summaryrefslogtreecommitdiff
path: root/man
diff options
context:
space:
mode:
Diffstat (limited to 'man')
-rw-r--r--man/journalctl.xml4
-rw-r--r--man/machinectl.xml18
-rw-r--r--man/systemctl.xml62
-rw-r--r--man/systemd-ask-password.xml43
-rw-r--r--man/systemd-firstboot.xml4
-rw-r--r--man/systemd-fsck@.service.xml8
-rw-r--r--man/systemd-resolved.service.xml5
-rw-r--r--man/systemd-run.xml7
-rw-r--r--man/systemd-socket-proxyd.xml2
-rw-r--r--man/systemd-tty-ask-password-agent.xml10
-rw-r--r--man/systemd.exec.xml46
-rw-r--r--man/systemd.netdev.xml46
-rw-r--r--man/systemd.network.xml16
-rw-r--r--man/systemd.service.xml14
-rw-r--r--man/systemd.socket.xml8
15 files changed, 219 insertions, 74 deletions
diff --git a/man/journalctl.xml b/man/journalctl.xml
index 4282424212..eacba048bc 100644
--- a/man/journalctl.xml
+++ b/man/journalctl.xml
@@ -925,7 +925,9 @@
<citerefentry><refentrytitle>coredumpctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
<citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+ <citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd-journal-remote</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd-journal-upload</refentrytitle><manvolnum>8</manvolnum></citerefentry>
</para>
</refsect1>
</refentry>
diff --git a/man/machinectl.xml b/man/machinectl.xml
index 8bebdcf9a1..38cf919a78 100644
--- a/man/machinectl.xml
+++ b/man/machinectl.xml
@@ -428,6 +428,9 @@
user may be selected. Use <option>--setenv=</option> to set
environment variables for the executed process.</para>
+ <para>Note that <command>machinectl shell</command> does not propagate the exit code/status of the invoked
+ shell process. Use <command>systemd-run</command> instead if that information is required (see below).</para>
+
<para>When using the <command>shell</command> command without
arguments, (thus invoking the executed shell or command on the
local host), it is in many ways similar to a <citerefentry
@@ -440,12 +443,15 @@
environment variables or resource limits, among other
properties.</para>
- <para>Note that
- <citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>
- may be used in place of the <command>shell</command> command,
- and allows more detailed, low-level configuration of the
- invoked unit. However, it is frequently more privileged than
- the <command>shell</command> command.</para></listitem>
+ <para>Note that <citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+ with its <option>--machine=</option> switch may be used in place of the <command>machinectl shell</command>
+ command, and allows non-interactive operation, more detailed and low-level configuration of the invoked unit,
+ as well as access to runtime and exit code/status information of the invoked shell process. In particular, use
+ <command>systemd-run</command>'s <option>--wait</option> switch to propagate exit status information of the
+ invoked process. Use <command>systemd-run</command>'s <option>--pty</option> switch for acquiring an
+ interactive shell, similar to <command>machinectl shell</command>. In general, <command>systemd-run</command>
+ is preferable for scripting purposes. However, note that <command>systemd-run</command> might require higher
+ privileges than <command>machinectl shell</command>.</para></listitem>
</varlistentry>
<varlistentry>
diff --git a/man/systemctl.xml b/man/systemctl.xml
index acf975138a..391e5dfe9c 100644
--- a/man/systemctl.xml
+++ b/man/systemctl.xml
@@ -760,18 +760,18 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service
<term><command>restart <replaceable>PATTERN</replaceable>…</command></term>
<listitem>
- <para>Restart one or more units specified on the command
- line. If the units are not running yet, they will be
- started.</para>
+ <para>Stop and then start one or more units specified on the
+ command line. If the units are not running yet, they will
+ be started.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>try-restart <replaceable>PATTERN</replaceable>…</command></term>
<listitem>
- <para>Restart one or more units specified on the command
- line if the units are running. This does nothing if units are not
- running.</para>
+ <para>Stop and then start one or more units specified on the
+ command line if the units are running. This does nothing
+ if units are not running.</para>
<!-- Note that we don't document condrestart here, as that is just compatibility support, and we generally
don't document that. -->
</listitem>
@@ -876,6 +876,56 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service
a similar filter for messages and might be more
convenient.
