On Wed, 2024-06-05 at 06:41 -0400, Sam Varshavchik wrote:
Good luck finding where this is documented in the man pages, for overrides. There were barrels of laughs in systemd.exec(5). First, there are several instances of "ProtectHome=yes" sprinkled in random places. Then, when you get to the actual description:
ProtectHome= Takes a boolean argument or the special values "read-only" or "tmpfs". If true, the directories /home/, /root, and /run/user are made inaccessible and empty for processes invoked by this unit.
What does "true" mean here? Does it refer to the setting existence, overall? Or, boolean as "true" and "false", but if so, what's "ProtectHome=yes" is all about?
I'd suggest reporting a documentation bug. It's the only way this will ever be clarified. I think people generally don't bother reporting this kind of thing (and I include myself in that) but it's important.
poc