1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-12 15:21:19 +03:00
systemd/units
Lennart Poettering b242faae06 units: add more caps to machined
Otherwise copying full directory trees between container and host won't
work, as we cannot access some fiels and cannot adjust the ownership
properly on the destination.

Of course, adding these many caps to the daemon kinda defeats the
purpose of the caps lock-down... but well...

Fixes #433
2015-07-27 17:45:45 +02:00
..
user bus-proxy: turn into multi-threaded daemon 2015-01-17 14:00:19 +01:00
.gitignore units: make networkd pull in its own .busname unit 2015-05-15 22:59:43 +02:00
basic.target units: explicitly require /var, /tmp and /var/tmp to be mounted before basic.target 2015-04-03 14:32:32 +02:00
bluetooth.target
busnames.target units: install busnames.target by default 2013-12-03 01:18:26 +01:00
console-getty.service.m4.in console-getty.service: don't start when /dev/console is missing 2015-03-17 12:40:56 +01:00
console-shell.service.m4.in build-sys: lookup for sulogin, it might not be in /sbin 2015-01-23 19:09:37 +01:00
container-getty@.service.m4.in units: fix all TTY paths for container gettys 2015-01-27 14:31:44 +01:00
cryptsetup-pre.target cryptsetup: introduce new cryptsetup-pre.traget unit so that services can make sure they are started before and stopped after any LUKS setup 2014-06-18 00:09:46 +02:00
cryptsetup.target
debug-shell.service.in debug-shell: add condition for tty device to run on 2014-06-12 22:26:43 +02:00
dev-hugepages.mount units: skip mounting /dev/hugepages if we don't have CAP_SYS_ADMIN 2014-12-04 02:43:02 +01:00
dev-mqueue.mount units: add reference to new wiki page to all api mount units 2013-01-15 18:14:13 +01:00
emergency.service.in units: emergency.service: wait for plymouth to shut down 2015-07-10 05:43:52 +02:00
emergency.target
final.target
getty.target
getty@.service.m4 install: introduce new DefaultInstance= field for [Install] sections 2014-06-17 02:43:43 +02:00
graphical.target units: make graphical.target dependencies more complete and similar to those of multi-user.target 2014-12-29 17:00:05 +01:00
halt-local.service.in
halt.target
hibernate.target
hybrid-sleep.target
initrd-cleanup.service.in core: replace OnFailureIsolate= setting by a more generic OnFailureJobMode= setting and make use of it where applicable 2013-11-26 02:26:31 +01:00
initrd-fs.target core: replace OnFailureIsolate= setting by a more generic OnFailureJobMode= setting and make use of it where applicable 2013-11-26 02:26:31 +01:00
initrd-parse-etc.service.in initrd-parse-etc.service: ignore return code of daemon-reload 2014-09-03 13:28:31 +02:00
initrd-root-fs.target core: replace OnFailureIsolate= setting by a more generic OnFailureJobMode= setting and make use of it where applicable 2013-11-26 02:26:31 +01:00
initrd-switch-root.service.in core: replace OnFailureIsolate= setting by a more generic OnFailureJobMode= setting and make use of it where applicable 2013-11-26 02:26:31 +01:00
initrd-switch-root.target Make initrd.target the default target in the initrd 2013-03-15 00:49:37 +01:00
initrd-udevadm-cleanup-db.service.in Move udevadm to rootbindir 2013-03-11 07:18:33 +01:00
initrd.target core: replace OnFailureIsolate= setting by a more generic OnFailureJobMode= setting and make use of it where applicable 2013-11-26 02:26:31 +01:00
kexec.target
kmod-static-nodes.service.in units: conditionalize static device node logic on CAP_SYS_MODULES instead of CAP_MKNOD 2014-07-04 03:24:41 +02:00
ldconfig.service readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
local-fs-pre.target units: disallow manual starting of passive units 2013-03-26 15:15:39 +01:00
local-fs.target units: local-fs.target - don't pull in default dependencies 2014-06-29 16:20:33 +02:00
