picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
Systemd/src/test
History
Lennart Poettering 705268414f seccomp: add new system call filter, suitable as default whitelist for system services 
Currently we employ mostly system call blacklisting for our system
services. Let's add a new system call filter group @system-service that
helps turning this around into a whitelist by default.

The new group is very similar to nspawn's default filter list, but in
some ways more restricted (as sethostname() and suchlike shouldn't be
available to most system services just like that) and in others more
relaxed (for example @keyring is blocked in nspawn since it's not
properly virtualized yet in the kernel, but is fine for regular system
services).
2018-06-14 17:44:20 +02:00
..
generate-sym-test.py Mark python scripts executable 2017-05-07 20:16:47 -04:00
meson.build Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-acl-util.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-af-list.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-alloc-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-architecture.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-arphrd-list.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-ask-password-api.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-async.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-barrier.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-bitmap.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-boot-timestamps.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-bpf.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-btrfs.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-bus-util.c test-bus-util: add a test for destroy callbacks 2018-06-06 23:01:57 +02:00
test-calendarspec.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-cap-list.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-capability.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-cgroup-mask.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-cgroup-util.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-cgroup.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-clock.c tree-wide: use proper unicode © instead of (C) where we can 2018-06-14 10:20:20 +02:00
test-condition.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-conf-files.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-conf-parser.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-copy.c Merge pull request #9274 from poettering/comment-header-cleanup 2018-06-14 11:26:50 +02:00
test-cpu-set-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-daemon.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-date.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-device-nodes.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-dissect-image.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-dlopen.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-dns-domain.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-ellipsize.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-engine.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-env-util.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-escape.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-exec-util.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-execute.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-extract-word.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-fd-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-fdset.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-fileio.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-firewall-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-format-table.c basic: add minimalistic table formatter 2018-04-18 12:51:15 +02:00
test-fs-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-fstab-util.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-gcrypt-util.c Fix SPDX license tags 2018-06-14 13:05:41 +02:00
test-glob-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-hash.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-hashmap-ordered.awk meson: also indent scripts with 8 spaces 2017-04-25 08:49:16 -04:00
test-hashmap-plain.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-hashmap.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-helper.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-helper.h tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-hexdecoct.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-hostname-util.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-hostname.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-id128.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-in-addr-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-install-root.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-install.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-io-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-ipcrm.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-job-type.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-journal-importer.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-libudev.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-list.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-locale-util.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-log.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-loopback.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-mount-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-namespace.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-netlink-manual.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-ns.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-nss.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-os-util.c os-util: add helpers for finding /etc/os-release 2018-05-24 17:01:57 +02:00
test-parse-util.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-path-lookup.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-path-util.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-path.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-prioq.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-proc-cmdline.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-process-util.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-procfs-util.c procfs-util: add APIs to get consumed CPU time and used memory from /proc 2018-02-09 17:32:26 +01:00
test-random-util.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-ratelimit.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-replace-var.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-rlimit-util.c tree-wide: drop 'This file is part of systemd' blurb 2018-06-14 10:20:20 +02:00
test-sched-prio.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-seccomp.c seccomp: add new system call filter, suitable as default whitelist for system services 2018-06-14 17:44:20 +02:00
test-selinux.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-set.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-sigbus.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-signal-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-siphash24.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-sizeof.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-sleep.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-socket-util.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-specifier.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-stat-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-strbuf.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-string-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-strip-tab-ansi.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-strv.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-strxcpyx.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-systemd-tmpfiles.py tree-wide: drop 'This file is part of systemd' blurb 2018-06-14 10:20:20 +02:00
test-tables.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-terminal-util.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-time-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-tmpfiles.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-udev.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-uid-range.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-umount.c core/umount: use libmount to enumerate /proc/swaps 2018-03-16 10:12:50 +01:00
test-unaligned.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-unit-file.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-unit-name.c Drop my copyright headers 2018-06-14 13:03:20 +02:00
test-user-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-utf8.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-util.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-verbs.c tree-wide: beautify remaining copyright statements 2018-06-14 10:20:21 +02:00
test-watch-pid.c core: undo the dependency inversion between unit.h and all unit types 2018-05-15 14:24:34 -04:00
test-watchdog.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-web-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-xattr-util.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00
test-xml.c tree-wide: remove Lennart's copyright lines 2018-06-14 10:20:20 +02:00