picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
Systemd/src/core
History
WaLyong Cho 2ca620c4ed smack: introduce new SmackProcessLabel option 
In service file, if the file has some of special SMACK label in
ExecStart= and systemd has no permission for the special SMACK label
then permission error will occurred. To resolve this, systemd should
be able to set its SMACK label to something accessible of ExecStart=.
So introduce new SmackProcessLabel. If label is specified with
SmackProcessLabel= then the child systemd will set its label to
that. To successfully execute the ExecStart=, accessible label should
be specified with SmackProcessLabel=.
Additionally, by SMACK policy, if the file in ExecStart= has no
SMACK64EXEC then the executed process will have given label by
SmackProcessLabel=. But if the file has SMACK64EXEC then the
SMACK64EXEC label will be overridden.

[zj: reword man page]
2014-11-24 10:20:53 -05:00
..
.gitignore build-sys: move more files from core/ to share/ that are generic enough 2013-11-22 16:31:40 +01:00
audit-fd.c util: replace close_nointr_nofail() by a more useful safe_close() 2014-03-18 19:31:34 +01:00
audit-fd.h audit: turn the audit fd into a static variable 2012-10-02 17:40:09 -04:00
automount.c hashmap: introduce hash_ops to make struct Hashmap smaller 2014-09-15 16:08:50 +02:00
automount.h core: convert PID 1 to libsystemd-bus 2013-11-20 20:52:36 +01:00
build.h build: avoid trailing whitespace in feature string 2014-11-21 00:32:02 +01:00
bus-common.c bus: factor out bus policy items 2014-09-08 11:06:45 +02:00
bus-common.h bus: factor out bus policy items 2014-09-08 11:06:45 +02:00
bus-endpoint.c core: Remove uninitialized warnings from bus-endpoint.c 2014-09-18 18:32:18 +02:00
bus-endpoint.h bus: add kdbus endpoint types 2014-09-08 11:06:45 +02:00
busname.c core: send sigabrt on watchdog timeout to get the stacktrace 2014-10-28 17:37:39 +01:00
busname.h bus: factor out bus policy items 2014-09-08 11:06:45 +02:00
cgroup.c core: introduce new Delegate=yes/no property controlling creation of cgroup subhierarchies 2014-11-05 18:49:14 +01:00
cgroup.h core: introduce new Delegate=yes/no property controlling creation of cgroup subhierarchies 2014-11-05 18:49:14 +01:00
dbus-automount.c core: no need to list properties for PropertiesChanged messages anymore 2013-12-22 03:50:52 +01:00
dbus-automount.h core: no need to list properties for PropertiesChanged messages anymore 2013-12-22 03:50:52 +01:00
dbus-busname.c kdbus: when uploading bus name policy, resolve users/groups out-of-process 2014-06-05 13:09:46 +02:00
dbus-busname.h core: no need to list properties for PropertiesChanged messages anymore 2013-12-22 03:50:52 +01:00
dbus-cgroup.c core: introduce new Delegate=yes/no property controlling creation of cgroup subhierarchies 2014-11-05 18:49:14 +01:00
dbus-cgroup.h core: convert PID 1 to libsystemd-bus 2013-11-20 20:52:36 +01:00
dbus-device.c core: no need to list properties for PropertiesChanged messages anymore 2013-12-22 03:50:52 +01:00
dbus-device.h core: no need to list properties for PropertiesChanged messages anymore 2013-12-22 03:50:52 +01:00
dbus-execute.c smack: introduce new SmackProcessLabel option 2014-11-24 10:20:53 -05:00
dbus-execute.h core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service 2014-02-05 02:03:10 +01:00
dbus-job.c mac: add mac_ prefix to distinguish origin security apis 2014-10-28 14:31:48 +01:00
dbus-job.h core: Common code for DBus methods that Cancel a job 2014-08-15 14:07:07 +02:00
dbus-kill.c includes: remove duplicate includes 2014-02-10 13:06:31 +01:00
