e5efbe9106
ioctl_userfaultfd.2: Fix misordering of sections
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-06 18:05:06 +02:00
e89b82b758
ioctl_ns.2: Fix misordering of sections
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-06 18:04:14 +02:00
1172adfab5
ioctl_iflags.2: Fix misordering of sections
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-06 18:03:13 +02:00
21f685fd8f
request_key.2: wfix: /etc/request-keys.conf -> /etc/request-key.conf
...
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-06 09:36:44 +02:00
59d99553ae
crypt.3: Note glibc version that added 'rounds' parameter
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-05 20:15:43 +02:00
42079b0179
crypt.3: Rework text describing 'rounds' parameter
...
The text reads a little more clearly if we talk about
'xxx' rather than 'the supplied number'.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-05 20:13:18 +02:00
4c130fabc3
crypt.3: Minor wording improvements to Konstantin's patches
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-05 20:13:18 +02:00
84bee58c24
crypt.3: Add description of previously undocumented 'rounds' parameter
...
Files crypt/sha{256,512}-crypt.c in the glibc source define
macros:
/* Default number of rounds if not explicitly specified. */
#define ROUNDS_DEFAULT 5000
/* Minimum number of rounds. */
#define ROUNDS_MIN 1000
/* Maximum number of rounds. */
#define ROUNDS_MAX 999999999
And the main encryption function __sha512_crypt_r() sets:
rounds = MAX (ROUNDS_MIN, MIN (srounds, ROUNDS_MAX));
One can check that for example
crypt("key", "$5$rounds=1$salt")
returns the string
$5$rounds=1000$salt$PWLKU7MTJ0s5M/mjBPcqnMsorm3qKyoBctxmZ1mNwn2
This parameter has been introduced in glibc 2.7.
Signed-off-by: Konstantin Shemyak <konstantin@shemyak.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-05 19:49:35 +02:00
d32b36982d
crypt.3: Clarify that ending of the salt string with '$' is optional
...
In crypt/sha512-crypt.c::__sha512_crypt_r() and the similar
sha256 function, the length of the actually used salt is
calculated as:
salt_len = MIN (strcspn (salt, "$"), SALT_LEN_MAX);
Thus the trailing '$' is optional in the salt string. One can
check that
crypt("key", "$5$salt")
yields the same result as
crypt("key", "$5$salt$").
Signed-off-by: Konstantin Shemyak <konstantin@shemyak.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-05 19:48:35 +02:00
893c609dcd
crypt.3: Encryption isn't done with SHA-xxx, but with a function based on SHA-xxx
...
The encryption is done by glibc functions __shaxxx_crypt_r() in
files crypt/shaxxx-crypt.c. They implement a nontrivial algorithm
to construct the inputs for the hashing functions and to apply
them iteratively.
Signed-off-by: Konstantin Shemyak <konstantin@shemyak.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-05 19:47:52 +02:00
266d8f7ef1
crypt.3: ffix
...
Signed-off-by: Konstantin Shemyak <konstantin@shemyak.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-04 01:27:21 +02:00
0e840b4234
keyctl.2: Minor fixes to Eugene's patch
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 13:27:56 +02:00
54d5a1c72b
keyctl.2: Document the KEYCTL_RESTRICT_KEYRING operation
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 13:18:44 +02:00
8a351f8497
getrlimit.2: Note that RLIMIT_AS and RLIMIT_DATA are rounded down to system page size
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 04:06:51 +02:00
b50667ac6d
getrlimit.2: Mention unit for RLIMIT_DATA
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:48:39 +02:00
4a63f626b5
getrlimit.2: Mention unit used by RLIMIT_CORE and RLIMIT_FSIZE
...
It would have been obvious that these limits are in bytes, except that
"ulimit -a" in at least bash, dash and zsh says that they're in blocks.
This confused me, so I had to check the kernel source code.
My understanding is that they are indeed in bytes, so mention this
information in the man page.
