X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=man%2Fsystemd-tmpfiles.xml;h=998fd0911baa5ba35df16e3a64d81ca51d81b53b;hb=cc832f977208a020cdef133b8f44d00040802b81;hp=85cb89dc468aaf48f0edbfd44de444bd801a87b0;hpb=a166e13771f308973d7b7221abd65fdd90f42c61;p=thirdparty%2Fsystemd.git

diff --git a/man/systemd-tmpfiles.xml b/man/systemd-tmpfiles.xml
index 85cb89dc468..998fd0911ba 100644
--- a/man/systemd-tmpfiles.xml
+++ b/man/systemd-tmpfiles.xml
@@ -1,27 +1,7 @@
 <?xml version='1.0'?> <!--*-nxml-*-->
-<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
   "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
-
-<!--
-  SPDX-License-Identifier: LGPL-2.1+
-
-  This file is part of systemd.
-
-  Copyright 2010 Lennart Poettering
-
-  systemd is free software; you can redistribute it and/or modify it
-  under the terms of the GNU Lesser General Public License as published by
-  the Free Software Foundation; either version 2.1 of the License, or
-  (at your option) any later version.
-
-  systemd is distributed in the hope that it will be useful, but
-  WITHOUT ANY WARRANTY; without even the implied warranty of
-  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-  Lesser General Public License for more details.
-
-  You should have received a copy of the GNU Lesser General Public License
-  along with systemd; If not, see <http://www.gnu.org/licenses/>.
--->
+<!-- SPDX-License-Identifier: LGPL-2.1+ -->
 
 <refentry id="systemd-tmpfiles"
     xmlns:xi="http://www.w3.org/2001/XInclude">
@@ -29,15 +9,6 @@
   <refentryinfo>
     <title>systemd-tmpfiles</title>
     <productname>systemd</productname>
-
-    <authorgroup>
-      <author>
-        <contrib>Developer</contrib>
-        <firstname>Lennart</firstname>
-        <surname>Poettering</surname>
-        <email>lennart@poettering.net</email>
-      </author>
-    </authorgroup>
   </refentryinfo>
 
   <refmeta>
@@ -94,6 +65,22 @@
     <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
     are searched for a matching file and the file found that has the highest priority is
     executed.</para>
+
+    <para>System services (<filename>systemd-tmpfiles-setup.service</filename>,
+    <filename>systemd-tmpfiles-setup-dev.service</filename>,
+    <filename>systemd-tmpfiles-clean.service</filename>) invoke <command>systemd-tmpfiles</command> to create
+    system files and to perform system wide cleanup. Those services read administrator-controlled
+    configuration files in <filename>tmpfiles.d/</filename> directories. User services
+    (<filename>systemd-tmpfiles-setup.service</filename>,
+    <filename>systemd-tmpfiles-clean.service</filename>) also invoke <command>systemd-tmpfiles</command>, but
+    it reads a separate set of files, which includes user-controlled files under
+    <filename>~/.config/user-tmpfiles.d/</filename> and <filename>~/.local/share/user-tmpfiles.d/</filename>,
+    and administrator-controller files under <filename>/usr/share/user-tmpfiles.d/</filename>. Users may use
+    this to create and clean up files under their control, but the system instance performs global cleanup
+    and is not influenced by user configuration. Note that this means a time-based cleanup configured in the
+    system instance, such as the one typically configured for <filename>/tmp</filename>, will thus also
+    affect files created by the user instance if they are placed in <filename>/tmp</filename>, even if the
+    user instance's time-based cleanup is turned off.</para>
   </refsect1>
 
   <refsect1>
@@ -174,10 +161,10 @@
         <listitem><para>Takes a directory path as an argument. All paths will be prefixed with the given alternate
         <replaceable>root</replaceable> path, including config search paths.</para>
 
-        <para>Note that this option does not alter how the users and groups specified in the configuration files are
-        resolved. With or without this option, users and groups are always resolved according to the host's user and
-        group databases, any such databases stored under the specified root directories are not
-        consulted.</para></listitem>
+        <para>When this option is used, the libc Name Service Switch (NSS) is bypassed for resolving users
+        and groups. Instead the files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>
+        inside the alternate root are read directly. This means that users/groups not listed in these files
+        will not be resolved, i.e. LDAP NIS and other complex databases are not considered.</para></listitem>
       </varlistentry>
 
       <varlistentry>
@@ -196,18 +183,18 @@
         </para></listitem>
       </varlistentry>
 
+      <xi:include href="standard-options.xml" xpointer="cat-config" />
+      <xi:include href="standard-options.xml" xpointer="no-pager" />
       <xi:include href="standard-options.xml" xpointer="help" />
       <xi:include href="standard-options.xml" xpointer="version" />
     </variablelist>
 
-    <para>It is possible to combine <option>--create</option>,
-    <option>--clean</option>, and <option>--remove</option> in one
-    invocation. For example, during boot the following command line is
-    executed to ensure that all temporary and volatile directories are
+    <para>It is possible to combine <option>--create</option>, <option>--clean</option>, and <option>--remove</option>
+    in one invocation (in which case removal and cleanup are executed before creation of new files). For example,
+    during boot the following command line is executed to ensure that all temporary and volatile directories are
     removed and created according to the configuration file:</para>
 
     <programlisting>systemd-tmpfiles --remove --create</programlisting>
-
   </refsect1>
 
   <refsect1>
@@ -215,7 +202,7 @@
 
     <para><command>systemd-tmpfiles</command> tries to avoid changing
     the access and modification times on the directories it accesses,
-    which requires <constant>CAP_ADMIN</constant> privileges. When
+    which requires <constant>CAP_FOWNER</constant> privileges. When
     running as non-root, directories which are checked for files to
     clean up will have their access time bumped, which might prevent
     their cleanup.
@@ -225,11 +212,15 @@
   <refsect1>
     <title>Exit status</title>
 
-    <para>On success, 0 is returned. If the configuration was invalid (invalid syntax, missing
-    arguments, â¦), so some lines had to be ignored, but no other errors occurred,
+    <para>On success, 0 is returned. If the configuration was syntactically invalid (syntax errors,
+    missing arguments, â¦), so some lines had to be ignored, but no other errors occurred,
     <constant>65</constant> is returned (<constant>EX_DATAERR</constant> from
-    <filename>/usr/include/sysexits.h</filename>). Otherwise, <constant>1</constant> is returned
-    (<constant>EXIT_FAILURE</constant> from <filename>/usr/include/stdlib.h</filename>).
+    <filename>/usr/include/sysexits.h</filename>). If the configuration was syntactically valid, but
+    could not be executed (lack of permissions, creation of files in missing directories, invalid
+    contents when writing to <filename>/sys/</filename> values, â¦), <constant>73</constant> is
+    returned (<constant>EX_CANTCREAT</constant> from <filename>/usr/include/sysexits.h</filename>).
+    Otherwise, <constant>1</constant> is returned (<constant>EXIT_FAILURE</constant> from
+    <filename>/usr/include/stdlib.h</filename>).
     </para>
   </refsect1>
 
