Compare commits

..

13 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek bdf2357c12 NEWS: add contributors for v244 2019-11-22 09:33:59 +01:00
Zbigniew Jędrzejewski-Szmek 6df086019c mailmap: update 2019-11-22 09:33:40 +01:00
Zbigniew Jędrzejewski-Szmek 353a6f293e
Merge pull request #14081 from poettering/xattr-list-rework
xattr-util rework and addition of flistxattr_malloc() helper plus test
2019-11-22 09:18:24 +01:00
Zbigniew Jędrzejewski-Szmek fd0d10f783
Merge pull request #14105 from keszybz/man-directives-cleanup
Man formatting and sorting fixes
2019-11-22 09:06:28 +01:00
ksbex 80fc3166e0 hwdb: Dell venue 10 pro 5055 accel mount matrix (#14104) 2019-11-22 08:51:44 +01:00
Zbigniew Jędrzejewski-Szmek 8c6c56c36f man: sort options without "=" in the directives index
Some options would appear twice in the index, e.g. --collect= and
--collect. Some man pages use one form, some the other, and the argument
might be mandatory for some commands but not others. Anyway, let's display
them as one entry, to reduce the total number of items listed.
2019-11-21 22:06:30 +01:00
Zbigniew Jędrzejewski-Szmek f8b68539d0 man: fix a few bogus entries in directives index
When wrong element types are used, directives are sometimes placed in the wrong
section. Also, strip part of text starting with "'", which is used in a few
places and which is displayed improperly in the index.
2019-11-21 22:06:30 +01:00
Zbigniew Jędrzejewski-Szmek b0343f8c96 man: change noindex="true" to index="false"
We nowadays prefer positive options over negative.
2019-11-21 22:03:57 +01:00
Zbigniew Jędrzejewski-Szmek 8eb6e6ed09 man: use <command> not <option> for commands in resolvectl(1) 2019-11-21 22:03:57 +01:00
Lennart Poettering 83412d39de test-copy: test that xattrs are properly copied 2019-11-19 15:44:58 +01:00
Lennart Poettering f9bbb4dcec copy: port over to flistxattr_malloc() and fgetxattr_malloc() 2019-11-19 15:44:58 +01:00
Lennart Poettering 7de2d2e17d xattr-util: add flistxattr_malloc() that returns a NULSTR 2019-11-19 15:44:58 +01:00
Lennart Poettering 6ac99d9d5f xattr-util: modernize getxattr_malloc() a bit
Let's use automatic cleanup/TAKE_PTR where appropriate
2019-11-19 15:44:58 +01:00
34 changed files with 278 additions and 192 deletions

View File

@ -14,6 +14,7 @@ Arnd Bergmann <arnd@arndb.de>
Atul Sabharwal <atul.sabharwal@intel.com> Atul Sabharwal <atul.sabharwal@intel.com>
Bart Rulon <barron@lexmark.com> Bart Rulon <barron@lexmark.com>
Bastien Nocera <hadess@hadess.net> <hadess@users.noreply.github.com> Bastien Nocera <hadess@hadess.net> <hadess@users.noreply.github.com>
Baybal Ni <nikulinpi@gmail.com>
Beniamino Galvani <bgalvani@redhat.com> <bengal@users.noreply.github.com> Beniamino Galvani <bgalvani@redhat.com> <bengal@users.noreply.github.com>
Bill Yodlowsky <bill@redhat.com> <itsbill@users.noreply.github.com> Bill Yodlowsky <bill@redhat.com> <itsbill@users.noreply.github.com>
Brian Boylston <brian.boylston@hpe.com> Brian Boylston <brian.boylston@hpe.com>
@ -22,6 +23,7 @@ Chen Qi <Qi.Chen@windriver.com> <40684930+ChenQi1989@users.noreply.github.com>
Christophe Varoqui <christophe.varoqui@free.fr> Christophe Varoqui <christophe.varoqui@free.fr>
Colin Guthrie <ColinGuthrie@web> Colin Guthrie <ColinGuthrie@web>
Daniel Elstner <daniel.kitta@gmail.com> <danielk@openismus.com> Daniel Elstner <daniel.kitta@gmail.com> <danielk@openismus.com>
Daniel Gorbea <danielgorbea@hotmail.com>
Daniel J Walsh <dwalsh@redhat.com> Daniel J Walsh <dwalsh@redhat.com>
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Machon <Danielmachon@live.dk> Daniel Machon <Danielmachon@live.dk>
@ -85,6 +87,7 @@ Kay Sievers <kay@vrfy.org> <kay.sievers@vrfy.org>
Kay Sievers <kay@vrfy.org> <kay@pim.off.vrfy.org> Kay Sievers <kay@vrfy.org> <kay@pim.off.vrfy.org>
Kay Sievers <kay@vrfy.org> <kay@pim> Kay Sievers <kay@vrfy.org> <kay@pim>
Kay Sievers <kay@vrfy.org> <kay@yik.fritz.box> Kay Sievers <kay@vrfy.org> <kay@yik.fritz.box>
Kevin Becker <kevin@kevinbecker.org>
Krzysztof Jackiewicz <k.jackiewicz@samsung.com> <kjackiewicz@users.noreply.github.com> Krzysztof Jackiewicz <k.jackiewicz@samsung.com> <kjackiewicz@users.noreply.github.com>
Larry Bernstone <lbernstone@gmail.com> Larry Bernstone <lbernstone@gmail.com>
Lennart Poettering <lennart@poettering.net> <LennartPoettering@web> Lennart Poettering <lennart@poettering.net> <LennartPoettering@web>

26
NEWS
View File

@ -1,6 +1,6 @@
systemd System and Service Manager systemd System and Service Manager
CHANGES WITH 244 in spe: CHANGES WITH 244:
* Support for the cpuset cgroups v2 controller has been added. * Support for the cpuset cgroups v2 controller has been added.
Processes may be restricted to specific CPUs using the new Processes may be restricted to specific CPUs using the new
@ -200,6 +200,30 @@ CHANGES WITH 244 in spe:
for all services that should not be able to read from or write to the for all services that should not be able to read from or write to the
kernel log buffer, which are probably almost all. kernel log buffer, which are probably almost all.
Contributions from: Aaron Plattner, Alcaro, Anita Zhang, Balint Reczey,
Bastien Nocera, Baybal Ni, Benjamin Bouvier, Benjamin Gilbert, cbzxt,
Chen Qi, Chris Down, Christian Rebischke, Claudio Zumbo, ClydeByrdIII,
crashfistfight, Cyprien Laplace, Daniel Gorbea, Daniel Edgecumbe,
Daniel Rusek, Daniel Stuart, Dan Streetman, David Pedersen, David
Tardon, Dimitri John Ledkov, Dominique Martinet, Donald A. Cupp Jr,
Evgeny Vereshchagin, Fabian Henneke, Filipe Brandenburger, Franck Bui,
Frantisek Sumsal, Georg Müller, Hans de Goede, HATAYAMA Daisuke, Iwan
Timmer, Jan Janssen, Jan Kundrát, Jan Synacek, Jay Strict, Jérémy
Rosen, Jóhann B. Guðmundsson, Jonas Jelten, Jonas Thelemann, Justin
Trudell, Kai-Heng Feng, Kenneth D'souza, Kevin Kuehler, Kevin Becker,
Lennart Poettering, Léonard Gérard, Lorenz Bauer, Luca Boccassi, Maciej
Stanczew, Mario Limonciello, Marko Myllynen, Mark Stosberg, Martin
Wilck, matthiasroos, Michael Biebl, Michael Olbrich, Michael Tretter,
Michal Sekletar, Michal Suchanek, Mike Kazantsev, Nicolas Douma,
Norbert Lange, pan93412, Pavel Hrdina, Peter Wu, Philip Withnall, Piotr
Drąg, Rafael Fontenelle, Renaud Métrich, Riccardo Schirone,
RoadrunnerWMC, Ronan Pigott, Ryan Attard, Sebastian Wick, Serge,
Siddharth Chandrasekara, Steve Traylen, Susant Sahani, Thibault Nélis,
Tim Teichmann, Tom Fitzhenry, Tommy J, Torsten Hilbrich, Vito Caputo,
ypf791, Yu Watanabe, Zach Smith, Zbigniew Jędrzejewski-Szmek
Somewhere, 2019-11-22
CHANGES WITH 243: CHANGES WITH 243:
* This release enables unprivileged programs (i.e. requiring neither * This release enables unprivileged programs (i.e. requiring neither

