mirror of
https://github.com/systemd/systemd.git
synced 2024-11-24 02:33:36 +08:00
f2af682cd6
DeviceAllow= and others are applied to the whole cgroup via bpf, so using '+' on an Exec line will not bypass them. Explain this in the manpage. Fixes https://github.com/systemd/systemd/issues/26035
17 lines
577 B
XML
17 lines
577 B
XML
<?xml version="1.0"?>
|
|
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
|
|
|
|
<!--
|
|
SPDX-License-Identifier: LGPL-2.1-or-later
|
|
-->
|
|
|
|
<refsect1>
|
|
|
|
<para id="singular">This option cannot be bypassed by prefixing <literal>+</literal> to the executable path
|
|
in the service unit, as it applies to the whole control group.</para>
|
|
|
|
<para id="plural">These options cannot be bypassed by prefixing <literal>+</literal> to the executable path
|
|
in the service unit, as it applies to the whole control group.</para>
|
|
|
|
</refsect1>
|