1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-24 21:34:08 +03:00
Commit Graph

502 Commits

Author SHA1 Message Date
Lennart Poettering
6f5cf88009 man: fix typo systmed → systemd 2020-10-05 11:40:48 +02:00
Samanta Navarro
5e2b0e1cfa man: fix typos 2020-10-03 11:56:50 +00:00
Zbigniew Jędrzejewski-Szmek
21556381ff man: correct various links
As usual, linkchecker ftw!
2020-09-30 14:57:21 +02:00
Zbigniew Jędrzejewski-Szmek
885a4e6ca7 man: assorted small fixes
This is almost all of #17177.
2020-09-30 10:31:21 +02:00
Zbigniew Jędrzejewski-Szmek
0b4d17c9a5 man: link to fork(2) more prominently
For #17177.
2020-09-30 10:30:03 +02:00
Zbigniew Jędrzejewski-Szmek
211c99c761 man: do not index various /foobar/ paths
For #17177.
2020-09-30 10:30:03 +02:00
Lennart Poettering
329cde79c4 doc: document the new GPT partition type UUIDs 2020-09-19 21:20:16 +02:00
Topi Miettinen
9df2cdd8ec exec: SystemCallLog= directive
With new directive SystemCallLog= it's possible to list system calls to be
logged. This can be used for auditing or temporarily when constructing system
call filters.

---
v5: drop intermediary, update HASHMAP_FOREACH_KEY() use
v4: skip useless debug messages, actually parse directive
v3: don't declare unused variables with old libseccomp
v2: fix build without seccomp or old libseccomp
2020-09-15 12:54:17 +03:00
Topi Miettinen
005bfaf118 exec: Add kill action to system call filters
Define explicit action "kill" for SystemCallErrorNumber=.

In addition to errno code, allow specifying "kill" as action for
SystemCallFilter=.

---
v7: seccomp_parse_errno_or_action() returns -EINVAL if !HAVE_SECCOMP
v6: use streq_ptr(), let errno_to_name() handle bad values, kill processes,
 init syscall_errno
v5: actually use seccomp_errno_or_action_to_string(), don't fail bus unit
parsing without seccomp
v4: fix build without seccomp
v3: drop log action
v2: action -> number
2020-09-15 12:54:17 +03:00
Lennart Poettering
60bcb45927 man: rework UMask= explanation
Mention the JSON user record stuff. Mention pam_umask explicitly.
Mention that UMask= of the per-user user@.service instance can be used
too.

Fixes: #16963
2020-09-14 21:44:06 +02:00
Michal Sekletár
332d387f47 core: introduce support for setting NUMAMask= to special "all" value
Fixes #14113
2020-09-08 08:16:03 +02:00
Lennart Poettering
b2af819b22 analyze: add 'capability' verb for dumping all known and unknown caps 2020-08-28 18:52:48 +02:00
Lennart Poettering
3220cf394c man: document pid1's new credentials logic 2020-08-25 19:45:57 +02:00
Zbigniew Jędrzejewski-Szmek
9f56c88aeb
Merge pull request #16819 from keszybz/seccomp-enosys
Return ENOSYS in nspawn for "unknown" syscalls
2020-08-25 09:18:46 +02:00
Lennart Poettering
a54342b371 man: document ProtectProc= and ProcSubset= 2020-08-24 20:11:24 +02:00
Zbigniew Jędrzejewski-Szmek
95aac01259 shared: add @known syscall list 2020-08-24 20:04:17 +02:00
Luca Boccassi
427353f668 core: add mount options support for MountImages
Follow the same model established for RootImage and RootImageOptions,
and allow to either append a single list of options or tuples of
partition_number:options.
2020-08-20 14:45:40 +01:00
Luca Boccassi
9ece644435 core: change RootImageOptions to use names instead of partition numbers
Follow the designations from the Discoverable Partitions Specification
2020-08-20 13:58:02 +01:00
Lennart Poettering
a6991726f8 man: clarify that LogNamespace= is for system services only
Fixes: #16638
2020-08-06 18:24:11 +02:00
Luca Boccassi
b3d133148e core: new feature MountImages
Follows the same pattern and features as RootImage, but allows an
arbitrary mount point under / to be specified by the user, and
multiple values - like BindPaths.