</para>
+
+ <para>Systemd implicitly loads units as necessary, so just running the <command>status</command> will
+ attempt to load a file. The command is thus not useful for determining if something was already loaded or
+ not. The units may possibly also be quickly unloaded after the operation is completed if there's no reason
+ to keep it in memory thereafter.
+ </para>
+
+ <example>
+ <title>Example output from systemctl status </title>
+
+ <programlisting>$ systemctl status bluetooth
+● bluetooth.service - Bluetooth service
+ Loaded: loaded (/lib/systemd/system/bluetooth.service; enabled; vendor preset: enabled)
+ Active: active (running) since Wed 2017-01-04 13:54:04 EST; 1 weeks 0 days ago
+ Docs: man:bluetoothd(8)
+ Main PID: 930 (bluetoothd)
+ Status: "Running"
+ Tasks: 1
+ Memory: 648.0K
+ CPU: 435ms
+ CGroup: /system.slice/bluetooth.service
+ └─930 /usr/lib/bluetooth/bluetoothd
+
+Jan 12 10:46:45 example.com bluetoothd[8900]: Not enough free handles to register service
+Jan 12 10:46:45 example.com.com bluetoothd[8900]: Current Time Service could not be registered
+Jan 12 10:46:45 example.com.com bluetoothd[8900]: gatt-time-server: Input/output error (5)
+</programlisting>
+
+ <para>The dot ("●") uses color on supported terminals to summarize the unit state at a glance. White
+ indicates an <literal>inactive</literal> or <literal>deactivating</literal> state. Red indicates a
+ <literal>failed</literal> or <literal>error</literal> state and green indicates an
+ <literal>active</literal>, <literal>reloading</literal> or <literal>activating</literal> state.
+ </para>
+
+ <para>The "Loaded:" line in the output will show <literal>loaded</literal> if the unit has been loaded into
+ memory. Other possible values for "Loaded:" include: <literal>error</literal> if there was a problem
+ loading it, <literal>not-found</literal>, and <literal>masked</literal>. Along with showing the path to
+ the unit file, this line will also show the enablement state. Enabled commands start at boot. See the
+ full table of possible enablement states — including the definition of <literal>masked</literal> — in the
+ documentation for the <command>is-enabled</command> command.
+ </para>
+
+ <para>The "Active:" line shows active state. The value is usually <literal>active</literal> or
+ <literal>inactive</literal>. Active could mean started, bound, plugged in, etc depending on the unit type.
+ The unit could also be in process of changing states, reporting a state of <literal>activating</literal> or
+ <literal>deactivating</literal>. A special <literal>failed</literal> state is entered when the service
+ failed in some way, such as a crash, exiting with an error code or timing out. If the failed state is
+ entered the cause will be logged for later reference.</para>
+ </example>
+
</listitem>
</varlistentry>
<varlistentry>
diff --git a/man/systemd-ask-password.xml b/man/systemd-ask-password.xml
index 2b6fb5a82f..8d3355819b 100644
--- a/man/systemd-ask-password.xml
+++ b/man/systemd-ask-password.xml
@@ -61,10 +61,9 @@
a system password or passphrase from the user, using a question
message specified on the command line. When run from a TTY it will
query a password on the TTY and print it to standard output. When
- run with no TTY or with <option>--no-tty</option> it will query
- the password system-wide and allow active users to respond via
- several agents. The latter is only available to privileged
- processes.</para>
+ run with no TTY or with <option>--no-tty</option> it will use the
+ system-wide query mechanism, which allows active users to respond via
+ several agents, listed below.</para>
<para>The purpose of this tool is to query system-wide passwords
— that is passwords not attached to a specific user account.
@@ -76,25 +75,38 @@
<itemizedlist>
<listitem><para>A boot-time password agent asking the user for
- passwords using Plymouth</para></listitem>
+ passwords using
+ <citerefentry project='die-net'><refentrytitle>plymouth</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ </para></listitem>
<listitem><para>A boot-time password agent querying the user
- directly on the console</para></listitem>
+ directly on the console —
+ <citerefentry><refentrytitle>systemd-ask-password-console.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ </para></listitem>
<listitem><para>An agent requesting password input via a
- <citerefentry
- project='man-pages'><refentrytitle>wall</refentrytitle><manvolnum>1</manvolnum></citerefentry>
- message</para></listitem>
-
- <listitem><para>A command line agent which can be started
- temporarily to process queued password
- requests</para></listitem>
+ <citerefentry project='man-pages'><refentrytitle>wall</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+ message —
+ <citerefentry><refentrytitle>systemd-ask-password-wall.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ </para></listitem>
<listitem><para>A TTY agent that is temporarily spawned during
<citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
- invocations</para></listitem>
+ invocations,</para></listitem>
+
+ <listitem><para>A command line agent which can be started
+ temporarily to process queued password
+ requests — <command>systemd-tty-ask-password-agent --query</command>.
