X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=man%2Fsystemd-tmpfiles.xml;h=998fd0911baa5ba35df16e3a64d81ca51d81b53b;hb=cc832f977208a020cdef133b8f44d00040802b81;hp=c1aab5155178ab81d8e1b29122c2893d0086c6c9;hpb=f5df066d1d28920e49cf03d5950330138ea4f236;p=thirdparty%2Fsystemd.git

diff --git a/man/systemd-tmpfiles.xml b/man/systemd-tmpfiles.xml
index c1aab515517..998fd0911ba 100644
--- a/man/systemd-tmpfiles.xml
+++ b/man/systemd-tmpfiles.xml
@@ -1,25 +1,7 @@
 <?xml version='1.0'?> <!--*-nxml-*-->
-<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
   "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
-
-<!--
-  This file is part of systemd.
-
-  Copyright 2010 Lennart Poettering
-
-  systemd is free software; you can redistribute it and/or modify it
-  under the terms of the GNU Lesser General Public License as published by
-  the Free Software Foundation; either version 2.1 of the License, or
-  (at your option) any later version.
-
-  systemd is distributed in the hope that it will be useful, but
-  WITHOUT ANY WARRANTY; without even the implied warranty of
-  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-  Lesser General Public License for more details.
-
-  You should have received a copy of the GNU Lesser General Public License
-  along with systemd; If not, see <http://www.gnu.org/licenses/>.
--->
+<!-- SPDX-License-Identifier: LGPL-2.1+ -->
 
 <refentry id="systemd-tmpfiles"
     xmlns:xi="http://www.w3.org/2001/XInclude">
@@ -27,15 +9,6 @@
   <refentryinfo>
     <title>systemd-tmpfiles</title>
     <productname>systemd</productname>
-
-    <authorgroup>
-      <author>
-        <contrib>Developer</contrib>
-        <firstname>Lennart</firstname>
-        <surname>Poettering</surname>
-        <email>lennart@poettering.net</email>
-      </author>
-    </authorgroup>
   </refentryinfo>
 
   <refmeta>
@@ -60,10 +33,16 @@
       <arg choice="opt" rep="repeat"><replaceable>CONFIGFILE</replaceable></arg>
     </cmdsynopsis>
 
-    <para><filename>systemd-tmpfiles-setup.service</filename></para>
-    <para><filename>systemd-tmpfiles-setup-dev.service</filename></para>
-    <para><filename>systemd-tmpfiles-clean.service</filename></para>
-    <para><filename>systemd-tmpfiles-clean.timer</filename></para>
+    <para>System units:
+<literallayout><filename>systemd-tmpfiles-setup.service</filename>
+<filename>systemd-tmpfiles-setup-dev.service</filename>
+<filename>systemd-tmpfiles-clean.service</filename>
+<filename>systemd-tmpfiles-clean.timer</filename></literallayout></para>
+
+    <para>User units:
+<literallayout><filename>systemd-tmpfiles-setup.service</filename>
+<filename>systemd-tmpfiles-clean.service</filename>
+<filename>systemd-tmpfiles-clean.timer</filename></literallayout></para>
   </refsynopsisdiv>
 
   <refsect1>
@@ -76,12 +55,32 @@
     </para>
 
     <para>If invoked with no arguments, it applies all directives from all configuration
-    files. If one or more absolute filenames are passed on the command line, only the
-    directives in these files are applied.  If <literal>-</literal> is specified instead
-    of a filename, directives are read from standard input.  If only the basename of a
-    configuration file is specified, all configuration directories as specified in
+    files. When invoked with <option>--replace=<replaceable>PATH</replaceable></option>,
+    arguments specified on the command line are used instead of the configuration file
+    <replaceable>PATH</replaceable>. Otherwise, if one or more absolute filenames are
+    passed on the command line, only the directives in these files are applied. If
+    <literal>-</literal> is specified instead of a filename, directives are read from
+    standard input. If only the basename of a configuration file is specified, all
+    configuration directories as specified in
     <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-    are searched for a matching file.</para>
+    are searched for a matching file and the file found that has the highest priority is
+    executed.</para>
+
+    <para>System services (<filename>systemd-tmpfiles-setup.service</filename>,
+    <filename>systemd-tmpfiles-setup-dev.service</filename>,
+    <filename>systemd-tmpfiles-clean.service</filename>) invoke <command>systemd-tmpfiles</command> to create
+    system files and to perform system wide cleanup. Those services read administrator-controlled
+    configuration files in <filename>tmpfiles.d/</filename> directories. User services
+    (<filename>systemd-tmpfiles-setup.service</filename>,
+    <filename>systemd-tmpfiles-clean.service</filename>) also invoke <command>systemd-tmpfiles</command>, but
+    it reads a separate set of files, which includes user-controlled files under
+    <filename>~/.config/user-tmpfiles.d/</filename> and <filename>~/.local/share/user-tmpfiles.d/</filename>,
+    and administrator-controller files under <filename>/usr/share/user-tmpfiles.d/</filename>. Users may use
+    this to create and clean up files under their control, but the system instance performs global cleanup
+    and is not influenced by user configuration. Note that this means a time-based cleanup configured in the
+    system instance, such as the one typically configured for <filename>/tmp</filename>, will thus also
+    affect files created by the user instance if they are placed in <filename>/tmp</filename>, even if the
+    user instance's time-based cleanup is turned off.</para>
   </refsect1>
 