machine.slice logind: add infrastructure to keep track of machines, and move to slices 2013-06-20 03:49:59 +02:00
machines.target units: rework systemd-nspawn@.service unit 2014-12-29 17:00:05 +01:00
Makefile
multi-user.target units: drop [Install] section from multi-user.target and graphical.target 2014-01-17 20:27:35 +01:00
network-online.target units: order network-online.target after network.target 2014-06-11 15:00:45 +02:00
network-pre.target units: introduce network-pre.target as place to hook in firewalls 2014-06-11 12:14:55 +02:00
network.target units: introduce network-pre.target as place to hook in firewalls 2014-06-11 12:14:55 +02:00
nss-lookup.target units: disallow manual starting of passive units 2013-03-26 15:15:39 +01:00
nss-user-lookup.target units: disallow manual starting of passive units 2013-03-26 15:15:39 +01:00
org.freedesktop.hostname1.busname units: remove "AllowUser=root own", the bus owner can always own names 2014-03-08 19:38:06 +01:00
org.freedesktop.import1.busname import: introduce new mini-daemon systemd-importd, and make machinectl a client to it 2015-01-22 04:02:07 +01:00
org.freedesktop.locale1.busname units: remove "AllowUser=root own", the bus owner can always own names 2014-03-08 19:38:06 +01:00
org.freedesktop.login1.busname units: remove "AllowUser=root own", the bus owner can always own names 2014-03-08 19:38:06 +01:00
org.freedesktop.machine1.busname units: remove "AllowUser=root own", the bus owner can always own names 2014-03-08 19:38:06 +01:00
org.freedesktop.network1.busname units: networkd - fix busname to work on kdbus 2015-02-06 12:12:13 +01:00
org.freedesktop.resolve1.busname units: make resolved pull in its own .busname unit, but only on kdbus systems 2015-01-07 23:44:08 +01:00
org.freedesktop.systemd1.busname units: improve Description= for systemd's own busname unit 2015-01-07 23:44:08 +01:00
org.freedesktop.timedate1.busname units: remove "AllowUser=root own", the bus owner can always own names 2014-03-08 19:38:06 +01:00
paths.target units: introduce new timers.target and paths.target to hook timer/path units into for boot 2013-03-25 21:28:30 +01:00
poweroff.target units: restore job timeouts for poweroff and reboot 2014-11-06 08:17:45 -05:00
printer.target
proc-sys-fs-binfmt_misc.automount units: add reference to new wiki page to all api mount units 2013-01-15 18:14:13 +01:00
proc-sys-fs-binfmt_misc.mount units: add reference to new wiki page to all api mount units 2013-01-15 18:14:13 +01:00
quotaon.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
rc-local.service.in rc-local: drop SysVStartPriority= field which is now obsolete 2014-12-02 13:23:04 +01:00
reboot.target units: restore job timeouts for poweroff and reboot 2014-11-06 08:17:45 -05:00
remote-fs-pre.target units: disallow manual starting of passive units 2013-03-26 15:15:39 +01:00
remote-fs.target filesystem targets: disable default dependencies 2013-09-11 14:40:58 +02:00
rescue.service.in Use "new" --job-mode= option in more places 2015-05-18 01:08:09 -04:00
rescue.target
rpcbind.target units: disallow manual starting of passive units 2013-03-26 15:15:39 +01:00
serial-getty@.service.m4 units/serial-getty@.service: use the default RestartSec 2014-07-15 23:51:10 -04:00
shutdown.target
sigpwr.target
sleep.target
slices.target core: general cgroup rework 2013-06-27 04:17:34 +02:00
smartcard.target
sockets.target
sound.target
suspend.target
swap.target
sys-fs-fuse-connections.mount units: add reference to new wiki page to all api mount units 2013-01-15 18:14:13 +01:00
sys-kernel-config.mount units: conditionalize configfs and debugfs with CAP_SYS_RAWIO 2014-07-04 03:24:42 +02:00
sys-kernel-debug.mount units: conditionalize configfs and debugfs with CAP_SYS_RAWIO 2014-07-04 03:24:42 +02:00
sysinit.target units: remove RefuseManualStart from units which are always around 2014-06-28 00:06:30 -04:00
