picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
35222 commits 2 branches 0 tags 166 MiB
Commit graph

815 commits

Author SHA1 Message Date
Lennart Poettering 5076f0ccfd nspawn: introduce new --capabilities= flag and make use of it in the nspawn test case 2012-06-28 14:05:16 +02:00
Kay Sievers d2e54fae5c mkdir: append _label to all mkdir() calls that explicitly set the selinux context 2012-05-31 12:40:20 +02:00
Lennart Poettering ec8927ca59 main: add configuration option to alter capability bounding set for PID 1 
This also ensures that caps dropped from the bounding set are also
dropped from the inheritable set, to be extra-secure. Usually that should
change very little though as the inheritable set is empty for all our uses
anyway.
 2012-05-24 04:00:56 +02:00
Kay Sievers 9eb977db5b util: split-out path-util.[ch] 2012-05-08 02:33:10 +02:00
Lennart Poettering bc2f673ec2 nspawn: add --read-only switch 2012-04-25 15:11:20 +02:00
Lennart Poettering 2547bb414c nspawn: bind mount /etc/resolv.conf from the host by default 2012-04-25 15:08:00 +02:00
Lennart Poettering 144f0fc0c8 nspawn: add --uuid= switch to allow setting the machine id for the container 2012-04-22 14:48:21 +02:00
Lennart Poettering 0f0dbc46cc nspawn: add -b switch to automatically look for an init binary 2012-04-22 14:11:32 +02:00
Lennart Poettering 3a74cea5e4 nspawn: be more careful when initializing the hostname from the directory name 2012-04-22 01:01:22 +02:00
Lennart Poettering f1e5dfe2c0 nspawn: make /dev/kmsg unavailable in the container, but allow access to /proc/kmsg 2012-04-22 00:32:53 +02:00
Kay Sievers 4d46fec56d remove MS_* which can not be combined with current kernel code 
MS_BIND|MS_MOVE can not be combined:
  do_mount()
    else if (flags & MS_BIND)
      do_loopback(&path, dev_name, flags & MS_REC);
    [...]
    else if (flags & MS_MOVE)
      do_move_mount(&path, dev_name);

MS_REMOUNT|MS_UNBINDABLE can not be combined:
  do_mount()
    if (flags & MS_REMOUNT)
      do_remount(&path, flags & ~MS_REMOUNT, mnt_flags, data_page);
    [...]
    else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
      do_change_type(&path, flags);
 2012-04-18 13:37:45 +02:00
Lennart Poettering b562f5a57d build-sys: add stub makefiles to all subdirs to ease development with emacs 2012-04-13 21:37:59 +02:00
Lennart Poettering 9537eab070 nspawn: add missing include lines 2012-04-13 21:37:59 +02:00
Lennart Poettering e58a12770c nspawn: fake /dev/kmsg and /proc/kmsg as fifo 2012-04-13 18:52:52 +02:00
Kay Sievers dce818b390 move all tools to subdirs 2012-04-12 17:54:42 +02:00