systemd - systemd

	Commit message (Collapse)	Author	Age	Files	Lines
*	load-fragment: allow MountImages= with paths starting with /dev	Topi Miettinen	2024-07-04	1	-5/+6
\| \| \| \| \| \| \|	For MountImages=, if the source is a block device, it will most likely reside in /dev. It should be also possible to mount a static device file system in place of (or part of) /dev. So let's allow paths starting with /dev as an exception for MountImages=.
*	parse-helpers: add new PATH_CHECK_NON_API_VFS flag	Lennart Poettering	2024-02-06	1	-6/+7
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	In various contexts it's a bit icky to allow paths below /proc/, /sys/, /dev/ i.e. file hierarchies where API VFS are placed. Let's add a new flag for path_simplify_and_warn() to check for this and refuse a path if in these paths. Enable this when parsing WorkingDirectory=. This is inspired by CVE-2024-21626, which uses trickery around the cwd and /proc/self/fd/. AFAICS we are not actually vulnerable to the same issue as explained in the CVE since we execute the WorkingDirectory= setting very late, i.e. long after we set up the new mount namespace. But let's filter out icky stuff better earlier than later, as extra safety precaution.
*	parse-helpers: indent according to coding style	Lennart Poettering	2024-02-06	1	-5/+5
\|
*	parse-helpers: Add PATH_KEEP_TRAILING_SLASH	Daan De Meyer	2023-08-17	1	-3/+4
\|
*	journal-remote: sync TrustedCertificateFile= parsing with journal-upload	Frantisek Sumsal	2023-06-19	1	-0/+12
\| \| \| \| \|	So we can use TrustedCertificateFile=- to disable certificate checking for both utilities.
*	Merge parse-socket-bind-item.? into parse-helpers.?	Zbigniew Jędrzejewski-Szmek	2022-04-07	1	-0/+9
\| \| \| \| \| \| \|	That file only exported one function, and it fits nicely within the scope of "parse helpers". Let's move it there to reduce the file count a bit. No functional change.
*	Move path_simplify_and_warn() to new shared/parse-helpers.c	Zbigniew Jędrzejewski-Szmek	2022-04-07	1	-0/+16
	This is a high-level function, and it belongs in libsystemd-shared. This way we don't end up linking a separate copy into various binaries. It would even end up in libsystemd, where it is not needed. (Maybe it'd be removed in some optimization phase, but it's better to not rely on that.) $ grep -l -r -a 'path is not absolute%s' build/ build/libnss_systemd.so.2 build/pam_systemd_home.so build/test-dlopen build/src/basic/libbasic.a.p/path-util.c.o build/src/basic/libbasic.a build/src/shared/libsystemd-shared-249.so build/test-bus-error build/libnss_mymachines.so.2 build/pam_systemd.so build/libnss_resolve.so.2 build/libnss_myhostname.so.2 build/libsystemd.so.0.32.0 build/libudev.so.1.7.2 $ grep -l -r -a 'path is not absolute%s' build/ build/src/shared/libsystemd-shared-251.a.p/parse-helpers.c.o build/src/shared/libsystemd-shared-251.a build/src/shared/libsystemd-shared-251.so No functional change.