X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=man%2Fsystemd.exec.xml;h=b338899d81f7bc0665dba7350e747ebab7638bb4;hb=a47e6701bfc45519a4e038daa52e9236e932f59a;hp=d426ac0899a4b146d1967a24f3c9b18018de2fa0;hpb=1b8689f94983b47bf190e77ddb03a8fc6af15fb3;p=elogind.git
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index d426ac089..b338899d8 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -103,7 +103,7 @@
directory path. Sets the root
directory for executed processes, with
the
- chroot2
+ chroot2
system call. If this is used, it must
be ensured that the process and all
its auxiliary files are available in
@@ -250,7 +250,7 @@
processes. Takes a space-separated
list of CPU indices. This option may
be specified more than once in which
- case the specificed CPU affinity masks
+ case the specified CPU affinity masks
are merged. If the empty string is
assigned, the mask is reset, all
assignments prior to this will have no
@@ -304,7 +304,7 @@
See
- environ7
+ environ7
for details about environment variables.
@@ -365,39 +365,47 @@
,
,
or
- . If
- is selected,
- standard input will be connected to
+ .
+
+ If is
+ selected, standard input will be
+ connected to
/dev/null,
i.e. all read attempts by the process
- will result in immediate EOF. If
- is selected,
- standard input is connected to a TTY
- (as configured by
+ will result in immediate EOF.
+
+ If is
+ selected, standard input is connected
+ to a TTY (as configured by
TTYPath=, see
below) and the executed process
becomes the controlling process of the
terminal. If the terminal is already
- being controlled by another process, the
- executed process waits until the current
- controlling process releases the
- terminal.
-
- is similar to ,
- but the executed process is forcefully
- and immediately made the controlling
+ being controlled by another process,
+ the executed process waits until the
+ current controlling process releases
+ the terminal.
+
+ is similar
+ to , but the
+ executed process is forcefully and
+ immediately made the controlling
process of the terminal, potentially
removing previous controlling
processes from the
- terminal. is
+ terminal.
+
+ is
similar to but if
the terminal already has a controlling
process start-up of the executed
- process fails. The
- option is only
- valid in socket-activated services,
- and only when the socket configuration
- file (see
+ process fails.
+
+ The
+ option is only valid in
+ socket-activated services, and only
+ when the socket configuration file
+ (see
systemd.socket5
for details) specifies a single socket
only. If this option is set, standard
@@ -407,7 +415,9 @@
with daemons designed for use with the
traditional
inetd8
- daemon. This setting defaults to
+ daemon.
+
+ This setting defaults to
.
@@ -418,56 +428,84 @@
of ,
,
,
+ ,
,
,
- ,
+ ,
,
- ,
- or
- . If set to
- , the file
- descriptor of standard input is
- duplicated for standard output. If set
- to , standard
- output will be connected to
+ or
+ .
+
+
+ duplicates the file descriptor of
+ standard input for standard
+ output.
+
+ connects
+ standard output to
/dev/null,
i.e. everything written to it will be
- lost. If set to ,
- standard output will be connected to a
- tty (as configured via
+ lost.
+
+ connects
+ standard output to a tty (as
+ configured via
TTYPath=, see
below). If the TTY is used for output
only, the executed process will not
become the controlling process of the
terminal, and will not fail or wait
for other processes to release the
- terminal.
- connects standard output to the
- syslog3
- system syslog
- service.
- connects it with the kernel log buffer
- which is accessible via
- dmesg1.
- connects it with the journal which is
- accessible via
- journalctl1
- (Note that everything that is written
- to syslog or kmsg is implicitly stored
- in the journal as well, those options
- are hence supersets of this
- one). ,
- and
- work
- similarly but copy the output to the
- system console as
- well. connects
- standard output to a socket from
- socket activation, semantics are
- similar to the respective option of
- StandardInput=.
- This setting defaults to the value set
- with
+ terminal.
+
+
+ connects standard output with the
+ journal which is accessible via
+ journalctl1.
+ Note that everything that is written
+ to syslog or kmsg (see below) is
+ implicitly stored in the journal as
+ well, the specific two options listed
+ below are hence supersets of this
+ one.
+
+ connects
+ standard output to the syslog3
+ system syslog service, in addition to
+ the journal. Note that the journal
+ daemon is usually configured to
+ forward everything it receives to
+ syslog anyway, in which case this
+ option is no different from
+ .
+
+ connects
+ standard output with the kernel log
+ buffer which is accessible via
+ dmesg1,
+ in addition to the journal. The
+ journal daemon might be configured to
+ send all logs to kmsg anyway, in which
+ case this option is no different from
+ .
+
+ ,
+ and
+ work in
+ a similar way as the three options
+ above but copy the output to the
+ system console as well.
+
+ connects
+ standard output to a socket acquired
+ via socket activation. The semantics
+ are similar to the same option of
+ StandardInput=.
+
+ This setting defaults to the
+ value set with
in
systemd-system.conf5,
@@ -534,15 +572,19 @@
SyslogIdentifier=Sets the process name
- to prefix log lines sent to syslog or
- the kernel log buffer with. If not set,
- defaults to the process name of the
- executed process. This option is only
- useful when
+ to prefix log lines sent to the
+ logging system or the kernel log
+ buffer with. If not set, defaults to
+ the process name of the executed
+ process. This option is only useful
+ when
StandardOutput= or
StandardError= are
- set to or
- .
+ set to ,
+ or
+ (or to the same
+ settings in combination with
+ ).SyslogFacility=
@@ -568,7 +610,7 @@
,
or
. See
- syslog3
+ syslog3
for details. This option is only
useful when
StandardOutput= or
@@ -590,7 +632,7 @@
,
,
. See
- syslog3
+ syslog3
for details. This option is only
useful when
StandardOutput= or
@@ -666,14 +708,95 @@
LimitNICE=LimitRTPRIO=LimitRTTIME=
- These settings control
- various resource limits for executed
- processes. See
+ These settings set both
+ soft and hard limits of various resources for
+ executed processes. See
setrlimit2
for details. Use the string
infinity to
configure no limit on a specific
resource.
