Add PrivatePIDs= (continued) (#34940)

author: Luca Boccassi <bluca@debian.org> 2024-11-05 19:42:28 +0100
committer: GitHub <noreply@github.com> 2024-11-05 19:42:28 +0100
commit: 7af37f3a9020ae5c3ef2278649eb767aa3806163 (patch)
tree: 157eb24670dc72acdcbe71bdbb721ee40a7bd02d /NEWS
parent: Translations update from Fedora Weblate (#35031) (diff)
parent: core: Introduce PrivatePIDs= (diff)
download: systemd-7af37f3a9020ae5c3ef2278649eb767aa3806163.tar.xz
systemd-7af37f3a9020ae5c3ef2278649eb767aa3806163.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 6d4b5b7461..03f61e99c7 100644
--- a/NEWS
+++ b/NEWS
@@ -254,6 +254,11 @@ CHANGES WITH 257 in spe:
           the "nobody" user to the dynamic user, rather than via recursive
           chown()ing.
 
+        * A new service property PrivatePIDs= has been added that runs executed
+          processes as PID 1 - the init process - within their own PID namespace.
+          PrivatePIDs= also mounts /proc/ so only processes within the new PID
+          namespace are visible.
+
         systemd-udevd:
 
         * udev rules now set 'uaccess' for /dev/udmabuf, giving locally
author	Luca Boccassi <bluca@debian.org>	2024-11-05 19:42:28 +0100
committer	GitHub <noreply@github.com>	2024-11-05 19:42:28 +0100
commit	7af37f3a9020ae5c3ef2278649eb767aa3806163 (patch)
tree	157eb24670dc72acdcbe71bdbb721ee40a7bd02d /NEWS
parent	Translations update from Fedora Weblate (#35031) (diff)
parent	core: Introduce PrivatePIDs= (diff)
download	systemd-7af37f3a9020ae5c3ef2278649eb767aa3806163.tar.xz systemd-7af37f3a9020ae5c3ef2278649eb767aa3806163.zip