.BR zsh (1),
.BR wait (2),
.BR stdout (3),
-.BR man-pages (7),
+.BR man\-pages (7),
.BR standards (7)
The default directory for locale definition files is printed by
.BR "localedef \-\-help" .
.TP
-.BI \-u " repertoirefile" "\fR, \fP\-\-repertoire-map=" repertoirefile
+.BI \-u " repertoirefile" "\fR, \fP\-\-repertoire\-map=" repertoirefile
Read mappings from symbolic names to Unicode code points from
.IR repertoirefile .
If
.I size
entries before writing them out.
.TP
-.B \fB\-\-no-timer
+.B \-\-no\-timer
Disable timer-based
.RB ( SIGPROF )
sampling of stack pointer value.
.B \-T\fR,\ \fB\-\-total
Also draw a graph of total memory consumption.
.TP
-.BI \-x\ size \fR,\ \fB\-\-x-size= size
+.BI \-x\ size \fR,\ \fB\-\-x\-size= size
Make the output graph
.I size
pixels wide.
Generally, eBPF programs are loaded by the user process and automatically
unloaded when the process exits.
In some cases, for example,
-.BR tc-bpf (8),
+.BR tc\-bpf (8),
the program will continue to stay alive inside the kernel even after the
process that loaded the program exits.
In that case,
.PD
.SH SEE ALSO
.BR seccomp (2),
-.BR bpf-helpers (7),
+.BR bpf\-helpers (7),
.BR socket (7),
.BR tc (8),
-.BR tc-bpf (8)
+.BR tc\-bpf (8)
.PP
Both classic and extended BPF are explained in the kernel source file
.IR Documentation/networking/filter.txt .
This interpreter is typically
.I /lib/ld-linux.so.2
for binaries linked with glibc (see
-.BR ld-linux.so (8)).
+.BR ld\-linux.so (8)).
.\"
.SS Effect on process attributes
All process attributes are preserved during an
.in +4n
.EX
.RB "$" " cat > script"
-.B #!./myecho script-arg
+.B #!./myecho script\-arg
.B ^D
.RB "$" " chmod +x script"
.EE
.EX
.RB "$" " ./execve ./script"
argv[0]: ./myecho
-argv[1]: script-arg
+argv[1]: script\-arg
argv[2]: ./script
argv[3]: hello
argv[4]: world
.BR fork ()
in a multithreaded program,
the child can safely call only async-signal-safe functions (see
-.BR signal-safety (7))
+.BR signal\-safety (7))
until such time as it calls
.BR execve (2).
.IP *
.B KEY_SPEC_THREAD_KEYRING
This specifies the calling thread's thread-specific keyring.
See
-.BR thread-keyring (7).
+.BR thread\-keyring (7).
.TP
.B KEY_SPEC_PROCESS_KEYRING
This specifies the caller's process-specific keyring.
See
-.BR process-keyring (7).
+.BR process\-keyring (7).
.TP
.B KEY_SPEC_SESSION_KEYRING
This specifies the caller's session-specific keyring.
See
-.BR session-keyring (7).
+.BR session\-keyring (7).
.TP
.B KEY_SPEC_USER_KEYRING
This specifies the caller's UID-specific keyring.
See
-.BR user-keyring (7).
+.BR user\-keyring (7).
.TP
.B KEY_SPEC_USER_SESSION_KEYRING
This specifies the caller's UID-session keyring.
See
-.BR user-session-keyring (7).
+.BR user\-session\-keyring (7).
.TP
.BR KEY_SPEC_REQKEY_AUTH_KEY " (since Linux 2.6.16)"
.\" commit b5f545c880a2a47947ba2118b2509644ab7a2969
.BR request_key (2)
and passed to the process it spawns to generate a key.
This key is available only in a
-.BR request-key (8)-style
+.BR request\-key (8)-style
program that was passed an authorization key by the kernel and
ceases to be available once the requested key has been instantiated; see
.BR request_key (2).
.BR request_key (2)
destination keyring.
