1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00

Use https for man7.org

This commit is contained in:
Michael Biebl 2022-06-28 16:05:31 +02:00
parent 41d6f3bf4d
commit e2285c5735
10 changed files with 25 additions and 25 deletions

View File

@ -8,7 +8,7 @@ SPDX-License-Identifier: LGPL-2.1-or-later
# Locking Block Device Access
*TL;DR: Use BSD file locks
[(`flock(2)`)](http://man7.org/linux/man-pages/man2/flock.2.html) on block
[(`flock(2)`)](https://man7.org/linux/man-pages/man2/flock.2.html) on block
device nodes to synchronize access for partitioning and file system formatting
tools.*
@ -22,7 +22,7 @@ Applications manipulating a block device can temporarily stop `systemd-udevd`
from processing rules on it — and thus bar it from probing the device — by
taking a BSD file lock on the block device node. Specifically, whenever
`systemd-udevd` starts processing a block device it takes a `LOCK_SH|LOCK_NB`
lock using [`flock(2)`](http://man7.org/linux/man-pages/man2/flock.2.html) on
lock using [`flock(2)`](https://man7.org/linux/man-pages/man2/flock.2.html) on
the main block device (i.e. never on any partition block device, but on the
device the partition belongs to). If this lock cannot be taken (i.e. `flock()`
returns `EAGAIN`), it refrains from processing the device. If it manages to take

View File

@ -308,7 +308,7 @@ does not exist, no assumptions should be made.
A unified kernel image is a single EFI PE executable combining an EFI stub
loader, a kernel image, an initramfs image, and the kernel command line. See
the description of the `--uefi` option in
[dracut(8)](http://man7.org/linux/man-pages/man8/dracut.8.html). Such unified
[dracut(8)](https://man7.org/linux/man-pages/man8/dracut.8.html). Such unified
images are installed in the`$BOOT/EFI/Linux/` and `$XBOOTLDR/EFI/Linux/`
directories and must have the extension `.efi`.
Support for images of this type is of course specific to systems with EFI

View File

@ -56,8 +56,8 @@ Here's the step-by-step guide:
This will tell you the `/etc/passwd` and `/etc/shadow` entries for your
user. For details about the fields, see the respective man pages
[passwd(5)](http://man7.org/linux/man-pages/man5/passwd.5.html) and
[shadow(5)](http://man7.org/linux/man-pages/man5/shadow.5.html).
[passwd(5)](https://man7.org/linux/man-pages/man5/passwd.5.html) and
[shadow(5)](https://man7.org/linux/man-pages/man5/shadow.5.html).
The fourth field in the `getent passwd foobar` output tells you the GID of
your user's main group. Depending on your distribution it's a group private

View File

@ -12,7 +12,7 @@ systemd 12 and newer support lightweight password agents which can be used to qu
* A Plymouth agent used for querying passwords during boot-up
* A console agent used in similar situations if Plymouth is not available
* A GNOME agent which can be run as part of the normal user session which pops up a notification message and icon which when clicked receives the passphrase from the user. This is useful and necessary in case an encrypted system hard-disk is plugged in when the machine is already up.
* A [`wall(1)`](http://man7.org/linux/man-pages/man1/wall.1.html) agent which sends wall messages as soon as a password shall be entered.
* A [`wall(1)`](https://man7.org/linux/man-pages/man1/wall.1.html) agent which sends wall messages as soon as a password shall be entered.
* A simple tty agent which is built into "`systemctl start`" (and similar commands) and asks passwords to the user during manual startup of a service
* A simple tty agent which can be run manually to respond to all queued passwords

