diff options
-rw-r--r-- | man/systemd.exec.xml | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index 64877720bc..45a4422dc3 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -858,9 +858,10 @@ <listitem><para>Takes a boolean argument or <literal>read-only</literal>. If true, the directories - <filename>/home</filename> and <filename>/run/user</filename> + <filename>/home</filename>, <filename>/root</filename> and + <filename>/run/user</filename> are made inaccessible and empty for processes invoked by this - unit. If set to <literal>read-only</literal>, the two + unit. If set to <literal>read-only</literal>, the three directories are made read-only instead. It is recommended to enable this setting for all long-running services (in particular network-facing ones), to ensure they cannot get |