This keyring is available only in a
-.BR request-key (8)-style
+.BR request\-key (8)-style
program that was passed an authorization key by the kernel and
ceases to be available once the requested key has been instantiated; see
.BR request_key (2).
and once the uninstantiated key has been instantiated,
the authorization key is revoked.
In other words, this operation is available only from a
-.BR request-key (8)-style
+.BR request\-key (8)-style
program.
See
.BR request_key (2)
(In other words, the
.BR KEYCTL_ASSUME_AUTHORITY
operation is available only from a
-.BR request-key (8)-style
+.BR request\-key (8)-style
program; see
.BR request_key (2)
for an explanation of how this operation is used.)
The
.BR KEYCTL_ASSUME_AUTHORITY
mechanism allows a program such as
-.BR request-key (8)
+.BR request\-key (8)
to assume the necessary authority to instantiate a new uninstantiated key
that was created as a consequence of a call to
.BR request_key (2).
.IP
The caller must have the appropriate authorization key.
In other words, this operation is available only from a
-.BR request-key (8)-style
+.BR request\-key (8)-style
program.
See
.BR request_key (2).
and once the uninstantiated key has been instantiated,
the authorization key is revoked.
In other words, this operation is available only from a
-.BR request-key (8)-style
+.BR request\-key (8)-style
program.
See
.BR request_key (2)
mentioned in the descriptions of individual operations above.
.SH EXAMPLES
The program below provide subset of the functionality of the
-.BR request-key (8)
+.BR request\-key (8)
program provided by the
.I keyutils
package.
As described in
.BR request_key (2),
the
-.BR request-key (8)
+.BR request\-key (8)
program is invoked with command-line arguments that
describe a key that is to be instantiated.
The example program fetches and logs these arguments.
The following shell session demonstrates the use of this program.
In the session,
we compile the program and then use it to temporarily replace the standard
-.BR request-key (8)
+.BR request\-key (8)
program.
(Note that temporarily disabling the standard
-.BR request-key (8)
+.BR request\-key (8)
program may not be safe on some systems.)
While our example program is installed,
we use the example program shown in
.TP
.B KEY_SPEC_THREAD_KEYRING
This specifies the caller's thread-specific keyring (see
-.BR thread-keyring (7)).
+.BR thread\-keyring (7)).
.TP
.B KEY_SPEC_PROCESS_KEYRING
This specifies the caller's process-specific keyring (see
-.BR process-keyring (7)).
+.BR process\-keyring (7)).
.TP
.B KEY_SPEC_SESSION_KEYRING
This specifies the caller's session-specific keyring (see
-.BR session-keyring (7)).
+.BR session\-keyring (7)).
.TP
.B KEY_SPEC_USER_KEYRING
This specifies the caller's UID-specific keyring (see
-.BR user-keyring (7)).
+.BR user\-keyring (7)).
.TP
.B KEY_SPEC_USER_SESSION_KEYRING
This specifies the caller's UID-session keyring (see
-.BR user-session-keyring (7)).
+.BR user\-session\-keyring (7)).
.PP
When the
.I dest_keyring
The thread-specific keyring
.RB ( KEY_REQKEY_DEFL_THREAD_KEYRING ;
see
-.BR thread-keyring (7)).
+.BR thread\-keyring (7)).
.IP \(bu
The process-specific keyring
.RB ( KEY_REQKEY_DEFL_PROCESS_KEYRING ;
see
-.BR process-keyring (7)).
+.BR process\-keyring (7)).
.IP \(bu
The session-specific keyring
.RB ( KEY_REQKEY_DEFL_SESSION_KEYRING ;
see
-.BR session-keyring (7)).
+.BR session\-keyring (7)).
.IP \(bu
The session keyring for the process's user ID
.RB ( KEY_REQKEY_DEFL_USER_SESSION_KEYRING ;
see
-.BR user-session-keyring (7)).
+.BR user\-session\-keyring (7)).
This keyring is expected to always exist.
.IP \(bu
The UID-specific keyring
.RB ( KEY_REQKEY_DEFL_USER_KEYRING ;
see
-.BR user-keyring (7)).
+.BR user\-keyring (7)).
This keyring is also expected to always exist.
