shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-02 02:21:44 +03:00
Code
The systemd System and Service Manager
26,171 Commits 4 Branches 390 Tags 560 MiB
C 88.9%
Python 5.3%
Shell 4.4%
Meson 1.2%
54a17e01de
Go to file
Lennart Poettering 54a17e01de nspawn: lock down system call filter a bit 
Let's block access to the kernel keyring and a number of obsolete system calls.
Also, update list of syscalls that may alter the system clock, and do raw IO
access. Filter ptrace() if CAP_SYS_PTRACE is not passed to the container and
acct() if CAP_SYS_PACCT is not passed.

This also changes things so that kexec(), some profiling calls, the swap calls
and quotactl() is never available to containers, not even if CAP_SYS_ADMIN is
passed. After all we currently permit CAP_SYS_ADMIN to containers by default,
but these calls should not be available, even then.
2016-06-13 16:25:54 +02:00
.github Add RELEASE.md file which lists the steps needed for release 2016-06-12 22:23:57 -04:00
catalog l10n: update belarusian translation (#3482) 2016-06-10 12:36:10 +02:00
coccinelle tree-wide: remove useless NULLs from strjoina 2016-04-13 08:56:44 -04:00
docs docs: add .gitignore 2015-07-06 17:47:38 +02:00
factory/etc factory: remove broken pam_limits 2014-07-30 15:21:54 +02:00
hwdb hwdb: change the Logitech MX500 to 1100 dpi (#3517) 2016-06-12 20:52:48 -04:00
m4 build-sys: Perform flag tests in context to existing flags 2016-02-06 14:57:46 +01:00
man core: improve seccomp syscall grouping a bit 2016-06-13 16:25:54 +02:00
network network: allow LLDP packets to cross non-customer bridges for container network interfaces 2016-05-09 15:45:31 +02:00
po l10n: update belarusian translation (#3482) 2016-06-10 12:36:10 +02:00
rules rules: block - add scm block devices to whitelist (#3494) 2016-06-10 15:19:26 +02:00
shell-completion machinectl: Added stop as alias for poweroff (#3406) 2016-06-06 17:06:20 +02:00
src nspawn: lock down system call filter a bit 2016-06-13 16:25:54 +02:00
sysctl.d coredump: honour RLIMIT_CORE when saving/processing coredumps 2016-02-10 16:08:32 +01:00
system-preset preset: enable machines.target by default 2014-12-29 17:36:57 +01:00
sysusers.d remove bus-proxyd 2016-02-12 19:10:01 +01:00
test networkd: rename IPv6AcceptRouterAdvertisements to IPv6AcceptRA 2016-06-07 11:24:30 +02:00
tmpfiles.d tmpfiles: don't set the x bit for volatile system journal when ACL support is enabled (#3079) 2016-05-03 19:29:11 -04:00
tools Remove systemd-bootchart 2016-02-23 13:30:09 +01:00
units units: tighten system call filters a bit 2016-06-13 16:25:54 +02:00
xorg login: support user-bus on dbus1 2015-08-31 18:12:37 +02:00
.dir-locals.el editors: only extend line width to 119 for C and XML files 2016-02-10 12:29:32 +01:00
.editorconfig editors: only extend line width to 119 for C and XML files 2016-02-10 12:29:32 +01:00
.gitattributes git: indicate that tabs are never OK in the systemd tree 2013-10-30 02:25:38 +01:00
.gitignore Trivial network cleanup (#3196) 2016-05-05 11:15:46 +02:00
.mailmap NEWS: add more stuff, and reorder things a bit 2015-11-13 13:59:50 +01:00
.travis.yml remove gudev and gtk-doc 2015-06-03 00:22:53 +02:00
.vimrc vimrc: fix indentation logic for our docbook xml files 2016-04-29 12:23:34 +02:00
.ycm_extra_conf.py ycm: update flag blacklist 2014-06-04 15:41:10 -04:00
autogen.sh build-sys: drop libsystemd-{id128,daemon,login,journal}.so compat libs 2016-02-13 11:57:14 +01:00
CODING_STYLE Two CODING_STYLE additions 2016-06-06 19:02:33 +02:00
configure.ac build-sys: bump so version 2016-05-21 18:31:29 -04:00
DISTRO_PORTING build-sys: warn if people don't change the default NTP servers when building systemd 2015-07-11 14:24:29 -03:00
LICENSE.GPL2
LICENSE.LGPL2.1
Makefile-man.am man: document the new by-fd journal calls 2016-04-25 19:29:01 +02:00
Makefile.am networkd: add support to configure VLAN on bridge ports 2016-06-10 09:10:41 +02:00
NEWS tests: introduce UNIFIED_CGROUP_HIERARCHY (#3419) 2016-06-03 11:17:00 +02:00
README README: document that we only support util-linux built with --enable-libmount-force-mountinfo 2016-04-12 13:43:33 +02:00
README.md github: CONTRIBUTING.md moved, let's fix the link to it 2016-02-22 23:23:06 +01:00
TODO update TODO 2016-06-13 16:25:54 +02:00

README.md

systemd - System and Service Manager

Build Status
Coverity Scan Status

Details

General information about systemd can be found in the systemd Wiki.

Information about build requirements are provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.