View File

@ -235,6 +235,10 @@ sensor:modalias:acpi:*KIOX000A*:dmi:*svn*CytrixTechnology:*pn*Complex11t*
sensor:modalias:platform:HID-SENSOR-200073:dmi:*svnDell*:pnVostro5581:* sensor:modalias:platform:HID-SENSOR-200073:dmi:*svnDell*:pnVostro5581:*
ACCEL_LOCATION=base ACCEL_LOCATION=base
# Dell Venue 10 Pro 5055
sensor:modalias:acpi:INVN6500*:dmi:*svnDell*:pnVenue10Pro5055*
ACCEL_MOUNT_MATRIX=0, -1, 0; 1, 0, 0; 0, 0, 1
######################################### #########################################
# DEXP # DEXP
######################################### #########################################

View File

@ -321,7 +321,7 @@
<example> <example>
<title>Extract the last core dump of /usr/bin/bar to a file named <title>Extract the last core dump of /usr/bin/bar to a file named
<filename noindex="true">bar.coredump</filename></title> <filename index="false">bar.coredump</filename></title>
<programlisting># coredumpctl -o bar.coredump dump /usr/bin/bar</programlisting> <programlisting># coredumpctl -o bar.coredump dump /usr/bin/bar</programlisting>
</example> </example>

View File

@ -102,7 +102,7 @@
<listitem><para>In the daemon process, write the daemon PID <listitem><para>In the daemon process, write the daemon PID
(as returned by <function>getpid()</function>) to a PID file, (as returned by <function>getpid()</function>) to a PID file,
for example <filename>/run/foobar.pid</filename> (for a for example <filename index='false'>/run/foobar.pid</filename> (for a
hypothetical daemon "foobar") to ensure that the daemon cannot hypothetical daemon "foobar") to ensure that the daemon cannot
be started more than once. This must be implemented in be started more than once. This must be implemented in
race-free fashion so that the PID file is only updated when it race-free fashion so that the PID file is only updated when it

View File

@ -75,7 +75,7 @@
<title>Example</title> <title>Example</title>
<example> <example>
<title>Setup environment to allow access to a program installed in <title>Setup environment to allow access to a program installed in
<filename noindex='true'>/opt/foo</filename></title> <filename index="false">/opt/foo</filename></title>
<para><filename>/etc/environment.d/60-foo.conf</filename>: <para><filename>/etc/environment.d/60-foo.conf</filename>:
</para> </para>

View File

@ -50,7 +50,7 @@
<term><varname>URL=</varname></term> <term><varname>URL=</varname></term>
<listitem><para>The URL to upload the journal entries to. See the description <listitem><para>The URL to upload the journal entries to. See the description
of <varname>--url=</varname> option in of <option>--url=</option> option in
<citerefentry><refentrytitle>systemd-journal-upload</refentrytitle><manvolnum>8</manvolnum></citerefentry> <citerefentry><refentrytitle>systemd-journal-upload</refentrytitle><manvolnum>8</manvolnum></citerefentry>
for the description of possible values. There is no default value, so either this for the description of possible values. There is no default value, so either this
option or the command-line option must be always present to make an upload.</para></listitem> option or the command-line option must be always present to make an upload.</para></listitem>

View File

@ -27,7 +27,7 @@
<para>Users might want to change two options in particular:</para> <para>Users might want to change two options in particular:</para>
<variablelist class='environment-variables'> <variablelist>
<varlistentry> <varlistentry>
<term><option>K</option></term> <term><option>K</option></term>

