diff options
Diffstat (limited to 'man')
| -rw-r--r-- | man/systemd-analyze.xml | 11 | ||||
| -rw-r--r-- | man/systemd.exec.xml | 10 |
2 files changed, 19 insertions, 2 deletions
diff --git a/man/systemd-analyze.xml b/man/systemd-analyze.xml index 8fa7cd3329..634e16b5f4 100644 --- a/man/systemd-analyze.xml +++ b/man/systemd-analyze.xml @@ -104,6 +104,12 @@ <cmdsynopsis> <command>systemd-analyze</command> <arg choice="opt" rep="repeat">OPTIONS</arg> + <arg choice="plain">syscall-filter</arg> + <arg choice="opt"><replaceable>SET</replaceable>...</arg> + </cmdsynopsis> + <cmdsynopsis> + <command>systemd-analyze</command> + <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="plain">verify</arg> <arg choice="opt" rep="repeat"><replaceable>FILES</replaceable></arg> </cmdsynopsis> @@ -181,6 +187,11 @@ <option>--log-target=</option>, described in <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>).</para> + <para><command>systemd-analyze syscall-filter <optional><replaceable>SET</replaceable>...</optional></command> + will list system calls contained in the specified system call set <replaceable>SET</replaceable>, + or all known sets if no sets are specified. Argument <replaceable>SET</replaceable> must include + the <literal>@</literal> prefix.</para> + <para><command>systemd-analyze verify</command> will load unit files and print warnings if any errors are detected. Files specified on the command line will be loaded, but also any other units referenced by them. The full unit search path is diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index 3c350df11f..0de263cb07 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -1373,8 +1373,13 @@ </tgroup> </table> - Note that as new system calls are added to the kernel, additional system calls might be added to the groups - above, so the contents of the sets may change between systemd versions.</para> + Note, that as new system calls are added to the kernel, additional system calls might be + added to the groups above. Contents of the sets may also change between systemd + versions. In addition, the list of system calls depends on the kernel version and + architecture for which systemd was compiled. Use + <command>systemd-analyze syscall-filter</command> to list the actual list of system calls in + each filter. + </para> <para>It is recommended to combine the file system namespacing related options with <varname>SystemCallFilter=~@mount</varname>, in order to prohibit the unit's processes to undo the @@ -1844,6 +1849,7 @@ <para> <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-analyze</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>, |