shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-03-24 14:50:17 +03:00
Code
42,189 Commits 4 Branches 403 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Torsten Hilbrich 7be830c6e8 nspawn: Allow Capability= to overrule private network setting 
The commit:

a3fc6b55ac nspawn: mask out CAP_NET_ADMIN again if settings file turns off private networking

turned off the CAP_NET_ADMIN capability whenever no private networking
feature was enabled. This broke configurations where the CAP_NET_ADMIN
capability was explicitly requested in the configuration.

Changing the order of evalution here to allow the Capability= setting
to overrule this implicit setting:

Order of evaluation:

1. if no private network setting is enabled, CAP_NET_ADMIN is removed
2. if a private network setting is enabled, CAP_NET_ADMIN is added
3. the settings of Capability= are added
4. the settings of DropCapability= are removed

This allows the fix for #11755 to be retained and to still allow the
admin to specify CAP_NET_ADMIN as additional capability.

Fixes: a3fc6b55acd3f37e50915304d87bed100efa9d9d
Fixes: #13995
2019-11-15 10:13:51 +01:00
.github
FUNDING: this needs to be yaml
2019-07-08 16:55:31 +02:00
.lgtm/cpp-queries
lgtm: complain about accept() [people should use accept4() instead, due to O_CLOEXEC]
2019-04-10 20:03:38 +02:00
.mkosi
mkosi: Find hostname command on Arch Linux
2019-11-01 13:34:41 +01:00
catalog
catalog: update Polish translation
2019-07-29 09:30:24 +02:00
coccinelle
tree-wide: use empty-to-root a bit more
2019-07-16 12:40:22 +02:00
docs
Allow overriding /etc/fstab with $SYSTEMD_FSTAB
2019-11-13 22:04:51 +01:00
factory/etc
factory: add default /etc/issue file
2019-07-24 08:57:23 +09:00
hwdb.d
hwdb: Mark Intel Sensor Hub's accel sensor on Vostro 5581 as being in the base
2019-11-12 00:30:46 +08:00
man
PrefixDelegationHint-section: typo
2019-11-15 07:57:32 +01:00
modprobe.d
Add SPDX license headers to various assorted files
2017-11-19 19:08:15 +01:00
network
network: install wifi-adhoc.network by default, make wifi-{ap,station} examples
2019-10-30 11:21:41 +01:00
po
po: update Polish translation
2019-10-26 17:17:30 +02:00
presets
Drop my copyright headers
2018-06-14 13:03:20 +02:00
rules.d
Rename udev's rules/ to rules.d/
2019-10-10 00:53:09 +01:00
semaphoreci
semaphore: turn on systemd-networkd in lxc-containers on Semaphore
2019-09-25 05:19:12 +00:00
shell-completion
core: add support for RestartKillSignal= to override signal used for restart jobs
2019-10-02 14:01:25 +02:00
src
nspawn: Allow Capability= to overrule private network setting
2019-11-15 10:13:51 +01:00
sysctl.d
sysctl: prefix ping port range setting with a dash
2019-07-26 09:26:07 +02:00
sysusers.d
sysusers,tmpfiles: re-create systemd-network, systemd-resolve and systemd-timesync
2018-07-16 17:11:50 +02:00
test
test: Disable LUKS devices from initramfs in QEMU tests
2019-11-13 19:55:18 -08:00
tmpfiles.d
Corect man page reference in systemd-nologin.conf comments
2019-09-24 09:48:03 +02:00
tools
coverity: replace python with jq
2019-10-30 09:17:04 +01:00
travis-ci
coverity: replace python with jq
2019-10-30 09:17:04 +01:00
units
meson: allow WatchdogSec= in services to be configured
2019-10-25 17:20:24 +02:00
xorg
scripts: use 4 space indentation
2019-04-12 08:30:31 +02:00
.ctags
editors: Prevent ctags from following symlinks
2019-02-15 11:01:20 -08:00
.dir-locals.el
scripts: use 4 space indentation
2019-04-12 08:30:31 +02:00
.editorconfig
scripts: use 4 space indentation
2019-04-12 08:30:31 +02:00
.gitattributes
git: indicate that tabs are never OK in the systemd tree
2013-10-30 02:25:38 +01:00
.gitignore
gitignore: add nspawn image lock and mkosi temporary files
2018-09-07 20:00:22 +02:00
.lgtm.yml
lgtm: use python3
2018-12-10 03:07:17 +09:00
.mailmap
mailmap: add entry to fix authorship of commit
2019-10-21 15:10:58 +02:00
.travis.yml
travis: skip the right stage
2019-09-07 22:01:16 +00:00
.vimrc
scripts: use 4 space indentation
2019-04-12 08:30:31 +02:00
.ycm_extra_conf.py
ycm: add doc string for all the functions in configuration file
2017-11-29 13:21:49 -07:00
azure-pipelines.yml
Free up some resources on Azure Pipelines
2019-07-17 13:28:38 +09:00
configure
build-sys: add basic support for ./configure && make && make install
2017-07-18 10:05:06 -04:00
fuzzbuzz.yaml
fuzzbuzz: rename fuzz.yaml to fuzzbuzz.yaml
2019-07-10 05:11:52 +03:00
LICENSE.GPL2
relicense to LGPLv2.1 (with exceptions)
2012-04-12 00:24:39 +02:00
LICENSE.LGPL2.1
licence: remove references to old FSF address
2012-12-17 11:41:31 +01:00
Makefile
build-sys: Fix Makefile wrapper for install target (#6548)
2017-08-07 11:29:20 +02:00
meson_options.txt
meson: make user $PATH configurable
2019-11-13 22:34:14 +01:00
meson.build
Merge pull request #14003 from keszybz/user-path-configurable
2019-11-14 10:08:40 +01:00
mkosi.build
mkosi: let's update the boot loader also in /efi
2019-03-01 12:41:32 +01:00
mkosi.default
mkosi: create .mkosi directory
2016-10-06 11:53:58 -04:00
NEWS
Merge pull request #13961 from mwilck/udev-no-exit-timeout
2019-11-13 08:56:49 +01:00
README
resolved: require at least version 3.6.0 of GnuTLS for DNS-over-TLS
2019-10-29 20:26:05 +01:00
README.md
add systemd logo to README.md
2019-10-30 23:22:07 +01:00
TODO
Merge pull request #14017 from poettering/analyze-calendar-tweaks
2019-11-13 20:20:10 +01:00
zanata.xml
po: add basic fedora.zanata.org configuration
2018-02-19 13:56:57 +01:00

README.md

systemd - System and Service Manager

systemd logo

Count of open issues over time Count of open pull requests over time Semaphore CI Build Status
Coverity Scan Status
Fuzzit Status
OSS-Fuzz Status
CII Best Practices
Travis CI Build Status
Language Grade: C/C++
CentOS CI Build Status
Build Status

Details

General information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.

Stable branches with backported patches are available in the stable repo.

Description
The systemd System and Service Manager
cinitlinuxservicessystemsystemd
Readme 567 MiB
Languages
C 89.2%
Python 5.3%
Shell 4.1%
Meson 1.2%