.\" mtk: Are there circumstances where the user sessions and UID-specific
.\" keyrings do not exist?
.RE
.IP c)
The kernel creates a process that executes a user-space service such as
-.BR request-key (8)
+.BR request\-key (8)
with a new session keyring that contains a link to the authorization key, V.
-.\" The request-key(8) program can be invoked in circumstances *other* than
+.\" The request\-key(8) program can be invoked in circumstances *other* than
.\" when triggered by request_key(2). For example, upcalls from places such
.\" as the DNS resolver.
.IP
.RS
.IP [0] 4
The string
-.IR """/sbin/request-key""" .
+.IR """/sbin/request\-key""" .
.IP [1]
The string
.I """create"""
The purpose of this negatively instantiated key is to prevent
(possibly different) processes making repeated requests
(that require expensive
-.BR request-key (8)
+.BR request\-key (8)
upcalls) for a key that can't (at the moment) be positively instantiated.
.PP
Once the key has been instantiated, the authorization key
is revoked, and the destination keyring
.RB ( KEY_SPEC_REQUESTOR_KEYRING )
is no longer accessible from the
-.BR request-key (8)
+.BR request\-key (8)
program.
.PP
If a key is created, then\(emregardless of whether it is a valid key or
.PP
In order to demonstrate this program,
we first create a suitable entry in the file
-.IR /etc/request-key.conf .
+.IR /etc/request\-key.conf .
.PP
.in +4n
.EX
$ sudo sh
# \fBecho 'create user mtk:* * /bin/keyctl instantiate %k %c %S' \e\fP
- \fB> /etc/request-key.conf\fP
+ \fB> /etc/request\-key.conf\fP
# \fBexit\fP
.EE
.in
of the requestor (i.e., the caller of
.BR request_key ()).
See
-.BR request-key.conf (5)
+.BR request\-key.conf (5)
for details of these
.I %
specifiers.
.EX
$ \fB./t_request_key user mtk:key1 "Payload data"\fP
$ \fBgrep \(aq2dddaf50\(aq /proc/keys\fP
-2dddaf50 I--Q--- 1 perm 3f010000 1000 1000 user mtk:key1: 12
+2dddaf50 I\-\-Q\-\-\- 1 perm 3f010000 1000 1000 user mtk:key1: 12
.EE
.in
.PP
for details on manipulating signal sets.
.PP
See
-.BR signal-safety (7)
+.BR signal\-safety (7)
for a list of the async-signal-safe functions that can be
safely called inside from inside a signal handler.
.\"
.BR SIG_IGN .
.PP
See
-.BR signal-safety (7)
+.BR signal\-safety (7)
for a list of the async-signal-safe functions that can be
safely called from inside a signal handler.
.PP
.\" rds-tools: https://github.com/oracle/rds-tools/blob/master/rds-rdma.7
.BR rds (7)
.br
-.BR rds-rdma (7)
+.BR rds\-rdma (7)
T}
T{
.B AF_PPPOX
.BR dlerror (3),
.BR dlinfo (3),
.BR dlsym (3),
-.BR rtld-audit (7),
+.BR rtld\-audit (7),
.BR ld.so (8),
.BR ldconfig (8)
.PP
a nonzero value may be triggered by a Linux Security Module.
When this value is nonzero,
the dynamic linker disables the use of certain environment variables (see
-.BR ld-linux.so (8))
+.BR ld\-linux.so (8))
and glibc changes other aspects of its behavior.
(See also
.BR secure_getenv (3).)
.SH NOTES
The primary consumer of the information in the auxiliary vector
is the dynamic linker,
-.BR ld-linux.so (8).
+.BR ld\-linux.so (8).
The auxiliary vector is a convenient and efficient shortcut
that allows the kernel to communicate a certain set of standard
information that the dynamic linker usually or always needs.