View File

@ -53,13 +53,15 @@
<variablelist> <variablelist>
<varlistentry> <varlistentry>
<term><option>query <replaceable>HOSTNAME|ADDRESS</replaceable></option></term> <term><command>query</command> <replaceable>HOSTNAME|ADDRESS</replaceable></term>
<listitem><para>Resolve domain names, IPv4 and IPv6 addresses.</para></listitem> <listitem><para>Resolve domain names, IPv4 and IPv6 addresses.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>service [[<replaceable>NAME</replaceable>] <replaceable>TYPE</replaceable>] <replaceable>DOMAIN</replaceable></option></term> <term><command>service</command>
[[<replaceable>NAME</replaceable>] <replaceable>TYPE</replaceable>]
<replaceable>DOMAIN</replaceable></term>
<listitem><para>Resolve <ulink url="https://tools.ietf.org/html/rfc6763">DNS-SD</ulink> and <listitem><para>Resolve <ulink url="https://tools.ietf.org/html/rfc6763">DNS-SD</ulink> and
<ulink url="https://tools.ietf.org/html/rfc2782">SRV</ulink> services, depending on the specified list of parameters. <ulink url="https://tools.ietf.org/html/rfc2782">SRV</ulink> services, depending on the specified list of parameters.
@ -71,7 +73,7 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>openpgp <replaceable>EMAIL@DOMAIN</replaceable></option></term> <term><command>openpgp</command> <replaceable>EMAIL@DOMAIN</replaceable></term>
<listitem><para>Query PGP keys stored as <ulink url="https://tools.ietf.org/html/rfc7929">OPENPGPKEY</ulink> <listitem><para>Query PGP keys stored as <ulink url="https://tools.ietf.org/html/rfc7929">OPENPGPKEY</ulink>
resource records. Specified e-mail addresses are converted to the corresponding DNS domain name, and any resource records. Specified e-mail addresses are converted to the corresponding DNS domain name, and any
@ -79,7 +81,9 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>tlsa [<replaceable>FAMILY</replaceable>] <replaceable>DOMAIN</replaceable>[:<replaceable>PORT</replaceable>]…</option></term> <term><command>tlsa</command>
[<replaceable>FAMILY</replaceable>]
<replaceable>DOMAIN</replaceable>[:<replaceable>PORT</replaceable>]…</term>
<listitem><para>Query TLS public keys stored as <ulink url="https://tools.ietf.org/html/rfc6698">TLSA</ulink> <listitem><para>Query TLS public keys stored as <ulink url="https://tools.ietf.org/html/rfc6698">TLSA</ulink>
resource records. A query will be performed for each of the specified names prefixed with the port and family resource records. A query will be performed for each of the specified names prefixed with the port and family
@ -89,28 +93,28 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>status [<replaceable>LINK</replaceable>…]</option></term> <term><command>status</command> [<replaceable>LINK</replaceable>…]</term>
<listitem><para>Shows the global and per-link DNS settings currently in effect. If no command is specified, <listitem><para>Shows the global and per-link DNS settings currently in effect. If no command is specified,
this is the implied default.</para></listitem> this is the implied default.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>statistics</option></term> <term><command>statistics</command></term>
<listitem><para>Shows general resolver statistics, including information whether DNSSEC is <listitem><para>Shows general resolver statistics, including information whether DNSSEC is
enabled and available, as well as resolution and validation statistics.</para></listitem> enabled and available, as well as resolution and validation statistics.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>reset-statistics</option></term> <term><command>reset-statistics</command></term>
<listitem><para>Resets the statistics counters shown in <option>statistics</option> to zero. <listitem><para>Resets the statistics counters shown in <command>statistics</command> to zero.
This operation requires root privileges.</para></listitem> This operation requires root privileges.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>flush-caches</option></term> <term><command>flush-caches</command></term>
<listitem><para>Flushes all DNS resource record caches the service maintains locally. This is mostly equivalent <listitem><para>Flushes all DNS resource record caches the service maintains locally. This is mostly equivalent
to sending the <constant>SIGUSR2</constant> to the <command>systemd-resolved</command> to sending the <constant>SIGUSR2</constant> to the <command>systemd-resolved</command>
@ -118,7 +122,7 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>reset-server-features</option></term> <term><command>reset-server-features</command></term>
<listitem><para>Flushes all feature level information the resolver learnt about specific servers, and ensures <listitem><para>Flushes all feature level information the resolver learnt about specific servers, and ensures
that the server feature probing logic is started from the beginning with the next look-up request. This is that the server feature probing logic is started from the beginning with the next look-up request. This is
@ -127,46 +131,48 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>dns [<replaceable>LINK</replaceable> [<replaceable>SERVER</replaceable>…]]</option></term> <term><command>dns</command> [<replaceable>LINK</replaceable> [<replaceable>SERVER</replaceable>…]]</term>
<term><option>domain [<replaceable>LINK</replaceable> [<replaceable>DOMAIN</replaceable>…]]</option></term> <term><command>domain</command> [<replaceable>LINK</replaceable> [<replaceable>DOMAIN</replaceable>…]]</term>
<term><option>default-route [<replaceable>LINK</replaceable> [<replaceable>BOOL</replaceable>…]]</option></term> <term><command>default-route</command> [<replaceable>LINK</replaceable> [<replaceable>BOOL</replaceable>…]]</term>
<term><option>llmnr [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</option></term> <term><command>llmnr</command> [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</term>
<term><option>mdns [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</option></term> <term><command>mdns</command> [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</term>
<term><option>dnssec [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</option></term> <term><command>dnssec</command> [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</term>
<term><option>dnsovertls [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</option></term> <term><command>dnsovertls</command> [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</term>
<term><option>nta [<replaceable>LINK</replaceable> [<replaceable>DOMAIN</replaceable>…]]</option></term> <term><command>nta</command> [<replaceable>LINK</replaceable> [<replaceable>DOMAIN</replaceable>…]]</term>
<listitem> <listitem>
<para>Get/set per-interface DNS configuration. These commands may be used to configure various DNS settings <para>Get/set per-interface DNS configuration. These commands may be used to configure various DNS
for network interfaces. These commands may be used to inform <command>systemd-resolved</command> or settings for network interfaces. These commands may be used to inform
<command>systemd-networkd</command> about per-interface DNS configuration determined <command>systemd-resolved</command> or <command>systemd-networkd</command> about per-interface DNS
through external means. The <option>dns</option> command expects IPv4 or IPv6 address specifications of DNS configuration determined through external means. The <command>dns</command> command expects IPv4 or
servers to use. The <option>domain</option> command expects valid DNS domains, possibly prefixed with IPv6 address specifications of DNS servers to use. The <command>domain</command> command expects
<literal>~</literal>, and configures a per-interface search or route-only domain. The valid DNS domains, possibly prefixed with <literal>~</literal>, and configures a per-interface
<option>default-route</option> command expects a boolean parameter, and configures whether the link may be search or route-only domain. The <command>default-route</command> command expects a boolean
used as default route for DNS lookups, i.e. if it is suitable for lookups on domains no other link explicitly parameter, and configures whether the link may be used as default route for DNS lookups, i.e. if it
is configured for. The <option>llmnr</option>, <option>mdns</option>, <option>dnssec</option> and is suitable for lookups on domains no other link explicitly is configured for. The
<option>dnsovertls</option> commands may be used to configure the per-interface LLMNR, MulticastDNS, DNSSEC <command>llmnr</command>, <command>mdns</command>, <command>dnssec</command> and
and DNSOverTLS settings. Finally, <option>nta</option> command may be used to configure additional <command>dnsovertls</command> commands may be used to configure the per-interface LLMNR,
per-interface DNSSEC NTA domains.</para> MulticastDNS, DNSSEC and DNSOverTLS settings. Finally, <command>nta</command> command may be used
to configure additional per-interface DNSSEC NTA domains.</para>
<para>Options <option>dns</option>, <option>domain</option> and <option>nta</option> can take <para>Commands <command>dns</command>, <command>domain</command> and <command>nta</command> can take
a single empty string argument to clear their respective value lists.</para> a single empty string argument to clear their respective value lists.</para>
<para>For details about these settings, their possible values and their effect, see the corresponding options in <para>For details about these settings, their possible values and their effect, see the
corresponding settings in
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para> <citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>revert <replaceable>LINK</replaceable></option></term> <term><command>revert <replaceable>LINK</replaceable></command></term>
<listitem><para>Revert the per-interface DNS configuration. If the DNS configuration is reverted all <listitem><para>Revert the per-interface DNS configuration. If the DNS configuration is reverted all
per-interface DNS setting are reset to their defaults, undoing all effects of <option>dns</option>, per-interface DNS setting are reset to their defaults, undoing all effects of <command>dns</command>,
<option>domain</option>, <option>default-route</option>, <option>llmnr</option>, <option>mdns</option>, <command>domain</command>, <command>default-route</command>, <command>llmnr</command>,
<option>dnssec</option>, <option>dnsovertls</option>, <option>nta</option>. Note that when a network interface <command>mdns</command>, <command>dnssec</command>, <command>dnsovertls</command>,
disappears all configuration is lost automatically, an explicit reverting is not necessary in that <command>nta</command>. Note that when a network interface disappears all configuration is lost
case.</para></listitem> automatically, an explicit reverting is not necessary in that case.</para></listitem>
</varlistentry> </varlistentry>
</variablelist> </variablelist>

View File

@ -348,8 +348,8 @@ DATAERR 65 BSD
<refsect2> <refsect2>
<title><command>systemd-analyze condition <replaceable>CONDITION</replaceable>...</command></title> <title><command>systemd-analyze condition <replaceable>CONDITION</replaceable>...</command></title>
<para>This command will evaluate <varname noindex='true'>Condition*=...</varname> and <para>This command will evaluate <varname index="false">Condition*=...</varname> and
<varname noindex='true'>Assert*=...</varname> assignments, and print their values, and <varname index="false">Assert*=...</varname> assignments, and print their values, and
the resulting value of the combined condition set. See the resulting value of the combined condition set. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for a list of available conditions and asserts.</para> for a list of available conditions and asserts.</para>
@ -602,7 +602,7 @@ Service b@0.service not loaded, b.socket cannot be started.
policy is not validated too.</para> policy is not validated too.</para>
<example> <example>
<title>Analyze <filename noindex="true">systemd-logind.service</filename></title> <title>Analyze <filename index="false">systemd-logind.service</filename></title>
<programlisting>$ systemd-analyze security --no-pager systemd-logind.service <programlisting>$ systemd-analyze security --no-pager systemd-logind.service
NAME DESCRIPTION EXPOSURE NAME DESCRIPTION EXPOSURE

View File

@ -140,7 +140,7 @@
<example> <example>
<title>Invoke a program</title> <title>Invoke a program</title>
<para>This calls <filename noindex='true'>/bin/ls</filename> <para>This calls <filename index="false">/bin/ls</filename>
with standard output and error connected to the journal:</para> with standard output and error connected to the journal:</para>
<programlisting># systemd-cat ls</programlisting> <programlisting># systemd-cat ls</programlisting>

View File

@ -42,7 +42,7 @@
<para>If <command>systemd-cgtop</command> is not connected to a <para>If <command>systemd-cgtop</command> is not connected to a
tty, no column headers are printed and the default is to only run tty, no column headers are printed and the default is to only run
one iteration. The <varname>--iterations=</varname> argument, if one iteration. The <option>--iterations=</option> argument, if
given, is honored. This mode is suitable for scripting.</para> given, is honored. This mode is suitable for scripting.</para>
<para>Resource usage is only accounted for control groups in the <para>Resource usage is only accounted for control groups in the

View File

@ -51,7 +51,7 @@
<para><filename>systemd-fsck</filename> does not know any details <para><filename>systemd-fsck</filename> does not know any details
about specific filesystems, and simply executes file system about specific filesystems, and simply executes file system
checkers specific to each filesystem type checkers specific to each filesystem type
(<filename>/sbin/fsck.*</filename>). These checkers will decide if (<filename>/sbin/fsck.<replaceable>type</replaceable></filename>). These checkers will decide if
the filesystem should actually be checked based on the time since the filesystem should actually be checked based on the time since
last check, number of mounts, unclean unmount, etc.</para> last check, number of mounts, unclean unmount, etc.</para>

