mirror of
https://github.com/systemd/systemd.git
synced 2024-11-08 11:27:32 +03:00
The systemd System and Service Manager
d8fc6a000f
This way we can hide things like /sys/firmware or /sys/hypervisor from the container, while keeping the device tree around. While this is a security benefit in itself it also allows us to fix issue #1277. Previously we'd mount /sys before creating the user namespace, in order to be able to mount /sys/fs/cgroup/* beneath it (which resides in it), which we can only mount outside of the user namespace. To ensure that the user namespace owns the network namespace we'd set up the network namespace at the same time as the user namespace. Thus, we'd still see the /sys/class/net/ from the originating network namespace, even though we are in our own network namespace now. With this patch, /sys is mounted before transitioning into the user namespace as tmpfs, so that we can also mount /sys/fs/cgroup/* into it this early. The directories such as /sys/class/ are then later added in from the real sysfs from inside the network and user namespace so that they actually show whatis available in it. Fixes #1277 |
||
|---|---|---|
| catalog | ||
| coccinelle | ||
| docs | ||
| factory/etc | ||
| hwdb | ||
| m4 | ||
| man | ||
| network | ||
| po | ||
| rules | ||
| shell-completion | ||
| src | ||
| sysctl.d | ||
| system-preset | ||
| sysusers.d | ||
| test | ||
| tmpfiles.d | ||
| tools | ||
| units | ||
| xorg | ||
| .dir-locals.el | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| .travis.yml | ||
| .vimrc | ||
| .ycm_extra_conf.py | ||
| autogen.sh | ||
| CODING_STYLE | ||
| configure.ac | ||
| DISTRO_PORTING | ||
| LICENSE.GPL2 | ||
| LICENSE.LGPL2.1 | ||
| Makefile-man.am | ||
| Makefile.am | ||
| NEWS | ||
| README | ||
| README.md | ||
| TODO | ||
systemd - System and Service Manager
Details
- General information about systemd can be found in the systemd Wiki
- Information about build requirements are provided in the README file