From 0febb98cbeec3cf68d683bafd67f71dc943e2fd7 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Aug 01 2017 03:30:23 +0000 Subject: import man-pages-overrides-7.4.3-1.el7 --- diff --git a/.gitignore b/.gitignore index aea146d..463a11a 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/man-pages-overrides-7.3.2.tar.xz +SOURCES/man-pages-overrides-7.4.3.tar.xz diff --git a/.man-pages-overrides.metadata b/.man-pages-overrides.metadata index 9e7c618..0551c55 100644 --- a/.man-pages-overrides.metadata +++ b/.man-pages-overrides.metadata @@ -1 +1 @@ -84f8c9534ffca920566274aba0e21680771368da SOURCES/man-pages-overrides-7.3.2.tar.xz +d5943d7b6ceaaad9109815f85573b17810891d5e SOURCES/man-pages-overrides-7.4.3.tar.xz diff --git a/SOURCES/1064756-mpo-7.1.2-netstat.8.patch b/SOURCES/1064756-mpo-7.1.2-netstat.8.patch deleted file mode 100644 index 52e722f..0000000 --- a/SOURCES/1064756-mpo-7.1.2-netstat.8.patch +++ /dev/null @@ -1,74 +0,0 @@ -From ed7660157811b91e376830514ea4c0108617173c Mon Sep 17 00:00:00 2001 -From: Jan Chaloupka -Date: Tue, 25 Nov 2014 15:02:31 +0100 -Subject: [PATCH] netstat.8 Add netstat -S/--sctp parameter - ---- - net-tools/de/man8/netstat.8 | 2 ++ - net-tools/fr/man8/netstat.8 | 2 ++ - net-tools/man8/netstat.8 | 2 ++ - net-tools/pt/man8/netstat.8 | 2 ++ - 4 files changed, 8 insertions(+) - -diff --git a/net-tools/de/man8/netstat.8 b/net-tools/de/man8/netstat.8 -index d6b77ff..fdb76c9 100644 ---- a/net-tools/de/man8/netstat.8 -+++ b/net-tools/de/man8/netstat.8 -@@ -20,6 +20,8 @@ netstat \- Anzeige von Netzwerksverbindungen, Routentabellen, Schnittstellenstat - .RB [ \-venaoc ] - .RB [ \-\-tcp | \-t ] - .RB [ \-\-udp | \-u ] -+.RB [ \-\-udplite | \-U ] -+.RB [ \-\-sctp | \-S ] - .RB [ \-\-raw | \-w ] - .RB [ \-\-groups | \-g ] - .RB [ \-\-unix | \-x ] -diff --git a/net-tools/fr/man8/netstat.8 b/net-tools/fr/man8/netstat.8 -index fedbe4f..c65d0be 100644 ---- a/net-tools/fr/man8/netstat.8 -+++ b/net-tools/fr/man8/netstat.8 -@@ -21,6 +21,8 @@ et les membres multicast. - .RB [ \-venaoc ] - .RB [ \-\-tcp | \-t ] - .RB [ \-\-udp | \-u ] -+.RB [ \-\-udplite | \-U ] -+.RB [ \-\-sctp | \-S ] - .RB [ \-\-raw | \-w ] - .RB [ \-\-groups | \-g ] - .RB [ \-\-unix | \-x ] -diff --git a/net-tools/man8/netstat.8 b/net-tools/man8/netstat.8 -index 831faf2..7fcd41b 100644 ---- a/net-tools/man8/netstat.8 -+++ b/net-tools/man8/netstat.8 -@@ -21,6 +21,7 @@ netstat \- Print network connections, routing tables, interface statistics, masq - .RB [ \-\-tcp | \-t ] - .RB [ \-\-udp | \-u ] - .RB [ \-\-udplite | \-U ] -+.RB [ \-\-sctp | \-S ] - .RB [ \-\-raw | \-w ] - .RB [ \-\-listening | \-l ] - .RB [ \-\-all | \-a ] -@@ -76,6 +77,7 @@ netstat \- Print network connections, routing tables, interface statistics, masq - .RB [ \-\-tcp | \-t ] - .RB [ \-\-udp | \-u ] - .RB [ \-\-udplite | \-U ] -+.RB [ \-\-sctp | \-S ] - .RB [ \-\-raw | \-w ] - .RB [delay] - .P -diff --git a/net-tools/pt/man8/netstat.8 b/net-tools/pt/man8/netstat.8 -index 1903bbb..d2d04ef 100644 ---- a/net-tools/pt/man8/netstat.8 -+++ b/net-tools/pt/man8/netstat.8 -@@ -19,6 +19,8 @@ mascaradas. - .RB [ \-venaoc ] - .RB [ \-\-tcp | \-t ] - .RB [ \-\-udp | \-u ] -+.RB [ \-\-udplite | \-U ] -+.RB [ \-\-sctp | \-S ] - .RB [ \-\-raw | \-w ] - .RB [ \-\-unix | \-x ] - .RB [ \-\-inet | \-\-ip ] --- -1.9.3 - diff --git a/SOURCES/1085531-mpo-7.4.0-ipvsadm.8.patch b/SOURCES/1085531-mpo-7.4.0-ipvsadm.8.patch new file mode 100644 index 0000000..3fac1b0 --- /dev/null +++ b/SOURCES/1085531-mpo-7.4.0-ipvsadm.8.patch @@ -0,0 +1,37 @@ +From 6eb0f94188ac99b122693c79302c60c9ec9aef08 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Nikola=20Forr=C3=B3?= +Date: Tue, 28 Mar 2017 14:49:57 +0200 +Subject: [PATCH 1/6] ipvsadm.8: add missing option + +--- + ipvsadm/man8/ipvsadm.8 | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/ipvsadm/man8/ipvsadm.8 b/ipvsadm/man8/ipvsadm.8 +index 9a9e9b3..263e873 100644 +--- a/ipvsadm/man8/ipvsadm.8 ++++ b/ipvsadm/man8/ipvsadm.8 +@@ -37,7 +37,9 @@ ipvsadm \- Linux Virtual Server administration + .SH SYNOPSIS + .B ipvsadm -A|E -t|u|f \fIservice-address\fP [-s \fIscheduler\fP] + .ti 15 +-.B [-p [\fItimeout\fP]] [-M \fInetmask\fP] [-b \fIsched-flags\fP] ++.B [-p [\fItimeout\fP]] [-M \fInetmask\fP] [--pe \fIpersistence_engine\fP] ++.ti 15 ++.B [-b \fIsched-flags\fP] + .br + .B ipvsadm -D -t|u|f \fIservice-address\fP + .br +@@ -262,6 +264,9 @@ fixed service rate (weight) of the ith server. + there is, instead of waiting for a fast one; if all the servers are + busy, it adopts the Shortest Expected Delay policy to assign the job. + .TP ++.B --pe \fIpersistence_engine\fR ++Alternate persistence engine may be sip, not set by default. ++.TP + .B -p, --persistent [\fItimeout\fP] + Specify that a virtual service is persistent. If this option is + specified, multiple requests from a client are redirected to the same +-- +2.7.4 + diff --git a/SOURCES/1109291-mpo-7.1.0-mailx.1.patch b/SOURCES/1109291-mpo-7.1.0-mailx.1.patch deleted file mode 100644 index dd40187..0000000 --- a/SOURCES/1109291-mpo-7.1.0-mailx.1.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 7b3766eb42ec6525e9b350f76c0cc0622c99f9a8 Mon Sep 17 00:00:00 2001 -From: Jan Chaloupka -Date: Mon, 29 Sep 2014 22:28:35 +0200 -Subject: [PATCH] addition to FROM syntax - ---- - mailx/man1/mailx.1 | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/mailx/man1/mailx.1 b/mailx/man1/mailx.1 -index c1dd9a4..5181dd3 100644 ---- a/mailx/man1/mailx.1 -+++ b/mailx/man1/mailx.1 -@@ -219,6 +219,14 @@ and, in case of a string option, - assigns - .I value - to it. -+Note, that when setting -+.I from -+variable, domain name of host is automatically added if value does not contain any. -+If you want to enter -+.I from -+address with owner's name, you can use, for example, following format: -+.B -S -+.I \(dqfrom=System User \(dq - .TP - .BI \-T \ name - Writes the `Message-Id:' and `Article-Id:' header fields --- -1.9.3 - diff --git a/SOURCES/1109294-mpo-7.1.0-mailx.1.environment-variables.patch b/SOURCES/1109294-mpo-7.1.0-mailx.1.environment-variables.patch deleted file mode 100644 index 628bddd..0000000 --- a/SOURCES/1109294-mpo-7.1.0-mailx.1.environment-variables.patch +++ /dev/null @@ -1,26 +0,0 @@ -From d155680b85259d6092f2e2d166dbca9c1a793918 Mon Sep 17 00:00:00 2001 -From: Jan Chaloupka -Date: Mon, 29 Sep 2014 22:45:33 +0200 -Subject: [PATCH] environment vairables - ---- - mailx/man1/mailx.1 | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/mailx/man1/mailx.1 b/mailx/man1/mailx.1 -index 5181dd3..59737df 100644 ---- a/mailx/man1/mailx.1 -+++ b/mailx/man1/mailx.1 -@@ -2197,7 +2197,8 @@ if it is passed to \fImailx\fR - as part of the environment - (this is not restricted to specific variables as in the POSIX standard). - A value given in a startup file overrides --a value imported from the environment. -+a value imported from the environment, but it is not possible to unset -+an environment variable in a startup file. - Options may be either binary, - in which case it is only significant - to see whether they are set or not; --- -1.9.3 - diff --git a/SOURCES/1181670-mpo-7.3.0-libpaf-dsc.3-libpaf-ebb.3.patch b/SOURCES/1181670-mpo-7.3.0-libpaf-dsc.3-libpaf-ebb.3.patch deleted file mode 100644 index ddcfad6..0000000 --- a/SOURCES/1181670-mpo-7.3.0-libpaf-dsc.3-libpaf-ebb.3.patch +++ /dev/null @@ -1,100 +0,0 @@ -From 489df948529168392fcf990c68724c03fb9164f2 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Nikola=20Forr=C3=B3?= -Date: Tue, 28 Jun 2016 11:10:13 +0200 -Subject: [PATCH 02/17] libpaf-dsc.3, libpaf-ebb.3: fix formatting and examples - ---- - paflib/man3/libpaf-dsc.3 | 18 ++++++------------ - paflib/man3/libpaf-ebb.3 | 4 ++-- - 2 files changed, 8 insertions(+), 14 deletions(-) - -diff --git a/paflib/man3/libpaf-dsc.3 b/paflib/man3/libpaf-dsc.3 -index 201441f..e1c4ae4 100644 ---- a/paflib/man3/libpaf-dsc.3 -+++ b/paflib/man3/libpaf-dsc.3 -@@ -52,47 +52,40 @@ available on Power Architecture. This register follows the layout specified in - the corresponding Power ISA, with the following defined flags. - - These are features supported by Power ISA 2.05: --.TP -+.LP - .IP \[bu] 2 - .BR DSCR_SSE - Store Stream Enable. - --.PP -+.LP - These features were added on Power ISA 2.06: --.TP - .IP \[bu] 2 - .BR DSCR_SNSE - Stride-N Stream Enable. --.PP -+ -+.LP - These features were added on Power ISA 2.06+: --.TP - .IP \[bu] 2 - .BR DSCR_LSD - Load Stream Disable. - --.PP -+.LP - These are supported only on Power ISA 2.07: --.TP - .IP \[bu] 2 - .BR DSCR_HWUE - Hardware Unit count Enable. --.TP - .IP \[bu] 2 - .BR DSCR_SWUE - Software Unit count Enable. --.TP - .IP \[bu] - .BR DSCR_LTE - Load Transient Enable. --.TP - .IP \[bu] - .BR DSCR_STE - Software Transient Enable. --.TP - .IP \[bu] - .BR DSCR_HTE - Hardware Transient Enable. --.TP - .IP \[bu] - .BR DSCR_SWTE - Software Transient Enable. -@@ -201,6 +194,7 @@ if the system does not support DSCR facility. - .nf - #include - #include -+#include - - int main(void) - { -diff --git a/paflib/man3/libpaf-ebb.3 b/paflib/man3/libpaf-ebb.3 -index eb6cd2e..87460a6 100644 ---- a/paflib/man3/libpaf-ebb.3 -+++ b/paflib/man3/libpaf-ebb.3 -@@ -200,7 +200,7 @@ void do_work (void) - } - } - --int _do_ebb(void) -+int do_ebb(void) - { - ebbhandler_t handler; - ebb_handler_triggered = 0; -@@ -223,7 +223,7 @@ int _do_ebb(void) - - paf_ebb_disable_branches (); - -- printf ("Done; %d EBB interrupts handled\n", ebb_handler_triggered); -+ printf ("Done; %d EBB interrupts handled\\n", ebb_handler_triggered); - - close (ebb_fd); - --- -2.7.4 - diff --git a/SOURCES/1263636-mpo-7.4.0-cp.1-install.1-mkdir.1-mkfifo.1-mknod.1.patch b/SOURCES/1263636-mpo-7.4.0-cp.1-install.1-mkdir.1-mkfifo.1-mknod.1.patch new file mode 100644 index 0000000..409efde --- /dev/null +++ b/SOURCES/1263636-mpo-7.4.0-cp.1-install.1-mkdir.1-mkfifo.1-mknod.1.patch @@ -0,0 +1,102 @@ +From 0c42bbdf642de9c11ada1fc371694c6488e71f1d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Nikola=20Forr=C3=B3?= +Date: Tue, 28 Mar 2017 14:54:02 +0200 +Subject: [PATCH 2/6] cp.1, install.1, mkdir.1, mkfifo.1, mknod.1: update + security context options to reflect coreutils change + +--- + man-pages-zh-CN/zh_CN/man1/cp.1 | 6 ++++++ + man-pages-zh-CN/zh_CN/man1/install.1 | 6 ++++++ + man-pages-zh-CN/zh_CN/man1/mkdir.1 | 6 ++++++ + man-pages-zh-CN/zh_CN/man1/mkfifo.1 | 6 ++++++ + man-pages-zh-CN/zh_CN/man1/mknod.1 | 6 ++++++ + 5 files changed, 30 insertions(+) + +diff --git a/man-pages-zh-CN/zh_CN/man1/cp.1 b/man-pages-zh-CN/zh_CN/man1/cp.1 +index be003c1..29217ba 100644 +--- a/man-pages-zh-CN/zh_CN/man1/cp.1 ++++ b/man-pages-zh-CN/zh_CN/man1/cp.1 +@@ -253,6 +253,12 @@ backups of the others. + 总作简单的备份. + .RE + .SH "GNU 标准选项" ++.TP ++\fB\-Z\fP ++将目标文件 SELinux 安全上下文设置为默认类型 ++.TP ++\fB\-\-context\fP[=\fI\,CTX\/\fP] ++类似 \fB\-Z\fP,或者如果给定了上下文(CTX)那么将 SELinux 或者 SMACK 安全上下文设置为给定值 + .TP + .B "\-\-help" + 印出用法并退出. +diff --git a/man-pages-zh-CN/zh_CN/man1/install.1 b/man-pages-zh-CN/zh_CN/man1/install.1 +index 0eede5c..fb396f3 100644 +--- a/man-pages-zh-CN/zh_CN/man1/install.1 ++++ b/man-pages-zh-CN/zh_CN/man1/install.1 +@@ -157,6 +157,12 @@ GNU版本的程序如 + 总作简单备份. + .RE + .SH "GNU STANDARD OPTIONS(GNU标准选项)" ++.TP ++\fB\-Z\fP ++将目标文件 SELinux 安全上下文设置为默认类型 ++.TP ++\fB\-\-context\fP[=\fI\,CTX\/\fP] ++类似 \fB\-Z\fP,或者如果给定了上下文(CTX)那么将 SELinux 或者 SMACK 安全上下文设置为给定值 + .TP + .B "\-\-help" + 在标准输出上打印一条用法信息,并以成功状态退出. +diff --git a/man-pages-zh-CN/zh_CN/man1/mkdir.1 b/man-pages-zh-CN/zh_CN/man1/mkdir.1 +index 20b358e..c2697eb 100644 +--- a/man-pages-zh-CN/zh_CN/man1/mkdir.1 ++++ b/man-pages-zh-CN/zh_CN/man1/mkdir.1 +@@ -33,6 +33,12 @@ mkdir 用指定的名字建立目录。 + .BI "--verbose" + 打印出新建立的每一个目录名。与--parents联合使用最有效。 + .SH GNU 标准选项 ++.TP ++\fB\-Z\fP ++将目标文件 SELinux 安全上下文设置为默认类型 ++.TP ++\fB\-\-context\fP[=\fI\,CTX\/\fP] ++类似 \fB\-Z\fP,或者如果给定了上下文(CTX)那么将 SELinux 或者 SMACK 安全上下文设置为给定值 + .TP + .BI "-help" + 在标准输出上显示使用信息并顺利退出。 +diff --git a/man-pages-zh-CN/zh_CN/man1/mkfifo.1 b/man-pages-zh-CN/zh_CN/man1/mkfifo.1 +index 98dbe4d..a2c5ba5 100644 +--- a/man-pages-zh-CN/zh_CN/man1/mkfifo.1 ++++ b/man-pages-zh-CN/zh_CN/man1/mkfifo.1 +@@ -32,6 +32,12 @@ GNU options(选项)(最短格式): + .BR chmod(1) + 中的符号模式,并使用默认模式作为起始点. + .SH "GNU STANDARD OPTIONS(GNU标准选项)" ++.TP ++\fB\-Z\fP ++将目标文件 SELinux 安全上下文设置为默认类型 ++.TP ++\fB\-\-context\fP[=\fI\,CTX\/\fP] ++类似 \fB\-Z\fP,或者如果给定了上下文(CTX)那么将 SELinux 或者 SMACK 安全上下文设置为给定值 + .TP + .B "\-\-help" + 在标准输出上打印一条用法信息,并以成功状态退出. +diff --git a/man-pages-zh-CN/zh_CN/man1/mknod.1 b/man-pages-zh-CN/zh_CN/man1/mknod.1 +index 24c5e51..3b26f89 100644 +--- a/man-pages-zh-CN/zh_CN/man1/mknod.1 ++++ b/man-pages-zh-CN/zh_CN/man1/mknod.1 +@@ -59,6 +59,12 @@ GNU版本还允许使用u('unbufferd'非缓冲化), + 用缺省模式建立新目录。 + + .SH GNU 标准选项 ++.TP ++\fB\-Z\fP ++将目标文件 SELinux 安全上下文设置为默认类型 ++.TP ++\fB\-\-context\fP[=\fI\,CTX\/\fP] ++类似 \fB\-Z\fP,或者如果给定了上下文(CTX)那么将 SELinux 或者 SMACK 安全上下文设置为给定值 + .TP + .B "\-\-help" + 在标准输出上显示使用信息并顺利退出。 +-- +2.7.4 + diff --git a/SOURCES/1316009-mpo-7.4.0-mcstransd.8.patch b/SOURCES/1316009-mpo-7.4.0-mcstransd.8.patch new file mode 100644 index 0000000..8d852fb --- /dev/null +++ b/SOURCES/1316009-mpo-7.4.0-mcstransd.8.patch @@ -0,0 +1,32 @@ +From f8a1f766c22973c136b3e803280f76051dd318cb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Nikola=20Forr=C3=B3?= +Date: Tue, 28 Mar 2017 14:57:55 +0200 +Subject: [PATCH 3/6] mcstransd.8: fix typos + +--- + mcstrans/man8/mcstransd.8 | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/mcstrans/man8/mcstransd.8 b/mcstrans/man8/mcstransd.8 +index f92a572..af2390e 100644 +--- a/mcstrans/man8/mcstransd.8 ++++ b/mcstrans/man8/mcstransd.8 +@@ -11,13 +11,13 @@ This manual page describes the + .BR mcstransd + program. + .P +-This daemon reads /etc/selinux/{SELINUXTYPE}/setrans.conf and /etc/selinux/{SELINUXTYPE}/secolors.conf configuration files, and communicates with libselinux via a socket in /var/run/setrans. ++This daemon reads /etc/selinux/{SELINUXTYPE}/setrans.conf and /etc/selinux/{SELINUXTYPE}/secolor.conf configuration files, and communicates with libselinux via a socket in /var/run/setrans. + It also watches for files created in /var/run/setrans and uses the contents of these files to generate translations to the names. For example writing a file /var/run/setrans/mydomain with content of s0:c1,c2 will cause mcstrans to translate s0:c1,c2 to mydomain. + + .SH "AUTHOR" + This man page was written by Dan Walsh . + The program was originally written by Dan Walsh . +-The program was enhanced/rwwritten by Joe Nall . ++The program was enhanced/rewritten by Joe Nall . + + .SH "FILES" + /etc/selinux/{SELINUXTYPE}/setrans.conf +-- +2.7.4 + diff --git a/SOURCES/1390935-mpo-7.4.0-nsswitch.conf.5.patch b/SOURCES/1390935-mpo-7.4.0-nsswitch.conf.5.patch new file mode 100644 index 0000000..724ea87 --- /dev/null +++ b/SOURCES/1390935-mpo-7.4.0-nsswitch.conf.5.patch @@ -0,0 +1,50 @@ +From 02dc2c2f14a67b719ba0eae06695a468fbb11d61 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Nikola=20Forr=C3=B3?