dasharo/systemd
0
0
Fork 0
mirror of https://github.com/Dasharo/systemd.git synced 2026-03-06 15:02:31 -08:00
Code Issues Packages Projects Releases Wiki Activity
72,610 Commits 1 Branch 0 Tags
e12e16e9f736f87142995bd259efcf75995f2960
Commit Graph

8574 Commits

Author SHA1 Message Date
Yu Watanabe
e12e16e9f7 network-generator: also copy drop-ins for networkd.conf from credential 
Follow-up for 1a30285590.
 2024-04-16 12:45:08 +09:00
Yu Watanabe
5700e755a9 units: introduce systemd-udev-load-credentials.service 2024-04-16 09:45:43 +09:00
Yu Watanabe
51be364bbb udevadm-control: add --load-credentials option 
When specified, credentials udev.conf.* and udev.rules.* are copied to
the corresponding directories.
 2024-04-16 09:45:25 +09:00
Sam Leonard
9bfabe14e5 man: fix incorrect XML in man page 2024-04-15 10:40:11 +02:00
Yu Watanabe
14f3bdaa73 Merge pull request #32271 from YHNdnzj/arch-man 
Fixes for links to man projects
 2024-04-15 14:35:04 +09:00
Kristian Klausen
254e1aa707 vmspawn: Fix incorrect/broken links in the man page 2024-04-15 14:33:33 +09:00
Mike Yuan
e561037517 man/sd-journal: correct project name for man7 
Follow-up for 5aa8180392
 2024-04-14 23:46:54 +08:00
Mike Yuan
311f4b8f6a man: switch wireguard man project to man7 2024-04-14 23:41:34 +08:00
Mike Yuan
41fead40e6 man/custom-html: update link to Arch manual 2024-04-14 23:38:38 +08:00
Yu Watanabe
ae9fd433d6 Merge pull request #32194 from henryli001/lihl/add-defaultUseDomains-config 
network: add mechanism to configure default UseDomains= setting
 2024-04-14 13:40:06 +09:00
Henry Li
fb57300743 network: add mechanism to configure default UseDomains= setting, update man page and add test 2024-04-13 16:54:31 -07:00
Ole Peder Brandtzæg
712514416e man: remove PrivateMounts= from list of other settings in its own description 
The diff looks bigger, but that's only because it seemed fitting to
reformat the paragraph now that the list is shorter.
 2024-04-14 08:04:12 +09:00
Sam Leonard
edd85c8414 vmspawn: add --discard-disk= to control handling of disk discard requests 
Fixes issue #32024, using --discard-disk=yes will enable handling of disk
discarding requests, saving space for long running VMs as desired.
 2024-04-12 20:32:38 +02:00
Ludwig Nussel
aadbe55925 creds: allow null when decrypting 
pcrlock writes a credential file using null key. Make sure systemd-creds
can show the file
 2024-04-11 12:15:32 +01:00
Pablo Méndez Hernández
ffd0cca34a man/journald: Add missing configuration files 
The man page was missing:

-  `/run/systemd/journald.conf`
-  `/usr/lib/systemd/journald.conf`

as valid configuration files.

Fixes: https://github.com/systemd/systemd/issues/32199
 2024-04-10 20:15:17 +08:00
Luca Boccassi
0f0d001254 Merge pull request #32104 from yuwata/network-ndisc-redirect 
network/ndisc: add support for Redirect message
 2024-04-08 20:03:32 +01:00
Luca Boccassi
b1b5d7e4bf Merge pull request #32140 from YHNdnzj/socket-per-peer-source 
Minor tweaks to socket manual & shorten the code a bit
 2024-04-08 10:38:07 +01:00
Mike Yuan
6b014a2ac4 man/systemd.socket: be explicit that MaxConnectionsPerSource=0 means disabled 2024-04-08 01:49:49 +08:00
Lennart Poettering
0af7e29434 nspawn: make nspawn work without privileges 2024-04-06 16:08:24 +02:00
Lennart Poettering
702a52f4b5 mountfsd: add new systemd-mountfsd component 2024-04-06 16:08:24 +02:00
Lennart Poettering
8aee931e7a nsresourced: add new daemon for granting clients user namespaces and assigning resources to them 
This adds a small, socket-activated Varlink daemon that can delegate UID
ranges for user namespaces to clients asking for it.

The primary call is AllocateUserRange() where the user passes in an
uninitialized userns fd, which is then set up.

There are other calls that allow assigning a mount fd to a userns
allocated that way, to set up permissions for a cgroup subtree, and to
allocate a veth for such a user namespace.

Since the UID assignments are supposed to be transitive, i.e. not
permanent, care is taken to ensure that users cannot create inodes owned
by these UIDs, so that persistancy cannot be acquired. This is
implemented via a BPF-LSM module that ensures that any member of a
userns allocated that way cannot create files unless the mount it
operates on is owned by the userns itself, or is explicitly
allowelisted.

BPF LSM program with contributions from Alexei Starovoitov.
 2024-04-06 16:08:24 +02:00
Vito Caputo
a7d8cacce0 man: fix typo s/veno/reno/ 2024-04-06 07:12:33 +02:00
Mike Yuan
36b21fac8f sleep: rename SleepMemMode= to MemorySleepMode= 
Addresses https://github.com/systemd/systemd/pull/31986#discussion_r1554053623
 2024-04-06 02:16:54 +08:00
Yu Watanabe
6df0059441 network/ndisc: add basic support for Redirect message 
Closes #31438.
 2024-04-05 05:57:54 +09:00
Mike Yuan
05d2a63139 man/kernel-command-line: document resume_offset= too 2024-04-05 03:03:09 +08:00