.SH SEE ALSO
.BR secure_getenv (3),
.BR vdso (7),
-.BR ld-linux.so (8)
+.BR ld\-linux.so (8)
gnu_get_libc_version, gnu_get_libc_release \- get glibc version and release
.SH SYNOPSIS
.nf
-.B #include <gnu/libc-version.h>
+.B #include <gnu/libc\-version.h>
.PP
.B const char *gnu_get_libc_version(void);
.B const char *gnu_get_libc_release(void);
.BR fork (2)
in a multithreaded process returns in the child,
the child should call only async-signal-safe functions (see
-.BR signal-safety (7))
+.BR signal\-safety (7))
until such time as it calls
.BR execve (2)
to execute a new program.
.BR sem_getvalue (3),
.BR sem_wait (3),
.BR sem_overview (7),
-.BR signal-safety (7)
+.BR signal\-safety (7)
.IR main ().
.SH SEE ALSO
.BR signal (7),
-.BR signal-safety (7)
+.BR signal\-safety (7)
.TP
.B %F
Equivalent to
-.B %Y-%m-%d
+.B %Y\-%m\-%d
(the ISO\ 8601 date format). (C99)
.TP
.B %G
.BR clone (2),
.BR network_namespaces (7),
.BR ip (8),
-.BR ip-link (8),
-.BR ip-netns (8)
+.BR ip\-link (8),
+.BR ip\-netns (8)
.BR charsets (7),
.BR locale (7),
.BR unicode (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
Specifies name of the file to which debug info should be written.
.RE
.PP
-.B debug-level
+.B debug\-level
.I value
.RS
Sets the desired debug level.
At least five threads will always be created.
.RE
.PP
-.B max-threads
+.B max\-threads
.I number
.RS
Specifies the maximum number of threads.
The default is 32.
.RE
.PP
-.B server-user
+.B server\-user
.I user
.RS
If this option is set, nscd will run as this user and not as root.
option is ignored.
.RE
.PP
-.B stat-user
+.B stat\-user
.I user
.RS
Specifies the user who is allowed to request statistics.
.RE
.PP
-.B reload-count
+.B reload\-count
unlimited |
.I number
.RS
The default is no.
.RE
.PP
-.B restart-interval
+.B restart\-interval
.I time
.RS
Sets the restart interval to
The default is 3600.
.RE
.PP
-.B enable-cache
+.B enable\-cache
.I service
.I <yes|no>
.RS
The default is no.
.RE
.PP
-.B positive-time-to-live
+.B positive\-time\-to\-live
.I service
.I value
.RS
response times, but increase problems with cache coherence.
.RE
.PP
-.B negative-time-to-live
+.B negative\-time\-to\-live
.I service
.I value
.RS
to reduce cache coherency problems.
.RE
.PP
-.B suggested-size
+.B suggested\-size
.I service
.I value
.RS
The default is 211.
.RE
.PP
-.B check-files
+.B check\-files
.I service
.I <yes|no>
.RS
The default is no.
.RE
.PP
-.B max-db-size
+.B max\-db\-size
.I service
.I bytes
.RS
The default is 33554432.
.RE
.PP
-.B auto-propagate
+.B auto\-propagate
.I service
.I <yes|no>
.RS
.I ip6.arpa
zone by default.
These options are available in glibc versions up to 2.24, where
-.BR no-ip6-dotint
+.BR no\-ip6\-dotint
is the default.
Since
.BR ip6\-dotint
.\" rds-tools: https://github.com/oracle/rds-tools/blob/master/rds.7
.\" rds-tools: https://github.com/oracle/rds-tools/blob/master/rds-rdma.7
.BR rds (7),
-.BR rds-rdma (7),
+.BR rds\-rdma (7),
and
.I Documentation/networking/rds.txt
in the Linux kernel source tree.
