mirror of https://github.com/mkerrisk/man-pages
random.4, gai.conf.5, slabinfo.5, cgroup_namespaces.7, feature_test_macros.7, keyrings.7, locale.7, man-pages.7, sock_diag.7: ffix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
010c75a2bb
commit
9c40f2b9ba
|
@ -153,11 +153,13 @@ If your system does not have
|
|||
\fI/dev/random\fP and \fI/dev/urandom\fP created already, they
|
||||
can be created with the following commands:
|
||||
.PP
|
||||
.nf
|
||||
mknod \-m 666 /dev/random c 1 8
|
||||
mknod \-m 666 /dev/urandom c 1 9
|
||||
chown root:root /dev/random /dev/urandom
|
||||
.fi
|
||||
.in +4n
|
||||
.EX
|
||||
mknod \-m 666 /dev/random c 1 8
|
||||
mknod \-m 666 /dev/urandom c 1 9
|
||||
chown root:root /dev/random /dev/urandom
|
||||
.EE
|
||||
.in
|
||||
.PP
|
||||
When a Linux system starts up without much operator interaction,
|
||||
the entropy pool may be in a fairly predictable state.
|
||||
|
@ -168,38 +170,42 @@ entropy pool information across shut-downs and start-ups.
|
|||
To do this, add the lines to an appropriate script
|
||||
which is run during the Linux system start-up sequence:
|
||||
.PP
|
||||
.nf
|
||||
echo "Initializing random number generator..."
|
||||
random_seed=/var/run/random-seed
|
||||
# Carry a random seed from start-up to start-up
|
||||
# Load and then save the whole entropy pool
|
||||
if [ \-f $random_seed ]; then
|
||||
cat $random_seed >/dev/urandom
|
||||
else
|
||||
touch $random_seed
|
||||
fi
|
||||
chmod 600 $random_seed
|
||||
poolfile=/proc/sys/kernel/random/poolsize
|
||||
[ \-r $poolfile ] && bits=$(cat $poolfile) || bits=4096
|
||||
bytes=$(expr $bits / 8)
|
||||
dd if=/dev/urandom of=$random_seed count=1 bs=$bytes
|
||||
.fi
|
||||
.in +4n
|
||||
.EX
|
||||
echo "Initializing random number generator..."
|
||||
random_seed=/var/run/random-seed
|
||||
# Carry a random seed from start-up to start-up
|
||||
# Load and then save the whole entropy pool
|
||||
if [ \-f $random_seed ]; then
|
||||
cat $random_seed >/dev/urandom
|
||||
else
|
||||
touch $random_seed
|
||||
fi
|
||||
chmod 600 $random_seed
|
||||
poolfile=/proc/sys/kernel/random/poolsize
|
||||
[ \-r $poolfile ] && bits=$(cat $poolfile) || bits=4096
|
||||
bytes=$(expr $bits / 8)
|
||||
dd if=/dev/urandom of=$random_seed count=1 bs=$bytes
|
||||
.EE
|
||||
.in
|
||||
.PP
|
||||
Also, add the following lines in an appropriate script which is
|
||||
run during the Linux system shutdown:
|
||||
.PP
|
||||
.nf
|
||||
# Carry a random seed from shut-down to start-up
|
||||
# Save the whole entropy pool
|
||||
echo "Saving random seed..."
|
||||
random_seed=/var/run/random-seed
|
||||
touch $random_seed
|
||||
chmod 600 $random_seed
|
||||
poolfile=/proc/sys/kernel/random/poolsize
|
||||
[ \-r $poolfile ] && bits=$(cat $poolfile) || bits=4096
|
||||
bytes=$(expr $bits / 8)
|
||||
dd if=/dev/urandom of=$random_seed count=1 bs=$bytes
|
||||
.fi
|
||||
.in +4n
|
||||
.EX
|
||||
# Carry a random seed from shut-down to start-up
|
||||
# Save the whole entropy pool
|
||||
echo "Saving random seed..."
|
||||
random_seed=/var/run/random-seed
|
||||
touch $random_seed
|
||||
chmod 600 $random_seed
|
||||
poolfile=/proc/sys/kernel/random/poolsize
|
||||
[ \-r $poolfile ] && bits=$(cat $poolfile) || bits=4096
|
||||
bytes=$(expr $bits / 8)
|
||||
dd if=/dev/urandom of=$random_seed count=1 bs=$bytes
|
||||
.EE
|
||||
.in
|
||||
.PP
|
||||
In the above examples, we assume Linux 2.6.0 or later, where
|
||||
.IR /proc/sys/kernel/random/poolsize
|
||||
|
|
|
@ -80,7 +80,8 @@ file is supported by glibc since version 2.5.
