index
:
delta/systemd.git
assert-cleanups-and-constification
baserock/adamcoldrick/yaml-morphology
baserock/jjardon/fix_parallel_build
baserock/jjardon/intltool
baserock/morph
baserock/paulsherwood/sd-update
baserock/pedroalvarez/v217
baserock/pedroalvarez/v218
baserock/ps/update-linux-v3.12-systemd-v208
baserock/radiofree/enable_xz
baserock/richardmaw/nspawn-path-escapes
baserock/richardmaw/wip-upgrade-root
baserock/v218-with-canonical-hostname-fix
baserock/v219-314-gd736e4f-network_fixes
baserock/v219-729-g163ab29-jetson_btrfs_fixes
cap-bpf-compat
chase-symlinks-rework
coverity
coverity-now-for-real
coverity-python
default_memory
dependabot/github_actions/actions/checkout-2.4.0
dependabot/github_actions/actions/upload-artifact-2.3.1
dependabot/github_actions/github/codeql-action-1.0.23
dependabot/github_actions/github/codeql-action-1.0.24
dependabot/github_actions/github/codeql-action-1.0.27
dependabot/github_actions/github/super-linter-4.8.2
dependabot/github_actions/github/super-linter-4.8.3
dependabot/github_actions/github/super-linter-4.8.4
dependabot/github_actions/systemd/mkosi-11
dependabot/pip/dot-github/workflows/meson-0.60.3
dev-no-noexec
enabled-optimization
gc-cleanup
gcc-hypothesis
hidden-units-are-good-units
hwdb
keszybz-patch-1
main
master
meson-allows-fuzzer-building
msekletar-security-list-process
oomd-and-user-slices
proot
readme-double-header
revert-10744-logind-lock-down
revert-11715-revert-11534-coverity2
revert-12181-install-etc-systemd-generator-dirs
revert-12463-issue-12452-netlink
revert-13201-networkctl-merge-table_add_cell
revert-13843-watchdog
revert-14900-fix-privatedevices-dev-mac-label
revert-15648-journalctl-cat-beefup
revert-16058-fix-memory-protection-default
revert-16460-turn-off-ubuntu-ppa
revert-1740-master
revert-18355-resolved-discover
revert-18515-temporarily-pin-arch-repos
revert-18807-noexec
revert-19146-fix-JOURNAL-doc
revert-20598-order_noauto
revert-20998-dev/hv-detect
revert-2818-master
revert-2843-clock_boottime
revert-2859-ldconfig-after-localfs
revert-3283-master
revert-3528-upstream-add-networkd-dbus
revert-5012-master
revert-5298-relocatable-tests
revert-6508-audit-socket
setup-semaphore
stat2
systemctl-list-dependencies
systemd-paypal-funding
tasks-max-dynamic
v216-stable
what-s-up-with-coverity
wip/hadess/add-move-udev-action
wip/hadess/chassis-override
wip/hadess/hp-accel-quirk
wip/hadess/lis3lv02d-rule-hp
wip/hadess/logitech-hidraw
wip/hadess/logitech-ultrathin-touch-mouse
wip/hadess/memory-id
wip/hadess/minipro-uaccess
wip/hadess/rfkill-uaccess
wip/hadess/unsupported-dmi
wip/hadess/usb-analysers-uaccess
wip/hadess/webcams
github.com: systemd/systemd.git
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
/
core
/
namespace.c
Commit message (
Expand
)
Author
Age
Files
Lines
*
core:sandbox: lets make /lib/modules/ inaccessible on ProtectKernelModules=
Djalal Harouni
2016-10-12
1
-17
/
+37
*
core:namespace: simplify ProtectHome= implementation
Djalal Harouni
2016-09-25
1
-22
/
+53
*
core: simplify ProtectSystem= implementation
Djalal Harouni
2016-09-25
1
-58
/
+113
*
core:sandbox: add more /proc/* entries to ProtectKernelTunables=
Djalal Harouni
2016-09-25
1
-0
/
+11
*
core:namespace: simplify mount calculation
Djalal Harouni
2016-09-25
1
-12
/
+34
*
core:namespace: put paths protected by ProtectKernelTunables= in
Djalal Harouni
2016-09-25
1
-19
/
+35
*
core:namespace: minor improvements to append_mounts()
Djalal Harouni
2016-09-25
1
-4
/
+4
*
namespace: drop all mounts outside of the new root directory
Lennart Poettering
2016-09-25
1
-0
/
+26
*
namespace: don't make the root directory of a namespace a mount if it already...
