projects / project / procd.git / search
? search:
summary | shortlog | log | commit | commitdiff | tree
first ⋅ prev ⋅ next
jail: add support for cgroup devices as in OCI run-time spec
2021-07-10 Daniel Gollejail: add support for cgroup devices as in OCI run...
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2021-05-05 Gaurav Pathakprocd: Use /dev/console for serial console if exists
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2021-03-21 Gaurav Pathakprocd: Adding support to detect Pantavisor Container...
commit | commitdiff | tree
2021-03-19 Daniel Golletrace: fix build on aarch64
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2021-03-19 Daniel Gollejail/seccomp: add support for aarch64
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2021-03-07 Mathew McBrideinittab: detect active console from kernel if no console...
commit | commitdiff | tree
2021-03-07 Daniel Golleutils: fix C style in header file
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2021-03-02 Rosen Penevprocd: fix compilation with newer musl
 commit | commitdiff | tree
2021-02-23 Daniel Gollesystem: expose if system was booted from initramfs
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2021-02-13 Daniel Gollecosmetics: provide compatible system info on Aarch64
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2021-02-07 Daniel Golleprocd: add hotplug-call dispatcher
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2021-02-02 Daniel Gollejail: cgroups: fix uninitialized variable
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2021-02-02 Daniel Gollejail: only output BPF instr. table header if debugging
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2021-02-02 Daniel Gollejail: remove duplicate check for hook file permissions
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-12-12 Daniel Golletreewide: replace local mkdir_p implementations
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-12-09 Daniel Gollejail: remove unreachable code
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-12-04 Daniel Golleearly: fall-back to run ubus as root if user can't...
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-12-01 Daniel Gollejail: improve seccomp log output
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-30 Daniel Gollejail: seccomp: improve code readability
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-30 Daniel Gollejail: always call cgroups_free()
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-30 Daniel Gollejail: improve seccomp BPF generator
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-27 Daniel Gollejail: properly initialize timens_fd
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-27 Daniel Gollejail: enter existing cgroups namespace if given
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-27 Daniel Gollejail: don't attempt to mount /sys with noatime
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-27 Daniel Gollejail: fix typo in usage output
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-27 Daniel Gollejail: seteuid before clone(CLONE_NEWUSER)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-27 Daniel Gollejail: don't fail if can't mount-bind /etc/resolv.conf
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-27 Daniel Gollejail: don't use NULL arguments for mount syscall
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-27 Daniel Gollejail: relax /etc/resolv.conf creation
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-27 Daniel Gollejail: fix and simplify userns uid/gid maps from OCI
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-27 Daniel Gollejail: fix segfault on missing name and refactor
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-27 Daniel Gollejail: leak less memory
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-22 Daniel Gollejail: add 'debug' extern variable to preload_seccomp
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-22 Daniel Golleuxc: also delete procd runtime state on 'delete'
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-22 Daniel Golleuxc: fix incomplete commit
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-21 Daniel Gollejail: cgroup hack: rewrite cgroup -> cgroup2
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-21 Daniel Golleseccomp: silence 'unknown syscall' warnings
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-21 Daniel Golleuxc: make force-delete kill container process
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-17 Daniel Golletrace: switch to OCI seccomp JSON output
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-15 Daniel Golleseccomp: switch to new OCI compliant parser
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-15 Daniel Golleseccomp: specifying architectures is optional
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-11-07 Daniel Gollejail: fix capabilities
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-28 Daniel Golleuxc: mimic runc cmdline by using getopt_long
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-28 Daniel Gollejail: don't fail if maskedPath cannot be found
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-28 Daniel Gollejail: add support for absolute root path in OCI spec
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-28 Daniel Gollejail: relax seccomp unknown syscall handling
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-28 Daniel Gollejail: handle mount propagation flags
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-28 Daniel Gollejail: add option for pidfile
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-28 Daniel Gollejail: guard boolean blobmsg attributes
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-23 Daniel Golleujail: elf: work around GCC bug on MIPS64
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-22 Daniel Gollejail: mount more stuff read-only
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-21 Daniel Gollejail: capabilities: apply in two phases
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-19 Daniel Gollejail: nuke old capabilities code in favour of reusing...