+ </para></listitem>
</itemizedlist></para>
+ <para>Answering system-wide password queries is a privileged operation, hence
+ all the agents listed above (except for the last one), run as privileged
+ system services. The last one also needs elevated privileges, so
+ should be run through
+ <citerefentry project='die-net'><refentrytitle>sudo</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ or similar.</para>
+
<para>Additional password agents may be implemented according to
the <ulink
url="http://www.freedesktop.org/wiki/Software/systemd/PasswordAgents">systemd
@@ -217,7 +229,8 @@
<title>See Also</title>
<para>
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd-ask-password-console.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd-tty-ask-password</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry project='die-net'><refentrytitle>keyctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry project='die-net'><refentrytitle>plymouth</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>wall</refentrytitle><manvolnum>1</manvolnum></citerefentry>
diff --git a/man/systemd-firstboot.xml b/man/systemd-firstboot.xml
index 4e3b1a3a81..8cdc297a0e 100644
--- a/man/systemd-firstboot.xml
+++ b/man/systemd-firstboot.xml
@@ -247,8 +247,8 @@
<varlistentry>
<term><varname>systemd.firstboot=</varname></term>
- <listitem><para>Takes a boolean argument, defaults to on. If off <filename>systemd-firstboot.service</filename>
- won't interactively query the user for basic settings at first boot, even if if the settings are not
+ <listitem><para>Takes a boolean argument, defaults to on. If off, <filename>systemd-firstboot.service</filename>
+ won't interactively query the user for basic settings at first boot, even if those settings are not
initialized yet.</para></listitem>
</varlistentry>
</variablelist>
diff --git a/man/systemd-fsck@.service.xml b/man/systemd-fsck@.service.xml
index 933c3247ad..711e269016 100644
--- a/man/systemd-fsck@.service.xml
+++ b/man/systemd-fsck@.service.xml
@@ -88,8 +88,8 @@
<refsect1>
<title>Kernel Command Line</title>
- <para><filename>systemd-fsck</filename> understands one kernel
- command line parameter:</para>
+ <para><filename>systemd-fsck</filename> understands these kernel
+ command line parameters:</para>
<variablelist class='kernel-commandline-options'>
<varlistentry>
@@ -110,9 +110,9 @@
<listitem><para>One of <literal>preen</literal>,
<literal>yes</literal>, <literal>no</literal>. Controls the
- mode of operation. The default is <literal> preen</literal>,
+ mode of operation. The default is <literal>preen</literal>,
and will automatically repair problems that can be safely
- fixed. <literal>yes </literal> will answer yes to all
+ fixed. <literal>yes</literal> will answer yes to all
questions by fsck and <literal>no</literal> will answer no to
all questions. </para></listitem>
</varlistentry>
diff --git a/man/systemd-resolved.service.xml b/man/systemd-resolved.service.xml
index 56f67960ce..6465193cc5 100644
--- a/man/systemd-resolved.service.xml
+++ b/man/systemd-resolved.service.xml
@@ -116,8 +116,9 @@
current gateway, useful for referencing it independently of the
current network configuration state.</para></listitem>
- <listitem><para>The mappings defined in <filename>/etc/hosts</filename> are resolved to their configured
- addresses and back.</para></listitem>
+ <listitem><para>The mappings defined in <filename>/etc/hosts</filename> are resolved
+ to their configured addresses and back, but they will not affect lookups for
+ non-address types (like MX).</para></listitem>
</itemizedlist>
<para>Lookup requests are routed to the available DNS servers
diff --git a/man/systemd-run.xml b/man/systemd-run.xml
index 2ad8cb0835..8d881f15d6 100644
--- a/man/systemd-run.xml
+++ b/man/systemd-run.xml
@@ -221,7 +221,12 @@
<listitem><para>When invoking the command, the transient service connects its standard input and output to the
terminal <command>systemd-run</command> is invoked on, via a pseudo TTY device. This allows running binaries
- that expect interactive user input as services, such as interactive command shells.</para></listitem>
+ that expect interactive user input as services, such as interactive command shells.</para>
+
+ <para>Note that
+ <citerefentry><refentrytitle>machinectl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
+ <command>shell</command> command is usually a better alternative for requesting a new, interactive login
+ session on the local host or a local container.</para></listitem>
</varlistentry>
<varlistentry>
diff --git a/man/systemd-socket-proxyd.xml b/man/systemd-socket-proxyd.xml
index 74d9e1c124..a86b13daa8 100644
--- a/man/systemd-socket-proxyd.xml
+++ b/man/systemd-socket-proxyd.xml
@@ -86,7 +86,7 @@
<xi:include href="standard-options.xml" xpointer="help" />
<xi:include href="standard-options.xml" xpointer="version" />
<varlistentry>
- <term><option>--max-connections=</option></term>
+ <term><option>--connections-max=</option></term>
<term><option>-c</option></term>
<listitem><para>Sets the maximum number of simultaneous connections, defaults to 256.
