shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-08 21:17:47 +03:00
Code
Backports of patch from systemd git to stable distributions
22,027 Commits 36 Branches 652 Tags 226 MiB
C 89.4%
Python 5.8%
Shell 2.1%
Meson 1.3%
HTML 0.9%
Other 0.4%
ed15589c98
Go to file
David Herrmann ed15589c98 bus-proxy: increase NOFILE limit 
The bus-proxy manages the kdbus connections of all users on the system
(regarding the system bus), hence, it needs an elevated NOFILE.
Otherwise, a single user can trigger ENFILE by opening NOFILE connections
to the bus-proxy.

Note that the bus-proxy still does per-user accounting, indirectly via
the proxy/fake API of kdbus. Hence, the effective per-user limit is not
raised by this. However, we now prevent one user from consuming the whole
FD limit of the shared proxy.

Also note that there is no *perfect* way to set this. The proxy is a
shared object, so it needs a larger NOFILE limit than the highest limit
of all users. This limit can be changed dynamically, though. Hence, we
cannot protect against it. However, a raised NOFILE limit is a privilege,
so we just treat it as such and basically allow these privileged users to
be able to consume more resources than normal users (and, maybe, cause
some limits to be exceeded by this).

Right now, kdbus hard-codes 1024 max connections per user on each bus.
However, we *must not* rely on this. This limits could be easily dropped
entirely, as the NOFILE limit is a suitable limit on its on.
2015-09-04 11:13:32 +02:00
catalog l10n: Add Belarusian translation 2015-06-15 00:13:43 +03:00
docs docs: add .gitignore 2015-07-06 17:47:38 +02:00
factory/etc factory: remove broken pam_limits 2014-07-30 15:21:54 +02:00
hwdb hwdb: Update database of Bluetooth company identifiers 2015-09-04 02:51:50 +02:00
m4 build-sys: Look for gcc-* binutils wrappers only if we're using GCC 2015-09-01 13:27:42 +02:00
man Merge pull request #1118 from jsynacek/man-dot-d-v2 2015-09-02 11:30:08 +02:00
network networkd: emit DNS/NTP/Timezone info via DHCP server by default 2015-08-27 16:47:26 +02:00
po po: update Polish translation 2015-08-29 20:33:02 +02:00
rules UML: Fix block device setup 2015-08-09 18:07:55 +02:00
shell-completion run: enable interactive authorization 2015-09-01 16:43:08 +00:00
src udev: ignore ENOEXEC from cgroup lookup 2015-09-03 15:19:15 +02:00
sysctl.d sysctl: add some hints how to override settings 2015-02-26 19:07:38 -05:00
system-preset preset: enable machines.target by default 2014-12-29 17:36:57 +01:00
sysusers.d turn kdbus support into a runtime option 2015-06-17 18:01:49 +02:00
test test: udev - Signal that test was skipped when running as non-root 2015-08-30 22:10:30 -07:00
tmpfiles.d tmpfiles: don't recursively descend into journal directories in /var 2015-07-09 18:46:01 -03:00
tools terminal: drop unfinished code 2015-07-27 20:15:34 +02:00
units bus-proxy: increase NOFILE limit 2015-09-04 11:13:32 +02:00
xorg login: support user-bus on dbus1 2015-08-31 18:12:37 +02:00
.dir-locals.el Keep emacs configuration in one configuration file. 2011-03-08 01:53:46 +01:00
.gitattributes git: indicate that tabs are never OK in the systemd tree 2013-10-30 02:25:38 +01:00
.gitignore Merge branch 'hostnamectl-dot-v2' 2015-08-05 21:02:41 -04:00
.mailmap prepare NEWS 2014-02-18 02:51:47 +01:00
.travis.yml remove gudev and gtk-doc 2015-06-03 00:22:53 +02:00
.vimrc vimrc: disable -fdiagnostics-color output 2013-10-20 04:29:39 +02:00
.ycm_extra_conf.py ycm: update flag blacklist 2014-06-04 15:41:10 -04:00
autogen.sh terminal: drop unfinished code 2015-07-27 20:15:34 +02:00
CODING_STYLE CODING_STYLE: say that "for (;;)" is better than "while (1)" 2015-07-31 20:00:07 +02:00
configure.ac build-sys: Look for gcc-* binutils wrappers only if we're using GCC 2015-09-01 13:27:42 +02:00
DISTRO_PORTING build-sys: warn if people don't change the default NTP servers when building systemd 2015-07-11 14:24:29 -03:00
LICENSE.GPL2 relicense to LGPLv2.1 (with exceptions) 2012-04-12 00:24:39 +02:00
LICENSE.LGPL2.1 licence: remove references to old FSF address 2012-12-17 11:41:31 +01:00
Makefile-man.am man: document nss-resolve 2015-08-26 11:00:09 +02:00
Makefile.am Merge pull request #1055 from poettering/dhcp-updates 2015-08-27 21:38:36 +02:00
NEWS NEWS: update 2015-08-27 17:03:18 +02:00
README README: drop reference to Endocode 2015-08-16 21:06:42 +02:00
README.md README.md: add Coverity scan status badge 2015-06-08 13:26:54 +02:00
TODO update TODO 2015-08-31 13:09:29 +02:00

README.md

systemd - System and Service Manager

Build Status
Coverity Scan Status

Details

  • General information about systemd can be found in the systemd Wiki
  • Information about build requirements are provided in the README file