Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Update NEWS | Boucman | 2019-07-14 | 1 | -3/+3 |
| | |||||
* | NEWS: add some notes for v243 | Lennart Poettering | 2019-07-14 | 1 | -13/+190 |
| | | | | Let's get this ball rolling. | ||||
* | NEWS: mention that the libidn2 is used by default | Yu Watanabe | 2019-06-29 | 1 | -0/+3 |
| | |||||
* | docs: fix typos and duplicate words | Michael Prokop | 2019-06-27 | 1 | -2/+2 |
| | | | | | | | | | s/and and/and/ s/explicity/explicitly/ s/that that/that/ s/the the/the/ s/is is/it is/ s/overriden/overridden/ | ||||
* | core: introduce NUMAPolicy and NUMAMask options | Michal Sekletar | 2019-06-24 | 1 | -0/+6 |
| | | | | | | | | | | | | | Make possible to set NUMA allocation policy for manager. Manager's policy is by default inherited to all forked off processes. However, it is possible to override the policy on per-service basis. Currently we support, these policies: default, prefer, bind, interleave, local. See man 2 set_mempolicy for details on each policy. Overall NUMA policy actually consists of two parts. Policy itself and bitmask representing NUMA nodes where is policy effective. Node mask can be specified using related option, NUMAMask. Default mask can be overwritten on per-service level. | ||||
* | NEWS: add more hint about MACAddressPolicy= change | Yu Watanabe | 2019-06-14 | 1 | -0/+12 |
| | | | | C.f. https://bugzilla.suse.com/show_bug.cgi?id=1136600 | ||||
* | NEWS: add note about the CPUAffinity= changes | Zbigniew Jędrzejewski-Szmek | 2019-06-06 | 1 | -1/+19 |
| | |||||
* | NEWS: add some entries | Zbigniew Jędrzejewski-Szmek | 2019-05-28 | 1 | -0/+33 |
| | | | | For #12680, #12571. | ||||
* | meson: let's make unified cgroupsv2 the default | Lennart Poettering | 2019-05-24 | 1 | -0/+10 |
| | | | | | | Prompted by @evverx' comments: https://github.com/systemd/systemd/pull/10161#pullrequestreview-158327715 | ||||
* | NEWS: document the new SystemCallFilter= behaviour | Lennart Poettering | 2019-05-24 | 1 | -0/+16 |
| | |||||
* | cgroup: Support 0-value for memory protection directives | Chris Down | 2019-05-08 | 1 | -0/+3 |
| | | | | | | | | These make sense to be explicitly set at 0 (which has a different effect than the default, since it can affect processing of `DefaultMemoryXXX`). Without this, it's not easily possible to relinquish memory protection for a subtree, which is not great. | ||||
* | cgroup: Polish hierarchically aware protection docs a bit | Chris Down | 2019-05-08 | 1 | -0/+5 |
| | | | | | | | I missed adding a section in `systemd.resource-control` about DefaultMemoryMin in #12332. Also, add a NEWS entry going over the general concept. | ||||
* | codespell: fix spelling errors | Ben Boeckel | 2019-04-29 | 1 | -6/+6 |
| | |||||
* | NEWS: List getty@tty1.service as not being enabled anymore | Paul Menzel | 2019-04-24 | 1 | -2/+3 |
| | | | | Fixes: https://github.com/systemd/systemd/issues/12345 | ||||
* | NEWS: document kernel.pid_max change | Lennart Poettering | 2019-04-12 | 1 | -0/+21 |
| | |||||
* | NEWS: fix typo | Lennart Poettering | 2019-04-12 | 1 | -1/+1 |
| | |||||
* | NEWS: update contributors and datev242 | Zbigniew Jędrzejewski-Szmek | 2019-04-11 | 1 | -5/+6 |
| | |||||
* | Merge pull request #12223 from yuwata/network-wireguard-preshared-key-file | Zbigniew Jędrzejewski-Szmek | 2019-04-09 | 1 | -2/+2 |
|\ | | | | | network: add PresharedKeyFile= setting and make reading key file failure fatal | ||||
| * | NEWS: mention PresharedKeyFile= | Yu Watanabe | 2019-04-09 | 1 | -2/+2 |
| | | |||||
* | | NEWS: add mention of time-set.target | Zbigniew Jędrzejewski-Szmek | 2019-04-08 | 1 | -6/+12 |
| | | |||||
* | | update NEWS for 242 final | Lennart Poettering | 2019-04-08 | 1 | -11/+12 |
|/ | |||||
* | Merge pull request #12121 from poettering/contribv242-rc1 | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 1 | -2/+41 |
|\ | |||||
| * | update NEWS | Lennart Poettering | 2019-04-02 | 1 | -0/+22 |
| | | |||||
| * | NEWS: add preliminary contributor list | Lennart Poettering | 2019-04-02 | 1 | -1/+18 |
|/ | |||||
* | core: imply NNP and SUID/SGID restriction for DynamicUser=yes service | Lennart Poettering | 2019-04-02 | 1 | -0/+15 |
| | | | | | | | | | Let's be safe, rather than sorry. This way DynamicUser=yes services can neither take benefit of, nor create SUID/SGID binaries. Given that DynamicUser= is a recent addition only we should be able to get away with turning this on, even though this is strictly speaking a binary compatibility breakage. | ||||
* | NEWS: document the change to installation | Zbigniew Jędrzejewski-Szmek | 2019-04-02 | 1 | -0/+9 |
