diff options
| author | Lennart Poettering <lennart@poettering.net> | 2017-11-14 10:51:09 +0100 |
|---|---|---|
| committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2017-11-14 10:51:09 +0100 |
| commit | b0e8cec2dd9fdd1bded53837f3d68cd4093ac572 (patch) | |
| tree | 380a0d113a1f3fe881a4c77f9daa1c99f6132ee4 /man/systemd-run.xml | |
| parent | 99c1401807abd432a526c2a75dd02d723f9630a0 (diff) | |
| download | systemd-b0e8cec2dd9fdd1bded53837f3d68cd4093ac572.tar.gz | |
man: document > /dev/stderr pitfalls (#7317)
Fixes: #7254
See: #2473
Diffstat (limited to 'man/systemd-run.xml')
| -rw-r--r-- | man/systemd-run.xml | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/man/systemd-run.xml b/man/systemd-run.xml index 7477195dab..2c74c1f39c 100644 --- a/man/systemd-run.xml +++ b/man/systemd-run.xml @@ -244,7 +244,15 @@ <para>When both <option>--pipe</option> and <option>--pty</option> are used in combination the more appropriate option is automatically determined and used. Specifically, when invoked with standard input, output and error - connected to a TTY <option>--pty</option> is used, and otherwise <option>--pipe</option>.</para></listitem> + connected to a TTY <option>--pty</option> is used, and otherwise <option>--pipe</option>.</para> + + <para>When this option is used the original file descriptors <command>systemd-run</command> receives are passed + to the service processes as-is. If the service runs with different privileges than + <command>systemd-run</command>, this means the service might not be able to re-open the passed file + descriptors, due to normal file descriptor access restrictions. If the invoked process is a shell script that + uses the <command>echo "hello" > /dev/stderr</command> construct for writing messages to stderr, this might + cause problems, as this only works if stderr can be re-opened. To mitigate this use the construct <command>echo + "hello" >&2</command> instead, which is mostly equivalent and avoids this pitfall.</para></listitem> </varlistentry> <varlistentry> |