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.\"
.SH SEE ALSO
.BR charsets (7),
-.BR iso_8859-1 (7),
-.BR iso_8859-2 (7),
-.BR iso_8859-3 (7),
-.BR iso_8859-4 (7),
-.BR iso_8859-5 (7),
-.BR iso_8859-6 (7),
-.BR iso_8859-7 (7),
-.BR iso_8859-8 (7),
-.BR iso_8859-9 (7),
-.BR iso_8859-10 (7),
-.BR iso_8859-11 (7),
-.BR iso_8859-13 (7),
-.BR iso_8859-14 (7),
-.BR iso_8859-15 (7),
-.BR iso_8859-16 (7),
-.BR utf-8 (7)
+.BR iso_8859\-1 (7),
+.BR iso_8859\-2 (7),
+.BR iso_8859\-3 (7),
+.BR iso_8859\-4 (7),
+.BR iso_8859\-5 (7),
+.BR iso_8859\-6 (7),
+.BR iso_8859\-7 (7),
+.BR iso_8859\-8 (7),
+.BR iso_8859\-9 (7),
+.BR iso_8859\-10 (7),
+.BR iso_8859\-11 (7),
+.BR iso_8859\-13 (7),
+.BR iso_8859\-14 (7),
+.BR iso_8859\-15 (7),
+.BR iso_8859\-16 (7),
+.BR utf\-8 (7)
Employ privileged BPF operations; see
.BR bpf (2)
and
-.BR bpf-helpers (7).
+.BR bpf\-helpers (7).
.IP
This capability was added in Linux 5.8 to separate out
BPF functionality from the overloaded
.SH SEE ALSO
.BR prlimit (1),
.BR systemd (1),
-.BR systemd-cgls (1),
-.BR systemd-cgtop (1),
+.BR systemd\-cgls (1),
+.BR systemd\-cgtop (1),
.BR clone (2),
.BR ioprio_set (2),
.BR perf_event_open (2),
.SH SEE ALSO
.BR iconv (1),
.BR ascii (7),
-.BR iso_8859-1 (7),
+.BR iso_8859\-1 (7),
.BR unicode (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.BR ascii (7),
.BR charsets (7),
.BR cp1252 (7),
-.BR iso_8859-5 (7),
-.BR koi8-r (7),
-.BR koi8-u (7),
-.BR utf-8 (7)
+.BR iso_8859\-5 (7),
+.BR koi8\-r (7),
+.BR koi8\-u (7),
+.BR utf\-8 (7)
.BR ascii (7),
.BR charsets (7),
.BR cp1251 (7),
-.BR iso_8859-1 (7),
-.BR iso_8859-15 (7),
-.BR utf-8 (7)
+.BR iso_8859\-1 (7),
+.BR iso_8859\-15 (7),
+.BR utf\-8 (7)
.BR ascii (7),
.BR charsets (7),
.BR cp1252 (7),
-.BR iso_8859-15 (7),
-.BR utf-8 (7)
+.BR iso_8859\-15 (7),
+.BR utf\-8 (7)
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.BR ascii (7),
.BR charsets (7),
.BR cp1252 (7),
-.BR iso_8859-1 (7),
-.BR utf-8 (7)
+.BR iso_8859\-1 (7),
+.BR utf\-8 (7)
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR iso_8859-3 (7),
-.BR utf-8 (7)
+.BR iso_8859\-3 (7),
+.BR utf\-8 (7)
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR iso_8859-1 (7),
-.BR iso_8859-16 (7),
-.BR utf-8 (7)
+.BR iso_8859\-1 (7),
+.BR iso_8859\-16 (7),
+.BR utf\-8 (7)
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.BR ascii (7),
.BR charsets (7),
.BR cp1251 (7),
-.BR koi8-r (7),
-.BR koi8-u (7),
-.BR utf-8 (7)
+.BR koi8\-r (7),
+.BR koi8\-u (7),
+.BR utf\-8 (7)
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.SH SEE ALSO
.BR ascii (7),
.BR charsets (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.IP
There are three keyrings with different inheritance/sharing rules:
the
-.BR session-keyring (7)
+.BR session\-keyring (7)
(inherited and shared by all child processes),
the
-.BR process-keyring (7)
+.BR process\-keyring (7)
(shared by all threads in a process) and
the
-.BR thread-keyring (7)
+.BR thread\-keyring (7)
(specific to a particular thread).
.IP
As an alternative to using the actual keyring IDs,
.TP
User keyrings
Each UID known to the kernel has a record that contains two keyrings: the
-.BR user-keyring (7)
+.BR user\-keyring (7)
and the
-.BR user-session-keyring (7).
+.BR user\-session\-keyring (7).
These exist for as long as the UID record in the kernel exists.
