Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/man/systemd.exec.xml
Commit message (Expand)AuthorAgeFilesLines
* man: fix typos (#5109)Jakub Wilk2017-01-191-1/+1
* Merge pull request #4991 from poettering/seccomp-fixZbigniew Jędrzejewski-Szmek2017-01-171-0/+8
|\
| * seccomp: add two new filter sets: @reboot and @swapLennart Poettering2016-12-271-0/+8
* | Merge pull request #5009 from ian-kelling/ian-mnt-namespace-docZbigniew Jędrzejewski-Szmek2017-01-111-1/+5
|\ \
| * | man: document mount deletion between commandsIan Kelling2017-01-031-1/+5
* | | doc: MountFlags= don't reference container which may not exist (#5011)Ian Kelling2017-01-031-3/+3
* | | doc: correct "or" to "and" in MountFlags= description (#5010)Ian Kelling2017-01-031-1/+1
|/ /
* | Merge pull request #4994 from poettering/private-tmp-tmpfilesMartin Pitt2016-12-291-6/+9
|\ \
| * | core: implicitly order units with PrivateTmp= after systemd-tmpfiles-setup.se...Lennart Poettering2016-12-271-6/+9
| |/
* / man: add brief documentation for the (sd-pam) processes created due to PAMNam...Lennart Poettering2016-12-291-8/+11
|/
* core: add ability to define arbitrary bind mounts for servicesLennart Poettering2016-12-141-0/+25
* man: fix $SERVICE_RESULT/$EXIT_CODE/$EXIT_STATUS documentationJouke Witteveen2016-12-061-3/+12
* bus-util: add protocol error type explanationJouke Witteveen2016-11-291-3/+3
* man: document protocol error type for service failures (#4724)Jouke Witteveen2016-11-231-8/+9
* seccomp: add @filesystem syscall group (#4537)Lennart Poettering2016-11-211-0/+4
* namespace: simplify, optimize and extend handling of mounts for namespaceLennart Poettering2016-11-171-7/+13
* doc: move ProtectKernelModules= documentation near ProtectKernelTunalbes=Djalal Harouni2016-11-151-24/+24
* doc: note when no new privileges is impliedDjalal Harouni2016-11-151-8/+28
* core: add new RestrictNamespaces= unit file settingLennart Poettering2016-11-041-16/+34
* Merge pull request #4548 from keszybz/seccomp-helpZbigniew Jędrzejewski-Szmek2016-11-031-5/+11
|\
| * seccomp-util, analyze: export comments as a help stringZbigniew Jędrzejewski-Szmek2016-11-031-3/+3
| * analyze: add syscall-filter verbZbigniew Jędrzejewski-Szmek2016-11-031-2/+8
* | doc: clarify NoNewPrivileges (#4562)Kees Cook2016-11-031-4/+4
|/
* man: document that too strict system call filters may affect the service managerLennart Poettering2016-11-021-0/+8
* seccomp: add two new syscall groupsLennart Poettering2016-11-021-0/+8
* man: two minor fixesLennart Poettering2016-11-021-2/+2
* seccomp: include pipes and memfd in @ipcLennart Poettering2016-11-021-1/+1
* seccomp: drop execve() from @process listLennart Poettering2016-11-021-1/+1
* seccomp: add clock query and sleeping syscalls to "@default" groupLennart Poettering2016-11-021-24/+14
* seccomp: allow specifying arm64, mips, ppc (#4491)Zbigniew Jędrzejewski-Szmek2016-11-011-22/+19
* man: fix typos (#4527)Jakub Wilk2016-10-311-2/+2
* Merge pull request #4495 from topimiettinen/block-shmat-execDjalal Harouni2016-10-281-4/+7
|\
| * seccomp: also block shmat(..., SHM_EXEC) for MemoryDenyWriteExecuteTopi Miettinen2016-10-261-4/+7
* | man: document the default value of NoNewPrivileges=Zbigniew Jędrzejewski-Szmek2016-10-241-7/+16
|/
* man: document default for User=Lennart Poettering2016-10-201-2/+7
* core/exec: add a named-descriptor option ("fd") for streams (#4179)Luca Bruno2016-10-171-6/+40
* man: avoid abbreviated "cgroups" terminology (#4396)Lennart Poettering2016-10-171-2/+1
* man: add crosslink between systemd.resource-control(5) and systemd.exec(5)Zbigniew Jędrzejewski-Szmek2016-10-151-0/+5
* Merge pull request #4243 from endocode/djalal/sandbox-first-protection-kernel...Lennart Poettering2016-10-131-3/+26
|\
| * core:sandbox: lets make /lib/modules/ inaccessible on ProtectKernelModules=Djalal Harouni2016-10-121-1/+4
| * doc: minor hint about InaccessiblePaths= in regard of ProtectKernelTunables=Djalal Harouni2016-10-121-1/+4
| * core:sandbox: remove CAP_SYS_RAWIO on PrivateDevices=yesDjalal Harouni2016-10-121-2/+2
| * core:sandbox: Add ProtectKernelModules= optionDjalal Harouni2016-10-121-0/+17
* | man: typo fixesThomas Hindoe Paaboel Andersen2016-10-121-2/+2
|/
* Merge pull request #4348 from poettering/docfixesZbigniew Jędrzejewski-Szmek2016-10-111-2/+13
|\
| * man: beef up documentation on per-unit resource limits a bitLennart Poettering2016-10-111-2/+13
* | core: add "invocation ID" concept to service managerLennart Poettering2016-10-071-0/+10
|/
* seccomp: add support for the s390 architecture (#4287)hbrueckner2016-10-051-1/+2
* man: remove consecutive duplicate words (#4268)Stefan Schweter2016-10-031-1/+1
* core: Use @raw-io syscall group to filter I/O syscalls when PrivateDevices= i...Djalal Harouni2016-09-251-2/+4