dbus-kill.h core: convert PID 1 to libsystemd-bus 2013-11-20 20:52:36 +01:00
dbus-manager.c core: watchdog bus properties cannot be both writable and constant 2014-11-20 00:01:05 +01:00
dbus-manager.h bus: add sd_bus_track object for tracking peers, and port core over to it 2014-03-03 02:34:13 +01:00
dbus-mount.c mount: add new SloppyOptions= setting for mount units, mapping to mount(8)'s "-s" switch 2014-06-16 01:02:27 +02:00
dbus-mount.h core: no need to list properties for PropertiesChanged messages anymore 2013-12-22 03:50:52 +01:00
dbus-path.c core: no need to list properties for PropertiesChanged messages anymore 2013-12-22 03:50:52 +01:00
dbus-path.h core: no need to list properties for PropertiesChanged messages anymore 2013-12-22 03:50:52 +01:00
dbus-scope.c core: Verify systemd1 DBus method callers via polkit 2014-08-18 18:08:28 +02:00
dbus-scope.h core: introduce new stop protocol for unit scopes 2014-01-31 17:48:36 +01:00
dbus-service.c core: Added support for ERRNO NOTIFY_SOCKET message parsing, and added StatusErrno dbus property along StatusText to allow notification of numeric status condition while degraded service operation or any other special situation. 2014-07-07 17:01:25 +02:00
dbus-service.h core: no need to list properties for PropertiesChanged messages anymore 2013-12-22 03:50:52 +01:00
dbus-slice.c core: rework cgroup mask propagation 2014-02-17 15:49:21 +01:00
dbus-slice.h core: convert PID 1 to libsystemd-bus 2013-11-20 20:52:36 +01:00
dbus-snapshot.c mac: add mac_ prefix to distinguish origin security apis 2014-10-28 14:31:48 +01:00
dbus-snapshot.h bus: rework message handlers to always take an error argument 2013-11-21 21:12:36 +01:00
dbus-socket.c socket: suffix newly added TCP sockopt time properties with "Sec" 2014-08-19 21:58:48 +02:00
dbus-socket.h core: no need to list properties for PropertiesChanged messages anymore 2013-12-22 03:50:52 +01:00
dbus-swap.c swap: replace Discard= setting by a more generic Options= setting 2014-10-28 14:31:25 +01:00
dbus-swap.h core: no need to list properties for PropertiesChanged messages anymore 2013-12-22 03:50:52 +01:00
dbus-target.c core: convert PID 1 to libsystemd-bus 2013-11-20 20:52:36 +01:00
dbus-target.h core: convert PID 1 to libsystemd-bus 2013-11-20 20:52:36 +01:00
dbus-timer.c timer: support timers that can resume the system from suspend 2014-03-24 16:24:07 +01:00
dbus-timer.h core: no need to list properties for PropertiesChanged messages anymore 2013-12-22 03:50:52 +01:00
dbus-unit.c core: introduce the concept of AssertXYZ= similar to ConditionXYZ=, but fatal for a start job if not met 2014-11-06 14:21:11 +01:00
dbus-unit.h bus: rework message handlers to always take an error argument 2013-11-21 21:12:36 +01:00
dbus.c dbus: return non-zero return value in the case that prefix won't match 2014-11-23 19:15:20 -05:00
dbus.h core: Verify systemd1 DBus method callers via polkit 2014-08-18 18:08:28 +02:00
device.c hashmap: introduce hash_ops to make struct Hashmap smaller 2014-09-15 16:08:50 +02:00
device.h core: convert PID 1 to libsystemd-bus 2013-11-20 20:52:36 +01:00
execute.c smack: introduce new SmackProcessLabel option 2014-11-24 10:20:53 -05:00
execute.h smack: introduce new SmackProcessLabel option 2014-11-24 10:20:53 -05:00
failure-action.c manager: print warning on console before reboot 2014-10-27 23:17:49 -04:00
failure-action.h core: introduce "poweroff" as new failure action types 2014-08-22 18:10:31 +02:00
hostname-setup.c util: introduce sethostname_idempotent 2014-10-27 10:37:46 +01:00
