diff options
author | Luca Boccassi <luca.boccassi@microsoft.com> | 2021-11-26 15:46:40 +0000 |
---|---|---|
committer | Luca Boccassi <luca.boccassi@microsoft.com> | 2021-11-26 18:17:26 +0000 |
commit | 0446921131218c3f23f8937f85294b3c244a923b (patch) | |
tree | a7906870474dbec7e2febaf518e948cee975b493 /man | |
parent | 83de7427dc7897669cfd83b3af7d6bbb914a307c (diff) | |
download | systemd-0446921131218c3f23f8937f85294b3c244a923b.tar.gz |
analyze: add --profile switch to security verb
Allows to pass a portable profile when doing offline analysis of
units. Especially useful for analyzing portable images, since a
lot of the security-relevant settings in those cases come from
the profiles, but they are not shipped in the portable images.
Diffstat (limited to 'man')
-rw-r--r-- | man/systemd-analyze.xml | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/man/systemd-analyze.xml b/man/systemd-analyze.xml index c0b6b477d6..6482fcfe48 100644 --- a/man/systemd-analyze.xml +++ b/man/systemd-analyze.xml @@ -819,6 +819,15 @@ $ systemd-analyze verify /tmp/source:alias.service </varlistentry> <varlistentry> + <term><option>--profile=<replaceable>PATH</replaceable></option></term> + + <listitem><para>With <command>security</command> <option>--offline=</option>, takes into + consideration the specified portable profile when assessing the unit(s) settings. + The profile can be passed by name, in which case the well-known system locations will + be searched, or it can be the full path to a specific drop-in file.</para></listitem> + </varlistentry> + + <varlistentry> <term><option>--threshold=<replaceable>NUMBER</replaceable></option></term> <listitem><para>With <command>security</command>, allow the user to set a custom value |