mirror of https://github.com/systemd/systemd.git synced 2025-01-11 09:18:07 +03:00

The systemd System and Service Manager

Go to file

Franck Bui 10ce2e0681 socket-util: attempt SO_RCVBUFFORCE/SO_SNDBUFFORCE only if SO_RCVBUF/SO_SNDBUF fails Both SO_SNDBUFFORCE and SO_RCVBUFFORCE requires capability 'net_admin'. If this capability is not granted to the service the first attempt to increase the recv/snd buffers (via sd_notify()) with SO_RCVBUFFORCE/SO_SNDBUFFORCE will fail, even if the requested size is lower than the limit enforced by the kernel. If apparmor is used, the DENIED logs for net_admin will show up. These log entries are seen as red warning light, because they could indicate that a program has been hacked and tries to compromise the system. It would be nicer if they can be avoided without giving services (relying on sd_notify) net_admin capability or dropping DENIED logs for all such services via their apparmor profile. I'm not sure if sd_notify really needs to forcibly increase the buffer sizes, but at least if the requested size is below the kernel limit, the capability (hence the log entries) should be avoided. Hence let's first ask politely for increasing the buffers and only if it fails then ignore the kernel limit if we have sufficient privileges.		2018-09-14 13:00:38 +02:00
.github/ISSUE_TEMPLATE	docs: move markdown docs from .github/ to docs/	2018-09-08 13:39:03 -07:00
.mkosi	mkosi: add mkosi snippet for ubuntu, too	2018-06-14 17:44:20 +02:00
catalog	test: make test-catalog relocatable	2018-09-11 09:19:36 +09:00
coccinelle	tree-wide: drop !! casts to booleans	2018-06-13 10:52:40 +02:00
docs	Set theme jekyll-theme-slate	2018-09-12 11:51:27 +02:00
factory/etc	factory: remove broken pam_limits	2014-07-30 15:21:54 +02:00
hwdb	hwdb: Update PNP IDs of Goldstar (now: LG Electronics). (#10051 )	2018-09-11 00:35:30 +02:00
man	man: fix typo (#10084 )	2018-09-14 16:04:10 +09:00
modprobe.d	Add SPDX license headers to various assorted files	2017-11-19 19:08:15 +01:00
network	Drop my copyright headers	2018-06-14 13:03:20 +02:00
po	po: update Brazilian Portuguese translation	2018-09-07 19:37:55 +02:00
presets	Drop my copyright headers	2018-06-14 13:03:20 +02:00
rules	don't ignore zd* block devices	2018-08-27 14:13:25 +02:00
shell-completion	bash-completion: systemctl: re-implement __filter_units_by_properties()	2018-09-12 14:17:22 +09:00
src	socket-util: attempt SO_RCVBUFFORCE/SO_SNDBUFFORCE only if SO_RCVBUF/SO_SNDBUF fails	2018-09-14 13:00:38 +02:00
sysctl.d	Revert "sysctl.d: request ECN on both in and outgoing connections"	2018-08-20 09:37:41 +02:00
sysusers.d	sysusers,tmpfiles: re-create systemd-network, systemd-resolve and systemd-timesync	2018-07-16 17:11:50 +02:00
test	tests: add reproducers for several issues uncovered with fuzz-journald-syslog	2018-09-03 14:07:44 +02:00
tmpfiles.d	sysusers,tmpfiles: re-create systemd-network, systemd-resolve and systemd-timesync	2018-07-16 17:11:50 +02:00
tools	tools: use print function in Python 3 code	2018-08-27 14:22:32 +02:00
travis-ci	travis: use Fedora 27 as a base image	2018-06-05 12:03:18 +03:00
units	user-runtime-dir@.service: don't stop on runlevel switch (#10079 )	2018-09-14 12:11:57 +09:00
xorg	login: avoid external process call	2018-01-12 18:02:57 +01:00
.dir-locals.el	make dir-locals work again with emacs 26.1	2018-07-23 20:00:48 +02:00
.editorconfig	editorconfig: add rule for meson.build files (#6671 )	2017-08-28 16:37:23 +02:00
.gitattributes	git: indicate that tabs are never OK in the systemd tree	2013-10-30 02:25:38 +01:00
.gitignore	gitignore: add nspawn image lock and mkosi temporary files	2018-09-07 20:00:22 +02:00
.lgtm.yml	LGTM: make LGTM.com use meson from pip	2018-07-24 01:37:47 +09:00
.mailmap	update NEWS contributors list again	2018-06-20 13:32:57 +02:00
.travis.yml	Merge pull request #9193 from keszybz/coverity	2018-06-14 09:59:58 +02:00
.vimrc	vimrc: fix indentation logic for our docbook xml files	2016-04-29 12:23:34 +02:00
.ycm_extra_conf.py	ycm: add doc string for all the functions in configuration file	2017-11-29 13:21:49 -07:00
configure	build-sys: add basic support for ./configure && make && make install	2017-07-18 10:05:06 -04:00
LICENSE.GPL2	relicense to LGPLv2.1 (with exceptions)	2012-04-12 00:24:39 +02:00
LICENSE.LGPL2.1	licence: remove references to old FSF address	2012-12-17 11:41:31 +01:00
Makefile	build-sys: Fix Makefile wrapper for install target (#6548 )	2017-08-07 11:29:20 +02:00
meson_options.txt	meson: rename -Ddebug to -Ddebug-extra	2018-08-20 16:10:57 -07:00
meson.build	test: use ${builddir}/systemd-runtest.env for $SYSTEMD_CATALOG_DIR	2018-09-12 09:49:03 -07:00
mkosi.build	tree-wide: remove Lennart's copyright lines	2018-06-14 10:20:20 +02:00
mkosi.default	mkosi: create .mkosi directory	2016-10-06 11:53:58 -04:00
NEWS	replace https://github.com/systemd/systemd/blob/master/doc/* with https://github.com/systemd/systemd/blob/master/docs/* to point to proper documentation	2018-09-13 22:12:38 +02:00
README	resolved: basic OpenSSL support for DNS-over-TLS	2018-07-27 21:23:17 +01:00
README.md	replace https://github.com/systemd/systemd/blob/master/doc/* with https://github.com/systemd/systemd/blob/master/docs/* to point to proper documentation	2018-09-13 22:12:38 +02:00
TODO	Merge pull request #9920 from yuwata/udev-cleanup-4	2018-09-14 10:05:59 +02:00
zanata.xml	po: add basic fedora.zanata.org configuration	2018-02-19 13:56:57 +01:00

README.md

systemd - System and Service Manager

Details

General information about systemd can be found in the systemd Wiki.

Information about build requirements are provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the HACKING file for information how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.

Stable branches with backported patches are available in the stable repo.