diff options
| author | Lennart Poettering <lennart@poettering.net> | 2018-06-20 18:52:52 +0200 |
|---|---|---|
| committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2018-06-20 22:33:47 +0200 |
| commit | be405b909e5d78b43e3af47e0d10cd84c714e2f3 (patch) | |
| tree | 9bc1fa2b21eeaaf5f6609905af57094365cd004b /man | |
| parent | 92963e74dfa597038ca35799980ba8832fc8c5a4 (diff) | |
| download | systemd-be405b909e5d78b43e3af47e0d10cd84c714e2f3.tar.gz | |
condition: add new conditon ConditionSecurity=uefi-secureboot
We have the detector call for this anyway, and it's useful for
conditioning out dbxtool.service, hence let's add this tiny new option.
Diffstat (limited to 'man')
| -rw-r--r-- | man/systemd.unit.xml | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml index 92c0f6297a..7605c43375 100644 --- a/man/systemd.unit.xml +++ b/man/systemd.unit.xml @@ -1107,15 +1107,13 @@ kernels into older versions provided by distributions. Hence, this check is inherently unportable and should not be used for units which may be used on different distributions.</para> - <para><varname>ConditionSecurity=</varname> may be used to - check whether the given security module is enabled on the + <para><varname>ConditionSecurity=</varname> may be used to check + whether the given security technology is enabled on the system. Currently, the recognized values are - <varname>selinux</varname>, - <varname>apparmor</varname>, - <varname>tomoyo</varname>, - <varname>ima</varname>, - <varname>smack</varname> and - <varname>audit</varname>. The test may be negated by + <varname>selinux</varname>, <varname>apparmor</varname>, + <varname>tomoyo</varname>, <varname>ima</varname>, + <varname>smack</varname>, <varname>audit</varname> and + <varname>uefi-secureboot</varname>. The test may be negated by prepending an exclamation mark.</para> <para><varname>ConditionCapability=</varname> may be used to |