| | |||||
* | update NEWS | Lennart Poettering | 2019-03-28 | 1 | -0/+4 |
| | |||||
* | NEWS: various tweaks and updates for v242 | Lennart Poettering | 2019-03-25 | 1 | -36/+77 |
| | |||||
* | NEWS: add missing word | Zbigniew Jędrzejewski-Szmek | 2019-03-22 | 1 | -2/+2 |
| | |||||
* | NEWS: prepare for v242 | Zbigniew Jędrzejewski-Szmek | 2019-03-22 | 1 | -0/+147 |
| | |||||
* | tree-wide: spell "lifecycle" without hyphen everywhere | Zbigniew Jędrzejewski-Szmek | 2019-03-14 | 1 | -3/+3 |
| | | | | | We had 10 instances of unhyphentated spelling, and 4 of the hyphenated one. Consistency trumps ispell. | ||||
* | kernel-install: rename $BOOT_DIR[_ABS] to $ENTRY_DIR[_ABS] | Zbigniew Jędrzejewski-Szmek | 2019-03-12 | 1 | -5/+7 |
| | | | | | | | | "BOOT" is misleading, because it sounds like this refers to /boot or $BOOT, when in fact it refers to some subdirectory. Those variable names are purely interal, so we can change them. $BOOT_DIR_ABS was used in NEWS, but it should not be (because it is an internal detail), so the old NEWS entry is reworded to use "entry directory". | ||||
* | NEWS: add entry about 'udevadm trigger --wait-daemon' | Yu Watanabe | 2019-02-15 | 1 | -0/+3 |
| | |||||
* | NEWS: fix release date | Yu Watanabe | 2019-02-15 | 1 | -1/+1 |
| | |||||
* | NEWS: update for final v241 | Lennart Poettering | 2019-02-14 | 1 | -16/+20 |
| | |||||
* | NEWS fix boolean value for meson options | Christian Hesse | 2019-02-04 | 1 | -1/+1 |
| | | | | | Valid boolean values for meson are 'true' and 'false', not 'yes' and 'no'. | ||||
* | More NEWS prep for v241v241-rc2 | Lennart Poettering | 2019-01-30 | 1 | -2/+34 |
| | |||||
* | NEWS: add section about backslashes in EnvironmentFile | Louis Taylor | 2019-01-21 | 1 | -0/+4 |
| | | | | As a follow-up from #11427. | ||||
* | NEWS: retroactively describe .include deprecation | Zbigniew Jędrzejewski-Szmek | 2019-01-18 | 1 | -0/+5 |
| | | | | Closes #11479. | ||||
* | Merge pull request #11449 from keszybz/udev-link-naming-again | Lennart Poettering | 2019-01-17 | 1 | -0/+22 |
|\ | | | | | Make udev link re-renaming conditional | ||||
| * | NEWS: describe the naming scheme updates | Zbigniew Jędrzejewski-Szmek | 2019-01-17 | 1 | -0/+22 |
| | | |||||
* | | seccomp: drop mincore() from @system-service syscall filter group | Lennart Poettering | 2019-01-16 | 1 | -0/+4 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, this system call was included in @system-service since it is a "getter" only, i.e. only queries information, and doesn't change anything, and hence was considered not risky. However, as it turns out, mincore() is actually security sensitive, see the discussion here: https://lwn.net/Articles/776034/ Hence, let's adjust the system call filter and drop mincore() from it. This constitues a compatibility break to some level, however I presume we can get away with this as the systemcall is pretty exotic. The fact that it is pretty exotic is also reflected by the fact that the kernel intends to majorly change behaviour of the system call soon (see the linked LWN article) | ||||
* | | Enable regular file and FIFO protection | Lucas Werkmeister | 2019-01-16 | 1 | -0/+13 |
|/ | | | | | | These sysctls were added in Linux 4.19 (torvalds/linux@30aba6656f), and we should enable them just like we enable the older hardlink/symlink protection since v199. Implements #11414. | ||||
* | NEWS: typos | Zbigniew Jędrzejewski-Szmek | 2019-01-15 | 1 | -4/+4 |
| | |||||
* | NEWS: add more entries | Yu Watanabe | 2019-01-13 | 1 | -0/+10 |
| | |||||
* | NEWS: document deprecation of PermissionsStartOnly= in v240 | Zbigniew Jędrzejewski-Szmek | 2019-01-13 | 1 | -0/+5 |
| | | | | https://github.com/systemd/systemd/pull/10802#issuecomment-453772058 | ||||
* | NEWS: update for v241 | Zbigniew Jędrzejewski-Szmek | 2019-01-13 | 1 | -0/+25 |
| | |||||
* | NEWS: also mention that clock file for timesyncd may need to move | Yu Watanabe | 2019-01-08 | 1 | -0/+2 |
| | | | | | | Follow-up for aa2437e2aee003a361debbb34b341931caf49b3b. Closes #11329. | ||||
* | cgroup: s/cgroups? ?v?([0-9])/cgroup v\1/gI | Chris Down | 2019-01-03 | 1 | -7/+7 |
| | | | | | | | | | | Nitpicky, but we've used a lot of random spacings and names in the past, but we're trying to be completely consistent on "cgroup vN" now. Generated by `fd -0 | xargs -0 -n1 sed -ri --follow-symlinks 's/cgroups? ?v?([0-9])/cgroup v\1/gI'`. I manually ignored places where it's not appropriate to replace (eg. "cgroup2" fstype and in src/shared/linux). | ||||
* | NEWS: add one more name and adjust locationv240 | Zbigniew Jędrzejewski-Szmek | 2018-12-21 | 1 | -38/+38 |
| |