diff --git a/man/systemd-tty-ask-password-agent.xml b/man/systemd-tty-ask-password-agent.xml
index 2876fab644..2e4b31be07 100644
--- a/man/systemd-tty-ask-password-agent.xml
+++ b/man/systemd-tty-ask-password-agent.xml
@@ -50,7 +50,9 @@
<refsynopsisdiv>
<cmdsynopsis>
- <command>systemd-tty-ask-password-agent <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="opt" rep="repeat">VARIABLE=VALUE</arg></command>
+ <command>systemd-tty-ask-password-agent</command>
+ <arg choice="opt" rep="repeat">OPTIONS</arg>
+ <arg choice="opt" rep="repeat">VARIABLE=VALUE</arg>
</cmdsynopsis>
</refsynopsisdiv>
@@ -65,8 +67,10 @@
<para><command>systemd-tty-ask-password-agent</command> implements
the <ulink url="http://www.freedesktop.org/wiki/Software/systemd/PasswordAgents">Password
- Agents Specification</ulink>.</para>
-
+ Agents Specification</ulink>, and is one of many possible response agents which
+ answer to queries formulated with
+ <citerefentry><refentrytitle>systemd-ask-password</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
+ </para>
</refsect1>
<refsect1>
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 812e615530..7bdac1c1d5 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -93,10 +93,10 @@
the specified paths. This is equivalent to having them listed
explicitly in <varname>RequiresMountsFor=</varname>.</para>
- <para>Similar, units with <varname>PrivateTmp=</varname> enabled
- automatically get mount unit dependencies for all mounts
- required to access <filename>/tmp</filename> and
- <filename>/var/tmp</filename>.</para>
+ <para>Similar, units with <varname>PrivateTmp=</varname> enabled automatically get mount unit dependencies for all
+ mounts required to access <filename>/tmp</filename> and <filename>/var/tmp</filename>. They will also gain an
+ automatic <varname>After=</varname> dependency on
+ <citerefentry><refentrytitle>systemd-tmpfiles-setup.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
<para>Units whose standard output or error output is connected to <option>journal</option>, <option>syslog</option>
or <option>kmsg</option> (or their combinations with console output, see below) automatically acquire dependencies
@@ -859,14 +859,17 @@
<varlistentry>
<term><varname>PAMName=</varname></term>
- <listitem><para>Sets the PAM service name to set up a session
- as. If set, the executed process will be registered as a PAM
- session under the specified service name. This is only useful
- in conjunction with the <varname>User=</varname> setting. If
- not set, no PAM session will be opened for the executed
- processes. See
- <citerefentry project='man-pages'><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- for details.</para></listitem>
+ <listitem><para>Sets the PAM service name to set up a session as. If set, the executed process will be
+ registered as a PAM session under the specified service name. This is only useful in conjunction with the
+ <varname>User=</varname> setting, and is otherwise ignored. If not set, no PAM session will be opened for the
+ executed processes. See <citerefentry
+ project='man-pages'><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry> for
+ details.</para>
+
+ <para>Note that for each unit making use of this option a PAM session handler process will be maintained as
+ part of the unit and stays around as long as the unit is active, to ensure that appropriate actions can be
+ taken when the unit and hence the PAM session terminates. This process is named <literal>(sd-pam)</literal> and
+ is an immediate child process of the unit's main process.</para></listitem>
</varlistentry>
<varlistentry>
@@ -1006,8 +1009,11 @@
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
details. This setting is implied if <varname>DynamicUser=</varname> is set. For this setting the same
restrictions regarding mount propagation and privileges apply as for <varname>ReadOnlyPaths=</varname> and
- related calls, see above.</para></listitem>
-
+ related calls, see above. Enabling this setting has the side effect of adding <varname>Requires=</varname> and