View File

@ -51,7 +51,7 @@
<para><filename>systemd-makefs</filename> knows very little about specific file <para><filename>systemd-makefs</filename> knows very little about specific file
systems and swap devices, and after checking that the block device does not already systems and swap devices, and after checking that the block device does not already
contain a file system or other content, it will execute binaries specific to contain a file system or other content, it will execute binaries specific to
each filesystem type (<filename>/sbin/mkfs.*</filename>).</para> each filesystem type (<filename>/sbin/mkfs.<replaceable>type</replaceable></filename>).</para>
<para><filename>systemd-growfs</filename> knows very little about specific file <para><filename>systemd-growfs</filename> knows very little about specific file
systems and swap devices, and will instruct the kernel to grow the mounted systems and swap devices, and will instruct the kernel to grow the mounted

View File

@ -1366,7 +1366,7 @@
# systemd-nspawn -bD /var/lib/machines/f&fedora_latest_version;</programlisting> # systemd-nspawn -bD /var/lib/machines/f&fedora_latest_version;</programlisting>
<para>This installs a minimal Fedora distribution into the <para>This installs a minimal Fedora distribution into the
directory <filename noindex='true'>/var/lib/machines/f&fedora_latest_version;</filename> directory <filename index="false">/var/lib/machines/f&fedora_latest_version;</filename>
and then boots an OS in a namespace container in it. Because the installation and then boots an OS in a namespace container in it. Because the installation
is located underneath the standard <filename>/var/lib/machines/</filename> is located underneath the standard <filename>/var/lib/machines/</filename>
directory, it is also possible to start the machine using directory, it is also possible to start the machine using

View File

@ -40,7 +40,7 @@
are configured in the <literal>[Automount]</literal> section.</para> are configured in the <literal>[Automount]</literal> section.</para>
<para>Automount units must be named after the automount directories they control. Example: the automount point <para>Automount units must be named after the automount directories they control. Example: the automount point
<filename noindex='true'>/home/lennart</filename> must be configured in a unit file <filename index="false">/home/lennart</filename> must be configured in a unit file
<filename>home-lennart.automount</filename>. For details about the escaping logic used to convert a file system <filename>home-lennart.automount</filename>. For details about the escaping logic used to convert a file system
path to a unit name see path to a unit name see
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Note that <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Note that

View File

@ -51,7 +51,7 @@
<para>Device units are named after the <filename>/sys</filename> <para>Device units are named after the <filename>/sys</filename>
and <filename>/dev</filename> paths they control. Example: the and <filename>/dev</filename> paths they control. Example: the
device <filename noindex='true'>/dev/sda5</filename> is exposed in device <filename index="false">/dev/sda5</filename> is exposed in
systemd as <filename>dev-sda5.device</filename>. For details about systemd as <filename>dev-sda5.device</filename>. For details about
the escaping logic used to convert a file system path to a unit the escaping logic used to convert a file system path to a unit
name see name see

View File

@ -356,11 +356,12 @@
<para>Example: if a unit has the following, <para>Example: if a unit has the following,
<programlisting>CapabilityBoundingSet=CAP_A CAP_B <programlisting>CapabilityBoundingSet=CAP_A CAP_B
CapabilityBoundingSet=CAP_B CAP_C</programlisting> CapabilityBoundingSet=CAP_B CAP_C</programlisting>
then <constant>CAP_A</constant>, <constant>CAP_B</constant>, and <constant>CAP_C</constant> are set. then <constant index='false'>CAP_A</constant>, <constant index='false'>CAP_B</constant>, and
If the second line is prefixed with <literal>~</literal>, e.g., <constant index='false'>CAP_C</constant> are set. If the second line is prefixed with
<literal>~</literal>, e.g.,
<programlisting>CapabilityBoundingSet=CAP_A CAP_B <programlisting>CapabilityBoundingSet=CAP_A CAP_B
CapabilityBoundingSet=~CAP_B CAP_C</programlisting> CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
then, only <constant>CAP_A</constant> is set.</para></listitem> then, only <constant index='false'>CAP_A</constant> is set.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
@ -994,8 +995,10 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
<para>Example: if a system service unit has the following, <para>Example: if a system service unit has the following,
<programlisting>RuntimeDirectory=foo/bar baz</programlisting> <programlisting>RuntimeDirectory=foo/bar baz</programlisting>
the service manager creates <filename>/run/foo</filename> (if it does not exist), the service manager creates <filename>/run/foo</filename> (if it does not exist),
<filename>/run/foo/bar</filename>, and <filename>/run/baz</filename>. The directories
<filename>/run/foo/bar</filename> and <filename>/run/baz</filename> except <filename>/run/foo</filename> are <filename index='false'>/run/foo/bar</filename>, and <filename index='false'>/run/baz</filename>. The
directories <filename index='false'>/run/foo/bar</filename> and
<filename index='false'>/run/baz</filename> except <filename index='false'>/run/foo</filename> are
owned by the user and group specified in <varname>User=</varname> and <varname>Group=</varname>, and removed owned by the user and group specified in <varname>User=</varname> and <varname>Group=</varname>, and removed
when the service is stopped.</para> when the service is stopped.</para>

View File

@ -24,7 +24,7 @@
<refsynopsisdiv> <refsynopsisdiv>
<cmdsynopsis> <cmdsynopsis>
<command>/path/to/generator</command> <command index='false'>/path/to/generator</command>
<arg choice="plain"><replaceable>normal-dir</replaceable></arg> <arg choice="plain"><replaceable>normal-dir</replaceable></arg>
<arg choice="plain"><replaceable>early-dir</replaceable></arg> <arg choice="plain"><replaceable>early-dir</replaceable></arg>
<arg choice="plain"><replaceable>late-dir</replaceable></arg> <arg choice="plain"><replaceable>late-dir</replaceable></arg>

View File

@ -709,7 +709,7 @@ ID_NET_LINK_FILE=/usr/lib/systemd/network/99-default.link
</programlisting> </programlisting>
<para>In this case, the interface was already renamed, so the <option>keep</option> policy specified as <para>In this case, the interface was already renamed, so the <option>keep</option> policy specified as
the first option in <filename noindex='true'>99-default.link</filename> means that the existing name is the first option in <filename index="false">99-default.link</filename> means that the existing name is
preserved. If <option>keep</option> was removed, or if were in boot before the renaming has happened, preserved. If <option>keep</option> was removed, or if were in boot before the renaming has happened,
we might get the following instead:</para> we might get the following instead:</para>

View File

@ -60,7 +60,7 @@
must be run as UID 0.</para> must be run as UID 0.</para>
<para>Mount units must be named after the mount point directories they control. Example: the mount point <filename <para>Mount units must be named after the mount point directories they control. Example: the mount point <filename
noindex='true'>/home/lennart</filename> must be configured in a unit file <filename>home-lennart.mount</filename>. index="false">/home/lennart</filename> must be configured in a unit file <filename>home-lennart.mount</filename>.
For details about the escaping logic used to convert a file system path to a unit name, see For details about the escaping logic used to convert a file system path to a unit name, see
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Note that mount <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Note that mount
units cannot be templated, nor is possible to add multiple names to a mount unit by creating additional symlinks to units cannot be templated, nor is possible to add multiple names to a mount unit by creating additional symlinks to

View File

@ -300,7 +300,7 @@
again. Previously, this naming policy applied implicitly, and now it must be explicitly again. Previously, this naming policy applied implicitly, and now it must be explicitly
requested. Effectively, this means that network devices will be renamed according to the requested. Effectively, this means that network devices will be renamed according to the
configuration, even if they have been renamed already, if <constant>keep</constant> is not configuration, even if they have been renamed already, if <constant>keep</constant> is not
specified as the naming policy in the <filename noindex='true'>.link</filename> file. See specified as the naming policy in the <filename index="false">.link</filename> file. See
<citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry> <citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for a description of <varname>NamePolicy=</varname>.</para></listitem> for a description of <varname>NamePolicy=</varname>.</para></listitem>
</varlistentry> </varlistentry>
@ -310,7 +310,7 @@
<listitem><para><option>MACAddressPolicy=persistent</option> was extended to set MAC addresses <listitem><para><option>MACAddressPolicy=persistent</option> was extended to set MAC addresses
based on the device name. Previously addresses were only based on the based on the device name. Previously addresses were only based on the
<varname noindex='true'>ID_NET_NAME_*</varname> attributes, which meant that interface names would <varname index="false">ID_NET_NAME_*</varname> attributes, which meant that interface names would
never be generated for virtual devices. Now a persistent address will be generated for most never be generated for virtual devices. Now a persistent address will be generated for most
devices, including in particular bridges.</para> devices, including in particular bridges.</para>

