summaryrefslogtreecommitdiffstats
path: root/src/analyze/analyze-security.c (follow)
Commit message (Expand)AuthorAgeFilesLines
* analyze-security: use FOREACH_ARRAYMike Yuan2024-03-231-3/+2
* systemd-analyze: use strdup_to()Zbigniew Jędrzejewski-Szmek2024-03-201-54/+44
* tree-wide: drop several doubled spaceYu Watanabe2023-12-241-5/+5
* analyze: set SYSTEMD_UNIT_PATH in verify_generate_path()Yu Watanabe2023-11-231-6/+2
* analyze: don't open systemd-executor needlesslyMike Yuan2023-11-231-0/+1
* analyze: handle CAP_BPF supportPeter Hutterer2023-11-011-0/+11
* cgroup: turn device cgroup controller "rwm" strings into proper flagsLennart Poettering2023-10-181-2/+2
* tree-wide: don't ifdef seccomp-util.h, drop seccomp.h inclusion everywhereLennart Poettering2023-08-211-3/+1
* various: use RET_GATHERZbigniew Jędrzejewski-Szmek2023-07-131-9/+4
* tree-wide: use _cleanup_set_free_ and friendsYu Watanabe2023-05-311-1/+1
* copy: Move chattr arguments to full function signaturesDaan De Meyer2023-03-211-1/+1
* basic: add RuntimeScope enumLennart Poettering2023-03-101-24/+26
* nulstr-util: Declare NULSTR_FOREACH() iterator inlineDaan De Meyer2022-11-111-2/+0
* tree-wide: use ASSERT_PTR moreDavid Tardon2022-09-131-8/+4
* analyze: Migrate to bus-locator.hRichard Phibel2022-08-041-4/+3
* analyze-security: always save syscall nameYu Watanabe2022-06-171-17/+22
* analyze security: print DeviceAllow listLuca Boccassi2022-05-011-8/+20
* analyze: fix crash with online security checkLuca Boccassi2022-05-011-7/+13
* analyze: fix offline check for syscal filterLuca Boccassi2022-04-011-1/+1
* analyze: fix offline check for 'native' syscall architectureLuca Boccassi2022-04-011-4/+7
* Rename UnitFileScope to LookupScopeZbigniew Jędrzejewski-Szmek2022-03-291-2/+2
* strv: make iterator in STRV_FOREACH() declaread in the loopYu Watanabe2022-03-191-6/+1
* analyze: systematically name verb entry point functions verb_xyz()Lennart Poettering2022-02-211-1/+1
* analyze: fully move "security" verb to analyze-security.[ch]Lennart Poettering2022-02-211-1/+52
* glyph-util: add new glyphs for up/down arrowsLennart Poettering2022-02-161-1/+1
* analyze: do not connect to DBUS with --offlineLuca Boccassi2021-12-231-1/+1
* analyze: add --profile switch to security verbLuca Boccassi2021-11-261-1/+39
* analyze: allow a custom policy to skip a check with weight=0Luca Boccassi2021-11-051-0/+5
* core: replace IPAddressAccessItem with struct in_addr_prefixYu Watanabe2021-09-141-4/+4
* analyze: ignore dependencies with security --offlineLuca Boccassi2021-09-081-0/+1
* systemd-analyze: add new option to generate JSON output of security analysis ...Maanya Goenka2021-09-061-34/+64
* systemd-analyze: use config value in RestrictNamespaces id (#20645)Kyle Laker2021-09-061-14/+14
* tree-wide: fix typoYu Watanabe2021-09-051-1/+1
* systemd-analyze: allow parsing of JSON file to obtain custom security require...Maanya Goenka2021-08-311-21/+221
* systemd-analyze: add new 'security' option to allow user to choose custom req...Maanya Goenka2021-08-311-2/+10
* systemd-analyze: add new 'security' option to compare unit's overall exposure...Maanya Goenka2021-08-201-11/+19
* systemd-analyze: 'security' option to perform offline reviews of the specifie...Maanya Goenka2021-08-201-1/+91
* systemd-analyze: refactor security_info to make use of existing struct variablesMaanya Goenka2021-08-201-122/+410
* systemd-analyze: parse ip_filters_custom_egress correctlyMaanya Goenka2021-08-121-1/+1
* tree-wide: do not use (void) asprintfZbigniew Jędrzejewski-Szmek2021-07-091-15/+15
* alloc-util: simplify GREEDY_REALLOC() logic by relying on malloc_usable_size()Lennart Poettering2021-05-191-2/+2
* table: drop last SIZE_MAX from table_set_sort() and table_set_display()Yu Watanabe2021-03-041-2/+2
* analyze: slightly reword PrivatTmp= messageLennart Poettering2021-02-101-1/+1
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
* tree-wide: assorted coccinelle fixesFrantisek Sumsal2020-10-091-4/+4
* analyze-security: check for ProtectProc=/ProcSubset=Lennart Poettering2020-08-241-0/+62
* analyze-security: include an actual syscall name in the messageZbigniew Jędrzejewski-Szmek2020-08-171-12/+21
* analyze-security: do not assign badness to filtered-out syscallsZbigniew Jędrzejewski-Szmek2020-08-011-1/+1
* analyze: CAP_RAWIO -> CAP_SYS_RAWIOAnita Zhang2020-07-161-1/+1
* shared: split out code that maps properties to local structsLennart Poettering2020-06-301-0/+1
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 08:44:21 +0100