shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-12 15:21:19 +03:00
Code
22,417 Commits 3 Branches 391 Tags 543 MiB
2feceb5eb9
Commit Graph

373 Commits

Author SHA1 Message Date
Lennart Poettering
1e41be2015 nspawn,namespaces: make sure we recursively bind mount things in 
We want to make sure that everything from the host is also visible in
the sandbox.
 2012-08-13 16:25:03 +02:00
Lennart Poettering
b4c59701f8 nspawn: unset a few unnecessary params to mount() 2012-08-13 16:23:31 +02:00
Lennart Poettering
6f67a45d8e nspawn: inherit mounts from real root, don't propagate mounts to real root 2012-08-13 15:23:10 +02:00
Shawn Landden
0d0f0c50d3 log.h: new log_oom() -> int -ENOMEM, use it 
also a number of minor fixups and bug fixes: spelling, oom errors
that didn't print errors, not properly forwarding error codes,
few more consistency issues, et cetera
 2012-07-26 11:48:26 +02:00
Shawn Landden
669241a076 use "Out of memory." consistantly (or with "\n") 
glibc/glib both use "out of memory" consistantly so maybe we should
consider that instead of this.

Eliminates one string out of a number of binaries. Also fixes extra newline
in udev/scsi_id
 2012-07-25 11:23:57 +02:00
Lennart Poettering
db7feb7e9c nspawn: generate proper error messages in the child 2012-07-19 02:03:42 +02:00
Lennart Poettering
57fb9fb56d nspawn: introduce new --link-journal= switch to link container journals into host 2012-07-19 02:02:39 +02:00
Lennart Poettering
d05c5031ad unit: introduce %s specifier for the user shell 2012-07-16 12:34:54 +02:00
Lennart Poettering
5076f0ccfd nspawn: introduce new --capabilities= flag and make use of it in the nspawn test case 2012-06-28 14:05:16 +02:00
Kay Sievers
d2e54fae5c mkdir: append _label to all mkdir() calls that explicitly set the selinux context 2012-05-31 12:40:20 +02:00
Lennart Poettering
ec8927ca59 main: add configuration option to alter capability bounding set for PID 1 
This also ensures that caps dropped from the bounding set are also
dropped from the inheritable set, to be extra-secure. Usually that should
change very little though as the inheritable set is empty for all our uses
anyway.
 2012-05-24 04:00:56 +02:00
Kay Sievers
9eb977db5b util: split-out path-util.[ch] 2012-05-08 02:33:10 +02:00
Lennart Poettering
bc2f673ec2 nspawn: add --read-only switch 2012-04-25 15:11:20 +02:00
Lennart Poettering
2547bb414c nspawn: bind mount /etc/resolv.conf from the host by default 2012-04-25 15:08:00 +02:00
Lennart Poettering
144f0fc0c8 nspawn: add --uuid= switch to allow setting the machine id for the container 2012-04-22 14:48:21 +02:00
Lennart Poettering
0f0dbc46cc nspawn: add -b switch to automatically look for an init binary 2012-04-22 14:11:32 +02:00
Lennart Poettering
3a74cea5e4 nspawn: be more careful when initializing the hostname from the directory name 2012-04-22 01:01:22 +02:00
Lennart Poettering
f1e5dfe2c0 nspawn: make /dev/kmsg unavailable in the container, but allow access to /proc/kmsg 2012-04-22 00:32:53 +02:00
Kay Sievers
4d46fec56d remove MS_* which can not be combined with current kernel code 
MS_BIND|MS_MOVE can not be combined:
  do_mount()
    else if (flags & MS_BIND)
      do_loopback(&path, dev_name, flags & MS_REC);
    [...]
    else if (flags & MS_MOVE)
      do_move_mount(&path, dev_name);

MS_REMOUNT|MS_UNBINDABLE can not be combined:
  do_mount()
    if (flags & MS_REMOUNT)
      do_remount(&path, flags & ~MS_REMOUNT, mnt_flags, data_page);
    [...]
    else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
      do_change_type(&path, flags);
 2012-04-18 13:37:45 +02:00
Lennart Poettering
b562f5a57d build-sys: add stub makefiles to all subdirs to ease development with emacs 2012-04-13 21:37:59 +02:00
Lennart Poettering
9537eab070 nspawn: add missing include lines 2012-04-13 21:37:59 +02:00
Lennart Poettering
e58a12770c nspawn: fake /dev/kmsg and /proc/kmsg as fifo 2012-04-13 18:52:52 +02:00
Kay Sievers
dce818b390 move all tools to subdirs 2012-04-12 17:54:42 +02:00