system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-09-06 08:46:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
42817 commits 4 branches 388 tags 532 MiB
C 89%
Python 5.3%
Shell 4.3%
Meson 1.2%
Find a file
Iain Lane 625077264b units: Split modprobing out into a separate service unit 
Devices referred to by `DeviceAllow=` sandboxing are resolved into their
corresponding major numbers when the unit is loaded by looking at
`/proc/devices`. If a reference is made to a device which is not yet
available, the `DeviceAllow` is ignored and the unit's processes cannot
access that device.

In both logind and nspawn, we have `DeviceAllow=` lines, and `modprobe`
in `ExecStartPre=` to load some kernel modules. Those kernel modules
cause device nodes to become available when they are loaded: the device
nodes may not exist when the unit itself is loaded. This means that the
unit's processes will not be able to access the device since the
`DeviceAllow=` will have been resolved earlier and denied it.

One way to fix this would be to re-evaluate the available devices and
re-apply the policy to the cgroup, but this cannot work atomically on
cgroupsv1. So we fall back to a second approach: instead of running
`modprobe` via `ExecStartPre`, we move this out to a separate unit and
order it before the units which want the module.

Closes #14322.
Fixes: #13943.
2020-01-07 18:37:30 +01:00
.github
.lgtm/cpp-queries
.mkosi
catalog
coccinelle
docs
factory/etc
hwdb.d hwdb: Lenovo T490 Synaptics Touchpad hwdb entry 2020-01-03 09:57:07 +01:00
man man: drop unnecessary white space 2020-01-07 13:25:13 +01:00
modprobe.d
network
po Update Galician translations 2020-01-02 13:36:04 +01:00
presets
rules.d
semaphoreci
shell-completion
src udev: do not use exact match of file permission 2020-01-07 15:16:52 +01:00
sysctl.d
sysusers.d
test test: use symlinks for Makefiles 2020-01-03 21:36:58 +01:00
tmpfiles.d
tools
travis-ci
units units: Split modprobing out into a separate service unit 2020-01-07 18:37:30 +01:00
xorg
.ctags
.dir-locals.el
.editorconfig
.gitattributes
.gitignore
.lgtm.yml
.mailmap
.travis.yml travis: add missing closing quote sign 2019-11-24 13:15:20 +03:00
.vimrc
.ycm_extra_conf.py
azure-pipelines.yml
configure
fuzzbuzz.yaml
LICENSE.GPL2
LICENSE.LGPL2.1
Makefile
meson.build cryptsetup: add native pkcs#11 support to cryptsetup 2019-12-09 19:25:25 +01:00
meson_options.txt
mkosi.build
mkosi.default
NEWS
README
README.md
TODO systemctl: show 'VENDOR PRESET' column in 'list-unit-files' 2020-01-02 15:35:40 +01:00
zanata.xml

README.md

Systemd

System and Service Manager

Count of open issues over time Count of open pull requests over time Semaphore CI Build Status
Coverity Scan Status
Fuzzit Status
OSS-Fuzz Status
CII Best Practices
Travis CI Build Status
Language Grade: C/C++
CentOS CI Build Status
Build Status

Details

General information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.

Stable branches with backported patches are available in the stable repo.