1. 04 Sep, 2014 1 commit
  2. 11 Jul, 2014 1 commit
  3. 27 Apr, 2014 1 commit
  4. 26 Apr, 2014 3 commits
  5. 09 Mar, 2013 1 commit
  6. 07 Mar, 2013 1 commit
    • Nathaniel Chen's avatar
      core: mount and initialize Smack · ffbd2c4d
      Nathaniel Chen authored
      SMACK is the Simple Mandatory Access Control Kernel, a minimal
      approach to Access Control implemented as a kernel LSM.
      
      The kernel exposes the smackfs filesystem API through which access
      rules can be loaded. At boot time, we want to load the access rules
      as early as possible to ensure all early boot steps are checked by Smack.
      
      This patch mounts smackfs at the new location at /sys/fs/smackfs for
      kernels 3.8 and above. The /smack mountpoint is not supported.
      After mounting smackfs, rules are loaded from the usual location.
      
      For more information about Smack see:
        http://www.kernel.org/doc/Documentation/security/Smack.txt
      ffbd2c4d
  7. 06 Mar, 2013 3 commits
  8. 05 Mar, 2013 4 commits
    • Michael Biebl's avatar
      Fix typos · 1a9ce3f7
      Michael Biebl authored
      1a9ce3f7
    • Lennart Poettering's avatar
      37495eed
    • Kay Sievers's avatar
      README: add udev goups · 37c0e8f3
      Kay Sievers authored
      37c0e8f3
    • Lennart Poettering's avatar
      journald: introduce new "systemd-journal" group and make it own the journal files · a24c64f0
      Lennart Poettering authored
      Previously all journal files were owned by "adm". In order to allow
      specific users to read the journal files without granting it access to
      the full "adm" powers, introduce a new specific group for this.
      
      "systemd-journal" has to be created by the packaging scripts manually at
      installation time. It's a good idea to assign a static UID/GID to this
      group, since /var/log/journal might be shared across machines via NFS.
      
      This commit also grants read access to the journal files by default to
      members of the "wheel" and "adm" groups via file system ACLs, since
      these "almost-root" groups should be able to see what's going on on the
      system. These ACLs are created by "make install". Packagers probably
      need to duplicate this logic in their postinst scripts.
      
      This also adds documentation how to grant access to the journal to
      additional users or groups via fs ACLs.
      a24c64f0
  9. 04 Mar, 2013 1 commit
  10. 22 Feb, 2013 1 commit
  11. 16 Feb, 2013 1 commit
  12. 13 Feb, 2013 1 commit
  13. 24 Jan, 2013 1 commit
  14. 25 Nov, 2012 2 commits
  15. 20 Nov, 2012 1 commit
  16. 14 Nov, 2012 1 commit
  17. 05 Nov, 2012 1 commit
  18. 16 Oct, 2012 1 commit
  19. 13 Oct, 2012 1 commit
  20. 08 Oct, 2012 1 commit
  21. 27 Sep, 2012 1 commit
    • Lennart Poettering's avatar
      journal: add minimal journal gateway daemon based on GNU libmicrohttpd · 7b17a7d7
      Lennart Poettering authored
      This minimal HTTP server can serve journal data via HTTP. Its primary
      purpose is synchronization of journal data across the network. It serves
      journal data in three formats:
      
             text/plain: the text format known from /var/log/messages
             application/json: the journal entries formatted as JSON
             application/vnd.fdo.journal: the binary export format of the journal
      
      The HTTP server also serves a small HTML5 app that makes use of the JSON
      serialization to present the journal data to the user.
      
      Examples:
      
      This downloads the journal in text format:
      
       # systemctl start systemd-journal-gatewayd.service
       # wget http://localhost:19531/entries
      
      Same for JSON:
      
       # curl -H"Accept: application/json" http://localhost:19531/entries
      
      Access via web browser:
      
       $ firefox http://localhost:19531/
      7b17a7d7
  22. 20 Aug, 2012 1 commit
  23. 30 Jul, 2012 1 commit
  24. 16 Jul, 2012 1 commit
  25. 07 Jun, 2012 1 commit
  26. 14 Apr, 2012 1 commit
  27. 11 Apr, 2012 1 commit
    • Lennart Poettering's avatar
      relicense to LGPLv2.1 (with exceptions) · 5430f7f2
      Lennart Poettering authored
      We finally got the OK from all contributors with non-trivial commits to
      relicense systemd from GPL2+ to LGPL2.1+.
      
      Some udev bits continue to be GPL2+ for now, but we are looking into
      relicensing them too, to allow free copy/paste of all code within
      systemd.
      
      The bits that used to be MIT continue to be MIT.
      
      The big benefit of the relicensing is that closed source code may now
      link against libsystemd-login.so and friends.
      5430f7f2
  28. 20 Mar, 2012 1 commit
  29. 25 Jan, 2012 1 commit
  30. 22 Jan, 2012 1 commit
  31. 05 Jan, 2012 1 commit
  32. 28 Dec, 2011 1 commit