View File

@ -25,7 +25,7 @@ for high-quality random numbers cannot be fulfilled.
The Linux kernel provides three relevant userspace APIs to request random data
from the kernel's entropy pool:
* The [`getrandom()`](http://man7.org/linux/man-pages/man2/getrandom.2.html)
* The [`getrandom()`](https://man7.org/linux/man-pages/man2/getrandom.2.html)
system call with its `flags` parameter set to 0. If invoked the calling
program will synchronously block until the random pool is fully initialized
and the requested bytes can be provided.
@ -35,7 +35,7 @@ from the kernel's entropy pool:
pool is not initialized yet.
* Reading from the
[`/dev/urandom`](http://man7.org/linux/man-pages/man4/urandom.4.html)
[`/dev/urandom`](https://man7.org/linux/man-pages/man4/urandom.4.html)
pseudo-device will always return random bytes immediately, even if the pool
is not initialized. The provided random bytes will be of low quality in this
case however. Moreover the kernel will log about all programs using this
@ -294,7 +294,7 @@ This primarily leaves two kind of systems in the cold:
do use it in many cases, but not in all. Please read the above again!
2. *Why don't you use
[getentropy()](http://man7.org/linux/man-pages/man3/getentropy.3.html)? That's
[getentropy()](https://man7.org/linux/man-pages/man3/getentropy.3.html)? That's
all you need!*
Same story. That call is just a different name for `getrandom()` with
@ -303,7 +303,7 @@ This primarily leaves two kind of systems in the cold:
are trying to address here.
3. *Why don't you generate your UUIDs with
[`uuidd`](http://man7.org/linux/man-pages/man8/uuidd.8.html)? That's all you
[`uuidd`](https://man7.org/linux/man-pages/man8/uuidd.8.html)? That's all you
need!*
First of all, that's a system service, i.e. something that runs as "payload"

View File

@ -44,15 +44,15 @@ installation during runtime is permitted.)
To protect yourself against these kinds of attacks Linux provides a couple of
APIs that help you avoiding guessable names. Specifically:
1. Use [`mkstemp()`](http://man7.org/linux/man-pages/man3/mkstemp.3.html)
1. Use [`mkstemp()`](https://man7.org/linux/man-pages/man3/mkstemp.3.html)
(POSIX), `mkostemp()` (glibc),
[`mkdtemp()`](http://man7.org/linux/man-pages/man3/mkdtemp.3.html) (POSIX),
[`tmpfile()`](http://man7.org/linux/man-pages/man3/tmpfile.3.html) (C89)
[`mkdtemp()`](https://man7.org/linux/man-pages/man3/mkdtemp.3.html) (POSIX),
[`tmpfile()`](https://man7.org/linux/man-pages/man3/tmpfile.3.html) (C89)
2. Use [`open()`](http://man7.org/linux/man-pages/man2/open.2.html) with
2. Use [`open()`](https://man7.org/linux/man-pages/man2/open.2.html) with
`O_TMPFILE` (Linux)
3. [`memfd_create()`](http://man7.org/linux/man-pages/man2/memfd_create.2.html)
3. [`memfd_create()`](https://man7.org/linux/man-pages/man2/memfd_create.2.html)
(Linux; this doesn't bother with `/tmp/` or `/var/tmp/` at all, but uses the
same RAM/swap backing as `tmpfs` uses, hence is very similar to `/tmp/`
semantics.)
@ -113,7 +113,7 @@ strategies to avoid these issues:
3. 🥇 Operate below a sub-directory of `/tmp/` and `/var/tmp/` you created, and
take a BSD file lock ([`flock(dir_fd,
LOCK_SH)`](http://man7.org/linux/man-pages/man2/flock.2.html)) on that
LOCK_SH)`](https://man7.org/linux/man-pages/man2/flock.2.html)) on that
sub-directory. This is particularly interesting when operating on more than
a single file, or on file nodes that are not plain regular files, for
example when extracting a tarball to a temporary directory. The ageing
@ -126,7 +126,7 @@ strategies to avoid these issues:
this when decompressing tarballs that contain files with old
modification/access times, as extracted files are otherwise immediately
candidates for deletion by the ageing algorithm. The
[`flock`](http://man7.org/linux/man-pages/man1/flock.1.html) tool of the
[`flock`](https://man7.org/linux/man-pages/man1/flock.1.html) tool of the
`util-linux` packages makes this concept available to shell scripts. Note
that `systemd-tmpfiles` only checks for BSD file locks on directories, locks
on other types of file nodes (including regular files) are not considered.
@ -217,7 +217,7 @@ packages instead use `/dev/shm/` for temporary files during early boot; this is
not advisable however, as it offers no benefits over a private directory in
`/run/` as both are backed by the same concept: `tmpfs`. The directory
`/dev/shm/` exists to back POSIX shared memory (see
[`shm_open()`](http://man7.org/linux/man-pages/man3/shm_open.3.html) and
[`shm_open()`](https://man7.org/linux/man-pages/man3/shm_open.3.html) and
related calls), and not as a place for temporary files. `/dev/shm` is
problematic as it is world-writable and there's no automatic clean-up logic in
place.)