= +Date: Tue, 28 Mar 2017 15:02:09 +0200 +Subject: [PATCH 5/6] nsswitch.conf.5: add information about sss service + +--- + man-pages/man5/nsswitch.conf.5 | 16 +++++++++++++++- + 1 file changed, 15 insertions(+), 1 deletion(-) + +diff --git a/man-pages/man5/nsswitch.conf.5 b/man-pages/man5/nsswitch.conf.5 +index 72c459e..f234249 100644 +--- a/man-pages/man5/nsswitch.conf.5 ++++ b/man-pages/man5/nsswitch.conf.5 +@@ -175,6 +175,16 @@ may be 1 for glibc 2.0, or 2 for glibc 2.1 and later. + On systems with additional libraries installed, you may have access to + further services such as "hesiod", "ldap", "winbind" and "wins". + .LP ++If System Security Services Daemon (SSSD) ++is installed on your system, you can use ++this service with the "sss" keyword. ++SSSD supports the following databases: ++.BR passwd , ++.BR group , ++.BR services ++and ++.BR netgroup . ++.LP + An action may also be specified following a service specification. + The action modifies the behavior following a result obtained + from the preceding data source. +@@ -290,11 +300,15 @@ NIS passwd map. + .RE + .LP + By default the source is "nis", but this may be +-overridden by specifying "nisplus" as the source for the pseudo-databases ++overridden by specifying any NSS service except "compat" itself ++as the source for the pseudo-databases + .BR passwd_compat , + .BR group_compat , + and + .BR shadow_compat . ++.LP ++If SSSD is installed on your system, you can use "sss" as the source ++for these pseudo-databases. + .SH FILES + A service named + .I SERVICE +-- +2.7.4 + diff --git a/SOURCES/1404478-mpo-7.4.0-packet.7.patch b/SOURCES/1404478-mpo-7.4.0-packet.7.patch new file mode 100644 index 0000000..143b15e --- /dev/null +++ b/SOURCES/1404478-mpo-7.4.0-packet.7.patch @@ -0,0 +1,257 @@ +From ad7e94b35988c8cd03866d47aa6fb21841cfae7c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Nikola=20Forr=C3=B3?= +Date: Tue, 28 Mar 2017 15:04:36 +0200 +Subject: [PATCH 6/6] packet.7: add missing socket options + +--- + man-pages/man7/packet.7 | 218 ++++++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 209 insertions(+), 9 deletions(-) + +diff --git a/man-pages/man7/packet.7 b/man-pages/man7/packet.7 +index f5d990b..b217e5e 100644 +--- a/man-pages/man7/packet.7 ++++ b/man-pages/man7/packet.7 +@@ -177,19 +177,24 @@ and + .I sll_ifindex + are used. + .SS Socket options ++Packet socket options are configured by calling ++.BR setsockopt (2) ++with level ++.BR SOL_PACKET . ++.TP ++.BR PACKET_ADD_MEMBERSHIP ++.PD 0 ++.TP ++.BR PACKET_DROP_MEMBERSHIP ++.PD + Packet sockets can be used to configure physical layer multicasting + and promiscuous mode. +-It works by calling +-.BR setsockopt (2) +-on a packet socket for +-.B SOL_PACKET +-and one of the options + .B PACKET_ADD_MEMBERSHIP +-to add a binding or ++adds a binding and + .B PACKET_DROP_MEMBERSHIP +-to drop it. ++drops it. + They both expect a +-.B packet_mreq ++.I packet_mreq + structure as argument: + + .in +4n +@@ -222,11 +227,206 @@ and + sets the socket up to receive all multicast packets arriving at + the interface. + +-In addition the traditional ioctls ++In addition, the traditional ioctls + .BR SIOCSIFFLAGS , + .BR SIOCADDMULTI , + .B SIOCDELMULTI + can be used for the same purpose. ++.TP ++.BR PACKET_AUXDATA " (since Linux 2.6.21)" ++.\" commit 8dc4194474159660d7f37c495e3fc3f10d0db8cc ++If this binary option is enabled, the packet socket passes a metadata ++structure along with each packet in the ++.BR recvmsg (2) ++control field. ++The structure can be read with ++.BR cmsg (3). ++It is defined as ++ ++.in +4n ++.nf ++struct tpacket_auxdata { ++ __u32 tp_status; ++ __u32 tp_len; /* packet length */ ++ __u32 tp_snaplen; /* captured length */ ++ __u16 tp_mac; ++ __u16 tp_net; ++ __u16 tp_vlan_tci; ++ __u16 tp_padding; ++}; ++.fi ++.in ++.TP ++.BR PACKET_FANOUT " (since Linux 3.1)" ++.\" commit dc99f600698dcac69b8f56dda9a8a00d645c5ffc ++To scale processing across threads, packet sockets can form a fanout ++group. ++In this mode, each matching packet is enqueued onto only one ++socket in the group. ++A socket joins a fanout group by calling ++.BR setsockopt (2) ++with level ++.B SOL_PACKET ++and option ++.BR PACKET_FANOUT . ++Each network namespace can have up to 65536 independent groups. ++A socket selects a group by encoding the ID in the first 16 bits of ++the integer option value. ++The first packet socket to join a group implicitly creates it. ++To successfully join an existing group, subsequent packet sockets ++must have the same protocol, device settings, fanout mode and ++flags (see below). ++Packet sockets can leave a fanout group only by closing the socket. ++The group is deleted when the last socket is closed. ++ ++Fanout supports multiple algorithms to spread traffic between sockets. ++The default mode, ++.BR PACKET_FANOUT_HASH , ++sends packets from the same flow to the same socket to maintain ++per-flow ordering. ++For each packet, it chooses a socket by taking the packet flow hash ++modulo the number of sockets in the group, where a flow hash is a hash ++over network-layer address and optional transport-layer port fields. ++The load-balance mode ++.BR PACKET_FANOUT_LB ++implements a round-robin algorithm. ++.BR PACKET_FANOUT_CPU ++selects the socket based on the CPU that the packet arrived on. ++.BR PACKET_FANOUT_ROLLOVER ++processes all data on a single socket, moves to the next when one ++becomes backlogged. ++.BR PACKET_FANOUT_RND ++selects the socket using a pseudo-random number generator. ++ ++Fanout modes can take additional options. ++IP fragmentation causes packets from the same flow to have different ++flow hashes. ++The flag ++.BR PACKET_FANOUT_FLAG_DEFRAG , ++if set, causes packet to be defragmented before fanout is applied, to ++preserve order even in this case. ++Fanout mode and options are communicated in the second 16 bits of the ++integer option value. ++The flag ++.BR PACKET_FANOUT_FLAG_ROLLOVER ++enables the roll over mechanism as a backup strategy: if the ++original fanout algorithm selects a backlogged socket, the packet ++rolls over to the next available one. ++.TP ++.BR PACKET_LOSS " (with " PACKET_TX_RING ) ++If set, do not silently drop a packet on transmission error, but ++return it with status set to ++.BR TP_STATUS_WRONG_FORMAT . ++.TP ++.BR PACKET_RESERVE " (with " PACKET_RX_RING ) ++By default, a packet receive ring writes packets immediately following the ++metadata structure and alignment padding. ++This integer option reserves additional headroom. ++.TP ++.BR PACKET_RX_RING ++Create a memory-mapped ring buffer for asynchronous packet reception. ++The packet socket reserves a contiguous region of application address ++space, lays it out into an array of packet slots and copies packets ++(up to ++.IR tp_snaplen ++) into subsequent slots. ++Each packet is preceded by a metadata structure similar to ++.IR tpacket_auxdata . ++The protocol fields encode the offset to the data ++from the start of the metadata header. ++.I tp_net ++stores the offset to the network layer. ++If the packet socket is of type ++.BR SOCK_DGRAM , ++then ++.I tp_mac ++is the same. ++If it is of type ++.BR SOCK_RAW , ++then that field stores the offset to the link-layer frame. ++Packet socket and application communicate the head and tail of the ring ++through the ++.I tp_status ++field. ++The packet socket owns all slots with status ++.BR TP_STATUS_KERNEL . ++After filling a slot, it changes the status of the slot to transfer ++ownership to the application. ++During normal operation, the new status is ++.BR TP_STATUS_USER , ++to signal that a correctly received packet has been stored. ++When the application has finished processing a packet, it transfers ++ownership of the slot back to the socket by setting the status to ++.BR TP_STATUS_KERNEL . ++Packet sockets implement multiple variants of the packet ring. ++The implementation details are described in ++.IR Documentation/networking/packet_mmap.txt ++in the Linux kernel source tree. ++.TP ++.BR PACKET_STATISTICS ++Retrieve packet socket statistics in the form of a structure ++ ++.in +4n ++.nf ++struct tpacket_stats { ++ unsigned int tp_packets; /* Total packet count */ ++ unsigned int tp_drops; /* Dropped packet count */ ++}; ++.fi ++.in ++ ++Receiving statistics resets the internal counters. ++The statistics structure differs when using a ring of variant ++.BR TPACKET_V3 . ++.TP ++.BR PACKET_TIMESTAMP " (with " PACKET_RX_RING "; since Linux 2.6.36)" ++.\" commit 614f60fa9d73a9e8fdff3df83381907fea7c5649 ++The packet receive ring always stores a timestamp in the metadata header. ++By default, this is a software generated timestamp generated when the ++packet is copied into the ring. ++This integer option selects the type of timestamp. ++Besides the default, it support the two hardware formats described in ++.IR Documentation/networking/timestamping.txt ++in the Linux kernel source tree. ++.TP ++.BR PACKET_TX_RING " (since Linux 2.6.31)" ++.\" commit 69e3c75f4d541a6eb151b3ef91f34033cb3ad6e1 ++Create a memory-mapped ring buffer for packet transmission. ++This option is similar to ++.BR PACKET_RX_RING ++and takes the same arguments. ++The application writes packets into slots with status ++.BR TP_STATUS_AVAILABLE ++and schedules them for transmission by changing the status to ++.BR TP_STATUS_SEND_REQUEST . ++When packets are ready to be transmitted, the application calls ++.BR send (2) ++or a variant thereof. ++The ++.I buf ++and ++.I len ++fields of this call are ignored. ++If an address is passed using ++.BR sendto (2) ++or ++.BR sendmsg (2) , ++then that overrides the socket default. ++On successful transmission, the socket resets the slot to ++.BR TP_STATUS_AVAILABLE . ++It discards packets silently on error unless ++.BR PACKET_LOSS ++is set. ++.TP ++.BR PACKET_VERSION " (with " PACKET_RX_RING "; since Linux 2.6.27)" ++.\" commit bbd6ef87c544d88c30e4b762b1b61ef267a7d279 ++By default, ++.BR PACKET_RX_RING ++creates a packet receive ring of variant ++.BR TPACKET_V1 . ++To create another variant, configure the desired variant by setting this ++integer option before creating the ring. ++ + .SS Ioctls + .B SIOCGSTAMP + can be used to receive the timestamp of the last received packet. +-- +2.7.4 + diff --git a/SOURCES/1411979-mpo-7.4.0-memparse.1.patch b/SOURCES/1411979-mpo-7.4.0-memparse.1.patch new file mode 100644 index 0000000..0751f3a --- /dev/null +++ b/SOURCES/1411979-mpo-7.4.0-memparse.1.patch @@ -0,0 +1,25 @@ +From 0672cb6c7a23e6a3a8bab9176279af6adc8407b7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Nikola=20Forr=C3=B3?= +Date: Tue, 28 Mar 2017 14:59:49 +0200 +Subject: [PATCH 4/6] memparse.1: remove incorrect description + +--- + libmemcached/man1/memparse.1 | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/libmemcached/man1/memparse.1 b/libmemcached/man1/memparse.1 +index 1760a52..4ca35a8 100644 +--- a/libmemcached/man1/memparse.1 ++++ b/libmemcached/man1/memparse.1 +@@ -30,8 +30,6 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] + .. + .\" Man page generated from reStructuredText. + . +-.sp +-Copies files to a collection of memcached servers + .SH SYNOPSIS + .sp + memparse [options] "option string" +-- +2.7.4 + diff --git a/SOURCES/1452368-mpo-7.4.2-clone.2.patch b/SOURCES/1452368-mpo-7.4.2-clone.2.patch new file mode 100644 index 0000000..e8089e4 --- /dev/null +++ b/SOURCES/1452368-mpo-7.4.2-clone.2.patch @@ -0,0 +1,1763 @@ +From fb510f4e3dc6c13696bce6d3a79b8cea9b03b044 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Nikola=20Forr=C3=B3?= +Date: Mon, 22 May 2017 14:51:53 +0200 +Subject: [PATCH 1/2] clone.2: document features related to namespaces + +--- + man-pages/man2/____clone.2 | 524 ++++++++++++++++++++++++++++----------------- + man-pages/man2/clone.2 | 524 ++++++++++++++++++++++++++++----------------- + 2 files changed, 658 insertions(+), 390 deletions(-) + +diff --git a/man-pages/man2/____clone.2 b/man-pages/man2/____clone.2 +index 56d03cf..edf0994 100644 +--- a/man-pages/man2/____clone.2 ++++ b/man-pages/man2/____clone.2 +@@ -39,50 +39,23 @@ + .\" 2008-11-19, mtk, document CLONE_NEWIPC + .\" 2008-11-19, Jens Axboe, mtk, document CLONE_IO + .\" +-.\" FIXME Document CLONE_NEWUSER, which is new in 2.6.23 +-.\" (also supported for unshare()?) +-.\" +-.TH CLONE 2 2013-04-16 "Linux" "Linux Programmer's Manual" ++.TH CLONE 2 2016-12-12 "Linux" "Linux Programmer's Manual" + .SH NAME + clone, __clone2 \- create a child process + .SH SYNOPSIS + .nf + /* Prototype for the glibc wrapper function */ + ++.B #define _GNU_SOURCE + .B #include + + .BI "int clone(int (*" "fn" ")(void *), void *" child_stack , + .BI " int " flags ", void *" "arg" ", ... " +-.BI " /* pid_t *" ptid ", struct user_desc *" tls \ ++.BI " /* pid_t *" ptid ", void *" newtls \ + ", pid_t *" ctid " */ );" + +-/* Prototype for the raw system call */ +- +-.BI "long clone(unsigned long " flags ", void *" child_stack , +-.BI " void *" ptid ", void *" ctid , +-.BI " struct pt_regs *" regs ); ++/* For the prototype of the raw system call, see NOTES */ + .fi +-.sp +-.in -4n +-Feature Test Macro Requirements for glibc wrapper function (see +-.BR feature_test_macros (7)): +-.in +-.sp +-.BR clone (): +-.ad l +-.RS 4 +-.PD 0 +-.TP 4 +-Since glibc 2.14: +-_GNU_SOURCE +-.TP 4 +-.