picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
Systemd/src/core
History
Ismo Puustinen 755d4b67a4 capabilities: added support for ambient capabilities. 
This patch adds support for ambient capabilities in service files. The
idea with ambient capabilities is that the execed processes can run with
non-root user and get some inherited capabilities, without having any
need to add the capabilities to the executable file.

You need at least Linux 4.3 to use ambient capabilities. SecureBit
keep-caps is automatically added when you use ambient capabilities and
wish to change the user.

An example system service file might look like this:

[Unit]
Description=Service for testing caps

[Service]
ExecStart=/usr/bin/sleep 10000
User=nobody
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW

After starting the service it has these capabilities:

CapInh: 0000000000003000
CapPrm: 0000000000003000
CapEff: 0000000000003000
CapBnd: 0000003fffffffff
CapAmb: 0000000000003000
2016-01-12 12:14:50 +02:00
..
.gitignore Move daemon-reload from package %post scripts to file triggers 2015-11-15 18:38:37 -05:00
audit-fd.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
audit-fd.h
automount.c tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy 2015-11-27 19:19:36 +01:00
automount.h Move all unit states to basic/ and extend systemctl --state=help 2015-09-28 15:09:34 -04:00
bus-endpoint.c util-lib: split out allocation calls into alloc-util.[ch] 2015-10-27 13:45:53 +01:00
bus-endpoint.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
bus-policy.c util-lib: split out allocation calls into alloc-util.[ch] 2015-10-27 13:45:53 +01:00
bus-policy.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
busname.c tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy 2015-11-27 19:19:36 +01:00
busname.h util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] 2015-10-24 23:05:02 +02:00
cgroup.c core: don't generate warnings when write access to the cgroup fs fails in --user due to EACCES 2015-11-17 00:52:10 +01:00
cgroup.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
dbus-automount.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
dbus-automount.h remove unused includes 2015-02-23 23:53:42 +01:00
dbus-busname.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
dbus-busname.h remove unused includes 2015-02-23 23:53:42 +01:00
dbus-cgroup.c util-lib: split out allocation calls into alloc-util.[ch] 2015-10-27 13:45:53 +01:00
dbus-cgroup.h util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] 2015-10-24 23:05:02 +02:00
dbus-device.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
dbus-device.h remove unused includes 2015-02-23 23:53:42 +01:00
dbus-execute.c capabilities: added support for ambient capabilities. 2016-01-12 12:14:50 +02:00
dbus-execute.h util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] 2015-10-24 23:05:02 +02:00
dbus-job.c tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy 2015-11-27 19:19:36 +01:00
dbus-job.h util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] 2015-10-24 23:05:02 +02:00
dbus-kill.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
dbus-kill.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
dbus-manager.c Merge pull request #2157 from keszybz/manager-status 2015-12-15 15:57:19 +01:00
dbus-manager.h core: emit changes for NFailedUnits property 2015-02-26 09:38:50 -05:00
dbus-mount.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
dbus-mount.h util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] 2015-10-24 23:05:02 +02:00
dbus-path.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
dbus-path.h remove unused includes 2015-02-23 23:53:42 +01:00
dbus-scope.c tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy 2015-11-27 19:19:36 +01:00
dbus-scope.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
dbus-service.c core: expose number of file descriptors in fd store on the bus 2015-11-02 23:44:05 +01:00
dbus-service.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
dbus-slice.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
dbus-slice.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
dbus-socket.c Socket: socket protocol add to dbus properties 2015-11-18 09:34:19 +05:30
dbus-socket.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
dbus-swap.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
dbus-swap.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
dbus-target.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
dbus-target.h util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] 2015-10-24 23:05:02 +02:00
dbus-timer.c core: rename Random* to RandomizedDelay* 2015-11-26 16:32:41 -05:00
dbus-timer.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
dbus-unit.c tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy 2015-11-27 19:19:36 +01:00
dbus-unit.h Merge pull request #1828 from fbuihuu/set-property-on-inactive-unit 2015-11-27 14:00:57 +01:00
dbus.c core: re-sync bus name list after deserializing during daemon-reload 2015-12-23 23:31:35 +01:00
dbus.h core: re-sync bus name list after deserializing during daemon-reload 2015-12-23 23:31:35 +01:00
device.c tree-wide: group include of libudev.h with sd-* 2015-11-17 07:06:08 +01:00
device.h Move all unit states to basic/ and extend systemctl --state=help 2015-09-28 15:09:34 -04:00
execute.c capabilities: added support for ambient capabilities. 2016-01-12 12:14:50 +02:00
execute.h capabilities: added support for ambient capabilities. 2016-01-12 12:14:50 +02:00
failure-action.c core: unify code that warns about jobs we fail to enqueue 2015-11-12 20:14:06 +01:00
failure-action.h core: introduce "poweroff" as new failure action types 2014-08-22 18:10:31 +02:00
hostname-setup.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
hostname-setup.h