hostname-setup.h use #pragma once instead of foo*foo #define guards 2012-07-19 12:30:59 +02:00
ima-setup.c core: reindent {selinux, ima, smack}-setup.c 2014-04-26 00:54:03 +02:00
ima-setup.h use #pragma once instead of foo*foo #define guards 2012-07-19 12:30:59 +02:00
job.c core: introduce the concept of AssertXYZ= similar to ConditionXYZ=, but fatal for a start job if not met 2014-11-06 14:21:11 +01:00
job.h core: introduce the concept of AssertXYZ= similar to ConditionXYZ=, but fatal for a start job if not met 2014-11-06 14:21:11 +01:00
kill.c core: introduce new KillMode=mixed which sends SIGTERM only to the main process, but SIGKILL to all daemon processes 2014-01-29 13:42:06 +01:00
kill.h core: introduce new KillMode=mixed which sends SIGTERM only to the main process, but SIGKILL to all daemon processes 2014-01-29 13:42:06 +01:00
killall.c hashmap: introduce hash_ops to make struct Hashmap smaller 2014-09-15 16:08:50 +02:00
killall.h core: fix order of parameters in broadcast_signal() 2013-11-25 23:03:03 +01:00
kmod-setup.c kmod-setup: improve for "kdbus" word on the kernel cmdline 2014-11-14 18:02:30 +01:00
kmod-setup.h use #pragma once instead of foo*foo #define guards 2012-07-19 12:30:59 +02:00
load-dropin.c core: do not add dependencies to self 2014-08-07 20:42:58 -04:00
load-dropin.h Introspect and monitor dropin configuration 2013-04-01 23:43:49 -04:00
load-fragment-gperf.gperf.m4 smack: introduce new SmackProcessLabel option 2014-11-24 10:20:53 -05:00
load-fragment.c smack: introduce new SmackProcessLabel option 2014-11-24 10:20:53 -05:00
load-fragment.h smack: introduce new SmackProcessLabel option 2014-11-24 10:20:53 -05:00
locale-setup.c localectl: print warning when there are options given on kernel cmdline 2014-09-25 09:19:56 +02:00
locale-setup.h rework systemd's own process environment handling/passing 2013-07-26 18:40:40 +02:00
loopback-setup.c core: loopback-setup - only up the loopback device 2014-08-08 13:09:51 +02:00
loopback-setup.h use #pragma once instead of foo*foo #define guards 2012-07-19 12:30:59 +02:00
machine-id-setup.c core: improve error message when machine id is missing 2014-11-01 14:39:47 -04:00
machine-id-setup.h machine-id: add --root option to operate on an alternate fs tree 2014-03-14 12:44:17 +01:00
macros.systemd.in rpm: add user macros 2014-10-27 22:34:09 -04:00
main.c manager: let manager_free() handle NULLs 2014-11-23 19:17:28 -05:00
Makefile build-sys: add stub makefiles to make emacs easier to use 2012-04-12 13:35:56 +02:00
manager.c manager: let manager_free() handle NULLs 2014-11-23 19:17:28 -05:00
manager.h manager: let manager_free() handle NULLs 2014-11-23 19:17:28 -05:00
mount-setup.c mount-setup: remove mount_setup_late() 2014-11-14 15:18:56 +01:00
mount-setup.h mount-setup: remove mount_setup_late() 2014-11-14 15:18:56 +01:00
mount.c manager: only issue overmount warning when the check succeeded 2014-11-23 19:17:31 -05:00
mount.h mount: add new SloppyOptions= setting for mount units, mapping to mount(8)'s "-s" switch 2014-06-16 01:02:27 +02:00
namespace.c namespace: unchecked return value from library 2014-11-17 12:06:40 +01:00
namespace.h namespace: add missing 'const' to parameters 2014-10-17 13:49:08 +02:00
org.freedesktop.systemd1.conf systemctl: add add-wants and add-requires verbs 2014-10-08 12:44:00 +02:00
org.freedesktop.systemd1.policy.in.in polkit: as we dropped support for the polkit bus transport, also drop its polkit policy 2014-10-13 17:19:31 +02:00
org.freedesktop.systemd1.service move more main systemd parts to core/ 2012-04-12 14:24:40 +02:00
