seccomp: LockPersonality boolean (#6193)

[thirdparty/systemd.git] / man / systemd.exec.xml

diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 7a7006b9a0b8a1f9b67dded534aa2400f57cff47..a9f1d8d74e11342281ed7869529db094b4470d53 100644 (file)
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -1653,6 +1653,18 @@
         personality of the host system's kernel.</para></listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><varname>LockPersonality=</varname></term>
+
+        <listitem><para>Locks down the <citerefentry
+        project='man-pages'><refentrytitle>personality</refentrytitle><manvolnum>2</manvolnum></citerefentry> system
+        call so that the kernel execution domain may not be changed from the default or the personality selected with
+        <varname>Personality=</varname> directive. This may be useful to improve security, because odd personality
+        emulations may be poorly tested and source of vulnerabilities. If running in user mode, or in system mode, but
+        without the <constant>CAP_SYS_ADMIN</constant> capability (e.g. setting <varname>User=</varname>),
+        <varname>NoNewPrivileges=yes</varname> is implied.</para></listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><varname>RuntimeDirectory=</varname></term>