.IP
As an alternative to using the actual keyring IDs,
.TP
Persistent keyrings
There is a
-.BR persistent-keyring (7)
+.BR persistent\-keyring (7)
available to each UID known to the system.
It may persist beyond the life of the UID record previously mentioned,
but has an expiration time set such that it is automatically cleaned up
permission to the caller is ignored in all the following rules.
.IP (2)
A thread possesses its
-.BR session-keyring (7),
-.BR process-keyring (7),
+.BR session\-keyring (7),
+.BR process\-keyring (7),
and
-.BR thread-keyring (7)
+.BR thread\-keyring (7)
directly because those keyrings are referred to by its credentials.
.IP (3)
If a keyring is possessed, then any key it links to is also possessed.
When it creates the session keyring,
.BR pam_keyinit (8)
adds a link to the
-.BR user-keyring (7),
+.BR user\-keyring (7),
thus making the user keyring and anything it contains possessed by default.
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
.SS Access rights
The search algorithm works as follows:
.IP (1) 4
The process keyrings are searched in the following order: the thread
-.BR thread-keyring (7)
+.BR thread\-keyring (7)
if it exists, the
-.BR process-keyring (7)
+.BR process\-keyring (7)
if it exists, and then either the
-.BR session-keyring (7)
+.BR session\-keyring (7)
if it exists or the
-.BR user-session-keyring (7)
+.BR user\-session\-keyring (7)
if that exists.
.IP (2)
If the caller was a process that was invoked by the
.PP
Typically,
this will involve the kernel creating a new process that executes the
-.BR request-key (8)
+.BR request\-key (8)
program, which will then execute the appropriate handler based on its
configuration.
.PP
.BR keyctl_instantiate (3),
.BR keyctl_negate (3),
.BR keyctl_reject (3),
-.BR request-key (8),
+.BR request\-key (8),
and
-.BR request-key.conf (5)
+.BR request\-key.conf (5)
for more information.
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
.SS /proc files
.\" KEY_FLAG_USER_CONSTRUCT
The key is under construction via a callback to user space;
see
-.BR request-key (2).
+.BR request\-key (2).
.IP N
.\" KEY_FLAG_NEGATIVE
The key is negatively instantiated.
.BR user\-keyring (7),
.BR user\-session\-keyring (7),
.BR pam_keyinit (8),
-.BR request-key (8)
+.BR request\-key (8)
.PP
The kernel source files
.IR Documentation/crypto/asymmetric-keys.txt
.BR ascii (7),
.BR charsets (7),
.BR cp1251 (7),
-.BR iso_8859-5 (7),
-.BR koi8-u (7),
-.BR utf-8 (7)
+.BR iso_8859\-5 (7),
+.BR koi8\-u (7),
+.BR utf\-8 (7)
.BR ascii (7),
.BR charsets (7),
.BR cp1251 (7),
-.BR iso_8859-5 (7),
-.BR koi8-r (7),
-.BR utf-8 (7)
+.BR iso_8859\-5 (7),
+.BR koi8\-r (7),
+.BR utf\-8 (7)
.BR getauxval (3),
.BR proc (5),
.BR feature_test_macros (7),
-.BR man-pages (7),
+.BR man\-pages (7),
.BR standards (7),
.BR vdso (7)
.BR locale (5),
.BR charsets (7),
.BR unicode (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
.PP
For conventions that should be employed when writing man pages
for the Linux \fIman-pages\fP package, see
-.BR man-pages (7).
+.BR man\-pages (7).
.SS Title line
The first command in a man page (after comment lines,
that is, lines that start with \fB.\e"\fP) should be
For details of the arguments that should be supplied to the
.B TH
command, see
-.BR man-pages (7).
+.BR man\-pages (7).
.PP
Note that BSD mdoc-formatted pages begin with the
.B Dd
for further details on the syntax of the NAME section.)
.PP
For a list of other sections that might appear in a manual page, see
-.BR man-pages (7).
+.BR man\-pages (7).
