Lennart Poettering
bff8f2543b
units: set LockPersonality= for all our long-running services ( #6819 )
...
Let's lock things down. Also, using it is the only way how to properly
test this to the fullest extent.
2017-09-14 19:45:40 +02:00
Lennart Poettering
635f3df5dc
units: make use of the new !! ExecStart= prefix in systemd-resolved.service
...
Let's make use of !! to run resolved with ambient capabilities on
systems supporting them.
2017-08-10 15:04:32 +02:00
Yu Watanabe
4429c69f8d
units: do not perform m4 if not necessary ( #6575 )
2017-08-09 09:13:41 -04:00
Dimitri John Ledkov
defa8e675b
resolved: Do not add .busname dependencies, when compiling without kdbus.
2015-03-19 17:27:39 +01:00
Lennart Poettering
a24111cea6
Revert "units: add SecureBits"
...
This reverts commit 6a716208b3
.
Apparently this doesn't work.
http://lists.freedesktop.org/archives/systemd-devel/2015-February/028212.html
2015-02-11 18:28:06 +01:00
Topi Miettinen
6a716208b3
units: add SecureBits
...
No setuid programs are expected to be executed, so add
SecureBits=noroot noroot-locked
to unit files.
2015-02-11 17:33:36 +01:00
Lennart Poettering
0ef403877a
units: turn on watchdog for resolved
2015-01-27 14:31:44 +01:00
Lennart Poettering
78ad7cf1b9
units: make resolved pull in its own .busname unit, but only on kdbus systems
...
The daemon requires the busname unit to operate, since it contains the
policy that allows it to acquire its service name.
2015-01-07 23:44:08 +01:00
Lennart Poettering
1b8689f949
core: rename ReadOnlySystem= to ProtectSystem= and add a third value for also mounting /etc read-only
...
Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit.
With this in place we now have two neat options ProtectSystem= and
ProtectHome= for protecting the OS itself (and optionally its
configuration), and for protecting the user's data.
2014-06-04 18:12:55 +02:00
Lennart Poettering
417116f234
core: add new ReadOnlySystem= and ProtectedHome= settings for service units
...
ReadOnlySystem= uses fs namespaces to mount /usr and /boot read-only for
a service.
ProtectedHome= uses fs namespaces to mount /home and /run/user
inaccessible or read-only for a service.
This patch also enables these settings for all our long-running services.
Together they should be good building block for a minimal service
sandbox, removing the ability for services to modify the operating
system or access the user's private data.
2014-06-03 23:57:51 +02:00
Tom Gundersen
682265d5e2
resolved: run as unpriviliged "systemd-resolve" user
...
This service is not yet network facing, but let's prepare nonetheless.
Currently all caps are dropped, but some may need to be kept in the
future.
2014-06-03 10:40:28 +02:00
Tom Gundersen
091a364c80
resolved: add daemon to manage resolv.conf
...
Also remove the equivalent functionality from networkd.
2014-05-19 18:14:56 +02:00