\" FIXME See http://sources.redhat.com/bugzilla/show_bug.cgi?id=4749 +-Before glibc 2.14: +-_BSD_SOURCE || _SVID_SOURCE +- /* _GNU_SOURCE also suffices */ +-.PD +-.RE +-.ad b + .SH DESCRIPTION + .BR clone () + creates a new process, in a manner similar to +@@ -107,7 +80,7 @@ But see the description of + .B CLONE_PARENT + below.) + +-The main use of ++One use of + .BR clone () + is to implement threads: multiple threads of control in a program that + run concurrently in a shared memory space. +@@ -180,7 +153,7 @@ in order to specify what is shared between the calling process + and the child process: + .TP + .BR CLONE_CHILD_CLEARTID " (since Linux 2.5.49)" +-Erase child thread ID at location ++Clear (zero) the child thread ID at the location + .I ctid + in child memory when the child exits, and do a wakeup on the futex + at that address. +@@ -190,9 +163,12 @@ system call. + This is used by threading libraries. + .TP + .BR CLONE_CHILD_SETTID " (since Linux 2.5.49)" +-Store child thread ID at location ++Store the child thread ID at the location + .I ctid +-in child memory. ++in the child's memory. ++The store operation completes before ++.BR clone () ++returns control to user space. + .TP + .BR CLONE_FILES " (since Linux 2.0)" + If +@@ -206,27 +182,31 @@ or changes its associated flags (using the + .BR fcntl (2) + .B F_SETFD + operation), the other process is also affected. ++If a process sharing a file descriptor table calls ++.BR execve (2), ++its file descriptor table is duplicated (unshared). + + If + .B CLONE_FILES + is not set, the child process inherits a copy of all file descriptors + opened in the calling process at the time of + .BR clone (). +-(The duplicated file descriptors in the child refer to the +-same open file descriptions (see +-.BR open (2)) +-as the corresponding file descriptors in the calling process.) + Subsequent operations that open or close file descriptors, + or change file descriptor flags, + performed by either the calling + process or the child process do not affect the other process. ++Note, however, ++that the duplicated file descriptors in the child refer to the same open file ++descriptions as the corresponding file descriptors in the calling process, ++and thus share file offsets and file status flags (see ++.BR open (2)). + .TP + .BR CLONE_FS " (since Linux 2.0)" + If + .B CLONE_FS +-is set, the caller and the child process share the same file system ++is set, the caller and the child process share the same filesystem + information. +-This includes the root of the file system, the current ++This includes the root of the filesystem, the current + working directory, and the umask. + Any call to + .BR chroot (2), +@@ -238,7 +218,7 @@ other process. + + If + .B CLONE_FS +-is not set, the child process works on a copy of the file system ++is not set, the child process works on a copy of the filesystem + information of the calling process at the time of the + .BR clone () + call. +@@ -258,7 +238,7 @@ If this flag is not set, then (as with + the new process has its own I/O context. + + .\" The following based on text from Jens Axboe +-The I/O context is the I/O scope of the disk scheduler (i.e, ++The I/O context is the I/O scope of the disk scheduler (i.e., + what the I/O scheduler uses to model scheduling of a process's I/O). + If processes share the same I/O context, + they are treated as one by the I/O scheduler. +@@ -288,7 +268,7 @@ the process is created in the same IPC namespace as + the calling process. + This flag is intended for the implementation of containers. + +-An IPC namespace provides an isolated view of System V IPC objects (see ++An IPC namespace provides an isolated view of System\ V IPC objects (see + .BR svipc (7)) + and (since Linux 2.6.30) + .\" commit 7eafd7c74c3f2e67c27621b987b28397110d643f +@@ -308,17 +288,17 @@ When an IPC namespace is destroyed + (i.e., when the last process that is a member of the namespace terminates), + all IPC objects in the namespace are automatically destroyed. + +-Use of this flag requires: a kernel configured with the +-.B CONFIG_SYSVIPC +-and +-.B CONFIG_IPC_NS +-options and that the process be privileged +-.RB ( CAP_SYS_ADMIN ). ++Only a privileged process ++.RB ( CAP_SYS_ADMIN ) ++can employ ++.BR CLONE_NEWIPC . + This flag can't be specified in conjunction with + .BR CLONE_SYSVSEM . ++ ++For further information on IPC namespaces, see ++.BR namespaces (7). + .TP + .BR CLONE_NEWNET " (since Linux 2.6.24)" +-.\" FIXME Check when the implementation was completed + (The implementation of this flag was completed only + by about kernel version 2.6.29.) + +@@ -326,7 +306,7 @@ If + .B CLONE_NEWNET + is set, then create the process in a new network namespace. + If this flag is not set, then (as with +-.BR fork (2)), ++.BR fork (2)) + the process is created in the same network namespace as + the calling process. + This flag is intended for the implementation of containers. +@@ -341,7 +321,7 @@ directory trees, sockets, etc.). + A physical network device can live in exactly one + network namespace. + A virtual network device ("veth") pair provides a pipe-like abstraction +-.\" FIXME Add pointer to veth(4) page when it is eventually completed ++.\" FIXME . Add pointer to veth(4) page when it is eventually completed + that can be used to create tunnels between network namespaces, + and can be used to create a bridge to a physical network device + in another namespace. +@@ -350,54 +330,41 @@ When a network namespace is freed + (i.e., when the last process in the namespace terminates), + its physical network devices are moved back to the + initial network namespace (not to the parent of the process). ++For further information on network namespaces, see ++.BR namespaces (7). + +-Use of this flag requires: a kernel configured with the +-.B CONFIG_NET_NS +-option and that the process be privileged +-.RB ( CAP_SYS_ADMIN ). ++Only a privileged process ++.RB ( CAP_SYS_ADMIN ) ++can employ ++.BR CLONE_NEWNET . + .TP + .BR CLONE_NEWNS " (since Linux 2.4.19)" +-Start the child in a new mount namespace. +- +-Every process lives in a mount namespace. +-The +-.I namespace +-of a process is the data (the set of mounts) describing the file hierarchy +-as seen by that process. +-After a +-.BR fork (2) +-or +-.BR clone () +-where the +-.B CLONE_NEWNS +-flag is not set, the child lives in the same mount +-namespace as the parent. +-The system calls +-.BR mount (2) +-and +-.BR umount (2) +-change the mount namespace of the calling process, and hence affect +-all processes that live in the same namespace, but do not affect +-processes in a different mount namespace. +- +-After a +-.BR clone () +-where the ++If + .B CLONE_NEWNS +-flag is set, the cloned child is started in a new mount namespace, ++is set, the cloned child is started in a new mount namespace, + initialized with a copy of the namespace of the parent. +- +-Only a privileged process (one having the \fBCAP_SYS_ADMIN\fP capability) +-may specify the ++If + .B CLONE_NEWNS +-flag. ++is not set, the child lives in the same mount ++namespace as the parent. ++ ++Only a privileged process ++.RB ( CAP_SYS_ADMIN ) ++can employ ++.BR CLONE_NEWNS . + It is not permitted to specify both + .B CLONE_NEWNS + and + .B CLONE_FS ++.\" See https://lwn.net/Articles/543273/ + in the same + .BR clone () + call. ++ ++For further information on mount namespaces, see ++.BR namespaces (7) ++and ++.BR mount_namespaces (7). + .TP + .BR CLONE_NEWPID " (since Linux 2.6.24)" + .\" This explanation draws a lot of details from +@@ -411,73 +378,74 @@ If + .B CLONE_NEWPID + is set, then create the process in a new PID namespace. + If this flag is not set, then (as with +-.BR fork (2)), ++.BR fork (2)) + the process is created in the same PID namespace as + the calling process. + This flag is intended for the implementation of containers. + +-A PID namespace provides an isolated environment for PIDs: +-PIDs in a new namespace start at 1, +-somewhat like a standalone system, and calls to +-.BR fork (2), +-.BR vfork (2), ++For further information on PID namespaces, see ++.BR namespaces (7) ++and ++.BR pid_namespaces (7). ++ ++Only a privileged process ++.RB ( CAP_SYS_ADMIN ) ++can employ ++.BR CLONE_NEWPID . ++This flag can't be specified in conjunction with ++.BR CLONE_THREAD + or ++.BR CLONE_PARENT . ++.TP ++.BR CLONE_NEWUSER ++(This flag first became meaningful for + .BR clone () +-will produce processes with PIDs that are unique within the namespace. ++in Linux 2.6.23, ++the current ++.BR clone () ++semantics were merged in Linux 3.5, ++and the final pieces to make the user namespaces completely usable were ++merged in Linux 3.8.) + +-The first process created in a new namespace +-(i.e., the process created using the +-.BR CLONE_NEWPID +-flag) has the PID 1, and is the "init" process for the namespace. +-Children that are orphaned within the namespace will be reparented +-to this process rather than +-.BR init (8). +-Unlike the traditional +-.B init +-process, the "init" process of a PID namespace can terminate, +-and if it does, all of the processes in the namespace are terminated. +- +-PID namespaces form a hierarchy. +-When a new PID namespace is created, +-the processes in that namespace are visible +-in the PID namespace of the process that created the new namespace; +-analogously, if the parent PID namespace is itself +-the child of another PID namespace, +-then processes in the child and parent PID namespaces will both be +-visible in the grandparent PID namespace. +-Conversely, the processes in the "child" PID namespace do not see +-the processes in the parent namespace. +-The existence of a namespace hierarchy means that each process +-may now have multiple PIDs: +-one for each namespace in which it is visible; +-each of these PIDs is unique within the corresponding namespace. +-(A call to +-.BR getpid (2) +-always returns the PID associated with the namespace in which +-the process lives.) +- +-After creating the new namespace, +-it is useful for the child to change its root directory +-and mount a new procfs instance at +-.I /proc +-so that tools such as +-.BR ps (1) +-work correctly. +-.\" mount -t proc proc /proc +-(If +-.BR CLONE_NEWNS +-is also included in +-.IR flags , +-then it isn't necessary to change the root directory: +-a new procfs instance can be mounted directly over +-.IR /proc .) ++If ++.B CLONE_NEWUSER ++is set, then create the process in a new user namespace. ++If this flag is not set, then (as with ++.BR fork (2)) ++the process is created in the same user namespace as the calling process. ++ ++For further information on user namespaces, see ++.BR namespaces (7) ++and ++.BR user_namespaces (7) ++ ++Before Linux 3.8, use of ++.BR CLONE_NEWUSER ++required that the caller have three capabilities: ++.BR CAP_SYS_ADMIN , ++.BR CAP_SETUID , ++and ++.BR CAP_SETGID . ++.\" Before Linux 2.6.29, it appears that only CAP_SYS_ADMIN was needed ++Starting with Linux 3.8, ++no privileges are needed to create a user namespace. + +-Use of this flag requires: a kernel configured with the +-.B CONFIG_PID_NS +-option and that the process be privileged +-.RB ( CAP_SYS_ADMIN ). + This flag can't be specified in conjunction with +-.BR CLONE_THREAD . ++.BR CLONE_THREAD ++or ++.BR CLONE_PARENT . ++For security reasons, ++.\" commit e66eded8309ebf679d3d3c1f5820d1f2ca332c71 ++.\" https://lwn.net/Articles/543273/ ++.\" The fix actually went into 3.9 and into 3.8.3. However, user namespaces ++.\" were, for practical purposes, unusable in earlier 3.8.x because of the ++.\" various filesystems that didn't support userns. ++.BR CLONE_NEWUSER ++cannot be specified in conjunction with ++.BR CLONE_FS . ++ ++For further information on user namespaces, see ++.BR user_namespaces (7). + .TP + .BR CLONE_NEWUTS " (since Linux 2.6.19)" + If +@@ -486,27 +454,29 @@ is set, then create the process in a new UTS namespace, + whose identifiers are initialized by duplicating the identifiers + from the UTS namespace of the calling process. + If this flag is not set, then (as with +-.BR fork (2)), ++.BR fork (2)) + the process is created in the same UTS namespace as + the calling process. + This flag is intended for the implementation of containers. + + A UTS namespace is the set of identifiers returned by + .BR uname (2); +-among these, the domain name and the host name can be modified by ++among these, the domain name and the hostname can be modified by + .BR setdomainname (2) + and +-.BR + .BR sethostname (2), + respectively. + Changes made to the identifiers in a UTS namespace + are visible to all other processes in the same namespace, + but are not visible to processes in other UTS namespaces. + +-Use of this flag requires: a kernel configured with the +-.B CONFIG_UTS_NS +-option and that the process be privileged +-.RB ( CAP_SYS_ADMIN ). ++Only a privileged process ++.RB ( CAP_SYS_ADMIN ) ++can employ ++.BR CLONE_NEWUTS . ++ ++For further information on UTS namespaces, see ++.BR namespaces (7). + .TP + .BR CLONE_PARENT " (since Linux 2.3.12)" + If +@@ -530,12 +500,15 @@ is set, then the parent of the calling process, rather than the + calling process itself, will be signaled. + .TP + .BR CLONE_PARENT_SETTID " (since Linux 2.5.49)" +-Store child thread ID at location ++Store the child thread ID at the location + .I ptid +-in parent and child memory. ++in the parent's memory. + (In Linux 2.5.32-2.5.48 there was a flag + .B CLONE_SETTID + that did this.) ++The store operation completes before ++.BR clone () ++returns control to user space. + .TP + .BR CLONE_PID " (obsolete)" + If +@@ -547,6 +520,7 @@ of not much use. + Since 2.3.21 this flag can be + specified only by the system boot process (PID 0). + It disappeared in Linux 2.5.16. ++Since then, the kernel silently ignores it without error. + .TP + .BR CLONE_PTRACE " (since Linux 2.2)" + If +@@ -556,11 +530,25 @@ then trace the child also (see + .BR ptrace (2)). + .TP + .BR CLONE_SETTLS " (since Linux 2.5.32)" +-The ++The TLS (Thread Local Storage) descriptor is set to ++.I newtls. ++ ++The interpretation of + .I newtls +-argument is the new TLS (Thread Local Storage) descriptor. ++and the resulting effect is architecture dependent. ++On x86, ++.I newtls ++is interpreted as a ++.IR "struct user_desc *" + (See +-.BR set_thread_area (2).) ++.BR set_thread_area (2)). ++On x86_64 it is the new value to be set for the %fs base register ++(See the ++.I ARCH_SET_FS ++argument to ++.BR arch_prctl (2)). ++On architectures with a dedicated TLS register, it is the new value ++of that register. + .TP + .BR CLONE_SIGHAND " (since Linux 2.0)" + If +@@ -612,16 +600,26 @@ from Linux 2.6.25 onward, + and was + .I removed + altogether in Linux 2.6.38. ++Since then, the kernel silently ignores it without error. + .