Friday, February 2, 2018

man-pages-4.15 is released

I've released man-pages-4.15. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from 26 contributors. Just over 200 commits changed around 75 pages. In addition, 3 new manual pages were added.

Among the more significant changes in man-pages-4.15 are the following:

  • A new vsock(7) page, written by Stefan Hajnoczi, documents the the VSOCK socket address family.
  • A new network_namespaces(7) page, based on content moved from the existing namespaces(7) page with a few additions, documents network namespaces.
  • A new s390_sthyi(2) page, written by QingFeng Hao, documents the s390 specific system call of the same name.
  • With some help from Tejun Heo and Roman Gushchin, I've substantially enhanced the cgroups(7) page. The page has more than doubled in size and among many other changes, it now contains a description of the "thread mode" feature added in Linux 4.14.

Posted by Michael Kerrisk at 4:21 PM 0 comments

Sunday, November 26, 2017

Next Linux/UNIX System Programming course in Munich, 5-9 February, 2018

There are still some places free for my next 5-day Linux/UNIX System Programming course to take place in Munich, Germany, for the week of 5-9 February 2018.

The course is intended for programmers developing system-level, embedded, or network applications for Linux and UNIX systems, or programmers porting such applications from other operating systems (e.g., proprietary embedded/realtime operaring systems or Windows) to Linux or UNIX. The course is based on my book, The Linux Programming Interface (TLPI), and covers topics such as low-level file I/O; signals and timers; creating processes and executing programs; POSIX threads programming; interprocess communication (pipes, FIFOs, message queues, semaphores, shared memory), and network programming (sockets).
     
The course has a lecture+lab format, and devotes substantial time to working on some carefully chosen programming exercises that put the "theory" into practice. Students receive printed and electronic copies of TLPI, along with a 600-page course book that includes all slides presented in the course. A reading knowledge of C is assumed; no previous system programming experience is needed.

Some useful links for anyone interested in the course:

Questions about the course? Email me via [email protected].

Posted by Michael Kerrisk at 8:38 PM 0 comments

man-pages-4.14 is released

I've released man-pages-4.14. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from 71 contributors. Nearly 400 commits changed more than 160 pages. In addition, 4 new manual pages were added.

Among the more significant changes in man-pages-4.14 are the following:

  • With help from several people, I've added a new pthread_spin_init(3) page describing pthread_spin_init() and pthread_spin_destroy(). This page provides some recommendations on when the usage of spin locks is appropriate.
  • I added a new pthread_spin_lock(3) page describing pthread_spin_lock(), pthread_spin_unlock(), and pthread_spin_trylock().
  • A new smartpqi(4) page, written by Don Brace, documents the smartpqi SCSI controller.
  • A new veth(4) page, written by Tomáš Pospíšek, Eric Biederman, and me, documents veth virtual ethernet devices.
  • Substantial additions were made to the seccomp(2) page, by Tyler Hicks and me, documenting the many new seccomp features added in the Linux 4.14 kernel. In addition, I've added a section noting various caveats regarding the use of seccomp. (See also the LWN.net article, The inherent fragility of seccomp(), which is accompanied by a number of quite informative comments.)

Posted by Michael Kerrisk at 8:12 PM 0 comments

Friday, September 15, 2017

man-pages-4.13 is released

I've released man-pages-4.13. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from around 40 contributors. The release is rather larger than average. (The context diff runs to more than 90k lines.) The release includes more than 350 commits and contains some fairly wide-ranging formatting fix-ups that meant that all 1028 existing manual pages saw some change(s). In addition, 5 new manual pages were added.

Among the more significant changes in man-pages-4.13 are the following:

  • Two new pages, pthread_mutexattr_setrobust(3) and pthread_mutex_consistent(3) cowritten by Yubin Ruan and myself, document the POSIX threads APIs related to robust mutexes (pthread_mutexattr_setrobust()pthread_mutexattr_getrobust(), and pthread_mutex_consistent()). In conjunction with those chganges, I also added some further details on the underlying robust futexes implementation to the get_robust_list(2) manual page.
  • I've written a new page, pthread_mutexattr_init(3), that documents pthread_mutexattr_init() and pthread_mutexattr_destroy() functions.
  • I've written a new page, pthread_mutexattr_getpshared(3), that documents pthread_mutexattr_getpshared() and pthread_mutexattr_setpshared() functions.
  • At long last, I've added a sysfs(5) man page to start documenting the sysfs filesystem. This page does not yet contain details on many sysfs files, but hopefully that may change in the future, if people send me patches for the page.
A special thanks to Eugene Syromyatnikov, who contributed 30 patches to this release!

