~kennylevinsen/seatd

0.9.0 2 months ago

seatd 0.9.0

This release contians 35 changes from 6 contributors.

Some highlights of this release:

- Improve session state tracking in the libseat logind backend, which
  could previously fail to notify the libseat client that the session
  had been deactivated.

- Do not trigger a VT switch when starting a logind session, allowing
  sessions to be started in the background.

- Improve error handling in some edgecases in the libseat seatd backend.

- Apply more aggressive security policies to the included systemd unit.

Adrien Demarez (1):
      seatd: fix small bug in assert

Jack Mitchell (1):
      seatd: fix double close of file handle

Kelvin C (10):
      systemd: lockdown the filesystem
      systemd: ensure no new privileges
      systemd: disable network access
      systemd: limit sys calls and arch
      systemd: limit access to kernel
      systemd: restrict namespace functionality
      systemd: restrict capabilities
      systemd: protect system clock
      systemd: protect hostname
      systemd: restrict access to devices

Kenny Levinsen (21):
      seatd: Avoid unnecessary asserts
      connection: Add overflow edge-case test
      libseat/seatd: Error on unexpected response
      libseat/seatd: Dispatch utility cleanup
      seatd: Add responses for switch and disable
      common: Allow inserting inited linked list elem
      seatd: Init client link after removal
      libseat/seatd: Fix wrong dispatch reference
      logind: Skip session activation
      seat: Merge close_client with remove_client
      seat: Minor cleanup in device reuse, error logging
      seat: Add a bit of documentation
      libseat/logind: Check initial active state
      libseat/logind: Better naming and signatures
      libseat/logind: Move session_get_type up to its family
      logind: Remove match signal on seat object
      logind: Iterate through entire PropertiesChanged
      logind: Remove drm device tracking
      ci: Disable logind smoketest for now
      seatd: Add support for hidraw devices
      seatd: Minor evdev ifdef cleanup

Morose (1):
      logind: Condition is always true

Simon Ser (1):
      build: show whether man pages are enabled in summary