Original implementation by @topimiettinen at:
https://github.com/systemd/systemd/pull/14451
Reworked to use dissect's logic instead of bare libmount() calls
and other review comments.
Thanks Topi for the initial work to come up with and implement
this useful feature.
2020-08-05 21:34:55 +01:00
Luca Boccassi
18d7370587 service: add new RootImageOptions feature
Allows to specify mount options for RootImage.
In case of multi-partition images, the partition number can be prefixed
followed by colon. Eg:

RootImageOptions=1:ro,dev 2:nosuid nodev

In absence of a partition number, 0 is assumed.
2020-07-29 17:17:32 +01:00
Lennart Poettering
6b222c4b02 man: fix link markup 2020-07-30 00:51:41 +09:00
Zbigniew Jędrzejewski-Szmek
8fa2cd83c6 Revert "man: add note about systemd-vconsole-setup.service and tty as input/output"
This reverts commit 0b57803630.

From https://github.com/systemd/systemd/pull/16503#issuecomment-660212813:
systemd-vconsole-setup (the binary) is supposed to run asynchronously by udev
therefore ordering early interactive services after systemd-vconsole-setup.service
has basically no effect.

Let's remove this paragraph. It's better to say nothing than to give pointless
advice.
2020-07-22 10:43:52 +02:00
Zbigniew Jędrzejewski-Szmek
cd990847b9 tree-wide: more repeated words 2020-07-07 12:08:22 +02:00
Zbigniew Jędrzejewski-Szmek
e9dd698407 tree-wide: fixes for assorted grammar and spelling issues
Fixes #16363. Also includes some changes where I generalized the pattern.
2020-07-06 11:29:05 +02:00
Zbigniew Jędrzejewski-Szmek
0986bb9b95
Merge pull request #16278 from keszybz/fix-man-links
Fix html links
2020-06-25 18:38:37 +02:00
Zbigniew Jędrzejewski-Szmek
b7a4734551 man: fix links to various external man pages
In cases where we used both die-net and man-pages for the same reference,
I switched to use man-pages everywhere.
2020-06-25 14:41:44 +02:00
Luca Boccassi
d4d55b0d13 core: add RootHashSignature service parameter
Allow to explicitly pass root hash signature as a unit option. Takes precedence
over implicit checks.
2020-06-25 08:45:21 +01:00
Lennart Poettering
6b000af4f2 tree-wide: avoid some loaded terms
https://tools.ietf.org/html/draft-knodel-terminology-02
https://lwn.net/Articles/823224/

This gets rid of most but not occasions of these loaded terms:

1. scsi_id and friends are something that is supposed to be removed from
   our tree (see #7594)

2. The test suite defines an API used by the ubuntu CI. We can remove
   this too later, but this needs to be done in sync with the ubuntu CI.

3. In some cases the terms are part of APIs we call or where we expose
   concepts the kernel names the way it names them. (In particular all
   remaining uses of the word "slave" in our codebase are like this,
   it's used by the POSIX PTY layer, by the network subsystem, the mount
   API and the block device subsystem). Getting rid of the term in these
   contexts would mean doing some major fixes of the kernel ABI first.

Regarding the replacements: when whitelist/blacklist is used as noun we
replace with with allow list/deny list, and when used as verb with
allow-list/deny-list.
2020-06-25 09:00:19 +02:00
Luca Boccassi
0389f4fa81 core: add RootHash and RootVerity service parameters
Allow to explicitly pass root hash (explicitly or as a file) and verity
device/file as unit options. Take precedence over implicit checks.
2020-06-23 10:50:09 +02:00
Zbigniew Jędrzejewski-Szmek
201632e314 tree-wide: s/time-out/timeout/g
See 3f9a0a522f for justification.
2020-05-26 10:28:59 +02:00
Lennart Poettering
d2b843554a man: drop some left-over mentions of StandardOutput=syslog
We dropped them from the StandardOuput= documentation long ago, but
elswhere some references where lurking.
2020-05-15 00:05:46 +02:00
Lennart Poettering
6551cf2d61 man: document $LOG_NAMESPACE 2020-05-14 17:29:28 +02:00
Zbigniew Jędrzejewski-Szmek
26b8190841 man: mention that ProtectSystem= also takes care of /efi 2020-04-30 09:54:00 +02:00
Frantisek Sumsal
86b52a3958 tree-wide: fix spelling errors
Based on a report from Fossies.org using Codespell.

