]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/systemd.exec.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
man: document execution context related settings
[thirdparty/systemd.git] / man / systemd.exec.xml
CommitLineData
dd1eb43b
LP		 1<?xml version='1.0'?> <!--*-nxml-*-->
2<?xml-stylesheet type="text/xsl" href="http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?>
3<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
4 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
5
6<!--
7 This file is part of systemd.
8
9 Copyright 2010 Lennart Poettering
10
11 systemd is free software; you can redistribute it and/or modify it
12 under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 2 of the License, or
14 (at your option) any later version.
15
16 systemd is distributed in the hope that it will be useful, but
17 WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23-->
24
25<refentry id="systemd.exec">
26 <refentryinfo>
27 <title>systemd.exec</title>
28 <productname>systemd</productname>
29
30 <authorgroup>
31 <author>
32 <contrib>Developer</contrib>
33 <firstname>Lennart</firstname>
34 <surname>Poettering</surname>
35 <email>lennart@poettering.net</email>
36 </author>
37 </authorgroup>
38 </refentryinfo>
39
40 <refmeta>
41 <refentrytitle>systemd.exec</refentrytitle>
42 <manvolnum>5</manvolnum>
43 </refmeta>
44
45 <refnamediv>
46 <refname>systemd.exec</refname>
47 <refpurpose>systemd execution environment configuration</refpurpose>
48 </refnamediv>
49
50 <refsynopsisdiv>
51 <para><filename>systemd.service</filename>,
52 <filename>systemd.socket</filename>,
53 <filename>systemd.mount</filename></para>
54 </refsynopsisdiv>
55
56 <refsect1>
57 <title>Description</title>
58
59 <para>Unit configuration files for services, sockets
60 and mount points share a subset of configuration
61 options which define the execution environment of
62 spawned processes.</para>
63
64 <para>This man page lists the configuration options
65 shared by these three unit types. See
66 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
67 for the common options of all unit configuration
68 files, and
69 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>
70 and
71 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>
72 for more information on the specific unit
73 configuration files. The execution specific
74 configuration options are configured in the [Service],
75 [Socket] resp. [Mount] section, depending on the unit
76 type.</para>
77 </refsect1>
78
79 <refsect1>
80 <title>Options</title>
81
82 <variablelist>
83
84 <varlistentry>
85 <term><varname>WorkingDirectory=</varname></term>
86
87 <listitem><para>Takes an absolute
88 directory path. Sets the working
89 directory for executed
90 processes.</para></listitem>
91 </varlistentry>
92
93 <varlistentry>
94 <term><varname>RootDirectory=</varname></term>
95
96 <listitem><para>Takes an absolute
97 directory path. Sets the root
98 directory for executed processes, with
99 the
100 <citerefentry><refentrytitle>chroot</refentrytitle><manvolnum>2</manvolnum></citerefentry>
101 system call. If this is used it must
102 be ensured that the process and all
103 its auxiliary files are available in
104 the <function>chroot()</function>
105 jail.</para></listitem>
106 </varlistentry>
107
108 <varlistentry>
109 <term><varname>User=</varname></term>
110 <term><varname>Group=</varname></term>
111
112 <listitem><para>Sets the Unix user
113 resp. group the processes are executed
114 as. Takes a single user resp. group
115 name or ID as argument. If no group is
116 set the default group of the user is
117 chosen.</para></listitem>
118 </varlistentry>
119
120 <varlistentry>
121 <term><varname>SupplementaryGroups=</varname></term>
122
123 <listitem><para>Sets the supplementary
124 Unix groups the processes are executed
125 as. This takes a space seperated list
126 of group names or IDs. This option may
127 be specified more than once in which
128 case all listed groups are set as
129 supplementary groups. This option does
130 not override but extend the list of
131 supplementary groups configured in the
132 system group database for the
133 user.</para></listitem>