Posted by Michael Kerrisk at 3:15 PM 0 comments

Friday, July 21, 2017

man-pages-4.12 is released

I've released man-pages-4.12. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from around 30 contributors. It includes just under 200 commits changing around 90 pages. This is a relatively small release, with one new manual page, ioctl_getfsmap(2). The most significant change in the release consists of a number of additions and improvements in the ld.so(8) page.

Posted by Michael Kerrisk at 8:13 PM 0 comments

Tuesday, May 23, 2017

Linux Shared Libraries course, Munich, Germany, 20 July 2017

I've scheduled a public instance of my "Building and Using Shared Libraries on Linux" course to take place in Munich, Germany on 20 July 2017.  This one-day course provides a thorough introduction to building and using shared libraries. covering topics such as: the basics of creating, installing, and using shared libraries; shared library versioning and naming conventions; the role of the dynamic linker; run-time symbol resolution; controlling symbol visibility; symbol versioning; preloading shared libraries; and dynamically loaded libraries (dlopen). The course format is a mixture of theory and practical.

The course is aimed at programmers who create and use shared libraries. Systems administrators who are managing and troubleshooting applications that use shared libraries will also find the course useful.

You can find out more about the course (such as expected background and course pricing) at http://man7.org/training/shlib/ and see a detailed course outline at
http://man7.org/training/shlib/shlib_course_outline.html.

Posted by Michael Kerrisk at 4:14 PM 0 comments

Cgroups/namespaces/seccomp/capabilities course

There are still some places available on my "Linux Security and Isolation APIs" that will take place in Munich, Germany on 17-19 July 2017.  This three-day course provides a deep understanding of the low-level Linux features (set-UID/set-GID programs, capabilities, namespaces, cgroups, and seccomp) used to implement privileged applications and build container, virtualization, and sandboxing technologies. The course format is a mixture of theory and practical.

The course is aimed at designers and programmers building privileged applications, container applications, and sandboxing applications. Systems administrators who are managing such applications are also likely to find the course of benefit.

You can find out more about the course (such as expected background and course pricing) at
http://man7.org/training/sec_isol_apis/
and see a detailed course outline at
http://man7.org/training/sec_isol_apis/sec_isol_apis_course_outline.html

Posted by Michael Kerrisk at 4:01 PM 0 comments

Wednesday, May 3, 2017

man-pages-4.11 is released

I've released man-pages-4.11. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from over 30 contributors. It includes more than 300 commits changing over 100 pages. The changes include the addition of 5 pages, significant rewriting of 1 other page, and enhancements to many other pages.

Among the more significant changes in man-pages-4.11 are the following:

  • Two new pages, userfaultfd(2) and ioctl_userfaultfd(2), written by me and Mike Rapoport, document the userfaultfd() system call that was added in Linux 4.3, along with associated ioctl() operations that can be performed on the file descriptor returned by that system call.
  • A new statx(2) man page, written by David Howells, documents the statx() system call that was added in the just-released Linux 4.11 kernel.
  • A new pthread_atfork(3) manual page documents the pthread_atfork() library function.
  • The slabinfo(5) has been heavily updated to reflect current kernel details.

Posted by Michael Kerrisk at 9:58 PM 0 comments

Wednesday, April 26, 2017

Linux Security and Isolation APIs course in Munich (17-19 July 2017)

I've scheduled the first public instance of my "Linux Security and Isolation APIs" course to take place in Munich, Germany on 17-19 July 2017. (I've already run the course a few times very successfully in non-public settings.) This three-day course provides a deep understanding of the low-level Linux features (set-UID/set-GID programs, capabilities, namespaces, cgroups, and seccomp) used to build container, virtualization, and sandboxing technologies. The course format is a mixture of theory and practical.

The course is aimed at designers and programmers building privileged applications, container applications, and sandboxing applications. Systems administrators who are managing such applications are also likely to find the course of benefit.

You can find out more about the course (such as expected background and course pricing) at
http://man7.org/training/sec_isol_apis/
and see a detailed course outline at
http://man7.org/training/sec_isol_apis/sec_isol_apis_course_outline.html

Posted by Michael Kerrisk at 9:24 PM 0 comments

Tuesday, March 14, 2017

man-pages-4.10 is released

I've released man-pages-4.10. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from over 40 contributors. This release sees a large number of changes: over 600 commits changing around 160 pages. The changes include the addition of 11 pages, significant rewrites of 3 other pages, and enhancements to many other pages.