View File

@ -35,13 +35,13 @@
<listitem> <listitem>
<para>The package manager prepares system updates by downloading all (RPM or DEB or <para>The package manager prepares system updates by downloading all (RPM or DEB or
whatever) packages to update off-line in a special directory whatever) packages to update off-line in a special directory
<filename noindex="true">/var/lib/system-update</filename> (or <filename index="false">/var/lib/system-update</filename> (or
another directory of the package/upgrade manager's choice).</para> another directory of the package/upgrade manager's choice).</para>
</listitem> </listitem>
<listitem> <listitem>
<para>When the user OK'ed the update, the symlink <filename>/system-update</filename> is <para>When the user OK'ed the update, the symlink <filename>/system-update</filename> is
created that points to <filename noindex="true">/var/lib/system-update</filename> (or created that points to <filename index="false">/var/lib/system-update</filename> (or
wherever the directory with the upgrade files is located) and the system is rebooted. This wherever the directory with the upgrade files is located) and the system is rebooted. This
symlink is in the root directory, since we need to check for it very early at boot, at a symlink is in the root directory, since we need to check for it very early at boot, at a
time where <filename>/var</filename> is not available yet.</para> time where <filename>/var</filename> is not available yet.</para>
@ -106,12 +106,12 @@
<orderedlist> <orderedlist>
<listitem> <listitem>
<para>To make things a bit more robust we recommend hooking the update script into <para>To make things a bit more robust we recommend hooking the update script into
<filename>system-update.target</filename> via a <filename noindex='true'>.wants/</filename> <filename>system-update.target</filename> via a <filename index="false">.wants/</filename>
symlink in the distribution package, rather than depending on <command>systemctl symlink in the distribution package, rather than depending on <command>systemctl
enable</command> in the postinst scriptlets of your package. More specifically, for your enable</command> in the postinst scriptlets of your package. More specifically, for your
update script create a .service file, without [Install] section, and then add a symlink like update script create a .service file, without [Install] section, and then add a symlink like
<filename noindex='true'>/usr/lib/systemd/system-update.target.wants/foobar.service</filename> <filename index="false">/usr/lib/systemd/system-update.target.wants/foobar.service</filename>
<filename noindex='true'>../foobar.service</filename> to your package.</para> <filename index="false">../foobar.service</filename> to your package.</para>
</listitem> </listitem>
<listitem> <listitem>
@ -144,7 +144,7 @@
<varname>Wants=system-update-pre.target</varname> and <varname>Wants=system-update-pre.target</varname> and
<varname>Before=system-update-pre.target</varname> and add a symlink <varname>Before=system-update-pre.target</varname> and add a symlink
to that file under to that file under
<filename noindex='true'>/usr/lib/systemd/system-update.target.wants</filename> <filename index="false">/usr/lib/systemd/system-update.target.wants</filename>
.</para> .</para>
</listitem> </listitem>
</orderedlist> </orderedlist>

View File

@ -91,7 +91,7 @@
<variablelist> <variablelist>
<varlistentry> <varlistentry>
<term><option>CPU</option></term> <term>CPU</term>
<listitem> <listitem>
<para><varname>CPUWeight=</varname> and <varname>StartupCPUWeight=</varname> replace <para><varname>CPUWeight=</varname> and <varname>StartupCPUWeight=</varname> replace
<varname>CPUShares=</varname> and <varname>StartupCPUShares=</varname>, respectively.</para> <varname>CPUShares=</varname> and <varname>StartupCPUShares=</varname>, respectively.</para>
@ -101,7 +101,7 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>Memory</option></term> <term>Memory</term>
<listitem> <listitem>
<para><varname>MemoryMax=</varname> replaces <varname>MemoryLimit=</varname>. <varname>MemoryLow=</varname> <para><varname>MemoryMax=</varname> replaces <varname>MemoryLimit=</varname>. <varname>MemoryLow=</varname>
and <varname>MemoryHigh=</varname> are effective only on unified hierarchy.</para> and <varname>MemoryHigh=</varname> are effective only on unified hierarchy.</para>
@ -109,10 +109,11 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>IO</option></term> <term>IO</term>
<listitem> <listitem>
<para><varname>IO</varname> prefixed settings are a superset of and replace <varname>BlockIO</varname> <para><literal>IO</literal>-prefixed settings are a superset of and replace
prefixed ones. On unified hierarchy, IO resource control also applies to buffered writes.</para> <literal>BlockIO</literal>-prefixed ones. On unified hierarchy, IO resource control also applies
to buffered writes.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>

View File

@ -574,8 +574,8 @@
<varlistentry> <varlistentry>
<term><varname>TimeoutStopSec=</varname></term> <term><varname>TimeoutStopSec=</varname></term>
<listitem><para>This option serves two purposes. First, it configures the time to wait for each <listitem><para>This option serves two purposes. First, it configures the time to wait for each
<constant>ExecStop=</constant> command. If any of them times out, subsequent <constant>ExecStop=</constant> commands <varname>ExecStop=</varname> command. If any of them times out, subsequent <varname>ExecStop=</varname> commands
are skipped and the service will be terminated by <constant>SIGTERM</constant>. If no <constant>ExecStop=</constant> are skipped and the service will be terminated by <constant>SIGTERM</constant>. If no <varname>ExecStop=</varname>
commands are specified, the service gets the <constant>SIGTERM</constant> immediately. Second, it configures the time commands are specified, the service gets the <constant>SIGTERM</constant> immediately. Second, it configures the time
to wait for the service itself to stop. If it doesn't terminate in the specified time, it will be forcibly terminated to wait for the service itself to stop. If it doesn't terminate in the specified time, it will be forcibly terminated
by <constant>SIGKILL</constant> (see <varname>KillMode=</varname> in by <constant>SIGKILL</constant> (see <varname>KillMode=</varname> in
@ -1329,8 +1329,8 @@ WantedBy=multi-user.target</programlisting>
<para><varname>Type=</varname><option>oneshot</option> are the <para><varname>Type=</varname><option>oneshot</option> are the
only service units that may have more than one only service units that may have more than one
<varname>ExecStart=</varname> specified. For units with multiple <varname>ExecStart=</varname> specified. For units with multiple
commands (<varname noindex="true">Type=oneshot</varname>), all commands will be run again.</para> commands (<varname index="false">Type=oneshot</varname>), all commands will be run again.</para>
<para> For <varname noindex="true">Type=oneshot</varname>, <varname>Restart=</varname><option>always</option> <para> For <varname index="false">Type=oneshot</varname>, <varname>Restart=</varname><option>always</option>
and <varname>Restart=</varname><option>on-success</option> are <emphasis>not</emphasis> allowed.</para> and <varname>Restart=</varname><option>on-success</option> are <emphasis>not</emphasis> allowed.</para>
</example> </example>

View File

@ -54,7 +54,7 @@
unit.</para> unit.</para>
<para>Swap units must be named after the devices or files they control. Example: the swap device <filename <para>Swap units must be named after the devices or files they control. Example: the swap device <filename
noindex='true'>/dev/sda5</filename> must be configured in a unit file <filename>dev-sda5.swap</filename>. For index="false">/dev/sda5</filename> must be configured in a unit file <filename>dev-sda5.swap</filename>. For
details about the escaping logic used to convert a file system path to a unit name, see details about the escaping logic used to convert a file system path to a unit name, see
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Note that swap <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Note that swap
units cannot be templated, nor is possible to add multiple names to a swap unit by creating additional symlinks to units cannot be templated, nor is possible to add multiple names to a swap unit by creating additional symlinks to

