man: LockPersonality= implies NoNewPrivileges=

author Yu Watanabe <watanabe.yu+github@gmail.com>

Tue, 19 Dec 2017 03:48:54 +0000 (12:48 +0900)

committer Yu Watanabe <watanabe.yu+github@gmail.com>

Tue, 19 Dec 2017 03:48:54 +0000 (12:48 +0900)
author Yu Watanabe <watanabe.yu+github@gmail.com>
Tue, 19 Dec 2017 03:48:54 +0000 (12:48 +0900)
committer Yu Watanabe <watanabe.yu+github@gmail.com>
Tue, 19 Dec 2017 03:48:54 +0000 (12:48 +0900)
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml

index 3d81e45..b0135e4 100644 (file)
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -381,7 +381,8 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
          <varname>SystemCallArchitectures=</varname>, <varname>RestrictAddressFamilies=</varname>,
          <varname>RestrictNamespaces=</varname>, <varname>PrivateDevices=</varname>,
          <varname>ProtectKernelTunables=</varname>, <varname>ProtectKernelModules=</varname>,
-        <varname>MemoryDenyWriteExecute=</varname>, or <varname>RestrictRealtime=</varname> are specified. Also see
+        <varname>MemoryDenyWriteExecute=</varname>, <varname>RestrictRealtime=</varname>, or
+        <varname>LockPersonality=</varname> are specified. Also see
          <ulink url="https://www.kernel.org/doc/html/latest/userspace-api/no_new_privs.html">No New Privileges
          Flag</ulink>.  </para></listitem>
        </varlistentry>
author	Yu Watanabe <watanabe.yu+github@gmail.com>
	Tue, 19 Dec 2017 03:48:54 +0000 (12:48 +0900)
committer	Yu Watanabe <watanabe.yu+github@gmail.com>
	Tue, 19 Dec 2017 03:48:54 +0000 (12:48 +0900)