134 </varlistentry>
135
136 <varlistentry>
137 <term><varname>Nice=</varname></term>
138
139 <listitem><para>Sets the default nice
140 level (scheduling priority) for
141 executed processes. Takes an integer
142 between -20 (highest priority) and 19
143 (lowest priority). See
144 <citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum></citerefentry>
145 for details.</para></listitem>
146 </varlistentry>
147
148 <varlistentry>
149 <term><varname>OOMAdjust=</varname></term>
150
151 <listitem><para>Sets the adjustment
152 level for the Out-Of-Memory killer for
153 executed processes. Takes an integer
154 between -17 (to disable OOM killing
155 for this process) and 15 (to make
156 killing of this process under memory
157 pressure very likely). See <ulink
158 url="http://www.kernel.org/doc/Documentation/filesystems/proc.txt">proc.txt</ulink>
159 for details.</para></listitem>
160 </varlistentry>
161
162 <varlistentry>
163 <term><varname>IOSchedulingClass=</varname></term>
164
165 <listitem><para>Sets the IO scheduling
166 class for executed processes. Takes an
167 integer between 0 and 3 or one of the
168 strings <option>none</option>,
169 <option>realtime</option>,
170 <option>best-effort</option> or
171 <option>idle</option>. See
172 <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry>
173 for details.</para></listitem>
174 </varlistentry>
175
176 <varlistentry>
177 <term><varname>IOSchedulingPriority=</varname></term>
178
179 <listitem><para>Sets the IO scheduling
180 priority for executed processes. Takes
181 an integer between 0 (highest
182 priority) and 7 (lowest priority). The
183 available priorities depend on the
184 selected IO scheduling class (see
185 above). See
186 <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry>
187 for details.</para></listitem>
188 </varlistentry>
189
190 <varlistentry>
191 <term><varname>CPUSchedulingPolicy=</varname></term>
192
193 <listitem><para>Sets the CPU
194 scheduling policy for executed
195 processes. Takes one of
196 <option>other</option>,
197 <option>batch</option>,
198 <option>idle</option>,
199 <option>fifo</option> or
200 <option>rr</option>. See
201 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
202 for details.</para></listitem>
203 </varlistentry>
204
205 <varlistentry>
206 <term><varname>CPUSchedulingPriority=</varname></term>
207
208 <listitem><para>Sets the CPU
209 scheduling priority for executed
210 processes. Takes an integer between 1
211 (lowest priority) and 99 (highest
212 priority). The available priority
213 range depends on the selected CPU
214 scheduling policy (see above). See
215 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
216 for details.</para></listitem>
217 </varlistentry>
218
219 <varlistentry>
220 <term><varname>CPUSchedulingResetOnFork=</varname></term>
221
222 <listitem><para>Takes a boolean
223 argument. If true elevated CPU
224 scheduling priorities and policies
225 will be reset when the executed
226 processes fork, and can hence not leak
227 into child processes. See
228 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
229 for details. Defaults to false.</para></listitem>
230 </varlistentry>
231
232 <varlistentry>
233 <term><varname>CPUAffinity=</varname></term>
234
235 <listitem><para>Controls the CPU
236 affinity of the executed
237 processes. Takes a space-seperated
238 list of CPU indexes. See
239 <citerefentry><refentrytitle>sched_setaffinity</refentrytitle><manvolnum>2</manvolnum></citerefentry>
240 for details.</para></listitem>
241 </varlistentry>
242
243 <varlistentry>
244 <term><varname>UMask=</varname></term>
245
246 <listitem><para>Controls the file mode
247 creation mask. Takes an access mode in
248 octal notation. See
249 <citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></citerefentry>
250 for details. Defaults to
251 0002.</para></listitem>
252 </varlistentry>
253
254 <varlistentry>
255 <term><varname>Environment=</varname></term>
256
257 <listitem><para>Sets environment
258 variables for executed
259 processes. Takes a space-seperated
260 list of variable assignments. This
261 option may be specified more than once
262 in which case all listed variables
