From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Wed, 11 Jan 2017 20:23:00 +0000 (-0500)
Subject: Merge pull request #5009 from ian-kelling/ian-mnt-namespace-doc
X-Git-Tag: v233~244
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=374e69225215aa25ea67b166ec4b61ad628d5021;p=thirdparty%2Fsystemd.git

Merge pull request #5009 from ian-kelling/ian-mnt-namespace-doc
---

374e69225215aa25ea67b166ec4b61ad628d5021
diff --cc man/systemd.exec.xml
index d2553b287c4,fa3e6afe772..7bdac1c1d53
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@@ -1179,12 -1179,16 +1179,16 @@@
  
          <listitem><para>Takes a mount propagation flag: <option>shared</option>, <option>slave</option> or
          <option>private</option>, which control whether mounts in the file system namespace set up for this unit's
 -        processes will receive or propagate mounts or unmounts. See <citerefentry
 +        processes will receive or propagate mounts and unmounts. See <citerefentry
          project='man-pages'><refentrytitle>mount</refentrytitle><manvolnum>2</manvolnum></citerefentry> for
          details. Defaults to <option>shared</option>. Use <option>shared</option> to ensure that mounts and unmounts
 -        are propagated from the host to the container and vice versa. Use <option>slave</option> to run processes so
 -        that none of their mounts and unmounts will propagate to the host. Use <option>private</option> to also ensure
 -        that no mounts and unmounts from the host will propagate into the unit processes' namespace.
 +        are propagated from systemd's namespace to the service's namespace and vice versa. Use <option>slave</option>
 +        to run processes so that none of their mounts and unmounts will propagate to the host. Use <option>private</option>
-         to also ensure that no mounts and unmounts from the host will propagate into the unit processes' namespace. Note that
++        to also ensure that no mounts and unmounts from the host will propagate into the unit processes' namespace.
+         If this is set to <option>slave</option> or <option>private</option>, any mounts created by spawned processes
+         will be unmounted after the completion of the current command line of <varname>ExecStartPre=</varname>,
+         <varname>ExecStartPost=</varname>, <varname>ExecStart=</varname>,
+         and <varname>ExecStopPost=</varname>. Note that
          <option>slave</option> means that file systems mounted on the host might stay mounted continuously in the
          unit's namespace, and thus keep the device busy. Note that the file system namespace related options
          (<varname>PrivateTmp=</varname>, <varname>PrivateDevices=</varname>, <varname>ProtectSystem=</varname>,