shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-03 01:17:45 +03:00
Code
Backports of patch from systemd git to stable distributions
42,276 Commits 36 Branches 652 Tags 226 MiB
C 89.4%
Python 5.8%
Shell 2.1%
Meson 1.3%
HTML 0.9%
Other 0.4%
4e67759960
Go to file
Lennart Poettering 4e67759960 core: be more lenient when checking whether sandboxing is necessary 
In some containers unshare() is made unavailable entirely. Let's deal
with this that more gracefully and disable our sandboxing of services
then, so that we work in a container, under the assumption the container
manager is then responsible for sandboxing if we can't do it ourselves.

Previously, we'd insist on sandboxing as soon as any form of BindPath=
is used. With this change we only insist on it if we have a setting like
that where source and destination differ, i.e. there's a mapping
established that actually rearranges things, and thus would result in
systematically different behaviour if skipped (as opposed to mappings
that just make stuff read-only/writable that otherwise arent').

(Let's also update a test that intended to test for this behaviour with
a more specific configuration that still triggers the behaviour with
this change in place)

Fixes: #13955

(For testing purposes unshare() can easily be blocked with
systemd-nspawn --system-call-filter=~unshare.)
2019-11-20 12:30:04 +01:00
.github FUNDING: this needs to be yaml 2019-07-08 16:55:31 +02:00
.lgtm/cpp-queries lgtm: complain about accept() [people should use accept4() instead, due to O_CLOEXEC] 2019-04-10 20:03:38 +02:00
.mkosi mkosi: Find hostname command on Arch Linux 2019-11-01 13:34:41 +01:00
catalog catalog: update Polish translation 2019-07-29 09:30:24 +02:00
coccinelle tree-wide: use empty-to-root a bit more 2019-07-16 12:40:22 +02:00
docs Allow overriding /etc/fstab with $SYSTEMD_FSTAB 2019-11-13 22:04:51 +01:00
factory/etc factory: add default /etc/issue file 2019-07-24 08:57:23 +09:00
hwdb.d hwdb: update 2019-11-15 11:36:59 +01:00
man Merge pull request #14064 from yuwata/network-unify-send-option-and-send-raw-option 2019-11-18 22:21:37 +01:00
modprobe.d Add SPDX license headers to various assorted files 2017-11-19 19:08:15 +01:00
network network: install wifi-adhoc.network by default, make wifi-{ap,station} examples 2019-10-30 11:21:41 +01:00
po po: update Polish translation 2019-10-26 17:17:30 +02:00
presets Drop my copyright headers 2018-06-14 13:03:20 +02:00
rules.d Rename udev's rules/ to rules.d/ 2019-10-10 00:53:09 +01:00
semaphoreci semaphore: turn on systemd-networkd in lxc-containers on Semaphore 2019-09-25 05:19:12 +00:00
shell-completion core: add support for RestartKillSignal= to override signal used for restart jobs 2019-10-02 14:01:25 +02:00
src core: be more lenient when checking whether sandboxing is necessary 2019-11-20 12:30:04 +01:00
sysctl.d sysctl: prefix ping port range setting with a dash 2019-07-26 09:26:07 +02:00
sysusers.d sysusers,tmpfiles: re-create systemd-network, systemd-resolve and systemd-timesync 2018-07-16 17:11:50 +02:00
test core: be more lenient when checking whether sandboxing is necessary 2019-11-20 12:30:04 +01:00
tmpfiles.d Corect man page reference in systemd-nologin.conf comments 2019-09-24 09:48:03 +02:00
tools meson: add target to update the chromiumos rules 2019-11-15 11:36:59 +01:00
travis-ci coverity: replace python with jq 2019-10-30 09:17:04 +01:00
units units: set ProtectKernelLogs=yes on relevant units 2019-11-15 00:59:54 -08:00
xorg scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.ctags editors: Prevent ctags from following symlinks 2019-02-15 11:01:20 -08:00
.dir-locals.el scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.editorconfig scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.gitattributes git: indicate that tabs are never OK in the systemd tree 2013-10-30 02:25:38 +01:00
.gitignore gitignore: add nspawn image lock and mkosi temporary files 2018-09-07 20:00:22 +02:00
.lgtm.yml lgtm: use python3 2018-12-10 03:07:17 +09:00
.mailmap mailmap: add entry to fix authorship of commit 2019-10-21 15:10:58 +02:00
.travis.yml travis: skip the right stage 2019-09-07 22:01:16 +00:00
.vimrc scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.ycm_extra_conf.py ycm: add doc string for all the functions in configuration file 2017-11-29 13:21:49 -07:00
azure-pipelines.yml Free up some resources on Azure Pipelines 2019-07-17 13:28:38 +09:00
configure build-sys: add basic support for ./configure && make && make install 2017-07-18 10:05:06 -04:00
fuzzbuzz.yaml fuzzbuzz: rename fuzz.yaml to fuzzbuzz.yaml 2019-07-10 05:11:52 +03:00
LICENSE.GPL2 relicense to LGPLv2.1 (with exceptions) 2012-04-12 00:24:39 +02:00
LICENSE.LGPL2.1 licence: remove references to old FSF address 2012-12-17 11:41:31 +01:00
Makefile build-sys: Fix Makefile wrapper for install target (#6548) 2017-08-07 11:29:20 +02:00
meson_options.txt meson: make user $PATH configurable 2019-11-13 22:34:14 +01:00
meson.build meson: add target to update the chromiumos rules 2019-11-15 11:36:59 +01:00
mkosi.build mkosi: let's update the boot loader also in /efi 2019-03-01 12:41:32 +01:00
mkosi.default mkosi: create .mkosi directory 2016-10-06 11:53:58 -04:00
NEWS NEWS: SendRawOption= -> SendOption= 2019-11-19 11:52:36 +01:00
README resolved: require at least version 3.6.0 of GnuTLS for DNS-over-TLS 2019-10-29 20:26:05 +01:00
README.md add systemd logo to README.md 2019-10-30 23:22:07 +01:00
TODO update TODO 2019-11-19 15:42:55 +01:00
zanata.xml po: add basic fedora.zanata.org configuration 2018-02-19 13:56:57 +01:00

README.md

systemd - System and Service Manager

systemd logo

Count of open issues over time Count of open pull requests over time Semaphore CI Build Status
Coverity Scan Status
Fuzzit Status
OSS-Fuzz Status
CII Best Practices
Travis CI Build Status
Language Grade: C/C++
CentOS CI Build Status
Build Status

Details

General information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.

Stable branches with backported patches are available in the stable repo.