~lukeshu/systemd - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2016-06-22	units: add nosuid and nodev options to tmp.mount (#3575)	Martin Pitt
	This makes privilege escalation attacks harder by putting traps and exploits into /tmp. https://bugs.debian.org/826377
2016-04-22	tmp.mount.hm4: After swap.target (#3087)	frankheckenbach
	fix issue #2930
2015-11-12	core: remove SmackFileSystemRootLabel= again	Lennart Poettering
	Apparently, util-linux' mount command implicitly drops the smack-related options anyway before passing them to the kernel, if the kernel doesn't know SMACK, hence there's no point in duplicating this in systemd. Fixes #1696
2015-10-26	core: rename SmackFileSystemRoot= to SmackFileSystemRootLabel=	Lennart Poettering
	That way it's in sync with the other SMACK label settings. https://github.com/systemd/systemd/pull/1664#issuecomment-150891270
2015-10-24	units: add 'SmackFileSystemRoot=*' option into tmp.mount	Sangjung Woo
	If SMACK is enabled, 'smackfsroot=' option should be specified when /tmp is mounted since many non-root processes use /tmp for temporary usage. If not, /tmp is labeled as '_' and smack denial occurs when writing. In order to do that, 'SmackFileSystemRoot=' is newly added into tmp.mount.
2015-10-18	Revert "units: add 'smackfsroot=*' option into tmp.mount when SMACK is enabled"	Kay Sievers
	This reverts commit 409c2a13fd65692c611b7bcaba12e908ef7cf1e5. It breaks the bootup of systems which enable smack at compile time, but have no smack enabled in the kernel. This needs a different solution.
2015-10-15	units: add 'smackfsroot=*' option into tmp.mount when SMACK is enabled	Sangjung Woo
	If SMACK is enabled, 'smackfsroot=*' option should be specified in tmp.mount file since many non-root processes use /tmp for temporary usage. If not, /tmp is labeled as '_' and smack denial occurs when writing.