summaryrefslogtreecommitdiff
path: root/man
AgeCommit message (Collapse)Author
2014-02-25Use /var/run/dbus/system_bus_socket for the D-Bus socketZbigniew Jędrzejewski-Szmek
2014-02-26Revert back to /var/run at a couple of problemsLennart Poettering
This partially reverts 41a55c46ab8fb4ef6727434227071321fc762cce Some specifications we want to stay compatibility actually document /var/run, not /run, and we should stay compatible with that. In order to make sure our D-Bus implementation works on any system, regardless if running systemd or not, we should always use /var/run which is the only path mandated by the D-Bus spec. Similar, glibc hardcodes the utmp location to /var/run, and this is exposed in _UTMP_PATH in limits.h, hence let's stay in sync with this public API, too. We simply do not support systems where /var/run is not a symlink → /run. Hence both are equivalent. Staying compatible with upstream specifications hence weighs more than cleaning up superficial appearance.
2014-02-25Replace /var/run with /run in remaining placesZbigniew Jędrzejewski-Szmek
/run was already used almost everywhere, fix the remaining places for consistency.
2014-02-26exec: imply NoNewPriviliges= only when seccomp filters are used in user modeLennart Poettering
2014-02-26core: add new RestrictAddressFamilies= switchLennart Poettering
This new unit settings allows restricting which address families are available to processes. This is an effective way to minimize the attack surface of services, by turning off entire network stacks for them. This is based on seccomp, and does not work on x86-32, since seccomp cannot filter socketcall() syscalls on that platform.
2014-02-25networkd: add basic support for MACVLANsTom Gundersen
2014-02-25man: refer to systemd.net{work,dev}(5) from systemd-networkd(8)Tom Gundersen
2014-02-25man: split out systemd.net{work,dev}(5) from systemd-networkd(8)Tom Gundersen
2014-02-25man: split out systemd.link(5) from udev(7)Tom Gundersen
2014-02-25man: networkd - clarify that multiple addresses/routes are supportedTom Gundersen
2014-02-25nspawn: add new switch --network-macvlan= to add a macvlan device to the ↵Lennart Poettering
container
2014-02-24core: add global settings for enabling CPUAccounting=, MemoryAccounting=, ↵Lennart Poettering
BlockIOAccounting= for all units at once
2014-02-23man: document that per-interface sysctl variables are applied as network ↵Lennart Poettering
interfaces show up https://bugzilla.redhat.com/show_bug.cgi?id=1062955
2014-02-23core: clean up some confusing regarding SI decimal and IEC binary suffixes ↵Lennart Poettering
for sizes According to Wikipedia it is customary to specify hardware metrics and transfer speeds to the basis 1000 (SI decimal), while software metrics and physical volatile memory (RAM) sizes to the basis 1024 (IEC binary). So far we specified everything in IEC, let's fix that and be more true to what's otherwise customary. Since we don't want to parse "Mi" instead of "M" we document each time what the context used is.
2014-02-22udev: net - allow MTU and Speed to be specified with unitsTom Gundersen
This also changes the names to MTUBytes and BitsPerSecond, respectively. Notice that the speed was mistakenly documented to be in bytes before this change.
2014-02-22cgroup: Extend DeviceAllow= syntax to whitelist groups of devices, not just ↵Lennart Poettering
particular devices nodes
2014-02-21net-util: match on the driver as exposed by ethtool if DRIVER not setTom Gundersen
Also fix a copy-paste error that broke matching on interface name.
2014-02-21man: networkd typo fixesThomas Hindoe Paaboel Andersen
2014-02-21man: suffix networkd config file options with "="Lennart Poettering
That's what we do for all options in the other man pages. It helps clarifying that these are options that values need to be assigned to.
2014-02-21man: split settings documentaiton in systemd.unit(5) into two sectionsLennart Poettering
2014-02-21man: don't document ".include" in configuration files anymore as first step ↵Lennart Poettering
to deprecate them one day
2014-02-21.network/.netdev/.link: allow to match on architectureTom Gundersen
2014-02-21man: there is no ExecStopPre= for service unitsLennart Poettering
https://bugs.freedesktop.org/show_bug.cgi?id=73177
2014-02-20man: xinclude pkg-config noteZbigniew Jędrzejewski-Szmek
2014-02-20man: xinclude --host/--machineZbigniew Jędrzejewski-Szmek
As usual, those common options are pushed to the end.
2014-02-20man: xinclude --user/--systemZbigniew Jędrzejewski-Szmek
2014-02-20man: xinclude --help/--version/--no-pagerZbigniew Jędrzejewski-Szmek
2014-02-20build-sys: add conditionals and regenerate manpage listZbigniew Jędrzejewski-Szmek
The list of man pages is auto generated, based on conditonal='...' attributes in the man page itself.
2014-02-21nspawn: when adding a veth interface to a bridge, use the "vb-" rather than ↵Lennart Poettering
"ve-" interface name prefix This way we can recognize the interfaces later on to apply different host-side configuration to them.
2014-02-21core: Add AppArmor profile switchingMichael Scherer
This permit to switch to a specific apparmor profile when starting a daemon. This will result in a non operation if apparmor is disabled. It also add a new build requirement on libapparmor for using this feature.
2014-02-21core: add new ConditionArchitecture() that checks the architecture returned ↵Lennart Poettering
by uname()'s machine field.
2014-02-20man: networkd/udev - add to [Match] documentationTom Gundersen
2014-02-19udev: net-config - allow interface names to be set from the hwdbTom Gundersen
2014-02-19man: fix references to .pc files which aren't separate anymoreLennart Poettering
2014-02-19man: don't advertise sd-daemon as embeddable anymoreLennart Poettering
It's now part of libsystemd, and should be used like any other API.
2014-02-19busctl: add --no-legend and use in bash completionThomas Hindoe Paaboel Andersen
2014-02-19man: busctl typo fixThomas Hindoe Paaboel Andersen
2014-02-19man: document $MAINPIDLennart Poettering
2014-02-19core: add Personality= option for units to set the personality for spawned ↵Lennart Poettering
processes
2014-02-18nspawn: add new --personality= switch to make it easier to run 32bit ↵Lennart Poettering
containers on a 64bit host
2014-02-18net-match: fix Driver= matchTom Gundersen
It should match on the driver of the parent device.
2014-02-18seccomp: add helper call to add all secondary archs to a seccomp filterLennart Poettering
And make use of it where appropriate for executing services and for nspawn.
2014-02-18machinectl: remove unused --no-ask-passwordThomas Hindoe Paaboel Andersen
2014-02-18machinectl: add bash completionThomas Hindoe Paaboel Andersen
2014-02-18man: machinectl: there is no command 'kill-machine'Thomas Hindoe Paaboel Andersen
2014-02-18man: minor fixes to networkd pageTom Gundersen
Also enforce that we don't allow setting the Broadcast for IPv6 addresses.
2014-02-18doc: orthographic correctionsJan Engelhardt
2014-02-17doc: utilize the DocBook markup for some literalsJan Engelhardt
2014-02-17doc: reword "shared per-thread" wordingJan Engelhardt
Either it is shared across threads, or it is per-thread: decide. Reading the source code, I see a thread_local identifier, so that's that. But that does not yet preclude that a program may pass around the pointer returned from the function among its own threads. Do a best effort at saying so.
2014-02-17doc: balance C indirections in function prototypesJan Engelhardt
Shift the asterisks in the documentation's prototypes such that they are consistent among each other. Use the right side to match source code.