   <refsect1>
@@ -113,7 +112,7 @@
         <varname>T</varname>,
         <varname>a</varname>, and
         <varname>A</varname> have their ownership, access mode and
-        security labels set. </para></listitem>
+        security labels set.</para></listitem>
       </varlistentry>
 
       <varlistentry>
@@ -131,11 +130,19 @@
         marked with <varname>r</varname> or <varname>R</varname> are
         removed.</para></listitem>
       </varlistentry>
+
+      <varlistentry>
+        <term><option>--user</option></term>
+        <listitem><para>Execute "user" configuration, i.e. <filename>tmpfiles.d</filename>
+        files in user configuration directories.</para></listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><option>--boot</option></term>
         <listitem><para>Also execute lines with an exclamation mark.
         </para></listitem>
       </varlistentry>
+
       <varlistentry>
         <term><option>--prefix=<replaceable>path</replaceable></option></term>
         <listitem><para>Only apply rules with paths that start with
@@ -148,26 +155,46 @@
         specified prefix. This option can be specified multiple
         times.</para></listitem>
       </varlistentry>
+
       <varlistentry>
         <term><option>--root=<replaceable>root</replaceable></option></term>
-        <listitem><para>Takes a directory path as an argument. All
-        paths will be prefixed with the given alternate
-        <replaceable>root</replaceable> path, including config search
-        paths. </para></listitem>
+        <listitem><para>Takes a directory path as an argument. All paths will be prefixed with the given alternate
+        <replaceable>root</replaceable> path, including config search paths.</para>
+
+        <para>When this option is used, the libc Name Service Switch (NSS) is bypassed for resolving users
+        and groups. Instead the files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>
+        inside the alternate root are read directly. This means that users/groups not listed in these files
+        will not be resolved, i.e. LDAP NIS and other complex databases are not considered.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>--replace=<replaceable>PATH</replaceable></option></term>
+        <listitem><para>When this option is given, one ore more positional arguments
+        must be specified. All configuration files found in the directories listed in
+        <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+        will be read, and the configuration given on the command line will be
+        handled instead of and with the same priority as the configuration file
+        <replaceable>PATH</replaceable>.</para>
+
+        <para>This option is intended to be used when package installation scripts
+        are running and files belonging to that package are not yet available on
+        disk, so their contents must be given on the command line, but the admin
+        configuration might already exist and should be given higher priority.
+        </para></listitem>
       </varlistentry>
 
+      <xi:include href="standard-options.xml" xpointer="cat-config" />
+      <xi:include href="standard-options.xml" xpointer="no-pager" />
       <xi:include href="standard-options.xml" xpointer="help" />
       <xi:include href="standard-options.xml" xpointer="version" />
     </variablelist>
 
-    <para>It is possible to combine <option>--create</option>,
-    <option>--clean</option>, and <option>--remove</option> in one
-    invocation. For example, during boot the following command line is
-    executed to ensure that all temporary and volatile directories are
+    <para>It is possible to combine <option>--create</option>, <option>--clean</option>, and <option>--remove</option>
+    in one invocation (in which case removal and cleanup are executed before creation of new files). For example,
+    during boot the following command line is executed to ensure that all temporary and volatile directories are
     removed and created according to the configuration file:</para>
 
     <programlisting>systemd-tmpfiles --remove --create</programlisting>
-
   </refsect1>
 
   <refsect1>
@@ -175,7 +202,7 @@
 
     <para><command>systemd-tmpfiles</command> tries to avoid changing
     the access and modification times on the directories it accesses,
-    which requires <constant>CAP_ADMIN</constant> privileges. When
+    which requires <constant>CAP_FOWNER</constant> privileges. When
     running as non-root, directories which are checked for files to
     clean up will have their access time bumped, which might prevent
     their cleanup.
@@ -185,8 +212,16 @@
   <refsect1>
     <title>Exit status</title>
 
-    <para>On success, 0 is returned, a non-zero failure code
-    otherwise.</para>
+    <para>On success, 0 is returned. If the configuration was syntactically invalid (syntax errors,
+    missing arguments, â¦), so some lines had to be ignored, but no other errors occurred,
+    <constant>65</constant> is returned (<constant>EX_DATAERR</constant> from
+    <filename>/usr/include/sysexits.h</filename>). If the configuration was syntactically valid, but
+    could not be executed (lack of permissions, creation of files in missing directories, invalid
+    contents when writing to <filename>/sys/</filename> values, â¦), <constant>73</constant> is
+    returned (<constant>EX_CANTCREAT</constant> from <filename>/usr/include/sysexits.h</filename>).
+    Otherwise, <constant>1</constant> is returned (<constant>EXIT_FAILURE</constant> from
+    <filename>/usr/include/stdlib.h</filename>).
+    </para>
   </refsect1>
 
   <refsect1>
