Compare commits

...

16 Commits

Author SHA1 Message Date
Lennart Poettering b3077c47a8
Merge pull request #16344 from keszybz/update-utmp-erofs
Make update-utmp not fail if it only fails to write wtmp records
2020-07-06 17:52:17 +02:00
Maciej S. Szmigiero c5bc4f77d9 hwdb: add another Logitech M705 mouse variant
There seems to be a newer version of Logitech M705 mouse in the wild.
Let's add it to the hwdb.

Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
2020-07-06 17:17:52 +02:00
Zbigniew Jędrzejewski-Szmek 5544cd3199
Merge pull request #16373 from JackFangXN/master
userdbctl homectl use table_log_add_error()
2020-07-06 17:14:07 +02:00
Frantisek Sumsal 9a61e8fca2 unit-name: fix a potential memory leak
Also, add a test which verifies the issue is indeed gone.

Fixes: CID#1429014
Followup to: ab19db01ae
2020-07-06 17:13:37 +02:00
Zbigniew Jędrzejewski-Szmek b37e4d9c87
Merge pull request #16370 from keszybz/tree-wide-spelling
Assorted spelling, markup, and grammar fixes
2020-07-06 15:57:47 +02:00
Vito Caputo e26538dd04 network: tc: fix n_prio bounds check
Looks like a simple copy and paste error

Fixes https://github.com/systemd/systemd/issues/16367
2020-07-06 15:52:17 +02:00
fangxiuning f987a261b4 userdbctl homectl use table_log_add_error()
Signed-off-by: fangxiuning <fangxiuning123@126.com>
2020-07-06 21:32:22 +08:00
Zbigniew Jędrzejewski-Szmek f04a98e13f Fix two typos found by codespell 2020-07-06 15:09:23 +02:00
Zbigniew Jędrzejewski-Szmek bdac560801 tree-wide: drop quotes from around [section]
For users, the square brackets already serve as markup and clearly delineate
the section name from surrounding text. Putting additional markup around that
only adds clutter. Also, we were very inconsistent in using the quotes. Let's
just drop them altogether.
2020-07-06 11:29:05 +02:00
Zbigniew Jędrzejewski-Szmek e9dd698407 tree-wide: fixes for assorted grammar and spelling issues
Fixes #16363. Also includes some changes where I generalized the pattern.
2020-07-06 11:29:05 +02:00
Zbigniew Jędrzejewski-Szmek ca1d199b48 update-utmp: do not fail on EROFS
Right now systemd-update-utmp.service would fail on read-only /var because
it was not able to write the wtmp record. But it still writes the utmp
record just fine, so runtime information is OK. I don't think we need to
make too much fuss about not being able to save wtmp info.
2020-07-05 12:44:35 +02:00
Zbigniew Jędrzejewski-Szmek c2a9909377 Define _cleanup_ helper for setutxent()+endutxent() 2020-07-05 12:16:01 +02:00
Zbigniew Jędrzejewski-Szmek 272ac70a21 various daemons: emit Stopping... notification before destructing the manager object
This is mostly cosmetic, but let's reorder the destructors so that
we do the final sd_notify() call before we run the destructor for
the manager object.
2020-07-02 17:12:23 +02:00
Zbigniew Jędrzejewski-Szmek cc090ca7fe initctl: use _cleanup_ and run() 2020-07-02 17:12:23 +02:00
Zbigniew Jędrzejewski-Szmek e9d9d50cef initctl,update-utmp: define iterator variable in loop 2020-07-02 17:12:23 +02:00
Zbigniew Jędrzejewski-Szmek bc9d1dbfc8 update-utmp,initctl: drop ppid check
Such checks make debugging harder but serve no useful purpose otherwise.
We got rid of all the checks for root, let's kill those too.
2020-07-02 17:12:23 +02:00
107 changed files with 828 additions and 927 deletions

View File

@ -628,7 +628,7 @@ hash to test this derived secret key against for authentication. It is
generally recommended that for each entry in `fido2HmacSalt` there's also a
matching one in `fido2HmacCredential`, and vice versa, with the same credential
ID, appearing in the same order, but this should not be required by
applications processing user recrods.
applications processing user records.
## Fields in the `perMachine` section

View File

@ -381,6 +381,10 @@ mouse:usb:v046dp101b:name:Logitech M705:
mouse:usb:v046dpc52b:name:Logitech Unifying Device. Wireless PID:101b:
MOUSE_DPI=1000@125
# Logitech M705 (newer version?)
mouse:usb:v046dp406d:name:Logitech M705:
MOUSE_DPI=1000@167
# Logitech M305 Wireless Optical Mouse
mouse:usb:v046dpc52f:name:Logitech USB Receiver:
MOUSE_DPI=1000@170

View File

@ -49,7 +49,7 @@
<title>Options</title>
<para>All options are configured in the
<literal>[Coredump]</literal> section:</para>
[Coredump] section:</para>
<variablelist class='config-directives'>

View File

@ -52,8 +52,8 @@
matching specified characteristics. If no command is
specified, this is the implied default.</para>
<para>The output is designed to be human readable and contains list contains
a table with the following columns:</para>
<para>The output is designed to be human readable and contains a table with the following
columns:</para>
<variablelist>
<varlistentry>
<term>TIME</term>

View File

@ -255,6 +255,7 @@
<listitem><para>Perform encryption using the same cpu that IO was submitted on. The default is to use
an unbound workqueue so that encryption work is automatically balanced between available CPUs.</para>
<para>This requires kernel 4.0 or newer.</para>
</listitem>
</varlistentry>
@ -263,9 +264,10 @@
<term><option>submit-from-crypt-cpus</option></term>
<listitem><para>Disable offloading writes to a separate thread after encryption. There are some
situations where offloading write bios from the encryption threads to a single thread degrades
performance significantly. The default is to offload write bios to the same thread because it benefits
CFQ to have writes submitted using the same context.</para>
situations where offloading write requests from the encryption threads to a dedicated thread degrades
performance significantly. The default is to offload write requests to a dedicated thread because it
benefits the CFQ scheduler to have writes submitted using the same context.</para>
<para>This requires kernel 4.0 or newer.</para>
</listitem>
</varlistentry>
@ -512,7 +514,8 @@ external /dev/sda3 keyfile:LABEL=keydev keyfile-timeout=10s</programlist
<para>The PKCS#11 logic allows hooking up any compatible security token that is capable of storing RSA
decryption keys. Here's an example how to set up a Yubikey security token for this purpose, using
<command>ykman</command> from the yubikey-manager project:</para>
<citerefentry project='debian'><refentrytitle>ykmap</refentrytitle><manvolnum>1</manvolnum></citerefentry>
from the yubikey-manager project:</para>
<programlisting><xi:include href="yubikey-crypttab.sh" parse="text" /></programlisting>

View File

@ -357,7 +357,7 @@
special target unit <filename>sockets.target</filename>. It is
recommended to place a
<varname>WantedBy=sockets.target</varname> directive in the
<literal>[Install]</literal> section to automatically add such a
[Install] section to automatically add such a
dependency on installation of a socket unit. Unless
<varname>DefaultDependencies=no</varname> is set, the necessary
ordering dependencies are implicitly created for all socket
@ -520,7 +520,7 @@
operating system-independent.</para></listitem>
<listitem><para>Make sure to include an
<literal>[Install]</literal> section including installation
[Install] section including installation
information for the unit file. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details. To activate your service on boot, make sure to

View File

@ -648,7 +648,7 @@
<filename>/usr/share/</filename> hierarchy to the locations
defined by the various relevant specifications.</para>
<para>During runtime, and for local configuration and state,
<para>During runtime, and for local configuration and runtime state,
additional directories are defined:</para>
<table>

View File

@ -119,9 +119,9 @@
<term><option>--identity=</option><replaceable>FILE</replaceable></term>
<listitem><para>Read the user's JSON record from the specified file. If passed as
<literal>-</literal> reads the user record from standard input. The supplied JSON object must follow
the structure documented on <ulink url="https://systemd.io/USER_RECORDS">JSON User
Records</ulink>. This option may be used in conjunction with the <command>create</command> and
<literal>-</literal> read the user record from standard input. The supplied JSON object must follow
the structure documented on <ulink url="https://systemd.io/USER_RECORD">JSON User Records</ulink>.
This option may be used in conjunction with the <command>create</command> and
<command>update</command> commands (see below), where it allows configuring the user record in JSON
as-is, instead of setting the individual user record properties (see below).</para></listitem>
</varlistentry>
@ -247,10 +247,9 @@
different system and the configured UID is taken by another user there, then
<command>systemd-homed</command> may assign the user a different UID on that system. The specified
UID must be outside of the system user range. It is recommended to use the 60001…60513 UID range for
this purpose. If not specified the UID is automatically picked. When logging in and the home
directory is found to be owned by a UID not matching the user's assigned one the home directory and
all files and directories inside it will have their ownership changed automatically before login
completes.</para>
this purpose. If not specified, the UID is automatically picked. If the home directory is found to be
owned by a different UID when logging in, the home directory and everything underneath it will have
its ownership changed automatically before login completes.</para>
<para>Note that users managed by <command>systemd-homed</command> always have a matching group
associated with the same name as well as a GID matching the UID of the user. Thus, configuring the
@ -266,19 +265,19 @@
privileges. Note that <command>systemd-homed</command> does not manage any groups besides a group
matching the user in name and numeric UID/GID. Thus any groups listed here must be registered
independently, for example with <citerefentry
project='man-pages'><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>. If
non-existent groups that are listed there are ignored. This option may be used more than once, in
which case all specified group lists are combined. If the user is currently a member of a group
which is not listed, the user will be removed from the group.</para></listitem>
project='man-pages'><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
Any non-existent groups are ignored. This option may be used more than once, in which case all
specified group lists are combined. If the user is currently a member of a group which is not listed,
the user will be removed from the group.</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--skel=</option><replaceable>PATH</replaceable></term>
<listitem><para>Takes a file system path to a directory. Specifies the skeleton directory to
initialize the home directory with. All files and directories in the specified are copied into any
newly create home directory. If not specified defaults to
<filename>/etc/skel/</filename>.</para></listitem>
initialize the home directory with. All files and directories in the specified path are copied into
any newly create home directory. If not specified defaults to <filename>/etc/skel/</filename>.
</para></listitem>
</varlistentry>
<varlistentry>
@ -313,7 +312,7 @@
<listitem><para>Takes a specifier indicating the preferred language of the user. The
<varname>$LANG</varname> environment variable is initialized from this value on login, and thus a
value suitable for this environment variable is accepted here, for example
<option>--language=de_DE.UTF8</option></para></listitem>
<option>--language=de_DE.UTF8</option>.</para></listitem>
</varlistentry>
<varlistentry>
@ -331,8 +330,8 @@
security token with exactly one pair of X.509 certificate and private key. A random secret key is
then generated, encrypted with the public key of the X.509 certificate, and stored as part of the
user record. At login time it is decrypted with the PKCS#11 module and then used to unlock the
account and associated resources. See below for an example how to set up authentication with security
token.</para>
account and associated resources. See below for an example how to set up authentication with a
security token.</para>
<para>Instead of a valid PKCS#11 URI, the special strings <literal>list</literal> and
<literal>auto</literal> may be specified. If <literal>list</literal> is passed, a brief table of
@ -439,19 +438,19 @@
<listitem><para>Each of these options takes a time span specification as argument (in the syntax
documented in
<citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>5</manvolnum></citerefentry>) and
configure various aspects of the user's password expiration policy. Specifically,
configures various aspects of the user's password expiration policy. Specifically,
<option>--password-change-min=</option> configures how much time has to pass after changing the
password of the user until the password may be changed again. If the user tries to change their
password before this time passes the attempt is refused. <option>--password-change-max=</option>
configures how much time has to pass after the password is changed until the password expires and
needs to be changed again. After this time passes any attempts to log in may only proceed after the
password is changed. <option>--password-change-warn=</option> specifies how much earlier than then
the time configured with <option>--password-change-max=</option> the user is warned at login to
change their password as it will expire soon. Finally <option>--password-change-inactive=</option>
configures the time which has to pass after the password as expired until the user is not permitted
to log in or change the password anymore. Note that these options only apply to password
authentication, and do not apply to other forms of authentication, for example PKCS#11-based security
token authentication.</para></listitem>
configures how soon after it has been changed the password expires and needs to be changed again.
After this time passes logging in may only proceed after the password is changed.
<option>--password-change-warn=</option> specifies how much earlier than then the time configured
with <option>--password-change-max=</option> the user is warned at login to change their password as
it will expire soon. Finally <option>--password-change-inactive=</option> configures the time which
has to pass after the password as expired until the user is not permitted to log in or change the
password anymore. Note that these options only apply to password authentication, and do not apply to
other forms of authentication, for example PKCS#11-based security token
authentication.</para></listitem>
</varlistentry>
<varlistentry>
@ -695,8 +694,8 @@
<para>Activation of a home directory involves various operations that depend on the selected storage
mechanism. If the LUKS2 mechanism is used, this generally involves: inquiring the user for a
password, setting up a loopback device, validating and activating the LUKS2 volume, checking the file
system, mounting the file system, and potentiatlly changing the ownership of all included files to
the correct UID/GID.</para></listitem>
system, mounting the file system, and potentially changing the ownership of all included files to the
correct UID/GID.</para></listitem>
</varlistentry>
<varlistentry>

View File

@ -42,7 +42,7 @@
<refsect1>
<title>Options</title>
<para>The following options are available in the <literal>[Home]</literal> section:</para>
<para>The following options are available in the [Home] section:</para>
<variablelist class='home-directives'>

View File

@ -49,7 +49,7 @@
<title>Options</title>
<para>All options are configured in the
<literal>[Remote]</literal> section:</para>
[Remote] section:</para>
<variablelist class='config-directives'>
<varlistentry>

View File

@ -43,7 +43,7 @@
<refsect1>
<title>Options</title>
<para>All options are configured in the <literal>[Upload]</literal> section:</para>
<para>All options are configured in the [Upload] section:</para>
<variablelist class='config-directives'>
<varlistentry>

View File

@ -555,7 +555,7 @@
is also added for <literal>_SYSTEMD_SLICE=<replaceable>UNIT</replaceable></literal>,
such that if the provided <replaceable>UNIT</replaceable> is a
<citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>
unit, all logs of the children of the slice will be logged.
unit, all logs of children of the slice will be shown.
</para>
<para>This parameter can be specified multiple times.</para>
@ -574,7 +574,7 @@
is also added for <literal>_SYSTEMD_USER_SLICE=<replaceable>UNIT</replaceable></literal>,
such that if the provided <replaceable>UNIT</replaceable> is a
<citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>
unit, all logs of the children of the unit will be logged.</para>
unit, all logs of children of the unit will be shown.</para>
<para>This parameter can be specified multiple times.</para>
</listitem>
@ -761,8 +761,8 @@
underneath the specified directory instead of the root
directory (e.g. <option>--update-catalog</option> will create
<filename><replaceable>ROOT</replaceable>/var/lib/systemd/catalog/database</filename>,
and journal files under <filename><replaceable>ROOT</replaceable>/run/journal</filename>
or <filename><replaceable>ROOT</replaceable>/var/log/journal</filename> will be displayed).
and journal files under <filename><replaceable>ROOT</replaceable>/run/journal/</filename>
or <filename><replaceable>ROOT</replaceable>/var/log/journal/</filename> will be displayed).
</para></listitem>
</varlistentry>
@ -929,10 +929,10 @@
<filename>/run/log/journal/</filename> into <filename>/var/log/journal/</filename>, if persistent
storage is enabled. This call does not return until the operation is complete. Note that this call is
idempotent: the data is only flushed from <filename>/run/log/journal/</filename> into
<filename>/var/log/journal</filename> once during system runtime (but see
<filename>/var/log/journal/</filename> once during system runtime (but see
<option>--relinquish-var</option> below), and this command exits cleanly without executing any
operation if this has already happened. This command effectively guarantees that all data is flushed
to <filename>/var/log/journal</filename> at the time it returns.</para></listitem>
to <filename>/var/log/journal/</filename> at the time it returns.</para></listitem>
</varlistentry>
<varlistentry>

View File

@ -53,7 +53,7 @@
<title>Options</title>
<para>All options are configured in the
<literal>[Journal]</literal> section:</para>
[Journal] section:</para>
<variablelist class='config-directives'>

View File

@ -36,7 +36,7 @@
<title>Description</title>
<para><command>kernel-install</command> is used to install and remove kernel and initramfs images to and
from the boot loader partition, referred to as <varname>$BOOT</varname> here. It will usually be one of
<filename>/boot</filename>, <filename>/efi</filename>, or <filename>/boot/efi</filename>, see below.
<filename>/boot/</filename>, <filename>/efi/</filename>, or <filename>/boot/efi/</filename>, see below.
</para>
<para><command>kernel-install</command> will execute the files
@ -137,7 +137,7 @@
<para>The partition where the kernels and <ulink url="https://systemd.io/BOOT_LOADER_SPECIFICATION">Boot
Loader Specification</ulink> snippets are located is called <varname>$BOOT</varname>.
<command>kernel-install</command> determines the location of this partition by checking
<filename>/efi/</filename>, <filename>/boot/</filename>, and <filename>/boot/efi</filename>
<filename>/efi/</filename>, <filename>/boot/</filename>, and <filename>/boot/efi/</filename>
in turn. The first location where <filename>$BOOT/loader/entries/</filename> or
<filename>$BOOT/$MACHINE_ID/</filename> exists is used.</para>
</refsect1>

View File

@ -46,7 +46,7 @@
<title>Options</title>
<para>All options are configured in the
<literal>[Login]</literal> section:</para>
[Login] section:</para>
<variablelist class='config-directives'>
@ -277,7 +277,7 @@
<varlistentry>
<term><varname>HoldoffTimeoutSec=</varname></term>
<listitem><para>Specifies the timeout after system startup or
<listitem><para>Specifies a period of time after system startup or
system resume in which systemd will hold off on reacting to
lid events. This is required for the system to properly
detect any hotplugged devices so systemd can ignore lid events

View File

@ -39,7 +39,7 @@
<para>The machine ID may be set, for example when network booting, with the
<varname>systemd.machine_id=</varname> kernel command line parameter or by passing the
option <option>--machine-id=</option> to systemd. An ID is specified in this manner
option <option>--machine-id=</option> to systemd. An ID specified in this manner
has higher priority and will be used instead of the ID stored in
<filename>/etc/machine-id</filename>.</para>

View File

@ -320,7 +320,7 @@
<listitem><para>Copies files or directories from a container
into the host system. Takes a container name, followed by the
source path in the container the destination path on the host.
source path in the container and the destination path on the host.
If the destination path is omitted, the same as the source path
is used.</para>

View File

@ -45,7 +45,7 @@
<refsect1>
<title>[Network] Section Options</title>
<para>The following options are available in the <literal>[Network]</literal> section:</para>
<para>The following options are available in the [Network] section:</para>
<variablelist class='network-directives'>
<varlistentry>

View File

@ -18,8 +18,7 @@
<refnamediv>
<refname>nss-myhostname</refname>
<refname>libnss_myhostname.so.2</refname>
<refpurpose>Provide hostname resolution for the locally
configured system hostname.</refpurpose>
<refpurpose>Hostname resolution for the locally configured system hostname</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -18,8 +18,7 @@
<refnamediv>
<refname>nss-mymachines</refname>
<refname>libnss_mymachines.so.2</refname>
<refpurpose>Provide hostname resolution for local
container instances.</refpurpose>
<refpurpose>Hostname resolution for local container instances</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -18,7 +18,7 @@
<refnamediv>
<refname>nss-resolve</refname>
<refname>libnss_resolve.so.2</refname>
<refpurpose>Provide hostname resolution via <filename>systemd-resolved.service</filename></refpurpose>
<refpurpose>Hostname resolution via <filename>systemd-resolved.service</filename></refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -18,7 +18,7 @@
<refnamediv>
<refname>nss-systemd</refname>
<refname>libnss_systemd.so.2</refname>
<refpurpose>Provide UNIX user and group name resolution for user/group lookup via Varlink</refpurpose>
<refpurpose>UNIX user and group name resolution for user/group lookup via Varlink</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -153,7 +153,7 @@
hence be used to uniquely label files or other resources of this session. Combine this ID with the boot
identifier, as returned by
<citerefentry><refentrytitle>sd_id128_get_boot</refentrytitle><manvolnum>3</manvolnum></citerefentry>, for a
globally unique identifier for the current session.</para></listitem>
globally unique identifier.</para></listitem>
</varlistentry>
<varlistentry>

View File

@ -118,7 +118,7 @@
<para>By default all unit files whose names start with a prefix generated from the image's file name are copied
out. Specifically, the prefix is determined from the image file name with any suffix such as
<filename>.raw</filename> removed, truncated at the first occurrence of and underscore character
<filename>.raw</filename> removed, truncated at the first occurrence of an underscore character
(<literal>_</literal>), if there is one. The underscore logic is supposed to be used to versioning so that the
an image file <filename>foobar_47.11.raw</filename> will result in a unit file matching prefix of
<filename>foobar</filename>. This prefix is then compared with all unit files names contained in the image in
@ -403,7 +403,7 @@
</tgroup>
</table>
<para>For details on this profiles, and their effects please have a look at their precise definitions,
<para>For details on these profiles and their effects see their precise definitions,
e.g. <filename>/usr/lib/systemd/portable/profile/default/service.conf</filename> and similar.</para>
</refsect1>

View File

@ -44,7 +44,7 @@
<title>Options</title>
<para>All options are configured in the
<literal>[PStore]</literal> section:</para>
[PStore] section:</para>
<variablelist class='config-directives'>
@ -82,7 +82,7 @@
<refsect1>
<title>See Also</title>
<para>
<citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
</para>
</refsect1>

View File

@ -41,7 +41,7 @@
<refsect1>
<title>Options</title>
<para>The following options are available in the <literal>[Resolve]</literal> section:</para>
<para>The following options are available in the [Resolve] section:</para>
<variablelist class='network-directives'>