|
|||
The default table according to RFC\ 3484 would be specified with the
|
||||
following configuration file:
|
||||
.PP
|
||||
.nf
|
||||
.in +4n
|
||||
.EX
|
||||
label ::1/128 0
|
||||
label ::/0 1
|
||||
label 2002::/16 2
|
||||
|
@ -91,7 +92,8 @@ precedence ::/0 40
|
|||
precedence 2002::/16 30
|
||||
precedence ::/96 20
|
||||
precedence ::ffff:0:0/96 10
|
||||
.fi
|
||||
.EE
|
||||
.in
|
||||
.\" .SH AUTHOR
|
||||
.\" Ulrich Drepper <drepper@redhat.com>
|
||||
.\"
|
||||
|
|
|
@ -39,7 +39,7 @@ The following (edited) output shows an example of the
|
|||
contents of this file:
|
||||
.PP
|
||||
.in 0
|
||||
.nf
|
||||
.EX
|
||||
$ \fBsudo cat /proc/slabinfo\fP
|
||||
slabinfo - version: 2.1
|
||||
# name <active_objs> <num_objs> <objsize> <objperslab> <pagesperslab> ...
|
||||
|
@ -95,7 +95,11 @@ the tunables for a particular cache can be set by writing
|
|||
lines of the following form to
|
||||
.IR /proc/slabinfo :
|
||||
.PP
|
||||
# \fBecho 'name limit batchcount sharedfactor' > /proc/slabinfo\fP
|
||||
.in +4n
|
||||
.EX
|
||||
# \fBecho 'name limit batchcount sharedfactor' > /proc/slabinfo\fP
|
||||
.EE
|
||||
.in
|
||||
.PP
|
||||
Here,
|
||||
.I name
|
||||
|
|
|
@ -88,13 +88,11 @@ Next, we use
|
|||
.BR unshare (1)
|
||||
to create a process running a new shell in new cgroup and mount namespaces:
|
||||
.PP
|
||||
.nf
|
||||
.EX
|
||||
.in +4n
|
||||
# \fBunshare \-Cm bash\fP
|
||||
.in
|
||||
.EE
|
||||
.fi
|
||||
.PP
|
||||
We then inspect the
|
||||
.IR /proc/[pid]/cgroup
|
||||
|
@ -105,7 +103,6 @@ command, a process that is in the original cgroup namespace
|
|||
with PID 1), and a process in a sibling cgroup
|
||||
.RI ( sub2 ):
|
||||
.PP
|
||||
.nf
|
||||
.EX
|
||||
.in +4n
|
||||
$ \fBcat /proc/self/cgroup | grep freezer\fP
|
||||
|
@ -116,7 +113,6 @@ $ \fBcat /proc/20124/cgroup | grep freezer\fP
|
|||
7:freezer:/../sub2
|
||||
.in
|
||||
.EE
|
||||
.fi
|
||||
.PP
|
||||
From the output of the first command,
|
||||
we see that the freezer cgroup membership of the new shell
|
||||
|
@ -136,14 +132,12 @@ However, when we look in
|
|||
.IR /proc/self/mountinfo
|
||||
we see the following anomaly:
|
||||
.PP
|
||||
.nf
|
||||
.EX
|
||||
.in +4n
|
||||
# \fBcat /proc/self/mountinfo | grep freezer\fP
|
||||
155 145 0:32 /.. /sys/fs/cgroup/freezer ...
|
||||
.in
|
||||
.EE
|
||||
.fi
|
||||
.PP
|
||||
The fourth field of this line
|
||||
.RI ( /.. )
|
||||
|
@ -159,7 +153,6 @@ filesystem corresponding to our initial shell process's cgroup namespace
|
|||
We need to remount the freezer cgroup filesystem
|
||||
inside this cgroup namespace, after which we see the expected results:
|
||||
.PP
|
||||
.nf
|
||||
.EX
|
||||
.in +4n
|
||||
# \fBmount \-\-make\-rslave /\fP # Don't propagate mount events
|
||||
|
@ -170,7 +163,6 @@ inside this cgroup namespace, after which we see the expected results:
|
|||
155 145 0:32 / /sys/fs/cgroup/freezer rw,relatime ...
