|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
From e060073a8f05cfdfad621b1bb59abe944b17d5f9 Mon Sep 17 00:00:00 2001
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
Date: Fri, 3 Oct 2014 21:06:52 -0400
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
Subject: [PATCH] man: say that SecureBits= are space separated
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
---
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
man/systemd.exec.xml | 20 +++++++++++---------
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
1 file changed, 11 insertions(+), 9 deletions(-)
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
index 6d0113f5cc..939983fb7e 100644
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
--- a/man/systemd.exec.xml
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+++ b/man/systemd.exec.xml
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
@@ -776,20 +776,22 @@
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
<varlistentry>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
<term><varname>SecureBits=</varname></term>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
<listitem><para>Controls the secure
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
- bits set for the executed process. See
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
- <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
- for details. Takes a list of strings:
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ bits set for the executed process.
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ Takes a space-separated combination of
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ options from the following list:
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
<option>keep-caps</option>,
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
<option>keep-caps-locked</option>,
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
<option>no-setuid-fixup</option>,
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
<option>no-setuid-fixup-locked</option>,
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
- <option>noroot</option> and/or
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ <option>noroot</option>, and
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
<option>noroot-locked</option>. This
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
option may appear more than once in
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
- which case the secure bits are
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
- ORed. If the empty string is assigned
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
- to this option, the bits are reset to
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
- 0.</para></listitem>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ which case the secure bits are ORed.
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ If the empty string is assigned to
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ this option, the bits are reset to 0.
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ See
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ for details.</para></listitem>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
</varlistentry>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
<varlistentry>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
@@ -806,7 +808,7 @@
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
attached to the executed file. Due to
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
that
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
<varname>CapabilityBoundingSet=</varname>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
- is probably the much more useful
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ is probably a much more useful
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
setting.</para></listitem>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
</varlistentry>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
|