BetterCorp/BetterFrame
1
0
Fork 0
mirror of https://github.com/BetterCorp/BetterFrame.git synced 2026-05-26 16:56:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10
BetterFrame/kiosk
History
Mitchell R 16412d5ad6
fix(terminal+journal): use systemd-run to escape NoNewPrivileges 
The kiosk runs under NoNewPrivileges=yes (WebKit bwrap needs it). sudo
and nsenter both fail because they need privilege escalation which the
flag blocks. systemd-run --pipe spawns a SEPARATE service unit as root
in its own process tree, connected via stdin/stdout pipe. Not a child
of the kiosk process → NoNewPrivileges doesn't apply.

Also: enable rauc.service in pi-gen chroot (was never enabled → RAUC
daemon not running → rauc install fails → OS update silently broken).
2026-05-22 23:34:49 +02:00
..
src fix(terminal+journal): use systemd-run to escape NoNewPrivileges 2026-05-22 23:34:49 +02:00
Cargo.lock feat(ota): add RAUC OS update foundation 2026-05-20 05:15:29 +02:00
Cargo.toml feat(onvif-events): PullPoint subscription for all ONVIF cameras 2026-05-21 12:03:30 +02:00
prototype.sh fix(deploy): require proxied local services 2026-05-11 09:51:00 +02:00