X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=man%2Fsystemd.exec.xml;h=207592dda70c7c42198d167b4a480edc4098b726;hp=8c44071d533a5b8b651218ceb65d6006fe1c88c6;hb=cd49e2f6641aaa3a9185704ca2f14a1e0855c247;hpb=72f4d9669c253d5bd7c126bf2e7a0db0198cf2eb
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 8c44071d5..207592dda 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -846,9 +846,9 @@
system namespace for the executed
processes and mounts private
/tmp and
- /var/tmp directories
- inside it, that are not shared by
- processes outside of the
+ /var/tmp
+ directories inside it, that are not
+ shared by processes outside of the
namespace. This is useful to secure
access to temporary files of the
process, but makes sharing between
@@ -856,9 +856,17 @@
/tmp or
/var/tmp
impossible. All temporary data created
- by service will be removed after service
- is stopped. Defaults to
- false.
+ by service will be removed after
+ service is stopped. Defaults to
+ false. Note that it is possible to run
+ two or more units within the same
+ private /tmp and
+ /var/tmp
+ namespace by using the
+ JoinsNamespaceOf=
+ directive, see
+ systemd.unit5
+ for details.
@@ -874,8 +882,14 @@
available to the executed process.
This is useful to securely turn off
network access by the executed
- process. Defaults to
- false.
+ process. Defaults to false. Note that
+ it is possible to run two or more
+ units within the same private network
+ namespace by using the
+ JoinsNamespaceOf=
+ directive, see
+ systemd.unit5
+ for details.