core: don't include /boot in effect of ProtectSystem=

This would otherwise unconditionally trigger any /boot autofs mount, which we probably should avoid. ProtectSystem= will now only cover /usr and (optionally) /etc, both of which cannot be autofs anyway. ProtectHome will continue to cover /run/user and /home. The former cannot be autofs either. /home could be, however is frequently enough used (unlikey /boot) so that it isn't too problematic to simply trigger it unconditionally via ProtectHome=.
author: Lennart Poettering <lennart@poettering.net> 2014-06-05 10:03:26 +0200
committer: Lennart Poettering <lennart@poettering.net> 2014-06-05 10:03:26 +0200
commit: 5331194c120520579eede9dba4bd9c3329629601 (patch)
tree: 1bdda4ab9e6c10b93faeca70cb855ae2e3caa2f9 /man
parent: 3900e5fdff688dc3c273f177d9d913b7389d5561 (diff)
1 files changed, 1 insertions, 2 deletions
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index d426ac0899..c5bb55c556 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -941,8 +941,7 @@
                                 argument or
                                 <literal>full</literal>. If true,
                                 mounts the <filename>/usr</filename>
-                                and <filename>/boot</filename>
-                                directories read-only for processes
+                                directory read-only for processes
                                 invoked by this unit. If set to
                                 <literal>full</literal> the
                                 <filename>/etc</filename> is mounted
author	Lennart Poettering <lennart@poettering.net>	2014-06-05 10:03:26 +0200
committer	Lennart Poettering <lennart@poettering.net>	2014-06-05 10:03:26 +0200
commit	5331194c120520579eede9dba4bd9c3329629601 (patch)
tree	1bdda4ab9e6c10b93faeca70cb855ae2e3caa2f9 /man
parent	3900e5fdff688dc3c273f177d9d913b7389d5561 (diff)