X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=man%2Fsystemd.exec.xml;h=116909597861f8545d4c2a3ed9da844a9c885752;hb=248fc619b5e3e24d78f171f95b85916eee7987bd;hp=8d5948ab0797391a88a94a8e9d6bd0db8636520e;hpb=97d0e5f83ba4dd713170f802b90149b7325bc992;p=elogind.git
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 8d5948ab0..116909597 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -69,7 +69,7 @@
files, and
systemd.service5,
systemd.socket5,
- systemd.swap5
+ systemd.swap5,
and
systemd.mount5
for more information on the specific unit
@@ -129,7 +129,7 @@
Sets the supplementary
Unix groups the processes are executed
- as. This takes a space separated list
+ as. This takes a space-separated list
of group names or IDs. This option may
be specified more than once in which
case all listed groups are set as
@@ -167,7 +167,7 @@
for this process) and 1000 (to make
killing of this process under memory
pressure very likely). See proc.txt
+ url="https://www.kernel.org/doc/Documentation/filesystems/proc.txt">proc.txt
for details.
@@ -312,7 +312,7 @@
Environment= but
reads the environment variables from a
text file. The text file should
- contain new-line separated variable
+ contain new-line-separated variable
assignments. Empty lines and lines
starting with ; or # will be ignored,
which may be used for commenting. A line
@@ -324,17 +324,18 @@
double quotes (").
The argument passed should be an
- absolute file name or wildcard
+ absolute filename or wildcard
expression, optionally prefixed with
- "-", which indicates that if the file
- does not exist it won't be read and no
- error or warning message is logged.
- This option may be specified more than
- once in which case all specified files
- are read. If the empty string is
- assigned to this option the list of
- file to read is reset, all prior
- assignments have no effect.
+ -, which indicates
+ that if the file does not exist it
+ won't be read and no error or warning
+ message is logged. This option may be
+ specified more than once in which case
+ all specified files are read. If the
+ empty string is assigned to this
+ option the list of file to read is
+ reset, all prior assignments have no
+ effect.
The files listed with this
directive will be read shortly before
@@ -717,13 +718,12 @@
capability bounding set for the
executed process. See
capabilities7
- for details. Takes a whitespace
- separated list of capability names as
- read by
+ for details. Takes a whitespace-separated
+ list of capability names as read by
cap_from_name3,
- e.g. CAP_SYS_ADMIN
- CAP_DAC_OVERRIDE
- CAP_SYS_PTRACE.
+ e.g. CAP_SYS_ADMIN,
+ CAP_DAC_OVERRIDE,
+ CAP_SYS_PTRACE.
Capabilities listed will be included
in the bounding set, all others are
removed. If the list of capabilities
@@ -832,7 +832,7 @@
and doing this might result in
undefined behaviour. For details about
control groups see cgroups.txt.
+ url="https://www.kernel.org/doc/Documentation/cgroups/cgroups.txt">cgroups.txt.
This option may appear more than
once, in which case the list of
@@ -923,7 +923,7 @@
service is not desirable. For details
about control group attributes see
cgroups.txt. This
+ url="https://www.kernel.org/doc/Documentation/cgroups/cgroups.txt">cgroups.txt. This
option may appear more than once, in
order to set multiple control group
attributes. If this option is used
@@ -945,124 +945,6 @@
-
- CPUShares=
-
- Assign the specified
- overall CPU time shares to the
- processes executed. Takes an integer
- value. This controls the
- cpu.shares control
- group attribute, which defaults to
- 1024. For details about this control
- group attribute see sched-design-CFS.txt.
-
-
-
- MemoryLimit=
- MemorySoftLimit=
-
- Limit the overall memory usage
- of the executed processes to a certain
- size. Takes a memory size in bytes. If
- the value is suffixed with K, M, G or
- T the specified memory size is parsed
- as Kilobytes, Megabytes, Gigabytes,
- or Terabytes (to the base
- 1024), respectively. This controls the
- memory.limit_in_bytes
- and
- memory.soft_limit_in_bytes
- control group attributes. For details
- about these control group attributes
- see memory.txt.
-
-
-
- DeviceAllow=
- DeviceDeny=
-
- Control access to
- specific device nodes by the executed processes. Takes two
- space separated strings: a device node
- path (such as
- /dev/null)
- followed by a combination of r, w, m
- to control reading, writing, or
- creating of the specific device node
- by the unit, respectively. This controls the
- devices.allow
- and
- devices.deny
- control group attributes. For details
- about these control group attributes
- see devices.txt.
-
-
-
- BlockIOWeight=
-
- Set the default or
- per-device overall block IO weight
- value for the executed
- processes. Takes either a single
- weight value (between 10 and 1000) to
- set the default block IO weight, or a
- space separated pair of a file path
- and a weight value to specify the
- device specific weight value (Example:
- "/dev/sda 500"). The file path may be
- specified as path to a block device
- node or as any other file in which
- case the backing block device of the
- file system of the file is
- determined. This controls the
- blkio.weight and
- blkio.weight_device
- control group attributes, which
- default to 1000. Use this option
- multiple times to set weights for
- multiple devices. For details about
- these control group attributes see
- blkio-controller.txt.
-
-
-
- BlockIOReadBandwidth=
- BlockIOWriteBandwidth=
-
- Set the per-device
- overall block IO bandwidth limit for
- the executed processes. Takes a space
- separated pair of a file path and a
- bandwidth value (in bytes per second)
- to specify the device specific
- bandwidth. The file path may be
- specified as path to a block device
- node or as any other file in which
- case the backing block device of the
- file system of the file is determined.
- If the bandwidth is suffixed with K, M,
- G, or T the specified bandwidth is
- parsed as Kilobytes, Megabytes,
- Gigabytes, or Terabytes, respectively (Example:
- "/dev/disk/by-path/pci-0000:00:1f.2-scsi-0:0:0:0
- 5M"). This controls the
- blkio.read_bps_device
- and
- blkio.write_bps_device
- control group attributes. Use this
- option multiple times to set bandwidth
- limits for multiple devices. For
- details about these control group
- attributes see blkio-controller.txt.
-
-
ReadWriteDirectories=
ReadOnlyDirectories=
@@ -1185,10 +1067,10 @@
IgnoreSIGPIPE=
Takes a boolean
- argument. If true causes SIGPIPE to be
+ argument. If true, causes SIGPIPE to be
ignored in the executed
- process. Defaults to true, since
- SIGPIPE generally is useful only in
+ process. Defaults to true because
+ SIGPIPE generally is useful only in
shell pipelines.
@@ -1196,7 +1078,7 @@
NoNewPrivileges=
Takes a boolean
- argument. If true ensures that the
+ argument. If true, ensures that the
service process and all its children
can never gain new privileges. This
option is more powerful than the respective
@@ -1211,13 +1093,14 @@
SystemCallFilter=
- Takes a space
- separated list of system call
- names. If this setting is used all
+ Takes a space-separated
+ list of system call
+ names. If this setting is used, all
system calls executed by the unit
process except for the listed ones
will result in immediate process
- termination with the SIGSYS signal
+ termination with the
+ SIGSYS signal
(whitelisting). If the first character
of the list is ~
the effect is inverted: only the