263 will be set. If the same variable is
264 set twice the later setting will
265 override the earlier setting. See
266 <citerefentry><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
267 for details.</para></listitem>
268 </varlistentry>
269 <varlistentry>
270 <term><varname>EnvironmentFile=</varname></term>
271 <listitem><para>Similar to
272 <varname>Environment=</varname> but
273 reads the environment variables from a
274 text file. The text file should
275 contain new-line seperated variable
276 assignments. Empty lines and lines
277 starting with ; or # will be ignored,
278 which may be used for
279 commenting.</para></listitem>
280 </varlistentry>
281
282 <varlistentry>
283 <term><varname>StandardInput=</varname></term>
284 <listitem><para>Controls where file
285 descriptor 0 (STDIN) of the executed
286 processes is connected to. Takes one
287 of <option>null</option>,
288 <option>tty</option>,
289 <option>tty-force</option>,
290 <option>tty-fail</option> or
291 <option>socket</option>. If
292 <option>null</option> is selected
293 standard input will be connected to
294 <filename>/dev/null</filename>,
295 i.e. all read attempts by the process
296 will result in immediate EOF. If
297 <option>tty</option> is selected
298 standard input is connected to a TTY
299 (as configured by
300 <varname>TTYPath=</varname>, see
301 below) and the executed process
302 becomes the controlling process of the
303 terminal. If the terminal is already
304 being controlled by another process it
305 is waited until that process releases
306 the
307 terminal. <option>tty-force</option>
308 is similar to <option>tty</option>,
309 but the executed process is forcefully
310 and immediately made the controlling
311 process of the terminal, potentially
312 removing previous controlling
313 processes from the
314 terminal. <option>tty-fail</option> is
315 similar to <option>tty</option> but if
316 the terminal already has a controlling
317 process start-up of the executed
318 process fails. The
319 <option>socket</option> option is only
320 valid in socket-activated services,
321 and only when the socket configuration
322 file (see
323 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>
324 for details) specifies a single socket
325 only. If this option is set standard
326 input will be connected to the socket
327 the service was activated from, which
328 is primarily useful for compatibility
329 with daemons designed for use with the
330 traditional
331 <citerefentry><refentrytitle>inetd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
332 daemon. This setting defaults to
333 <option>null</option>.</para></listitem>
334 </varlistentry>
335 <varlistentry>
336 <term><varname>StandardOutput=</varname></term>
337 <listitem><para>Controls where file
338 descriptor 1 (STDOUT) of the executed
339 processes is connected to. Takes one
340 of <option>inherit</option>,
341 <option>null</option>,
342 <option>tty</option>,
343 <option>syslog</option>,
344 <option>kmsg</option> or
345 <option>socket</option>. If set to
346 <option>inherit</option> the file
347 descriptor of standard input is
348 duplicated for standard output. If set
349 to <option>null</option> standard
350 output will be connected to
351 <filename>/dev/null</filename>,
352 i.e. everything written to it will be
353 lost. If set to <option>tty</option>
354 standard output will be connected to a
355 tty (as configured via
356 <varname>TTYPath=</varname>, see
357 below). If the TTY is used for output
358 only the executed process will not
359 become the controlling process of the
360 terminal, and will not fail or wait
361 for other processes to release the
362 terminal. <option>syslog</option>
363 connects standard output to the
364 <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
365 system logger. <option>kmsg</option>
366 connects it with the kernel log buffer
367 which is accessible via
368 <citerefentry><refentrytitle>dmesg</refentrytitle><manvolnum>1</manvolnum></citerefentry>. <option>socket</option>
369 connects standard output to a socket
370 from socket activation, semantics are
371 similar to the respective option of
372 <varname>StandardInput=</varname>.
