[systemd-commits] 3 commits - TODO units/systemd-logind.service.in units/systemd-machined.service.in

Lennart Poettering lennart at kemper.freedesktop.org
Thu Jul 18 18:49:35 PDT 2013 

 TODO                              |    7 ++++---
 units/systemd-logind.service.in   |    1 +
 units/systemd-machined.service.in |    3 ++-
 3 files changed, 7 insertions(+), 4 deletions(-)

New commits:
commit bc5cb1d525461c75e69ce1f82a52e223309cca7c
Author: Lennart Poettering <lennart at poettering.net>
Date:   Fri Jul 19 03:49:24 2013 +0200

    machined: run machined at minimal capabilities

diff --git a/units/systemd-machined.service.in b/units/systemd-machined.service.in
index 87a81b9..26bfe03 100644
--- a/units/systemd-machined.service.in
+++ b/units/systemd-machined.service.in
@@ -17,3 +17,4 @@ ExecStart=@rootlibexecdir@/systemd-machined
 Restart=always
 RestartSec=0
 BusName=org.freedesktop.machine1
+CapabilityBoundingSet=CAP_KILL

commit 085b90af43fefd9ed195902c4b55f1da3c568554
Author: Lennart Poettering <lennart at poettering.net>
Date:   Fri Jul 19 03:49:07 2013 +0200

    units: add references to bus API documentation to logind+machined

diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in
index c4611e8..6b68717 100644
--- a/units/systemd-logind.service.in
+++ b/units/systemd-logind.service.in
@@ -8,6 +8,7 @@
 [Unit]
 Description=Login Service
 Documentation=man:systemd-logind.service(8) man:logind.conf(5)
+Documentation=http://www.freedesktop.org/wiki/Software/systemd/logind
 Documentation=http://www.freedesktop.org/wiki/Software/systemd/multiseat
 Wants=user.slice
 After=nss-user-lookup.target user.slice
diff --git a/units/systemd-machined.service.in b/units/systemd-machined.service.in
index 334c622..87a81b9 100644
--- a/units/systemd-machined.service.in
+++ b/units/systemd-machined.service.in
@@ -8,7 +8,7 @@
 [Unit]
 Description=Virtual Machine and Container Registration Service
 Documentation=man:systemd-machined.service(8)
-Documentation=http://www.freedesktop.org/wiki/Software/systemd/machines
+Documentation=http://www.freedesktop.org/wiki/Software/systemd/machined
 Wants=machine.slice
 After=machine.slice
 

commit e1b7e7ec9b34ae6ae54a4c8084395cbf2bfe9960
Author: Lennart Poettering <lennart at poettering.net>
Date:   Fri Jul 19 03:48:23 2013 +0200

    update TODO

diff --git a/TODO b/TODO
index 5ac8d81..a8a97bb 100644
--- a/TODO
+++ b/TODO
@@ -57,13 +57,16 @@ CGroup Rework Completion:
 
 Features:
 
+* given that logind/machined now let PID 1 do all nasty work we can
+  probably reduce the capability set they retain substantially.
+
 * btfs raid assembly: some .device jobs stay stuck in the queue
 
 * Fedora: add an rpmlint check that verifies that all unit files in the RPM are listed in %systemd_post macros.
 
 * Fedora: post FPC ticket to move add %tmpfiles_create to the packaging guidelines
 
-* add rpm macros for applying tmpfiles --create after package installation
+* make sure gdm doesn't use multi-user-x but the new default X configuration file, and then remove multi-user-x from systemd
 
 * when parsing calendar timestamps support the UTC timezone (even if we won't support arbitrary timezone specs, support UTC itself certainly makes sense), also support syntaxes such as +0200
 
@@ -83,8 +86,6 @@ Features:
 
 * do we really need both hasprefix() and startswith()?
 
-* when a kernel driver logs in a tight loop we should ratelimit that too.
-
 * journald: when we drop syslog messages because the syslog socket is
   full, make sure to write how many messages are lost as first thing
   to syslog when it works again.

More information about the systemd-commits mailing list