View File

@ -19,7 +19,7 @@
<refnamediv>
<refname>sd_bus_enqueue_for_read</refname>
<refpurpose>Re-enqueue a bus message on a bus connection, for reading.</refpurpose>
<refpurpose>Re-enqueue a bus message on a bus connection, for reading</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -20,7 +20,7 @@
<refname>sd_bus_is_open</refname>
<refname>sd_bus_is_ready</refname>
<refpurpose>Check whether the a bus connection is open or ready.</refpurpose>
<refpurpose>Check whether the bus connection is open or ready</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -22,7 +22,7 @@
<refname>sd_bus_message_new_method_errno</refname>
<refname>sd_bus_message_new_method_errnof</refname>
<refpurpose>Create a an error reply for a method call</refpurpose>
<refpurpose>Create an error reply for a method call</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -20,7 +20,7 @@
<refname>sd_bus_set_connected_signal</refname>
<refname>sd_bus_get_connected_signal</refname>
<refpurpose>Control emmission of local connection establishment signal on bus connections</refpurpose>
<refpurpose>Control emission of local connection establishment signal on bus connections</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -23,7 +23,7 @@
<refname>sd_bus_track_get_destroy_callback</refname>
<refname>sd_bus_destroy_t</refname>
<refpurpose>Define the callback function for resource cleanup.</refpurpose>
<refpurpose>Define the callback function for resource cleanup</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -19,7 +19,7 @@
<refname>sd_bus_slot_set_floating</refname>
<refname>sd_bus_slot_get_floating</refname>
<refpurpose>Control whether a bus slot object is "floating".</refpurpose>
<refpurpose>Control whether a bus slot object is "floating"</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -21,7 +21,7 @@
<refname>sd_event_source_get_destroy_callback</refname>
<refname>sd_event_destroy_t</refname>
<refpurpose>Define the callback function for resource cleanup.</refpurpose>
<refpurpose>Define the callback function for resource cleanup</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -21,7 +21,7 @@
<refnamediv>
<refname>sd_journal_has_runtime_files</refname>
<refname>sd_journal_has_persistent_files</refname>
<refpurpose>Query availability of runtime or persistent journal files.</refpurpose>
<refpurpose>Query availability of runtime or persistent journal files</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -19,7 +19,7 @@
<refname>sd_machine_get_class</refname>
<refname>sd_machine_get_ifindices</refname>
<refpurpose>Determine the class and network interface indices of a
locally running virtual machine or container.</refpurpose>
locally running virtual machine or container</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -35,7 +35,7 @@
<refname>sd_peer_get_cgroup</refname>
<refpurpose>Determine the owner uid of the user unit or session,
or the session, user unit, system unit, container/VM or slice that
a specific PID or socket peer belongs to.</refpurpose>
a specific PID or socket peer belongs to</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -70,11 +70,11 @@ key.pattern.overridden.with.glob = custom
followed by <literal>=</literal>, see SYNOPSIS.</para>
<para>Any access permission errors and attempts to write variables not present on the local system are
logged, but do not cause the service to fail. Debug log level is used, which means that the message will
not show up at all by default. Moreover, if a variable assignment is prefixed with a single
<literal>-</literal> character, any failure to set the variable will be logged at debug level, but will
not cause the service to fail. All other errors when setting variables are logged with higher priority
and cause the service to return failure at the end (other variables are still processed).</para>
logged at debug level and do not cause the service to fail. Moreover, if a variable assignment is
prefixed with a single <literal>-</literal> character, failure to set the variable for other reasons will
be logged at debug level and will not cause the service to fail. In other cases, errors when setting
variables are logged with higher priority and cause the service to return failure at the end (after
processing other variables).</para>
<para>The settings configured with <filename>sysctl.d</filename> files will be applied early on boot. The
network interface-specific options will also be applied individually for each network interface as it

View File

@ -412,7 +412,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
<para>The "Loaded:" line in the output will show <literal>loaded</literal> if the unit has been loaded into
memory. Other possible values for "Loaded:" include: <literal>error</literal> if there was a problem
loading it, <literal>not-found</literal> if not unit file was found for this unit,
loading it, <literal>not-found</literal> if no unit file was found for this unit,
<literal>bad-setting</literal> if an essential unit file setting could not be parsed and
<literal>masked</literal> if the unit file has been masked. Along with showing the path to the unit file,
this line will also show the enablement state. Enabled commands start at boot. See the full table of
@ -582,7 +582,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
<listitem>
<para>Enable one or more units or unit instances. This will create a set of symlinks, as encoded in the
<literal>[Install]</literal> sections of the indicated unit files. After the symlinks have been created,
[Install] sections of the indicated unit files. After the symlinks have been created,
the system manager configuration is reloaded (in a way equivalent to <command>daemon-reload</command>), in
order to ensure the changes are taken into account immediately. Note that this does
<emphasis>not</emphasis> have the effect of also starting any of the units being enabled. If this is
@ -605,7 +605,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
<option>--quiet</option>.
</para>
<para>Note that this operation creates only the symlinks suggested in the <literal>[Install]</literal>
<para>Note that this operation creates only the symlinks suggested in the [Install]
section of the unit files. While this command is the recommended way to manipulate the unit configuration
directory, the administrator is free to make additional changes manually by placing or removing symlinks
below this directory. This is particularly useful to create configurations that deviate from the suggested
@ -645,7 +645,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
<para>This command expects valid unit names only, it does not accept paths to unit files.</para>
<para>In addition to the units specified as arguments, all units are disabled that are listed in the
<varname>Also=</varname> setting contained in the <literal>[Install]</literal> section of any of the unit
<varname>Also=</varname> setting contained in the [Install] section of any of the unit
files being operated on.</para>
<para>This command implicitly reloads the system manager configuration after completing the operation. Note
@ -668,7 +668,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
<listitem>
<para>Reenable one or more units, as specified on the command line. This is a combination of
<command>disable</command> and <command>enable</command> and is useful to reset the symlinks a unit file is
enabled with to the defaults configured in its <literal>[Install]</literal> section. This command expects
enabled with to the defaults configured in its [Install] section. This command expects
a unit name only, it does not accept paths to unit files.</para>
</listitem>
</varlistentry>
@ -768,17 +768,17 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
</row>
<row>
<entry><literal>static</literal></entry>
<entry>The unit file is not enabled, and has no provisions for enabling in the <literal>[Install]</literal> unit file section.</entry>
<entry>The unit file is not enabled, and has no provisions for enabling in the [Install] unit file section.</entry>
<entry>0</entry>
</row>
<row>
<entry><literal>indirect</literal></entry>
<entry>The unit file itself is not enabled, but it has a non-empty <varname>Also=</varname> setting in the <literal>[Install]</literal> unit file section, listing other unit files that might be enabled, or it has an alias under a different name through a symlink that is not specified in <varname>Also=</varname>. For template unit file, an instance different than the one specified in <varname>DefaultInstance=</varname> is enabled.</entry>
<entry>The unit file itself is not enabled, but it has a non-empty <varname>Also=</varname> setting in the [Install] unit file section, listing other unit files that might be enabled, or it has an alias under a different name through a symlink that is not specified in <varname>Also=</varname>. For template unit files, an instance different than the one specified in <varname>DefaultInstance=</varname> is enabled.</entry>
<entry>0</entry>
</row>
<row>
<entry><literal>disabled</literal></entry>
<entry>The unit file is not enabled, but contains an <literal>[Install]</literal> section with installation instructions.</entry>
<entry>The unit file is not enabled, but contains an [Install] section with installation instructions.</entry>
<entry>&gt; 0</entry>
</row>
<row>

View File

@ -509,9 +509,9 @@ NAutoVTs=8
<para>This command will load unit files and print warnings if any errors are detected. Files specified
on the command line will be loaded, but also any other units referenced by them. The full unit search
path is formed by combining the directories for all command line arguments, and the usual unit load
paths (variable <varname>$SYSTEMD_UNIT_PATH</varname> is supported, and may be used to replace or
paths. The variable <varname>$SYSTEMD_UNIT_PATH</varname> is supported, and may be used to replace or
augment the compiled in set of unit load paths; see
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>). All
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. All
units files present in the directories containing the command line arguments will be used in preference
to the other paths.</para>
@ -700,9 +700,9 @@ Service b@0.service not loaded, b.socket cannot be started.
<varlistentry>
<term><option>--man=no</option></term>
<listitem><para>Do not invoke man to verify the existence of
man pages listed in <varname>Documentation=</varname>.
</para></listitem>
<listitem><para>Do not invoke
<citerefentry project='man-pages'><refentrytitle>man</refentrytitle><manvolnum>1</manvolnum></citerefentry>
to verify the existence of man pages listed in <varname>Documentation=</varname>.</para></listitem>
</varlistentry>
<varlistentry>

View File

@ -17,7 +17,7 @@
<refnamediv>
<refname>systemd-bless-boot-generator</refname>
<refpurpose>Pull <filename>systemd-bless-boot.service</filename> into the initial boot transaction when boot counting is in effect.</refpurpose>
<refpurpose>Pull <filename>systemd-bless-boot.service</filename> into the initial boot transaction when boot counting is in effect</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -91,7 +91,7 @@
<listitem><para>The boot manager optionally reads a random seed from the ESP partition, combines it
with a 'system token' stored in a persistent EFI variable and derives a random seed to use by the OS as
entropy pool initializaton, providing a full entropy pool during early boot.</para></listitem>
entropy pool initialization, providing a full entropy pool during early boot.</para></listitem>
</itemizedlist>
<para><citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
@ -313,7 +313,7 @@
is maintained persistently, while <varname>LoaderConfigTimeoutOneShot</varname> is a one-time override which is
read once (in which case it takes precedence over <varname>LoaderConfigTimeout</varname>) and then
removed. <varname>LoaderConfigTimeout</varname> may be manipulated with the
<keycap>t</keycap>/<keycap>T</keycap> keys, see above.)</para></listitem>
<keycap>t</keycap>/<keycap>T</keycap> keys, see above.</para></listitem>
</varlistentry>
<varlistentry>
@ -422,9 +422,9 @@
<varlistentry>
<term><varname>LoaderSystemToken</varname></term>
<listitem><para>A binary random data field, that is used for generating the random see to pass to the
OS (see above). Note that this random data is generally only generated once, during OS installation,
and is then never updated again.</para></listitem>
<listitem><para>A binary random data field, that is used for generating the random seed to pass to
the OS (see above). Note that this random data is generally only generated once, during OS
installation, and is then never updated again.</para></listitem>
</varlistentry>
</variablelist>

View File

@ -19,7 +19,7 @@
<refname>systemd-gpt-auto-generator</refname>
<refpurpose>Generator for automatically discovering and mounting root, <filename>/home/</filename>,
<filename>/srv/</filename>, <filename>/var/</filename> and <filename>/var/tmp/</filename> partitions, as
well as discovering and enabling swap partitions, based on GPT partition type GUIDs.</refpurpose>
well as discovering and enabling swap partitions, based on GPT partition type GUIDs</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -217,9 +217,9 @@
</para>
<para>where
<option>cursor</option> is a cursor string,
<option>num_skip</option> is an integer,
<option>num_entries</option> is an unsigned integer.
<replaceable>cursor</replaceable> is a cursor string,
<replaceable>num_skip</replaceable> is an integer,
<replaceable>num_entries</replaceable> is an unsigned integer.
</para>
<para>Range defaults to all available events.</para>

View File

@ -267,7 +267,7 @@ openssl ca -batch -config ca.conf -notext -in $CLIENT.csr -out $CLIENT.pem
those files can be specified using
<varname>TrustedCertificateFile=</varname>,
<varname>ServerCertificateFile=</varname>,
<varname>ServerKeyFile=</varname>, in
and <varname>ServerKeyFile=</varname> in
<filename>/etc/systemd/journal-remote.conf</filename> and
<filename>/etc/systemd/journal-upload.conf</filename>,
respectively. The default locations can be queried by using

View File

@ -103,7 +103,7 @@
<citerefentry><refentrytitle>systemd-user-sessions.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>logind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>pam_systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
<citerefentry><refentrytitle>pam_systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd-login</refentrytitle><manvolnum>3</manvolnum></citerefentry>
</para>
</refsect1>

View File

@ -50,10 +50,11 @@
<replaceable>WHERE</replaceable>.</para>
<para>In many ways, <command>systemd-mount</command> is similar to the lower-level
<citerefentry project='man-pages'><refentrytitle>mount</refentrytitle><manvolnum>8</manvolnum></citerefentry> command, however instead
of executing the mount operation directly and immediately, <command>systemd-mount</command> schedules it through
the service manager job queue, so that it may pull in further dependencies (such as parent mounts, or a file system
checker to execute a priori), and may make use of the auto-mounting logic.</para>
<citerefentry project='man-pages'><refentrytitle>mount</refentrytitle><manvolnum>8</manvolnum></citerefentry>
command, however instead of executing the mount operation directly and immediately,
<command>systemd-mount</command> schedules it through the service manager job queue, so that it may pull
in further dependencies (such as parent mounts, or a file system checker to execute a priori), and may
make use of the auto-mounting logic.</para>
<para>The command takes either one or two arguments. If only one argument is specified it should refer to
a block device or regular file containing a file system (e.g. <literal>/dev/sdb1</literal> or
@ -61,15 +62,15 @@
label and other metadata, and is mounted to a directory below <filename>/run/media/system/</filename>
whose name is generated from the file system label. In this mode the block device or image file must
exist at the time of invocation of the command, so that it may be probed. If the device is found to be a
removable block device (e.g. a USB stick) an automount point instead of a regular mount point is created
removable block device (e.g. a USB stick), an automount point is created instead of a regular mount point
(i.e. the <option>--automount=</option> option is implied, see below).</para>
<para>If two arguments are specified the first indicates the mount source (the <replaceable>WHAT</replaceable>) and
the second indicates the path to mount it on (the <replaceable>WHERE</replaceable>). In this mode no probing of the
source is attempted, and a backing device node doesn't have to exist yet. However, if this mode is combined with
<option>--discover</option>, device node probing for additional metadata is enabled, and much like in the
single-argument case discussed above the specified device has to exist at the time of invocation of the
command.</para>
<para>If two arguments are specified, the first indicates the mount source (the
<replaceable>WHAT</replaceable>) and the second indicates the path to mount it on (the
<replaceable>WHERE</replaceable>). In this mode no probing of the source is attempted, and a backing
device node doesn't have to exist. However, if this mode is combined with <option>--discover</option>,
device node probing for additional metadata is enabled, and much like in the single-argument case
discussed above the specified device has to exist at the time of invocation of the command.</para>
<para>Use the <option>--list</option> command to show a terse table of all local, known block devices with file
systems that may be mounted with this command.</para>

View File

@ -531,11 +531,9 @@
<term><option>-u</option></term>
<term><option>--user=</option></term>
<listitem><para>After transitioning into the container, change
to the specified user-defined in the container's user
database. Like all other systemd-nspawn features, this is not
a security feature and provides protection against accidental
destructive operations only.</para></listitem>
<listitem><para>After transitioning into the container, change to the specified user defined in the
container's user database. Like all other systemd-nspawn features, this is not a security feature and
provides protection against accidental destructive operations only.</para></listitem>
</varlistentry>
<varlistentry>
@ -1167,10 +1165,9 @@
<para>Finally, if set to <literal>auto</literal> the file is left as it is if private networking is
turned on (see <option>--private-network</option>). Otherwise, if
<filename>systemd-resolved.service</filename> is connectible its stub
<filename>resolv.conf</filename> file is used, and if not the host's
<filename>/etc/resolv.conf</filename> file is used. In the latter cases the file is copied if the
image is writable, and bind mounted otherwise.</para>
<filename>systemd-resolved.service</filename> is running its stub <filename>resolv.conf</filename>
file is used, and if not the host's <filename>/etc/resolv.conf</filename> file. In the latter cases
the file is copied if the image is writable, and bind mounted otherwise.</para>
<para>It's recommended to use <literal>copy-…</literal> or <literal>replace-…</literal> if the
container shall be able to make changes to the DNS configuration on its own, deviating from the
@ -1186,19 +1183,20 @@
<varlistentry>
<term><option>--timezone=</option></term>
<listitem><para>Configures how <filename>/etc/localtime</filename> inside of the container (i.e. local timezone
synchronization from host to container) shall be handled. Takes one of <literal>off</literal>,
<literal>copy</literal>, <literal>bind</literal>, <literal>symlink</literal>, <literal>delete</literal> or
<literal>auto</literal>. If set to <literal>off</literal> the <filename>/etc/localtime</filename> file in the
container is left as it is included in the image, and neither modified nor bind mounted over. If set to
<literal>copy</literal> the <filename>/etc/localtime</filename> file of the host is copied into the
container. Similar, if <literal>bind</literal> is used, it is bind mounted from the host into the container. If
set to <literal>symlink</literal> a symlink from <filename>/etc/localtime</filename> in the container is
created pointing to the matching the timezone file of the container that matches the timezone setting on the
host. If set to <literal>delete</literal> the file in the container is deleted, should it exist. If set to
<literal>auto</literal> and the <filename>/etc/localtime</filename> file of the host is a symlink, then
<literal>symlink</literal> mode is used, and <literal>copy</literal> otherwise, except if the image is
read-only in which case <literal>bind</literal> is used instead. Defaults to
<listitem><para>Configures how <filename>/etc/localtime</filename> inside of the container
(i.e. local timezone synchronization from host to container) shall be handled. Takes one of
<literal>off</literal>, <literal>copy</literal>, <literal>bind</literal>, <literal>symlink</literal>,
<literal>delete</literal> or <literal>auto</literal>. If set to <literal>off</literal> the
<filename>/etc/localtime</filename> file in the container is left as it is included in the image, and
neither modified nor bind mounted over. If set to <literal>copy</literal> the
<filename>/etc/localtime</filename> file of the host is copied into the container. Similarly, if
<literal>bind</literal> is used, the file is bind mounted from the host into the container. If set to
<literal>symlink</literal>, a symlink is created pointing from <filename>/etc/localtime</filename> in
the container to the timezone file in the container that matches the timezone setting on the host. If
set to <literal>delete</literal>, the file in the container is deleted, should it exist. If set to
<literal>auto</literal> and the <filename>/etc/localtime</filename> file of the host is a symlink,
then <literal>symlink</literal> mode is used, and <literal>copy</literal> otherwise, except if the
image is read-only in which case <literal>bind</literal> is used instead. Defaults to
<literal>auto</literal>.</para></listitem>
</varlistentry>
@ -1441,7 +1439,7 @@
<para>This installs a minimal Fedora distribution into the
directory <filename index="false">/var/lib/machines/f&fedora_latest_version;</filename>
and then boots an OS in a namespace container in it. Because the installation
and then boots that OS in a namespace container. Because the installation
is located underneath the standard <filename>/var/lib/machines/</filename>
directory, it is also possible to start the machine using
<command>systemd-nspawn -M f&fedora_latest_version;</command>.</para>
@ -1455,7 +1453,7 @@
<para>This installs a minimal Debian unstable distribution into
the directory <filename>~/debian-tree/</filename> and then
spawns a shell in a namespace container in it.</para>
spawns a shell from this image in a namespace container.</para>
<para><command>debootstrap</command> supports
<ulink url="https://www.debian.org">Debian</ulink>,

View File

@ -44,7 +44,7 @@
<citerefentry><refentrytitle>systemd-boot</refentrytitle><manvolnum>7</manvolnum></citerefentry>, with
its <command>bootctl random-seed</command> functionality.</para>
<para>When loading the random seed from disk its file is immediately updated with a new seed retrieved
<para>When loading the random seed from disk, the file is immediately updated with a new seed retrieved
from the kernel, in order to ensure no two boots operate with the same random seed. This new seed is
retrieved synchronously from the kernel, which means the service will not complete start-up until the
random pool is fully initialized. On entropy-starved systems this may take a while. This functionality is

View File

@ -57,9 +57,10 @@
available but not yet used. Specifically the following use cases are among those covered:</para>
<itemizedlist>
<listitem><para>The root partition may be grown to cover the whole available disk space</para></listitem>
<listitem><para>A <filename>/home/</filename>, swap or <filename>/srv/</filename> partition can be added in</para></listitem>
<listitem><para>A second (or third, …) root partition may be added in, to cover A/B style setups
<listitem><para>The root partition may be grown to cover the whole available disk space.</para></listitem>
<listitem><para>A <filename>/home/</filename>, swap or <filename>/srv/</filename> partition can be
added.</para></listitem>
<listitem><para>A second (or third, …) root partition may be added, to cover A/B style setups
where a second version of the root file system is alternatingly used for implementing update
schemes. The deployed image would carry only a single partition ("A") but on first boot a second
partition ("B") for this purpose is automatically created.</para></listitem>
@ -69,7 +70,7 @@
<orderedlist>
<listitem><para>The <filename>repart.d/*.conf</filename> configuration files are loaded and parsed,
and ordered by filename (without the directory suffix). </para></listitem>
and ordered by filename (without the directory prefix).</para></listitem>
<listitem><para>The partition table already existing on the block device is loaded and
parsed.</para></listitem>
@ -119,13 +120,13 @@
</orderedlist>
<para>As exception to the normally strictly incremental operation, when called in a special "factory
reset" mode <command>systemd-repart</command> may also be used to erase select existing partitions to
reset" mode, <command>systemd-repart</command> may also be used to erase existing partitions to
reset an installation back to vendor defaults. This mode of operation is used when either the
<option>--factory-reset=yes</option> switch is passed on the tool's command line, or the
<option>systemd.factory_reset=yes</option> option specified on the kernel command line, or the
<varname>FactoryReset</varname> EFI variable (vendor UUID
<constant>8cf2644b-4b0b-428f-9387-6d876050dc67</constant>) is set to "yes". It alters the algorithm above
slightly: between the 3rd and the 4th step above the any partition marked explicitly via the
slightly: between the 3rd and the 4th step above any partition marked explicitly via the
<varname>FactoryReset=</varname> boolean is deleted, and the algorithm restarted, thus immediately
re-creating these partitions anew empty.</para>
@ -267,9 +268,9 @@
<varlistentry>
<term><option>--definitions=</option></term>
<listitem><para>Takes a file system path. If specified the <filename>*.conf</filename> are directly
read from the specified directory instead of searching in
<filename>/usr/lib/repart.d/*.conf</filename>, <filename>/etc/repart.d/*.conf</filename>,
<listitem><para>Takes a file system path. If specified the <filename>*.conf</filename> files are read
from the specified directory instead of searching in <filename>/usr/lib/repart.d/*.conf</filename>,
<filename>/etc/repart.d/*.conf</filename>,
<filename>/run/repart.d/*.conf</filename>.</para></listitem>
</varlistentry>

View File

@ -105,7 +105,7 @@
<title>Options</title>
<para>The following options can be configured in the
<literal>[Sleep]</literal> section of
[Sleep] section of
<filename>/etc/systemd/sleep.conf</filename> or a
<filename>sleep.conf.d</filename> file:</para>

View File

@ -16,7 +16,7 @@
</refmeta>
<refnamediv>
<refname>systemd-socket-proxyd</refname>
<refpurpose>Bidirectionally proxy local sockets to another (possibly remote) socket.</refpurpose>
<refpurpose>Bidirectionally proxy local sockets to another (possibly remote) socket</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>

View File

@ -71,19 +71,16 @@
url="https://www.freedesktop.org/wiki/Software/systemd/inhibit">Inhibitor
interface</ulink>.</para>
<para>Note that
<filename>systemd-suspend.service</filename>,
<filename>systemd-hibernate.service</filename>, and
<filename>systemd-hybrid-sleep.service</filename>
<filename>systemd-suspend-then-hibernate.service</filename>
should never be executed directly. Instead, trigger system sleep
states with a command such as <literal>systemctl suspend</literal>
or similar.</para>
<para>Note that <filename>systemd-suspend.service</filename>,
<filename>systemd-hibernate.service</filename>, <filename>systemd-hybrid-sleep.service</filename>, and
<filename>systemd-suspend-then-hibernate.service</filename> should never be executed directly. Instead,
trigger system sleep with a command such as <command>systemctl suspend</command> or <command>systemctl
hibernate</command>.</para>
<para>Internally, this service will echo a string like
<literal>mem</literal> into <filename>/sys/power/state</filename>,
to trigger the actual system suspend. What exactly is written
where can be configured in the <literal>[Sleep]</literal> section
where can be configured in the [Sleep] section
of <filename>/etc/systemd/sleep.conf</filename> or a
<filename>sleep.conf.d</filename> file. See
<citerefentry><refentrytitle>systemd-sleep.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.