373 This setting defaults to
374 <option>inherit</option>.</para></listitem>
375 </varlistentry>
376 <varlistentry>
377 <term><varname>StandardOutput=</varname></term>
378 <listitem><para>Controls where file
379 descriptor 2 (STDERR) of the executed
380 processes is connected to. The
381 available options are identical to
382 those of
383 <varname>StandardError=</varname>,
384 whith one exception: if set to
385 <option>inherit</option> the file
386 descriptor used for standard output is
387 duplicated for standard error. This
388 setting defaults to
389 <option>inherit</option>.</para></listitem>
390 </varlistentry>
391 <varlistentry>
392 <term><varname>TTYPath=</varname></term>
393 <listitem><para>Sets the terminal
394 device node to use if standard input,
395 output or stderr are connected to a
396 TTY (see above). Defaults to
397 <filename>/dev/console</filename>.</para></listitem>
398 </varlistentry>
399 <varlistentry>
400 <term><varname>SyslogIdentifer=</varname></term>
401 <listitem><para>Sets the process name
402 to prefix log lines sent to syslog or
403 the kernel log buffer with. If not set
404 defaults to the process name of the
405 executed process. This option is only
406 useful when
407 <varname>StandardOutput=</varname> or
408 <varname>StandardError=</varname> are
409 set to <option>syslog</option> or
410 <option>kmsg</option>.</para></listitem>
411 </varlistentry>
412 <varlistentry>
413 <term><varname>SyslogFacility=</varname></term>
414 <listitem><para>Sets the syslog
415 facility to use when logging to
416 syslog. One of <option>kern</option>,
417 <option>user</option>,
418 <option>mail</option>,
419 <option>daemon</option>,
420 <option>auth</option>,
421 <option>syslog</option>,
422 <option>lpr</option>,
423 <option>news</option>,
424 <option>uucp</option>,
425 <option>cron</option>,
426 <option>authpriv</option>,
427 <option>ftp</option>,
428 <option>local0</option>,
429 <option>local1</option>,
430 <option>local2</option>,
431 <option>local3</option>,
432 <option>local4</option>,
433 <option>local5</option>,
434 <option>local6</option> or
435 <option>local7</option>. See
436 <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
437 for details. This option is only
438 useful when
439 <varname>StandardOutput=</varname> or
440 <varname>StandardError=</varname> are
441 set to <option>syslog</option>.
442 Defaults to
443 <option>daemon</option>.</para></listitem>
444 </varlistentry>
445 <varlistentry>
446 <term><varname>SyslogLevel=</varname></term>
447 <listitem><para>Default syslog level
448 to use when logging to syslog or the
449 kernel log buffer. One of
450 <option>emerg</option>,
451 <option>alert</option>,
452 <option>crit</option>,
453 <option>err</option>,
454 <option>warning</option>,
455 <option>notice</option>,
456 <option>info</option>,
457 <option>debug</option>. See
458 <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
459 for details. This option is only
460 useful when
461 <varname>StandardOutput=</varname> or
462 <varname>StandardError=</varname> are
463 set to <option>syslog</option> or
464 <option>kmsg</option>. Note that
465 individual lines output by the daemon
466 might be prefixed with a different log
467 level which can be used to override
468 the default log level specified
469 here. The interpretation of these
470 prefixes may be disabled with
471 <varname>SyslogNoPrefix=</varname>,
472 see below. For details see
473 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
474
475 Defaults to
476 <option>info</option>.</para></listitem>
477 </varlistentry>
478
479 <varlistentry>
480 <term><varname>SyslogNoPrefix=</varname></term>
481 <listitem><para>Takes a boolean
482 argument. If false and
483 <varname>StandardOutput=</varname> or
484 <varname>StandardError=</varname> are
485 set to <option>syslog</option> or
486 <option>kmsg</option> log lines
487 written by the executed process that
488 are prefixed with a log level will be
489 passed on to syslog with this log
