mirrors/systemd
0
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-24 10:43:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

doc: minor hint about InaccessiblePaths= in regard of ProtectKernelTunables=

Browse Source
This commit is contained in:
Djalal Harouni 2016-10-08 17:48:35 +02:00
parent 625d8769fa
commit ac246d9868
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
man/systemd.exec.xml
View File

@ -1046,7 +1046,10 @@
boot-time, with the <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
mechanism. Almost no services need to write to these at runtime; it is hence recommended to turn this on for
most services. For this setting the same restrictions regarding mount propagation and privileges apply as for
<varname>ReadOnlyPaths=</varname> and related calls, see above. Defaults to off.</para></listitem>
<varname>ReadOnlyPaths=</varname> and related calls, see above. Defaults to off.
Note that this option does not prevent kernel tuning through IPC interfaces and exeternal programs. However
<varname>InaccessiblePaths=</varname> can be used to make some IPC file system objects
inaccessible.</para></listitem>
</varlistentry>
<varlistentry>