|
||||
.in
|
||||
.EE
|
||||
.fi
|
||||
.PP
|
||||
Use of cgroup namespaces requires a kernel that is configured with the
|
||||
.B CONFIG_CGROUPS
|
||||
|
|
|
@ -85,13 +85,13 @@ from
|
|||
.I either
|
||||
of the following macro
|
||||
definitions must be made before including any header files:
|
||||
.RS
|
||||
.nf
|
||||
|
||||
.PP
|
||||
.in +4n
|
||||
.EX
|
||||
#define _BSD_SOURCE
|
||||
#define _XOPEN_SOURCE /* or any value < 500 */
|
||||
.fi
|
||||
.RE
|
||||
.EE
|
||||
.in
|
||||
.PP
|
||||
Alternatively, equivalent definitions can be included in the
|
||||
compilation command:
|
||||
|
|
|
@ -540,8 +540,8 @@ An example of the data that one might see in this file
|
|||
(with the columns numbered for easy reference below)
|
||||
is the following:
|
||||
.IP
|
||||
.nf
|
||||
.in 0n
|
||||
.EX
|
||||
(1) (2) (3)(4) (5) (6) (7) (8) (9)
|
||||
009a2028 I--Q--- 1 perm 3f010000 1000 1000 user krb_ccache:primary: 12
|
||||
1806c4ba I--Q--- 1 perm 3f010000 1000 1000 keyring _pid: 2
|
||||
|
|
|
@ -260,9 +260,9 @@ Values about local numeric formatting is made available in a
|
|||
returned by the
|
||||
.BR localeconv (3)
|
||||
function, which has the following declaration:
|
||||
.in +2n
|
||||
.nf
|
||||
|
||||
.PP
|
||||
.in +4n
|
||||
.EX
|
||||
struct lconv {
|
||||
|
||||
/* Numeric (nonmonetary) information */
|
||||
|
|
|
@ -174,9 +174,9 @@ Most manual pages should include at least the
|
|||
sections.
|
||||
Arrange a new manual page so that sections
|
||||
are placed in the order shown in the list.
|
||||
.in +0.5i
|
||||
.PP
|
||||
.in +4n
|
||||
.nf
|
||||
|
||||
\fBNAME\fP
|
||||
\fBSYNOPSIS\fP
|
||||
CONFIGURATION [Normally only in Section 4]
|
||||
|
@ -203,7 +203,7 @@ EXAMPLE
|
|||
.\" AUTHORS sections are discouraged
|
||||
.\" AUTHORS [Discouraged]
|
||||
\fBSEE ALSO\fP
|
||||
.EE
|
||||
.fi
|
||||
.in
|
||||
.PP
|
||||
.IR "Where a traditional heading would apply" ", " "please use it" ;
|
||||
|
@ -519,11 +519,11 @@ For example, in the
|
|||
man page, references to the subject of the page would be written as:
|
||||
.BR fcntl ().
|
||||
The preferred way to write this in the source file is:
|
||||
.nf
|
||||
|
||||
.PP
|
||||
.EX
|
||||
.BR fcntl ()
|
||||
|
||||
.fi
|
||||
.EE
|
||||
.PP
|
||||
(Using this format, rather than the use of "\\fB...\\fP()"
|
||||
makes it easier to write tools that parse man page source files.)
|
||||
.\"
|
||||
|
@ -588,11 +588,11 @@ formatted in Roman (normal) font, without any
|
|||
separating spaces (e.g.,
|
||||
.BR intro (2)).
|
||||
The preferred way to write this in the source file is:
|
||||
.nf
|
||||
|
||||
.PP
|
||||
.EX
|
||||
.BR intro (2)
|
||||
|
||||
.fi
|
||||
.EE
|
||||
.PP
|
||||
(Including the section number in cross references lets tools like
|
||||
.BR man2html (1)
|
||||
create properly hyperlinked pages.)
|
||||
|
@ -628,7 +628,9 @@ except where English usage (e.g., proper nouns) or programming
|
|||
language requirements (e.g., identifier names) dictate otherwise.
|
||||
For example:
|
||||
.PP
|
||||
.EX
|
||||
.SS Unicode under Linux
|
||||
.EE
|
||||
.\"
|
||||
.SS Indentation of structure definitions, shell session logs, and so on
|
||||
When structure definitions, shell session logs, and so on are included
|
||||
|
|
|
@ -641,7 +641,7 @@ were introduced in Linux 3.6.
|
|||
The following example program prints inode number, peer's inode number,
|
||||
and name of all UNIX domain sockets in the current namespace.
|
||||
.PP
|
||||
.nf
|
||||
.EX
|
||||
#include <errno.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
@ -834,7 +834,7 @@ main(void)
|
|||
close(fd);
|
||||
return ret;
|
||||
}
|
||||
.fi
|
||||
.EE
|
||||
.SH SEE ALSO
|
||||
.BR netlink (3),
|
||||
.BR rtnetlink (3),
|
||||
|
|
Loading…
Reference in New Issue