+ <varname>After=</varname> dependencies on all mount units necessary to access <filename>/tmp</filename> and
+ <filename>/var/tmp</filename>. Moreover an implicitly <varname>After=</varname> ordering on
+ <citerefentry><refentrytitle>systemd-tmpfiles-setup.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ is added.</para></listitem>
</varlistentry>
<varlistentry>
@@ -1173,12 +1179,16 @@
<listitem><para>Takes a mount propagation flag: <option>shared</option>, <option>slave</option> or
<option>private</option>, which control whether mounts in the file system namespace set up for this unit's
- processes will receive or propagate mounts or unmounts. See <citerefentry
+ processes will receive or propagate mounts and unmounts. See <citerefentry
project='man-pages'><refentrytitle>mount</refentrytitle><manvolnum>2</manvolnum></citerefentry> for
details. Defaults to <option>shared</option>. Use <option>shared</option> to ensure that mounts and unmounts
- are propagated from the host to the container and vice versa. Use <option>slave</option> to run processes so
- that none of their mounts and unmounts will propagate to the host. Use <option>private</option> to also ensure
- that no mounts and unmounts from the host will propagate into the unit processes' namespace. Note that
+ are propagated from systemd's namespace to the service's namespace and vice versa. Use <option>slave</option>
+ to run processes so that none of their mounts and unmounts will propagate to the host. Use <option>private</option>
+ to also ensure that no mounts and unmounts from the host will propagate into the unit processes' namespace.
+ If this is set to <option>slave</option> or <option>private</option>, any mounts created by spawned processes
+ will be unmounted after the completion of the current command line of <varname>ExecStartPre=</varname>,
+ <varname>ExecStartPost=</varname>, <varname>ExecStart=</varname>,
+ and <varname>ExecStopPost=</varname>. Note that
<option>slave</option> means that file systems mounted on the host might stay mounted continuously in the
unit's namespace, and thus keep the device busy. Note that the file system namespace related options
(<varname>PrivateTmp=</varname>, <varname>PrivateDevices=</varname>, <varname>ProtectSystem=</varname>,
diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml
index a549ec83bd..ef6a37fe76 100644
--- a/man/systemd.netdev.xml
+++ b/man/systemd.netdev.xml
@@ -510,11 +510,13 @@
</listitem>
</varlistentry>
<varlistentry>
- <term><varname>ARPProxy=</varname></term>
+ <term><varname>ReduceARPProxy=</varname></term>
<listitem>
- <para>A boolean. When true bridge-connected VXLAN tunnel endpoint
- answers ARP requests from the local bridge on behalf of
- remote Distributed Overlay Virtual Ethernet (DOVE) clients.</para>
+ <para>A boolean. When true, bridge-connected VXLAN tunnel
+ endpoint answers ARP requests from the local bridge on behalf
+ of remote Distributed Overlay Virtual Ethernet
+ <ulink url="https://en.wikipedia.org/wiki/Distributed_Overlay_Virtual_Ethernet">
+ (DVOE)</ulink> clients. Defaults to false.</para>
</listitem>
</varlistentry>
<varlistentry>
@@ -1070,6 +1072,33 @@
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>ActiveSlave=</varname></term>
+ <listitem>
+ <para>A boolean. Specifies the new active slave. The <literal>ActiveSlave=</literal>
+ option is only valid for following modes:
+ <literal>active-backup</literal>,
+ <literal>balance-alb</literal> and
+ <literal>balance-tlb</literal>. Defaults to false.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>PrimarySlave=</varname></term>
+ <listitem>
+ <para>A boolean. Specifies which slave is the primary device. The specified
+ device will always be the active slave while it is available. Only when the
+ primary is off-line will alternate devices be used. This is useful when
+ one slave is preferred over another, e.g. when one slave has higher throughput
+ than another. The <literal>PrimarySlave=</literal> option is only valid for
+ following modes:
+ <literal>active-backup</literal>,
+ <literal>balance-alb</literal> and
+ <literal>balance-tlb</literal>. Defaults to false.