View File

@ -48,7 +48,7 @@
<filename>/run/systemd/system/*</filename> <filename>/run/systemd/system/*</filename>
<filename>/run/systemd/systemd.attached/*</filename> <filename>/run/systemd/systemd.attached/*</filename>
<filename>/run/systemd/generator/*</filename> <filename>/run/systemd/generator/*</filename>
<filename></filename> <filename index='false'></filename>
<filename>/usr/lib/systemd/system/*</filename> <filename>/usr/lib/systemd/system/*</filename>
<filename>/run/systemd/generator.late/*</filename></literallayout></para> <filename>/run/systemd/generator.late/*</filename></literallayout></para>
</refsect2> </refsect2>
@ -65,7 +65,7 @@
<filename>/run/systemd/user/*</filename> <filename>/run/systemd/user/*</filename>
<filename>$XDG_RUNTIME_DIR/systemd/generator/*</filename> <filename>$XDG_RUNTIME_DIR/systemd/generator/*</filename>
<filename>~/.local/share/systemd/user/*</filename> <filename>~/.local/share/systemd/user/*</filename>
<filename></filename> <filename index='false'></filename>
<filename>/usr/lib/systemd/user/*</filename> <filename>/usr/lib/systemd/user/*</filename>
<filename>$XDG_RUNTIME_DIR/systemd/generator.late/*</filename></literallayout></para> <filename>$XDG_RUNTIME_DIR/systemd/generator.late/*</filename></literallayout></para>
</refsect2> </refsect2>
@ -246,7 +246,7 @@
escaping is used, in order to map strings containing arbitrary byte values (except NUL) into valid unit names and escaping is used, in order to map strings containing arbitrary byte values (except NUL) into valid unit names and
their restricted character set. A common special case are unit names that reflect paths to objects in the file their restricted character set. A common special case are unit names that reflect paths to objects in the file
system hierarchy. Example: a device unit <filename>dev-sda.device</filename> refers to a device with the device system hierarchy. Example: a device unit <filename>dev-sda.device</filename> refers to a device with the device
node <filename noindex='true'>/dev/sda</filename> in the file system.</para> node <filename index="false">/dev/sda</filename> in the file system.</para>
<para>The escaping algorithm operates as follows: given a string, any <literal>/</literal> character is replaced by <para>The escaping algorithm operates as follows: given a string, any <literal>/</literal> character is replaced by
<literal>-</literal>, and all other characters which are not ASCII alphanumerics or <literal>_</literal> are <literal>-</literal>, and all other characters which are not ASCII alphanumerics or <literal>_</literal> are
@ -435,7 +435,7 @@
<entry>Units of packages that have been installed in the home directory (<varname>$XDG_DATA_HOME</varname> is used if set, <filename>~/.local/share</filename> otherwise)</entry> <entry>Units of packages that have been installed in the home directory (<varname>$XDG_DATA_HOME</varname> is used if set, <filename>~/.local/share</filename> otherwise)</entry>
</row> </row>
<row> <row>
<entry><filename>$dir/systemd/user</filename> for each <varname noindex='true'>$dir</varname> in <varname>$XDG_DATA_DIRS</varname></entry> <entry><filename>$dir/systemd/user</filename> for each <varname index="false">$dir</varname> in <varname>$XDG_DATA_DIRS</varname></entry>
<entry>Additional locations for installed user units, one for each entry in <varname>$XDG_DATA_DIRS</varname></entry> <entry>Additional locations for installed user units, one for each entry in <varname>$XDG_DATA_DIRS</varname></entry>
</row> </row>
<row> <row>
@ -1026,8 +1026,8 @@
<refsect2> <refsect2>
<title>Conditions and Asserts</title> <title>Conditions and Asserts</title>
<para>Unit files may also include a number of <varname noindex="true">Condition…=</varname> and <para>Unit files may also include a number of <varname index="false">Condition…=</varname> and
<varname noindex="true">Assert…=</varname> settings. Before the unit is started, systemd will verify <varname index="false">Assert…=</varname> settings. Before the unit is started, systemd will verify
that the specified conditions are true. If not, the starting of the unit will be (mostly silently) that the specified conditions are true. If not, the starting of the unit will be (mostly silently)
skipped. Failing conditions will not result in the unit being moved into the <literal>failed</literal> skipped. Failing conditions will not result in the unit being moved into the <literal>failed</literal>
state. The conditions are checked at the time the queued start job is to be executed. The ordering state. The conditions are checked at the time the queued start job is to be executed. The ordering
@ -1731,7 +1731,7 @@ Note that this setting is <emphasis>not</emphasis> influenced by the <varname>Us
<row> <row>
<entry><literal>%L</literal></entry> <entry><literal>%L</literal></entry>
<entry>Log directory root</entry> <entry>Log directory root</entry>
<entry>This is either <filename>/var/log</filename> (for the system manager) or the path <literal>$XDG_CONFIG_HOME</literal> resolves to with <filename noindex='true'>/log</filename> appended (for user managers).</entry> <entry>This is either <filename>/var/log</filename> (for the system manager) or the path <literal>$XDG_CONFIG_HOME</literal> resolves to with <filename index="false">/log</filename> appended (for user managers).</entry>
</row> </row>
<row> <row>
<entry><literal>%m</literal></entry> <entry><literal>%m</literal></entry>

View File

@ -33,7 +33,7 @@
<para><literallayout><filename>~/.config/user-tmpfiles.d/*.conf</filename> <para><literallayout><filename>~/.config/user-tmpfiles.d/*.conf</filename>
<filename>$XDG_RUNTIME_DIR/user-tmpfiles.d/*.conf</filename> <filename>$XDG_RUNTIME_DIR/user-tmpfiles.d/*.conf</filename>
<filename>~/.local/share/user-tmpfiles.d/*.conf</filename> <filename>~/.local/share/user-tmpfiles.d/*.conf</filename>
<filename></filename> <filename index='false'></filename>
<filename>/usr/share/user-tmpfiles.d/*.conf</filename> <filename>/usr/share/user-tmpfiles.d/*.conf</filename>
</literallayout></para> </literallayout></para>
@ -654,7 +654,7 @@ w- /proc/sys/vm/swappiness - - - - 10</programlisting></para>
<row> <row>
<entry><literal>%L</literal></entry> <entry><literal>%L</literal></entry>
<entry>System or user log directory</entry> <entry>System or user log directory</entry>
<entry>In <option>--user</option> mode, this is the same as <varname>$XDG_CONFIG_HOME</varname> with <filename noindex='true'>/log</filename> appended, and <filename>/var/log</filename> otherwise.</entry> <entry>In <option>--user</option> mode, this is the same as <varname>$XDG_CONFIG_HOME</varname> with <filename index="false">/log</filename> appended, and <filename>/var/log</filename> otherwise.</entry>
</row> </row>
<row> <row>
<entry><literal>%m</literal></entry> <entry><literal>%m</literal></entry>

