Merge pull request #3049 from keszybz/preset-fixes

author Lennart Poettering <lennart@poettering.net>

Sun, 17 Apr 2016 12:29:41 +0000 (14:29 +0200)

committer Lennart Poettering <lennart@poettering.net>

Sun, 17 Apr 2016 12:29:41 +0000 (14:29 +0200)
author Lennart Poettering <lennart@poettering.net>
Sun, 17 Apr 2016 12:29:41 +0000 (14:29 +0200)
committer Lennart Poettering <lennart@poettering.net>
Sun, 17 Apr 2016 12:29:41 +0000 (14:29 +0200)
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml

index 3e1a2cb22461cb48012fbd31f3cd2e0d1f262690..4ed62dbada57ff6beffe50fa030efdceff5e32cd 100644 (file)
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -859,9 +859,12 @@
          reading only, writing will be refused even if the usual file
          access controls would permit this. Directories listed in
          <varname>InaccessibleDirectories=</varname> will be made
-        inaccessible for processes inside the namespace. Note that
-        restricting access with these options does not extend to
-        submounts of a directory that are created later on. These
+        inaccessible for processes inside the namespace, and may not
+        countain any other mountpoints, including those specified by
+        <varname>ReadWriteDirectories=</varname> or
+        <varname>ReadOnlyDirectories=</varname>.
+        Note that restricting access with these options does not extend
+        to submounts of a directory that are created later on. These
          options may be specified more than once, in which case all
          directories listed will have limited access from within the
          namespace. If the empty string is assigned to this option, the
author	Lennart Poettering <lennart@poettering.net>
	Sun, 17 Apr 2016 12:29:41 +0000 (14:29 +0200)
committer	Lennart Poettering <lennart@poettering.net>
	Sun, 17 Apr 2016 12:29:41 +0000 (14:29 +0200)