summaryrefslogtreecommitdiff
path: root/man/tmpfiles.d.xml
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-06-11 10:14:07 +0200
committerLennart Poettering <lennart@poettering.net>2014-06-11 10:14:07 +0200
commitabef3f91ce5fa9eeffceead885d2d2cabd9f1c96 (patch)
treea16b1bc5ec3b7d14ed5adceca99be6198f8e6b3a /man/tmpfiles.d.xml
parent1ebab2103d8f82822318e708363c0cc2b930289e (diff)
tmpfiles: add ability to mask access mode by pre-existing access mode on files/directories
This way it makes a lot more sense to specify an access mode for "Z" lines.
Diffstat (limited to 'man/tmpfiles.d.xml')
-rw-r--r--man/tmpfiles.d.xml16
1 files changed, 16 insertions, 0 deletions
diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml
index 5d8c2b5b32..0081a6762a 100644
--- a/man/tmpfiles.d.xml
+++ b/man/tmpfiles.d.xml
@@ -368,6 +368,22 @@ r! /tmp/.X[0-9]*-lock</programlisting>
ignored for <varname>x</varname>,
<varname>r</varname>, <varname>R</varname>,
<varname>L</varname> lines.</para>
+
+ <para>Optionally, if prefixed with
+ <literal>~</literal> the access mode is masked
+ based on the already set access bits for
+ existing file or directories: if the existing
+ file has all executable bits unset then all
+ executable bits are removed from the new
+ access mode, too. Similar, if all read bits
+ are removed from the old access mode they will
+ be removed from the new access mode too, and
+ if all write bits are removed, they will be
+ removed from the new access mode too. In
+ addition the sticky/suid/gid bit is removed unless
+ applied to a directory. This
+ functionality is particularly useful in
+ conjunction with <varname>Z</varname>.</para>
</refsect2>
<refsect2>