From 4ebbb5bfe88ac3d793c395472648660c33251546 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Sat, 23 Nov 2024 22:07:56 +0900 Subject: man: asorted fixes Closes #35307. --- man/environment.d.xml | 4 +-- man/file-hierarchy.xml | 4 +-- man/homectl.xml | 2 +- man/importctl.xml | 36 ++++++++++++++++--------- man/pam_systemd.xml | 12 +++++---- man/pam_systemd_loadkey.xml | 8 +++--- man/portablectl.xml | 4 +-- man/repart.d.xml | 24 ++++++++++------- man/resolvectl.xml | 2 +- man/run0.xml | 4 +-- man/systemctl.xml | 2 +- man/systemd-boot.xml | 2 +- man/systemd-cryptenroll.xml | 2 +- man/systemd-cryptsetup.xml | 4 +-- man/systemd-fsck@.service.xml | 4 ++- man/systemd-journald.service.xml | 14 ++++++---- man/systemd-machined.service.xml | 1 + man/systemd-mountfsd.service.xml | 4 ++- man/systemd-nspawn.xml | 2 +- man/systemd-pcrlock.xml | 12 +++++---- man/systemd-poweroff.service.xml | 2 +- man/systemd-repart.xml | 13 ++++----- man/systemd-resolved.service.xml | 8 +++--- man/systemd-soft-reboot.service.xml | 3 ++- man/systemd-ssh-generator.xml | 15 ++++++----- man/systemd-ssh-proxy.xml | 2 +- man/systemd-stdio-bridge.xml | 2 +- man/systemd-stub.xml | 2 +- man/systemd-sysext.xml | 6 ++--- man/systemd-tpm2-generator.xml | 4 +-- man/systemd-vmspawn.xml | 5 ++-- man/systemd-vpick.xml | 2 +- man/systemd.link.xml | 8 +++--- man/systemd.mount.xml | 4 +-- man/systemd.net-naming-scheme.xml | 23 +++++++++------- man/systemd.netdev.xml | 9 ++++--- man/systemd.network.xml | 53 +++++++++++++++++++------------------ man/systemd.resource-control.xml | 5 ++-- man/systemd.service.xml | 2 +- man/systemd.time.xml | 5 ++-- man/systemd.xml | 10 +++---- man/ukify.xml | 3 ++- man/user@.service.xml | 4 +-- man/userdbctl.xml | 2 +- 44 files changed, 190 insertions(+), 149 deletions(-) diff --git a/man/environment.d.xml b/man/environment.d.xml index 288450f934..70dc40c56c 100644 --- a/man/environment.d.xml +++ b/man/environment.d.xml @@ -114,10 +114,10 @@ invoked, for example from the system service manager or via a PAM module. Specifically, for ssh logins, the - sshd8 + sshd8 service builds an environment that is a combination of variables forwarded from the remote system and defined by sshd, see the discussion in - ssh1. + ssh1. A graphical display session will have an analogous mechanism to define the environment. Note that some managers query the systemd user instance for the exported environment and inject this configuration into programs they start, using systemctl show-environment or the underlying D-Bus call. diff --git a/man/file-hierarchy.xml b/man/file-hierarchy.xml index 47f93a3234..358f428538 100644 --- a/man/file-hierarchy.xml +++ b/man/file-hierarchy.xml @@ -215,8 +215,8 @@ below this directory is subject to specifications that ensure interoperability. Note that resources placed in this directory typically are under shared ownership, - i.e. multiple different packages have provide and consume these resources, on equal footing, without - any obvious primary owner. This makes makes things systematically different from + i.e. multiple different packages have provided and consumed these resources, on equal footing, without + any obvious primary owner. This makes things systematically different from /usr/lib/, where ownership is generally not shared. diff --git a/man/homectl.xml b/man/homectl.xml index 43bde52e0d..7762cf1423 100644 --- a/man/homectl.xml +++ b/man/homectl.xml @@ -378,7 +378,7 @@ Takes a comma- or colon-separated list of languages preferred by the user, ordered by descending priority. The $LANG and $LANGUAGE environment - variables are initialized from this value on login, and thus values suitible for these environment + variables are initialized from this value on login, and thus values suitable for these environment variables are accepted here, for example . This option may be used more than once, in which case the language lists are concatenated. diff --git a/man/importctl.xml b/man/importctl.xml index 3e2e33f685..2b2f717366 100644 --- a/man/importctl.xml +++ b/man/importctl.xml @@ -40,7 +40,7 @@ systemd-importd.service8. importctl operates both on block-level disk images (such as DDIs) as well as - file-system-level images (tarballs). It supports disk images are one of the four following + file-system-level images (tarballs). It supports disk images in one of the four following classes: @@ -50,7 +50,7 @@ managed via machinectl1. - Portable service images, that may be attached an managed via + Portable service images, that may be attached and managed via portablectl1. System extension (sysext) images, that may be activated via @@ -133,7 +133,7 @@ multiple downloads are not necessary. In order to create only the read-only image, and avoid creating its writable snapshot, specify - as local name. - Note that pressing C-c during execution of this command will not abort the download. Use + Note that pressing Control-c during execution of this command will not abort the download. Use cancel-transfer, described below. @@ -145,14 +145,14 @@ Downloads a .raw disk image from the specified URL, and makes it available under the specified local name in the image directory for the selected . The URL must be of type http:// or - https://. The image must either be a .qcow2 or raw disk + https://. The image must either be a qcow2 or raw disk image, optionally compressed as .gz, .xz, or .bz2. If the local name is omitted, it is automatically derived from the last component of the URL, with its suffix removed. Image verification is identical for raw and tar images (see above). - If the downloaded image is in .qcow2 format it is converted into a raw + If the downloaded image is in qcow2 format it is converted into a raw image file before it is made available. If is specified the image will be downloaded and stored in @@ -162,7 +162,7 @@ necessary. In order to create only the read-only image, and avoid creating its writable copy, specify - as local name. - Note that pressing C-c during execution of this command will not abort the download. Use + Note that pressing Control-c during execution of this command will not abort the download. Use cancel-transfer, described below. @@ -174,8 +174,14 @@ Imports a TAR or RAW image, and places it under the specified name in the image directory for the image class selected via . When - import-tar is used, the file specified as the first argument should be a tar - archive, possibly compressed with xz, gzip or bzip2. It will then be unpacked into its own + import-tar is used, the file specified as the first argument should be a + tar1 + archive, possibly compressed with + xz1, + gzip1, + or + bzip21. + It will then be unpacked into its own subvolume/directory. When import-raw is used, the file should be a qcow2 or raw disk image, possibly compressed with xz, gzip or bzip2. If the second argument (the resulting image name) is not specified, it is automatically derived from the file name. If the filename is passed as @@ -196,7 +202,9 @@ Imports an image stored in a local directory into the image