picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
Systemd/src/nspawn
History
tomty89 e8a94ce83e nspawn: add nosuid and nodev to /tmp mount (#6004) 
When automatic /tmp mount was introduced to nspawn in v219, it was done without having the nosuid and nodev mount options, which was the same case as systemd's default tmp.mount unit back then.

nosuid and nodev was added to tmp.mount(.m4) in v231 for security reasons. matching the nspawn /tmp mount entry against that.

Ref.:
2f9df7c96a
bbb99c30d0
2017-05-23 09:41:36 +02:00
..
.gitignore nspawn: add new .nspawn files for container settings 2015-09-06 01:49:06 +02:00
Makefile build-sys: add stub makefiles to all subdirs to ease development with emacs 2012-04-13 21:37:59 +02:00
meson.build meson: reindent all files with 8 spaces 2017-04-23 21:47:29 -04:00
nspawn-cgroup.c cgroup: rename cg_unified() → cg_unified_controller() 2017-02-24 18:00:04 +01:00
nspawn-cgroup.h nspawn: cleanup and chown the synced cgroup hierarchy (#4223) 2016-10-13 09:50:46 -04:00
nspawn-expose-ports.c core: introduce parse_ip_port (#4825) 2016-12-06 12:21:45 +01:00
nspawn-expose-ports.h tree-wide: remove Emacs lines from all files 2016-02-10 13:41:57 +01:00
nspawn-gperf.gperf nspawn: Add support for sysroot pivoting (#5258) 2017-02-08 16:54:31 +01:00
nspawn-mount.c nspawn: add nosuid and nodev to /tmp mount (#6004) 2017-05-23 09:41:36 +02:00
nspawn-mount.h nspawn: Add support for sysroot pivoting (#5258) 2017-02-08 16:54:31 +01:00
nspawn-network.c Fix includes (#5980) 2017-05-19 10:01:35 -04:00
nspawn-network.h nspawn: add new --network-zone= switch for automatically managed bridge devices 2016-05-09 15:45:31 +02:00
nspawn-patch-uid.c fs-util: unify code we use to check if dirent's d_name is "." or ".." 2017-02-02 00:06:18 +01:00
nspawn-patch-uid.h nspawn: optionally fix up OS tree uid/gids for userns 2016-04-25 12:15:57 +02:00
nspawn-register.c nspawn: permit prefixing of source paths in --bind= and --overlay= with "+" 2016-12-01 12:41:18 +01:00
nspawn-register.h tree-wide: remove Emacs lines from all files 2016-02-10 13:41:57 +01:00
nspawn-seccomp.c seccomp: rework seccomp code, to improve compat with some archs 2017-01-17 22:14:27 -05:00
nspawn-seccomp.h nspawn: split out seccomp call into nspawn-seccomp.[ch] 2016-05-26 22:42:29 +02:00
nspawn-settings.c nspawn: Add support for sysroot pivoting (#5258) 2017-02-08 16:54:31 +01:00
nspawn-settings.h nspawn: Add support for sysroot pivoting (#5258) 2017-02-08 16:54:31 +01:00
nspawn-setuid.c Use "return log_error_errno" in more places" 2016-07-22 21:25:09 -04:00
nspawn-setuid.h tree-wide: remove Emacs lines from all files 2016-02-10 13:41:57 +01:00
nspawn-stub-pid1.c Fix includes (#5980) 2017-05-19 10:01:35 -04:00
nspawn-stub-pid1.h nspawn: flush out environment block of the -a stub init process 2016-12-14 18:29:30 +01:00
nspawn.c tree-wide: fix incorrect uses of %m 2017-05-13 15:42:26 -04:00
test-patch-uid.c nspawn: optionally fix up OS tree uid/gids for userns 2016-04-25 12:15:57 +02:00