man: document that ProtectSystem= also covers /boot
This commit is contained in:
parent
297d563de4
commit
c51cbfdcc7
|
@ -1064,13 +1064,14 @@
|
||||||
argument or
|
argument or
|
||||||
<literal>full</literal>. If true,
|
<literal>full</literal>. If true,
|
||||||
mounts the <filename>/usr</filename>
|
mounts the <filename>/usr</filename>
|
||||||
directory read-only for processes
|
and <filename>/boot</filename>
|
||||||
|
directories read-only for processes
|
||||||
invoked by this unit. If set to
|
invoked by this unit. If set to
|
||||||
<literal>full</literal>, the
|
<literal>full</literal>, the
|
||||||
<filename>/etc</filename> directory is mounted
|
<filename>/etc</filename> directory is
|
||||||
read-only, too. This setting ensures
|
mounted read-only, too. This setting
|
||||||
that any modification of the vendor
|
ensures that any modification of the
|
||||||
supplied operating system (and
|
vendor supplied operating system (and
|
||||||
optionally its configuration) is
|
optionally its configuration) is
|
||||||
prohibited for the service. It is
|
prohibited for the service. It is
|
||||||
recommended to enable this setting for
|
recommended to enable this setting for
|
||||||
|
|
Loading…
Reference in a new issue