dilim/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2026-06-30 19:57:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
90,089 Commits 8 Branches 456 Tags
a38b4c39ffb290517b97f3add8f383078b921bd1
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Shihao Ren a38b4c39ff analyze: don't treat user-scope services as running as root in security 
`systemd-analyze security --user foo.service` currently flags units
without `User=` as running as root. For user manager instances this is
impossible: per systemd.exec(5), switching user identity is not
permitted there, so the service always runs under the calling user's
UID.

Track the runtime scope inside SecurityInfo and short-circuit
security_info_runs_privileged() and assess_user() for
RUNTIME_SCOPE_USER, so that User=/DynamicUser=, SupplementaryGroups=
and RemoveIPC= are no longer marked as if the service ran as root in
both the bus-backed and --offline paths.

Fixes #40292

Signed-off-by: Shihao Ren <renshihao.rsh@bytedance.com>
2026-06-26 02:42:24 +09:00
.clusterfuzzlite
.github
mkosi: update mkosi ref to f7762b71437227922a367bb89597843c77494ef9
2026-06-25 15:25:36 +02:00
.obs
obs: prepare ParticleOS images in workflow
2026-06-16 11:08:45 +01:00
.semaphore
semaphore: stop deleting all apt sources
2026-05-04 16:50:05 +01:00
catalog
journal: add catalog message for missing dlopen dep
2026-06-22 10:54:49 +01:00
coccinelle
tree-wide: standardize header names across src/fundamental, src/basic and src/shared
2026-05-21 10:33:03 +09:00
docs
sysupdate: notify hook subscribers after a successful update
2026-06-24 13:05:33 +02:00
factory
factory: do not install nsswitch.conf when nss is disabled
2025-11-25 10:48:31 +01:00
hostname-wordlist
hostname: improve the algorithm in hostname_pick_word()
2026-06-20 14:26:41 +02:00
hwdb.d
hwdb: map Brazilian ThinkPad T14 Gen 1 slash key to KEY_RO
2026-06-24 15:37:27 +01:00
LICENSES
tree-wide: standardize header names across src/fundamental, src/basic and src/shared
2026-05-21 10:33:03 +09:00
man
bootctl: add link-auto/LinkAuto and auto-link on completed system update
2026-06-24 13:05:34 +02:00
mime
mime: add mimetype for luks home dir
2025-03-07 17:27:20 +01:00
mkosi
mkosi: update mkosi ref to f7762b71437227922a367bb89597843c77494ef9
2026-06-25 15:25:36 +02:00
mkosi.extra/usr/lib/repart.d
mkosi: Grow the root partition on boot
2026-02-10 16:32:05 +01:00
modprobe.d
network
network: enable LLDP for links that use only link-local addressing
2026-02-24 17:09:33 +01:00
po
po: Translated using Weblate (Spanish)
2026-06-25 12:17:55 +02:00
presets
sysext: refresh sysexts and confexts on completed system update
2026-06-24 13:05:34 +02:00
profile.d
profile.d: add instructions how to deactivate 80-systemd-osc-context.sh
2026-05-29 01:08:07 +09:00
rules.d
hostnamed: allow setting machine tags via udev rules (#42390)
2026-06-19 20:38:42 +02:00
shell-completion
bootctl: add link-auto/LinkAuto and auto-link on completed system update
2026-06-24 13:05:34 +02:00
src
analyze: don't treat user-scope services as running as root in security
2026-06-26 02:42:24 +09:00
sysctl.d
coredump: capture crashing thread ID and name
2026-03-18 10:27:27 +00:00
sysusers.d
imds: add new systemd-imdsd.service that makes IMDS data accessible locally
2026-03-26 10:54:15 +01:00
test
tpm2: add SWTPM fallback test, fixes and hardening (#42722)
2026-06-25 17:13:03 +02:00
tmpfiles.d