syslog.socket service: ignore dependencies on $syslog and $local_fs in LSB scripts 2013-01-16 21:34:09 +01:00
system-update.target readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
system.slice core: general cgroup rework 2013-06-27 04:17:34 +02:00
systemd-ask-password-console.path units: introduce new timers.target and paths.target to hook timer/path units into for boot 2013-03-25 21:28:30 +01:00
systemd-ask-password-console.service.in units: run systemd-ask-password-console.service after systemd-vconsole-setup.service 2013-03-06 15:39:37 +01:00
systemd-ask-password-wall.path units: introduce new timers.target and paths.target to hook timer/path units into for boot 2013-03-25 21:28:30 +01:00
systemd-ask-password-wall.service.in
systemd-backlight@.service.in units: so far we defaulted to 90s as default timeout for most things, let's do so for our oneshot services too 2015-02-02 21:34:32 +01:00
systemd-binfmt.service.in units: specify timeouts for more oneshot services 2015-04-28 08:52:17 -04:00
systemd-bootchart.service.in bootchart: add standalone bootchart service 2014-12-04 01:55:01 +01:00
systemd-bus-proxyd.service.m4.in bus-proxy: turn into multi-threaded daemon 2015-01-17 14:00:19 +01:00
systemd-bus-proxyd.socket bus-proxy: turn into multi-threaded daemon 2015-01-17 14:00:19 +01:00
systemd-firstboot.service.in units: run firstboot before sysusers, so that firstboot can initialize the root password 2014-10-23 01:24:59 +02:00
systemd-fsck-root.service.in fsck: remove fsckd again, but keep the door open for external replacement 2015-04-28 17:30:00 +02:00
systemd-fsck@.service.in fsck: remove fsckd again, but keep the door open for external replacement 2015-04-28 17:30:00 +02:00
systemd-halt.service.in
systemd-hibernate-resume@.service.in systemd-hibernate-resume@.service: remove unnecessary ordering 2014-10-09 23:53:15 -04:00
systemd-hibernate.service.in
systemd-hostnamed.service.in Revert "units: add SecureBits" 2015-02-11 18:28:06 +01:00
systemd-hwdb-update.service.in Revert "hwdb: actually search /run/udev/hwdb.d" 2015-06-09 11:26:06 +02:00
systemd-hybrid-sleep.service.in
systemd-importd.service.in units: set KillMode=mixed for our daemons that fork worker processes 2015-04-24 16:14:46 +02:00
systemd-initctl.service.in
systemd-initctl.socket initctl: move /dev/initctl fifo into /run, replace it by symlink 2014-06-04 16:53:58 +02:00
systemd-journal-catalog-update.service.in units: so far we defaulted to 90s as default timeout for most things, let's do so for our oneshot services too 2015-02-02 21:34:32 +01:00
systemd-journal-flush.service.in units: so far we defaulted to 90s as default timeout for most things, let's do so for our oneshot services too 2015-02-02 21:34:32 +01:00
systemd-journal-gatewayd.service.in Revert "units: add SecureBits" 2015-02-11 18:28:06 +01:00
systemd-journal-gatewayd.socket
systemd-journal-remote.service.in Revert "units: add SecureBits" 2015-02-11 18:28:06 +01:00
systemd-journal-remote.socket journal-remote: add units and read certs from default locations 2014-07-15 22:23:49 -04:00
systemd-journal-upload.service.in Revert "units: add SecureBits" 2015-02-11 18:28:06 +01:00
systemd-journald-audit.socket units: conditionalize audit multicast socket on CAP_AUDIT_READ 2015-05-20 17:40:05 +02:00
systemd-journald-dev-log.socket journald: also increase the SendBuffer of /dev/log to 8M 2014-08-13 18:53:05 +02:00
systemd-journald.service.in Revert "units: add SecureBits" 2015-02-11 18:28:06 +01:00
systemd-journald.socket journald: move /dev/log socket to /run 2014-06-04 16:53:58 +02:00
systemd-kexec.service.in
systemd-localed.service.in Revert "units: add SecureBits" 2015-02-11 18:28:06 +01:00
systemd-logind.service.in Revert "units: add SecureBits" 2015-02-11 18:28:06 +01:00
systemd-machine-id-commit.service.in units: specify timeouts for more oneshot services 2015-04-28 08:52:17 -04:00