Followup to #15436
2020-04-21 23:21:08 +02:00
Lennart Poettering
33b58dfb41 core: automatically add udev dependency for units using RootImage=
We use udev to wait for /dev/loopX devices to be fully proped hence we
need an implicit ordering dependency on it, for RootImage= to work
reliably in early boot, too.

Fixes: #14972
2020-04-21 16:31:06 +02:00
Lennart Poettering
9b3c65ed36
Merge pull request #15352 from poettering/user-group-name-valdity-rework
user/group name validity rework
2020-04-09 18:49:22 +02:00
Lennart Poettering
611cb82612
Merge pull request #15318 from fbuihuu/inherit-umask-for-user-units
pid1: by default make user units inherit their umask from the user ma…
2020-04-09 17:15:55 +02:00
Franck Bui
5e37d1930b pid1: by default make user units inherit their umask from the user manager
This patch changes the way user managers set the default umask for the units it
manages.

Indeed one can expect that if user manager's umask is redefined through PAM
(via /etc/login.defs or pam_umask), all its children including the units it
spawns have their umask set to the new value.

Hence make user units inherit their umask value from their parent instead of
the hard coded value 0022 but allow them to override this value via their unit
file.

Note that reexecuting managers with 'systemctl daemon-reexec' after changing
UMask= has no effect. To take effect managers need to be restarted with
'systemct restart' instead. This behavior was already present before this
patch.

Fixes #6077.
2020-04-09 14:17:07 +02:00
Zbigniew Jędrzejewski-Szmek
ad21e542b2 manager: add CoredumpFilter= setting
Fixes #6685.
2020-04-09 14:08:48 +02:00
Lennart Poettering
887a8fa341 docs: hook up the new USER_NAMES document everywhere
(Also correct the set of names we accept in User=, which was forgotten
to be updated in ae480f0b09.
2020-04-08 17:30:04 +02:00
Michal Sekletár
e2b2fb7f56 core: add support for setting CPUAffinity= to special "numa" value
systemd will automatically derive CPU affinity mask from NUMA node
mask.

Fixes #13248
2020-03-16 08:57:28 +01:00
Lennart Poettering
5b0a76d107 man: document LogNamespace= unit setting 2020-01-31 15:10:40 +01:00
Kevin Kuehler
022d334561 man: doc: Document ProtectClock= 2020-01-27 11:21:36 -08:00
Lennart Poettering
54ed193f8d man: clarify that user rlimits cannot go beyond limits set for service mgr
Fixes: #10758
2020-01-17 10:09:50 +01:00
Lennart Poettering
ba96a8a277 man: document that program invocation will fail if the User= does not exist
Fixes: #14565
2020-01-17 10:08:13 +01:00
Zbigniew Jędrzejewski-Szmek
ea7fe1d1c2
Merge pull request #14390 from poettering/gpt-var-tmp
introduce GPT partition types for /var and /var/tmp and support them for auto-discovery
2020-01-14 15:37:53 +01:00
Topi Miettinen
412a6c646c systemd.exec: document the file system for EnvironmentFile paths
Files specified with EnvironmentFile are read from PID1 mount namespace, before
any file system operations like RootImage or BindPaths are in effect.
2020-01-02 14:21:16 +01:00
Lennart Poettering
19ac32cdd6 docs: import discoverable partitions spec
This was previously available here:

https://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec/

Let's pull it into our repository.
2019-12-23 14:44:33 +01:00
Anita Zhang
5749f855a7 core: PrivateUsers=true for (unprivileged) user managers
Let per-user service managers have user namespaces too.

For unprivileged users, user namespaces are set up much earlier
(before the mount, network, and UTS namespaces vs after) in
order to obtain capbilities in the new user namespace and enable use of
the other listed namespaces. However for privileged users (root), the
set up for the user namspace is still done at the end to avoid any
restrictions with combining namespaces inside a user namespace (see
inline comments).

