summaryrefslogtreecommitdiff
path: root/units/systemd-journal-gatewayd.service.in
Commit message (Collapse)AuthorAge
* Revert "units: add SecureBits"Lennart Poettering2015-02-11
| | | | | | | | This reverts commit 6a716208b346b742053cfd01e76f76fb27c4ea47. Apparently this doesn't work. http://lists.freedesktop.org/archives/systemd-devel/2015-February/028212.html
* units: add SecureBitsTopi Miettinen2015-02-11
| | | | | | No setuid programs are expected to be executed, so add SecureBits=noroot noroot-locked to unit files.
* journal: bump RLIMIT_NOFILE when journal files to 16K (if possible)Lennart Poettering2015-01-08
| | | | | | | | | | | When there are a lot of split out journal files, we might run out of fds quicker then we want. Hence: bump RLIMIT_NOFILE to 16K if possible. Do these even for journalctl. On Fedora the soft RLIMIT_NOFILE is at 1K, the hard at 4K by default for normal user processes, this code hence bumps this up for users to 4K. https://bugzilla.redhat.com/show_bug.cgi?id=1179980
* core: rename ReadOnlySystem= to ProtectSystem= and add a third value for ↵Lennart Poettering2014-06-04
| | | | | | | | | | also mounting /etc read-only Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit. With this in place we now have two neat options ProtectSystem= and ProtectHome= for protecting the OS itself (and optionally its configuration), and for protecting the user's data.
* core: add new ReadOnlySystem= and ProtectedHome= settings for service unitsLennart Poettering2014-06-03
| | | | | | | | | | | | | | ReadOnlySystem= uses fs namespaces to mount /usr and /boot read-only for a service. ProtectedHome= uses fs namespaces to mount /home and /run/user inaccessible or read-only for a service. This patch also enables these settings for all our long-running services. Together they should be good building block for a minimal service sandbox, removing the ability for services to modify the operating system or access the user's private data.
* core: enable PrivateNetwork= for a number of our long running services where ↵Lennart Poettering2014-03-19
| | | | this is useful
* journal: make gatewayd run under its own user IDLennart Poettering2013-03-05
|
* journal: add minimal journal gateway daemon based on GNU libmicrohttpdLennart Poettering2012-09-28
This minimal HTTP server can serve journal data via HTTP. Its primary purpose is synchronization of journal data across the network. It serves journal data in three formats: text/plain: the text format known from /var/log/messages application/json: the journal entries formatted as JSON application/vnd.fdo.journal: the binary export format of the journal The HTTP server also serves a small HTML5 app that makes use of the JSON serialization to present the journal data to the user. Examples: This downloads the journal in text format: # systemctl start systemd-journal-gatewayd.service # wget http://localhost:19531/entries Same for JSON: # curl -H"Accept: application/json" http://localhost:19531/entries Access via web browser: $ firefox http://localhost:19531/
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-27 19:35:17 +0000