directory for the image class selected via and operates similarly to import-tar or import-raw, but the first argument is the source directory. If supported, this - command will create a btrfs snapshot or subvolume for the new image. + command will create a + btrfs8 + snapshot or subvolume for the new image. @@ -207,9 +215,13 @@ Exports a TAR or RAW image and stores it in the specified file. The first parameter should be an image name. The second parameter should be a file path the TAR or RAW - image is written to. If the path ends in .gz, the file is compressed with gzip, if - it ends in .xz, with xz, and if it ends in .bz2, with bzip2. If - the path ends in neither, the file is left uncompressed. If the second argument is missing, the image + image is written to. If the path ends in .gz, the file is compressed with + gzip1, + if it ends in .xz, with + xz1, + and if it ends in .bz2, with + bzip21. + If the path ends in neither, the file is left uncompressed. If the second argument is missing, the image is written to standard output. The compression may also be explicitly selected with the switch. This is in particular useful if the second parameter is left unspecified. diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml index 91710a4dd8..183b37d676 100644 --- a/man/pam_systemd.xml +++ b/man/pam_systemd.xml @@ -113,11 +113,11 @@ user-early - Similar to user but sessions of this class are not ordered after systemd-user-sessions.service, i.e. may be started before regular sessions are allowed to be established. This session class is the default for sessions of the root user that would otherwise qualify for the user class, see above. (Added in v256.) + Similar to user but sessions of this class are not ordered after systemd-user-sessions.service8, i.e. may be started before regular sessions are allowed to be established. This session class is the default for sessions of the root user that would otherwise qualify for the user class, see above. (Added in v256.) user-incomplete - Similar to user but for sessions which are not fully set up yet, i.e. have no home directory mounted or similar. This is used by systemd-homed.service8 to allow users to log in via ssh before their home directory is mounted, delaying the mount until the user provided the unlock password. Sessions of this class are upgraded to the regular user class once the home directory is activated. + Similar to user but for sessions which are not fully set up yet, i.e. have no home directory mounted or similar. This is used by systemd-homed.service8 to allow users to log in via ssh1 before their home directory is mounted, delaying the mount until the user provided the unlock password. Sessions of this class are upgraded to the regular user class once the home directory is activated. greeter @@ -129,15 +129,15 @@ background - Used for background sessions, such as those invoked by cron and similar tools. This is the default class for sessions for which no TTY or X display is known at session registration time. + Used for background sessions, such as those invoked by cron8 and similar tools. This is the default class for sessions for which no TTY or X display is known at session registration time. background-light - Similar to background, but sessions of this class will not pull in the user@.service of the user, and thus possibly have no services of the user running. (Added in v256.) + Similar to background, but sessions of this class will not pull in the user@.service5 of the user, and thus possibly have no services of the user running. (Added in v256.) manager - The user@.service service of the user is registered under this session class. (Added in v256.) + The user@.service5 service of the user is registered under this session class. (Added in v256.) manager-early @@ -445,6 +445,8 @@ session required pam_unix.so See Also systemd1 + systemd-user-sessions.service8 + user@.service5 systemd-logind.service8 logind.conf5 loginctl1 diff --git a/man/pam_systemd_loadkey.xml b/man/pam_systemd_loadkey.xml index 1cc0ddb882..962a95bc5a 100644 --- a/man/pam_systemd_loadkey.xml +++ b/man/pam_systemd_loadkey.xml @@ -112,7 +112,8 @@ during boot. You need to set the password of your Gnome Keyring/KWallet to the same as your LUKS passphrase. - Then add the following lines to your display manager's PAM config under /etc/pam.d/ (e.g. sddm-autologin): + Then add the following lines to your display manager's PAM config under /etc/pam.d/ (e.g. + sddm-autologin): -auth optional pam_systemd_loadkey.so @@ -131,8 +132,9 @@ KeyringMode=inherit In this setup, early during the boot process, systemd-cryptsetup@.service8 will ask for the passphrase and store it in the kernel keyring with the keyname cryptsetup. - Then when the display manager does the autologin, pam_systemd_loadkey will read the passphrase from the kernel keyring, - set it as the PAM authtok, and then pam_gnome_keyring and pam_kwallet5 will unlock with the same passphrase. + Then when the display manager does the autologin, pam_systemd_loadkey will read the passphrase + from the kernel keyring, set it as the PAM authtok, and then pam_gnome_keyring and + pam_kwallet5 will unlock with the same passphrase. diff --git a/man/portablectl.xml b/man/portablectl.xml index 92d8ff03aa..cafb3565ac 100644 --- a/man/portablectl.xml +++ b/man/portablectl.xml @@ -48,7 +48,7 @@ and transfer them as a whole between systems. When these images are attached to the local system, the contained units may run in most ways like regular system-provided units, either with full privileges or inside strict sandboxing, depending on the selected configuration. For more details, see - Portable Services Documentation. + Portable Services. Portable service images may be of the following kinds: @@ -417,7 +417,7 @@ os-release5. Images can be block images, btrfs subvolumes or directories. For more information on portable services with extensions, see the Extension Images paragraph on - Portable Services Documentation. + Portable Services. Note that the same extensions have to be specified, in the same order, when attaching diff --git a/man/repart.d.xml b/man/repart.d.xml index 857ee79d91..204fc16208 100644 --- a/man/repart.d.xml +++ b/man/repart.d.xml @@ -606,7 +606,8 @@ Subvolumes=. Note that this option only takes effect if the target filesystem supports subvolumes, such as - btrfs. + btrfs8. + Note that this option is only supported in combination with since btrfs-progs 6.11 or newer. @@ -686,7 +687,7 @@ Configures the data block size of the generated verity hash partition. Must be between 512 and 4096 bytes and must be a power of 2. Defaults to the sector size if configured explicitly, or the underlying - block device sector size, or 4K if systemd-repart is not operating on a block device. + block device sector size, or 4K if systemd-repart is not operating on a block device. @@ -697,7 +698,7 @@ Configures the hash block size of the generated verity hash partition. Must be between 512 and 4096 bytes and must be a power of 2. Defaults to the sector