From dd04fb3268691ad847f72c5852eb1e208fc7d627 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 28 Jul 2020 17:52:23 +0200 Subject: tmpfiles: add new switch -E for quickly excluding /proc, /dev, /sys and /run --- man/systemd-tmpfiles.xml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'man/systemd-tmpfiles.xml') diff --git a/man/systemd-tmpfiles.xml b/man/systemd-tmpfiles.xml index 998fd0911b..e3bb1db7c6 100644 --- a/man/systemd-tmpfiles.xml +++ b/man/systemd-tmpfiles.xml @@ -149,6 +149,7 @@ the specified prefix. This option can be specified multiple times. + Ignore rules with paths that start with the @@ -156,6 +157,16 @@ times. + + + A shortcut for --exclude-prefix=/dev --exclude-prefix=/proc + --exclude-prefix=/run --exclude-prefix=/sys, i.e. exclude the hierarchies typically backed + by virtual or memory file systems. This is useful in combination with , if + the specified directory tree contains an OS tree without these virtual/memory file systems mounted + in, as it is typically not desirable to create any files and directories below these subdirectories + if they are supposed to be overmounted during runtime. + + Takes a directory path as an argument. All paths will be prefixed with the given alternate @@ -164,7 +175,11 @@ When this option is used, the libc Name Service Switch (NSS) is bypassed for resolving users and groups. Instead the files /etc/passwd and /etc/group inside the alternate root are read directly. This means that users/groups not listed in these files - will not be resolved, i.e. LDAP NIS and other complex databases are not considered. + will not be resolved, i.e. LDAP NIS and other complex databases are not considered. + + Consider combining this with to ensure the invocation does not create files + or directories below mount points in the OS image operated on that are typically overmounted during + runtime. -- cgit v1.2.1