summaryrefslogtreecommitdiff
path: root/units/systemd-timesyncd.service.in
Commit message (Collapse)AuthorAge
* timesyncd: do not start in virtualized environmentsKay Sievers2014-06-17
|
* units: minor cleanupsLennart Poettering2014-06-17
|
* units: rebuild /etc/passwd, the udev hwdb and the journal catalog files on bootLennart Poettering2014-06-13
| | | | | Only when necessary of course, nicely guarded with the new ConditionNeedsUpdate= condition we added.
* units: pull in time-sync.target from systemd-timedated.serviceLennart Poettering2014-06-06
| | | | | After all, that's what we document for time-sync.target in systemd.special(5), hence let's follow our own suggestion.
* core: rename ReadOnlySystem= to ProtectSystem= and add a third value for ↵Lennart Poettering2014-06-04
| | | | | | | | | | also mounting /etc read-only Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit. With this in place we now have two neat options ProtectSystem= and ProtectHome= for protecting the OS itself (and optionally its configuration), and for protecting the user's data.
* core: add new ReadOnlySystem= and ProtectedHome= settings for service unitsLennart Poettering2014-06-03
| | | | | | | | | | | | | | ReadOnlySystem= uses fs namespaces to mount /usr and /boot read-only for a service. ProtectedHome= uses fs namespaces to mount /home and /run/user inaccessible or read-only for a service. This patch also enables these settings for all our long-running services. Together they should be good building block for a minimal service sandbox, removing the ability for services to modify the operating system or access the user's private data.
* timesyncd: only update stamp file when we are synchronizedKay Sievers2014-05-24
| | | | | | | | Create initial stamp file with compiled-in time to prevent bootups with clocks in the future from storing invalid timestamps. At shutdown, only update the timestamp if we got an authoritative time to store.
* timesyncd: order after tmpfiles to get a working network monitorKay Sievers2014-05-22
|
* timesyncd: save clock to disk everytime we get an NTP fix, and bump clock at ↵Lennart Poettering2014-05-21
| | | | | | | | | | | | | | | | boot using this This is useful to make sure the system clock stays monotonic even on systems that lack an RTC. Also, why we are at it, also use the systemd release time for bumping the clock, since it's a slightly less bad than starting with jan 1st, 1970. This also moves timesyncd into the early bootphase, in order to make sure this initial bump is guaranteed to have finished by the time we start real daemons which might write to the file systemd and thus shouldn't leave 1970's timestamps all over the place...
* timesyncd: enable watchdog supportLennart Poettering2014-05-18
|
* timesyncd: run timesyncd as unpriviliged user "systemd-timesync" (but still ↵Lennart Poettering2014-05-18
| | | | with CAP_SYS_TIME)
* timesyncd: limit capabilities to CAP_SYS_TIMELennart Poettering2014-05-15
|
* timesyncd: start after networkdTom Gundersen2014-05-13
| | | | This is needed for the network monitor to work (as it requires networkd to set up the correct directories first).
* timesyncd: add unit and man pageKay Sievers2014-04-29
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-16 04:02:14 +0000