summaryrefslogtreecommitdiff
path: root/man/systemd.exec.xml
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #9153 from poettering/private-mountsZbigniew Jędrzejewski-Szmek2018-06-131-19/+60
|\ | | | | introduce PrivateMounts= setting and clean up documentation for MountFlags=
| * man: document the new PrivateMounts= settingLennart Poettering2018-06-121-19/+60
| | | | | | | | | | | | | | Also, extend the documentation on MountFlags= substantially, hopefully addressing all the questions of #4393 Fixes: #4393
* | doc: more spelling fixesMichael Biebl2018-06-121-5/+5
|/
* tree-wide: drop trailing whitespaceLennart Poettering2018-06-121-2/+2
|
* Table is easier to graspBruno Vernay2018-06-111-7/+42
| | | | | | State goes in CONFIG for users 3rd review
* man: RuntimeDirectory= or friends accept dot contained pathsYu Watanabe2018-06-041-1/+1
|
* load-fragment: make IOScheduling{Class,Priority}= accept the empty stringYu Watanabe2018-05-311-2/+5
|
* Merge pull request #8817 from yuwata/cleanup-nsflagsLennart Poettering2018-05-241-3/+14
|\ | | | | core: allow to specify RestrictNamespaces= multiple times
| * man: fix merging rule for CapabilityBoundingSet=Yu Watanabe2018-05-051-1/+1
| |
| * man: mention that RestrictNamespaces= can be specified multiple timesYu Watanabe2018-05-051-2/+13
| |
* | man: fix reference in StandardOutput=Lucas Werkmeister2018-05-141-2/+2
|/ | | | | | | Since StandardOutput=file:path is more similar to StandardInput= than StandardInputText=, and only StandardInput= is actually documented above StandardOutput= whereas StandardInputText= is documented below it, I assume the intention was to refer to the former.
* man: don't claim we'd set XDG_SEAT and XDG_VTNR as part of service managementLennart Poettering2018-04-271-20/+15
| | | | | | | | | | | | Previously, reading through systemd.exec(5) one might get the idea that XDG_SEAT and XDG_VTNR are part of the service management logic, but they are not, they are only set if pam_systemd is part of a PAM stack an pam_systemd is used. Hence, let's drop these env vars from the list of env vars, and instead add a paragraph after the list mentioning that pam_systemd might add more systemd-specific env vars if included in the PAM stack for a service that uses PAMName=.
* man: document BSD exit codes in systemd.exec(5) tooLennart Poettering2018-04-271-0/+92
| | | | | Our own tools use them now, and we probably should encourage that, hence let's document them along with the other exit codes we use.
* tree-wide: drop spurious newlines (#8764)Lennart Poettering2018-04-191-3/+0
| | | | | | | | Double newlines (i.e. one empty lines) are great to structure code. But let's avoid triple newlines (i.e. two empty lines), quadruple newlines, quintuple newlines, …, that's just spurious whitespace. It's an easy way to drop 121 lines of code, and keeps the coding style of our sources a bit tigther.
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* man: suggests TemporaryFileSystem= when people want to nest bind mounts ↵Yu Watanabe2018-02-271-3/+7
| | | | | | inside InaccessiblePaths= (#8288) Suggested by @sourcejedi in #8242. Closes #7895, #7153, and #2780.
* Merge pull request #7908 from yuwata/rfe-7895Alan Jenkins2018-02-211-9/+44
|\ | | | | core: add TemporaryFileSystem= setting and 'tmpfs' option to ProtectHome=
| * core: add new option 'tmpfs' to ProtectHome=Yu Watanabe2018-02-211-8/+18
| | | | | | | | | | This make ProtectHome= setting can take 'tmpfs'. This is mostly equivalent to `TemporaryFileSystem=/home /run/user /root`.
| * man: add documents for TemporaryFileSystem=Yu Watanabe2018-02-211-0/+23
| |
| * core/namespace: make '-' prefix in Bind{,ReadOnly}Paths= workYu Watanabe2018-02-211-1/+3
| | | | | | | | | | | | Each path in `Bind{ReadOnly}Paths=` accept '-' prefix. However, the prefix is completely ignored. This makes it work as expected.
* | core: change KeyringMode= to "shared" by default for non-service units in ↵Lennart Poettering2018-02-201-2/+2
|/ | | | | | | | | | | | | | | the system manager (#8172) Before this change all unit types would default to "private" in the system service manager and "inherit" to in the user service manager. With this change this is slightly altered: non-service units of the system service manager are now run with KeyringMode=shared. This appears to be the more appropriate choice as isolation is not as desirable for mount tools, which regularly consume key material. After all mounts are a shared resource themselves as they appear system-wide hence it makes a lot of sense to share their key material too. Fixes: #8159
* seccomp: allow x86-64 syscalls on x32, used by the VDSO (fix #8060)Alan Jenkins2018-02-021-5/+7
| | | | | | | | | | The VDSO provided by the kernel for x32, uses x86-64 syscalls instead of x32 ones. I think we can safely allow this; the set of x86-64 syscalls should be very similar to the x32 ones. The real point is not to allow *x86* syscalls, because some of those are inconveniently multiplexed and we're apparently not able to block the specific actions we want to.
* man: systemd.exec: cleanup "only X will be permitted" ... "but X=X+1"Alan Jenkins2018-01-311-9/+9
| | | | | | | | | | | | | | > Only system calls of the *specified* architectures will be permitted to > processes of this unit. (my emphasis) > Note that setting this option to a non-empty list implies that > native is included too. Attempting to use "implies" in the later sentence, in a way that contradicts the very clear meaning of the earlier sentence... it's too much.