View File

@ -58,7 +58,7 @@
<title>Options</title>
<para>All options are configured in the
<literal>[Manager]</literal> section:</para>
[Manager] section:</para>
<variablelist class='config-directives'>
@ -149,7 +149,7 @@
for details. During the first phase of the shutdown operation the system and service manager remains running
and hence <varname>RuntimeWatchdogSec=</varname> is still honoured. In order to define a timeout on this first
phase of system shutdown, configure <varname>JobTimeoutSec=</varname> and <varname>JobTimeoutAction=</varname>
in the <literal>[Unit]</literal> section of the <filename>shutdown.target</filename> unit. By default
in the [Unit] section of the <filename>shutdown.target</filename> unit. By default
<varname>RuntimeWatchdogSec=</varname> defaults to 0 (off), and <varname>RebootWatchdogSec=</varname> to
10min. <varname>KExecWatchdogSec=</varname> may be used to additionally enable the watchdog when kexec
is being executed rather than when rebooting. Note that if the kernel does not reset the watchdog on kexec (depending
@ -387,9 +387,9 @@
units. See
<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry> for
details. These settings may be overridden in individual units using the corresponding
<varname>LimitXXX=</varname> directives, see
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>, for
details, and they accept the same parameter syntax. Note that these resource limits are only defaults
<varname>LimitXXX=</varname> directives and they accept the same parameter syntax,
see <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details. Note that these resource limits are only defaults
for units, they are not applied to the service manager process (i.e. PID 1) itself.</para></listitem>
</varlistentry>

View File

@ -18,7 +18,7 @@
<refnamediv>
<refname>systemd-time-wait-sync.service</refname>
<refname>systemd-time-wait-sync</refname>
<refpurpose>Wait Until Kernel Time Synchronized</refpurpose>
<refpurpose>Wait until kernel time is synchronized</refpurpose>
</refnamediv>
<refsynopsisdiv>

View File

@ -35,9 +35,9 @@
this unit type. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for the common options of all unit configuration files. The common
configuration items are configured in the generic <literal>[Unit]</literal> and
<literal>[Install]</literal> sections. The automount specific configuration options
are configured in the <literal>[Automount]</literal> section.</para>
configuration items are configured in the generic [Unit] and
[Install] sections. The automount specific configuration options
are configured in the [Automount] section.</para>
<para>Automount units must be named after the automount directories they control. Example: the automount point
<filename index="false">/home/lennart</filename> must be configured in a unit file

View File

@ -36,8 +36,8 @@
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for the common options of all unit configuration files. The common
configuration items are configured in the generic
<literal>[Unit]</literal> and <literal>[Install]</literal>
sections. A separate <literal>[Device]</literal> section does not
[Unit] and [Install]
sections. A separate [Device] section does not
exist, since no device-specific options may be configured.</para>
<para>systemd will dynamically create device units for all kernel
@ -60,7 +60,7 @@
<para>Device units will be reloaded by systemd whenever the
corresponding device generates a <literal>changed</literal> event.
Other units can use <varname>ReloadPropagatedFrom=</varname> to react
to that event</para>
to that event.</para>
</refsect1>
<refsect1>

View File

@ -64,7 +64,7 @@
<refsect1>
<title>[Service] Section Options</title>
<para>The network service file contains a <literal>[Service]</literal>
<para>The network service file contains a [Service]
section, which specifies a discoverable network service announced in a
local network with Multicast DNS broadcasts.</para>

View File

@ -511,10 +511,11 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
<varlistentry>
<term><varname>AppArmorProfile=</varname></term>
<listitem><para>Takes a profile name as argument. The process executed by the unit will switch to this profile
when started. Profiles must already be loaded in the kernel, or the unit will fail. This result in a non
operation if AppArmor is not enabled. If prefixed by <literal>-</literal>, all errors will be ignored. This
does not affect commands prefixed with <literal>+</literal>.</para></listitem>
<listitem><para>Takes a profile name as argument. The process executed by the unit will switch to
this profile when started. Profiles must already be loaded in the kernel, or the unit will fail. If
prefixed by <literal>-</literal>, all errors will be ignored. This setting has no effect if AppArmor
is not enabled. This setting not affect commands prefixed with <literal>+</literal>.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -880,7 +881,7 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
in <varname>NUMAMask=</varname>. For more details on each policy please see,
<citerefentry><refentrytitle>set_mempolicy</refentrytitle><manvolnum>2</manvolnum></citerefentry>. For overall
overview of NUMA support in Linux see,
<citerefentry project='man-pages'><refentrytitle>numa</refentrytitle><manvolnum>7</manvolnum></citerefentry>
<citerefentry project='man-pages'><refentrytitle>numa</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
</para></listitem>
</varlistentry>
@ -1067,14 +1068,16 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
<varname>RootDirectory=</varname> or <varname>RootImage=</varname> these paths always reside on the host and
are mounted from there into the unit's file system namespace.</para>
<para>If <varname>DynamicUser=</varname> is used in conjunction with <varname>StateDirectory=</varname>,
<varname>CacheDirectory=</varname> and <varname>LogsDirectory=</varname> is slightly altered: the directories
are created below <filename>/var/lib/private</filename>, <filename>/var/cache/private</filename> and
<para>If <varname>DynamicUser=</varname> is used in conjunction with
<varname>StateDirectory=</varname>, the logic for <varname>CacheDirectory=</varname> and
<varname>LogsDirectory=</varname> is slightly altered: the directories are created below
<filename>/var/lib/private</filename>, <filename>/var/cache/private</filename> and
<filename>/var/log/private</filename>, respectively, which are host directories made inaccessible to
unprivileged users, which ensures that access to these directories cannot be gained through dynamic user ID
recycling. Symbolic links are created to hide this difference in behaviour. Both from perspective of the host
and from inside the unit, the relevant directories hence always appear directly below
<filename>/var/lib</filename>, <filename>/var/cache</filename> and <filename>/var/log</filename>.</para>
unprivileged users, which ensures that access to these directories cannot be gained through dynamic
user ID recycling. Symbolic links are created to hide this difference in behaviour. Both from
perspective of the host and from inside the unit, the relevant directories hence always appear
directly below <filename>/var/lib</filename>, <filename>/var/cache</filename> and
<filename>/var/log</filename>.</para>
<para>Use <varname>RuntimeDirectory=</varname> to manage one or more runtime directories for the unit and bind
their lifetime to the daemon runtime. This is particularly useful for unprivileged daemons that cannot create
@ -1238,8 +1241,8 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
<term><varname>PrivateTmp=</varname></term>
<listitem><para>Takes a boolean argument. If true, sets up a new file system namespace for the executed
processes and mounts private <filename>/tmp</filename> and <filename>/var/tmp</filename> directories inside it
that is not shared by processes outside of the namespace. This is useful to secure access to temporary files of
processes and mounts private <filename>/tmp/</filename> and <filename>/var/tmp/</filename> directories inside it
that are not shared by processes outside of the namespace. This is useful to secure access to temporary files of
the process, but makes sharing between processes via <filename>/tmp</filename> or <filename>/var/tmp</filename>
impossible. If this is enabled, all temporary files created by a service in these directories will be removed
after the service is stopped. Defaults to false. It is possible to run two or more units within the same
@ -1399,7 +1402,7 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
this option removes <constant>CAP_SYS_TIME</constant> and <constant>CAP_WAKE_ALARM</constant> from the
capability bounding set for this unit, installs a system call filter to block calls that can set the
clock, and <varname>DeviceAllow=char-rtc r</varname> is implied. This ensures <filename>/dev/rtc0</filename>,
<filename>/dev/rtc1</filename>, etc are made read only to the service. See
<filename>/dev/rtc1</filename>, etc. are made read-only to the service. See
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for the details about <varname>DeviceAllow=</varname>.</para>
@ -1495,7 +1498,7 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
<citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>)
are unaffected. Also, sockets created with <function>socketpair()</function> (which creates connected
AF_UNIX sockets only) are unaffected. Note that this option has no effect on 32-bit x86, s390, s390x,
mips, mips-le, ppc, ppc-le, pcc64, ppc64-le and is ignored (but works correctly on other ABIs,
mips, mips-le, ppc, ppc-le, ppc64, ppc64-le and is ignored (but works correctly on other ABIs,
including x86-64). Note that on systems supporting multiple ABIs (such as x86/x86-64) it is
recommended to turn off alternative ABIs for services, so that they cannot be used to circumvent the
restrictions of this option. Specifically, it is recommended to combine this option with
@ -1803,7 +1806,7 @@ RestrictNamespaces=~cgroup net</programlisting>
</row>
<row>
<entry>@file-system</entry>
<entry>File system operations: opening, creating files and directories for read and write, renaming and removing them, reading file properties, or creating hard and symbolic links.</entry>
<entry>File system operations: opening, creating files and directories for read and write, renaming and removing them, reading file properties, or creating hard and symbolic links</entry>
</row>
<row>
<entry>@io-event</entry>
@ -1819,7 +1822,7 @@ RestrictNamespaces=~cgroup net</programlisting>
</row>
<row>
<entry>@memlock</entry>
<entry>Locking of memory into RAM (<citerefentry project='man-pages'><refentrytitle>mlock</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>mlockall</refentrytitle><manvolnum>2</manvolnum></citerefentry> and related calls)</entry>
<entry>Locking of memory in RAM (<citerefentry project='man-pages'><refentrytitle>mlock</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>mlockall</refentrytitle><manvolnum>2</manvolnum></citerefentry> and related calls)</entry>
</row>
<row>
<entry>@module</entry>
@ -1843,7 +1846,7 @@ RestrictNamespaces=~cgroup net</programlisting>
</row>
<row>
<entry>@process</entry>
<entry>Process control, execution, namespaceing operations (<citerefentry project='man-pages'><refentrytitle>clone</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>kill</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>namespaces</refentrytitle><manvolnum>7</manvolnum></citerefentry>, …</entry>
<entry>Process control, execution, namespaceing operations (<citerefentry project='man-pages'><refentrytitle>clone</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>kill</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>namespaces</refentrytitle><manvolnum>7</manvolnum></citerefentry>, …)</entry>
</row>
<row>
<entry>@raw-io</entry>
@ -1871,7 +1874,7 @@ RestrictNamespaces=~cgroup net</programlisting>
</row>
<row>
<entry>@sync</entry>
<entry>Synchronizing files and memory to disk: (<citerefentry project='man-pages'><refentrytitle>fsync</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>msync</refentrytitle><manvolnum>2</manvolnum></citerefentry>, and related calls)</entry>
<entry>Synchronizing files and memory to disk (<citerefentry project='man-pages'><refentrytitle>fsync</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>msync</refentrytitle><manvolnum>2</manvolnum></citerefentry>, and related calls)</entry>
</row>
<row>
<entry>@system-service</entry>
@ -1949,7 +1952,7 @@ SystemCallErrorNumber=EPERM</programlisting>
manager is compiled for). If running in user mode, or in system mode, but without the
<constant>CAP_SYS_ADMIN</constant> capability (e.g. setting <varname>User=nobody</varname>),
<varname>NoNewPrivileges=yes</varname> is implied. By default, this option is set to the empty list, i.e. no
system call architecture filtering is applied.</para>
filtering is applied.</para>
<para>If this setting is used, processes of this unit will only be permitted to call native system calls, and
system calls of the specified architectures. For the purposes of this option, the x32 architecture is treated
@ -2213,8 +2216,9 @@ SystemCallErrorNumber=EPERM</programlisting>
<constant>AF_UNIX</constant> socket in the file system, as in that case only a
single stream connection is created for both input and output.</para>
<para><option>append:<replaceable>path</replaceable></option> is similar to <option>file:<replaceable>path
</replaceable></option> above, but it opens the file in append mode.</para>
<para><option>append:<replaceable>path</replaceable></option> is similar to
<option>file:<replaceable>path</replaceable></option> above, but it opens the file in append mode.
</para>
<para><option>socket</option> connects standard output to a socket acquired via socket activation. The
semantics are similar to the same option of <varname>StandardInput=</varname>, see above.</para>
@ -2551,7 +2555,7 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy
<varname>UnsetEnvironment=</varname> are removed again from the compiled environment variable list, immediately
before it is passed to the executed process.</para>
<para>The following select environment variables are set or propagated by the service manager for each invoked
<para>The following environment variables are set or propagated by the service manager for each invoked
process:</para>
<variablelist class='environment-variables'>
@ -2622,7 +2626,7 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy
<term><varname>$LOGS_DIRECTORY</varname></term>
<term><varname>$CONFIGURATION_DIRECTORY</varname></term>
<listitem><para>Contains and absolute paths to the directories defined with
<listitem><para>Absolute paths to the directories defined with
<varname>RuntimeDirectory=</varname>, <varname>StateDirectory=</varname>,
<varname>CacheDirectory=</varname>, <varname>LogsDirectory=</varname>, and
<varname>ConfigurationDirectory=</varname> when those settings are used.</para>
@ -3228,7 +3232,7 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy
<row>
<entry>242</entry>
<entry><constant>EXIT_NUMA_POLICY</constant></entry>
<entry>Failed to set up unit's NUMA memory policy. See <varname>NUMAPolicy=</varname> and <varname>NUMAMask=</varname>above.</entry>
<entry>Failed to set up unit's NUMA memory policy. See <varname>NUMAPolicy=</varname> and <varname>NUMAMask=</varname> above.</entry>
</row>
</tbody>

View File

@ -524,7 +524,8 @@
structured log entries via calls such as
<citerefentry><refentrytitle>sd_journal_send</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
They may also not be used as matches for
<citerefentry><refentrytitle>sd_journal_add_match</refentrytitle><manvolnum>3</manvolnum></citerefentry></para>
<citerefentry><refentrytitle>sd_journal_add_match</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
</para>
<variablelist class='journal-directives'>
<varlistentry>

View File

@ -151,7 +151,7 @@
terminate upon receiving the initial <constant>SIGTERM</constant>
signal. This can be achieved by configuring <varname>LimitCORE=</varname>
and setting <varname>FinalKillSignal=</varname> to either
<constant>SIGQUIT</constant> or <constant>SIGABRT</constant>
<constant>SIGQUIT</constant> or <constant>SIGABRT</constant>.
Defaults to <constant>SIGKILL</constant>.
</para></listitem>
</varlistentry>

View File

@ -64,8 +64,8 @@
<title>[Match] Section Options</title>
<para>A link file is said to match a device if all matches specified by the
<literal>[Match]</literal> section are satisfied. When a link file does not contain valid settings
in <literal>[Match]</literal> section, then the file will match all devices and
[Match] section are satisfied. When a link file does not contain valid settings
in [Match] section, then the file will match all devices and
<command>systemd-udevd</command> warns about that. Hint: to avoid the warning and to make it clear
that all interfaces shall be matched, add the following:
<programlisting>OriginalName=*</programlisting>

View File

@ -34,9 +34,9 @@
this unit type. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for the common options of all unit configuration files. The common
configuration items are configured in the generic <literal>[Unit]</literal> and
<literal>[Install]</literal> sections. The mount specific configuration options are
configured in the <literal>[Mount]</literal> section.</para>
configuration items are configured in the generic [Unit] and
[Install] sections. The mount specific configuration options are
configured in the [Mount] section.</para>
<para>Additional options are listed in
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,

View File

@ -357,7 +357,7 @@
</variablelist>
<para>Note that <constant>latest</constant> may be used to denote the latest scheme known (to this
particular version of systemd.</para>
particular version of systemd).</para>
</refsect1>
<refsect1>