\" glibc 2.8 removed this defn from bits/sched.h + .TP + .BR CLONE_SYSVSEM " (since Linux 2.5.10)" + If + .B CLONE_SYSVSEM + is set, then the child and the calling process share +-a single list of System V semaphore undo values (see ++a single list of System V semaphore adjustment ++.RI ( semadj ) ++values (see + .BR semop (2)). +-If this flag is not set, then the child has a separate undo list, +-which is initially empty. ++In this case, the shared list accumulates ++.I semadj ++values across all processes sharing the list, ++and semaphore adjustments are performed only when the last process ++that is sharing the list terminates (or ceases sharing the list using ++.BR unshare (2)). ++If this flag is not set, then the child has a separate ++.I semadj ++list that is initially empty. + .TP + .BR CLONE_THREAD " (since Linux 2.4.0-test8)" + If +@@ -703,7 +701,12 @@ must also include + .B CLONE_SIGHAND + if + .B CLONE_THREAD +-is specified. ++is specified ++(and note that, since Linux 2.6.0-test6, ++.BR CLONE_SIGHAND ++also requires ++.BR CLONE_VM ++to be included). + + Signals may be sent to a thread group as a whole (i.e., a TGID) using + .BR kill (2), +@@ -761,7 +764,7 @@ or + + If + .B CLONE_VFORK +-is not set then both the calling process and the child are schedulable ++is not set, then both the calling process and the child are schedulable + after the call, and an application should not rely on execution occurring + in any particular order. + .TP +@@ -786,7 +789,7 @@ space of the calling process at the time of + Memory writes or file mappings/unmappings performed by one of the + processes do not affect the other, as with + .BR fork (2). +-.SS The raw system call interface ++.SS C library/kernel differences + The raw + .BR clone () + system call corresponds more closely to +@@ -801,16 +804,58 @@ arguments of the + .BR clone () + wrapper function are omitted. + Furthermore, the argument order changes. +-The raw system call interface on x86 and many other architectures is roughly: ++In addition, there are variations across architectures. ++ ++The raw system call interface on x86-64 and some other architectures ++(including sh, tile, and alpha) is roughly: ++ + .in +4 + .nf ++.BI "long clone(unsigned long " flags ", void *" child_stack , ++.BI " int *" ptid ", int *" ctid , ++.BI " unsigned long " newtls ); ++.fi ++.in ++ ++On x86-32, and several other common architectures ++(including score, ARM, ARM 64, PA-RISC, arc, Power PC, xtensa, ++and MIPS), ++.\" CONFIG_CLONE_BACKWARDS ++the order of the last two arguments is reversed: + ++.in +4 ++.nf + .BI "long clone(unsigned long " flags ", void *" child_stack , +-.BI " void *" ptid ", void *" ctid , +-.BI " struct pt_regs *" regs ); ++.BI " int *" ptid ", unsigned long " newtls , ++.BI " int *" ctid ); ++.fi ++.in ++ ++On the cris and s390 architectures, ++.\" CONFIG_CLONE_BACKWARDS2 ++the order of the first two arguments is reversed: + ++.in +4 ++.nf ++.BI "long clone(void *" child_stack ", unsigned long " flags , ++.BI " int *" ptid ", int *" ctid , ++.BI " unsigned long " newtls ); ++.fi ++.in ++ ++On the microblaze architecture, ++.\" CONFIG_CLONE_BACKWARDS3 ++an additional argument is supplied: ++ ++.in +4 ++.nf ++.BI "long clone(unsigned long " flags ", void *" child_stack , ++.BI " int " stack_size , "\fR /* Size of stack */" ++.BI " int *" ptid ", int *" ctid , ++.BI " unsigned long " newtls ); + .fi + .in ++ + Another difference for the raw system call is that the + .I child_stack + argument may be zero, in which case copy-on-write semantics ensure that the +@@ -819,17 +864,13 @@ the stack. + In this case, for correct operation, the + .B CLONE_VM + option should not be specified. +- +-For some architectures, the order of the arguments for the system call +-differs from that shown above. +-On the score, microblaze, ARM, ARM 64, PA-RISC, arc, Power PC, xtensa, +-and MIPS architectures, +-the order of the fourth and fifth arguments is reversed. +-On the cris and s390 architectures, +-the order of the first and second arguments is reversed. ++.\" + .SS blackfin, m68k, and sparc ++.\" Mike Frysinger noted in a 2013 mail: ++.\" these arches don't define __ARCH_WANT_SYS_CLONE: ++.\" blackfin ia64 m68k sparc + The argument-passing conventions on +-blackfin, m68k, and sparc are different from descriptions above. ++blackfin, m68k, and sparc are different from the descriptions above. + For details, see the kernel (and glibc) source. + .SS ia64 + On ia64, a different interface is used: +@@ -883,7 +924,8 @@ will be set appropriately. + .SH ERRORS + .TP + .B EAGAIN +-Too many processes are already running. ++Too many processes are already running; see ++.BR fork (2). + .TP + .B EINVAL + .B CLONE_SIGHAND +@@ -908,6 +950,7 @@ was not. + .\" (Since Linux 2.6.0-test6.) + .TP + .B EINVAL ++.\" commit e66eded8309ebf679d3d3c1f5820d1f2ca332c71 + Both + .B CLONE_FS + and +@@ -915,6 +958,14 @@ and + were specified in + .IR flags . + .TP ++.BR EINVAL " (since Linux 3.9)" ++Both ++.B CLONE_NEWUSER ++and ++.B CLONE_FS ++were specified in ++.IR flags . ++.TP + .B EINVAL + Both + .B CLONE_NEWIPC +@@ -924,18 +975,25 @@ were specified in + .IR flags . + .TP + .B EINVAL +-Both ++One (or both) of + .BR CLONE_NEWPID +-and ++or ++.BR CLONE_NEWUSER ++and one (or both) of + .BR CLONE_THREAD ++or ++.BR CLONE_PARENT + were specified in + .IR flags . + .TP + .B EINVAL +-Returned by ++Returned by the glibc + .BR clone () +-when a zero value is specified for +-.IR child_stack . ++wrapper function when ++.IR fn ++or ++.IR child_stack ++is specified as NULL. + .TP + .B EINVAL + .BR CLONE_NEWIPC +@@ -971,11 +1029,48 @@ but the kernel was not configured with the + .B CONFIG_UTS + option. + .TP ++.B EINVAL ++.I child_stack ++is not aligned to a suitable boundary for this architecture. ++For example, on aarch64, ++.I child_stack ++must be a multiple of 16. ++.TP + .B ENOMEM + Cannot allocate sufficient memory to allocate a task structure for the + child, or to copy those parts of the caller's context that need to be + copied. + .TP ++.BR ENOSPC " (since Linux 3.7)" ++.\" commit f2302505775fd13ba93f034206f1e2a587017929 ++.B CLONE_NEWPID ++was specified in flags, ++but the limit on the nesting depth of PID namespaces ++would have been exceeded; see ++.BR pid_namespaces (7). ++.TP ++.BR ENOSPC " (since Linux 4.9; beforehand " EUSERS ) ++.B CLONE_NEWUSER ++was specified in ++.IR flags , ++and the call would cause the limit on the number of ++nested user namespaces to be exceeded. ++See ++.BR user_namespaces (7). ++ ++From Linux 3.11 to Linux 4.8, the error diagnosed in this case was ++.BR EUSERS . ++.TP ++.BR ENOSPC " (since Linux 4.9)" ++One of the values in ++.I flags ++specified the creation of a new user namespace, ++but doing so would have caused the limit defined by the corresponding file in ++.IR /proc/sys/user ++to be exceeded. ++For further details, see ++.BR namespaces (7). ++.TP + .B EPERM + .BR CLONE_NEWIPC , + .BR CLONE_NEWNET , +@@ -989,22 +1084,62 @@ was specified by an unprivileged process (process without \fBCAP_SYS_ADMIN\fP). + .B CLONE_PID + was specified by a process other than process 0. + .TP ++.B EPERM ++.BR CLONE_NEWUSER ++was specified in ++.IR flags , ++but either the effective user ID or the effective group ID of the caller ++does not have a mapping in the parent namespace (see ++.BR user_namespaces (7)). ++.TP ++.BR EPERM " (since Linux 3.9)" ++.\" commit 3151527ee007b73a0ebd296010f1c0454a919c7d ++.B CLONE_NEWUSER ++was specified in ++.I flags ++and the caller is in a chroot environment ++.\" FIXME What is the rationale for this restriction? ++(i.e., the caller's root directory does not match the root directory ++of the mount namespace in which it resides). ++.TP + .BR ERESTARTNOINTR " (since Linux 2.6.17)" ++.\" commit 4a2c7a7837da1b91468e50426066d988050e4d56 + System call was interrupted by a signal and will be restarted. + (This can be seen only during a trace.) +-.SH VERSIONS +-There is no entry for +-.BR clone () +-in libc5. +-glibc2 provides +-.BR clone () +-as described in this manual page. ++.TP ++.BR EUSERS " (Linux 3.11 to Linux 4.8)" ++.B CLONE_NEWUSER ++was specified in ++.IR flags , ++and the limit on the number of nested user namespaces would be exceeded. ++See the discussion of the ++.BR ENOSPC ++error above. ++.\" .SH VERSIONS ++.\" There is no entry for ++.\" .BR clone () ++.\" in libc5. ++.\" glibc2 provides ++.\" .BR clone () ++.\" as described in this manual page. + .SH CONFORMING TO + .BR clone () + is Linux-specific and should not be used in programs + intended to be portable. + .SH NOTES +-In the kernel 2.4.x series, ++The ++.BR kcmp (2) ++system call can be used to test whether two processes share various ++resources such as a file descriptor table, ++System V semaphore undo operations, or a virtual address space. ++ ++ ++Handlers registered using ++.BR pthread_atfork (3) ++are not executed during a call to ++.BR clone (). ++ ++In the Linux 2.4.x series, + .B CLONE_THREAD + generally does not make the parent of the new thread the same + as the parent of the calling process. +@@ -1012,14 +1147,13 @@ However, for kernel versions 2.4.7 to 2.4.18 the + .B CLONE_THREAD + flag implied the + .B CLONE_PARENT +-flag (as in kernel 2.6). ++flag (as in Linux 2.6.0 and later). + + For a while there was + .B CLONE_DETACHED + (introduced in 2.5.32): + parent wants no child-exit signal. +-In 2.6.2 the need to give this +-together with ++In Linux 2.6.2, the need to give this flag together with + .B CLONE_THREAD + disappeared. + This flag is still defined, but has no effect. +@@ -1088,7 +1222,6 @@ To get the truth, it may be necessary to use code such as the following: + .\" https://bugzilla.redhat.com/show_bug.cgi?id=417521 + .\" http://sourceware.org/bugzilla/show_bug.cgi?id=6910 + .SH EXAMPLE +-.SS Create a child that executes in a separate UTS namespace + The following program demonstrates the use of + .BR clone () + to create a child process that executes in a separate UTS namespace. +@@ -1098,7 +1231,7 @@ making it possible to see that the hostname + differs in the UTS namespaces of the parent and child. + For an example of the use of this program, see + .BR setns (2). +- ++.SS Program source + .nf + #define _GNU_SOURCE + #include +@@ -1198,6 +1331,7 @@ main(int argc, char *argv[]) + .BR unshare (2), + .BR wait (2), + .BR capabilities (7), ++.BR namespaces (7), + .BR pthreads (7) + .SH COLOPHON + This page is part of release 3.53 of the Linux +diff --git a/man-pages/man2/clone.2 b/man-pages/man2/clone.2 +index d9ffe3e..d053b0e 100644 +--- a/man-pages/man2/clone.2 ++++ b/man-pages/man2/clone.2 +@@ -39,50 +39,23 @@ + .\" 2008-11-19, mtk, document CLONE_NEWIPC + .\" 2008-11-19, Jens Axboe, mtk, document CLONE_IO + .\" +-.\" FIXME Document CLONE_NEWUSER, which is new in 2.6.23 +-.\" (also supported for unshare()?) +-.\" +-.TH CLONE 2 2013-04-16 "Linux" "Linux Programmer's Manual" ++.TH CLONE 2 2016-12-12 "Linux" "Linux Programmer's Manual" + .SH NAME + clone, __clone2 \- create a child process + .SH SYNOPSIS + .nf + /* Prototype for the glibc wrapper function */ + ++.B #define _GNU_SOURCE + .B #include + + .BI "int clone(int (*" "fn" ")(void *), void *" child_stack , + .BI " int " flags ", void *" "arg" ", ... " +-.BI " /* pid_t *" ptid ", struct user_desc *" tls \ ++.BI " /* pid_t *" ptid ", void *" newtls \ + ", pid_t *" ctid " */ );" + +-/* Prototype for the raw system call */ +- +-.BI "long clone(unsigned long " flags ", void *" child_stack , +-.BI " void *" ptid ", void *" ctid , +-.BI " struct pt_regs *" regs ); ++/* For the prototype of the raw system call, see NOTES */ + .fi +-.sp +-.in -4n +-Feature Test Macro Requirements for glibc wrapper function (see +-.BR feature_test_macros (7)): +-.in +-.sp +-.BR clone (): +-.ad l +-.RS 4 +-.PD 0 +-.TP 4 +-Since glibc 2.14: +-_GNU_SOURCE +-.TP 4 +-.\" FIXME See http://sources.redhat.com/bugzilla/show_bug.cgi?id=4749 +-Before glibc 2.14: +-_BSD_SOURCE || _SVID_SOURCE +- /* _GNU_SOURCE also suffices */ +-.PD +-.RE +-.ad b + .SH DESCRIPTION + .BR clone () + creates a new process, in a manner similar to +@@ -107,7 +80,7 @@ But see the description of + .B CLONE_PARENT + below.) + +-The main use of ++One use of + .BR clone () + is to implement threads: multiple threads of control in a program that + run concurrently in a shared memory space. +@@ -180,7 +153,7 @@ in order to specify what is shared between the calling process + and the child process: + .TP + .BR CLONE_CHILD_CLEARTID " (since Linux 2.5.49)" +-Erase child thread ID at location ++Clear (zero) the child thread ID at the location + .I ctid + in child memory when the child exits, and do a wakeup on the futex + at that address. +@@ -190,9 +163,12 @@ system call. + This is used by threading libraries. + .TP + .BR CLONE_CHILD_SETTID " (since Linux 2.5.49)" +-Store child thread ID at location ++Store the child thread ID at the location + .I ctid +-in child memory. ++in the child's memory. ++The store operation completes before ++.BR clone () ++returns control to user space. + .TP + .BR CLONE_FILES " (since Linux 2.0)" + If +@@ -206,27 +182,31 @@ or changes its associated flags (using the + .BR fcntl (2) + .B F_SETFD + operation), the other process is also affected. ++If a process sharing a file descriptor table calls ++.BR execve (2), ++its file descriptor table is duplicated (unshared). + + If + .B CLONE_FILES + is not set, the child process inherits a copy of all file descriptors + opened in the calling process at the time of + .BR clone (). +-(The duplicated file descriptors in the child refer to the +-same open file descriptions (see +-.BR open (2)) +-as the corresponding file descriptors in the calling process.) + Subsequent operations that open or close file descriptors, + or change file descriptor flags, + performed by either the calling + process or the child process do not affect the other process. ++Note, however, ++that the duplicated file descriptors in the child refer to the same open file ++descriptions as the corresponding file descriptors in the calling process, ++and thus share file offsets and file status flags (see ++.BR open (2)). + .TP + .BR CLONE_FS " (since Linux 2.0)" + If + .B CLONE_FS +-is set, the caller and the child process share the same file system ++is set, the caller and the child process share the same filesystem + information. +-This includes the root of the file system, the current ++This includes the root of the filesystem, the current + working directory, and the umask. + Any call to + .BR chroot (2), +@@ -238,7 +218,7 @@ other process. + + If + .B CLONE_FS +-is not set, the child process works on a copy of the file system ++is not set, the child process works on a copy of the filesystem + information of the calling process at the time of the + .BR clone () + call. +@@ -258,7 +238,7 @@ If this flag is not set, then (as with + the new process has its own I/O context. + + .