View File

@ -11,7 +11,7 @@ JSON User/Group Records (as described in the [JSON User Records](USER_RECORD.md)
and [JSON Group Records](GROUP_RECORD.md) documents) that are defined on the
local system may be queried with a [Varlink](https://varlink.org/) API. This
API takes both the role of what
[`getpwnam(3)`](http://man7.org/linux/man-pages/man3/getpwnam.3.html) and
[`getpwnam(3)`](https://man7.org/linux/man-pages/man3/getpwnam.3.html) and
related calls are for `struct passwd`, as well as the interfaces modules
implementing the [glibc Name Service Switch
(NSS)](https://www.gnu.org/software/libc/manual/html_node/Name-Service-Switch.html)

View File

@ -297,7 +297,7 @@ for all login sessions of the user.
`environment` → An array of strings, each containing an environment variable
and its value to set for the user's login session, in a format compatible with
[`putenv()`](http://man7.org/linux/man-pages/man3/putenv.3.html). Any
[`putenv()`](https://man7.org/linux/man-pages/man3/putenv.3.html). Any
environment variable listed here is automatically set by
[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/pam_systemd.html)
for all login sessions of the user.
@ -320,7 +320,7 @@ variable, for example: `de_DE.UTF8`.
[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/pam_systemd.html)
will automatically initialize the login process' nice level to this value with,
which is then inherited by all the user's processes, see
[`setpriority()`](http://man7.org/linux/man-pages/man2/setpriority.2.html) for
[`setpriority()`](https://man7.org/linux/man-pages/man2/setpriority.2.html) for
more information.
`resourceLimits` → An object, where each key refers to a Linux resource limit
@ -329,7 +329,7 @@ two keys `cur` and `max` for the soft and hard resource limit. When logging in
[`pam_systemd`](https://www.freedesktop.org/software/systemd/man/pam_systemd.html)
will automatically initialize the login process' resource limits to these
values, which is then inherited by all the user's processes, see
[`setrlimit()`](http://man7.org/linux/man-pages/man2/setrlimit.2.html) for more
[`setrlimit()`](https://man7.org/linux/man-pages/man2/setrlimit.2.html) for more
information.
`locked` → A boolean value. If true, the user account is locked, the user may
@ -625,7 +625,7 @@ user to choose.
`hashedPassword` → An array of strings, each containing a hashed UNIX password
string, in the format
[`crypt(3)`](http://man7.org/linux/man-pages/man3/crypt.3.html) generates. This
[`crypt(3)`](https://man7.org/linux/man-pages/man3/crypt.3.html) generates. This
corresponds with `sp_pwdp` field of `struct spwd` (and in a way the `pw_passwd`
field of `struct passwd`).

View File

@ -30,7 +30,7 @@
<xsl:template match="citerefentry[@project='man-pages'] | citerefentry[manvolnum='2'] | citerefentry[manvolnum='4']">
<a>
<xsl:attribute name="href">
<xsl:text>http://man7.org/linux/man-pages/man</xsl:text>
<xsl:text>https://man7.org/linux/man-pages/man</xsl:text>
<xsl:value-of select="manvolnum"/>
<xsl:text>/</xsl:text>
<xsl:value-of select="refentrytitle"/>

View File

@ -1261,7 +1261,7 @@
The <varname>Key=</varname> is either a number or an IPv4 address-like dotted quad.
It is used as mark-configured SAD/SPD entry as part of the lookup key (both in data
and control path) in IP XFRM (framework used to implement IPsec protocol).
See <ulink url="http://man7.org/linux/man-pages/man8/ip-xfrm.8.html">
See <ulink url="https://man7.org/linux/man-pages/man8/ip-xfrm.8.html">
ip-xfrm — transform configuration</ulink> for details. It is only used for VTI/VTI6,
GRE, GRETAP, and ERSPAN tunnels.</para>
</listitem>