| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-11-13 | sd-bus: sync with kdbus upstream (ABI break) | Daniel Mack | |
| kdbus has seen a larger update than expected lately, most notably with kdbusfs, a file system to expose the kdbus control files: * Each time a file system of this type is mounted, a new kdbus domain is created. * The layout inside each mount point is the same as before, except that domains are not hierarchically nested anymore. * Domains are therefore also unnamed now. * Unmounting a kdbusfs will automatically also detroy the associated domain. * Hence, the action of creating a kdbus domain is now as privileged as mounting a filesystem. * This way, we can get around creating dev nodes for everything, which is last but not least something that is not limited by 20-bit minor numbers. The kdbus specific bits in nspawn have all been dropped now, as nspawn can rely on the container OS to set up its own kdbus domain, simply by mounting a new instance. A new set of mounts has been added to mount things *after* the kernel modules have been loaded. For now, only kdbus is in this set, which is invoked with mount_setup_late(). | |||
| 2014-06-10 | bus-proxy: read the right policy when running in user mode | Lennart Poettering | |
| 2014-06-04 | core: rename ReadOnlySystem= to ProtectSystem= and add a third value for ↵ | Lennart Poettering | |
| also mounting /etc read-only Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit. With this in place we now have two neat options ProtectSystem= and ProtectHome= for protecting the OS itself (and optionally its configuration), and for protecting the user's data. | |||
| 2014-06-04 | bus-proxy: drop priviliges if we can | Lennart Poettering | |
| Either become uid/gid of the client we have been forked for, or become the "systemd-bus-proxy" user if the client was root. We retain CAP_IPC_OWNER so that we can tell kdbus we are actually our own client. | |||
| 2014-03-19 | core: enable PrivateNetwork= for a number of our long running services where ↵ | Lennart Poettering | |
| this is useful | |||
| 2014-03-19 | units: make use of PrivateTmp=yes and PrivateDevices=yes for all our ↵ | Lennart Poettering | |
| long-running daemons | |||
| 2013-12-23 | units: limit caps for bus proxyd and driverd services | Lennart Poettering | |
| 2013-12-21 | bus: send status message from proxyd to systemd about client we are working for | Lennart Poettering | |
| 2013-12-16 | bus: fix typo in systemd-bus-proxyd | Kay Sievers | |
| 2013-12-13 | bus: install systemd-bus-proxyd unit files for compatibility with dbus1 | Lennart Poettering | |
 |
index : ~lukeshu/systemd | |
| Unnamed repository; edit this file 'description' to name the repository. | git-mirror |
| summaryrefslogtreecommitdiff |