\" The following based on text from Jens Axboe +-The I/O context is the I/O scope of the disk scheduler (i.e, ++The I/O context is the I/O scope of the disk scheduler (i.e., + what the I/O scheduler uses to model scheduling of a process's I/O). + If processes share the same I/O context, + they are treated as one by the I/O scheduler. +@@ -288,7 +268,7 @@ the process is created in the same IPC namespace as + the calling process. + This flag is intended for the implementation of containers. + +-An IPC namespace provides an isolated view of System V IPC objects (see ++An IPC namespace provides an isolated view of System\ V IPC objects (see + .BR svipc (7)) + and (since Linux 2.6.30) + .\" commit 7eafd7c74c3f2e67c27621b987b28397110d643f +@@ -308,17 +288,17 @@ When an IPC namespace is destroyed + (i.e., when the last process that is a member of the namespace terminates), + all IPC objects in the namespace are automatically destroyed. + +-Use of this flag requires: a kernel configured with the +-.B CONFIG_SYSVIPC +-and +-.B CONFIG_IPC_NS +-options and that the process be privileged +-.RB ( CAP_SYS_ADMIN ). ++Only a privileged process ++.RB ( CAP_SYS_ADMIN ) ++can employ ++.BR CLONE_NEWIPC . + This flag can't be specified in conjunction with + .BR CLONE_SYSVSEM . ++ ++For further information on IPC namespaces, see ++.BR namespaces (7). + .TP + .BR CLONE_NEWNET " (since Linux 2.6.24)" +-.\" FIXME Check when the implementation was completed + (The implementation of this flag was completed only + by about kernel version 2.6.29.) + +@@ -326,7 +306,7 @@ If + .B CLONE_NEWNET + is set, then create the process in a new network namespace. + If this flag is not set, then (as with +-.BR fork (2)), ++.BR fork (2)) + the process is created in the same network namespace as + the calling process. + This flag is intended for the implementation of containers. +@@ -341,7 +321,7 @@ directory trees, sockets, etc.). + A physical network device can live in exactly one + network namespace. + A virtual network device ("veth") pair provides a pipe-like abstraction +-.\" FIXME Add pointer to veth(4) page when it is eventually completed ++.\" FIXME . Add pointer to veth(4) page when it is eventually completed + that can be used to create tunnels between network namespaces, + and can be used to create a bridge to a physical network device + in another namespace. +@@ -350,54 +330,41 @@ When a network namespace is freed + (i.e., when the last process in the namespace terminates), + its physical network devices are moved back to the + initial network namespace (not to the parent of the process). ++For further information on network namespaces, see ++.BR namespaces (7). + +-Use of this flag requires: a kernel configured with the +-.B CONFIG_NET_NS +-option and that the process be privileged +-.RB ( CAP_SYS_ADMIN ). ++Only a privileged process ++.RB ( CAP_SYS_ADMIN ) ++can employ ++.BR CLONE_NEWNET . + .TP + .BR CLONE_NEWNS " (since Linux 2.4.19)" +-Start the child in a new mount namespace. +- +-Every process lives in a mount namespace. +-The +-.I namespace +-of a process is the data (the set of mounts) describing the file hierarchy +-as seen by that process. +-After a +-.BR fork (2) +-or +-.BR clone () +-where the +-.B CLONE_NEWNS +-flag is not set, the child lives in the same mount +-namespace as the parent. +-The system calls +-.BR mount (2) +-and +-.BR umount (2) +-change the mount namespace of the calling process, and hence affect +-all processes that live in the same namespace, but do not affect +-processes in a different mount namespace. +- +-After a +-.BR clone () +-where the ++If + .B CLONE_NEWNS +-flag is set, the cloned child is started in a new mount namespace, ++is set, the cloned child is started in a new mount namespace, + initialized with a copy of the namespace of the parent. +- +-Only a privileged process (one having the \fBCAP_SYS_ADMIN\fP capability) +-may specify the ++If + .B CLONE_NEWNS +-flag. ++is not set, the child lives in the same mount ++namespace as the parent. ++ ++Only a privileged process ++.RB ( CAP_SYS_ADMIN ) ++can employ ++.BR CLONE_NEWNS . + It is not permitted to specify both + .B CLONE_NEWNS + and + .B CLONE_FS ++.\" See https://lwn.net/Articles/543273/ + in the same + .BR clone () + call. ++ ++For further information on mount namespaces, see ++.BR namespaces (7) ++and ++.BR mount_namespaces (7). + .TP + .BR CLONE_NEWPID " (since Linux 2.6.24)" + .\" This explanation draws a lot of details from +@@ -411,73 +378,74 @@ If + .B CLONE_NEWPID + is set, then create the process in a new PID namespace. + If this flag is not set, then (as with +-.BR fork (2)), ++.BR fork (2)) + the process is created in the same PID namespace as + the calling process. + This flag is intended for the implementation of containers. + +-A PID namespace provides an isolated environment for PIDs: +-PIDs in a new namespace start at 1, +-somewhat like a standalone system, and calls to +-.BR fork (2), +-.BR vfork (2), ++For further information on PID namespaces, see ++.BR namespaces (7) ++and ++.BR pid_namespaces (7). ++ ++Only a privileged process ++.RB ( CAP_SYS_ADMIN ) ++can employ ++.BR CLONE_NEWPID . ++This flag can't be specified in conjunction with ++.BR CLONE_THREAD + or ++.BR CLONE_PARENT . ++.TP ++.BR CLONE_NEWUSER ++(This flag first became meaningful for + .BR clone () +-will produce processes with PIDs that are unique within the namespace. ++in Linux 2.6.23, ++the current ++.BR clone () ++semantics were merged in Linux 3.5, ++and the final pieces to make the user namespaces completely usable were ++merged in Linux 3.8.) + +-The first process created in a new namespace +-(i.e., the process created using the +-.BR CLONE_NEWPID +-flag) has the PID 1, and is the "init" process for the namespace. +-Children that are orphaned within the namespace will be reparented +-to this process rather than +-.BR init (8). +-Unlike the traditional +-.B init +-process, the "init" process of a PID namespace can terminate, +-and if it does, all of the processes in the namespace are terminated. +- +-PID namespaces form a hierarchy. +-When a new PID namespace is created, +-the processes in that namespace are visible +-in the PID namespace of the process that created the new namespace; +-analogously, if the parent PID namespace is itself +-the child of another PID namespace, +-then processes in the child and parent PID namespaces will both be +-visible in the grandparent PID namespace. +-Conversely, the processes in the "child" PID namespace do not see +-the processes in the parent namespace. +-The existence of a namespace hierarchy means that each process +-may now have multiple PIDs: +-one for each namespace in which it is visible; +-each of these PIDs is unique within the corresponding namespace. +-(A call to +-.BR getpid (2) +-always returns the PID associated with the namespace in which +-the process lives.) +- +-After creating the new namespace, +-it is useful for the child to change its root directory +-and mount a new procfs instance at +-.I /proc +-so that tools such as +-.BR ps (1) +-work correctly. +-.\" mount -t proc proc /proc +-(If +-.BR CLONE_NEWNS +-is also included in +-.IR flags , +-then it isn't necessary to change the root directory: +-a new procfs instance can be mounted directly over +-.IR /proc .) ++If ++.B CLONE_NEWUSER ++is set, then create the process in a new user namespace. ++If this flag is not set, then (as with ++.BR fork (2)) ++the process is created in the same user namespace as the calling process. ++ ++For further information on user namespaces, see ++.BR namespaces (7) ++and ++.BR user_namespaces (7) ++ ++Before Linux 3.8, use of ++.BR CLONE_NEWUSER ++required that the caller have three capabilities: ++.BR CAP_SYS_ADMIN , ++.BR CAP_SETUID , ++and ++.BR CAP_SETGID . ++.\" Before Linux 2.6.29, it appears that only CAP_SYS_ADMIN was needed ++Starting with Linux 3.8, ++no privileges are needed to create a user namespace. + +-Use of this flag requires: a kernel configured with the +-.B CONFIG_PID_NS +-option and that the process be privileged +-.RB ( CAP_SYS_ADMIN ). + This flag can't be specified in conjunction with +-.BR CLONE_THREAD . ++.BR CLONE_THREAD ++or ++.BR CLONE_PARENT . ++For security reasons, ++.\" commit e66eded8309ebf679d3d3c1f5820d1f2ca332c71 ++.\" https://lwn.net/Articles/543273/ ++.\" The fix actually went into 3.9 and into 3.8.3. However, user namespaces ++.\" were, for practical purposes, unusable in earlier 3.8.x because of the ++.\" various filesystems that didn't support userns. ++.BR CLONE_NEWUSER ++cannot be specified in conjunction with ++.BR CLONE_FS . ++ ++For further information on user namespaces, see ++.BR user_namespaces (7). + .TP + .BR CLONE_NEWUTS " (since Linux 2.6.19)" + If +@@ -486,27 +454,29 @@ is set, then create the process in a new UTS namespace, + whose identifiers are initialized by duplicating the identifiers + from the UTS namespace of the calling process. + If this flag is not set, then (as with +-.BR fork (2)), ++.BR fork (2)) + the process is created in the same UTS namespace as + the calling process. + This flag is intended for the implementation of containers. + + A UTS namespace is the set of identifiers returned by + .BR uname (2); +-among these, the domain name and the host name can be modified by ++among these, the domain name and the hostname can be modified by + .BR setdomainname (2) + and +-.BR + .BR sethostname (2), + respectively. + Changes made to the identifiers in a UTS namespace + are visible to all other processes in the same namespace, + but are not visible to processes in other UTS namespaces. + +-Use of this flag requires: a kernel configured with the +-.B CONFIG_UTS_NS +-option and that the process be privileged +-.RB ( CAP_SYS_ADMIN ). ++Only a privileged process ++.RB ( CAP_SYS_ADMIN ) ++can employ ++.BR CLONE_NEWUTS . ++ ++For further information on UTS namespaces, see ++.BR namespaces (7). + .TP + .BR CLONE_PARENT " (since Linux 2.3.12)" + If +@@ -530,12 +500,15 @@ is set, then the parent of the calling process, rather than the + calling process itself, will be signaled. + .TP + .BR CLONE_PARENT_SETTID " (since Linux 2.5.49)" +-Store child thread ID at location ++Store the child thread ID at the location + .I ptid +-in parent and child memory. ++in the parent's memory. + (In Linux 2.5.32-2.5.48 there was a flag + .B CLONE_SETTID + that did this.) ++The store operation completes before ++.BR clone () ++returns control to user space. + .TP + .BR CLONE_PID " (obsolete)" + If +@@ -547,6 +520,7 @@ of not much use. + Since 2.3.21 this flag can be + specified only by the system boot process (PID 0). + It disappeared in Linux 2.5.16. ++Since then, the kernel silently ignores it without error. + .TP + .BR CLONE_PTRACE " (since Linux 2.2)" + If +@@ -556,11 +530,25 @@ then trace the child also (see + .BR ptrace (2)). + .TP + .BR CLONE_SETTLS " (since Linux 2.5.32)" +-The ++The TLS (Thread Local Storage) descriptor is set to ++.I newtls. ++ ++The interpretation of + .I newtls +-argument is the new TLS (Thread Local Storage) descriptor. ++and the resulting effect is architecture dependent. ++On x86, ++.I newtls ++is interpreted as a ++.IR "struct user_desc *" + (See +-.BR set_thread_area (2).) ++.BR set_thread_area (2)). ++On x86_64 it is the new value to be set for the %fs base register ++(See the ++.I ARCH_SET_FS ++argument to ++.BR arch_prctl (2)). ++On architectures with a dedicated TLS register, it is the new value ++of that register. + .TP + .BR CLONE_SIGHAND " (since Linux 2.0)" + If +@@ -612,16 +600,26 @@ from Linux 2.6.25 onward, + and was + .I removed + altogether in Linux 2.6.38. ++Since then, the kernel silently ignores it without error. + .\" glibc 2.8 removed this defn from bits/sched.h + .TP + .BR CLONE_SYSVSEM " (since Linux 2.5.10)" + If + .B CLONE_SYSVSEM + is set, then the child and the calling process share +-a single list of System V semaphore undo values (see ++a single list of System V semaphore adjustment ++.RI ( semadj ) ++values (see + .BR semop (2)). +-If this flag is not set, then the child has a separate undo list, +-which is initially empty. ++In this case, the shared list accumulates ++.I semadj ++values across all processes sharing the list, ++and semaphore adjustments are performed only when the last process ++that is sharing the list terminates (or ceases sharing the list using ++.BR unshare (2)). ++If this flag is not set, then the child has a separate ++.I semadj ++list that is initially empty. + .TP + .BR CLONE_THREAD " (since Linux 2.4.0-test8)" + If +@@ -703,7 +701,12 @@ must also include + .B CLONE_SIGHAND + if + .B CLONE_THREAD +-is specified. ++is specified ++(and note that, since Linux 2.6.0-test6, ++.BR CLONE_SIGHAND ++also requires ++.BR CLONE_VM ++to be included). + + Signals may be sent to a thread group as a whole (i.e., a TGID) using + .BR kill (2), +@@ -761,7 +764,7 @@ or + + If + .B CLONE_VFORK +-is not set then both the calling process and the child are schedulable ++is not set, then both the calling process and the child are schedulable + after the call, and an application should not rely on execution occurring + in any particular order. + .TP +@@ -786,7 +789,7 @@ space of the calling process at the time of + Memory writes or file mappings/unmappings performed by one of the + processes do not affect the other, as with + .BR fork (2). +-.SS The raw system call interface ++.SS C library/kernel differences + The raw + .BR clone () + system call corresponds more closely to +@@ -801,16 +804,58 @@ arguments of the + .BR clone () + wrapper function are omitted. + Furthermore, the argument order changes. +-The raw system call interface on x86 and many other architectures is roughly: ++In addition, there are variations across architectures. ++ ++The raw system call interface on x86-64 and some other architectures ++(including sh, tile, and alpha) is roughly: ++ + .in +4 + .nf ++.BI "long clone(unsigned long " flags ", void *" child_stack , ++.BI " int *" ptid ", int *" ctid , ++.BI " unsigned long " newtls ); ++.fi ++.in ++ ++On x86-32, and several other common architectures ++(including score, ARM, ARM 64, PA-RISC, arc, Power PC, xtensa, ++and MIPS), ++.