View File

@ -114,10 +114,10 @@
<entry>An IPv4 over IPv4 tunnel.</entry></row>
<row><entry><varname>ipvlan</varname></entry>
<entry>An ipvlan device is a stacked device which receives packets from its underlying device based on IP address filtering.</entry></row>
<entry>An IPVLAN device is a stacked device which receives packets from its underlying device based on IP address filtering.</entry></row>
<row><entry><varname>ipvtap</varname></entry>
<entry>An ipvtap device is a stacked device which receives packets from its underlying device based on IP address filtering and can be accessed using the tap user space interface.</entry></row>
<entry>An IPVTAP device is a stacked device which receives packets from its underlying device based on IP address filtering and can be accessed using the tap user space interface.</entry></row>
<row><entry><varname>macvlan</varname></entry>
<entry>A macvlan device is a stacked device which receives packets from its underlying device based on MAC address filtering.</entry></row>
@ -193,7 +193,7 @@
<title>[Match] Section Options</title>
<para>A virtual network device is only created if the
<literal>[Match]</literal> section matches the current
[Match] section matches the current
environment, or if the section is empty. The following keys are
accepted:</para>
@ -259,7 +259,7 @@
<refsect1>
<title>[NetDev] Section Options</title>
<para>The <literal>[NetDev]</literal> section accepts the
<para>The [NetDev] section accepts the
following keys:</para>
<variablelist class='network-directives'>
@ -273,13 +273,13 @@
<term><varname>Name=</varname></term>
<listitem>
<para>The interface name used when creating the netdev.
This option is compulsory.</para>
This setting is compulsory.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Kind=</varname></term>
<listitem>
<para>The netdev kind. This option is compulsory. See the
<para>The netdev kind. This setting is compulsory. See the
<literal>Supported netdev kinds</literal> section for the
valid keys.</para>
</listitem>
@ -287,10 +287,10 @@
<varlistentry>
<term><varname>MTUBytes=</varname></term>
<listitem>
<para>The maximum transmission unit in bytes to set for the device. The usual suffixes K, M, G,
<para>The maximum transmission unit in bytes to set for the device. The usual suffixes K, M, G
are supported and are understood to the base of 1024. For <literal>tun</literal> or
<literal>tap</literal> devices, <varname>MTUBytes=</varname> setting is not currently supported in
<literal>[NetDev]</literal> section. Please specify it in <literal>[Link]</literal> section of
[NetDev] section. Please specify it in [Link] section of
corresponding
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
files.</para>
@ -300,8 +300,8 @@
<term><varname>MACAddress=</varname></term>
<listitem>
<para>The MAC address to use for the device. For <literal>tun</literal> or <literal>tap</literal>
devices, setting <varname>MACAddress=</varname> in the <literal>[NetDev]</literal> section is not
supported. Please specify it in <literal>[Link]</literal> section of the corresponding
devices, setting <varname>MACAddress=</varname> in the [NetDev] section is not
supported. Please specify it in [Link] section of the corresponding
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
file. If this option is not set, <literal>vlan</literal> devices inherit the MAC address of the
physical interface. For other kind of netdevs, if this option is not set, then MAC address is
@ -316,7 +316,7 @@
<refsect1>
<title>[Bridge] Section Options</title>
<para>The <literal>[Bridge]</literal> section only applies for
<para>The [Bridge] section only applies for
netdevs of kind <literal>bridge</literal>, and accepts the
following keys:</para>
@ -436,7 +436,7 @@
<refsect1>
<title>[VLAN] Section Options</title>
<para>The <literal>[VLAN]</literal> section only applies for
<para>The [VLAN] section only applies for
netdevs of kind <literal>vlan</literal>, and accepts the
following key:</para>
@ -445,7 +445,7 @@
<term><varname>Id=</varname></term>
<listitem>
<para>The VLAN ID to use. An integer in the range 04094.
This option is compulsory.</para>
This setting is compulsory.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -478,8 +478,8 @@
<varlistentry>
<term><varname>ReorderHeader=</varname></term>
<listitem>
<para>Takes a boolean. The VLAN reorder header is set VLAN interfaces behave like physical interfaces.
When unset, the kernel's default will be used.</para>
<para>Takes a boolean. When enabled, the VLAN reorder header is used and VLAN interfaces behave
like physical interfaces. When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
</variablelist>
@ -488,7 +488,7 @@
<refsect1>
<title>[MACVLAN] Section Options</title>
<para>The <literal>[MACVLAN]</literal> section only applies for
<para>The [MACVLAN] section only applies for
netdevs of kind <literal>macvlan</literal>, and accepts the
following key:</para>
@ -510,15 +510,15 @@
<refsect1>
<title>[MACVTAP] Section Options</title>
<para>The <literal>[MACVTAP]</literal> section applies for
<para>The [MACVTAP] section applies for
netdevs of kind <literal>macvtap</literal> and accepts the
same key as <literal>[MACVLAN]</literal>.</para>
same key as [MACVLAN].</para>
</refsect1>
<refsect1>
<title>[IPVLAN] Section Options</title>
<para>The <literal>[IPVLAN]</literal> section only applies for
<para>The [IPVLAN] section only applies for
netdevs of kind <literal>ipvlan</literal>, and accepts the
following key:</para>
@ -545,15 +545,15 @@
<refsect1>
<title>[IPVTAP] Section Options</title>
<para>The <literal>[IPVTAP]</literal> section only applies for
<para>The [IPVTAP] section only applies for
netdevs of kind <literal>ipvtap</literal> and accepts the
same key as <literal>[IPVLAN]</literal>.</para>
same key as [IPVLAN].</para>
</refsect1>
<refsect1>
<title>[VXLAN] Section Options</title>
<para>The <literal>[VXLAN]</literal> section only applies for
<para>The [VXLAN] section only applies for
netdevs of kind <literal>vxlan</literal>, and accepts the
following keys:</para>
@ -579,7 +579,8 @@
<varlistentry>
<term><varname>Group=</varname></term>
<listitem>
<para>Configures VXLAN multicast group IP address. All members of a VXLAN must use the same multicast group address.</para>
<para>Configures VXLAN multicast group IP address. All members of a VXLAN must use the same
multicast group address.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -637,8 +638,7 @@
<varlistentry>
<term><varname>L3MissNotification=</varname></term>
<listitem>
<para>Takes a boolean. When true, enables netlink IP address miss
notifications.</para>
<para>Takes a boolean. When true, enables netlink IP address miss notifications.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -739,7 +739,7 @@
<refsect1>
<title>[GENEVE] Section Options</title>
<para>The <literal>[GENEVE]</literal> section only applies for
<para>The [GENEVE] section only applies for
netdevs of kind <literal>geneve</literal>, and accepts the
following keys:</para>
@ -765,15 +765,16 @@
<varlistentry>
<term><varname>TTL=</varname></term>
<listitem>
<para>Accepts the same key in <literal>[VXLAN]</literal> section except when unset or
set to 0, the kernel's default will be used meaning that packets TTL will be set from
<para>Accepts the same values as in the [VXLAN] section, except that when unset
or set to 0, the kernel's default will be used, meaning that packet TTL will be set from
<filename>/proc/sys/net/ipv4/ip_default_ttl</filename>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>UDPChecksum=</varname></term>
<listitem>
<para>Takes a boolean. When true, specifies if UDP checksum is calculated for transmitted packets over IPv4.</para>
<para>Takes a boolean. When true, specifies that UDP checksum is calculated for transmitted packets
over IPv4.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -804,7 +805,7 @@
<varlistentry>
<term><varname>IPDoNotFragment=</varname></term>
<listitem>
<para>Accepts the same key in <literal>[VXLAN]</literal> section.</para>
<para>Accepts the same key in [VXLAN] section.</para>
</listitem>
</varlistentry>
</variablelist>
@ -813,7 +814,7 @@
<refsect1>
<title>[L2TP] Section Options</title>
<para>The <literal>[L2TP]</literal> section only applies for
<para>The [L2TP] section only applies for
netdevs of kind <literal>l2tp</literal>, and accepts the
following keys:</para>
@ -821,21 +822,23 @@
<varlistentry>
<term><varname>TunnelId=</varname></term>
<listitem>
<para>Specifies the tunnel id. The value used must match the <literal>PeerTunnelId=</literal> value being used at the peer.
Ranges a number between 1 and 4294967295). This option is compulsory.</para>
<para>Specifies the tunnel identifier. Takes an number in the range 14294967295. The value used
must match the <literal>PeerTunnelId=</literal> value being used at the peer. This setting is
compulsory.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>PeerTunnelId=</varname></term>
<listitem>
<para>Specifies the peer tunnel id. The value used must match the <literal>PeerTunnelId=</literal> value being used at the peer.
Ranges a number between 1 and 4294967295). This option is compulsory.</para>
<para>Specifies the peer tunnel id. Takes a number in the range 1—4294967295. The value used must
match the <literal>PeerTunnelId=</literal> value being used at the peer. This setting is
compulsory.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Remote=</varname></term>
<listitem>
<para>Specifies the IP address of the remote peer. This option is compulsory.</para>
<para>Specifies the IP address of the remote peer. This setting is compulsory.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -852,27 +855,29 @@
<varlistentry>
<term><varname>EncapsulationType=</varname></term>
<listitem>
<para>Specifies the encapsulation type of the tunnel. Takes one of <literal>udp</literal> or <literal>ip</literal>.</para>
<para>Specifies the encapsulation type of the tunnel. Takes one of <literal>udp</literal> or
<literal>ip</literal>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>UDPSourcePort=</varname></term>
<listitem>
<para>Specifies the UDP source port to be used for the tunnel. When UDP encapsulation is selected it's mandotory. Ignored when ip
encapsulation is selected.</para>
<para>Specifies the UDP source port to be used for the tunnel. When UDP encapsulation is selected
it's mandatory. Ignored when IP encapsulation is selected.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>UDPDestinationPort=</varname></term>
<listitem>
<para>Specifies destination port. When UDP encapsulation is selected it's mandotory. Ignored when ip
<para>Specifies destination port. When UDP encapsulation is selected it's mandatory. Ignored when IP
encapsulation is selected.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>UDPChecksum=</varname></term>
<listitem>
<para>Takes a boolean. When true, specifies if UDP checksum is calculated for transmitted packets over IPv4.</para>
<para>Takes a boolean. When true, specifies that UDP checksum is calculated for transmitted packets
over IPv4.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -893,28 +898,30 @@
<refsect1>
<title>[L2TPSession] Section Options</title>
<para>The <literal>[L2TPSession]</literal> section only applies for
<para>The [L2TPSession] section only applies for
netdevs of kind <literal>l2tp</literal>, and accepts the
following keys:</para>
<variablelist class='network-directives'>
<varlistentry>
<term><varname>Name=</varname></term>
<listitem>
<para>Specifies the name of the session. This option is compulsory.</para>
<para>Specifies the name of the session. This setting is compulsory.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>SessionId=</varname></term>
<listitem>
<para>Specifies the session id. The value used must match the <literal>SessionId=</literal> value being used at the peer.
Ranges a number between 1 and 4294967295). This option is compulsory.</para>
<para>Specifies the session identifier. Takes an number in the range 14294967295. The value used
must match the <literal>SessionId=</literal> value being used at the peer. This setting is
compulsory.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>PeerSessionId=</varname></term>
<listitem>
<para>Specifies the peer session id. The value used must match the <literal>PeerSessionId=</literal> value being used at the peer.
Ranges a number between 1 and 4294967295). This option is compulsory.</para>
<para>Specifies the peer session identifier. Takes an number in the range 14294967295.
The value used must match the <literal>PeerSessionId=</literal> value being used at the peer.
This setting is compulsory.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -929,7 +936,7 @@
<refsect1>
<title>[MACsec] Section Options</title>
<para>The <literal>[MACsec]</literal> section only applies for network devices of kind
<para>The [MACsec] section only applies for network devices of kind
<literal>macsec</literal>, and accepts the following keys:</para>
<variablelist class='network-directives'>
@ -952,7 +959,7 @@
<refsect1>
<title>[MACsecReceiveChannel] Section Options</title>
<para>The <literal>[MACsecReceiveChannel]</literal> section only applies for network devices of
<para>The [MACsecReceiveChannel] section only applies for network devices of
kind <literal>macsec</literal>, and accepts the following keys:</para>
<variablelist class='network-directives'>
@ -968,7 +975,7 @@
<term><varname>MACAddress=</varname></term>
<listitem>
<para>Specifies the MAC address to be used for the MACsec receive channel. The MAC address
used to make secure channel identifier (SCI). This option is compulsory, and is not set by
used to make secure channel identifier (SCI). This setting is compulsory, and is not set by
default.</para>
</listitem>
</varlistentry>
@ -978,7 +985,7 @@
<refsect1>
<title>[MACsecTransmitAssociation] Section Options</title>
<para>The <literal>[MACsecTransmitAssociation]</literal> section only applies for network devices
<para>The [MACsecTransmitAssociation] section only applies for network devices
of kind <literal>macsec</literal>, and accepts the following keys:</para>
<variablelist class='network-directives'>
@ -1002,7 +1009,7 @@
<term><varname>Key=</varname></term>
<listitem>
<para>Specifies the encryption key used in the transmission channel. The same key must be
configured on the peers matching receive channel. This option is compulsory, and is not set
configured on the peers matching receive channel. This setting is compulsory, and is not set
by default. Takes a 128-bit key encoded in a hexadecimal string, for example
<literal>dffafc8d7b9a43d5b9a3dfbbf6a30c16</literal>.</para>
</listitem>
@ -1028,7 +1035,7 @@
<term><varname>UseForEncoding=</varname></term>
<listitem>
<para>Takes a boolean. If enabled, then the security association is used for encoding. Only
one <literal>[MACsecTransmitAssociation]</literal> section can enable this option. When enabled,
one [MACsecTransmitAssociation] section can enable this option. When enabled,
<varname>Activate=yes</varname> is implied. Defaults to unset.</para>
</listitem>
</varlistentry>
@ -1038,7 +1045,7 @@
<refsect1>
<title>[MACsecReceiveAssociation] Section Options</title>
<para>The <literal>[MACsecReceiveAssociation]</literal> section only applies for
<para>The [MACsecReceiveAssociation] section only applies for
network devices of kind <literal>macsec</literal>, and accepts the
following keys:</para>
@ -1046,43 +1053,43 @@
<varlistentry>
<term><varname>Port=</varname></term>
<listitem>
<para>Accepts the same key in <literal>[MACsecReceiveChannel]</literal> section.</para>
<para>Accepts the same key in [MACsecReceiveChannel] section.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>MACAddress=</varname></term>
<listitem>
<para>Accepts the same key in <literal>[MACsecReceiveChannel]</literal> section.</para>
<para>Accepts the same key in [MACsecReceiveChannel] section.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>PacketNumber=</varname></term>
<listitem>
<para>Accepts the same key in <literal>[MACsecTransmitAssociation]</literal> section.</para>
<para>Accepts the same key in [MACsecTransmitAssociation] section.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>KeyId=</varname></term>
<listitem>
<para>Accepts the same key in <literal>[MACsecTransmitAssociation]</literal> section.</para>
<para>Accepts the same key in [MACsecTransmitAssociation] section.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Key=</varname></term>
<listitem>
<para>Accepts the same key in <literal>[MACsecTransmitAssociation]</literal> section.</para>
<para>Accepts the same key in [MACsecTransmitAssociation] section.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>KeyFile=</varname></term>
<listitem>
<para>Accepts the same key in <literal>[MACsecTransmitAssociation]</literal> section.</para>
<para>Accepts the same key in [MACsecTransmitAssociation] section.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Activate=</varname></term>
<listitem>
<para>Accepts the same key in <literal>[MACsecTransmitAssociation]</literal> section.</para>
<para>Accepts the same key in [MACsecTransmitAssociation] section.</para>
</listitem>
</varlistentry>
</variablelist>
@ -1091,7 +1098,7 @@
<refsect1>
<title>[Tunnel] Section Options</title>
<para>The <literal>[Tunnel]</literal> section only applies for
<para>The [Tunnel] section only applies for
netdevs of kind
<literal>ipip</literal>,
<literal>sit</literal>,
@ -1136,7 +1143,7 @@
<para>A fixed Time To Live N on tunneled packets. N is a
number in the range 1255. 0 is a special value meaning that
packets inherit the TTL value. The default value for IPv4
tunnels is: inherit. The default value for IPv6 tunnels is
tunnels is 0 (inherit). The default value for IPv6 tunnels is
64.</para>
</listitem>
</varlistentry>
@ -1192,7 +1199,7 @@
both directions (<varname>InputKey=</varname> and <varname>OutputKey=</varname>).
The <varname>Key=</varname> is either a number or an IPv4 address-like dotted quad.
It is used as mark-configured SAD/SPD entry as part of the lookup key (both in data
and control path) in ip xfrm (framework used to implement IPsec protocol).
and control path) in IP XFRM (framework used to implement IPsec protocol).
See <ulink url="http://man7.org/linux/man-pages/man8/ip-xfrm.8.html">
ip-xfrm — transform configuration</ulink> for details. It is only used for VTI/VTI6,
GRE, GRETAP, and ERSPAN tunnels.</para>
@ -1274,7 +1281,7 @@
<varlistentry>
<term><varname>Encapsulation=</varname></term>
<listitem>
<para>Accepts the same key as in the <literal>[FooOverUDP]</literal> section.</para>
<para>Accepts the same key as in the [FooOverUDP] section.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -1314,7 +1321,7 @@
<refsect1>
<title>[FooOverUDP] Section Options</title>
<para>The <literal>[FooOverUDP]</literal> section only applies for
<para>The [FooOverUDP] section only applies for
netdevs of kind <literal>fou</literal> and accepts the
following keys:</para>
@ -1322,29 +1329,32 @@
<varlistentry>
<term><varname>Encapsulation=</varname></term>
<listitem>
<para>Specifies the encapsulation mechanism used to store networking packets of various protocols inside the UDP packets. Supports the following values:
<para>Specifies the encapsulation mechanism used to store networking packets of various protocols
inside the UDP packets. Supports the following values:
<literal>FooOverUDP</literal> provides the simplest no frills model of UDP encapsulation, it simply encapsulates
packets directly in the UDP payload.
<literal>GenericUDPEncapsulation</literal> is a generic and extensible encapsulation, it allows encapsulation of packets for any IP
protocol and optional data as part of the encapsulation.
For more detailed information see <ulink url="https://lwn.net/Articles/615044">Generic UDP Encapsulation</ulink>.
Defaults to <literal>FooOverUDP</literal>.
<literal>FooOverUDP</literal> provides the simplest no frills model of UDP encapsulation, it simply
encapsulates packets directly in the UDP payload. <literal>GenericUDPEncapsulation</literal> is a
generic and extensible encapsulation, it allows encapsulation of packets for any IP protocol and
optional data as part of the encapsulation. For more detailed information see <ulink
url="https://lwn.net/Articles/615044">Generic UDP Encapsulation</ulink>. Defaults to
<literal>FooOverUDP</literal>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Port=</varname></term>
<listitem>
<para>Specifies the port number, where the IP encapsulation packets will arrive. Please take note that the packets
will arrive with the encapsulation will be removed. Then they will be manually fed back into the network stack, and sent ahead
for delivery to the real destination. This option is mandatory.</para>
<para>Specifies the port number, where the IP encapsulation packets will arrive. Please take note
that the packets will arrive with the encapsulation will be removed. Then they will be manually fed
back into the network stack, and sent ahead for delivery to the real destination. This option is
mandatory.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>PeerPort=</varname></term>
<listitem>
<para>Specifies the peer port number. Defaults to unset. Note that when peer port is set <literal>Peer=</literal> address is mandotory.</para>
<para>Specifies the peer port number. Defaults to unset. Note that when peer port is set
<literal>Peer=</literal> address is mandatory.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -1360,7 +1370,8 @@
<varlistentry>
<term><varname>Peer=</varname></term>
<listitem>
<para>Configures peer IP address. Note that when peer address is set <literal>PeerPort=</literal> is mandotory.</para>
<para>Configures peer IP address. Note that when peer address is set <literal>PeerPort=</literal>
is mandatory.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -1375,7 +1386,7 @@
<refsect1>
<title>[Peer] Section Options</title>
<para>The <literal>[Peer]</literal> section only applies for
<para>The [Peer] section only applies for
netdevs of kind <literal>veth</literal> and accepts the
following keys:</para>
@ -1384,7 +1395,7 @@
<term><varname>Name=</varname></term>
<listitem>
<para>The interface name used when creating the netdev.
This option is compulsory.</para>
This setting is compulsory.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -1401,7 +1412,7 @@
<refsect1>
<title>[VXCAN] Section Options</title>
<para>The <literal>[VXCAN]</literal> section only applies for
<para>The [VXCAN] section only applies for
netdevs of kind <literal>vxcan</literal> and accepts the
following key:</para>
@ -1410,7 +1421,7 @@
<term><varname>Peer=</varname></term>
<listitem>
<para>The peer interface name used when creating the netdev.
This option is compulsory.</para>
This setting is compulsory.</para>
</listitem>
</varlistentry>
</variablelist>
@ -1419,7 +1430,7 @@
<refsect1>
<title>[Tun] Section Options</title>
<para>The <literal>[Tun]</literal> section only applies for
<para>The [Tun] section only applies for
netdevs of kind <literal>tun</literal>, and accepts the following
keys:</para>
@ -1469,15 +1480,15 @@
<refsect1>
<title>[Tap] Section Options</title>
<para>The <literal>[Tap]</literal> section only applies for
<para>The [Tap] section only applies for
netdevs of kind <literal>tap</literal>, and accepts the same keys
as the <literal>[Tun]</literal> section.</para>
as the [Tun] section.</para>
</refsect1>
<refsect1>
<title>[WireGuard] Section Options</title>
<para>The <literal>[WireGuard]</literal> section accepts the following
<para>The [WireGuard] section accepts the following
keys:</para>
<variablelist class='network-directives'>
@ -1524,7 +1535,7 @@
<refsect1>
<title>[WireGuardPeer] Section Options</title>
<para>The <literal>[WireGuardPeer]</literal> section accepts the following
<para>The [WireGuardPeer] section accepts the following
keys:</para>
<variablelist class='network-directives'>
@ -1600,7 +1611,7 @@
<refsect1>
<title>[Bond] Section Options</title>
<para>The <literal>[Bond]</literal> section accepts the following
<para>The [Bond] section accepts the following
key:</para>
<variablelist class='network-directives'>
@ -1702,14 +1713,15 @@
<varlistentry>
<term><varname>AdActorSystemPriority=</varname></term>
<listitem>
<para>Specifies the 802.3ad actor system priority. Ranges [1-65535].</para>
<para>Specifies the 802.3ad actor system priority. Takes a number in the range 1—65535.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>AdUserPortKey=</varname></term>
<listitem>
<para>Specifies the 802.3ad user defined portion of the port key. Ranges [0-1023].</para>
<para>Specifies the 802.3ad user defined portion of the port key. Takes a number in the range
01023.</para>
</listitem>
</varlistentry>
@ -1879,7 +1891,7 @@
<refsect1>
<title>[Xfrm] Section Options</title>
<para>The <literal>[Xfrm]</literal> section accepts the following
<para>The [Xfrm] section accepts the following
keys:</para>
<variablelist class='network-directives'>
@ -1902,13 +1914,12 @@
</variablelist>
<para>For more detail information see
<ulink url="https://lwn.net/Articles/757391">
Virtual xfrm interfaces</ulink></para>
<ulink url="https://lwn.net/Articles/757391">Virtual XFRM Interfaces</ulink>.</para>
</refsect1>
<refsect1>
<title>[VRF] Section Options</title>
<para>The <literal>[VRF]</literal> section only applies for
<para>The [VRF] section only applies for
netdevs of kind <literal>vrf</literal> and accepts the
following key:</para>
@ -1916,7 +1927,7 @@
<varlistentry>
<term><varname>Table=</varname></term>
<listitem>
<para>The numeric routing table identifier. This option is compulsory.</para>
<para>The numeric routing table identifier. This setting is compulsory.</para>
</listitem>
</varlistentry>
</variablelist>

