anitazha / rpms / systemd

Forked from rpms/systemd 3 years ago
Clone

Blame SOURCES/0227-man-ProtectHome-protects-root-as-well.patch

1ff636
From 421fa6e97928bca5a55414ad38bd9659d0e99a15 Mon Sep 17 00:00:00 2001
1ff636
From: Christian Hesse <mail@eworm.de>
1ff636
Date: Tue, 30 Jun 2015 19:12:20 +0200
1ff636
Subject: [PATCH] man: ProtectHome= protects /root as well
1ff636
1ff636
(cherry picked from commit 5833143708733a3fc9e6935922bf11d7d27cb768)
1ff636
1ff636
Cherry-picked from: 5833143
1ff636
Resolves: #1222517
1ff636
---
1ff636
 man/systemd.exec.xml | 5 +++--
1ff636
 1 file changed, 3 insertions(+), 2 deletions(-)
1ff636
1ff636
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
181b3f
index 56b53e601..5b93aa71e 100644
1ff636
--- a/man/systemd.exec.xml
1ff636
+++ b/man/systemd.exec.xml
1ff636
@@ -858,9 +858,10 @@
1ff636
 
1ff636
         <listitem><para>Takes a boolean argument or
1ff636
         <literal>read-only</literal>. If true, the directories
1ff636
-        <filename>/home</filename> and <filename>/run/user</filename>
1ff636
+        <filename>/home</filename>, <filename>/root</filename> and
1ff636
+        <filename>/run/user</filename>
1ff636
         are made inaccessible and empty for processes invoked by this
1ff636
-        unit. If set to <literal>read-only</literal>, the two
1ff636
+        unit. If set to <literal>read-only</literal>, the three
1ff636
         directories are made read-only instead. It is recommended to
1ff636
         enable this setting for all long-running services (in
1ff636
         particular network-facing ones), to ensure they cannot get