490 level set but the prefix removed. If
491 set to true, the interpretation of
492 these prefixes is disabled and the
493 logged lines are passed on as-is. For
494 details about this prefixing see
495 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
496 Defaults to false.</para></listitem>
497 </varlistentry>
498
499 <varlistentry>
500 <term><varname>TimerSlackNS=</varname></term>
501 <listitem><para>Sets the timer slack
502 in nanoseconds for the executed
503 processes The timer slack controls the accuracy
504 of wake-ups triggered by timers. See
505 <citerefentry><refentrytitle>prctl</refentrytitle><manvolnum>2</manvolnum></citerefentry>
506 for more information.</para></listitem>
507 </varlistentry>
508
509 <varlistentry>
510 <term><varname>LimitCPU=</varname></term>
511 <term><varname>LimitFSIZE=</varname></term>
512 <term><varname>LimitDATA=</varname></term>
513 <term><varname>LimitSTACK=</varname></term>
514 <term><varname>LimitCORE=</varname></term>
515 <term><varname>LimitRSS=</varname></term>
516 <term><varname>LimitNOFILE=</varname></term>
517 <term><varname>LimitAS=</varname></term>
518 <term><varname>LimitNPROC=</varname></term>
519 <term><varname>LimitMEMLOCK=</varname></term>
520 <term><varname>LimitLOCKS=</varname></term>
521 <term><varname>LimitSIGPENDING=</varname></term>
522 <term><varname>LimitMSGQUEUE=</varname></term>
523 <term><varname>LimitNICE=</varname></term>
524 <term><varname>LimitRTPRIO=</varname></term>
525 <term><varname>LimitRTTIME=</varname></term>
526 <listitem><para>These settings control
527 various resource limits for executed
528 processes. See
529 <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry>
530 for details.</para></listitem>
531 </varlistentry>
532
533 <varlistentry>
534 <term><varname>PAMName=</varname></term>
535 <listitem><para>Sets the PAM service
536 name to set up a session as. If set
537 the executed process will be
538 registered as a PAM session under the
539 specified service name. This is only
540 useful in conjunction with the
541 <varname>User=</varname> setting. If
542 not set no PAM session will be opened
543 for the executed processes. See
544 <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
545 for details.</para></listitem>
546 </varlistentry>
547
548 <varlistentry>
549 <term><varname>TCPWrapName=</varname></term>
550 <listitem><para>If this is a
551 socket-activated service this sets the
552 tcpwrap service name to check the
553 permission for the current connection
554 with. This is only useful in
555 conjunction with socket-activated
556 services, and stream sockets (TCP) in
557 particular. It has no effect on other
558 socket types (e.g. datagram/UDP) and on processes
559 unrelated to socket-based
560 activation. If the tcpwrap
561 verification fails daemon start-up
562 will fail and the connection is
563 terminated. See
564 <citerefentry><refentrytitle>tcpd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
565 for details.</para></listitem>
566 </varlistentry>
567
568 <varlistentry>
569 <term><varname>Capabilities=</varname></term>
570 <listitem><para>Controls the
571 <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
572 set for the executed process. Take a
573 capability string as described in
574 <citerefentry><refentrytitle>cap_from_text</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
575 Note that this capability set is
576 usually influenced by the capabilities
577 attached to the executed
578 file.</para></listitem>
579 </varlistentry>
580
581 <varlistentry>
582 <term><varname>SecureBits=</varname></term>
583 <listitem><para>Controls the secure
584 bits set for the executed process. See
585 <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
586 for details. Takes a list of strings:
587 <option>keep-caps</option>,
588 <option>keep-caps-locked</option>,
589 <option>no-setuid-fixup</option>,
590 <option>no-setuid-fixup-locked</option>,
591 <option>no-setuid-noroot</option> and/or
592 <option>no-setuid-noroot-locked</option>.
