systemd/0502-man-say-that-SecureBits-are-space-separated.patch

From e060073a8f05cfdfad621b1bb59abe944b17d5f9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Fri, 3 Oct 2014 21:06:52 -0400
Subject: [PATCH] man: say that SecureBits= are space separated

---
 man/systemd.exec.xml | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 6d0113f5cc..939983fb7e 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -776,20 +776,22 @@
                         <varlistentry>
                                 <term><varname>SecureBits=</varname></term>
                                 <listitem><para>Controls the secure
-                                bits set for the executed process. See
-                                <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
-                                for details. Takes a list of strings:
+                                bits set for the executed process.
+                                Takes a space-separated combination of
+                                options from the following list:
                                 <option>keep-caps</option>,
                                 <option>keep-caps-locked</option>,
                                 <option>no-setuid-fixup</option>,
                                 <option>no-setuid-fixup-locked</option>,
-                                <option>noroot</option> and/or
+                                <option>noroot</option>, and
                                 <option>noroot-locked</option>. This
                                 option may appear more than once in
-                                which case the secure bits are
-                                ORed. If the empty string is assigned
-                                to this option, the bits are reset to
-                                0.</para></listitem>
+                                which case the secure bits are ORed.
+                                If the empty string is assigned to
+                                this option, the bits are reset to 0.
+                                See <citerefentry
+                                project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+                                for details.</para></listitem>
                         </varlistentry>
 
                         <varlistentry>
@@ -806,7 +808,7 @@
                                 attached to the executed file. Due to
                                 that
                                 <varname>CapabilityBoundingSet=</varname>
-                                is probably the much more useful
+                                is probably a much more useful
                                 setting.</para></listitem>
                         </varlistentry>