From 5331194c120520579eede9dba4bd9c3329629601 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 5 Jun 2014 10:03:26 +0200
Subject: core: don't include /boot in effect of ProtectSystem=

This would otherwise unconditionally trigger any /boot autofs mount,
which we probably should avoid.

ProtectSystem= will now only cover /usr and (optionally) /etc, both of
which cannot be autofs anyway.

ProtectHome will continue to cover /run/user and /home. The former
cannot be autofs either. /home could be, however is frequently enough
used (unlikey /boot) so that it isn't too problematic to simply trigger
it unconditionally via ProtectHome=.
---
 man/systemd.exec.xml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'man/systemd.exec.xml')

diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index d426ac0899..c5bb55c556 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -941,8 +941,7 @@
                                 argument or
                                 <literal>full</literal>. If true,
                                 mounts the <filename>/usr</filename>
-                                and <filename>/boot</filename>
-                                directories read-only for processes
+                                directory read-only for processes
                                 invoked by this unit. If set to
                                 <literal>full</literal> the
                                 <filename>/etc</filename> is mounted
-- 
cgit v1.2.3-54-g00ecf