man: document that ProtectSystem= also covers /boot

2015-01-27 02:19:33 +01:00 · 2015-01-27 02:19:33 +01:00 · c51cbfdcc7
parent 297d563de4
commit c51cbfdcc7
1 changed files with 6 additions and 5 deletions
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@ -1064,13 +1064,14 @@
                                argument or
                                <literal>full</literal>. If true,
                                mounts the <filename>/usr</filename>
-                                directory read-only for processes
+                                and <filename>/boot</filename>
+                                directories read-only for processes
                                invoked by this unit. If set to
                                <literal>full</literal>, the
-                                <filename>/etc</filename> directory is mounted
-                                read-only, too. This setting ensures
-                                that any modification of the vendor
-                                supplied operating system (and
+                                <filename>/etc</filename> directory is
+                                mounted read-only, too. This setting
+                                ensures that any modification of the
+                                vendor supplied operating system (and
                                optionally its configuration) is
                                prohibited for the service. It is
                                recommended to enable this setting for