Commit Graph

274 Commits

Author SHA1 Message Date
Yu Watanabe
2d35b79cdc man: DynamicUser= does not imply PrivateDevices= (#6510)
Follow-up for effbd6d2ea.
2017-08-07 11:02:47 +02:00
Yu Watanabe
3536f49e8f core: add {State,Cache,Log,Configuration}Directory= (#6384)
This introduces {State,Cache,Log,Configuration}Directory= those are
similar to RuntimeDirectory=. They create the directories under
/var/lib, /var/cache/, /var/log, or /etc, respectively, with the mode
specified in {State,Cache,Log,Configuration}DirectoryMode=.

This also fixes #6391.
2017-07-18 14:34:52 +02:00
Lennart Poettering
7398320f9a Merge pull request #6328 from yuwata/runtime-preserve
core: Allow preserving contents of RuntimeDirectory over process restart
2017-07-17 10:02:19 +02:00
Yu Watanabe
23a7448efa core: support subdirectories in RuntimeDirectory= option 2017-07-17 16:30:53 +09:00
Yu Watanabe
53f47dfc7b core: allow preserving contents of RuntimeDirectory= over process restart
This introduces RuntimeDirectoryPreserve= option which takes a boolean
argument or 'restart'.

Closes #6087.
2017-07-17 16:22:25 +09:00
Lucas Werkmeister
ceabfb889d Fix spelling (#6378) 2017-07-15 12:29:09 -04:00
Lennart Poettering
6297d07b82 Merge pull request #6300 from keszybz/refuse-to-load-some-units
Refuse to load some units
2017-07-12 09:28:20 +02:00
Zbigniew Jędrzejewski-Szmek
b023856884 man: add warnings that Private*= settings are not always applied 2017-07-11 13:38:13 -04:00
Lennart Poettering
565dab8ef4 man: briefly document permitted user/group name syntax for User=/Group= and syusers.d (#6321)
As discussed here:

https://lists.freedesktop.org/archives/systemd-devel/2017-July/039237.html
2017-07-10 13:44:06 -04:00
Zbigniew Jędrzejewski-Szmek
189cd8c2ab man: describe RuntimeDirectoryMode=
Fixes #5509.
2017-06-17 15:23:02 -04:00
Zbigniew Jędrzejewski-Szmek
03c3c52040 man: update MemoryDenyWriteExecute description for executable stacks
Without going into details, mention that libraries are also covered by the
filters, and that executable stacks are a no no.

Closes #5970.
2017-05-30 16:44:48 -04:00
Zbigniew Jędrzejewski-Szmek
98e9d71022 man: fix links to external man pages
linkchecker ftw!
2017-05-07 11:29:40 -04:00
James Cowgill
a3645cc6dd seccomp: add clone syscall definitions for mips (#5880)
Also updates the documentation and adds a mention of ppc64 support
which was enabled by #5325.

Tested on Debian mipsel and mips64el. The other 4 mips architectures
should have an identical user <-> kernel ABI to one of the 2 tested
systems.
2017-05-03 18:35:45 +02:00
Mark Stosberg
b8e485faf1 man: document how to include an equals sign in a value provided to Environment= (#5710)
It wasn't clear before how an equals sign in an "Environment=" value might be
handled. Ref:
http://stackoverflow.com/questions/43278883/how-to-write-systemd-environment-variables-value-which-contains/43280157
2017-04-11 23:19:06 +02:00
Torstein Husebø
6cf5a96489 man: fix typo (#5556) 2017-03-08 07:54:22 -05:00
Lennart Poettering
525872bfab man: document that ProtectKernelTunables= and ProtectControlGroups= implies MountAPIVFS=
See: #5384
2017-02-21 21:55:43 +01:00
AsciiWolf
28a0ad81ee man: use https:// in URLs 2017-02-21 16:28:04 +01:00
Lennart Poettering
0b8fab97cf man: improve documentation on seccomp regarding alternative ABIs
Let's clarify that RestrictAddressFamilies= and MemoryDenyWriteExecute=
are only fully effective if non-native system call architectures are
disabled, since they otherwise may be used to circumvent the filters, as
the filters aren't equally effective on all ABIs.

Fixes: #5277
2017-02-09 18:42:17 +01:00
Lennart Poettering
23deef88b9 Revert "core/execute: set HOME, USER also for root users"
This reverts commit 8b89628a10.

This broke #5246
2017-02-09 11:43:44 +01:00
Zbigniew Jędrzejewski-Szmek
fc6149a6ce Merge pull request #4962 from poettering/root-directory-2
Add new MountAPIVFS= boolean unit file setting + RootImage=
2017-02-08 23:05:05 -05:00
Zbigniew Jędrzejewski-Szmek
ef3116b5d4 man: add more commas for clarify and reword a few sentences 2017-02-08 22:53:16 -05:00
Lennart Poettering
ae9d60ce4e seccomp: on s390 the clone() parameters are reversed
Add a bit of code that tries to get the right parameter order in place
for some of the better known architectures, and skips
restrict_namespaces for other archs.

This also bypasses the test on archs where we don't know the right
order.

In this case I didn't bother with testing the case where no filter is
applied, since that is hopefully just an issue for now, as there's
nothing stopping us from supporting more archs, we just need to know
which order is right.

Fixes: #5241
2017-02-08 22:21:27 +01:00
Lennart Poettering
8a50cf6957 seccomp: MemoryDenyWriteExecute= should affect both mmap() and mmap2() (#5254)
On i386 we block the old mmap() call entirely, since we cannot properly
filter it. Thankfully it hasn't been used by glibc since quite some
time.

Fixes: #5240
2017-02-08 15:14:02 +01:00
Lennart Poettering
915e6d1676 core: add RootImage= setting for using a specific image file as root directory for a service
This is similar to RootDirectory= but mounts the root file system from a
block device or loopback file instead of another directory.

This reuses the image dissector code now used by nspawn and
gpt-auto-discovery.
2017-02-07 12:19:42 +01:00
Lennart Poettering
5d997827e2 core: add a per-unit setting MountAPIVFS= for mounting /dev, /proc, /sys in conjunction with RootDirectory=
This adds a boolean unit file setting MountAPIVFS=. If set, the three
main API VFS mounts will be mounted for the service. This only has an
effect on RootDirectory=, which it makes a ton times more useful.

(This is basically the /dev + /proc + /sys mounting code posted in the
original #4727, but rebased on current git, and with the automatic logic
replaced by explicit logic controlled by a unit file setting)
2017-02-07 11:22:05 +01:00