.SS Fonts
The commands to select the type face are:
.TP 4
.BR whatis (1),
.BR groff_man (7),
.BR groff_www (7),
-.BR man-pages (7),
+.BR man\-pages (7),
.BR mdoc (7)
.BR user_namespaces (7),
.BR brctl (8),
.BR ip (8),
-.BR ip-address (8),
-.BR ip-link (8),
-.BR ip-netns (8),
+.BR ip\-address (8),
+.BR ip\-link (8),
+.BR ip\-netns (8),
.BR iptables (8),
-.BR ovs-vsctl (8)
+.BR ovs\-vsctl (8)
This allows the persistent keyring to carry keys beyond the life of
the kernel's record of the corresponding UID
(the destruction of which results in the destruction of the
-.BR user-keyring (7)
+.BR user\-keyring (7)
and the
-.BR user-session-keyring (7)).
+.BR user\-session\-keyring (7)).
The persistent keyring can thus be used to
hold authentication tokens for processes that run without user interaction,
such as programs started by
It is typically created by
.BR pam_keyinit (8)
when a user logs in and a link will be added that refers to the
-.BR user-keyring (7).
+.BR user\-keyring (7).
Optionally, PAM may revoke the session keyring on logout.
(In typical configurations, PAM does do this revocation.)
The session keyring has the name (description)
.PP
If a process doesn't have a session keyring when it is accessed, then,
under certain circumstances, the
-.BR user-session-keyring (7)
+.BR user\-session\-keyring (7)
will be attached as the session keyring
and under others a new session keyring will be created.
(See
-.BR user-session-keyring (7)
+.BR user\-session\-keyring (7)
for further details.)
.SS Special operations
The
POSIX.1, except as noted.
.SH NOTES
For a discussion of async-signal-safe functions, see
-.BR signal-safety (7).
+.BR signal\-safety (7).
.PP
The
.I /proc/[pid]/task/[tid]/status
.BR locale (1),
.BR setlocale (3),
.BR charsets (7),
-.BR utf-8 (7)
+.BR utf\-8 (7)
IETF RFC\ 2718 (section 2.2.5) recommend the following approach:
.IP 1. 4
translate the character sequences into UTF-8 (IETF RFC\ 2279)\(emsee
-.BR utf-8 (7)\(emand
+.BR utf\-8 (7)\(emand
then
.IP 2.
use the URI escaping mechanism, that is,
for the UID.
It comes into existence upon the first attempt to access either the
user keyring, the
-.BR user-session-keyring (7),
+.BR user\-session\-keyring (7),
or the
-.BR session-keyring (7).
+.BR session\-keyring (7).
The keyring remains pinned in existence so long as there are processes
running with that real UID or files opened by those processes remain open.
(The keyring can also be pinned indefinitely by linking it
record being garbage collected\(emfor example, for use by a
.BR cron (8)
script\(emthen the
-.BR persistent-keyring (7)
+.BR persistent\-keyring (7)
should be used instead.
.PP
If a user keyring does not exist when it is accessed, it will be created.
the kernel maintains for the UID.
It comes into existence upon the first attempt to access either the
user session keyring, the
-.BR user-keyring (7),
+.BR user\-keyring (7),
or the
-.BR session-keyring (7).
+.BR session\-keyring (7).
.\" Davis Howells: the user and user-session keyrings are managed as a pair.
The keyring remains pinned in existence so long as there are processes
running with that real UID or files opened by those processes remain open.
.PP
The user session keyring is created on demand when a thread requests it
or when a thread asks for its
-.BR session-keyring (7)
+.BR session\-keyring (7)
and that keyring doesn't exist.
In the latter case, a user session keyring will be created and,
if the session keyring wasn't to be created,
Rather than relying on the user session keyring,
it is strongly recommended\(emespecially if the process
is running as root\(emthat a
-.BR session-keyring (7)
+.BR session\-keyring (7)
be set explicitly, for example by
.BR pam_keyinit (8).
.SH NOTES
(e.g., perhaps it was a daemon started by
.BR inetd (8)).
In such a scenario, the user session keyring acts as a substitute for the
-.BR session-keyring (7).
+.BR session\-keyring (7).
.SH SEE ALSO
.ad l
.nh
projects / thirdparty / man-pages.git / commitdiff