Among the more significant changes in man-pages-4.10 are the following:

  • The pages—add_key(2)keyctl(2), and request_key(2)—describing the system calls for the kernel key-management facility have been substantially revised and extended. The keyctl(2) page consequently saw a tenfold increase in size. I did much of the work here, with a lot of help from Eugene Syromyatnikov.
  • In cooperation with David Howells, the maintainer of the libkeyutils package (and the developer of the kernel key management facility), a number of pages in the libkeyutils package were moved to the man-pages project. The rationale for this change is that these pages describe kernel interfaces, and so man-pages is more reasonably their home. During the migration, many of these pages were also substantially enhanced. The migrated pages are: keyrings(7)persistent-keyring(7)process-keyring(7), session-keyring(7)thread-keyring(7)user-keyring(7), and user-session-keyring(7). Thanks to David Howells and Eugene Syromyatnikov for a lot of assistance with reworking the pages.
  • I've added a new ioctl_iflags(2) page which describes inode flags (the attributes manipulated by the chattr(1) command) and the ioctl() operations for working with those flags.
  • The details on the ioctl() operations that can be used with namespaces have been moved from the namespaces(7) page into a new ioctl_ns(2) page
  • I've written a getentropy(3) page, which describes the new getentropy() function added in glibc version 2.25. This function, layered on top of the getrandom(2) system call, enables the caller to obtain bytes of randomness.
  • The discussion of async-signal-safety has been moved out of the signal(7) manual page into a new new signal-safety(7) page. Along the way, some details have been added to the page, including discussion of a few glibc deviations from the POSIX standard.

Posted by Michael Kerrisk at 3:18 PM 3 comments

Friday, January 27, 2017

Next Linux/UNIX System Programming course in Munich: 15-19 May, 2017

I've scheduled another 5-day Linux/UNIX System Programming course to take place in Munich, Germany, for the week of 15-19 May 2017.

The course is intended for programmers developing system-level, embedded, or network applications for Linux and UNIX systems, or programmers porting such applications from other operating systems (e.g., Windows) to Linux or UNIX. The course is based on my book, The Linux Programming Interface (TLPI), and covers topics such as low-level file I/O; signals and timers; creating processes and executing programs; POSIX threads programming; interprocess communication (pipes, FIFOs, message queues, semaphores, shared memory), and network programming (sockets).
     
The course has a lecture+lab format, and devotes substantial time to working on some carefully chosen programming exercises that put the "theory" into practice. Students receive printed and electronic copies of TLPI, along with a 600-page course book that includes all slides and exercises presented in the course. A reading knowledge of C is assumed; no previous system programming experience is needed.

Some useful links for anyone interested in the course:

Questions about the course? Email me via [email protected].

Posted by Michael Kerrisk at 2:11 AM 0 comments

Monday, December 12, 2016

man-pages-4.09 is released

I've released man-pages-4.09. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from 44 contributors. This is one of the more substantial releases in recent times, with more than 500 commits changing around 190 pages. The changes include the addition of eight new pages and significant enhancements or rewrites to many existing pages.

Among the more significant changes in man-pages-4.09 are the following:

  • A new pkey_alloc(2) page, written  by Dave Hansen, documents the pkey_alloc() and pkey_free() system calls added in Linux 4.9.
  • Updates to the mprotect(2) page by Dave Hansen document the pkey_mprotect() system call added in Linux 4.9.
  • A new pkeys(7) page, written  by Dave Hansen, provides an overview of the Memory Protection Keys feature added in Linux 4.9.
  • A new pthread_getattr_default_np(3) page, written by me, documents the pthread_getattr_default_np(3) and pthread_setattr_default_np(3) library functions.
  • A new strfromd(3) page, written by Wainer dos Santos Moschetta, documents the strfromd(3), strfromf(3), and strfroml(3) library functions added in the upcoming GNU C Library 2.25 release.
  • A new fuse(4) page, written by Keno Fischer, partially documents the /dev/fuse device.
  • A new tmpfs(5) page, written by me, provides an overview of the tmpfs filesystem.
  • A new random(7) page, written by me, with help from Nikos Mavrogiannopoulos, Laurent Georget, and Ted T'so, provides an overview of the interfaces for obtaining randomness.
  • A new sock_diag(7) page, written by Pavel Emelyanov and Dmitry V. Levin, documents the NETLINK_SOCK_DIAG interface.
  • Updates to the namespaces(7) page, written by me, document the NS_GET_USERNS and NS_GET_PARENT ioctl() operations (added In Linux 4.9) that can be used for introspecting namespace relationships (discovering hierarchical relationships of user and PID namespaces, and the relationships of non-user namespaces with their associated user namespaces).
  • Updates to the sched(7) page, written by me, document the autogroup feature added to the CFS scheduler in Linux 2.6.38 and describe how it renders the nice value ineffective in many use cases.
  • Substantial updates to the elf(5) page, by Mike Frysinger, document ELF notes.
  • Yet another slew of updates to the perf_event_open(2) page were provided by Vince Weaver.
In addition to the above, substantial changes were also made to the close(2), getpriority(2), nice(2), timer_create(2), timerfd_create(2), random(4), and proc(5) pages.

