Adding upstream version 4.23.0.upstream/4.23.0

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 45 insertions, 21 deletions

diff --git a/upstream/fedora-rawhide/man5/systemd-system.conf.5 b/upstream/fedora-rawhide/man5/systemd-system.conf.5
index 6d2267c2..072da5ee 100644
--- a/upstream/fedora-rawhide/man5/systemd-system.conf.5
+++ b/upstream/fedora-rawhide/man5/systemd-system.conf.5
@@ -1,5 +1,5 @@
 '\" t
-.TH "SYSTEMD\-SYSTEM\&.CONF" "5" "" "systemd 255" "systemd-system.conf"
+.TH "SYSTEMD\-SYSTEM\&.CONF" "5" "" "systemd 256~rc3" "systemd-system.conf"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@@ -24,12 +24,16 @@ systemd-system.conf, system.conf.d, systemd-user.conf, user.conf.d \- System and
 .SH "SYNOPSIS"
 .PP
 /etc/systemd/system\&.conf,
+/run/systemd/system\&.conf,
+/usr/lib/systemd/system\&.conf,
 /etc/systemd/system\&.conf\&.d/*\&.conf,
 /run/systemd/system\&.conf\&.d/*\&.conf,
 /usr/lib/systemd/system\&.conf\&.d/*\&.conf
 .PP
 ~/\&.config/systemd/user\&.conf,
 /etc/systemd/user\&.conf,
+/run/systemd/user\&.conf,
+/usr/lib/systemd/user\&.conf,
 /etc/systemd/user\&.conf\&.d/*\&.conf,
 /run/systemd/user\&.conf\&.d/*\&.conf,
 /usr/lib/systemd/user\&.conf\&.d/*\&.conf
@@ -43,8 +47,10 @@ and the files in
 system\&.conf\&.d
 directories; when run as a user instance, it interprets the configuration file
 user\&.conf
-(either in the home directory of the user, or if not found, under
-/etc/systemd/) and the files in
+(in order of priority, in the home directory of the user and under
+/etc/systemd/,
+/run/systemd/, and
+/usr/lib/systemd/) and the files in
 user\&.conf\&.d
 directories\&. These configuration files contain a few settings controlling basic manager operations\&.
 .PP
@@ -53,16 +59,16 @@ See
 for a general description of the syntax\&.
 .SH "CONFIGURATION DIRECTORIES AND PRECEDENCE"
 .PP
-The default configuration is set during compilation, so configuration is only needed when it is necessary to deviate from those defaults\&. The main configuration file is either in
-/usr/lib/systemd/
-or
-/etc/systemd/
-and contains commented out entries showing the defaults as a guide to the administrator\&. Local overrides can be created by creating drop\-ins, as described below\&. The main configuration file can also be edited for this purpose (or a copy in
+The default configuration is set during compilation, so configuration is only needed when it is necessary to deviate from those defaults\&. The main configuration file is loaded from one of the listed directories in order of priority, only the first file found is used:
+/etc/systemd/,
+/run/systemd/,
+/usr/local/lib/systemd/,
+/usr/lib/systemd/\&. The vendor version of the file contains commented out entries showing the defaults as a guide to the administrator\&. Local overrides can also be created by creating drop\-ins, as described below\&. The main configuration file can also be edited for this purpose (or a copy in
 /etc/
-if it\*(Aqs shipped in
-/usr/) however using drop\-ins for local configuration is recommended over modifications to the main configuration file\&.
+if it\*(Aqs shipped under
+/usr/), however using drop\-ins for local configuration is recommended over modifications to the main configuration file\&.
 .PP
-In addition to the "main" configuration file, drop\-in configuration snippets are read from
+In addition to the main configuration file, drop\-in configuration snippets are read from
 /usr/lib/systemd/*\&.conf\&.d/,
 /usr/local/lib/systemd/*\&.conf\&.d/, and
 /etc/systemd/*\&.conf\&.d/\&. Those drop\-ins have higher precedence and override the main configuration file\&. Files in the
@@ -72,7 +78,12 @@ configuration subdirectories are sorted by their filename in lexicographic order
 When packages need to customize the configuration, they can install drop\-ins under
 /usr/\&. Files in
 /etc/
-are reserved for the local administrator, who may use this logic to override the configuration files installed by vendor packages\&. Drop\-ins have to be used to override package drop\-ins, since the main configuration file has lower precedence\&. It is recommended to prefix all filenames in those subdirectories with a two\-digit number and a dash, to simplify the ordering of the files\&. This also defined a concept of drop\-in priority to allow distributions to ship drop\-ins within a specific range lower than the range used by users\&. This should lower the risk of package drop\-ins overriding accidentally drop\-ins defined by users\&.
