diff options
Diffstat (limited to 'man')
| -rw-r--r-- | man/systemd.exec.xml | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index 610c821dc0..7eaf52bc5b 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -895,6 +895,24 @@ </varlistentry> <varlistentry> + <term><varname>PrivateDevices=</varname></term> + + <listitem><para>Takes a boolean + argument. If true, sets up a new /dev + namespace for the executed processes + and only adds API pseudo devices such + as <filename>/dev/null</filename>, + <filename>/dev/zero</filename> or + <filename>/dev/random</filename> to + it, but no physical devices such as + <filename>/dev/sda</filename>. This is + useful to securely turn off physical + device access by the executed + process. Defaults to + false.</para></listitem> + </varlistentry> + + <varlistentry> <term><varname>MountFlags=</varname></term> <listitem><para>Takes a mount |