man: mention that Hostname= for DHCP must be a valid DNS domain name

[thirdparty/systemd.git] / man / systemd-journal-upload.service.xml

diff --git a/man/systemd-journal-upload.service.xml b/man/systemd-journal-upload.service.xml
index 141e595400d86897f45b7e6aebda2997eeb259e6..cdeadddda823330b8c6ecdd1f158ccf066d210c7 100644 (file)
--- a/man/systemd-journal-upload.service.xml
+++ b/man/systemd-journal-upload.service.xml
@@ -1,4 +1,4 @@
-<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
+<?xml version='1.0'?>
 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
 <!ENTITY % entities SYSTEM "custom-entities.ent" >
@@ -7,10 +7,6 @@
 
 <!--
   SPDX-License-Identifier: LGPL-2.1+
-
-  This file is part of systemd.
-
-  Copyright 2014 Zbigniew Jędrzejewski-Szmek
 -->
 
 <refentry id="systemd-journal-upload" conditional='HAVE_MICROHTTPD'
@@ -19,15 +15,6 @@
   <refentryinfo>
     <title>systemd-journal-upload.service</title>
     <productname>systemd</productname>
-
-    <authorgroup>
-      <author>
-        <contrib>Developer</contrib>
-        <firstname>Zbigniew</firstname>
-        <surname>Jędrzejewski-Szmek</surname>
-        <email>zbyszek@in.waw.pl</email>
-      </author>
-    </authorgroup>
   </refentryinfo>
 
   <refmeta>
@@ -61,6 +48,12 @@
     Unless limited by one of the options specified below, all journal entries accessible to the user
     the program is running as will be uploaded, and then the program will wait and send new entries
     as they become available.</para>
+
+    <para><filename>systemd-journal-upload.service</filename> is a system service that uses
+    <command>systemd-journal-upload</command> to upload journal entries to a server. It uses the
+    configuration in
+    <citerefentry><refentrytitle>journal-upload.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+    At least the <varname>URL=</varname> option must be specified.</para>
   </refsect1>
 
   <refsect1>
@@ -222,7 +215,8 @@
       legitimate, and vice versa, that the client is trusted.</para>
 
       <para>A suitable set of certificates can be generated with
-      <command>openssl</command>:</para>
+      <command>openssl</command>. Note, 2048 bits of key length
+      is minimally recommended to use for security reasons:</para>
 
       <programlisting>openssl req -newkey rsa:2048 -days 3650 -x509 -nodes \
       -out ca.pem -keyout ca.key -subj '/CN=Certificate authority/'
@@ -257,10 +251,10 @@ echo 0001 &gt;serial
 SERVER=server
 CLIENT=client
 
-openssl req -newkey rsa:1024 -nodes -out $SERVER.csr -keyout $SERVER.key -subj "/CN=$SERVER/"
+openssl req -newkey rsa:2048 -nodes -out $SERVER.csr -keyout $SERVER.key -subj "/CN=$SERVER/"
 openssl ca -batch -config ca.conf -notext -in $SERVER.csr -out $SERVER.pem
 
-openssl req -newkey rsa:1024 -nodes -out $CLIENT.csr -keyout $CLIENT.key -subj "/CN=$CLIENT/"
+openssl req -newkey rsa:2048 -nodes -out $CLIENT.csr -keyout $CLIENT.key -subj "/CN=$CLIENT/"
 openssl ca -batch -config ca.conf -notext -in $CLIENT.csr -out $CLIENT.pem
 </programlisting>
 
@@ -285,6 +279,7 @@ openssl ca -batch -config ca.conf -notext -in $CLIENT.csr -out $CLIENT.pem
   <refsect1>
     <title>See Also</title>
     <para>
+      <citerefentry><refentrytitle>journal-upload.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>systemd-journal-remote.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,