picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

man: make clear that accessing network and mounting filesystems is not supported in udev rules (#7916) 

These restrictions are implied by systemd options used for
systemd-udevd.service, i.e. MountFlags=slave and
IPAddressDeny=any. However, there are users out there getting tripped by
this, so let's make things clear in the man page so the actual
restrictions we implement by default have better visibility.
This commit is contained in:
Michal Sekletar 2018-01-20 00:47:27 +01:00 committed by Yu Watanabe
parent 8cdc46e7ba
commit 877dce40cb
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
man/udev.xml
View File

@ -465,6 +465,9 @@
<para>Starting daemons or other long-running processes is not appropriate
for udev; the forked processes, detached or not, will be unconditionally
killed after the event handling has finished.</para>
<para>Note that running programs that access the network or mount/unmount
filesystems is not allowed inside of udev rules, due to the default sandbox
that is enforced on <filename>systemd-udevd.service</filename>.</para>
</listitem>
</varlistentry>