Closes #10576
2019-12-18 11:09:30 -08:00
Lennart Poettering
d58b613bbb man: apparently we lowercased STDOUT/STDERR everywhere else in docs, do so here too 2019-11-28 14:25:38 +01:00
Zbigniew Jędrzejewski-Szmek
f8b68539d0 man: fix a few bogus entries in directives index
When wrong element types are used, directives are sometimes placed in the wrong
section. Also, strip part of text starting with "'", which is used in a few
places and which is displayed improperly in the index.
2019-11-21 22:06:30 +01:00
Lennart Poettering
8af381679d
Merge pull request #13940 from keur/protect_kernel_logs
Add ProtectKernelLogs to systemd.exec
2019-11-15 16:26:10 +01:00
Kevin Kuehler
d916e35b9f man: Add description for ProtectKernelLogs= 2019-11-14 13:31:06 -08:00
Zbigniew Jędrzejewski-Szmek
67f5b9e06e
Merge pull request #14003 from keszybz/user-path-configurable
meson: make user $PATH configurable
2019-11-14 10:08:40 +01:00
Zbigniew Jędrzejewski-Szmek
3602ca6f0c meson: make user $PATH configurable
This partially reverts db11487d10 (the logic to
calculate the correct value is removed, we always use the same setting as for
the system manager). Distributions have an easy mechanism to override this if
they wish.

I think making this configurable is better, because different distros clearly
want different defaults here, and making this configurable is nice and clean.
If we don't make it configurable, distros which either have to carry patches,
or what would be worse, rely on some other configuration mechanism, like
/etc/profile. Those other solutions do not apply everywhere (they usually
require the shell to be used at some point), so it is better if we provide
a nice way to override the default.

Fixes  #13469.
2019-11-13 22:34:14 +01:00
Zbigniew Jędrzejewski-Szmek
1f6597a84c man: mention $RUNTIME_DIRECTORY & friends in environment list 2019-11-13 22:05:11 +01:00
Anita Zhang
644ee25461
Merge pull request #13676 from ClydeByrdIII/service-result-patch
Update service result table
2019-10-29 11:35:41 -07:00
Mark Stosberg
69bdb3b150 man: document updated newline support
Since v239 newlines have been allowed for PassEnvironment=
and EnvironmentFile=, due to #8471.

This PR documents the behavior change.
2019-10-04 11:54:28 +02:00
ClydeByrdIII
b122296272
Update service result table
exec-condition and oom-kill were added without updating this table

Updated success to reflect the code, which also allows kills by signal in certain situations
2019-09-28 01:43:02 -07:00
Yu Watanabe
bd9014c360 man: move TimeoutCleanSec= entry from .service to .exec
Follow-up for 12213aed12.

Closes #13546.
2019-09-13 15:06:40 +02:00
Zbigniew Jędrzejewski-Szmek
db11487d10 manager: put bin before sbin for user instances
Traditionally, user logins had a $PATH in which /bin was before /sbin, while
root logins had a $PATH with /sbin first. This allows the tricks that
consolehelper is doing to work. But even if we ignore consolehelper, having the
path in this order might have been used by admins for other purposes, and
keeping the order in user sessions will make it easier the adoption of systemd
user sessions a bit easier.

Fixes #733.
https://bugzilla.redhat.com/show_bug.cgi?id=1744059

OOM handling in manager_default_environment wasn't really correct.
Now the (theorertical) malloc failure in strv_new() is handled.

Please note that this has no effect on:
- systems with merged /bin-/sbin (e.g. arch)

- when there are no binaries that differ between the two locations.

  E.g. on my F30 laptop there is exactly one program that is affected:
  /usr/bin/setup -> consolehelper.

  There is less and less stuff that relies on consolehelper, but there's still
  some.

So for "clean" systems this makes no difference, but helps with legacy setups.

$ dnf repoquery --releasever=31 --qf %{name} --whatrequires usermode
anaconda-live
audit-viewer
beesu
chkrootkit
driftnet
drobo-utils-gui
hddtemp
mate-system-log
mock
pure-ftpd
setuptool
subscription-manager
system-config-httpd
system-config-rootpassword
system-switch-java
system-switch-mail
usermode-gtk
vpnc-consoleuser
wifi-radar
xawtv
2019-08-27 18:24:44 +02:00
Lennart Poettering
29a3d5caea man: remove trailing space in link in HTML output 2019-07-29 19:25:49 +02:00
Lennart Poettering
b042dd687c man: document that the supplementary groups list is initialized from User='s database entry
Fixes: #12936
2019-07-12 14:25:28 +02:00
Lennart Poettering
8c8208cb80 man: document new "systemctl clean…" operation 2019-07-11 12:18:51 +02:00
Philip Withnall
a9a50bd680 man: Add some notes about variable $prefix for StateDirectory=
tl;dr: It isn’t supported.

Wording by Zbigniew Jędrzejewski-Szmek.