View File

@ -68,16 +68,16 @@
different levels. As described in the previous section, <filename>user.slice</filename> contains different levels. As described in the previous section, <filename>user.slice</filename> contains
processes of all users, so any resource limits on that slice apply to all users together. The processes of all users, so any resource limits on that slice apply to all users together. The
usual way to configure them would be through drop-ins, e.g. <filename usual way to configure them would be through drop-ins, e.g. <filename
noindex='true'>/etc/systemd/system/user.slice.d/resources.conf</filename>. index="false">/etc/systemd/system/user.slice.d/resources.conf</filename>.
</para> </para>
<para>The processes of a single user are collected under <para>The processes of a single user are collected under
<filename>user-<replaceable>UID</replaceable>.slice</filename>. Resource limits for that user <filename>user-<replaceable>UID</replaceable>.slice</filename>. Resource limits for that user
can be configured through drop-ins for that unit, e.g. <filename can be configured through drop-ins for that unit, e.g. <filename
noindex='true'>/etc/systemd/system/user-1000.slice.d/resources.conf</filename>. If the limits index="false">/etc/systemd/system/user-1000.slice.d/resources.conf</filename>. If the limits
should apply to all users instead, they may be configured through drop-ins for the truncated should apply to all users instead, they may be configured through drop-ins for the truncated
unit name, <filename>user-.slice</filename>. For example, configuration in <filename unit name, <filename>user-.slice</filename>. For example, configuration in <filename
noindex='true'>/etc/systemd/system/user-.slice.d/resources.conf</filename> is included in all index="false">/etc/systemd/system/user-.slice.d/resources.conf</filename> is included in all
<filename>user-<replaceable>UID</replaceable>.slice</filename> units, see <filename>user-<replaceable>UID</replaceable>.slice</filename> units, see
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for a discussion of the drop-in mechanism.</para> for a discussion of the drop-in mechanism.</para>
@ -141,20 +141,20 @@ Control group /:
│ └─6706 /usr/bin/sleep 30 │ └─6706 /usr/bin/sleep 30
</programlisting> </programlisting>
<para>User with UID 1000 is logged in using <command>gdm</command> (<filename <para>User with UID 1000 is logged in using <command>gdm</command> (<filename
noindex='true'>session-4.scope</filename>) and index="false">session-4.scope</filename>) and
<citerefentry><refentrytitle>ssh</refentrytitle><manvolnum>1</manvolnum></citerefentry> <citerefentry><refentrytitle>ssh</refentrytitle><manvolnum>1</manvolnum></citerefentry>
(<filename noindex='true'>session-19.scope</filename>), and also has a user manager instance (<filename index="false">session-19.scope</filename>), and also has a user manager instance
running (<filename noindex='true'>user@1000.service</filename>). User with UID 1001 is logged running (<filename index="false">user@1000.service</filename>). User with UID 1001 is logged
in using <command>ssh</command> (<filename noindex='true'>session-20.scope</filename>) and in using <command>ssh</command> (<filename index="false">session-20.scope</filename>) and
also has a user manager instance running (<filename also has a user manager instance running (<filename
noindex='true'>user@1001.service</filename>). Those are all (leaf) system units, and form index="false">user@1001.service</filename>). Those are all (leaf) system units, and form
part of the slice hierarchy, with <filename noindex='true'>user-1000.slice</filename> and part of the slice hierarchy, with <filename index="false">user-1000.slice</filename> and
<filename noindex='true'>user-1001.slice</filename> below <filename <filename index="false">user-1001.slice</filename> below <filename
noindex='true'>user.slice</filename>. User units are visible below the index="false">user.slice</filename>. User units are visible below the
<filename>user@.service</filename> instances (<filename <filename>user@.service</filename> instances (<filename
noindex='true'>pulseaudio.service</filename>, <filename index="false">pulseaudio.service</filename>, <filename
noindex='true'>gnome-terminal-server.service</filename>, <filename index="false">gnome-terminal-server.service</filename>, <filename
noindex='true'>init.scope</filename>, <filename noindex='true'>sleep.service</filename>). index="false">init.scope</filename>, <filename index="false">sleep.service</filename>).
</para> </para>
</example> </example>

View File

@ -20,6 +20,7 @@
#include "macro.h" #include "macro.h"
#include "missing_syscall.h" #include "missing_syscall.h"
#include "mountpoint-util.h" #include "mountpoint-util.h"
#include "nulstr-util.h"
#include "stat-util.h" #include "stat-util.h"
#include "string-util.h" #include "string-util.h"
#include "strv.h" #include "strv.h"
@ -913,64 +914,29 @@ int copy_times(int fdf, int fdt, CopyFlags flags) {
} }
int copy_xattr(int fdf, int fdt) { int copy_xattr(int fdf, int fdt) {
_cleanup_free_ char *bufa = NULL, *bufb = NULL; _cleanup_free_ char *names = NULL;
size_t sza = 100, szb = 100; int ret = 0, r;
ssize_t n;
int ret = 0;
const char *p; const char *p;
for (;;) { r = flistxattr_malloc(fdf, &names);
bufa = malloc(sza); if (r < 0)
if (!bufa) return r;
return -ENOMEM;
n = flistxattr(fdf, bufa, sza); NULSTR_FOREACH(p, names) {
if (n == 0) _cleanup_free_ char *value = NULL;
return 0;
if (n > 0)
break;
if (errno != ERANGE)
return -errno;
sza *= 2; if (!startswith(p, "user."))
bufa = mfree(bufa);
}
p = bufa;
while (n > 0) {
size_t l;
l = strlen(p);
assert(l < (size_t) n);
if (startswith(p, "user.")) {
ssize_t m;
if (!bufb) {
bufb = malloc(szb);
if (!bufb)
return -ENOMEM;
}
m = fgetxattr(fdf, p, bufb, szb);
if (m < 0) {
if (errno == ERANGE) {
szb *= 2;
bufb = mfree(bufb);
continue; continue;
}
return -errno; r = fgetxattr_malloc(fdf, p, &value);
} if (r == -ENODATA)
continue; /* gone by now */
if (r < 0)
return r;
if (fsetxattr(fdt, p, bufb, m, 0) < 0) if (fsetxattr(fdt, p, value, r, 0) < 0)
ret = -errno; ret = -errno;
} }
p += l + 1;
n -= l + 1;
}
return ret; return ret;
} }

View File

@ -17,17 +17,23 @@
#include "time-util.h" #include "time-util.h"
#include "xattr-util.h" #include "xattr-util.h"
int getxattr_malloc(const char *path, const char *name, char **value, bool allow_symlink) { int getxattr_malloc(
char *v; const char *path,
size_t l; const char *name,
ssize_t n; char **ret,
bool allow_symlink) {
size_t l = 100;
assert(path); assert(path);
assert(name); assert(name);
assert(value); assert(ret);
for (l = 100; ; l = (size_t) n + 1 /* extra byte to make sure this remains NUL suffixed */) { for(;;) {
v = new0(char, l); _cleanup_free_ char *v = NULL;
ssize_t n;
v = new0(char, l+1);
if (!v) if (!v)
return -ENOMEM; return -ENOMEM;
@ -35,15 +41,14 @@ int getxattr_malloc(const char *path, const char *name, char **value, bool allow
n = lgetxattr(path, name, v, l); n = lgetxattr(path, name, v, l);
else else
n = getxattr(path, name, v, l); n = getxattr(path, name, v, l);
if (n >= 0 && (size_t) n < l) { if (n < 0) {
*value = v; if (errno != ERANGE)
return n;
}
free(v);
if (n < 0 && errno != ERANGE)
return -errno; return -errno;
} else {
v[n] = 0; /* NUL terminate */
*ret = TAKE_PTR(v);
return (int) n;
}
if (allow_symlink) if (allow_symlink)
n = lgetxattr(path, name, NULL, 0); n = lgetxattr(path, name, NULL, 0);
@ -51,37 +56,49 @@ int getxattr_malloc(const char *path, const char *name, char **value, bool allow
n = getxattr(path, name, NULL, 0); n = getxattr(path, name, NULL, 0);
if (n < 0) if (n < 0)
return -errno; return -errno;
if (n > INT_MAX) /* We couldn't return this as 'int' anymore */
return -E2BIG;
l = (size_t) n;
} }
} }
int fgetxattr_malloc(int fd, const char *name, char **value) { int fgetxattr_malloc(
char *v; int fd,
size_t l; const char *name,
ssize_t n; char **ret) {
size_t l = 100;
assert(fd >= 0); assert(fd >= 0);
assert(name); assert(name);
assert(value); assert(ret);
for (l = 100;; l = (size_t) n + 1 /* extra byte to make sure this remains NUL suffixed */) { for (;;) {
v = new0(char, l); _cleanup_free_ char *v = NULL;
ssize_t n;
v = new(char, l+1);
if (!v) if (!v)
return -ENOMEM; return -ENOMEM;
n = fgetxattr(fd, name, v, l); n = fgetxattr(fd, name, v, l);
if (n >= 0 && (size_t) n < l) { if (n < 0) {
*value = v; if (errno != ERANGE)
return n;
}
free(v);
if (n < 0 && errno != ERANGE)
return -errno; return -errno;
} else {
v[n] = 0; /* NUL terminate */
*ret = TAKE_PTR(v);
return (int) n;
}
n = fgetxattr(fd, name, NULL, 0); n = fgetxattr(fd, name, NULL, 0);
if (n < 0) if (n < 0)
return -errno; return -errno;
if (n > INT_MAX) /* We couldn't return this as 'int' anymore */
return -E2BIG;
l = (size_t) n;
} }
} }
@ -217,3 +234,37 @@ int fd_setcrtime(int fd, usec_t usec) {
return 0; return 0;
} }
int flistxattr_malloc(int fd, char **ret) {
size_t l = 100;
assert(fd >= 0);
assert(ret);
for (;;) {
_cleanup_free_ char *v = NULL;
ssize_t n;
v = new(char, l+1);
if (!v)
return -ENOMEM;
n = flistxattr(fd, v, l);
if (n < 0) {
if (errno != ERANGE)
return -errno;
} else {
v[n] = 0; /* NUL terminate */
*ret = TAKE_PTR(v);
return (int) n;
}
n = flistxattr(fd, NULL, 0);
if (n < 0)
return -errno;
if (n > INT_MAX) /* We couldn't return this as 'int' anymore */
return -E2BIG;
l = (size_t) n;
}
}