\" CONFIG_CLONE_BACKWARDS ++the order of the last two arguments is reversed: + ++.in +4 ++.nf + .BI "long clone(unsigned long " flags ", void *" child_stack , +-.BI " void *" ptid ", void *" ctid , +-.BI " struct pt_regs *" regs ); ++.BI " int *" ptid ", unsigned long " newtls , ++.BI " int *" ctid ); ++.fi ++.in ++ ++On the cris and s390 architectures, ++.\" CONFIG_CLONE_BACKWARDS2 ++the order of the first two arguments is reversed: + ++.in +4 ++.nf ++.BI "long clone(void *" child_stack ", unsigned long " flags , ++.BI " int *" ptid ", int *" ctid , ++.BI " unsigned long " newtls ); ++.fi ++.in ++ ++On the microblaze architecture, ++.\" CONFIG_CLONE_BACKWARDS3 ++an additional argument is supplied: ++ ++.in +4 ++.nf ++.BI "long clone(unsigned long " flags ", void *" child_stack , ++.BI " int " stack_size , "\fR /* Size of stack */" ++.BI " int *" ptid ", int *" ctid , ++.BI " unsigned long " newtls ); + .fi + .in ++ + Another difference for the raw system call is that the + .I child_stack + argument may be zero, in which case copy-on-write semantics ensure that the +@@ -819,17 +864,13 @@ the stack. + In this case, for correct operation, the + .B CLONE_VM + option should not be specified. +- +-For some architectures, the order of the arguments for the system call +-differs from that shown above. +-On the score, microblaze, ARM, ARM 64, PA-RISC, arc, Power PC, xtensa, +-and MIPS architectures, +-the order of the fourth and fifth arguments is reversed. +-On the cris and s390 architectures, +-the order of the first and second arguments is reversed. ++.\" + .SS blackfin, m68k, and sparc ++.\" Mike Frysinger noted in a 2013 mail: ++.\" these arches don't define __ARCH_WANT_SYS_CLONE: ++.\" blackfin ia64 m68k sparc + The argument-passing conventions on +-blackfin, m68k, and sparc are different from descriptions above. ++blackfin, m68k, and sparc are different from the descriptions above. + For details, see the kernel (and glibc) source. + .SS ia64 + On ia64, a different interface is used: +@@ -883,7 +924,8 @@ will be set appropriately. + .SH ERRORS + .TP + .B EAGAIN +-Too many processes are already running. ++Too many processes are already running; see ++.BR fork (2). + .TP + .B EINVAL + .B CLONE_SIGHAND +@@ -908,6 +950,7 @@ was not. + .\" (Since Linux 2.6.0-test6.) + .TP + .B EINVAL ++.\" commit e66eded8309ebf679d3d3c1f5820d1f2ca332c71 + Both + .B CLONE_FS + and +@@ -915,6 +958,14 @@ and + were specified in + .IR flags . + .TP ++.BR EINVAL " (since Linux 3.9)" ++Both ++.B CLONE_NEWUSER ++and ++.B CLONE_FS ++were specified in ++.IR flags . ++.TP + .B EINVAL + Both + .B CLONE_NEWIPC +@@ -924,18 +975,25 @@ were specified in + .IR flags . + .TP + .B EINVAL +-Both ++One (or both) of + .BR CLONE_NEWPID +-and ++or ++.BR CLONE_NEWUSER ++and one (or both) of + .BR CLONE_THREAD ++or ++.BR CLONE_PARENT + were specified in + .IR flags . + .TP + .B EINVAL +-Returned by ++Returned by the glibc + .BR clone () +-when a zero value is specified for +-.IR child_stack . ++wrapper function when ++.IR fn ++or ++.IR child_stack ++is specified as NULL. + .TP + .B EINVAL + .BR CLONE_NEWIPC +@@ -971,11 +1029,48 @@ but the kernel was not configured with the + .B CONFIG_UTS + option. + .TP ++.B EINVAL ++.I child_stack ++is not aligned to a suitable boundary for this architecture. ++For example, on aarch64, ++.I child_stack ++must be a multiple of 16. ++.TP + .B ENOMEM + Cannot allocate sufficient memory to allocate a task structure for the + child, or to copy those parts of the caller's context that need to be + copied. + .TP ++.BR ENOSPC " (since Linux 3.7)" ++.\" commit f2302505775fd13ba93f034206f1e2a587017929 ++.B CLONE_NEWPID ++was specified in flags, ++but the limit on the nesting depth of PID namespaces ++would have been exceeded; see ++.BR pid_namespaces (7). ++.TP ++.BR ENOSPC " (since Linux 4.9; beforehand " EUSERS ) ++.B CLONE_NEWUSER ++was specified in ++.IR flags , ++and the call would cause the limit on the number of ++nested user namespaces to be exceeded. ++See ++.BR user_namespaces (7). ++ ++From Linux 3.11 to Linux 4.8, the error diagnosed in this case was ++.BR EUSERS . ++.TP ++.BR ENOSPC " (since Linux 4.9)" ++One of the values in ++.I flags ++specified the creation of a new user namespace, ++but doing so would have caused the limit defined by the corresponding file in ++.IR /proc/sys/user ++to be exceeded. ++For further details, see ++.BR namespaces (7). ++.TP + .B EPERM + .BR CLONE_NEWIPC , + .BR CLONE_NEWNET , +@@ -989,22 +1084,62 @@ was specified by an unprivileged process (process without \fBCAP_SYS_ADMIN\fP). + .B CLONE_PID + was specified by a process other than process 0. + .TP ++.B EPERM ++.BR CLONE_NEWUSER ++was specified in ++.IR flags , ++but either the effective user ID or the effective group ID of the caller ++does not have a mapping in the parent namespace (see ++.BR user_namespaces (7)). ++.TP ++.BR EPERM " (since Linux 3.9)" ++.\" commit 3151527ee007b73a0ebd296010f1c0454a919c7d ++.B CLONE_NEWUSER ++was specified in ++.I flags ++and the caller is in a chroot environment ++.\" FIXME What is the rationale for this restriction? ++(i.e., the caller's root directory does not match the root directory ++of the mount namespace in which it resides). ++.TP + .BR ERESTARTNOINTR " (since Linux 2.6.17)" ++.\" commit 4a2c7a7837da1b91468e50426066d988050e4d56 + System call was interrupted by a signal and will be restarted. + (This can be seen only during a trace.) +-.SH VERSIONS +-There is no entry for +-.BR clone () +-in libc5. +-glibc2 provides +-.BR clone () +-as described in this manual page. ++.TP ++.BR EUSERS " (Linux 3.11 to Linux 4.8)" ++.B CLONE_NEWUSER ++was specified in ++.IR flags , ++and the limit on the number of nested user namespaces would be exceeded. ++See the discussion of the ++.BR ENOSPC ++error above. ++.\" .SH VERSIONS ++.\" There is no entry for ++.\" .BR clone () ++.\" in libc5. ++.\" glibc2 provides ++.\" .BR clone () ++.\" as described in this manual page. + .SH CONFORMING TO + .BR clone () + is Linux-specific and should not be used in programs + intended to be portable. + .SH NOTES +-In the kernel 2.4.x series, ++The ++.BR kcmp (2) ++system call can be used to test whether two processes share various ++resources such as a file descriptor table, ++System V semaphore undo operations, or a virtual address space. ++ ++ ++Handlers registered using ++.BR pthread_atfork (3) ++are not executed during a call to ++.BR clone (). ++ ++In the Linux 2.4.x series, + .B CLONE_THREAD + generally does not make the parent of the new thread the same + as the parent of the calling process. +@@ -1012,14 +1147,13 @@ However, for kernel versions 2.4.7 to 2.4.18 the + .B CLONE_THREAD + flag implied the + .B CLONE_PARENT +-flag (as in kernel 2.6). ++flag (as in Linux 2.6.0 and later). + + For a while there was + .B CLONE_DETACHED + (introduced in 2.5.32): + parent wants no child-exit signal. +-In 2.6.2 the need to give this +-together with ++In Linux 2.6.2, the need to give this flag together with + .B CLONE_THREAD + disappeared. + This flag is still defined, but has no effect. +@@ -1071,7 +1205,6 @@ To get the truth, it may be necessary to use code such as the following: + .\" https://bugzilla.redhat.com/show_bug.cgi?id=417521 + .\" http://sourceware.org/bugzilla/show_bug.cgi?id=6910 + .SH EXAMPLE +-.SS Create a child that executes in a separate UTS namespace + The following program demonstrates the use of + .BR clone () + to create a child process that executes in a separate UTS namespace. +@@ -1081,7 +1214,7 @@ making it possible to see that the hostname + differs in the UTS namespaces of the parent and child. + For an example of the use of this program, see + .BR setns (2). +- ++.SS Program source + .nf + #define _GNU_SOURCE + #include +@@ -1181,6 +1314,7 @@ main(int argc, char *argv[]) + .BR unshare (2), + .BR wait (2), + .BR capabilities (7), ++.BR namespaces (7), + .BR pthreads (7) + .SH COLOPHON + This page is part of release 3.53 of the Linux +-- +2.7.4 + diff --git a/SOURCES/1452424-mpo-7.4.2-stat.2.patch b/SOURCES/1452424-mpo-7.4.2-stat.2.patch new file mode 100644 index 0000000..32d73c1 --- /dev/null +++ b/SOURCES/1452424-mpo-7.4.2-stat.2.patch @@ -0,0 +1,1044 @@ +From f14d3a310dbaf5456e5267ee56d2b35a78ec540b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Nikola=20Forr=C3=B3?= +Date: Mon, 22 May 2017 14:54:07 +0200 +Subject: [PATCH 2/2] stat.2: update to cover latest things used in RHEL 7 + +--- + man-pages/man2/stat.2 | 760 +++++++++++++++++++++++++++++++++++--------------- + 1 file changed, 540 insertions(+), 220 deletions(-) + +diff --git a/man-pages/man2/stat.2 b/man-pages/man2/stat.2 +index c86ebc0..f108020 100644 +--- a/man-pages/man2/stat.2 ++++ b/man-pages/man2/stat.2 +@@ -1,7 +1,7 @@ + '\" t + .\" Copyright (c) 1992 Drew Eckhardt (drew@cs.colorado.edu), March 28, 1992 + .\" Parts Copyright (c) 1995 Nicolai Langfeldt (janl@ifi.uio.no), 1/1/95 +-.\" and Copyright (c) 2007 Michael Kerrisk ++.\" and Copyright (c) 2006, 2007, 2014 Michael Kerrisk + .\" + .\" %%%LICENSE_START(VERBATIM) + .\" Permission is granted to make and distribute verbatim copies of this +@@ -37,21 +37,30 @@ + .\" 2007-06-08 mtk: Added example program + .\" 2007-07-05 mtk: Added details on underlying system call interfaces + .\" +-.TH STAT 2 2012-11-11 "Linux" "Linux Programmer's Manual" ++.TH STAT 2 2017-03-13 "Linux" "Linux Programmer's Manual" + .SH NAME +-stat, fstat, lstat \- get file status ++stat, fstat, lstat, fstatat \- get file status + .SH SYNOPSIS ++.nf + .B #include + .br + .B #include + .br + .B #include + .sp +-.BI "int stat(const char *" path ", struct stat *" buf ); ++.BI "int stat(const char *" pathname ", struct stat *" buf ); + .br + .BI "int fstat(int " fd ", struct stat *" buf ); + .br +-.BI "int lstat(const char *" path ", struct stat *" buf ); ++.BI "int lstat(const char *" pathname ", struct stat *" buf ); ++.sp ++.BR "#include " "/* Definition of AT_* constants */" ++.B #include ++.sp ++.BI "int fstatat(int " dirfd ", const char *" pathname ", struct stat *" \ ++buf , ++.BI " int " flags ); ++.fi + .sp + .in -4n + Feature Test Macro Requirements for glibc (see +@@ -62,45 +71,67 @@ Feature Test Macro Requirements for glibc (see + .sp + .BR lstat (): + .RS 4 +-_BSD_SOURCE || _XOPEN_SOURCE\ >=\ 500 || +-_XOPEN_SOURCE\ &&\ _XOPEN_SOURCE_EXTENDED ++/* glibc 2.19 and earlier */ _BSD_SOURCE ++.br ++ || /* Since glibc 2.20 */ _DEFAULT_SOURCE + .br +-|| /* Since glibc 2.10: */ _POSIX_C_SOURCE\ >=\ 200112L ++ || _XOPEN_SOURCE\ >=\ 500 ++.\" _XOPEN_SOURCE\ &&\ _XOPEN_SOURCE_EXTENDED ++.br ++ || /* Since glibc 2.10: */ _POSIX_C_SOURCE\ >=\ 200112L ++.RE ++.sp ++.BR fstatat (): ++.PD 0 ++.ad l ++.RS 4 ++.TP 4 ++Since glibc 2.10: ++_POSIX_C_SOURCE\ >=\ 200809L ++.TP ++Before glibc 2.10: ++_ATFILE_SOURCE + .RE + .PD + .ad + .SH DESCRIPTION + .PP +-These functions return information about a file. ++These functions return information about a file, in the buffer pointed to by ++.IR buf . + No permissions are required on the file itself, but\(emin the case of +-.BR stat () ++.BR stat (), ++.BR fstatat (), + and +-.BR lstat () +-\(em +-execute (search) permission is required on all of the directories in +-.I path ++.BR lstat ()\(emexecute ++(search) permission is required on all of the directories in ++.I pathname + that lead to the file. + .PP + .BR stat () +-stats the file pointed to by +-.I path +-and fills in +-.IR buf . ++and ++.BR fstatat () ++retrieve information about the file pointed to by ++.IR pathname ; ++the differences for ++.BR fstatat () ++are described below. + + .BR lstat () + is identical to + .BR stat (), + except that if +-.I path +-is a symbolic link, then the link itself is stat-ed, ++.I pathname ++is a symbolic link, then it returns information about the link itself, + not the file that it refers to. + + .BR fstat () + is identical to + .BR stat (), +-except that the file to be stat-ed is specified by the file descriptor ++except that the file about which information is to be retrieved ++is specified by the file descriptor + .IR fd . +-.PP ++.