See https://twitter.com/pid_eins/status/1102639279614906369 and
https://gitlab.freedesktop.org/libfprint/fprintd/merge_requests/5#note_125536
onwards.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-07-04 18:26:03 +02:00
Lennart Poettering
330703fb22 man: beef up systemd.exec(5)
Prompted by:

https://lists.freedesktop.org/archives/systemd-devel/2019-May/042773.html
2019-06-24 18:31:36 +02:00
Michal Sekletar
b070c7c0e1 core: introduce NUMAPolicy and NUMAMask options
Make possible to set NUMA allocation policy for manager. Manager's
policy is by default inherited to all forked off processes. However, it
is possible to override the policy on per-service basis. Currently we
support, these policies: default, prefer, bind, interleave, local.
See man 2 set_mempolicy for details on each policy.

Overall NUMA policy actually consists of two parts. Policy itself and
bitmask representing NUMA nodes where is policy effective. Node mask can
be specified using related option, NUMAMask. Default mask can be
overwritten on per-service level.
2019-06-24 16:58:54 +02:00
Lennart Poettering
eedaf7f322 man: drop references to "syslog" and "syslog+console" from man page
These options are pretty much equivalent to "journal" and
"journal+console" anyway, let's simplify things, and drop them from the
documentation hence.

For compat reasons let's keep them in the code.

(Note that they are not 100% identical to 'journal', but I doubt the
distinction in behaviour is really relevant to keep this in the docs.
And we should probably should drop 'syslog' entirely from our codebase
eventually, but it's problematic as long as we semi-support udev on
non-systemd systems still.)
2019-06-24 15:23:11 +02:00
Lennart Poettering
e0e65f7d09 man: document that DynamicUser=1 implied sandboxing cannot be turned off
Fixes: #12476
2019-06-24 14:20:36 +02:00
Zbigniew Jędrzejewski-Szmek
61fbbac1d5 pid1: parse CPUAffinity= in incremental fashion
This makes the handling of this option match what we do in unit files. I think
consistency is important here. (As it happens, it is the only option in
system.conf that is "non-atomic", i.e. where there's a list of things which can
be split over multiple assignments. All other options are single-valued, so
there's no issue of how to handle multiple assignments.)
2019-05-29 10:29:28 +02:00
Ben Boeckel
5238e95759 codespell: fix spelling errors 2019-04-29 16:47:18 +02:00
Zbigniew Jędrzejewski-Szmek
db8d154dc4 man: describe interaction with ProtectHome=/InaccessiblePaths= in BindMount=
https://github.com/systemd/systemd/issues/7153#issuecomment-485252308

Apparently this is still confusing for people.

Longer-term, I think we should just make BindMount= automatically "upgrade"
(or "downgrade", depending on how you look at this), any InaccessiblePath=
mountpoints to "tmpfs". I don't see much point in forcing users to remember
this interaction. But let's at least document the status quo, we can always
update the docs if the code changes.
2019-04-24 10:21:37 +02:00
Lennart Poettering
8e74bf7f9c man: document new OOMPolicy= setting 2019-04-09 11:17:58 +02:00
Lennart Poettering
bf65b7e0c9 core: imply NNP and SUID/SGID restriction for DynamicUser=yes service
Let's be safe, rather than sorry. This way DynamicUser=yes services can
neither take benefit of, nor create SUID/SGID binaries.

Given that DynamicUser= is a recent addition only we should be able to
get away with turning this on, even though this is strictly speaking a
binary compatibility breakage.
2019-04-02 16:56:48 +02:00
Lennart Poettering
7445db6eb7 man: document the new RestrictSUIDSGID= setting 2019-04-02 16:56:48 +02:00
Lennart Poettering
6d463b8aed man: refer to innermost directory as innermost, not as "lowest"
Let's avoid confusion whether the root is at the top or of the bottom of
the directory tree. Moreover we use "innermost" further down for the
same concept, so let's stick to the same terminology here.
2019-04-01 18:30:18 +02:00
Lennart Poettering
8601482cd8 man: tweak XyzDirectory= table a bit 2019-04-01 18:30:18 +02:00
Zbigniew Jędrzejewski-Szmek
de04bbdce1 tree-wide: spell "lifecycle" without hyphen everywhere
We had 10 instances of unhyphentated spelling, and 4 of the hyphenated one.
Consistency trumps ispell.
2019-03-14 22:47:44 +01:00
Lennart Poettering
b3f6c4531e
Merge pull request #12002 from keszybz/man-headers
Man headers
2019-03-14 15:55:04 +01:00
Lennart Poettering
c4d4b5a708 man: say explicitly which settings are not available in --user services
Fixes: #3944
2019-03-14 15:13:33 +01:00
Zbigniew Jędrzejewski-Szmek
3a54a15760 man: use same header for all files
The "include" files had type "book" for some raeason. I don't think this
is meaningful. Let's just use the same everywhere.