View File

@ -23,3 +23,5 @@ int fd_setcrtime(int fd, usec_t usec);
int fd_getcrtime(int fd, usec_t *usec); int fd_getcrtime(int fd, usec_t *usec);
int path_getcrtime(const char *p, usec_t *usec); int path_getcrtime(const char *p, usec_t *usec);
int fd_getcrtime_at(int dirfd, const char *name, usec_t *usec, int flags); int fd_getcrtime_at(int dirfd, const char *name, usec_t *usec, int flags);
int flistxattr_malloc(int fd, char **ret);

View File

@ -1,5 +1,6 @@
/* SPDX-License-Identifier: LGPL-2.1+ */ /* SPDX-License-Identifier: LGPL-2.1+ */
#include <sys/xattr.h>
#include <unistd.h> #include <unistd.h>
#include "alloc-util.h" #include "alloc-util.h"
@ -7,6 +8,7 @@
#include "fd-util.h" #include "fd-util.h"
#include "fileio.h" #include "fileio.h"
#include "fs-util.h" #include "fs-util.h"
#include "hexdecoct.h"
#include "log.h" #include "log.h"
#include "macro.h" #include "macro.h"
#include "mkdir.h" #include "mkdir.h"
@ -18,6 +20,7 @@
#include "tmpfile-util.h" #include "tmpfile-util.h"
#include "user-util.h" #include "user-util.h"
#include "util.h" #include "util.h"
#include "xattr-util.h"
static void test_copy_file(void) { static void test_copy_file(void) {
_cleanup_free_ char *buf = NULL; _cleanup_free_ char *buf = NULL;
@ -75,14 +78,16 @@ static void test_copy_file_fd(void) {
} }
static void test_copy_tree(void) { static void test_copy_tree(void) {
char original_dir[] = "/tmp/test-copy_tree/"; char original_dir[] = "/var/tmp/test-copy_tree/";
char copy_dir[] = "/tmp/test-copy_tree-copy/"; char copy_dir[] = "/var/tmp/test-copy_tree-copy/";
char **files = STRV_MAKE("file", "dir1/file", "dir1/dir2/file", "dir1/dir2/dir3/dir4/dir5/file"); char **files = STRV_MAKE("file", "dir1/file", "dir1/dir2/file", "dir1/dir2/dir3/dir4/dir5/file");
char **links = STRV_MAKE("link", "file", char **links = STRV_MAKE("link", "file",
"link2", "dir1/file"); "link2", "dir1/file");
char **p, **link;
const char *unixsockp; const char *unixsockp;
char **p, **link;
struct stat st; struct stat st;
int xattr_worked = -1; /* xattr support is optional in temporary directories, hence use it if we can,
* but don't fail if we can't */
log_info("%s", __func__); log_info("%s", __func__);
@ -90,12 +95,19 @@ static void test_copy_tree(void) {
(void) rm_rf(original_dir, REMOVE_ROOT|REMOVE_PHYSICAL); (void) rm_rf(original_dir, REMOVE_ROOT|REMOVE_PHYSICAL);
STRV_FOREACH(p, files) { STRV_FOREACH(p, files) {
_cleanup_free_ char *f; _cleanup_free_ char *f, *c;
int k;
assert_se(f = path_join(original_dir, *p)); assert_se(f = path_join(original_dir, *p));
assert_se(mkdir_parents(f, 0755) >= 0); assert_se(mkdir_parents(f, 0755) >= 0);
assert_se(write_string_file(f, "file", WRITE_STRING_FILE_CREATE) == 0); assert_se(write_string_file(f, "file", WRITE_STRING_FILE_CREATE) == 0);
assert_se(base64mem(*p, strlen(*p), &c) >= 0);
k = setxattr(f, "user.testxattr", c, strlen(c), 0);
assert_se(xattr_worked < 0 || ((k >= 0) == !!xattr_worked));
xattr_worked = k >= 0;
} }
STRV_FOREACH_PAIR(link, p, links) { STRV_FOREACH_PAIR(link, p, links) {
@ -114,14 +126,25 @@ static void test_copy_tree(void) {
assert_se(copy_tree(original_dir, copy_dir, UID_INVALID, GID_INVALID, COPY_REFLINK|COPY_MERGE) == 0); assert_se(copy_tree(original_dir, copy_dir, UID_INVALID, GID_INVALID, COPY_REFLINK|COPY_MERGE) == 0);
STRV_FOREACH(p, files) { STRV_FOREACH(p, files) {
_cleanup_free_ char *buf, *f; _cleanup_free_ char *buf, *f, *c = NULL;
size_t sz; size_t sz;
int k;
assert_se(f = path_join(copy_dir, *p)); assert_se(f = path_join(copy_dir, *p));
assert_se(access(f, F_OK) == 0); assert_se(access(f, F_OK) == 0);
assert_se(read_full_file(f, &buf, &sz) == 0); assert_se(read_full_file(f, &buf, &sz) == 0);
assert_se(streq(buf, "file\n")); assert_se(streq(buf, "file\n"));
k = getxattr_malloc(f, "user.testxattr", &c, false);
assert_se(xattr_worked < 0 || ((k >= 0) == !!xattr_worked));
if (k >= 0) {
_cleanup_free_ char *d = NULL;
assert_se(base64mem(*p, strlen(*p), &d) >= 0);
assert_se(streq(d, c));
}
} }
STRV_FOREACH_PAIR(link, p, links) { STRV_FOREACH_PAIR(link, p, links) {

View File

@ -187,10 +187,13 @@ def _extract_directives(directive_groups, formatting, page):
storvar if klass else storopt)): storvar if klass else storopt)):
for name in variablelist.iterfind(xpath): for name in variablelist.iterfind(xpath):
text = re.sub(r'([= ]).*', r'\1', name.text).rstrip() text = re.sub(r'([= ]).*', r'\1', name.text).rstrip()
if text.startswith('-'):
# for options, merge options with and without mandatory arg
text = text.partition('=')[0]
stor[text].append((pagename, section)) stor[text].append((pagename, section))
if text not in formatting: if text not in formatting:
# use element as formatted display # use element as formatted display
if name.text[-1] in '= ': if name.text[-1] in "= '":
name.clear() name.clear()
else: else:
name.tail = '' name.tail = ''
@ -204,7 +207,7 @@ def _extract_directives(directive_groups, formatting, page):
for name in t.iterfind(xpath): for name in t.iterfind(xpath):
if absolute_only and not (name.text and name.text.startswith('/')): if absolute_only and not (name.text and name.text.startswith('/')):
continue continue
if name.attrib.get('noindex'): if name.attrib.get('index') == 'false':
continue continue
name.tail = '' name.tail = ''
if name.text: if name.text:
@ -228,7 +231,7 @@ def _extract_directives(directive_groups, formatting, page):
storfile = directive_groups['constants'] storfile = directive_groups['constants']
for name in t.iterfind('.//constant'): for name in t.iterfind('.//constant'):
if name.attrib.get('noindex'): if name.attrib.get('index') == 'false':
continue continue
name.tail = '' name.tail = ''
if name.text.startswith('('): # a cast, strip it if name.text.startswith('('): # a cast, strip it