ima-setup.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
ima-setup.h
job.c core: Minor cleaning up of unit/log status and log logic 2015-11-17 20:41:52 +01:00
job.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
kill.c util-lib: move string table stuff into its own string-table.[ch] 2015-10-27 13:25:56 +01:00
kill.h core: extend KillUnit() to return error when no unit was killed 2015-09-21 10:05:49 +02:00
killall.c util-lib: split out allocation calls into alloc-util.[ch] 2015-10-27 13:45:53 +01:00
killall.h
kmod-setup.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
kmod-setup.h
load-dropin.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
load-dropin.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
load-fragment-gperf.gperf.m4 capabilities: added support for ambient capabilities. 2016-01-12 12:14:50 +02:00
load-fragment.c capabilities: added support for ambient capabilities. 2016-01-12 12:14:50 +02:00
load-fragment.h capabilities: keep bounding set in non-inverted format. 2016-01-12 12:14:50 +02:00
locale-setup.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
locale-setup.h
loopback-setup.c tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy 2015-11-27 19:19:36 +01:00
loopback-setup.h
machine-id-setup.c util-lib: split out allocation calls into alloc-util.[ch] 2015-10-27 13:45:53 +01:00
machine-id-setup.h machine-id-setup: add a machine_id_commit call to commit on disk a transient machine-id 2014-12-03 03:41:19 +01:00
macros.systemd.in rpm: fix %systemd_user_post() macro. 2015-11-22 20:38:05 +01:00
main.c capabilities: keep bounding set in non-inverted format. 2016-01-12 12:14:50 +02:00
Makefile
manager.c core: don't enable special signals in test mode 2016-01-04 18:39:55 +00:00
manager.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
mount-setup.c mount-setup.c: fix handling of symlink Smack labelling in cgroup setup 2016-01-05 12:49:48 +01:00
mount-setup.h mount-setup: remove mount_setup_late() 2014-11-14 15:18:56 +01:00
mount.c core: Do not bind a mount unit to a device, if it was from mountinfo 2015-11-24 14:08:50 +01:00
mount.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
namespace.c util-lib: split out allocation calls into alloc-util.[ch] 2015-10-27 13:45:53 +01:00
namespace.h core: Private*/Protect* options with RootDirectory 2015-05-18 18:47:45 +02:00
org.freedesktop.systemd1.conf systemctl: add add-wants and add-requires verbs 2014-10-08 12:44:00 +02:00
org.freedesktop.systemd1.policy.in.in core: rework policykit hookup 2015-02-18 18:56:27 +01:00
org.freedesktop.systemd1.service
path.c tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy 2015-11-27 19:19:36 +01:00
path.h Move all unit states to basic/ and extend systemctl --state=help 2015-09-28 15:09:34 -04:00
scope.c core: simplify scope unit GC checking code a bit 2015-11-13 19:50:52 +01:00
scope.h Move all unit states to basic/ and extend systemctl --state=help 2015-09-28 15:09:34 -04:00
selinux-access.c core: simplify selinux AVC initialization 2015-11-30 20:26:03 +01:00
selinux-access.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
selinux-setup.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
selinux-setup.h mac: add mac_ prefix to distinguish origin security apis 2014-10-28 14:31:48 +01:00
service.c core: fix bus name synchronization after daemon-reload 2015-12-21 11:23:08 +01:00
service.h core: fix bus name synchronization after daemon-reload 2015-12-21 11:23:08 +01:00
show-status.c util-lib: split out allocation calls into alloc-util.[ch] 2015-10-27 13:45:53 +01:00
show-status.h util-lib: move status printing stuff into src/core/ 2015-10-27 13:25:56 +01:00
shutdown.c util-lib: split out allocation calls into alloc-util.[ch] 2015-10-27 13:45:53 +01:00
slice.c tree-wide: sort includes 2015-11-16 22:09:36 +01:00
slice.h Move all unit states to basic/ and extend systemctl --state=help 2015-09-28 15:09:34 -04:00
smack-setup.c smack: Handling network 2016-01-11 11:12:06 +01:00
smack-setup.h mac: add mac_ prefix to distinguish origin security apis 2014-10-28 14:31:48 +01:00
socket.c core: socket options fix SCTP_NODELAY 2015-12-31 12:05:57 +05:30
socket.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
swap.c core: Do not bind a mount unit to a device, if it was from mountinfo 2015-11-24 14:08:50 +01:00
swap.h util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] 2015-10-24 23:05:02 +02:00
system.conf core: enable TasksMax= for all services by default, and set it to 512 2015-11-16 11:57:48 +01:00
systemd.pc.in build-sys: move systemd.pc from pkgconfiglibdir back into pkgconfigdatadir 2015-04-21 20:35:17 +02:00
target.c core: remove support for RequiresOverridable= and RequisiteOverridable= 2015-11-12 19:27:24 +01:00
target.h Move all unit states to basic/ and extend systemctl --state=help 2015-09-28 15:09:34 -04:00
timer.c tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy 2015-11-27 19:19:36 +01:00
timer.h core: add new RandomSec= setting for time units 2015-11-18 17:07:11 +01:00
transaction.c core: do not warn about Wants depencencies on masked units 2015-11-30 21:00:04 -05:00
transaction.h tree-wide: sort includes in *.h 2015-11-18 23:09:02 +01:00
triggers.systemd.in Convert file trigger scripts to lua 2015-11-23 11:32:20 -05:00
umount.c tree-wide: group include of libudev.h with sd-* 2015-11-17 07:06:08 +01:00
umount.h
unit-printf.c core: simplify handling of %u, %U, %s and %h unit file specifiers 2015-11-12 17:57:04 +01:00
unit-printf.h
unit.c capabilities: keep bounding set in non-inverted format. 2016-01-12 12:14:50 +02:00
unit.h core: Do not bind a mount unit to a device, if it was from mountinfo 2015-11-24 14:08:50 +01:00
user.conf core: Support system.conf.d and user.conf.d directories in the usual search paths 2014-11-29 13:55:31 -05:00