$ perl -i -0pe 's^..DOCTYPE (book|refentry) PUBLIC "-//OASIS//DTD DocBook XML V4.[25]//EN"\s+"http^<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"\n  "http^gms' man/*.xml
2019-03-14 14:42:05 +01:00
Zbigniew Jędrzejewski-Szmek
0307f79171 man: standarize on one-line license header
No need to waste space, and uniformity is good.

$ perl -i -0pe 's|\n+<!--\s*SPDX-License-Identifier: LGPL-2.1..\s*-->|\n<!-- SPDX-License-Identifier: LGPL-2.1+ -->|gms' man/*.xml
2019-03-14 14:29:37 +01:00
Lennart Poettering
c648d4d4c8 man: mention that DynamicUser= should not be mixed with ReadWriteDirectory= or AF_UNIX dir fd passing 2019-03-14 09:31:09 +01:00
Zbigniew Jędrzejewski-Szmek
fb6692ed33
Merge pull request #11927 from poettering/network-namespace-path
Add NetworkNamespacePath= to unit files
2019-03-12 14:29:14 +01:00
Lennart Poettering
8df87b4383 man: document that ProtectHostname= disables hostname change notifications 2019-03-08 15:49:10 +01:00
Lennart Poettering
4107452e51 man: document NetworkNamespacePath= 2019-03-07 21:27:02 +01:00
Lennart Poettering
eb5149ba74
Merge pull request #11682 from topimiettinen/private-utsname
core: ProtectHostname feature
2019-02-20 14:12:15 +01:00
Topi Miettinen
aecd5ac621 core: ProtectHostname= feature
Let services use a private UTS namespace. In addition, a seccomp filter is
installed on set{host,domain}name and a ro bind mounts on
/proc/sys/kernel/{host,domain}name.
2019-02-20 10:50:44 +02:00
Lennart Poettering
dcf3c3c3d9 core: export $PIDFILE env var for services, derived from PIDFile= 2019-02-15 11:32:19 +01:00
Zbigniew Jędrzejewski-Szmek
e0e2ecd5a8 man: move entries to the right section in systemd.directives
They were in "miscellaneuos" because of the missing class= assignment.
Probably introduced when the split into sections was done.
2019-02-13 11:17:41 +01:00
Yu Watanabe
d1698b82e6 man: add referecne to systemd-system.conf 2019-02-01 12:31:51 +01:00
Yu Watanabe
68d838f71d man: fix volume num of journalctl 2019-02-01 12:30:36 +01:00
Topi Miettinen
10d44e72ec Document weaknesses with MDWE and suggest hardening
Closes #11473
2019-01-21 11:37:46 +01:00
Philip Withnall
35f2c0ba6a man: Fix a typo in systemd.exec.xml
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-01-16 21:33:38 +09:00
Alex Mayer
8d7fac92f0 Docs: Add Missing Space Between Words 2019-01-03 03:07:50 +09:00
Zbigniew Jędrzejewski-Szmek
0b57803630 man: add note about systemd-vconsole-setup.service and tty as input/output
Closes #10019.
2018-12-14 11:18:32 +01:00
Lennart Poettering
438311a518 man: document that env vars are not suitable for passing secrets
Prompted by the thread around:

https://lists.freedesktop.org/archives/systemd-devel/2018-November/041665.html
2018-11-14 09:12:49 +03:00
Lennart Poettering
0e18724eb1 man: emphasize the ReadOnlyPaths= mount propagation "hole"
This changes the ProtectSystem= documentation to refer in more explicit
words to the restrictions of ReadOnlyPath=, as sugegsted in #9857.

THis also extends the paragraph in ReadOnlyPath= that explains the hole.

Fixes: #9857
2018-10-30 15:30:18 +01:00
Lennart Poettering
d287820dec man: document that various sandboxing settings are not available in --user services
This is brief and doesn't go into detail, but should at least indicate
to those searching for it that some stuff is not available.

Fixes: #9870
2018-10-30 15:30:18 +01:00