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-19 Daniel Golleinstance: actually wire up capabilities filename
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-19 Daniel Gollejail: adapt to new ubus socket path
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-10-19 Daniel Golleearly: run ubusd non-root as user ubus, group ubus
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-08-13 Daniel Gollecgroups: memory controller fixes
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-08-13 Daniel Gollecgroups: restrict allowed keys in 'unified' section
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-08-10 Thomas Petazzoniinitd/init: add minimal SELinux policy loading support
 commit | commitdiff | tree
2020-08-06 Daniel Gollejail: fix freeing cgroups avl
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-08-06 Daniel Gollejail: only free cgroups if they were allocated
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-08-06 Daniel Gollejail: parse OCI cgroups resources
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-08-06 Daniel Golleinstance: add instances into unified cgroup hierarchy
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-08-06 Daniel Gollejail: make use of BLOBMSG_CAST_INT64 for OCI rlimits
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-08-06 Daniel Gollejail: use pidns semantics also for timens
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-08-06 Daniel Golleinitd: attempt to mount cgroup2
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-30 Daniel Golleservice: add method to query available container features
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-30 Daniel Golleuxc: remove debugging left-over
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-30 Daniel Golleinstance: make sure values are not inherited from previous...
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-29 Daniel Golleuxc: use new container.%s kill ubus API
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-29 Daniel Gollejail: add 'kill' method to container.%s object
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-29 Daniel Golleuxc: fix create operation
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-28 Daniel Golleuxc: behave more like a compliant OCI run-time
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-28 Daniel Gollejail: add some remaining OCI features
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-25 Daniel Gollejail: serialize hook execution
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-25 Daniel Gollejail: fix build on glibc and uclibc
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-21 Daniel Gollejail: add support for referencing existing namespaces
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-20 Rosen Penevjail: fix wrong format for 32-bit
 commit | commitdiff | tree
2020-07-20 Rosen PenevrcS: cast format string to int64_t
 commit | commitdiff | tree
2020-07-20 Daniel Gollejail: re-implement /proc/sys/net read-write in netns...
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-20 Daniel Gollejail: refactor default mounts into new structure
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-20 Daniel Gollejail: actually apply filesystem-specific mount options
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-20 Daniel Gollejail: add support for defining devices
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-20 Daniel Gollejail: move /tmp/resolv.conf.d to /dev/resolv.conf.d
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-19 Daniel Gollejail: /proc/$pid/oom_score_adj to OCI defined oomScoreAdj
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-19 Daniel Gollejail: parse and apply POSIX rlimits
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-19 Daniel Gollejail: read and apply umask from OCI if defined
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-19 Daniel Gollejail: implement OCI user additionalGIDs
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-19 Daniel Gollejail: parse and apply OCI sysctl values
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-19 Daniel Gollejail: fix hooks
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-17 Daniel Gollejail: add support for maskedPaths and readonlyPaths
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-16 Daniel Gollejail: fix some more mount options
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-15 Daniel Gollejail: fs: fix build on uClibc-ng
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-15 Daniel Golleprocd: fix compile if procd-ujail is not selected
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-13 Daniel Gollejail: fix false return in case of nofail mount
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-13 Daniel Baileyprocd: add service instance watchdog
 commit | commitdiff | tree
2020-07-13 Daniel Golleuxc: fix build with uClibc-ng
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-13 Daniel Golleuxc: fix 'stop' command
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-13 Daniel Gollejail: don't make mount source read-only
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
2020-07-13 Daniel Gollejail: refactor mount support to cover OCI spec
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 commit | commitdiff | tree
next
OpenWrt service / process manager