+
+
@@ -687,7 +810,7 @@
User= setting. If
not set, no PAM session will be opened
for the executed processes. See
- pam8
+ pam8
for details.
@@ -698,7 +821,7 @@
capabilities to include in the
capability bounding set for the
executed process. See
- capabilities7
+ capabilities7
for details. Takes a whitespace-separated
list of capability names as read by
cap_from_name3,
@@ -738,26 +861,28 @@
SecureBits=Controls the secure
- bits set for the executed process. See
- capabilities7
- for details. Takes a list of strings:
+ bits set for the executed process.
+ Takes a space-separated combination of
+ options from the following list:
,
,
,
,
- and/or
+ , and
. This
option may appear more than once in
- which case the secure bits are
- ORed. If the empty string is assigned
- to this option, the bits are reset to
- 0.
+ which case the secure bits are ORed.
+ If the empty string is assigned to
+ this option, the bits are reset to 0.
+ See capabilities7
+ for details.
Capabilities=Controls the
- capabilities7
+ capabilities7
set for the executed process. Take a
capability string describing the
effective, permitted and inherited
@@ -768,7 +893,7 @@
attached to the executed file. Due to
that
CapabilityBoundingSet=
- is probably the much more useful
+ is probably a much more useful
setting.
@@ -777,8 +902,8 @@
ReadOnlyDirectories=InaccessibleDirectories=
- Sets up a new
- file system namespace for executed
+ Sets up a new file
+ system namespace for executed
processes. These options may be used
to limit access a process might have
to the main file system
@@ -799,16 +924,14 @@
processes inside the namespace. Note
that restricting access with these
options does not extend to submounts
- of a directory. You must list
- submounts separately in these settings
- to ensure the same limited
- access. These options may be specified
+ of a directory that are created later
+ on. These options may be specified
more than once in which case all
directories listed will have limited
access from within the namespace. If
the empty string is assigned to this
- option, the specific list is reset, and
- all prior assignments have no
+ option, the specific list is reset,
+ and all prior assignments have no
effect.Paths in
ReadOnlyDirectories=
@@ -941,11 +1064,10 @@
argument or
full. If true,
mounts the /usr
- and /boot
- directories read-only for processes
+ directory read-only for processes
invoked by this unit. If set to
- full the
- /etc is mounted
+ full, the
+ /etc directory is mounted
read-only, too. This setting ensures
that any modification of the vendor
supplied operating system (and
@@ -955,7 +1077,7 @@
all long-running services, unless they
are involved with system updates or
need to modify the operating system in
- other ways. Note however, that
+ other ways. Note however that
processes retaining the CAP_SYS_ADMIN
capability can undo the effect of this
setting. This setting is hence
@@ -977,15 +1099,15 @@
/run/user are
made inaccessible and empty for
processes invoked by this unit. If set
- to read-only the
- two directores are made read-only
+ to read-only, the
+ two directories are made read-only
instead. It is recommended to enable
this setting for all long-running
services (in particular network-facing
ones), to ensure they cannot get access
to private user data, unless the
services actually require access to
- the user's private data. Note however,
+ the user's private data. Note however
that processes retaining the
CAP_SYS_ADMIN capability can undo the
effect of this setting. This setting
@@ -1024,14 +1146,14 @@
namespace. Note that
means that file
systems mounted on the host might stay
- mounted continously in the unit's
+ mounted continuously in the unit's
namespace, and thus keep the device
busy. Note that the file system
namespace related options
(PrivateTmp=,
PrivateDevices=,
- ReadOnlySystem=,
- ProtectedHome=,
+ ProtectSystem=,
+ ProtectHome=,
ReadOnlyDirectories=,
InaccessibleDirectories=
and
@@ -1074,7 +1196,7 @@
process. If set, this will override
the automated domain
transition. However, the policy still
- needs to autorize the transition. This
+ needs to authorize the transition. This
directive is ignored if SELinux is
disabled. If prefixed by
-, all errors will
@@ -1096,6 +1218,35 @@
+
+ SmackProcessLabel=
+
+ Takes a
+ security
+ label as argument. The process
+ executed by the unit will be started
+ under this label and SMACK will decide
+ whether the processes is allowed to
+ run or not based on it. The process
+ will continue to run under the label
+ specified here unless the executable
+ has its own
+ label, in
+ which case the process will transition
+ to run under that label. When not
+ specified, the label that systemd is
+ running under is used. This directive
+ is ignored if SMACK is
+ disabled.
+
+ The value may be prefixed by
+ -, in which case
+ all errors will be ignored. An empty
+ value may be specified to unset
+ previous assignments.
+
+
+
IgnoreSIGPIPE=
@@ -1370,7 +1521,7 @@
$PATHColon-separated list
- of directiories to use when launching
+ of directories to use when launching
executables. Systemd uses a fixed
value of
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin.
@@ -1475,7 +1626,7 @@
or
StandardError=tty).
See
- termcap5.
+ termcap5.
@@ -1491,14 +1642,14 @@
systemd.setenv= (see
systemd1). Additional
variables may also be set through PAM,
- cf. pam_env8.
+ cf. pam_env8.
See Alsosystemd1,
- systemctl8,
+ systemctl1,
journalctl8,
systemd.unit5,
systemd.service5,
@@ -1509,7 +1660,7 @@
systemd.resource-control5,
systemd.directives7,
tmpfiles.d5,
- exec3
+ exec3