X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=man%2Fsystemd.exec.xml;h=7b6514375d23ad188643e99eb10309c968d35332;hb=ada45c785fc7b0cbe0adb9cbf641943410f4953f;hp=291178679da85b533c35aca108e08edd52a26094;hpb=e06c73cc91e02a1a3dffdb0976fef754f1109e74;p=elogind.git
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 291178679..7b6514375 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -44,7 +44,7 @@
systemd.exec
- systemd execution environment configuration
+ Execution environment configuration
@@ -75,7 +75,7 @@
for more information on the specific unit
configuration files. The execution specific
configuration options are configured in the [Service],
- [Socket], [Mount] resp. [Swap] section, depending on the unit
+ [Socket], [Mount], or [Swap] sections, depending on the unit
type.
@@ -117,10 +117,10 @@
Group=Sets the Unix user
- resp. group the processes are executed
- as. Takes a single user resp. group
+ or group that the processes are executed
+ as, respectively. Takes a single user or group
name or ID as argument. If no group is
- set the default group of the user is
+ set, the default group of the user is
chosen.
@@ -471,7 +471,7 @@
TTYVTDisallocate=
- If the the terminal
+ If the terminal
device specified with
TTYPath= is a
virtual console terminal try to
@@ -567,8 +567,9 @@
argument. If true and
StandardOutput= or
StandardError= are
- set to or
- log lines
+ set to ,
+ or
+ , log lines
written by the executed process that
are prefixed with a log level will be
passed on to syslog with this log
@@ -806,7 +807,7 @@
Set a specific control
group attribute for executed
- processes, and (if needed) add the the
+ processes, and (if needed) add the
executed processes to a cgroup in the
hierarchy of the controller the
attribute belongs to. Takes two
@@ -868,8 +869,8 @@
the value is suffixed with K, M, G or
T the specified memory size is parsed
as Kilobytes, Megabytes, Gigabytes,
- resp. Terabytes (to the base
- 1024). This controls the
+ or Terabytes (to the base
+ 1024), respectively. This controls the
memory.limit_in_bytes
and
memory.soft_limit_in_bytes
@@ -889,9 +890,9 @@
path (such as
/dev/null)
followed by a combination of r, w, m
- to control reading, writing resp.
+ to control reading, writing, or
creating of the specific device node
- by the unit. This controls the
+ by the unit, respectively. This controls the
devices.allow
and
devices.deny
@@ -948,7 +949,7 @@
If the bandwidth is suffixed with K, M,
G, or T the specified bandwidth is
parsed as Kilobytes, Megabytes,
- Gigabytes, resp. Terabytes (Example:
+ Gigabytes, or Terabytes, respectively (Example:
"/dev/disk/by-path/pci-0000:00:1f.2-scsi-0:0:0:0
5M"). This controls the
blkio.read_bps_device
@@ -1043,26 +1044,19 @@
,
or
, which
- control whether namespaces set up with
- ReadWriteDirectories=,
- ReadOnlyDirectories=
- and
- InaccessibleDirectories=
- receive or propagate new mounts
- from/to the main namespace. See
+ control whether the file system
+ namespace set up for this unit's
+ processes will receive or propagate
+ new mounts. See
mount1
- for details. Defaults to
- , i.e. the new
- namespace will both receive new mount
- points from the main namespace as well
- as propagate new mounts to
- it.
+ for details. Default to
+ .UtmpIdentifier=
- Takes a a four
+ Takes a four
character identifier string for an
utmp/wtmp entry for this service. This
should only be set for services such
@@ -1091,6 +1085,54 @@
shell pipelines.
+
+ NoNewPrivileges=
+
+ Takes a boolean
+ argument. If true ensures that the
+ service process and all its children
+ can never gain new privileges. This
+ option is more powerful than the respective
+ secure bits flags (see above), as it
+ also prohibits UID changes of any
+ kind. This is the simplest, most
+ effective way to ensure that a process
+ and its children can never elevate
+ privileges again.
+
+
+
+ SystemCallFilter=
+
+ Takes a space
+ separated list of system call
+ names. If this setting is used all
+ system calls executed by the unit
+ process except for the listed ones
+ will result in immediate process
+ termination with the SIGSYS signal
+ (whitelisting). If the first character
+ of the list is ~
+ the effect is inverted: only the
+ listed system calls will result in
+ immediate process termination
+ (blacklisting). If this option is used
+ NoNewPrivileges=yes
+ is implied. This feature makes use of
+ the Secure Computing Mode 2 interfaces
+ of the kernel ('seccomp filtering')
+ and is useful for enforcing a minimal
+ sandboxing environment. Note that the
+ execve,
+ rt_sigreturn,
+ sigreturn,
+ exit_group,
+ exit system calls
+ are implicitly whitelisted and don't
+ need to be listed
+ explicitly.
+
+
@@ -1104,7 +1146,8 @@
systemd.service5,
systemd.socket5,
systemd.swap5,
- systemd.mount5
+ systemd.mount5,
+ systemd.kill5