1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

9 Commits

Author SHA1 Message Date
Lennart Poettering
2e2b36084a bus-proxy: read the right policy when running in user mode 2014-06-10 17:56:51 +02:00
Lennart Poettering
1b8689f949 core: rename ReadOnlySystem= to ProtectSystem= and add a third value for also mounting /etc read-only
Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit.

With this in place we now have two neat options ProtectSystem= and
ProtectHome= for protecting the OS itself (and optionally its
configuration), and for protecting the user's data.
2014-06-04 18:12:55 +02:00
Lennart Poettering
6a010ac9e5 bus-proxy: drop priviliges if we can
Either become uid/gid of the client we have been forked for, or become
the "systemd-bus-proxy" user if the client was root. We retain
CAP_IPC_OWNER so that we can tell kdbus we are actually our own client.
2014-06-04 11:13:08 +02:00
Lennart Poettering
f21a71a907 core: enable PrivateNetwork= for a number of our long running services where this is useful 2014-03-19 23:25:28 +01:00
Lennart Poettering
d99a705296 units: make use of PrivateTmp=yes and PrivateDevices=yes for all our long-running daemons 2014-03-19 19:09:00 +01:00
Lennart Poettering
5326b03f30 units: limit caps for bus proxyd and driverd services 2013-12-23 20:37:00 +01:00
Lennart Poettering
0721804f03 bus: send status message from proxyd to systemd about client we are working for 2013-12-21 05:15:09 +01:00
Kay Sievers
eca7a27add bus: fix typo in systemd-bus-proxyd 2013-12-16 23:25:32 +01:00
Lennart Poettering
7c9a6f9063 bus: install systemd-bus-proxyd unit files for compatibility with dbus1 2013-12-13 20:49:57 +01:00