size if configured explicitly, or the underlying - block device sector size, or 4K if systemd-repart is not operating on a block device. + block device sector size, or 4K if systemd-repart is not operating on a block device. @@ -807,7 +808,9 @@ mount options. These fields correspond to the second and fourth column of the fstab5 format. This setting may be specified multiple times to mount the partition multiple times. This can - be used to add mounts for different btrfs subvolumes located on the same btrfs partition. + be used to add mounts for different + btrfs8 + subvolumes located on the same btrfs partition. Note that this setting is only taken into account when is specified on the systemd-repart command line. @@ -818,7 +821,7 @@ EncryptedVolume= - Specify how the encrypted partition should be set up. Takes at least one and at most + Specifies how the encrypted partition should be set up. Takes at least one and at most three fields separated with a colon (:). The first field specifies the encrypted volume name under /dev/mapper/. If not specified, luks-UUID will be used where UUID is the LUKS UUID. The second field specifies the keyfile @@ -837,13 +840,14 @@ Compression= - Specify the compression algorithm to use for the filesystem configured with + Specifies the compression algorithm to use for the filesystem configured with Format=. Takes a single argument specifying the compression algorithm. Note that this setting is only taken into account when the filesystem configured with - Format= supports compression (btrfs, squashfs, erofs). Here's an incomplete list - of compression algorithms supported by the filesystems known to - systemd-repart: + Format= supports compression ( + btrfs8, + squashfs, erofs). Here's an incomplete list of compression algorithms supported by the filesystems + known to systemd-repart: File System Compression Algorithms @@ -883,7 +887,7 @@ CompressionLevel= - Specify the compression level to use for the filesystem configured with + Specifies the compression level to use for the filesystem configured with Format=. Takes a single argument specifying the compression level to use for the configured compression algorithm. The possible compression levels and their meaning are filesystem specific (refer to the filesystem's documentation for the exact meaning of a particular compression diff --git a/man/resolvectl.xml b/man/resolvectl.xml index b30517741f..44c0e6622f 100644 --- a/man/resolvectl.xml +++ b/man/resolvectl.xml @@ -485,7 +485,7 @@ Takes a boolean parameter; used in conjunction with query. If true, rules regarding routing of single-label names are relaxed. Defaults to false. By default, - lookups of single label names are assumed to refer to local hosts to be resolved via local resolution + lookups of single-label names are assumed to refer to local hosts to be resolved via local resolution such as LLMNR or via search domain qualification and are not routed to upstream servers as is. If this option is enabled these rules are disabled and the queries are routed upstream anyway. Also see the ResolveUnicastSingleLabel= option in diff --git a/man/run0.xml b/man/run0.xml index 98345f626b..6de84aa2b2 100644 --- a/man/run0.xml +++ b/man/run0.xml @@ -81,7 +81,7 @@ - Sets a property on the service unit that is created. This option takes an assignment + Sets a property of the service unit that is created. This option takes an assignment in the same format as systemctl1's set-property command. @@ -225,7 +225,7 @@ - Execute operation on a local container. Specify a container name to connect to. + Execute operation in a local container. Specify a container name to connect to. diff --git a/man/systemctl.xml b/man/systemctl.xml index a7566b8904..fe15bd3722 100644 --- a/man/systemctl.xml +++ b/man/systemctl.xml @@ -1397,7 +1397,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err Note that this shows the effective block, i.e. the combination of environment variables configured via configuration files, environment generators and via IPC (i.e. via the set-environment described below). At the moment a unit process - is forked off this combined environment block will be further combined with per-unit environment + is forked off, this combined environment block will be further combined with per-unit environment variables, which are not visible in this command. diff --git a/man/systemd-boot.xml b/man/systemd-boot.xml index 0da919b127..2c2128482f 100644 --- a/man/systemd-boot.xml +++ b/man/systemd-boot.xml @@ -54,7 +54,7 @@ The EFI Shell binary, if installed. - A Reboot Into Firmware Interface option, if supported by the UEFI + A Reboot Into Firmware Interface option, if supported by the UEFI firmware. Secure Boot variables enrollment if the UEFI firmware is in setup-mode and files are provided diff --git a/man/systemd-cryptenroll.xml b/man/systemd-cryptenroll.xml index 8ac98a6cf7..05d0f04f7f 100644 --- a/man/systemd-cryptenroll.xml +++ b/man/systemd-cryptenroll.xml @@ -299,7 +299,7 @@ - Use a TPM2 device instead of a password/passhprase read from stdin to unlock the + Use a TPM2 device instead of a password/passphrase read from stdin to unlock the volume. Expects a device node path referring to the TPM2 chip (e.g. /dev/tpmrm0). Alternatively the special value auto may be specified, in order to automatically determine the device node of a currently discovered TPM2 device (of which there must be exactly one). diff --git a/man/systemd-cryptsetup.xml b/man/systemd-cryptsetup.xml index 1c2db11a45..6c13bd9418 100644 --- a/man/systemd-cryptsetup.xml +++ b/man/systemd-cryptsetup.xml @@ -32,7 +32,7 @@ VOLUME SOURCE-DEVICE KEY-FILE - CONFIG + CRYPTTAB-OPTIONS @@ -150,7 +150,7 @@ cryptsetup.luks2-pin - This credential specifies the PIN requested by generic LUKS2 token modules. + This credential specifies the pin requested by generic LUKS2 token modules. diff --git a/man/systemd-fsck@.service.xml b/man/systemd-fsck@.service.xml index 1c5e59f479..f68c79bff5 100644 --- a/man/systemd-fsck@.service.xml +++ b/man/systemd-fsck@.service.xml @@ -57,7 +57,9 @@ last check, number of mounts, unclean unmount, etc. systemd-fsck-root.service and systemd-fsck-usr.service - will activate reboot.target if fsck returns the "System + will activate reboot.target if + fsck8 + returns the "System should reboot" condition, or emergency.target if fsck returns the "Filesystem errors left uncorrected" condition. diff --git a/man/systemd-journald.service.xml b/man/systemd-journald.service.xml index cb06b3b8f8..94df62fb50 100644 --- a/man/systemd-journald.service.xml +++ b/man/systemd-journald.service.xml @@ -164,9 +164,10 @@ systemd-tmpfiles --create --prefix /var/log/journal used to view the log stream of a specific namespace. If the switch is not used the log stream of the default namespace is shown, i.e. log data from other namespaces is not visible. - Services associated with a specific log namespace may log via syslog, the native logging protocol - of the journal and via stdout/stderr; the logging from all three transports is