Document effective owner of stdout/stderr log file upon creation

The log files defined using file:, append: or truncate: inherit the owner and other privileges from the effective user running systemd.

The log files are NOT created using the "User", "Group" or "UMask" defined in the service.

diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 80359bc238507c1514f28c8bfcb0180b28016ebe..38bf018ae462a613ce4dc28e70f43a761dd5eab4 100644 (file)
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -2983,8 +2983,8 @@ SystemCallErrorNumber=EPERM</programlisting>
         <para>The <option>file:<replaceable>path</replaceable></option> option may be used to connect a specific file
         system object to standard output. The semantics are similar to the same option of
         <varname>StandardInput=</varname>, see above. If <replaceable>path</replaceable> refers to a regular file
-        on the filesystem, it is opened (created if it doesn't exist yet) for writing at the beginning of the file,
-        but without truncating it.
+        on the filesystem, it is opened (created if it doesn't exist yet using privileges of the user executing the
+        systemd process) for writing at the beginning of the file, but without truncating it.
         If standard input and output are directed to the same file path, it is opened only once — for reading as well
         as writing — and duplicated. This is particularly useful when the specified path refers to an
         <constant>AF_UNIX</constant> socket in the file system, as in that case only a