593 </para></listitem>
594 </varlistentry>
595
596 <varlistentry>
597 <term><varname>CapabilityBoundingSetDrop=</varname></term>
598
599 <listitem><para>Controls the
600 capability bounding set drop set for
601 the executed process. See
602 <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
603 for details. Takes a list of
604 capability names as read by
605 <citerefentry><refentrytitle>cap_from_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
606 </para></listitem>
607 </varlistentry>
608
609 <varlistentry>
610 <term><varname>ControlGroup=</varname></term>
611
612 <listitem><para>Controls the control
613 groups the executed processes shall be
614 made member of. Takes a
615 space-seperated list of cgroup
616 identifiers. A cgroup identifier has a
617 format like
618 <filename>cpu:/foo/bar</filename>,
619 where "cpu" identifies the kernel
620 control group controller used, and
621 <filename>/foo/bar</filename> is the
622 control group path. The controller name
623 and ":" may be omitted in which case
624 the named systemd control group
625 hierarchy is implied. Alternatively,
626 the path and ":" may be omitted, in
627 which case the default control group
628 path for this unit is implied. This
629 option may be used to place executed
630 processes in arbitrary groups in
631 arbitrary hierachies -- which can be
632 configured externally with additional execution limits. By default
633 systemd will place all executed
634 processes in seperate per-unit control
635 groups (named after the unit) in the
636 systemd named hierarchy. Since every
637 process can be in one group per
638 hierarchy only overriding the control group
639 path in the named systemd hierarchy
640 will disable automatic placement in
641 the default group. For details about control
642 groups see <ulink
643 url="http://www.kernel.org/doc/Documentation/cgroups/cgroups.txt">cgroups.txt</ulink>.</para></listitem>
644 </varlistentry>
645
646 <varlistentry>
647 <term><varname>ReadWriteDirectories=</varname></term>
648 <term><varname>ReadOnlyDirectories=</varname></term>
649 <term><varname>InaccessibleDirectories=</varname></term>
650
651 <listitem><para>Sets up a new
652 file-system name space for executed
653 processes. These options may be used
654 to limit access a process might have
655 to the main file-system
656 hierarchy. Each setting takes a
657 space-seperated list of absolute
658 directory paths. Directories listed in
659 <varname>ReadWriteDirectories=</varname>
660 are accessible from within the
661 namespace with the same access rights
662 as from outside. Directories listed in
663 <varname>ReadOnlyDirectories=</varname>
664 are accessible for reading only,
665 writing will be refused even if the
666 usual file access controls would
667 permit this. Directories listed in
668 <varname>InaccessibleDirectories=</varname>
669 will be made inaccesible for processes
670 inside the namespace. Note that
671 restricting access with these options
672 does not extend to submounts of a
673 directory. You must list submounts
674 seperately in these setttings to
675 ensure the same limited access. These
676 options may be specified more than
677 once in which case all directories
678 listed will have limited access from
679 within the
680 namespace.</para></listitem>
681 </varlistentry>
682
683 <varlistentry>
684 <term><varname>PrivateTmp=</varname></term>
685
686 <listitem><para>Takes a boolean
687 argument. If true sets up a new
688 namespace for the executed processes
689 and mounts a private
690 <filename>/tmp</filename> directory
691 inside it, that is not shared by
692 processes outside of the
693 namespace. This is useful to secure
694 access to temporary files of the
695 process, but makes sharing between
696 processes via
697 <filename>/tmp</filename>
698 impossible. Defaults to false.</para></listitem>
699 </varlistentry>
700
701 <varlistentry>
702 <term><varname>MountFlags=</varname></term>
703
704 <listitem><para>Takes a mount
705 propagation flag:
706 <option>shared</option>,
707 <option>slave</option> or
708 <option>private</option>, which
709 control whether namespaces set up with
710 <varname>ReadWriteDirectories=</varname>,
711 <varname>ReadOnlyDirectories=</varname>
712 and
713 <varname>InaccessibleDirectories=</varname>
714 receive or propagate new mounts
715 from/to the main namespace. See
716 <citerefentry><refentrytitle>mount</refentrytitle><manvolnum>1</manvolnum></citerefentry>
717 for details. Defaults to
718 <option>shared</option>, i.e. the new
719 namespace will both receive new mount
720 points from the main namespace as well
721 as propagate new mounts to
722 it.</para></listitem>
723 </varlistentry>
724
725 </variablelist>
726 </refsect1>
727
728 <refsect1>
729 <title>See Also</title>
730 <para>
731 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
732 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
733 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
734 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
735 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
736 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>
737 </para>
738 </refsect1>
739
740</refentry>
Unnamed repository; edit this file 'description' to name the repository.