diff options
| -rw-r--r-- | man/systemd.exec.xml | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index c46c0f6dd8..4a68695348 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -1046,7 +1046,10 @@ boot-time, with the <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> mechanism. Almost no services need to write to these at runtime; it is hence recommended to turn this on for most services. For this setting the same restrictions regarding mount propagation and privileges apply as for - <varname>ReadOnlyPaths=</varname> and related calls, see above. Defaults to off.</para></listitem> + <varname>ReadOnlyPaths=</varname> and related calls, see above. Defaults to off. + Note that this option does not prevent kernel tuning through IPC interfaces and exeternal programs. However + <varname>InaccessiblePaths=</varname> can be used to make some IPC file system objects + inaccessible.</para></listitem> </varlistentry> <varlistentry> |