summaryrefslogtreecommitdiff
path: root/man
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-10-25 15:42:10 +0200
committerLennart Poettering <lennart@poettering.net>2016-11-02 08:49:59 -0600
commita8c157ff3081ee963adb0d046015abf9a271fa67 (patch)
treea4bec5443d4b336d8939360905a07b9fa96b55ea /man
parentc79aff9a82abf361aea47b5c745ed9729c5f0212 (diff)
seccomp: drop execve() from @process list
The system call is already part in @default hence implicitly allowed anyway. Also, if it is actually blocked then systemd couldn't execute the service in question anymore, since the application of seccomp is immediately followed by it.
Diffstat (limited to 'man')
-rw-r--r--man/systemd.exec.xml2
1 files changed, 1 insertions, 1 deletions
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index e7d8bb23a4..d45e5362dc 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -1347,7 +1347,7 @@
</row>
<row>
<entry>@process</entry>
- <entry>Process control, execution, namespaces (<citerefentry project='man-pages'><refentrytitle>execve</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>kill</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>namespaces</refentrytitle><manvolnum>7</manvolnum></citerefentry>, …</entry>
+ <entry>Process control, execution, namespaces (<citerefentry project='man-pages'><refentrytitle>clone</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>kill</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>namespaces</refentrytitle><manvolnum>7</manvolnum></citerefentry>, …</entry>
</row>
<row>
<entry>@raw-io</entry>
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-11-18 00:39:49 +0000