\" ++.SS The stat structure + All of these system calls return a + .I stat + structure, which contains the following fields: +@@ -108,84 +139,123 @@ structure, which contains the following fields: + .in +4n + .nf + struct stat { +- dev_t st_dev; /* ID of device containing file */ +- ino_t st_ino; /* inode number */ +- mode_t st_mode; /* protection */ +- nlink_t st_nlink; /* number of hard links */ +- uid_t st_uid; /* user ID of owner */ +- gid_t st_gid; /* group ID of owner */ +- dev_t st_rdev; /* device ID (if special file) */ +- off_t st_size; /* total size, in bytes */ +- blksize_t st_blksize; /* blocksize for file system I/O */ +- blkcnt_t st_blocks; /* number of 512B blocks allocated */ +- time_t st_atime; /* time of last access */ +- time_t st_mtime; /* time of last modification */ +- time_t st_ctime; /* time of last status change */ ++ dev_t st_dev; /* ID of device containing file */ ++ ino_t st_ino; /* inode number */ ++ mode_t st_mode; /* file type and mode */ ++ nlink_t st_nlink; /* number of hard links */ ++ uid_t st_uid; /* user ID of owner */ ++ gid_t st_gid; /* group ID of owner */ ++ dev_t st_rdev; /* device ID (if special file) */ ++ off_t st_size; /* total size, in bytes */ ++ blksize_t st_blksize; /* blocksize for filesystem I/O */ ++ blkcnt_t st_blocks; /* number of 512B blocks allocated */ ++ ++ /* Since Linux 2.6, the kernel supports nanosecond ++ precision for the following timestamp fields. ++ For the details before Linux 2.6, see NOTES. */ ++ ++ struct timespec st_atim; /* time of last access */ ++ struct timespec st_mtim; /* time of last modification */ ++ struct timespec st_ctim; /* time of last status change */ ++ ++#define st_atime st_atim.tv_sec /* Backward compatibility */ ++#define st_mtime st_mtim.tv_sec ++#define st_ctime st_ctim.tv_sec + }; + .fi + .in +-.PP +-The ++ ++.IR Note : ++the order of fields in the ++.I stat ++structure varies somewhat ++across architectures. ++In addition, ++the definition above does not show the padding bytes ++that may be present between some fields on various architectures. ++Consult the glibc and kernel source code ++if you need to know the details. ++ ++.\" Background: inode attributes are modified with i_mutex held, but ++.\" read by stat() without taking the mutex. ++.IR Note : ++For performance and simplicity reasons, different fields in the ++.I stat ++structure may contain state information from different moments ++during the execution of the system call. ++For example, if ++.IR st_mode ++or ++.IR st_uid ++is changed by another process by calling ++.BR chmod (2) ++or ++.BR chown (2), ++.BR stat () ++might return the old ++.I st_mode ++together with the new ++.IR st_uid , ++or the old ++.I st_uid ++together with the new ++.IR st_mode . ++ ++The fields in the ++.I stat ++structure are as follows: ++.TP + .I st_dev +-field describes the device on which this file resides. ++This field describes the device on which this file resides. + (The + .BR major (3) + and + .BR minor (3) + macros may be useful to decompose the device ID in this field.) +- +-The ++.TP ++.I st_ino ++This field contains the file's inode number. ++.TP ++.I st_mode ++See the discussion of file type and mode, below. ++.TP ++.I st_nlink ++This field contains the number of hard links to the file. ++.TP ++.I st_uid ++This field contains the user ID of the owner of the file. ++.TP ++.I st_gid ++This field contains the ID of the group owner of the file. ++.TP + .I st_rdev +-field describes the device that this file (inode) represents. +- +-The ++This field describes the device that this file (inode) represents. ++.TP + .I st_size +-field gives the size of the file (if it is a regular ++This field gives the size of the file (if it is a regular + file or a symbolic link) in bytes. + The size of a symbolic link is the length of the pathname + it contains, without a terminating null byte. +- +-The ++.TP ++.I st_blksize ++This field gives the "preferred" blocksize for efficient filesystem I/O. ++(Writing to a file in smaller chunks may cause ++an inefficient read-modify-rewrite.) ++.TP + .I st_blocks +-field indicates the number of blocks allocated to the file, 512-byte units. ++This field indicates the number of blocks allocated to the file, ++512-byte units. + (This may be smaller than + .IR st_size /512 + when the file has holes.) +- +-The +-.I st_blksize +-field gives the "preferred" blocksize for efficient file system I/O. +-(Writing to a file in smaller chunks may cause +-an inefficient read-modify-rewrite.) +-.PP +-Not all of the Linux file systems implement all of the time fields. +-Some file system types allow mounting in such a way that file +-and/or directory accesses do not cause an update of the +-.I st_atime +-field. +-(See +-.IR noatime , +-.IR nodiratime , +-and +-.I relatime +-in +-.BR mount (8), +-and related information in +-.BR mount (2).) +-In addition, +-.I st_atime +-is not updated if a file is opened with the +-.BR O_NOATIME ; +-see +-.BR open (2). +- +-The field ++.TP + .I st_atime +-is changed by file accesses, for example, by ++This is the file's last access timestamp. ++It is changed by file accesses, for example, by + .BR execve (2), + .BR mknod (2), + .BR pipe (2), +-.BR utime (2) ++.BR utime (2), + and + .BR read (2) + (of more than zero bytes). +@@ -193,13 +263,13 @@ Other routines, like + .BR mmap (2), + may or may not update + .IR st_atime . +- +-The field ++.TP + .I st_mtime +-is changed by file modifications, for example, by ++This is the file's last modification timestamp. ++It is changed by file modifications, for example, by + .BR mknod (2), + .BR truncate (2), +-.BR utime (2) ++.BR utime (2), + and + .BR write (2) + (of more than zero bytes). +@@ -212,15 +282,78 @@ The + field is + .I not + changed for changes in owner, group, hard link count, or mode. +- +-The field ++.TP + .I st_ctime +-is changed by writing or by setting inode information ++This is the file's last status change timestamp. ++It is changed by writing or by setting inode information + (i.e., owner, group, link count, mode, etc.). + .PP +-The following POSIX macros are defined to check the file type using the ++Not all of the Linux filesystems implement all of the time fields. ++Some filesystem types allow mounting in such a way that file ++and/or directory accesses do not cause an update of the ++.I st_atime ++field. ++(See ++.IR noatime , ++.IR nodiratime , ++and ++.I relatime ++in ++.BR mount (8), ++and related information in ++.BR mount (2).) ++In addition, ++.I st_atime ++is not updated if a file is opened with the ++.BR O_NOATIME ++flag; see ++.BR open (2). ++.\" ++.SS The file type and mode (st_mode) ++POSIX refers to the ++.I st_mode ++bits corresponding to the mask ++.B S_IFMT ++(see below) as the ++.IR "file type" , ++the 12 bits corresponding to the mask 07777 as the ++.IR "file mode bits" ++and the least significant 9 bits (0777) as the ++.IR "file permission bits" . ++.PP ++The following mask values are defined for the file type of the + .I st_mode + field: ++.in +4n ++.TS ++lB l l. ++S_IFMT 0170000 bit mask for the file type bit field ++ ++S_IFSOCK 0140000 socket ++S_IFLNK 0120000 symbolic link ++S_IFREG 0100000 regular file ++S_IFBLK 0060000 block device ++S_IFDIR 0040000 directory ++S_IFCHR 0020000 character device ++S_IFIFO 0010000 FIFO ++.TE ++.in ++.PP ++Thus, to test for a regular file (for example), one could write: ++ ++.nf ++.in +4n ++stat(pathname, &sb); ++if ((sb.st_mode & S_IFMT) == S_IFREG) { ++ /* Handle regular file */ ++} ++.in ++.fi ++.PP ++Because tests of the above form are common, additional ++macros are defined by POSIX to allow the test of the file type in ++.I st_mode ++to be written more concisely: + .RS 4 + .TP 1.2i + .BR S_ISREG (m) +@@ -245,42 +378,85 @@ symbolic link? (Not in POSIX.1-1996.) + socket? (Not in POSIX.1-1996.) + .RE + .PP +-The following flags are defined for the ++The preceding code snippet could thus be rewritten as: ++ ++.nf ++.in +4n ++stat(pathname, &sb); ++if (S_ISREG(sb.st_mode)) { ++ /* Handle regular file */ ++} ++.in ++.fi ++.PP ++The definitions of most of the above file type test macros ++are provided if any of the following feature test macros is defined: ++.BR _BSD_SOURCE ++(in glibc 2.19 and earlier), ++.BR _SVID_SOURCE ++(in glibc 2.19 and earlier), ++or ++.BR _DEFAULT_SOURCE ++(in glibc 2.20 and later). ++In addition, definitions of all of the above macros except ++.BR S_IFSOCK ++and ++.BR S_ISSOCK () ++are provided if ++.BR _XOPEN_SOURCE ++is defined. ++The definition of ++.BR S_IFSOCK ++can also be exposed by defining ++.BR _XOPEN_SOURCE ++with a value of 500 or greater. ++ ++The definition of ++.BR S_ISSOCK () ++is exposed if any of the following feature test macros is defined: ++.BR _BSD_SOURCE ++(in glibc 2.19 and earlier), ++.BR _DEFAULT_SOURCE ++(in glibc 2.20 and later), ++.BR _XOPEN_SOURCE ++with a value of 500 or greater, or ++.BR _POSIX_C_SOURCE ++with a value of 200112L or greater. ++.PP ++The following mask values are defined for ++the file mode component of the + .I st_mode + field: + .in +4n + .TS + lB l l. +-S_IFMT 0170000 bit mask for the file type bit fields +-S_IFSOCK 0140000 socket +-S_IFLNK 0120000 symbolic link +-S_IFREG 0100000 regular file +-S_IFBLK 0060000 block device +-S_IFDIR 0040000 directory +-S_IFCHR 0020000 character device +-S_IFIFO 0010000 FIFO +-S_ISUID 0004000 set-user-ID bit +-S_ISGID 0002000 set-group-ID bit (see below) +-S_ISVTX 0001000 sticky bit (see below) +-S_IRWXU 00700 mask for file owner permissions +-S_IRUSR 00400 owner has read permission +-S_IWUSR 00200 owner has write permission +-S_IXUSR 00100 owner has execute permission +-S_IRWXG 00070 mask for group permissions +-S_IRGRP 00040 group has read permission +-S_IWGRP 00020 group has write permission +-S_IXGRP 00010 group has execute permission +-S_IRWXO 00007 mask for permissions for others (not in group) +-S_IROTH 00004 others have read permission +-S_IWOTH 00002 others have write permission +-S_IXOTH 00001 others have execute permission ++S_ISUID 04000 set-user-ID bit ++S_ISGID 02000 set-group-ID bit (see below) ++S_ISVTX 01000 sticky bit (see below) ++ ++S_IRWXU 00700 owner has read, write, and execute permission ++S_IRUSR 00400 owner has read permission ++S_IWUSR 00200 owner has write permission ++S_IXUSR 00100 owner has execute permission ++ ++S_IRWXG 00070 group has read, write, and execute permission ++S_IRGRP 00040 group has read permission ++S_IWGRP 00020 group has write permission ++S_IXGRP 00010 group has execute permission ++ ++S_IRWXO 00007 T{ ++others (not in group) have read, write, and execute permission ++T} ++S_IROTH 00004 others have read permission ++S_IWOTH 00002 others have write permission ++S_IXOTH 00001 others have execute permission + .TE + .in + .P + The set-group-ID bit + .RB ( S_ISGID ) + has several special uses. +-For a directory it indicates that BSD semantics is to be used ++For a directory, it indicates that BSD semantics is to be used + for that directory: files created there inherit their group ID from + the directory, not from the effective group ID of the creating process, + and directories created there will also get the +@@ -297,6 +473,100 @@ on a directory means that a file + in that directory can be renamed or deleted only by the owner + of the file, by the owner of the directory, and by a privileged + process. ++.\" ++.\" ++.SS fstatat() ++The ++.BR fstatat () ++system call operates in exactly the same way as ++.BR stat (), ++except for the differences described here. ++ ++If the pathname given in ++.I pathname ++is relative, then it is interpreted relative to the directory ++referred to by the file descriptor ++.I dirfd ++(rather than relative to the current working directory of ++the calling process, as is done by ++.BR stat () ++for a relative pathname). ++ ++If ++.I pathname ++is relative and ++.I dirfd ++is the special value ++.BR AT_FDCWD , ++then ++.I pathname ++is interpreted relative to the current working ++directory of the calling process (like ++.BR stat ()). ++ ++If ++.I pathname ++is absolute, then ++.I dirfd ++is ignored. ++ ++.I flags ++can either be 0, or include one or more of the following flags ORed: ++.TP ++.BR AT_EMPTY_PATH " (since Linux 2.6.39)" ++.\" commit 65cfc6722361570bfe255698d9cd4dccaf47570d ++If ++.I pathname ++is an empty string, operate on the file referred to by ++.IR dirfd ++(which may have been obtained using the ++.BR open (2) ++.B O_PATH ++flag). ++In this case, ++.I dirfd ++can refer to any type of file, not just a directory. ++If ++.I dirfd ++is ++.BR AT_FDCWD , ++the call operates on the current working directory. ++This flag is Linux-specific; define ++.B _GNU_SOURCE ++.\" Before glibc 2.16, defining _ATFILE_SOURCE sufficed ++to obtain its definition. ++.TP ++.BR AT_NO_AUTOMOUNT " (since Linux 2.6.38)" ++Don't automount the terminal ("basename") component of ++.I pathname ++if it is a directory that is an automount point. ++This allows the caller to gather attributes of an automount point ++(rather than the location it would mount). ++This flag can be used in tools that scan directories ++to prevent mass-automounting of a directory of automount points. ++The ++.B AT_NO_AUTOMOUNT ++flag has no effect if the mount point has already been mounted over. ++This flag is Linux-specific; define ++.B _GNU_SOURCE ++.\" Before glibc 2.16, defining _ATFILE_SOURCE sufficed ++to obtain its definition. ++.TP ++.B AT_SYMLINK_NOFOLLOW ++If ++.I pathname ++is a symbolic link, do not dereference it: ++instead return information about the link itself, like ++.BR lstat (). ++(By default, ++.BR fstatat () ++dereferences symbolic links, like ++.BR stat ().) ++.PP ++See ++.BR openat (2) ++for an explanation of the need for ++.BR fstatat (). + .SH RETURN VALUE + On success, zero is returned. + On error, \-1 is returned, and +@@ -307,13 +577,13 @@ is set appropriately. + .B EACCES + Search permission is denied for one of the directories + in the path prefix of +-.IR path . ++.IR pathname . + (See also + .BR path_resolution (7).) + .TP + .B EBADF + .I fd +-is bad. ++is not a valid open file descriptor. + .TP + .B EFAULT + Bad address. +@@ -322,26 +592,26 @@ Bad address. + Too many symbolic links encountered while traversing the path. + .TP + .B ENAMETOOLONG +-.I path ++.I pathname + is too long. + .TP + .B ENOENT + A component of +-.I path ++.I pathname + does not exist, or +-.I path +-is an empty string. ++.I pathname ++is an empty string and AT_EMPTY_PATH was not specified. + .TP + .B ENOMEM + Out of memory (i.e., kernel memory). + .TP + .B ENOTDIR + A component of the path prefix of +-.I path ++.I pathname + is not a directory. + .TP + .B EOVERFLOW +-.I path ++.I pathname + or + .I fd + refers to a file whose size, inode number, +@@ -358,8 +628,32 @@ calls + on a file whose size exceeds + .I (1<<31)-1 + bytes. ++.PP ++The following additional errors can occur for ++.BR fstatat (): ++.TP ++.B EBADF ++.I dirfd ++is not a valid file descriptor. ++.TP ++.B EINVAL ++Invalid flag specified in ++.IR flags . ++.TP ++.B ENOTDIR ++.I pathname ++is relative and ++.I dirfd ++is a file descriptor referring to a file other than a directory. ++.SH VERSIONS ++.BR fstatat () ++was added to Linux in kernel 2.6.16; ++library support was added to glibc in version 2.4. + .SH CONFORMING TO +-These system calls conform to SVr4, 4.3BSD, POSIX.1-2001. ++.BR stat (), ++.BR fstat (), ++.BR lstat (): ++SVr4, 4.3BSD, POSIX.1-2001, POSIX.1.2008. + .