s and
"security contexts" and so on wildly.
|
|
-, like for others settings.
Also remove call to security_check_context, as this doesn't serve anything, since
setexeccon will fail anyway.
|
|
|
|
This permit to let system administrators decide of the domain of a service.
This can be used with templated units to have each service in a différent
domain ( for example, a per customer database, using MLS or anything ),
or can be used to force a non selinux enabled system (jvm, erlang, etc)
to start in a different domain for each service.
|
|
Found by the new check-includes make target.
|
|
This was noticed in Brussels at the hackfest. The fstab-generator currently
creates a broken symlink pointing to itself in
/run/systemd/generator/local-fs.target.wants/ for systemd-fsck-root.service
|
|
/etc/os-release is expected for the case for booting a full system, and
need not be required for thin container execution.
|
|
|
|
I'm not sure why this makes a difference...
|
|
If the password is a device file, we can add Requires/After dependencies
on the device rather than requiring the user to do so.
|
|
|
|
|
|
|
|
In the parse_env_file_push() and load_env_file_push() functions, there
are two assert() call to check if the key or value parameters are utf8 valid.
If the strings aren't utf8 valid, assert does abort.
These function are used early by systemd to parse some files. For
example '/etc/locale.conf'. In my case this file contained a not utf8
sequence, which is bad, but systemd crashed during the boot, which
is even worse!
The enclosed patch removes the assert and return -EINVAL if the
sequence is invalid. This is possible because the caller of these
function [1] checks the errors.
So the check of an invalid utf8 sequence is still performed, but
systemd doesn't crash anymore and logs the error.
[1] parse_env_file_internal(), invoked by load_env_file() and
parse_env_file()
|
|
|
|
the API file systems, nothing else
|
|
|
|
systemd-user-sessions.service
This way at shutdown we can be sure that the sessions go away before the
network.
|
|
Both in the configuration file format and everywhere else in the code.
|