diff options
| author | Ryan Wilson <ryantimwilson@meta.com> | 2024-12-02 17:10:05 +0100 |
|---|---|---|
| committer | Ryan Wilson <ryantimwilson@meta.com> | 2024-12-06 22:34:04 +0100 |
| commit | cf48bde7aea52b18ac3fa218d3f60fd3d533ef66 (patch) | |
| tree | 7479fa8984a86fd9d519445d54ff6b174274c82d /man/systemd.exec.xml | |
| parent | core: Migrate ProtectHostname to use enum vs boolean (diff) | |
| download | systemd-cf48bde7aea52b18ac3fa218d3f60fd3d533ef66.tar.xz systemd-cf48bde7aea52b18ac3fa218d3f60fd3d533ef66.zip | |
core: Add ProtectHostname=private
This allows an option for systemd exec units to enable UTS namespaces
but not restrict changing hostname via seccomp. Thus, units can change
hostname without affecting the host.
Fixes: #30348
Diffstat (limited to 'man/systemd.exec.xml')
| -rw-r--r-- | man/systemd.exec.xml | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index 14075cb4e7..44ee2022dd 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -2055,8 +2055,11 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting> <varlistentry> <term><varname>ProtectHostname=</varname></term> - <listitem><para>Takes a boolean argument. When set, sets up a new UTS namespace for the executed - processes. In addition, changing hostname or domainname is prevented. Defaults to off.</para> + <listitem><para>Takes a boolean argument or <literal>private</literal>. If enabled, sets up a new UTS namespace + for the executed processes. If set to a true value, changing hostname or domainname via + <function>sethostname()</function> and <function>setdomainname()</function> system calls is prevented. If set to + <literal>private</literal>, changing hostname or domainname is allowed but only affects the unit's UTS namespace. + Defaults to off.</para> <para>Note that the implementation of this setting might be impossible (for example if UTS namespaces are not available), and the unit should be written in a way that does not solely rely on this setting @@ -2066,6 +2069,12 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting> the system into the service, it is hence not suitable for services that need to take notice of system hostname changes dynamically.</para> + <para>Note that this option does not prevent changing system hostname via <command>hostnamectl</command>. + However, <varname>User=</varname> and <varname>Group=</varname> may be used to run as an unprivileged user + to disallow changing system hostname. See <function>SetHostname()</function> in + <citerefentry project="man-pages"><refentrytitle>org.freedesktop.hostname1</refentrytitle><manvolnum>5</manvolnum></citerefentry> + for more details.</para> + <xi:include href="system-or-user-ns.xml" xpointer="singular"/> <xi:include href="version-info.xml" xpointer="v242"/></listitem> |