morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 00:14:32 +09:00
Code Issues Packages Projects Releases Wiki Activity

man: document that PrivateTmp= is unaffected by ProtectSystem=strict

Browse Source 
Fixes: #33130
This commit is contained in:
Lennart Poettering
2024-11-05 13:33:53 +01:00
parent 172ac39fc8
commit b711737096
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
man/systemd.exec.xml
View File

@@ -1433,6 +1433,10 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
set. This setting cannot ensure protection in all cases. In general it has the same limitations as
<varname>ReadOnlyPaths=</varname>, see below. Defaults to off.</para>
<para>Note that if <varname>ProtectSystem=</varname> is set to <literal>strict</literal> and
<varname>PrivateTmp=</varname> is enabled, then <filename>/tmp/</filename> and
<filename>/var/tmp/</filename> will be writable.</para>
<xi:include href="version-info.xml" xpointer="v214"/></listitem>
</varlistentry>