report: add support for optionally signing reports
2026-06-19 05:23:18 +02:00
tools
tools: add script to print blurb for SPI yearly report
2026-06-15 20:45:36 +01:00
units
tpm2: add SWTPM fallback test, fixes and hardening (#42722)
2026-06-25 17:13:03 +02:00
xorg
xorg/50-systemd-user: import XAUTHORITY only if set
2026-02-19 08:15:33 +01:00
.clang-format
clang-format: Add include sorting directives
2025-04-30 09:30:33 +02:00
.clang-tidy
treewide: get rid of remaing getopt/getopt_long stuff
2026-05-16 18:37:12 +02:00
.clangd
tree-wide: standardize header names across src/fundamental, src/basic and src/shared
2026-05-21 10:33:03 +09:00
.ctags
.dir-locals.el
emacs: add settings for Python modes
2026-05-18 02:51:41 +09:00
.editorconfig
chore: fix editorconfig pattern and add setting for zsh
2025-05-30 14:53:45 +09:00
.gitattributes
libc: Add kexec_file_load() syscall wrapper
2026-04-13 11:13:04 +02:00
.gitignore
gitignore: also ignore mkosi.local.conf in subdirectories
2026-06-04 17:50:22 +01:00
.mailmap
mailmap: name change
2026-04-18 14:24:47 +01:00
.packit.yml
mkosi: update fedora commit reference to 9cb09470c9c5a437f8e9c1e0e449b87de83733eb
2026-05-26 16:55:17 +02:00
.pylintrc
.vimrc
.ycm_extra_conf.py
ycm: apply "ruff format" and "ruff check --fix"
2026-05-18 02:32:42 +09:00
AGENTS.md
docs: Update AI usage policy
2026-06-17 09:59:34 +00:00
CITATION.cff
add CITATION.cff file
2025-06-05 14:39:20 +02:00
CLAUDE.md
Move AI instructions to AGENTS.md
2026-03-06 08:55:55 +01:00
LICENSE.GPL2
licensing: update address of FSF
2025-10-07 13:00:12 +01:00
LICENSE.LGPL2.1
licensing: update address of FSF
2025-10-07 13:00:12 +01:00
meson_options.txt
manager: make systemd+executor a multicall binary
2026-06-22 17:19:54 +02:00
meson.build
manager: make systemd+executor a multicall binary
2026-06-22 17:19:54 +02:00
meson.version
meson: switch version to 262~devel
2026-06-19 19:08:35 +01:00
mypy.ini
NEWS
Add NEWS entry
2026-06-22 10:39:36 +02:00
README
README: bump required minimum version of musl to 1.2.6
2026-05-21 05:06:35 +09:00
README.md
README: note that we now have packages built from stable branch too
2026-02-09 09:36:53 +01:00
ruff.toml
ci/linter: stop ignoring lambda assignment lint
2026-05-18 09:43:36 +09:00
TODO.md
TODO: drop bootctl link + sysupdate integration item
2026-06-24 13:06:20 +02:00

README.md

Systemd

System and Service Manager

OBS Packages Status
Semaphore CI 2.0 Build Status
Coverity Scan Status
OSS-Fuzz Status
CIFuzz
CII Best Practices
Fossies codespell report
Translation status
Coverage Status
Packaging status
OpenSSF Scorecard

Details

Most documentation is available on systemd's web site.

Assorted, older, general information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Code Map for information about this repository's layout and content.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list, join our IRC channel #systemd on libera.chat or Matrix channel

Stable branches with backported patches are available in the stable repo.

We have a security bug bounty program sponsored by the Sovereign Tech Fund hosted on YesWeHack

Repositories with distribution packages built from git main are available on OBS, and also repositories with packages built from the latest stable release

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
cinitlinuxservicessystemsystemd
Readme Cite this repository 847 MiB
Languages
C 88.9%
Shell 5.1%
Python 4.7%
Meson 1.1%