Lennart Poettering
2016-09-25
1
-3
/
+8
*
namespace: chase symlinks for mounts to set up in userspace
Lennart Poettering
2016-09-25
1
-42
/
+76
*
namespace: invoke unshare() only after checking all parameters
Lennart Poettering
2016-09-25
1
-3
/
+3
*
core: introduce ProtectSystem=strict
Lennart Poettering
2016-09-25
1
-9
/
+47
*
namespace: add some debug logging when enforcing InaccessiblePaths=
Lennart Poettering
2016-09-25
1
-3
/
+4
*
namespace: rework how ReadWritePaths= is applied
Lennart Poettering
2016-09-25
1
-23
/
+43
*
namespace: when enforcing fs namespace restrictions suppress redundant mounts
Lennart Poettering
2016-09-25
1
-0
/
+39
*
namespace: simplify mount_path_compare() a bit
Lennart Poettering
2016-09-25
1
-11
/
+9
*
namespace: make sure InaccessibleDirectories= masks all mounts further down
Lennart Poettering
2016-09-25
1
-4
/
+40
*
core: add two new service settings ProtectKernelTunables= and ProtectControlG...
Lennart Poettering
2016-09-25
1
-4
/
+32
*
Merge pull request #3764 from poettering/assorted-stuff-2
Martin Pitt
2016-07-22
1
-1
/
+1
|
\
|
*
namespace: add a (void) cast
Lennart Poettering
2016-07-20
1
-1
/
+1
*
|
namespace: fix wrong return value from mount(2) (#3758)
Topi Miettinen
2016-07-20
1
-1
/
+2
|
/
*
namespace: minor improvements
Lennart Poettering
2016-07-20
1
-8
/
+5
*
doc,core: Read{Write,Only}Paths= and InaccessiblePaths=
Alessandro Puccetti
2016-07-19
1
-9
/
+9
*
namespace: unify limit behavior on non-directory paths
Alessandro Puccetti
2016-07-19
1
-8
/
+23
*
namespace: Make private /dev noexec and readonly (#3263)
topimiettinen
2016-05-15
1
-3
/
+7
*
namespace: unmount old /dev under our new private /dev (#3254)
topimiettinen
2016-05-14
1
-0
/
+2
*
Remove kdbus custom endpoint support
Daniel Mack
2016-02-11
1
-84
/
+1
*
tree-wide: remove Emacs lines from all files
Daniel Mack
2016-02-10
1
-2
/
+0
*
util-lib: split out allocation calls into alloc-util.[ch]
Lennart Poettering
2015-10-27
1
-0
/
+1
*
user-util: move UID/GID related macros from macro.h to user-util.h
Lennart Poettering
2015-10-27
1
-0
/
+1
*
util-lib: split out umask-related code to umask-util.h
Lennart Poettering
2015-10-27
1
-0
/
+1
*
util-lib: move string table stuff into its own string-table.[ch]
Lennart Poettering
2015-10-27
1
-0
/
+1
*
util-lib: move mount related utility calls to mount-util.[ch]
Lennart Poettering
2015-10-27
1
-0
/
+1
*
socket-util: move remaining socket-related calls from util.[ch] to socket-uti...
Lennart Poettering
2015-10-26
1
-0
/
+1
*
util-lib: split out fd-related operations into fd-util.[ch]
Lennart Poettering
2015-10-25
1
-1
/
+2
*
util-lib: split our string related calls from util.[ch] into its own file str...
Lennart Poettering
2015-10-24
1
-10
/
+11
*
tree-wide: port more code to use send_one_fd() and receive_one_fd()
Lennart Poettering
2015-09-29
1
-33
/
+11
*
tree-wide: update empty-if coccinelle script to cover empty-while and more
Lennart Poettering
2015-09-09
1
-2
/
+1
*
tree-wide: make use of log_error_errno() return value in more cases
Lennart Poettering
2015-09-09
1
-6
/
+6
*
tree-wide: make use of log_error_errno() return value
Lennart Poettering
2015-09-09
1
-2
/
+1
*
util: introduce CMSG_FOREACH() macro and make use of it everywhere
Lennart Poettering
2015-06-10
1
-2
/
+1
*
core/namespace: Protect /usr instead of /home with ProtectSystem=yes
Jason Pleau
2015-05-31
1
-1
/
+1
*
nspawn: finish user namespace support
Lennart Poettering
2015-05-21
1
-1
/
+1
*
core,nspawn: unify code that moves the root dir
Lennart Poettering
2015-05-20
1
-16
/
+0
*
core: Private*/Protect* options with RootDirectory
Alban Crequy
2015-05-18
1
-10
/
+70
*
nspawn: rework custom mount point order, and add support for overlayfs
Lennart Poettering
2015-05-13
1
-1
/
+1
*
nspawn: change filesystem type from "bind" to NULL in mount() syscalls
Iago López Galeiras
2015-03-31
1
-1
/
+1
*
core/namespace: fix path sorting
Michal Schmidt
2015-03-16
1
-8
/
+4
*
core: explicitly ignore failure during cleanup
Zbigniew Jędrzejewski-Szmek
2015-03-13
1
-1
/
+1
*
core: either ignore or handle mount failures
Zbigniew Jędrzejewski-Szmek
2015-03-13
1
-4
/
+7
[next]