summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Mack <github@zonque.org>2015-07-01 13:45:33 -0400
committerDaniel Mack <github@zonque.org>2015-07-01 13:45:33 -0400
commit38b541c4f25830af1429f2dc903c81a3c8c1877f (patch)
treeb117c4920fec4f26e8e1e7efc4f6c60db5509aab
parentb6b34755339b7ce7181d0986f761ca2af3d5497e (diff)
parent5833143708733a3fc9e6935922bf11d7d27cb768 (diff)
Merge pull request #419 from eworm-de/man-protecthome
man: ProtectHome= protects /root as well
-rw-r--r--man/systemd.exec.xml5
1 files changed, 3 insertions, 2 deletions
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 64877720bc..45a4422dc3 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -858,9 +858,10 @@
<listitem><para>Takes a boolean argument or
<literal>read-only</literal>. If true, the directories
- <filename>/home</filename> and <filename>/run/user</filename>
+ <filename>/home</filename>, <filename>/root</filename> and
+ <filename>/run/user</filename>
are made inaccessible and empty for processes invoked by this
- unit. If set to <literal>read-only</literal>, the two
+ unit. If set to <literal>read-only</literal>, the three
directories are made read-only instead. It is recommended to
enable this setting for all long-running services (in
particular network-facing ones), to ensure they cannot get