+are reserved for the local administrator, who may use this logic to override the configuration files installed by vendor packages\&. Drop\-ins have to be used to override package drop\-ins, since the main configuration file has lower precedence\&. It is recommended to prefix all filenames in those subdirectories with a two\-digit number and a dash, to simplify the ordering of the files\&. This also defines a concept of drop\-in priorities to allow OS vendors to ship drop\-ins within a specific range lower than the range used by users\&. This should lower the risk of package drop\-ins overriding accidentally drop\-ins defined by users\&. It is recommended to use the range 10\-40 for drop\-ins in
+/usr/
+and the range 60\-90 for drop\-ins in
+/etc/
+and
+/run/, to make sure that local and transient drop\-ins take priority over drop\-ins shipped by the OS vendor\&.
 .PP
 To disable a configuration file supplied by the vendor, the recommended way is to place a symlink to
 /dev/null
@@ -82,7 +93,7 @@ in the configuration directory in
 .PP
 All options are configured in the [Manager] section:
 .PP
-\fILogColor=\fR, \fILogLevel=\fR, \fILogLocation=\fR, \fILogTarget=\fR, \fILogTime=\fR, \fIDumpCore=yes\fR, \fICrashChangeVT=no\fR, \fICrashShell=no\fR, \fICrashReboot=no\fR, \fIShowStatus=yes\fR, \fIDefaultStandardOutput=journal\fR, \fIDefaultStandardError=inherit\fR
+\fILogColor=\fR, \fILogLevel=\fR, \fILogLocation=\fR, \fILogTarget=\fR, \fILogTime=\fR, \fIDumpCore=yes\fR, \fICrashChangeVT=no\fR, \fICrashShell=no\fR, \fICrashAction=freeze\fR, \fIShowStatus=yes\fR, \fIDefaultStandardOutput=journal\fR, \fIDefaultStandardError=inherit\fR
 .RS 4
 Configures various parameters of basic manager operation\&. These options may be overridden by the respective process and kernel command line arguments\&. See
 \fBsystemd\fR(1)
@@ -263,6 +274,24 @@ Takes a boolean argument\&. If true, ensures that PID 1 and all its children can
 Added in version 239\&.
 .RE
 .PP
+\fIProtectSystem=\fR
+.RS 4
+Takes a boolean argument or the string
+"auto"\&. If set to true this will remount
+/usr/
+read\-only\&. If set to
+"auto"
+(the default) and running in an initrd equivalent to true, otherwise false\&. This implements a restricted subset of the per\-unit setting of the same name, see
+\fBsystemd.exec\fR(5)
+for details: currently, the
+"full"
+or
+"struct"
+values are not supported\&.
+.sp
+Added in version 256\&.
+.RE
+.PP
 \fISystemCallArchitectures=\fR
 .RS 4
 Takes a space\-separated list of architecture identifiers\&. Selects from which architectures system calls may be invoked on this system\&. This may be used as an effective way to disable invocation of non\-native binaries system\-wide, for example to prohibit execution of 32\-bit x86 binaries on 64\-bit x86\-64 systems\&. This option operates system\-wide, and acts similar to the
@@ -588,11 +617,11 @@ Added in version 252\&.
 .PP
 \fIReloadLimitIntervalSec=\fR, \fIReloadLimitBurst=\fR
 .RS 4
-Rate limiting for daemon\-reload requests\&. Default to unset, and any number of daemon\-reload operations can be requested at any time\&.
+Rate limiting for daemon\-reload and (since v256) daemon\-reexec requests\&. The setting applies to both operations, but the rate limits are tracked separately\&. Defaults to unset, and any number of operations can be requested at any time\&.
 \fIReloadLimitIntervalSec=\fR
 takes a value in seconds to configure the rate limit window, and
 \fIReloadLimitBurst=\fR
-takes a positive integer to configure the maximum allowed number of reloads within the configured time window\&.
+takes a positive integer to configure the maximum allowed number of operations within the configured time window\&.
 .sp
 Added in version 253\&.
 .RE
@@ -818,12 +847,7 @@ Added in version 252\&.
 .RE
 .SH "SEE ALSO"
 .PP
-\fBsystemd\fR(1),
-\fBsystemd.directives\fR(7),
-\fBsystemd.exec\fR(5),
-\fBsystemd.service\fR(5),
-\fBenviron\fR(7),
-\fBcapabilities\fR(7)
+\fBsystemd\fR(1), \fBsystemd.directives\fR(7), \fBsystemd.exec\fR(5), \fBsystemd.service\fR(5), \fBenviron\fR(7), \fBcapabilities\fR(7)
 .SH "NOTES"
 .IP " 1." 4
 No New Privileges Flag