From: Luca Boccassi Date: Thu, 2 Jul 2026 08:10:27 +0000 (+0100) Subject: man: note that sd-tmpfiles/sysusers --root is not a sandboxing feature X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=243fcc6200627c0975f50ba87e565a038ec191bb;p=thirdparty%2Fsystemd.git man: note that sd-tmpfiles/sysusers --root is not a sandboxing feature This seems to be causing enough confusion that it is worth explicitly mentioning in the docs --- diff --git a/man/systemd-sysusers.xml b/man/systemd-sysusers.xml index 5c299169eba..c7210d13cc3 100644 --- a/man/systemd-sysusers.xml +++ b/man/systemd-sysusers.xml @@ -66,6 +66,10 @@ root path, including config search paths. + Note that this is not a sandboxing or security feature. + sysusers.d5 + definitions are potentially not processed in a hermetic fashion to the specified root. + diff --git a/man/systemd-tmpfiles.xml b/man/systemd-tmpfiles.xml index c48c0653b0d..8a4e56cc134 100644 --- a/man/systemd-tmpfiles.xml +++ b/man/systemd-tmpfiles.xml @@ -262,6 +262,10 @@ or directories below mount points in the OS image operated on that are typically overmounted during runtime. + Note that this is not a sandboxing or security feature. + tmpfiles.d5 + definitions are potentially not processed in a hermetic fashion to the specified root. +