associated with the - namespace. + Services associated with a specific log namespace may log via + syslog3, + the native logging protocol of the journal and via stdout/stderr; the logging from all three transports + is associated with the namespace. By default only the default namespace will collect kernel and audit log messages. @@ -288,8 +289,11 @@ systemd-tmpfiles --create --prefix /var/log/journal systemd.journald.max_level_socket= Controls the maximum log level of messages that are stored in the journal, forwarded - to syslog, kmsg, the console, the wall, or a socket. This kernel command line options override the - settings of the same names in the + to + syslog3, + kmsg, the console, + wall1, + or a socket. This kernel command line options override the settings of the same names in the journald.conf5 file. diff --git a/man/systemd-machined.service.xml b/man/systemd-machined.service.xml index 7ad35c8584..610bc1b572 100644 --- a/man/systemd-machined.service.xml +++ b/man/systemd-machined.service.xml @@ -136,6 +136,7 @@ nss-mymachines8 systemd.special7 org.freedesktop.machine15 + ssh1 diff --git a/man/systemd-mountfsd.service.xml b/man/systemd-mountfsd.service.xml index a8f48365b0..81d02d3d4f 100644 --- a/man/systemd-mountfsd.service.xml +++ b/man/systemd-mountfsd.service.xml @@ -57,7 +57,9 @@ The returned mounts are automatically allowlisted in the per-user-namespace allowlist maintained by systemd-nsresourced.service8. - The file systems are automatically fsck'ed before mounting. + The file systems are automatically + fsck8'ed + before mounting. diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml index c780abf96a..7bdb55d5d5 100644 --- a/man/systemd-nspawn.xml +++ b/man/systemd-nspawn.xml @@ -140,7 +140,7 @@ When running in unprivileged mode, some needed functionality is provided via systemd-mountfsd.service8 and - systemd-nsresourced.service8 + systemd-nsresourced.service8. diff --git a/man/systemd-pcrlock.xml b/man/systemd-pcrlock.xml index 19ba4c4b17..b3a8320f8f 100644 --- a/man/systemd-pcrlock.xml +++ b/man/systemd-pcrlock.xml @@ -106,7 +106,7 @@ This reads the combined TPM2 event log and writes it to STDOUT in TCG Canonical Event Log - Format (CEL-JSON) format. + Format (CEL-JSON). @@ -387,8 +387,10 @@ Generates/removes a .pcrlock file based on a kernel initrd cpio archive. This is useful for predicting measurements the Linux kernel makes to PCR 9 - ("kernel-initrd"). Do not use for systemd-stub UKIs, as the initrd is combined - dynamically from various sources and hence does not take a single input, like this command. + ("kernel-initrd"). Do not use for + systemd-stub7 + UKIs, as the initrd is combined dynamically from various sources and hence does not take a single + input, like this command. This writes/removes the file /var/lib/pcrlock.d/720-kernel-initrd.pcrlock/generated.pcrlock. @@ -521,7 +523,7 @@ - Takes a file system path as argument. If specified overrides where to write the + Takes a file system path as argument. If specified, configures where to write the generated pcrlock data to. Honoured by the various lock-* commands. If not specified, a default path is generally used, as documented above. @@ -531,7 +533,7 @@ - Takes a file system path as argument. If specified overrides where to write pcrlock + Takes a file system path as argument. If specified, configures where to write pcrlock policy metadata to. If not specified defaults to /var/lib/systemd/pcrlock.json. diff --git a/man/systemd-poweroff.service.xml b/man/systemd-poweroff.service.xml index c55260d380..ad378670e4 100644 --- a/man/systemd-poweroff.service.xml +++ b/man/systemd-poweroff.service.xml @@ -53,7 +53,7 @@ might be broken — the running PID 1 could still depend on libraries which are not available any more, thus keeping the file system busy, which then cannot be re-mounted read-only. - Shortly before executing the actual system power-off/halt/reboot/kexec + Shortly before executing the actual system power-off/halt/reboot/kexec, systemd-shutdown will run all executables in /usr/lib/systemd/system-shutdown/ and pass one arguments to them: either poweroff, halt, reboot, or diff --git a/man/systemd-repart.xml b/man/systemd-repart.xml index 261053392e..d1740af5a2 100644 --- a/man/systemd-repart.xml +++ b/man/systemd-repart.xml @@ -569,7 +569,7 @@ (sysext, see systemd-sysext8 for details), configuration extension (confext) or portable service. The generated image will consist + url="https://systemd.io/PORTABLE_SERVICES">Portable Services. The generated image will consist of a signed Verity erofs file system as root partition. In this mode of operation the partition definitions in /usr/lib/repart.d/*.conf and related directories are not read, and is not supported, as appropriate definitions for @@ -605,10 +605,11 @@ - Specifies a path where to write fstab entries for the mountpoints configured with - in the root directory specified with or - or in the host's root directory if neither is specified. Disabled by - default. + Specifies a path where to write + fstab5 + entries for the mountpoints configured with in the root directory + specified with or or in the host's root + directory if neither is specified. Disabled by default. @@ -680,7 +681,7 @@ systemd-confext refresh Generate a system extension image and sign it via PKCS11 The following creates a system extension DDI (sysext) for an - /usr/foo update and signs it with a hardware token via PKCS11. + /usr/foo update and signs it with a hardware token via PKCS11: mkdir -p tree/usr/lib/extension-release.d echo "Hello World" >tree/usr/foo diff --git a/man/systemd-resolved.service.xml b/man/systemd-resolved.service.xml index e1ae8d5ab8..2578eb0073 100644 --- a/man/systemd-resolved.service.xml +++ b/man/systemd-resolved.service.xml @@ -343,10 +343,10 @@ search foobar.com barbar.com systemd-resolved maintains the /run/systemd/resolve/stub-resolv.conf file for compatibility with traditional Linux programs. This file lists the 127.0.0.53 DNS stub (see above) as the only DNS server. It also - contains a list of search domains that are in use by systemd-resolved. The list of search domains is - always kept up-to-date. Note that /run/systemd/resolve/stub-resolv.conf should not - be used directly by applications, but only through a symlink from - /etc/resolv.conf. This file may be symlinked from + contains a list of search domains that are in use by systemd-resolved. The list of + search domains is always kept up-to-date. Note that + /run/systemd/resolve/stub-resolv.conf should not be used directly by applications, + but only through a symlink from /etc/resolv.conf. This file may be symlinked from /etc/resolv.conf in order to connect all local clients that bypass local DNS APIs to systemd-resolved with correct search domains settings. This mode of operation is recommended. diff --git a/man/systemd-soft-reboot.service.xml b/man/systemd-soft-reboot.service.xml index 34dd5aae9d..7a15982c09 100644 --- a/man/systemd-soft-reboot.service.xml +++ b/man/systemd-soft-reboot.service.xml @@ -139,7 +139,8 @@ DefaultDependencies=no Conflicts=umount.target) If the unit publishes a service over D-Bus, the connection needs to be re-established - after soft-reboot as the D-Bus broker will be stopped and then started again. When using the sd-bus + after soft-reboot as the D-Bus broker will be stopped and then started again. When using the + sd-bus3 library this can be achieved by adapting the following example. diff --git a/man/systemd-ssh-generator.xml b/man/systemd-ssh-generator.xml index 187209f099..65d3c03f6d 100644 --- a/man/systemd-ssh-generator.xml +++ b/man/systemd-ssh-generator.xml @@ -34,9 +34,9 @@ systemd-ssh-generator binds a socket-activated SSH server to local AF_VSOCK and AF_UNIX sockets under certain conditions. It only - has an effect if the sshd8 binary is - installed. Specifically, it does the following: + has an effect if the + sshd8 + binary is installed. Specifically, it does the following: If invoked in a VM with AF_VSOCK support, a socket-activated SSH @@ -71,14 +71,14 @@ The generator will use a packaged sshd@.service service template file if one exists, and otherwise generate a suitable service template file. - systemd-ssh-generator implements + systemd-ssh-generator implements systemd.generator7. Kernel Command Line - systemd-ssh-generator understands the following + systemd-ssh-generator understands the following kernel-command-line7 parameters: @@ -102,8 +102,9 @@ times to bind multiple sockets. The syntax should follow the one of ListenStream=, see systemd.socket5 - for details. This functionality supports all socket families systemd supports, including - AF_INET and AF_INET6. + for details. This functionality supports all socket families + systemd1 supports, + including AF_INET and AF_INET6. diff --git a/man/systemd-ssh-proxy.xml b/man/systemd-ssh-proxy.xml index f81da0e8e5..97e8bcb96b 100644 --- a/man/systemd-ssh-proxy.xml +++ b/man/systemd-ssh-proxy.xml @@ -77,7 +77,7 @@ Host .host This tool is supposed to be used together with systemd-ssh-generator8 which when run inside a VM or container will bind SSH to suitable - addresses. systemd-ssh-generator is supposed to run in the container of VM guest, and + addresses. systemd-ssh-generator is supposed to run in the container or VM guest, and systemd-ssh-proxy is run on the host, in order to connect to the container or VM guest. diff --git a/man/systemd-stdio-bridge.xml b/man/systemd-stdio-bridge.xml index ab5926c269..ae760cc039 100644 --- a/man/systemd-stdio-bridge.xml +++ b/man/systemd-stdio-bridge.xml @@ -43,7 +43,7 @@ sd-bus3 uses systemd-stdio-bridge to forward D-Bus connections over - ssh1, + ssh1, or to connect to the bus of a different user, see sd_bus_set_address3. diff --git a/man/systemd-stub.xml b/man/systemd-stub.xml index 1ba6a5bdbf..902b4013a0 100644 --- a/man/systemd-stub.xml +++ b/man/systemd-stub.xml @@ -209,7 +209,7 @@ images to the initrd. See systemd-confext8 for details on configuration extension images. The generated cpio archive containing - these system extension images is measured into TPM PCR 12 (if a TPM is present). + these configuration extension images is measured into TPM PCR 12 (if a TPM is present).Similarly, files foo.efi.extra.d/*.addon.efi are loaded and verified as diff --git a/man/systemd-sysext.xml b/man/systemd-sysext.xml index 3ebcb91abf..b196503cd9 100644 --- a/man/systemd-sysext.xml +++ b/man/systemd-sysext.xml @@ -141,7 +141,7 @@ but the used architecture identifiers are the same as for ConditionArchitecture= described in systemd.unit5. EXTENSION_RELOAD_MANAGER= can be set to 1 if the extension requires a service manager reload after application - of the extension. Note that for the reasons mentioned earlier: + of the extension. Note that for the reasons mentioned earlier, Portable Services remain the recommended way to ship system services. @@ -206,13 +206,13 @@ the underlying host /usr/ is managed as immutable disk image or is a traditional package manager controlled (i.e. writable) tree. - With systemd-confext one can perform runtime reconfiguration of OS services. + With systemd-confext one can perform runtime reconfiguration of OS services. Sometimes, there is a need to swap certain configuration parameter values or restart only a specific service without deployment of new code or a complete OS deployment. In other words, we want to be able to tie the most frequently configured options to runtime updateable flags that can be changed without a system reboot. This will help reduce servicing times when there is a need for changing the OS configuration. It also provides a reliable tool for managing configuration because all old configuration files disappear when - the systemd-confext image is removed. + the systemd-confext image is removed. Mutability diff --git a/man/systemd-tpm2-generator.xml b/man/systemd-tpm2-generator.xml index 51950eece9..6a85b78f1c 100644 --- a/man/systemd-tpm2-generator.xml +++ b/man/systemd-tpm2-generator.xml @@ -30,7 +30,7 @@ Description - systemd-tpm2-generator is a generator that adds a Wants= + systemd-tpm2-generator is a generator that adds a Wants= dependency from sysinit.target to tpm2.target when it detects that the firmware discovered a TPM2 device but the OS kernel so far did not. tpm2.target is supposed to act as synchronization point for all services that @@ -45,7 +45,7 @@ for it yet. The latter might be useful in environments where a suitable TPM2 driver for the available hardware is not available. - systemd-tpm2-generator implements + systemd-tpm2-generator implements systemd.generator7. diff --git a/man/systemd-vmspawn.xml b/man/systemd-vmspawn.xml index 75da236082..f349c71218 100644 --- a/man/systemd-vmspawn.xml +++ b/man/systemd-vmspawn.xml @@ -45,7 +45,7 @@ file descriptors must be passed with the names kvm and vhost-vsock respectively. - Note: on Ubuntu/Debian derivatives systemd-vmspawn requires the user to be in the + Note: on Ubuntu/Debian derivatives systemd-vmspawn requires the user to be in the kvm group to use the VSOCK options. @@ -420,7 +420,8 @@ for more information. By default ed25519 keys are generated, however rsa keys - may also be useful if the VM has a particularly old version of sshd. + may also be useful if the VM has a particularly old version of + sshd8. diff --git a/man/systemd-vpick.xml b/man/systemd-vpick.xml index 95f946a84c..eb067148df 100644 --- a/man/systemd-vpick.xml +++ b/man/systemd-vpick.xml @@ -46,7 +46,7 @@ If the specified path does not reference a .v/ path (i.e. neither the final component ends in .v, nor the penultimate does or the final one does contain a triple - underscore) it specified path is written unmodified to standard output. + underscore) its specified path is written unmodified to standard output. diff --git a/man/systemd.link.xml b/man/systemd.link.xml index 3991d91881..81d54cdc39 100644 --- a/man/systemd.link.xml +++ b/man/systemd.link.xml @@ -378,7 +378,7 @@ This setting is useful to configure the ID_NET_MANAGED_BY= property which declares which network management service shall manage the