shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-27 14:03:43 +03:00
Code
34,820 Commits 36 Branches 656 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Alan Jenkins 69338c3dfb namespace: don't try to remount superblocks 
We can't remount the underlying superblocks, if we are inside a user
namespace and running Linux <= 4.17.  We can only change the per-mount
flags (MS_REMOUNT | MS_BIND).

This type of mount() call can only change the per-mount flags, so we
don't have to worry about passing the right string options now.

Fixes #9914 ("Since 1beab8b was merged, systemd has been failing to start
systemd-resolved inside unprivileged containers" ... "Failed to re-mount
'/run/systemd/unit-root/dev' read-only: Operation not permitted").

> It's basically my fault :-). I pointed out we could remount read-only
> without MS_BIND when reviewing the PR that added TemporaryFilesystem=,
> and poettering suggested to change PrivateDevices= at the same time.
> I think it's safe to change back, and I don't expect anyone will notice
> a difference in behaviour.
>
> It just surprised me to realize that
> `TemporaryFilesystem=/tmp:size=10M,ro,nosuid` would not apply `ro` to the
> superblock (underlying filesystem), like mount -osize=10M,ro,nosuid does.
> Maybe a comment could note the kernel version (v4.18), that lets you
> remount without MS_BIND inside a user namespace.

This makes the code longer and I guess this function is still ugly, sorry.
One obstacle to cleaning it up is the interaction between
`PrivateDevices=yes` and `ReadOnlyPaths=/dev`.  I've added a test for the
existing behaviour, which I think is now the correct behaviour.
2018-08-30 11:17:16 +01:00
.github
github: use multiple issue templates
2018-05-10 07:58:38 -07:00
.mkosi
mkosi: add mkosi snippet for ubuntu, too
2018-06-14 17:44:20 +02:00
catalog
tree-wide: drop copyright lines for more authors
2018-06-22 16:39:45 +02:00
coccinelle
tree-wide: drop !! casts to booleans
2018-06-13 10:52:40 +02:00
doc
hashmap: add an environment variable to turn off the memory pool used by hashmaps
2018-08-03 17:36:11 +02:00
factory/etc
factory: remove broken pam_limits
2014-07-30 15:21:54 +02:00
hwdb
hwdb: Added values for another WALTOP Tablet
2018-08-27 14:10:08 +02:00
man
man: use singular “they”
2018-08-23 15:54:46 -07:00
modprobe.d
Add SPDX license headers to various assorted files
2017-11-19 19:08:15 +01:00
network
Drop my copyright headers
2018-06-14 13:03:20 +02:00
po
po: update Japanese translation
2018-08-24 16:53:50 +02:00
presets
Drop my copyright headers
2018-06-14 13:03:20 +02:00
rules
don't ignore zd* block devices
2018-08-27 14:13:25 +02:00
shell-completion
shell-completion: replace "gdb" verb with "debug" for coredumpctl
2018-08-20 09:43:44 +02:00
src
namespace: don't try to remount superblocks
2018-08-30 11:17:16 +01:00
sysctl.d
Revert "sysctl.d: request ECN on both in and outgoing connections"
2018-08-20 09:37:41 +02:00
sysusers.d
sysusers,tmpfiles: re-create systemd-network, systemd-resolve and systemd-timesync
2018-07-16 17:11:50 +02:00
test
namespace: don't try to remount superblocks
2018-08-30 11:17:16 +01:00
tmpfiles.d
sysusers,tmpfiles: re-create systemd-network, systemd-resolve and systemd-timesync
2018-07-16 17:11:50 +02:00
tools
tools: use print function in Python 3 code
2018-08-27 14:22:32 +02:00
travis-ci
travis: use Fedora 27 as a base image
2018-06-05 12:03:18 +03:00
units
units: assign user-runtime-dir@.service to user-%i.slice
2018-08-03 10:45:31 +02:00
xorg
login: avoid external process call
2018-01-12 18:02:57 +01:00
.dir-locals.el
make dir-locals work again with emacs 26.1
2018-07-23 20:00:48 +02:00
.editorconfig
editorconfig: add rule for meson.build files (#6671)
2017-08-28 16:37:23 +02:00
.gitattributes
git: indicate that tabs are never OK in the systemd tree
2013-10-30 02:25:38 +01:00
.gitignore
gitignore: add .gdb_history
2018-07-16 16:03:47 +02:00
.lgtm.yml
LGTM: make LGTM.com use meson from pip
2018-07-24 01:37:47 +09:00
.mailmap
update NEWS contributors list again
2018-06-20 13:32:57 +02:00
.travis.yml
Merge pull request #9193 from keszybz/coverity
2018-06-14 09:59:58 +02:00
.vimrc
vimrc: fix indentation logic for our docbook xml files
2016-04-29 12:23:34 +02:00
.ycm_extra_conf.py
ycm: add doc string for all the functions in configuration file
2017-11-29 13:21:49 -07:00
configure
build-sys: add basic support for ./configure && make && make install
2017-07-18 10:05:06 -04:00
LICENSE.GPL2
relicense to LGPLv2.1 (with exceptions)
2012-04-12 00:24:39 +02:00
LICENSE.LGPL2.1
licence: remove references to old FSF address
2012-12-17 11:41:31 +01:00
Makefile
build-sys: Fix Makefile wrapper for install target (#6548)
2017-08-07 11:29:20 +02:00
meson_options.txt
meson: rename -Ddebug to -Ddebug-extra
2018-08-20 16:10:57 -07:00
meson.build
networkd and sd-netlink: add support for Generic netlink And FooOverUDP to IPIP tunnel
2018-08-23 11:30:37 +02:00
mkosi.build
tree-wide: remove Lennart's copyright lines
2018-06-14 10:20:20 +02:00
mkosi.default
mkosi: create .mkosi directory
2016-10-06 11:53:58 -04:00
NEWS
Merge pull request #9504 from poettering/nss-deadlock
2018-07-26 10:16:25 +02:00
README
resolved: basic OpenSSL support for DNS-over-TLS
2018-07-27 21:23:17 +01:00
README.md
README.md: add an LGTM badge
2018-06-26 18:15:09 +02:00
TODO
update TODO
2018-08-10 16:20:48 +02:00
zanata.xml
po: add basic fedora.zanata.org configuration
2018-02-19 13:56:57 +01:00

README.md

systemd - System and Service Manager

Count of open issues over time Count of open pull requests over time Build Status
Coverity Scan Status
CII Best Practices
Build Status
Language Grade: C/C++

Details

General information about systemd can be found in the systemd Wiki.

Information about build requirements are provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the HACKING file for information how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.

Stable branches with backported patches are available in the stable repo.

Description
Backports of patch from systemd git to stable distributions
Readme 226 MiB
Languages
C 89.4%
Python 5.8%
Shell 2.1%
Meson 1.3%
HTML 0.9%
Other 0.4%