man: document explicitly that ProtectHome= has no effect on non-standard homedir...

author Lennart Poettering <lennart@amutable.com>

Thu, 12 Mar 2026 14:08:07 +0000 (15:08 +0100)

committer Luca Boccassi <luca.boccassi@gmail.com>

Thu, 12 Mar 2026 17:57:21 +0000 (17:57 +0000)
author Lennart Poettering <lennart@amutable.com>
Thu, 12 Mar 2026 14:08:07 +0000 (15:08 +0100)
committer Luca Boccassi <luca.boccassi@gmail.com>
Thu, 12 Mar 2026 17:57:21 +0000 (17:57 +0000)
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml

index e7d5e63c963de6c141cdbeae412448f30b1c9c83..093cd2780b65e8ea3ecae94f1a3aa5ba3a426bcf 100644 (file)
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -1538,6 +1538,9 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
          <varname>DynamicUser=</varname> is set. This setting cannot ensure protection in all cases. In
          general it has the same limitations as <varname>ReadOnlyPaths=</varname>, see below.</para>
  
+        <para>Note that this setting provides no protection if home directories are placed at a non-standard
+        location, i.e. outside of the hierarchies listed above.</para>
+
          <xi:include href="system-or-user-ns.xml" xpointer="singular"/>
  
          <xi:include href="version-info.xml" xpointer="v214"/></listitem>
author	Lennart Poettering <lennart@amutable.com>
	Thu, 12 Mar 2026 14:08:07 +0000 (15:08 +0100)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Thu, 12 Mar 2026 17:57:21 +0000 (17:57 +0000)