* man: note that `systemctl show` does not overridden valueYu Watanabe2017-12-191-3/+4
| | | | Fixes #7694.
* man: LockPersonality= implies NoNewPrivileges=Yu Watanabe2017-12-191-1/+2
|
* man: "systemd" is to be written in all lower-case, even at beginnings of ↵Lennart Poettering2017-12-131-1/+1
| | | | | | sentences This very important commit is very important.
* man: fix typoYu Watanabe2017-12-051-1/+1
|
* man: fix typo (#7511)Yu Watanabe2017-11-301-1/+1
|
* man: reorder/add sections to systemd.exec(5) (#7412)Lennart Poettering2017-11-231-1103/+1086
| | | | | | | | | | | | The long long list of settings is getting too confusing, let's add some sections and reorder things in them. This makes no changes regarding contents, it only reorders things, sometimes reindents them, and adds sections that made sense to me to some degree. Within each sections the settings are ordered by relevance (at least according to how relevant I personally find them), and not alphabetically.
* Merge pull request #7198 from poettering/stdin-stdoutLennart Poettering2017-11-191-149/+154
|\ | | | | Add StandardInput=data, StandardInput=file:... and more
| * man: document all the new options we acquiredLennart Poettering2017-11-171-149/+154
| |
* | Add SPDX license identifiers to man pagesZbigniew Jędrzejewski-Szmek2017-11-191-0/+2
| |
* | man: add link to kernel docs about no_new_privsZbigniew Jędrzejewski-Szmek2017-11-191-1/+5
|/
* man: document LogFieldMax= and LogExtraFields=Lennart Poettering2017-11-161-0/+35
|
* man: update SyslogXYZ= documentation a bitLennart Poettering2017-11-161-61/+41
| | | | | | Let's clarify that these settings only apply to stdout/stderr logging. Always mention the journal before syslog (as the latter is in most ways just a legacy alias these days). Always mention the +console cases too.
* man: fix wrong tag (#7358)Yu Watanabe2017-11-161-3/+3
|
* man: document > /dev/stderr pitfalls (#7317)Lennart Poettering2017-11-141-2/+7
| | | | Fixes: #7254 See: #2473
* shared/seccomp: disallow pkey_mprotect the same as mprotect for W^X mappings ↵Zbigniew Jędrzejewski-Szmek2017-11-121-2/+3
| | | | | | | | | | | | | | (#7295) MemoryDenyWriteExecution policy could be be bypassed by using pkey_mprotect instead of mprotect to create an executable writable mapping. The impact is mitigated by the fact that the man page says "Note that this feature is fully available on x86-64, and partially on x86", so hopefully people do not rely on it as a sole security measure. Found by Karin Hossen and Thomas Imbert from Sogeti ESEC R&D. https://bugs.launchpad.net/bugs/1725348
* core: allow to specify errno number in SystemCallErrorNumber=Yu Watanabe2017-11-111-9/+5
|
* core: add support to specify errno in SystemCallFilter=Yu Watanabe2017-11-111-1/+6
| | | | | | | | | This makes each system call in SystemCallFilter= blacklist optionally takes errno name or number after a colon. The errno takes precedence over the one given by SystemCallErrorNumber=. C.f. #7173. Closes #7169.
* man: update documents for RuntimeDirectory= and friendsYu Watanabe2017-11-081-9/+7
|
* Merge pull request #7059 from yuwata/dynamic-user-7013Zbigniew Jędrzejewski-Szmek2017-10-181-1/+4
|\ | | | | dynamic-user: permit the case static uid and gid are different
| * man: comment a requirement about the static user or group when DynamicUser=yesYu Watanabe2017-10-181-1/+4
| |
* | man: fix typos (#7029)Jakub Wilk2017-10-101-7/+7
|/
* seccomp: add three more seccomp groupsLennart Poettering2017-10-051-0/+12
| | | | | | | | | @aio → asynchronous IO calls @sync → msync/fsync/... and friends @chown → changing file ownership (Also, change @privileged to reference @chown now, instead of the individual syscalls it contains)
* seccomp: remove '@credentials' syscall set (#6958)Djalal Harouni2017-10-031-4/+0
| | | | | | | | | | | | | | | | This removes the '@credentials' syscall set that was added in commit v234-468-gcd0ddf6f75. Most of these syscalls are so simple that we do not want to filter them. They work on the current calling process, doing only read operations, they do not have a deep kernel path. The problem may only be in 'capget' syscall since it can query arbitrary processes, and used to discover processes, however sending signal 0 to arbitrary processes can be used to discover if a process exists or not. It is unfortunate that Linux allows to query processes of different users. Lets put it now in '@process' syscall set, and later we may add it to a new '@basic-process' set that allows most basic process operations.
* man: document the new logicLennart Poettering2017-10-021-34/+57
|
* man: document that PAMName= and NotifyAccess=all don't mix well.Lennart Poettering2017-10-021-1/+12
| | | | See: #6045
* Merge pull request #6832 from poettering/keyring-modeZbigniew Jędrzejewski-Szmek2017-09-151-0/+20
|\ | | | | Add KeyringMode unit property to fix cryptsetup key caching
| * core: add new per-unit setting KeyringMode= for controlling kernel keyring setupLennart Poettering2017-09-151-0/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Usually, it's a good thing that we isolate the kernel session keyring for the various services and disconnect them from the user keyring. However, in case of the cryptsetup key caching we actually want that multiple instances of the cryptsetup service can share the keys in the root user's user keyring, hence we need to be able to disable this logic for them. This adds KeyringMode=inherit|private|shared: inherit: don't do any keyring magic (this is the default in systemd --user) private: a private keyring as before (default in systemd --system) shared: the new setting
View Lorry Controller Status