View File

@ -72,21 +72,16 @@
<refsect1>
<title>[Match] Section Options</title>
<para>The network file contains a <literal>[Match]</literal>
section, which determines if a given network file may be applied
to a given device; and a <literal>[Network]</literal> section
specifying how the device should be configured. The first (in
lexical order) of the network files that matches a given device
is applied, all later files are ignored, even if they match as
well.</para>
<para>The network file contains a [Match] section, which determines if a given network file may be
applied to a given device; and a [Network] section specifying how the device should be configured. The
first (in lexical order) of the network files that matches a given device is applied, all later files
are ignored, even if they match as well.</para>
<para>A network file is said to match a network interface if all matches specified by the
<literal>[Match]</literal> section are satisfied. When a network file does not contain valid
settings in <literal>[Match]</literal> section, then the file will match all interfaces and
<command>systemd-networkd</command> warns about that. Hint: to avoid the warning and to make it
clear that all interfaces shall be matched, add the following:
<programlisting>Name=*</programlisting>
The following keys are accepted:</para>
<para>A network file is said to match a network interface if all matches specified by the [Match]
section are satisfied. When a network file does not contain valid settings in [Match] section, then the
file will match all interfaces and <command>systemd-networkd</command> warns about that. Hint: to avoid
the warning and to make it clear that all interfaces shall be matched, add the following:
<programlisting>Name=*</programlisting> The following keys are accepted:</para>
<variablelist class='network-directives'>
<xi:include href="systemd.link.xml" xpointer="mac-address" />
@ -132,9 +127,8 @@
<listitem>
<para>A whitespace-separated list of hardware address of the currently connected wireless
LAN. Use full colon-, hyphen- or dot-delimited hexadecimal. See the example in
<varname>MACAddress=</varname>. This option may appear more than one, in which case the
lists are merged. If the empty string is assigned to this option, the list of BSSID defined
prior to this is reset.</para>
<varname>MACAddress=</varname>. This option may appear more than once, in which case the
lists are merged. If the empty string is assigned to this option, the list is reset.</para>
</listitem>
</varlistentry>
@ -150,7 +144,7 @@
<refsect1>
<title>[Link] Section Options</title>
<para> The <literal>[Link]</literal> section accepts the following keys:</para>
<para> The [Link] section accepts the following keys:</para>
<variablelist class='network-directives'>
<varlistentry>
@ -211,7 +205,7 @@
<para>Link groups are similar to port ranges found in managed switches.
When network interfaces are added to a numbered group, operations on
all the interfaces from that group can be performed at once. An unsigned
integer ranges 0 to 4294967294. Default to unset.</para>
integer in the range 0—4294967294. Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -239,12 +233,11 @@
<refsect1>
<title>[SR-IOV] Section Options</title>
<para>The <literal>[SR-IOV]</literal> section accepts the
following keys. Specify several <literal>[SR-IOV]</literal>
sections to configure several SR-IOVs. SR-IOV provides the ability to partition a single physical PCI resource
into virtual PCI functions which can then be injected into a VM. In the case of network VFs, SR-IOV improves
north-south network performance (that is, traffic with endpoints outside the host machine) by allowing traffic to
bypass the host machines network stack.</para>
<para>The [SR-IOV] section accepts the following keys. Specify several [SR-IOV] sections to configure
several SR-IOVs. SR-IOV provides the ability to partition a single physical PCI resource into virtual
PCI functions which can then be injected into a VM. In the case of network VFs, SR-IOV improves
north-south network performance (that is, traffic with endpoints outside the host machine) by allowing
traffic to bypass the host machines network stack.</para>
<variablelist class='network-directives'>
<varlistentry>
@ -327,7 +320,7 @@
<refsect1>
<title>[Network] Section Options</title>
<para>The <literal>[Network]</literal> section accepts the following keys:</para>
<para>The [Network] section accepts the following keys:</para>
<variablelist class='network-directives'>
<varlistentry>
@ -356,16 +349,15 @@
specified through DHCP is not used for name resolution.
See option <option>UseDomains=</option> below.</para>
<para>See the <literal>[DHCPv4]</literal> or <literal>[DHCPv6]</literal> section below for
further configuration options for the DHCP client support.</para>
<para>See the [DHCPv4] or [DHCPv6] sections below for further configuration options for the DHCP
client support.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>DHCPServer=</varname></term>
<listitem>
<para>Takes a boolean. If set to <literal>yes</literal>, DHCPv4 server will be started. Defaults
to <literal>no</literal>. Further settings for the DHCP
server may be set in the <literal>[DHCPServer]</literal>
to <literal>no</literal>. Further settings for the DHCP server may be set in the [DHCPServer]
section described below.</para>
</listitem>
</varlistentry>
@ -495,10 +487,8 @@
<varlistentry>
<term><varname>DNSSEC=</varname></term>
<listitem>
<para>Takes a boolean. or
<literal>allow-downgrade</literal>. When true, enables
<ulink
url="https://tools.ietf.org/html/rfc4033">DNSSEC</ulink>
<para>Takes a boolean or <literal>allow-downgrade</literal>. When true, enables
<ulink url="https://tools.ietf.org/html/rfc4033">DNSSEC</ulink>
DNS validation support on the link. When set to
<literal>allow-downgrade</literal>, compatibility with
non-DNSSEC capable networks is increased, by automatically
@ -730,8 +720,8 @@
forwarding is enabled, and to enable it otherwise. Cannot be enabled on bond devices and when link
local addressing is disabled.</para>
<para>Further settings for the IPv6 RA support may be configured in the
<literal>[IPv6AcceptRA]</literal> section, see below.</para>
<para>Further settings for the IPv6 RA support may be configured in the [IPv6AcceptRA] section, see
below.</para>
<para>Also see <ulink
url="https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt">ip-sysctl.txt</ulink> in the kernel
@ -770,7 +760,7 @@
<term><varname>IPv4ProxyARP=</varname></term>
<listitem><para>Takes a boolean. Configures proxy ARP for IPv4. Proxy ARP is the technique in which one host,
usually a router, answers ARP requests intended for another machine. By "faking" its identity,
the router accepts responsibility for routing packets to the "real" destination. (see <ulink
the router accepts responsibility for routing packets to the "real" destination. See <ulink
url="https://tools.ietf.org/html/rfc1027">RFC 1027</ulink>.
When unset, the kernel's default will be used.
</para></listitem>
@ -801,18 +791,15 @@
</varlistentry>
<varlistentry>
<term><varname>IPv6PrefixDelegation=</varname></term>
<listitem><para>Whether to enable or disable Router Advertisement sending on a link.
Allowed values are <literal>static</literal> which distributes prefixes as defined in
the <literal>[IPv6PrefixDelegation]</literal> and any <literal>[IPv6Prefix]</literal>
sections, <literal>dhcpv6</literal> which requests prefixes using a DHCPv6 client
configured for another link and any values configured in the
<literal>[IPv6PrefixDelegation]</literal> section while ignoring all static prefix
configuration sections, <literal>yes</literal> which uses both static configuration
and DHCPv6, and <literal>false</literal> which turns off IPv6 prefix delegation
altogether. Defaults to <literal>false</literal>. See the
<literal>[IPv6PrefixDelegation]</literal> and the <literal>[IPv6Prefix]</literal>
sections for more configuration options.
</para></listitem>
<listitem><para>Whether to enable or disable Router Advertisement sending on a link. Allowed
values are <literal>static</literal> which distributes prefixes as defined in the
[IPv6PrefixDelegation] and any [IPv6Prefix] sections, <literal>dhcpv6</literal> which requests
prefixes using a DHCPv6 client configured for another link and any values configured in the
[IPv6PrefixDelegation] section while ignoring all static prefix configuration sections,
<literal>yes</literal> which uses both static configuration and DHCPv6, and
<literal>false</literal> which turns off IPv6 prefix delegation altogether. Defaults to
<literal>false</literal>. See the [IPv6PrefixDelegation] and the [IPv6Prefix] sections for more
configuration options.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>IPv6PDSubnetId=</varname></term>
@ -978,16 +965,15 @@
<refsect1>
<title>[Address] Section Options</title>
<para>An <literal>[Address]</literal> section accepts the
following keys. Specify several <literal>[Address]</literal>
<para>An [Address] section accepts the following keys. Specify several [Address]
sections to configure several addresses.</para>
<variablelist class='network-directives'>
<varlistentry>
<term><varname>Address=</varname></term>
<listitem>
<para>As in the <literal>[Network]</literal> section. This key is mandatory. Each
<literal>[Address]</literal> section can contain one <varname>Address=</varname> setting.</para>
<para>As in the [Network] section. This key is mandatory. Each [Address] section can contain one
<varname>Address=</varname> setting.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -1031,7 +1017,7 @@
<term><varname>Scope=</varname></term>
<listitem>
<para>The scope of the address, which can be <literal>global</literal>,
<literal>link</literal> or <literal>host</literal> or an unsigned integer ranges 0 to 255.
<literal>link</literal> or <literal>host</literal> or an unsigned integer in the range 0—255.
Defaults to <literal>global</literal>.</para>
</listitem>
</varlistentry>
@ -1093,12 +1079,10 @@
<refsect1>
<title>[Neighbor] Section Options</title>
<para>A <literal>[Neighbor]</literal> section accepts the
following keys. The neighbor section adds a permanent, static
entry to the neighbor table (IPv6) or ARP table (IPv4) for
the given hardware address on the links matched for the network.
Specify several <literal>[Neighbor]</literal> sections to configure
several static neighbors.</para>
<para>A [Neighbor] section accepts the following keys. The neighbor section adds a permanent, static
entry to the neighbor table (IPv6) or ARP table (IPv4) for the given hardware address on the links
matched for the network. Specify several [Neighbor] sections to configure several static neighbors.
</para>
<variablelist class='network-directives'>
<varlistentry>
@ -1119,18 +1103,17 @@
<refsect1>
<title>[IPv6AddressLabel] Section Options</title>
<para>An <literal>[IPv6AddressLabel]</literal> section accepts the
following keys. Specify several <literal>[IPv6AddressLabel]</literal>
sections to configure several address labels. IPv6 address labels are
used for address selection. See <ulink url="https://tools.ietf.org/html/rfc3484">RFC 3484</ulink>.
Precedence is managed by userspace, and only the label itself is stored in the kernel</para>
<para>An [IPv6AddressLabel] section accepts the following keys. Specify several [IPv6AddressLabel]
sections to configure several address labels. IPv6 address labels are used for address selection. See
<ulink url="https://tools.ietf.org/html/rfc3484">RFC 3484</ulink>. Precedence is managed by userspace,
and only the label itself is stored in the kernel</para>
<variablelist class='network-directives'>
<varlistentry>
<term><varname>Label=</varname></term>
<listitem>
<para> The label for the prefix (an unsigned integer) ranges 0 to 4294967294.
0xffffffff is reserved. This key is mandatory.</para>
<para>The label for the prefix, an unsigned integer in the range 04294967294.
0xffffffff is reserved. This setting is mandatory.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -1146,15 +1129,14 @@
<refsect1>
<title>[RoutingPolicyRule] Section Options</title>
<para>An <literal>[RoutingPolicyRule]</literal> section accepts the
following keys. Specify several <literal>[RoutingPolicyRule]</literal>
<para>An [RoutingPolicyRule] section accepts the following keys. Specify several [RoutingPolicyRule]
sections to configure several rules.</para>
<variablelist class='network-directives'>
<varlistentry>
<term><varname>TypeOfService=</varname></term>
<listitem>
<para>Specifies the type of service to match a number between 0 to 255.</para>
<para>Takes a number between 0 and 255 that specifies the type of service to match.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -1261,16 +1243,15 @@
<refsect1>
<title>[NextHop] Section Options</title>
<para>The <literal>[NextHop]</literal> section accepts the
following keys. Specify several <literal>[NextHop]</literal>
sections to configure several nexthop. Nexthop is used to manipulate entries in the kernel's nexthop
tables.</para>
<para>The [NextHop] section is used to manipulate entries in the kernel's "nexthop" tables. The
[NextHop] section accepts the following keys. Specify several [NextHop] sections to configure several
hops.</para>
<variablelist class='network-directives'>
<varlistentry>
<term><varname>Gateway=</varname></term>
<listitem>
<para>As in the <literal>[Network]</literal> section. This is mandatory.</para>
<para>As in the [Network] section. This is mandatory.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -1284,9 +1265,8 @@
<refsect1>
<title>[Route] Section Options</title>
<para>The <literal>[Route]</literal> section accepts the
following keys. Specify several <literal>[Route]</literal>
sections to configure several routes.</para>
<para>The [Route] section accepts the following keys. Specify several [Route] sections to configure
several routes.</para>
<variablelist class='network-directives'>
<varlistentry>
@ -1333,10 +1313,10 @@
<term><varname>IPv6Preference=</varname></term>
<listitem>
<para>Specifies the route preference as defined in <ulink
url="https://tools.ietf.org/html/rfc4191">RFC4191</ulink> for Router Discovery messages.
Which can be one of <literal>low</literal> the route has a lowest priority,
<literal>medium</literal> the route has a default priority or
<literal>high</literal> the route has a highest priority.</para>
url="https://tools.ietf.org/html/rfc4191">RFC 4191</ulink> for Router Discovery messages. Which
can be one of <literal>low</literal> the route has a lowest priority, <literal>medium</literal>
the route has a default priority or <literal>high</literal> the route has a highest priority.
</para>
</listitem>
</varlistentry>
<varlistentry>
@ -1471,8 +1451,7 @@
<refsect1>
<title>[DHCPv4] Section Options</title>
<para>The <literal>[DHCPv4]</literal> section configures the
DHCPv4 client, if it is enabled with the
<para>The [DHCPv4] section configures the DHCPv4 client, if it is enabled with the
<varname>DHCP=</varname> setting described above:</para>
<variablelist class='network-directives'>
@ -1717,8 +1696,8 @@
<para>The table identifier for DHCP routes (a number between 1 and 4294967295, or 0 to unset).
The table can be retrieved using <command>ip route show table <replaceable>num</replaceable></command>.
</para>
<para>When used in combination with <varname>VRF=</varname> the
VRF's routing table is used unless this parameter is specified.
<para>When used in combination with <varname>VRF=</varname>, the
VRF's routing table is used when this parameter is not specified.
</para>
</listitem>
</varlistentry>
@ -1757,11 +1736,12 @@
<varlistentry>
<term><varname>SendDecline=</varname></term>
<listitem>
<para>A boolean. When <literal>true</literal>, DHCPv4 clients receives IP address from DHCP server.
After new IP is received, DHCPv4 performs IPv4 Duplicate Address Detection. If duplicate use of IP is detected
the DHCPv4 client rejects the IP by sending a DHCPDECLINE packet DHCP clients try to obtain an IP address again.
See <ulink url="https://tools.ietf.org/html/rfc5227">RFC 5224</ulink>.
Defaults to <literal>unset</literal>.</para>
<para>A boolean. When <literal>true</literal>, the DHCPv4 client receives the IP address from the
DHCP server. After a new IP is received, the DHCPv4 client performs IPv4 Duplicate Address
Detection. If duplicate use is detected, the DHCPv4 client rejects the IP by sending a
DHCPDECLINE packet and tries to obtain an IP address again. See <ulink
url="https://tools.ietf.org/html/rfc5227">RFC 5224</ulink>. Defaults to
<literal>unset</literal>.</para>
</listitem>
</varlistentry>
@ -1814,7 +1794,7 @@
<refsect1>
<title>[DHCPv6] Section Options</title>
<para>The <literal>[DHCPv6]</literal> section configures the DHCPv6 client, if it is enabled with the
<para>The [DHCPv6] section configures the DHCPv6 client, if it is enabled with the
<varname>DHCP=</varname> setting described above, or invoked by the IPv6 Router Advertisement:</para>
<variablelist class='network-directives'>
@ -1822,7 +1802,7 @@
<term><varname>UseDNS=</varname></term>
<term><varname>UseNTP=</varname></term>
<listitem>
<para>As in the <literal>[DHCPv4]</literal> section.</para>
<para>As in the [DHCPv4] section.</para>
</listitem>
</varlistentry>
@ -1839,7 +1819,7 @@
<para>Takes a boolean. The DHCPv6 client can obtain configuration parameters from a DHCPv6 server through
a rapid two-message exchange (solicit and reply). When the rapid commit option is enabled by both
the DHCPv6 client and the DHCPv6 server, the two-message exchange is used, rather than the default
four-method exchange (solicit, advertise, request, and reply). The two-message exchange provides
four-message exchange (solicit, advertise, request, and reply). The two-message exchange provides
faster client configuration and is beneficial in environments in which networks are under a heavy load.
See <ulink url="https://tools.ietf.org/html/rfc3315#section-17.2.1">RFC 3315</ulink> for details.
Defaults to true.</para>
@ -1867,14 +1847,15 @@
<varlistentry>
<term><varname>SendVendorOption=</varname></term>
<listitem>
<para>Send an arbitrary vendor option in the DHCPv6 request. Takes an enterprise identifier, DHCP option number,
data type, and data separated with a colon
(<literal><replaceable>enterprise identifier</replaceable>:<replaceable>option</replaceable>:<replaceable>type</replaceable>:
<replaceable>value</replaceable></literal>). Enterprise identifier is an unsigned integer ranges 1..4294967294.
The option number must be an integer in the range 1..254. Data type takes one of <literal>uint8</literal>,
<literal>uint16</literal>, <literal>uint32</literal>, <literal>ipv4address</literal>, <literal>ipv6address</literal>, or
<literal>string</literal>. Special characters in the data string may be escaped using
<ulink url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C-style
<para>Send an arbitrary vendor option in the DHCPv6 request. Takes an enterprise identifier, DHCP
option number, data type, and data separated with a colon (<literal><replaceable>enterprise
identifier</replaceable>:<replaceable>option</replaceable>:<replaceable>type</replaceable>:
<replaceable>value</replaceable></literal>). Enterprise identifier is an unsigned integer in the
range 14294967294. The option number must be an integer in the range 1254. Data type takes one
of <literal>uint8</literal>, <literal>uint16</literal>, <literal>uint32</literal>,
<literal>ipv4address</literal>, <literal>ipv6address</literal>, or
<literal>string</literal>. Special characters in the data string may be escaped using <ulink
url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C-style
escapes</ulink>. This setting can be specified multiple times. If an empty string is specified,
then all options specified earlier are cleared. Defaults to unset.</para>
</listitem>
@ -1918,24 +1899,26 @@
<varlistentry>
<term><varname>PrefixDelegationHint=</varname></term>
<listitem>
<para>Takes an IPv6 address with prefix length as <varname>Address=</varname> in
the "[Network]" section. Specifies the DHCPv6 client for the requesting router to include
a prefix-hint in the DHCPv6 solicitation. Prefix ranges 1..128. Defaults to unset.</para>
<para>Takes an IPv6 address with prefix length in the same format as the
<varname>Address=</varname> in the [Network] section. The DHCPv6 client will include a prefix
hint in the DHCPv6 solicitation sent to the server. The prefix length must be in the range
1128. Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>WithoutRA=</varname></term>
<listitem>
<para>Allows DHCPv6 client to start without router advertisements's managed or other address configuration flag.
Takes one of <literal>solicit</literal> or <literal>information-request</literal>. Defaults to unset.</para>
<para>Allows DHCPv6 client to start without router advertisements's managed or other address
configuration flag. Takes one of <literal>solicit</literal> or
<literal>information-request</literal>. Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>SendOption=</varname></term>
<listitem>
<para>As in the <literal>[DHCPv4]</literal> section, however because DHCPv6 uses 16-bit fields to store
<para>As in the [DHCPv4] section, however because DHCPv6 uses 16-bit fields to store
option numbers, the option number is an integer in the range 1..65536.</para>
</listitem>
</varlistentry>
@ -1969,9 +1952,8 @@
<refsect1>
<title>[IPv6AcceptRA] Section Options</title>
<para>The <literal>[IPv6AcceptRA]</literal> section configures the IPv6 Router Advertisement
(RA) client, if it is enabled with the <varname>IPv6AcceptRA=</varname> setting described
above:</para>
<para>The [IPv6AcceptRA] section configures the IPv6 Router Advertisement (RA) client, if it is enabled
with the <varname>IPv6AcceptRA=</varname> setting described above:</para>
<variablelist class='network-directives'>
<varlistentry>
@ -2051,8 +2033,7 @@
<refsect1>
<title>[DHCPServer] Section Options</title>
<para>The <literal>[DHCPServer]</literal> section contains
settings for the DHCP server, if enabled via the
<para>The [DHCPServer] section contains settings for the DHCP server, if enabled via the
<varname>DHCPServer=</varname> option described above:</para>
<variablelist class='network-directives'>
@ -2186,11 +2167,9 @@
<refsect1>
<title>[IPv6PrefixDelegation] Section Options</title>
<para>The <literal>[IPv6PrefixDelegation]</literal> section contains
settings for sending IPv6 Router Advertisements and whether to act as
a router, if enabled via the <varname>IPv6PrefixDelegation=</varname>
option described above. IPv6 network prefixes are defined with one or
more <literal>[IPv6Prefix]</literal> sections.</para>
<para>The [IPv6PrefixDelegation] section contains settings for sending IPv6 Router Advertisements and
whether to act as a router, if enabled via the <varname>IPv6PrefixDelegation=</varname> option described
above. IPv6 network prefixes are defined with one or more [IPv6Prefix] sections.</para>
<variablelist class='network-directives'>
@ -2234,32 +2213,26 @@
<term><varname>EmitDNS=</varname></term>
<term><varname>DNS=</varname></term>
<listitem><para><varname>DNS=</varname> specifies a list of recursive DNS server IPv6 addresses
that are distributed via Router Advertisement messages when <varname>EmitDNS=</varname> is
true. <varname>DNS=</varname> also takes special value <literal>_link_local</literal>; in that
case the IPv6 link local address is distributed. If <varname>DNS=</varname> is empty, DNS
servers are read from the <literal>[Network]</literal> section. If the
<literal>[Network]</literal> section does not contain any DNS servers either, DNS servers from
the uplink with the highest priority default route are used. When <varname>EmitDNS=</varname>
is false, no DNS server information is sent in Router Advertisement messages.
<varname>EmitDNS=</varname> defaults to true.
</para></listitem>
<listitem><para><varname>DNS=</varname> specifies a list of recursive DNS server IPv6 addresses that
are distributed via Router Advertisement messages when <varname>EmitDNS=</varname> is
true. <varname>DNS=</varname> also takes special value <literal>_link_local</literal>; in that case
the IPv6 link local address is distributed. If <varname>DNS=</varname> is empty, DNS servers are read
from the [Network] section. If the [Network] section does not contain any DNS servers either, DNS
servers from the uplink with the highest priority default route are used. When
<varname>EmitDNS=</varname> is false, no DNS server information is sent in Router Advertisement
messages. <varname>EmitDNS=</varname> defaults to true.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>EmitDomains=</varname></term>
<term><varname>Domains=</varname></term>
<listitem><para>A list of DNS search domains distributed via Router
Advertisement messages when <varname>EmitDomains=</varname> is true. If
<varname>Domains=</varname> is empty, DNS search domains are read from the
<literal>[Network]</literal> section. If the <literal>[Network]</literal>
section does not contain any DNS search domains either, DNS search
domains from the uplink with the highest priority default route are
used. When <varname>EmitDomains=</varname> is false, no DNS search domain
information is sent in Router Advertisement messages.
<varname>EmitDomains=</varname> defaults to true.
</para></listitem>
<listitem><para>A list of DNS search domains distributed via Router Advertisement messages when
<varname>EmitDomains=</varname> is true. If <varname>Domains=</varname> is empty, DNS search domains
are read from the [Network] section. If the [Network] section does not contain any DNS search domains
either, DNS search domains from the uplink with the highest priority default route are used. When
<varname>EmitDomains=</varname> is false, no DNS search domain information is sent in Router
Advertisement messages. <varname>EmitDomains=</varname> defaults to true.</para></listitem>
</varlistentry>
<varlistentry>
@ -2275,10 +2248,9 @@
<refsect1>
<title>[IPv6Prefix] Section Options</title>
<para>One or more <literal>[IPv6Prefix]</literal> sections contain the IPv6
prefixes that are announced via Router Advertisements. See
<ulink url="https://tools.ietf.org/html/rfc4861">RFC 4861</ulink>
for further details.</para>
<para>One or more [IPv6Prefix] sections contain the IPv6 prefixes that are announced via Router
Advertisements. See <ulink url="https://tools.ietf.org/html/rfc4861">RFC 4861</ulink> for further
details.</para>
<variablelist class='network-directives'>
@ -2296,13 +2268,11 @@
<varlistentry>
<term><varname>Prefix=</varname></term>
<listitem><para>The IPv6 prefix that is to be distributed to hosts.
Similarly to configuring static IPv6 addresses, the setting is
configured as an IPv6 prefix and its prefix length, separated by a
<literal>/</literal> character. Use multiple
<literal>[IPv6Prefix]</literal> sections to configure multiple IPv6
prefixes since prefix lifetimes, address autoconfiguration and onlink
status may differ from one prefix to another.</para></listitem>
<listitem><para>The IPv6 prefix that is to be distributed to hosts. Similarly to configuring static
IPv6 addresses, the setting is configured as an IPv6 prefix and its prefix length, separated by a
<literal>/</literal> character. Use multiple [IPv6Prefix] sections to configure multiple IPv6
prefixes since prefix lifetimes, address autoconfiguration and onlink status may differ from one
prefix to another.</para></listitem>
</varlistentry>
<varlistentry>
@ -2325,7 +2295,7 @@
<refsect1>
<title>[IPv6RoutePrefix] Section Options</title>
<para>One or more <literal>[IPv6RoutePrefix]</literal> sections contain the IPv6
<para>One or more [IPv6RoutePrefix] sections contain the IPv6
prefix routes that are announced via Router Advertisements. See
<ulink url="https://tools.ietf.org/html/rfc4191">RFC 4191</ulink>
for further details.</para>
@ -2335,12 +2305,10 @@
<varlistentry>
<term><varname>Route=</varname></term>
<listitem><para>The IPv6 route that is to be distributed to hosts.
Similarly to configuring static IPv6 routes, the setting is
configured as an IPv6 prefix routes and its prefix route length,
separated by a<literal>/</literal> character. Use multiple
<literal>[IPv6PrefixRoutes]</literal> sections to configure multiple IPv6
prefix routes.</para></listitem>
<listitem><para>The IPv6 route that is to be distributed to hosts. Similarly to configuring static
IPv6 routes, the setting is configured as an IPv6 prefix routes and its prefix route length,
separated by a <literal>/</literal> character. Use multiple [IPv6PrefixRoutes] sections to configure
multiple IPv6 prefix routes.</para></listitem>
</varlistentry>
<varlistentry>
@ -2356,8 +2324,7 @@
<refsect1>
<title>[Bridge] Section Options</title>
<para>The <literal>[Bridge]</literal> section accepts the
following keys.</para>
<para>The [Bridge] section accepts the following keys:</para>
<variablelist class='network-directives'>
<varlistentry>
<term><varname>UnicastFlood=</varname></term>
@ -2405,10 +2372,9 @@
<varlistentry>
<term><varname>HairPin=</varname></term>
<listitem>
<para>Takes a boolean. Configures whether traffic may be sent back
out of the port on which it was received. When this flag is false, and the bridge
will not forward traffic back out of the receiving port.
When unset, the kernel's default will be used.</para>
<para>Takes a boolean. Configures whether traffic may be sent back out of the port on which it
was received. When this flag is false, then the bridge will not forward traffic back out of the
receiving port. When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -2484,17 +2450,14 @@
</refsect1>
<refsect1>
<title>[BridgeFDB] Section Options</title>
<para>The <literal>[BridgeFDB]</literal> section manages the
forwarding database table of a port and accepts the following
keys. Specify several <literal>[BridgeFDB]</literal> sections to
configure several static MAC table entries.</para>
<para>The [BridgeFDB] section manages the forwarding database table of a port and accepts the following
keys. Specify several [BridgeFDB] sections to configure several static MAC table entries.</para>
<variablelist class='network-directives'>
<varlistentry>
<term><varname>MACAddress=</varname></term>
<listitem>
<para>As in the <literal>[Network]</literal> section. This
key is mandatory.</para>
<para>As in the [Network] section. This key is mandatory.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -2537,8 +2500,8 @@
<refsect1>
<title>[LLDP] Section Options</title>
<para>The <literal>[LLDP]</literal> section manages the Link Layer Discovery Protocol (LLDP) and accepts the
following keys.</para>
<para>The [LLDP] section manages the Link Layer Discovery Protocol (LLDP) and accepts the following
keys.</para>
<variablelist class='network-directives'>
<varlistentry>
<term><varname>MUDURL=</varname></term>
@ -2559,8 +2522,8 @@
<refsect1>
<title>[CAN] Section Options</title>
<para>The <literal>[CAN]</literal> section manages the Controller Area Network (CAN bus) and accepts the
following keys.</para>
<para>The [CAN] section manages the Controller Area Network (CAN bus) and accepts the
following keys:</para>
<variablelist class='network-directives'>
<varlistentry>
<term><varname>BitRate=</varname></term>
@ -2638,7 +2601,7 @@
<refsect1>
<title>[QDisc] Section Options</title>
<para>The <literal>[QDisc]</literal> section manages the traffic control queueing discipline (qdisc).</para>
<para>The [QDisc] section manages the traffic control queueing discipline (qdisc).</para>
<variablelist class='network-directives'>
<varlistentry>
@ -2655,10 +2618,10 @@
<refsect1>
<title>[NetworkEmulator] Section Options</title>
<para>The <literal>[NetworkEmulator]</literal> section manages the queueing discipline (qdisc) of
the network emulator. It can be used to configure the kernel packet scheduler and simulate packet
delay and loss for UDP or TCP applications, or limit the bandwidth usage of a particular service to
simulate internet connections.</para>
<para>The [NetworkEmulator] section manages the queueing discipline (qdisc) of the network emulator. It
can be used to configure the kernel packet scheduler and simulate packet delay and loss for UDP or TCP
applications, or limit the bandwidth usage of a particular service to simulate internet connections.
</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -2684,7 +2647,7 @@
<term><varname>PacketLimit=</varname></term>
<listitem>
<para>Specifies the maximum number of packets the qdisc may hold queued at a time.
An unsigned integer ranges 0 to 4294967294. Defaults to 1000.</para>
An unsigned integer in the range 04294967294. Defaults to 1000.</para>
</listitem>
</varlistentry>
@ -2708,8 +2671,8 @@
<refsect1>
<title>[TokenBucketFilter] Section Options</title>
<para>The <literal>[TokenBucketFilter]</literal> section manages the queueing discipline (qdisc) of
token bucket filter (tbf).</para>
<para>The [TokenBucketFilter] section manages the queueing discipline (qdisc) of token bucket filter
(tbf).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -2782,8 +2745,8 @@
<refsect1>
<title>[PIE] Section Options</title>
<para>The <literal>[PIE]</literal> section manages the queueing discipline
(qdisc) of Proportional Integral controller-Enhanced (PIE).</para>
<para>The [PIE] section manages the queueing discipline (qdisc) of Proportional Integral
controller-Enhanced (PIE).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -2793,7 +2756,7 @@
<term><varname>PacketLimit=</varname></term>
<listitem>
<para>Specifies the hard limit on the queue size in number of packets. When this limit is reached, incoming packets are
dropped. An unsigned integer ranges 1 to 4294967294. Defaults to unset and kernel's default is used.</para>
dropped. An unsigned integer in the range 14294967294. Defaults to unset and kernel's default is used.</para>
</listitem>
</varlistentry>
</variablelist>
@ -2801,8 +2764,8 @@
<refsect1>
<title>[StochasticFairBlue] Section Options</title>
<para>The <literal>[StochasticFairBlue]</literal> section manages the queueing discipline
(qdisc) of stochastic fair blue (sfb).</para>
<para>The [StochasticFairBlue] section manages the queueing discipline (qdisc) of stochastic fair blue
(sfb).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -2811,8 +2774,9 @@
<varlistentry>
<term><varname>PacketLimit=</varname></term>
<listitem>
<para>Specifies the hard limit on the queue size in number of packets. When this limit is reached, incoming packets are
dropped. An unsigned integer ranges 0 to 4294967294. Defaults to unset and kernel's default is used.</para>
<para>Specifies the hard limit on the queue size in number of packets. When this limit is reached,
incoming packets are dropped. An unsigned integer in the range 04294967294. Defaults to unset and
kernel's default is used.</para>
</listitem>
</varlistentry>
</variablelist>
@ -2820,8 +2784,8 @@
<refsect1>
<title>[StochasticFairnessQueueing] Section Options</title>
<para>The <literal>[StochasticFairnessQueueing]</literal> section manages the queueing discipline
(qdisc) of stochastic fairness queueing (sfq).</para>
<para>The [StochasticFairnessQueueing] section manages the queueing discipline (qdisc) of stochastic
fairness queueing (sfq).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -2838,8 +2802,8 @@
<refsect1>
<title>[BFIFO] Section Options</title>
<para>The <literal>[BFIFO]</literal> section manages the queueing discipline (qdisc) of
Byte limited Packet First In First Out (bfifo).</para>
<para>The [BFIFO] section manages the queueing discipline (qdisc) of Byte limited Packet First In First
Out (bfifo).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -2848,10 +2812,11 @@
<varlistentry>
<term><varname>LimitBytes=</varname></term>
<listitem>
<para>Specifies the hard limit on the FIFO size in bytes. The size limit (a buffer size) to prevent it
from overflowing in case it is unable to dequeue packets as quickly as it receives them. When this limit
is reached, incoming packets are dropped. When suffixed with K, M, or G, the specified size is parsed as
Kilobytes, Megabytes, or Gigabytes, respectively, to the base of 1024. Defaults to unset and kernel's default is used.</para>
<para>Specifies the hard limit on the FIFO size in bytes. The size limit (a buffer size) to prevent
it from overflowing in case it is unable to dequeue packets as quickly as it receives them. When
this limit is reached, incoming packets are dropped. When suffixed with K, M, or G, the specified
size is parsed as Kilobytes, Megabytes, or Gigabytes, respectively, to the base of 1024. Defaults
to unset and kernel's default is used.</para>
</listitem>
</varlistentry>
</variablelist>
@ -2859,8 +2824,8 @@
<refsect1>
<title>[PFIFO] Section Options</title>
<para>The <literal>[PFIFO]</literal> section manages the queueing discipline (qdisc) of
Packet First In First Out (pfifo).</para>
<para>The [PFIFO] section manages the queueing discipline (qdisc) of Packet First In First Out
(pfifo).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -2869,9 +2834,10 @@
<varlistentry>
<term><varname>PacketLimit=</varname></term>
<listitem>
<para>Specifies the hard limit on the FIFO size in number of packets. The size limit (a buffer size) to prevent it
from overflowing in case it is unable to dequeue packets as quickly as it receives them. When this limit is reached,
incoming packets are dropped. An unsigned integer ranges 0 to 4294967294. Defaults to unset and kernel's default is used.</para>
<para>Specifies the hard limit on the FIFO size in number of packets. The size limit (a buffer
size) to prevent it from overflowing in case it is unable to dequeue packets as quickly as it
receives them. When this limit is reached, incoming packets are dropped. An unsigned integer in the
range 04294967294. Defaults to unset and kernel's default is used.</para>
</listitem>
</varlistentry>
</variablelist>
@ -2879,8 +2845,8 @@
<refsect1>
<title>[PFIFOHeadDrop] Section Options</title>
<para>The <literal>[PFIFOHeadDrop]</literal> section manages the queueing discipline (qdisc) of
Packet First In First Out Head Drop (pfifo_head_drop).</para>
<para>The [PFIFOHeadDrop] section manages the queueing discipline (qdisc) of Packet First In First Out
Head Drop (pfifo_head_drop).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -2889,15 +2855,15 @@
<varlistentry>
<term><varname>PacketLimit=</varname></term>
<listitem>
<para>As in <literal>[PFIFO]</literal> section.</para></listitem>
<para>As in [PFIFO] section.</para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>[PFIFOFast] Section Options</title>
<para>The <literal>[PFIFOFast]</literal> section manages the queueing discipline (qdisc) of
Packet First In First Out Fast (pfifo_fast).</para>
<para>The [PFIFOFast] section manages the queueing discipline (qdisc) of Packet First In First Out Fast
(pfifo_fast).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -2907,8 +2873,8 @@
<refsect1>
<title>[CAKE] Section Options</title>
<para>The <literal>[CAKE]</literal> section manages the queueing discipline (qdisc) of
Common Applications Kept Enhanced (CAKE).</para>
<para>The [CAKE] section manages the queueing discipline (qdisc) of Common Applications Kept Enhanced
(CAKE).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -2917,8 +2883,8 @@
<varlistentry>
<term><varname>OverheadBytes=</varname></term>
<listitem>
<para>Specifies that bytes to be addeded to the size of each packet. Bytes may be negative.
Takes an integer ranges -64 to 256. Defaults to unset and kernel's default is used.</para>
<para>Specifies that bytes to be addeded to the size of each packet. Bytes may be negative. Takes
an integer in the range from -64 to 256. Defaults to unset and kernel's default is used.</para>
</listitem>
</varlistentry>
@ -2935,7 +2901,7 @@
<refsect1>
<title>[ControlledDelay] Section Options</title>
<para>The <literal>[ControlledDelay]</literal> section manages the queueing discipline (qdisc) of
<para>The [ControlledDelay] section manages the queueing discipline (qdisc) of
controlled delay (CoDel).</para>
<variablelist class='network-directives'>
@ -2945,8 +2911,9 @@
<varlistentry>
<term><varname>PacketLimit=</varname></term>
<listitem>
<para>Specifies the hard limit on the queue size in number of packets. When this limit is reached, incoming packets are
dropped. An unsigned integer ranges 0 to 4294967294. Defaults to unset and kernel's default is used.</para>
<para>Specifies the hard limit on the queue size in number of packets. When this limit is reached,
incoming packets are dropped. An unsigned integer in the range 04294967294. Defaults to unset and
kernel's default is used.</para>
</listitem>
</varlistentry>
@ -2986,8 +2953,8 @@
<refsect1>
<title>[DeficitRoundRobinScheduler] Section Options</title>
<para>The <literal>[DeficitRoundRobinScheduler]</literal> section manages the queueing discipline (qdisc) of
Deficit Round Robin Scheduler (DRR).</para>
<para>The [DeficitRoundRobinScheduler] section manages the queueing discipline (qdisc) of Deficit Round
Robin Scheduler (DRR).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -2997,8 +2964,8 @@
<refsect1>
<title>[DeficitRoundRobinSchedulerClass] Section Options</title>
<para>The <literal>[DeficitRoundRobinSchedulerClass]</literal> section manages the traffic control class of
Deficit Round Robin Scheduler (DRR).</para>
<para>The [DeficitRoundRobinSchedulerClass] section manages the traffic control class of Deficit Round
Robin Scheduler (DRR).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="tclass-parent" />
@ -3019,8 +2986,8 @@
<refsect1>
<title>[EnhancedTransmissionSelection] Section Options</title>
<para>The <literal>[EnhancedTransmissionSelection]</literal> section manages the queueing discipline (qdisc) of
Enhanced Transmission Selection (ETS).</para>
<para>The [EnhancedTransmissionSelection] section manages the queueing discipline (qdisc) of Enhanced
Transmission Selection (ETS).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -3029,18 +2996,17 @@
<varlistentry>
<term><varname>Bands=</varname></term>
<listitem>
<para>Specifies the number of bands. An unsigned integer ranges 1 to 16. This value has to be
at least large enough to cover the strict bands specified through the
<varname>StrictBands=</varname> and bandwidth-sharing bands specified in
<varname>QuantumBytes=</varname>.</para>
<para>Specifies the number of bands. An unsigned integer in the range 116. This value has to be at
least large enough to cover the strict bands specified through the <varname>StrictBands=</varname>
and bandwidth-sharing bands specified in <varname>QuantumBytes=</varname>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>StrictBands=</varname></term>
<listitem>
<para>Specifies the number of bands that should be created in strict mode. An unsigned integer
ranges 1 to 16.</para>
<para>Specifies the number of bands that should be created in strict mode. An unsigned integer in
the range 116.</para>
</listitem>
</varlistentry>
@ -3071,8 +3037,8 @@
<refsect1>
<title>[GenericRandomEarlyDetection] Section Options</title>
<para>The <literal>[GenericRandomEarlyDetection]</literal> section manages the queueing discipline
(qdisc) of Generic Random Early Detection (GRED).</para>
<para>The [GenericRandomEarlyDetection] section manages the queueing discipline (qdisc) of Generic Random
Early Detection (GRED).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -3105,8 +3071,8 @@
<refsect1>
<title>[FairQueueingControlledDelay] Section Options</title>
<para>The <literal>[FairQueueingControlledDelay]</literal> section manages the queueing discipline
(qdisc) of fair queuing controlled delay (FQ-CoDel).</para>
<para>The [FairQueueingControlledDelay] section manages the queueing discipline (qdisc) of fair queuing
controlled delay (FQ-CoDel).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -3156,7 +3122,7 @@
<varlistentry>
<term><varname>QuantumBytes=</varname></term>
<listitem>
<para>Specifies the number of bytes used as 'deficit' in the fair queuing algorithmtimespan.
<para>Specifies the number of bytes used as the "deficit" in the fair queuing algorithm timespan.
When suffixed with K, M, or G, the specified size is parsed as Kilobytes, Megabytes, or Gigabytes,
respectively, to the base of 1024. Defaults to unset and kernel's default is used.</para>
</listitem>
@ -3182,8 +3148,8 @@
<refsect1>
<title>[FairQueueing] Section Options</title>
<para>The <literal>[FairQueueing]</literal> section manages the queueing discipline
(qdisc) of fair queue traffic policing (FQ).</para>
<para>The [FairQueueing] section manages the queueing discipline (qdisc) of fair queue traffic policing
(FQ).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -3271,8 +3237,8 @@
<refsect1>
<title>[TrivialLinkEqualizer] Section Options</title>
<para>The <literal>[TrivialLinkEqualizer]</literal> section manages the queueing discipline (qdisc) of
trivial link equalizer (teql).</para>
<para>The [TrivialLinkEqualizer] section manages the queueing discipline (qdisc) of trivial link
equalizer (teql).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -3292,8 +3258,8 @@
<refsect1>
<title>[HierarchyTokenBucket] Section Options</title>
<para>The <literal>[HierarchyTokenBucket]</literal> section manages the queueing discipline (qdisc) of
hierarchy token bucket (htb).</para>
<para>The [HierarchyTokenBucket] section manages the queueing discipline (qdisc) of hierarchy token
bucket (htb).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -3319,8 +3285,8 @@
<refsect1>
<title>[HierarchyTokenBucketClass] Section Options</title>
<para>The <literal>[HierarchyTokenBucketClass]</literal> section manages the traffic control class of
hierarchy token bucket (htb).</para>
<para>The [HierarchyTokenBucketClass] section manages the traffic control class of hierarchy token bucket
(htb).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="tclass-parent" />
@ -3401,8 +3367,8 @@
<refsect1>
<title>[HeavyHitterFilter] Section Options</title>
<para>The <literal>[HeavyHitterFilter]</literal> section manages the queueing discipline
(qdisc) of Heavy Hitter Filter (hhf).</para>
<para>The [HeavyHitterFilter] section manages the queueing discipline (qdisc) of Heavy Hitter Filter
(hhf).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -3411,8 +3377,9 @@
<varlistentry>
<term><varname>PacketLimit=</varname></term>
<listitem>
<para>Specifies the hard limit on the queue size in number of packets. When this limit is reached, incoming packets are
dropped. An unsigned integer ranges 0 to 4294967294. Defaults to unset and kernel's default is used.</para>
<para>Specifies the hard limit on the queue size in number of packets. When this limit is reached,
incoming packets are dropped. An unsigned integer in the range 04294967294. Defaults to unset and
kernel's default is used.</para>
</listitem>
</varlistentry>
</variablelist>
@ -3420,8 +3387,8 @@
<refsect1>
<title>[QuickFairQueueing] Section Options</title>
<para>The <literal>[QuickFairQueueing]</literal> section manages the queueing discipline
(qdisc) of Quick Fair Queueing (QFQ).</para>
<para>The [QuickFairQueueing] section manages the queueing discipline (qdisc) of Quick Fair Queueing
(QFQ).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="qdisc-parent" />
@ -3431,8 +3398,8 @@
<refsect1>
<title>[QuickFairQueueingClass] Section Options</title>
<para>The <literal>[QuickFairQueueingClass]</literal> section manages the traffic control class of
Quick Fair Queueing (qfq).</para>
<para>The [QuickFairQueueingClass] section manages the traffic control class of Quick Fair Queueing
(qfq).</para>
<variablelist class='network-directives'>
<xi:include href="tc.xml" xpointer="tclass-parent" />
@ -3459,9 +3426,9 @@
<refsect1>
<title>[BridgeVLAN] Section Options</title>
<para>The <literal>[BridgeVLAN]</literal> section manages the VLAN ID configuration of a bridge port and accepts
the following keys. Specify several <literal>[BridgeVLAN]</literal> sections to configure several VLAN entries.
The <varname>VLANFiltering=</varname> option has to be enabled, see <literal>[Bridge]</literal> section in
<para>The [BridgeVLAN] section manages the VLAN ID configuration of a bridge port and accepts the
following keys. Specify several [BridgeVLAN] sections to configure several VLAN entries. The
<varname>VLANFiltering=</varname> option has to be enabled, see the [Bridge] section in
<citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
<variablelist class='network-directives'>

View File

@ -80,7 +80,7 @@
<refsect1>
<title>[Exec] Section Options</title>
<para>Settings files may include an <literal>[Exec]</literal>
<para>Settings files may include an [Exec]
section, which carries various execution parameters:</para>
<variablelist class='nspawn-directives'>
@ -344,7 +344,7 @@
<refsect1>
<title>[Files] Section Options</title>
<para>Settings files may include a <literal>[Files]</literal>
<para>Settings files may include a [Files]
section, which carries various parameters configuring the file
system of the container:</para>
@ -405,7 +405,7 @@
<varlistentry>
<term><varname>Inaccessible=</varname></term>
<listitem><para>Masks the specified file or directly in the container, by over-mounting it with an empty file
<listitem><para>Masks the specified file or directory in the container, by over-mounting it with an empty file
node of the same type with the most restrictive access mode. Takes a file system path as argument. This option
may be used multiple times to mask multiple files or directories. This option is equivalent to the command line
switch <option>--inaccessible=</option>, see
@ -439,7 +439,7 @@
<refsect1>
<title>[Network] Section Options</title>
<para>Settings files may include a <literal>[Network]</literal>
<para>Settings files may include a [Network]
section, which carries various parameters configuring the network
connectivity of the container:</para>

View File

@ -33,7 +33,7 @@
<orderedlist>
<listitem>
<para>The package manager prepares system updates by downloading all (RPM or DEB or
<para>The package manager prepares system updates by downloading all (.rpm or .deb or
whatever) packages to update off-line in a special directory
<filename index="false">/var/lib/system-update</filename> (or
another directory of the package/upgrade manager's choice).</para>
@ -85,8 +85,8 @@
</listitem>
<listitem>
<para>The upgrade scripts should exit only after the update is finished. It is expected
that the service which performs the upgrade will cause the machine to reboot after it
<para>The update scripts should exit only after the update is finished. It is expected
that the service which performs the update will cause the machine to reboot after it
is done. If the <filename>system-update.target</filename> is successfully reached, i.e.
all update services have run, and the <filename>/system-update</filename> symlink still
exists, it will be removed and the machine rebooted as a safety measure.</para>

View File

@ -34,9 +34,9 @@
this unit type. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for the common options of all unit configuration files. The common
configuration items are configured in the generic <literal>[Unit]</literal> and
<literal>[Install]</literal> sections. The path specific configuration options are
configured in the <literal>[Path]</literal> section.</para>
configuration items are configured in the generic [Unit] and
[Install] sections. The path specific configuration options are
configured in the [Path] section.</para>
<para>For each path file, a matching unit file must exist,
describing the unit to activate when the path changes. By default,

View File

@ -89,7 +89,7 @@
<refsect1>
<title>Options</title>
<para>Scope files may include a <literal>[Scope]</literal>
<para>Scope files may include a [Scope]
section, which carries information about the scope and the
units it contains. A number of options that may be used in
this section are shared with other unit types. These options are
@ -97,7 +97,7 @@
<citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>
and
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
The options specific to the <literal>[Scope]</literal> section
The options specific to the [Scope] section
of scope units are the following:</para>
<variablelist class='unit-directives'>

View File

@ -35,9 +35,9 @@
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for the common options of all unit configuration files. The common
configuration items are configured in the generic
<literal>[Unit]</literal> and <literal>[Install]</literal>
[Unit] and [Install]
sections. The service specific configuration options are
configured in the <literal>[Service]</literal> section.</para>
configured in the [Service] section.</para>
<para>Additional options are listed in
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
@ -138,7 +138,7 @@
<refsect1>
<title>Options</title>
<para>Service files must include a <literal>[Service]</literal>
<para>Service files must include a [Service]
section, which carries information about the service and the
process it supervises. A number of options that may be used in
this section are shared with other unit types. These options are
@ -147,7 +147,7 @@
<citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>
and
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
The options specific to the <literal>[Service]</literal> section
The options specific to the [Service] section
of service units are the following:</para>
<variablelist class='unit-directives'>
@ -896,7 +896,7 @@
this option will have no effect.</para>
<example>
<title>A service with with the <varname>SuccessExitStatus=</varname> setting</title>
<title>A service with the <varname>SuccessExitStatus=</varname> setting</title>
<programlisting>SuccessExitStatus=TEMPFAIL 250 SIGUSR1</programlisting>
@ -1495,7 +1495,7 @@ ExecStart=/usr/sbin/simple-dbus-service
WantedBy=multi-user.target</programlisting>
<para>For <emphasis>bus-activatable</emphasis> services, do not
include a <literal>[Install]</literal> section in the systemd
include a [Install] section in the systemd
service file, but use the <varname>SystemdService=</varname>
option in the corresponding DBus service file, for example
(<filename>/usr/share/dbus-1/system-services/org.example.simple-dbus-service.service</filename>):</para>

View File

@ -55,9 +55,9 @@
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for the common options of all unit configuration
files. The common configuration items are configured
in the generic <literal>[Unit]</literal> and <literal>[Install]</literal> sections. The
in the generic [Unit] and [Install] sections. The
slice specific configuration options are configured in
the <literal>[Slice]</literal> section. Currently, only generic resource control settings
the [Slice] section. Currently, only generic resource control settings
as described in
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry> are allowed.
</para>

View File

@ -35,9 +35,9 @@
this unit type. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for the common options of all unit configuration files. The common
configuration items are configured in the generic <literal>[Unit]</literal> and
<literal>[Install]</literal> sections. The socket specific configuration options are
configured in the <literal>[Socket]</literal> section.</para>
configuration items are configured in the generic [Unit] and
[Install] sections. The socket specific configuration options are
configured in the [Socket] section.</para>
<para>Additional options are listed in
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
@ -117,10 +117,9 @@
<listitem><para>Socket units automatically gain a <varname>Before=</varname>
dependency on the service units they activate.</para></listitem>
<listitem><para>Socket units referring to file system paths (such as AF_UNIX
sockets or FIFOs) implicitly gain <varname>Requires=</varname> and
<varname>After=</varname> dependencies on all mount units
necessary to access those paths.</para></listitem>
<listitem><para>Socket units referring to file system paths (such as <constant>AF_UNIX</constant>
sockets or FIFOs) implicitly gain <varname>Requires=</varname> and <varname>After=</varname>
dependencies on all mount units necessary to access those paths.</para></listitem>
<listitem><para>Socket units using the <varname>BindToDevice=</varname>
setting automatically gain a <varname>BindsTo=</varname> and
@ -300,7 +299,7 @@
url="https://www.kernel.org/doc/Documentation/usb/functionfs.txt">USB
FunctionFS</ulink> endpoints location to listen on, for
implementation of USB gadget functions. This expects an
absolute file system path of functionfs mount point as the argument.
absolute file system path of FunctionFS mount point as the argument.
Behavior otherwise is very similar to the <varname>ListenFIFO=</varname>
directive above. Use this to open the FunctionFS endpoint
<filename>ep0</filename>. When using this option, the
@ -313,9 +312,9 @@
<varlistentry>
<term><varname>SocketProtocol=</varname></term>
<listitem><para>Takes one of <option>udplite</option>
or <option>sctp</option>. Specifies a socket protocol
(<constant>IPPROTO_UDPLITE</constant>) UDP-Lite
(<constant>IPPROTO_SCTP</constant>) SCTP socket respectively. </para>
or <option>sctp</option>. The socket will use the UDP-Lite
(<constant>IPPROTO_UDPLITE</constant>) or SCTP
(<constant>IPPROTO_SCTP</constant>) protocol, respectively.</para>
</listitem>
</varlistentry>
@ -349,16 +348,14 @@
<varlistentry>
<term><varname>BindToDevice=</varname></term>
<listitem><para>Specifies a network interface name to bind
this socket to. If set, traffic will only be accepted from the
specified network interfaces. This controls the
SO_BINDTODEVICE socket option (see <citerefentry
project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
for details). If this option is used, an implicit dependency
from this socket unit on the network interface device unit
(<citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>
is created. Note that setting this parameter might result in
additional dependencies to be added to the unit (see
<listitem><para>Specifies a network interface name to bind this socket to. If set, traffic will only
be accepted from the specified network interfaces. This controls the
<constant>SO_BINDTODEVICE</constant> socket option (see <citerefentry
project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
details). If this option is used, an implicit dependency from this socket unit on the network
interface device unit is created
(see <citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
Note that setting this parameter might result in additional dependencies to be added to the unit (see
above).</para></listitem>
</varlistentry>
@ -366,12 +363,10 @@
<term><varname>SocketUser=</varname></term>
<term><varname>SocketGroup=</varname></term>
<listitem><para>Takes a UNIX user/group name. When specified,
all AF_UNIX sockets and FIFO nodes in the file system are
owned by the specified user and group. If unset (the default),
the nodes are owned by the root user/group (if run in system
context) or the invoking user/group (if run in user context).
If only a user is specified but no group, then the group is
<listitem><para>Takes a UNIX user/group name. When specified, all <constant>AF_UNIX</constant>
sockets and FIFO nodes in the file system are owned by the specified user and group. If unset (the
default), the nodes are owned by the root user/group (if run in system context) or the invoking
user/group (if run in user context). If only a user is specified but no group, then the group is
derived from the user's default group.</para></listitem>
</varlistentry>
@ -420,10 +415,10 @@
to work unmodified with systemd socket
activation.</para>
<para>For IPv4 and IPv6 connections, the <varname>REMOTE_ADDR</varname>
environment variable will contain the remote IP address, and <varname>REMOTE_PORT</varname>
will contain the remote port. This is the same as the format used by CGI.
For SOCK_RAW, the port is the IP protocol.</para></listitem>
<para>For IPv4 and IPv6 connections, the <varname>REMOTE_ADDR</varname> environment variable will
contain the remote IP address, and <varname>REMOTE_PORT</varname> will contain the remote port. This
is the same as the format used by CGI. For <constant>SOCK_RAW</constant>, the port is the IP
protocol.</para></listitem>
</varlistentry>
<varlistentry>
@ -456,17 +451,13 @@
<varlistentry>
<term><varname>KeepAlive=</varname></term>
<listitem><para>Takes a boolean argument. If true, the TCP/IP
stack will send a keep alive message after 2h (depending on
the configuration of
<filename>/proc/sys/net/ipv4/tcp_keepalive_time</filename>)
for all TCP streams accepted on this socket. This controls the
SO_KEEPALIVE socket option (see
<citerefentry project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
and the <ulink
url="http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/">TCP
Keepalive HOWTO</ulink> for details.) Defaults to
<option>false</option>.</para></listitem>
<listitem><para>Takes a boolean argument. If true, the TCP/IP stack will send a keep alive message
after 2h (depending on the configuration of
<filename>/proc/sys/net/ipv4/tcp_keepalive_time</filename>) for all TCP streams accepted on this
socket. This controls the <constant>SO_KEEPALIVE</constant> socket option (see <citerefentry
project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry> and
the <ulink url="http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/">TCP Keepalive
HOWTO</ulink> for details.) Defaults to <option>false</option>.</para></listitem>
</varlistentry>
<varlistentry>
@ -483,15 +474,12 @@
<varlistentry>
<term><varname>KeepAliveIntervalSec=</varname></term>
<listitem><para>Takes time (in seconds) as argument between
individual keepalive probes, if the socket option SO_KEEPALIVE
has been set on this socket. This controls
the TCP_KEEPINTVL socket option (see
<citerefentry project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
and the <ulink
url="http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/">TCP
Keepalive HOWTO</ulink> for details.) Defaults value is 75
seconds.</para></listitem>
<listitem><para>Takes time (in seconds) as argument between individual keepalive probes, if the
socket option <constant>SO_KEEPALIVE</constant> has been set on this socket. This controls the
<constant>TCP_KEEPINTVL</constant> socket option (see <citerefentry
project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry> and
the <ulink url="http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/">TCP Keepalive
HOWTO</ulink> for details.) Defaults value is 75 seconds.</para></listitem>
</varlistentry>
<varlistentry>
@ -513,17 +501,16 @@
algorithm works by combining a number of small outgoing
messages, and sending them all at once. This controls the
TCP_NODELAY socket option (see
<citerefentry project='die-net'><refentrytitle>tcp</refentrytitle><manvolnum>7</manvolnum></citerefentry>
<citerefentry project='die-net'><refentrytitle>tcp</refentrytitle><manvolnum>7</manvolnum></citerefentry>).
Defaults to <option>false</option>.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>Priority=</varname></term>
<listitem><para>Takes an integer argument controlling the
priority for all traffic sent from this socket. This controls
the SO_PRIORITY socket option (see
<citerefentry project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
for details.).</para></listitem>
<listitem><para>Takes an integer argument controlling the priority for all traffic sent from this
socket. This controls the <constant>SO_PRIORITY</constant> socket option (see <citerefentry
project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
details.).</para></listitem>
</varlistentry>
<varlistentry>
@ -559,12 +546,12 @@
<varlistentry>
<term><varname>ReceiveBuffer=</varname></term>
<term><varname>SendBuffer=</varname></term>
<listitem><para>Takes an integer argument controlling the
receive or send buffer sizes of this socket, respectively.
This controls the SO_RCVBUF and SO_SNDBUF socket options (see
<citerefentry project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
for details.). The usual suffixes K, M, G are supported and
are understood to the base of 1024.</para></listitem>
<listitem><para>Takes an integer argument controlling the receive or send buffer sizes of this
socket, respectively. This controls the <constant>SO_RCVBUF</constant> and
<constant>SO_SNDBUF</constant> socket options (see <citerefentry
project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
details.). The usual suffixes K, M, G are supported and are understood to the base of
1024.</para></listitem>
</varlistentry>
<varlistentry>
@ -593,23 +580,20 @@
<varlistentry>
<term><varname>Mark=</varname></term>
<listitem><para>Takes an integer value. Controls the firewall
mark of packets generated by this socket. This can be used in
the firewall logic to filter packets from this socket. This
sets the SO_MARK socket option. See
<citerefentry project='die-net'><refentrytitle>iptables</refentrytitle><manvolnum>8</manvolnum></citerefentry>
for details.</para></listitem>
<listitem><para>Takes an integer value. Controls the firewall mark of packets generated by this
socket. This can be used in the firewall logic to filter packets from this socket. This sets the
<constant>SO_MARK</constant> socket option. See <citerefentry
project='die-net'><refentrytitle>iptables</refentrytitle><manvolnum>8</manvolnum></citerefentry> for
details.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>ReusePort=</varname></term>
<listitem><para>Takes a boolean value. If true, allows
multiple
<citerefentry><refentrytitle>bind</refentrytitle><manvolnum>2</manvolnum></citerefentry>s
to this TCP or UDP port. This controls the SO_REUSEPORT socket
option. See
<citerefentry project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
for details.</para></listitem>
<listitem><para>Takes a boolean value. If true, allows multiple
<citerefentry><refentrytitle>bind</refentrytitle><manvolnum>2</manvolnum></citerefentry>s to this TCP
or UDP port. This controls the <constant>SO_REUSEPORT</constant> socket option. See <citerefentry
project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
details.</para></listitem>
</varlistentry>
<varlistentry>
@ -685,28 +669,23 @@
<varlistentry>
<term><varname>Broadcast=</varname></term>
<listitem><para>Takes a boolean value. This controls the
SO_BROADCAST socket option, which allows broadcast datagrams
to be sent from this socket. Defaults to
<listitem><para>Takes a boolean value. This controls the <constant>SO_BROADCAST</constant> socket
option, which allows broadcast datagrams to be sent from this socket. Defaults to
<option>false</option>.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>PassCredentials=</varname></term>
<listitem><para>Takes a boolean value. This controls the
SO_PASSCRED socket option, which allows
<constant>AF_UNIX</constant> sockets to receive the
credentials of the sending process in an ancillary message.
Defaults to <option>false</option>.</para></listitem>
<listitem><para>Takes a boolean value. This controls the <constant>SO_PASSCRED</constant> socket
option, which allows <constant>AF_UNIX</constant> sockets to receive the credentials of the sending
process in an ancillary message. Defaults to <option>false</option>.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>PassSecurity=</varname></term>
<listitem><para>Takes a boolean value. This controls the
SO_PASSSEC socket option, which allows
<constant>AF_UNIX</constant> sockets to receive the security
context of the sending process in an ancillary message.
Defaults to <option>false</option>.</para></listitem>
<listitem><para>Takes a boolean value. This controls the <constant>SO_PASSSEC</constant> socket
option, which allows <constant>AF_UNIX</constant> sockets to receive the security context of the
sending process in an ancillary message. Defaults to <option>false</option>.</para></listitem>
</varlistentry>
<varlistentry>
@ -720,11 +699,10 @@
<varlistentry>
<term><varname>TCPCongestion=</varname></term>
<listitem><para>Takes a string value. Controls the TCP
congestion algorithm used by this socket. Should be one of
"westwood", "veno", "cubic", "lp" or any other available
algorithm supported by the IP stack. This setting applies only
to stream sockets.</para></listitem>
<listitem><para>Takes a string value. Controls the TCP congestion algorithm used by this
socket. Should be one of <literal>westwood</literal>, <literal>veno</literal>,
<literal>cubic</literal>, <literal>lp</literal> or any other available algorithm supported by the IP
stack. This setting applies only to stream sockets.</para></listitem>
</varlistentry>
<varlistentry>
@ -788,15 +766,12 @@
<varlistentry>
<term><varname>RemoveOnStop=</varname></term>
<listitem><para>Takes a boolean argument. If enabled, any file
nodes created by this socket unit are removed when it is
stopped. This applies to AF_UNIX sockets in the file system,
POSIX message queues, FIFOs, as well as any symlinks to them
configured with <varname>Symlinks=</varname>. Normally, it
should not be necessary to use this option, and is not
recommended as services might continue to run after the socket
unit has been terminated and it should still be possible to
communicate with them via their file system node. Defaults to
<listitem><para>Takes a boolean argument. If enabled, any file nodes created by this socket unit are
removed when it is stopped. This applies to <constant>AF_UNIX</constant> sockets in the file system,
POSIX message queues, FIFOs, as well as any symlinks to them configured with
<varname>Symlinks=</varname>. Normally, it should not be necessary to use this option, and is not
recommended as services might continue to run after the socket unit has been terminated and it should
still be possible to communicate with them via their file system node. Defaults to
off.</para></listitem>
</varlistentry>

View File

@ -297,7 +297,7 @@
this unit (or <filename>multi-user.target</filename>) during
installation. This is best configured via
<varname>WantedBy=graphical.target</varname> in the unit's
<literal>[Install]</literal> section.</para>
[Install] section.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -447,7 +447,7 @@
add <varname>Wants=</varname> dependencies for their unit to
this unit during installation. This is best configured via
<varname>WantedBy=multi-user.target</varname> in the unit's
<literal>[Install]</literal> section.</para>
[Install] section.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -505,7 +505,7 @@
applications get pulled in via <varname>Wants=</varname>
dependencies from this unit. This is best configured via a
<varname>WantedBy=paths.target</varname> in the path unit's
<literal>[Install]</literal> section.</para>
[Install] section.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -641,7 +641,7 @@
<para>Adding slice units to <filename>slices.target</filename> is generally not
necessary. Instead, when some unit that uses <varname>Slice=</varname> is started, the
specified slice will be started automatically. Adding
<varname>WantedBy=slices.target</varname> lines to the <literal>[Install]</literal>
<varname>WantedBy=slices.target</varname> lines to the [Install]
section should only be done for units that need to be always active. In that case care
needs to be taken to avoid creating a loop through the automatic dependencies on
"parent" slices.</para>
@ -659,7 +659,7 @@
<varname>Wants=</varname> dependencies to this unit for
their socket unit during installation. This is best
configured via a <varname>WantedBy=sockets.target</varname>
in the socket unit's <literal>[Install]</literal>
in the socket unit's [Install]
section.</para>
</listitem>
</varlistentry>
@ -742,7 +742,7 @@
applications get pulled in via <varname>Wants=</varname>
dependencies from this unit. This is best configured via
<varname>WantedBy=timers.target</varname> in the timer
unit's <literal>[Install]</literal> section.</para>
unit's [Install] section.</para>
</listitem>
</varlistentry>
<varlistentry>
@ -1043,7 +1043,7 @@
<para>By default, all user processes and services started on
behalf of the user, including the per-user systemd instance
are found in this slice. This is pulled in by
<filename>systemd-logind.service</filename></para>
<filename>systemd-logind.service</filename>.</para>
</listitem>
</varlistentry>
@ -1052,8 +1052,8 @@
<listitem>
<para>By default, all virtual machines and containers
registered with <command>systemd-machined</command> are
found in this slice. This is pulled in by
<filename>systemd-machined.service</filename></para>
found in this slice. This is pulled in by
<filename>systemd-machined.service</filename>.</para>
</listitem>
</varlistentry>
</variablelist>
@ -1104,7 +1104,7 @@
<para>This target is active whenever any graphical session is running. It is used to
stop user services which only apply to a graphical (X, Wayland, etc.) session when the
session is terminated. Such services should have
<literal>PartOf=graphical-session.target</literal> in their <literal>[Unit]</literal>
<literal>PartOf=graphical-session.target</literal> in their [Unit]
section. A target for a particular session (e. g.
<filename>gnome-session.target</filename>) starts and stops
<literal>graphical-session.target</literal> with

View File

@ -37,9 +37,9 @@
this unit type. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for the common options of all unit configuration files. The common
configuration items are configured in the generic <literal>[Unit]</literal> and
<literal>[Install]</literal> sections. The swap specific configuration options are
configured in the <literal>[Swap]</literal> section.</para>
configuration items are configured in the generic [Unit] and
[Install] sections. The swap specific configuration options are
configured in the [Swap] section.</para>
<para>Additional options are listed in
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
@ -166,7 +166,7 @@
<refsect1>
<title>Options</title>
<para>Swap files must include a [Swap] section, which carries
<para>Swap unit files must include a [Swap] section, which carries
information about the swap device it supervises. A number of
options that may be used in this section are shared with other
unit types. These options are documented in

View File

@ -98,10 +98,10 @@ KeyTwo=value 2 \
value 2 continued
[Section C]
KeyThree=value 2\
KeyThree=value 3\
# this line is ignored
; this line is ignored too
value 2 continued
value 3 continued
</programlisting></example>
<para>Boolean arguments used in configuration files can be written in

View File

@ -34,8 +34,8 @@
<para>This unit type has no specific options. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for the common options of all unit configuration files. The common
configuration items are configured in the generic <literal>[Unit]</literal> and
<literal>[Install]</literal> sections. A separate <literal>[Target]</literal> section does not exist,
configuration items are configured in the generic [Unit] and
[Install] sections. A separate [Target] section does not exist,
since no target-specific options may be configured.</para>
<para>Target units do not offer any additional functionality on

View File

@ -98,18 +98,20 @@
<refsect1>
<title>Parsing Timestamps</title>
<para>When parsing, systemd will accept a similar syntax, but expects no timezone specification, unless it is given
as the literal string <literal>UTC</literal> (for the UTC timezone), or is specified to be the locally configured
timezone, or the timezone name in the IANA timezone database format. The complete list of timezones
supported on your system can be obtained using the <literal>timedatectl list-timezones</literal>
(see <citerefentry><refentrytitle>timedatectl</refentrytitle><manvolnum>1</manvolnum></citerefentry>).
Using IANA format is recommended over local timezone names, as less prone to errors (eg: with local timezone it's possible to
specify daylight saving time in winter, while it's incorrect). The weekday specification is optional, but when
the weekday is specified, it must either be in the abbreviated (<literal>Wed</literal>) or non-abbreviated
(<literal>Wednesday</literal>) English language form (case does not matter), and is not subject to the locale
choice of the user. Either the date, or the time part may be omitted, in which case the current date or 00:00:00,
respectively, is assumed. The seconds component of the time may also be omitted, in which case ":00" is
assumed. Year numbers may be specified in full or may be abbreviated (omitting the century).</para>
<para>When parsing, systemd will accept a similar syntax, but expects no timezone specification, unless
it is given as the literal string <literal>UTC</literal> (for the UTC timezone), or is specified to be
the locally configured timezone, or the timezone name in the IANA timezone database format. The complete
list of timezones supported on your system can be obtained using the <literal>timedatectl
list-timezones</literal> (see
<citerefentry><refentrytitle>timedatectl</refentrytitle><manvolnum>1</manvolnum></citerefentry>). Using
IANA format is recommended over local timezone names, as less prone to errors (e.g. with local timezone
it's possible to specify daylight saving time in winter, even though that is not correct). The weekday
specification is optional, but when the weekday is specified, it must either be in the abbreviated
(<literal>Wed</literal>) or non-abbreviated (<literal>Wednesday</literal>) English language form (case
does not matter), and is not subject to the locale choice of the user. Either the date, or the time part
may be omitted, in which case the current date or 00:00:00, respectively, is assumed. The seconds
component of the time may also be omitted, in which case ":00" is assumed. Year numbers may be specified
in full or may be abbreviated (omitting the century).</para>
<para>A timestamp is considered invalid if a weekday is specified and the date does not match the specified day of
the week.</para>
@ -282,7 +284,7 @@ Wed..Sat,Tue 12-10-15 1:2:3 → Tue..Sat 2012-10-15 01:02:03
<para>Use the <command>calendar</command> command of
<citerefentry><refentrytitle>systemd-analyze</refentrytitle><manvolnum>1</manvolnum></citerefentry> to validate
and normalize calendar time specifications for testing purposes. The tool also calculates when a specified
calendar event would elapse next.</para>
calendar event would occur next.</para>
</refsect1>
<refsect1>

View File

@ -35,9 +35,9 @@
this unit type. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for the common options of all unit configuration files. The common
configuration items are configured in the generic <literal>[Unit]</literal> and
<literal>[Install]</literal> sections. The timer specific configuration options are
configured in the <literal>[Timer]</literal> section.</para>
configuration items are configured in the generic [Unit] and
[Install] sections. The timer specific configuration options are
configured in the [Timer] section.</para>
<para>For each timer file, a matching unit file must exist,
describing the unit to activate when the timer elapses. By

View File

@ -737,7 +737,7 @@
that the listed unit is fully started up before the configured unit is started.</para>
<para>When two units with an ordering dependency between them are shut down, the inverse of the
start-up order is applied. i.e. if a unit is configured with <varname>After=</varname> on another
start-up order is applied. I.e. if a unit is configured with <varname>After=</varname> on another
unit, the former is stopped before the latter if both are shut down. Given two units with any
ordering dependency between them, if one unit is shut down and the other is started up, the shutdown
is ordered before the start-up. It doesn't matter if the ordering dependency is
@ -833,7 +833,7 @@
<option>--job-mode=</option> option for details on the
possible values. If this is set to <literal>isolate</literal>,
only a single unit may be listed in
<varname>OnFailure=</varname>..</para></listitem>
<varname>OnFailure=</varname>.</para></listitem>
</varlistentry>
<varlistentry>
@ -1027,9 +1027,9 @@
<term><varname>StartLimitAction=</varname></term>
<listitem><para>Configure an additional action to take if the rate limit configured with
<varname>StartLimitIntervalSec=</varname> and <varname>StartLimitBurst=</varname> is hit. Takes the same
values as the setting <varname>FailureAction=</varname>/<varname>SuccessAction=</varname> settings and executes
the same actions. If <option>none</option> is set, hitting the rate limit will trigger no action besides that
<varname>StartLimitIntervalSec=</varname> and <varname>StartLimitBurst=</varname> is hit. Takes the same
values as the <varname>FailureAction=</varname>/<varname>SuccessAction=</varname> settings. If
<option>none</option> is set, hitting the rate limit will trigger no action except that
the start will not be permitted. Defaults to <option>none</option>.</para></listitem>
</varlistentry>
@ -1639,7 +1639,7 @@
<refsect1>
<title>[Install] Section Options</title>
<para>Unit files may include an <literal>[Install]</literal> section, which carries installation information for
<para>Unit files may include an [Install] section, which carries installation information for
the unit. This section is not interpreted by
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry> during runtime; it is
used by the <command>enable</command> and <command>disable</command> commands of the