interface, which is respected by - systemd-networkd and others. Use + systemd-networkd and others. Use Property=ID_NET_MANAGED_BY=io.systemd.Network to declare explicitly that systemd-networkd shall manage the interface, or set the property to something else to declare explicitly it shall not do so. See @@ -974,10 +974,10 @@ Configures Receive Packet Steering (RPS) list of CPUs to which RPS may forward traffic. Takes a list of CPU indices or ranges separated by either whitespace or commas. Alternatively, - takes the special value all in which will include all available CPUs in the mask. + takes the special value all, which will include all available CPUs in the mask. CPU ranges are specified by the lower and upper CPU indices separated by a dash (e.g. 2-6). - This option may be specified more than once, in which case the specified CPU affinity masks are merged. - If an empty string is assigned, the mask is reset, all assignments prior to this will have no effect. + This option may be specified more than once, in which case the specified list of CPU ranges are merged. + If an empty string is assigned, the list is reset, all assignments prior to this will have no effect. Defaults to unset and RPS CPU list is unchanged. To disable RPS when it was previously enabled, use the special value disable. diff --git a/man/systemd.mount.xml b/man/systemd.mount.xml index 9c6c214096..20e724d540 100644 --- a/man/systemd.mount.xml +++ b/man/systemd.mount.xml @@ -293,7 +293,7 @@ comes from unit fragments, i.e. generated from /etc/fstab by systemd-fstab-generator8 or loaded from a manually configured mount unit, a combination of Requires= and StopPropagatedFrom= - dependencies is set on the backing device. If doesn't, only Requires= is used. + dependencies is set on the backing device, otherwise only Requires= is used. @@ -556,7 +556,7 @@ for details. This setting is optional. If the type is overlay, and upperdir= or - workdir= are specified as options and they don't exist, they will be created. + workdir= are specified as options and the directories don't exist, they will be created. diff --git a/man/systemd.net-naming-scheme.xml b/man/systemd.net-naming-scheme.xml index f2181846d4..19967af880 100644 --- a/man/systemd.net-naming-scheme.xml +++ b/man/systemd.net-naming-scheme.xml @@ -27,18 +27,19 @@ attributes and the use of this information is configured. This page describes interface naming, i.e. what possible names may be generated. Those names are generated by the systemd-udevd.service8 - builtin net_id and exported as udev properties - (ID_NET_NAME_ONBOARD=, ID_NET_LABEL_ONBOARD=, + builtin net_id and exported as + udev7 + properties (ID_NET_NAME_ONBOARD=, ID_NET_LABEL_ONBOARD=, ID_NET_NAME_PATH=, ID_NET_NAME_SLOT=). Names and MAC addresses are derived from various stable device metadata attributes. Newer versions - of udev take more of these attributes into account, improving (and thus possibly changing) the names and - addresses used for the same devices. Different versions of those generation rules are called "naming - schemes". The default naming scheme is chosen at compilation time. Usually this will be the latest - implemented version, but it is also possible to set one of the older versions to preserve - compatibility. This may be useful for example for distributions, which may introduce new versions of - systemd in stable releases without changing the naming scheme. The naming scheme may also be overridden - using the net.naming_scheme= kernel command line switch, see + of systemd-udevd take more of these attributes into account, improving (and thus + possibly changing) the names and addresses used for the same devices. Different versions of those + generation rules are called "naming schemes". The default naming scheme is chosen at compilation time. + Usually this will be the latest implemented version, but it is also possible to set one of the older + versions to preserve compatibility. This may be useful for example for distributions, which may introduce + new versions of systemd in stable releases without changing the naming scheme. The naming scheme may also + be overridden using the net.naming_scheme= kernel command line switch, see systemd-udevd.service8. Available naming schemes are described below. @@ -521,7 +522,8 @@ change introduced in v254 by default. If we detect that a PCI device associated with a slot is a PCI bridge, we no longer set - ID_NET_NAME_SLOT, reverting a change that was introduced in v251. + ID_NET_NAME_SLOT, reverting a change that was introduced in + v251. @@ -708,6 +710,7 @@ net:naming:drvirtio_net:* udev7 udevadm8 + systemd-udevd.service8 Predictable Network Interface Names systemd-nspawn1 diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml index a168e7691e..aefe89fc16 100644 --- a/man/systemd.netdev.xml +++ b/man/systemd.netdev.xml @@ -588,7 +588,7 @@ Controls the threshold for broadcast queueing of the macvlan device. Takes the special value no, or an integer in the range 0…2147483647. When no is specified, the broadcast queueing is disabled altogether. When an integer is specified, a multicast - address will be queued as broadcast if the number of devices using it is greater than the given + address will be queued as broadcast if the number of devices using the macvlan is greater than the given value. Defaults to unset, and the kernel default will be used. @@ -1929,7 +1929,8 @@ the wg genkey command (see wg8). Specially, if the specified key is prefixed with @, it is interpreted as - the name of the credential from which the actual key shall be read. systemd-networkd.service + the name of the credential from which the actual key shall be read. + systemd-networkd.service8 automatically imports credentials matching network.wireguard.*. For more details on credentials, refer to systemd.exec5. @@ -2083,7 +2084,7 @@ i.e. the packets that pass through the tunnel itself. To cause packets to be sent via the tunnel in the first place, an appropriate route needs to be added as well — either in the [Routes] section on the .network matching the wireguard - interface, or externally to systemd-networkd. + interface, or externally to systemd-networkd. @@ -2970,7 +2971,7 @@ Independent=yes See Also systemd1 - systemd-networkd8 + systemd-networkd.service8 systemd.link5 systemd.network5 systemd-network-generator.service8 diff --git a/man/systemd.network.xml b/man/systemd.network.xml index bdc2ac3421..9d8dcba509 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -887,7 +887,7 @@ DuplicateAddressDetection=none from the network interface will be appear as coming from the local host. Typically, this should be enabled on the downstream interface of routers. Takes one of ipv4, ipv6, both, or no. Defaults to - no. Note. Any positive boolean values such as yes or + no. Note that any positive boolean values such as yes or true are now deprecated. Please use one of the values above. Specifying ipv4 or both implies IPv4Forwarding= settings in both .network file for this interface and the global @@ -928,8 +928,8 @@ DuplicateAddressDetection=none Takes a boolean. Controls IPv6 Router Advertisement (RA) reception support for the interface. If true, RAs are accepted; if false, RAs are ignored. When RAs are accepted, they may trigger the start of the DHCPv6 client if the relevant flags are set in the RA data, or if no routers are found - on the link. Defaults to false for bridge devices, when IP forwarding is enabled, - IPv6SendRA= or KeepMaster= is enabled. Otherwise, enabled by + on the link. Defaults to false for bridge devices, when IPv6Forwarding=, + IPv6SendRA=, or KeepMaster= is enabled. Otherwise, enabled by default. Cannot be enabled on devices aggregated in a bond device or when link-local addressing is disabled. @@ -993,9 +993,9 @@ DuplicateAddressDetection=none whether the source of the packet would be routed through the interface it came in. If there is no route to the source on that interface, the machine will drop the packet. Takes one of no, strict, or loose. When no, - no source validation will be done. When strict, mode each incoming packet is tested against the FIB and + no source validation will be done. When strict, each incoming packet is tested against the FIB and if the incoming interface is not the best reverse path, the packet check will fail. By default failed packets are discarded. - When loose, mode each incoming packet's source address is tested against the FIB. The packet is dropped + When loose, each incoming packet's source address is tested against the FIB. The packet is dropped only if the source address is not reachable via any interface on that router. See RFC 3704. When unset, the kernel's default will be used. @@ -1084,9 +1084,10 @@ DuplicateAddressDetection=none Advertisement messages intended for another machine by offering its own MAC address as destination. Unlike proxy ARP for IPv4, it is not enabled globally, but will only send Neighbour Advertisement messages for addresses in the IPv6 neighbor proxy table, which can - also be shown by ip -6 neighbour show proxy. systemd-networkd will control - the per-interface `proxy_ndp` switch for each configured interface depending on this option. - When unset, the kernel's default will be used. + also be shown by ip -6 neighbour show proxy. + systemd-networkd will control the per-interface `proxy_ndp` switch for each + configured interface depending on this option. When unset, the kernel's default will be used. + @@ -1096,7 +1097,7 @@ DuplicateAddressDetection=none IPv6ProxyNDPAddress= An IPv6 address, for which Neighbour Advertisement messages will be proxied. This - option may be specified more than once. systemd-networkd will add the + option may be specified more than once. systemd-networkd will add the IPv6ProxyNDPAddress= entries to the kernel's IPv6 neighbor proxy table. This setting implies IPv6ProxyNDP=yes but has no effect if IPv6ProxyNDP= has been set to false. When unset, the kernel's default will @@ -1225,9 +1226,9 @@ DuplicateAddressDetection=none ConfigureWithoutCarrier= - Takes a boolean. Allows networkd to configure a specific link even if it has no - carrier. Defaults to false. If enabled, and the IgnoreCarrierLoss= setting - is not explicitly set, then it is enabled as well. + Takes a boolean. Allows systemd-networkd to configure a specific link even + if it has no carrier. Defaults to false. If enabled, and the IgnoreCarrierLoss= + setting is not explicitly set, then it is enabled as well. With this enabled, to make the interface enter the configured state, which is required to make systemd-networkd-wait-online work properly for the @@ -1455,11 +1456,11 @@ DuplicateAddressDetection=none ip maddr command would not work if we have an Ethernet switch that does IGMP snooping since the switch would not replicate multicast packets on ports that did not have IGMP reports for the multicast addresses. Linux vxlan interfaces created via - ip link add vxlan or networkd's netdev kind vxlan have the group option - that enables them to do the required join. By extending ip address command - with option autojoin we can get similar functionality for openvswitch (OVS) - vxlan interfaces as well as other tunneling mechanisms that need to receive multicast traffic. - Defaults to no. + ip link add vxlan or systemd-networkd's netdev kind vxlan + have the group option that enables them to do the required join. By extending + ip address command with option autojoin we can get similar + functionality for openvswitch (OVS) vxlan interfaces as well as other tunneling mechanisms that + need to receive multicast traffic. Defaults to no. @@ -1785,7 +1786,7 @@ NFTSet=prefix:netdev:filter:eth_ipv4_prefix L3MasterDevice= - A boolean. Specifies whether the rule is to direct lookups to the tables associated with + Takes a boolean. Specifies whether the rule is to direct lookups to the tables associated with level 3 master devices (also known as Virtual Routing and Forwarding or VRF devices). For further details see Virtual Routing and Forwarding (VRF). Defaults to false. @@ -2903,7 +2904,7 @@ NFTSet=prefix:netdev:filter:eth_ipv4_prefix Note that if AllowList= is configured then DenyList= is ignored. Note that this filters only DHCP offers, so the filtering might not work when - RapidCommit= is enabled. See also RapidCommit= in the above. + RapidCommit= is enabled. See also RapidCommit= above. @@ -3339,7 +3340,7 @@ NFTSet=prefix:netdev:filter:eth_ipv4_prefix UseRedirect= When true (the default), Redirect message sent by the current first-hop router will be - accepted, and configures routes to redirected nodes will be configured. + accepted, and routes to redirected nodes will be configured. @@ -4076,7 +4077,8 @@ ServerAddress=192.168.0.1/24 Takes a boolean. When true, the DHCP server will load and save leases in the persistent storage. When false, the DHCP server will neither load nor save leases in the persistent storage. Hence, bound leases will be lost when the interface is reconfigured e.g. by - networkctl reconfigure, or systemd-networkd.service + networkctl reconfigure, or + systemd-networkd.service8 is restarted. That may cause address conflict on the network. So, please take an extra care when disable this setting. When unspecified, the value specified in the same setting in networkd.conf5, @@ -4260,7 +4262,7 @@ ServerAddress=192.168.0.1/24 HomeAgent= - Takes a boolean. Specifies that IPv6 router advertisements which indicate to hosts that + Takes a boolean. Specifies that IPv6 router advertisements indicate to hosts that the router acts as a Home Agent and includes a Home Agent option. Defaults to false. See RFC 6275 for further details. @@ -4584,10 +4586,9 @@ ServerAddress=192.168.0.1/24 Priority= - Sets the "priority" of sending packets on this interface. - Each port in a bridge may have a different priority which is used - to decide which link to use. Lower value means higher priority. - It is an integer value between 0 to 63. Networkd does not set any + Sets the "priority" of sending packets on this interface. Each port in a