systemd-machined.service.in units: add more caps to machined 2015-07-27 17:45:45 +02:00
systemd-modules-load.service.in units: specify timeouts for more oneshot services 2015-04-28 08:52:17 -04:00
systemd-networkd-wait-online.service.in units: networkd - don't order wait-online.service before network.target 2014-06-30 13:06:33 +02:00
systemd-networkd.service.m4.in units: order networkd after sysctl 2015-07-23 21:04:58 +02:00
systemd-networkd.socket units: fix systemd-networkd.service in containers lacking CAP_NET_ADMIN 2015-02-13 14:30:05 +01:00
systemd-nspawn@.service.in units: make sure systemd-nspawn@.slice instances are actually located in machine.slice 2015-05-19 19:49:01 +02:00
systemd-poweroff.service.in
systemd-quotacheck.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
systemd-random-seed.service.in units: specify timeouts for more oneshot services 2015-04-28 08:52:17 -04:00
systemd-reboot.service.in
systemd-remount-fs.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
systemd-resolved.service.m4.in turn kdbus support into a runtime option 2015-06-17 18:01:49 +02:00
systemd-rfkill@.service.in units: specify timeouts for more oneshot services 2015-04-28 08:52:17 -04:00
systemd-suspend.service.in
systemd-sysctl.service.in units: specify timeouts for more oneshot services 2015-04-28 08:52:17 -04:00
systemd-sysusers.service.in units: specify timeouts for more oneshot services 2015-04-28 08:52:17 -04:00
systemd-timedated.service.in Revert "units: add SecureBits" 2015-02-11 18:28:06 +01:00
systemd-timesyncd.service.in timesyncd: enable timesyncd in virtual machines 2015-03-15 19:44:59 +01:00
systemd-tmpfiles-clean.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
systemd-tmpfiles-clean.timer man: link systemd-tmpfiles-setup-dev.service 2013-04-23 12:55:44 +02:00
systemd-tmpfiles-setup-dev.service.in units: tmpfiles-setup-dev - allow unsafe file creation to happen in /dev at boot 2014-10-27 17:40:24 +01:00
systemd-tmpfiles-setup.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
systemd-udev-settle.service.in udev: replace CAP_MKNOD by writable /sys condition 2013-08-17 19:07:42 +02:00
systemd-udev-trigger.service.in units: move After=systemd-hwdb-update.service dependency from udev to udev-trigger 2015-04-03 14:27:16 +02:00
systemd-udevd-control.socket udev: replace CAP_MKNOD by writable /sys condition 2013-08-17 19:07:42 +02:00
systemd-udevd-kernel.socket units: make ReceiveBuffer= line more readable by using M suffix 2014-11-03 21:51:28 +01:00
systemd-udevd.service.in udevd: hook up watchdog support 2015-05-29 18:52:13 +02:00
systemd-update-done.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
systemd-update-utmp-runlevel.service.in utmp: turn systemd-update-utmp-shutdown.service into a normal runtime service 2013-05-16 00:19:03 +02:00
systemd-update-utmp.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
systemd-user-sessions.service.in units: explicitly order systemd-user-sessions.service after nss-user-lookup.target 2015-04-03 14:31:35 +02:00
systemd-vconsole-setup.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
time-sync.target units: time-sync.target probably makes sense, is not just sysv compat 2014-06-11 12:14:55 +02:00
timers.target unit: do not order timers.target before basic.target 2014-11-02 12:33:54 -05:00
tmp.mount units: skip mounting /tmp if it is a symlink 2014-06-30 22:49:10 +02:00
umount.target
user.slice logind: add infrastructure to keep track of machines, and move to slices 2013-06-20 03:49:59 +02:00
user@.service.m4.in build-sys: remove commented-out m4 from user@.service 2014-12-14 12:54:16 -05:00
var-lib-machines.mount units: add missing unit file 2015-02-24 18:46:49 +01:00
x-.slice build-sys: work around automake issue with files with a leading '-' 2013-07-02 23:15:49 -04:00