From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 27 Jan 2015 01:19:33 +0000 (+0100)
Subject: man: document that ProtectSystem= also covers /boot
X-Git-Tag: v219~286
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=c51cbfdcc7f38438553e4c2c60499f6aea7cc504;ds=sidebyside

man: document that ProtectSystem= also covers /boot
---

diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index b338899d8..cbaec9f13 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -1064,13 +1064,14 @@
                                 argument or
                                 <literal>full</literal>. If true,
                                 mounts the <filename>/usr</filename>
-                                directory read-only for processes
+                                and <filename>/boot</filename>
+                                directories read-only for processes
                                 invoked by this unit. If set to
                                 <literal>full</literal>, the
-                                <filename>/etc</filename> directory is mounted
-                                read-only, too. This setting ensures
-                                that any modification of the vendor
-                                supplied operating system (and
+                                <filename>/etc</filename> directory is
+                                mounted read-only, too. This setting
+                                ensures that any modification of the
+                                vendor supplied operating system (and
                                 optionally its configuration) is
                                 prohibited for the service. It is
                                 recommended to enable this setting for