X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=README;h=ace13cf07587a63d5f4a55583093c0777180cc36;hp=bb0fe1d0de0bf3068943d5d0d47c45179ee7cecb;hb=022446adf99b84c59a88c2e614033ccde13c395c;hpb=5d31974e44b8fa163f859d8467a3667ed52056d0

diff --git a/README b/README
index bb0fe1d0d..ace13cf07 100644
--- a/README
+++ b/README
@@ -30,7 +30,7 @@ AUTHOR:
 
 LICENSE:
         LGPLv2.1+ for all code
-        - except sd-daemon.[ch] and sd-readahead.[ch] which are MIT
+        - except sd-readahead.[ch] which is MIT
         - except src/shared/MurmurHash2.c which is Public Domain
         - except src/shared/siphash24.c which is CC0 Public Domain
         - except src/journal/lookup3.c which is Public Domain
@@ -89,6 +89,13 @@ REQUIREMENTS:
         runtime using the kernel command line option "audit=0", or
         turn it off at kernel compile time using:
           CONFIG_AUDIT=n
+        If systemd is compiled with libseccomp support on
+        architectures which do not use socketcall() and where seccomp
+        is supported (this effectively means x86-64 and ARM, but
+        excludes 32bit x86!), then nspawn will now install a
+        work-around seccomp filter that makes containers boot even
+        with audit being enabled. This works correctly only on kernels
+        3.14 and newer though. TL;DR: turn audit off, still.
 
         glibc >= 2.14
         libcap
@@ -190,6 +197,9 @@ WARNINGS:
         about this, since this kind of file system setup is not really
         supported anymore by the basic set of Linux OS components.
 
+        systemd requires that the /run mount point exists. systemd also
+        requires that /var/run is a a symlink → /run.
+
         For more information on this issue consult
         http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken