diff options
208 files changed, 1994 insertions, 2157 deletions
diff --git a/.gitignore b/.gitignore index 1c006b53f8..922ff3244f 100644 --- a/.gitignore +++ b/.gitignore @@ -239,7 +239,6 @@ /test-path /test-path-lookup /test-path-util -/test-pppoe /test-prioq /test-process-util /test-pty diff --git a/Makefile.am b/Makefile.am index a601265d78..51548bb289 100644 --- a/Makefile.am +++ b/Makefile.am @@ -3305,7 +3305,6 @@ libsystemd_network_la_SOURCES = \ src/systemd/sd-ndisc.h \ src/systemd/sd-dhcp6-client.h \ src/systemd/sd-dhcp6-lease.h \ - src/systemd/sd-pppoe.h \ src/systemd/sd-lldp.h \ src/libsystemd-network/sd-dhcp-client.c \ src/libsystemd-network/sd-dhcp-server.c \ @@ -3321,7 +3320,6 @@ libsystemd_network_la_SOURCES = \ src/libsystemd-network/sd-ipv4acd.c \ src/libsystemd-network/arp-util.h \ src/libsystemd-network/arp-util.c \ - src/libsystemd-network/sd-pppoe.c \ src/libsystemd-network/network-internal.c \ src/libsystemd-network/network-internal.h \ src/libsystemd-network/sd-ndisc.c \ @@ -3402,14 +3400,6 @@ test_acd_LDADD = \ libsystemd-network.la \ libshared.la -test_pppoe_SOURCES = \ - src/systemd/sd-pppoe.h \ - src/libsystemd-network/test-pppoe.c - -test_pppoe_LDADD = \ - libsystemd-network.la \ - libshared.la - test_ndisc_rs_SOURCES = \ src/systemd/sd-dhcp6-client.h \ src/systemd/sd-ndisc.h \ @@ -3454,9 +3444,6 @@ tests += \ test-dhcp6-client \ test-lldp -manual_tests += \ - test-pppoe - # ------------------------------------------------------------------------------ include_HEADERS += \ src/libudev/libudev.h @@ -117,7 +117,7 @@ CHANGES WITH 227: * File descriptors passed during socket activation may now be named. A new API sd_listen_fds_with_names() is added to - access the names. The default names may be overriden, + access the names. The default names may be overridden, either in the .socket file using the FileDescriptorName= parameter, or by passing FDNAME= when storing the file descriptors using sd_notify(). @@ -1156,7 +1156,7 @@ CHANGES WITH 218: another unit listed in its Also= setting might be. * Similar to the various existing ConditionXYZ= settings for - units there are now matching AssertXYZ= settings. While + units, there are now matching AssertXYZ= settings. While failing conditions cause a unit to be skipped, but its job to succeed, failing assertions declared like this will cause a unit start operation and its job to fail. @@ -1164,7 +1164,7 @@ CHANGES WITH 218: * hostnamed now knows a new chassis type "embedded". * systemctl gained a new "edit" command. When used on a unit - file this allows extending unit files with .d/ drop-in + file, this allows extending unit files with .d/ drop-in configuration snippets or editing the full file (after copying it from /usr/lib to /etc). This will invoke the user's editor (as configured with $EDITOR), and reload the @@ -1188,7 +1188,7 @@ CHANGES WITH 218: inhibitors. * Scope and service units gained a new "Delegate" boolean - property, which when set allows processes running inside the + property, which, when set, allows processes running inside the unit to further partition resources. This is primarily useful for systemd user instances as well as container managers. @@ -1198,7 +1198,7 @@ CHANGES WITH 218: audit fields are split up and fully indexed. This means that journalctl in many ways is now a (nicer!) alternative to ausearch, the traditional audit client. Note that this - implements only a minimal audit client, if you want the + implements only a minimal audit client. If you want the special audit modes like reboot-on-log-overflow, please use the traditional auditd instead, which can be used in parallel to journald. @@ -1209,7 +1209,7 @@ CHANGES WITH 218: * journalctl gained two new commands --vacuum-size= and --vacuum-time= to delete old journal files until the - remaining ones take up no more the specified size on disk, + remaining ones take up no more than the specified size on disk, or are not older than the specified time. * A new, native PPPoE library has been added to sd-network, @@ -1262,9 +1262,9 @@ CHANGES WITH 218: will spew out warnings if the compilation fails. This requires libxkbcommon to be installed. - * When a coredump is collected a larger number of metadata + * When a coredump is collected, a larger number of metadata fields is now collected and included in the journal records - created for it. More specifically control group membership, + created for it. More specifically, control group membership, environment variables, memory maps, working directory, chroot directory, /proc/$PID/status, and a list of open file descriptors is now stored in the log entry. @@ -1303,7 +1303,7 @@ CHANGES WITH 218: a fixed machine ID for subsequent boots. * networkd's .netdev files now provide a large set of - configuration parameters for VXLAN devices. Similar, the + configuration parameters for VXLAN devices. Similarly, the bridge port cost parameter is now configurable in .network files. There's also new support for configuring IP source routing. networkd .link files gained support for a new @@ -1636,7 +1636,7 @@ CHANGES WITH 216: * .socket units gained a new DeferAcceptSec= setting that controls the kernels' TCP_DEFER_ACCEPT sockopt for - TCP. Similar, support for controlling TCP keep-alive + TCP. Similarly, support for controlling TCP keep-alive settings has been added (KeepAliveTimeSec=, KeepAliveIntervalSec=, KeepAliveProbes=). Also, support for turning off Nagle's algorithm on TCP has been added @@ -1852,7 +1852,7 @@ CHANGES WITH 215: * tmpfiles learnt a new "L+" directive which creates a symlink but (unlike "L") deletes a pre-existing file first, should it already exist and not already be the correct - symlink. Similar, "b+", "c+" and "p+" directives have been + symlink. Similarly, "b+", "c+" and "p+" directives have been added as well, which create block and character devices, as well as fifos in the filesystem, possibly removing any pre-existing files of different types. @@ -1934,8 +1934,8 @@ CHANGES WITH 215: open_by_handle_at() is now prohibited for containers, closing a hole similar to a recently discussed vulnerability in docker regarding access to files on file hierarchies the - container should normally not have access to. Note that for - nspawn we generally make no security claims anyway (and + container should normally not have access to. Note that, for + nspawn, we generally make no security claims anyway (and this is explicitly documented in the man page), so this is just a fix for one of the most obvious problems. @@ -2035,14 +2035,14 @@ CHANGES WITH 214: CAP_NET_BROADCAST, CAP_NET_RAW capabilities though, but loses the ability to write to files owned by root this way. - * Similar, systemd-resolved now runs under its own + * Similarly, systemd-resolved now runs under its own "systemd-resolve" user with no capabilities remaining. - * Similar, systemd-bus-proxyd now runs under its own + * Similarly, systemd-bus-proxyd now runs under its own "systemd-bus-proxy" user with only CAP_IPC_OWNER remaining. * systemd-networkd gained support for setting up "veth" - virtual ethernet devices for container connectivity, as well + virtual Ethernet devices for container connectivity, as well as GRE and VTI tunnels. * systemd-networkd will no longer automatically attempt to @@ -2744,7 +2744,7 @@ CHANGES WITH 209: * The configuration of network interface naming rules for "permanent interface names" has changed: a new NamePolicy= setting in the [Link] section of .link files determines the - priority of possible naming schemes (onboard, slot, mac, + priority of possible naming schemes (onboard, slot, MAC, path). The default value of this setting is determined by /usr/lib/net/links/99-default.link. Old 80-net-name-slot.rules udev configuration file has been @@ -4274,8 +4274,8 @@ CHANGES WITH 197: devices as seat masters, i.e. as devices that are required to be existing before a seat is considered preset. Instead, it will now look for all devices that are tagged as - "seat-master" in udev. By default framebuffer devices will - be marked as such, but depending on local systems other + "seat-master" in udev. By default, framebuffer devices will + be marked as such, but depending on local systems, other devices might be marked as well. This may be used to integrate graphics cards using closed source drivers (such as NVidia ones) more nicely into logind. Note however, that @@ -5315,7 +5315,7 @@ CHANGES WITH 44: * Reorder configuration file lookup order. /etc now always overrides /run in order to allow the administrator to always - and unconditionally override vendor supplied or + and unconditionally override vendor-supplied or automatically generated data. * The various user visible bits of the journal now have man @@ -876,7 +876,7 @@ Features: - add Scope= parsing option for [Network] - properly handle routerless dhcp leases - add more attribute support for SIT tunnel - - work with non-ethernet devices + - work with non-Ethernet devices - add support for more bond options * networkd-wait-online: diff --git a/configure.ac b/configure.ac index 88cb76667f..c96b9fb1d9 100644 --- a/configure.ac +++ b/configure.ac @@ -437,7 +437,7 @@ AM_CONDITIONAL(HAVE_BLKID, [test "$have_blkid" = "yes"]) # ------------------------------------------------------------------------------ have_libmount=no -PKG_CHECK_MODULES(MOUNT, [ mount >= 2.27.1 ], +PKG_CHECK_MODULES(MOUNT, [ mount >= 2.27 ], [AC_DEFINE(HAVE_LIBMOUNT, 1, [Define if libmount is available]) have_libmount=yes], have_libmount=no) if test "x$have_libmount" = xno; then AC_MSG_ERROR([*** libmount support required but libraries not found]) diff --git a/man/bootchart.conf.xml b/man/bootchart.conf.xml index bf6ca0bf9e..f6ac7e6ae2 100644 --- a/man/bootchart.conf.xml +++ b/man/bootchart.conf.xml @@ -86,7 +86,7 @@ <term><varname>Frequency=25</varname></term> <listitem><para>Configure the sample log frequency. This can be a fractional number, but must be larger than 0.0. Most - systems can cope with values under 25-50 without impacting + systems can cope with values under 25–50 without impacting boot time severely.</para></listitem> </varlistentry> diff --git a/man/bootctl.xml b/man/bootctl.xml index 63ad9392eb..ebd58750d3 100644 --- a/man/bootctl.xml +++ b/man/bootctl.xml @@ -68,14 +68,14 @@ system.</para> <para><command>bootctl status</command> checks and prints the - currently installed versions of the boot loader binaries and the + currently installed versions of the boot loader binaries and all current EFI boot variables.</para> <para><command>bootctl update</command> updates all installed versions of systemd-boot, if the current version is newer than the version installed in the EFI system partition. This also includes the EFI default/fallback loader at /EFI/Boot/boot*.efi. A - systemd-boot entry in the EFI boot variables is created, if there + systemd-boot entry in the EFI boot variables is created if there is no current entry. The created entry will be added to the end of the boot order list.</para> @@ -89,7 +89,7 @@ versions of systemd-boot from the EFI system partition, and removes systemd-boot from the EFI boot variables.</para> - <para>If no command is passed <command>status</command> is + <para>If no command is passed, <command>status</command> is implied.</para> </refsect1> @@ -114,7 +114,7 @@ <refsect1> <title>Exit status</title> - <para>On success 0 is returned, a non-zero failure + <para>On success, 0 is returned, a non-zero failure code otherwise.</para> </refsect1> diff --git a/man/busctl.xml b/man/busctl.xml index 4f0b2a7051..d8c1085021 100644 --- a/man/busctl.xml +++ b/man/busctl.xml @@ -127,7 +127,7 @@ <term><option>--size=</option></term> <listitem> - <para>When used with the <command>capture</command> command + <para>When used with the <command>capture</command> command, specifies the maximum bus message size to capture ("snaplen"). Defaults to 4096 bytes.</para> </listitem> @@ -137,7 +137,7 @@ <term><option>--list</option></term> <listitem> - <para>When used with the <command>tree</command> command shows a + <para>When used with the <command>tree</command> command, shows a flat list of object paths instead of a tree.</para> </listitem> </varlistentry> @@ -146,9 +146,9 @@ <term><option>--quiet</option></term> <listitem> - <para>When used with the <command>call</command> command + <para>When used with the <command>call</command> command, suppresses display of the response message payload. Note that even - if this option is specified errors returned will still be + if this option is specified, errors returned will still be printed and the tool will indicate success or failure with the process exit code.</para> </listitem> @@ -159,7 +159,7 @@ <listitem> <para>When used with the <command>call</command> or - <command>get-property</command> command shows output in a + <command>get-property</command> command, shows output in a more verbose format.</para> </listitem> </varlistentry> @@ -168,15 +168,15 @@ <term><option>--expect-reply=</option><replaceable>BOOL</replaceable></term> <listitem> - <para>When used with the <command>call</command> command + <para>When used with the <command>call</command> command, specifies whether <command>busctl</command> shall wait for completion of the method call, output the returned method response data, and return success or failure via the process - exit code. If this is set to <literal>no</literal> the + exit code. If this is set to <literal>no</literal>, the method call will be issued but no response is expected, the tool terminates immediately, and thus no response can be shown, and no success or failure is returned via the exit - code. To only suppress output of the reply message payload + code. To only suppress output of the reply message payload, use <option>--quiet</option> above. Defaults to <literal>yes</literal>.</para> </listitem> @@ -186,9 +186,9 @@ <term><option>--auto-start=</option><replaceable>BOOL</replaceable></term> <listitem> - <para>When used with the <command>call</command> command specifies + <para>When used with the <command>call</command> command, specifies whether the method call should implicitly activate the - called service should it not be running yet but is + called service, should it not be running yet but is configured to be auto-started. Defaults to <literal>yes</literal>.</para> </listitem> @@ -198,7 +198,7 @@ <term><option>--allow-interactive-authorization=</option><replaceable>BOOL</replaceable></term> <listitem> - <para>When used with the <command>call</command> command + <para>When used with the <command>call</command> command, specifies whether the services may enforce interactive authorization while executing the operation, if the security policy is configured for this. Defaults to @@ -210,14 +210,14 @@ <term><option>--timeout=</option><replaceable>SECS</replaceable></term> <listitem> - <para>When used with the <command>call</command> command + <para>When used with the <command>call</command> command, specifies the maximum time to wait for method call - completion. If no time unit is specified assumes + completion. If no time unit is specified, assumes seconds. The usual other units are understood, too (ms, us, s, min, h, d, w, month, y). Note that this timeout does not - apply if <option>--expect-reply=no</option> is used as the + apply if <option>--expect-reply=no</option> is used, as the tool does not wait for any reply message then. When not - specified or when set to 0 the default of + specified or when set to 0, the default of <literal>25s</literal> is assumed.</para> </listitem> </varlistentry> @@ -229,9 +229,9 @@ <para>Controls whether credential data reported by <command>list</command> or <command>status</command> shall be augmented with data from - <filename>/proc</filename>. When this is turned on the data + <filename>/proc</filename>. When this is turned on, the data shown is possibly inconsistent, as the data read from - <filename>/proc</filename> might be more recent than rest of + <filename>/proc</filename> might be more recent than the rest of the credential information. Defaults to <literal>yes</literal>.</para> </listitem> </varlistentry> @@ -258,7 +258,7 @@ <term><command>list</command></term> <listitem><para>Show all peers on the bus, by their service - names. By default shows both unique and well-known names, but + names. By default, shows both unique and well-known names, but this may be changed with the <option>--unique</option> and <option>--acquired</option> switches. This is the default operation if no command is specified.</para></listitem> @@ -281,14 +281,14 @@ <replaceable>SERVICE</replaceable> is specified, show messages to or from this peer, identified by its well-known or unique name. Otherwise, show all messages on the bus. Use Ctrl-C to - terminate dump.</para></listitem> + terminate the dump.</para></listitem> </varlistentry> <varlistentry> <term><command>capture</command> <arg choice="opt" rep="repeat"><replaceable>SERVICE</replaceable></arg></term> <listitem><para>Similar to <command>monitor</command> but - writes the output in pcap format (for details see the <ulink + writes the output in pcap format (for details, see the <ulink url="http://wiki.wireshark.org/Development/LibpcapFileFormat">Libpcap File Format</ulink> description. Make sure to redirect the output to STDOUT to a file. Tools like @@ -312,7 +312,7 @@ <listitem><para>Show interfaces, methods, properties and signals of the specified object (identified by its path) on - the specified service. If the interface argument is passed the + the specified service. If the interface argument is passed, the output is limited to members of the specified interface.</para></listitem> </varlistentry> @@ -322,10 +322,10 @@ <listitem><para>Invoke a method and show the response. Takes a service name, object path, interface name and method name. If - parameters shall be passed to the method call a signature + parameters shall be passed to the method call, a signature string is required, followed by the arguments, individually formatted as strings. For details on the formatting used, see - below. To suppress output of the returned data use the + below. To suppress output of the returned data, use the <option>--quiet</option> option.</para></listitem> </varlistentry> @@ -335,16 +335,16 @@ <listitem><para>Retrieve the current value of one or more object properties. Takes a service name, object path, interface name and property name. Multiple properties may be - specified at once in which case their values will be shown one - after the other, separated by newlines. The output is by - default in terse format. Use <option>--verbose</option> for a + specified at once, in which case their values will be shown one + after the other, separated by newlines. The output is, by + default, in terse format. Use <option>--verbose</option> for a more elaborate output format.</para></listitem> </varlistentry> <varlistentry> <term><command>set-property</command> <arg choice="plain"><replaceable>SERVICE</replaceable></arg> <arg choice="plain"><replaceable>OBJECT</replaceable></arg> <arg choice="plain"><replaceable>INTERFACE</replaceable></arg> <arg choice="plain"><replaceable>PROPERTY</replaceable></arg> <arg choice="plain"><replaceable>SIGNATURE</replaceable></arg> <arg choice="plain" rep="repeat"><replaceable>ARGUMENT</replaceable></arg></term> - <listitem><para>Set the current value an object + <listitem><para>Set the current value of an object property. Takes a service name, object path, interface name, property name, property signature, followed by a list of parameters formatted as strings.</para></listitem> @@ -364,19 +364,19 @@ <para>The <command>call</command> and <command>set-property</command> commands take a signature string followed by a list of parameters formatted as string (for details - on D-Bus signature strings see the <ulink + on D-Bus signature strings, see the <ulink url="http://dbus.freedesktop.org/doc/dbus-specification.html#type-system">Type system chapter of the D-Bus specification</ulink>). For simple - types each parameter following the signature should simply be the + types, each parameter following the signature should simply be the parameter's value formatted as string. Positive boolean values may be formatted as <literal>true</literal>, <literal>yes</literal>, - <literal>on</literal>, <literal>1</literal>; negative boolean + <literal>on</literal>, or <literal>1</literal>; negative boolean values may be specified as <literal>false</literal>, - <literal>no</literal>, <literal>off</literal>, + <literal>no</literal>, <literal>off</literal>, or <literal>0</literal>. For arrays, a numeric argument for the number of entries followed by the entries shall be specified. For - variants the signature of the contents shall be specified, - followed by the contents. For dictionaries and structs the + variants, the signature of the contents shall be specified, + followed by the contents. For dictionaries and structs, the contents of them shall be directly specified.</para> <para>For example, @@ -395,7 +395,7 @@ array that maps strings to variants, consisting of three entries. The string <literal>One</literal> is assigned the string <literal>Eins</literal>. The string - <literal>Two</literal> is assigned the 32bit unsigned + <literal>Two</literal> is assigned the 32-bit unsigned integer 2. The string <literal>Yes</literal> is assigned a positive boolean.</para> @@ -456,8 +456,8 @@ ARRAY "s" { of the <literal>org.freedesktop.systemd1</literal> service, and passes it two strings <literal>cups.service</literal> and - <literal>replace</literal>. As result of the method - call a single object path parameter is received and + <literal>replace</literal>. As a result of the method + call, a single object path parameter is received and shown:</para> <programlisting># busctl call org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager StartUnit ss "cups.service" "replace" diff --git a/man/coredump.conf.xml b/man/coredump.conf.xml index 8e71f7d4ec..a0a497b467 100644 --- a/man/coredump.conf.xml +++ b/man/coredump.conf.xml @@ -98,7 +98,7 @@ <term><varname>Compress=</varname></term> <listitem><para>Controls compression for external - storage. Takes a boolean argument, defaults to + storage. Takes a boolean argument, which defaults to <literal>yes</literal>.</para> </listitem> </varlistentry> @@ -135,7 +135,7 @@ coredumps are processed. Note that old coredumps are also removed based on time via <citerefentry><refentrytitle>systemd-tmpfiles</refentrytitle><manvolnum>8</manvolnum></citerefentry>. Set - either value to 0 to turn off size based + either value to 0 to turn off size-based clean-up.</para></listitem> </varlistentry> </variablelist> diff --git a/man/crypttab.xml b/man/crypttab.xml index d4ff760adc..1de834a045 100644 --- a/man/crypttab.xml +++ b/man/crypttab.xml @@ -160,10 +160,10 @@ at the beginning. This is different from the <option>--offset</option> option with respect to the sector numbers used in initialization vector (IV) calculation. Using <option>--offset</option> will shift the IV - calculation by the same negative amount. Hence, if <option>--offset n</option>, + calculation by the same negative amount. Hence, if <option>--offset n</option> is given, sector n will get a sector number of 0 for the IV calculation. Using <option>--skip</option> causes sector n to also be the first - sector of the mapped device, but with its number for IV generation is n.</para> + sector of the mapped device, but with its number for IV generation being n.</para> <para>This option is only relevant for plain devices.</para> </listitem> diff --git a/man/custom-html.xsl b/man/custom-html.xsl index 3e266e4a7f..84c23014e4 100644 --- a/man/custom-html.xsl +++ b/man/custom-html.xsl @@ -125,7 +125,7 @@ <!-- - helper template to do conflict resolution between various headings with the same inferred ID attribute/tag from the headerlink template - - this conflict resolution is necessary to prevent malformed HTML output (multiple id attributes with the same value) + - this conflict resolution is necessary to prevent malformed HTML output (multiple ID attributes with the same value) - and it fixes xsltproc warnings during compilation of HTML man pages - - A simple top-to-bottom numbering scheme is implemented for nodes with the same ID value to derive unique ID values for HTML output. @@ -171,7 +171,7 @@ <!-- - If stable URLs with fragment markers (references to the ID) turn out not to be important: - generatedID could simply take the value of generate-id(), and various other helper templates may be dropped entirely. - - Alternatively if xsltproc is patched to generate reproducible generate-id() output the same simplifications can be + - Alternatively, if xsltproc is patched to generate reproducible generate-id() output, the same simplifications can be - applied at the cost of breaking compatibility with URLs generated from output of previous versions of this stylesheet. --> <xsl:variable name="generatedID"> diff --git a/man/daemon.xml b/man/daemon.xml index a8bbfc055b..b6125cb5c7 100644 --- a/man/daemon.xml +++ b/man/daemon.xml @@ -490,13 +490,13 @@ configured address redundant. Another often suggested trigger for service activation is low system load. However, here too, a more convincing approach might be to make proper use of features - of the operating system, in particular, the CPU or IO scheduler + of the operating system, in particular, the CPU or I/O scheduler of Linux. Instead of scheduling jobs from userspace based on monitoring the OS scheduler, it is advisable to leave the scheduling of processes to the OS scheduler itself. systemd - provides fine-grained access to the CPU and IO schedulers. If a + provides fine-grained access to the CPU and I/O schedulers. If a process executed by the init system shall not negatively impact - the amount of CPU or IO bandwidth available to other processes, + the amount of CPU or I/O bandwidth available to other processes, it should be configured with <varname>CPUSchedulingPolicy=idle</varname> and/or <varname>IOSchedulingClass=idle</varname>. Optionally, this may diff --git a/man/file-hierarchy.xml b/man/file-hierarchy.xml index 058998b51f..345c56cefa 100644 --- a/man/file-hierarchy.xml +++ b/man/file-hierarchy.xml @@ -84,7 +84,7 @@ <varlistentry> <term><filename>/boot</filename></term> <listitem><para>The boot partition used for bringing up the - system. On EFI systems this is possibly the EFI System + system. On EFI systems, this is possibly the EFI System Partition, also see <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>. This directory is usually strictly local to the host, and @@ -147,14 +147,14 @@ directory is usually mounted as a <literal>tmpfs</literal> instance, and should hence not be used for larger files. (Use <filename>/var/tmp</filename> for larger files.) Since the - directory is accessible to other users of the system it is + directory is accessible to other users of the system, it is essential that this directory is only written to with the <citerefentry project='man-pages'><refentrytitle>mkstemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>mkdtemp</refentrytitle><manvolnum>3</manvolnum></citerefentry> and related calls. This directory is usually flushed at boot-up. Also, files that are not accessed within a certain time are usually automatically deleted. If applications find - the environment variable <varname>$TMPDIR</varname> set they + the environment variable <varname>$TMPDIR</varname> set, they should prefer using the directory specified in it over directly referencing <filename>/tmp</filename> (see <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry> @@ -217,7 +217,7 @@ <varlistentry> <term><filename>/usr/bin</filename></term> - <listitem><para>Binaries and executables for user commands, + <listitem><para>Binaries and executables for user commands that shall appear in the <varname>$PATH</varname> search path. It is recommended not to place binaries in this directory that are not useful for invocation from a shell (such as daemon @@ -245,7 +245,7 @@ <varlistentry> <term><filename>/usr/lib/<replaceable>arch-id</replaceable></filename></term> - <listitem><para>Location for placing dynamic libraries, also + <listitem><para>Location for placing dynamic libraries into, also called <varname>$libdir</varname>. The architecture identifier to use is defined on <ulink url="https://wiki.debian.org/Multiarch/Tuples">Multiarch @@ -291,7 +291,7 @@ <term><filename>/usr/share/factory/var</filename></term> <listitem><para>Similar to - <filename>/usr/share/factory/etc</filename> but for vendor + <filename>/usr/share/factory/etc</filename>, but for vendor versions of files in the variable, persistent data directory <filename>/var</filename>.</para></listitem> @@ -353,7 +353,7 @@ <varlistentry> <term><filename>/var/tmp</filename></term> <listitem><para>The place for larger and persistent temporary - files. In contrast to <filename>/tmp</filename> this directory + files. In contrast to <filename>/tmp</filename>, this directory is usually mounted from a persistent physical file system and can thus accept larger files. (Use <filename>/tmp</filename> for smaller files.) This directory is generally not flushed at @@ -365,7 +365,7 @@ <citerefentry project='man-pages'><refentrytitle>mkdtemp</refentrytitle><manvolnum>3</manvolnum></citerefentry> or similar calls should be used to make use of this directory. If applications find the environment variable - <varname>$TMPDIR</varname> set they should prefer using the + <varname>$TMPDIR</varname> set, they should prefer using the directory specified in it over directly referencing <filename>/var/tmp</filename> (see <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry> @@ -381,7 +381,7 @@ <variablelist> <varlistentry> <term><filename>/dev</filename></term> - <listitem><para>The root directory for device nodes. Usually + <listitem><para>The root directory for device nodes. Usually, this directory is mounted as a <literal>devtmpfs</literal> instance, but might be of a different type in sandboxed/containerized setups. This directory is managed @@ -402,10 +402,10 @@ write access to this directory, special care should be taken to avoid name clashes and vulnerabilities. For normal users, shared memory segments in this directory are usually deleted - when the user logs out. Usually it is a better idea to use + when the user logs out. Usually, it is a better idea to use memory mapped files in <filename>/run</filename> (for system programs) or <varname>$XDG_RUNTIME_DIR</varname> (for user - programs) instead of POSIX shared memory segments, since those + programs) instead of POSIX shared memory segments, since these directories are not world-writable and hence not vulnerable to security-sensitive name clashes.</para></listitem> </varlistentry> @@ -427,7 +427,7 @@ that exposes a number of kernel tunables. The primary way to configure the settings in this API file tree is via <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> - files. In sandboxed/containerized setups this directory is + files. In sandboxed/containerized setups, this directory is generally mounted read-only.</para></listitem> </varlistentry> @@ -437,7 +437,7 @@ discovered devices and other functionality. This file system is mostly an API to interface with the kernel and not a place where normal files may be stored. In sandboxed/containerized - setups this directory is generally mounted read-only. A number + setups, this directory is generally mounted read-only. A number of special purpose virtual file systems might be mounted below this directory.</para></listitem> </varlistentry> @@ -472,7 +472,7 @@ <varlistentry> <term><filename>/lib64</filename></term> - <listitem><para>On some architecture ABIs this compatibility + <listitem><para>On some architecture ABIs, this compatibility symlink points to <varname>$libdir</varname>, ensuring that binaries referencing this legacy path correctly find their dynamic loader. This symlink only exists on architectures @@ -513,7 +513,7 @@ directory should have no effect on operation of programs, except for increased runtimes necessary to rebuild these caches. If an application finds - <varname>$XDG_CACHE_HOME</varname> set is should use the + <varname>$XDG_CACHE_HOME</varname> set, it should use the directory specified in it instead of this directory.</para></listitem> </varlistentry> @@ -522,10 +522,10 @@ <term><filename>~/.config</filename></term> <listitem><para>Application configuration and state. When a - new user is created this directory will be empty or not exist + new user is created, this directory will be empty or not exist at all. Applications should fall back to defaults should their configuration or state in this directory be missing. If an - application finds <varname>$XDG_CONFIG_HOME</varname> set is + application finds <varname>$XDG_CONFIG_HOME</varname> set, it should use the directory specified in it instead of this directory.</para></listitem> </varlistentry> @@ -539,7 +539,7 @@ invocation from a shell; these should be placed in a subdirectory of <filename>~/.local/lib</filename> instead. Care should be taken when placing architecture-dependent - binaries in this place which might be problematic if the home + binaries in this place, which might be problematic if the home directory is shared between multiple hosts with different architectures.</para></listitem> </varlistentry> @@ -555,7 +555,7 @@ <term><filename>~/.local/lib/<replaceable>arch-id</replaceable></filename></term> <listitem><para>Location for placing public dynamic libraries. - The architecture identifier to use, is defined on <ulink + The architecture identifier to use is defined on <ulink url="https://wiki.debian.org/Multiarch/Tuples">Multiarch Architecture Specifiers (Tuples)</ulink> list.</para></listitem> @@ -568,7 +568,7 @@ such as fonts or artwork. Usually, the precise location and format of files stored below this directory is subject to specifications that ensure interoperability. If an application - finds <varname>$XDG_DATA_HOME</varname> set is should use the + finds <varname>$XDG_DATA_HOME</varname> set, it should use the directory specified in it instead of this directory.</para></listitem> </varlistentry> @@ -593,11 +593,11 @@ <filename>/run/user</filename>) of the user, which are all writable.</para> - <para>For unprivileged system processes only + <para>For unprivileged system processes, only <filename>/tmp</filename>, <filename>/var/tmp</filename> and <filename>/dev/shm</filename> are writable. If an - unprivileged system process needs a private, writable directory in + unprivileged system process needs a private writable directory in <filename>/var</filename> or <filename>/run</filename>, it is recommended to either create it before dropping privileges in the daemon code, to create it via @@ -618,7 +618,7 @@ <para>It is strongly recommended that <filename>/dev</filename> is the only location below which device nodes shall be placed. - Similar, <filename>/run</filename> shall be the only location to + Similarly, <filename>/run</filename> shall be the only location to place sockets and FIFOs. Regular files, directories and symlinks may be used in all directories.</para> </refsect1> @@ -645,7 +645,7 @@ <tbody> <row> <entry><filename>/usr/bin</filename></entry> - <entry>Package executables that shall appear in the <varname>$PATH</varname> executable search path, compiled for any of the supported architectures compatible with the operating system. It is not recommended to place internal binaries or binaries that are not commonly invoked from the shell in this directory, such as daemon binaries. As this directory is shared with most other packages of the system special care should be taken to pick unique names for files placed here, that are unlikely to clash with other package's files.</entry> + <entry>Package executables that shall appear in the <varname>$PATH</varname> executable search path, compiled for any of the supported architectures compatible with the operating system. It is not recommended to place internal binaries or binaries that are not commonly invoked from the shell in this directory, such as daemon binaries. As this directory is shared with most other packages of the system, special care should be taken to pick unique names for files placed here, that are unlikely to clash with other package's files.</entry> </row> <row> <entry><filename>/usr/lib/<replaceable>arch-id</replaceable></filename></entry> @@ -653,7 +653,7 @@ </row> <row> <entry><filename>/usr/lib/<replaceable>package</replaceable></filename></entry> - <entry>Private, static vendor resources of the package, including private binaries and libraries, or any other kind of read-only vendor data.</entry> + <entry>Private static vendor resources of the package, including private binaries and libraries, or any other kind of read-only vendor data.</entry> </row> <row> <entry><filename>/usr/lib/<replaceable>arch-id</replaceable>/<replaceable>package</replaceable></filename></entry> @@ -668,10 +668,10 @@ </table> <para>Additional static vendor files may be installed in the - <filename>/usr/share</filename> hierarchy, to the locations + <filename>/usr/share</filename> hierarchy to the locations defined by the various relevant specifications.</para> - <para>During runtime and for local configuration and state + <para>During runtime, and for local configuration and state, additional directories are defined:</para> <table> @@ -700,7 +700,7 @@ </row> <row> <entry><filename>/var/cache/<replaceable>package</replaceable></filename></entry> - <entry>Persistent cache data of the package. If this directory is flushed the application should work correctly on next invocation, though possibly slowed down due to the need to rebuild any local cache files. The application must be capable of recreating this directory should it be missing and necessary.</entry> + <entry>Persistent cache data of the package. If this directory is flushed, the application should work correctly on next invocation, though possibly slowed down due to the need to rebuild any local cache files. The application must be capable of recreating this directory should it be missing and necessary.</entry> </row> <row> <entry><filename>/var/lib/<replaceable>package</replaceable></filename></entry> @@ -726,7 +726,7 @@ when placing their own files in the user's home directory. The following table lists recommended locations in the home directory for specific types of files supplied by the vendor if the - application is installed in the home directory. (Note however, + application is installed in the home directory. (Note, however, that user applications installed system-wide should follow the rules outlined above regarding placing vendor files.)</para> @@ -744,7 +744,7 @@ <tbody> <row> <entry><filename>~/.local/bin</filename></entry> - <entry>Package executables that shall appear in the <varname>$PATH</varname> executable search path. It is not recommended to place internal executables or executables that are not commonly invoked from the shell in this directory, such as daemon executables. As this directory is shared with most other packages of the user special care should be taken to pick unique names for files placed here, that are unlikely to clash with other package's files.</entry> + <entry>Package executables that shall appear in the <varname>$PATH</varname> executable search path. It is not recommended to place internal executables or executables that are not commonly invoked from the shell in this directory, such as daemon executables. As this directory is shared with most other packages of the user, special care should be taken to pick unique names for files placed here, that are unlikely to clash with other package's files.</entry> </row> <row> <entry><filename>~/.local/lib/<replaceable>arch-id</replaceable></filename></entry> @@ -763,10 +763,10 @@ </table> <para>Additional static vendor files may be installed in the - <filename>~/.local/share</filename> hierarchy, to the locations + <filename>~/.local/share</filename> hierarchy to the locations defined by the various relevant specifications.</para> - <para>During runtime and for local configuration and state + <para>During runtime, and for local configuration and state, additional directories are defined:</para> <table> @@ -791,7 +791,7 @@ </row> <row> <entry><filename>~/.cache/<replaceable>package</replaceable></filename></entry> - <entry>Persistent cache data of the package. If this directory is flushed the application should work correctly on next invocation, though possibly slowed down due to the need to rebuild any local cache files. The application must be capable of recreating this directory should it be missing and necessary.</entry> + <entry>Persistent cache data of the package. If this directory is flushed, the application should work correctly on next invocation, though possibly slowed down due to the need to rebuild any local cache files. The application must be capable of recreating this directory should it be missing and necessary.</entry> </row> </tbody> </tgroup> diff --git a/man/hwdb.xml b/man/hwdb.xml index 80939dd95d..2b1e60fb22 100644 --- a/man/hwdb.xml +++ b/man/hwdb.xml @@ -34,7 +34,7 @@ <refsect1><title>Description</title> <para>The hardware database is a key-value store for associating modalias-like keys to - udev-properties-like values. It is used primarily by udev to add the relevant properties + udev-property-like values. It is used primarily by udev to add the relevant properties to matching devices, but it can also be queried directly.</para> </refsect1> @@ -55,9 +55,9 @@ <para>The hwdb file contains data records consisting of matches and associated key-value pairs. Every record in the hwdb starts with one or - more match string, specifying a shell glob to compare the database + more match strings, specifying a shell glob to compare the database lookup string against. Multiple match lines are specified in additional - consecutive lines. Every match line is compared individually, they are + consecutive lines. Every match line is compared individually, and they are combined by OR. Every match line must start at the first character of the line.</para> @@ -71,7 +71,7 @@ and compiled to a binary database located at <filename>/etc/udev/hwdb.bin</filename>, or alternatively <filename>/usr/lib/udev/hwdb.bin</filename> if you want ship the compiled database in an immutable image. - During runtime only the binary database is used.</para> + During runtime, only the binary database is used.</para> </refsect1> <refsect1> diff --git a/man/journalctl.xml b/man/journalctl.xml index ea319ba373..a783a9f3b5 100644 --- a/man/journalctl.xml +++ b/man/journalctl.xml @@ -82,7 +82,7 @@ matches apply to the same field, then they are automatically matched as alternatives, i.e. the resulting output will show entries matching any of the specified matches for the same - field. Finally, the character <literal>+</literal> may appears + field. Finally, the character <literal>+</literal> may appear as a separate word between other terms on the command line. This causes all matches before and after to be combined in a disjunction (i.e. logical OR).</para> @@ -95,7 +95,7 @@ <literal>_KERNEL_DEVICE=</literal> match for the device.</para> <para>Additional constraints may be added using options - <option>--boot</option>, <option>--unit=</option>, etc, to + <option>--boot</option>, <option>--unit=</option>, etc., to further limit what entries will be shown (logical AND).</para> <para>Output is interleaved from all accessible journal files, @@ -181,7 +181,7 @@ <option>-n1000</option> to guarantee that the pager will not buffer logs of unbounded size. This may be overridden with an explicit <option>-n</option> with some other numeric - value while <option>-nall</option> will disable this cap. + value, while <option>-nall</option> will disable this cap. Note that this option is only supported for the <citerefentry project='man-pages'><refentrytitle>less</refentrytitle><manvolnum>1</manvolnum></citerefentry> pager.</para></listitem> @@ -656,18 +656,18 @@ <listitem><para>Removes archived journal files until the disk space they use falls below the specified size (specified with the usual <literal>K</literal>, <literal>M</literal>, - <literal>G</literal>, <literal>T</literal> suffixes), or all + <literal>G</literal> and <literal>T</literal> suffixes), or all journal files contain no data older than the specified timespan (specified with the usual <literal>s</literal>, <literal>min</literal>, <literal>h</literal>, <literal>days</literal>, <literal>months</literal>, - <literal>weeks</literal>, <literal>years</literal> suffixes), + <literal>weeks</literal> and <literal>years</literal> suffixes), or no more than the specified number of separate journal files remain. Note that running <option>--vacuum-size=</option> has - only indirect effect on the output shown by - <option>--disk-usage</option> as the latter includes active + only an indirect effect on the output shown by + <option>--disk-usage</option>, as the latter includes active journal files, while the vacuuming operation only operates - on archived journal files. Similar, + on archived journal files. Similarly, <option>--vacuum-files=</option> might not actually reduce the number of journal files to below the specified number, as it will not remove active journal @@ -772,7 +772,7 @@ <varlistentry> <term><option>--flush</option></term> - <listitem><para>Asks the Journal daemon to flush any log data + <listitem><para>Asks the journal daemon to flush any log data stored in <filename>/run/log/journal</filename> into <filename>/var/log/journal</filename>, if persistent storage is enabled. This call does not return until the operation is @@ -782,7 +782,7 @@ <varlistentry> <term><option>--rotate</option></term> - <listitem><para>Asks the Journal daemon to rotate journal files. + <listitem><para>Asks the journal daemon to rotate journal files. </para></listitem> </varlistentry> <xi:include href="standard-options.xml" xpointer="help" /> diff --git a/man/journald.conf.xml b/man/journald.conf.xml index 4464fe53ad..a9690e8138 100644 --- a/man/journald.conf.xml +++ b/man/journald.conf.xml @@ -203,7 +203,7 @@ <para><varname>SystemMaxUse=</varname> and <varname>RuntimeMaxUse=</varname> control how much disk space - the journal may use up at maximum. + the journal may use up at most. <varname>SystemKeepFree=</varname> and <varname>RuntimeKeepFree=</varname> control how much disk space systemd-journald shall leave free for other uses. @@ -220,12 +220,12 @@ enough free space before and journal files were created, and subsequently something else causes the file system to fill up, journald will stop using more space, but it will not be - removing existing files to reduce footprint again + removing existing files to reduce the footprint again, either.</para> <para><varname>SystemMaxFileSize=</varname> and <varname>RuntimeMaxFileSize=</varname> control how large - individual journal files may grow at maximum. This influences + individual journal files may grow at most. This influences the granularity in which disk space is made available through rotation, i.e. deletion of historic data. Defaults to one eighth of the values configured with @@ -234,17 +234,17 @@ rotated journal files are kept as history.</para> <para>Specify values in bytes or use K, M, G, T, P, E as - units for the specified sizes (equal to 1024, 1024²,... bytes). + units for the specified sizes (equal to 1024, 1024², ... bytes). Note that size limits are enforced synchronously when journal files are extended, and no explicit rotation step triggered by time is needed.</para> <para><varname>SystemMaxFiles=</varname> and <varname>RuntimeMaxFiles=</varname> control how many - individual journal files to keep at maximum. Note that only + individual journal files to keep at most. Note that only archived files are deleted to reduce the number of files until this limit is reached; active files will stay around. This - means that in effect there might still be more journal files + means that, in effect, there might still be more journal files around in total than this limit after a vacuuming operation is complete. This setting defaults to 100.</para></listitem> </varlistentry> @@ -345,7 +345,7 @@ <literal>notice</literal>, <literal>info</literal>, <literal>debug</literal>, - or integer values in the range of 0..7 (corresponding to the + or integer values in the range of 0–7 (corresponding to the same levels). Messages equal or below the log level specified are stored/forwarded, messages above are dropped. Defaults to <literal>debug</literal> for <varname>MaxLevelStore=</varname> @@ -375,15 +375,15 @@ <para> Journal events can be transferred to a different logging daemon - in two different ways. In the first method, messages are + in two different ways. With the first method, messages are immediately forwarded to a socket (<filename>/run/systemd/journal/syslog</filename>), where the traditional syslog daemon can read them. This method is - controlled by <varname>ForwardToSyslog=</varname> option. In a + controlled by the <varname>ForwardToSyslog=</varname> option. With a second method, a syslog daemon behaves like a normal journal client, and reads messages from the journal files, similarly to <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>. - In this method, messages do not have to be read immediately, + With this, messages do not have to be read immediately, which allows a logging daemon which is only started late in boot to access all messages since the start of the system. In addition, full structured meta-data is available to it. This diff --git a/man/libudev.xml b/man/libudev.xml index 5660b9d990..7ef978463c 100644 --- a/man/libudev.xml +++ b/man/libudev.xml @@ -75,7 +75,7 @@ a udev context. Furthermore, multiple different udev contexts can be used in parallel by multiple threads. However, a single context must not be accessed by multiple threads in parallel. The caller - is responsible of providing suitable locking if they intend to use + is responsible for providing suitable locking if they intend to use it from multiple threads.</para> <para>To introspect a local device on a system, a udev device @@ -99,11 +99,11 @@ <para>Furthermore, libudev also exports legacy APIs that should not be used by new software (and as such are not documented as - part of this manual). This includes the hardware-database known + part of this manual). This includes the hardware database known as <constant>udev_hwdb</constant> (please use the new <citerefentry><refentrytitle>sd-hwdb</refentrytitle><manvolnum>3</manvolnum></citerefentry> API instead) and the <constant>udev_queue</constant> object to - query the udev-daemon (which should not be used by new software + query the udev daemon (which should not be used by new software at all).</para> </refsect1> diff --git a/man/locale.conf.xml b/man/locale.conf.xml index 2c32d16094..2fe731113a 100644 --- a/man/locale.conf.xml +++ b/man/locale.conf.xml @@ -54,7 +54,7 @@ <title>Description</title> <para>The <filename>/etc/locale.conf</filename> file configures - system-wide locale settings. It is read at early-boot by + system-wide locale settings. It is read at early boot by <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para> <para>The basic file format of <filename>locale.conf</filename> is diff --git a/man/loginctl.xml b/man/loginctl.xml index 9dda14d454..f41acc6a1b 100644 --- a/man/loginctl.xml +++ b/man/loginctl.xml @@ -186,7 +186,7 @@ <listitem><para>Show terse runtime status information about one or more sessions, followed by the most recent log data from the journal. Takes one or more session identifiers as - parameters. If no session identifiers are passed the status of + parameters. If no session identifiers are passed, the status of the caller's session is shown. This function is intended to generate human-readable output. If you are looking for computer-parsable output, use <command>show-session</command> @@ -212,9 +212,9 @@ <term><command>activate</command> <optional><replaceable>ID</replaceable></optional></term> <listitem><para>Activate a session. This brings a session into - the foreground, if another session is currently in the + the foreground if another session is currently in the foreground on the respective seat. Takes a session identifier - as argument. If no argument is specified the session of the + as argument. If no argument is specified, the session of the caller is put into foreground.</para></listitem> </varlistentry> @@ -225,7 +225,7 @@ <listitem><para>Activates/deactivates the screen lock on one or more sessions, if the session supports it. Takes one or more session identifiers as arguments. If no argument is - specified the session of the caller is locked/unlocked. + specified, the session of the caller is locked/unlocked. </para></listitem> </varlistentry> @@ -269,7 +269,7 @@ <listitem><para>Show terse runtime status information about one or more logged in users, followed by the most recent log data from the journal. Takes one or more user names or numeric - user IDs as parameters. If no parameters are passed the status + user IDs as parameters. If no parameters are passed, the status of the caller's user is shown. This function is intended to generate human-readable output. If you are looking for computer-parsable output, use <command>show-user</command> @@ -301,7 +301,7 @@ spawned for the user at boot and kept around after logouts. This allows users who are not logged in to run long-running services. Takes one or more user names or numeric UIDs as - argument. If no argument is specified enables/disables + argument. If no argument is specified, enables/disables lingering for the user of the session of the caller. </para></listitem> </varlistentry> @@ -365,7 +365,7 @@ seat. The devices should be specified via device paths in the <filename>/sys</filename> file system. To create a new seat, attach at least one graphics card to a previously unused seat - name. Seat names may consist only of a-z, A-Z, 0-9, + name. Seat names may consist only of a–z, A–Z, 0–9, <literal>-</literal> and <literal>_</literal> and must be prefixed with <literal>seat</literal>. To drop assignment of a device to a specific seat, just reassign it to a different diff --git a/man/logind.conf.xml b/man/logind.conf.xml index 2b79547275..43d1ffbd3c 100644 --- a/man/logind.conf.xml +++ b/man/logind.conf.xml @@ -255,8 +255,8 @@ <listitem><para>Specifies the timeout after system startup or system resume in which systemd will hold off on reacting to - LID events. This is required for the system to properly - detect any hotplugged devices so systemd can ignore LID events + lid events. This is required for the system to properly + detect any hotplugged devices so systemd can ignore lid events if external monitors, or docks, are connected. If set to 0, systemd will always react immediately, possibly before the kernel fully probed all hotplugged devices. This is safe, as diff --git a/man/machine-info.xml b/man/machine-info.xml index 916f1dab66..351133670b 100644 --- a/man/machine-info.xml +++ b/man/machine-info.xml @@ -124,7 +124,7 @@ <literal>tablet</literal>, <literal>handset</literal>, <literal>watch</literal>, and - <literal>embedded</literal> + <literal>embedded</literal>, as well as the special chassis types <literal>vm</literal> and <literal>container</literal> for diff --git a/man/machinectl.xml b/man/machinectl.xml index e2be017427..d1da7f60a6 100644 --- a/man/machinectl.xml +++ b/man/machinectl.xml @@ -83,9 +83,9 @@ </itemizedlist> <para>Machines are identified by names that follow the same rules - as UNIX and DNS host names, for details see below. Machines are - instantiated from disk or file system images, that frequently but not - necessarily carry the same name as machines running from + as UNIX and DNS host names, for details, see below. Machines are + instantiated from disk or file system images that frequently — but not + necessarily — carry the same name as machines running from them. Images in this sense are considered:</para> <itemizedlist> @@ -201,7 +201,7 @@ <varlistentry> <term><option>--mkdir</option></term> - <listitem><para>When used with <command>bind</command> creates + <listitem><para>When used with <command>bind</command>, creates the destination directory before applying the bind mount.</para></listitem> </varlistentry> @@ -209,7 +209,7 @@ <varlistentry> <term><option>--read-only</option></term> - <listitem><para>When used with <command>bind</command> applies + <listitem><para>When used with <command>bind</command>, applies a read-only bind mount.</para></listitem> </varlistentry> @@ -243,9 +243,9 @@ specify whether the image shall be verified before it is made available. Takes one of <literal>no</literal>, <literal>checksum</literal> and <literal>signature</literal>. - If <literal>no</literal> no verification is done. If - <literal>checksum</literal> is specified the download is - checked for integrity after transfer is complete, but no + If <literal>no</literal>, no verification is done. If + <literal>checksum</literal> is specified, the download is + checked for integrity after the transfer is complete, but no signatures are verified. If <literal>signature</literal> is specified, the checksum is verified and the images's signature is checked against a local keyring of trustable vendors. It is @@ -278,10 +278,10 @@ <term><option>--format=</option></term> <listitem><para>When used with the <option>export-tar</option> - or <option>export-raw</option> commands specifies the + or <option>export-raw</option> commands, specifies the compression format to use for the resulting file. Takes one of <literal>uncompressed</literal>, <literal>xz</literal>, - <literal>gzip</literal>, <literal>bzip2</literal>. By default + <literal>gzip</literal>, <literal>bzip2</literal>. By default, the format is determined automatically from the image file name passed.</para></listitem> </varlistentry> @@ -356,7 +356,7 @@ image by the specified name in <filename>/var/lib/machines/</filename> (and other search paths, see below) and runs it. Use - <command>list-images</command> (see below), for listing + <command>list-images</command> (see below) for listing available container images to start.</para> <para>Note that @@ -381,7 +381,7 @@ <term><command>login</command> [<replaceable>NAME</replaceable>]</term> <listitem><para>Open an interactive terminal login session in - a container or on the local host. If an argument is supplied + a container or on the local host. If an argument is supplied, it refers to the container machine to connect to. If none is specified, or the container name is specified as the empty string, or the special machine name <literal>.host</literal> @@ -414,7 +414,7 @@ instead. This works similar to <command>login</command> but immediately invokes a user process. This command runs the specified executable with the specified arguments, or - <filename>/bin/sh</filename> if none is specified. By default + <filename>/bin/sh</filename> if none is specified. By default, opens a <literal>root</literal> shell, but by using <option>--uid=</option>, or by prefixing the machine name with a username and an <literal>@</literal> character, a different @@ -422,10 +422,10 @@ environment variables for the executed process.</para> <para>When using the <command>shell</command> command without - arguments (thus invoking the executed shell or command on the - local host) it is similar in many ways to a <citerefentry + arguments, (thus invoking the executed shell or command on the + local host), it is in many ways similar to a <citerefentry project='die-net'><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry> - session, but unlike <command>su</command> completely isolates + session, but, unlike <command>su</command>, completely isolates the new session from the originating session, so that it shares no process or session properties, and is in a clean and well-defined state. It will be tracked in a new utmp, login, @@ -433,7 +433,7 @@ environment variables or resource limits, among other properties.</para> - <para>Note that the + <para>Note that <citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry> may be used in place of the <command>shell</command> command, and allows more detailed, low-level configuration of the @@ -509,11 +509,11 @@ specified container. The first directory argument is the source directory on the host, the second directory argument is the destination directory in the container. When the - latter is omitted the destination path in the container is + latter is omitted, the destination path in the container is the same as the source path on the host. When combined with - the <option>--read-only</option> switch a ready-only bind + the <option>--read-only</option> switch, a ready-only bind mount is created. When combined with the - <option>--mkdir</option> switch the destination path is first + <option>--mkdir</option> switch, the destination path is first created before the mount is applied. Note that this option is currently only supported for <citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> @@ -526,7 +526,7 @@ <listitem><para>Copies files or directories from the host system into a running container. Takes a container name, followed by the source path on the host and the destination - path in the container. If the destination path is omitted the + path in the container. If the destination path is omitted, the same as the source path is used.</para></listitem> </varlistentry> @@ -537,7 +537,7 @@ <listitem><para>Copies files or directories from a container into the host system. Takes a container name, followed by the source path in the container the destination path on the host. - If the destination path is omitted the same as the source path + If the destination path is omitted, the same as the source path is used.</para></listitem> </varlistentry> </variablelist></refsect2> @@ -552,8 +552,8 @@ directories and subvolumes in <filename>/var/lib/machines/</filename> (and other search paths, see below). Use <command>start</command> (see above) to - run a container off one of the listed images. Note that by - default containers whose name begins with a dot + run a container off one of the listed images. Note that, by + default, containers whose name begins with a dot (<literal>.</literal>) are not shown. To show these too, specify <option>--all</option>. Note that a special image <literal>.host</literal> always implicitly exists and refers @@ -626,27 +626,27 @@ <listitem><para>Removes one or more container or VM images. The special image <literal>.host</literal>, which refers to - the host's own directory tree may not be + the host's own directory tree, may not be removed.</para></listitem> </varlistentry> <varlistentry> <term><command>set-limit</command> [<replaceable>NAME</replaceable>] <replaceable>BYTES</replaceable></term> - <listitem><para>Sets the maximum size in bytes a specific - container or VM image, or all images may grow up to on disk + <listitem><para>Sets the maximum size in bytes that a specific + container or VM image, or all images, may grow up to on disk (disk quota). Takes either one or two parameters. The first, optional parameter refers to a container or VM image name. If - specified the size limit of the specified image is changed. If - omitted the overall size limit of the sum of all images stored + specified, the size limit of the specified image is changed. If + omitted, the overall size limit of the sum of all images stored locally is changed. The final argument specifies the size limit in bytes, possibly suffixed by the usual K, M, G, T units. If the size limit shall be disabled, specify <literal>-</literal> as size.</para> <para>Note that per-container size limits are only supported - on btrfs file systems. Also note that if - <command>set-limit</command> is invoked without image + on btrfs file systems. Also note that, if + <command>set-limit</command> is invoked without an image parameter, and <filename>/var/lib/machines</filename> is empty, and the directory is not located on btrfs, a btrfs loopback file is implicitly created as @@ -656,7 +656,7 @@ loopback may later be readjusted with <command>set-limit</command>, as well. If such a loopback-mounted <filename>/var/lib/machines</filename> - directory is used <command>set-limit</command> without image + directory is used, <command>set-limit</command> without an image name alters both the quota setting within the file system as well as the loopback file and file system size itself.</para></listitem> @@ -676,20 +676,20 @@ <literal>https://</literal>, and must refer to a <filename>.tar</filename>, <filename>.tar.gz</filename>, <filename>.tar.xz</filename> or <filename>.tar.bz2</filename> - archive file. If the local machine name is omitted it + archive file. If the local machine name is omitted, it is automatically derived from the last component of the URL, with its suffix removed.</para> <para>The image is verified before it is made available, unless <option>--verify=no</option> is specified. Verification - is done via SHA256SUMS and SHA256SUMS.gpg files, that need to + is done via SHA256SUMS and SHA256SUMS.gpg files that need to be made available on the same web server, under the same URL as the <filename>.tar</filename> file, but with the last component (the filename) of the URL replaced. With - <option>--verify=checksum</option> only the SHA256 checksum + <option>--verify=checksum</option>, only the SHA256 checksum for the file is verified, based on the <filename>SHA256SUMS</filename> file. With - <option>--verify=signature</option> the SHA256SUMS file is + <option>--verify=signature</option>, the SHA256SUMS file is first verified with detached GPG signature file <filename>SHA256SUMS.gpg</filename>. The public key for this verification step needs to be available in @@ -698,7 +698,7 @@ <para>The container image will be downloaded and stored in a read-only subvolume in - <filename>/var/lib/machines/</filename>, that is named after + <filename>/var/lib/machines/</filename> that is named after the specified URL and its HTTP etag. A writable snapshot is then taken from this subvolume, and named after the specified local name. This behavior ensures that creating multiple @@ -729,7 +729,7 @@ be a <filename>.qcow2</filename> or raw disk image, optionally compressed as <filename>.gz</filename>, <filename>.xz</filename>, or <filename>.bz2</filename>. If the - local machine name is omitted it is automatically + local machine name is omitted, it is automatically derived from the last component of the URL, with its suffix removed.</para> @@ -801,22 +801,22 @@ <listitem><para>Imports a TAR or RAW container or VM image, and places it under the specified name in <filename>/var/lib/machines/</filename>. When - <command>import-tar</command> is used the file specified as - first argument should be a tar archive, possibly compressed + <command>import-tar</command> is used, the file specified as + the first argument should be a tar archive, possibly compressed with xz, gzip or bzip2. It will then be unpacked into its own subvolume in <filename>/var/lib/machines</filename>. When - <command>import-raw</command> is used the file should be a + <command>import-raw</command> is used, the file should be a qcow2 or raw disk image, possibly compressed with xz, gzip or bzip2. If the second argument (the resulting image name) is - not specified it is automatically derived from the file - name. If the file name is passed as <literal>-</literal> the + not specified, it is automatically derived from the file + name. If the file name is passed as <literal>-</literal>, the image is read from standard input, in which case the second argument is mandatory.</para> <para>Similar as with <command>pull-tar</command>, <command>pull-raw</command> the file system <filename>/var/lib/machines.raw</filename> is increased in - size of necessary and appropriate. Optionally the + size of necessary and appropriate. Optionally, the <option>--read-only</option> switch may be used to create a read-only container or VM image. No cryptographic validation is done when importing the images.</para> @@ -833,11 +833,11 @@ stores it in the specified file. The first parameter should be a VM or container image name. The second parameter should be a file path the TAR or RAW image is written to. If the path ends - in <literal>.gz</literal> the file is compressed with gzip, if - it ends in <literal>.xz</literal> with xz, and if it ends in - <literal>.bz2</literal> with bzip2. If the path ends in - neither the file is left uncompressed. If the second argument - is missing the image is written to standard output. The + in <literal>.gz</literal>, the file is compressed with gzip, if + it ends in <literal>.xz</literal>, with xz, and if it ends in + <literal>.bz2</literal>, with bzip2. If the path ends in + neither, the file is left uncompressed. If the second argument + is missing, the image is written to standard output. The compression may also be explicitly selected with the <option>--format=</option> switch. This is in particular useful if the second parameter is left unspecified.</para> @@ -847,7 +847,7 @@ aborted with <command>cancel-transfer</command>.</para> - <para>Note that currently only directory and subvolume images + <para>Note that, currently, only directory and subvolume images may be exported as TAR images, and only raw disk images as RAW images.</para></listitem> </varlistentry> @@ -877,34 +877,34 @@ <title>Machine and Image Names</title> <para>The <command>machinectl</command> tool operates on machines - and images, whose names must be chosen following strict + and images whose names must be chosen following strict rules. Machine names must be suitable for use as host names following a conservative subset of DNS and UNIX/Linux semantics. Specifically, they must consist of one or more non-empty label strings, separated by dots. No leading or trailing dots are allowed. No sequences of multiple dots are allowed. The - label strings may only consists of alphanumeric characters as well + label strings may only consist of alphanumeric characters as well as the dash and underscore. The maximum length of a machine name is 64 characters.</para> <para>A special machine with the name <literal>.host</literal> refers to the running host system itself. This is useful for execution - operations or inspecting the host system as well. Not that + operations or inspecting the host system as well. Note that <command>machinectl list</command> will not show this special machine unless the <option>--all</option> switch is specified.</para> - <para>Requirements on image names are less strict, however must be + <para>Requirements on image names are less strict, however, they must be valid UTF-8, must be suitable as file names (hence not be the single or double dot, and not include a slash), and may not contain control characters. Since many operations search for an - image by the name of a requested machine it is recommended to name + image by the name of a requested machine, it is recommended to name images in the same strict fashion as machines.</para> <para>A special image with the name <literal>.host</literal> - refers to the image of the running host system. It is hence + refers to the image of the running host system. It hence conceptually maps to the special <literal>.host</literal> machine name described above. Note that <command>machinectl - list-images</command> won't show this special image either, unless + list-images</command> will not show this special image either, unless <option>--all</option> is specified.</para> </refsect1> @@ -914,7 +914,7 @@ <para>Machine images are preferably stored in <filename>/var/lib/machines/</filename>, but are also searched for in <filename>/usr/local/lib/machines/</filename> and - <filename>/usr/lib/machines/</filename>. For compatibility reasons + <filename>/usr/lib/machines/</filename>. For compatibility reasons, the directory <filename>/var/lib/container/</filename> is searched, too. Note that images stored below <filename>/usr</filename> are always considered read-only. It is @@ -943,7 +943,7 @@ <listitem><para>A simple directory tree, containing the files and directories of the container to boot.</para></listitem> - <listitem><para>A subvolume (on btrfs file systems), which are + <listitem><para>Subvolumes (on btrfs file systems), which are similar to the simple directories, described above. However, they have additional benefits, such as efficient cloning and quota reporting.</para></listitem> @@ -956,7 +956,7 @@ <para>See <citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> - for more information on image formats, in particular it's + for more information on image formats, in particular its <option>--directory=</option> and <option>--image=</option> options.</para> </refsect1> @@ -987,7 +987,7 @@ # machinectl login Fedora-Cloud-Base-20141203-21</programlisting> <para>This downloads the specified <filename>.raw</filename> - image with verification disabled. Then a shell is opened in it + image with verification disabled. Then, a shell is opened in it and a root password is set. Afterwards the shell is left, and the machine started as system service. With the last command a login prompt into the container is requested.</para> @@ -1010,8 +1010,8 @@ <programlisting># machinectl export-tar fedora myfedora.tar.xz</programlisting> - <para>Exports the container <literal>fedora</literal> in an - xz-compress tar file <filename>myfedora.tar.xz</filename> in the + <para>Exports the container <literal>fedora</literal> as an + xz-compressed tar file <filename>myfedora.tar.xz</filename> into the current directory.</para> </example> @@ -1020,7 +1020,7 @@ <programlisting># machinectl shell --uid=lennart</programlisting> - <para>This creates a new shell session on the local host, for + <para>This creates a new shell session on the local host for the user ID <literal>lennart</literal>, in a <citerefentry project='die-net'><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>-like fashion.</para> diff --git a/man/networkctl.xml b/man/networkctl.xml index 46dab58d61..c688714b30 100644 --- a/man/networkctl.xml +++ b/man/networkctl.xml @@ -129,7 +129,7 @@ IDX LINK TYPE OPERATIONAL SETUP configured DNS servers, etc.</para> <para>When no links are specified, routable links are - shown. See also option <option>--all</option>.</para> + shown. Also see the option <option>--all</option>.</para> <para>Produces output similar to <programlisting> diff --git a/man/nss-myhostname.xml b/man/nss-myhostname.xml index 4481fdf8cb..859bec29e3 100644 --- a/man/nss-myhostname.xml +++ b/man/nss-myhostname.xml @@ -59,7 +59,7 @@ <para><command>nss-myhostname</command> is a plugin for the GNU Name Service Switch (NSS) functionality of the GNU C Library - (<command>glibc</command>) primarily providing hostname resolution + (<command>glibc</command>), primarily providing hostname resolution for the locally configured system hostname as returned by <citerefentry><refentrytitle>gethostname</refentrytitle><manvolnum>2</manvolnum></citerefentry>. The precise hostnames resolved by this module are:</para> @@ -89,9 +89,9 @@ time as changing the hostname. This is problematic since it requires a writable <filename>/etc</filename> file system and is fragile because the file might be edited by the administrator at - the same time. With <command>nss-myhostname</command> enabled + the same time. With <command>nss-myhostname</command> enabled, changing <filename>/etc/hosts</filename> is unnecessary, and on - many systems the file becomes entirely optional.</para> + many systems, the file becomes entirely optional.</para> <para>To activate the NSS modules, <literal>myhostname</literal> has to be added to the line starting with @@ -100,7 +100,7 @@ <para>It is recommended to place <literal>myhostname</literal> last in the <filename>nsswitch.conf</filename> line to make sure - that this mapping is only used as fallback, and any DNS or + that this mapping is only used as fallback, and that any DNS or <filename>/etc/hosts</filename> based mapping takes precedence.</para> </refsect1> @@ -108,8 +108,8 @@ <refsect1> <title>Example</title> - <para>Here's an example <filename>/etc/nsswitch.conf</filename> - file, that enables <command>myhostname</command> correctly:</para> + <para>Here is an example <filename>/etc/nsswitch.conf</filename> + file that enables <command>myhostname</command> correctly:</para> <programlisting>passwd: compat mymachines group: compat mymachines @@ -135,7 +135,7 @@ netgroup: nis</programlisting> 127.0.0.2 DGRAM 127.0.0.2 RAW</programlisting> - <para>In this case the local hostname is <varname>omega</varname>.</para> + <para>In this case, the local hostname is <varname>omega</varname>.</para> </refsect1> diff --git a/man/nss-mymachines.xml b/man/nss-mymachines.xml index 92c72846c1..d2bec763bb 100644 --- a/man/nss-mymachines.xml +++ b/man/nss-mymachines.xml @@ -58,8 +58,8 @@ <para><command>nss-mymachines</command> is a plugin for the GNU Name Service Switch (NSS) functionality of the GNU C Library - (<command>glibc</command>) providing hostname resolution for - container names of containers running locally, that are registered + (<command>glibc</command>), providing hostname resolution for + container names of containers running locally that are registered with <citerefentry><refentrytitle>systemd-machined.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. The container names are resolved to the IP addresses of the @@ -76,16 +76,16 @@ <para>It is recommended to place <literal>mymachines</literal> near the end of the <filename>nsswitch.conf</filename> lines to - make sure that its mappings are only used as fallback, and any + make sure that its mappings are only used as fallback, and that any other mappings, such as DNS or <filename>/etc/hosts</filename> - based mappings take precedence.</para> + based mappings, take precedence.</para> </refsect1> <refsect1> <title>Example</title> - <para>Here's an example <filename>/etc/nsswitch.conf</filename> - file, that enables <command>mymachines</command> correctly:</para> + <para>Here is an example <filename>/etc/nsswitch.conf</filename> + file that enables <command>mymachines</command> correctly:</para> <programlisting>passwd: compat <command>mymachines</command> group: compat <command>mymachines</command> diff --git a/man/nss-resolve.xml b/man/nss-resolve.xml index 7d291b83c1..8b0928145f 100644 --- a/man/nss-resolve.xml +++ b/man/nss-resolve.xml @@ -79,8 +79,8 @@ <refsect1> <title>Example</title> - <para>Here's an example <filename>/etc/nsswitch.conf</filename> - file, that enables <command>resolve</command> correctly:</para> + <para>Here is an example <filename>/etc/nsswitch.conf</filename> + file that enables <command>resolve</command> correctly:</para> <programlisting>passwd: compat mymachines group: compat mymachines diff --git a/man/os-release.xml b/man/os-release.xml index d2e2598204..4557abc4a3 100644 --- a/man/os-release.xml +++ b/man/os-release.xml @@ -67,7 +67,7 @@ without implementing a shell compatible execution engine. Variable assignment values must be enclosed in double or single quotes if they include spaces, semicolons or other special characters - outside of A-Z, a-z, 0-9. Shell special characters ("$", quotes, + outside of A–Z, a–z, 0–9. Shell special characters ("$", quotes, backslash, backtick) must be escaped with backslashes, following shell style. All strings should be in UTF-8 format, and non-printable characters should not be used. It is not supported @@ -141,7 +141,7 @@ <term><varname>ID=</varname></term> <listitem><para>A lower-case string (no spaces or other - characters outside of 0-9, a-z, ".", "_" and "-") identifying + characters outside of 0–9, a–z, ".", "_" and "-") identifying the operating system, excluding any version information and suitable for processing by scripts or usage in generated filenames. If not set, defaults to @@ -179,7 +179,7 @@ <term><varname>VERSION_ID=</varname></term> <listitem><para>A lower-case string (mostly numeric, no spaces - or other characters outside of 0-9, a-z, ".", "_" and "-") + or other characters outside of 0–9, a–z, ".", "_" and "-") identifying the operating system version, excluding any OS name information or release code name, and suitable for processing by scripts or usage in generated filenames. This @@ -298,7 +298,7 @@ <listitem><para> A lower-case string (no spaces or other characters outside of - 0-9, a-z, ".", "_" and "-"), identifying a specific variant or + 0–9, a–z, ".", "_" and "-"), identifying a specific variant or edition of the operating system. This may be interpreted by other packages in order to determine a divergent default configuration. This field is optional and may not be diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml index b4a3f502b4..ddda81bc90 100644 --- a/man/pam_systemd.xml +++ b/man/pam_systemd.xml @@ -197,7 +197,7 @@ as <constant>AF_UNIX</constant> sockets, FIFOs, PID files and similar. It is guaranteed that this directory is local and offers the greatest possible file system feature set the - operating system provides. For further details see the <ulink + operating system provides. For further details, see the <ulink url="http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html">XDG Base Directory Specification</ulink>.</para></listitem> </varlistentry> diff --git a/man/resolved.conf.xml b/man/resolved.conf.xml index 8047a4ea75..811e33f4fa 100644 --- a/man/resolved.conf.xml +++ b/man/resolved.conf.xml @@ -59,7 +59,7 @@ <title>Description</title> <para>These configuration files control local DNS and LLMNR - name resolving.</para> + name resolution.</para> </refsect1> @@ -72,12 +72,12 @@ <varlistentry> <term><varname>DNS=</varname></term> - <listitem><para>A space separated list of IPv4 and IPv6 + <listitem><para>A space-separated list of IPv4 and IPv6 addresses to be used as system DNS servers. DNS requests are sent to one of the listed DNS servers in parallel to any per-interface DNS servers acquired from <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. - For compatibility reasons, if set to the empty list the DNS + For compatibility reasons, if set to the empty list, the DNS servers listed in <filename>/etc/resolv.conf</filename> are used, if any are configured there. This setting defaults to the empty list.</para></listitem> @@ -85,7 +85,7 @@ <varlistentry> <term><varname>FallbackDNS=</varname></term> - <listitem><para>A space separated list of IPv4 and IPv6 + <listitem><para>A space-separated list of IPv4 and IPv6 addresses to be used as the fallback DNS servers. Any per-interface DNS servers obtained from <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> @@ -103,9 +103,9 @@ <literal>resolve</literal>. Controls Link-Local Multicast Name Resolution support (<ulink url="https://tools.ietf.org/html/rfc4795">RFC 4794</ulink>) on - the local host. If true enables full LLMNR responder and - resolver support. If false disable both. If set to - <literal>resolve</literal> only resolving support is enabled, + the local host. If true, enables full LLMNR responder and + resolver support. If false, disables both. If set to + <literal>resolve</literal>, only resolution support is enabled, but responding is disabled. Note that <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> also maintains per-interface LLMNR settings. LLMNR will be diff --git a/man/sd-bus-errors.xml b/man/sd-bus-errors.xml index a1e8462858..055af7a682 100644 --- a/man/sd-bus-errors.xml +++ b/man/sd-bus-errors.xml @@ -121,10 +121,10 @@ <title>Description</title> <para>In addition to the error names user programs define, D-Bus - knows a number of generic, standardized error names, that are + knows a number of generic, standardized error names that are listed below.</para> - <para>In addition to this list, in sd-bus the special error + <para>In addition to this list, in sd-bus, the special error namespace <literal>System.Error.</literal> is used to map arbitrary Linux system errors (as defined by <citerefentry project='man-pages'><refentrytitle>errno</refentrytitle><manvolnum>3</manvolnum></citerefentry>) @@ -167,7 +167,7 @@ <varlistentry> <term><varname>SD_BUS_ERROR_IO_ERROR</varname></term> <listitem><para>Generic input/output error, for example when - accessing a socket or other IO context.</para></listitem> + accessing a socket or other I/O context.</para></listitem> </varlistentry> <varlistentry> <term><varname>SD_BUS_ERROR_BAD_ADDRESS</varname></term> @@ -186,7 +186,7 @@ </varlistentry> <varlistentry> <term><varname>SD_BUS_ERROR_ACCESS_DENIED</varname></term> - <listitem><para>Access to a resource has been denied, due to security restrictions.</para></listitem> + <listitem><para>Access to a resource has been denied due to security restrictions.</para></listitem> </varlistentry> <varlistentry> <term><varname>SD_BUS_ERROR_AUTH_FAILED</varname></term> @@ -224,7 +224,7 @@ </varlistentry> <varlistentry> <term><varname>SD_BUS_ERROR_FILE_EXISTS</varname></term> - <listitem><para>The requested file exists already.</para></listitem> + <listitem><para>The requested file already exists.</para></listitem> </varlistentry> <varlistentry> <term><varname>SD_BUS_ERROR_UNKNOWN_METHOD</varname></term> @@ -272,7 +272,7 @@ <varlistentry> <term><varname>SD_BUS_ERROR_INTERACTIVE_AUTHORIZATION_REQUIRED</varname></term> <listitem><para>Access to the requested operation is not - permitted, however, it might be available after interactive + permitted. However, it might be available after interactive authentication. This is usually returned by method calls supporting a framework for additional interactive authorization, when interactive authorization was not enabled diff --git a/man/sd_bus_creds_get_pid.xml b/man/sd_bus_creds_get_pid.xml index 4162fab065..aec12bda16 100644 --- a/man/sd_bus_creds_get_pid.xml +++ b/man/sd_bus_creds_get_pid.xml @@ -317,7 +317,7 @@ to determine the mask of fields available.</para> <para><function>sd_bus_creds_get_pid()</function> will retrieve - the PID (process identifier). Similar, + the PID (process identifier). Similarly, <function>sd_bus_creds_get_ppid()</function> will retrieve the parent PID. Note that PID 1 has no parent process, in which case -ENXIO is returned.</para> @@ -326,14 +326,14 @@ TID (thread identifier).</para> <para><function>sd_bus_creds_get_uid()</function> will retrieve - the numeric UID (user identifier). Similar, + the numeric UID (user identifier). Similarly, <function>sd_bus_creds_get_euid()</function> returns the effective UID, <function>sd_bus_creds_get_suid()</function> the saved UID and <function>sd_bus_creds_get_fsuid()</function> the file system UID.</para> <para><function>sd_bus_creds_get_gid()</function> will retrieve the - numeric GID (group identifier). Similar, + numeric GID (group identifier). Similarly, <function>sd_bus_creds_get_egid()</function> returns the effective GID, <function>sd_bus_creds_get_sgid()</function> the saved GID and <function>sd_bus_creds_get_fsgid()</function> the file system @@ -355,7 +355,7 @@ <para><function>sd_bus_creds_get_exe()</function> will retrieve the path to the program executable (as stored in the <filename>/proc/<replaceable>pid</replaceable>/exe</filename> - link, but with <literal> (deleted)</literal> suffix removed). Note + link, but with the <literal> (deleted)</literal> suffix removed). Note that kernel threads do not have an executable path, in which case -ENXIO is returned.</para> @@ -372,38 +372,38 @@ <para><function>sd_bus_creds_get_unit()</function> will retrieve the systemd unit name (in the system instance of systemd) that the - process is part of. See + process is a part of. See <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. For - processes that are not part of a unit returns -ENXIO. + processes that are not part of a unit, returns -ENXIO. </para> <para><function>sd_bus_creds_get_user_unit()</function> will retrieve the systemd unit name (in the user instance of systemd) - that the process is part of. See + that the process is a part of. See <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. For - processes that are not part of a user unit returns -ENXIO. + processes that are not part of a user unit, returns -ENXIO. </para> <para><function>sd_bus_creds_get_slice()</function> will retrieve the systemd slice (a unit in the system instance of systemd) that - the process is part of. See - <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Similar, + the process is a part of. See + <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Similarly, <function>sd_bus_creds_get_user_slice()</function> retrieves the systemd slice of the process, in the user instance of systemd. </para> <para><function>sd_bus_creds_get_session()</function> will retrieve the identifier of the login session that the process is - part of. See + a part of. See <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. For - processes that are not part of a session returns -ENXIO. + processes that are not part of a session, returns -ENXIO. </para> <para><function>sd_bus_creds_get_owner_uid()</function> will retrieve the numeric UID (user identifier) of the user who owns - the login session that the process is part of. See + the login session that the process is a part of. See <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. - For processes that are not part of a session returns -ENXIO. + For processes that are not part of a session, returns -ENXIO. </para> <para><function>sd_bus_creds_has_effective_cap()</function> will @@ -494,7 +494,7 @@ <varlistentry> <term><constant>-ENODATA</constant></term> - <listitem><para>Given field is not available in the + <listitem><para>The given field is not available in the credentials object <parameter>c</parameter>.</para> </listitem> </varlistentry> @@ -502,7 +502,7 @@ <varlistentry> <term><constant>-ENXIO</constant></term> - <listitem><para>Given field is not specified for the described + <listitem><para>The given field is not specified for the described process or peer. This will be returned by <function>sd_bus_get_unit()</function>, <function>sd_bus_get_slice()</function>, @@ -514,8 +514,8 @@ slice, or logind session. It will also be returned by <function>sd_bus_creds_get_exe()</function> and <function>sd_bus_creds_get_cmdline()</function> for kernel - threads (since these aren't started from an executable binary - or have a command line), + threads (since these are not started from an executable binary, + nor have a command line), and by <function>sd_bus_creds_get_audit_session_id()</function> and <function>sd_bus_creds_get_audit_login_uid()</function> when the process is not part of an audit session, and diff --git a/man/sd_bus_creds_new_from_pid.xml b/man/sd_bus_creds_new_from_pid.xml index a78d3f5717..84dd509744 100644 --- a/man/sd_bus_creds_new_from_pid.xml +++ b/man/sd_bus_creds_new_from_pid.xml @@ -130,7 +130,7 @@ <para><function>sd_bus_creds_new_from_pid()</function> creates a new credentials object and fills it with information about the process <parameter>pid</parameter>. The pointer to this object - will be stored in <parameter>ret</parameter> pointer. Note that + will be stored in the <parameter>ret</parameter> pointer. Note that credential objects may also be created and retrieved via <citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry> @@ -171,11 +171,11 @@ <constant>SD_BUS_CREDS_AUDIT_LOGIN_UID</constant>, <constant>SD_BUS_CREDS_TTY</constant>, <constant>SD_BUS_CREDS_UNIQUE_NAME</constant>, - <constant>SD_BUS_CREDS_WELL_KNOWN_NAMES</constant>, + <constant>SD_BUS_CREDS_WELL_KNOWN_NAMES</constant>, and <constant>SD_BUS_CREDS_DESCRIPTION</constant>. Use the special value <constant>_SD_BUS_CREDS_ALL</constant> to request all supported fields. The <constant>SD_BUS_CREDS_AUGMENT</constant> - may not be ORed into the mask for invocations of + constant may not be ORed into the mask for invocations of <function>sd_bus_creds_new_from_pid()</function>.</para> <para>Fields can be retrieved from the credentials object using @@ -191,35 +191,35 @@ subset of fields requested in <parameter>creds_mask</parameter>. </para> - <para>Similar to <function>sd_bus_creds_get_mask()</function> the + <para>Similar to <function>sd_bus_creds_get_mask()</function>, the function <function>sd_bus_creds_get_augmented_mask()</function> returns a bitmask of field constants. The mask indicates which credential fields have been retrieved in a non-atomic fashion. For credential objects created via - <function>sd_bus_creds_new_from_pid()</function> this mask will be + <function>sd_bus_creds_new_from_pid()</function>, this mask will be identical to the mask returned by <function>sd_bus_creds_get_mask()</function>. However, for credential objects retrieved via - <function>sd_bus_get_name_creds()</function> this mask will be set + <function>sd_bus_get_name_creds()</function>, this mask will be set for the credential fields that could not be determined atomically at peer connection time, and which were later added by reading augmenting credential data from - <filename>/proc</filename>. Similar, for credential objects - retrieved via <function>sd_bus_get_owner_creds()</function> the + <filename>/proc</filename>. Similarly, for credential objects + retrieved via <function>sd_bus_get_owner_creds()</function>, the mask is set for the fields that could not be determined atomically - at bus creation time, but have been augmented. Similar, for + at bus creation time, but have been augmented. Similarly, for credential objects retrieved via - <function>sd_bus_message_get_creds()</function> the mask is set + <function>sd_bus_message_get_creds()</function>, the mask is set for the fields that could not be determined atomically at message - send time, but have been augmented. The mask returned by + sending time, but have been augmented. The mask returned by <function>sd_bus_creds_get_augmented_mask()</function> is always a subset of (or identical to) the mask returned by <function>sd_bus_creds_get_mask()</function> for the same object. The latter call hence returns all credential fields available in the credential object, the former then marks the subset of those that have been augmented. Note that augmented - fields are unsuitable for authorization decisions as they may be - retrieved at different times, thus being subject to races. Hence + fields are unsuitable for authorization decisions, as they may be + retrieved at different times, thus being subject to races. Hence, augmented fields should be used exclusively for informational purposes. </para> diff --git a/man/sd_bus_default.xml b/man/sd_bus_default.xml index 1cf2cb8f9a..6d5a90de72 100644 --- a/man/sd_bus_default.xml +++ b/man/sd_bus_default.xml @@ -112,7 +112,7 @@ connection object to the user bus when invoked in user context, or to the system bus otherwise. The connection object is associated with the calling thread. Each time the function is invoked from - the same thread the same object is returned, but its reference + the same thread, the same object is returned, but its reference count is increased by one, as long as at least one reference is kept. When the last reference to the connection is dropped (using the @@ -120,8 +120,8 @@ call), the connection is terminated. Note that the connection is not automatically terminated when the associated thread ends. It is important to drop the last reference to the bus connection - explicitly before the thread ends or otherwise the connection will - be leaked. Also, queued but unread or unwritten messages keep the + explicitly before the thread ends, as otherwise, the connection will + leak. Also, queued but unread or unwritten messages keep the bus referenced, see below.</para> <para><function>sd_bus_default_user()</function> returns a user @@ -139,14 +139,14 @@ <function>sd_bus_open_system()</function> does the same, but connects to the system bus. In contrast to <function>sd_bus_default()</function>, - <function>sd_bus_default_user()</function>, - <function>sd_bus_default_system()</function> these calls return + <function>sd_bus_default_user()</function>, and + <function>sd_bus_default_system()</function>, these calls return new, independent connection objects that are not associated with the invoking thread and are not shared between multiple invocations. It is recommended to share connections per thread to efficiently make use the available resources. Thus, it is recommended to use <function>sd_bus_default()</function>, - <function>sd_bus_default_user()</function>, + <function>sd_bus_default_user()</function> and <function>sd_bus_default_system()</function> to connect to the user or system buses.</para> @@ -215,31 +215,31 @@ <para>Queued but unwritten/unread messages also keep a reference to their bus connection object. For this reason, even if an - application dropped all references to a bus connection it might - not get destroyed right-away. Until all incoming queued + application dropped all references to a bus connection, it might + not get destroyed right away. Until all incoming queued messages are read, and until all outgoing unwritten messages are written, the bus object will stay alive. <function>sd_bus_flush()</function> may be used to write all outgoing queued messages so they drop their references. To - flush the unread incoming messages use + flush the unread incoming messages, use <function>sd_bus_close()</function>, which will also close the bus - connection. When using the default bus logic it is a good idea to + connection. When using the default bus logic, it is a good idea to first invoke <function>sd_bus_flush()</function> followed by <function>sd_bus_close()</function> when a thread or process terminates, and thus its bus connection object should be freed.</para> - <para>The life-cycle of the default bus connection should be the + <para>The life cycle of the default bus connection should be the responsibility of the code that creates/owns the thread the default bus connection object is associated with. Library code should neither call <function>sd_bus_flush()</function> nor <function>sd_bus_close()</function> on default bus objects unless it does so in its own private, self-allocated thread. Library code should not use the default bus object in other threads unless it - is clear that the program using it will life-cycle the bus + is clear that the program using it will life cycle the bus connection object and flush and close it before exiting from the thread. In libraries where it is not clear that the calling - program will life-cycle the bus connection object it is hence + program will life cycle the bus connection object, it is hence recommended to use <function>sd_bus_open_system()</function> instead of <function>sd_bus_default_system()</function> and related calls.</para> diff --git a/man/sd_bus_error.xml b/man/sd_bus_error.xml index 6dc4541eb1..c2d7ee389b 100644 --- a/man/sd_bus_error.xml +++ b/man/sd_bus_error.xml @@ -167,7 +167,7 @@ <citerefentry><refentrytitle>sd-bus-errors</refentrytitle><manvolnum>3</manvolnum></citerefentry>, but additional domain-specific errors may be defined by applications. The <structfield>message</structfield> field usually - contains a human readable string describing the details, but might + contains a human-readable string describing the details, but might be NULL. An unset <structname>sd_bus_error</structname> structure should have both fields initialized to NULL. Set an error structure to <constant>SD_BUS_ERROR_NULL</constant> in order to @@ -189,20 +189,20 @@ for a list of well-known error names. Additional error mappings may be defined with <citerefentry><refentrytitle>sd_bus_error_add_map</refentrytitle><manvolnum>3</manvolnum></citerefentry>. If - <parameter>e</parameter> is NULL no error structure is initialized + <parameter>e</parameter> is NULL, no error structure is initialized, but the error is still converted into an <varname>errno</varname>-style error. If <parameter>name</parameter> is <constant>NULL</constant>, it is assumed that no error occurred, and 0 is returned. This means that this function may be conveniently used in a <function>return</function> statement. If - <parameter>message</parameter> is NULL no message is set. This + <parameter>message</parameter> is NULL, no message is set. This call can fail if no memory may be allocated for the name and message strings, in which case an <constant>SD_BUS_ERROR_NO_MEMORY</constant> error might be set - instead and -ENOMEM returned. Do not use this call on error + instead and -ENOMEM be returned. Do not use this call on error structures that are already initialized. If you intend to reuse an - error structure free the old data stored in it with + error structure, free the old data stored in it with <function>sd_bus_error_free()</function> first.</para> <para><function>sd_bus_error_setf()</function> is similar to @@ -216,8 +216,8 @@ are not copied internally, and must hence remain constant and valid for the lifetime of <parameter>e</parameter>. Use this call to avoid memory allocations when setting error structures. Since - this call does not allocate memory it will not fail with an - out-of-memory condition, as + this call does not allocate memory, it will not fail with an + out-of-memory condition as <function>sd_bus_error_set()</function> can, as described above. Alternatively, the <constant>SD_BUS_ERROR_MAKE_CONST()</constant> macro may be used @@ -238,7 +238,7 @@ convenient usage in <function>return</function> statements. This call might fail due to lack of memory, in which case an <constant>SD_BUS_ERROR_NO_MEMORY</constant> error is set instead, - and -ENOMEM returned.</para> + and -ENOMEM is returned.</para> <para><function>sd_bus_error_set_errnof()</function> is similar to <function>sd_bus_error_set_errno()</function>, but in addition to @@ -249,7 +249,7 @@ <parameter>format</parameter> and the arguments.</para> <para><function>sd_bus_error_set_errnofv()</function> is similar to - <function>sd_bus_error_set_errnof()</function> but takes the + <function>sd_bus_error_set_errnof()</function>, but takes the format string parameters as <citerefentry project='man-pages'><refentrytitle>va_arg</refentrytitle><manvolnum>3</manvolnum></citerefentry> parameter list.</para> @@ -295,10 +295,10 @@ <title>Return Value</title> <para>The functions <function>sd_bus_error_set()</function>, - <function>sd_bus_error_setf()</function>, + <function>sd_bus_error_setf()</function>, and <function>sd_bus_error_set_const()</function>, when successful, return the negative errno value corresponding to the - <parameter>name</parameter> parameter. Functions + <parameter>name</parameter> parameter. The functions <function>sd_bus_error_set_errno()</function>, <function>sd_bus_error_set_errnof()</function> and <function>sd_bus_error_set_errnofv()</function>, when successful, @@ -331,7 +331,7 @@ <title>Reference ownership</title> <para><structname>sd_bus_error</structname> is not reference counted. Users should destroy resources held by it by calling - <function>sd_bus_error_free()</function>. Usually error structures + <function>sd_bus_error_free()</function>. Usually, error structures are allocated on the stack or passed in as function parameters, but they may also be allocated dynamically, in which case it is the duty of the caller to <citerefentry diff --git a/man/sd_bus_error_add_map.xml b/man/sd_bus_error_add_map.xml index 3fca63be4a..139bd77d8c 100644 --- a/man/sd_bus_error_add_map.xml +++ b/man/sd_bus_error_add_map.xml @@ -87,7 +87,7 @@ <citerefentry><refentrytitle>sd_bus_error_set</refentrytitle><manvolnum>3</manvolnum></citerefentry> or <citerefentry><refentrytitle>sd_bus_error_get_errno</refentrytitle><manvolnum>3</manvolnum></citerefentry>. By - default a number of generic, standardized mappings are known, as + default, a number of generic, standardized mappings are known, as documented in <citerefentry><refentrytitle>sd-bus-errors</refentrytitle><manvolnum>3</manvolnum></citerefentry>. Use this call to add further, application-specific mappings.</para> @@ -95,12 +95,12 @@ <para>The function takes a pointer to an array of <structname>sd_bus_error_map</structname> structures. A reference to the specified array is added to the lookup tables for error - mappings. Note that the structure is not copied, it is hence + mappings. Note that the structure is not copied, and that it is hence essential that the array stays available and constant during the entire remaining runtime of the process.</para> <para>The mapping array should be put together with a series of - <constant>SD_BUS_ERROR_MAP()</constant> macro invocations, that + <constant>SD_BUS_ERROR_MAP()</constant> macro invocations that take a literal name string and a (positive) <varname>errno</varname>-style error number. The last entry of the array should be an invocation of the diff --git a/man/sd_bus_message_append.xml b/man/sd_bus_message_append.xml index 0ee849dca7..77fce02eae 100644 --- a/man/sd_bus_message_append.xml +++ b/man/sd_bus_message_append.xml @@ -70,7 +70,7 @@ appends a sequence of fields to the D-Bus message object <parameter>m</parameter>. The type string <parameter>types</parameter> describes the types of the field - arguments that follow. For each type specified in the type string + arguments that follow. For each type specified in the type string, one or more arguments need to be specified, in the same order as declared in the type string.</para> diff --git a/man/sd_bus_message_append_array.xml b/man/sd_bus_message_append_array.xml index 37cadb9d0f..27db2a96c3 100644 --- a/man/sd_bus_message_append_array.xml +++ b/man/sd_bus_message_append_array.xml @@ -131,8 +131,8 @@ <parameter>type</parameter>. However, as a special exception, if the offset is specified as zero and the size specified as UINT64_MAX the full memory file descriptor contents is used. The - memory file descriptor is sealed by this call if it hasn't been - sealed yet, and cannot be modified a after this call. See + memory file descriptor is sealed by this call if it has not been + sealed yet, and cannot be modified after this call. See <citerefentry project='man-pages'><refentrytitle>memfd_create</refentrytitle><manvolnum>2</manvolnum></citerefentry> for details about memory file descriptors. Appending arrays with @@ -142,7 +142,7 @@ process. Not all protocol transports support passing memory file descriptors between participants, in which case this call will automatically fall back to copying. Also, as memory file - descriptor passing is inefficient for smaller amounts of data + descriptor passing is inefficient for smaller amounts of data, copying might still be enforced even where memory file descriptor passing is supported.</para> @@ -150,13 +150,13 @@ function appends an array of a trivial type to the message <parameter>m</parameter>, similar to <function>sd_bus_message_append_array()</function>. Contents of - the IO vector array <parameter>iov</parameter> are used as the + the I/O vector array <parameter>iov</parameter> are used as the contents of the array. The total size of <parameter>iov</parameter> payload (the sum of <structfield>iov_len</structfield> fields) must be a multiple of the size of the type <parameter>type</parameter>. The <parameter>iov</parameter> argument must point to - <parameter>n</parameter> IO vector structures. Each structure may + <parameter>n</parameter> I/O vector structures. Each structure may have the <structname>iov_base</structname> field set, in which case the memory pointed to will be copied into the message, or unset (set to zero), in which case a block of zeros of length @@ -171,9 +171,9 @@ copying items to the message, it returns a pointer to the destination area to the caller in pointer <parameter>p</parameter>. The caller should subsequently write the - array contents to this memory. Modifications of the memory + array contents to this memory. Modifications to the memory pointed to should only occur until the next operation on the bus - message is invoked, most importantly the memory should not be + message is invoked. Most importantly, the memory should not be altered anymore when another field has been added to the message or the message has been sealed.</para> </refsect1> diff --git a/man/sd_bus_message_get_monotonic_usec.xml b/man/sd_bus_message_get_monotonic_usec.xml index 4c2c06e903..2c0a8a5d54 100644 --- a/man/sd_bus_message_get_monotonic_usec.xml +++ b/man/sd_bus_message_get_monotonic_usec.xml @@ -83,7 +83,7 @@ <citerefentry><refentrytitle>clock_gettime</refentrytitle><manvolnum>2</manvolnum></citerefentry> for details.</para> - <para>Similar, + <para>Similarly, <function>sd_bus_message_get_realtime_usec()</function> returns the realtime (wallclock) timestamp of the time the message was sent. This value is in microseconds since Jan 1st, 1970, i.e. in diff --git a/man/sd_bus_negotiate_fds.xml b/man/sd_bus_negotiate_fds.xml index f53ea9e41a..a538b13cf0 100644 --- a/man/sd_bus_negotiate_fds.xml +++ b/man/sd_bus_negotiate_fds.xml @@ -108,7 +108,7 @@ <citerefentry><refentrytitle>sd_bus_message_get_realtime_usec</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_message_get_seqnum</refentrytitle><manvolnum>3</manvolnum></citerefentry> to query the timestamps of incoming messages. If negotiation is - disabled or not supported these calls will fail with + disabled or not supported, these calls will fail with <constant>-ENODATA</constant>. Note that not all transports support timestamping of messages. Specifically, timestamping is only available on the kdbus transport, but not on dbus1. The @@ -118,7 +118,7 @@ <para><function>sd_bus_negotiate_creds()</function> controls whether and which implicit sender credentials shall be attached - automatically to all incoming messages. Takes a bus object, a + automatically to all incoming messages. Takes a bus object and a boolean indicating whether to enable or disable the credential parts encoded in the bit mask value argument. Note that not all transports support attaching sender credentials to messages, or do @@ -140,10 +140,10 @@ <citerefentry><refentrytitle>sd_bus_start</refentrytitle><manvolnum>3</manvolnum></citerefentry>. Both <function>sd_bus_negotiate_timestamp()</function> and <function>sd_bus_negotiate_creds()</function> may also be called - after a connection has been set up. Note that when operating on a + after a connection has been set up. Note that, when operating on a connection that is shared between multiple components of the same program (for example via - <citerefentry><refentrytitle>sd_bus_default</refentrytitle><manvolnum>3</manvolnum></citerefentry>) + <citerefentry><refentrytitle>sd_bus_default</refentrytitle><manvolnum>3</manvolnum></citerefentry>), it is highly recommended to only enable additional per message metadata fields, but never disable them again, in order not to disable functionality needed by other components.</para> diff --git a/man/sd_bus_new.xml b/man/sd_bus_new.xml index aff2ed2e83..e1cab6e567 100644 --- a/man/sd_bus_new.xml +++ b/man/sd_bus_new.xml @@ -84,7 +84,7 @@ or a related call, and then start the connection with <citerefentry><refentrytitle>sd_bus_start</refentrytitle><manvolnum>3</manvolnum></citerefentry>.</para> - <para>In most cases it's a better idea to invoke + <para>In most cases, it is a better idea to invoke <citerefentry><refentrytitle>sd_bus_default_user</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_bus_default_system</refentrytitle><manvolnum>3</manvolnum></citerefentry> or related calls instead of the more low-level diff --git a/man/sd_bus_path_encode.xml b/man/sd_bus_path_encode.xml index 696dfd00ba..3088243e45 100644 --- a/man/sd_bus_path_encode.xml +++ b/man/sd_bus_path_encode.xml @@ -128,23 +128,23 @@ <para><function>sd_bus_path_encode_many()</function> works like its counterpart <function>sd_bus_path_encode()</function>, but - takes a path-template as argument and encodes multiple labels + takes a path template as argument and encodes multiple labels according to its embedded directives. For each <literal>%</literal> character found in the template, the caller - must provide a string via var-args, which will be encoded and + must provide a string via varargs, which will be encoded and embedded at the position of the <literal>%</literal> character. Any other character in the template is copied verbatim into the encoded path.</para> <para><function>sd_bus_path_decode_many()</function> does the reverse of <function>sd_bus_path_encode_many()</function>. It - decodes the passed object path, according to the given - path-template. For each <literal>%</literal> character in the + decodes the passed object path according to the given + path template. For each <literal>%</literal> character in the template, the caller must provide an output storage - (<literal>char **</literal>) via var-args. The decoded label + (<literal>char **</literal>) via varargs. The decoded label will be stored there. Each <literal>%</literal> character will only match the current label. It will never match across labels. - Furthermore, only a single such directive is allowed per label. + Furthermore, only a single directive is allowed per label. If <literal>NULL</literal> is passed as output storage, the label is verified but not returned to the caller.</para> </refsect1> diff --git a/man/sd_event_add_child.xml b/man/sd_event_add_child.xml index b62d1ee5e1..77bec4e706 100644 --- a/man/sd_event_add_child.xml +++ b/man/sd_event_add_child.xml @@ -157,7 +157,7 @@ <varlistentry> <term><constant>-EBUSY</constant></term> - <listitem><para>An handler is already installed for this + <listitem><para>A handler is already installed for this child.</para></listitem> </varlistentry> diff --git a/man/sd_event_add_defer.xml b/man/sd_event_add_defer.xml index 01504bf01e..826f2fd224 100644 --- a/man/sd_event_add_defer.xml +++ b/man/sd_event_add_defer.xml @@ -90,7 +90,7 @@ <refsect1> <title>Description</title> - <para>Those three functions add new event sources to an event loop + <para>These three functions add new event sources to an event loop object. The event loop is specified in <parameter>event</parameter>, the event source is returned in the <parameter>source</parameter> parameter. The event sources are diff --git a/man/sd_event_add_signal.xml b/man/sd_event_add_signal.xml index 1d0942b45c..0923fe0ae7 100644 --- a/man/sd_event_add_signal.xml +++ b/man/sd_event_add_signal.xml @@ -82,7 +82,7 @@ <para><function>sd_event_add_signal()</function> adds a new signal event source to an event loop object. The event loop is specified - in <parameter>event</parameter>, the event source is returned in + in <parameter>event</parameter>, and the event source is returned in the <parameter>source</parameter> parameter. The <parameter>signal</parameter> parameter specifies the signal to be handled (see @@ -149,7 +149,7 @@ <varlistentry> <term><constant>-EBUSY</constant></term> - <listitem><para>An handler is already installed for this + <listitem><para>A handler is already installed for this signal or the signal was not blocked previously.</para></listitem> </varlistentry> diff --git a/man/sd_event_new.xml b/man/sd_event_new.xml index e5a440556e..f6c5d39814 100644 --- a/man/sd_event_new.xml +++ b/man/sd_event_new.xml @@ -114,7 +114,7 @@ <function>sd_event_default()</function>, then releasing it, and then acquiring a new one with <function>sd_event_default()</function> will result in two - distinct objects. Note that in order to free an event loop object, + distinct objects. Note that, in order to free an event loop object, all remaining event sources of the event loop also need to be freed as each keeps a reference to it.</para> </refsect1> diff --git a/man/sd_event_run.xml b/man/sd_event_run.xml index 2eab5684c5..06236fcd1a 100644 --- a/man/sd_event_run.xml +++ b/man/sd_event_run.xml @@ -46,7 +46,7 @@ <refname>sd_event_run</refname> <refname>sd_event_loop</refname> - <refpurpose>Run libsystemd event loop</refpurpose> + <refpurpose>Run the libsystemd event loop</refpurpose> </refnamediv> <refsynopsisdiv> @@ -71,8 +71,8 @@ <para><function>sd_event_run()</function> can be used to run one iteration of the event loop of libsystemd. This function waits - until an event to process is available and dispatches a handler - for it. Parameter <parameter>timeout</parameter> specifices the + until an event to process is available, and dispatches a handler + for it. The <parameter>timeout</parameter> parameter specifices the maximum time (in microseconds) to wait. <constant>(uint64_t) -1</constant> may be used to specify an infinite timeout.</para> @@ -121,7 +121,7 @@ <varlistentry> <term><constant>-EINVAL</constant></term> - <listitem><para>Parameter <parameter>event</parameter> is + <listitem><para>The <parameter>event</parameter> parameter is <constant>NULL</constant>.</para></listitem> </varlistentry> @@ -150,7 +150,7 @@ </variablelist> - <para>Other errors are possible too.</para> + <para>Other errors are possible, too.</para> </refsect1> <refsect1> @@ -176,7 +176,7 @@ <citerefentry><refentrytitle>sd_event_add_defer</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_event_add_exit</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_event_add_post</refentrytitle><manvolnum>3</manvolnum></citerefentry>, - <ulink url="https://developer.gnome.org/glib/unstable/glib-The-Main-Event-Loop.html">GLIb Main Event Loop</ulink>. + <ulink url="https://developer.gnome.org/glib/unstable/glib-The-Main-Event-Loop.html">GLib Main Event Loop</ulink>. </para> </refsect1> diff --git a/man/sd_event_set_name.xml b/man/sd_event_set_name.xml index 72aef897c7..1471e12e59 100644 --- a/man/sd_event_set_name.xml +++ b/man/sd_event_set_name.xml @@ -77,7 +77,7 @@ <parameter>source</parameter>. This name will be used in error messages generated by <citerefentry><refentrytitle>sd-event</refentrytitle><manvolnum>3</manvolnum></citerefentry> - for this source. Specified <parameter>name</parameter> must point + for this source. The <parameter>name</parameter> must point to a <constant>NUL</constant>-terminated string or be <constant>NULL</constant>. In the latter case, the name will be unset. The string is copied internally, so the @@ -128,7 +128,7 @@ <refsect1> <title>Notes</title> - <para>Functions described here are available as a + <para>The functions described here are available as a shared library, which can be compiled and linked to with the <constant>libsystemd</constant> <citerefentry project='die-net'><refentrytitle>pkg-config</refentrytitle><manvolnum>1</manvolnum></citerefentry> diff --git a/man/sd_event_wait.xml b/man/sd_event_wait.xml index 397d52a3e4..7ca50aedf9 100644 --- a/man/sd_event_wait.xml +++ b/man/sd_event_wait.xml @@ -47,7 +47,7 @@ <refname>sd_event_prepare</refname> <refname>sd_event_dispatch</refname> - <refpurpose>Run parts of libsystemd event loop</refpurpose> + <refpurpose>Run parts of the libsystemd event loop</refpurpose> </refnamediv> <refsynopsisdiv> @@ -123,8 +123,8 @@ └──────────┘ </programlisting> - <para>All three functions as the first argument take the event - loop object <parameter>event</parameter> that is created with with + <para>All three functions take, as the first argument, the event + loop object <parameter>event</parameter> that is created with <function>sd_event_new</function>. The timeout for <function>sd_event_wait</function> is specified with <parameter>timeout</parameter> in milliseconds. @@ -138,11 +138,11 @@ <para>On success, these functions return 0 or a positive integer. On failure, they return a negative errno-style error code. In case of <function>sd_event_prepare</function> and - <function>sd_event_wait</function> a positive value means that + <function>sd_event_wait</function>, a positive value means that events are ready to be processed and 0 means that no events are - ready. In case of <function>sd_event_dispatch</function> a + ready. In case of <function>sd_event_dispatch</function>, a positive value means that the loop is again in the initial state - and 0 means the loop is finished. For any of those functions, a + and 0 means the loop is finished. For any of these functions, a negative return value means the loop must be aborted.</para> </refsect1> @@ -155,7 +155,7 @@ <varlistentry> <term><constant>-EINVAL</constant></term> - <listitem><para>Parameter <parameter>event</parameter> is + <listitem><para>The <parameter>event</parameter> parameter is <constant>NULL</constant>.</para></listitem> </varlistentry> @@ -182,7 +182,7 @@ </variablelist> - <para>Other errors are possible too.</para> + <para>Other errors are possible, too.</para> </refsect1> <refsect1> diff --git a/man/sd_get_seats.xml b/man/sd_get_seats.xml index f1981f7ea2..37eb3fc894 100644 --- a/man/sd_get_seats.xml +++ b/man/sd_get_seats.xml @@ -127,7 +127,7 @@ <term><constant>-EINVAL</constant></term> <listitem><para>An input parameter was invalid (out of range, - or NULL, where that's not accepted).</para></listitem> + or NULL, where that is not accepted).</para></listitem> </varlistentry> <varlistentry> diff --git a/man/sd_journal_add_match.xml b/man/sd_journal_add_match.xml index 420f56356a..3b27444f8d 100644 --- a/man/sd_journal_add_match.xml +++ b/man/sd_journal_add_match.xml @@ -89,7 +89,7 @@ and <citerefentry><refentrytitle>sd_journal_get_data</refentrytitle><manvolnum>3</manvolnum></citerefentry>. Matches are of the form <literal>FIELD=value</literal>, where the - field part is a short uppercase string consisting only of 0-9, A-Z + field part is a short uppercase string consisting only of 0–9, A–Z and the underscore. It may not begin with two underscores or be the empty string. The value part may be any value, including binary. If a match is applied, only entries with this field set diff --git a/man/sd_journal_get_data.xml b/man/sd_journal_get_data.xml index 1afbd7371c..1f25d068d7 100644 --- a/man/sd_journal_get_data.xml +++ b/man/sd_journal_get_data.xml @@ -113,7 +113,7 @@ <function>sd_journal_get_data()</function> or <function>sd_journal_enumerate_data()</function>, or the read pointer is altered. Note that the data returned will be prefixed - with the field name and '='. Also note that by default data fields + with the field name and '='. Also note that, by default, data fields larger than 64K might get truncated to 64K. This threshold may be changed and turned off with <function>sd_journal_set_data_threshold()</function> (see diff --git a/man/sd_journal_get_fd.xml b/man/sd_journal_get_fd.xml index 3a38f733ab..61293f7f99 100644 --- a/man/sd_journal_get_fd.xml +++ b/man/sd_journal_get_fd.xml @@ -187,7 +187,7 @@ else { certain latency. This call will return a positive value if the journal changes are detected immediately and zero when they need to be polled for and hence might be noticed only with a certain - latency. Note that there's usually no need to invoke this function + latency. Note that there is usually no need to invoke this function directly as <function>sd_journal_get_timeout()</function> on these file systems will ask for timeouts explicitly anyway.</para> </refsect1> diff --git a/man/sd_journal_open.xml b/man/sd_journal_open.xml index fb572802a3..fef453f8dc 100644 --- a/man/sd_journal_open.xml +++ b/man/sd_journal_open.xml @@ -100,8 +100,8 @@ <para><function>sd_journal_open()</function> opens the log journal for reading. It will find all journal files automatically and interleave them automatically when reading. As first argument it - takes a pointer to a <varname>sd_journal</varname> pointer, which - on success will contain a journal context object. The second + takes a pointer to a <varname>sd_journal</varname> pointer, which, + on success, will contain a journal context object. The second argument is a flags field, which may consist of the following flags ORed together: <constant>SD_JOURNAL_LOCAL_ONLY</constant> makes sure only journal files generated on the local machine will diff --git a/man/sd_journal_print.xml b/man/sd_journal_print.xml index 0cd0b45b9a..17fdc9c1f2 100644 --- a/man/sd_journal_print.xml +++ b/man/sd_journal_print.xml @@ -134,8 +134,8 @@ be ignored.) The value can be of any size and format. It is highly recommended to submit text strings formatted in the UTF-8 character encoding only, and submit binary fields only when - formatting in UTF-8 strings is not sensible. A number of well - known fields are defined, see + formatting in UTF-8 strings is not sensible. A number of + well-known fields are defined, see <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry> for details, but additional application defined fields may be used. A variable may be assigned more than one value per @@ -156,7 +156,7 @@ <para><function>sd_journal_perror()</function> is a similar to <citerefentry project='die-net'><refentrytitle>perror</refentrytitle><manvolnum>3</manvolnum></citerefentry> and writes a message to the journal that consists of the passed - string, suffixed with ": " and a human readable representation of + string, suffixed with ": " and a human-readable representation of the current error code stored in <citerefentry project='man-pages'><refentrytitle>errno</refentrytitle><manvolnum>3</manvolnum></citerefentry>. If the message string is passed as <constant>NULL</constant> or diff --git a/man/sd_listen_fds.xml b/man/sd_listen_fds.xml index ccd1266318..93bf8d853f 100644 --- a/man/sd_listen_fds.xml +++ b/man/sd_listen_fds.xml @@ -76,7 +76,7 @@ daemon to check for file descriptors passed by the service manager as part of the socket-based activation logic. It returns the number of received file descriptors. If no file descriptors have been - received zero is returned. The first file descriptor may be found + received, zero is returned. The first file descriptor may be found at file descriptor number 3 (i.e. <constant>SD_LISTEN_FDS_START</constant>), the remaining descriptors follow at 4, 5, 6, ..., if any.</para> @@ -104,7 +104,7 @@ passed file descriptors to avoid further inheritance to children of the calling process.</para> - <para>If multiple socket units activate the same service the order + <para>If multiple socket units activate the same service, the order of the file descriptors passed to its main process is undefined. If additional file descriptors have been passed to the service manager using @@ -123,9 +123,9 @@ variables are no longer inherited by child processes.</para> <para><function>sd_listen_fds_with_names()</function> is like - <function>sd_listen_fds()</function> but optionally also returns + <function>sd_listen_fds()</function>, but optionally also returns an array of strings with identification names for the passed file - descriptors, if that is available, and the + descriptors, if that is available and the <parameter>names</parameter> parameter is non-NULL. This information is read from the <varname>$LISTEN_FDNAMES</varname> variable, which may contain a colon-separated list of names. For @@ -134,7 +134,7 @@ files, see <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details. For file descriptors pushed into the file descriptor - store (see above) the name is set via the + store (see above), the name is set via the <varname>FDNAME=</varname> field transmitted via <function>sd_pid_notify_with_fds()</function>. The primary usecase for these names are services which accept a variety of file @@ -145,14 +145,14 @@ <function>sd_is_socket()</function> and related calls is not sufficient. Note that the names used are not unique in any way. The returned array of strings has as many entries as file - descriptors has been received, plus a final NULL pointer + descriptors have been received, plus a final NULL pointer terminating the array. The caller needs to free the array itself and each of its elements with libc's <function>free()</function> call after use. If the <parameter>names</parameter> parameter is - NULL the call is entirely equivalent to + NULL, the call is entirely equivalent to <function>sd_listen_fds()</function>.</para> - <para>Under specific conditions the following automatic file + <para>Under specific conditions, the following automatic file descriptor names are returned: <table> diff --git a/man/sd_login_monitor_new.xml b/man/sd_login_monitor_new.xml index a8854dd590..db21d70252 100644 --- a/man/sd_login_monitor_new.xml +++ b/man/sd_login_monitor_new.xml @@ -214,7 +214,7 @@ else { <term><constant>-EINVAL</constant></term> <listitem><para>An input parameter was invalid (out of range, - or NULL, where that's not accepted). The specified category to + or NULL, where that is not accepted). The specified category to watch is not known.</para></listitem> </varlistentry> diff --git a/man/sd_machine_get_class.xml b/man/sd_machine_get_class.xml index 9ad7f3fc66..ef604139da 100644 --- a/man/sd_machine_get_class.xml +++ b/man/sd_machine_get_class.xml @@ -116,7 +116,7 @@ <term><constant>-EINVAL</constant></term> <listitem><para>An input parameter was invalid (out of range, - or NULL, where that's not accepted).</para></listitem> + or NULL, where that is not accepted).</para></listitem> </varlistentry> <varlistentry> diff --git a/man/sd_notify.xml b/man/sd_notify.xml index b7ee4286f0..dbf6330453 100644 --- a/man/sd_notify.xml +++ b/man/sd_notify.xml @@ -100,7 +100,7 @@ <para><function>sd_notify()</function> may be called by a service to notify the service manager about state changes. It can be used to send arbitrary information, encoded in an - environment-block-like string. Most importantly it can be used for + environment-block-like string. Most importantly, it can be used for start-up completion notification.</para> <para>If the <parameter>unset_environment</parameter> parameter is @@ -158,7 +158,7 @@ to the service manager that describes the service state. This is free-form and can be used for various purposes: general state feedback, fsck-like programs could pass completion - percentages and failing programs could pass a human readable + percentages and failing programs could pass a human-readable error message. Example: <literal>STATUS=Completed 66% of file system check...</literal></para></listitem> </varlistentry> @@ -233,21 +233,21 @@ <term>FDNAME=...</term> <listitem><para>When used in combination with - <varname>FDSTORE=1</varname> specifies a name for the + <varname>FDSTORE=1</varname>, specifies a name for the submitted file descriptors. This name is passed to the service during activation, and may be queried using <citerefentry><refentrytitle>sd_listen_fds_with_names</refentrytitle><manvolnum>3</manvolnum></citerefentry>. File descriptors submitted without this field set, will implicitly - get the name <literal>stored</literal> assigned. Note that if - multiple file descriptors are submitted at once the specified + get the name <literal>stored</literal> assigned. Note that, if + multiple file descriptors are submitted at once, the specified name will be assigned to all of them. In order to assign different names to submitted file descriptors, submit them in seperate invocations of <function>sd_pid_notify_with_fds()</function>. The name may - consist of any ASCII characters, but must not contain control + consist of any ASCII character, but must not contain control characters or <literal>:</literal>. It may not be longer than 255 characters. If a submitted name does not follow these - restrictions it is ignored.</para></listitem> + restrictions, it is ignored.</para></listitem> </varlistentry> </variablelist> @@ -274,7 +274,7 @@ use as originating PID for the message as first argument. This is useful to send notification messages on behalf of other processes, provided the appropriate privileges are available. If the PID - argument is specified as 0 the process ID of the calling process + argument is specified as 0, the process ID of the calling process is used, in which case the calls are fully equivalent to <function>sd_notify()</function> and <function>sd_notifyf()</function>.</para> @@ -377,7 +377,7 @@ <para>To store an open file descriptor in the service manager, in order to continue operation after a service restart without - losing state use <literal>FDSTORE=1</literal>:</para> + losing state, use <literal>FDSTORE=1</literal>:</para> <programlisting>sd_pid_notify_with_fds(0, 0, "FDSTORE=1\nFDNAME=foobar", &fd, 1);</programlisting> </example> diff --git a/man/sd_pid_get_session.xml b/man/sd_pid_get_session.xml index 035effcaa9..806cff34e4 100644 --- a/man/sd_pid_get_session.xml +++ b/man/sd_pid_get_session.xml @@ -176,7 +176,7 @@ not all processes are part of a login session (e.g. system service processes, user processes that are shared between multiple sessions of the same user, or kernel threads). For processes not - being part of a login session this function will fail with + being part of a login session, this function will fail with -ENODATA. The returned string needs to be freed with the libc <citerefentry project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry> @@ -188,8 +188,8 @@ unit name is a short string, suitable for usage in file system paths. Note that not all processes are part of a system unit/service (e.g. user processes, or kernel threads). For - processes not being part of a systemd system unit this function - will fail with -ENODATA (More specifically: this call will not + processes not being part of a systemd system unit, this function + will fail with -ENODATA. (More specifically, this call will not work for kernel threads.) The returned string needs to be freed with the libc <citerefentry project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry> @@ -198,17 +198,17 @@ <para><function>sd_pid_get_user_unit()</function> may be used to determine the systemd user unit (i.e. user service or scope unit) identifier of a process identified by the specified PID. This is - similar to <function>sd_pid_get_unit()</function> but applies to + similar to <function>sd_pid_get_unit()</function>, but applies to user units instead of system units.</para> <para><function>sd_pid_get_owner_uid()</function> may be used to determine the Unix UID (user identifier) of the owner of the session of a process identified the specified PID. Note that this function will succeed for user processes which are shared between - multiple login sessions of the same user, where + multiple login sessions of the same user, whereas <function>sd_pid_get_session()</function> will fail. For processes not being part of a login session and not being a shared process - of a user this function will fail with -ENODATA.</para> + of a user, this function will fail with -ENODATA.</para> <para><function>sd_pid_get_machine_name()</function> may be used to determine the name of the VM or container is a member of. The @@ -216,7 +216,7 @@ paths. The returned string needs to be freed with the libc <citerefentry project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry> - call after use. For processes not part of a VM or containers this + call after use. For processes not part of a VM or containers, this function fails with -ENODATA.</para> <para><function>sd_pid_get_slice()</function> may be used to @@ -227,7 +227,7 @@ <citerefentry project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry> call after use.</para> - <para>Similar, <function>sd_pid_get_user_slice()</function> + <para>Similarly, <function>sd_pid_get_user_slice()</function> returns the user slice (as managed by the user's systemd instance) of a process.</para> @@ -235,7 +235,7 @@ group path of the specified process, relative to the root of the hierarchy. Returns the path without trailing slash, except for processes located in the root control group, where "/" is - returned. To find the actual control group path in the file system + returned. To find the actual control group path in the file system, the returned path needs to be prefixed with <filename>/sys/fs/cgroup/</filename> (if the unified control group setup is used), or @@ -294,7 +294,7 @@ <varlistentry> <term><constant>-ENODATA</constant></term> - <listitem><para>Given field is not specified for the described + <listitem><para>The given field is not specified for the described process or peer.</para> </listitem> </varlistentry> @@ -303,7 +303,7 @@ <term><constant>-EINVAL</constant></term> <listitem><para>An input parameter was invalid (out of range, - or NULL, where that's not accepted).</para></listitem> + or NULL, where that is not accepted).</para></listitem> </varlistentry> <varlistentry> diff --git a/man/sd_seat_get_active.xml b/man/sd_seat_get_active.xml index 4d3e0822e0..6e1d505dce 100644 --- a/man/sd_seat_get_active.xml +++ b/man/sd_seat_get_active.xml @@ -158,7 +158,7 @@ <varlistentry> <term><constant>-ENODATA</constant></term> - <listitem><para>Given field is not specified for the described + <listitem><para>The given field is not specified for the described seat.</para> </listitem> </varlistentry> @@ -174,7 +174,7 @@ <term><constant>-EINVAL</constant></term> <listitem><para>An input parameter was invalid (out of range, - or NULL, where that's not accepted).</para></listitem> + or NULL, where that is not accepted).</para></listitem> </varlistentry> <varlistentry> diff --git a/man/sd_session_is_active.xml b/man/sd_session_is_active.xml index 7de9523789..a6076b177a 100644 --- a/man/sd_session_is_active.xml +++ b/man/sd_session_is_active.xml @@ -306,7 +306,7 @@ <varlistentry> <term><constant>-ENODATA</constant></term> - <listitem><para>Given field is not specified for the described + <listitem><para>The given field is not specified for the described session.</para> </listitem> </varlistentry> @@ -315,7 +315,7 @@ <term><constant>-EINVAL</constant></term> <listitem><para>An input parameter was invalid (out of range, - or NULL, where that's not accepted).</para></listitem> + or NULL, where that is not accepted).</para></listitem> </varlistentry> <varlistentry> diff --git a/man/sd_uid_get_state.xml b/man/sd_uid_get_state.xml index 13ddf08c65..4cc7405dd6 100644 --- a/man/sd_uid_get_state.xml +++ b/man/sd_uid_get_state.xml @@ -179,7 +179,7 @@ <varlistentry> <term><constant>-ENODATA</constant></term> - <listitem><para>Given field is not specified for the described + <listitem><para>The given field is not specified for the described user.</para> </listitem> </varlistentry> @@ -195,7 +195,7 @@ <term><constant>-EINVAL</constant></term> <listitem><para>An input parameter was invalid (out of range, - or NULL, where that's not accepted). This is also returned if + or NULL, where that is not accepted). This is also returned if the passed user ID is 0xFFFF or 0xFFFFFFFF, which are undefined on Linux.</para></listitem> </varlistentry> diff --git a/man/sd_watchdog_enabled.xml b/man/sd_watchdog_enabled.xml index 991431f33b..144ab1db61 100644 --- a/man/sd_watchdog_enabled.xml +++ b/man/sd_watchdog_enabled.xml @@ -157,7 +157,7 @@ systemd-41.</para> <para><function>sd_watchdog_enabled()</function> function was - added in systemd-209. Since that version the + added in systemd-209. Since that version, the <varname>$WATCHDOG_PID</varname> variable is also set.</para> </refsect1> diff --git a/man/standard-conf.xml b/man/standard-conf.xml index ffc6f76294..6edbb7ff83 100644 --- a/man/standard-conf.xml +++ b/man/standard-conf.xml @@ -38,9 +38,9 @@ <refsection id='main-conf'> <title>Configuration Directories and Precedence</title> - <para>Default configuration is defined during compilation, so a + <para>The default configuration is defined during compilation, so a configuration file is only needed when it is necessary to deviate - from those defaults. By default the configuration file in + from those defaults. By default, the configuration file in <filename>/etc/systemd/</filename> contains commented out entries showing the defaults as a guide to the administrator. This file can be edited to create local overrides. diff --git a/man/sysctl.d.xml b/man/sysctl.d.xml index e5b2bc0ac9..ccf6c8e39f 100644 --- a/man/sysctl.d.xml +++ b/man/sysctl.d.xml @@ -140,10 +140,10 @@ net.bridge.bridge-nf-call-arptables = 0 </programlisting> <para>This method applies settings when the module is - loaded. Please note that unless the <filename>br_netfilter</filename> + loaded. Please note that, unless the <filename>br_netfilter</filename> module is loaded, bridged packets will not be filtered by - netfilter (starting with kernel 3.18), so simply not loading the - module is suffient to avoid filtering.</para> + Netfilter (starting with kernel 3.18), so simply not loading the + module is sufficient to avoid filtering.</para> </example> <example> @@ -162,10 +162,10 @@ net.bridge.bridge-nf-call-arptables = 0 </programlisting> <para>This method forces the module to be always loaded. Please - note that unless the <filename>br_netfilter</filename> module is - loaded, bridged packets will not be filtered with netfilter + note that, unless the <filename>br_netfilter</filename> module is + loaded, bridged packets will not be filtered with Netfilter (starting with kernel 3.18), so simply not loading the module is - suffient to avoid filtering.</para> + sufficient to avoid filtering.</para> </example> </refsect1> diff --git a/man/systemctl.xml b/man/systemctl.xml index 36edc204b7..2fe24fd139 100644 --- a/man/systemctl.xml +++ b/man/systemctl.xml @@ -103,7 +103,7 @@ <listitem> <para>The argument should be a comma-separated list of unit LOAD, SUB, or ACTIVE states. When listing units, show only - those in specified states. Use <option>--state=failed</option> + those in the specified states. Use <option>--state=failed</option> to show only failed units.</para> <para>As a special case, if one of the arguments is @@ -134,7 +134,7 @@ <para>Properties for units vary by unit type, so showing any unit (even a non-existent one) is a way to list properties - pertaining to this type. Similarly showing any job will list + pertaining to this type. Similarly, showing any job will list properties pertaining to all jobs. Properties for units are documented in <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>, @@ -359,7 +359,7 @@ <!-- we do not document -failed here, as it has been made redundant by -state=failed, which it predates. To keep - things simple we only document the new switch, while + things simple, we only document the new switch, while keeping the old one around for compatibility only. --> <varlistentry> @@ -458,7 +458,7 @@ <listitem> <para>When used with <command>kill</command>, choose which signal to send to selected processes. Must be one of the - well known signal specifiers such as <constant>SIGTERM</constant>, <constant>SIGINT</constant> or + well-known signal specifiers such as <constant>SIGTERM</constant>, <constant>SIGINT</constant> or <constant>SIGSTOP</constant>. If omitted, defaults to <option>SIGTERM</option>.</para> </listitem> @@ -518,7 +518,7 @@ <listitem> <para>When used with <command>enable</command>/<command>disable</command>/<command>is-enabled</command> - (and related commands), use alternative root path when + (and related commands), use an alternate root path when looking for unit files.</para> </listitem> @@ -600,7 +600,9 @@ <listitem> <para>When used with <command>list-dependencies</command>, - the output is printed as a list instead of a tree.</para> + <command>list-units</command> or <command>list-machines</command>, the + the output is printed as a list instead of a tree, and the bullet + circles are omitted.</para> </listitem> </varlistentry> @@ -829,7 +831,7 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service <para>This function is intended to generate human-readable output. If you are looking for computer-parsable output, - use <command>show</command> instead. By default this + use <command>show</command> instead. By default, this function only shows 10 lines of output and ellipsizes lines to fit in the terminal window. This can be changes with <option>--lines</option> and <option>--full</option>, @@ -849,7 +851,7 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service <para>Show properties of one or more units, jobs, or the manager itself. If no argument is specified, properties of the manager will be shown. If a unit name is specified, - properties of the unit is shown, and if a job id is + properties of the unit is shown, and if a job ID is specified, properties of the job is shown. By default, empty properties are suppressed. Use <option>--all</option> to show those too. To select specific properties to show, use @@ -981,7 +983,7 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service starting any of the units being enabled. If this is desired, either <option>--now</option> should be used together with this command, or an additional <command>start</command> - command must be invoked for the unit. Also note that in case of + command must be invoked for the unit. Also note that, in case of instance enablement, symlinks named the same as instances are created in the install location, however they all point to the same template unit file.</para> @@ -1156,17 +1158,17 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service </row> <row> <entry><literal>static</literal></entry> - <entry>Unit file is not enabled, and has no provisions for enabling in the <literal>[Install]</literal> section.</entry> + <entry>The unit file is not enabled, and has no provisions for enabling in the <literal>[Install]</literal> section.</entry> <entry>0</entry> </row> <row> <entry><literal>indirect</literal></entry> - <entry>Unit file itself is not enabled, but it has a non-empty <varname>Also=</varname> setting in the <literal>[Install]</literal> section, listing other unit files that might be enabled.</entry> + <entry>The unit file itself is not enabled, but it has a non-empty <varname>Also=</varname> setting in the <literal>[Install]</literal> section, listing other unit files that might be enabled.</entry> <entry>0</entry> </row> <row> <entry><literal>disabled</literal></entry> - <entry>Unit file is not enabled.</entry> + <entry>The unit file is not enabled.</entry> <entry>> 0</entry> </row> </tbody> @@ -1225,12 +1227,12 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service <listitem> <para>Adds <literal>Wants=</literal> or <literal>Requires=</literal> - dependency, respectively, to the specified + dependencies, respectively, to the specified <replaceable>TARGET</replaceable> for one or more units. </para> <para>This command honors <option>--system</option>, <option>--user</option>, <option>--runtime</option> and - <option>--global</option> in a similar way as + <option>--global</option> in a way similar to <command>enable</command>.</para> </listitem> @@ -1246,8 +1248,8 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service <para>Depending on whether <option>--system</option> (the default), <option>--user</option>, or <option>--global</option> is specified, - this creates a drop-in file for each unit either for the system, - for the calling user or for all futures logins of all users. Then, + this command creates a drop-in file for each unit either for the system, + for the calling user, or for all futures logins of all users. Then, the editor (see the "Environment" section below) is invoked on temporary files which will be written to the real location if the editor exits successfully.</para> @@ -1259,8 +1261,8 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service be made temporarily in <filename>/run</filename> and they will be lost on the next reboot.</para> - <para>If the temporary file is empty upon exit the modification of - the related unit is canceled</para> + <para>If the temporary file is empty upon exit, the modification of + the related unit is canceled.</para> <para>After the units have been edited, systemd configuration is reloaded (in a way that is equivalent to <command>daemon-reload</command>). @@ -1268,7 +1270,7 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service <para>Note that this command cannot be used to remotely edit units and that you cannot temporarily edit units which are in - <filename>/etc</filename> since they take precedence over + <filename>/etc</filename>, since they take precedence over <filename>/run</filename>.</para> </listitem> </varlistentry> @@ -1440,7 +1442,7 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service <term><command>daemon-reload</command></term> <listitem> - <para>Reload systemd manager configuration. This will + <para>Reload the systemd manager configuration. This will rerun all generators (see <citerefentry><refentrytitle>systemd.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>), reload all unit files, and recreate the entire dependency @@ -1483,7 +1485,7 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service maintenance mode, and with no failed services. Failure is returned otherwise (exit code non-zero). In addition, the current state is printed in a short string to standard - output, see table below. Use <option>--quiet</option> to + output, see the table below. Use <option>--quiet</option> to suppress this output.</para> <table> @@ -1682,7 +1684,7 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service <para>Switches to a different root directory and executes a new system manager process below it. This is intended for usage in initial RAM disks ("initrd"), and will transition - from the initrd's system manager process (a.k.a "init" + from the initrd's system manager process (a.k.a. "init" process) to the main system manager process. This call takes two arguments: the directory that is to become the new root directory, and the path to the new system manager binary below it to diff --git a/man/systemd-activate.xml b/man/systemd-activate.xml index 90e974c991..5fe1a39057 100644 --- a/man/systemd-activate.xml +++ b/man/systemd-activate.xml @@ -61,7 +61,7 @@ <title>Description</title> <para><command>systemd-activate</command> can be used to - launch a socket activated daemon from the command line for + launch a socket-activated daemon from the command line for testing purposes. It can also be used to launch single instances of the daemon per connection (inetd-style). </para> @@ -164,7 +164,7 @@ </example> <example> - <title>Run a socket activated instance of <citerefentry><refentrytitle>systemd-journal-gatewayd</refentrytitle><manvolnum>8</manvolnum></citerefentry></title> + <title>Run a socket-activated instance of <citerefentry><refentrytitle>systemd-journal-gatewayd</refentrytitle><manvolnum>8</manvolnum></citerefentry></title> <programlisting>$ /usr/lib/systemd/systemd-activate -l 19531 /usr/lib/systemd/systemd-journal-gatewayd</programlisting> </example> diff --git a/man/systemd-analyze.xml b/man/systemd-analyze.xml index d2db265f58..f55c6fb7f3 100644 --- a/man/systemd-analyze.xml +++ b/man/systemd-analyze.xml @@ -178,7 +178,7 @@ <replaceable>TARGET</replaceable></command> changes the current log target of the <command>systemd</command> daemon to <replaceable>TARGET</replaceable> (accepts the same values as - <option>--log-target=</option> described in + <option>--log-target=</option>, described in <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>).</para> <para><command>systemd-analyze verify</command> will load unit diff --git a/man/systemd-ask-password.xml b/man/systemd-ask-password.xml index 10bb529b81..6fb322e849 100644 --- a/man/systemd-ask-password.xml +++ b/man/systemd-ask-password.xml @@ -138,9 +138,9 @@ cache for the password. If set, then the tool will try to push any collected passwords into the kernel keyring of the root user, as a key of the specified name. If combined with - <option>--accept-cached</option> it will also try to retrieve - the such cached passwords from the key in the kernel keyring - instead of querying the user right-away. By using this option + <option>--accept-cached</option>, it will also try to retrieve + such cached passwords from the key in the kernel keyring + instead of querying the user right away. By using this option, the kernel keyring may be used as effective cache to avoid repeatedly asking users for passwords, if there are multiple objects that may be unlocked with the same password. The @@ -181,7 +181,7 @@ <term><option>--accept-cached</option></term> <listitem><para>If passed, accept cached passwords, i.e. - passwords previously typed in. </para></listitem> + passwords previously entered.</para></listitem> </varlistentry> <varlistentry> diff --git a/man/systemd-backlight@.service.xml b/man/systemd-backlight@.service.xml index a259f5d583..3459ed8851 100644 --- a/man/systemd-backlight@.service.xml +++ b/man/systemd-backlight@.service.xml @@ -58,8 +58,8 @@ that restores the display backlight brightness at early boot and saves it at shutdown. On disk, the backlight brightness is stored in <filename>/var/lib/systemd/backlight/</filename>. During - loading, if udev property <option>ID_BACKLIGHT_CLAMP</option> is - not set to false value, the brightness is clamped to a value of at + loading, if the udev property <option>ID_BACKLIGHT_CLAMP</option> is + not set to false, the brightness is clamped to a value of at least 1 or 5% of maximum brightness, whichever is greater. This restriction will be removed when the kernel allows user space to reliably set a brightness value which does not turn off the diff --git a/man/systemd-binfmt.service.xml b/man/systemd-binfmt.service.xml index 66d264389e..cccfb49ca9 100644 --- a/man/systemd-binfmt.service.xml +++ b/man/systemd-binfmt.service.xml @@ -54,7 +54,7 @@ <refsect1> <title>Description</title> - <para><filename>systemd-binfmt.service</filename> is an early-boot + <para><filename>systemd-binfmt.service</filename> is an early boot service that registers additional binary formats for executables in the kernel.</para> diff --git a/man/systemd-bootchart.xml b/man/systemd-bootchart.xml index 538666760a..bcee11fd0b 100644 --- a/man/systemd-bootchart.xml +++ b/man/systemd-bootchart.xml @@ -66,7 +66,7 @@ and logging startup information in the background. </para> <para> - After collecting a certain amount of data (usually 15-30 + After collecting a certain amount of data (usually 15–30 seconds, default 20 s) the logging stops and a graph is generated from the logged information. This graph contains vital clues as to which resources are being used, in which order, and @@ -114,7 +114,7 @@ <term><emphasis>Started as a standalone program</emphasis></term> <listitem><para>One can execute <command>systemd-bootchart</command> as normal application - from the command line. In this mode it is highly recommended + from the command line. In this mode, it is highly recommended to pass the <option>-r</option> flag in order to not graph the time elapsed since boot and before systemd-bootchart was started, as it may result in extremely large graphs. The time @@ -149,7 +149,7 @@ <term><option>--freq <replaceable>f</replaceable></option></term> <listitem><para>Specify the sample log frequency, a positive real <replaceable>f</replaceable>, in Hz. Most systems can - cope with values up to 25-50 without creating too much + cope with values up to 25–50 without creating too much overhead.</para></listitem> </varlistentry> diff --git a/man/systemd-cat.xml b/man/systemd-cat.xml index 9b1a8809dc..160db9fb5c 100644 --- a/man/systemd-cat.xml +++ b/man/systemd-cat.xml @@ -112,7 +112,7 @@ <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>. Defaults to <literal>info</literal>. Note that this simply controls the default, individual lines may be logged with - different levels if they are prefixed accordingly. For details + different levels if they are prefixed accordingly. For details, see <option>--level-prefix=</option> below.</para></listitem> </varlistentry> diff --git a/man/systemd-cgtop.xml b/man/systemd-cgtop.xml index 1c90c0a659..c76f646984 100644 --- a/man/systemd-cgtop.xml +++ b/man/systemd-cgtop.xml @@ -154,7 +154,7 @@ <term><option>-r</option></term> <term><option>--raw</option></term> - <listitem><para>Format byte counts (as in memory usage and IO metrics) + <listitem><para>Format byte counts (as in memory usage and I/O metrics) with raw numeric values rather than human-readable numbers.</para></listitem> </varlistentry> @@ -164,7 +164,7 @@ <term><option>--cpu=time</option></term> <listitem><para>Controls whether the CPU usage is shown as - percentage or time. By default the CPU usage is shown as + percentage or time. By default, the CPU usage is shown as percentage. This setting may also be toggled at runtime by pressing the <keycap>%</keycap> key.</para></listitem> </varlistentry> @@ -173,8 +173,8 @@ <term><option>-P</option></term> <listitem><para>Count only userspace processes instead of all - tasks. By default all tasks are counted: each kernel thread - and each userspace thread individually. With this setting + tasks. By default, all tasks are counted: each kernel thread + and each userspace thread individually. With this setting, kernel threads are excluded from the counting and each userspace process only counts as one, regardless how many threads it consists of. This setting may also be toggled at @@ -187,9 +187,9 @@ <term><option>-k</option></term> <listitem><para>Count only userspace processes and kernel - threads instead of all tasks. By default all tasks are + threads instead of all tasks. By default, all tasks are counted: each kernel thread and each userspace thread - individually. With this setting kernel threads are included in + individually. With this setting, kernel threads are included in the counting and each userspace process only counts as on one, regardless how many threads it consists of. This setting may also be toggled at runtime by pressing the <keycap>k</keycap> @@ -203,9 +203,9 @@ <listitem><para>Controls whether the number of processes shown for a control group shall include all processes that are contained in any of the child control groups as well. Takes a - boolean argument, defaults to <literal>yes</literal>. If - enabled the processes in child control groups are included, if - disabled only the processes in the control group itself are + boolean argument, which defaults to <literal>yes</literal>. If + enabled, the processes in child control groups are included, if + disabled, only the processes in the control group itself are counted. This setting may also be toggled at runtime by pressing the <keycap>r</keycap> key. Note that this setting only applies to process counting, i.e. when the @@ -294,7 +294,7 @@ <term><keycap>i</keycap></term> <listitem><para>Sort the control groups by path, number of - tasks, CPU load, memory usage, or IO load, respectively. This + tasks, CPU load, memory usage, or I/O load, respectively. This setting may also be controlled using the <option>--order=</option> command line switch.</para></listitem> @@ -343,7 +343,7 @@ excluding processes in child control groups in control group process counts. This setting may also be controlled using the <option>--recursive=</option> command line switch. This key is - not available of all tasks are counted, it is only available + not available if all tasks are counted, it is only available if processes are counted, as enabled with the <keycap>P</keycap> or <keycap>k</keycap> keys.</para></listitem> diff --git a/man/systemd-coredump.xml b/man/systemd-coredump.xml index cb46d41902..f1598461ef 100644 --- a/man/systemd-coredump.xml +++ b/man/systemd-coredump.xml @@ -72,7 +72,7 @@ in <citerefentry project='man-pages'><refentrytitle>core</refentrytitle><manvolnum>5</manvolnum></citerefentry>. In particular, the coredump will only be processed when the related resource limits are high enough. For programs started by - <command>systemd</command> those may be set using + <command>systemd</command>, those may be set using <varname>LimitCore=</varname> (see <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>). </para> diff --git a/man/systemd-cryptsetup-generator.xml b/man/systemd-cryptsetup-generator.xml index b6270358ea..f036ab9744 100644 --- a/man/systemd-cryptsetup-generator.xml +++ b/man/systemd-cryptsetup-generator.xml @@ -111,7 +111,7 @@ system and the initrd.</para> <para>If /etc/crypttab contains entries with the same UUID, then the name, keyfile and options specified there will be - used. Otherwise the device will have the name + used. Otherwise, the device will have the name <literal>luks-UUID</literal>.</para> <para>If /etc/crypttab exists, only those UUIDs specified on the kernel command line diff --git a/man/systemd-delta.xml b/man/systemd-delta.xml index 6a6460ffaa..99709604aa 100644 --- a/man/systemd-delta.xml +++ b/man/systemd-delta.xml @@ -70,7 +70,7 @@ directories which contain "drop-in" files with configuration snippets which augment the main configuration file. "Drop-in" files can be overridden in the same way by placing files with the - same name in a directory of higher priority (except that in case + same name in a directory of higher priority (except that, in case of "drop-in" files, both the "drop-in" file name and the name of the containing directory, which corresponds to the name of the main configuration file, must match). For a fuller explanation, diff --git a/man/systemd-detect-virt.xml b/man/systemd-detect-virt.xml index 190ab19152..3997e10c43 100644 --- a/man/systemd-detect-virt.xml +++ b/man/systemd-detect-virt.xml @@ -62,7 +62,7 @@ technology and can distinguish full VM virtualization from container virtualization. <filename>systemd-detect-virt</filename> exits with a return value of 0 (success) if a virtualization - technology is detected, and non-zero (error) otherwise. By default + technology is detected, and non-zero (error) otherwise. By default, any type of virtualization is detected, and the options <option>--container</option> and <option>--vm</option> can be used to limit what types of virtualization are detected.</para> @@ -163,6 +163,11 @@ <entry><varname>docker</varname></entry> <entry>Docker container manager</entry> </row> + + <row> + <entry><varname>rkt</varname></entry> + <entry>rkt app container runtime</entry> + </row> </tbody> </tgroup> </table> @@ -202,7 +207,7 @@ <listitem><para>Detect whether invoked in a <citerefentry><refentrytitle>chroot</refentrytitle><manvolnum>2</manvolnum></citerefentry> - environment. In this mode no output is written, but the return + environment. In this mode, no output is written, but the return value indicates whether the process was invoked in a <function>chroot()</function> environment or not.</para></listitem> diff --git a/man/systemd-escape.xml b/man/systemd-escape.xml index 0c3b230526..5407773f23 100644 --- a/man/systemd-escape.xml +++ b/man/systemd-escape.xml @@ -67,11 +67,11 @@ and will process them individually, one after the other. It will output them separated by spaces to stdout.</para> - <para>By default this command will escape the strings passed, + <para>By default, this command will escape the strings passed, unless <option>--unescape</option> is passed which results in the - inverse operation being applied. If <option>--mangle</option> a - special mode of escaping is applied instead, which assumes a - string to be already escaped but will escape everything that + inverse operation being applied. If <option>--mangle</option> is given, a + special mode of escaping is applied instead, which assumes the + string is already escaped but will escape everything that appears obviously non-escaped.</para> </refsect1> diff --git a/man/systemd-firstboot.xml b/man/systemd-firstboot.xml index 67289daa26..b269e48113 100644 --- a/man/systemd-firstboot.xml +++ b/man/systemd-firstboot.xml @@ -80,12 +80,12 @@ <listitem><para>The root user's password</para></listitem> </itemizedlist> - <para>Each of the fields may either be queried interactively from - the users, set non-interactively on the tool's command line, or be + <para>Each of the fields may either be queried interactively by + users, set non-interactively on the tool's command line, or be copied from a host system that is used to set up the system image.</para> - <para>If a setting is already initialized it will not be + <para>If a setting is already initialized, it will not be overwritten and the user will not be prompted for the setting.</para> @@ -166,10 +166,10 @@ <citerefentry project='die-net'><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry> file. This setting exists in two forms: <option>--root-password=</option> accepts the password to set - directly on the command line, + directly on the command line, and <option>--root-password-file=</option> reads it from a file. - Note that it is not recommended specifying passwords on the - command line as other users might be able to see them simply + Note that it is not recommended to specify passwords on the + command line, as other users might be able to see them simply by invoking <citerefentry project='die-net'><refentrytitle>ps</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para></listitem> </varlistentry> diff --git a/man/systemd-fsck@.service.xml b/man/systemd-fsck@.service.xml index 6d05e90e7b..933c3247ad 100644 --- a/man/systemd-fsck@.service.xml +++ b/man/systemd-fsck@.service.xml @@ -62,15 +62,15 @@ device that is configured for file system checking. <filename>systemd-fsck-root.service</filename> is responsible for file system checks on the root file system, but only if the - root filesystem wasn't checked in the initramfs. + root filesystem was not checked in the initramfs. <filename>systemd-fsck@.service</filename> is used for all other file systems and for the root file system in the initramfs.</para> - <para>Those services are started at boot if + <para>These services are started at boot if <option>passno</option> in <filename>/etc/fstab</filename> for the file system is set to a value greater than zero. The file system check for root is performed before the other file systems. Other - file systems may be checked in parallel, except when they are one + file systems may be checked in parallel, except when they are on the same rotating disk.</para> <para><filename>systemd-fsck</filename> does not know any details diff --git a/man/systemd-fstab-generator.xml b/man/systemd-fstab-generator.xml index c09ed4b4da..a971cb3675 100644 --- a/man/systemd-fstab-generator.xml +++ b/man/systemd-fstab-generator.xml @@ -126,7 +126,7 @@ <varname>mount.usr=</varname> will default to the value set in <varname>root=</varname>.</para> - <para>Otherwise this parameter defaults to the + <para>Otherwise, this parameter defaults to the <filename>/usr</filename> entry found in <filename>/etc/fstab</filename> on the root filesystem.</para> @@ -143,7 +143,7 @@ <varname>mount.usrfstype=</varname> will default to the value set in <varname>rootfstype=</varname>.</para> - <para>Otherwise this value will be read from the + <para>Otherwise, this value will be read from the <filename>/usr</filename> entry in <filename>/etc/fstab</filename> on the root filesystem.</para> @@ -159,7 +159,7 @@ <varname>mount.usrflags=</varname> will default to the value set in <varname>rootflags=</varname>.</para> - <para>Otherwise this value will be read from the + <para>Otherwise, this value will be read from the <filename>/usr</filename> entry in <filename>/etc/fstab</filename> on the root filesystem.</para> diff --git a/man/systemd-gpt-auto-generator.xml b/man/systemd-gpt-auto-generator.xml index f569ea3cde..e890c4dce2 100644 --- a/man/systemd-gpt-auto-generator.xml +++ b/man/systemd-gpt-auto-generator.xml @@ -142,7 +142,7 @@ </table> <para>The <filename>/home</filename> and <filename>/srv</filename> - partitions may be encrypted in LUKS format. In this case a device + partitions may be encrypted in LUKS format. In this case, a device mapper device is set up under the names <filename>/dev/mapper/home</filename> and <filename>/dev/mapper/srv</filename>. Note that this might create @@ -151,8 +151,8 @@ device name.</para> <para>Mount and automount units for the EFI System Partition (ESP), - mounting it to <filename>/boot</filename> are generated on EFI - systems, where the boot loader communicates the used ESP to the operating + mounting it to <filename>/boot</filename>, are generated on EFI + systems where the boot loader communicates the used ESP to the operating system. Since this generator creates an automount unit, the mount will only be activated on-demand, when accessed. On systems where <filename>/boot</filename> is an explicitly configured mount diff --git a/man/systemd-hwdb.xml b/man/systemd-hwdb.xml index f1a14025b0..2b363c77f2 100644 --- a/man/systemd-hwdb.xml +++ b/man/systemd-hwdb.xml @@ -64,7 +64,7 @@ <term><option>-r</option></term> <term><option>--root=<replaceable>PATH</replaceable></option></term> <listitem> - <para>Alternative root path in the filesystem.</para> + <para>Alternate root path in the filesystem.</para> </listitem> </varlistentry> </variablelist> diff --git a/man/systemd-journal-upload.xml b/man/systemd-journal-upload.xml index 597f2a2d3e..f9723dea89 100644 --- a/man/systemd-journal-upload.xml +++ b/man/systemd-journal-upload.xml @@ -196,7 +196,7 @@ <programlisting>openssl req -newkey rsa:2048 -days 3650 -x509 -nodes \ -out ca.pem -keyout ca.key -subj '/CN=Certificate authority/' -cat >ca.conf <<EOF +cat >ca.conf <<EOF [ ca ] default_ca = this @@ -221,7 +221,7 @@ emailAddress = optional EOF touch index -echo 0001 > serial +echo 0001 >serial SERVER=server CLIENT=client @@ -244,7 +244,7 @@ openssl ca -batch -config ca.conf -notext -in $CLIENT.csr -out $CLIENT.pem <varname>ServerCertificateFile=</varname>, <varname>ServerKeyFile=</varname>, in <filename>/etc/systemd/journal-remote.conf</filename> and - <filename>/etc/systemd/journal-upload.conf</filename> + <filename>/etc/systemd/journal-upload.conf</filename>, respectively. The default locations can be queried by using <command>systemd-journal-remote --help</command> and <command>systemd-journal-upload --help</command>.</para> diff --git a/man/systemd-journald.service.xml b/man/systemd-journald.service.xml index 8a72eedb16..21fd684b8b 100644 --- a/man/systemd-journald.service.xml +++ b/man/systemd-journald.service.xml @@ -244,7 +244,7 @@ systemd-tmpfiles --create --prefix /var/log/journal</programlisting> <listitem><para>Sockets and other paths that <command>systemd-journald</command> will listen on that are - visible in the file system. In addition to those, journald can + visible in the file system. In addition to these, journald can listen for audit events using netlink.</para></listitem> </varlistentry> </variablelist> diff --git a/man/systemd-machine-id-commit.service.xml b/man/systemd-machine-id-commit.service.xml index 10f36b3008..39da1922cc 100644 --- a/man/systemd-machine-id-commit.service.xml +++ b/man/systemd-machine-id-commit.service.xml @@ -42,7 +42,7 @@ <refnamediv> <refname>systemd-machine-id-commit.service</refname> - <refpurpose>Commit a transient machine-id to disk</refpurpose> + <refpurpose>Commit a transient machine ID to disk</refpurpose> </refnamediv> <refsynopsisdiv> @@ -53,7 +53,7 @@ <title>Description</title> <para><filename>systemd-machine-id-commit.service</filename> is an - early-boot service responsible for committing transient + early boot service responsible for committing transient <filename>/etc/machine-id</filename> files to a writable disk file system. See <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> @@ -74,7 +74,7 @@ <para>The main use case of this service are systems where <filename>/etc/machine-id</filename> is read-only and initially - not initialized. In this case the system manager will generate a + not initialized. In this case, the system manager will generate a transient machine ID file on a memory file system, and mount it over <filename>/etc/machine-id</filename>, during the early boot phase. This service is then invoked in a later boot phase, as soon diff --git a/man/systemd-machine-id-setup.xml b/man/systemd-machine-id-setup.xml index efcf408332..bfcd74f436 100644 --- a/man/systemd-machine-id-setup.xml +++ b/man/systemd-machine-id-setup.xml @@ -71,7 +71,7 @@ for more information about this file.</para> <para>If the tool is invoked without the <option>--commit</option> - switch <filename>/etc/machine-id</filename> is initialized with a + switch, <filename>/etc/machine-id</filename> is initialized with a valid, new machined ID if it is missing or empty. The new machine ID will be acquired in the following fashion:</para> @@ -88,14 +88,14 @@ and is different for every booted instance of the VM.</para></listitem> - <listitem><para>Similar, if run inside a Linux container - environment and a UUID is configured for the container this is - used to initialize the machine ID. For details see the + <listitem><para>Similarly, if run inside a Linux container + environment and a UUID is configured for the container, this is + used to initialize the machine ID. For details, see the documentation of the <ulink url="http://www.freedesktop.org/wiki/Software/systemd/ContainerInterface">Container Interface</ulink>.</para></listitem> - <listitem><para>Otherwise a new ID is randomly + <listitem><para>Otherwise, a new ID is randomly generated.</para></listitem> </orderedlist> @@ -148,7 +148,7 @@ <para>This command is primarily used by the <citerefentry><refentrytitle>systemd-machine-id-commit.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> - early-boot service.</para></listitem> + early boot service.</para></listitem> </varlistentry> <xi:include href="standard-options.xml" xpointer="help" /> diff --git a/man/systemd-modules-load.service.xml b/man/systemd-modules-load.service.xml index dacd083bad..b25929b2e4 100644 --- a/man/systemd-modules-load.service.xml +++ b/man/systemd-modules-load.service.xml @@ -55,7 +55,7 @@ <title>Description</title> <para><filename>systemd-modules-load.service</filename> is an - early-boot service that loads kernel modules based on static + early boot service that loads kernel modules based on static configuration.</para> <para>See diff --git a/man/systemd-networkd-wait-online.service.xml b/man/systemd-networkd-wait-online.service.xml index bcc5776a8d..e21c805342 100644 --- a/man/systemd-networkd-wait-online.service.xml +++ b/man/systemd-networkd-wait-online.service.xml @@ -86,7 +86,7 @@ <varlistentry> <term><option>--ignore=</option></term> <listitem><para>Network interfaces to be ignored when deciding - if the system is online. By default only the loopback + if the system is online. By default, only the loopback interface is ignored. This option may be used more than once to ignore multiple network interfaces. </para></listitem> </varlistentry> diff --git a/man/systemd-notify.xml b/man/systemd-notify.xml index 71d501f435..a5f4077166 100644 --- a/man/systemd-notify.xml +++ b/man/systemd-notify.xml @@ -60,7 +60,7 @@ <para><command>systemd-notify</command> may be called by daemon scripts to notify the init system about status changes. It can be used to send arbitrary information, encoded in an - environment-block-like list of strings. Most importantly it can be + environment-block-like list of strings. Most importantly, it can be used for start-up completion notification.</para> <para>This is mostly just a wrapper around @@ -125,7 +125,7 @@ message is sent. This option is hence unrelated to the other options. For details about the semantics of this option, see <citerefentry><refentrytitle>sd_booted</refentrytitle><manvolnum>3</manvolnum></citerefentry>. An - alternative way to check for this state is to call + alternate way to check for this state is to call <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> with the <command>is-system-running</command> command. It will return <literal>offline</literal> if the system was not booted diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml index 9d939e0da5..4725604c03 100644 --- a/man/systemd-nspawn.xml +++ b/man/systemd-nspawn.xml @@ -325,7 +325,7 @@ <varlistentry> <term><option>--private-users=</option></term> - <listitem><para>Enables user namespacing. If enabled the + <listitem><para>Enables user namespacing. If enabled, the container will run with its own private set of Unix user and group ids (UIDs and GIDs). Takes none, one or two colon-separated parameters: the first parameter specifies the @@ -335,7 +335,7 @@ assigned. If the first parameter is also omitted (and hence no parameter passed at all), the first UID assigned to the container is read from the owner of the root directory of the - container's directory tree. By default no user namespacing is + container's directory tree. By default, no user namespacing is applied.</para> <para>Note that user namespacing currently requires OS trees @@ -344,15 +344,15 @@ must be shifted to the container UID base that is used during container runtime.</para> - <para>It is recommended to assign as least 65536 UIDs to each + <para>It is recommended to assign at least 65536 UIDs to each container, so that the usable UID range in the container - covers 16bit. For best security do not assign overlapping UID + covers 16 bit. For best security, do not assign overlapping UID ranges to multiple containers. It is hence a good idea to use - the upper 16bit of the host 32bit UIDs as container - identifier, while the lower 16bit encode the container UID + the upper 16 bit of the host 32-bit UIDs as container + identifier, while the lower 16 bit encode the container UID used.</para> - <para>When user namespaces are used the GID range assigned to + <para>When user namespaces are used, the GID range assigned to each container is always chosen identical to the UID range.</para></listitem> </varlistentry> @@ -458,7 +458,7 @@ which case <literal>tcp</literal> is assumed. The container port number and its colon may be omitted, in which case the same port as the host port is implied. This option is only - supported if private networking is used, such as + supported if private networking is used, such as with <option>--network-veth</option> or <option>--network-bridge=</option>.</para></listitem> </varlistentry> @@ -575,15 +575,15 @@ <term><option>--bind-ro=</option></term> <listitem><para>Bind mount a file or directory from the host - into the container. Takes one of: a path argument -- in which + into the container. Takes one of: a path argument — in which case the specified path will be mounted from the host to the - same path in the container --, or a colon-separated pair of - paths -- in which case the first specified path is the source + same path in the container —, or a colon-separated pair of + paths — in which case the first specified path is the source in the host, and the second path is the destination in the - container --, or a colon-separated triple of source path, - destination path and mount options. Mount options are comma - separated and currently only "rbind" and "norbind" - are allowed. Defaults to "rbind". Backslash escapes are interpreted so + container —, or a colon-separated triple of source path, + destination path and mount options. Mount options are + comma-separated and currently, only "rbind" and "norbind" + are allowed. Defaults to "rbind". Backslash escapes are interpreted, so <literal>\:</literal> may be used to embed colons in either path. This option may be specified multiple times for creating multiple independent bind mount points. The @@ -599,13 +599,13 @@ mount the tmpfs instance to (in which case the directory access mode will be chosen as 0755, owned by root/root), or optionally a colon-separated pair of path and mount option - string, that is used for mounting (in which case the kernel + string that is used for mounting (in which case the kernel default for access mode and owner will be chosen, unless otherwise specified). This option is particularly useful for mounting directories such as <filename>/var</filename> as tmpfs, to allow state-less systems, in particular when combined with <option>--read-only</option>. - Backslash escapes are interpreted in the path so + Backslash escapes are interpreted in the path, so <literal>\:</literal> may be used to embed colons in the path. </para></listitem> </varlistentry> @@ -630,9 +630,9 @@ overlay file system. The left-most path is hence the lowest directory tree, the second-to-last path the highest directory tree in the stacking order. If <option>--overlay-ro=</option> - is used instead of <option>--overlay=</option> a read-only + is used instead of <option>--overlay=</option>, a read-only overlay file system is created. If a writable overlay file - system is created all changes made to it are written to the + system is created, all changes made to it are written to the highest directory tree in the stacking order, i.e. the second-to-last specified.</para> @@ -693,7 +693,7 @@ <listitem><para>Controls whether the container is registered with <citerefentry><refentrytitle>systemd-machined</refentrytitle><manvolnum>8</manvolnum></citerefentry>. - Takes a boolean argument, defaults to <literal>yes</literal>. + Takes a boolean argument, which defaults to <literal>yes</literal>. This option should be enabled when the container runs a full Operating System (more specifically: an init system), and is useful to ensure that the container is accessible via @@ -752,20 +752,20 @@ <listitem><para>Boots the container in volatile mode. When no mode parameter is passed or when mode is specified as - <option>yes</option> full volatile mode is enabled. This - means the root directory is mounted as mostly unpopulated + <option>yes</option>, full volatile mode is enabled. This + means the root directory is mounted as a mostly unpopulated <literal>tmpfs</literal> instance, and <filename>/usr</filename> from the OS tree is mounted into it, read-only (the system thus starts up with read-only OS resources, but pristine state and configuration, any changes to the either are lost on shutdown). When the mode parameter - is specified as <option>state</option> the OS tree is + is specified as <option>state</option>, the OS tree is mounted read-only, but <filename>/var</filename> is mounted as - <literal>tmpfs</literal> instance into it (the system thus + a <literal>tmpfs</literal> instance into it (the system thus starts up with read-only OS resources and configuration, but - pristine state, any changes to the latter are lost on + pristine state, and any changes to the latter are lost on shutdown). When the mode parameter is specified as - <option>no</option> (the default) the whole OS tree is made + <option>no</option> (the default), the whole OS tree is made available writable.</para> <para>Note that setting this to <option>yes</option> or @@ -786,43 +786,43 @@ special values <option>override</option> or <option>trusted</option>.</para> - <para>If enabled (the default) a settings file named after the + <para>If enabled (the default), a settings file named after the machine (as specified with the <option>--machine=</option> setting, or derived from the directory or image file name) with the suffix <filename>.nspawn</filename> is searched in <filename>/etc/systemd/nspawn/</filename> and <filename>/run/systemd/nspawn/</filename>. If it is found there, its settings are read and used. If it is not found - there it is subsequently searched in the same directory as the + there, it is subsequently searched in the same directory as the image file or in the immediate parent of the root directory of - the container. In this case, if the file is found its settings + the container. In this case, if the file is found, its settings will be also read and used, but potentially unsafe settings - are ignored. Note that in both these cases settings on the + are ignored. Note that in both these cases, settings on the command line take precedence over the corresponding settings from loaded <filename>.nspawn</filename> files, if both are specified. Unsafe settings are considered all settings that elevate the container's privileges or grant access to additional resources such as files or directories of the host. For details about the format and contents of - <filename>.nspawn</filename> files consult + <filename>.nspawn</filename> files, consult <citerefentry><refentrytitle>systemd.nspawn</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para> - <para>If this option is set to <option>override</option> the - file is searched, read and used the same way, however the order of + <para>If this option is set to <option>override</option>, the + file is searched, read and used the same way, however, the order of precedence is reversed: settings read from the <filename>.nspawn</filename> file will take precedence over the corresponding command line options, if both are specified.</para> - <para>If this option is set to <option>trusted</option> the + <para>If this option is set to <option>trusted</option>, the file is searched, read and used the same way, but regardless - if found in <filename>/etc/systemd/nspawn/</filename>, + of being found in <filename>/etc/systemd/nspawn/</filename>, <filename>/run/systemd/nspawn/</filename> or next to the image file or container root directory, all settings will take - effect, however command line arguments still take precedence + effect, however, command line arguments still take precedence over corresponding settings.</para> - <para>If disabled no <filename>.nspawn</filename> file is read + <para>If disabled, no <filename>.nspawn</filename> file is read and no settings except the ones on the command line are in effect.</para></listitem> </varlistentry> diff --git a/man/systemd-path.xml b/man/systemd-path.xml index 4f790d2cda..da6026e3b3 100644 --- a/man/systemd-path.xml +++ b/man/systemd-path.xml @@ -62,11 +62,11 @@ <citerefentry><refentrytitle>file-hierarchy</refentrytitle><manvolnum>7</manvolnum></citerefentry> queriable.</para> - <para>When invoked without arguments a list of known paths and + <para>When invoked without arguments, a list of known paths and their current values is shown. When at least one argument is - passed the path with this name is queried and its value shown. + passed, the path with this name is queried and its value shown. The variables whose name begins with <literal>search-</literal> - don't refer to individual paths, but instead to a list of + do not refer to individual paths, but instead to a list of colon-separated search paths, in their order of precedence.</para> </refsect1> diff --git a/man/systemd-random-seed.service.xml b/man/systemd-random-seed.service.xml index 8c836688fe..f3b5a947da 100644 --- a/man/systemd-random-seed.service.xml +++ b/man/systemd-random-seed.service.xml @@ -55,7 +55,7 @@ <title>Description</title> <para><filename>systemd-random-seed.service</filename> is a - service that restores the random seed of the system at early-boot + service that restores the random seed of the system at early boot and saves it at shutdown. See <citerefentry><refentrytitle>random</refentrytitle><manvolnum>4</manvolnum></citerefentry> for details. Saving/restoring the random seed across boots diff --git a/man/systemd-remount-fs.service.xml b/man/systemd-remount-fs.service.xml index 9bc07fcdda..176f2b2d20 100644 --- a/man/systemd-remount-fs.service.xml +++ b/man/systemd-remount-fs.service.xml @@ -55,7 +55,7 @@ <title>Description</title> <para><filename>systemd-remount-fs.service</filename> is an - early-boot service that applies mount options listed in + early boot service that applies mount options listed in <citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry> to the root file system, the <filename>/usr</filename> file system, and the kernel API file systems. This is required so that the diff --git a/man/systemd-resolved.service.xml b/man/systemd-resolved.service.xml index 96dc4f6620..43d568c6f7 100644 --- a/man/systemd-resolved.service.xml +++ b/man/systemd-resolved.service.xml @@ -73,9 +73,9 @@ <citerefentry><refentrytitle>resolved.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> and <citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry> - for details. To improve compatibility + for details. To improve compatibility, <filename>/etc/resolv.conf</filename> is read in order to discover - configured system DNS servers, however only if it is not a symlink + configured system DNS servers, but only if it is not a symlink to <filename>/run/systemd/resolve/resolv.conf</filename> (see above).</para> <para><command>systemd-resolved</command> synthesizes DNS RRs for the following cases:</para> @@ -124,10 +124,10 @@ <para>If lookups are routed to multiple interfaces, the first successful response is returned (thus effectively merging the lookup zones on all matching interfaces). If the lookup failed on - all interfaces the last failing response is returned.</para> + all interfaces, the last failing response is returned.</para> <para>Routing of lookups may be influenced by configuring - per-interface domain names, see + per-interface domain names. See <citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details. Lookups for a hostname ending in one of the per-interface domains are exclusively routed to the matching diff --git a/man/systemd-run.xml b/man/systemd-run.xml index 8850735a34..414e1c8335 100644 --- a/man/systemd-run.xml +++ b/man/systemd-run.xml @@ -80,7 +80,7 @@ and thus shows up in the output of <command>systemctl list-units</command> like any other unit. It will run in a clean and detached execution environment, with the service manager as - its parent process. In this mode <command>systemd-run</command> + its parent process. In this mode, <command>systemd-run</command> will start the service asynchronously in the background and return after the command has begun execution.</para> @@ -239,7 +239,7 @@ <term><option>--pty</option></term> <term><option>-t</option></term> - <listitem><para>When invoking a command as service connects + <listitem><para>When invoking a command, the service connects its standard input and output to the invoking tty via a pseudo TTY device. This allows invoking binaries as services that expect interactive user input, such as interactive @@ -355,7 +355,7 @@ Sep 08 07:37:21 bupkis env[19948]: BOOT_IMAGE=/vmlinuz-3.11.0-0.rc5.git6.2.fc20. <para>The following command invokes the <citerefentry project='man-pages'><refentrytitle>updatedb</refentrytitle><manvolnum>8</manvolnum></citerefentry> - tool, but lowers the block IO weight for it to 10. See + tool, but lowers the block I/O weight for it to 10. See <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry> for more information on the <varname>BlockIOWeight=</varname> property.</para> diff --git a/man/systemd-sysctl.service.xml b/man/systemd-sysctl.service.xml index d4c1a7ebe3..55c8953722 100644 --- a/man/systemd-sysctl.service.xml +++ b/man/systemd-sysctl.service.xml @@ -54,7 +54,7 @@ <refsect1> <title>Description</title> - <para><filename>systemd-sysctl.service</filename> is an early-boot + <para><filename>systemd-sysctl.service</filename> is an early boot service that configures <citerefentry project='man-pages'><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry> kernel parameters.</para> diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml index 8dad0e0f59..54ce992b85 100644 --- a/man/systemd-system.conf.xml +++ b/man/systemd-system.conf.xml @@ -342,8 +342,10 @@ resource limits for units. See <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry> for details. Use the string <varname>infinity</varname> to - configure no limit on a specific resource. These settings may - be overridden in individual units using the corresponding + configure no limit on a specific resource. The multiplicative suffixes + K (=1024), M (=1024*1024) and so on for G, T, P and E may be used for + resource limits measured in bytes (e.g. DefaultLimitAS=16G). These + settings may be overridden in individual units using the corresponding LimitXXX= directives. Note that these resource limits are only defaults for units, they are not applied to PID 1 itself.</para></listitem> diff --git a/man/systemd-sysusers.xml b/man/systemd-sysusers.xml index a0c0f996ac..4892caad12 100644 --- a/man/systemd-sysusers.xml +++ b/man/systemd-sysusers.xml @@ -74,7 +74,7 @@ specified in <citerefentry><refentrytitle>sysusers.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> are searched for a matching file. If the string - <filename>-</filename> is specified as filenames entries from the + <filename>-</filename> is specified as filename, entries from the standard input of the process are read.</para> </refsect1> diff --git a/man/systemd-sysv-generator.xml b/man/systemd-sysv-generator.xml index f2d56cbcd2..bb5cc55e9f 100644 --- a/man/systemd-sysv-generator.xml +++ b/man/systemd-sysv-generator.xml @@ -63,7 +63,7 @@ <para><ulink url="http://refspecs.linuxbase.org/LSB_3.1.1/LSB-Core-generic/LSB-Core-generic/iniscrptact.html">LSB headers</ulink> in SysV init scripts are interpreted, and the ordering specified in the header is turned into dependencies between the generated - unit and other units. LSB facilities + unit and other units. The LSB facilities <literal>$remote_fs</literal>, <literal>$network</literal>, <literal>$named</literal>, <literal>$portmap</literal>, <literal>$time</literal> are supported and will be turned into @@ -73,7 +73,7 @@ <para>SysV runlevels have corresponding systemd targets (<filename>runlevel<replaceable>X</replaceable>.target</filename>). - Wrapper unit that is generated will be wanted by those targets + The wrapper unit that is generated will be wanted by those targets which correspond to runlevels for which the script is enabled.</para> diff --git a/man/systemd-timesyncd.service.xml b/man/systemd-timesyncd.service.xml index 01ed0b8149..6ec384313b 100644 --- a/man/systemd-timesyncd.service.xml +++ b/man/systemd-timesyncd.service.xml @@ -85,7 +85,7 @@ <term><filename>/var/lib/systemd/clock</filename></term> <listitem> - <para>This file contains the timestamp of last successful + <para>This file contains the timestamp of the last successful synchronization.</para> </listitem> </varlistentry> diff --git a/man/systemd-udevd.service.xml b/man/systemd-udevd.service.xml index b19b04d7cb..243fd06471 100644 --- a/man/systemd-udevd.service.xml +++ b/man/systemd-udevd.service.xml @@ -103,7 +103,7 @@ <term><option>--event-timeout=</option></term> <listitem> <para>Set the number of seconds to wait for events to finish. After - this time the event will be terminated. The default is 180 seconds.</para> + this time, the event will be terminated. The default is 180 seconds.</para> </listitem> </varlistentry> diff --git a/man/systemd-update-done.service.xml b/man/systemd-update-done.service.xml index d65f175418..a2dad39f01 100644 --- a/man/systemd-update-done.service.xml +++ b/man/systemd-update-done.service.xml @@ -58,7 +58,7 @@ service that is invoked as part of the first boot after the vendor operating system resources in <filename>/usr</filename> have been updated. This is useful to implement offline updates of - <filename>/usr</filename> which might requires updates to + <filename>/usr</filename> which might require updates to <filename>/etc</filename> or <filename>/var</filename> on the following boot.</para> diff --git a/man/systemd-user-sessions.service.xml b/man/systemd-user-sessions.service.xml index e75ef11c4e..67aba54119 100644 --- a/man/systemd-user-sessions.service.xml +++ b/man/systemd-user-sessions.service.xml @@ -57,9 +57,9 @@ <para><filename>systemd-user-sessions.service</filename> is a service that controls user logins through <citerefentry project='man-pages'><refentrytitle>pam_nologin</refentrytitle><manvolnum>8</manvolnum></citerefentry>. - After basic system initialization is complete it removes + After basic system initialization is complete, it removes <filename>/run/nologin</filename>, thus permitting logins. Before - system shutdown it creates <filename>/run/nologin</filename>, thus + system shutdown, it creates <filename>/run/nologin</filename>, thus prohibiting further logins.</para> </refsect1> diff --git a/man/systemd-vconsole-setup.service.xml b/man/systemd-vconsole-setup.service.xml index 7c6ed08997..ff079761c1 100644 --- a/man/systemd-vconsole-setup.service.xml +++ b/man/systemd-vconsole-setup.service.xml @@ -55,7 +55,7 @@ <title>Description</title> <para><filename>systemd-vconsole-setup.service</filename> is an - early-boot service that configures the virtual console font and + early boot service that configures the virtual console font and console keymap. Internally it calls <citerefentry project='mankier'><refentrytitle>loadkeys</refentrytitle><manvolnum>1</manvolnum></citerefentry> and diff --git a/man/systemd.automount.xml b/man/systemd.automount.xml index 9561590c5c..26a0f291dd 100644 --- a/man/systemd.automount.xml +++ b/man/systemd.automount.xml @@ -137,7 +137,7 @@ </varlistentry> <varlistentry> <term><varname>TimeoutIdleSec=</varname></term> - <listitem><para>Configures an idleness timeout. Once the mount has been + <listitem><para>Configures an idle timeout. Once the mount has been idle for the specified time, systemd will attempt to unmount. Takes a unit-less value in seconds, or a time span value such as "5min 20s". Pass 0 to disable the timeout logic. The timeout is disabled by diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index c0ecf92419..96298f11ed 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -86,7 +86,7 @@ <listitem><para>Takes an absolute directory path, or the special value <literal>~</literal>. Sets the working directory - for executed processes. If set to <literal>~</literal> the + for executed processes. If set to <literal>~</literal>, the home directory of the user specified in <varname>User=</varname> is used. If not set, defaults to the root directory when systemd is running as a system instance @@ -123,8 +123,8 @@ <listitem><para>Sets the supplementary Unix groups the processes are executed as. This takes a space-separated list of group names or IDs. This option may be specified more than - once in which case all listed groups are set as supplementary - groups. When the empty string is assigned the list of + once, in which case all listed groups are set as supplementary + groups. When the empty string is assigned, the list of supplementary groups is reset, and all assignments prior to this one will have no effect. In any way, this option does not override, but extends the list of supplementary groups @@ -157,7 +157,7 @@ <varlistentry> <term><varname>IOSchedulingClass=</varname></term> - <listitem><para>Sets the IO scheduling class for executed + <listitem><para>Sets the I/O scheduling class for executed processes. Takes an integer between 0 and 3 or one of the strings <option>none</option>, <option>realtime</option>, <option>best-effort</option> or <option>idle</option>. See @@ -168,10 +168,10 @@ <varlistentry> <term><varname>IOSchedulingPriority=</varname></term> - <listitem><para>Sets the IO scheduling priority for executed + <listitem><para>Sets the I/O scheduling priority for executed processes. Takes an integer between 0 (highest priority) and 7 (lowest priority). The available priorities depend on the - selected IO scheduling class (see above). See + selected I/O scheduling class (see above). See <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry> for details.</para></listitem> </varlistentry> @@ -220,7 +220,7 @@ processes. Takes a list of CPU indices or ranges separated by either whitespace or commas. CPU ranges are specified by the lower and upper CPU indices separated by a dash. - This option may be specified more than once in which case the + This option may be specified more than once, in which case the specified CPU affinity masks are merged. If the empty string is assigned, the mask is reset, all assignments prior to this will have no effect. See @@ -242,7 +242,7 @@ <listitem><para>Sets environment variables for executed processes. Takes a space-separated list of variable - assignments. This option may be specified more than once in + assignments. This option may be specified more than once, in which case all listed variables will be set. If the same variable is set twice, the later setting will override the earlier setting. If the empty string is assigned to this @@ -493,7 +493,7 @@ </varlistentry> <varlistentry> <term><varname>SyslogLevel=</varname></term> - <listitem><para>Default syslog level to use when logging to + <listitem><para>The default syslog level to use when logging to syslog or the kernel log buffer. One of <option>emerg</option>, <option>alert</option>, @@ -512,7 +512,7 @@ different log level which can be used to override the default log level specified here. The interpretation of these prefixes may be disabled with <varname>SyslogLevelPrefix=</varname>, - see below. For details see + see below. For details, see <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>. Defaults to @@ -568,7 +568,9 @@ of various resources for executed processes. See <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry> for details. Use the string <varname>infinity</varname> to - configure no limit on a specific resource.</para></listitem> + configure no limit on a specific resource. The multiplicative suffixes + K (=1024), M (=1024*1024) and so on for G, T, P and E may be used for + resource limits measured in bytes (e.g. LimitAS=16G).</para></listitem> <table> <title>Limit directives and their equivalent with ulimit</title> @@ -685,7 +687,7 @@ of what <varname>Capabilities=</varname> does. If this option is not used, the capability bounding set is not modified on process execution, hence no limits on the capabilities of the - process are enforced. This option may appear more than once in + process are enforced. This option may appear more than once, in which case the bounding sets are merged. If the empty string is assigned to this option, the bounding set is reset to the empty capability set, and all prior settings have no effect. @@ -706,7 +708,7 @@ <option>no-setuid-fixup-locked</option>, <option>noroot</option>, and <option>noroot-locked</option>. - This option may appear more than once in which case the secure + This option may appear more than once, in which case the secure bits are ORed. If the empty string is assigned to this option, the bits are reset to 0. See <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry> @@ -747,7 +749,7 @@ inaccessible for processes inside the namespace. Note that restricting access with these options does not extend to submounts of a directory that are created later on. These - options may be specified more than once in which case all + options may be specified more than once, in which case all directories listed will have limited access from within the namespace. If the empty string is assigned to this option, the specific list is reset, and all prior assignments have no @@ -850,7 +852,7 @@ directories read-only for processes invoked by this unit. If set to <literal>full</literal>, the <filename>/etc</filename> directory is mounted read-only, too. This setting ensures that - any modification of the vendor supplied operating system (and + any modification of the vendor-supplied operating system (and optionally its configuration) is prohibited for the service. It is recommended to enable this setting for all long-running services, unless they are involved with system updates or need @@ -951,15 +953,15 @@ invoked process must implement a <command>getty</command>-compatible utmp/wtmp logic. If <literal>login</literal> is set, first an - <constant>INIT_PROCESS</constant> entry, followed by an + <constant>INIT_PROCESS</constant> entry, followed by a <constant>LOGIN_PROCESS</constant> entry is generated. In - this case the invoked process must implement a <citerefentry + this case, the invoked process must implement a <citerefentry project='die-net'><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>-compatible utmp/wtmp logic. If <literal>user</literal> is set, first an <constant>INIT_PROCESS</constant> entry, then a - <constant>LOGIN_PROCESS</constant> entry and finally an + <constant>LOGIN_PROCESS</constant> entry and finally a <constant>USER_PROCESS</constant> entry is generated. In this - case the invoked process may be any process that is suitable + case, the invoked process may be any process that is suitable to be run as session leader. Defaults to <literal>init</literal>.</para></listitem> </varlistentry> @@ -994,7 +996,7 @@ <listitem><para>Takes a <option>SMACK64</option> security label as argument. The process executed by the unit will be started under this label and SMACK will decide whether the - process is allowed to run or not based on it. The process + process is allowed to run or not, based on it. The process will continue to run under the label specified here unless the executable has its own <option>SMACK64EXEC</option> label, in which case the process will transition to run under that @@ -1050,7 +1052,7 @@ <function>sigreturn</function>, <function>exit_group</function>, <function>exit</function> system calls are implicitly whitelisted and do not need to be - listed explicitly. This option may be specified more than once + listed explicitly. This option may be specified more than once, in which case the filter masks are merged. If the empty string is assigned, the filter is reset, all prior assignments will have no effect.</para> @@ -1086,7 +1088,7 @@ <varlistentry> <term><varname>SystemCallArchitectures=</varname></term> - <listitem><para>Takes a space separated list of architecture + <listitem><para>Takes a space-separated list of architecture identifiers to include in the system call filter. The known architecture identifiers are <constant>x86</constant>, <constant>x86-64</constant>, <constant>x32</constant>, diff --git a/man/systemd.generator.xml b/man/systemd.generator.xml index 4514c1afdf..b36aab3259 100644 --- a/man/systemd.generator.xml +++ b/man/systemd.generator.xml @@ -87,7 +87,7 @@ dynamically into native unit files.</para> <para>Generators are loaded from a set of paths determined during - compilation, listed above. System and user generators are loaded + compilation, as listed above. System and user generators are loaded from directories with names ending in <filename>system-generators/</filename> and <filename>user-generators/</filename>, respectively. Generators @@ -96,7 +96,7 @@ <filename>/dev/null</filename> or an empty file can be used to mask a generator, thereby preventing it from running. Please note that the order of the two directories with the highest priority is - reversed with respect to the unit load path and generators in + reversed with respect to the unit load path, and generators in <filename>/run</filename> overwrite those in <filename>/etc</filename>.</para> @@ -169,14 +169,14 @@ or <command>systemd</command> itself (this means: no <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>!). They can however rely on the most basic kernel functionality to - be available, including mounted <filename>/sys</filename>, + be available, including a mounted <filename>/sys</filename>, <filename>/proc</filename>, <filename>/dev</filename>. </para> </listitem> <listitem> <para> - Units written by generators are removed when configuration + Units written by generators are removed when the configuration is reloaded. That means the lifetime of the generated units is closely bound to the reload cycles of <command>systemd</command> itself. @@ -187,9 +187,9 @@ <para> Generators should only be used to generate unit files, not any other kind of configuration. Due to the lifecycle - logic mentioned above generators are not a good fit to + logic mentioned above, generators are not a good fit to generate dynamic configuration for other services. If you - need to generate dynamic configuration for other services + need to generate dynamic configuration for other services, do so in normal services you order before the service in question. </para> @@ -199,7 +199,7 @@ <para> Since <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry> - is not available (see above) log messages have to be + is not available (see above), log messages have to be written to <filename>/dev/kmsg</filename> instead. </para> </listitem> @@ -221,19 +221,19 @@ Generators may write out dynamic unit files or just hook unit files into other units with the usual <filename>.wants/</filename> or - <filename>.requires/</filename> symlinks. Often it is + <filename>.requires/</filename> symlinks. Often, it is nicer to simply instantiate a template unit file from <filename>/usr</filename> with a generator instead of - writing out entirely dynamic unit files. Of course this + writing out entirely dynamic unit files. Of course, this works only if a single parameter is to be used. </para> </listitem> <listitem> <para> - If you are careful you can implement generators in shell + If you are careful, you can implement generators in shell scripts. We do recommend C code however, since generators - delay are executed synchronously and hence delay the + are executed synchronously and hence delay the entire boot if they are slow. </para> </listitem> @@ -269,7 +269,7 @@ <para> Instead of heading off now and writing all kind of generators for legacy configuration file formats, please - think twice! It's often a better idea to just deprecate + think twice! It is often a better idea to just deprecate old stuff instead of keeping it artificially alive. </para> </listitem> @@ -308,7 +308,7 @@ temporarily redirects <filename>default.target</filename> to <filename>system-update.target</filename> if a system update is scheduled. Since this needs to override the default user - configuration for <filename>default.target</filename> it uses + configuration for <filename>default.target</filename>, it uses argv[2]. For details about this logic, see <ulink url="http://www.freedesktop.org/wiki/Software/systemd/SystemUpdates">Implementing Offline System Updates</ulink>.</para> diff --git a/man/systemd.kill.xml b/man/systemd.kill.xml index 1292f4f513..13b7ab14df 100644 --- a/man/systemd.kill.xml +++ b/man/systemd.kill.xml @@ -138,8 +138,8 @@ <citerefentry project='man-pages'><refentrytitle>signal</refentrytitle><manvolnum>7</manvolnum></citerefentry>. Defaults to <constant>SIGTERM</constant>. </para> - <para>Note that right after sending the signal specified in - this setting systemd will always send + <para>Note that, right after sending the signal specified in + this setting, systemd will always send <constant>SIGCONT</constant>, to ensure that even suspended tasks can be terminated cleanly.</para> </listitem> diff --git a/man/systemd.link.xml b/man/systemd.link.xml index 7745260a39..29b837834c 100644 --- a/man/systemd.link.xml +++ b/man/systemd.link.xml @@ -70,7 +70,7 @@ name in <filename>/usr/lib</filename>. This can be used to override a system-supplied link file with a local file if needed. As a special case, an empty file (file size 0) or symlink with the - same name pointing to <filename>/dev/null</filename>, disable the + same name pointing to <filename>/dev/null</filename> disables the configuration file entirely (it is "masked").</para> <para>The link file contains a <literal>[Match]</literal> section, @@ -217,8 +217,8 @@ generated which is guaranteed to be the same on every boot for the given machine and the given device, but which is otherwise random. This feature depends on ID_NET_NAME_* - properties existing for the link, on hardware where these - properties are not set the generation of a persistent MAC address + properties to exist for the link. On hardware where these + properties are not set, the generation of a persistent MAC address will fail.</para> </listitem> </varlistentry> @@ -228,7 +228,7 @@ <para>If the kernel is using a random MAC address, nothing is done. Otherwise, a new address is randomly generated each time the device appears, typically at - boot. Either way the random address will have the + boot. Either way, the random address will have the <literal>unicast</literal> and <literal>locally administered</literal> bits set.</para> </listitem> diff --git a/man/systemd.mount.xml b/man/systemd.mount.xml index aaf2e98175..dd6b7a51a8 100644 --- a/man/systemd.mount.xml +++ b/man/systemd.mount.xml @@ -180,7 +180,7 @@ <varlistentry> <term><option>x-systemd.idle-timeout=</option></term> - <listitem><para>Configures the idleness timeout of the + <listitem><para>Configures the idle timeout of the automount unit. See <varname>TimeoutIdleSec=</varname> in <citerefentry><refentrytitle>systemd.automount</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details.</para></listitem> @@ -192,13 +192,13 @@ <listitem><para>Configure how long systemd should wait for a device to show up before giving up on an entry from <filename>/etc/fstab</filename>. Specify a time in seconds or - explicitly append a unit as <literal>s</literal>, + explicitly append a unit such as <literal>s</literal>, <literal>min</literal>, <literal>h</literal>, <literal>ms</literal>.</para> <para>Note that this option can only be used in <filename>/etc/fstab</filename>, and will be - ignored when part of <varname>Options=</varname> + ignored when part of the <varname>Options=</varname> setting in a unit file.</para> </listitem> </varlistentry> @@ -212,7 +212,7 @@ <filename>local-fs.target</filename> or <filename>remote-fs.target</filename>. This means that it will not be mounted automatically during boot, unless it is pulled - in by some other unit. Option <option>auto</option> has the + in by some other unit. The <option>auto</option> option has the opposite meaning and is the default.</para> </listitem> </varlistentry> @@ -220,7 +220,7 @@ <varlistentry> <term><option>nofail</option></term> - <listitem><para>With <option>nofail</option> this mount will + <listitem><para>With <option>nofail</option>, this mount will be only wanted, not required, by <filename>local-fs.target</filename> or <filename>remote-fs.target</filename>. This means that the @@ -325,11 +325,11 @@ <varlistentry> <term><varname>SmackFileSystemRootLabel=</varname></term> - <listitem><para>Takes a string for the smack label. + <listitem><para>Takes a string for the SMACK label. This option specifies the label to assign the root of the - file system if it lacks the Smack extended attribute. + file system if it lacks the SMACK extended attribute. Note that this option will be ignored if kernel does not - support the Smack feature. + support the SMACK feature. See <ulink url="https://www.kernel.org/doc/Documentation/security/Smack.txt">Smack.txt</ulink> for details. </para></listitem> diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml index 70311ca9d9..76dee8ea34 100644 --- a/man/systemd.netdev.xml +++ b/man/systemd.netdev.xml @@ -81,8 +81,8 @@ name in <filename>/usr/lib</filename>. This can be used to override a system-supplied configuration file with a local file if needed. As a special case, an empty file (file size 0) or symlink - with the same name pointing to <filename>/dev/null</filename>, - disable the configuration file entirely (it is "masked").</para> + with the same name pointing to <filename>/dev/null</filename> + disables the configuration file entirely (it is "masked").</para> </refsect1> <refsect1> @@ -106,7 +106,7 @@ <entry>A bond device is an aggregation of all its slave devices. See <ulink url="https://www.kernel.org/doc/Documentation/networking/bonding.txt">Linux Ethernet Bonding Driver HOWTO</ulink> for details.Local configuration</entry></row> <row><entry><varname>bridge</varname></entry> - <entry>A bridge device is a software switch, each of its slave devices and the bridge itself are ports of the switch.</entry></row> + <entry>A bridge device is a software switch, and each of its slave devices and the bridge itself are ports of the switch.</entry></row> <row><entry><varname>dummy</varname></entry> <entry>A dummy device drops all packets sent to it.</entry></row> @@ -148,7 +148,7 @@ <entry>A persistent Level 3 tunnel between a network device and a device node.</entry></row> <row><entry><varname>veth</varname></entry> - <entry>An ethernet tunnel between a pair of network devices.</entry></row> + <entry>An Ethernet tunnel between a pair of network devices.</entry></row> <row><entry><varname>vlan</varname></entry> <entry>A VLAN is a stacked device which receives packets from its underlying device based on VLAN tagging. See <ulink url="http://www.ieee802.org/1/pages/802.1Q.html">IEEE 802.1Q</ulink> for details.</entry></row> @@ -282,13 +282,13 @@ <para>The <literal>[Bridge]</literal> section only applies for netdevs of kind <literal>bridge</literal>, and accepts the - following key:</para> + following keys:</para> <variablelist class='network-directives'> <varlistentry> <term><varname>HelloTimeSec=</varname></term> <listitem> - <para>HelloTimeSec specifies the number of seconds a hello packet is + <para>HelloTimeSec specifies the number of seconds between two hello packets sent out by the root bridge and the designated bridges. Hello packets are used to communicate information about the topology throughout the entire bridged local area network.</para> @@ -414,7 +414,7 @@ <term><varname>TTL=</varname></term> <listitem> <para>A fixed Time To Live N on Virtual eXtensible Local - Area Network packets. N is a number in the range 1-255. 0 + Area Network packets. N is a number in the range 1–255. 0 is a special value meaning that packets inherit the TTL value.</para> </listitem> @@ -430,13 +430,13 @@ <term><varname>FDBAgeingSec=</varname></term> <listitem> <para>The lifetime of Forwarding Database entry learnt by - the kernel in seconds.</para> + the kernel, in seconds.</para> </listitem> </varlistentry> <varlistentry> <term><varname>ARPProxy=</varname></term> <listitem> - <para>A boolean. When true, enables ARP proxy.</para> + <para>A boolean. When true, enables ARP proxying.</para> </listitem> </varlistentry> <varlistentry> @@ -449,40 +449,40 @@ <varlistentry> <term><varname>L3MissNotification=</varname></term> <listitem> - <para>A boolean. When true, enables netlink IP ADDR miss + <para>A boolean. When true, enables netlink IP address miss notifications.</para> </listitem> </varlistentry> <varlistentry> <term><varname>RouteShortCircuit=</varname></term> <listitem> - <para>A boolean. When true route short circuit is turned + <para>A boolean. When true, route short circuiting is turned on.</para> </listitem> </varlistentry> <varlistentry> <term><varname>UDPCheckSum=</varname></term> <listitem> - <para>A boolean. When true transmitting UDP checksums when doing VXLAN/IPv4 is turned on.</para> + <para>A boolean. When true, transmitting UDP checksums when doing VXLAN/IPv4 is turned on.</para> </listitem> </varlistentry> <varlistentry> <term><varname>UDP6ZeroChecksumTx=</varname></term> <listitem> - <para>A boolean. When true sending zero checksums in VXLAN/IPv6 is turned on.</para> + <para>A boolean. When true, sending zero checksums in VXLAN/IPv6 is turned on.</para> </listitem> </varlistentry> <varlistentry> <term><varname>UDP6ZeroCheckSumRx=</varname></term> <listitem> - <para>A boolean. When true receiving zero checksums in VXLAN/IPv6 is turned on.</para> + <para>A boolean. When true, receiving zero checksums in VXLAN/IPv6 is turned on.</para> </listitem> </varlistentry> <varlistentry> <term><varname>GroupPolicyExtension=</varname></term> <listitem> - <para>A boolean. When true it enables Group Policy VXLAN extension security label mechanism - across network peers based on VXLAN. For details about the Group Policy VXLAN see the + <para>A boolean. When true, it enables Group Policy VXLAN extension security label mechanism + across network peers based on VXLAN. For details about the Group Policy VXLAN, see the <ulink url="https://tools.ietf.org/html/draft-smith-vxlan-group-policy"> VXLAN Group Policy </ulink> document. Defaults to false.</para> </listitem> @@ -523,7 +523,7 @@ <term><varname>TOS=</varname></term> <listitem> <para>The Type Of Service byte value for a tunnel interface. - For details about the TOS see the + For details about the TOS, see the <ulink url="http://tools.ietf.org/html/rfc1349"> Type of Service in the Internet Protocol Suite </ulink> document. </para> @@ -533,9 +533,9 @@ <term><varname>TTL=</varname></term> <listitem> <para>A fixed Time To Live N on tunneled packets. N is a - number in the range 1-255. 0 is a special value meaning that + number in the range 1–255. 0 is a special value meaning that packets inherit the TTL value. The default value for IPv4 - tunnels is: inherit. The default value for IPv6 tunnels is: + tunnels is: inherit. The default value for IPv6 tunnels is 64.</para> </listitem> </varlistentry> @@ -549,14 +549,14 @@ <varlistentry> <term><varname>IPv6FlowLabel=</varname></term> <listitem> - <para>Configures The 20-bit Flow Label (see <ulink url="https://tools.ietf.org/html/rfc6437"> + <para>Configures the 20-bit flow label (see <ulink url="https://tools.ietf.org/html/rfc6437"> RFC 6437</ulink>) field in the IPv6 header (see <ulink url="https://tools.ietf.org/html/rfc2460"> - RFC 2460</ulink>), is used by a node to label packets of a flow. - It's only used for IPv6 Tunnels. - A Flow Label of zero is used to indicate packets that have - not been labeled. Takes following values. - When <literal>inherit</literal> it uses the original flowlabel, - or can be configured to any value between 0 to 0xFFFFF.</para> + RFC 2460</ulink>), which is used by a node to label packets of a flow. + It is only used for IPv6 tunnels. + A flow label of zero is used to indicate packets that have + not been labeled. + It can be configured to a value in the range 0–0xFFFFF, or be + set to <literal>inherit</literal>, in which case the original flowlabel is used.</para> </listitem> </varlistentry> <varlistentry> @@ -580,14 +580,14 @@ value of zero means that a packet carrying that option may not enter another tunnel before exiting the current tunnel. (see <ulink url="https://tools.ietf.org/html/rfc2473#section-4.1.1"> RFC 2473</ulink>). - The valid range is 0-255 and <literal>none</literal>. Defaults to 4. + The valid range is 0–255 and <literal>none</literal>. Defaults to 4. </para> </listitem> </varlistentry> <varlistentry> <term><varname>Mode=</varname></term> <listitem> - <para>An <literal>ip6tnl</literal> tunnels can have three + <para>An <literal>ip6tnl</literal> tunnel can be in one of three modes <literal>ip6ip6</literal> for IPv6 over IPv6, <literal>ipip6</literal> for IPv4 over IPv6 or @@ -602,7 +602,7 @@ <para>The <literal>[Peer]</literal> section only applies for netdevs of kind <literal>veth</literal> and accepts the - following key:</para> + following keys:</para> <variablelist class='network-directives'> <varlistentry> @@ -615,7 +615,7 @@ <varlistentry> <term><varname>MACAddress=</varname></term> <listitem> - <para>The peer MACAddress, if not set it is generated in + <para>The peer MACAddress, if not set, it is generated in the same way as the MAC address of the main interface.</para> </listitem> @@ -651,7 +651,7 @@ <term><varname>PacketInfo=</varname></term> <listitem><para>Takes a boolean argument. Configures whether packets should be prepended with four extra bytes (two flag - bytes and two protocol bytes). If disabled it indicates that + bytes and two protocol bytes). If disabled, it indicates that the packets will be pure IP packets. Defaults to <literal>no</literal>.</para> </listitem> @@ -777,9 +777,9 @@ <term><varname>LearnPacketIntervalSec=</varname></term> <listitem> <para>Specifies the number of seconds between instances where the bonding - driver sends learning packets to each slaves peer switch. - The valid range is 1 - 0x7fffffff; the default value is 1. This Option - has effect only in balance-tlb and balance-alb modes.</para> + driver sends learning packets to each slave peer switch. + The valid range is 1–0x7fffffff; the default value is 1. This option + has an effect only for the balance-tlb and balance-alb modes.</para> </listitem> </varlistentry> @@ -788,8 +788,8 @@ <listitem> <para>Specifies the 802.3ad aggregation selection logic to use. Possible values are <literal>stable</literal>, - <literal>bandwidth</literal>, - <literal>count</literal> + <literal>bandwidth</literal> and + <literal>count</literal>. </para> </listitem> </varlistentry> @@ -797,13 +797,13 @@ <varlistentry> <term><varname>FailOverMACPolicy=</varname></term> <listitem> - <para>Specifies whether active-backup mode should set all slaves to - the same MAC address at enslavement or, when enabled, perform special handling of the + <para>Specifies whether the active-backup mode should set all slaves to + the same MAC address at the time of enslavement or, when enabled, to perform special handling of the bond's MAC address in accordance with the selected policy. The default policy is none. Possible values are <literal>none</literal>, - <literal>active</literal>, - <literal>follow</literal> + <literal>active</literal> and + <literal>follow</literal>. </para> </listitem> </varlistentry> @@ -817,8 +817,8 @@ monitoring purposes. Possible values are <literal>none</literal>, <literal>active</literal>, - <literal>backup</literal>, - <literal>all</literal> + <literal>backup</literal> and + <literal>all</literal>. </para> </listitem> </varlistentry> @@ -838,7 +838,7 @@ <para>Specifies the IP addresses to use as ARP monitoring peers when ARPIntervalSec is greater than 0. These are the targets of the ARP request sent to determine the health of the link to the targets. - Specify these values in ipv4 dotted decimal format. At least one IP + Specify these values in IPv4 dotted decimal format. At least one IP address must be given for ARP monitoring to function. The maximum number of targets that can be specified is 16. The default value is no IP addresses. @@ -853,8 +853,8 @@ in order for the ARP monitor to consider a slave as being up. This option affects only active-backup mode for slaves with ARPValidate enabled. Possible values are - <literal>any</literal>, - <literal>all</literal> + <literal>any</literal> and + <literal>all</literal>. </para> </listitem> </varlistentry> @@ -868,8 +868,8 @@ occurs. This option is designed to prevent flip-flopping between the primary slave and other slaves. Possible values are <literal>always</literal>, - <literal>better</literal>, - <literal>failure</literal> + <literal>better</literal> and + <literal>failure</literal>. </para> </listitem> </varlistentry> @@ -880,7 +880,7 @@ <para>Specifies the number of IGMP membership reports to be issued after a failover event. One membership report is issued immediately after the failover, subsequent packets are sent in each 200ms interval. - The valid range is (0 - 255). Defaults to 1. A value of 0 + The valid range is 0–255. Defaults to 1. A value of 0 prevents the IGMP membership report from being issued in response to the failover event. </para> @@ -890,10 +890,10 @@ <varlistentry> <term><varname>PacketsPerSlave=</varname></term> <listitem> - <para> Specify the number of packets to transmit through a slave before - moving to the next one. When set to 0 then a slave is chosen at - random. The valid range is (0 - 65535). Defaults to 1. This option - has effect only in balance-rr mode. + <para>Specify the number of packets to transmit through a slave before + moving to the next one. When set to 0, then a slave is chosen at + random. The valid range is 0–65535. Defaults to 1. This option + only has effect when in balance-rr mode. </para> </listitem> </varlistentry> @@ -903,11 +903,11 @@ <listitem> <para>Specify the number of peer notifications (gratuitous ARPs and unsolicited IPv6 Neighbor Advertisements) to be issued after a - failover event. As soon as the link is up on the new slave + failover event. As soon as the link is up on the new slave, a peer notification is sent on the bonding device and each VLAN sub-device. This is repeated at each link monitor interval (ARPIntervalSec or MIIMonitorSec, whichever is active) if the number is - greater than 1. The valid range is (0 - 255). Default value is 1. + greater than 1. The valid range is 0–255. The default value is 1. These options affect only the active-backup mode. </para> </listitem> @@ -916,8 +916,8 @@ <varlistentry> <term><varname>AllSlavesActive=</varname></term> <listitem> - <para> A boolean. Specifies that duplicate frames (received on inactive ports) - should be dropped false or delivered true. Normally, bonding will drop + <para>A boolean. Specifies that duplicate frames (received on inactive ports) + should be dropped when false, or delivered when true. Normally, bonding will drop duplicate frames (received on inactive ports), which is desirable for most users. But there are some times it is nice to allow duplicate frames to be delivered. The default value is false (drop duplicate frames diff --git a/man/systemd.network.xml b/man/systemd.network.xml index 86a430682c..50f3810ce0 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -77,8 +77,8 @@ name in <filename>/usr/lib</filename>. This can be used to override a system-supplied configuration file with a local file if needed. As a special case, an empty file (file size 0) or symlink - with the same name pointing to <filename>/dev/null</filename>, - disable the configuration file entirely (it is "masked").</para> + with the same name pointing to <filename>/dev/null</filename> + disables the configuration file entirely (it is "masked").</para> </refsect1> <refsect1> @@ -227,7 +227,7 @@ <literal>yes</literal>, <literal>no</literal>, <literal>ipv4</literal>, or <literal>ipv6</literal>.</para> - <para>Please note that by default the domain name + <para>Please note that, by default, the domain name specified through DHCP is not used for name resolution. See option <option>UseDomains=</option> below.</para> </listitem> @@ -263,7 +263,7 @@ <term><varname>IPv6Token=</varname></term> <listitem> <para>An IPv6 address with the top 64 bits unset. When set, indicates the - 64 bits interface part of SLAAC IPv6 addresses for this link. By default + 64-bit interface part of SLAAC IPv6 addresses for this link. By default, it is autogenerated.</para> </listitem> </varlistentry> @@ -271,8 +271,8 @@ <term><varname>LLMNR=</varname></term> <listitem> <para>A boolean or <literal>resolve</literal>. When true, enables - Link-Local Multicast Name Resolution on the link, when set to - <literal>resolve</literal> only resolution is enabled, but not + Link-Local Multicast Name Resolution on the link. When set to + <literal>resolve</literal>, only resolution is enabled, but not announcement. Defaults to true.</para> </listitem> </varlistentry> @@ -357,7 +357,7 @@ <varlistentry> <term><varname>IPForward=</varname></term> <listitem><para>Configures IP forwarding for the network - interface. If enabled incoming packets on the network + interface. If enabled, incoming packets on the network interface will be forwarded to other interfaces according to the routing table. Takes either a boolean argument, or the values <literal>ipv4</literal> or <literal>ipv6</literal>, @@ -384,7 +384,7 @@ <varlistentry> <term><varname>IPMasquerade=</varname></term> <listitem><para>Configures IP masquerading for the network - interface. If enabled packets forwarded from the network + interface. If enabled, packets forwarded from the network interface will be appear as coming from the local host. Takes a boolean argument. Implies <varname>IPForward=ipv4</varname>. Defaults to @@ -398,18 +398,18 @@ Privacy Extensions for Stateless Address Autoconfiguration in IPv6). Takes a boolean or the special values <literal>prefer-public</literal> and - <literal>kernel</literal>. When true enables the privacy + <literal>kernel</literal>. When true, enables the privacy extensions and prefers temporary addresses over public - addresses. When <literal>prefer-public</literal> enables the + addresses. When <literal>prefer-public</literal>, enables the privacy extensions, but prefers public addresses over temporary addresses. When false, the privacy extensions - remain disabled. When <literal>kernel</literal> the kernel's + remain disabled. When <literal>kernel</literal>, the kernel's default setting will be left in place. Defaults to <literal>no</literal>.</para></listitem> </varlistentry> <varlistentry> <term><varname>IPv6AcceptRouterAdvertisements=</varname></term> - <listitem><para>Force the setting of <filename>accept_ra</filename> + <listitem><para>Force the setting of the <filename>accept_ra</filename> (router advertisements) setting for the interface. When unset, the kernel default is used, and router advertisements are accepted only when local forwarding @@ -427,8 +427,8 @@ </varlistentry> <varlistentry> <term><varname>IPv6DuplicateAddressDetection=</varname></term> - <listitem><para>Configures amount of IPv6 Duplicate - Address Detection probes to se(DAD). Defaults to unset. + <listitem><para>Configures the amount of IPv6 Duplicate + Address Detection (DAD) probes to send. Defaults to unset. </para></listitem> </varlistentry> <varlistentry> @@ -535,7 +535,7 @@ <term><varname>Destination=</varname></term> <listitem> <para>The destination prefix of the route. Possibly - followed by a slash and the prefixlength. If omitted, a + followed by a slash and the prefix length. If omitted, a full-length host route is assumed.</para> </listitem> </varlistentry> @@ -543,20 +543,20 @@ <term><varname>Source=</varname></term> <listitem> <para>The source prefix of the route. Possibly followed by - a slash and the prefixlength. If omitted, a full-length + a slash and the prefix length. If omitted, a full-length host route is assumed.</para> </listitem> </varlistentry> <varlistentry> <term><varname>Metric=</varname></term> <listitem> - <para>The metric of the route. An unsigned integer</para> + <para>The metric of the route (an unsigned integer).</para> </listitem> </varlistentry> <varlistentry> <term><varname>Scope=</varname></term> <listitem> - <para>The scope of the route. One of the values <literal>global</literal>, + <para>The scope of the route, which can be <literal>global</literal>, <literal>link</literal> or <literal>host</literal>. Defaults to <literal>global</literal>.</para> </listitem> @@ -648,7 +648,7 @@ <listitem> <para>When true (the default), the static routes will be requested from the DHCP server and added to the routing - table with metric of 1024.</para> + table with a metric of 1024.</para> </listitem> </varlistentry> @@ -725,7 +725,7 @@ address. <varname>PoolOffset=</varname> takes the offset of the pool from the start of subnet, or zero to use the default value. <varname>PoolSize=</varname> takes the number of IP addresses in the - pool or zero to use the default value. By default the pool starts at + pool or zero to use the default value. By default, the pool starts at the first address after the subnet address and takes up the rest of the subnet, excluding the broadcast address. If the pool includes the server address (the default), this is reserved and not handed @@ -741,7 +741,7 @@ another common time unit, depending on the suffix. The default lease time is used for clients that did not ask for a specific lease time. If a client asks for a lease time longer than the - maximum lease time it is automatically shortened to the + maximum lease time, it is automatically shortened to the specified time. The default lease time defaults to 1h, the maximum lease time to 12h. Shorter lease times are beneficial if the configuration data in DHCP leases changes frequently @@ -761,7 +761,7 @@ pass to clients may be configured with the <varname>DNS=</varname> option, which takes a list of IPv4 addresses. If the <varname>EmitDNS=</varname> option is - enabled but no servers configured the servers are + enabled but no servers configured, the servers are automatically propagated from an "uplink" interface that has appropriate servers set. The "uplink" interface is determined by the default route of the system with the highest @@ -770,9 +770,9 @@ into account that acquire DNS or NTP server information at a later point. DNS server propagation does not take <filename>/etc/resolv.conf</filename> into account. Also, note - that the leases are not refreshed if uplink network + that the leases are not refreshed if the uplink network configuration changes. To ensure clients regularly acquire the - most current uplink DNS server information it is thus + most current uplink DNS server information, it is thus advisable to shorten the DHCP lease time via <varname>MaxLeaseTimeSec=</varname> described above.</para></listitem> @@ -783,7 +783,7 @@ <term><varname>NTP=</varname></term> <listitem><para>Similar to the <varname>EmitDNS=</varname> and - <varname>DNS=</varname> settings described above these + <varname>DNS=</varname> settings described above, these settings configure whether and what NTP server information shall be emitted as part of the DHCP lease. The same syntax, propagation semantics and defaults apply as for @@ -802,7 +802,7 @@ <varname>Timezone=</varname> setting takes a timezone string (such as <literal>Europe/Berlin</literal> or <literal>UTC</literal>) to pass to clients. If no explicit - timezone is set the system timezone of the local host is + timezone is set, the system timezone of the local host is propagated, as determined by the <filename>/etc/localtime</filename> symlink.</para></listitem> </varlistentry> @@ -844,7 +844,7 @@ <term><varname>FastLeave=</varname></term> <listitem> <para>A boolean. This flag allows the bridge to immediately stop multicast - traffic on a port that receives IGMP Leave message. It is only used with + traffic on a port that receives an IGMP Leave message. It is only used with IGMP snooping if enabled on the bridge. Defaults to off.</para> </listitem> </varlistentry> @@ -860,7 +860,7 @@ <term><varname>Cost=</varname></term> <listitem> <para>Sets the "cost" of sending packets of this interface. - Each port in a bridge may have different speed and the cost + Each port in a bridge may have a different speed and the cost is used to decide which link to use. Faster interfaces should have lower costs.</para> </listitem> @@ -885,8 +885,8 @@ <varlistentry> <term><varname>VLANId=</varname></term> <listitem> - <para>The VLAN Id for the new static MAC table entry. If - omitted, no VLAN Id info is appended to the new static MAC + <para>The VLAN ID for the new static MAC table entry. If + omitted, no VLAN ID info is appended to the new static MAC table entry.</para> </listitem> </varlistentry> diff --git a/man/systemd.nspawn.xml b/man/systemd.nspawn.xml index 7bfafb424f..c2b7a40ec1 100644 --- a/man/systemd.nspawn.xml +++ b/man/systemd.nspawn.xml @@ -73,11 +73,11 @@ to specific containers. The syntax of these files is inspired by <filename>.desktop</filename> files following the <ulink url="http://standards.freedesktop.org/desktop-entry-spec/latest/">XDG - Desktop Entry Specification</ulink>, which are in turn inspired by + Desktop Entry Specification</ulink>, which in turn are inspired by Microsoft Windows <filename>.ini</filename> files.</para> <para>Boolean arguments used in these settings files can be - written in various formats. For positive settings the strings + written in various formats. For positive settings, the strings <option>1</option>, <option>yes</option>, <option>true</option> and <option>on</option> are equivalent. For negative settings, the strings <option>0</option>, <option>no</option>, @@ -102,27 +102,27 @@ directory or image file name. This file is first searched in <filename>/etc/systemd/nspawn/</filename> and <filename>/run/systemd/nspawn/</filename>. If found in these - directories its settings are read and all of them take full effect + directories, its settings are read and all of them take full effect (but are possibly overridden by corresponding command line - arguments). If not found the file will then be searched next to + arguments). If not found, the file will then be searched next to the image file or in the immediate parent of the root directory of - the container. If the file is found there only a subset of the + the container. If the file is found there, only a subset of the settings will take effect however. All settings that possibly elevate privileges or grant additional access to resources of the host (such as files or directories) are ignored. To which options this applies is documented below.</para> - <para>Persistent settings file created and maintained by the + <para>Persistent settings files created and maintained by the administrator (and thus trusted) should be placed in <filename>/etc/systemd/nspawn/</filename>, while automatically downloaded (and thus potentially untrusted) settings files are placed in <filename>/var/lib/machines/</filename> instead (next to the container images), where their security impact is limited. In order to add privileged settings to <filename>.nspawn</filename> - files acquired from the image vendor it is recommended to copy the + files acquired from the image vendor, it is recommended to copy the settings files into <filename>/etc/systemd/nspawn/</filename> and edit them there, so that the privileged options become - available. The precise algorithm how the files are searched and + available. The precise algorithm for how the files are searched and interpreted may be configured with <command>systemd-nspawn</command>'s <option>--settings=</option> switch, see @@ -141,10 +141,10 @@ <varlistentry> <term><varname>Boot=</varname></term> - <listitem><para>Takes a boolean argument, defaults to off. If - enabled <command>systemd-nspawn</command> will automatically + <listitem><para>Takes a boolean argument, which defaults to off. If + enabled, <command>systemd-nspawn</command> will automatically search for an <filename>init</filename> executable and invoke - it. In this case the specified parameters using + it. In this case, the specified parameters using <varname>Parameters=</varname> are passed as additional arguments to the <filename>init</filename> process. This setting corresponds to the <option>--boot</option> switch on @@ -155,7 +155,7 @@ <varlistentry> <term><varname>Parameters=</varname></term> - <listitem><para>Takes a space separated list of + <listitem><para>Takes a space-separated list of arguments. This is either a command line, beginning with the binary name to execute, or – if <varname>Boot=</varname> is enabled – the list of arguments to pass to the init @@ -190,7 +190,7 @@ <term><varname>Capability=</varname></term> <term><varname>DropCapability=</varname></term> - <listitem><para>Takes a space separated list of Linux process + <listitem><para>Takes a space-separated list of Linux process capabilities (see <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry> for details). The <varname>Capability=</varname> setting @@ -205,7 +205,7 @@ <filename>.nspawn</filename> files in <filename>/etc/systemd/nspawn/</filename> and <filename>/run/system/nspawn/</filename> (see above). On the - other hand <varname>DropCapability=</varname> takes effect in + other hand, <varname>DropCapability=</varname> takes effect in all cases.</para></listitem> </varlistentry> @@ -220,7 +220,7 @@ <varlistentry> <term><varname>MachineID=</varname></term> - <listitem><para>Configures the 128bit machine ID (UUID) to pass to + <listitem><para>Configures the 128-bit machine ID (UUID) to pass to the container. This is equivalent to the <option>--uuid=</option> command line switch. This option is privileged (see above). </para></listitem> @@ -240,8 +240,8 @@ <varlistentry> <term><varname>ReadOnly=</varname></term> - <listitem><para>Takes a boolean argument, defaults to off. If - specified the container will be run with a read-only file + <listitem><para>Takes a boolean argument, which defaults to off. If + specified, the container will be run with a read-only file system. This setting corresponds to the <option>--read-only</option> command line switch.</para></listitem> @@ -303,8 +303,8 @@ <varlistentry> <term><varname>Private=</varname></term> - <listitem><para>Takes a boolean argument, defaults to off. If - enabled the container will run in its own network namespace + <listitem><para>Takes a boolean argument, which defaults to off. If + enabled, the container will run in its own network namespace and not share network interfaces and configuration with the host. This setting corresponds to the <option>--private-network</option> command line @@ -315,7 +315,7 @@ <term><varname>VirtualEthernet=</varname></term> <listitem><para>Takes a boolean argument. Configures whether - to create a virtual ethernet connection + to create a virtual Ethernet connection (<literal>veth</literal>) between host and the container. This setting implies <varname>Private=yes</varname>. This setting corresponds to the <option>--network-veth</option> command @@ -326,7 +326,7 @@ <varlistentry> <term><varname>Interface=</varname></term> - <listitem><para>Takes a space separated list of interfaces to + <listitem><para>Takes a space-separated list of interfaces to add to the container. This option corresponds to the <option>--network-interface=</option> command line switch and implies <varname>Private=yes</varname>. This option is @@ -337,7 +337,7 @@ <term><varname>MACVLAN=</varname></term> <term><varname>IPVLAN=</varname></term> - <listitem><para>Takes a space separated list of interfaces to + <listitem><para>Takes a space-separated list of interfaces to add MACLVAN or IPVLAN interfaces to, which are then added to the container. These options correspond to the <option>--network-macvlan=</option> and diff --git a/man/systemd.resource-control.xml b/man/systemd.resource-control.xml index 9c5366a2b0..164adb938a 100644 --- a/man/systemd.resource-control.xml +++ b/man/systemd.resource-control.xml @@ -189,7 +189,7 @@ or T, the specified memory size is parsed as Kilobytes, Megabytes, Gigabytes, or Terabytes (with the base 1024), respectively. If assigned the special value - <literal>infinity</literal> no memory limit is applied. This + <literal>infinity</literal>, no memory limit is applied. This controls the <literal>memory.limit_in_bytes</literal> control group attribute. For details about this control group attribute, see <ulink @@ -226,7 +226,7 @@ created in the unit. This ensures that the number of tasks accounted for the unit (see above) stays below a specific limit. If assigned the special value - <literal>infinity</literal> no tasks limit is applied. This + <literal>infinity</literal>, no tasks limit is applied. This controls the <literal>pids.max</literal> control group attribute. For details about this control group attribute, see <ulink @@ -240,8 +240,8 @@ <term><varname>BlockIOAccounting=</varname></term> <listitem> - <para>Turn on Block IO accounting for this unit. Takes a - boolean argument. Note that turning on block IO accounting + <para>Turn on Block I/O accounting for this unit. Takes a + boolean argument. Note that turning on block I/O accounting for one unit will also implicitly turn it on for all units contained in the same slice and all for its parent slices and the units contained therein. The system default for this @@ -255,15 +255,15 @@ <term><varname>BlockIOWeight=<replaceable>weight</replaceable></varname></term> <term><varname>StartupBlockIOWeight=<replaceable>weight</replaceable></varname></term> - <listitem><para>Set the default overall block IO weight for + <listitem><para>Set the default overall block I/O weight for the executed processes. Takes a single weight value (between - 10 and 1000) to set the default block IO weight. This controls + 10 and 1000) to set the default block I/O weight. This controls the <literal>blkio.weight</literal> control group attribute, which defaults to 500. For details about this control group attribute, see <ulink url="https://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt">blkio-controller.txt</ulink>. - The available IO bandwidth is split up among all units within - one slice relative to their block IO weight.</para> + The available I/O bandwidth is split up among all units within + one slice relative to their block I/O weight.</para> <para>While <varname>StartupBlockIOWeight=</varname> only applies to the startup phase of the system, @@ -281,7 +281,7 @@ <term><varname>BlockIODeviceWeight=<replaceable>device</replaceable> <replaceable>weight</replaceable></varname></term> <listitem> - <para>Set the per-device overall block IO weight for the + <para>Set the per-device overall block I/O weight for the executed processes. Takes a space-separated pair of a file path and a weight value to specify the device specific weight value, between 10 and 1000. (Example: "/dev/sda @@ -305,7 +305,7 @@ <term><varname>BlockIOWriteBandwidth=<replaceable>device</replaceable> <replaceable>bytes</replaceable></varname></term> <listitem> - <para>Set the per-device overall block IO bandwidth limit + <para>Set the per-device overall block I/O bandwidth limit for the executed processes. Takes a space-separated pair of a file path and a bandwidth value (in bytes per second) to specify the device specific bandwidth. The file path may be @@ -457,9 +457,9 @@ <para>Turns on delegation of further resource control partitioning to processes of the unit. For unprivileged services (i.e. those using the <varname>User=</varname> - setting) this allows processes to create a subhierarchy + setting), this allows processes to create a subhierarchy beneath its control group path. For privileged services and - scopes this ensures the processes will have all control + scopes, this ensures the processes will have all control group controllers enabled.</para> </listitem> </varlistentry> diff --git a/man/systemd.service.xml b/man/systemd.service.xml index 8afdbc513b..4e5098f0e1 100644 --- a/man/systemd.service.xml +++ b/man/systemd.service.xml @@ -254,7 +254,7 @@ for, and its node will be bind-mounted over the default bus node location, so the service can only access the bus through its own endpoint. Note that custom bus endpoints default to a - 'deny all' policy. Hence, if at least one + "deny all" policy. Hence, if at least one <varname>BusPolicy=</varname> directive is given, you have to make sure to add explicit rules for everything the service should be able to do.</para> @@ -283,7 +283,7 @@ <term><varname>ExecStart=</varname></term> <listitem><para>Commands with their arguments that are executed when this service is started. The value is split into - zero or more command lines is according to the rules described + zero or more command lines according to the rules described below (see section "Command Lines" below). </para> @@ -343,7 +343,7 @@ <para><varname>ExecStartPost=</varname> commands are only run after the service has started, as determined by <varname>Type=</varname> - (i.e. The process has been started for <varname>Type=simple</varname> + (i.e. the process has been started for <varname>Type=simple</varname> or <varname>Type=idle</varname>, the process exits successfully for <varname>Type=oneshot</varname>, the initial process exits successfully for <varname>Type=forking</varname>, <literal>READY=1</literal> is sent @@ -403,11 +403,11 @@ <para>Note that it is usually not sufficient to specify a command for this setting that only asks the service to - terminate (for example by queuing some form of termination + terminate (for example, by queuing some form of termination signal for it), but does not wait for it to do so. Since the remaining processes of the services are killed using <constant>SIGKILL</constant> immediately after the command - exited this would not result in a clean stop. The specified + exited, this would not result in a clean stop. The specified command should hence be a synchronous operation, not an asynchronous one.</para></listitem> </varlistentry> @@ -628,7 +628,7 @@ </tgroup> </table> - <para>As exceptions to the setting above the service will not + <para>As exceptions to the setting above, the service will not be restarted if the exit code or signal is specified in <varname>RestartPreventExitStatus=</varname> (see below). Also, the services will always be restarted if the exit code @@ -646,8 +646,8 @@ <varlistentry> <term><varname>SuccessExitStatus=</varname></term> - <listitem><para>Takes a list of exit status definitions that - when returned by the main service process will be considered + <listitem><para>Takes a list of exit status definitions that, + when returned by the main service process, will be considered successful termination, in addition to the normal successful exit code 0 and the signals <constant>SIGHUP</constant>, <constant>SIGINT</constant>, <constant>SIGTERM</constant>, and @@ -679,8 +679,8 @@ <varlistentry> <term><varname>RestartPreventExitStatus=</varname></term> - <listitem><para>Takes a list of exit status definitions that - when returned by the main service process will prevent + <listitem><para>Takes a list of exit status definitions that, + when returned by the main service process, will prevent automatic service restarts, regardless of the restart setting configured with <varname>Restart=</varname>. Exit status definitions can either be numeric exit codes or termination @@ -699,8 +699,8 @@ <varlistentry> <term><varname>RestartForceExitStatus=</varname></term> - <listitem><para>Takes a list of exit status definitions that - when returned by the main service process will force automatic + <listitem><para>Takes a list of exit status definitions that, + when returned by the main service process, will force automatic service restarts, regardless of the restart setting configured with <varname>Restart=</varname>. The argument format is similar to @@ -779,8 +779,8 @@ <term><varname>Sockets=</varname></term> <listitem><para>Specifies the name of the socket units this service shall inherit socket file descriptors from when the - service is started. Normally it should not be necessary to use - this setting as all socket file descriptors whose unit shares + service is started. Normally, it should not be necessary to use + this setting, as all socket file descriptors whose unit shares the same name as the service (subject to the different unit name suffix of course) are passed to the spawned process.</para> @@ -789,7 +789,7 @@ to multiple processes simultaneously. Also note that a different service may be activated on incoming socket traffic than the one which is ultimately configured to inherit the - socket file descriptors. Or in other words: the + socket file descriptors. Or, in other words: the <varname>Service=</varname> setting of <filename>.socket</filename> units does not have to match the inverse of the <varname>Sockets=</varname> setting of the @@ -859,7 +859,7 @@ <option>reboot-immediate</option> causes immediate execution of the <citerefentry><refentrytitle>reboot</refentrytitle><manvolnum>2</manvolnum></citerefentry> - system call, which might result in data loss. Similar, + system call, which might result in data loss. Similarly, <option>poweroff</option>, <option>poweroff-force</option>, <option>poweroff-immediate</option> have the effect of powering down the system with similar semantics. Defaults to @@ -909,9 +909,9 @@ <ulink url="https://www.kernel.org/doc/Documentation/usb/functionfs.txt">USB FunctionFS</ulink> descriptors, for implementation of USB - gadget functions. This is is used only in conjunction with a + gadget functions. This is used only in conjunction with a socket unit with <varname>ListenUSBFunction=</varname> - configured. The contents of this file is written to the + configured. The contents of this file are written to the <filename>ep0</filename> file after it is opened.</para></listitem> </varlistentry> @@ -992,7 +992,7 @@ contains, resulting in a single argument. Use <literal>$FOO</literal> as a separate word on the command line, in which case it will be replaced by the value of the environment - variable split at whitespace resulting in zero or more arguments. + variable split at whitespace, resulting in zero or more arguments. For this type of expansion, quotes are respected when splitting into words, and afterwards removed.</para> @@ -1175,7 +1175,7 @@ WantedBy=multi-user.target</programlisting> <example> <title>Oneshot service</title> - <para>Sometimes units should just execute an action without + <para>Sometimes, units should just execute an action without keeping active processes, such as a filesystem check or a cleanup action on boot. For this, <varname>Type=</varname><option>oneshot</option> exists. Units @@ -1194,10 +1194,10 @@ ExecStart=/usr/sbin/foo-cleanup WantedBy=multi-user.target</programlisting> <para>Note that systemd will consider the unit to be in the - state 'starting' until the program has terminated, so ordered + state "starting" until the program has terminated, so ordered dependencies will wait for the program to finish before starting - themselves. The unit will revert to the 'inactive' state after - the execution is done, never reaching the 'active' state. That + themselves. The unit will revert to the "inactive" state after + the execution is done, never reaching the "active" state. That means another request to start the unit will perform the action again.</para> @@ -1214,9 +1214,9 @@ WantedBy=multi-user.target</programlisting> <para>Similarly to the oneshot services, there are sometimes units that need to execute a program to set up something and then execute another to shut it down, but no process remains - active while they are considered 'started'. Network + active while they are considered "started". Network configuration can sometimes fall into this category. Another use - case is if a oneshot service shall not be executed a each time + case is if a oneshot service shall not be executed each time when they are pulled in as a dependency, but only the first time.</para> @@ -1227,11 +1227,11 @@ WantedBy=multi-user.target</programlisting> types, but is most useful with <varname>Type=</varname><option>oneshot</option> and <varname>Type=</varname><option>simple</option>. With - <varname>Type=</varname><option>oneshot</option> systemd waits + <varname>Type=</varname><option>oneshot</option>, systemd waits until the start action has completed before it considers the unit to be active, so dependencies start only after the start action has succeeded. With - <varname>Type=</varname><option>simple</option> dependencies + <varname>Type=</varname><option>simple</option>, dependencies will start immediately after the start action has been dispatched. The following unit provides an example for a simple static firewall.</para> @@ -1266,7 +1266,7 @@ WantedBy=multi-user.target</programlisting> <varname>RemainAfterExit=</varname><option>no</option>), the service is considered started.</para> - <para>Often a traditional daemon only consists of one process. + <para>Often, a traditional daemon only consists of one process. Therefore, if only one process is left after the original process terminates, systemd will consider that process the main process of the service. In that case, the @@ -1281,7 +1281,7 @@ WantedBy=multi-user.target</programlisting> traditional PID file, systemd will be able to read the main PID from there. Please set <varname>PIDFile=</varname> accordingly. Note that the daemon should write that file before finishing - with its initialization, otherwise systemd might try to read the + with its initialization. Otherwise, systemd might try to read the file before it exists.</para> <para>The following example shows a simple daemon that forks and @@ -1324,7 +1324,7 @@ ExecStart=/usr/sbin/simple-dbus-service [Install] WantedBy=multi-user.target</programlisting> - <para>For <emphasis>bus-activatable</emphasis> services, don't + <para>For <emphasis>bus-activatable</emphasis> services, do not include a <literal>[Install]</literal> section in the systemd service file, but use the <varname>SystemdService=</varname> option in the corresponding DBus service file, for example @@ -1366,7 +1366,7 @@ ExecStart=/usr/sbin/simple-notifying-service WantedBy=multi-user.target</programlisting> <para>Note that the daemon has to support systemd's notification - protocol, else systemd will think the service hasn't started yet + protocol, else systemd will think the service has not started yet and kill it after a timeout. For an example of how to update daemons to support this protocol transparently, take a look at <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>. diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml index 46a47b2d95..410886f841 100644 --- a/man/systemd.socket.xml +++ b/man/systemd.socket.xml @@ -194,7 +194,7 @@ refers to TCP sockets, <constant>SOCK_DGRAM</constant> (i.e. <varname>ListenDatagram=</varname>) to UDP.</para> - <para>These options may be specified more than once in which + <para>These options may be specified more than once, in which case incoming traffic on any of the sockets will trigger service activation, and all listed sockets will be passed to the service, regardless of whether there is incoming traffic @@ -268,7 +268,7 @@ implementation of USB gadget functions. This expects an absolute file system path as the argument. Behavior otherwise is very similar to the <varname>ListenFIFO=</varname> - directive above. Use this to open FunctionFS endpoint + directive above. Use this to open the FunctionFS endpoint <filename>ep0</filename>. When using this option, the activated service has to have the <varname>USBFunctionDescriptors=</varname> and @@ -375,10 +375,10 @@ to work unmodified with systemd socket activation.</para> - <para>For IPv4 and IPv6 connections the <varname>REMOTE_ADDR</varname> - environment variable will contain the remote IP, and <varname>REMOTE_PORT</varname> + <para>For IPv4 and IPv6 connections, the <varname>REMOTE_ADDR</varname> + environment variable will contain the remote IP address, and <varname>REMOTE_PORT</varname> will contain the remote port. This is the same as the format used by CGI. - For SOCK_RAW the port is the IP protocol.</para></listitem> + For SOCK_RAW, the port is the IP protocol.</para></listitem> </varlistentry> <varlistentry> @@ -386,7 +386,7 @@ <listitem><para>Takes a boolean argument. May only be used in conjunction with <varname>ListenSpecial=</varname>. If true, the specified special file is opened in read-write mode, if - false in read-only mode. Defaults to false.</para></listitem> + false, in read-only mode. Defaults to false.</para></listitem> </varlistentry> <varlistentry> @@ -418,7 +418,7 @@ <varlistentry> <term><varname>KeepAliveTimeSec=</varname></term> - <listitem><para>Takes time (in seconds) as argument . The connection needs to remain + <listitem><para>Takes time (in seconds) as argument. The connection needs to remain idle before TCP starts sending keepalive probes. This controls the TCP_KEEPIDLE socket option (see <citerefentry project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry> @@ -432,7 +432,7 @@ <term><varname>KeepAliveIntervalSec=</varname></term> <listitem><para>Takes time (in seconds) as argument between individual keepalive probes, if the socket option SO_KEEPALIVE - has been set on this socket seconds as argument. This controls + has been set on this socket. This controls the TCP_KEEPINTVL socket option (see <citerefentry project='man-pages'><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry> and the <ulink @@ -443,7 +443,7 @@ <varlistentry> <term><varname>KeepAliveProbes=</varname></term> - <listitem><para>Takes integer as argument. It's the number of + <listitem><para>Takes an integer as argument. It is the number of unacknowledged probes to send before considering the connection dead and notifying the application layer. This controls the TCP_KEEPCNT socket option (see @@ -752,14 +752,14 @@ <term><varname>FileDescriptorName=</varname></term> <listitem><para>Assigns a name to all file descriptors this socket unit encapsulates. This is useful to help activated - services to identify specific file descriptors, if multiple + services identify specific file descriptors, if multiple fds are passed. Services may use the <citerefentry><refentrytitle>sd_listen_fds_with_names</refentrytitle><manvolnum>3</manvolnum></citerefentry> call to acquire the names configured for the received file descriptors. Names may contain any ASCII character, but must - exclude control characters or <literal>:</literal>, and must + exclude control characters and <literal>:</literal>, and must be at most 255 characters in length. If this setting is not - used the file descriptor name defaults to the name of the + used, the file descriptor name defaults to the name of the socket unit, including its <filename>.socket</filename> suffix.</para></listitem> </varlistentry> diff --git a/man/systemd.special.xml b/man/systemd.special.xml index 78bad4d814..54e7c49a9e 100644 --- a/man/systemd.special.xml +++ b/man/systemd.special.xml @@ -130,7 +130,7 @@ for this target unit to all services (except for those with <varname>DefaultDependencies=no</varname>).</para> - <para>Usually this should pull-in all local mount points plus + <para>Usually, this should pull-in all local mount points plus <filename>/var</filename>, <filename>/tmp</filename> and <filename>/var/tmp</filename>, swap devices, sockets, timers, path units and other basic initialization necessary for general @@ -152,7 +152,7 @@ <term><filename>ctrl-alt-del.target</filename></term> <listitem> <para>systemd starts this target whenever Control+Alt+Del is - pressed on the console. Usually this should be aliased + pressed on the console. Usually, this should be aliased (symlinked) to <filename>reboot.target</filename>.</para> </listitem> </varlistentry> @@ -182,7 +182,7 @@ <varlistentry> <term><filename>default.target</filename></term> <listitem> - <para>The default unit systemd starts at bootup. Usually + <para>The default unit systemd starts at bootup. Usually, this should be aliased (symlinked) to <filename>multi-user.target</filename> or <filename>graphical.target</filename>.</para> @@ -195,7 +195,7 @@ <varlistentry> <term><filename>display-manager.service</filename></term> <listitem> - <para>The display manager service. Usually this should be + <para>The display manager service. Usually, this should be aliased (symlinked) to <filename>gdm.service</filename> or a similar display manager service.</para> </listitem> @@ -225,7 +225,7 @@ signal when running as user service daemon.</para> <para>Normally, this (indirectly) pulls in - <filename>shutdown.target</filename> which in turn should be + <filename>shutdown.target</filename>, which in turn should be conflicted by all units that want to be scheduled for shutdown when the service manager starts to exit.</para> </listitem> diff --git a/man/systemd.swap.xml b/man/systemd.swap.xml index d9a39577d5..bc9ef826e1 100644 --- a/man/systemd.swap.xml +++ b/man/systemd.swap.xml @@ -111,7 +111,7 @@ <filename>/etc/fstab</filename> and a unit file, the configuration in the latter takes precedence.</para> - <para>When reading <filename>/etc/fstab</filename> a few special + <para>When reading <filename>/etc/fstab</filename>, a few special options are understood by systemd which influence how dependencies are created for swap units.</para> @@ -120,11 +120,11 @@ <term><option>noauto</option></term> <term><option>auto</option></term> - <listitem><para>With <option>noauto</option> the swap unit + <listitem><para>With <option>noauto</option>, the swap unit will not be added as a dependency for <filename>swap.target</filename>. This means that it will not be activated automatically during boot, unless it is pulled in - by some other unit. Option <option>auto</option> has the + by some other unit. The <option>auto</option> option has the opposite meaning and is the default.</para> </listitem> </varlistentry> @@ -132,7 +132,7 @@ <varlistentry> <term><option>nofail</option></term> - <listitem><para>With <option>nofail</option> the swap unit + <listitem><para>With <option>nofail</option>, the swap unit will be only wanted, not required by <filename>swap.target</filename>. This means that the boot will continue even if this swap device is not activated @@ -177,8 +177,8 @@ <listitem><para>Swap priority to use when activating the swap device or file. This takes an integer. This setting is - optional and ignored when priority is set by <option>pri=</option> in the - <varname>Options=</varname> option.</para></listitem> + optional and ignored when the priority is set by <option>pri=</option> in the + <varname>Options=</varname> key.</para></listitem> </varlistentry> <varlistentry> diff --git a/man/systemd.time.xml b/man/systemd.time.xml index df7e1ecfb9..135eb35f1b 100644 --- a/man/systemd.time.xml +++ b/man/systemd.time.xml @@ -117,11 +117,11 @@ <refsect1> <title>Parsing Timestamps</title> - <para>When parsing systemd will accept a similar syntax, but + <para>When parsing, systemd will accept a similar syntax, but expects no timezone specification, unless it is given as the - literal string "UTC". In this case the time is considered in UTC, + literal string "UTC". In this case, the time is considered in UTC, otherwise in the local timezone. The weekday specification is - optional, but when the weekday is specified it must either be in + optional, but when the weekday is specified, it must either be in the abbreviated (<literal>Wed</literal>) or non-abbreviated (<literal>Wednesday</literal>) English language form (case does not matter), and is not subject to the locale choice of the user. @@ -139,8 +139,8 @@ placeholders instead of timestamps: <literal>now</literal> may be used to refer to the current time (or of the invocation of the command that is currently executed). <literal>today</literal>, - <literal>yesterday</literal>, <literal>tomorrow</literal> refer to - 00:00:00 of the current day, the day before or the next day, + <literal>yesterday</literal>, and <literal>tomorrow</literal> refer to + 00:00:00 of the current day, the day before, or the next day, respectively.</para> <para>When parsing, systemd will also accept relative time @@ -185,7 +185,7 @@ <para>Note that timestamps printed by systemd will not be parsed correctly by systemd, as the timezone specification is not accepted, and printing timestamps is subject to locale settings - for the weekday while parsing only accepts English weekday + for the weekday, while parsing only accepts English weekday names.</para> <para>In some cases, systemd will display a relative timestamp @@ -252,7 +252,7 @@ <literal>Mon *-*-* 00:00:00</literal>, <literal>*-01-01 00:00:00</literal>, <literal>*-01,04,07,10-01 00:00:00</literal> and - <literal>*-01,07-01 00:00:00</literal> respectively. + <literal>*-01,07-01 00:00:00</literal>, respectively. </para> <para>Examples for valid timestamps and their diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml index a4eeccaed4..5c74318fec 100644 --- a/man/systemd.unit.xml +++ b/man/systemd.unit.xml @@ -186,8 +186,8 @@ be parsed after the file itself is parsed. This is useful to alter or add configuration settings to a unit, without having to modify their unit files. Make sure that the file that is included has the - appropriate section headers before any directive. Note that for - instanced units this logic will first look for the instance + appropriate section headers before any directive. Note that, for + instanced units, this logic will first look for the instance <literal>.d/</literal> subdirectory and read its <literal>.conf</literal> files, followed by the template <literal>.d/</literal> subdirectory and reads its @@ -209,7 +209,7 @@ device node <filename noindex='true'>/dev/sda</filename> in the file system namespace. If this applies, a special way to escape the path name is used, so that the result is usable as part of a - filename. Basically, given a path, "/" is replaced by "-" and all + filename. Basically, given a path, "/" is replaced by "-", and all other characters which are not ASCII alphanumerics are replaced by C-style "\x2d" escapes (except that "_" is never replaced and "." is only replaced when it would be the first character in the @@ -363,7 +363,7 @@ <refsect1> <title>[Unit] Section Options</title> - <para>Unit file may include a [Unit] section, which carries + <para>The unit file may include a [Unit] section, which carries generic information about the unit that is not dependent on the type of unit:</para> @@ -422,7 +422,7 @@ with <varname>After=</varname> or <varname>Before=</varname>, then both units will be started simultaneously and without any delay between them if <filename>foo.service</filename> is - activated. Often it is a better choice to use + activated. Often, it is a better choice to use <varname>Wants=</varname> instead of <varname>Requires=</varname> in order to achieve a system that is more robust when dealing with failing services.</para> @@ -430,7 +430,7 @@ <para>Note that dependencies of this type may also be configured outside of the unit configuration file by adding a symlink to a <filename>.requires/</filename> directory - accompanying the unit file. For details see + accompanying the unit file. For details, see above.</para></listitem> </varlistentry> @@ -666,7 +666,7 @@ <listitem><para>Takes a boolean argument. If <option>true</option>, this unit will be stopped when it is no - longer used. Note that in order to minimize the work to be + longer used. Note that, in order to minimize the work to be executed, systemd will not stop units by default unless they are conflicting with other units, or the user explicitly requested their shut down. If this option is set, a unit will @@ -728,7 +728,7 @@ <term><varname>JobTimeoutAction=</varname></term> <term><varname>JobTimeoutRebootArgument=</varname></term> - <listitem><para>When a job for this unit is queued a time-out + <listitem><para>When a job for this unit is queued, a time-out may be configured. If this time limit is reached, the job will be cancelled, the unit however will not change state or even enter the <literal>failed</literal> mode. This value defaults @@ -779,8 +779,8 @@ <term><varname>ConditionFileNotEmpty=</varname></term> <term><varname>ConditionFileIsExecutable=</varname></term> - <!-- We don't document ConditionNull= - here as it is not particularly + <!-- We do not document ConditionNull= + here, as it is not particularly useful and probably just confusing. --> @@ -854,7 +854,8 @@ <varname>lxc</varname>, <varname>lxc-libvirt</varname>, <varname>systemd-nspawn</varname>, - <varname>docker</varname> to test + <varname>docker</varname>, + <varname>rkt</varname> to test against a specific implementation. See <citerefentry><refentrytitle>systemd-detect-virt</refentrytitle><manvolnum>1</manvolnum></citerefentry> for a full list of known virtualization technologies and their @@ -885,7 +886,7 @@ <para><varname>ConditionSecurity=</varname> may be used to check whether the given security module is enabled on the - system. Currently the recognized values values are + system. Currently, the recognized values values are <varname>selinux</varname>, <varname>apparmor</varname>, <varname>ima</varname>, @@ -1025,10 +1026,10 @@ <listitem><para>Similar to the <varname>ConditionArchitecture=</varname>, - <varname>ConditionVirtualization=</varname>, ... condition - settings described above these settings add assertion checks + <varname>ConditionVirtualization=</varname>, etc., condition + settings described above, these settings add assertion checks to the start-up of the unit. However, unlike the conditions - settings any assertion setting that is not met results in + settings, any assertion setting that is not met results in failure of the start job it was triggered by.</para></listitem> </varlistentry> diff --git a/man/systemd.xml b/man/systemd.xml index 8d74ca49c3..08ce99d0cc 100644 --- a/man/systemd.xml +++ b/man/systemd.xml @@ -119,7 +119,7 @@ run a system instance, even if the process ID is not 1, i.e. systemd is not run as init process. <option>--user</option> does the opposite, running a user instance even if the process - ID is 1. Normally it should not be necessary to pass these + ID is 1. Normally, it should not be necessary to pass these options, as systemd automatically detects the mode it is started in. These options are hence of little use except for debugging. Note that it is not supported booting and @@ -142,7 +142,7 @@ <term><option>--crash-vt=</option><replaceable>VT</replaceable></term> <listitem><para>Switch to a specific virtual console (VT) on - crash. Takes a positive integer in the range 1..63, or a + crash. Takes a positive integer in the range 1–63, or a boolean argument. If an integer is passed, selects which VT to switch to. If <constant>yes</constant>, the VT kernel messages are written to is selected. If <constant>no</constant>, no VT @@ -289,12 +289,12 @@ <orderedlist> <listitem><para>Service units, which start and control daemons - and the processes they consist of. For details see + and the processes they consist of. For details, see <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem> <listitem><para>Socket units, which encapsulate local IPC or network sockets in the system, useful for socket-based - activation. For details about socket units see + activation. For details about socket units, see <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>, for details on socket-based activation and other forms of activation, see @@ -306,7 +306,7 @@ <listitem><para>Device units expose kernel devices in systemd and may be used to implement device-based activation. For - details see + details, see <citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem> <listitem><para>Mount units control mount points in the file @@ -321,7 +321,7 @@ <listitem><para>Snapshot units can be used to temporarily save the state of the set of systemd units, which later may be restored by activating the saved snapshot unit. For more - information see + information, see <citerefentry><refentrytitle>systemd.snapshot</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem> <listitem><para>Timer units are useful for triggering activation @@ -379,7 +379,7 @@ <para>On boot systemd activates the target unit <filename>default.target</filename> whose job is to activate on-boot services and other on-boot units by pulling them in via - dependencies. Usually the unit name is just an alias (symlink) for + dependencies. Usually, the unit name is just an alias (symlink) for either <filename>graphical.target</filename> (for fully-featured boots into the UI) or <filename>multi-user.target</filename> (for limited console-only boots for use in embedded or server @@ -448,7 +448,7 @@ <para>Units may be generated dynamically at boot and system manager reload time, for example based on other configuration - files or parameters passed on the kernel command line. For details see + files or parameters passed on the kernel command line. For details, see <citerefentry><refentrytitle>systemd.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para> <para>Systems which invoke systemd in a container or initrd @@ -562,9 +562,9 @@ <filename>ctrl-alt-del.target</filename> unit. This is mostly equivalent to <command>systemctl start ctl-alt-del.target</command>. If this signal is received more - often than 7 times per 2s an immediate reboot is triggered. + than 7 times per 2s, an immediate reboot is triggered. Note that pressing Ctrl-Alt-Del on the console will trigger - this signal. Hence, if a reboot is hanging pressing + this signal. Hence, if a reboot is hanging, pressing Ctrl-Alt-Del more than 7 times in 2s is a relatively safe way to trigger an immediate reboot.</para> @@ -606,7 +606,7 @@ <term><constant>SIGUSR2</constant></term> <listitem><para>When this signal is received the systemd - manager will log its complete state in human readable form. + manager will log its complete state in human-readable form. The data logged is the same as printed by <command>systemd-analyze dump</command>.</para></listitem> </varlistentry> @@ -895,11 +895,11 @@ <term><varname>systemd.crash_chvt=</varname></term> <listitem><para>Takes a positive integer, or a boolean - argument. If a positive integer (in the range 1..63) is - specified the system manager (PID 1) will activate the specified + argument. If a positive integer (in the range 1–63) is + specified, the system manager (PID 1) will activate the specified virtual terminal (VT) when it crashes. Defaults to <constant>no</constant>, meaning that no such switch is - attempted. If set to <constant>yes</constant> the VT the + attempted. If set to <constant>yes</constant>, the VT the kernel messages are written to is selected.</para></listitem> </varlistentry> @@ -945,7 +945,7 @@ like <option>false</option> until a service fails or there is a significant delay in boot. Defaults to <option>yes</option>, unless <option>quiet</option> is passed - as kernel command line option in which case it defaults to + as kernel command line option, in which case it defaults to <constant>auto</constant>.</para></listitem> </varlistentry> @@ -1061,7 +1061,7 @@ <listitem><para>Set the system locale to use. This overrides the settings in <filename>/etc/locale.conf</filename>. For - more information see + more information, see <citerefentry project='man-pages'><refentrytitle>locale.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> and <citerefentry project='man-pages'><refentrytitle>locale</refentrytitle><manvolnum>7</manvolnum></citerefentry>. diff --git a/man/sysusers.d.xml b/man/sysusers.d.xml index 11cb83388f..42b53b2759 100644 --- a/man/sysusers.d.xml +++ b/man/sysusers.d.xml @@ -121,7 +121,7 @@ u root 0 "Superuser" /root</programlisting> <term><varname>r</varname></term> <listitem><para>Add a range of numeric UIDs/GIDs to the pool to allocate new UIDs and GIDs from. If no line of this type - is specified the range of UIDs/GIDs is set to some + is specified, the range of UIDs/GIDs is set to some compiled-in default. Note that both UIDs and GIDs are allocated from the same pool, in order to ensure that users and groups of the same name are likely to carry the same @@ -143,32 +143,32 @@ u root 0 "Superuser" /root</programlisting> all system and group names with the underscore, and avoiding too generic names.</para> - <para>For <varname>m</varname> lines this field should contain + <para>For <varname>m</varname> lines, this field should contain the user name to add to a group.</para> - <para>For lines of type <varname>r</varname> this field should + <para>For lines of type <varname>r</varname>, this field should be set to <literal>-</literal>.</para> </refsect2> <refsect2> <title>ID</title> - <para>For <varname>u</varname> and <varname>g</varname> the - numeric 32bit UID or GID of the user/group. Do not use IDs 65535 + <para>For <varname>u</varname> and <varname>g</varname>, the + numeric 32-bit UID or GID of the user/group. Do not use IDs 65535 or 4294967295, as they have special placeholder meanings. Specify <literal>-</literal> for automatic UID/GID allocation for the user or group. Alternatively, specify an absolute path - in the file system. In this case the UID/GID is read from the + in the file system. In this case, the UID/GID is read from the path's owner/group. This is useful to create users whose UID/GID match the owners of pre-existing files (such as SUID or SGID binaries).</para> - <para>For <varname>m</varname> lines this field should contain + <para>For <varname>m</varname> lines, this field should contain the group name to add to a user to.</para> - <para>For lines of type <varname>r</varname> this field should + <para>For lines of type <varname>r</varname>, this field should be set to a UID/GID range in the format - <literal>FROM-TO</literal> where both values are formatted as + <literal>FROM-TO</literal>, where both values are formatted as decimal ASCII numbers. Alternatively, a single UID/GID may be specified formatted as decimal ASCII numbers.</para> </refsect2> @@ -188,7 +188,7 @@ u root 0 "Superuser" /root</programlisting> <refsect2> <title>Home Directory</title> - <para>The home directory for a new system user. If omitted + <para>The home directory for a new system user. If omitted, defaults to the root directory. It is recommended to not unnecessarily specify home directories for system users, unless software strictly requires one to be set.</para> @@ -207,7 +207,7 @@ u root 0 "Superuser" /root</programlisting> <para>Note that <command>systemd-sysusers</command> will do nothing if the specified users or groups already exist, so - normally there no reason to override + normally, there is no reason to override <filename>sysusers.d</filename> vendor configuration, except to block certain users or groups from being created.</para> </refsect1> diff --git a/man/timedatectl.xml b/man/timedatectl.xml index c439bc56ed..415e2c799a 100644 --- a/man/timedatectl.xml +++ b/man/timedatectl.xml @@ -108,7 +108,7 @@ on. Note that whether network time synchronization is on simply reflects whether the <filename>systemd-timesyncd.service</filename> unit is - enabled. Even if this command shows the status as off a + enabled. Even if this command shows the status as off, a different service might still synchronize the clock with the network.</para></listitem> </varlistentry> @@ -179,10 +179,10 @@ <para>Note that even if time synchronization is turned off with this command, another unrelated system service might - still synchronize the clock with the network. Also note that - strictly speaking + still synchronize the clock with the network. Also note that, + strictly speaking, <filename>systemd-timesyncd.service</filename> does more than - just network time synchronization as it ensures a monotonic + just network time synchronization, as it ensures a monotonic clock on systems without RTC even if no network is available. See <citerefentry><refentrytitle>systemd-timesyncd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> diff --git a/man/timesyncd.conf.xml b/man/timesyncd.conf.xml index c883685c97..10c2de89f6 100644 --- a/man/timesyncd.conf.xml +++ b/man/timesyncd.conf.xml @@ -72,7 +72,7 @@ <varlistentry> <term><varname>NTP=</varname></term> - <listitem><para>A space separated list of NTP server host + <listitem><para>A space-separated list of NTP server host names or IP addresses. During runtime this list is combined with any per-interface NTP servers acquired from <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. @@ -84,7 +84,7 @@ <varlistentry> <term><varname>FallbackNTP=</varname></term> - <listitem><para>A space separated list of NTP server host + <listitem><para>A space-separated list of NTP server host names or IP addresses to be used as the fallback NTP servers. Any per-interface NTP servers obtained from <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml index 662ec4518b..3f6128cb5b 100644 --- a/man/tmpfiles.d.xml +++ b/man/tmpfiles.d.xml @@ -102,8 +102,8 @@ prefix and suffix of each other, then the prefix is always processed first, the suffix later. Lines that take globs are applied after those accepting no globs. If multiple operations - shall be applied on the same file (such as ACL, xattr, file - attribute adjustments) these are always done in the same fixed + shall be applied on the same file, (such as ACL, xattr, file + attribute adjustments), these are always done in the same fixed order. Otherwise, the files/directories are processed in the order they are listed.</para> @@ -170,17 +170,17 @@ <term><varname>v</varname></term> <listitem><para>Create a subvolume if the path does not exist yet and the file system supports this - (btrfs). Otherwise create a normal directory, in the same + (btrfs). Otherwise, create a normal directory, in the same way as <varname>d</varname>. A subvolume created with this line type is not assigned to any higher-level quota - group. For that use <varname>q</varname> or - <varname>Q</varname> which allow creating simple quota group + group. For that, use <varname>q</varname> or + <varname>Q</varname>, which allow creating simple quota group hierarchies, see below.</para></listitem> </varlistentry> <varlistentry> <term><varname>q</varname></term> - <listitem><para>Similar to <varname>v</varname>, however + <listitem><para>Similar to <varname>v</varname>. However, makes sure that the subvolume will be assigned to the same higher-level quota groups as the subvolume it has been created in. This ensures that higher-level limits and @@ -188,7 +188,7 @@ specified subvolume. On non-btrfs file systems, this line type is identical to <varname>d</varname>. If the subvolume already exists and is already assigned to one or more higher - level quota groups no change to the quota hierarchy is + level quota groups, no change to the quota hierarchy is made. Also see <varname>Q</varname> below. See <citerefentry project='die-net'><refentrytitle>btrfs-qgroup</refentrytitle><manvolnum>8</manvolnum></citerefentry> for details about the btrfs quota group @@ -197,7 +197,7 @@ <varlistentry> <term><varname>Q</varname></term> - <listitem><para>Similar to <varname>q</varname>, however + <listitem><para>Similar to <varname>q</varname>. However, instead of copying the higher-level quota group assignments from the parent as-is, the lowest quota group of the parent subvolume is determined that is not the leaf quota @@ -217,7 +217,7 @@ enforce limits and accounting to the specified subvolume and children subvolume created within it. Thus, by creating subvolumes only via <varname>q</varname> and - <varname>Q</varname> a concept of "subtree quotas" is + <varname>Q</varname>, a concept of "subtree quotas" is implemented. Each subvolume for which <varname>Q</varname> is set will get a "subtree" quota group created, and all child subvolumes created within it will be assigned to @@ -387,15 +387,15 @@ <varname>+</varname> (the default one) causes the attribute(s) to be added; <varname>-</varname> causes the attribute(s) to be removed; <varname>=</varname> causes the - attributes to set exactly as the following letters. The + attributes to be set exactly as the following letters. The letters <literal>aAcCdDeijsStTu</literal> select the new attributes for the files, see - <citerefentry><refentrytitle>chattr</refentrytitle> + <citerefentry project='man-pages'><refentrytitle>chattr</refentrytitle> <manvolnum>1</manvolnum></citerefentry> for further information. </para> <para>Passing only <varname>=</varname> as argument resets all the file attributes listed above. It has to be pointed - out that the <varname>=</varname> prefix, limits itself to + out that the <varname>=</varname> prefix limits itself to the attributes corresponding to the letters listed here. All other attributes will be left untouched. Does not follow symlinks.</para> @@ -414,7 +414,7 @@ <term><varname>a</varname></term> <term><varname>a+</varname></term> <listitem><para>Set POSIX ACLs (access control lists). If - suffixed with <varname>+</varname>, specified entries will + suffixed with <varname>+</varname>, the specified entries will be added to the existing set. <command>systemd-tmpfiles</command> will automatically add the required base entries for user and group based on the @@ -537,7 +537,7 @@ <para>The user and group to use for this file or directory. This may either be a numeric user/group ID or a user or group name. If omitted or when set to <literal>-</literal>, the - default 0 (root) is used. For <varname>z</varname>, + default 0 (root) is used. For <varname>z</varname> and <varname>Z</varname> lines, when omitted or when set to <literal>-</literal>, the file ownership will not be modified. These parameters are ignored for <varname>x</varname>, @@ -552,16 +552,16 @@ delete when cleaning. If a file or directory is older than the current time minus the age field, it is deleted. The field format is a series of integers each followed by one of the - following postfixes for the respective time units: + following suffixes for the respective time units: <constant>s</constant>, <constant>m</constant> or <constant>min</constant>, <constant>h</constant>, <constant>d</constant>, <constant>w</constant>, - <constant>ms</constant>, + <constant>ms</constant>, and <constant>us</constant>, - respectively meaning seconds, minutes, hours, days, weeks, - milliseconds, and microseconds. Full names of the time units can + meaning seconds, minutes, hours, days, weeks, + milliseconds, and microseconds, respectively. Full names of the time units can be used too. </para> @@ -590,19 +590,19 @@ <title>Argument</title> <para>For <varname>L</varname> lines determines the destination - path of the symlink. For <varname>c</varname>, - <varname>b</varname> determines the major/minor of the device + path of the symlink. For <varname>c</varname> and + <varname>b</varname>, determines the major/minor of the device node, with major and minor formatted as integers, separated by <literal>:</literal>, e.g. <literal>1:3</literal>. For <varname>f</varname>, <varname>F</varname>, and - <varname>w</varname> may be used to specify a short string that + <varname>w</varname>, the argument may be used to specify a short string that is written to the file, suffixed by a newline. For <varname>C</varname>, specifies the source file or - directory. For <varname>t</varname>, <varname>T</varname> + directory. For <varname>t</varname> and <varname>T</varname>, determines extended attributes to be set. For - <varname>a</varname>, <varname>A</varname> determines ACL - attributes to be set. For <varname>h</varname>, - <varname>H</varname> determines the file attributes to + <varname>a</varname> and <varname>A</varname>, determines ACL + attributes to be set. For <varname>h</varname> and + <varname>H</varname>, determines the file attributes to set. Ignored for all other lines.</para> </refsect2> diff --git a/man/udev.xml b/man/udev.xml index 2e1655bf55..dd5563605c 100644 --- a/man/udev.xml +++ b/man/udev.xml @@ -470,7 +470,7 @@ <term><literal>program</literal></term> <listitem> <para>Execute an external program specified as the assigned - value and if it returns successfully + value and, if it returns successfully, import its output, which must be in environment key format. Path specification, command/argument separation, and quoting work like in <varname>RUN</varname>.</para> @@ -536,7 +536,7 @@ <varlistentry> <term><option>string_escape=<replaceable>none|replace</replaceable></option></term> <listitem> - <para>Usually control and other possibly unsafe characters are replaced + <para>Usually, control and other possibly unsafe characters are replaced in strings used for device naming. The mode of replacement can be specified with this option.</para> </listitem> diff --git a/man/udev_device_get_syspath.xml b/man/udev_device_get_syspath.xml index b3062ae4a8..ca9763fedf 100644 --- a/man/udev_device_get_syspath.xml +++ b/man/udev_device_get_syspath.xml @@ -181,7 +181,7 @@ <function>udev_device_get_parent_with_subsystem_devtype()</function> return a pointer to the parent device. No additional reference to this device is acquired, but the child device owns a reference - to such parent device. On failure, <constant>NULL</constant> + to such a parent device. On failure, <constant>NULL</constant> is returned.</para> <para>On success, <function>udev_device_get_is_initialized()</function> diff --git a/man/udev_device_new_from_syspath.xml b/man/udev_device_new_from_syspath.xml index 9c4ab7a1bf..11db1a0fab 100644 --- a/man/udev_device_new_from_syspath.xml +++ b/man/udev_device_new_from_syspath.xml @@ -127,7 +127,7 @@ <function>udev_device_new_from_subsystem_sysname</function>, and <function>udev_device_new_from_device_id</function> create the device object based on information found in - <filename>/sys</filename> annotated with properties from the udev-internal + <filename>/sys</filename>, annotated with properties from the udev-internal device database. A syspath is any subdirectory of <filename>/sys</filename>, with the restriction that a subdirectory of <filename>/sys/devices</filename> (or a symlink to one) represents a real device and as such must contain @@ -141,7 +141,7 @@ and <citerefentry><refentrytitle>udev_device_get_sysname</refentrytitle><manvolnum>3</manvolnum></citerefentry>) and <function>udev_device_new_from_device_id</function> looks up devices based on the provided - device id which is a special string in one of the following four forms: + device ID, which is a special string in one of the following four forms: <table> <title>Device ID strings</title> diff --git a/man/udev_enumerate_scan_devices.xml b/man/udev_enumerate_scan_devices.xml index 73566f5089..e0b6bfba32 100644 --- a/man/udev_enumerate_scan_devices.xml +++ b/man/udev_enumerate_scan_devices.xml @@ -112,7 +112,7 @@ <constant>NULL</constant> is returned.</para> <para><function>udev_enumerate_get_udev()</function> always - returns a pointer to the udev context that this enumerate + returns a pointer to the udev context that this enumerated object is associated with.</para> </refsect1> diff --git a/man/udev_list_entry.xml b/man/udev_list_entry.xml index 6e033bdc81..a1b531d52a 100644 --- a/man/udev_list_entry.xml +++ b/man/udev_list_entry.xml @@ -104,7 +104,7 @@ <function>udev_list_entry_get_name()</function> and <function>udev_list_entry_get_value()</function> return a pointer to a constant string representing the requested value. - The string is bound to the lifetime of the list-entry itself. + The string is bound to the lifetime of the list entry itself. On failure, <constant>NULL</constant> is returned.</para> </refsect1> diff --git a/man/udevadm.xml b/man/udevadm.xml index 8ef9e23aa2..8c1abd2770 100644 --- a/man/udevadm.xml +++ b/man/udevadm.xml @@ -202,7 +202,7 @@ </varlistentry> </variablelist> - <para>In addition an optional positional argument can be used + <para>In addition, an optional positional argument can be used to specify a device name or a sys path. It must start with <filename>/dev</filename> or <filename>/sys</filename> respectively.</para> @@ -317,7 +317,7 @@ <term><option>--name-match=<replaceable>NAME</replaceable></option></term> <listitem> <para>Trigger events for devices with a matching - device path. This options can be specified multiple + device path. This option can be specified multiple times.</para> </listitem> </varlistentry> @@ -338,7 +338,7 @@ </varlistentry> </variablelist> - <para>In addition optional positional arguments can be used + <para>In addition, optional positional arguments can be used to specify device names or sys paths. They must start with <filename>/dev</filename> or <filename>/sys</filename> respectively.</para> diff --git a/shell-completion/bash/systemctl.in b/shell-completion/bash/systemctl.in index cfe003544d..f9a4f2265e 100644 --- a/shell-completion/bash/systemctl.in +++ b/shell-completion/bash/systemctl.in @@ -161,7 +161,7 @@ _systemctl () { fi local -A VERBS=( - [ALL_UNITS]='is-active is-failed is-enabled status show cat mask preset help list-dependencies edit' + [ALL_UNITS]='is-active is-failed is-enabled status show cat mask preset help list-dependencies edit set-property' [ENABLED_UNITS]='disable' [DISABLED_UNITS]='enable' [REENABLABLE_UNITS]='reenable' diff --git a/src/basic/cpu-set-util.c b/src/basic/cpu-set-util.c index 4950c66767..e2ec4ca83f 100644 --- a/src/basic/cpu-set-util.c +++ b/src/basic/cpu-set-util.c @@ -24,6 +24,7 @@ #include "cpu-set-util.h" #include "extract-word.h" #include "parse-util.h" +#include "string-util.h" #include "util.h" cpu_set_t* cpu_set_malloc(unsigned *ncpus) { diff --git a/src/basic/def.h b/src/basic/def.h index cbef137410..950f693899 100644 --- a/src/basic/def.h +++ b/src/basic/def.h @@ -43,12 +43,6 @@ #define SIGNALS_CRASH_HANDLER SIGSEGV,SIGILL,SIGFPE,SIGBUS,SIGQUIT,SIGABRT #define SIGNALS_IGNORE SIGPIPE -#define DIGITS "0123456789" -#define LOWERCASE_LETTERS "abcdefghijklmnopqrstuvwxyz" -#define UPPERCASE_LETTERS "ABCDEFGHIJKLMNOPQRSTUVWXYZ" -#define LETTERS LOWERCASE_LETTERS UPPERCASE_LETTERS -#define ALPHANUMERICAL LETTERS DIGITS - #define REBOOT_PARAM_FILE "/run/systemd/reboot-param" #ifdef HAVE_SPLIT_USR @@ -81,3 +75,18 @@ #define NOTIFY_FD_MAX 768 #define NOTIFY_BUFFER_MAX PIPE_BUF + +/* Return a nulstr for a standard cascade of configuration directories, + * suitable to pass to conf_files_list_nulstr or config_parse_many. */ +#define CONF_DIRS_NULSTR(n) \ + "/etc/" n ".d\0" \ + "/run/" n ".d\0" \ + "/usr/local/lib/" n ".d\0" \ + "/usr/lib/" n ".d\0" \ + CONF_DIR_SPLIT_USR(n) + +#ifdef HAVE_SPLIT_USR +#define CONF_DIR_SPLIT_USR(n) "/lib/" n ".d\0" +#else +#define CONF_DIR_SPLIT_USR(n) +#endif diff --git a/src/basic/escape.c b/src/basic/escape.c index add0d7795b..4815161b09 100644 --- a/src/basic/escape.c +++ b/src/basic/escape.c @@ -22,6 +22,7 @@ #include "alloc-util.h" #include "escape.h" #include "hexdecoct.h" +#include "string-util.h" #include "utf8.h" #include "util.h" diff --git a/src/basic/extract-word.c b/src/basic/extract-word.c index c0f9394fad..6721b85c0a 100644 --- a/src/basic/extract-word.c +++ b/src/basic/extract-word.c @@ -21,9 +21,10 @@ #include "alloc-util.h" #include "escape.h" +#include "extract-word.h" +#include "string-util.h" #include "utf8.h" #include "util.h" -#include "extract-word.h" int extract_first_word(const char **p, char **ret, const char *separators, ExtractFlags flags) { _cleanup_free_ char *s = NULL; diff --git a/src/basic/glob-util.c b/src/basic/glob-util.c index 112c6392e5..0bfbcb1d37 100644 --- a/src/basic/glob-util.c +++ b/src/basic/glob-util.c @@ -22,6 +22,7 @@ #include <glob.h> #include "glob-util.h" +#include "string-util.h" #include "strv.h" #include "util.h" diff --git a/src/basic/glob-util.h b/src/basic/glob-util.h index 8817df14b4..793adf4a6c 100644 --- a/src/basic/glob-util.h +++ b/src/basic/glob-util.h @@ -24,7 +24,7 @@ #include <string.h> #include "macro.h" -#include "util.h" +#include "string-util.h" int glob_exists(const char *path); int glob_extend(char ***strv, const char *path); diff --git a/src/basic/macro.h b/src/basic/macro.h index daa7c416f7..5088e6720d 100644 --- a/src/basic/macro.h +++ b/src/basic/macro.h @@ -334,21 +334,6 @@ static inline unsigned long ALIGN_POWER2(unsigned long u) { _found; \ }) -/* Return a nulstr for a standard cascade of configuration directories, - * suitable to pass to conf_files_list_nulstr or config_parse_many. */ -#define CONF_DIRS_NULSTR(n) \ - "/etc/" n ".d\0" \ - "/run/" n ".d\0" \ - "/usr/local/lib/" n ".d\0" \ - "/usr/lib/" n ".d\0" \ - CONF_DIR_SPLIT_USR(n) - -#ifdef HAVE_SPLIT_USR -#define CONF_DIR_SPLIT_USR(n) "/lib/" n ".d\0" -#else -#define CONF_DIR_SPLIT_USR(n) -#endif - /* Define C11 thread_local attribute even on older gcc compiler * version */ #ifndef thread_local diff --git a/src/basic/replace-var.c b/src/basic/replace-var.c index 18b49a9227..bf757cbc48 100644 --- a/src/basic/replace-var.c +++ b/src/basic/replace-var.c @@ -23,9 +23,9 @@ #include "alloc-util.h" #include "macro.h" -#include "util.h" #include "replace-var.h" -#include "def.h" +#include "string-util.h" +#include "util.h" /* * Generic infrastructure for replacing @FOO@ style variables in diff --git a/src/basic/string-util.c b/src/basic/string-util.c index c3be576816..6006767daa 100644 --- a/src/basic/string-util.c +++ b/src/basic/string-util.c @@ -21,9 +21,9 @@ #include "alloc-util.h" #include "gunicode.h" +#include "string-util.h" #include "utf8.h" #include "util.h" -#include "string-util.h" int strcmp_ptr(const char *a, const char *b) { diff --git a/src/basic/string-util.h b/src/basic/string-util.h index 15244b8184..54f9d3058c 100644 --- a/src/basic/string-util.h +++ b/src/basic/string-util.h @@ -26,6 +26,18 @@ #include "macro.h" +/* What is interpreted as whitespace? */ +#define WHITESPACE " \t\n\r" +#define NEWLINE "\n\r" +#define QUOTES "\"\'" +#define COMMENTS "#;" +#define GLOB_CHARS "*?[" +#define DIGITS "0123456789" +#define LOWERCASE_LETTERS "abcdefghijklmnopqrstuvwxyz" +#define UPPERCASE_LETTERS "ABCDEFGHIJKLMNOPQRSTUVWXYZ" +#define LETTERS LOWERCASE_LETTERS UPPERCASE_LETTERS +#define ALPHANUMERICAL LETTERS DIGITS + #define streq(a,b) (strcmp((a),(b)) == 0) #define strneq(a, b, n) (strncmp((a), (b), (n)) == 0) #define strcaseeq(a,b) (strcasecmp((a),(b)) == 0) diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c index b96bfcb8ef..3931b03bc2 100644 --- a/src/basic/terminal-util.c +++ b/src/basic/terminal-util.c @@ -420,7 +420,7 @@ int acquire_terminal( assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0); - /* Sometimes it makes sense to ignore TIOCSCTTY + /* Sometimes, it makes sense to ignore TIOCSCTTY * returning EPERM, i.e. when very likely we already * are have this controlling terminal. */ if (r < 0 && r == -EPERM && ignore_tiocstty_eperm) diff --git a/src/basic/time-util.c b/src/basic/time-util.c index 9dc280efc6..e629d91cb2 100644 --- a/src/basic/time-util.c +++ b/src/basic/time-util.c @@ -1122,3 +1122,17 @@ time_t mktime_or_timegm(struct tm *tm, bool utc) { struct tm *localtime_or_gmtime_r(const time_t *t, struct tm *tm, bool utc) { return utc ? gmtime_r(t, tm) : localtime_r(t, tm); } + +unsigned long usec_to_jiffies(usec_t u) { + static thread_local unsigned long hz = 0; + long r; + + if (hz == 0) { + r = sysconf(_SC_CLK_TCK); + + assert(r > 0); + hz = (unsigned long) r; + } + + return DIV_ROUND_UP(u , USEC_PER_SEC / hz); +} diff --git a/src/basic/time-util.h b/src/basic/time-util.h index 417376ea96..925bf18eb2 100644 --- a/src/basic/time-util.h +++ b/src/basic/time-util.h @@ -121,3 +121,5 @@ int get_timezone(char **timezone); time_t mktime_or_timegm(struct tm *tm, bool utc); struct tm *localtime_or_gmtime_r(const time_t *t, struct tm *tm, bool utc); + +unsigned long usec_to_jiffies(usec_t usec); diff --git a/src/basic/unit-name.c b/src/basic/unit-name.c index 0775ae7c14..710421508c 100644 --- a/src/basic/unit-name.c +++ b/src/basic/unit-name.c @@ -655,7 +655,7 @@ static char *do_escape_mangle(const char *f, UnitNameMangle allow_globs, char *t * /blah/blah is converted to blah-blah.mount, anything else is left alone, * except that @suffix is appended if a valid unit suffix is not present. * - * If @allow_globs, globs characters are preserved. Otherwise they are escaped. + * If @allow_globs, globs characters are preserved. Otherwise, they are escaped. */ int unit_name_mangle_with_suffix(const char *name, UnitNameMangle allow_globs, const char *suffix, char **ret) { char *s, *t; diff --git a/src/basic/util.h b/src/basic/util.h index a8fba372d1..d9d2f72b75 100644 --- a/src/basic/util.h +++ b/src/basic/util.h @@ -44,13 +44,6 @@ #include "missing.h" #include "time-util.h" -/* What is interpreted as whitespace? */ -#define WHITESPACE " \t\n\r" -#define NEWLINE "\n\r" -#define QUOTES "\"\'" -#define COMMENTS "#;" -#define GLOB_CHARS "*?[" - size_t page_size(void) _pure_; #define PAGE_ALIGN(l) ALIGN_TO((l), page_size()) diff --git a/src/basic/virt.c b/src/basic/virt.c index fb181e5b55..ff006e96c6 100644 --- a/src/basic/virt.c +++ b/src/basic/virt.c @@ -34,7 +34,7 @@ static int detect_vm_cpuid(void) { - /* Both CPUID and DMI are x86 specific interfaces... */ + /* CPUID is an x86 specific interface. */ #if defined(__i386__) || defined(__x86_64__) static const struct { @@ -144,11 +144,10 @@ static int detect_vm_device_tree(void) { } static int detect_vm_dmi(void) { - - /* Both CPUID and DMI are x86 specific interfaces... */ -#if defined(__i386__) || defined(__x86_64__) +#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) static const char *const dmi_vendors[] = { + "/sys/class/dmi/id/product_name", /* Test this before sys_vendor to detect KVM over QEMU */ "/sys/class/dmi/id/sys_vendor", "/sys/class/dmi/id/board_vendor", "/sys/class/dmi/id/bios_vendor" @@ -158,6 +157,7 @@ static int detect_vm_dmi(void) { const char *vendor; int id; } dmi_vendor_table[] = { + { "KVM", VIRTUALIZATION_KVM }, { "QEMU", VIRTUALIZATION_QEMU }, /* http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1009458 */ { "VMware", VIRTUALIZATION_VMWARE }, @@ -267,12 +267,7 @@ int detect_vm(void) { if (cached_found >= 0) return cached_found; - /* Try xen capabilities file first, if not found try - * high-level hypervisor sysfs file: - * - * https://bugs.freedesktop.org/show_bug.cgi?id=77271 */ - - r = detect_vm_xen(); + r = detect_vm_cpuid(); if (r < 0) return r; if (r != VIRTUALIZATION_NONE) @@ -284,7 +279,14 @@ int detect_vm(void) { if (r != VIRTUALIZATION_NONE) goto finish; - r = detect_vm_cpuid(); + /* x86 xen will most likely be detected by cpuid. If not (most likely + * because we're not an x86 guest), then we should try the xen capabilities + * file next. If that's not found, then we check for the high-level + * hypervisor sysfs file: + * + * https://bugs.freedesktop.org/show_bug.cgi?id=77271 */ + + r = detect_vm_xen(); if (r < 0) return r; if (r != VIRTUALIZATION_NONE) @@ -327,6 +329,7 @@ int detect_container(void) { { "lxc-libvirt", VIRTUALIZATION_LXC_LIBVIRT }, { "systemd-nspawn", VIRTUALIZATION_SYSTEMD_NSPAWN }, { "docker", VIRTUALIZATION_DOCKER }, + { "rkt", VIRTUALIZATION_RKT }, }; static thread_local int cached_found = _VIRTUALIZATION_INVALID; @@ -443,6 +446,7 @@ static const char *const virtualization_table[_VIRTUALIZATION_MAX] = { [VIRTUALIZATION_LXC] = "lxc", [VIRTUALIZATION_OPENVZ] = "openvz", [VIRTUALIZATION_DOCKER] = "docker", + [VIRTUALIZATION_RKT] = "rkt", [VIRTUALIZATION_CONTAINER_OTHER] = "container-other", }; diff --git a/src/basic/virt.h b/src/basic/virt.h index ed83608019..aca961867c 100644 --- a/src/basic/virt.h +++ b/src/basic/virt.h @@ -48,6 +48,7 @@ enum { VIRTUALIZATION_LXC, VIRTUALIZATION_OPENVZ, VIRTUALIZATION_DOCKER, + VIRTUALIZATION_RKT, VIRTUALIZATION_CONTAINER_OTHER, VIRTUALIZATION_CONTAINER_LAST = VIRTUALIZATION_CONTAINER_OTHER, diff --git a/src/binfmt/binfmt.c b/src/binfmt/binfmt.c index 8e63153c92..594c9ebe43 100644 --- a/src/binfmt/binfmt.c +++ b/src/binfmt/binfmt.c @@ -29,6 +29,7 @@ #include "alloc-util.h" #include "conf-files.h" +#include "def.h" #include "fd-util.h" #include "fileio.h" #include "log.h" diff --git a/src/bootchart/bootchart.c b/src/bootchart/bootchart.c index 6723fa5098..852febb225 100644 --- a/src/bootchart/bootchart.c +++ b/src/bootchart/bootchart.c @@ -51,6 +51,7 @@ #include "alloc-util.h" #include "bootchart.h" #include "conf-parser.h" +#include "def.h" #include "fd-util.h" #include "fileio.h" #include "io-util.h" diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4 index c3b48aec4c..5b7954dbf9 100644 --- a/src/core/load-fragment-gperf.gperf.m4 +++ b/src/core/load-fragment-gperf.gperf.m4 @@ -59,18 +59,18 @@ $1.SystemCallArchitectures, config_parse_warn_compat, DISABLED_CO $1.SystemCallErrorNumber, config_parse_warn_compat, DISABLED_CONFIGURATION, 0 $1.RestrictAddressFamilies, config_parse_warn_compat, DISABLED_CONFIGURATION, 0') $1.LimitCPU, config_parse_limit, RLIMIT_CPU, offsetof($1, exec_context.rlimit) -$1.LimitFSIZE, config_parse_limit, RLIMIT_FSIZE, offsetof($1, exec_context.rlimit) -$1.LimitDATA, config_parse_limit, RLIMIT_DATA, offsetof($1, exec_context.rlimit) -$1.LimitSTACK, config_parse_limit, RLIMIT_STACK, offsetof($1, exec_context.rlimit) -$1.LimitCORE, config_parse_limit, RLIMIT_CORE, offsetof($1, exec_context.rlimit) -$1.LimitRSS, config_parse_limit, RLIMIT_RSS, offsetof($1, exec_context.rlimit) +$1.LimitFSIZE, config_parse_bytes_limit, RLIMIT_FSIZE, offsetof($1, exec_context.rlimit) +$1.LimitDATA, config_parse_bytes_limit, RLIMIT_DATA, offsetof($1, exec_context.rlimit) +$1.LimitSTACK, config_parse_bytes_limit, RLIMIT_STACK, offsetof($1, exec_context.rlimit) +$1.LimitCORE, config_parse_bytes_limit, RLIMIT_CORE, offsetof($1, exec_context.rlimit) +$1.LimitRSS, config_parse_bytes_limit, RLIMIT_RSS, offsetof($1, exec_context.rlimit) $1.LimitNOFILE, config_parse_limit, RLIMIT_NOFILE, offsetof($1, exec_context.rlimit) -$1.LimitAS, config_parse_limit, RLIMIT_AS, offsetof($1, exec_context.rlimit) +$1.LimitAS, config_parse_bytes_limit, RLIMIT_AS, offsetof($1, exec_context.rlimit) $1.LimitNPROC, config_parse_limit, RLIMIT_NPROC, offsetof($1, exec_context.rlimit) -$1.LimitMEMLOCK, config_parse_limit, RLIMIT_MEMLOCK, offsetof($1, exec_context.rlimit) +$1.LimitMEMLOCK, config_parse_bytes_limit, RLIMIT_MEMLOCK, offsetof($1, exec_context.rlimit) $1.LimitLOCKS, config_parse_limit, RLIMIT_LOCKS, offsetof($1, exec_context.rlimit) $1.LimitSIGPENDING, config_parse_limit, RLIMIT_SIGPENDING, offsetof($1, exec_context.rlimit) -$1.LimitMSGQUEUE, config_parse_limit, RLIMIT_MSGQUEUE, offsetof($1, exec_context.rlimit) +$1.LimitMSGQUEUE, config_parse_bytes_limit, RLIMIT_MSGQUEUE, offsetof($1, exec_context.rlimit) $1.LimitNICE, config_parse_limit, RLIMIT_NICE, offsetof($1, exec_context.rlimit) $1.LimitRTPRIO, config_parse_limit, RLIMIT_RTPRIO, offsetof($1, exec_context.rlimit) $1.LimitRTTIME, config_parse_limit, RLIMIT_RTTIME, offsetof($1, exec_context.rlimit) diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c index a30cd0967d..7f12f26b08 100644 --- a/src/core/load-fragment.c +++ b/src/core/load-fragment.c @@ -1082,6 +1082,49 @@ int config_parse_limit(const char *unit, return 0; } +int config_parse_bytes_limit(const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { + + struct rlimit **rl = data; + uint64_t bytes; + + assert(filename); + assert(lvalue); + assert(rvalue); + assert(data); + + rl += ltype; + + if (streq(rvalue, "infinity")) + bytes = (uint64_t) RLIM_INFINITY; + else { + int r; + + r = parse_size(rvalue, 1024, &bytes); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse resource value, ignoring: %s", rvalue); + return 0; + } + } + + if (!*rl) { + *rl = new(struct rlimit, 1); + if (!*rl) + return log_oom(); + } + + (*rl)->rlim_cur = (*rl)->rlim_max = (rlim_t) bytes; + return 0; +} + #ifdef HAVE_SYSV_COMPAT int config_parse_sysv_priority(const char *unit, const char *filename, @@ -1582,8 +1625,7 @@ int config_parse_service_sockets( void *userdata) { Service *s = data; - const char *word, *state; - size_t l; + const char *p; int r; assert(filename); @@ -1591,14 +1633,21 @@ int config_parse_service_sockets( assert(rvalue); assert(data); - FOREACH_WORD_QUOTED(word, l, rvalue, state) { - _cleanup_free_ char *t = NULL, *k = NULL; + p = rvalue; + for(;;) { + _cleanup_free_ char *word = NULL, *k = NULL; - t = strndup(word, l); - if (!t) + r = extract_first_word(&p, &word, NULL, 0); + if (r == 0) + break; + if (r == -ENOMEM) return log_oom(); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue); + break; + } - r = unit_name_printf(UNIT(s), t, &k); + r = unit_name_printf(UNIT(s), word, &k); if (r < 0) { log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %m"); continue; @@ -1617,8 +1666,6 @@ int config_parse_service_sockets( if (r < 0) log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k); } - if (!isempty(state)) - log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring."); return 0; } @@ -3232,12 +3279,14 @@ int config_parse_namespace_path_strv( int offset; r = extract_first_word(&cur, &word, NULL, EXTRACT_QUOTES); + if (r == 0) + break; + if (r == -ENOMEM) + return log_oom(); if (r < 0) { - log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring: %s", prev); + log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage, ignoring: %s", prev); return 0; } - if (r == 0) - break; if (!utf8_is_valid(word)) { log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, word); diff --git a/src/core/load-fragment.h b/src/core/load-fragment.h index 8661cbfedc..029775bb46 100644 --- a/src/core/load-fragment.h +++ b/src/core/load-fragment.h @@ -56,6 +56,7 @@ int config_parse_exec_capabilities(const char *unit, const char *filename, unsig int config_parse_exec_secure_bits(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); int config_parse_bounding_set(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); int config_parse_limit(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); +int config_parse_bytes_limit(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); int config_parse_sysv_priority(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); int config_parse_kill_signal(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); int config_parse_exec_mount_flags(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); diff --git a/src/core/main.c b/src/core/main.c index ea4fd0589d..950315e857 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -658,18 +658,18 @@ static int parse_config_file(void) { { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst }, { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment }, { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU] }, - { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE] }, - { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA] }, - { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK] }, - { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE] }, - { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS] }, + { "Manager", "DefaultLimitFSIZE", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE] }, + { "Manager", "DefaultLimitDATA", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_DATA] }, + { "Manager", "DefaultLimitSTACK", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_STACK] }, + { "Manager", "DefaultLimitCORE", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_CORE] }, + { "Manager", "DefaultLimitRSS", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_RSS] }, { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE] }, - { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS] }, + { "Manager", "DefaultLimitAS", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_AS] }, { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC] }, - { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK] }, + { "Manager", "DefaultLimitMEMLOCK", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK] }, { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS] }, { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING] }, - { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE] }, + { "Manager", "DefaultLimitMSGQUEUE", config_parse_bytes_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE] }, { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE] }, { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO] }, { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME] }, @@ -1209,7 +1209,7 @@ static int write_container_id(void) { r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE); if (r < 0) - return log_warning_errno(r, "Failed to write /run/systed/container, ignoring: %m"); + return log_warning_errno(r, "Failed to write /run/systemd/container, ignoring: %m"); return 1; } diff --git a/src/core/swap.c b/src/core/swap.c index f626ea4d87..baaa27b6a3 100644 --- a/src/core/swap.c +++ b/src/core/swap.c @@ -1206,7 +1206,7 @@ static Unit *swap_following(Unit *u) { if (other->from_fragment) return UNIT(other); - /* Otherwise make everybody follow the unit that's named after + /* Otherwise, make everybody follow the unit that's named after * the swap device in the kernel */ if (streq_ptr(s->what, s->devnode)) diff --git a/src/core/timer.c b/src/core/timer.c index cc2afedabf..c9dc97d4fb 100644 --- a/src/core/timer.c +++ b/src/core/timer.c @@ -34,6 +34,7 @@ #include "unit-name.h" #include "unit.h" #include "user-util.h" +#include "virt.h" static const UnitActiveState state_translation_table[_TIMER_STATE_MAX] = { [TIMER_DEAD] = UNIT_INACTIVE, @@ -359,10 +360,14 @@ static void timer_enter_waiting(Timer *t, bool initial) { break; case TIMER_BOOT: - /* CLOCK_MONOTONIC equals the uptime on Linux */ - base = 0; - break; - + if (detect_container() <= 0) { + /* CLOCK_MONOTONIC equals the uptime on Linux */ + base = 0; + break; + } + /* In a container we don't want to include the time the host + * was already up when the container started, so count from + * our own startup. Fall through. */ case TIMER_STARTUP: base = UNIT(t)->manager->userspace_timestamp.monotonic; break; diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c index dc69bb8679..6326f902e8 100644 --- a/src/journal-remote/journal-remote.c +++ b/src/journal-remote/journal-remote.c @@ -37,6 +37,7 @@ #include "alloc-util.h" #include "conf-parser.h" +#include "def.h" #include "escape.h" #include "fd-util.h" #include "fileio.h" diff --git a/src/journal-remote/journal-upload.c b/src/journal-remote/journal-upload.c index 7d274d2fc9..42d14dc7c4 100644 --- a/src/journal-remote/journal-upload.c +++ b/src/journal-remote/journal-upload.c @@ -29,6 +29,7 @@ #include "alloc-util.h" #include "conf-parser.h" +#include "def.h" #include "fd-util.h" #include "fileio.h" #include "formats-util.h" diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c index e00a0d711d..f9ff9545dd 100644 --- a/src/journal/journal-file.c +++ b/src/journal/journal-file.c @@ -48,7 +48,7 @@ #define COMPRESSION_SIZE_THRESHOLD (512ULL) /* This is the minimum journal file size */ -#define JOURNAL_FILE_SIZE_MIN (4ULL*1024ULL*1024ULL) /* 4 MiB */ +#define JOURNAL_FILE_SIZE_MIN (512ULL*1024ULL) /* 512 KiB */ /* These are the lower and upper bounds if we deduce the max_use value * from the file system size */ diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c index 299b0a848f..3fd25d1af4 100644 --- a/src/journal/journald-server.c +++ b/src/journal/journald-server.c @@ -1473,10 +1473,10 @@ static int dispatch_notify_event(sd_event_source *es, int fd, uint32_t revents, } /* The $NOTIFY_SOCKET is writable again, now send exactly one - * message on it. Either it's the initial READY=1 event or an - * stdout stream event. If there's nothing to write anymore, - * turn our event source off. The next time there's something - * to send it will be turned on again. */ + * message on it. Either it's the wtachdog event, the initial + * READY=1 event or an stdout stream event. If there's nothing + * to write anymore, turn our event source off. The next time + * there's something to send it will be turned on again. */ if (!s->sent_notify_ready) { static const char p[] = @@ -1495,12 +1495,30 @@ static int dispatch_notify_event(sd_event_source *es, int fd, uint32_t revents, s->sent_notify_ready = true; log_debug("Sent READY=1 notification."); + } else if (s->send_watchdog) { + + static const char p[] = + "WATCHDOG=1"; + + ssize_t l; + + l = send(s->notify_fd, p, strlen(p), MSG_DONTWAIT); + if (l < 0) { + if (errno == EAGAIN) + return 0; + + return log_error_errno(errno, "Failed to send WATCHDOG=1 notification message: %m"); + } + + s->send_watchdog = false; + log_debug("Sent WATCHDOG=1 notification."); + } else if (s->stdout_streams_notify_queue) /* Dispatch one stream notification event */ stdout_stream_send_notify(s->stdout_streams_notify_queue); /* Leave us enabled if there's still more to to do. */ - if (s->stdout_streams_notify_queue) + if (s->send_watchdog || s->stdout_streams_notify_queue) return 0; /* There was nothing to do anymore, let's turn ourselves off. */ @@ -1511,6 +1529,29 @@ static int dispatch_notify_event(sd_event_source *es, int fd, uint32_t revents, return 0; } +static int dispatch_watchdog(sd_event_source *es, uint64_t usec, void *userdata) { + Server *s = userdata; + int r; + + assert(s); + + s->send_watchdog = true; + + r = sd_event_source_set_enabled(s->notify_event_source, SD_EVENT_ON); + if (r < 0) + log_warning_errno(r, "Failed to turn on notify event source: %m"); + + r = sd_event_source_set_time(s->watchdog_event_source, usec + s->watchdog_usec / 2); + if (r < 0) + return log_error_errno(r, "Failed to restart watchdog event source: %m"); + + r = sd_event_source_set_enabled(s->watchdog_event_source, SD_EVENT_ON); + if (r < 0) + return log_error_errno(r, "Failed to enable watchdog event source: %m"); + + return 0; +} + static int server_connect_notify(Server *s) { union sockaddr_union sa = { .un.sun_family = AF_UNIX, @@ -1573,6 +1614,14 @@ static int server_connect_notify(Server *s) { if (r < 0) return log_error_errno(r, "Failed to watch notification socket: %m"); + if (sd_watchdog_enabled(false, &s->watchdog_usec) > 0) { + s->send_watchdog = true; + + r = sd_event_add_time(s->event, &s->watchdog_event_source, CLOCK_MONOTONIC, now(CLOCK_MONOTONIC) + s->watchdog_usec/2, s->watchdog_usec*3/4, dispatch_watchdog, s); + if (r < 0) + return log_error_errno(r, "Failed to add watchdog time event: %m"); + } + /* This should fire pretty soon, which we'll use to send the * READY=1 event. */ @@ -1591,6 +1640,8 @@ int server_init(Server *s) { s->compress = true; s->seal = true; + s->watchdog_usec = USEC_INFINITY; + s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC; s->sync_scheduled = false; @@ -1808,6 +1859,7 @@ void server_done(Server *s) { sd_event_source_unref(s->sigint_event_source); sd_event_source_unref(s->hostname_event_source); sd_event_source_unref(s->notify_event_source); + sd_event_source_unref(s->watchdog_event_source); sd_event_unref(s->event); safe_close(s->syslog_fd); diff --git a/src/journal/journald-server.h b/src/journal/journald-server.h index 170602ea16..03a61bd2ed 100644 --- a/src/journal/journald-server.h +++ b/src/journal/journald-server.h @@ -74,6 +74,7 @@ struct Server { sd_event_source *sigint_event_source; sd_event_source *hostname_event_source; sd_event_source *notify_event_source; + sd_event_source *watchdog_event_source; JournalFile *runtime_journal; JournalFile *system_journal; @@ -130,14 +131,14 @@ struct Server { MMapCache *mmap; - bool dev_kmsg_readable; + struct udev *udev; uint64_t *kernel_seqnum; + bool dev_kmsg_readable:1; - struct udev *udev; - - bool sent_notify_ready; - bool sync_scheduled; + bool send_watchdog:1; + bool sent_notify_ready:1; + bool sync_scheduled:1; char machine_id_field[sizeof("_MACHINE_ID=") + 32]; char boot_id_field[sizeof("_BOOT_ID=") + 32]; @@ -145,6 +146,8 @@ struct Server { /* Cached cgroup root, so that we don't have to query that all the time */ char *cgroup_root; + + usec_t watchdog_usec; }; #define SERVER_MACHINE_ID(s) ((s)->machine_id_field + strlen("_MACHINE_ID=")) diff --git a/src/libsystemd-network/dhcp6-option.c b/src/libsystemd-network/dhcp6-option.c index 076bb2dac0..0f46df6a1b 100644 --- a/src/libsystemd-network/dhcp6-option.c +++ b/src/libsystemd-network/dhcp6-option.c @@ -344,7 +344,7 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char * int r; assert_return(optlen > 1, -ENODATA); - assert_return(optval[optlen] == '\0', -EINVAL); + assert_return(optval[optlen - 1] == '\0', -EINVAL); while (pos < optlen) { _cleanup_free_ char *ret = NULL; diff --git a/src/libsystemd-network/lldp-tlv.c b/src/libsystemd-network/lldp-tlv.c index 0851957ab4..a539b5dfea 100644 --- a/src/libsystemd-network/lldp-tlv.c +++ b/src/libsystemd-network/lldp-tlv.c @@ -278,7 +278,7 @@ int tlv_packet_parse_pdu(tlv_packet *m, uint16_t size) { p = m->pdu; - /* extract ethernet header */ + /* extract Ethernet header */ memcpy(&m->mac, p, ETH_ALEN); p += sizeof(struct ether_header); diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c index 57fc8216c3..137537253a 100644 --- a/src/libsystemd-network/sd-dhcp-client.c +++ b/src/libsystemd-network/sd-dhcp-client.c @@ -1517,7 +1517,7 @@ static int client_receive_message_udp(sd_event_source *s, int fd, expected_hlen = ETH_ALEN; expected_chaddr = (const struct ether_addr *) &client->mac_addr; } else { - /* Non-ethernet links expect zero chaddr */ + /* Non-Ethernet links expect zero chaddr */ expected_hlen = 0; expected_chaddr = &zero_mac; } diff --git a/src/libsystemd-network/sd-dhcp-lease.c b/src/libsystemd-network/sd-dhcp-lease.c index c850538d74..42dd15fc15 100644 --- a/src/libsystemd-network/sd-dhcp-lease.c +++ b/src/libsystemd-network/sd-dhcp-lease.c @@ -32,11 +32,12 @@ #include "dns-domain.h" #include "fd-util.h" #include "fileio.h" +#include "hexdecoct.h" #include "hostname-util.h" #include "in-addr-util.h" #include "network-internal.h" -#include "hexdecoct.h" #include "parse-util.h" +#include "string-util.h" #include "unaligned.h" int sd_dhcp_lease_get_address(sd_dhcp_lease *lease, struct in_addr *addr) { diff --git a/src/libsystemd-network/sd-pppoe.c b/src/libsystemd-network/sd-pppoe.c deleted file mode 100644 index 045decc46c..0000000000 --- a/src/libsystemd-network/sd-pppoe.c +++ /dev/null @@ -1,813 +0,0 @@ -/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ - -/*** - This file is part of systemd. - - Copyright (C) 2014 Tom Gundersen - - systemd is free software; you can redistribute it and/or modify it - under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - systemd is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with systemd; If not, see <http://www.gnu.org/licenses/>. -***/ - -/* See RFC 2516 */ - -#include <net/if.h> -#include <netinet/in.h> -#include <sys/ioctl.h> -#include <linux/if_pppox.h> -#include <linux/ppp_defs.h> -#include <linux/ppp-ioctl.h> - -#include "sd-pppoe.h" - -#include "alloc-util.h" -#include "async.h" -#include "event-util.h" -#include "fd-util.h" -#include "random-util.h" -#include "socket-util.h" -#include "sparse-endian.h" -#include "string-util.h" -#include "utf8.h" -#include "util.h" - -#define PPPOE_MAX_PACKET_SIZE 1484 -#define PPPOE_MAX_PADR_RESEND 16 - -/* TODO: move this to socket-util.h without getting into - * a mess with the includes */ -union sockaddr_union_pppox { - struct sockaddr sa; - struct sockaddr_pppox pppox; -}; - -typedef enum PPPoEState { - PPPOE_STATE_INITIALIZING, - PPPOE_STATE_REQUESTING, - PPPOE_STATE_RUNNING, - PPPOE_STATE_STOPPED, - _PPPOE_STATE_MAX, - _PPPOE_STATE_INVALID = -1, -} PPPoEState; - -typedef struct PPPoETags { - char *service_name; - char *ac_name; - uint8_t *host_uniq; - size_t host_uniq_len; - uint8_t *cookie; - size_t cookie_len; -} PPPoETags; - -struct sd_pppoe { - unsigned n_ref; - - PPPoEState state; - uint64_t host_uniq; - - int ifindex; - char *ifname; - - sd_event *event; - int event_priority; - int fd; - sd_event_source *io; - sd_event_source *timeout; - int padr_resend_count; - - char *service_name; - struct ether_addr peer_mac; - be16_t session_id; - - int pppoe_fd; - int channel; - - sd_pppoe_cb_t cb; - void *userdata; - - PPPoETags tags; -}; - -#define PPPOE_PACKET_LENGTH(header) \ - be16toh((header)->length) - -#define PPPOE_PACKET_TAIL(packet) \ - (struct pppoe_tag*)((uint8_t*)(packet) + sizeof(struct pppoe_hdr) + PPPOE_PACKET_LENGTH(packet)) - -#define PPPOE_TAG_LENGTH(tag) \ - be16toh((tag)->tag_len) - -#define PPPOE_TAG_TYPE(tag) \ - (tag)->tag_type - -#define PPPOE_TAG_NEXT(tag) \ - (struct pppoe_tag *)((uint8_t *)(tag) + sizeof(struct pppoe_tag) + PPPOE_TAG_LENGTH(tag)) - -#define PPPOE_TAGS_FOREACH(tag, header) \ - for (tag = (header)->tag; \ - ((uint8_t *)(tag) + sizeof(struct pppoe_tag) < (uint8_t*)PPPOE_PACKET_TAIL(header)) && \ - (PPPOE_TAG_NEXT(tag) <= PPPOE_PACKET_TAIL(header)) && \ - (tag >= (header)->tag) && \ - (PPPOE_TAG_TYPE(tag) != PTT_EOL); \ - tag = PPPOE_TAG_NEXT(tag)) - -static void pppoe_tags_clear(PPPoETags *tags) { - free(tags->service_name); - free(tags->ac_name); - free(tags->host_uniq); - free(tags->cookie); - - zero(*tags); -} - -int sd_pppoe_set_ifindex(sd_pppoe *ppp, int ifindex) { - assert_return(ppp, -EINVAL); - assert_return(ifindex > 0, -EINVAL); - - ppp->ifindex = ifindex; - - return 0; -} - -int sd_pppoe_set_ifname(sd_pppoe *ppp, const char *ifname) { - char *name; - - assert_return(ppp, -EINVAL); - assert_return(ifname, -EINVAL); - - if (strlen(ifname) > IFNAMSIZ) - return -EINVAL; - - name = strdup(ifname); - if (!name) - return -ENOMEM; - - free(ppp->ifname); - ppp->ifname = name; - - return 0; -} - -int sd_pppoe_set_service_name(sd_pppoe *ppp, const char *service_name) { - _cleanup_free_ char *name = NULL; - - assert_return(ppp, -EINVAL); - - if (service_name) { - name = strdup(service_name); - if (!name) - return -ENOMEM; - } - - free(ppp->service_name); - ppp->service_name = name; - name = NULL; - - return 0; -} - -int sd_pppoe_attach_event(sd_pppoe *ppp, sd_event *event, int priority) { - int r; - - assert_return(ppp, -EINVAL); - assert_return(!ppp->event, -EBUSY); - - if (event) - ppp->event = sd_event_ref(event); - else { - r = sd_event_default(&ppp->event); - if (r < 0) - return r; - } - - ppp->event_priority = priority; - - return 0; -} - -int sd_pppoe_detach_event(sd_pppoe *ppp) { - assert_return(ppp, -EINVAL); - - ppp->event = sd_event_unref(ppp->event); - - return 0; -} - -sd_pppoe *sd_pppoe_ref(sd_pppoe *ppp) { - - if (!ppp) - return NULL; - - assert(ppp->n_ref > 0); - ppp->n_ref++; - - return ppp; -} - -sd_pppoe *sd_pppoe_unref(sd_pppoe *ppp) { - - if (!ppp) - return NULL; - - assert(ppp->n_ref > 0); - ppp->n_ref--; - - if (ppp->n_ref > 0) - return NULL; - - pppoe_tags_clear(&ppp->tags); - free(ppp->ifname); - free(ppp->service_name); - sd_pppoe_stop(ppp); - sd_pppoe_detach_event(ppp); - - free(ppp); - return NULL; -} - -int sd_pppoe_new (sd_pppoe **ret) { - sd_pppoe *ppp; - - assert_return(ret, -EINVAL); - - ppp = new0(sd_pppoe, 1); - if (!ppp) - return -ENOMEM; - - ppp->n_ref = 1; - ppp->state = _PPPOE_STATE_INVALID; - ppp->ifindex = -1; - ppp->fd = -1; - ppp->pppoe_fd = -1; - ppp->padr_resend_count = PPPOE_MAX_PADR_RESEND; - - *ret = ppp; - - return 0; -} - -int sd_pppoe_get_channel(sd_pppoe *ppp, int *channel) { - assert_return(ppp, -EINVAL); - assert_return(channel, -EINVAL); - assert_return(ppp->pppoe_fd != -1, -EUNATCH); - assert_return(ppp->state == PPPOE_STATE_RUNNING, -EUNATCH); - - *channel = ppp->channel; - - return 0; -} - -int sd_pppoe_set_callback(sd_pppoe *ppp, sd_pppoe_cb_t cb, void *userdata) { - assert_return(ppp, -EINVAL); - - ppp->cb = cb; - ppp->userdata = userdata; - - return 0; -} - -static void pppoe_tag_append(struct pppoe_hdr *packet, size_t packet_size, be16_t tag_type, const void *tag_data, uint16_t tag_len) { - struct pppoe_tag *tag; - - assert(packet); - assert(sizeof(struct pppoe_hdr) + PPPOE_PACKET_LENGTH(packet) + sizeof(struct pppoe_tag) + tag_len <= packet_size); - assert(!(!tag_data ^ !tag_len)); - - tag = PPPOE_PACKET_TAIL(packet); - - tag->tag_len = htobe16(tag_len); - tag->tag_type = tag_type; - if (tag_data) - memcpy(tag->tag_data, tag_data, tag_len); - - packet->length = htobe16(PPPOE_PACKET_LENGTH(packet) + sizeof(struct pppoe_tag) + tag_len); -} - -static int pppoe_send(sd_pppoe *ppp, uint8_t code) { - union sockaddr_union link = { - .ll = { - .sll_family = AF_PACKET, - .sll_protocol = htons(ETH_P_PPP_DISC), - .sll_halen = ETH_ALEN, - }, - }; - _cleanup_free_ struct pppoe_hdr *packet = NULL; - int r; - - assert(ppp); - assert(ppp->fd != -1); - assert(IN_SET(code, PADI_CODE, PADR_CODE, PADT_CODE)); - - link.ll.sll_ifindex = ppp->ifindex; - if (code == PADI_CODE) - memset(&link.ll.sll_addr, 0xff, ETH_ALEN); - else - memcpy(&link.ll.sll_addr, &ppp->peer_mac, ETH_ALEN); - - packet = malloc0(PPPOE_MAX_PACKET_SIZE); - if (!packet) - return -ENOMEM; - - packet->ver = 0x1; - packet->type = 0x1; - packet->code = code; - if (code == PADT_CODE) - packet->sid = ppp->session_id; - - /* Service-Name */ - pppoe_tag_append(packet, PPPOE_MAX_PACKET_SIZE, PTT_SRV_NAME, - ppp->service_name, ppp->service_name ? strlen(ppp->service_name) : 0); - - /* AC-Cookie */ - if (code == PADR_CODE && ppp->tags.cookie) - pppoe_tag_append(packet, PPPOE_MAX_PACKET_SIZE, PTT_AC_COOKIE, - ppp->tags.cookie, ppp->tags.cookie_len); - - /* Host-Uniq */ - if (code != PADT_CODE) { - ppp->host_uniq = random_u64(); - - pppoe_tag_append(packet, PPPOE_MAX_PACKET_SIZE, PTT_HOST_UNIQ, - &ppp->host_uniq, sizeof(ppp->host_uniq)); - } - - r = sendto(ppp->fd, packet, sizeof(struct pppoe_hdr) + PPPOE_PACKET_LENGTH(packet), - 0, &link.sa, sizeof(link.ll)); - if (r < 0) - return -errno; - - return 0; -} - -static int pppoe_timeout(sd_event_source *s, uint64_t usec, void *userdata); - -static int pppoe_arm_timeout(sd_pppoe *ppp) { - _cleanup_event_source_unref_ sd_event_source *timeout = NULL; - usec_t next_timeout = 0; - int r; - - assert(ppp); - - r = sd_event_now(ppp->event, clock_boottime_or_monotonic(), &next_timeout); - if (r < 0) - return r; - - next_timeout += 500 * USEC_PER_MSEC; - - r = sd_event_add_time(ppp->event, &timeout, clock_boottime_or_monotonic(), next_timeout, - 10 * USEC_PER_MSEC, pppoe_timeout, ppp); - if (r < 0) - return r; - - r = sd_event_source_set_priority(timeout, ppp->event_priority); - if (r < 0) - return r; - - sd_event_source_unref(ppp->timeout); - ppp->timeout = timeout; - timeout = NULL; - - return 0; -} - -static int pppoe_send_initiation(sd_pppoe *ppp) { - int r; - - r = pppoe_send(ppp, PADI_CODE); - if (r < 0) - return r; - - log_debug("PPPoE: sent DISCOVER (Service-Name: %s)", - strna(ppp->service_name)); - - pppoe_arm_timeout(ppp); - - return r; -} - -static int pppoe_send_request(sd_pppoe *ppp) { - int r; - - r = pppoe_send(ppp, PADR_CODE); - if (r < 0) - return r; - - log_debug("PPPoE: sent REQUEST"); - - ppp->padr_resend_count --; - - pppoe_arm_timeout(ppp); - - return 0; -} - -static int pppoe_send_terminate(sd_pppoe *ppp) { - int r; - - r = pppoe_send(ppp, PADT_CODE); - if (r < 0) - return r; - - log_debug("PPPoE: sent TERMINATE"); - - return 0; -} - -static int pppoe_timeout(sd_event_source *s, uint64_t usec, void *userdata) { - sd_pppoe *ppp = userdata; - int r; - - assert(ppp); - - switch (ppp->state) { - case PPPOE_STATE_INITIALIZING: - r = pppoe_send_initiation(ppp); - if (r < 0) - log_warning_errno(r, "PPPoE: sending PADI failed: %m"); - - break; - case PPPOE_STATE_REQUESTING: - if (ppp->padr_resend_count <= 0) { - log_debug("PPPoE: PADR timed out, restarting PADI"); - - r = pppoe_send_initiation(ppp); - if (r < 0) - log_warning_errno(r, "PPPoE: sending PADI failed: %m"); - - ppp->padr_resend_count = PPPOE_MAX_PADR_RESEND; - ppp->state = PPPOE_STATE_INITIALIZING; - } else { - r = pppoe_send_request(ppp); - if (r < 0) - log_warning_errno(r, "PPPoE: sending PADR failed: %m"); - } - - break; - default: - assert_not_reached("timeout in invalid state"); - } - - return 0; -} - -static int pppoe_tag_parse_binary(struct pppoe_tag *tag, uint8_t **ret, size_t *length) { - uint8_t *data; - - assert(ret); - assert(length); - - data = memdup(tag->tag_data, PPPOE_TAG_LENGTH(tag)); - if (!data) - return -ENOMEM; - - free(*ret); - *ret = data; - *length = PPPOE_TAG_LENGTH(tag); - - return 0; -} - -static int pppoe_tag_parse_string(struct pppoe_tag *tag, char **ret) { - char *string; - - assert(ret); - - string = strndup(tag->tag_data, PPPOE_TAG_LENGTH(tag)); - if (!string) - return -ENOMEM; - - free(*ret); - *ret = string; - - return 0; -} - -static int pppoe_payload_parse(PPPoETags *tags, struct pppoe_hdr *header) { - struct pppoe_tag *tag; - int r; - - assert(tags); - - pppoe_tags_clear(tags); - - PPPOE_TAGS_FOREACH(tag, header) { - switch (PPPOE_TAG_TYPE(tag)) { - case PTT_SRV_NAME: - r = pppoe_tag_parse_string(tag, &tags->service_name); - if (r < 0) - return r; - - break; - case PTT_AC_NAME: - r = pppoe_tag_parse_string(tag, &tags->ac_name); - if (r < 0) - return r; - - break; - case PTT_HOST_UNIQ: - r = pppoe_tag_parse_binary(tag, &tags->host_uniq, &tags->host_uniq_len); - if (r < 0) - return r; - - break; - case PTT_AC_COOKIE: - r = pppoe_tag_parse_binary(tag, &tags->cookie, &tags->cookie_len); - if (r < 0) - return r; - - break; - case PTT_SRV_ERR: - case PTT_SYS_ERR: - case PTT_GEN_ERR: - { - _cleanup_free_ char *error = NULL; - - /* TODO: do something more sensible with the error messages */ - r = pppoe_tag_parse_string(tag, &error); - if (r < 0) - return r; - - if (strlen(error) > 0 && utf8_is_valid(error)) - log_debug("PPPoE: error - '%s'", error); - else - log_debug("PPPoE: error"); - - break; - } - default: - log_debug("PPPoE: ignoring unknown PPPoE tag type: 0x%.2x", PPPOE_TAG_TYPE(tag)); - } - } - - return 0; -} - -static int pppoe_open_pppoe_socket(sd_pppoe *ppp) { - int s; - - assert(ppp); - assert(ppp->pppoe_fd == -1); - - s = socket(AF_PPPOX, SOCK_STREAM, 0); - if (s < 0) - return -errno; - - ppp->pppoe_fd = s; - - return 0; -} - -static int pppoe_connect_pppoe_socket(sd_pppoe *ppp) { - union sockaddr_union_pppox link = { - .pppox = { - .sa_family = AF_PPPOX, - .sa_protocol = PX_PROTO_OE, - }, - }; - int r, channel; - - assert(ppp); - assert(ppp->pppoe_fd != -1); - assert(ppp->session_id); - assert(ppp->ifname); - - link.pppox.sa_addr.pppoe.sid = ppp->session_id; - memcpy(link.pppox.sa_addr.pppoe.dev, ppp->ifname, strlen(ppp->ifname)); - memcpy(link.pppox.sa_addr.pppoe.remote, &ppp->peer_mac, ETH_ALEN); - - r = connect(ppp->pppoe_fd, &link.sa, sizeof(link.pppox)); - if (r < 0) - return r; - - r = ioctl(ppp->pppoe_fd, PPPIOCGCHAN, &channel); - if (r < 0) - return -errno; - - ppp->channel = channel; - - return 0; -} - -static int pppoe_handle_message(sd_pppoe *ppp, struct pppoe_hdr *packet, struct ether_addr *mac) { - int r; - - assert(packet); - - if (packet->ver != 0x1 || packet->type != 0x1) - return 0; - - r = pppoe_payload_parse(&ppp->tags, packet); - if (r < 0) - return 0; - - switch (ppp->state) { - case PPPOE_STATE_INITIALIZING: - if (packet->code != PADO_CODE) - return 0; - - if (ppp->tags.host_uniq_len != sizeof(ppp->host_uniq) || - memcmp(ppp->tags.host_uniq, &ppp->host_uniq, sizeof(ppp->host_uniq)) != 0) - return 0; - - log_debug("PPPoE: got OFFER (Peer: " - "%02hhx:%02hhx:%02hhx:%02hhx:%02hhx:%02hhx; " - "Service-Name: '%s'; AC-Name: '%s')", - mac->ether_addr_octet[0], - mac->ether_addr_octet[1], - mac->ether_addr_octet[2], - mac->ether_addr_octet[3], - mac->ether_addr_octet[4], - mac->ether_addr_octet[5], - strempty(ppp->tags.service_name), - strempty(ppp->tags.ac_name)); - - memcpy(&ppp->peer_mac, mac, ETH_ALEN); - - r = pppoe_open_pppoe_socket(ppp); - if (r < 0) { - log_warning("PPPoE: could not open socket"); - return r; - } - - r = pppoe_send_request(ppp); - if (r < 0) - return 0; - - ppp->state = PPPOE_STATE_REQUESTING; - - break; - case PPPOE_STATE_REQUESTING: - if (packet->code != PADS_CODE) - return 0; - - if (ppp->tags.host_uniq_len != sizeof(ppp->host_uniq) || - memcmp(ppp->tags.host_uniq, &ppp->host_uniq, - sizeof(ppp->host_uniq)) != 0) - return 0; - - if (memcmp(&ppp->peer_mac, mac, ETH_ALEN) != 0) - return 0; - - ppp->session_id = packet->sid; - - log_debug("PPPoE: got CONFIRMATION (Session ID: %"PRIu16")", - be16toh(ppp->session_id)); - - r = pppoe_connect_pppoe_socket(ppp); - if (r < 0) { - log_warning("PPPoE: could not connect socket"); - return r; - } - - ppp->state = PPPOE_STATE_RUNNING; - - ppp->timeout = sd_event_source_unref(ppp->timeout); - assert(ppp->cb); - ppp->cb(ppp, SD_PPPOE_EVENT_RUNNING, ppp->userdata); - - break; - case PPPOE_STATE_RUNNING: - if (packet->code != PADT_CODE) - return 0; - - if (memcmp(&ppp->peer_mac, mac, ETH_ALEN) != 0) - return 0; - - if (ppp->session_id != packet->sid) - return 0; - - log_debug("PPPoE: got TERMINATE"); - - ppp->state = PPPOE_STATE_STOPPED; - - assert(ppp->cb); - ppp->cb(ppp, SD_PPPOE_EVENT_STOPPED, ppp->userdata); - - break; - case PPPOE_STATE_STOPPED: - break; - default: - assert_not_reached("PPPoE: invalid state when receiving message"); - } - - return 0; -} - -static int pppoe_receive_message(sd_event_source *s, int fd, uint32_t revents, void *userdata) { - sd_pppoe *ppp = userdata; - _cleanup_free_ struct pppoe_hdr *packet = NULL; - union sockaddr_union link = {}; - socklen_t addrlen = sizeof(link); - int buflen = 0, len, r; - - assert(ppp); - assert(fd != -1); - - r = ioctl(fd, FIONREAD, &buflen); - if (r < 0) - return r; - - if (buflen < 0) - /* this can't be right */ - return -EIO; - - packet = malloc0(buflen); - if (!packet) - return -ENOMEM; - - len = recvfrom(fd, packet, buflen, 0, &link.sa, &addrlen); - if (len < 0) { - log_warning_errno(r, "PPPoE: could not receive message from raw socket: %m"); - return 0; - } else if ((size_t)len < sizeof(struct pppoe_hdr)) - return 0; - else if ((size_t)len != sizeof(struct pppoe_hdr) + PPPOE_PACKET_LENGTH(packet)) - return 0; - - if (link.ll.sll_halen != ETH_ALEN) - /* not ethernet? */ - return 0; - - r = pppoe_handle_message(ppp, packet, (struct ether_addr*)&link.ll.sll_addr); - if (r < 0) - return r; - - return 1; -} - -int sd_pppoe_start(sd_pppoe *ppp) { - union sockaddr_union link = { - .ll = { - .sll_family = AF_PACKET, - .sll_protocol = htons(ETH_P_PPP_DISC), - }, - }; - _cleanup_close_ int s = -1; - _cleanup_event_source_unref_ sd_event_source *io = NULL; - int r; - - assert_return(ppp, -EINVAL); - assert_return(ppp->fd == -1, -EBUSY); - assert_return(!ppp->io, -EBUSY); - assert_return(ppp->ifindex > 0, -EUNATCH); - assert_return(ppp->ifname, -EUNATCH); - assert_return(ppp->event, -EUNATCH); - assert_return(ppp->cb, -EUNATCH); - - s = socket(AF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0); - if (s < 0) - return -errno; - - link.ll.sll_ifindex = ppp->ifindex; - - r = bind(s, &link.sa, sizeof(link.ll)); - if (r < 0) - return r; - - r = sd_event_add_io(ppp->event, &io, - s, EPOLLIN, pppoe_receive_message, - ppp); - if (r < 0) - return r; - - r = sd_event_source_set_priority(io, ppp->event_priority); - if (r < 0) - return r; - - ppp->fd = s; - s = -1; - ppp->io = io; - io = NULL; - - r = pppoe_send_initiation(ppp); - if (r < 0) - return r; - - ppp->state = PPPOE_STATE_INITIALIZING; - - return 0; -} - -int sd_pppoe_stop(sd_pppoe *ppp) { - assert_return(ppp, -EINVAL); - - if (ppp->state == PPPOE_STATE_RUNNING) - pppoe_send_terminate(ppp); - - ppp->io = sd_event_source_unref(ppp->io); - ppp->timeout = sd_event_source_unref(ppp->timeout); - ppp->fd = asynchronous_close(ppp->fd); - ppp->pppoe_fd = asynchronous_close(ppp->pppoe_fd); - - return 0; -} diff --git a/src/libsystemd-network/test-lldp.c b/src/libsystemd-network/test-lldp.c index 931df7c170..99545d0b8b 100644 --- a/src/libsystemd-network/test-lldp.c +++ b/src/libsystemd-network/test-lldp.c @@ -54,7 +54,7 @@ static int lldp_build_tlv_packet(tlv_packet **ret) { .ether_type = htons(ETHERTYPE_LLDP), }; - /* Append ethernet header */ + /* Append Ethernet header */ memcpy(ðer.ether_dhost, lldp_dst, ETHER_ADDR_LEN); memcpy(ðer.ether_shost, &mac_addr, ETHER_ADDR_LEN); diff --git a/src/libsystemd-network/test-pppoe.c b/src/libsystemd-network/test-pppoe.c deleted file mode 100644 index 6ea460d9ac..0000000000 --- a/src/libsystemd-network/test-pppoe.c +++ /dev/null @@ -1,177 +0,0 @@ -/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ - -/*** - This file is part of systemd. - - Copyright (C) 2014 Tom Gundersen <teg@jklm.no> - - systemd is free software; you can redistribute it and/or modify it - under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - systemd is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with systemd; If not, see <http://www.gnu.org/licenses/>. -***/ - -#include <errno.h> -#include <linux/veth.h> -#include <net/if.h> -#include <stdlib.h> -#include <unistd.h> -#include <sched.h> - -#include "sd-event.h" -#include "sd-netlink.h" -#include "sd-pppoe.h" - -#include "event-util.h" -#include "process-util.h" -#include "util.h" - -static void pppoe_handler(sd_pppoe *ppp, int event, void *userdata) { - static int pppoe_state = -1; - sd_event *e = userdata; - - assert_se(ppp); - assert_se(e); - - switch (event) { - case SD_PPPOE_EVENT_RUNNING: - assert_se(pppoe_state == -1); - log_info("running"); - break; - case SD_PPPOE_EVENT_STOPPED: - assert_se(pppoe_state == SD_PPPOE_EVENT_RUNNING); - log_info("stopped"); - assert_se(sd_event_exit(e, 0) >= 0); - break; - default: - assert_not_reached("invalid pppoe event"); - } - - pppoe_state = event; -} - -static int client_run(const char *client_name, sd_event *e) { - sd_pppoe *pppoe; - int client_ifindex; - - client_ifindex = (int) if_nametoindex(client_name); - assert_se(client_ifindex > 0); - - assert_se(sd_pppoe_new(&pppoe) >= 0); - assert_se(sd_pppoe_attach_event(pppoe, e, 0) >= 0); - - assert_se(sd_pppoe_set_ifname(pppoe, "pppoe-client") >= 0); - assert_se(sd_pppoe_set_ifindex(pppoe, client_ifindex) >= 0); - assert_se(sd_pppoe_set_callback(pppoe, pppoe_handler, e) >= 0); - - log_info("starting PPPoE client, it will exit when the server times out and sends PADT"); - - assert_se(sd_pppoe_start(pppoe) >= 0); - - assert_se(sd_event_loop(e) >= 0); - - assert_se(!sd_pppoe_unref(pppoe)); - - return EXIT_SUCCESS; -} - -static int test_pppoe_server(sd_event *e) { - sd_netlink *rtnl; - sd_netlink_message *m; - pid_t pid; - int r, client_ifindex, server_ifindex; - - r = unshare(CLONE_NEWNET); - if (r < 0 && errno == EPERM) - return EXIT_TEST_SKIP; - - assert_se(r >= 0); - - assert_se(sd_netlink_open(&rtnl) >= 0); - assert_se(sd_netlink_attach_event(rtnl, e, 0) >= 0); - - assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_NEWLINK, 0) >= 0); - assert_se(sd_netlink_message_append_string(m, IFLA_IFNAME, "pppoe-server") >= 0); - assert_se(sd_netlink_message_open_container(m, IFLA_LINKINFO) >= 0); - assert_se(sd_netlink_message_open_container_union(m, IFLA_INFO_DATA, "veth") >= 0); - assert_se(sd_netlink_message_open_container(m, VETH_INFO_PEER) >= 0); - assert_se(sd_netlink_message_append_string(m, IFLA_IFNAME, "pppoe-client") >= 0); - assert_se(sd_netlink_message_close_container(m) >= 0); - assert_se(sd_netlink_message_close_container(m) >= 0); - assert_se(sd_netlink_message_close_container(m) >= 0); - assert_se(sd_netlink_call(rtnl, m, 0, NULL) >= 0); - - client_ifindex = (int) if_nametoindex("pppoe-client"); - assert_se(client_ifindex > 0); - server_ifindex = (int) if_nametoindex("pppoe-server"); - assert_se(server_ifindex > 0); - - m = sd_netlink_message_unref(m); - assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_SETLINK, client_ifindex) >= 0); - assert_se(sd_rtnl_message_link_set_flags(m, IFF_UP, IFF_UP) >= 0); - assert_se(sd_netlink_call(rtnl, m, 0, NULL) >= 0); - - m = sd_netlink_message_unref(m); - assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_SETLINK, server_ifindex) >= 0); - assert_se(sd_rtnl_message_link_set_flags(m, IFF_UP, IFF_UP) >= 0); - assert_se(sd_netlink_call(rtnl, m, 0, NULL) >= 0); - - pid = fork(); - assert_se(pid >= 0); - if (pid == 0) { - /* let the client send some discover messages before the server is started */ - sleep(2); - - /* TODO: manage pppoe-server-options */ - execlp("pppoe-server", "pppoe-server", "-F", - "-I", "pppoe-server", - "-C", "Test-AC", - "-S", "Service-Default", - "-S", "Service-First-Auxiliary", - "-S", "Service-Second-Auxiliary", - NULL); - assert_not_reached("failed to execute pppoe-server. not installed?"); - } - - client_run("pppoe-client", e); - - assert_se(kill(pid, SIGTERM) >= 0); - assert_se(wait_for_terminate(pid, NULL) >= 0); - - assert_se(!sd_netlink_message_unref(m)); - assert_se(!sd_netlink_unref(rtnl)); - - return EXIT_SUCCESS; -} - -int main(int argc, char *argv[]) { - _cleanup_event_unref_ sd_event *e = NULL; - - log_set_max_level(LOG_DEBUG); - log_parse_environment(); - log_open(); - - assert_se(sd_event_new(&e) >= 0); - - if (argc == 1) { - log_info("running PPPoE client against local server"); - - return test_pppoe_server(e); - } else if (argc == 2) { - log_info("running PPPoE client over '%s'", argv[1]); - - return client_run(argv[1], e); - } else { - log_error("This program takes one or no arguments.\n" - "\t %s [<ifname>]", program_invocation_short_name); - return EXIT_FAILURE; - } -} diff --git a/src/libsystemd/sd-bus/bus-error.c b/src/libsystemd/sd-bus/bus-error.c index 84229c2964..239d7245e6 100644 --- a/src/libsystemd/sd-bus/bus-error.c +++ b/src/libsystemd/sd-bus/bus-error.c @@ -567,7 +567,7 @@ _public_ int sd_bus_error_set_errnof(sd_bus_error *e, int error, const char *for const char *bus_error_message(const sd_bus_error *e, int error) { if (e) { - /* Sometimes the D-Bus server is a little bit too verbose with + /* Sometimes, the D-Bus server is a little bit too verbose with * its error messages, so let's override them here */ if (sd_bus_error_has_name(e, SD_BUS_ERROR_ACCESS_DENIED)) return "Access denied"; diff --git a/src/libsystemd/sd-daemon/sd-daemon.c b/src/libsystemd/sd-daemon/sd-daemon.c index 27045e25d0..f1e9b7ed1b 100644 --- a/src/libsystemd/sd-daemon/sd-daemon.c +++ b/src/libsystemd/sd-daemon/sd-daemon.c @@ -58,8 +58,7 @@ static void unsetenv_all(bool unset_environment) { _public_ int sd_listen_fds(int unset_environment) { const char *e; - unsigned n; - int r, fd; + int n, r, fd; pid_t pid; e = getenv("LISTEN_PID"); @@ -84,17 +83,23 @@ _public_ int sd_listen_fds(int unset_environment) { goto finish; } - r = safe_atou(e, &n); + r = safe_atoi(e, &n); if (r < 0) goto finish; - for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + (int) n; fd ++) { + assert_cc(SD_LISTEN_FDS_START < INT_MAX); + if (n <= 0 || n > INT_MAX - SD_LISTEN_FDS_START) { + r = -EINVAL; + goto finish; + } + + for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++) { r = fd_cloexec(fd, true); if (r < 0) goto finish; } - r = (int) n; + r = n; finish: unsetenv_all(unset_environment); @@ -586,7 +591,7 @@ _public_ int sd_watchdog_enabled(int unset_environment, uint64_t *usec) { r = safe_atou64(s, &u); if (r < 0) goto finish; - if (u <= 0) { + if (u <= 0 || u >= USEC_INFINITY) { r = -EINVAL; goto finish; } diff --git a/src/login/logind.c b/src/login/logind.c index 4b8c834269..d1e2ea2489 100644 --- a/src/login/logind.c +++ b/src/login/logind.c @@ -31,6 +31,7 @@ #include "bus-error.h" #include "bus-util.h" #include "conf-parser.h" +#include "def.h" #include "dirent-util.h" #include "fd-util.h" #include "formats-util.h" diff --git a/src/machine/machine.c b/src/machine/machine.c index cbc03640c1..196bc4b8f4 100644 --- a/src/machine/machine.c +++ b/src/machine/machine.c @@ -552,7 +552,7 @@ int machine_kill(Machine *m, KillWho who, int signo) { return 0; } - /* Otherwise make PID 1 do it for us, for the entire cgroup */ + /* Otherwise, make PID 1 do it for us, for the entire cgroup */ return manager_kill_unit(m->manager, m->unit, signo, NULL); } diff --git a/src/modules-load/modules-load.c b/src/modules-load/modules-load.c index 830ca7b89d..b90c50719f 100644 --- a/src/modules-load/modules-load.c +++ b/src/modules-load/modules-load.c @@ -27,6 +27,7 @@ #include <sys/stat.h> #include "conf-files.h" +#include "def.h" #include "fd-util.h" #include "fileio.h" #include "log.h" diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c index e550ee5701..8b6acf2e1d 100644 --- a/src/network/networkd-address.c +++ b/src/network/networkd-address.c @@ -271,15 +271,35 @@ int address_add_foreign(Link *link, int family, const union in_addr_union *in_ad return address_add_internal(link, &link->addresses_foreign, family, in_addr, prefixlen, ret); } -static int address_add(Link *link, int family, const union in_addr_union *in_addr, unsigned char prefixlen, Address **ret) { +int address_add(Link *link, int family, const union in_addr_union *in_addr, unsigned char prefixlen, Address **ret) { + Address *address; int r; - r = address_add_internal(link, &link->addresses, family, in_addr, prefixlen, ret); - if (r < 0) + r = address_get(link, family, in_addr, prefixlen, &address); + if (r == -ENOENT) { + /* Address does not exist, create a new one */ + r = address_add_internal(link, &link->addresses, family, in_addr, prefixlen, &address); + if (r < 0) + return r; + } else if (r == 0) { + /* Take over a foreign address */ + r = set_ensure_allocated(&link->addresses, &address_hash_ops); + if (r < 0) + return r; + + r = set_put(link->addresses, address); + if (r < 0) + return r; + + set_remove(link->addresses_foreign, address); + } else if (r == 1) { + /* Already exists, do nothing */ + ; + } else return r; - link_update_operstate(link); - link_dirty(link); + if (ret) + *ret = address; return 0; } @@ -318,8 +338,12 @@ int address_update(Address *address, unsigned char flags, unsigned char scope, s address->scope = scope; address->cinfo = *cinfo; - if (!ready && address_is_ready(address) && address->link) - link_check_ready(address->link); + if (address->link) { + link_update_operstate(address->link); + + if (!ready && address_is_ready(address)) + link_check_ready(address->link); + } return 0; } @@ -356,7 +380,11 @@ int address_get(Link *link, int family, const union in_addr_union *in_addr, unsi address.prefixlen = prefixlen; existing = set_get(link->addresses, &address); - if (!existing) { + if (existing) { + *ret = existing; + + return 1; + } else { existing = set_get(link->addresses_foreign, &address); if (!existing) return -ENOENT; diff --git a/src/network/networkd-address.h b/src/network/networkd-address.h index fd309bebb6..0b1f3b688b 100644 --- a/src/network/networkd-address.h +++ b/src/network/networkd-address.h @@ -62,6 +62,7 @@ int address_new_static(Network *network, unsigned section, Address **ret); int address_new(Address **ret); void address_free(Address *address); int address_add_foreign(Link *link, int family, const union in_addr_union *in_addr, unsigned char prefixlen, Address **ret); +int address_add(Link *link, int family, const union in_addr_union *in_addr, unsigned char prefixlen, Address **ret); int address_get(Link *link, int family, const union in_addr_union *in_addr, unsigned char prefixlen, Address **ret); int address_update(Address *address, unsigned char flags, unsigned char scope, struct ifa_cacheinfo *cinfo); int address_drop(Address *address); diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c index c412a2cc31..b58fc5808c 100644 --- a/src/network/networkd-dhcp4.c +++ b/src/network/networkd-dhcp4.c @@ -87,12 +87,12 @@ static int link_set_dhcp_routes(Link *link) { * route for the gw host so that we can route no matter the * netmask or existing kernel route tables. */ route_gw->family = AF_INET; - route_gw->dst_addr.in = gateway; + route_gw->dst.in = gateway; route_gw->dst_prefixlen = 32; - route_gw->prefsrc_addr.in = address; + route_gw->prefsrc.in = address; route_gw->scope = RT_SCOPE_LINK; route_gw->protocol = RTPROT_DHCP; - route_gw->metrics = link->network->dhcp_route_metric; + route_gw->priority = link->network->dhcp_route_metric; r = route_configure(route_gw, link, &dhcp4_route_handler); if (r < 0) @@ -101,9 +101,9 @@ static int link_set_dhcp_routes(Link *link) { link->dhcp4_messages ++; route->family = AF_INET; - route->in_addr.in = gateway; - route->prefsrc_addr.in = address; - route->metrics = link->network->dhcp_route_metric; + route->gw.in = gateway; + route->prefsrc.in = address; + route->priority = link->network->dhcp_route_metric; r = route_configure(route, link, &dhcp4_route_handler); if (r < 0) { @@ -130,10 +130,10 @@ static int link_set_dhcp_routes(Link *link) { route->family = AF_INET; route->protocol = RTPROT_DHCP; - route->in_addr.in = static_routes[i].gw_addr; - route->dst_addr.in = static_routes[i].dst_addr; + route->gw.in = static_routes[i].gw_addr; + route->dst.in = static_routes[i].dst_addr; route->dst_prefixlen = static_routes[i].dst_prefixlen; - route->metrics = link->network->dhcp_route_metric; + route->priority = link->network->dhcp_route_metric; r = route_configure(route, link, &dhcp4_route_handler); if (r < 0) @@ -170,8 +170,8 @@ static int dhcp_lease_lost(Link *link) { r = route_new(&route); if (r >= 0) { route->family = AF_INET; - route->in_addr.in = routes[i].gw_addr; - route->dst_addr.in = routes[i].dst_addr; + route->gw.in = routes[i].gw_addr; + route->dst.in = routes[i].dst_addr; route->dst_prefixlen = routes[i].dst_prefixlen; route_remove(route, link, @@ -191,7 +191,7 @@ static int dhcp_lease_lost(Link *link) { r = route_new(&route_gw); if (r >= 0) { route_gw->family = AF_INET; - route_gw->dst_addr.in = gateway; + route_gw->dst.in = gateway; route_gw->dst_prefixlen = 32; route_gw->scope = RT_SCOPE_LINK; @@ -202,7 +202,7 @@ static int dhcp_lease_lost(Link *link) { r = route_new(&route); if (r >= 0) { route->family = AF_INET; - route->in_addr.in = gateway; + route->gw.in = gateway; route_remove(route, link, &link_route_remove_handler); @@ -533,9 +533,11 @@ int dhcp4_configure(Link *link) { assert(link->network); assert(link->network->dhcp & ADDRESS_FAMILY_IPV4); - r = sd_dhcp_client_new(&link->dhcp_client); - if (r < 0) - return r; + if (!link->dhcp_client) { + r = sd_dhcp_client_new(&link->dhcp_client); + if (r < 0) + return r; + } r = sd_dhcp_client_attach_event(link->dhcp_client, NULL, 0); if (r < 0) diff --git a/src/network/networkd-ipv4ll.c b/src/network/networkd-ipv4ll.c index 2fdb77ef6c..ed0d861e7a 100644 --- a/src/network/networkd-ipv4ll.c +++ b/src/network/networkd-ipv4ll.c @@ -63,7 +63,7 @@ static int ipv4ll_address_lost(Link *link) { route->family = AF_INET; route->scope = RT_SCOPE_LINK; - route->metrics = IPV4LL_ROUTE_METRIC; + route->priority = IPV4LL_ROUTE_METRIC; route_remove(route, link, &link_route_remove_handler); @@ -156,7 +156,7 @@ static int ipv4ll_address_claimed(sd_ipv4ll *ll, Link *link) { route->family = AF_INET; route->scope = RT_SCOPE_LINK; route->protocol = RTPROT_STATIC; - route->metrics = IPV4LL_ROUTE_METRIC; + route->priority = IPV4LL_ROUTE_METRIC; r = route_configure(route, link, ipv4ll_route_handler); if (r < 0) @@ -208,9 +208,11 @@ int ipv4ll_configure(Link *link) { assert(link->network); assert(link->network->link_local & ADDRESS_FAMILY_IPV4); - r = sd_ipv4ll_new(&link->ipv4ll); - if (r < 0) - return r; + if (!link->ipv4ll) { + r = sd_ipv4ll_new(&link->ipv4ll); + if (r < 0) + return r; + } if (link->udev_device) { r = net_get_unique_predictable_data(link->udev_device, seed); diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 12ca02868d..46979ffa12 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -26,6 +26,7 @@ #include "alloc-util.h" #include "bus-util.h" #include "dhcp-lease-internal.h" +#include "event-util.h" #include "fd-util.h" #include "fileio.h" #include "netlink-util.h" @@ -2057,28 +2058,30 @@ static int link_initialized_and_synced(sd_netlink *rtnl, sd_netlink_message *m, if (r < 0) return r; - r = network_get(link->manager, link->udev_device, link->ifname, - &link->mac, &network); - if (r == -ENOENT) { - link_enter_unmanaged(link); - return 1; - } else if (r < 0) - return r; + if (!link->network) { + r = network_get(link->manager, link->udev_device, link->ifname, + &link->mac, &network); + if (r == -ENOENT) { + link_enter_unmanaged(link); + return 1; + } else if (r < 0) + return r; - if (link->flags & IFF_LOOPBACK) { - if (network->link_local != ADDRESS_FAMILY_NO) - log_link_debug(link, "Ignoring link-local autoconfiguration for loopback link"); + if (link->flags & IFF_LOOPBACK) { + if (network->link_local != ADDRESS_FAMILY_NO) + log_link_debug(link, "Ignoring link-local autoconfiguration for loopback link"); - if (network->dhcp != ADDRESS_FAMILY_NO) - log_link_debug(link, "Ignoring DHCP clients for loopback link"); + if (network->dhcp != ADDRESS_FAMILY_NO) + log_link_debug(link, "Ignoring DHCP clients for loopback link"); - if (network->dhcp_server) - log_link_debug(link, "Ignoring DHCP server for loopback link"); - } + if (network->dhcp_server) + log_link_debug(link, "Ignoring DHCP server for loopback link"); + } - r = network_apply(link->manager, network, link); - if (r < 0) - return r; + r = network_apply(link->manager, network, link); + if (r < 0) + return r; + } r = link_new_bound_to_list(link); if (r < 0) @@ -2130,6 +2133,193 @@ int link_initialized(Link *link, struct udev_device *device) { return 0; } +static int link_load(Link *link) { + _cleanup_free_ char *network_file = NULL, + *addresses = NULL, + *routes = NULL, + *dhcp4_address = NULL, + *ipv4ll_address = NULL; + union in_addr_union address; + union in_addr_union route_dst; + const char *p; + int r; + + assert(link); + + r = parse_env_file(link->state_file, NEWLINE, + "NETWORK_FILE", &network_file, + "ADDRESSES", &addresses, + "ROUTES", &routes, + "DHCP4_ADDRESS", &dhcp4_address, + "IPV4LL_ADDRESS", &ipv4ll_address, + NULL); + if (r < 0 && r != -ENOENT) + return log_link_error_errno(link, r, "Failed to read %s: %m", link->state_file); + + if (network_file) { + Network *network; + char *suffix; + + /* drop suffix */ + suffix = strrchr(network_file, '.'); + if (!suffix) { + log_link_debug(link, "Failed to get network name from %s", network_file); + goto network_file_fail; + } + *suffix = '\0'; + + r = network_get_by_name(link->manager, basename(network_file), &network); + if (r < 0) { + log_link_debug_errno(link, r, "Failed to get network %s: %m", basename(network_file)); + goto network_file_fail; + } + + r = network_apply(link->manager, network, link); + if (r < 0) + return log_link_error_errno(link, r, "Failed to apply network %s: %m", basename(network_file)); + } + +network_file_fail: + + if (addresses) { + p = addresses; + + for (;;) { + _cleanup_free_ char *address_str = NULL; + char *prefixlen_str; + int family; + unsigned char prefixlen; + + r = extract_first_word(&p, &address_str, NULL, 0); + if (r < 0) { + log_link_debug_errno(link, r, "Failed to extract next address string: %m"); + continue; + } if (r == 0) + break; + + prefixlen_str = strchr(address_str, '/'); + if (!prefixlen_str) { + log_link_debug(link, "Failed to parse address and prefix length %s", address_str); + continue; + } + + *prefixlen_str ++ = '\0'; + + r = sscanf(prefixlen_str, "%hhu", &prefixlen); + if (r != 1) { + log_link_error(link, "Failed to parse prefixlen %s", prefixlen_str); + continue; + } + + r = in_addr_from_string_auto(address_str, &family, &address); + if (r < 0) { + log_link_debug_errno(link, r, "Failed to parse address %s: %m", address_str); + continue; + } + + r = address_add(link, family, &address, prefixlen, NULL); + if (r < 0) + return log_link_error_errno(link, r, "Failed to add address: %m"); + } + } + + if (routes) { + for (;;) { + Route *route; + _cleanup_free_ char *route_str = NULL; + _cleanup_event_source_unref_ sd_event_source *expire = NULL; + usec_t lifetime; + char *prefixlen_str; + int family; + unsigned char prefixlen, tos, table; + uint32_t priority; + + r = extract_first_word(&p, &route_str, NULL, 0); + if (r < 0) { + log_link_debug_errno(link, r, "Failed to extract next route string: %m"); + continue; + } if (r == 0) + break; + + prefixlen_str = strchr(route_str, '/'); + if (!prefixlen_str) { + log_link_debug(link, "Failed to parse route %s", route_str); + continue; + } + + *prefixlen_str ++ = '\0'; + + r = sscanf(prefixlen_str, "%hhu/%hhu/%"SCNu32"/%hhu/"USEC_FMT, &prefixlen, &tos, &priority, &table, &lifetime); + if (r != 5) { + log_link_debug(link, + "Failed to parse destination prefix length, tos, priority, table or expiration %s", + prefixlen_str); + continue; + } + + r = in_addr_from_string_auto(route_str, &family, &route_dst); + if (r < 0) { + log_link_debug_errno(link, r, "Failed to parse route destination %s: %m", route_str); + continue; + } + + r = route_add(link, family, &route_dst, prefixlen, tos, priority, table, &route); + if (r < 0) + return log_link_error_errno(link, r, "Failed to add route: %m"); + + if (lifetime != USEC_INFINITY) { + r = sd_event_add_time(link->manager->event, &expire, clock_boottime_or_monotonic(), lifetime, + 0, route_expire_handler, route); + if (r < 0) + log_link_warning_errno(link, r, "Could not arm route expiration handler: %m"); + } + + route->lifetime = lifetime; + sd_event_source_unref(route->expire); + route->expire = expire; + expire = NULL; + } + } + + if (dhcp4_address) { + r = in_addr_from_string(AF_INET, dhcp4_address, &address); + if (r < 0) { + log_link_debug_errno(link, r, "Falied to parse DHCPv4 address %s: %m", dhcp4_address); + goto dhcp4_address_fail; + } + + r = sd_dhcp_client_new(&link->dhcp_client); + if (r < 0) + return log_link_error_errno(link, r, "Falied to create DHCPv4 client: %m"); + + r = sd_dhcp_client_set_request_address(link->dhcp_client, &address.in); + if (r < 0) + return log_link_error_errno(link, r, "Falied to set inital DHCPv4 address %s: %m", dhcp4_address); + } + +dhcp4_address_fail: + + if (ipv4ll_address) { + r = in_addr_from_string(AF_INET, ipv4ll_address, &address); + if (r < 0) { + log_link_debug_errno(link, r, "Falied to parse IPv4LL address %s: %m", ipv4ll_address); + goto ipv4ll_address_fail; + } + + r = sd_ipv4ll_new(&link->ipv4ll); + if (r < 0) + return log_link_error_errno(link, r, "Falied to create IPv4LL client: %m"); + + r = sd_ipv4ll_set_address(link->ipv4ll, &address.in); + if (r < 0) + return log_link_error_errno(link, r, "Falied to set inital IPv4LL address %s: %m", ipv4ll_address); + } + +ipv4ll_address_fail: + + return 0; +} + int link_add(Manager *m, sd_netlink_message *message, Link **ret) { Link *link; _cleanup_udev_device_unref_ struct udev_device *device = NULL; @@ -2149,6 +2339,10 @@ int link_add(Manager *m, sd_netlink_message *message, Link **ret) { log_link_debug(link, "Link %d added", link->ifindex); + r = link_load(link); + if (r < 0) + return r; + if (detect_container() <= 0) { /* not in a container, udev will be around */ sprintf(ifindex_str, "n%d", link->ifindex); @@ -2372,6 +2566,7 @@ int link_save(Link *link) { _cleanup_fclose_ FILE *f = NULL; const char *admin_state, *oper_state; Address *a; + Route *route; Iterator i; int r; @@ -2450,9 +2645,9 @@ int link_save(Link *link) { } } - fputs("\n", f); + fputc('\n', f); - fprintf(f, "NTP="); + fputs("NTP=", f); space = false; STRV_FOREACH(address, link->network->ntp) { if (space) @@ -2499,9 +2694,9 @@ int link_save(Link *link) { } } - fputs("\n", f); + fputc('\n', f); - fprintf(f, "DOMAINS="); + fputs("DOMAINS=", f); space = false; STRV_FOREACH(domain, link->network->domains) { if (space) @@ -2537,7 +2732,7 @@ int link_save(Link *link) { } } - fputs("\n", f); + fputc('\n', f); fprintf(f, "WILDCARD_DOMAIN=%s\n", yes_no(link->network->wildcard_domain)); @@ -2545,7 +2740,7 @@ int link_save(Link *link) { fprintf(f, "LLMNR=%s\n", resolve_support_to_string(link->network->llmnr)); - fprintf(f, "ADDRESSES="); + fputs("ADDRESSES=", f); space = false; SET_FOREACH(a, link->addresses, i) { _cleanup_free_ char *address_str = NULL; @@ -2558,7 +2753,23 @@ int link_save(Link *link) { space = true; } - fputs("\n", f); + fputc('\n', f); + + fputs("ROUTES=", f); + space = false; + SET_FOREACH(route, link->routes, i) { + _cleanup_free_ char *route_str = NULL; + + r = in_addr_to_string(route->family, &route->dst, &route_str); + if (r < 0) + goto fail; + + fprintf(f, "%s%s/%hhu/%hhu/%"PRIu32"/%hhu/"USEC_FMT, space ? " " : "", route_str, + route->dst_prefixlen, route->tos, route->priority, route->table, route->lifetime); + space = true; + } + + fputc('\n', f); } if (!hashmap_isempty(link->bound_to_links)) { @@ -2573,7 +2784,7 @@ int link_save(Link *link) { space = true; } - fputs("\n", f); + fputc('\n', f); } if (!hashmap_isempty(link->bound_by_links)) { @@ -2588,19 +2799,25 @@ int link_save(Link *link) { space = true; } - fputs("\n", f); + fputc('\n', f); } if (link->dhcp_lease) { + struct in_addr address; const char *tz = NULL; + assert(link->network); + r = sd_dhcp_lease_get_timezone(link->dhcp_lease, &tz); if (r >= 0) fprintf(f, "TIMEZONE=%s\n", tz); - } - if (link->dhcp_lease) { - assert(link->network); + r = sd_dhcp_lease_get_address(link->dhcp_lease, &address); + if (r >= 0) { + fputs("DHCP4_ADDRESS=", f); + serialize_in_addrs(f, &address, 1); + fputc('\n', f); + } r = dhcp_lease_save(link->dhcp_lease, link->lease_file); if (r < 0) @@ -2612,6 +2829,17 @@ int link_save(Link *link) { } else unlink(link->lease_file); + if (link->ipv4ll) { + struct in_addr address; + + r = sd_ipv4ll_get_address(link->ipv4ll, &address); + if (r >= 0) { + fputs("IPV4LL_ADDRESS=", f); + serialize_in_addrs(f, &address, 1); + fputc('\n', f); + } + } + if (link->lldp) { assert(link->network); diff --git a/src/network/networkd-link.h b/src/network/networkd-link.h index 2a69f1c16b..a22041870e 100644 --- a/src/network/networkd-link.h +++ b/src/network/networkd-link.h @@ -85,6 +85,8 @@ struct Link { Set *addresses; Set *addresses_foreign; + Set *routes; + Set *routes_foreign; sd_dhcp_client *dhcp_client; sd_dhcp_lease *dhcp_lease; diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c index 6b2a661ca7..a5701001c1 100644 --- a/src/network/networkd-manager.c +++ b/src/network/networkd-manager.c @@ -279,6 +279,196 @@ static int manager_connect_udev(Manager *m) { return 0; } +int manager_rtnl_process_route(sd_netlink *rtnl, sd_netlink_message *message, void *userdata) { + Manager *m = userdata; + Link *link = NULL; + uint16_t type; + uint32_t ifindex, priority = 0; + unsigned char protocol, scope, tos, table; + int family; + unsigned char dst_prefixlen, src_prefixlen; + union in_addr_union dst = {}, gw = {}, src = {}, prefsrc = {}; + Route *route = NULL; + int r; + + assert(rtnl); + assert(message); + assert(m); + + if (sd_netlink_message_is_error(message)) { + r = sd_netlink_message_get_errno(message); + if (r < 0) + log_warning_errno(r, "rtnl: failed to receive route: %m"); + + return 0; + } + + r = sd_netlink_message_get_type(message, &type); + if (r < 0) { + log_warning_errno(r, "rtnl: could not get message type: %m"); + return 0; + } else if (type != RTM_NEWROUTE && type != RTM_DELROUTE) { + log_warning("rtnl: received unexpected message type when processing route"); + return 0; + } + + r = sd_netlink_message_read_u32(message, RTA_OIF, &ifindex); + if (r == -ENODATA) { + log_debug("rtnl: received route without ifindex, ignoring"); + return 0; + } else if (r < 0) { + log_warning_errno(r, "rtnl: could not get ifindex from route, ignoring: %m"); + return 0; + } else if (ifindex <= 0) { + log_warning("rtnl: received route message with invalid ifindex, ignoring: %d", ifindex); + return 0; + } else { + r = link_get(m, ifindex, &link); + if (r < 0 || !link) { + /* when enumerating we might be out of sync, but we will + * get the route again, so just ignore it */ + if (!m->enumerating) + log_warning("rtnl: received route for nonexistent link (%d), ignoring", ifindex); + return 0; + } + } + + r = sd_rtnl_message_route_get_family(message, &family); + if (r < 0 || !IN_SET(family, AF_INET, AF_INET6)) { + log_link_warning(link, "rtnl: received address with invalid family, ignoring."); + return 0; + } + + r = sd_rtnl_message_route_get_protocol(message, &protocol); + if (r < 0) { + log_warning_errno(r, "rtnl: could not get route protocol: %m"); + return 0; + } + + switch (family) { + case AF_INET: + r = sd_netlink_message_read_in_addr(message, RTA_DST, &dst.in); + if (r < 0 && r != -ENODATA) { + log_link_warning_errno(link, r, "rtnl: received route without valid destination, ignoring: %m"); + return 0; + } + + r = sd_netlink_message_read_in_addr(message, RTA_GATEWAY, &gw.in); + if (r < 0 && r != -ENODATA) { + log_link_warning_errno(link, r, "rtnl: received route with invalid gateway, ignoring: %m"); + return 0; + } + + r = sd_netlink_message_read_in_addr(message, RTA_SRC, &src.in); + if (r < 0 && r != -ENODATA) { + log_link_warning_errno(link, r, "rtnl: received route with invalid source, ignoring: %m"); + return 0; + } + + r = sd_netlink_message_read_in_addr(message, RTA_PREFSRC, &prefsrc.in); + if (r < 0 && r != -ENODATA) { + log_link_warning_errno(link, r, "rtnl: received route with invalid preferred source, ignoring: %m"); + return 0; + } + + break; + + case AF_INET6: + r = sd_netlink_message_read_in6_addr(message, RTA_DST, &dst.in6); + if (r < 0 && r != -ENODATA) { + log_link_warning_errno(link, r, "rtnl: received route without valid destination, ignoring: %m"); + return 0; + } + + r = sd_netlink_message_read_in6_addr(message, RTA_GATEWAY, &gw.in6); + if (r < 0 && r != -ENODATA) { + log_link_warning_errno(link, r, "rtnl: received route with invalid gateway, ignoring: %m"); + return 0; + } + + r = sd_netlink_message_read_in6_addr(message, RTA_SRC, &src.in6); + if (r < 0 && r != -ENODATA) { + log_link_warning_errno(link, r, "rtnl: received route with invalid source, ignoring: %m"); + return 0; + } + + r = sd_netlink_message_read_in6_addr(message, RTA_PREFSRC, &prefsrc.in6); + if (r < 0 && r != -ENODATA) { + log_link_warning_errno(link, r, "rtnl: received route with invalid preferred source, ignoring: %m"); + return 0; + } + + break; + + default: + log_link_debug(link, "rtnl: ignoring unsupported address family: %d", family); + return 0; + } + + r = sd_rtnl_message_route_get_dst_prefixlen(message, &dst_prefixlen); + if (r < 0) { + log_link_warning_errno(link, r, "rtnl: received route with invalid destination prefixlen, ignoring: %m"); + return 0; + } + + r = sd_rtnl_message_route_get_src_prefixlen(message, &src_prefixlen); + if (r < 0) { + log_link_warning_errno(link, r, "rtnl: received route with invalid source prefixlen, ignoring: %m"); + return 0; + } + + r = sd_rtnl_message_route_get_scope(message, &scope); + if (r < 0) { + log_link_warning_errno(link, r, "rtnl: received route with invalid scope, ignoring: %m"); + return 0; + } + + r = sd_rtnl_message_route_get_tos(message, &tos); + if (r < 0) { + log_link_warning_errno(link, r, "rtnl: received route with invalid tos, ignoring: %m"); + return 0; + } + + r = sd_rtnl_message_route_get_table(message, &table); + if (r < 0) { + log_link_warning_errno(link, r, "rtnl: received route with invalid table, ignoring: %m"); + return 0; + } + + r = sd_netlink_message_read_u32(message, RTA_PRIORITY, &priority); + if (r < 0 && r != -ENODATA) { + log_link_warning_errno(link, r, "rtnl: received route with invalid priority, ignoring: %m"); + return 0; + } + + route_get(link, family, &dst, dst_prefixlen, tos, priority, table, &route); + + switch (type) { + case RTM_NEWROUTE: + if (!route) { + /* A route appeared that we did not request */ + r = route_add_foreign(link, family, &dst, dst_prefixlen, tos, priority, table, &route); + if (r < 0) + return 0; + } + + route_update(route, &src, src_prefixlen, &gw, &prefsrc, scope, protocol); + + break; + + case RTM_DELROUTE: + + if (route) + route_drop(route); + + break; + default: + assert_not_reached("Received invalid RTNL message type"); + } + + return 1; +} + int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message, void *userdata) { Manager *m = userdata; Link *link = NULL; @@ -377,7 +567,7 @@ int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message, break; default: - assert_not_reached("invalid address family"); + log_link_debug(link, "rtnl: ignoring unsupported address family: %d", family); } if (!inet_ntop(family, &in_addr, buf, INET6_ADDRSTRLEN)) { @@ -572,6 +762,14 @@ static int manager_connect_rtnl(Manager *m) { if (r < 0) return r; + r = sd_netlink_add_match(m->rtnl, RTM_NEWROUTE, &manager_rtnl_process_route, m); + if (r < 0) + return r; + + r = sd_netlink_add_match(m->rtnl, RTM_DELROUTE, &manager_rtnl_process_route, m); + if (r < 0) + return r; + return 0; } @@ -1019,6 +1217,41 @@ int manager_rtnl_enumerate_addresses(Manager *m) { return r; } +int manager_rtnl_enumerate_routes(Manager *m) { + _cleanup_netlink_message_unref_ sd_netlink_message *req = NULL, *reply = NULL; + sd_netlink_message *route; + int r; + + assert(m); + assert(m->rtnl); + + r = sd_rtnl_message_new_route(m->rtnl, &req, RTM_GETROUTE, 0, 0); + if (r < 0) + return r; + + r = sd_netlink_message_request_dump(req, true); + if (r < 0) + return r; + + r = sd_netlink_call(m->rtnl, req, 0, &reply); + if (r < 0) + return r; + + for (route = reply; route; route = sd_netlink_message_next(route)) { + int k; + + m->enumerating = true; + + k = manager_rtnl_process_route(m->rtnl, route, m); + if (k < 0) + r = k; + + m->enumerating = false; + } + + return r; +} + int manager_address_pool_acquire(Manager *m, int family, unsigned prefixlen, union in_addr_union *found) { AddressPool *p; int r; diff --git a/src/network/networkd-netdev-bridge.c b/src/network/networkd-netdev-bridge.c index 2eeb86a683..57c58d83b4 100644 --- a/src/network/networkd-netdev-bridge.c +++ b/src/network/networkd-netdev-bridge.c @@ -72,20 +72,21 @@ static int netdev_bridge_post_create(NetDev *netdev, Link *link, sd_netlink_mess if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_INFO_DATA attribute: %m"); + /* convert to jiffes */ if (b->forward_delay > 0) { - r = sd_netlink_message_append_u32(req, IFLA_BR_FORWARD_DELAY, b->forward_delay / USEC_PER_SEC); + r = sd_netlink_message_append_u32(req, IFLA_BR_FORWARD_DELAY, usec_to_jiffies(b->forward_delay)); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_BR_FORWARD_DELAY attribute: %m"); } if (b->hello_time > 0) { - r = sd_netlink_message_append_u32(req, IFLA_BR_HELLO_TIME, b->hello_time / USEC_PER_SEC ); + r = sd_netlink_message_append_u32(req, IFLA_BR_HELLO_TIME, usec_to_jiffies(b->hello_time)); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_BR_HELLO_TIME attribute: %m"); } if (b->max_age > 0) { - r = sd_netlink_message_append_u32(req, IFLA_BR_MAX_AGE, b->max_age / USEC_PER_SEC); + r = sd_netlink_message_append_u32(req, IFLA_BR_MAX_AGE, usec_to_jiffies(b->max_age)); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_BR_MAX_AGE attribute: %m"); } diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c index cc8d019017..0188cb6fe5 100644 --- a/src/network/networkd-network.c +++ b/src/network/networkd-network.c @@ -352,6 +352,10 @@ int network_get(Manager *manager, struct udev_device *device, int network_apply(Manager *manager, Network *network, Link *link) { int r; + assert(manager); + assert(network); + assert(link); + link->network = network; if (network->ipv4ll_route) { @@ -361,7 +365,7 @@ int network_apply(Manager *manager, Network *network, Link *link) { if (r < 0) return r; - r = inet_pton(AF_INET, "169.254.0.0", &route->dst_addr.in); + r = inet_pton(AF_INET, "169.254.0.0", &route->dst.in); if (r == 0) return -EINVAL; if (r < 0) @@ -370,7 +374,7 @@ int network_apply(Manager *manager, Network *network, Link *link) { route->family = AF_INET; route->dst_prefixlen = 16; route->scope = RT_SCOPE_LINK; - route->metrics = IPV4LL_ROUTE_METRIC; + route->priority = IPV4LL_ROUTE_METRIC; route->protocol = RTPROT_STATIC; } diff --git a/src/network/networkd-route.c b/src/network/networkd-route.c index 4a74bc69f3..f4bbd06af1 100644 --- a/src/network/networkd-route.c +++ b/src/network/networkd-route.c @@ -21,11 +21,13 @@ #include "alloc-util.h" #include "conf-parser.h" +#include "event-util.h" #include "in-addr-util.h" #include "netlink-util.h" #include "networkd-route.h" #include "networkd.h" #include "parse-util.h" +#include "set.h" #include "string-util.h" #include "util.h" @@ -40,6 +42,7 @@ int route_new(Route **ret) { route->scope = RT_SCOPE_UNIVERSE; route->protocol = RTPROT_UNSPEC; route->table = RT_TABLE_DEFAULT; + route->lifetime = USEC_INFINITY; *ret = route; route = NULL; @@ -95,6 +98,13 @@ void route_free(Route *route) { UINT_TO_PTR(route->section)); } + if (route->link) { + set_remove(route->link->routes, route); + set_remove(route->link->routes_foreign, route); + } + + sd_event_source_unref(route->expire); + free(route); } @@ -110,7 +120,7 @@ static void route_hash_func(const void *b, struct siphash *state) { case AF_INET6: /* Equality of routes are given by the 4-touple (dst_prefix,dst_prefixlen,tos,priority,table) */ - siphash24_compress(&route->dst_addr, FAMILY_ADDRESS_SIZE(route->family), state); + siphash24_compress(&route->dst, FAMILY_ADDRESS_SIZE(route->family), state); siphash24_compress(&route->dst_prefixlen, sizeof(route->dst_prefixlen), state); siphash24_compress(&route->tos, sizeof(route->tos), state); siphash24_compress(&route->priority, sizeof(route->priority), state); @@ -134,7 +144,6 @@ static int route_compare_func(const void *_a, const void *_b) { switch (a->family) { case AF_INET: case AF_INET6: - //TODO: check IPv6 routes if (a->dst_prefixlen < b->dst_prefixlen) return -1; if (a->dst_prefixlen > b->dst_prefixlen) @@ -155,7 +164,7 @@ static int route_compare_func(const void *_a, const void *_b) { if (a->table > b->table) return 1; - return memcmp(&a->dst_addr, &b->dst_addr, FAMILY_ADDRESS_SIZE(a->family)); + return memcmp(&a->dst, &b->dst, FAMILY_ADDRESS_SIZE(a->family)); default: /* treat any other address family as AF_UNSPEC */ return 0; @@ -167,6 +176,162 @@ static const struct hash_ops route_hash_ops = { .compare = route_compare_func }; +int route_get(Link *link, + int family, + union in_addr_union *dst, + unsigned char dst_prefixlen, + unsigned char tos, + uint32_t priority, + unsigned char table, + Route **ret) { + Route route = { + .family = family, + .dst_prefixlen = dst_prefixlen, + .tos = tos, + .priority = priority, + .table = table, + }, *existing; + + assert(link); + assert(dst); + assert(ret); + + route.dst = *dst; + + existing = set_get(link->routes, &route); + if (existing) { + *ret = existing; + return 1; + } else { + existing = set_get(link->routes_foreign, &route); + if (!existing) + return -ENOENT; + } + + *ret = existing; + + return 0; +} + +static int route_add_internal(Link *link, Set **routes, + int family, + union in_addr_union *dst, + unsigned char dst_prefixlen, + unsigned char tos, + uint32_t priority, + unsigned char table, Route **ret) { + _cleanup_route_free_ Route *route = NULL; + int r; + + assert(link); + assert(routes); + assert(dst); + + r = route_new(&route); + if (r < 0) + return r; + + route->family = family; + route->dst = *dst; + route->dst_prefixlen = dst_prefixlen; + route->tos = tos; + route->priority = priority; + route->table = table; + + r = set_ensure_allocated(routes, &route_hash_ops); + if (r < 0) + return r; + + r = set_put(*routes, route); + if (r < 0) + return r; + + route->link = link; + + if (ret) + *ret = route; + + route = NULL; + + return 0; +} + +int route_add_foreign(Link *link, + int family, + union in_addr_union *dst, + unsigned char dst_prefixlen, + unsigned char tos, + uint32_t priority, + unsigned char table, Route **ret) { + return route_add_internal(link, &link->routes_foreign, family, dst, dst_prefixlen, tos, priority, table, ret); +} + +int route_add(Link *link, + int family, + union in_addr_union *dst, + unsigned char dst_prefixlen, + unsigned char tos, + uint32_t priority, + unsigned char table, Route **ret) { + Route *route; + int r; + + r = route_get(link, family, dst, dst_prefixlen, tos, priority, table, &route); + if (r == -ENOENT) { + /* Route does not exist, create a new one */ + r = route_add_internal(link, &link->routes, family, dst, dst_prefixlen, tos, priority, table, &route); + if (r < 0) + return r; + } else if (r == 0) { + /* Take over a foreign route */ + r = set_ensure_allocated(&link->routes, &route_hash_ops); + if (r < 0) + return r; + + r = set_put(link->routes, route); + if (r < 0) + return r; + + set_remove(link->routes_foreign, route); + } else if (r == 1) { + /* Route exists, do nothing */ + ; + } else + return r; + + *ret = route; + + return 0; +} + +int route_update(Route *route, + union in_addr_union *src, + unsigned char src_prefixlen, + union in_addr_union *gw, + union in_addr_union *prefsrc, + unsigned char scope, + unsigned char protocol) { + assert(route); + assert(src); + assert(gw); + assert(prefsrc); + + route->src = *src; + route->src_prefixlen = src_prefixlen; + route->gw = *gw; + route->prefsrc = *prefsrc; + route->scope = scope; + route->protocol = protocol; + + return 0; +} + +void route_drop(Route *route) { + assert(route); + + route_free(route); +} + int route_remove(Route *route, Link *link, sd_netlink_message_handler_t callback) { _cleanup_netlink_message_unref_ sd_netlink_message *req = NULL; @@ -184,20 +349,20 @@ int route_remove(Route *route, Link *link, if (r < 0) return log_error_errno(r, "Could not create RTM_DELROUTE message: %m"); - if (!in_addr_is_null(route->family, &route->in_addr)) { + if (!in_addr_is_null(route->family, &route->gw)) { if (route->family == AF_INET) - r = sd_netlink_message_append_in_addr(req, RTA_GATEWAY, &route->in_addr.in); + r = sd_netlink_message_append_in_addr(req, RTA_GATEWAY, &route->gw.in); else if (route->family == AF_INET6) - r = sd_netlink_message_append_in6_addr(req, RTA_GATEWAY, &route->in_addr.in6); + r = sd_netlink_message_append_in6_addr(req, RTA_GATEWAY, &route->gw.in6); if (r < 0) return log_error_errno(r, "Could not append RTA_GATEWAY attribute: %m"); } if (route->dst_prefixlen) { if (route->family == AF_INET) - r = sd_netlink_message_append_in_addr(req, RTA_DST, &route->dst_addr.in); + r = sd_netlink_message_append_in_addr(req, RTA_DST, &route->dst.in); else if (route->family == AF_INET6) - r = sd_netlink_message_append_in6_addr(req, RTA_DST, &route->dst_addr.in6); + r = sd_netlink_message_append_in6_addr(req, RTA_DST, &route->dst.in6); if (r < 0) return log_error_errno(r, "Could not append RTA_DST attribute: %m"); @@ -208,9 +373,9 @@ int route_remove(Route *route, Link *link, if (route->src_prefixlen) { if (route->family == AF_INET) - r = sd_netlink_message_append_in_addr(req, RTA_SRC, &route->src_addr.in); + r = sd_netlink_message_append_in_addr(req, RTA_SRC, &route->src.in); else if (route->family == AF_INET6) - r = sd_netlink_message_append_in6_addr(req, RTA_SRC, &route->src_addr.in6); + r = sd_netlink_message_append_in6_addr(req, RTA_SRC, &route->src.in6); if (r < 0) return log_error_errno(r, "Could not append RTA_DST attribute: %m"); @@ -219,11 +384,11 @@ int route_remove(Route *route, Link *link, return log_error_errno(r, "Could not set source prefix length: %m"); } - if (!in_addr_is_null(route->family, &route->prefsrc_addr)) { + if (!in_addr_is_null(route->family, &route->prefsrc)) { if (route->family == AF_INET) - r = sd_netlink_message_append_in_addr(req, RTA_PREFSRC, &route->prefsrc_addr.in); + r = sd_netlink_message_append_in_addr(req, RTA_PREFSRC, &route->prefsrc.in); else if (route->family == AF_INET6) - r = sd_netlink_message_append_in6_addr(req, RTA_PREFSRC, &route->prefsrc_addr.in6); + r = sd_netlink_message_append_in6_addr(req, RTA_PREFSRC, &route->prefsrc.in6); if (r < 0) return log_error_errno(r, "Could not append RTA_PREFSRC attribute: %m"); } @@ -232,7 +397,7 @@ int route_remove(Route *route, Link *link, if (r < 0) return log_error_errno(r, "Could not set scope: %m"); - r = sd_netlink_message_append_u32(req, RTA_PRIORITY, route->metrics); + r = sd_netlink_message_append_u32(req, RTA_PRIORITY, route->priority); if (r < 0) return log_error_errno(r, "Could not append RTA_PRIORITY attribute: %m"); @@ -249,9 +414,24 @@ int route_remove(Route *route, Link *link, return 0; } +int route_expire_handler(sd_event_source *s, uint64_t usec, void *userdata) { + Route *route = userdata; + int r; + + assert(route); + + r = route_remove(route, route->link, NULL); + if (r < 0) + log_warning_errno(r, "Could not remove route: %m"); + + return 1; +} + int route_configure(Route *route, Link *link, sd_netlink_message_handler_t callback) { _cleanup_netlink_message_unref_ sd_netlink_message *req = NULL; + _cleanup_event_source_unref_ sd_event_source *expire = NULL; + usec_t lifetime; int r; assert(link); @@ -266,20 +446,20 @@ int route_configure(Route *route, Link *link, if (r < 0) return log_error_errno(r, "Could not create RTM_NEWROUTE message: %m"); - if (!in_addr_is_null(route->family, &route->in_addr)) { + if (!in_addr_is_null(route->family, &route->gw)) { if (route->family == AF_INET) - r = sd_netlink_message_append_in_addr(req, RTA_GATEWAY, &route->in_addr.in); + r = sd_netlink_message_append_in_addr(req, RTA_GATEWAY, &route->gw.in); else if (route->family == AF_INET6) - r = sd_netlink_message_append_in6_addr(req, RTA_GATEWAY, &route->in_addr.in6); + r = sd_netlink_message_append_in6_addr(req, RTA_GATEWAY, &route->gw.in6); if (r < 0) return log_error_errno(r, "Could not append RTA_GATEWAY attribute: %m"); } if (route->dst_prefixlen) { if (route->family == AF_INET) - r = sd_netlink_message_append_in_addr(req, RTA_DST, &route->dst_addr.in); + r = sd_netlink_message_append_in_addr(req, RTA_DST, &route->dst.in); else if (route->family == AF_INET6) - r = sd_netlink_message_append_in6_addr(req, RTA_DST, &route->dst_addr.in6); + r = sd_netlink_message_append_in6_addr(req, RTA_DST, &route->dst.in6); if (r < 0) return log_error_errno(r, "Could not append RTA_DST attribute: %m"); @@ -290,9 +470,9 @@ int route_configure(Route *route, Link *link, if (route->src_prefixlen) { if (route->family == AF_INET) - r = sd_netlink_message_append_in_addr(req, RTA_SRC, &route->src_addr.in); + r = sd_netlink_message_append_in_addr(req, RTA_SRC, &route->src.in); else if (route->family == AF_INET6) - r = sd_netlink_message_append_in6_addr(req, RTA_SRC, &route->src_addr.in6); + r = sd_netlink_message_append_in6_addr(req, RTA_SRC, &route->src.in6); if (r < 0) return log_error_errno(r, "Could not append RTA_SRC attribute: %m"); @@ -301,11 +481,11 @@ int route_configure(Route *route, Link *link, return log_error_errno(r, "Could not set source prefix length: %m"); } - if (!in_addr_is_null(route->family, &route->prefsrc_addr)) { + if (!in_addr_is_null(route->family, &route->prefsrc)) { if (route->family == AF_INET) - r = sd_netlink_message_append_in_addr(req, RTA_PREFSRC, &route->prefsrc_addr.in); + r = sd_netlink_message_append_in_addr(req, RTA_PREFSRC, &route->prefsrc.in); else if (route->family == AF_INET6) - r = sd_netlink_message_append_in6_addr(req, RTA_PREFSRC, &route->prefsrc_addr.in6); + r = sd_netlink_message_append_in6_addr(req, RTA_PREFSRC, &route->prefsrc.in6); if (r < 0) return log_error_errno(r, "Could not append RTA_PREFSRC attribute: %m"); } @@ -314,7 +494,7 @@ int route_configure(Route *route, Link *link, if (r < 0) return log_error_errno(r, "Could not set scope: %m"); - r = sd_netlink_message_append_u32(req, RTA_PRIORITY, route->metrics); + r = sd_netlink_message_append_u32(req, RTA_PRIORITY, route->priority); if (r < 0) return log_error_errno(r, "Could not append RTA_PRIORITY attribute: %m"); @@ -328,6 +508,26 @@ int route_configure(Route *route, Link *link, link_ref(link); + lifetime = route->lifetime; + + r = route_add(link, route->family, &route->dst, route->dst_prefixlen, route->tos, route->priority, route->table, &route); + if (r < 0) + return log_error_errno(r, "Could not add route: %m"); + + /* TODO: drop expiration handling once it can be pushed into the kernel */ + route->lifetime = lifetime; + + if (route->lifetime != USEC_INFINITY) { + r = sd_event_add_time(link->manager->event, &expire, clock_boottime_or_monotonic(), + route->lifetime, 0, route_expire_handler, route); + if (r < 0) + return log_error_errno(r, "Could not arm expiration timer: %m"); + } + + sd_event_source_unref(route->expire); + route->expire = expire; + expire = NULL; + return 0; } @@ -370,7 +570,7 @@ int config_parse_gateway(const char *unit, } n->family = f; - n->in_addr = buffer; + n->gw = buffer; n = NULL; return 0; @@ -410,7 +610,7 @@ int config_parse_preferred_src(const char *unit, } n->family = f; - n->prefsrc_addr = buffer; + n->prefsrc = buffer; n = NULL; return 0; @@ -484,10 +684,10 @@ int config_parse_destination(const char *unit, n->family = f; if (streq(lvalue, "Destination")) { - n->dst_addr = buffer; + n->dst = buffer; n->dst_prefixlen = prefixlen; } else if (streq(lvalue, "Source")) { - n->src_addr = buffer; + n->src = buffer; n->src_prefixlen = prefixlen; } else assert_not_reached(lvalue); @@ -521,9 +721,9 @@ int config_parse_route_priority(const char *unit, if (r < 0) return r; - r = config_parse_unsigned(unit, filename, line, section, - section_line, lvalue, ltype, - rvalue, &n->metrics, userdata); + r = config_parse_uint32(unit, filename, line, section, + section_line, lvalue, ltype, + rvalue, &n->priority, userdata); if (r < 0) return r; diff --git a/src/network/networkd-route.h b/src/network/networkd-route.h index c9972e4933..d0a51838ed 100644 --- a/src/network/networkd-route.h +++ b/src/network/networkd-route.h @@ -30,20 +30,24 @@ struct Route { Network *network; unsigned section; + Link *link; + int family; unsigned char dst_prefixlen; unsigned char src_prefixlen; unsigned char scope; - uint32_t metrics; unsigned char protocol; /* RTPROT_* */ unsigned char tos; - unsigned char priority; + uint32_t priority; /* note that ip(8) calls this 'metric' */ unsigned char table; - union in_addr_union in_addr; - union in_addr_union dst_addr; - union in_addr_union src_addr; - union in_addr_union prefsrc_addr; + union in_addr_union gw; + union in_addr_union dst; + union in_addr_union src; + union in_addr_union prefsrc; + + usec_t lifetime; + sd_event_source *expire; LIST_FIELDS(Route, routes); }; @@ -54,6 +58,14 @@ void route_free(Route *route); int route_configure(Route *route, Link *link, sd_netlink_message_handler_t callback); int route_remove(Route *route, Link *link, sd_netlink_message_handler_t callback); +int route_get(Link *link, int family, union in_addr_union *dst, unsigned char dst_prefixlen, unsigned char tos, uint32_t priority, unsigned char table, Route **ret); +int route_add(Link *link, int family, union in_addr_union *dst, unsigned char dst_prefixlen, unsigned char tos, uint32_t priority, unsigned char table, Route **ret); +int route_add_foreign(Link *link, int family, union in_addr_union *dst, unsigned char dst_prefixlen, unsigned char tos, uint32_t priority, unsigned char table, Route **ret); +int route_update(Route *route, union in_addr_union *src, unsigned char src_prefixlen, union in_addr_union *gw, union in_addr_union *prefsrc, unsigned char scope, unsigned char protocol); +void route_drop(Route *route); + +int route_expire_handler(sd_event_source *s, uint64_t usec, void *userdata); + DEFINE_TRIVIAL_CLEANUP_FUNC(Route*, route_free); #define _cleanup_route_free_ _cleanup_(route_freep) diff --git a/src/network/networkd-util.c b/src/network/networkd-util.c index 17165266ef..df091393f6 100644 --- a/src/network/networkd-util.c +++ b/src/network/networkd-util.c @@ -84,7 +84,7 @@ int config_parse_address_family_boolean_with_kernel( if (streq(rvalue, "kernel")) s = _ADDRESS_FAMILY_BOOLEAN_INVALID; else { - log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IPForwarding= option, ignoring: %s", rvalue); + log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IPForward= option, ignoring: %s", rvalue); return 0; } } diff --git a/src/network/networkd.c b/src/network/networkd.c index c03ac69e27..ef394e0c04 100644 --- a/src/network/networkd.c +++ b/src/network/networkd.c @@ -109,6 +109,12 @@ int main(int argc, char *argv[]) { goto out; } + r = manager_rtnl_enumerate_routes(m); + if (r < 0) { + log_error_errno(r, "Could not enumerate routes: %m"); + goto out; + } + log_info("Enumeration completed"); sd_notify(false, diff --git a/src/network/networkd.h b/src/network/networkd.h index 6c5a9939be..97665fac7a 100644 --- a/src/network/networkd.h +++ b/src/network/networkd.h @@ -82,8 +82,10 @@ bool manager_should_reload(Manager *m); int manager_rtnl_enumerate_links(Manager *m); int manager_rtnl_enumerate_addresses(Manager *m); +int manager_rtnl_enumerate_routes(Manager *m); int manager_rtnl_process_address(sd_netlink *nl, sd_netlink_message *message, void *userdata); +int manager_rtnl_process_route(sd_netlink *nl, sd_netlink_message *message, void *userdata); int manager_send_changed(Manager *m, const char *property, ...) _sentinel_; void manager_dirty(Manager *m); diff --git a/src/nspawn/nspawn-register.c b/src/nspawn/nspawn-register.c index 7139ad9958..374f958c20 100644 --- a/src/nspawn/nspawn-register.c +++ b/src/nspawn/nspawn-register.c @@ -39,7 +39,8 @@ int register_machine( unsigned n_mounts, int kill_signal, char **properties, - bool keep_unit) { + bool keep_unit, + const char *service) { _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; _cleanup_bus_flush_close_unref_ sd_bus *bus = NULL; @@ -61,7 +62,7 @@ int register_machine( "sayssusai", machine_name, SD_BUS_MESSAGE_APPEND_ID128(uuid), - "nspawn", + service, "container", (uint32_t) pid, strempty(directory), @@ -86,7 +87,7 @@ int register_machine( "sayssusai", machine_name, SD_BUS_MESSAGE_APPEND_ID128(uuid), - "nspawn", + service, "container", (uint32_t) pid, strempty(directory), diff --git a/src/nspawn/nspawn-register.h b/src/nspawn/nspawn-register.h index b27841ff59..d3bfd84e5e 100644 --- a/src/nspawn/nspawn-register.h +++ b/src/nspawn/nspawn-register.h @@ -27,5 +27,5 @@ #include "nspawn-mount.h" -int register_machine(const char *machine_name, pid_t pid, const char *directory, sd_id128_t uuid, int local_ifindex, const char *slice, CustomMount *mounts, unsigned n_mounts, int kill_signal, char **properties, bool keep_unit); +int register_machine(const char *machine_name, pid_t pid, const char *directory, sd_id128_t uuid, int local_ifindex, const char *slice, CustomMount *mounts, unsigned n_mounts, int kill_signal, char **properties, bool keep_unit, const char *service); int terminate_machine(pid_t pid); diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index ff12ca6498..762c3be3de 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -178,6 +178,7 @@ static bool arg_unified_cgroup_hierarchy = false; static SettingsMask arg_settings_mask = 0; static int arg_settings_trusted = -1; static char **arg_parameters = NULL; +static const char *arg_container_service_name = "systemd-nspawn"; static void help(void) { printf("%s [OPTIONS...] [PATH] [ARGUMENTS...]\n\n" @@ -209,10 +210,10 @@ static void help(void) { " --network-ipvlan=INTERFACE\n" " Create a ipvlan network interface based on an\n" " existing network interface to the container\n" - " -n --network-veth Add a virtual ethernet connection between host\n" + " -n --network-veth Add a virtual Ethernet connection between host\n" " and container\n" " --network-bridge=INTERFACE\n" - " Add a virtual ethernet connection between host\n" + " Add a virtual Ethernet connection between host\n" " and container and add it to an existing bridge on\n" " the host\n" " -p --port=[PROTOCOL:]HOSTPORT[:CONTAINERPORT]\n" @@ -387,7 +388,7 @@ static int parse_argv(int argc, char *argv[]) { }; int c, r; - const char *p; + const char *p, *e; uint64_t plus = 0, minus = 0; bool mask_all_settings = false, mask_no_settings = false; @@ -909,6 +910,10 @@ static int parse_argv(int argc, char *argv[]) { if (r < 0) return r; + e = getenv("SYSTEMD_NSPAWN_CONTAINER_SERVICE"); + if (e) + arg_container_service_name = e; + return 1; } @@ -2404,10 +2409,10 @@ static int inner_child( FDSet *fds) { _cleanup_free_ char *home = NULL; - unsigned n_env = 2; + unsigned n_env = 1; const char *envp[] = { "PATH=" DEFAULT_PATH_SPLIT_USR, - "container=systemd-nspawn", /* LXC sets container=lxc, so follow the scheme here */ + NULL, /* container */ NULL, /* TERM */ NULL, /* HOME */ NULL, /* USER */ @@ -2508,6 +2513,9 @@ static int inner_child( if (r < 0) return r; + /* LXC sets container=lxc, so follow the scheme here */ + envp[n_env++] = strjoina("container=", arg_container_service_name); + envp[n_env] = strv_find_prefix(environ, "TERM="); if (envp[n_env]) n_env ++; @@ -2828,7 +2836,7 @@ static int load_settings(void) { p = j; j = NULL; - /* By default we trust configuration from /etc and /run */ + /* By default, we trust configuration from /etc and /run */ if (arg_settings_trusted < 0) arg_settings_trusted = true; @@ -2858,7 +2866,7 @@ static int load_settings(void) { if (!f && errno != ENOENT) return log_error_errno(errno, "Failed to open %s: %m", p); - /* By default we do not trust configuration from /var/lib/machines */ + /* By default, we do not trust configuration from /var/lib/machines */ if (arg_settings_trusted < 0) arg_settings_trusted = false; } @@ -3426,7 +3434,8 @@ int main(int argc, char *argv[]) { arg_custom_mounts, arg_n_custom_mounts, arg_kill_signal, arg_property, - arg_keep_unit); + arg_keep_unit, + arg_container_service_name); if (r < 0) goto finish; } diff --git a/src/resolve/resolved-conf.c b/src/resolve/resolved-conf.c index c9919ced67..de1bd26174 100644 --- a/src/resolve/resolved-conf.c +++ b/src/resolve/resolved-conf.c @@ -21,6 +21,7 @@ #include "alloc-util.h" #include "conf-parser.h" +#include "def.h" #include "extract-word.h" #include "parse-util.h" #include "resolved-conf.h" @@ -96,7 +97,7 @@ int config_parse_dnsv( /* Empty assignment means clear the list */ manager_flush_dns_servers(m, ltype); else { - /* Otherwise add to the list */ + /* Otherwise, add to the list */ r = manager_parse_dns_server(m, ltype, rvalue); if (r < 0) { log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse DNS server string '%s'. Ignoring.", rvalue); diff --git a/src/shared/machine-pool.c b/src/shared/machine-pool.c index 60b1b3092d..4172a63fd0 100644 --- a/src/shared/machine-pool.c +++ b/src/shared/machine-pool.c @@ -378,7 +378,7 @@ int grow_machine_directory(void) { if (b.f_bavail > b.f_blocks / 3) return 0; - /* Calculate how much we are willing to add at maximum */ + /* Calculate how much we are willing to add at most */ max_add = ((uint64_t) a.f_bavail * (uint64_t) a.f_bsize) - VAR_LIB_MACHINES_FREE_MIN; /* Calculate the old size */ diff --git a/src/shared/sleep-config.c b/src/shared/sleep-config.c index bbbb3460d4..102c5cc992 100644 --- a/src/shared/sleep-config.c +++ b/src/shared/sleep-config.c @@ -23,14 +23,15 @@ #include "alloc-util.h" #include "conf-parser.h" +#include "def.h" #include "fd-util.h" #include "fileio.h" #include "log.h" +#include "parse-util.h" #include "sleep-config.h" #include "string-util.h" #include "strv.h" #include "util.h" -#include "parse-util.h" #define USE(x, y) do{ (x) = (y); (y) = NULL; } while(0) diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c index 5e15dfba53..24cfe58cd6 100644 --- a/src/sysctl/sysctl.c +++ b/src/sysctl/sysctl.c @@ -28,6 +28,7 @@ #include <string.h> #include "conf-files.h" +#include "def.h" #include "fd-util.h" #include "fileio.h" #include "hashmap.h" diff --git a/src/systemd/sd-pppoe.h b/src/systemd/sd-pppoe.h deleted file mode 100644 index 80d9fc2862..0000000000 --- a/src/systemd/sd-pppoe.h +++ /dev/null @@ -1,55 +0,0 @@ -/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ - -#ifndef foosdpppoefoo -#define foosdpppoefoo - -/*** - This file is part of systemd. - - Copyright (C) 2014 Tom Gundersen - - systemd is free software; you can redistribute it and/or modify it - under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - systemd is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with systemd; If not, see <http://www.gnu.org/licenses/>. -***/ - -#include <net/ethernet.h> - -#include "sd-event.h" -#include "_sd-common.h" - -_SD_BEGIN_DECLARATIONS; - -enum { - SD_PPPOE_EVENT_RUNNING = 0, - SD_PPPOE_EVENT_STOPPED = 1, -}; - -typedef struct sd_pppoe sd_pppoe; -typedef void (*sd_pppoe_cb_t)(sd_pppoe *ppp, int event, void *userdata); - -int sd_pppoe_detach_event(sd_pppoe *ppp); -int sd_pppoe_attach_event(sd_pppoe *ppp, sd_event *event, int priority); -int sd_pppoe_get_channel(sd_pppoe *ppp, int *channel); -int sd_pppoe_set_callback(sd_pppoe *ppp, sd_pppoe_cb_t cb, void *userdata); -int sd_pppoe_set_ifindex(sd_pppoe *ppp, int ifindex); -int sd_pppoe_set_ifname(sd_pppoe *ppp, const char *ifname); -int sd_pppoe_set_service_name(sd_pppoe *ppp, const char *service_name); -int sd_pppoe_start(sd_pppoe *ppp); -int sd_pppoe_stop(sd_pppoe *ppp); -sd_pppoe *sd_pppoe_ref(sd_pppoe *ppp); -sd_pppoe *sd_pppoe_unref(sd_pppoe *ppp); -int sd_pppoe_new (sd_pppoe **ret); - -_SD_END_DECLARATIONS; - -#endif diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index 36d310b4c4..008b1bde24 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -29,6 +29,8 @@ #include "alloc-util.h" #include "conf-files.h" #include "copy.h" +#include "def.h" +#include "fd-util.h" #include "fileio-label.h" #include "formats-util.h" #include "hashmap.h" @@ -39,10 +41,9 @@ #include "string-util.h" #include "strv.h" #include "uid-range.h" +#include "user-util.h" #include "utf8.h" #include "util.h" -#include "fd-util.h" -#include "user-util.h" typedef enum ItemType { ADD_USER = 'u', @@ -942,7 +943,7 @@ static int add_user(Item *i) { } } - /* Otherwise try to reuse the group ID */ + /* Otherwise, try to reuse the group ID */ if (!i->uid_set && i->gid_set) { r = uid_is_ok((uid_t) i->gid, i->name); if (r < 0) diff --git a/src/test/test-udev.c b/src/test/test-udev.c index 219d659b41..9cc64f7c68 100644 --- a/src/test/test-udev.c +++ b/src/test/test-udev.c @@ -44,7 +44,7 @@ static int fake_filesystems(void) { { "test/dev", "/dev", "failed to mount test /dev" }, { "test/run", "/run", "failed to mount test /run" }, { "test/run", "/etc/udev/rules.d", "failed to mount empty /etc/udev/rules.d" }, - { "test/run", "/usr/lib/udev/rules.d", "failed to mount empty /usr/lib/udev/rules.d" }, + { "test/run", UDEVLIBEXECDIR "/rules.d","failed to mount empty " UDEVLIBEXECDIR "/rules.d" }, }; unsigned int i; int err; @@ -66,7 +66,7 @@ static int fake_filesystems(void) { err = mount(fakefss[i].src, fakefss[i].target, NULL, MS_BIND, NULL); if (err < 0) { err = -errno; - fprintf(stderr, "%s %m", fakefss[i].error); + fprintf(stderr, "%s %m\n", fakefss[i].error); return err; } } diff --git a/src/timesync/timesyncd-conf.c b/src/timesync/timesyncd-conf.c index be651fc636..001a0f4d41 100644 --- a/src/timesync/timesyncd-conf.c +++ b/src/timesync/timesyncd-conf.c @@ -20,11 +20,12 @@ ***/ #include "alloc-util.h" +#include "def.h" +#include "extract-word.h" #include "string-util.h" +#include "timesyncd-conf.h" #include "timesyncd-manager.h" #include "timesyncd-server.h" -#include "timesyncd-conf.h" -#include "extract-word.h" int manager_parse_server_string(Manager *m, ServerType type, const char *string) { ServerName *first; diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c index 45335425ce..ffae91a3ca 100644 --- a/src/tmpfiles/tmpfiles.c +++ b/src/tmpfiles/tmpfiles.c @@ -45,6 +45,7 @@ #include "chattr-util.h" #include "conf-files.h" #include "copy.h" +#include "def.h" #include "escape.h" #include "fd-util.h" #include "fileio.h" diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c index ef9c398e59..bf5c9c6b77 100644 --- a/src/udev/udev-builtin-net_id.c +++ b/src/udev/udev-builtin-net_id.c @@ -27,7 +27,7 @@ * http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames * * Two character prefixes based on the type of interface: - * en -- ethernet + * en -- Ethernet * sl -- serial line IP (slip) * wl -- wlan * ww -- wwan @@ -53,17 +53,17 @@ * exported. * The usual USB configuration == 1 and interface == 0 values are suppressed. * - * PCI ethernet card with firmware index "1": + * PCI Ethernet card with firmware index "1": * ID_NET_NAME_ONBOARD=eno1 * ID_NET_NAME_ONBOARD_LABEL=Ethernet Port 1 * - * PCI ethernet card in hotplug slot with firmware index number: + * PCI Ethernet card in hotplug slot with firmware index number: * /sys/devices/pci0000:00/0000:00:1c.3/0000:05:00.0/net/ens1 * ID_NET_NAME_MAC=enx000000000466 * ID_NET_NAME_PATH=enp5s0 * ID_NET_NAME_SLOT=ens1 * - * PCI ethernet multi-function card with 2 ports: + * PCI Ethernet multi-function card with 2 ports: * /sys/devices/pci0000:00/0000:00:1c.0/0000:02:00.0/net/enp2s0f0 * ID_NET_NAME_MAC=enx78e7d1ea46da * ID_NET_NAME_PATH=enp2s0f0 diff --git a/test/TEST-03-JOBS/test-jobs.sh b/test/TEST-03-JOBS/test-jobs.sh index 6f32c240cd..42d475fe2f 100755 --- a/test/TEST-03-JOBS/test-jobs.sh +++ b/test/TEST-03-JOBS/test-jobs.sh @@ -23,7 +23,7 @@ grep 'sleep\.service.*running' /root/list-jobs.txt || exit 1 grep 'hello\.service' /root/list-jobs.txt && exit 1 systemctl stop sleep.service hello-after-sleep.target || exit 1 -# Test for a crash when enqueueing a JOB_NOP when other job already exists +# Test for a crash when enqueuing a JOB_NOP when other job already exists systemctl start --no-block hello-after-sleep.target || exit 1 # hello.service should still be waiting, so these try-restarts will collapse # into NOPs. diff --git a/test/test-execute/exec-systemcallerrornumber.service b/test/test-execute/exec-systemcallerrornumber.service index 255a8b231a..b11a952bd6 100644 --- a/test/test-execute/exec-systemcallerrornumber.service +++ b/test/test-execute/exec-systemcallerrornumber.service @@ -2,6 +2,6 @@ Description=Test for SystemCallErrorNumber [Service] -ExecStart=/usr/bin/uname -a +ExecStart=/bin/sh -c 'uname -a' SystemCallFilter=~uname SystemCallErrorNumber=EACCES diff --git a/test/test-functions b/test/test-functions index 8272e52e17..ab77576573 100644 --- a/test/test-functions +++ b/test/test-functions @@ -260,7 +260,7 @@ install_dbus() { inst $ROOTLIBDIR/system/dbus.service find \ - /etc/dbus-1 -xtype f \ + /etc/dbus-1 /usr/share/dbus-1 -xtype f \ | while read file; do inst $file done diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in index 2552102bfc..41bfde5be3 100644 --- a/units/systemd-journald.service.in +++ b/units/systemd-journald.service.in @@ -22,6 +22,7 @@ RestartSec=0 NotifyAccess=all StandardOutput=null CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE +WatchdogSec=3min FileDescriptorStoreMax=1024 # Increase the default a bit in order to allow many simultaneous diff --git a/units/systemd-networkd.socket b/units/systemd-networkd.socket index 2c20935d83..9e4e9dd338 100644 --- a/units/systemd-networkd.socket +++ b/units/systemd-networkd.socket @@ -14,7 +14,7 @@ Before=sockets.target [Socket] ReceiveBuffer=8M -ListenNetlink=route 273 +ListenNetlink=route 1361 PassCredentials=yes [Install] |