path.c core: nicer message when inotify watches are exhausted 2014-07-16 22:53:07 -04:00
path.h core: convert PID 1 to libsystemd-bus 2013-11-20 20:52:36 +01:00
scope.c core: send sigabrt on watchdog timeout to get the stacktrace 2014-10-28 17:37:39 +01:00
scope.h core: watch SIGCHLD more closely to track processes of units with no reliable cgroup empty notifier 2014-02-07 15:14:36 +01:00
selinux-access.c mac: add mac_ prefix to distinguish origin security apis 2014-10-28 14:31:48 +01:00
selinux-access.h selinux-access: fix broken ternary operator 2014-11-21 21:23:39 +01:00
selinux-setup.c mac: add mac_ prefix to distinguish origin security apis 2014-10-28 14:31:48 +01:00
selinux-setup.h mac: add mac_ prefix to distinguish origin security apis 2014-10-28 14:31:48 +01:00
service.c core: introduce new Delegate=yes/no property controlling creation of cgroup subhierarchies 2014-11-05 18:49:14 +01:00
service.h core: send sigabrt on watchdog timeout to get the stacktrace 2014-10-28 17:37:39 +01:00
show-status.c core: add missing show-status.[ch] 2014-03-03 22:27:25 +01:00
show-status.h core: add missing show-status.[ch] 2014-03-03 22:27:25 +01:00
shutdown.c shutdown: fix arguments to /run/initramfs/shutdown 2014-11-06 22:33:08 +01:00
slice.c core: rework context initialization/destruction logic 2014-03-19 21:06:53 +01:00
slice.h core: general cgroup rework 2013-06-27 04:17:34 +02:00
smack-setup.c mac: add mac_ prefix to distinguish origin security apis 2014-10-28 14:31:48 +01:00
smack-setup.h mac: add mac_ prefix to distinguish origin security apis 2014-10-28 14:31:48 +01:00
snapshot.c snapshot: return error when snapshot exists 2014-10-30 20:38:33 -04:00
snapshot.h core: convert PID 1 to libsystemd-bus 2013-11-20 20:52:36 +01:00
socket.c core: introduce new Delegate=yes/no property controlling creation of cgroup subhierarchies 2014-11-05 18:49:14 +01:00
socket.h socket: introduce SELinuxContextFromNet option 2014-09-19 12:32:06 +02:00
swap.c core: introduce new Delegate=yes/no property controlling creation of cgroup subhierarchies 2014-11-05 18:49:14 +01:00
swap.h swap: drop noauto/nofail bools from Swap structure 2014-10-28 14:31:25 +01:00
sysfs-show.h use #pragma once instead of foo*foo #define guards 2012-07-19 12:30:59 +02:00
system.conf core: remove system start timeout logic again 2014-10-28 01:42:13 +01:00
systemd.pc.in pc: no longer expose exec_prefix in .pc file 2014-06-30 23:19:00 +02:00
target.c core: convert PID 1 to libsystemd-bus 2013-11-20 20:52:36 +01:00
target.h Add __attribute__((const, pure, format)) in various places 2013-05-02 22:52:09 -04:00
timer.c timer: reenable TIMER_ACTIVE timers when restarted 2014-11-07 01:19:56 +01:00
timer.h timer: support timers that can resume the system from suspend 2014-03-24 16:24:07 +01:00
transaction.c Raise level of 'Found dependency...' lines 2014-11-02 12:33:54 -05:00
transaction.h core: convert PID 1 to libsystemd-bus 2013-11-20 20:52:36 +01:00
umount.c use more _cleanup_ macro 2014-06-24 19:09:57 +02:00
umount.h use #pragma once instead of foo*foo #define guards 2012-07-19 12:30:59 +02:00
unit-printf.c Always check asprintf return code 2014-07-26 15:08:41 -04:00
unit-printf.h specifier: rework specifier calls to return proper error message 2013-09-17 10:06:50 -05:00
unit.c core: get rid of condition.c and move the remaining call into util.c 2014-11-06 14:21:11 +01:00
unit.h shared: rename condition-util.[ch] to condition.[ch] 2014-11-06 14:21:11 +01:00
user.conf core: add a setting to globally control the default for timer unit accuracy 2014-03-24 16:24:07 +01:00