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:45:56 +02:00
df81149955
keyctl.2: Minor fixes to Eugene's patch
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:41:42 +02:00
a02cbc788b
keyctl.2: Document the ability to provide KDF parameters in KEYCTL_DH_COMPUTE
...
Acked-by: Stephan Müller <smueller@chronox.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:28:50 +02:00
e937944e81
keyctl.2: Mention ENOMEM in ERRORS
...
This one is not very specific, as memory allocations are scattered across
the code, so let's put some generic description here.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:24:42 +02:00
04630ce71c
keyrings.7: Add pointers to kernel's documentation
...
Mostly because of assymmetric-keys.txt, which is outside
security/keys for some reason.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:19:48 +02:00
954be1b921
keyctl.2: Minor tweaks to Eugene's patch (mention old keys.txt file)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:18:48 +02:00
f17b3bd8ee
keyctl.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:17:52 +02:00
514c8256cc
keyctl.2: Update kernel documentation path reference
...
It has been changed in b68101a1e8f0263dbc7b8375d2a7c57c6216fb76
(Linux 4.13).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:16:46 +02:00
8a156aca74
keyctl.2: wfix: change "is" to "was" in error descriptions
...
Since half of items used "was" and another half used "is".
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:13:53 +02:00
d7f23d0bd6
proc.5: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:12:25 +02:00
76f6f10206
proc.5: Add description for softirq line in /proc/stat
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:11:20 +02:00
46f6dbe83f
proc.5: Add description for cpuN lines in /pro/stat
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:10:01 +02:00
2d3fb75b7b
proc.5: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-03 02:07:29 +02:00
d754b76ddc
ioctl_tty.2: Elaborate a little on the rationale for TIOCGPTPEER
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-28 21:20:31 +02:00
f88bf37c1d
intro.6: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 21:41:03 +02:00
f05f1a0749
mdoc.samples.7: grfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 21:41:03 +02:00
11cabd5ae3
intro.5: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 21:41:03 +02:00
4d53aa005e
MB_LEN_MAX.3: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 21:41:03 +02:00
0fd98a89aa
nologin.5: Add a sentence explaining why nologin is useful
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 21:41:03 +02:00
e2c4b45d40
issue.5: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 21:41:03 +02:00
2a2ecb8753
MB_LEN_MAX.3: grfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 21:41:03 +02:00
c28ca2ba8c
zdump.8: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 21:41:02 +02:00
82cc682cef
mdoc.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 21:41:00 +02:00
c695beb6a8
intro.7: wfix: make NAME line a bit more general
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 21:14:59 +02:00
c86d3187e6
intro.4: SEE ALSO: add mknod(1) and mknod(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 20:59:34 +02:00
b96315d884
queue.3: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 20:54:52 +02:00
b5360edbd3
MB_CUR_MAX.3: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 20:51:31 +02:00
e3f77df9dc
ipc.2: SEE ALSO: add svipc(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 20:48:00 +02:00
cf9c395834
ipc.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 20:47:45 +02:00
e5486b10fa
ldd.1: Add more detail on ldd security implications, noting glibc 2.27 changes
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-25 00:37:36 +02:00
36454047ec
stat.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-24 12:58:47 +02:00
06ad9290b7
ioctl_getfsmap.2: Correct semantics of FMR_OF_LAST flag
...
The FMR_OF_LAST flag is applied to the last record in the returned
data set, which is not necessarily the last record in the
filesystem. Correct the documentation to reflect the actual
behavior of both getfsmap implementations.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-24 00:32:44 +02:00
73593f0d3b
matherr.3: Note that glibc 2.27 removes the 'matherr' mechanism
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-23 12:36:40 +02:00
d4f849a29d
matherr.3: Remove crufty feature test macro requirements
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-23 12:12:11 +02:00
e2a71fb39a
regex.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-22 02:55:13 +02:00
Michael Kerrisk