From: Michal Sekletar Date: Fri, 19 Jan 2018 23:47:27 +0000 (+0100) Subject: man: make clear that accessing network and mounting filesystems is not supported... X-Git-Tag: v237~75 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=877dce40cb0d06ad6b66b4cb81310e2b52e3d9d9;p=thirdparty%2Fsystemd.git man: make clear that accessing network and mounting filesystems is not supported in udev rules (#7916) These restrictions are implied by systemd options used for systemd-udevd.service, i.e. MountFlags=slave and IPAddressDeny=any. However, there are users out there getting tripped by this, so let's make things clear in the man page so the actual restrictions we implement by default have better visibility. --- diff --git a/man/udev.xml b/man/udev.xml index 7b42d2326b3..8e58ead0bae 100644 --- a/man/udev.xml +++ b/man/udev.xml @@ -465,6 +465,9 @@ Starting daemons or other long-running processes is not appropriate for udev; the forked processes, detached or not, will be unconditionally killed after the event handling has finished. + Note that running programs that access the network or mount/unmount + filesystems is not allowed inside of udev rules, due to the default sandbox + that is enforced on systemd-udevd.service.