View File

@ -760,13 +760,11 @@
<varlistentry>
<term><varname>systemd.crash_chvt</varname></term>
<listitem><para>Takes a positive integer, or a boolean argument. Can be also
specified without an argument, with the same effect as a positive boolean. If
a positive integer (in the range 163) is specified, the system manager (PID
1) will activate the specified virtual terminal (VT) when it
crashes. Defaults to disabled, meaning that no such switch is attempted. If
set to enabled, the VT the kernel messages are written to is selected.
</para></listitem>
<listitem><para>Takes a positive integer, or a boolean argument. Can be also specified without an
argument, with the same effect as a positive boolean. If a positive integer (in the range 163) is
specified, the system manager (PID 1) will activate the specified virtual terminal when it crashes.
Defaults to disabled, meaning that no such switch is attempted. If set to enabled, the virtual
terminal the kernel messages are written to is used instead.</para></listitem>
</varlistentry>
<varlistentry>
@ -1089,14 +1087,15 @@
this context, because they are properly namespaced. When an option is specified both on the kernel
command line, and as a normal command line argument, the latter has higher precedence.</para>
<para>When <command>systemd</command> is used a user manager, the kernel command line is ignored and
<para>When <command>systemd</command> is used as a user manager, the kernel command line is ignored and
the options described are understood. Nevertheless, <command>systemd</command> is usually started in
this mode through the
<citerefentry><refentrytitle>user@.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
service, which is shared between all users, and it may be more convenient to use configuration files to
modify settings, see
<citerefentry><refentrytitle>systemd-user.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
or a drop-in that specifies one of the environment variables listed above in "Environment, see
or a drop-in that specifies one of the environment variables listed above in the Environment section,
see
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
<variablelist>
@ -1146,8 +1145,8 @@
<varlistentry>
<term><option>--show-status</option></term>
<listitem><para>Show terse unit status information is shown on the console during boot-up and
shutdown. See <varname>systemd.show_status</varname> above.</para></listitem>
<listitem><para>Show terse unit status information on the console during boot-up and shutdown. See
<varname>systemd.show_status</varname> above.</para></listitem>
</varlistentry>
<varlistentry>

View File

@ -10,27 +10,28 @@
<varlistentry id='qdisc-parent'>
<term><varname>Parent=</varname></term>
<listitem>
<para>Specifies the parent Queueing Discipline (qdisc). Takes one of <literal>root</literal>,
<literal>clsact</literal>, <literal>ingress</literal> or a class id. The class id takes the
major and minor number in hexadecimal ranges 1 to ffff separated with a colon
(<literal>major:minor</literal>). Defaults to <literal>root</literal>.</para>
<para>Configures the parent Queueing Discipline (qdisc). Takes one of <literal>root</literal>,
<literal>clsact</literal>, <literal>ingress</literal> or a class identifier. The class identifier is
specified as the major and minor numbers in hexadecimal in the range 0x1Oxffff separated with a
colon (<literal>major:minor</literal>). Defaults to <literal>root</literal>.</para>
</listitem>
</varlistentry>
<varlistentry id='qdisc-handle'>
<term><varname>Handle=</varname></term>
<listitem>
<para>Specifies the major number of unique identifier of the qdisc, known as the handle.
Takes a number in hexadecimal ranges 1 to ffff. Defaults to unset.</para>
<para>Configures the major number of unique identifier of the qdisc, known as the handle.
Takes a hexadecimal number in the range 0x10xffff. Defaults to unset.</para>
</listitem>
</varlistentry>
<varlistentry id='tclass-parent'>
<term><varname>Parent=</varname></term>
<listitem>
<para>Specifies the parent Queueing Discipline (qdisc). Takes one of <literal>root</literal>,
or a qdisc id. The qdisc id takes the major and minor number in hexadecimal ranges 1 to ffff
separated with a colon (<literal>major:minor</literal>). Defaults to <literal>root</literal>.
<para>Configures the parent Queueing Discipline (qdisc). Takes one of <literal>root</literal>, or a
qdisc identifier. The qdisc identifier is specified as the major and minor numbers in hexadecimal in
the range 0x1Oxffff separated with a colon (<literal>major:minor</literal>). Defaults to
<literal>root</literal>.
</para>
</listitem>
</varlistentry>
@ -38,8 +39,9 @@
<varlistentry id='tclass-classid'>
<term><varname>ClassId=</varname></term>
<listitem>
<para>Specifies the major and minur number of unique identifier of the class, known as the
class ID. Each number is in hexadecimal ranges 1 to ffff. Defaults to unset.</para>
<para>Configues the unique identifier of the class. It is specified as the major and minor numbers in
hexadecimal in the range 0x1Oxffff separated with a colon (<literal>major:minor</literal>).
Defaults to unset.</para>
</listitem>
</varlistentry>
</variablelist>

View File

@ -41,7 +41,7 @@
<refsect1>
<title>Options</title>
<para>The following settings are configured in the <literal>[Time]</literal> section:</para>
<para>The following settings are configured in the [Time] section:</para>
<variablelist class='network-directives'>

View File

@ -163,11 +163,10 @@
<title>Well-Known Services</title>
<para>The <command>userdbctl services</command> command will list all currently running services that
provide user or group definitions to the system. The following are well-known services are shown among
this list.</para>
provide user or group definitions to the system. The following well-known services are shown among
this list:</para>
<variablelist>
<varlistentry>
<term><constant>io.systemd.DynamicUser</constant></term>

View File

@ -537,8 +537,7 @@ int unit_name_from_path(const char *path, const char *suffix, char **ret) {
}
int unit_name_from_path_instance(const char *prefix, const char *path, const char *suffix, char **ret) {
_cleanup_free_ char *p = NULL;
char *s;
_cleanup_free_ char *p = NULL, *s = NULL;
int r;
assert(prefix);
@ -564,7 +563,7 @@ int unit_name_from_path_instance(const char *prefix, const char *path, const cha
if (!unit_name_is_valid(s, UNIT_NAME_INSTANCE))
return -EINVAL;
*ret = s;
*ret = TAKE_PTR(s);
return 0;
}

View File

@ -777,7 +777,7 @@ bool valid_user_group_name(const char *u, ValidUserFlags flags) {
return false;
if (in_charset(u, "0123456789")) /* Don't allow fully numeric strings, they might be confused
* with with UIDs (note that this test is more broad than
* with UIDs (note that this test is more broad than
* the parse_uid() test above, as it will cover more than
* the 32bit range, and it will detect 65535 (which is in
* invalid UID, even though in the unsigned 32 bit range) */

View File

@ -142,12 +142,12 @@ static int list_homes(int argc, char *argv[], void *userdata) {
TABLE_UID, uid,
TABLE_GID, gid);
if (r < 0)
return log_error_errno(r, "Failed to add row to table: %m");
return table_log_add_error(r);
r = table_add_cell(table, &cell, TABLE_STRING, state);
if (r < 0)
return log_error_errno(r, "Failed to add field to table: %m");
return table_log_add_error(r);
color = user_record_state_color(state);
if (color)
@ -158,7 +158,7 @@ static int list_homes(int argc, char *argv[], void *userdata) {
TABLE_STRING, home,
TABLE_STRING, strna(empty_to_null(shell)));
if (r < 0)
return log_error_errno(r, "Failed to add row to table: %m");
return table_log_add_error(r);
}
r = sd_bus_message_exit_container(reply);

View File

@ -13,8 +13,8 @@
#include "signal-util.h"
static int run(int argc, char *argv[]) {
_cleanup_(notify_on_cleanup) const char *notify_stop = NULL;
_cleanup_(manager_freep) Manager *m = NULL;
_cleanup_(notify_on_cleanup) const char *notify_stop = NULL;
int r;
log_setup_service();

View File

@ -14,12 +14,14 @@
#include "alloc-util.h"
#include "bus-error.h"
#include "bus-util.h"
#include "daemon-util.h"
#include "def.h"
#include "fd-util.h"
#include "format-util.h"
#include "initreq.h"
#include "list.h"
#include "log.h"
#include "main-func.h"
#include "memory-util.h"
#include "process-util.h"
#include "special.h"
@ -68,11 +70,9 @@ static const char *translate_runlevel(int runlevel, bool *isolate) {
{ '6', SPECIAL_REBOOT_TARGET, false },
};
unsigned i;
assert(isolate);
for (i = 0; i < ELEMENTSOF(table); i++)
for (size_t i = 0; i < ELEMENTSOF(table); i++)
if (table[i].runlevel == runlevel) {
*isolate = table[i].isolate;
if (runlevel == '6' && kexec_loaded())
@ -228,6 +228,7 @@ static void fifo_free(Fifo *f) {
free(f);
}
DEFINE_TRIVIAL_CLEANUP_FUNC(Fifo*, fifo_free);
static void server_done(Server *s) {
assert(s);
@ -241,79 +242,49 @@ static void server_done(Server *s) {
static int server_init(Server *s, unsigned n_sockets) {
int r;
unsigned i;
/* This function will leave s partially initialized on failure. Caller needs to clean up. */
assert(s);
assert(n_sockets > 0);
*s = (struct Server) {
.epoll_fd = epoll_create1(EPOLL_CLOEXEC),
};
s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
if (s->epoll_fd < 0)
return log_error_errno(errno, "Failed to create epoll object: %m");
if (s->epoll_fd < 0) {
r = log_error_errno(errno,
"Failed to create epoll object: %m");
goto fail;
}
for (i = 0; i < n_sockets; i++) {
Fifo *f;
int fd;
fd = SD_LISTEN_FDS_START+i;
for (unsigned i = 0; i < n_sockets; i++) {
_cleanup_(fifo_freep) Fifo *f = NULL;
int fd = SD_LISTEN_FDS_START + i;
r = sd_is_fifo(fd, NULL);
if (r < 0) {
log_error_errno(r, "Failed to determine file descriptor type: %m");
goto fail;
}
if (!r) {
log_error("Wrong file descriptor type.");
r = -EINVAL;
goto fail;
}
if (r < 0)
return log_error_errno(r, "Failed to determine file descriptor type: %m");
if (!r)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Wrong file descriptor type.");
f = new0(Fifo, 1);
if (!f) {
r = -ENOMEM;
log_error_errno(errno, "Failed to create fifo object: %m");
goto fail;
}
f->fd = -1;
if (!f)
return log_oom();
struct epoll_event ev = {
.events = EPOLLIN,
.data.ptr = f,
};
if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
r = -errno;
fifo_free(f);
log_error_errno(errno, "Failed to add fifo fd to epoll object: %m");
goto fail;
}
if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0)
return log_error_errno(errno, "Failed to add fifo fd to epoll object: %m");
f->fd = fd;
LIST_PREPEND(fifo, s->fifos, f);
f->server = s;
LIST_PREPEND(fifo, s->fifos, TAKE_PTR(f));
s->n_fifos++;
}
r = bus_connect_system_systemd(&s->bus);
if (r < 0) {
log_error_errno(r, "Failed to get D-Bus connection: %m");
r = -EIO;
goto fail;
}
if (r < 0)
return log_error_errno(r, "Failed to get D-Bus connection: %m");
return 0;
fail:
server_done(s);
return r;
}
static int process_event(Server *s, struct epoll_event *ev) {
@ -337,43 +308,33 @@ static int process_event(Server *s, struct epoll_event *ev) {
return 0;
}
int main(int argc, char *argv[]) {
Server server;
int r = EXIT_FAILURE, n;
static int run(int argc, char *argv[]) {
_cleanup_(server_done) Server server = { .epoll_fd = -1 };
_cleanup_(notify_on_cleanup) const char *notify_stop = NULL;
int r, n;
if (getppid() != 1) {
log_error("This program should be invoked by init only.");
return EXIT_FAILURE;
}
if (argc > 1) {
log_error("This program does not take arguments.");
return EXIT_FAILURE;
}
if (argc > 1)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"This program does not take arguments.");
log_setup_service();
umask(0022);
n = sd_listen_fds(true);
if (n < 0) {
log_error_errno(r, "Failed to read listening file descriptors from environment: %m");
return EXIT_FAILURE;
}
if (n < 0)
return log_error_errno(errno,
"Failed to read listening file descriptors from environment: %m");
if (n <= 0 || n > SERVER_FD_MAX) {
log_error("No or too many file descriptors passed.");
return EXIT_FAILURE;
}
if (n <= 0 || n > SERVER_FD_MAX)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"No or too many file descriptors passed.");
if (server_init(&server, (unsigned) n) < 0)
return EXIT_FAILURE;
r = server_init(&server, (unsigned) n);
if (r < 0)
return r;
log_debug("systemd-initctl running as pid "PID_FMT, getpid_cached());
sd_notify(false,
"READY=1\n"
"STATUS=Processing requests...");
notify_stop = notify_start(NOTIFY_READY, NOTIFY_STOPPING);
while (!server.quit) {
struct epoll_event event;
@ -383,27 +344,17 @@ int main(int argc, char *argv[]) {
if (k < 0) {
if (errno == EINTR)
continue;
log_error_errno(errno, "epoll_wait() failed: %m");
goto fail;
return log_error_errno(errno, "epoll_wait() failed: %m");
}
if (k <= 0)
if (k == 0)
break;
if (process_event(&server, &event) < 0)
goto fail;
r = process_event(&server, &event);
if (r < 0)
return r;
}
r = EXIT_SUCCESS;
log_debug("systemd-initctl stopped as pid "PID_FMT, getpid_cached());
fail:
sd_notify(false,
"STOPPING=1\n"
"STATUS=Shutting down...");
server_done(&server);
return r;
return 0;
}
DEFINE_MAIN_FUNCTION(run);

View File

@ -1104,8 +1104,8 @@ static int load_certificates(char **key, char **cert, char **trust) {
}
static int run(int argc, char **argv) {
_cleanup_(notify_on_cleanup) const char *notify_message = NULL;
_cleanup_(journal_remote_server_destroy) RemoteServer s = {};
_cleanup_(notify_on_cleanup) const char *notify_message = NULL;
_cleanup_free_ char *key = NULL, *cert = NULL, *trust = NULL;
int r;

View File

@ -815,8 +815,8 @@ static int open_journal(sd_journal **j) {
}
static int run(int argc, char **argv) {
_cleanup_(notify_on_cleanup) const char *notify_message = NULL;
_cleanup_(destroy_uploader) Uploader u = {};
_cleanup_(notify_on_cleanup) const char *notify_message = NULL;
bool use_journal;
int r;

View File

@ -625,7 +625,7 @@ int journal_file_fstat(JournalFile *f) {
f->last_stat_usec = now(CLOCK_MONOTONIC);
/* Refuse dealing with with files that aren't regular */
/* Refuse dealing with files that aren't regular */
r = stat_verify_regular(&f->last_stat);
if (r < 0)
return r;

View File

@ -43,7 +43,7 @@ struct match_callback {
unsigned last_iteration;
/* Don't dispatch this slot with with messages that arrived in any iteration before or at the this
/* Don't dispatch this slot with messages that arrived in any iteration before or at the this
* one. We use this to ensure that matches don't apply "retroactively" and thus can confuse the
* caller: matches will only match incoming messages from the moment on the match was installed. */
uint64_t after;

View File

@ -4,9 +4,6 @@
#include <sys/ioctl.h>
#include <sys/types.h>
#include <linux/vt.h>
#if ENABLE_UTMP
#include <utmpx.h>
#endif
#include "sd-device.h"
@ -29,6 +26,7 @@
#include "udev-util.h"
#include "user-util.h"
#include "userdb.h"
#include "utmp-wtmp.h"
void manager_reset_config(Manager *m) {
assert(m);
@ -685,13 +683,14 @@ bool manager_all_buttons_ignored(Manager *m) {
int manager_read_utmp(Manager *m) {
#if ENABLE_UTMP
int r;
_cleanup_(utxent_cleanup) bool utmpx = false;
assert(m);
if (utmpxname(_PATH_UTMPX) < 0)
return log_error_errno(errno, "Failed to set utmp path to " _PATH_UTMPX ": %m");
setutxent();
utmpx = utxent_start();
for (;;) {
_cleanup_free_ char *t = NULL;
@ -704,8 +703,7 @@ int manager_read_utmp(Manager *m) {
if (!u) {
if (errno != 0)
log_warning_errno(errno, "Failed to read " _PATH_UTMPX ", ignoring: %m");
r = 0;
break;
return 0;
}
if (u->ut_type != USER_PROCESS)
@ -715,18 +713,14 @@ int manager_read_utmp(Manager *m) {
continue;
t = strndup(u->ut_line, sizeof(u->ut_line));
if (!t) {
r = log_oom();
break;
}
if (!t)
return log_oom();
c = path_startswith(t, "/dev/");
if (c) {
r = free_and_strdup(&t, c);
if (r < 0) {
log_oom();
break;
}
if (r < 0)
return log_oom();
}
if (isempty(t))
@ -756,8 +750,6 @@ int manager_read_utmp(Manager *m) {
log_debug("Acquired TTY information '%s' from utmp for session '%s'.", s->tty, s->id);
}
endutxent();
return r;
#else
return 0;
#endif

View File

@ -17,8 +17,8 @@
#include "user-util.h"
static int run(int argc, char *argv[]) {
_cleanup_(notify_on_cleanup) const char *notify_message = NULL;
_cleanup_(manager_freep) Manager *m = NULL;
_cleanup_(notify_on_cleanup) const char *notify_message = NULL;
int r;
log_setup_service();

View File

@ -283,7 +283,7 @@ int config_parse_ets_prio(
lvalue, word);
continue;
}
if (ets->n_quanta > TC_PRIO_MAX) {
if (ets->n_prio > TC_PRIO_MAX) {
log_syntax(unit, LOG_ERR, filename, line, 0,
"Too many priomap in '%s=', ignoring assignment: %s",
lvalue, word);

View File

@ -183,8 +183,8 @@ static int parse_argv(int argc, char *argv[]) {
}
static int run(int argc, char *argv[]) {
_cleanup_(notify_on_cleanup) const char *notify_message = NULL;
_cleanup_(manager_freep) Manager *m = NULL;
_cleanup_(notify_on_cleanup) const char *notify_message = NULL;
int r;
log_setup_service();

View File

@ -1666,7 +1666,7 @@ static int context_dump_partitions(Context *context, const char *node) {
TABLE_UINT64, p->new_padding,
TABLE_STRING, padding_change, TABLE_SET_COLOR, !p->partitions_next && sum_padding > 0 ? ansi_underline() : NULL);
if (r < 0)
return log_error_errno(r, "Failed to add row to table: %m");
return table_log_add_error(r);
}
if (sum_padding > 0 || sum_size > 0) {
@ -1689,7 +1689,7 @@ static int context_dump_partitions(Context *context, const char *node) {
TABLE_EMPTY,
TABLE_STRING, b);
if (r < 0)
return log_error_errno(r, "Failed to add row to table: %m");
return table_log_add_error(r);
}
r = table_print(t, stdout);

View File

@ -22,8 +22,8 @@
#include "user-util.h"
static int run(int argc, char *argv[]) {
_cleanup_(notify_on_cleanup) const char *notify_stop = NULL;
_cleanup_(manager_freep) Manager *m = NULL;
_cleanup_(notify_on_cleanup) const char *notify_stop = NULL;
int r;
log_setup_service();

View File

@ -202,7 +202,7 @@ typedef struct Fido2HmacSalt {
void *salt;
size_t salt_size;
/* What to test the hashed salt value against, usualy UNIX password hash here. */
/* What to test the hashed salt value against, usually UNIX password hash here. */
char *hashed_password;
} Fido2HmacSalt;

View File

@ -25,8 +25,8 @@
#include "utmp-wtmp.h"
int utmp_get_runlevel(int *runlevel, int *previous) {
_cleanup_(utxent_cleanup) bool utmpx = false;
struct utmpx *found, lookup = { .ut_type = RUN_LVL };
int r;
const char *e;
assert(runlevel);
@ -35,8 +35,7 @@ int utmp_get_runlevel(int *runlevel, int *previous) {
* precedence. Presumably, sysvinit does this to work around a
* race condition that would otherwise exist where we'd always
* go to disk and hence might read runlevel data that might be
* very new and does not apply to the current script being
* executed. */
* very new and not apply to the current script being executed. */
e = getenv("RUNLEVEL");
if (e && e[0] > 0) {
@ -58,27 +57,17 @@ int utmp_get_runlevel(int *runlevel, int *previous) {
if (utmpxname(_PATH_UTMPX) < 0)
return -errno;
setutxent();
utmpx = utxent_start();
found = getutxid(&lookup);
if (!found)
r = -errno;
else {
int a, b;
return -errno;
a = found->ut_pid & 0xFF;
b = (found->ut_pid >> 8) & 0xFF;
*runlevel = found->ut_pid & 0xFF;
if (previous)
*previous = (found->ut_pid >> 8) & 0xFF;
*runlevel = a;
if (previous)
*previous = b;
r = 0;
}
endutxent();
return r;
return 0;
}
static void init_timestamp(struct utmpx *store, usec_t t) {
@ -106,7 +95,7 @@ static void init_entry(struct utmpx *store, usec_t t) {
}
static int write_entry_utmp(const struct utmpx *store) {
int r;
_cleanup_(utxent_cleanup) bool utmpx = false;
assert(store);
@ -117,26 +106,35 @@ static int write_entry_utmp(const struct utmpx *store) {
if (utmpxname(_PATH_UTMPX) < 0)
return -errno;
setutxent();
utmpx = utxent_start();
if (!pututxline(store))
r = -errno;
else
r = 0;
endutxent();
return r;
if (pututxline(store))
return 0;
if (errno == ENOENT) {
/* If utmp/wtmp have been disabled, that's a good thing, hence ignore the error. */
log_debug_errno(errno, "Not writing utmp: %m");
return 0;
}
return -errno;
}
static int write_entry_wtmp(const struct utmpx *store) {
assert(store);
/* wtmp is a simple append-only file where each entry is
simply appended to the end; i.e. basically a log. */
* simply appended to the end; i.e. basically a log. */
errno = 0;
updwtmpx(_PATH_WTMPX, store);
if (errno == ENOENT) {
/* If utmp/wtmp have been disabled, that's a good thing, hence ignore the error. */
log_debug_errno(errno, "Not writing wtmp: %m");
return 0;
}
if (errno == EROFS) {
log_warning_errno(errno, "Failed to write wtmp record, ignoring: %m");
return 0;
}
return -errno;
}
@ -145,16 +143,7 @@ static int write_utmp_wtmp(const struct utmpx *store_utmp, const struct utmpx *s
r = write_entry_utmp(store_utmp);
s = write_entry_wtmp(store_wtmp);
if (r >= 0)
r = s;
/* If utmp/wtmp have been disabled, that's a good thing, hence
* ignore the errors */
if (r == -ENOENT)
r = 0;
return r;
return r < 0 ? r : s;
}
static int write_entry_both(const struct utmpx *store) {

Some files were not shown because too many files have changed in this diff Show More