bridge may have a + different priority which is used to decide which link to use. Lower value means higher priority. + It is an integer value between 0 to 63. systemd-networkd does not set any default, meaning the kernel default value of 32 is used. diff --git a/man/systemd.resource-control.xml b/man/systemd.resource-control.xml index f52371ef88..a165791b61 100644 --- a/man/systemd.resource-control.xml +++ b/man/systemd.resource-control.xml @@ -896,7 +896,7 @@ CPUWeight=20 DisableControllers=cpu / \ Configures restrictions on the ability of unit processes to invoke bind2 on a - socket. Both allow and deny rules may defined that restrict which addresses a socket may be bound + socket. Both allow and deny rules to be defined that restrict which addresses a socket may be bound to. bind-rule describes socket properties such as address-family, @@ -1673,7 +1673,8 @@ DeviceAllow=/dev/loop-control When systemd-coredump is handling a coredump for a process from a container, if the container's leader process is a descendant of a cgroup with CoredumpReceive=yes and Delegate=yes, then systemd-coredump will attempt to forward - the coredump to systemd-coredump within the container. + the coredump to systemd-coredump within the container. See also + systemd-coredump8. diff --git a/man/systemd.service.xml b/man/systemd.service.xml index 7929f86528..2bb7d05189 100644 --- a/man/systemd.service.xml +++ b/man/systemd.service.xml @@ -1437,7 +1437,7 @@ The command line accepts % specifiers as described in systemd.unit5. - An argument solely consisting of ; must be escaped, i.e. specified as \; + An argument solely consisting of ; must be escaped, i.e. specified as \;. Basic environment variable substitution is supported. Use ${FOO} as part of a word, or as a word of its diff --git a/man/systemd.time.xml b/man/systemd.time.xml index 2cd9cfb9c4..f7cf97625b 100644 --- a/man/systemd.time.xml +++ b/man/systemd.time.xml @@ -120,9 +120,8 @@ The timezone defaults to the current timezone if not specified explicitly. It may be given after a space, like above, in which case it can be: UTC, - an entry in the installed IANA timezone database (CET, Asia/Tokyo, &c.; - complete list obtainable with timedatectl - list-timezones (see + an entry in the installed IANA timezone database (e.g. CET, Asia/Tokyo, + where the complete list can be obtained with timedatectl list-timezones (see timedatectl1)), or ±05, ±0530, diff --git a/man/systemd.xml b/man/systemd.xml index e4eac906b3..d11c601a88 100644 --- a/man/systemd.xml +++ b/man/systemd.xml @@ -1238,9 +1238,9 @@ Signals sent to PID 1 before this message is sent might not be handled correctly yet. A consumer - of these messages should parse the value as an unsigned integer indication the level of support. For - now only the mentioned level 2 is defined, but later on additional levels might be defined with higher - integers, that will implement a superset of the currently defined behaviour. + of these messages should parse the value as an unsigned integer that indicates the level of support. + For now only the mentioned level 2 is defined, but later on additional levels might be defined with + higher integers, that will implement a superset of the currently defined behaviour. @@ -1389,8 +1389,8 @@ Specify what to do when the system manager (PID 1) crashes. This switch has no - effect when systemd is running as user instance. See systemd.crash_action= - above. + effect when systemd is running as user instance. See + systemd.crash_action= above. diff --git a/man/ukify.xml b/man/ukify.xml index 14dbb2a954..2614e0de36 100644 --- a/man/ukify.xml +++ b/man/ukify.xml @@ -220,7 +220,8 @@ For the inspect verb, the second syntax is used. The section NAME will be inspected (if found). If the second argument is text, the contents will be printed. - If the third argument is given, the contents will be saved to file PATH. + If the third argument is given, the contents will be saved to the file named + PATH. Note that the name is used as-is, and if the section name should start with a dot, it must be diff --git a/man/user@.service.xml b/man/user@.service.xml index ba57f1b331..e9cbda4833 100644 --- a/man/user@.service.xml +++ b/man/user@.service.xml @@ -52,7 +52,7 @@ User processes may be started by the user@.service instance, in which case they will be part of that unit in the system hierarchy. They may also be started elsewhere, for example by - sshd8 or a + sshd8 or a display manager like gdm, in which case they form a .scope unit (see systemd.scope5). Both user@UID.service and the scope units are @@ -145,7 +145,7 @@ Control group /: … User with UID 1000 is logged in using gdm (session-4.scope) and - ssh1 + ssh1 (session-19.scope), and also has a user manager instance running (user@1000.service). User with UID 1001 is logged in using ssh (session-20.scope) and diff --git a/man/userdbctl.xml b/man/userdbctl.xml index ff24ef8939..268da7ac3d 100644 --- a/man/userdbctl.xml +++ b/man/userdbctl.xml @@ -416,7 +416,7 @@ The userdbctl tool may be used to make the list of SSH authorized keys possibly contained in a user record available to the SSH daemon for authentication. For that configure the following in sshd_config5: + project='man-pages'>sshd_config5: … AuthorizedKeysCommand /usr/bin/userdbctl ssh-authorized-keys %u -- cgit v1.2.3 From d07fbf22ed1cde2459bf42f94c5debb9e0278c1a Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Sun, 24 Nov 2024 00:46:47 +0900 Subject: man: update documentation about basic .netdev file handling Follow-up for #34909 and later PRs. --- man/systemd.netdev.xml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml index aefe89fc16..4e65885295 100644 --- a/man/systemd.netdev.xml +++ b/man/systemd.netdev.xml @@ -34,10 +34,16 @@ for a general description of the syntax. The main Virtual Network Device file must have the extension .netdev; - other extensions are ignored. Virtual network devices are created as soon as networkd is - started. If a netdev with the specified name already exists, networkd will use that as-is rather - than create its own. Note that the settings of the pre-existing netdev will not be changed by - networkd. + other extensions are ignored. Virtual network devices are created as soon as + systemd-networkd is started if possible. If a netdev with the specified name already + exists, systemd-networkd will try to update the config if the kind of the existing + netdev is equivalent to the requested one, otherwise (e.g. when bridge device foo + exists but bonding device with the same name is configured in a .netdev file) use the existing netdev + as-is rather than replacing with the requested netdev. Note, several settings (e.g. vlan ID) cannot be + changed after the netdev is created. To change such settings, it is necessary to first remove the + existing netdev, and then run networkctl reload command or restart + systemd-networkd. See also + networkctl1. The .netdev files are read from the files located in the system network directory /usr/lib/systemd/network and -- cgit v1.2.3