Posted by Michael Kerrisk at 12:01 PM 0 comments

Saturday, October 8, 2016

man-pages-4.08 is released

I've released man-pages-4.08. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from around 40 contributors. The release includes changes to nearly 200 man pages. Among the more significant changes in man-pages-4.08 are the following:

  • Eugene Syromyatnikov made substantial updates to the quotactl(2) page, including adding information about project quotas and a number of XFS-specific subcommands.
  • I made substantial rewrites, additions, and corrections in the cgroups(7) page.
  • I added a new bswap(3) page documenting the bswap_16(), bswap_32(), and bswap_64() library functions.
  • A large number of updates to the proc(5) added documentation for several files and for additional fields in already documented files.
  • I updated the discussion of capability requirements in many pages to clarify cases where a capability is required in the user namespace where the process resides (rather than in the initial user namespace).

Posted by Michael Kerrisk at 1:54 PM 0 comments

Sunday, July 17, 2016

man-pages-4.07 is released

I've released man-pages-4.07. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from around 50 contributors. The release includes changes to over 140 man pages. Among the more significant changes in man-pages-4.07 are the following:

  • Two new pages by Darrick Wong document ioctl() operations that he added to the kernel: ioctl_ficlonerange(2) documents the FICLONE and FICLONERANGE ioctls, and ioctl_fideduperange(2) documents the FIDEDUPERANGE ioctl.
  • I've written a new page, mount_namespaces(7), which documents mount namespaces and the shared subtrees feature.
  • I've written a new page, nextup(3), which documents the new nextup() and nextdown() functions that will appear in the upcoming glibc 2.24 release.
  • I've added documentation for the MS_SHARED, MS_PRIVATE, MS_SLAVE, MS_UNBINDABLE, and MS_REC flags to the mount(2) page. In addition, I've substantially restructured, clarified, and tweaked the existing text in this manual page.
  • I (with help from Kees Cook, Jann Horn, Eric W. Biederman, and Stephen Smalley) have added documentation of so-called "ptrace access mode checks" to the ptrace(2) page. These kinds of checks are performed in a number of system calls and other interfaces (e.g., accesses to various /proc files), and many other manual pages have been updated in this release to note the kind of check performed and add a reference to the ptrace(2) page.
  • I've made various changes in the proc(5), most notably documenting various ptrace access mode checks, and also describing various new fields that have been added to the /proc/PID/status file in recent kernel releases.
  • I added a description of the effect of capabilities within a user namespace to the user_namespaces(7) page.
  • I substantially rewrote the getitimer(2) page, and in the process changed the license to one that is unambiguously free.

Posted by Michael Kerrisk at 9:20 PM 0 comments

Wednesday, May 11, 2016

man-pages-4.06 is released

I've released man-pages-4.06. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from around 20 contributors. The release includes changes to just over 40 man pages. Among the more significant changes in man-pages-4.06 are the following:

  • A new cgroups(7) page documents container groups, and includes some information about cgroups version 2, which was officially released in Linux 4.5.
  • A new cgroups_namespaces(7) page documents cgroup namespaces, which will shortly be released with Linux 4.6. Corresponding changes have also been made in the clone(2), setns(2), and unshare(2) pages.
  • The readv(2) page adds documentation of the preadv2() and pwritev2() system calls added in Linux 4.6.

Posted by Michael Kerrisk at 7:39 AM 1 comments

Subscribe to: Posts (Atom)