chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
236af51
)
README: document that we still encourage people to turn off audit when they want...
author
Lennart Poettering
<lennart@poettering.net>
Tue, 11 Mar 2014 04:40:36 +0000
(
05:40
+0100)
committer
Lennart Poettering
<lennart@poettering.net>
Tue, 11 Mar 2014 04:40:36 +0000
(
05:40
+0100)
README
patch
|
blob
|
history
diff --git
a/README
b/README
index 7a227e7327f0bbf12c9c99a330cbf8f1bd5a683e..ace13cf07587a63d5f4a55583093c0777180cc36 100644
(file)
--- a/
README
+++ b/
README
@@
-89,6
+89,13
@@
REQUIREMENTS:
runtime using the kernel command line option "audit=0", or
turn it off at kernel compile time using:
CONFIG_AUDIT=n
runtime using the kernel command line option "audit=0", or
turn it off at kernel compile time using:
CONFIG_AUDIT=n
+ If systemd is compiled with libseccomp support on
+ architectures which do not use socketcall() and where seccomp
+ is supported (this effectively means x86-64 and ARM, but
+ excludes 32bit x86!), then nspawn will now install a
+ work-around seccomp filter that makes containers boot even
+ with audit being enabled. This works correctly only on kernels
+ 3.14 and newer though. TL;DR: turn audit off, still.
glibc >= 2.14
libcap
glibc >= 2.14
libcap