+ </para>
+ </listitem>
+ </varlistentry>
</variablelist>
<para>For more detail information see
@@ -1201,6 +1230,15 @@ Kind=vrf
[VRF]
TableId=42</programlisting>
</example>
+
+ <example>
+ <title>/etc/systemd/network/25-macvtap.netdev</title>
+ <para>Create a MacVTap device.</para>
+ <programlisting>[NetDev]
+Name=macvtap-test
+Kind=macvtap
+ </programlisting>
+ </example>
</refsect1>
<refsect1>
<title>See Also</title>
diff --git a/man/systemd.network.xml b/man/systemd.network.xml
index c7083a4fe6..8d44779a0c 100644
--- a/man/systemd.network.xml
+++ b/man/systemd.network.xml
@@ -603,8 +603,8 @@
</para></listitem>
</varlistentry>
<varlistentry>
- <term><varname>ProxyARP=</varname></term>
- <listitem><para>A boolean. Configures proxy ARP. Proxy ARP is the technique in which one host,
+ <term><varname>IPv4ProxyARP=</varname></term>
+ <listitem><para>A boolean. Configures proxy ARP for IPv4. Proxy ARP is the technique in which one host,
usually a router, answers ARP requests intended for another machine. By "faking" its identity,
the router accepts responsibility for routing packets to the "real" destination. (see <ulink
url="https://tools.ietf.org/html/rfc1027">RFC 1027</ulink>.
@@ -1490,6 +1490,18 @@ VRF=vrf1
</programlisting>
</example>
+ <example>
+ <title>MacVTap</title>
+ <para>This brings up a network interface <literal>macvtap-test</literal>
+ and attaches it to <literal>enp0s25</literal>.</para>
+ <programlisting># /lib/systemd/network/25-macvtap.network
+[Match]
+Name=enp0s25
+
+[Network]
+MACVTAP=macvtap-test
+</programlisting>
+ </example>
</refsect1>
<refsect1>
diff --git a/man/systemd.service.xml b/man/systemd.service.xml
index b707961a59..522ed5e61e 100644
--- a/man/systemd.service.xml
+++ b/man/systemd.service.xml
@@ -392,15 +392,11 @@
variable substitution is supported (including
<varname>$MAINPID</varname>, see above).</para>
- <para>Note that it is usually not sufficient to specify a
- command for this setting that only asks the service to
- terminate (for example, by queuing some form of termination
- signal for it), but does not wait for it to do so. Since the
- remaining processes of the services are killed using
- <constant>SIGKILL</constant> immediately after the command
- exited, this would not result in a clean stop. The specified
- command should hence be a synchronous operation, not an
- asynchronous one.</para>
+ <para>Note that it is usually not sufficient to specify a command for this setting that only asks the service
+ to terminate (for example, by queuing some form of termination signal for it), but does not wait for it to do
+ so. Since the remaining processes of the services are killed according to <varname>KillMode=</varname> and
+ <varname>KillSignal=</varname> as described above immediately after the command exited, this may not result in
+ a clean stop. The specified command should hence be a synchronous operation, not an asynchronous one.</para>
<para>Note that the commands specified in <varname>ExecStop=</varname> are only executed when the service
started successfully first. They are not invoked if the service was never started at all, or in case its
diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml
index 0ce1203cfb..1d20a8f7f7 100644
--- a/man/systemd.socket.xml
+++ b/man/systemd.socket.xml
@@ -216,6 +216,14 @@
<varname>BindIPv6Only=</varname> setting (see below).
</para>
+ <para>If the address string is a string in the format
+ <literal>vsock:x:y</literal>, it is read as CID <literal>x</literal> on
+ a port <literal>y</literal> address in the
+ <constant>AF_VSOCK</constant> family. The CID is a unique 32-bit
+ integer identifier in <constant>AF_VSOCK</constant> analogous to an IP
+ address. Specifying the CID is optional, and may be set to the empty
+ string.</para>
+
<para>Note that <constant>SOCK_SEQPACKET</constant> (i.e.
<varname>ListenSequentialPacket=</varname>) is only available
for <constant>AF_UNIX</constant> sockets.