\" SVr4 documents additional + .\" .BR fstat () + .\" error conditions EINTR, ENOLINK, and EOVERFLOW. SVr4 +@@ -369,18 +663,21 @@ These system calls conform to SVr4, 4.3BSD, POSIX.1-2001. + .\" .BR lstat () + .\" error conditions EINTR, EMULTIHOP, ENOLINK, and EOVERFLOW. + ++.BR fstatat (): ++POSIX.1-2008. ++ + According to POSIX.1-2001, + .BR lstat () + on a symbolic link need return valid information only in the + .I st_size +-field and the file-type component of the ++field and the file type of the + .IR st_mode + field of the + .IR stat + structure. +-POSIX.-2008 tightens the specification, requiring ++POSIX.1-2008 tightens the specification, requiring + .BR lstat () +-to return valid information in all fields except the permission bits in ++to return valid information in all fields except the mode bits in + .IR st_mode . + + Use of the +@@ -413,10 +710,10 @@ POSIX.1-1990 did not describe the + .BR S_IFCHR , + .BR S_IFIFO , + .B S_ISVTX +-constants, but instead demanded the use of ++constants, but instead specified the use of + the macros + .BR S_ISDIR (), +-etc. ++and so on. + The + .BR S_IF* + constants are present in POSIX.1-2001 and later. +@@ -425,11 +722,11 @@ The + .BR S_ISLNK () + and + .BR S_ISSOCK () +-macros are not in ++macros were not in + POSIX.1-1996, but both are present in POSIX.1-2001; + the former is from SVID 4, the latter from SUSv2. + .LP +-UNIX V7 (and later systems) had ++UNIX\ V7 (and later systems) had + .BR S_IREAD , + .BR S_IWRITE , + .BR S_IEXEC , +@@ -438,104 +735,74 @@ prescribes the synonyms + .BR S_IRUSR , + .BR S_IWUSR , + .BR S_IXUSR . +-.SS Other systems +-Values that have been (or are) in use on various systems: +-.ad l +-.TS +-l l l l l. +-hex name ls octal description +-f000 S_IFMT 170000 mask for file type +-0000 000000 T{ +-SCO out-of-service inode; BSD unknown type; SVID-v2 and XPG2 +-have both 0 and 0100000 for ordinary file +-T} +-1000 S_IFIFO p| 010000 FIFO (named pipe) +-2000 S_IFCHR c 020000 character special (V7) +-3000 S_IFMPC 030000 multiplexed character special (V7) +-4000 S_IFDIR d/ 040000 directory (V7) +-5000 S_IFNAM 050000 T{ +-XENIX named special file with two subtypes, distinguished by +-\fIst_rdev\fP values 1, 2 +-T} +-0001 S_INSEM s 000001 XENIX semaphore subtype of IFNAM +-0002 S_INSHD m 000002 XENIX shared data subtype of IFNAM +-6000 S_IFBLK b 060000 block special (V7) +-7000 S_IFMPB 070000 multiplexed block special (V7) +-8000 S_IFREG - 100000 regular (V7) +-9000 S_IFCMP 110000 VxFS compressed +-9000 S_IFNWK n 110000 network special (HP-UX) +-a000 S_IFLNK l@ 120000 symbolic link (BSD) +-b000 S_IFSHAD 130000 T{ +-Solaris shadow inode for ACL (not seen by user space) +-T} +-c000 S_IFSOCK s= 140000 socket (BSD; also "S_IFSOC" on VxFS) +-d000 S_IFDOOR D> 150000 Solaris door +-e000 S_IFWHT w% 160000 BSD whiteout (not used for inode) +-0200 S_ISVTX 001000 T{ +-sticky bit: save swapped text even after use (V7) +-.br +-reserved (SVID-v2) +-.br +-On nondirectories: don't cache this file (SunOS) +-.br +-On directories: restricted deletion flag (SVID-v4.2) +-T} +-0400 S_ISGID 002000 T{ +-set-group-ID on execution (V7) +-.br +-for directories: use BSD semantics for propagation of GID +-T} +-0400 S_ENFMT 002000 T{ +-System V file locking enforcement (shared with S_ISGID) +-T} +-0800 S_ISUID 004000 set-user-ID on execution (V7) +-0800 S_CDF 004000 T{ +-directory is a context dependent file (HP-UX) +-T} +-.TE +-.ad +- +-A sticky command appeared in Version 32V AT&T UNIX. + .SH NOTES ++On Linux, ++.BR lstat () ++will generally not trigger automounter action, whereas ++.BR stat () ++will (but see the description of ++.BR fstatat () ++.B AT_NO_AUTOMOUNT ++fag, above). ++ ++For pseudofiles that are autogenerated by the kernel, ++.BR stat () ++does not return an accurate value in the ++.IR st_size ++field. ++For example, the value 0 is returned for many files under the ++.I /proc ++directory, ++while various files under ++.IR /sys ++report a size of 4096 bytes, even though the file content is smaller. ++For such files, one should simply try to read as many bytes as possible ++(and append \(aq\e0\(aq to the returned buffer ++if it is to be interpreted as a string). ++.\" ++.SS Timestamp fields ++Older kernels and older standards did not support nanosecond timestamp ++fields. ++Instead, there were three timestamp ++.RI fields\(em st_atime , ++.IR st_mtime , ++and ++.IR st_ctime \(emtyped ++as ++.IR time_t ++that recorded timestamps with one-second precision. ++ + Since kernel 2.5.48, the + .I stat + structure supports nanosecond resolution for the three file timestamp fields. +-Glibc exposes the nanosecond component of each field using names of the form +-.IR st_atim.tv_nsec +-if the +-.B _BSD_SOURCE +-or +-.B _SVID_SOURCE +-feature test macro is defined. +-These fields are specified in POSIX.1-2008, and, starting with version 2.12, +-glibc also exposes these field names if ++The nanosecond components of each timestamp are available ++via names of the form ++.IR st_atim.tv_nsec , ++if suitable feature test macros are defined. ++Nanosecond timestamps were standardized in POSIX.1-2008, ++and, starting with version 2.12, ++glibc exposes the nanosecond component names if + .BR _POSIX_C_SOURCE + is defined with the value 200809L or greater, or + .BR _XOPEN_SOURCE + is defined with the value 700 or greater. ++Up to and including glibc 2.19, ++the definitions of the nanoseconds components are also defined if ++.B _BSD_SOURCE ++or ++.B _SVID_SOURCE ++is defined. + If none of the aforementioned macros are defined, + then the nanosecond values are exposed with names of the form + .IR st_atimensec . +-On file systems that do not support subsecond timestamps, +-the nanosecond fields are returned with the value 0. +-.\" As at kernel 2.6.25, XFS and JFS support nanosecond timestamps, +-.\" but ext2, ext3, and Reiserfs do not. +- +-On Linux, +-.BR lstat () +-will generally not trigger automounter action, whereas +-.BR stat () +-will (but see +-.BR fstatat (2)). + +-For most files under the +-.I /proc +-directory, +-.BR stat () +-does not return the file size in the +-.I st_size +-field; instead the field is returned with the value 0. +-.SS Underlying kernel interface ++Nanosecond timestamps are supported on XFS, JFS, Btrfs, and ++ext4 (since Linux 2.6.23). ++.\" commit ef7f38359ea8b3e9c7f2cae9a4d4935f55ca9e80 ++Nanosecond timestamps are not supported in ext2, ext3, and Reiserfs. ++On filesystems that do not support subsecond timestamps, ++the nanosecond fields are returned with the value 0. ++.SS C library/kernel differences + Over time, increases in the size of the + .I stat + structure have led to three successive versions of +@@ -548,17 +815,51 @@ structure have led to three successive versions of + .IR __NR_stat ), + and + .I sys_stat64() +-(new in kernel 2.4; slot +-.IR __NR_stat64 ). ++(slot ++.IR __NR_stat64 ) ++on 32-bit platforms such as i386. ++The first two versions were already present in Linux 1.0 ++(albeit with different names); ++.\" See include/asm-i386/stat.h in the Linux 2.4 source code for the ++.\" various versions of the structure definitions ++the last was added in Linux 2.4. ++Similar remarks apply for ++.BR fstat () ++and ++.BR lstat (). ++ ++The kernel-internal versions of the ++.I stat ++structure dealt with by the different versions are, respectively: ++.TP ++.IR __old_kernel_stat ++The original structure, with rather narrow fields, and no padding. ++.TP ++.IR stat ++Larger ++.I st_ino ++field and padding added to various parts of the structure to ++allow for future expansion. ++.TP ++.IR stat64 ++Even larger ++.I st_ino ++field, ++larger ++.I st_uid ++and ++.I st_gid ++fields to accommodate the Linux-2.4 expansion of UIDs and GIDs to 32 bits, ++and various other enlarged fields and further padding in the structure. ++(Various padding bytes were eventually consumed in Linux 2.6, ++with the advent of 32-bit device IDs and nanosecond components ++for the timestamp fields.) ++.PP + The glibc + .BR stat () + wrapper function hides these details from applications, + invoking the most recent version of the system call provided by the kernel, + and repacking the returned information if required for old binaries. +-Similar remarks apply for +-.BR fstat () +-and +-.BR lstat (). + .\" + .\" A note from Andries Brouwer, July 2007 + .\" +@@ -587,6 +888,20 @@ and + .\" interface, rather than the libc-kernel interface. + .\" + .\" (Note that the details depend on gcc being used as c compiler.) ++ ++On modern 64-bit systems, life is simpler: there is a single ++.BR stat () ++system call and the kernel deals with a ++.I stat ++structure that contains fields of a sufficient size. ++ ++The underlying system call employed by the glibc ++.BR fstatat () ++wrapper function is actually called ++.BR fstatat64 () ++or, on some architectures, ++.\" strace(1) shows the name "newfstatat" on x86-64 ++.BR newfstatat (). + .SH EXAMPLE + The following program calls + .BR stat () +@@ -600,6 +915,7 @@ structure. + #include + #include + #include ++#include + + int + main(int argc, char *argv[]) +@@ -616,6 +932,9 @@ main(int argc, char *argv[]) + exit(EXIT_FAILURE); + } + ++ printf("ID of containing device: [%lx,%lx]\\n", ++ (long) major(sb.st_dev), (long) minor(sb.st_dev)); ++ + printf("File type: "); + + switch (sb.st_mode & S_IFMT) { +@@ -653,10 +972,11 @@ main(int argc, char *argv[]) + } + .fi + .SH SEE ALSO ++.BR ls (1), ++.BR stat (1), + .BR access (2), + .BR chmod (2), + .BR chown (2), +-.BR fstatat (2), + .BR readlink (2), + .BR utime (2), + .BR capabilities (7), +-- +2.7.4 + diff --git a/SPECS/man-pages-overrides.spec b/SPECS/man-pages-overrides.spec index 9d892ad..d223268 100644 --- a/SPECS/man-pages-overrides.spec +++ b/SPECS/man-pages-overrides.spec @@ -2,8 +2,8 @@ Summary: Complementary and updated manual pages Name: man-pages-overrides -Version: 7.3.2 -Release: 2%{?dist} +Version: 7.4.3 +Release: 1%{?dist} # license is the same as for the man-pages package License: GPL+ and GPLv2+ and BSD and MIT and Copyright only and IEEE Group: Documentation @@ -15,14 +15,14 @@ Patch1: 1086994-mpo-7.1.0-proc.5.patch Patch2: 1112307-mpo-7.3.0-cciss.4.patch Patch3: 1021967-mpo-7.1.0-socat.1.patch Patch4: 1131853-mpo-7.1.0-proc.5-proc-fs-not-empty.patch -Patch5: 1181670-mpo-7.3.0-libpaf-dsc.3-libpaf-ebb.3.patch +Patch5: 1085531-mpo-7.4.0-ipvsadm.8.patch Patch6: 1255283-mpo-7.3.0-captest.8.patch Patch7: 1129235-mpo-7.1.0-flock.2.patch # aarch64 specific patch Patch8: 1361588-recv-for-aarch64.patch Patch9: 1263575-mpo-7.3.1-libpng.3-png.5.patch -Patch10: 1109291-mpo-7.1.0-mailx.1.patch -Patch11: 1109294-mpo-7.1.0-mailx.1.environment-variables.patch +Patch10: 1263636-mpo-7.4.0-cp.1-install.1-mkdir.1-mkfifo.1-mknod.1.patch +Patch11: 1316009-mpo-7.4.0-mcstransd.8.patch Patch12: 1131939-mpo-7.1.0-charsets.7-nl_langinfo.3.patch Patch13: 1131859-mpo-7.1.0-host.conf.5.patch Patch14: 1269549-mpo-7.3.0-socket.7.patch @@ -34,19 +34,23 @@ Patch18: 1197850-mpo-7.2.0-backport-thread-safety-information.patch Patch19: 1120294-madvise.2-MADV_REMOVE-supports-more-filesystems.patch Patch20: 1147718-resolv.conf.5-add-missing-no-tld-query.patch Patch21: 1289915-mpo-7.3.0-nsswitch.conf.5.patch -Patch22: 1064756-mpo-7.1.2-netstat.8.patch +Patch22: 1452424-mpo-7.4.2-stat.2.patch Patch23: 1141874-mpo-7.2.0-mgetty-fix-typos-in-mgetty-s-man-pages.patch Patch24: 1297898-mpo-7.3.0-prctl.2.patch Patch25: 1222720-mpo-7.2.0-rtld-audit.7.patch Patch26: 1312875-mpo-7.3.0-tcp.7.patch Patch27: 1315605-mpo-7.3.1-recv.2-cmsg.3.patch Patch28: 1330661-mpo-7.3.1-clone.2-fork.2.patch +Patch29: 1411979-mpo-7.4.0-memparse.1.patch Patch30: 1337039-mpo-7.3.0-setfacl.1.patch Patch31: 1263629-mpo-7.3.0-cp.1-install.1-mkdir.1-mkfifo.1-mknod.1.patch Patch32: 1263632-mpo-7.3.0-cp.1-install.1-mkdir.1-mkfifo.1-mknod.1.patch Patch33: 1263635-mpo-7.3.0-cp.1-install.1-mkdir.1-mkfifo.1-mknod.1.patch Patch34: 1263637-mpo-7.3.0-cp.1-install.1-mkdir.1-mkfifo.1-mknod.1.patch Patch35: 1360898-mpo-7.3.2-prctl.2-capabilities.7.patch +Patch36: 1390935-mpo-7.4.0-nsswitch.conf.5.patch +Patch37: 1404478-mpo-7.4.0-packet.7.patch +Patch38: 1452368-mpo-7.4.2-clone.2.patch %description A collection of manual ("man") pages to complement other packages or update @@ -103,6 +107,47 @@ done %{_mandir}/overrides/ %changelog +* Mon Jun 05 2017 Nikola Forró - 7.4.3-1 +- Upload new tarball +- copy_file_range.2: add new manpage + resolves: #1458195 + +* Mon May 22 2017 Nikola Forró - 7.4.2-1 +- Upload new tarball + related: #1435590 +- stat.2: update to cover latest things used in RHEL7 + resolves: #1452424 +- clone.2: document features related to namespaces + resolves: #1452368 + +* Thu Apr 13 2017 Nikola Forró - 7.4.1-1 +- Upload new tarball + related: #1435590 +- remove bug fixed in original component: #1167833 (net-tools) + +* Tue Mar 28 2017 Nikola Forró - 7.4.0-1 +- Upload new tarball + resolves: #1435590 +- remove bug fixed in original component: #1147568 (mailx) +- remove bug fixed in original component: #1147570 (mailx) +- remove bug fixed in original component: #1147565 (ecj) +- remove bug fixed in original component: #1349833 (paflib) +- ipvsadm.8: add missing option + resolves: #1085531 +- cp.1, install.1, mkdir.1, mkfifo.1, mknod.1: update security context options + to reflect coreutils change + resolves: #1263636 +- mcstransd.8: fix typos + resolves: #1316009 +- memparse.1: remove incorrect description + resolves: #1411979 +- nsswitch.conf.5: add information about sss service + resolves: #1390935 +- packet.7: add missing socket options + resolves: #1404478 +- namespaces.7, pid_namespaces.7, user_namespaces.7: add new manpages + resolves: #1377583 + * Thu Sep 22 2016 Nikola Forró - 7.3.2-2 - open.2: revert documenting O_TMPFILE option related: #1330740